Ecran noir avec message disk boot failure

djidji -  
moment de grace Messages postés 30049 Statut Contributeur sécurité -
Bonjour,

Windows XP SP2 Pc a ma frangine . Bloquage après 1 redemarrage.

Une fois entré dans la session, que je clique ok ou Cancel, l'ordinateur affiche le message suivant :
" Windows disk dianostic. Tool will scan the systeme to identity performance issue, check disk option" :
- 1) CHECK HARD DRIVE SECTORS
- 2) CHECK FILE SYSTEM INTEGRITY
On m'invite donc à cocher l'une ou l'autre ou les deux options puis de lancer un diagnostic.
Quoi que je coche, un chargement s"effectue et un autre message s'affiche :
"A problem with the hard drive has been dectected. It is strongly recommended that you download and install the following certified software to fix dectected hard drive error. Do you want to download recommended software?"

J'ai crée 1 cd OLTPE avec lequel j'ai extrait 1 rapport mais que je ne sais pas exploité.
Peut on m'aider
Merci
A voir également:

11 réponses

Réponse 1 / 11
moment de grace Messages postés 30049 Statut Contributeur sécurité 2 274
 
1)

DhcpDomain = priv.ifreduc.com

tu connais ?

.............

2)


Copie tout le texte présent en gras ci-dessous ( tu le selectionnes avec ta souris / Clique droit dessus et choisis "copier" ou fait Ctrl+C )

[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: Modified
O47 - AAKE:Key Export SP - "C:\Documents and Settings\Baby\Mes documents\guillaume\U96.exe" [Enabled] .(.Pas de propriétaire - Pas de description.) -- C:\Documents and Settings\Baby\Mes documents\guillaume\U96.exe (.not file.)
O69 - SBI: SearchScopes [HKCU] {043C5167-00BB-4324-AF7E-62013FAEDACF} - (Web Search...) - http://ww1.toolbarhome.com
MBRFix

Puis Lance ZHPFix depuis le raccourci du bureau .

* Une fois l'outil ZHPFix ouvert , clique sur le bouton [ H ] ( "coller les lignes Helper" ) .

* Dans l'encadré principal tu verras donc les lignes que tu as copié précédemment apparaitrent .

Vérifie que toutes les lignes que je t'ai demandé de copier (et seulement elles) sont dans la fenêtre.

Clique sur " Ok " , puis " Tous " et enfin " Nettoyer ".

Copie/Colle le rapport à l'écran dans ton prochain message

le rapport se trouve dans le dossier de zhpdiag dans program files sous le nom de ZHPFixReport
1
Réponse 2 / 11
moment de grace Messages postés 30049 Statut Contributeur sécurité 2 274
 
bonjour

fais ceci plutôt

* Télécharge sur le bureau RogueKiller (par tigzy)
https://www.luanagames.com/index.fr.html


*( Sous Vista/Seven,clique droit, lancer en tant qu'administrateur )

* Quitte tous tes programmes en cours
* Lance RogueKiller.exe.
* Lorsque demandé, tape 2 et valide

* puis l'option 4
* Un rapport (RKreport.txt) a du se créer à côté de l'exécutable, colle son contenu dans la réponse
* Si le programme a été bloqué, ne pas hésiter a essayer plusieurs fois. ou renommer l'outil en firefox.exe ou roguekiller.com




0
djidji
 
Je n'arrive pas a acceder au bureau meme avec ctrl+alt+supp
je reste avec les fenêtres "check hard drive sector"
0
moment de grace Messages postés 30049 Statut Contributeur sécurité 2 274
 
en mode sans echec non plus ?

si c'est non

Rend toi sur http://pjjoint.malekal.com/

Clique sur "Parcourir "

Sélectionne le rapport OLTPE

Clique ensuite sur "Envoyer le fichier " et copie/colle le lien dans ton prochain message
0
djidji
 
Merci de ton aide.

Voici le lien http://pjjoint.malekal.com/files.php?id=60d8cd0da1101510
0
moment de grace Messages postés 30049 Statut Contributeur sécurité 2 274
 
étrange

tous les fichiers néfastes semblent supprimés

as tu déjà commencer une désinfection ailleurs ?

et en mode sans echec, as tu essayé d'avoir ton bureau ?
0
djidji
 
Mode sans echec ou mode normal impossible d'avoir le bureau.

Je n'ai commencé aucune desinfection, je n'ai accés a aucune ligne de commande.
j'ai juste via OLTPE essayé d'intaller malwrebytes mais je ne peux pas le lancer à partir d'OLTPE.
0
Réponse 3 / 11
moment de grace Messages postés 30049 Statut Contributeur sécurité 2 274
 
essai ca

* Télécharge OTH (de OldTimer) sur ton Bureau

http://oldtimer.geekstogo.com/OTH.scr
http://oldtimer.geekstogo.com/OTH.com

* Lance OTH et clique sur "Kill All Processes" (tout devrait disparaitre de ton écran à part OTH)
* Ensuite, clique sur "Start Misc Program" et lance malwrebytes
0
Réponse 4 / 11
djidji
 
je ne peux lancer une application qu' a patir du bureau OLTPE.
Comment je peux tuer les process de c; alors que le disque n'est pas en activité ?
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 11
moment de grace Messages postés 30049 Statut Contributeur sécurité 2 274
 
Redémarre sous OTLPE (si tu as fermé ton ordi, sinon pas nécessaire)

Dans le cadre custom scans/fixes colle les lignes ci-dessous

:OTL

O2 - BHO: (vShare Plugin) - {043C5167-00BB-4324-AF7E-62013FAEDACF} - C:\Program Files\vShare\vshare_toolbar.dll ()
O3 - HKLM\..\Toolbar: (vShare Plugin) - {043C5167-00BB-4324-AF7E-62013FAEDACF} - C:\Program Files\vShare\vshare_toolbar.dll ()
O3 - HKU\Baby_ON_C\..\Toolbar\WebBrowser: (vShare Plugin) - {043C5167-00BB-4324-AF7E-62013FAEDACF} - C:\Program Files\vShare\vshare_toolbar.dll ()
O4 - HKLM..\Run: [wuaucldt] C:\WINDOWS\system32\wuaucldt.exe ()
O4 - HKU\Baby_ON_C..\Run: [wuaucldt] C:\Documents and Settings\Baby\wuaucldt.exe ()
O18 - Protocol\Handler\vsharechrome {3F3A4B8A-86FC-43A4-BB00-6D7EBE9D4484} - C:\Program Files\vShare\vshare_toolbar.dll
O36 - AppCertDlls: AppSecDll - (C:\Documents and Settings\All Users\Application Data\KDfipsQcxuWorYT.dll) - C:\Documents and Settings\All Users\Application Data\KDfipsQcxuWorYT.dll ()

:Files
C:\Documents and Settings\All Users\Application Data\85012
C:\Documents and Settings\All Users\Application Data\85012.exe
C:\Documents and Settings\All Users\Application Data\~46246
C:\Documents and Settings\All Users\Application Data\~46246r
C:\Documents and Settings\All Users\Application Data\46246.exe
C:\Documents and Settings\All Users\Application Data\KDfipsQcxuWorYT.dll
C:\Documents and Settings\Baby\wuaucldt.exe
C:\WINDOWS\System32\wuaucldt.exe
C:\WINDOWS\System32\ALZZip.BIN
C:\Documents and Settings\Baby\Application Data\Toolbar4


:commands
[emptytemp]
[start explorer]
[reboot]


? Clique sur "Correction" pour lancer la suppression.


? Poste le rapport qui logiquement s'ouvrira tout seul en fin de travail apres le redemarrage.

0
djidji
 
Merci encore de t'interresser a ce pb.

voici le lien http://pjjoint.malekal.com/files.php?id=38b08aced05156

J'en ai profité en étant sur OLTPE de réactiver dans la base de registre de c: la valeur de la clé TaskMgr a 0.

Pendant que tu regardes le fichier, je vas rebooter mon poste en mode echec si je peux.
Je te tiens au courant.
0
moment de grace Messages postés 30049 Statut Contributeur sécurité 2 274
 
ce n'est pas le rapport de suppression

dis moi ce que ca dit
0
djidji
 
J'ai bien vu que dans ton fichier il y avait
:commands
[emptytemp]
[start explorer]
[reboot]

mais je n'ai ni eu de rapport ou alors je n'ai pas compris, ni mon pc n'a rebooter.

Par contre, j'ai bien réussi a redemarrer ma machine en mode echec et en mode normal, par contre j'ai tjs le meme message au démarrage "disk boot failure etc..", mais j'ai pu ouvrir via le gestionnaire de tache une commande explorer j'ai commecé une maj de mon anti virus et maintenant il reboote tout seul avant la fin de maj.

il est repartie en mode echec, mon gestionnaire de tache est de nouveau bloqué, je redemarre avec mon CD OLTPE
0
Réponse 6 / 11
moment de grace Messages postés 30049 Statut Contributeur sécurité 2 274
 
* Double-click sur l'icone OTLPE
* Quand demandé "Do you wish to load the remote registry", select Yes
* Quand demandé "Do you wish to load remote user profile(s) for scanning", select Yes
* Vérifier que "Automatically Load All Remaining Users" est sélectionné et press OK

* Sous Custom Scan box copie_colle le contenu en gras ci dessous:

netsvcs
msconfig
safebootminimal
safebootnetwork
activex
drivers32
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%SYSTEMDRIVE%\*.*
%SYSTEMDRIVE%\*.exe
%PROGRAMFILES%\*.*
%PROGRAMFILES%\*.
/md5start
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
sceclt.dll
ntelogon.dll
logevent.dll
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
explorer.exe
svchost.exe
userinit.exe
qmgr.dll
ws2_32.dll
proquota.exe
imm32.dll
kernel32.dll
ndis.sys
autochk.exe
spoolsv.exe
xmlprov.dll
ntmssvc.dll
mswsock.dll
Beep.SYS
ntfs.sys
termsrv.dll
sfcfiles.dll
st3shark.sys
/md5stop
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
c:\$recycle.bin\*.* /s


* clic Run Scan pour démarrer le scan.
* une fois terminé , le fichier se trouve là C:\OTL.txt
* copie_colle le contenu dans ta prochaine réponse
0
djidji
 
OTL logfile created on: 3/16/2011 1:17:08 AM - Run
OTLPE by OldTimer - Version 3.1.46.0 Folder = X:\Programs\OTLPE
Microsoft Windows XP Service Pack 2 (Version = 5.1.2600) - Type = SYSTEM
Internet Explorer (Version = 7.0.5730.11)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

1.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 80.00% Memory free
1,010.00 Mb Paging File | 954.00 Mb Available in Paging File | 94.00% Paging File free
Paging file location(s): C:\pagefile.sys 0 0 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 104.55 Gb Total Space | 67.19 Gb Free Space | 64.27% Space Free | Partition Type: NTFS
Drive D: | 18.63 Gb Total Space | 16.42 Gb Free Space | 88.15% Space Free | Partition Type: FAT32
Drive E: | 48.82 Gb Total Space | 42.38 Gb Free Space | 86.80% Space Free | Partition Type: FAT32
Drive F: | 3.84 Gb Total Space | 0.56 Gb Free Space | 14.55% Space Free | Partition Type: FAT32
Drive X: | 284.12 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: REATOGO | User Name: SYSTEM
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
Using ControlSet: ControlSet001

[color=#E56717]========== Win32 Services (SafeList) ==========/color

SRV - [2005/08/18 06:50:02 | 000,153,416 | ---- | M] (symantec) [On_Demand] -- C:\Program Files\Symantec AntiVirus\SavRoam.exe -- (SavRoam)
SRV - [2005/08/18 06:49:52 | 001,111,880 | ---- | M] (Symantec Corporation) [Auto] -- C:\Program Files\Symantec AntiVirus\Rtvscan.exe -- (Symantec AntiVirus)
SRV - [2005/08/18 06:49:46 | 000,030,528 | ---- | M] (Symantec Corporation) [Auto] -- C:\Program Files\Symantec AntiVirus\DefWatch.exe -- (DefWatch)
SRV - [2005/05/04 18:52:58 | 000,036,864 | ---- | M] () [Auto] -- C:\WINDOWS\system32\acs.exe -- (ACS)


[color=#E56717]========== Driver Services (SafeList) ==========/color

DRV - File not found [Kernel | On_Demand] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand] -- -- (PDCOMP)
DRV - File not found [Kernel | System] -- -- (PCIDump)
DRV - File not found [Kernel | System] -- -- (lbrtfdc)
DRV - File not found [Kernel | System] -- -- (Changer)
DRV - [2011/03/07 05:00:00 | 001,360,760 | ---- | M] (Symantec Corporation) [Kernel | On_Demand] -- C:\Program Files\Fichiers communs\Symantec Shared\VirusDefs\20110307.002\NAVEX15.SYS -- (NAVEX15)
DRV - [2011/03/07 05:00:00 | 000,086,008 | ---- | M] (Symantec Corporation) [Kernel | On_Demand] -- C:\Program Files\Fichiers communs\Symantec Shared\VirusDefs\20110307.002\NAVENG.SYS -- (NAVENG)
DRV - [2009/08/05 17:48:42 | 000,054,752 | ---- | M] (Microsoft Corporation) [Kernel | Auto] -- C:\WINDOWS\system32\drivers\fssfltr_tdi.sys -- (fssfltr)
DRV - [2007/04/11 09:33:06 | 000,079,376 | ---- | M] (Logitech Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\LMouKE.Sys -- (LMouKE)
DRV - [2007/04/11 09:32:38 | 000,063,248 | ---- | M] (Logitech Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\L8042mou.Sys -- (L8042mou)
DRV - [2007/04/11 09:32:30 | 000,020,496 | ---- | M] (Logitech Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\L8042Kbd.sys -- (L8042Kbd)
DRV - [2006/08/11 01:12:22 | 000,042,496 | ---- | M] (Prolific Technology Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ser2pl.sys -- (ser2pl)
DRV - [2005/07/28 08:52:18 | 000,123,712 | ---- | M] (Symantec Corporation) [Kernel | On_Demand] -- C:\Program Files\Symantec\SYMEVENT.SYS -- (SymEvent)
DRV - [2005/06/17 09:08:46 | 000,050,312 | R--- | M] (Symantec Corporation) [Kernel | Auto] -- C:\Program Files\Symantec AntiVirus\Savrtpel.sys -- (SAVRTPEL)
DRV - [2005/06/17 09:08:44 | 000,323,720 | R--- | M] (Symantec Corporation) [Kernel | System] -- C:\Program Files\Symantec AntiVirus\savrt.sys -- (SAVRT)
DRV - [2005/05/04 20:08:38 | 000,463,168 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ar5211.sys -- (AR5211)
DRV - [2004/08/19 19:02:01 | 000,607,452 | ---- | M] (LT) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ltmdmnt.sys -- (ltmodem5)
DRV - [2004/08/19 18:59:12 | 000,053,376 | ---- | M] () [Kernel | Boot] -- C:\WINDOWS\System32\drivers\volsnap.sys -- (VolSnap)
DRV - [2004/08/04 02:08:22 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum)
DRV - [2003/02/17 06:22:24 | 000,170,880 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\b57xp32.sys -- (b57w2k)
DRV - [2003/02/14 05:59:14 | 001,169,792 | ---- | M] (Agere Systems) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2002/09/23 13:16:50 | 000,611,328 | ---- | M] (Actiontec Electronics, Inc) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\AEIWLNDS.sys -- (AEIWL)
DRV - [2001/10/31 20:57:14 | 000,095,104 | ---- | M] (S3 Graphics, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\s3ssavm.sys -- (S3SSavage)
DRV - [2001/08/17 16:00:04 | 000,002,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\msmpu401.sys -- (ms_mpu401)
DRV - [2001/08/17 15:48:14 | 000,011,520 | ---- | M] (IBM Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\TwoTrack.sys -- (TwoTrack)
DRV - [2001/05/04 12:04:32 | 000,095,902 | ---- | M] (Scm Microsystems Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\stihp2k.sys -- (stihp2k)


[color=#E56717]========== Standard Registry (SafeList) ==========/color


[color=#E56717]========== Internet Explorer ==========/color

IE - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\Administrateur_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\Administrateur_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\Babou_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
IE - HKU\Babou_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\Baby_ON_C\Software\Microsoft\Internet Explorer\Main,Search Page =
IE - HKU\Baby_ON_C\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = [Binary data over 100 bytes]
IE - HKU\Baby_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKU\Baby_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\Baby_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = local

IE - HKU\LocalService_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\NetworkService_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


FF - HKLM\software\mozilla\Firefox\Extensions\\***@***: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010/03/29 09:45:21 | 000,000,000 | ---D | M]


O1 HOSTS File: ([2008/05/21 11:03:31 | 000,245,890 | R--- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.1001-search.info
O1 - Hosts: 127.0.0.1 1001-search.info
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.123topsearch.com
O1 - Hosts: 127.0.0.1 123topsearch.com
O1 - Hosts: 127.0.0.1 www.132.com
O1 - Hosts: 127.0.0.1 132.com
O1 - Hosts: 127.0.0.1 www.136136.net
O1 - Hosts: 127.0.0.1 136136.net
O1 - Hosts: 8576 more lines...
O2 - BHO: (vShare Plugin) - {043C5167-00BB-4324-AF7E-62013FAEDACF} - C:\Program Files\vShare\vshare_toolbar.dll ()
O2 - BHO: (Aide pour le lien d'Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Programme d'aide de l'Assistant de connexion Windows Live) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.6209.1142\swg.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (vShare Plugin) - {043C5167-00BB-4324-AF7E-62013FAEDACF} - C:\Program Files\vShare\vshare_toolbar.dll ()
O3 - HKU\Baby_ON_C\..\Toolbar\WebBrowser: (vShare Plugin) - {043C5167-00BB-4324-AF7E-62013FAEDACF} - C:\Program Files\vShare\vshare_toolbar.dll ()
O4 - HKLM..\Run: [$OWF] File not found
O4 - HKLM..\Run: [Hot Key Kbd Daemon] C:\WINDOWS\System32\SKDAEMON.EXE ()
O4 - HKLM..\Run: [hpqSRMon] File not found
O4 - HKLM..\Run: [Logitech Hardware Abstraction Layer] C:\WINDOWS\KHALMNPR.Exe (Logitech Inc.)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe (NVIDIA Corporation)
O4 - HKLM..\Run: [Regedit32] File not found
O4 - HKLM..\Run: [Share-to-Web Namespace Daemon] C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe (Hewlett-Packard)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [vptray] C:\Program Files\Symantec AntiVirus\VPTray.exe (Symantec Corporation)
O4 - HKLM..\Run: [wuaucldt] C:\WINDOWS\system32\wuaucldt.exe ()
O4 - HKLM..\Run: [zzzHPSETUP] File not found
O4 - HKU\Administrateur_ON_C..\Run: [cmd] C:\WINDOWS\System32\cmd.exe (Microsoft Corporation)
O4 - HKU\Baby_ON_C..\Run: [wjfrjCrTGl] C:\Documents and Settings\All Users\Application Data\wjfrjCrTGl.exe (NetInternals)
O4 - HKU\Baby_ON_C..\Run: [wuaucldt] C:\Documents and Settings\Baby\wuaucldt.exe ()
O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Event Reminder.lnk = C:\Program Files\Broderbund\PrintMaster\PMremind.exe (TLC Multimedia Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe (Logitech Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE (Microsoft Corporation)
O4 - Startup: C:\Documents and Settings\Baby\Menu Démarrer\Programmes\Démarrage\igfxtray.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\Administrateur_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\Administrateur_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 1
O7 - HKU\Babou_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\Baby_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\Baby_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 1
O7 - HKU\LocalService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\NetworkService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra Button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe ()
O9 - Extra 'Tools' menuitem : PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe ()
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O16 - DPF: {19E28AFC-EAE3-4CE5-AC83-2407B42F57C9} http://protect.microsoft.com/... (MSSecurityAdvisor Class)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.microsoft.com/... (WUWebControl Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.microsoft.com/... (MUWebControl Class)
O16 - DPF: {C7DB51B4-BCF7-4923-8874-7F1A0DC92277} http://office.microsoft.com/officeupdate/content/opuc4.cab (Office Update Installation Engine)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: DirectAnimation Java Classes file://C:\WINDOWS\Java\classes\dajava.cab (Reg Error: Key error.)
O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\vsharechrome {3F3A4B8A-86FC-43A4-BB00-6D7EBE9D4484} - C:\Program Files\vShare\vshare_toolbar.dll ()
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxsrvc.dll - C:\WINDOWS\System32\igfxsrvc.dll (Intel Corporation)
O20 - Winlogon\Notify\NavLogon: DllName - C:\WINDOWS\system32\NavLogon.dll - C:\WINDOWS\system32\NavLogon.dll (Symantec Corporation)
O24 - Desktop Components:0 (Ma page d'accueil) - About:Home
O24 - Desktop WallPaper: B:\Documents and Settings\Default User\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: B:\Documents and Settings\Default User\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/06/01 03:11:00 | 000,000,000 | -H-- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2006/03/24 07:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O36 - AppCertDlls: AppSecDll - (C:\Documents and Settings\All Users\Application Data\KDfipsQcxuWorYT.dll) - C:\Documents and Settings\All Users\Application Data\KDfipsQcxuWorYT.dll ()
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found


SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: sermouse.sys - Driver
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vds - Service
SafeBootMin: vga.sys - Driver
SafeBootMin: WdfLoadGroup -
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: sermouse.sys - Driver
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: UploadMgr - Service
SafeBootNet: vga.sys - Driver
SafeBootNet: WdfLoadGroup -
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Microsoft VM
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608555} - Internet Explorer Classes for Java
ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Rendu VML (Vector Graphics Rendering)
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 6.4
ActiveX: {2337076a-dd0c-43a6-8d85-54070578a42f} - KB912812
ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Liaison de données Dynamic HTML pour Java
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe
ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Création avancée
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install
ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow
ActiveX: {44BBA851-CC51-11CF-AAFA-00AA00B6015C} - rundll32.exe advpack.dll,LaunchINFSection %SystemRoot%\INF\wpie4x86.inf,PerUserStub
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - Classes Java DirectAnimation
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5056b317-8d4c-43ee-8543-b9d1e234b8f4} - Mise à jour de sécurité pour Windows XP (KB923789)
ActiveX: {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser
ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7131646D-CD3C-40F4-97B9-CD9E4E6262EF} - .NET Framework
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\WINDOWS\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - c:\WINDOWS\system32\Rundll32.exe c:\WINDOWS\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} - .NET Framework
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Planificateur de tâches
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {EF289A85-8E57-408d-BE47-73B55609861A} - RootsUpdate
ActiveX: {f15ee071-deb7-4cbb-951f-431c98338d8e} - KB911567
ActiveX: <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\WINDOWS\system32\ieudinit.exe
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\WINDOWS\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE

Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - C:\WINDOWS\System32\DivX.dll (DivX, Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.yv12 - C:\WINDOWS\System32\DivX.dll (DivX, Inc.)

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========/color

File not found --
[2011/03/15 18:52:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Baby\Application Data\Malwarebytes
[2011/03/15 18:52:37 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2011/03/15 18:52:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Malwarebytes' Anti-Malware
[2011/03/15 18:52:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2011/03/15 18:43:46 | 000,573,440 | ---- | C] (NetInternals) -- C:\Documents and Settings\All Users\Application Data\wjfrjCrTGl.exe
[2011/03/15 10:58:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Temp
[2011/03/14 21:02:50 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011/03/14 11:42:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\Windows Safemode
[2011/03/07 13:13:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Baby\Menu Démarrer\Programmes\Windows Safemode
[2011/03/07 13:13:03 | 000,000,000 | ---D | C] -- C:\WINDOWS\Minidump
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

[color=#E56717]========== Files - Modified Within 30 Days ==========/color

[2011/03/15 19:03:57 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/03/15 19:01:57 | 000,001,050 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011/03/15 19:01:41 | 000,001,054 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011/03/15 18:52:37 | 000,000,795 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Malwarebytes' Anti-Malware.lnk
[2011/03/15 18:52:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Malwarebytes' Anti-Malware
[2011/03/15 18:44:01 | 000,002,278 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/03/15 18:43:42 | 000,573,440 | ---- | M] (NetInternals) -- C:\Documents and Settings\All Users\Application Data\wjfrjCrTGl.exe
[2011/03/15 18:43:23 | 000,004,598 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2011/03/15 18:36:55 | 000,002,508 | ---- | M] () -- C:\Documents and Settings\Administrateur\Application Data\$_hpcst$.hpc
[2011/03/14 13:12:20 | 000,000,400 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\85012
[2011/03/14 12:17:19 | 000,000,127 | ---- | M] () -- C:\WINDOWS\System32\MRT.INI
[2011/03/14 11:42:57 | 000,000,805 | ---- | M] () -- C:\Documents and Settings\Administrateur\Bureau\Windows Safemode.lnk
[2011/03/14 11:42:10 | 000,672,256 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\85012.exe
[2011/03/09 14:45:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Microsoft Silverlight
[2011/03/07 13:18:49 | 000,000,392 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\46246
[2011/03/07 13:15:08 | 000,000,256 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\~46246
[2011/03/07 13:15:07 | 000,000,168 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\~46246r
[2011/03/07 13:13:35 | 000,000,805 | ---- | M] () -- C:\Documents and Settings\Baby\Bureau\Windows Safemode.lnk
[2011/03/07 13:13:16 | 000,672,256 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\46246.exe
[2011/03/07 13:08:06 | 000,696,320 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\KDfipsQcxuWorYT.dll
[2011/03/06 09:54:54 | 000,032,256 | ---- | M] () -- C:\Documents and Settings\Baby\wuaucldt.exe
[2011/03/06 09:54:51 | 000,032,256 | ---- | M] () -- C:\WINDOWS\System32\wuaucldt.exe
[2011/03/05 04:29:03 | 000,000,405 | ---- | M] () -- C:\Documents and Settings\Baby\Bureau\Zimbra draft.url
[2011/03/03 13:57:03 | 000,000,572 | ---- | M] () -- C:\Documents and Settings\Baby\Mes documents\spider.sav
[2011/03/01 16:59:51 | 000,001,824 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Google Chrome.lnk
[2011/02/27 15:18:43 | 000,001,744 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011/02/27 15:18:36 | 000,054,156 | -H-- | M] () -- C:\WINDOWS\QTFont.qfn
[2011/02/26 08:35:21 | 000,054,734 | ---- | M] () -- C:\Documents and Settings\Baby\Application Data\Microsoft\Internet Explorer\Quick Launch\Facebook.url
[2011/02/23 13:27:01 | 000,000,545 | ---- | M] () -- C:\Documents and Settings\Baby\Bureau\Raccourci vers filou.lnk
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

[color=#E56717]========== Files Created - No Company Name ==========/color

[2011/03/15 18:52:37 | 000,000,795 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Malwarebytes' Anti-Malware.lnk
[2011/03/15 18:36:55 | 000,002,508 | ---- | C] () -- C:\Documents and Settings\Administrateur\Application Data\$_hpcst$.hpc
[2011/03/14 12:17:19 | 000,000,127 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI
[2011/03/14 11:42:57 | 000,000,805 | ---- | C] () -- C:\Documents and Settings\Administrateur\Bureau\Windows Safemode.lnk
[2011/03/14 11:42:17 | 000,000,400 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\85012
[2011/03/14 11:42:09 | 000,672,256 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\85012.exe
[2011/03/07 13:15:07 | 000,000,256 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\~46246
[2011/03/07 13:15:07 | 000,000,168 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\~46246r
[2011/03/07 13:13:35 | 000,000,805 | ---- | C] () -- C:\Documents and Settings\Baby\Bureau\Windows Safemode.lnk
[2011/03/07 13:13:29 | 000,000,392 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\46246
[2011/03/07 13:13:16 | 000,672,256 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\46246.exe
[2011/03/07 13:08:06 | 000,696,320 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\KDfipsQcxuWorYT.dll
[2011/03/06 09:54:54 | 000,032,256 | ---- | C] () -- C:\Documents and Settings\Baby\wuaucldt.exe
[2011/03/06 09:54:51 | 000,032,256 | ---- | C] () -- C:\WINDOWS\System32\wuaucldt.exe
[2011/03/05 04:29:02 | 000,000,405 | ---- | C] () -- C:\Documents and Settings\Baby\Bureau\Zimbra draft.url
[2011/02/26 08:35:21 | 000,054,734 | ---- | C] () -- C:\Documents and Settings\Baby\Application Data\Microsoft\Internet Explorer\Quick Launch\Facebook.url
[2011/02/23 13:27:01 | 000,000,545 | ---- | C] () -- C:\Documents and Settings\Baby\Bureau\Raccourci vers filou.lnk
[2010/05/13 05:24:08 | 000,002,508 | ---- | C] () -- C:\Documents and Settings\Baby\Application Data\$_hpcst$.hpc
[2010/04/07 04:10:54 | 000,000,120 | ---- | C] () -- C:\WINDOWS\PbkUser.INI
[2010/03/29 09:44:04 | 000,023,796 | ---- | C] () -- C:\WINDOWS\hpqins15.dat
[2009/11/29 10:35:17 | 000,078,333 | ---- | C] () -- C:\WINDOWS\hpqins05.dat
[2009/08/08 15:12:25 | 000,000,600 | ---- | C] () -- C:\Documents and Settings\Baby\PUTTY.RND
[2009/07/02 07:43:39 | 000,188,437 | ---- | C] () -- C:\WINDOWS\hpoins29.dat.temp
[2009/07/02 07:43:38 | 000,000,799 | ---- | C] () -- C:\WINDOWS\hpomdl29.dat.temp
[2009/07/02 06:51:20 | 000,188,045 | ---- | C] () -- C:\WINDOWS\hpoins29.dat
[2009/07/02 06:51:20 | 000,000,799 | ---- | C] () -- C:\WINDOWS\hpomdl29.dat
[2008/12/17 13:24:01 | 000,000,223 | ---- | C] () -- C:\WINDOWS\HP PrecisionScan Pro.INI
[2008/12/04 13:49:06 | 000,000,075 | ---- | C] () -- C:\WINDOWS\ImportClient.INI
[2008/12/04 13:44:58 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\PretzelSpellCheck.dll
[2008/12/04 13:44:57 | 000,090,112 | ---- | C] () -- C:\WINDOWS\System32\PMovieServer.dll
[2008/12/04 13:44:56 | 000,745,472 | ---- | C] () -- C:\WINDOWS\System32\PMAppBuilder.dll
[2008/08/10 03:09:47 | 000,001,632 | ---- | C] () -- C:\WINDOWS\System32\d3d8caps.dat
[2008/07/28 05:11:59 | 000,001,744 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2008/06/14 04:27:58 | 000,086,214 | ---- | C] () -- C:\WINDOWS\System32\EPPICPrinterDB.dat
[2008/06/14 04:27:58 | 000,004,943 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern6.dat
[2008/06/14 04:27:58 | 000,001,146 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_DU.dat
[2008/06/14 04:27:58 | 000,001,139 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_PT.dat
[2008/06/14 04:27:58 | 000,001,139 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_BP.dat
[2008/06/14 04:27:58 | 000,001,136 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_ES.dat
[2008/06/14 04:27:58 | 000,001,129 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_FR.dat
[2008/06/14 04:27:58 | 000,001,129 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_CF.dat
[2008/06/14 04:27:58 | 000,001,120 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_IT.dat
[2008/06/14 04:27:58 | 000,001,107 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_GE.dat
[2008/06/14 04:27:58 | 000,001,104 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_EN.dat
[2008/06/14 04:27:58 | 000,000,099 | ---- | C] () -- C:\WINDOWS\System32\PICSDK.ini
[2008/06/14 04:27:57 | 000,026,154 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern1.dat
[2008/06/14 04:27:57 | 000,024,903 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern3.dat
[2008/06/14 04:27:57 | 000,021,390 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern5.dat
[2008/06/14 04:27:57 | 000,020,148 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern2.dat
[2008/06/14 04:27:57 | 000,011,811 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern4.dat
[2008/06/14 04:25:19 | 000,000,025 | ---- | C] () -- C:\WINDOWS\CDED68PE.ini
[2008/06/14 04:13:07 | 000,001,467 | ---- | C] () -- C:\WINDOWS\PhotoImpression.ini
[2008/06/14 04:11:10 | 000,000,018 | ---- | C] () -- C:\WINDOWS\as_setup.ini
[2008/06/14 04:09:27 | 000,335,872 | ---- | C] () -- C:\WINDOWS\System32\ldf252.dll
[2008/06/14 03:52:44 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\acs.exe
[2008/06/14 03:52:36 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\AegisI5.exe
[2008/06/09 10:01:16 | 000,014,848 | ---- | C] () -- C:\Documents and Settings\Baby\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/05/27 04:36:09 | 000,000,049 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2008/05/27 03:45:15 | 000,004,608 | ---- | C] () -- C:\Documents and Settings\Babou\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/05/21 11:05:28 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\SKDAEMON.EXE
[2008/05/21 11:00:35 | 000,691,545 | ---- | C] () -- C:\WINDOWS\unins000.exe
[2008/05/21 11:00:35 | 000,002,548 | ---- | C] () -- C:\WINDOWS\unins000.dat
[2008/05/12 21:53:16 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2008/05/12 21:50:08 | 000,831,488 | ---- | C] () -- C:\WINDOWS\System32\divx_xx0a.dll
[2008/05/12 21:49:02 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\DivXWMPExtType.dll
[2006/12/04 04:29:42 | 000,001,747 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2006/06/08 09:18:10 | 000,000,379 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2006/06/08 09:18:10 | 000,000,000 | ---- | C] () -- C:\WINDOWS\NSREX.INI
[2006/06/08 08:51:54 | 000,000,000 | ---- | C] () -- C:\WINDOWS\VPC32.INI
[2006/06/07 03:52:12 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\e100bmsg.dll
[2006/06/02 07:34:09 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2006/06/01 05:05:07 | 000,006,550 | ---- | C] () -- C:\WINDOWS\jautoexp.dat
[2006/05/31 11:36:31 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2006/05/31 11:36:09 | 000,001,112 | ---- | C] () -- C:\WINDOWS\System32\PX.INI
[2006/05/31 11:30:31 | 000,000,241 | ---- | C] () -- C:\WINDOWS\Welcome.ini
[2006/05/31 11:13:30 | 000,002,500 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2005/08/01 14:46:48 | 000,042,496 | ---- | C] () -- C:\WINDOWS\System32\ALZZip.BIN
[2005/08/01 14:46:08 | 000,062,464 | ---- | C] () -- C:\WINDOWS\System32\ALZALZ.BIN
[2003/07/02 19:25:00 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\ibmpmsvc.exe
[2003/07/02 19:25:00 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\tpinspm.dll
[2002/11/14 19:14:26 | 000,143,360 | ---- | C] () -- C:\WINDOWS\System32\AIBMRUNL.dll
[2002/09/30 10:36:09 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2002/09/30 10:26:50 | 000,021,892 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2002/09/30 10:20:41 | 000,004,207 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2002/09/30 10:19:47 | 000,317,952 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2002/01/21 08:48:12 | 000,106,496 | ---- | C] () -- C:\WINDOWS\desktopset.exe
[2001/08/23 01:26:08 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\OEMBIOS.BIN
[2001/08/23 01:24:30 | 000,004,524 | ---- | C] () -- C:\WINDOWS\System32\OEMBIOS.DAT
[2001/08/07 13:00:24 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\HPNVRRes.dll
[2001/01/24 03:31:18 | 000,151,552 | ---- | C] () -- C:\WINDOWS\System32\prntfix.exe
[2000/04/14 10:50:02 | 000,343,040 | ---- | C] () -- C:\WINDOWS\System32\Lffpx7.dll
[1999/01/22 14:46:58 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\MSRTEDIT.DLL
[1998/06/11 08:08:06 | 000,095,232 | ---- | C] () -- C:\WINDOWS\System32\Lfkodak.dll
[1998/04/26 19:23:00 | 006,150,961 | ---- | C] () -- C:\WINDOWS\System32\jre116.exe
[1994/07/24 19:23:00 | 000,014,928 | ---- | C] () -- C:\WINDOWS\System32\wingen.drv
[1994/04/06 19:23:00 | 000,000,462 | ---- | C] () -- C:\WINDOWS\lodbf13.ini
[1979/12/31 18:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[1979/12/31 18:00:00 | 000,500,814 | ---- | C] () -- C:\WINDOWS\System32\perfh00C.dat
[1979/12/31 18:00:00 | 000,432,670 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[1979/12/31 18:00:00 | 000,322,810 | ---- | C] () -- C:\WINDOWS\System32\perfi00C.dat
[1979/12/31 18:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[1979/12/31 18:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[1979/12/31 18:00:00 | 000,080,856 | ---- | C] () -- C:\WINDOWS\System32\perfc00C.dat
[1979/12/31 18:00:00 | 000,067,626 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[1979/12/31 18:00:00 | 000,053,376 | ---- | C] () -- C:\WINDOWS\System32\drivers\volsnap.sys
[1979/12/31 18:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[1979/12/31 18:00:00 | 000,034,108 | ---- | C] () -- C:\WINDOWS\System32\perfd00C.dat
[1979/12/31 18:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[1979/12/31 18:00:00 | 000,001,788 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[1979/12/31 18:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat

[color=#E56717]========== LOP Check ==========/color

File not found --
[2006/12/04 05:16:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Babou\Application Data\OfficeUpdate12
[2008/12/23 13:17:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Baby\Application Data\ACD Systems
[2008/06/14 04:05:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Baby\Application Data\Dossier de téléchargement Share-to-Web
[2008/06/14 04:05:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Baby\Application Data\Dossier de téléchargement Share-to-Web
[2008/12/08 06:48:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Baby\Application Data\EPSON
[2008/12/23 13:16:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Baby\Application Data\InterVideo
[2006/12/04 05:16:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Baby\Application Data\OfficeUpdate12
[2010/08/27 03:32:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Baby\Application Data\Toolbar4
[2010/08/28 15:06:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Baby\Application Data\vShare
[2008/12/04 13:45:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Broderbund Software
[2010/04/07 12:10:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\BVRP Software
[2010/11/15 15:37:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Global Software Publishing
[2006/05/31 11:31:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ibm
[2009/09/16 02:05:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SBT
[2009/06/21 05:36:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\UDL
[2010/11/08 10:35:11 | 000,000,756 | ---- | M] () -- C:\WINDOWS\Tasks\Sauve.job

[color=#E56717]========== Purity Check ==========/color



[color=#E56717]========== Custom Scans ==========/color


Invalid Environment Variable: %ALLUSERSPROFILE%\Application Data\*.

Invalid Environment Variable: %ALLUSERSPROFILE%\Application Data\*.exe

Invalid Environment Variable: %APPDATA%\*.

Invalid Environment Variable: %APPDATA%\*.exe

[color=#A23BEC]< %SYSTEMDRIVE%\*.* >/color
[2011/03/15 23:17:51 | 000,071,796 | ---- | M] () -- C:\$OTL.Txt
[2006/06/01 03:11:00 | 000,000,000 | -H-- | M] () -- C:\AUTOEXEC.BAT
[2006/06/02 07:47:58 | 000,000,211 | RHS- | M] () -- C:\BOOT.INI
[2002/08/29 23:00:00 | 000,004,952 | RHS- | M] () -- C:\Bootfont.bin
[2006/05/31 11:33:00 | 000,000,000 | -H-- | M] () -- C:\BOOTLOG.PRV
[2006/05/31 11:36:56 | 000,000,000 | -H-- | M] () -- C:\BOOTLOG.TXT
[2002/09/30 10:12:00 | 000,000,512 | -HS- | M] () -- C:\BOOTSECT.DOS
[2006/07/24 07:21:11 | 000,000,028 | ---- | M] () -- C:\conf.cmd
[2006/06/01 03:11:00 | 000,000,000 | -H-- | M] () -- C:\CONFIG.SYS
[2006/05/31 11:32:20 | 000,001,230 | ---- | M] () -- C:\drivez.log
[2006/06/01 03:11:00 | 000,000,000 | -H-- | M] () -- C:\IO.SYS
[2006/07/24 07:20:41 | 000,000,029 | ---- | M] () -- C:\lance.cmd
[2009/07/04 05:08:12 | 000,000,000 | ---- | M] () -- C:\Log.txt
[2006/05/31 11:29:18 | 000,000,155 | ---- | M] () -- C:\LOGFILE.txt
[2006/12/08 03:54:55 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2006/06/06 08:47:09 | 000,000,033 | ---- | M] () -- C:\nofile.txt
[2006/06/02 07:41:58 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2006/06/02 07:41:58 | 000,251,712 | RHS- | M] () -- C:\ntldr
[2011/03/15 23:19:31 | 000,071,796 | ---- | M] () -- C:\OTL.txt
[2011/03/15 19:01:32 | 1205,850,112 | -HS- | M] () -- C:\pagefile.sys
[2006/05/31 11:26:32 | 000,000,090 | ---- | M] () -- C:\setup.log
[2006/12/04 04:02:20 | 000,000,268 | -H-- | M] () -- C:\sqmdata00.sqm
[2006/12/04 04:04:47 | 000,000,268 | -H-- | M] () -- C:\sqmdata01.sqm
[2008/05/21 10:51:34 | 000,000,268 | -H-- | M] () -- C:\sqmdata02.sqm
[2008/06/09 09:55:12 | 000,000,268 | -H-- | M] () -- C:\sqmdata03.sqm
[2008/07/07 14:39:09 | 000,000,268 | -H-- | M] () -- C:\sqmdata04.sqm
[2008/08/30 17:12:34 | 000,000,268 | -H-- | M] () -- C:\sqmdata05.sqm
[2008/10/10 17:52:50 | 000,000,232 | -H-- | M] () -- C:\sqmdata06.sqm
[2009/05/09 11:31:57 | 000,000,232 | -H-- | M] () -- C:\sqmdata07.sqm
[2009/05/13 15:35:49 | 000,000,268 | -H-- | M] () -- C:\sqmdata08.sqm
[2009/09/23 09:54:08 | 000,000,268 | -H-- | M] () -- C:\sqmdata09.sqm
[2006/12/04 04:02:20 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt00.sqm
[2006/12/04 04:04:47 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt01.sqm
[2008/05/21 10:51:34 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt02.sqm
[2008/06/09 09:55:12 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt03.sqm
[2008/07/07 14:39:09 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt04.sqm
[2008/08/30 17:12:34 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt05.sqm
[2008/10/10 17:52:50 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt06.sqm
[2009/05/09 11:31:57 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt07.sqm
[2009/05/13 15:35:49 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt08.sqm
[2009/09/23 09:54:07 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt09.sqm
[2006/05/31 11:13:30 | 000,000,830 | ---- | M] () -- C:\SYSLEVEL.IBM
[2006/05/31 11:12:40 | 000,000,044 | ---- | M] () -- C:\TCPACHIP.LOG
[2009/09/13 04:09:03 | 000,000,922 | ---- | M] () -- C:\updatedatfix.log
[2009/06/09 07:07:17 | 000,002,465 | ---- | M] () -- C:\xPos.txt

[color=#A23BEC]< %SYSTEMDRIVE%\*.exe >/color

[color=#A23BEC]< %PROGRAMFILES%\*.* >/color

[color=#A23BEC]< %PROGRAMFILES%\*. >/color
[2011/03/15 18:18:37 | 000,000,000 | ---D | M] -- C:\Program Files\$OvisLink
[2008/06/14 04:09:25 | 000,000,000 | ---D | M] -- C:\Program Files\ACD Systems
[2009/11/29 06:04:44 | 000,000,000 | ---D | M] -- C:\Program Files\Adobe
[2006/12/04 05:50:26 | 000,000,000 | ---D | M] -- C:\Program Files\Ahead
[2008/06/14 04:11:03 | 000,000,000 | ---D | M] -- C:\Program Files\ArcSoft
[2008/12/04 13:46:09 | 000,000,000 | ---D | M] -- C:\Program Files\Broderbund
[2002/09/30 10:26:36 | 000,000,000 | ---D | M] -- C:\Program Files\ComPlus Applications
[2008/05/27 03:47:51 | 000,000,000 | ---D | M] -- C:\Program Files\DivX
[2008/08/03 05:28:34 | 000,000,000 | ---D | M] -- C:\Program Files\eCover3D
[2009/06/21 05:12:24 | 000,000,000 | ---D | M] -- C:\Program Files\EPSON
[2006/12/08 03:50:41 | 000,000,000 | ---D | M] -- C:\Program Files\ESTsoft
[2009/11/20 06:00:27 | 000,000,000 | ---D | M] -- C:\Program Files\Fichiers communs
[2010/12/02 15:46:24 | 000,000,000 | ---D | M] -- C:\Program Files\Google
[2008/10/22 12:09:30 | 000,000,000 | ---D | M] -- C:\Program Files\Hewlett-Packard
[2010/07/06 13:17:52 | 000,000,000 | ---D | M] -- C:\Program Files\HP
[2010/08/27 03:31:19 | 000,000,000 | ---D | M] -- C:\Program Files\Iminent
[2010/05/13 05:58:55 | 000,000,000 | -H-D | M] -- C:\Program Files\InstallShield Installation Information
[2006/07/24 05:34:50 | 000,000,000 | ---D | M] -- C:\Program Files\Intel
[2010/06/09 16:43:48 | 000,000,000 | ---D | M] -- C:\Program Files\Internet Explorer
[2006/12/08 03:55:04 | 000,000,000 | ---D | M] -- C:\Program Files\InterVideo
[2009/07/04 16:22:31 | 000,000,000 | ---D | M] -- C:\Program Files\Jaquette Express
[2006/12/04 05:23:33 | 000,000,000 | ---D | M] -- C:\Program Files\Lavasoft
[2008/06/14 03:56:22 | 000,000,000 | ---D | M] -- C:\Program Files\Logitech
[2011/03/15 18:52:38 | 000,000,000 | ---D | M] -- C:\Program Files\Malwarebytes' Anti-Malware
[2008/08/13 10:02:58 | 000,000,000 | ---D | M] -- C:\Program Files\Messenger
[2008/09/12 12:12:11 | 000,000,000 | ---D | M] -- C:\Program Files\Micro Application
[2009/11/20 06:13:40 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft
[2010/05/13 05:21:34 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft ActiveSync
[2008/05/21 10:25:31 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft CAPICOM 2.1.0.2
[2006/12/04 05:44:28 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Carioca
[2009/09/16 02:03:14 | 000,000,000 | ---D | M] -- C:\Program Files\microsoft frontpage
[2009/09/16 02:05:36 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Office
[2011/03/09 14:44:29 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Silverlight
[2009/11/20 06:16:08 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft SQL Server Compact Edition
[2009/11/20 06:17:17 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Sync Framework
[2010/03/10 17:35:58 | 000,000,000 | ---D | M] -- C:\Program Files\Movie Maker
[2009/11/21 18:32:39 | 000,000,000 | ---D | M] -- C:\Program Files\MSBuild
[2002/09/30 10:25:44 | 000,000,000 | ---D | M] -- C:\Program Files\MSN
[2002/09/30 10:26:04 | 000,000,000 | ---D | M] -- C:\Program Files\MSN Gaming Zone
[2008/05/21 10:49:37 | 000,000,000 | ---D | M] -- C:\Program Files\MSN Messenger
[2009/07/03 10:00:24 | 000,000,000 | ---D | M] -- C:\Program Files\MSXML 4.0
[2009/11/21 18:27:15 | 000,000,000 | ---D | M] -- C:\Program Files\MSXML 6.0
[2006/06/02 07:44:27 | 000,000,000 | ---D | M] -- C:\Program Files\NetMeeting
[2010/05/12 16:40:09 | 000,000,000 | ---D | M] -- C:\Program Files\Outlook Express
[2010/07/10 16:32:17 | 000,000,000 | ---D | M] -- C:\Program Files\PartyGaming
[2008/08/07 06:58:23 | 000,000,000 | ---D | M] -- C:\Program Files\PhotoFiltre
[2006/12/04 04:16:53 | 000,000,000 | ---D | M] -- C:\Program Files\QuickTime
[2006/12/04 04:26:11 | 000,000,000 | ---D | M] -- C:\Program Files\Real
[2009/11/21 18:32:27 | 000,000,000 | ---D | M] -- C:\Program Files\Reference Assemblies
[2006/05/31 11:30:30 | 000,000,000 | ---D | M] -- C:\Program Files\SBApps
[2002/09/30 10:26:22 | 000,000,000 | ---D | M] -- C:\Program Files\Services en ligne
[2009/09/16 02:05:08 | 000,000,000 | ---D | M] -- C:\Program Files\Snapshot Viewer
[2008/05/21 11:01:39 | 000,000,000 | ---D | M] -- C:\Program Files\Spybot - Search & Destroy
[2006/06/06 08:55:40 | 000,000,000 | ---D | M] -- C:\Program Files\Support.com
[2006/06/08 08:51:21 | 000,000,000 | ---D | M] -- C:\Program Files\Symantec
[2011/03/15 19:03:52 | 000,000,000 | ---D | M] -- C:\Program Files\Symantec AntiVirus
[2006/06/06 09:29:56 | 000,000,000 | ---D | M] -- C:\Program Files\ThinkPad
[2008/08/10 03:54:17 | 000,000,000 | ---D | M] -- C:\Program Files\Trellix Corporation
[2002/09/30 10:37:54 | 000,000,000 | -H-D | M] -- C:\Program Files\Uninstall Information
[2010/05/13 05:35:26 | 000,000,000 | ---D | M] -- C:\Program Files\ViaMichelin
[2010/08/28 15:05:45 | 000,000,000 | ---D | M] -- C:\Program Files\vShare
[2008/12/04 13:47:42 | 000,000,000 | ---D | M] -- C:\Program Files\Web Publish
[2011/02/06 02:14:48 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Live
[2009/11/20 06:13:23 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Live SkyDrive
[2006/12/04 04:41:15 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Media Connect 2
[2006/12/04 04:41:14 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Media Player
[2006/06/02 07:44:22 | 000,000,000 | ---D | M] -- C:\Program Files\Windows NT
[2006/06/01 04:42:31 | 000,000,000 | -H-D | M] -- C:\Program Files\WindowsUpdate
[2002/09/30 10:31:46 | 000,000,000 | ---D | M] -- C:\Program Files\xerox
[2008/09/09 14:06:47 | 000,000,000 | ---D | M] -- C:\Program Files\Zone Labs


[color=#A23BEC]< MD5 for: AGP440.SYS >/color
[2006/06/02 07:38:53 | 022,282,803 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2006/06/02 07:38:53 | 022,282,803 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:AGP440.sys
[2008/04/13 14:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\SoftwareDistribution\Download\44b6174a4a693136d02d4a7ecd7cbd54\agp440.sys
[2004/08/04 02:07:41 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2004/08/04 02:07:41 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\WINDOWS\system32\drivers\agp440.sys

[color=#A23BEC]< MD5 for: ATAPI.SYS >/color
[2002/08/29 23:00:00 | 010,179,564 | ---- | M] () .cab file -- C:\I386\sp1.cab:atapi.sys
[2002/08/29 23:00:00 | 010,179,564 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp1.cab:atapi.sys
[2006/06/02 07:38:53 | 022,282,803 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2006/06/02 07:38:53 | 022,282,803 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:atapi.sys
[2008/04/13 14:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\SoftwareDistribution\Download\44b6174a4a693136d02d4a7ecd7cbd54\atapi.sys
[2004/08/04 01:59:42 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2004/08/04 01:59:42 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\dllcache\atapi.sys
[2004/08/04 01:59:42 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\drivers\atapi.sys
[2004/08/04 01:59:42 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0013\DriverFiles\i386\atapi.sys

[color=#A23BEC]< MD5 for: AUTOCHK.EXE >/color
[2004/08/19 19:09:51 | 000,625,152 | ---- | M] (Microsoft Corporation) MD5=0BB998A402272141809EE90F9081CB27 -- C:\WINDOWS\ServicePackFiles\i386\autochk.exe
[2004/08/19 19:09:51 | 000,625,152 | ---- | M] (Microsoft Corporation) MD5=0BB998A402272141809EE90F9081CB27 -- C:\WINDOWS\system32\autochk.exe
[2002/08/29 23:00:00 | 000,602,112 | ---- | M] (Microsoft Corporation) MD5=2ED97FCADB647FEE2D141B2D71ACCE8B -- C:\I386\AUTOCHK.EXE
[2008/04/13 22:33:53 | 000,625,152 | ---- | M] (Microsoft Corporation) MD5=B16CCBF66BF41F994D2810CC2299D9D6 -- C:\WINDOWS\SoftwareDistribution\Download\44b6174a4a693136d02d4a7ecd7cbd54\autochk.exe

[color=#A23BEC]< MD5 for: BEEP.SYS >/color
[2002/08/29 23:00:00 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\system32\drivers\beep.sys

[color=#A23BEC]< MD5 for: EVENTLOG.DLL >/color
[2004/08/19 19:09:25 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=49B1376885340BF9EA0D99F71557B59A -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2004/08/19 19:09:25 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=49B1376885340BF9EA0D99F71557B59A -- C:\WINDOWS\system32\eventlog.dll
[2008/04/13 22:33:24 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=4EC800BDF80521B0207BD2301DFC7D14 -- C:\WINDOWS\SoftwareDistribution\Download\44b6174a4a693136d02d4a7ecd7cbd54\eventlog.dll

[color=#A23BEC]< MD5 for: EXPLORER.EXE >/color
[2004/08/19 19:09:53 | 001,036,288 | ---- | M] (Microsoft Corporation) MD5=2A7BD330924252A2FD80344FC949BB72 -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe
[2007/06/13 09:22:28 | 001,037,312 | ---- | M] (Microsoft Corporation) MD5=D0288319660EDCFED07C7E74C4EA38A5 -- C:\WINDOWS\explorer.exe
[2007/06/13 09:22:28 | 001,037,312 | ---- | M] (Microsoft Corporation) MD5=D0288319660EDCFED07C7E74C4EA38A5 -- C:\WINDOWS\system32\dllcache\explorer.exe
[2008/04/13 22:34:03 | 001,037,824 | ---- | M] (Microsoft Corporation) MD5=F2317622D29F9FF0F88AEECD5F60F0DD -- C:\WINDOWS\SoftwareDistribution\Download\44b6174a4a693136d02d4a7ecd7cbd54\explorer.exe

[color=#A23BEC]< MD5 for: IMM32.DLL >/color
[2008/04/13 22:33:26 | 000,110,080 | ---- | M] (Microsoft Corporation) MD5=0469B73DB32E5520F342C5E163AA3CCA -- C:\WINDOWS\SoftwareDistribution\Download\44b6174a4a693136d02d4a7ecd7cbd54\imm32.dll
[2004/08/19 19:09:28 | 000,110,080 | ---- | M] (Microsoft Corporation) MD5=E55DAFA1A354BD5CB69151563DC9748A -- C:\WINDOWS\ServicePackFiles\i386\imm32.dll
[2004/08/19 19:09:28 | 000,110,080 | ---- | M] (Microsoft Corporation) MD5=E55DAFA1A354BD5CB69151563DC9748A -- C:\WINDOWS\system32\imm32.dll

[color=#A23BEC]< MD5 for: KERNEL32.DLL >/color
[2009/03/21 09:58:25 | 001,054,208 | ---- | M] (Microsoft Corporation) MD5=2087E2764822A8D93A4CA7FA0FED35E8 -- C:\WINDOWS\$hf_mig$\KB959426\SP2QFE\kernel32.dll
[2008/04/13 22:33:28 | 001,054,720 | ---- | M] (Microsoft Corporation) MD5=3AC8886DFA5AB641417DF4D3B7F5512E -- C:\WINDOWS\SoftwareDistribution\Download\44b6174a4a693136d02d4a7ecd7cbd54\kernel32.dll
[2009/03/21 10:20:10 | 001,051,136 | ---- | M] (Microsoft Corporation) MD5=534040750B9E70B156A98F5D0E8F6D2A -- C:\WINDOWS\system32\dllcache\kernel32.dll
[2009/03/21 10:20:10 | 001,051,136 | ---- | M] (Microsoft Corporation) MD5=534040750B9E70B156A98F5D0E8F6D2A -- C:\WINDOWS\system32\kernel32.dll
[2007/04/16 11:53:11 | 001,049,600 | ---- | M] (Microsoft Corporation) MD5=6F1FE2AE7B22EB9CED1BFF533C9455EA -- C:\WINDOWS\$NtUninstallKB959426$\kernel32.dll
[2009/03/21 10:07:58 | 001,054,720 | ---- | M] (Microsoft Corporation) MD5=98F08549604D090B6B2514AF845F329F -- C:\WINDOWS\$hf_mig$\KB959426\SP3GDR\kernel32.dll
[2009/03/21 10:00:17 | 001,056,768 | ---- | M] (Microsoft Corporation) MD5=C3AF0EEE26B59484E674673E3016AAB7 -- C:\WINDOWS\$hf_mig$\KB959426\SP3QFE\kernel32.dll
[2004/08/19 19:09:30 | 001,048,576 | ---- | M] (Microsoft Corporation) MD5=C88F74591579DBDE273C61312B2D3886 -- C:\WINDOWS\ServicePackFiles\i386\kernel32.dll

[color=#A23BEC]< MD5 for: MSWSOCK.DLL >/color
[2008/04/13 22:33:33 | 000,247,808 | ---- | M] (Microsoft Corporation) MD5=196CCC3FDD21665DCAA9F83FFC03B41A -- C:\WINDOWS\SoftwareDistribution\Download\44b6174a4a693136d02d4a7ecd7cbd54\mswsock.dll
[2008/06/20 13:37:01 | 000,247,808 | ---- | M] (Microsoft Corporation) MD5=4138FBDEDBC6FEAD215BB4C4B102F7DE -- C:\WINDOWS\$hf_mig$\KB951748\SP2QFE\mswsock.dll
[2008/06/20 13:47:22 | 000,247,808 | ---- | M] (Microsoft Corporation) MD5=58AF8498C62E1E1DAB5AE59C6E08C180 -- C:\WINDOWS\$hf_mig$\KB951748\SP3GDR\mswsock.dll
[2004/08/19 19:09:34 | 000,247,808 | ---- | M] (Microsoft Corporation) MD5=6FA2DDF70DC9B762EBF8920F89B6BEA3 -- C:\WINDOWS\$NtUninstallKB951748$\mswsock.dll
[2004/08/19 19:09:34 | 000,247,808 | ---- | M] (Microsoft Corporation) MD5=6FA2DDF70DC9B762EBF8920F89B6BEA3 -- C:\WINDOWS\ServicePackFiles\i386\mswsock.dll
[2008/06/20 13:41:06 | 000,247,808 | ---- | M] (Microsoft Corporation) MD5=8A52DE10680A40ECD04FA2C0FBC34190 -- C:\WINDOWS\system32\dllcache\mswsock.dll
[2008/06/20 13:41:06 | 000,247,808 | ---- | M] (Microsoft Corporation) MD5=8A52DE10680A40ECD04FA2C0FBC34190 -- C:\WINDOWS\system32\mswsock.dll
[2008/06/20 13:44:02 | 000,247,808 | ---- | M] (Microsoft Corporation) MD5=C759B3790D3BA760C52E218EF4886DAC -- C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\mswsock.dll

[color=#A23BEC]< MD5 for: NDIS.SYS >/color
[2008/04/13 15:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\SoftwareDistribution\Download\44b6174a4a693136d02d4a7ecd7cbd54\ndis.sys
[2004/08/04 02:14:28 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\ServicePackFiles\i386\ndis.sys
[2004/08/04 02:14:28 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\system32\drivers\ndis.sys

[color=#A23BEC]< MD5 for: NETLOGON.DLL >/color
[2008/04/13 22:33:34 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=04821179C3171554C1BD1F9888A113E2 -- C:\WINDOWS\SoftwareDistribution\Download\44b6174a4a693136d02d4a7ecd7cbd54\netlogon.dll
[2004/08/19 19:09:36 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=D4CFAC76926C24E32B7F25A35C31BC6E -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2004/08/19 19:09:36 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=D4CFAC76926C24E32B7F25A35C31BC6E -- C:\WINDOWS\system32\netlogon.dll
[2009/02/06 14:46:49 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=ECD7791E0E9246CA5F218A19F3911EB9 -- C:\WINDOWS\$hf_mig$\KB968389\SP2QFE\netlogon.dll
[2009/02/06 14:46:49 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=ECD7791E0E9246CA5F218A19F3911EB9 -- C:\WINDOWS\$hf_mig$\KB975467\SP2QFE\netlogon.dll

[color=#A23BEC]< MD5 for: NTFS.SYS >/color
[2007/02/09 07:10:35 | 000,574,464 | ---- | M] (Microsoft Corporation) MD5=19A811EF5F1ED5C926A028CE107FF1AF -- C:\WINDOWS\system32\dllcache\ntfs.sys
[2007/02/09 07:10:35 | 000,574,464 | ---- | M] (Microsoft Corporation) MD5=19A811EF5F1ED5C926A028CE107FF1AF -- C:\WINDOWS\system32\drivers\ntfs.
0
Réponse 7 / 11
moment de grace Messages postés 30049 Statut Contributeur sécurité 2 274
 
Relance OLTPE


?Copie la liste qui se trouve en gras ci-dessous,

? colle-la dans la zone sous "Personnalisation" :




:OTL
O4 - HKU\Baby_ON_C..\Run: [wjfrjCrTGl] C:\Documents and Settings\All Users\Application Data\wjfrjCrTGl.exe (NetInternals)


:Files
C:\Documents and Settings\All Users\Application Data\wjfrjCrTGl.exe

:commands
[emptytemp]



Clique sur "Correction" pour lancer la suppression.

redemarre le pc et dis moi ce que ca dit
0
djidji
 
Bonjour moment de grace

Comme demandé dans ton dernier message, j'ai effectué tes lignes de commandes dans OLTPE.

J'ai rebooté, et j'avais tjs le meme message "disk failure".
j'ai quand m^me pu lancé malware et au bout de 5 mn tout a rebooté.

je suis donc repassé dans OLTPE, j'ai repris tes commandes du message d'hier à 18h44, puis rajouter celles du message de ce matin à 5h47 ( bonne nuit), j'ai tout fait executer, je suis aller dans ma registry via la cmd DOS d'OLTPE, réactiver dans la clé HKU mes TaskMGr, puis j'ai rebooté en mode echec.

Surprise: le mesage avait disparu, j'ai lancé Malware et desinfecté les 6 problèmes rencontré.

Maintenant j'ai rebooté en mode normal, je n'ai plus de message "disk failure", j'ai désactivé mon antivirus et je suis de nouveau en train de lancé malware pour un examen complet de la machine.
Celà fait 15 minutes qu'il tourne, 0 fichier infecté pour l'instant et aucun message d'erreur.

Je te remercie beaucoup pour ton aide très efficace.

Je reposte un message quand tout aura été testé.
0
Réponse 8 / 11
moment de grace Messages postés 30049 Statut Contributeur sécurité 2 274
 
il faudrait que tu me postes des rapports stp...
0
Réponse 9 / 11
djidji
 
Jes suis désolé,, je n'ai pas gardé les derniers rapports.

Voici la seule log qui me reste.

Sinon tout fonctionne bien maintenant.


========== OTL ==========
Registry value HKEY_USERS\Baby_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\wjfrjCrTGl deleted successfully.
C:\Documents and Settings\All Users\Application Data\wjfrjCrTGl.exe moved successfully.
========== FILES ==========
File\Folder C:\Documents and Settings\All Users\Application Data\wjfrjCrTGl.exe not found.
========== COMMANDS ==========

[EMPTYTEMP]

User: Administrateur
->Temp folder emptied: 3145854 bytes
->Temporary Internet Files folder emptied: 213956 bytes

User: All Users

User: Babou
->Temp folder emptied: 18291640 bytes
->Temporary Internet Files folder emptied: 596943 bytes
->Flash cache emptied: 1527914 bytes

User: Baby
->Temp folder emptied: 5242934 bytes
->Temporary Internet Files folder emptied: 52322825 bytes
->Google Chrome cache emptied: 9013385 bytes
->Flash cache emptied: 173118 bytes

User: Default User
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 331 bytes

User: LocalService
->Temp folder emptied: 66016 bytes
->Temporary Internet Files folder emptied: 13725401 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: Philippe

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 19528 bytes
%systemroot%\System32 .tmp files removed: 3072 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 34225799 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 64767082 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 49046 bytes

Total Files Cleaned = 194.00 mb


OTLPE by OldTimer - Version 3.1.46.0 log created on 03162011_165550
0
Réponse 10 / 11
moment de grace Messages postés 30049 Statut Contributeur sécurité 2 274
 
oki

apres MalwareByte's Anti-Malware et avoir posté le rapport

Télécharge ZHPDiag ( de Nicolas coolman ).
https://www.zebulon.fr/telechargements/securite/systeme/zhpdiag.html

ou

https://www.commentcamarche.net/telecharger/utilitaires/24803-zhpdiag/


(outil de diagnostic)

Double clique sur le fichier d'installation, puis installe le avec les paramètres par défaut ( N'oublie pas de cocher " Créer une icône sur le bureau " )

Lance ZHPDiag en double cliquant sur l'icône présente sur ton bureau (Clique droit -> Executer en tant qu'admin ( vista )

Clique sur la loupe en haut à gauche, puis laisse l'outil scanner.

Une fois le scan terminé, clique sur l'icône en forme de disquette et enregistre le fichier sur ton bureau.

Rend toi sur http://pjjoint.malekal.com/

Clique sur "Parcourir "

Sélectionne le rapport ZHPdiag.txt qui se trouve sur ton bureau

Clique ensuite sur "Envoyer le fichier " et copie/colle le lien dans ton prochain message

0
Réponse 11 / 11
djidji
 
Resultat du diagnostic zhpdiag

http://pjjoint.malekal.com/files.php?id=3d7ccbccf11387
0

Discussions similaires

SMS message vocal arnaque ?
kikidefer -
Stepik -

10 réponses