Votre question

Pc qui ne réagis plus....Virus ?

Tags :
  • Sécurité
Dernière réponse : dans Sécurité et virus
21 Juin 2011 01:39:54

Bonsoir,
Alors pour faire simple : J'ai un GROS soucis avec mon pc.
J'ai jamais eu affaire à ce genre de problème avant.
Enfin bref, mon pc est un Compaq presario v6000.

Il y à quelque jours je l'ai nettoyer avec Malware bytes; tout allais bien.

Et hier après midi, tranquillement entrain de regarder un film, je reçois un message que je n'ai pas le temps de lire.

Je rallume, et LA c'est le drame !

- 30 min pour démarrer , voir plus !
- Plus aucun son !
- Windows XP ma refourguer sont ancien thème !
- Je ne peu plus visionner d'images
- je peu toujours ouvrir les logiciels
- dans le système les giga Hertz ne sont pas afficher ! (wtf?)
- la barre des menu n'est plus apparente n'y accessible
- aucun accès à internet

Je n'ai pas essayer de formater car je n'ai pas envie de perdre tous mon travail sur photoshop, ou mes compos .


( J'avais déja poster sur le forum "système d'éxploitation" mais ce forum me semble plus adéquat .
Aussi je rajoute que mon pc ne réagis pas lorsque je connecte une clé usb; et c'est ce qui me dérange le plus car je pense enregistrer mes données pour passer ensuite au grand nettoyage.)

Si quelqu'un à une idée, qu'il ou elle n'hésite pas. :( 

Voila, merci de m'avoir lu, et bonne fête de la musique à vous. :) 

Autres pages sur : reagis virus

21 Juin 2011 01:40:53

Pc qui ne réagit* plus.
a c 614 8 Sécurité
21 Juin 2011 11:29:30

Bonjour,

Il nous faudrait le premier rapport de malwarebyte's (sous l'onglet "rapport" ) puis :


Télécharge OTL (de Old Timer) sur ton bureau.
  • Ferme toutes tes fenêtres, puis double clique sur OTL.exe pour le lancer.
    (Utilisateur de Vista/Windows 7 faites un clic droit -> "Exécuter en tant qu'administrateur")
  • Coche en haut la case devant "Tous les utilisateurs"
  • Sous Personnalisation, copie-colle l'ensemble du texte ci-dessous, laisse les autres options par défaut.
    netsvcs
    msconfig
    drivers32
    activex
    %SYSTEMDRIVE%\*.exe
    %ALLUSERSPROFILE%\Application Data\*.
    %ALLUSERSPROFILE%\Application Data\*.exe /s
    %APPDATA%\*.
    %APPDATA%\*.exe /s
    %systemroot%\*. /mp /s
    %systemroot%\system32\*.dll /lockedfiles
    %systemroot%\Tasks\*.job /lockedfiles
    %systemroot%\system32\drivers\*.sys /lockedfiles
    CREATERESTOREPOINT

  • Clique sur le bouton Analyse en haut à gauche puis patiente quelques instants.
  • A la fin du scan, deux rapports s'ouvriront OTL.Txt et Extras.Txt. Copie/colle ici l'ensemble des rapports.
    PS : Les rapports sont aussi enregistrés sur le bureau

    Pour les rapports, merci d'utiliser ce service de rapport en ligne : dépose le fichier via "parcourir" et poste simplement le lien obtenu.
    Contenus similaires
    21 Juin 2011 22:28:50

    Merci pour ta réponse.

    Je n'ai décidément pas de chance, mais je ne trouve nul part OLT, même sur ton lien, le pc sur lequel je suis me dit que le délai d'attente est dépassé...( j'éssaierais plus tard).
    (je suis sur le pc portable de mon frère.)

    Et pour te donner les rapports ce sera difficile car la fonction "copier coller " de MON pc ne fonctionne plus. Et c'est dommage car en connectant le disque dur externe avant d'allumer le pc, celui ci le détecte .
    21 Juin 2011 22:29:36

    La fonction " déplacer" ne fonctionne également plus.
    a c 614 8 Sécurité
    21 Juin 2011 22:50:44

    Re,

    Si rien ne marche on en passera par une autre méthode via liveCD.

    Dis-moi ou tu en es.
    22 Juin 2011 23:22:38

    J'ai reussi à télécharger OTL.
    Je vais faire tous sa demain. Car mon pc n'à plus la fonction "coller" et je n'ai donc plus le temps ce soir .
    J'éspère que les rapports ne seront pas trop long.

    Mais encore merci de m'aider.
    a c 614 8 Sécurité
    23 Juin 2011 09:57:17

    Re,

    Non tu ne pourras pas recopier à la main de tel rapport !

    Essaye en mode sans échec, sinon comme je disais, on en passera par un livecd.

    (Mode sans échec :

    Redémarre en Mode Sans Echec :
    - Au démarrage, après le chargement du bios, appuie successivement sur la touche F8 (ou F5) de ton clavier jusqu'à l'apparition d'un menu sur fond noir. Une fois arrivé à ce stade, sélectionne à l'aide du clavier Mode sans Echec.
    -- Dans ce mode, tu n'as pas accès à Internet, et tu te retrouves avec une configuration visuelle différente (pas de fond d'écran, icônes très grosses). Ne sois donc pas étonné.
    --- C'est pour ces différentes raisons que je t'invite à imprimer, noter, ou enregistrer dans un document texte les informations suivantes afin de ne pas être perdu.
    ---- ! Ne fais pas démarrer ton ordinateur en mode sans échec via MSConfig ! Pourquoi ? Certaines infections cassent les clefs du mode sans échec, ce qui ferait crasher ton ordinateur.

    Aide : Comment faire démarrer son ordinateur en mode sans échec. )
    24 Juin 2011 08:03:13

    Le rapport Extras :




    OTL Extras logfile created on: 24/06/2011 07:41:21 - Run 1
    OTL by OldTimer - Version 3.2.24.1 Folder = E:\
    Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
    Internet Explorer (Version = 8.0.6001.18702)
    Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

    1,99 Gb Total Physical Memory | 1,76 Gb Available Physical Memory | 88,25% Memory free
    3,84 Gb Paging File | 3,78 Gb Available in Paging File | 98,51% Paging File free
    Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
    Drive C: | 102,60 Gb Total Space | 35,14 Gb Free Space | 34,25% Space Free | Partition Type: NTFS
    Drive E: | 976,59 Mb Total Space | 454,72 Mb Free Space | 46,56% Space Free | Partition Type: FAT

    Computer Name: PC-PORTABLE | User Name: Jimmy | Logged in as Administrator.
    Boot Mode: SafeMode | Scan Mode: All users
    Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

    ========== Extra Registry (SafeList) ==========


    ========== File Associations ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
    .cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
    .url [@ = InternetShortcut] -- rundll32.exe shdocvw.dll,OpenURL %l

    [HKEY_USERS\.DEFAULT\SOFTWARE\Classes\<extension>]
    .exe [@ = exefile] -- "C:\Documents and Settings\NetworkService\Local Settings\Application Data\lfm.exe" -a "%1" %*

    [HKEY_USERS\S-1-5-18\SOFTWARE\Classes\<extension>]
    .exe [@ = exefile] -- "C:\Documents and Settings\NetworkService\Local Settings\Application Data\lfm.exe" -a "%1" %*

    [HKEY_USERS\S-1-5-21-1409082233-1303643608-725345543-1003\SOFTWARE\Classes\<extension>]
    .html [@ = htmlfile] -- Reg Error: Key error. File not found

    ========== Shell Spawning ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
    batfile [open] -- "%1" %*
    cmdfile [open] -- "%1" %*
    comfile [open] -- "%1" %*
    cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
    exefile [open] -- "%1" %*
    htafile [open] -- "%1" %*
    htmlfile [edit] -- Reg Error: Key error.
    InternetShortcut [open] -- rundll32.exe shdocvw.dll,OpenURL %l
    piffile [open] -- "%1" %*
    regfile [merge] -- Reg Error: Key error.
    scrfile [config] -- "%1"
    scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
    scrfile [open] -- "%1" /S
    txtfile [edit] -- Reg Error: Key error.
    Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
    Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
    Directory [DirectoryAppearanceCreate] -- desktop.ini_create.cmd "%1\desktop.ini" "%1"
    Directory [DirectoryAppearanceEdit] -- notepad.exe "%1\desktop.ini"
    Directory [DirectoryAppearanceSet] -- attrib.exe "%1" +s (Microsoft Corporation)
    Directory [DirectoryAppearanceUnset] -- attrib.exe "%1" -s (Microsoft Corporation)
    Directory [Envoyer vers: ajouter ce dossier] -- SendToAdd.exe "%1" ()
    Directory [Envoyer vers: supprimer ce dossier] -- SendToRemove.exe "%1" ()
    Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Directory [Find.Target] -- "explorer.exe" /select,"%1" (Microsoft Corporation)
    Directory [Ouvrir une console ici] -- cmd.exe /k cd "%1" (Microsoft Corporation)
    Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
    Directory [SuperFinder] -- SuperFinder.exe "%1" (FSL)
    Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
    Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
    Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

    ========== Security Center Settings ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
    "AntiVirusOverride" = 1
    "FirewallOverride" = 1
    "FirstRunDisabled" = 1
    "AntiVirusDisableNotify" = 0
    "FirewallDisableNotify" = 0
    "UpdatesDisableNotify" = 0

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

    ========== System Restore Settings ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
    "DisableSR" = 1

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
    "Start" = 0

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
    "Start" = 4

    ========== Firewall Settings ==========

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
    "EnableFirewall" = 0
    "DoNotAllowExceptions" = 0
    "DisableNotifications" = 1
    "DisableUnicastResponsesToMulticastBroadcast" = 0

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
    "EnableFirewall" = 1
    "DoNotAllowExceptions" = 0
    "DisableNotifications" = 1
    "DisableUnicastResponsesToMulticastBroadcast" = 0

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
    "1900:UDP" = 1900:UDP:LocalSubNet:D isabled:@xpsp2res.dll,-22007
    "2869:TCP" = 2869:TCP:LocalSubNet:D isabled:@xpsp2res.dll,-22008
    "20376:TCP" = 20376:TCP:*:Enabled:spport
    "13568:TCP" = 13568:TCP:*:Enabled:spport

    ========== Authorized Applications List ==========

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
    "C:\Program Files\VideoLAN\VLC\vlc.exe" = C:\Program Files\VideoLAN\VLC\vlc.exe:*:Enabled:VLC media player -- ()
    "C:\Program Files\Google\Google SketchUp 7\LayOut\LayOut.exe" = C:\Program Files\Google\Google SketchUp 7\LayOut\LayOut.exe:*:Enabled:LayOut
    "C:\Program Files\Google\Google SketchUp 7\SketchUp.exe" = C:\Program Files\Google\Google SketchUp 7\SketchUp.exe:*:Enabled:SketchUp Application
    "C:\Program Files\Counter-Strike Source\hl2.exe" = C:\Program Files\Counter-Strike Source\hl2.exe:*:D isabled:hl2
    "D:\Worms2\worms2.hbd.exe" = D:\Worms2\worms2.hbd.exe:*:Enabled:Worms 2 Frontend
    "C:\Documents and Settings\Jimmy\Bureau\worms 2\worms2.hbd.exe" = C:\Documents and Settings\Jimmy\Bureau\worms 2\worms2.hbd.exe:*:D isabled:Worms 2 Frontend
    "C:\Documents and Settings\Jimmy\Bureau\Nouveau dossier\worms2.hbd.exe" = C:\Documents and Settings\Jimmy\Bureau\Nouveau dossier\worms2.hbd.exe:*:Enabled:Worms 2 Frontend
    "C:\Program Files\cacaoweb\cacaoweb.exe" = C:\Program Files\cacaoweb\cacaoweb.exe:*:Enabled:cacaoweb -- ()
    "C:\Documents and Settings\Jimmy\Mes documents\Age of Empire II\empires2.exe" = C:\Documents and Settings\Jimmy\Mes documents\Age of Empire II\empires2.exe:*:Enabled:Age of Empires II -- (Microsoft Corporation)
    "C:\Documents and Settings\Jimmy\Mes documents\Age of Empire II\age2_x1.exe" = C:\Documents and Settings\Jimmy\Mes documents\Age of Empire II\age2_x1.exe:*:Enabled:Age of Empires II Expansion -- (Microsoft Corporation)
    "C:\Documents and Settings\Jimmy\Mes documents\Téléchargements\Counter-Strike v1.6\hl.exe" = C:\Documents and Settings\Jimmy\Mes documents\Téléchargements\Counter-Strike v1.6\hl.exe:*:Enabled:Half-Life Launcher
    "C:\Documents and Settings\Jimmy\Local Settings\Temp\RarSFX0\hl.exe" = C:\Documents and Settings\Jimmy\Local Settings\Temp\RarSFX0\hl.exe:*:Enabled:Half-Life Launcher


    ========== HKEY_LOCAL_MACHINE Uninstall List ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "{01501EBA-EC35-4F9F-8889-3BE346E5DA13}" = MSXML4 Parser
    "{04AF207D-9A77-465A-8B76-991F6AB66245}" = Adobe Help Viewer CS3
    "{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting
    "{0E26E09B-6687-4A99-BD08-A9E705373029}_is1" = Vyzex Pocket POD 1.17
    "{133742BA-6F46-4D3E-85AF-78631D9AD8B8}" = Installation Windows Live
    "{14A487F2-1259-4E6C-AE3C-3C888DDBCB60}_is1" = Guitar Pro 6
    "{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}" = Adobe WinSoft Linguistics Plugin
    "{1D13221B-42DE-4B3C-A43F-0F6AF3CF3DA2}" = Client Windows Rights Management avec Service Pack 2
    "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
    "{1F77C418-2C90-459C-BD33-B56A4182B9FA}" = System Requirements Lab CYRI
    "{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Outil de téléchargement Windows Live
    "{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
    "{29E5EA97-5F74-4A57-B8B2-D4F169117183}" = Adobe Stock Photos CS3
    "{2A697B53-0DE3-42DA-B41D-C3F804B1C538}" = iTunes
    "{2A981294-F14C-4F0F-9627-D793270922F8}" = Bonjour
    "{2DC94AFD-A6E2-4AB4-9132-4A3F8E07B386}" = Apple Application Support
    "{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
    "{3248F0A8-6813-11D6-A77B-00B0D0160000}" = Java(TM) SE Runtime Environment 6
    "{350C940c-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
    "{445B183D-F4F1-45C8-B9DB-F11355CA657B}" = Windows Live Messenger
    "{46A5D1D1-8956-497C-92FB-59C44EFA6214}" = Safari
    "{54793AA1-5001-42F4-ABB6-C364617C6078}" = Adobe Linguistics CS3
    "{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
    "{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
    "{6ABE0BEE-D572-4FE8-B434-9E72A289431B}" = Adobe Fonts All
    "{6FE30813-AC60-40A3-BE53-F6713A1F3893}" = HP Wireless Assistant
    "{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}" = Adobe Asset Services CS3
    "{73B5D990-04EA-4751-B10F-5534770B91F2}" = Adobe Color EU Recommended Settings
    "{802771A9-A856-4A41-ACF7-1450E523C923}" = Adobe XMP Panels CS3
    "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
    "{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
    "{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3
    "{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}" = Adobe Type Support
    "{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3
    "{90AF040C-6000-11D3-8CFE-0150048383C9}" = Microsoft Office PowerPoint Viewer 2003
    "{926DEB4E-2B0A-4C5C-AE4A-BF6C06949702}" = Adobe Setup
    "{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
    "{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3
    "{a0fe116e-9a8a-466f-aee0-625cb7c207e3}" = Microsoft Visual C++ 2005 Redistributable - KB2467175
    "{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
    "{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}" = Adobe CMaps
    "{A2D81E70-2A98-4A08-A628-94388B063C5E}" = Adobe Color - Photoshop Specific
    "{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
    "{A7DB362E-16DC-4E29-8A34-E74381E00B5B}" = Adobe Shockwave Player
    "{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}" = PDF Settings
    "{B3B487E7-6171-4376-9074-B28082CEB504}" = Windows Live Call
    "{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0
    "{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}" = Adobe Default Language CS3
    "{BF794769-8875-4E01-B7BE-E00104604F4A}" = Adobe Photoshop CS3
    "{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
    "{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}" = Adobe ExtendScript Toolkit 2
    "{CACAEB5F-174D-4C7C-AC56-A33289A807CA}" = Apple Mobile Device Support
    "{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
    "{CD97C166-020E-415A-98D2-2D89DD9D68F0}" = Mise à jour de logiciel pour les Dossiers Web
    "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
    "{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client
    "{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}" = Adobe PDF Library Files
    "{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}" = Adobe Color Common Settings
    "{DCE8CD14-FBF5-4464-B9A4-E18E473546C7}" = Assistant de connexion Windows Live
    "{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}" = Adobe Color JA Extra Settings
    "{E69AE897-9E0B-485C-8552-7841F48D42D8}" = Adobe Update Manager CS3
    "{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
    "{F196AC50-7C95-42E1-9947-BDAB18BF3C8C}" = Microsoft .NET Framework 2.0 Language Pack - FRA
    "{FF29A7E2-FF40-4D07-B7E4-2093DE59E10A}" = Adobe Color NA Extra Settings
    "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
    "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
    "Adobe_32e9033392a51340b32fdc6ad893ab7" = Adobe Photoshop CS3
    "ASIO4ALL" = ASIO4ALL
    "AsUninst.exe" = Anvil Studio
    "Audacity_is1" = Audacity 1.2.6
    "avast!" = avast! Antivirus
    "Broadcom 802.11b Network Adapter" = Broadcom 802.11 Wireless LAN Adapter
    "CNXT_HDAUDIO" = Conexant HD Audio
    "CNXT_MODEM_PCI_VEN_14F1&DEV_5045_at8ven5m" = Soft Data Fax Modem with SmartCP
    "Drumaxx" = Drumaxx
    "FL Studio 9" = FL Studio 9
    "Guitar Pro 5_is1" = Guitar Pro 5.0
    "Hardcore" = Hardcore
    "HDMI" = Intel(R) Graphics Media Accelerator Driver
    "ie8" = Windows Internet Explorer 8
    "IL Download Manager" = IL Download Manager
    "Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
    "Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
    "Microsoft .NET Framework 2.0 Language Pack - FRA" = Module de prise en charge linguistique de Microsoft .NET Framework 2.0 - FRA
    "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
    "Mozilla Firefox 4.0.1 (x86 fr)" = Mozilla Firefox 4.0.1 (x86 fr)
    "OpenAL" = OpenAL
    "Pen Tablet Driver" = Pen Tablet
    "PoiZone" = PoiZone
    "PowerShell" = Windows PowerShell(TM) 1.0
    "PROSet" = Intel(R) PRO Network Connections Drivers
    "Sakura" = Sakura
    "Sawer" = Sawer
    "Toxic Biohazard" = Toxic Biohazard
    "VLC media player" = VLC media player 1.0.3
    "WIC" = Windows Imaging Component
    "Windows XP Service" = Windows XP Service Pack 3
    "WinLiveSuite_Wave3" = Installation Windows Live
    "WinPcapInst" = WinPcap 4.1.1
    "WinRAR archiver" = Logiciel d'archivage WinRAR
    "WMV9_VCM" = Microsoft Windows Media Video 9 VCM
    "Wondershare Streaming Audio Recorder_is1" = Wondershare Streaming Audio Recorder(Build 1.0.6.0)
    "ZOOM G Series Audio Driver" = ZOOM G Series Audio Driver

    ========== HKEY_USERS Uninstall List ==========

    [HKEY_USERS\S-1-5-21-1409082233-1303643608-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "Facebook Plug-In" = Facebook Plug-In

    ========== Last 10 Event Log Errors ==========

    Error: Unable to start EventLog service!

    < End of report >
    24 Juin 2011 08:04:30

    Le rapport OTL :





    OTL logfile created on: 24/06/2011 07:41:21 - Run 1
    OTL by OldTimer - Version 3.2.24.1 Folder = E:\
    Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
    Internet Explorer (Version = 8.0.6001.18702)
    Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

    1,99 Gb Total Physical Memory | 1,76 Gb Available Physical Memory | 88,25% Memory free
    3,84 Gb Paging File | 3,78 Gb Available in Paging File | 98,51% Paging File free
    Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
    Drive C: | 102,60 Gb Total Space | 35,14 Gb Free Space | 34,25% Space Free | Partition Type: NTFS
    Drive E: | 976,59 Mb Total Space | 454,72 Mb Free Space | 46,56% Space Free | Partition Type: FAT

    Computer Name: PC-PORTABLE | User Name: Jimmy | Logged in as Administrator.
    Boot Mode: SafeMode | Scan Mode: All users
    Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

    ========== Processes (SafeList) ==========

    PRC - [2011/06/22 01:35:54 | 000,579,072 | ---- | M] (OldTimer Tools) -- E:\OTL.exe
    PRC - [2008/04/14 04:34:03 | 001,037,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe


    ========== Modules (SafeList) ==========

    MOD - [2011/06/22 01:35:54 | 000,579,072 | ---- | M] (OldTimer Tools) -- E:\OTL.exe
    MOD - [2010/08/23 18:12:39 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll


    ========== Win32 Services (SafeList) ==========


    ========== Driver Services (SafeList) ==========


    ========== Standard Registry (SafeList) ==========


    ========== Internet Explorer ==========

    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.fr/ie


    IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

    IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

    IE - HKU\S-1-5-21-1409082233-1303643608-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.fr
    IE - HKU\S-1-5-21-1409082233-1303643608-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
    IE - HKU\S-1-5-21-1409082233-1303643608-725345543-1003\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - File not found
    IE - HKU\S-1-5-21-1409082233-1303643608-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
    IE - HKU\S-1-5-21-1409082233-1303643608-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

    ========== FireFox ==========

    FF - prefs.js..browser.search.defaultengine: "Ask.com"
    FF - prefs.js..browser.search.defaultenginename: "Ask.com"
    FF - prefs.js..browser.search.order.1: "Ask.com"
    FF - prefs.js..browser.search.selectedEngine: "Ask.com"
    FF - prefs.js..browser.search.useDBForOrder: true
    FF - prefs.js..browser.startup.homepage: "http://www.google.fr/"
    FF - prefs.js..extensions.enabledItems: cacaoweb@cacaoweb.org:1.0.11
    FF - prefs.js..keyword.URL: "http://www.google.com/search?ie=UTF-8&oe=UTF-8&sourceid..."

    FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/05/06 22:12:06 | 000,000,000 | ---D | M]
    FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/06/02 21:39:12 | 000,000,000 | ---D | M]

    [2010/01/25 22:36:09 | 000,000,000 | -H-D | M] (No name found) -- C:\Documents and Settings\Jimmy\Application Data\Mozilla\Extensions
    [2010/01/25 22:36:09 | 000,000,000 | -H-D | M] (No name found) -- C:\Documents and Settings\Jimmy\Application Data\Mozilla\Extensions\mozswing@mozswing.org
    [2011/05/06 22:12:13 | 000,000,000 | -H-D | M] (No name found) -- C:\Documents and Settings\Jimmy\Application Data\Mozilla\Firefox\Profiles\cayvyl3n.default\extensions
    [2010/04/27 16:07:07 | 000,000,000 | -H-D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Jimmy\Application Data\Mozilla\Firefox\Profiles\cayvyl3n.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
    [2011/03/03 15:34:42 | 000,000,000 | -H-D | M] (cacaoweb) -- C:\Documents and Settings\Jimmy\Application Data\Mozilla\Firefox\Profiles\cayvyl3n.default\extensions\cacaoweb@cacaoweb.org
    [2010/06/20 03:26:44 | 000,001,589 | -H-- | M] () -- C:\Documents and Settings\Jimmy\Application Data\Mozilla\Firefox\Profiles\cayvyl3n.default\searchplugins\web-search.xml
    [2011/06/02 22:03:03 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
    File not found (No name found) --
    [2011/05/06 22:11:59 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\browsercomps.dll
    [2011/06/02 21:38:57 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
    [2011/05/06 22:12:02 | 000,001,516 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazon-france.xml
    [2011/05/06 22:12:02 | 000,002,252 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\bing.xml
    [2011/05/06 22:12:02 | 000,001,822 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\cnrtl-tlfi-fr.xml
    [2011/05/06 22:12:02 | 000,001,154 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay-france.xml
    [2011/05/06 22:12:02 | 000,001,426 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-fr.xml
    [2011/05/06 22:12:02 | 000,000,956 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo-france.xml

    O1 HOSTS File: ([2011/06/11 18:49:34 | 000,000,000 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
    O2 - BHO: (Programme d'aide de l'Assistant de connexion Windows Live) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
    O2 - BHO: (VDownloader Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - File not found
    O3 - HKLM\..\Toolbar: (VDownloader Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - File not found
    O3 - HKU\S-1-5-21-1409082233-1303643608-725345543-1003\..\Toolbar\ShellBrowser: (no name) - {4ADFE869-0C09-4F41-AD79-A8F1CFA201E8} - No CLSID value found.
    O3 - HKU\S-1-5-21-1409082233-1303643608-725345543-1003\..\Toolbar\WebBrowser: (VDownloader Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - File not found
    O4 - HKLM..\Run: [avast!] C:\Program Files\Alwil Software\Avast4\ashDisp.exe (ALWIL Software)
    O4 - HKLM..\Run: [High Definition Audio Property Page Shortcut] C:\WINDOWS\System32\CHDAudPropShortcut.exe (Windows (R) Server 2003 DDK provider)
    O4 - HKLM..\Run: [SpyHunter Security Suite] File not found
    O4 - HKU\.DEFAULT..\Run: [JtSWvJfiQpeA] C:\Documents and Settings\All Users\Application Data\JtSWvJfiQpeA.exe (Sysinternals)
    O4 - HKU\S-1-5-18..\Run: [JtSWvJfiQpeA] C:\Documents and Settings\All Users\Application Data\JtSWvJfiQpeA.exe (Sysinternals)
    O4 - HKU\S-1-5-21-1409082233-1303643608-725345543-1003..\Run: [cacaoweb] C:\Program Files\cacaoweb\cacaoweb.exe ()
    O4 - Startup: C:\Documents and Settings\Jimmy\Menu Démarrer\Programmes\Démarrage\IcoSauve.lnk = C:\WINDOWS\system32\IcoSauve.exe (Pierre TORRIS)
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRemoteRecursiveEvents = 1
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSimpleStartMenu = 0
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SynchronousMachineGroupPolicy = 0
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SynchronousUserGroupPolicy = 0
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 1
    O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Recovery present
    O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
    O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktop = 1
    O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 1
    O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Recovery present
    O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
    O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktop = 1
    O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 1
    O7 - HKU\S-1-5-21-1409082233-1303643608-725345543-1003\Software\Policies\Microsoft\Internet Explorer\Recovery present
    O7 - HKU\S-1-5-21-1409082233-1303643608-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
    O7 - HKU\S-1-5-21-1409082233-1303643608-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoStrCmpLogical = 0
    O7 - HKU\S-1-5-21-1409082233-1303643608-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSaveSettings = 0
    O7 - HKU\S-1-5-21-1409082233-1303643608-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoTrayItemsDisplay = 0
    O7 - HKU\S-1-5-21-1409082233-1303643608-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoToolbarsOnTaskbar = 0
    O7 - HKU\S-1-5-21-1409082233-1303643608-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LockTaskbar = 0
    O7 - HKU\S-1-5-21-1409082233-1303643608-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 0
    O7 - HKU\S-1-5-21-1409082233-1303643608-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 0
    O7 - HKU\S-1-5-21-1409082233-1303643608-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoNetworkConnections = 0
    O7 - HKU\S-1-5-21-1409082233-1303643608-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 0
    O7 - HKU\S-1-5-21-1409082233-1303643608-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFind = 0
    O7 - HKU\S-1-5-21-1409082233-1303643608-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMMyPictures = 0
    O7 - HKU\S-1-5-21-1409082233-1303643608-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoUserNameInStartMenu = 0
    O7 - HKU\S-1-5-21-1409082233-1303643608-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoStartMenuMorePrograms = 0
    O7 - HKU\S-1-5-21-1409082233-1303643608-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: MaxRecentDocs = 15
    O7 - HKU\S-1-5-21-1409082233-1303643608-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 1
    O7 - HKU\S-1-5-21-1409082233-1303643608-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: MemCheckBoxInRunDlg = 1
    O7 - HKU\S-1-5-21-1409082233-1303643608-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMBalloonTip = 0
    O7 - HKU\S-1-5-21-1409082233-1303643608-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: DisallowCpl = 1
    O9 - Extra 'Tools' menuitem : Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\npjpi160.dll (Sun Microsystems, Inc.)
    O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
    O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} http://messenger.zone.msn.com/MessengerGamesContent/Gam... (UnoCtrl Class)
    O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0-windows... (Java Plug-in 1.6.0)
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zone.msn.com/binary/MessengerStatsPACl... (MessengerStatsClient Class)
    O16 - DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0-windows... (Java Plug-in 1.6.0)
    O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0-windows... (Java Plug-in 1.6.0)
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/fl... (Shockwave Flash Object)
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 212.27.40.240 212.27.40.241
    O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
    O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
    O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
    O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
    O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
    O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
    O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
    O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
    O20 - Winlogon\Notify\WgaLogon: DllName - WgaLogon.dll - File not found
    O24 - Desktop Components:0 (Ma page d'accueil) - About:Home
    O24 - Desktop WallPaper: C:\Documents and Settings\Jimmy\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
    O24 - Desktop BackupWallPaper: C:\Documents and Settings\Jimmy\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
    O32 - HKLM CDRom: AutoRun - 1
    O32 - AutoRun File - [2011/06/11 18:49:34 | 000,000,000 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
    O33 - MountPoints2\{070f9dfa-ed83-11de-bbd2-b0ee25d73315}\Shell\AutoRun\command - "" = E:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\isee.exe
    O33 - MountPoints2\{070f9dfa-ed83-11de-bbd2-b0ee25d73315}\Shell\open\command - "" = E:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\isee.exe
    O33 - MountPoints2\{0a82784a-31f4-11e0-bd81-0018de0ab3f9}\Shell - "" = AutoRun
    O33 - MountPoints2\{0a82784a-31f4-11e0-bd81-0018de0ab3f9}\Shell\AutoRun\command - "" = E:\Vodaphone_uninstaller.exe
    O33 - MountPoints2\{e78ecccc-1cd3-11e0-bd56-0018de0ab3f9}\Shell - "" = AutoRun
    O33 - MountPoints2\{e78ecccc-1cd3-11e0-bd56-0018de0ab3f9}\Shell\AutoRun\command - "" = E:\Vodaphone_uninstaller.exe
    O34 - HKLM BootExecute: (autocheck autochk *) - File not found
    O35 - HKLM\..comfile [open] -- "%1" %*
    O35 - HKLM\..exefile [open] -- "%1" %*
    O35 - HKU\S-1-5-21-1409082233-1303643608-725345543-1003..exefile [open] -- "%1" %*
    O37 - HKLM\...com [@ = comfile] -- "%1" %*
    O37 - HKLM\...exe [@ = exefile] -- "%1" %*
    O37 - HKU\.DEFAULT\...exe [@ = exefile] -- "C:\Documents and Settings\NetworkService\Local Settings\Application Data\lfm.exe" -a "%1" %*
    O37 - HKU\S-1-5-18\...exe [@ = exefile] -- "C:\Documents and Settings\NetworkService\Local Settings\Application Data\lfm.exe" -a "%1" %*
    O37 - HKU\S-1-5-21-1409082233-1303643608-725345543-1003\...exe [@ = exefile] -- "%1" %*

    NetSvcs: 6to4 - File not found
    NetSvcs: Ias - File not found
    NetSvcs: Iprip - File not found
    NetSvcs: Irmon - File not found
    NetSvcs: NWCWorkstation - File not found
    NetSvcs: Nwsapagent - File not found
    NetSvcs: WmdmPmSp - File not found


    Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
    Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
    Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
    Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
    Drivers32: msacm.vorbis - C:\WINDOWS\System32\vorbis.acm (HMS http://hp.vector.co.jp/authors/VA012897/)
    Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
    Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
    Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
    Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
    Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
    Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
    Drivers32: VIDC.WMV3 - C:\WINDOWS\System32\wmv9vcm.dll (Microsoft Corporation)

    ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
    ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Rendu VML (Vector Graphics Rendering)
    ActiveX: {166B1BCA-3F9C-11CF-8075-444553540000} - Adobe Shockwave Director 10.1
    ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow
    ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 6.4
    ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation
    ActiveX: {2A202491-F00D-11cf-87CC-0020AFEECF20} - Adobe Shockwave Director 10.1
    ActiveX: {2A3320D6-C805-4280-B423-B665BDE33D8F} - Microsoft .NET Framework 1.1 Security Update (KB979906)
    ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
    ActiveX: {2F6EFCE6-10DF-49F9-9E64-9AE3775B2588} - Microsoft .NET Framework 1.1 Security Update (KB2416447)
    ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Liaison de données Dynamic HTML pour Java
    ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
    ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe
    ActiveX: {411EDCF7-755D-414E-A74B-3DCD6583F589} - Microsoft .NET Framework 1.1 Service Pack 1 (KB867460)
    ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Création avancée
    ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:o E /CALLER:WINNT /user /install
    ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
    ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow
    ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
    ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
    ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - Classes Java DirectAnimation
    ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.8
    ActiveX: {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser
    ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW
    ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
    ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
    ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
    ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
    ActiveX: {7131646D-CD3C-40F4-97B9-CD9E4E6262EF} - .NET Framework
    ActiveX: {73fa19d0-2d75-11d2-995d-00c04f98bbc9} - Web Folders
    ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install
    ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
    ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\WINDOWS\system32\ie4uinit.exe -BaseSettings
    ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - c:\WINDOWS\system32\Rundll32.exe c:\WINDOWS\system32\mscories.dll,Install
    ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
    ActiveX: {9A394342-4A68-4EBA-85A6-55B559F4E700} - .NET Framework
    ActiveX: {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} - .NET Framework
    ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
    ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework
    ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Planificateur de tâches
    ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.0
    ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Adobe Flash Player
    ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
    ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
    ActiveX: {F196AC50-7C95-42E1-9947-BDAB18BF3C8C} - .NET Framework
    ActiveX: <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\WINDOWS\system32\ieudinit.exe
    ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP
    ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\WINDOWS\system32\ie4uinit.exe -UserIconConfig
    ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
    ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
    ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE
    ActiveX: Microsoft Base Smart Card Crypto Provider Package -


    ========== Files/Folders - Created Within 30 Days ==========

    [2011/06/17 19:08:08 | 000,000,000 | ---D | C] -- C:\Windows XP Repair
    [2011/06/17 19:07:57 | 000,374,784 | ---- | C] (Sysinternals) -- C:\Documents and Settings\All Users\Application Data\24698660.exe
    [2011/06/17 18:58:50 | 000,462,848 | -H-- | C] (Sysinternals) -- C:\Documents and Settings\All Users\Application Data\JtSWvJfiQpeA.exe
    [2011/06/11 20:29:39 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Jimmy\Application Data\Malwarebytes
    [2011/06/11 20:29:22 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Malwarebytes' Anti-Malware
    [2011/06/11 20:29:19 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
    [2011/06/11 20:29:18 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
    [2011/06/11 20:29:17 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
    [2011/06/11 20:10:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Identities
    [2011/06/11 19:14:39 | 000,000,000 | -HSD | C] -- C:\Config.Msi
    [2011/06/11 18:49:12 | 000,000,000 | ---D | C] -- C:\Program Files\Enigma Software Group
    [2011/06/11 18:48:52 | 000,000,000 | ---D | C] -- C:\Program Files\Fichiers communs\Wise Installation Wizard
    [2011/06/10 17:59:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Sun
    [2011/06/09 16:41:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Macromedia
    [2011/06/05 01:53:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Adobe
    [2011/06/04 19:29:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Macromedia
    [2011/06/04 19:29:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Adobe
    [2011/06/02 21:40:11 | 000,000,000 | ---D | C] -- C:\Program Files\SystemRequirementsLab
    [2011/06/02 21:40:06 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Jimmy\Application Data\SystemRequirementsLab
    [2011/06/02 21:39:31 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Application Data\Sun
    [2011/06/02 21:39:12 | 000,472,808 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deployJava1.dll
    [2011/06/02 21:39:12 | 000,139,264 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
    [2011/06/02 21:39:12 | 000,135,168 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
    [2011/06/02 21:39:12 | 000,135,168 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
    [2011/05/27 14:43:24 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Jimmy\Application Data\GetRightToGo
    [2011/05/27 13:22:18 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Jimmy\Local Settings\Application Data\DOSBox
    [3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
    [2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
    [176 C:\WINDOWS\System32\dllcache\*.tmp files -> C:\WINDOWS\System32\dllcache\*.tmp -> ]

    ========== Files - Modified Within 30 Days ==========

    [2011/06/24 07:19:16 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
    [2011/06/24 07:16:07 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
    [2011/06/21 22:06:17 | 000,048,640 | -H-- | M] () -- C:\Documents and Settings\Jimmy\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    [2011/06/17 19:08:09 | 000,000,703 | ---- | M] () -- C:\Windows XP Repair.lnk
    [2011/06/17 19:08:09 | 000,000,176 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\~24698660
    [2011/06/17 19:08:09 | 000,000,152 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\~24698660r
    [2011/06/17 19:08:05 | 000,000,344 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\24698660
    [2011/06/17 19:07:57 | 000,374,784 | ---- | M] (Sysinternals) -- C:\Documents and Settings\All Users\Application Data\24698660.exe
    [2011/06/17 18:58:49 | 000,462,848 | -H-- | M] (Sysinternals) -- C:\Documents and Settings\All Users\Application Data\JtSWvJfiQpeA.exe
    [2011/06/17 08:03:59 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
    [2011/06/13 16:19:47 | 000,404,640 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
    [2011/06/11 20:35:25 | 000,018,100 | -HS- | M] () -- C:\Documents and Settings\Jimmy\Local Settings\Application Data\e1i8cp645hqv0g03h401
    [2011/06/11 20:35:25 | 000,018,100 | -HS- | M] () -- C:\Documents and Settings\All Users\Application Data\e1i8cp645hqv0g03h401
    [2011/06/11 18:49:34 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
    [2011/06/11 18:49:34 | 000,000,000 | ---- | M] () -- C:\autoexec.bat
    [2011/06/11 18:29:54 | 000,002,160 | -HS- | M] () -- C:\Documents and Settings\Jimmy\Local Settings\Application Data\3842150890
    [2011/06/11 18:29:54 | 000,002,160 | -HS- | M] () -- C:\Documents and Settings\All Users\Application Data\1874102850
    [2011/06/11 18:29:48 | 000,002,124 | -HS- | M] () -- C:\Documents and Settings\All Users\Application Data\3842150890
    [2011/06/04 19:12:58 | 000,000,000 | -H-- | M] () -- C:\Documents and Settings\Jimmy\Application Data\chrtmp
    [2011/06/02 21:38:54 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deployJava1.dll
    [3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
    [2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
    [176 C:\WINDOWS\System32\dllcache\*.tmp files -> C:\WINDOWS\System32\dllcache\*.tmp -> ]

    ========== Files Created - No Company Name ==========

    [2011/06/17 19:08:09 | 000,000,703 | ---- | C] () -- C:\Windows XP Repair.lnk
    [2011/06/17 19:08:09 | 000,000,176 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\~24698660
    [2011/06/17 19:08:09 | 000,000,152 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\~24698660r
    [2011/06/17 19:08:05 | 000,000,344 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\24698660
    [2011/06/11 18:49:34 | 000,000,000 | ---- | C] () -- C:\autoexec.bat
    [2011/06/11 18:29:28 | 000,002,160 | -HS- | C] () -- C:\Documents and Settings\Jimmy\Local Settings\Application Data\3842150890
    [2011/06/11 18:29:28 | 000,002,160 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\1874102850
    [2011/06/11 18:29:27 | 000,018,100 | -HS- | C] () -- C:\Documents and Settings\Jimmy\Local Settings\Application Data\e1i8cp645hqv0g03h401
    [2011/06/11 18:29:27 | 000,002,124 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\3842150890
    [2011/06/11 18:27:54 | 000,018,100 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\e1i8cp645hqv0g03h401
    [2011/06/11 18:27:54 | 000,002,116 | -HS- | C] () -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\e1i8cp645hqv0g03h401
    [2011/06/05 00:59:59 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
    [2011/06/04 19:12:58 | 000,000,000 | -H-- | C] () -- C:\Documents and Settings\Jimmy\Application Data\chrtmp
    [2011/03/03 06:11:56 | 000,002,272 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
    [2010/05/24 00:00:12 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
    [2010/02/26 04:07:23 | 000,005,382 | ---- | C] () -- C:\WINDOWS\wininit.ini
    [2010/01/27 04:09:02 | 000,053,299 | ---- | C] () -- C:\WINDOWS\System32\pthreadVC.dll
    [2010/01/18 22:53:10 | 000,048,640 | -H-- | C] () -- C:\Documents and Settings\Jimmy\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    [2010/01/08 02:29:29 | 000,011,956 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
    [2010/01/04 22:05:24 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
    [2009/12/20 18:26:12 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\igfxCoIn_v4670.dll
    [2009/12/20 18:17:11 | 000,004,205 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
    [2009/12/20 18:15:08 | 001,408,744 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
    [2009/12/20 18:04:07 | 000,000,128 | -H-- | C] () -- C:\Documents and Settings\Jimmy\Local Settings\Application Data\fusioncache.dat
    [2009/12/20 17:58:52 | 002,111,096 | ---- | C] () -- C:\WINDOWS\System32\NPSWF32.dll
    [2009/12/20 17:46:45 | 000,591,552 | ---- | C] () -- C:\WINDOWS\System32\Ntest.exe
    [2009/12/20 17:46:45 | 000,069,120 | ---- | C] () -- C:\WINDOWS\System32\TransBar.exe
    [2009/12/20 17:46:45 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\SMPSeesaw.exe
    [2009/12/20 17:46:45 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\SendToRemove.exe
    [2009/12/20 17:46:45 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\SendToAdd.exe
    [2009/12/20 17:46:45 | 000,032,610 | ---- | C] () -- C:\WINDOWS\System32\Refresh.exe
    [2009/12/20 17:46:44 | 000,742,912 | ---- | C] () -- C:\WINDOWS\System32\deadlink.exe
    [2009/12/20 17:46:44 | 000,079,872 | ---- | C] () -- C:\WINDOWS\System32\Enregistrer sous Editeur.exe
    [2009/12/20 17:46:44 | 000,005,120 | ---- | C] () -- C:\WINDOWS\System32\Enregistrer sous Test.exe
    [2009/12/20 17:46:43 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\Aide.exe
    [2009/12/20 17:46:18 | 000,002,844 | ---- | C] () -- C:\WINDOWS\System32\faview_lng.ini
    [2009/12/20 17:46:18 | 000,002,588 | ---- | C] () -- C:\WINDOWS\System32\shman_lng.ini
    [2009/12/20 17:46:18 | 000,002,323 | ---- | C] () -- C:\WINDOWS\System32\Starter.ini
    [2009/12/20 17:46:18 | 000,001,725 | ---- | C] () -- C:\WINDOWS\System32\WinAudit.ini
    [2009/12/20 17:46:18 | 000,001,239 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
    [2009/12/20 17:46:18 | 000,000,047 | ---- | C] () -- C:\WINDOWS\System32\TransBar.ini
    [2009/12/20 17:31:19 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
    [2009/12/20 17:23:40 | 000,021,892 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
    [2008/08/11 11:02:00 | 000,047,616 | ---- | C] () -- C:\WINDOWS\System32\zmghpaso.dll
    [2008/08/11 11:01:58 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\zmghpaudcp.exe
    [2006/07/23 20:13:33 | 000,031,232 | ---- | C] () -- C:\WINDOWS\System32\cmdow.exe
    [2006/07/05 23:52:10 | 000,476,672 | ---- | C] () -- C:\WINDOWS\System32\7za442.exe
    [2005/09/02 02:53:02 | 000,126,976 | ---- | C] () -- C:\WINDOWS\System32\sleep.exe
    [2004/08/19 19:23:25 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
    [2004/08/02 17:20:39 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
    [2002/09/06 22:59:59 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
    [2002/09/06 22:59:59 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
    [2002/09/06 22:59:59 | 000,510,546 | ---- | C] () -- C:\WINDOWS\System32\perfh00C.dat
    [2002/09/06 22:59:59 | 000,441,036 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
    [2002/09/06 22:59:59 | 000,322,810 | ---- | C] () -- C:\WINDOWS\System32\perfi00C.dat
    [2002/09/06 22:59:59 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
    [2002/09/06 22:59:59 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
    [2002/09/06 22:59:59 | 000,085,412 | ---- | C] () -- C:\WINDOWS\System32\perfc00C.dat
    [2002/09/06 22:59:59 | 000,071,354 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
    [2002/09/06 22:59:59 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
    [2002/09/06 22:59:59 | 000,034,108 | ---- | C] () -- C:\WINDOWS\System32\perfd00C.dat
    [2002/09/06 22:59:59 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
    [2002/09/06 22:59:59 | 000,004,463 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
    [2002/09/06 22:59:59 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
    [2002/06/06 03:01:58 | 000,029,696 | ---- | C] () -- C:\WINDOWS\System32\asutl8.dll

    ========== Custom Scans ==========


    < %SYSTEMDRIVE%\*.exe >

    < %ALLUSERSPROFILE%\Application Data\*. >
    [2011/06/11 20:52:40 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Adobe
    [2011/01/03 03:20:01 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Alwil Software
    [2010/01/04 22:45:00 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Apple
    [2010/01/04 22:43:53 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Apple Computer
    [2010/02/21 01:40:45 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Lite
    [2010/02/21 18:01:02 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\DFX
    [2010/03/09 01:27:25 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\EarMaster
    [2010/03/24 04:21:47 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\FLEXnet
    [2011/02/24 02:58:13 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Guitar Pro 6
    [2011/06/11 20:29:18 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
    [2010/01/05 15:07:31 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\McAfee
    [2010/01/05 15:06:38 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\McAfee Security Scan
    [2010/03/09 16:13:33 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Microsoft
    [2010/01/06 15:24:34 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\NOS
    [2010/02/26 00:23:34 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Psicraft
    [2010/01/05 15:50:19 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Soulseek
    [2010/03/18 03:10:57 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Steinberg
    [2011/06/02 21:39:31 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Sun
    [2010/01/06 20:45:45 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
    [2011/04/13 18:45:18 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
    [2010/01/04 22:44:18 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}

    < %ALLUSERSPROFILE%\Application Data\*.exe /s >
    [2011/06/17 19:07:57 | 000,374,784 | ---- | M] (Sysinternals) -- C:\Documents and Settings\All Users\Application Data\24698660.exe
    [2011/06/17 18:58:49 | 000,462,848 | -H-- | M] (Sysinternals) -- C:\Documents and Settings\All Users\Application Data\JtSWvJfiQpeA.exe
    [2009/02/04 13:56:14 | 000,075,112 | -H-- | M] (GEAR Software, Inc.) -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}\x86\DifXInstall32.exe
    [2011/04/13 18:34:40 | 000,073,000 | -H-- | M] (Apple Inc.) -- C:\Documents and Settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 10.2.1.1\SetupAdmin.exe
    [2010/03/02 04:48:41 | 000,079,144 | -H-- | M] (Apple Inc.) -- C:\Documents and Settings\All Users\Application Data\Apple Computer\Installer Cache\Safari 5.31.21.10\SetupAdmin.exe
    [2010/01/05 15:06:34 | 001,924,200 | -H-- | M] (Adobe Systems Incorporated) -- C:\Documents and Settings\All Users\Application Data\NOS\Adobe_Downloads\install_flash_player.exe

    < %APPDATA%\*. >
    [2010/02/26 04:14:34 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Jimmy\Application Data\ACAMPREF
    [2010/10/05 23:58:13 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Jimmy\Application Data\Adobe
    [2009/12/20 18:04:12 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Jimmy\Application Data\aignes
    [2011/01/24 12:07:26 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Jimmy\Application Data\Anvil Studio
    [2010/03/02 05:07:59 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Jimmy\Application Data\Apple Computer
    [2011/06/17 18:15:12 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Jimmy\Application Data\cacaoweb
    [2010/02/21 01:48:04 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Jimmy\Application Data\DAEMON Tools Lite
    [2011/04/13 02:45:57 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Jimmy\Application Data\Daichi
    [2010/02/24 00:13:08 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Jimmy\Application Data\DMCache
    [2011/06/16 20:43:23 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Jimmy\Application Data\dvdcss
    [2010/05/10 16:24:01 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Jimmy\Application Data\EPSON
    [2010/03/25 03:04:43 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Jimmy\Application Data\Facebook
    [2011/05/27 14:46:21 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Jimmy\Application Data\GetRightToGo
    [2010/05/10 17:49:48 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Jimmy\Application Data\Google
    [2009/12/20 18:04:11 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Jimmy\Application Data\gtopala
    [2011/04/01 01:56:54 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Jimmy\Application Data\Guitar Pro 6
    [2009/12/20 18:04:01 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Jimmy\Application Data\Identities
    [2009/12/20 18:45:14 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Jimmy\Application Data\InstallShield
    [2009/12/20 17:58:54 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Jimmy\Application Data\Macromedia
    [2011/06/11 20:29:39 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Jimmy\Application Data\Malwarebytes
    [2011/06/11 19:14:47 | 000,000,000 | --SD | M] -- C:\Documents and Settings\Jimmy\Application Data\Microsoft
    [2010/01/04 22:05:32 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Jimmy\Application Data\Mozilla
    [2011/01/20 18:05:47 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Jimmy\Application Data\NevoSoft Games
    [2010/10/14 22:25:19 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Jimmy\Application Data\OfferBox
    [2011/01/10 18:09:54 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Jimmy\Application Data\SFR
    [2010/05/24 14:10:35 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Jimmy\Application Data\Skype
    [2010/05/24 12:42:02 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Jimmy\Application Data\skypePM
    [2011/04/19 01:05:15 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Jimmy\Application Data\SoundSpectrum
    [2010/03/18 03:10:57 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Jimmy\Application Data\Steinberg
    [2009/12/20 17:58:57 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Jimmy\Application Data\Sun
    [2011/04/13 03:28:45 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Jimmy\Application Data\SynthMaker
    [2011/06/02 21:42:15 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Jimmy\Application Data\SystemRequirementsLab
    [2010/06/02 22:57:56 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Jimmy\Application Data\U3
    [2011/06/21 22:07:11 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Jimmy\Application Data\vlc
    [2010/09/12 22:27:33 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Jimmy\Application Data\widestream
    [2010/01/04 22:02:08 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Jimmy\Application Data\WinRAR
    [2011/06/17 17:51:09 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Jimmy\Application Data\WTablet

    < %APPDATA%\*.exe /s >
    [2011/01/03 03:32:07 | 000,050,354 | -H-- | M] (Facebook, Inc.) -- C:\Documents and Settings\Jimmy\Application Data\Facebook\uninstall.exe
    [2008/08/26 17:49:54 | 000,110,592 | -H-- | M] (U3 LLC) -- C:\Documents and Settings\Jimmy\Application Data\U3\temp\cleanup.exe
    [2008/08/26 17:37:56 | 003,493,888 | -H-- | M] (SanDisk Corporation) -- C:\Documents and Settings\Jimmy\Application Data\U3\temp\Launchpad Removal.exe

    < %systemroot%\*. /mp /s >

    < %systemroot%\system32\*.dll /lockedfiles >
    [2 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

    < %systemroot%\Tasks\*.job /lockedfiles >

    < %systemroot%\system32\drivers\*.sys /lockedfiles >

    < End of report >
    a c 614 8 Sécurité
    24 Juin 2011 09:20:27

    Re,

    Ouais ben apparemment tu n'avais pas assez bien nettoyé avec Mlawarebyte's, y'a de gros reste de rogue (faux utilitaire de sécurtité/optimisation) ;) 


    Reste en mode sans échec, cela neutralisera le rogue pour le moment, suis la manipulation suivante en téléchargeant le logiciel sur une clé et en le transférant sur le pc qui a la souci.
    Un fois la manipulation effectuée, tu peux tenter de redémarrer en mode normal et me transmettre le rapport :

    Télécharge RogueKiller (de Tigzy) et transfère-le sur le pc en cause avec une clé usb
  • Ferme toutes tes fenêtres, puis double clique sur RogueKiller.exe pour le lancer.
    (Utilisateur de Vista/Windows 7 faites un clic droit -> "Exécuter en tant qu'administrateur")

  • Une fois l'initialisation terminée, choisis l'option 2 et valide.
  • Laisse l'outil travailler.
  • Un rapport s'ouvrira, copie-colle son contenu dans ta prochaine réponse

    (S'il ne s'ouvre pas, il est enregistré sur le bureau : RKreport.txt)
    24 Juin 2011 10:08:54

    Sa change quelque chose si je le lance depuis la clé usb ?
    Parce que je ne peu rien coller ou déplacer sur mon pc .
    a c 614 8 Sécurité
    24 Juin 2011 10:15:19

    Re,

    Jamais testé, essaie toujours.

    (comment as-tu réussis à me fournir le rapport si tu ne peux copier-coller ? Normalement si ce sont les modifications du registre qui t'empêchaient d'utiliser ses fonctions, elle seront revenu après la manipulation. ;)  )
    24 Juin 2011 10:24:04

    Sur mon pc je peu juste copier et coller uniquement dans le bloc note.
    24 Juin 2011 10:39:07

    Le rapport de RogueKiller :



    RogueKiller V5.2.5 [24/06/2011] par Tigzy
    contact sur http://www.sur-la-toile.com
    mail: tigzyRK<at>gmail<dot>com
    Remontees: http://www.sur-la-toile.com/discussion-193725-1-BRogueK...

    Systeme d'exploitation: Windows XP (5.1.2600 Service Pack 3) 32 bits version
    Demarrage : Mode sans echec
    Utilisateur: Jimmy [Droits d'admin]
    Mode: Suppression -- Date : 24/06/2011 10:13:44

    Processus malicieux: 0

    Entrees de registre: 0

    Fichier HOSTS:


    Termine : << RKreport[2].txt >>
    RKreport[1].txt ; RKreport[2].txt
    a c 614 8 Sécurité
    24 Juin 2011 11:07:11

    Re,

    Mouais ben apparemment ça fonctionne moyen sur clé usb.

    On va commencer à corriger avec OTL voir si tu peux reprendre la main ensuite :
    (tu peux le faire en mode sans échec)

    Relance OTL.exe

  • Ferme toutes tes fenêtres, puis double clique sur OTL.exe pour le lancer.
    (Utilisateur de Vista/Windows 7 faites un clic droit -> "Exécuter en tant qu'administrateur")

  • Copie/colle ce qui suit dans le cadre Personnalisation en bas à gauche.
    :OTL
    FF - prefs.js..browser.search.defaultengine: "Ask.com"
    FF - prefs.js..browser.search.defaultenginename: "Ask.com"
    FF - prefs.js..browser.search.order.1: "Ask.com"
    FF - prefs.js..browser.search.selectedEngine: "Ask.com"
    O2 - BHO: (VDownloader Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - File not found
    O3 - HKLM\..\Toolbar: (VDownloader Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - File not found
    O3 - HKU\S-1-5-21-1409082233-1303643608-725345543-1003\..\Toolbar\ShellBrowser: (no name) - {4ADFE869-0C09-4F41-AD79-A8F1CFA201E8} - No CLSID value found.
    O3 - HKU\S-1-5-21-1409082233-1303643608-725345543-1003\..\Toolbar\WebBrowser: (VDownloader Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - File not found
    O4 - HKLM..\Run: [SpyHunter Security Suite] File not found
    O4 - HKU\.DEFAULT..\Run: [JtSWvJfiQpeA] C:\Documents and Settings\All Users\Application Data\JtSWvJfiQpeA.exe (Sysinternals)
    O4 - HKU\S-1-5-18..\Run: [JtSWvJfiQpeA] C:\Documents and Settings\All Users\Application Data\JtSWvJfiQpeA.exe (Sysinternals)
    O4 - HKLM..\Run: [SpyHunter Security Suite] File not found
    O4 - HKU\.DEFAULT..\Run: [JtSWvJfiQpeA] C:\Documents and Settings\All Users\Application Data\JtSWvJfiQpeA.exe (Sysinternals)
    O4 - HKU\S-1-5-18..\Run: [JtSWvJfiQpeA] C:\Documents and Settings\All Users\Application Data\JtSWvJfiQpeA.exe (Sysinternals)
    O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktop = 1
    O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 1
    O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Recovery present
    O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktop = 1
    O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 1
    O7 - HKU\S-1-5-21-1409082233-1303643608-725345543-1003\Software\Policies\Microsoft\Internet Explorer\Recovery present
    O7 - HKU\S-1-5-21-1409082233-1303643608-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoStrCmpLogical = 0
    O7 - HKU\S-1-5-21-1409082233-1303643608-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSaveSettings = 0
    O7 - HKU\S-1-5-21-1409082233-1303643608-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoTrayItemsDisplay = 0
    O7 - HKU\S-1-5-21-1409082233-1303643608-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoToolbarsOnTaskbar = 0
    O7 - HKU\S-1-5-21-1409082233-1303643608-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LockTaskbar = 0
    O7 - HKU\S-1-5-21-1409082233-1303643608-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 0
    O7 - HKU\S-1-5-21-1409082233-1303643608-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 0
    O7 - HKU\S-1-5-21-1409082233-1303643608-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoNetworkConnections = 0
    O7 - HKU\S-1-5-21-1409082233-1303643608-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 0
    O7 - HKU\S-1-5-21-1409082233-1303643608-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFind = 0
    O33 - MountPoints2\{070f9dfa-ed83-11de-bbd2-b0ee25d73315}\Shell\AutoRun\command - "" = E:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\isee.exe
    O33 - MountPoints2\{070f9dfa-ed83-11de-bbd2-b0ee25d73315}\Shell\open\command - "" = E:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\isee.exe
    O37 - HKU\.DEFAULT\...exe [@ = exefile] -- "C:\Documents and Settings\NetworkService\Local Settings\Application Data\lfm.exe" -a "%1" %*
    O37 - HKU\S-1-5-18\...exe [@ = exefile] -- "C:\Documents and Settings\NetworkService\Local Settings\Application Data\lfm.exe" -a "%1" %*
    [2011/06/17 19:08:08 | 000,000,000 | ---D | C] -- C:\Windows XP Repair
    [2011/06/17 19:07:57 | 000,374,784 | ---- | C] (Sysinternals) -- C:\Documents and Settings\All Users\Application Data\24698660.exe
    [2011/06/17 18:58:50 | 000,462,848 | -H-- | C] (Sysinternals) -- C:\Documents and Settings\All Users\Application Data\JtSWvJfiQpeA.exe
    [3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
    [2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
    [176 C:\WINDOWS\System32\dllcache\*.tmp files -> C:\WINDOWS\System32\dllcache\*.tmp -> ]
    [2011/06/17 19:08:09 | 000,000,176 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\~24698660
    [2011/06/17 19:08:09 | 000,000,152 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\~24698660r
    [2011/06/17 19:08:05 | 000,000,344 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\24698660
    [2011/06/17 19:07:57 | 000,374,784 | ---- | M] (Sysinternals) -- C:\Documents and Settings\All Users\Application Data\24698660.exe
    [2011/06/17 18:58:49 | 000,462,848 | -H-- | M] (Sysinternals) -- C:\Documents and Settings\All Users\Application Data\JtSWvJfiQpeA.exe
    [2011/06/11 20:35:25 | 000,018,100 | -HS- | M] () -- C:\Documents and Settings\Jimmy\Local Settings\Application Data\e1i8cp645hqv0g03h401
    [2011/06/11 20:35:25 | 000,018,100 | -HS- | M] () -- C:\Documents and Settings\All Users\Application Data\e1i8cp645hqv0g03h401
    [2011/06/11 18:29:54 | 000,002,160 | -HS- | M] () -- C:\Documents and Settings\Jimmy\Local Settings\Application Data\3842150890
    [2011/06/11 18:29:54 | 000,002,160 | -HS- | M] () -- C:\Documents and Settings\All Users\Application Data\1874102850
    [2011/06/11 18:29:48 | 000,002,124 | -HS- | M] () -- C:\Documents and Settings\All Users\Application Data\3842150890
    [2011/06/17 19:08:09 | 000,000,703 | ---- | C] () -- C:\Windows XP Repair.lnk
    [2011/06/11 18:49:34 | 000,000,000 | ---- | C] () -- C:\autoexec.bat

    :Commands
    [emptytemp]
    [emptyflash]


  • Puis clique sur le bouton Correction en haut à gauche
  • Si le pc demande à redémarrer accepte.
  • Poste le rapport de suppression.

    Note : le rapport est enregistré sous format ".log", il convient de changer cette extension en ".txt" si tu veux le déposer sur des sites en ligne.

    Pour les rapports, merci d'utiliser ce service de rapport en ligne : dépose le fichier via "parcourir" et poste simplement le lien obtenu.
    24 Juin 2011 12:45:21

    Voila le rapport :



    All processes killed
    ========== OTL ==========
    Prefs.js: "Ask.com" removed from browser.search.defaultengine
    Prefs.js: "Ask.com" removed from browser.search.defaultenginename
    Prefs.js: "Ask.com" removed from browser.search.order.1
    Prefs.js: "Ask.com" removed from browser.search.selectedEngine
    Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ deleted successfully.
    Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
    Registry value HKEY_USERS\S-1-5-21-1409082233-1303643608-725345543-1003\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser\\{4ADFE869-0C09-4F41-AD79-A8F1CFA201E8} deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4ADFE869-0C09-4F41-AD79-A8F1CFA201E8}\ not found.
    Registry value HKEY_USERS\S-1-5-21-1409082233-1303643608-725345543-1003\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
    Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\SpyHunter Security Suite deleted successfully.
    Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\JtSWvJfiQpeA not found.
    C:\Documents and Settings\All Users\Application Data\JtSWvJfiQpeA.exe moved successfully.
    Registry value HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run\\JtSWvJfiQpeA not found.
    File C:\Documents and Settings\All Users\Application Data\JtSWvJfiQpeA.exe not found.
    Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\SpyHunter Security Suite not found.
    Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\JtSWvJfiQpeA not found.
    File C:\Documents and Settings\All Users\Application Data\JtSWvJfiQpeA.exe not found.
    Registry value HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run\\JtSWvJfiQpeA not found.
    File C:\Documents and Settings\All Users\Application Data\JtSWvJfiQpeA.exe not found.
    Registry value HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDesktop deleted successfully.
    Registry value HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\DisableTaskMgr deleted successfully.
    Registry key HKEY_USERS\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Recovery\ not found.
    Registry value HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDesktop not found.
    Registry value HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\DisableTaskMgr not found.
    Registry key HKEY_USERS\S-1-5-21-1409082233-1303643608-725345543-1003\Software\Policies\Microsoft\Internet Explorer\Recovery\ deleted successfully.
    Registry value HKEY_USERS\S-1-5-21-1409082233-1303643608-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoStrCmpLogical deleted successfully.
    Registry value HKEY_USERS\S-1-5-21-1409082233-1303643608-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoSaveSettings deleted successfully.
    Registry value HKEY_USERS\S-1-5-21-1409082233-1303643608-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoTrayItemsDisplay deleted successfully.
    Registry value HKEY_USERS\S-1-5-21-1409082233-1303643608-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoToolbarsOnTaskbar deleted successfully.
    Registry value HKEY_USERS\S-1-5-21-1409082233-1303643608-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\LockTaskbar deleted successfully.
    Registry value HKEY_USERS\S-1-5-21-1409082233-1303643608-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoResolveTrack deleted successfully.
    Registry value HKEY_USERS\S-1-5-21-1409082233-1303643608-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoResolveSearch deleted successfully.
    Registry value HKEY_USERS\S-1-5-21-1409082233-1303643608-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoNetworkConnections deleted successfully.
    Registry value HKEY_USERS\S-1-5-21-1409082233-1303643608-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoSMHelp deleted successfully.
    Registry value HKEY_USERS\S-1-5-21-1409082233-1303643608-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoFind deleted successfully.
    Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{070f9dfa-ed83-11de-bbd2-b0ee25d73315}\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{070f9dfa-ed83-11de-bbd2-b0ee25d73315}\ not found.
    File E:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\isee.exe not found.
    Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{070f9dfa-ed83-11de-bbd2-b0ee25d73315}\ not found.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{070f9dfa-ed83-11de-bbd2-b0ee25d73315}\ not found.
    File E:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\isee.exe not found.
    Registry key HKEY_USERS\.DEFAULT\Software\Classes\.exe\ deleted successfully.
    Registry key HKEY_USERS\.DEFAULT\Software\Classes\exefile\ deleted successfully.
    HKEY_LOCAL_MACHINE\Software\Classes\.exe\\|exefile /E : value set successfully!
    Registry key HKEY_USERS\S-1-5-18\Software\Classes\.exe\ not found.
    Registry key HKEY_USERS\S-1-5-18\Software\Classes\exefile\ not found.
    HKEY_LOCAL_MACHINE\Software\Classes\.exe\\|exefile /E : value set successfully!
    C:\Windows XP Repair folder moved successfully.
    C:\Documents and Settings\All Users\Application Data\24698660.exe moved successfully.
    File C:\Documents and Settings\All Users\Application Data\JtSWvJfiQpeA.exe not found.
    C:\WINDOWS\002858_.tmp deleted successfully.
    C:\WINDOWS\CF33A0CE702A4E66B91BF995F9DDFD5B.TMP\WiseCustomCall.dll deleted successfully.
    C:\WINDOWS\CF33A0CE702A4E66B91BF995F9DDFD5B.TMP\WiseCustomCalla.dll deleted successfully.
    C:\WINDOWS\CF33A0CE702A4E66B91BF995F9DDFD5B.TMP\WiseCustomCalla17.dll deleted successfully.
    C:\WINDOWS\CF33A0CE702A4E66B91BF995F9DDFD5B.TMP\WiseCustomCalla18.exe deleted successfully.
    C:\WINDOWS\CF33A0CE702A4E66B91BF995F9DDFD5B.TMP\WiseCustomCalla19.dll deleted successfully.
    C:\WINDOWS\CF33A0CE702A4E66B91BF995F9DDFD5B.TMP\WiseCustomCalla2.dll deleted successfully.
    C:\WINDOWS\CF33A0CE702A4E66B91BF995F9DDFD5B.TMP\WiseCustomCalla20.dll deleted successfully.
    C:\WINDOWS\CF33A0CE702A4E66B91BF995F9DDFD5B.TMP\WiseCustomCalla21.dll deleted successfully.
    C:\WINDOWS\CF33A0CE702A4E66B91BF995F9DDFD5B.TMP\WiseCustomCalla21.exe deleted successfully.
    C:\WINDOWS\CF33A0CE702A4E66B91BF995F9DDFD5B.TMP\WiseData.ini deleted successfully.
    C:\WINDOWS\CF33A0CE702A4E66B91BF995F9DDFD5B.TMP folder deleted successfully.
    C:\WINDOWS\LastGood.Tmp\system32\dllcache\admin.dll deleted successfully.
    C:\WINDOWS\LastGood.Tmp\system32\dllcache\admin.exe deleted successfully.
    C:\WINDOWS\LastGood.Tmp\system32\dllcache\admwprox.dll deleted successfully.
    C:\WINDOWS\LastGood.Tmp\system32\dllcache\adsiis51.dll deleted successfully.
    C:\WINDOWS\LastGood.Tmp\system32\dllcache\author.dll deleted successfully.
    C:\WINDOWS\LastGood.Tmp\system32\dllcache\author.exe deleted successfully.
    C:\WINDOWS\LastGood.Tmp\system32\dllcache\certmap.ocx deleted successfully.
    C:\WINDOWS\LastGood.Tmp\system32\dllcache\certwiz.ocx deleted successfully.
    C:\WINDOWS\LastGood.Tmp\system32\dllcache\cfgwiz.exe deleted successfully.
    C:\WINDOWS\LastGood.Tmp\system32\dllcache\cnfgprts.ocx deleted successfully.
    C:\WINDOWS\LastGood.Tmp\system32\dllcache\coadmin.dll deleted successfully.
    C:\WINDOWS\LastGood.Tmp\system32\dllcache\fp4amsft.dll deleted successfully.
    C:\WINDOWS\LastGood.Tmp\system32\dllcache\fp4anscp.dll deleted successfully.
    C:\WINDOWS\LastGood.Tmp\system32\dllcache\fp4apws.dll deleted successfully.
    C:\WINDOWS\LastGood.Tmp\system32\dllcache\fp4areg.dll deleted successfully.
    C:\WINDOWS\LastGood.Tmp\system32\dllcache\fp4atxt.dll deleted successfully.
    C:\WINDOWS\LastGood.Tmp\system32\dllcache\fp4avnb.dll deleted successfully.
    C:\WINDOWS\LastGood.Tmp\system32\dllcache\fp4avss.dll deleted successfully.
    C:\WINDOWS\LastGood.Tmp\system32\dllcache\fp4awebs.dll deleted successfully.
    C:\WINDOWS\LastGood.Tmp\system32\dllcache\fp4awel.dll deleted successfully.
    C:\WINDOWS\LastGood.Tmp\system32\dllcache\fp98sadm.exe deleted successfully.
    C:\WINDOWS\LastGood.Tmp\system32\dllcache\fp98swin.exe deleted successfully.
    C:\WINDOWS\LastGood.Tmp\system32\dllcache\fpcount.exe deleted successfully.
    C:\WINDOWS\LastGood.Tmp\system32\dllcache\fpexedll.dll deleted successfully.
    C:\WINDOWS\LastGood.Tmp\system32\dllcache\fpmmc.dll deleted successfully.
    C:\WINDOWS\LastGood.Tmp\system32\dllcache folder deleted successfully.
    C:\WINDOWS\LastGood.Tmp\system32 folder deleted successfully.
    C:\WINDOWS\LastGood.Tmp folder deleted successfully.
    C:\WINDOWS\System32\CONFIG.TMP deleted successfully.
    C:\WINDOWS\System32\msxml6.dll.tmp deleted successfully.
    C:\WINDOWS\System32\dllcache\aaclient.dll.tmp deleted successfully.
    C:\WINDOWS\System32\dllcache\acgenral.dll.tmp deleted successfully.
    C:\WINDOWS\System32\dllcache\aclayers.dll.tmp deleted successfully.
    C:\WINDOWS\System32\dllcache\acspecfc.dll.tmp deleted successfully.
    C:\WINDOWS\System32\dllcache\acxtrnal.dll.tmp deleted successfully.
    C:\WINDOWS\System32\dllcache\asycfilt.dll.tmp deleted successfully.
    C:\WINDOWS\System32\dllcache\atmlib.dll.tmp deleted successfully.
    C:\WINDOWS\System32\dllcache\azroles.dll.tmp deleted successfully.
    C:\WINDOWS\System32\dllcache\bitsprx4.dll.tmp deleted successfully.
    C:\WINDOWS\System32\dllcache\cfgmgr32.dll.tmp deleted successfully.
    C:\WINDOWS\System32\dllcache\OLD102.tmp deleted successfully.
    C:\WINDOWS\System32\dllcache\OLD105.tmp deleted successfully.
    C:\WINDOWS\System32\dllcache\OLD108.tmp deleted successfully.
    C:\WINDOWS\System32\dllcache\OLD10B.tmp deleted successfully.
    C:\WINDOWS\System32\dllcache\OLD10E.tmp deleted successfully.
    C:\WINDOWS\System32\dllcache\OLD111.tmp deleted successfully.
    C:\WINDOWS\System32\dllcache\OLD114.tmp deleted successfully.
    C:\WINDOWS\System32\dllcache\OLD117.tmp deleted successfully.
    C:\WINDOWS\System32\dllcache\OLD11A.tmp deleted successfully.
    C:\WINDOWS\System32\dllcache\OLD11D.tmp deleted successfully.
    C:\WINDOWS\System32\dllcache\OLD120.tmp deleted successfully.
    C:\WINDOWS\System32\dllcache\OLD123.tmp deleted successfully.
    C:\WINDOWS\System32\dllcache\OLD126.tmp deleted successfully.
    C:\WINDOWS\System32\dllcache\OLD129.tmp deleted successfully.
    C:\WINDOWS\System32\dllcache\OLD12C.tmp deleted successfully.
    C:\WINDOWS\System32\dllcache\OLD12F.tmp deleted successfully.
    C:\WINDOWS\System32\dllcache\OLD132.tmp deleted successfully.
    C:\WINDOWS\System32\dllcache\OLD135.tmp deleted successfully.
    C:\WINDOWS\System32\dllcache\OLD138.tmp deleted successfully.
    C:\WINDOWS\System32\dllcache\OLD13B.tmp deleted successfully.
    C:\WINDOWS\System32\dllcache\OLD13E.tmp deleted successfully.
    C:\WINDOWS\System32\dllcache\OLD141.tmp deleted successfully.
    C:\WINDOWS\System32\dllcache\OLD144.tmp deleted successfully.
    C:\WINDOWS\System32\dllcache\OLD147.tmp deleted successfully.
    C:\WINDOWS\System32\dllcache\OLD14A.tmp deleted successfully.
    C:\WINDOWS\System32\dllcache\OLD14D.tmp deleted successfully.
    C:\WINDOWS\System32\dllcache\OLD150.tmp deleted successfully.
    C:\WINDOWS\System32\dllcache\OLD153.tmp deleted successfully.
    C:\WINDOWS\System32\dllcache\OLD156.tmp deleted successfully.
    C:\WINDOWS\System32\dllcache\OLD159.tmp deleted successfully.
    C:\WINDOWS\System32\dllcache\OLD15C.tmp deleted successfully.
    C:\WINDOWS\System32\dllcache\OLD15F.tmp deleted successfully.
    C:\WINDOWS\System32\dllcache\OLD162.tmp deleted successfully.
    C:\WINDOWS\System32\dllcache\OLD165.tmp deleted successfully.
    C:\WINDOWS\System32\dllcache\OLD169.tmp deleted successfully.
    C:\WINDOWS\System32\dllcache\OLD16D.tmp deleted successfully.
    C:\WINDOWS\System32\dllcache\OLD171.tmp deleted successfully.
    C:\WINDOWS\System32\dllcache\OLD175.tmp deleted successfully.
    C:\WINDOWS\System32\dllcache\OLD179.tmp deleted successfully.
    C:\WINDOWS\System32\dllcache\OLD17D.tmp deleted successfully.
    C:\WINDOWS\System32\dllcache\OLD181.tmp deleted successfully.
    C:\WINDOWS\System32\dllcache\OLD185.tmp deleted successfully.
    C:\WINDOWS\System32\dllcache\OLD189.tmp deleted successfully.
    C:\WINDOWS\System32\dllcache\OLD18D.tmp deleted successfully.
    C:\WINDOWS\System32\dllcache\OLD190.tmp deleted successfully.
    C:\WINDOWS\System32\dllcache\OLD194.tmp deleted successfully.
    C:\WINDOWS\System32\dllcache\OLD197.tmp deleted successfully.
    C:\WINDOWS\System32\dllcache\OLD19B.tmp deleted successfully.
    C:\WINDOWS\System32\dllcache\OLD19F.tmp deleted successfully.
    C:\WINDOWS\System32\dllcache\OLD1A3.tmp deleted successfully.
    C:\WINDOWS\System32\dllcache\OLD1A6.tmp deleted successfully.
    C:\WINDOWS\System32\dllcache\OLD1AA.tmp deleted successfully.
    C:\WINDOWS\System32\dllcache\OLD1AD.tmp deleted successfully.
    C:\WINDOWS\System32\dllcache\OLD1AE.tmp deleted successfully.
    C:\WINDOWS\System32\dllcache\OLD1B1.tmp deleted successfully.
    C:\WINDOWS\System32\dllcache\OLD1B5.tmp deleted successfully.
    C:\WINDOWS\System32\dllcache\OLD1B9.tmp deleted successfully.
    C:\WINDOWS\System32\dllcache\OLD1BD.tmp deleted successfully.
    C:\WINDOWS\System32\dllcache\OLD1C1.tmp deleted successfully.
    C:\WINDOWS\System32\dllcache\OLD1C5.tmp deleted successfully.
    C:\WINDOWS\System32\dllcache\OLD1C9.tmp deleted successfully.
    C:\WINDOWS\System32\dllcache\OLD1CD.tmp deleted successfully.
    C:\WINDOWS\System32\dllcache\OLD1D1.tmp deleted successfully.
    C:\WINDOWS\System32\dllcache\OLD1D5.tmp deleted successfully.
    C:\WINDOWS\System32\dllcache\OLD1D9.tmp deleted successfully.
    C:\WINDOWS\System32\dllcache\OLD1DD.tmp deleted successfully.
    C:\WINDOWS\System32\dllcache\OLD1E1.tmp deleted successfully.
    C:\WINDOWS\System32\dllcache\OLD1E5.tmp deleted successfully.
    C:\WINDOWS\System32\dllcache\OLD1E9.tmp deleted successfully.
    C:\WINDOWS\System32\dllcache\OLD1ED.tmp deleted successfully.
    C:\WINDOWS\System32\dllcache\OLD1F1.tmp deleted successfully.
    C:\WINDOWS\System32\dllcache\OLD1F5.tmp deleted successfully.
    C:\WINDOWS\System32\dllcache\OLD1F9.tmp deleted successfully.
    C:\WINDOWS\System32\dllcache\OLD1FD.tmp deleted successfully.
    C:\WINDOWS\System32\dllcache\OLD201.tmp deleted successfully.
    C:\WINDOWS\System32\dllcache\OLD205.tmp deleted successfully.
    C:\WINDOWS\System32\dllcache\OLD208.tmp deleted successfully.
    C:\WINDOWS\System32\dllcache\OLD20C.tmp deleted successfully.
    C:\WINDOWS\System32\dllcache\OLD210.tmp deleted successfully.
    C:\WINDOWS\System32\dllcache\OLD214.tmp deleted successfully.
    C:\WINDOWS\System32\dllcache\OLD218.tmp deleted successfully.
    C:\WINDOWS\System32\dllcache\OLD21C.tmp deleted successfully.
    C:\WINDOWS\System32\dllcache\OLD220.tmp deleted successfully.
    C:\WINDOWS\System32\dllcache\OLD224.tmp deleted successfully.
    C:\WINDOWS\System32\dllcache\OLD228.tmp deleted successfully.
    C:\WINDOWS\System32\dllcache\OLD22C.tmp deleted successfully.
    C:\WINDOWS\System32\dllcache\OLD230.tmp deleted successfully.
    C:\WINDOWS\System32\dllcache\OLD234.tmp deleted successfully.
    C:\WINDOWS\System32\dllcache\OLD238.tmp deleted successfully.
    C:\WINDOWS\System32\dllcache\OLD23C.tmp deleted successfully.
    C:\WINDOWS\System32\dllcache\OLD240.tmp deleted successfully.
    C:\WINDOWS\System32\dllcache\OLD244.tmp deleted successfully.
    C:\WINDOWS\System32\dllcache\OLD248.tmp deleted successfully.
    C:\WINDOWS\System32\dllcache\OLD24C.tmp deleted successfully.
    C:\WINDOWS\System32\dllcache\OLD24F.tmp deleted successfully.
    C:\WINDOWS\System32\dllcache\OLD253.tmp deleted successfully.
    C:\WINDOWS\System32\dllcache\OLD256.tmp deleted successfully.
    C:\WINDOWS\System32\dllcache\OLD25A.tmp deleted successfully.
    C:\WINDOWS\System32\dllcache\OLD25E.tmp deleted successfully.
    C:\WINDOWS\System32\dllcache\OLD262.tmp deleted successfully.
    C:\WINDOWS\System32\dllcache\OLD266.tmp deleted successfully.
    C:\WINDOWS\System32\dllcache\OLD26A.tmp deleted successfully.
    C:\WINDOWS\System32\dllcache\OLD26E.tmp deleted successfully.
    C:\WINDOWS\System32\dllcache\OLD272.tmp deleted successfully.
    C:\WINDOWS\System32\dllcache\OLD276.tmp deleted successfully.
    C:\WINDOWS\System32\dllcache\OLD27A.tmp deleted successfully.
    C:\WINDOWS\System32\dllcache\OLD27E.tmp deleted successfully.
    C:\WINDOWS\System32\dllcache\OLD282.tmp deleted successfully.
    C:\WINDOWS\System32\dllcache\OLD285.tmp deleted successfully.
    C:\WINDOWS\System32\dllcache\OLD289.tmp deleted successfully.
    C:\WINDOWS\System32\dllcache\OLD28D.tmp deleted successfully.
    C:\WINDOWS\System32\dllcache\OLD291.tmp deleted successfully.
    C:\WINDOWS\System32\dllcache\OLD295.tmp deleted successfully.
    C:\WINDOWS\System32\dllcache\OLD299.tmp deleted successfully.
    C:\WINDOWS\System32\dllcache\OLD29D.tmp deleted successfully.
    C:\WINDOWS\System32\dllcache\OLD2A1.tmp deleted successfully.
    C:\WINDOWS\System32\dllcache\OLD2A5.tmp deleted successfully.
    C:\WINDOWS\System32\dllcache\OLD2A9.tmp deleted successfully.
    C:\WINDOWS\System32\dllcache\OLD2AC.tmp deleted successfully.
    C:\WINDOWS\System32\dllcache\OLD2AF.tmp deleted successfully.
    C:\WINDOWS\System32\dllcache\OLD2B2.tmp deleted successfully.
    C:\WINDOWS\System32\dllcache\OLD2B5.tmp deleted successfully.
    C:\WINDOWS\System32\dllcache\OLD2B8.tmp deleted successfully.
    C:\WINDOWS\System32\dllcache\OLD2BB.tmp deleted successfully.
    C:\WINDOWS\System32\dllcache\OLD2BE.tmp deleted successfully.
    C:\WINDOWS\System32\dllcache\OLD2C1.tmp deleted successfully.
    C:\WINDOWS\System32\dllcache\OLD2C4.tmp deleted successfully.
    C:\WINDOWS\System32\dllcache\OLD2C7.tmp deleted successfully.
    C:\WINDOWS\System32\dllcache\OLD2CA.tmp deleted successfully.
    C:\WINDOWS\System32\dllcache\OLD2CD.tmp deleted successfully.
    C:\WINDOWS\System32\dllcache\OLD2D0.tmp deleted successfully.
    C:\WINDOWS\System32\dllcache\OLD2D3.tmp deleted successfully.
    C:\WINDOWS\System32\dllcache\OLD7D.tmp deleted successfully.
    C:\WINDOWS\System32\dllcache\OLD81.tmp deleted successfully.
    C:\WINDOWS\System32\dllcache\OLD84.tmp deleted successfully.
    C:\WINDOWS\System32\dllcache\OLD87.tmp deleted successfully.
    C:\WINDOWS\System32\dllcache\OLD8A.tmp deleted successfully.
    C:\WINDOWS\System32\dllcache\OLD8D.tmp deleted successfully.
    C:\WINDOWS\System32\dllcache\OLD90.tmp deleted successfully.
    C:\WINDOWS\System32\dllcache\OLD97.tmp deleted successfully.
    C:\WINDOWS\System32\dllcache\OLD9E.tmp deleted successfully.
    C:\WINDOWS\System32\dllcache\OLDA2.tmp deleted successfully.
    C:\WINDOWS\System32\dllcache\OLDA6.tmp deleted successfully.
    C:\WINDOWS\System32\dllcache\OLDAA.tmp deleted successfully.
    C:\WINDOWS\System32\dllcache\OLDAE.tmp deleted successfully.
    C:\WINDOWS\System32\dllcache\OLDB2.tmp deleted successfully.
    C:\WINDOWS\System32\dllcache\OLDB6.tmp deleted successfully.
    C:\WINDOWS\System32\dllcache\OLDBA.tmp deleted successfully.
    C:\WINDOWS\System32\dllcache\OLDBE.tmp deleted successfully.
    C:\WINDOWS\System32\dllcache\OLDC2.tmp deleted successfully.
    C:\WINDOWS\System32\dllcache\OLDC6.tmp deleted successfully.
    C:\WINDOWS\System32\dllcache\OLDCA.tmp deleted successfully.
    C:\WINDOWS\System32\dllcache\OLDCE.tmp deleted successfully.
    C:\WINDOWS\System32\dllcache\OLDD2.tmp deleted successfully.
    C:\WINDOWS\System32\dllcache\OLDD6.tmp deleted successfully.
    C:\WINDOWS\System32\dllcache\OLDDA.tmp deleted successfully.
    C:\WINDOWS\System32\dllcache\OLDDE.tmp deleted successfully.
    C:\WINDOWS\System32\dllcache\OLDE2.tmp deleted successfully.
    C:\WINDOWS\System32\dllcache\OLDE5.tmp deleted successfully.
    C:\WINDOWS\System32\dllcache\OLDE9.tmp deleted successfully.
    C:\WINDOWS\System32\dllcache\OLDEC.tmp deleted successfully.
    C:\WINDOWS\System32\dllcache\OLDF0.tmp deleted successfully.
    C:\WINDOWS\System32\dllcache\OLDF4.tmp deleted successfully.
    C:\WINDOWS\System32\dllcache\OLDF7.tmp deleted successfully.
    C:\WINDOWS\System32\dllcache\OLDFB.tmp deleted successfully.
    C:\WINDOWS\System32\dllcache\OLDFF.tmp deleted successfully.
    C:\Documents and Settings\All Users\Application Data\~24698660 moved successfully.
    C:\Documents and Settings\All Users\Application Data\~24698660r moved successfully.
    C:\Documents and Settings\All Users\Application Data\24698660 moved successfully.
    File C:\Documents and Settings\All Users\Application Data\24698660.exe not found.
    File C:\Documents and Settings\All Users\Application Data\JtSWvJfiQpeA.exe not found.
    C:\Documents and Settings\Jimmy\Local Settings\Application Data\e1i8cp645hqv0g03h401 moved successfully.
    C:\Documents and Settings\All Users\Application Data\e1i8cp645hqv0g03h401 moved successfully.
    C:\Documents and Settings\Jimmy\Local Settings\Application Data\3842150890 moved successfully.
    C:\Documents and Settings\All Users\Application Data\1874102850 moved successfully.
    C:\Documents and Settings\All Users\Application Data\3842150890 moved successfully.
    C:\Windows XP Repair.lnk moved successfully.
    C:\autoexec.bat moved successfully.
    ========== COMMANDS ==========

    [EMPTYTEMP]

    User: All Users

    User: Default User
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 33170 bytes

    User: Jimmy
    ->Temp folder emptied: 995504834 bytes
    ->Temporary Internet Files folder emptied: 290027694 bytes
    ->Java cache emptied: 1383244 bytes
    ->FireFox cache emptied: 376044819 bytes
    ->Apple Safari cache emptied: 15265792 bytes
    ->Flash cache emptied: 254660 bytes

    User: LocalService
    ->Temp folder emptied: 66016 bytes
    ->Temporary Internet Files folder emptied: 6887071 bytes
    ->Flash cache emptied: 615 bytes

    User: NetworkService
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 262948995 bytes
    ->Java cache emptied: 31767 bytes
    ->Flash cache emptied: 11811 bytes

    %systemdrive% .tmp files removed: 0 bytes
    %systemroot% .tmp files removed: 0 bytes
    %systemroot%\System32 .tmp files removed: 0 bytes
    %systemroot%\System32\dllcache .tmp files removed: 0 bytes
    %systemroot%\System32\drivers .tmp files removed: 0 bytes
    Windows Temp folder emptied: 67657936 bytes
    %systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 13003954 bytes
    %systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 275915 bytes
    RecycleBin emptied: 365222 bytes

    Total Files Cleaned = 1 936,00 mb


    [EMPTYFLASH]

    User: All Users

    User: Default User

    User: Jimmy
    ->Flash cache emptied: 0 bytes

    User: LocalService
    ->Flash cache emptied: 0 bytes

    User: NetworkService
    ->Flash cache emptied: 0 bytes

    Total Flash Files Cleaned = 0,00 mb


    OTL by OldTimer - Version 3.2.24.1 log created on 06242011_111758

    Files\Folders moved on Reboot...

    Registry entries deleted on Reboot...
    24 Juin 2011 12:48:31

    ( Je dois aller travailler, je reviens ce soir.
    Merci merci de m'aider ! )
    a c 614 8 Sécurité
    24 Juin 2011 13:50:40

    Re,

    Ok, à ton retour relance windows normalement et regarde si y'a du mieux.

    Si oui, refais cette manipulation :


    Télécharge RogueKiller (de Tigzy) sur ton bureau.

  • Ferme toutes tes fenêtres, puis double clique sur RogueKiller.exe pour le lancer.
    (Utilisateur de Vista/Windows 7 faites un clic droit -> "Exécuter en tant qu'administrateur")

  • Une fois l'initialisation terminée, choisis l'option 2 et valide.
  • Laisse l'outil travailler.
  • Un rapport s'ouvrira, copie-colle son contenu dans ta prochaine réponse

    (S'il ne s'ouvre pas, il est enregistré sur le bureau : RKreport.txt)
    26 Juin 2011 04:03:20

    Re, dsl pour le retard, mais j'ai pas pu accéder au pc avant.
    Bon j'ai rallumer et ya pas vraiment de différence .
    Toujours aucun accès à internet; pas de copier coller, le pc met toujours 30 min à démarrer, etc...


    Mais j'ai fait ce que tu m'avais demander avec RogueKiller :

    RogueKiller V5.2.5 [24/06/2011] par Tigzy
    contact sur http://www.sur-la-toile.com
    mail: tigzyRK<at>gmail<dot>com
    Remontees: http://www.sur-la-toile.com/discussion-193725-1-BRogueK...

    Systeme d'exploitation: Windows XP (5.1.2600 Service Pack 3) 32 bits version
    Demarrage : Mode normal
    Utilisateur: Jimmy [Droits d'admin]
    Mode: Suppression -- Date : 25/06/2011 23:42:37

    Processus malicieux: 0

    Entrees de registre: 0

    Fichier HOSTS:


    Termine : << RKreport[1].txt >>
    RKreport[1].txt





    a c 614 8 Sécurité
    26 Juin 2011 10:04:20

    Re,

    On va regarder qu'il n'y ait pas d’autres restes, mais si on ne trouve pas plus, il faudra peut-être réparer/réinstaller le système.

    Télécharge TDSSKiller de Kaspersky sur ton bureau.

  • Décompresse-le en faisant clic-droit dessus -> extraire tout... (clique sur "suivant", "suivant" et "Terminer".)
  • Double clique sur "TDSSKiller.exe" pour lancer l'outil.
    (Utilisateur de Vista/Windows 7 : effectue un clic droit sur TDSSKiller.exe et sélectionne "Exécuter en tant qu'administrateur".)

  • Clique alors sur le bouton "Start Scan".
  • Laisse le scan s'effectuer.

  • Dans la fenêtre de résultat :
  • Si TDSS.tdl2 est détecté l'option delete sera cochée par défaut.
  • Si TDSS.tdl3 est détecté assure toi que Cure est bien cochée.
  • Pour la partie "Suspicious object" laisse sur "Skip"
  • Si TDSS.tdl4 (mbr) est détecté assure toi que Cure est bien coché.
  • Clique enfin sur "Continue"

  • Il te sera surement demandé de redémarrer ton pc, fait-le en cliquant sur "Reboot now"

  • Au redémarrage va chercher le rapport de suppression, il se trouve ici :
    C:\ TDSSKiller.x.x.x.x_date_heure_log.txt

    Poste son contenu dans ta prochaine réponse.
    28 Juin 2011 15:30:19

    Re, dsl pour le temps de réponse, mais j'ai plus droit au pc donc je suis obliger de faire sa en cachette...
    Enfin bref,
    Donc, j'ai lancer ton logiciel depuis la clé usb, sa ne marche pas.
    Et avec winrar je l'ai déplacer sur le bureau, je l'ai lancer, mais sa ne marche pas nonplu.
    Rien ne ce passe.

    Je commence à croire que c'est foutu mais j'ai vraiment pas envie de perdre mes données. Pourtant dans mon entourage on m'à dis que défois il était impossible de récupérer ces données et qu'il faut reformater et repartir à zéro.
    a c 614 8 Sécurité
    28 Juin 2011 19:32:57

    Re,

    Essaye de me refaire un Malwarebyte's.

    Pourquoi tu n'as plus le droit d'approcher le pc, c'est le tien ou celui de tes parents ?

    On peut toujours récupérer les données sauf si le disque dur est mort.

    On peut faire ceci par exemple pour passer outre ton système endommagé :
    http://www.inforumatique.fr/recuperer-des-fichiers-avec...
    Tom's guide dans le monde
    • Allemagne
    • Italie
    • Irlande
    • Royaume Uni
    • Etats Unis
    Suivre Tom's Guide
    Inscrivez-vous à la Newsletter
    • ajouter à twitter
    • ajouter à facebook
    • ajouter un flux RSS