Publicité sonore sans que Firefox ne soit ouvert [Résolu]

re,
ça c'est une infection...



et je n'aime pas du tout...c'est un ""fake" d'un fichier système

Télécharge OTMoveIt3 de OldTimer
http://oldtimer.geekstogo.com/OTM.exe
ou:
http://ottools.noahdfear.net/OTM.exe


* Enregistre-le sur ton bureau
* Double-clique sur OTMoveIt3.exe pour le lancer (l'extension "exe" peut ne pas apparaître)
* Copie-colle l'entièreté de ceci ci dessous dans la partie jaune >> "Paste Instructions for Items to be Moved" :

FERME TON NAVIGATEUR INTERNET


* Clique sur le bouton rouge MoveIt! pour lancer le nettoyage.
* Copie-colle dans ta prochaine réponse tout ce qui se trouve dans la fenêtre Results (en vert à droite)
--> Un rapport sera généré dans le dossier C:\ _OTMoveIt\MovedFiles avec la date et l'heure du passage de l'outil (mmddyyyy_hhmmss.log)
* Ferme OTMoveIt3 (en cliquant sur Exit)


Note : Si un fichier ou un dossier ne sait être supprimé directement, l'outil peut demander un redémarrage pour terminer le processus. Clique alors sur "Yes" pour accepter.


refais un scan avec Bibite.exe

Salut, Voici les 2 rapports.

OMT

All processes killed
========== PROCESSES ==========
No active process named explorer.exe was found!
========== FILES ==========
File/Folder C:\WINDOWS\Temp\jwib.tmp\svchost.exe not found.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Claire Schmitt
->Temp folder emptied: 2202775 bytes
->Temporary Internet Files folder emptied: 128122 bytes
->Java cache emptied: 12130234 bytes
->FireFox cache emptied: 86762716 bytes
->Flash cache emptied: 7086 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 32902 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 832722 bytes
->Flash cache emptied: 1562 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 24337174 bytes
->Java cache emptied: 850347 bytes
->Flash cache emptied: 8915 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 3072 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 16384 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 1449222 bytes
RecycleBin emptied: 1913281 bytes

Total Files Cleaned = 125,00 mb


OTM by OldTimer - Version 3.1.10.0 log created on 03132010_104321

Files moved on Reboot...
File C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\OP0XM7OF\lyrs=m@119&hl=en&x=6&y=6&z=4&s=[1].png not found!
File C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\OP0XM7OF\lyrs=m@119&hl=en&x=6&y=8&z=4&s=Ga[1].png not found!
File C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\OP0XM7OF\lyrs=m@119&hl=fr&x=2&y=7&z=4&s=Galil[1].png not found!
File C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\OP0XM7OF\lyrs=m@119&hl=fr&x=3&y=5&z=4&s=Galile[1].png not found!
File C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\OP0XM7OF\lyrs=m@119&hl=fr&x=3&y=6&z=4&s=Galileo[1].png not found!
File C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\OP0XM7OF\lyrs=m@119&hl=fr&x=5&y=6&z=4&s=Galil[1].png not found!
File C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\OP0XM7OF\main[2].js not found!
File C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\OP0XM7OF\mapcontrols3d5[1].png not found!
File C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\OP0XM7OF\maps[2].htm not found!
File C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\OP0XM7OF\maps_small_horizontal_logo[1].png not found!
File C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\OP0XM7OF\mod_cbs[2].js not found!
File C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\OP0XM7OF\mpl[1].htm not found!
C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\OP0XM7OF\news[1].gif moved successfully.
File C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\OP0XM7OF\news[2].gif not found!
File C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\OP0XM7OF\new_search_ie6_c[1].css not found!
File C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\OP0XM7OF\no_cover_thumb[2].gif not found!
File C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\OP0XM7OF\openhand_8_8[1].bmp not found!

Registry entries deleted on Reboot...
________________________________________________________________________________
combofix:

ComboFix 10-03-12.04 - Claire Schmitt 13/03/2010 10:54:54.3.2 - x86
Microsoft Windows XP Édition familiale 5.1.2600.3.1252.33.1036.18.1015.470 [GMT -5:00]
Lancé depuis: c:\documents and settings\Claire Schmitt\Bureau\bibitte.exe
AV: AntiVir Desktop *On-access scanning disabled* (Updated) {AD166499-45F9-482A-A743-FDD3350758C7}
FW: Pare-feu Online Armor *enabled* {B797DAA0-7E2E-4711-8BB3-D12744F1922A}
* Un nouveau point de restauration a été créé
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\system32\lowsec
c:\windows\system32\lowsec\local.ds
c:\windows\system32\lowsec\user.ds
c:\windows\system32\sdra64.exe
c:\windows\system32\tmp.reg

.
((((((((((((((((((((((((((((( Fichiers créés du 2010-02-13 au 2010-03-13 ))))))))))))))))))))))))))))))))))))
.

2010-03-13 15:43 . 2010-03-13 15:43 -------- d-----w- C:\_OTM
2010-03-10 03:20 . 2010-03-10 03:35 -------- d-----w- C:\bibitte29999b
2010-03-10 03:04 . 2010-03-10 03:05 -------- d-----w- C:\bibitte
2010-03-09 20:52 . 2010-03-09 20:52 -------- d-s---w- c:\documents and settings\LocalService\UserData
2010-03-02 22:54 . 2008-04-14 00:33 116736 -c--a-w- c:\windows\system32\dllcache\xrxwiadr.dll
2010-03-02 22:54 . 2001-08-23 22:47 23040 -c--a-w- c:\windows\system32\dllcache\xrxwbtmp.dll
2010-03-02 22:54 . 2008-04-14 00:33 18944 -c--a-w- c:\windows\system32\dllcache\xrxscnui.dll
2010-03-02 22:54 . 2001-08-23 22:47 27648 -c--a-w- c:\windows\system32\dllcache\xrxftplt.exe
2010-03-02 22:54 . 2001-08-23 22:47 4608 -c--a-w- c:\windows\system32\dllcache\xrxflnch.exe
2010-03-02 22:54 . 2001-08-23 22:47 99865 -c--a-w- c:\windows\system32\dllcache\xlog.exe
2010-03-02 22:54 . 2001-08-18 01:11 16970 -c--a-w- c:\windows\system32\dllcache\xem336n5.sys
2010-03-02 22:54 . 2008-04-13 14:34 19455 -c--a-w- c:\windows\system32\dllcache\wvchntxx.sys
2010-03-02 22:53 . 2008-04-13 14:34 12063 -c--a-w- c:\windows\system32\dllcache\wsiintxx.sys
2010-03-02 22:53 . 2008-04-14 00:33 8192 -c--a-w- c:\windows\system32\dllcache\wshirda.dll
2010-03-02 22:53 . 2008-04-13 16:36 8832 -c--a-w- c:\windows\system32\dllcache\wmiacpi.sys
2010-03-02 22:53 . 2008-04-13 14:35 154624 -c--a-w- c:\windows\system32\dllcache\wlluc48.sys
2010-03-02 22:53 . 2001-08-23 22:05 35402 -c--a-w- c:\windows\system32\dllcache\wlandrv2.sys
2010-03-02 22:53 . 2001-08-18 02:28 771581 -c--a-w- c:\windows\system32\dllcache\winacisa.sys
2010-03-02 22:53 . 2001-08-23 22:47 54272 -c--a-w- c:\windows\system32\dllcache\wiamsmud.dll
2010-03-02 22:53 . 2001-08-23 22:47 87040 -c--a-w- c:\windows\system32\dllcache\wiafbdrv.dll
2010-03-02 22:53 . 2008-04-13 14:34 23615 -c--a-w- c:\windows\system32\dllcache\wch7xxnt.sys
2010-03-02 22:53 . 2001-08-18 02:28 701386 -c--a-w- c:\windows\system32\dllcache\wdhaalba.sys
2010-03-02 22:53 . 2008-04-13 23:57 32128 -c--a-w- c:\windows\system32\dllcache\wceusbsh.sys
2010-03-02 22:51 . 2001-08-18 01:14 249402 -c--a-w- c:\windows\system32\dllcache\vinwm.sys
2010-03-02 22:51 . 2001-08-18 02:49 24576 -c--a-w- c:\windows\system32\dllcache\viairda.sys
2010-03-02 22:51 . 2008-04-13 16:40 5376 -c--a-w- c:\windows\system32\dllcache\viaide.sys
2010-03-02 22:51 . 2008-04-13 16:36 42240 -c--a-w- c:\windows\system32\dllcache\viaagp.sys
2010-03-02 22:51 . 2008-04-14 00:33 11325 -c--a-w- c:\windows\system32\dllcache\vchnt5.dll
2010-03-02 22:51 . 2001-08-18 02:28 687999 -c--a-w- c:\windows\system32\dllcache\usrwdxjs.sys
2010-03-02 22:51 . 2001-08-18 02:28 765884 -c--a-w- c:\windows\system32\dllcache\usrti.sys
2010-03-02 22:51 . 2001-08-18 02:28 113762 -c--a-w- c:\windows\system32\dllcache\usrpda.sys
2010-03-02 22:51 . 2001-08-18 02:28 7556 -c--a-w- c:\windows\system32\dllcache\usroslba.sys
2010-03-02 22:51 . 2001-08-18 02:28 224802 -c--a-w- c:\windows\system32\dllcache\usr1807a.sys
2010-03-02 22:51 . 2001-08-18 02:28 794399 -c--a-w- c:\windows\system32\dllcache\usr1806v.sys
2010-03-02 22:51 . 2001-08-18 02:28 793598 -c--a-w- c:\windows\system32\dllcache\usr1806.sys
2010-03-02 22:51 . 2001-08-18 02:28 794654 -c--a-w- c:\windows\system32\dllcache\usr1801.sys
2010-03-02 22:49 . 2001-08-23 22:47 216576 -c--a-w- c:\windows\system32\dllcache\um34scan.dll
2010-03-02 22:49 . 2001-08-18 02:52 36736 -c--a-w- c:\windows\system32\dllcache\ultra.sys
2010-03-02 22:49 . 2008-04-13 16:36 44672 -c--a-w- c:\windows\system32\dllcache\uagp35.sys
2010-03-02 22:49 . 2001-08-18 02:48 11520 -c--a-w- c:\windows\system32\dllcache\twotrack.sys
2010-03-02 22:49 . 2001-08-18 01:51 166784 -c--a-w- c:\windows\system32\dllcache\tridxpm.sys
2010-03-02 22:49 . 2001-08-23 22:47 525568 -c--a-w- c:\windows\system32\dllcache\tridxp.dll
2010-03-02 22:49 . 2001-08-18 01:51 159232 -c--a-w- c:\windows\system32\dllcache\tridkbm.sys
2010-03-02 22:49 . 2001-08-23 22:46 440576 -c--a-w- c:\windows\system32\dllcache\tridkb.dll
2010-03-02 22:49 . 2001-08-18 01:51 222336 -c--a-w- c:\windows\system32\dllcache\trid3dm.sys
2010-03-02 22:49 . 2001-08-23 22:46 315520 -c--a-w- c:\windows\system32\dllcache\trid3d.dll
2010-03-02 22:49 . 2001-08-18 01:12 34375 -c--a-w- c:\windows\system32\dllcache\tpro4.sys
2010-03-02 22:47 . 2001-08-18 01:13 17129 -c--a-w- c:\windows\system32\dllcache\tdkcd31.sys
2010-03-02 22:47 . 2001-08-18 01:13 37961 -c--a-w- c:\windows\system32\dllcache\tdk100b.sys
2010-03-02 22:47 . 2001-08-18 02:49 30464 -c--a-w- c:\windows\system32\dllcache\tbatm155.sys
2010-03-02 22:47 . 2001-08-18 02:52 7040 -c--a-w- c:\windows\system32\dllcache\tandqic.sys
2010-03-02 22:47 . 2001-08-18 01:50 36640 -c--a-w- c:\windows\system32\dllcache\t2r4mini.sys
2010-03-02 22:47 . 2001-08-23 22:46 172768 -c--a-w- c:\windows\system32\dllcache\t2r4disp.dll
2010-03-02 22:47 . 2001-08-18 03:07 32640 -c--a-w- c:\windows\system32\dllcache\symc8xx.sys
2010-03-02 22:47 . 2001-08-18 03:07 16256 -c--a-w- c:\windows\system32\dllcache\symc810.sys
2010-03-02 22:47 . 2001-08-18 03:07 30688 -c--a-w- c:\windows\system32\dllcache\sym_u3.sys
2010-03-02 22:47 . 2001-08-18 03:07 28384 -c--a-w- c:\windows\system32\dllcache\sym_hi.sys
2010-03-02 22:47 . 2001-08-23 22:47 94293 -c--a-w- c:\windows\system32\dllcache\sxports.dll
2010-03-02 22:46 . 2001-08-18 02:50 103936 -c--a-w- c:\windows\system32\dllcache\sx.sys
2010-03-02 22:46 . 2001-08-18 03:02 3968 -c--a-w- c:\windows\system32\dllcache\swusbflt.sys
2010-03-02 22:46 . 2001-08-23 22:47 10240 -c--a-w- c:\windows\system32\dllcache\swpidflt.dll
2010-03-02 22:46 . 2001-08-23 22:47 10240 -c--a-w- c:\windows\system32\dllcache\swpdflt2.dll
2010-03-02 22:46 . 2001-08-23 22:47 53760 -c--a-w- c:\windows\system32\dllcache\sw_wheel.dll
2010-03-02 22:46 . 2001-08-23 22:47 41472 -c--a-w- c:\windows\system32\dllcache\sw_effct.dll
2010-03-02 22:46 . 2001-08-23 22:47 155648 -c--a-w- c:\windows\system32\dllcache\stlnprop.dll
2010-03-02 22:46 . 2001-08-23 22:47 53248 -c--a-w- c:\windows\system32\dllcache\stlncoin.dll
2010-03-02 22:46 . 2001-08-23 21:57 286848 -c--a-w- c:\windows\system32\dllcache\stlnata.sys
2010-03-02 22:46 . 2001-08-23 21:57 17024 -c--a-w- c:\windows\system32\dllcache\stcusb.sys
2010-03-02 22:44 . 2001-08-18 02:53 7040 -c--a-w- c:\windows\system32\dllcache\snyaitmc.sys
2010-03-02 22:44 . 2001-08-18 01:51 58368 -c--a-w- c:\windows\system32\dllcache\smiminib.sys
2010-03-02 22:44 . 2001-08-23 22:46 147200 -c--a-w- c:\windows\system32\dllcache\smidispb.dll
2010-03-02 22:44 . 2001-08-18 01:12 25034 -c--a-w- c:\windows\system32\dllcache\smcpwr2n.sys
2010-03-02 22:44 . 2001-08-23 22:21 36937 -c--a-w- c:\windows\system32\dllcache\smcirda.sys
2010-03-02 22:44 . 2001-08-18 01:12 24576 -c--a-w- c:\windows\system32\dllcache\smc8000n.sys
2010-03-02 22:44 . 2001-08-18 02:57 6784 -c--a-w- c:\windows\system32\dllcache\smbhc.sys
2010-03-02 22:44 . 2008-04-13 16:36 6912 -c--a-w- c:\windows\system32\dllcache\smbclass.sys
2010-03-02 22:44 . 2008-04-13 16:36 16000 -c--a-w- c:\windows\system32\dllcache\smbbatt.sys
2010-03-02 22:44 . 2008-04-13 16:36 5888 -c--a-w- c:\windows\system32\dllcache\smbali.sys
2010-03-02 22:44 . 2001-08-23 22:47 45568 -c--a-w- c:\windows\system32\dllcache\smb3w.dll
2010-03-02 22:44 . 2001-08-23 22:47 33792 -c--a-w- c:\windows\system32\dllcache\smb0w.dll
2010-03-02 22:44 . 2001-08-23 22:47 28672 -c--a-w- c:\windows\system32\dllcache\sma0w.dll
2010-03-02 22:42 . 2001-08-18 01:50 101760 -c--a-w- c:\windows\system32\dllcache\sis300ip.sys
2010-03-02 22:42 . 2008-04-14 00:33 3901 -c--a-w- c:\windows\system32\dllcache\siint5.dll
2010-03-02 22:42 . 2001-08-23 22:21 161664 -c--a-w- c:\windows\system32\dllcache\sgsmusb.sys
2010-03-02 22:42 . 2001-07-22 03:29 18400 -c--a-w- c:\windows\system32\dllcache\sgsmld.sys
2010-03-02 22:42 . 2001-08-18 01:51 98080 -c--a-w- c:\windows\system32\dllcache\sgiulnt5.sys
2010-03-02 22:42 . 2001-08-23 22:46 386560 -c--a-w- c:\windows\system32\dllcache\sgiul50.dll
2010-03-02 22:42 . 2001-08-18 01:19 36480 -c--a-w- c:\windows\system32\dllcache\sfmanm.sys
2010-03-02 22:42 . 2001-08-23 22:20 6912 -c--a-w- c:\windows\system32\dllcache\serscan.sys
2010-03-02 22:42 . 2001-08-23 22:20 18432 -c--a-w- c:\windows\system32\dllcache\sermouse.sys
2010-03-02 22:42 . 2001-08-18 02:53 6912 -c--a-w- c:\windows\system32\dllcache\seaddsmc.sys
2010-03-02 22:42 . 2008-04-13 16:45 11520 -c--a-w- c:\windows\system32\dllcache\scsiscan.sys
2010-03-02 22:42 . 2001-08-18 02:52 11648 -c--a-w- c:\windows\system32\dllcache\scsiprnt.sys
2010-03-02 22:40 . 2001-08-23 22:46 62496 -c--a-w- c:\windows\system32\dllcache\s3mtrio.dll
2010-03-02 22:39 . 2008-04-13 23:58 79360 -c--a-w- c:\windows\system32\dllcache\rocket.sys
2010-03-02 22:39 . 2008-04-13 16:56 30592 -c--a-w- c:\windows\system32\dllcache\rndismpx.sys
2010-03-02 22:39 . 2001-08-18 01:12 37563 -c--a-w- c:\windows\system32\dllcache\rlnet5.sys
2010-03-02 22:39 . 2008-04-13 16:46 59136 -c--a-w- c:\windows\system32\dllcache\rfcomm.sys
2010-03-02 22:39 . 2001-08-23 22:47 86097 -c--a-w- c:\windows\system32\dllcache\reslog32.dll
2010-03-02 22:39 . 2008-04-13 16:23 13776 -c--a-w- c:\windows\system32\dllcache\recagent.sys
2010-03-02 22:39 . 2001-08-18 02:51 19584 -c--a-w- c:\windows\system32\dllcache\rasirda.sys
2010-03-02 22:39 . 2001-08-23 22:18 715530 -c--a-w- c:\windows\system32\dllcache\r2mdmkxx.sys
2010-03-02 22:39 . 2001-08-23 22:18 899914 -c--a-w- c:\windows\system32\dllcache\r2mdkxga.sys
2010-03-02 22:39 . 2001-08-23 22:47 41984 -c--a-w- c:\windows\system32\dllcache\qvusd.dll
2010-03-02 22:39 . 2001-08-18 02:53 3328 -c--a-w- c:\windows\system32\dllcache\qv2kux.sys
2010-03-02 22:39 . 2001-08-18 02:52 49024 -c--a-w- c:\windows\system32\dllcache\ql1280.sys
2010-03-02 22:39 . 2001-08-18 02:52 40448 -c--a-w- c:\windows\system32\dllcache\ql1240.sys
2010-03-02 22:37 . 2008-04-14 12:00 70144 -c--a-w- c:\windows\system32\dllcache\pintlphr.exe
2010-03-02 22:36 . 2001-08-18 01:11 29769 -c--a-w- c:\windows\system32\dllcache\pcntn5m.sys
2010-03-02 22:35 . 2001-08-18 03:05 28032 -c--a-w- c:\windows\system32\dllcache\ovcd.sys
2010-03-02 22:34 . 2001-08-23 22:11 9472 -c--a-w- c:\windows\system32\dllcache\ntapm.sys
2010-03-02 22:34 . 2001-08-18 02:53 7552 -c--a-w- c:\windows\system32\dllcache\nsmmc.sys
2010-03-02 22:34 . 2008-04-13 16:54 28672 -c--a-w- c:\windows\system32\dllcache\nscirda.sys
2010-03-02 22:34 . 2001-08-18 01:20 87040 -c--a-w- c:\windows\system32\dllcache\nm6wdm.sys
2010-03-02 22:34 . 2001-08-18 01:20 126080 -c--a-w- c:\windows\system32\dllcache\nm5a2wdm.sys
2010-03-02 22:34 . 2001-08-18 01:12 32840 -c--a-w- c:\windows\system32\dllcache\ngrpci.sys
2010-03-02 22:34 . 2008-04-14 00:06 132695 -c--a-w- c:\windows\system32\dllcache\netwlan5.sys
2010-03-02 22:34 . 2001-08-23 22:10 66302 -c--a-w- c:\windows\system32\dllcache\netflx3.sys
2010-03-02 22:34 . 2001-08-18 01:50 39264 -c--a-w- c:\windows\system32\dllcache\neo20xx.sys
2010-03-02 22:34 . 2001-08-23 22:46 60480 -c--a-w- c:\windows\system32\dllcache\neo20xx.dll
2010-03-02 22:34 . 2001-08-18 02:49 15872 -c--a-w- c:\windows\system32\dllcache\ne2000.sys
2010-03-02 22:34 . 2001-08-23 22:46 91488 -c--a-w- c:\windows\system32\dllcache\n9i3disp.dll
2010-03-02 22:34 . 2001-08-18 01:50 27936 -c--a-w- c:\windows\system32\dllcache\n9i3d.sys
2010-03-02 22:32 . 2001-08-18 01:50 103296 -c--a-w- c:\windows\system32\dllcache\mtxvideo.sys
2010-03-02 22:32 . 2008-04-13 14:34 452736 -c--a-w- c:\windows\system32\dllcache\mtxparhm.sys

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-03-13 15:43 . 2010-02-28 20:36 82562 ----a-w- c:\windows\system32\perfc00C.dat
2010-03-13 15:43 . 2010-02-28 20:36 504794 ----a-w- c:\windows\system32\perfh00C.dat
2010-03-12 18:36 . 2009-11-29 19:37 -------- d-----w- c:\program files\Navilog1
2010-03-11 17:14 . 2010-02-28 20:36 327192 ----a-w- c:\windows\system32\drivers\iaStor.sys
2010-03-03 19:19 . 2009-03-02 08:53 -------- d-----w- c:\documents and settings\All Users\Application Data\Microsoft Help
2010-03-02 00:19 . 2009-09-08 23:18 -------- d-----w- c:\documents and settings\Claire Schmitt\Application Data\vlc
2010-02-28 20:09 . 2010-02-28 19:48 76507 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat
2010-02-28 19:49 . 2010-02-28 19:49 -------- d-----w- c:\program files\microsoft frontpage
2010-02-28 19:47 . 2010-02-28 19:47 -------- d-----w- c:\program files\Services en ligne
2010-02-28 19:47 . 2010-02-28 19:47 21892 ----a-w- c:\windows\system32\emptyregdb.dat
2010-02-28 17:13 . 2009-08-30 23:05 -------- d-----w- c:\documents and settings\Claire Schmitt\Application Data\Skype
2010-02-28 17:10 . 2009-08-30 23:08 -------- d-----w- c:\documents and settings\Claire Schmitt\Application Data\skypePM
2010-02-24 16:36 . 2009-12-02 17:22 -------- d-----w- c:\program files\trend micro
2010-02-24 04:14 . 2009-11-27 16:30 -------- d-----w- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2010-02-24 03:29 . 2010-02-24 03:16 -------- d-----w- c:\documents and settings\All Users\Application Data\OnlineArmor
2010-02-24 03:16 . 2010-02-24 03:16 -------- d-----w- c:\documents and settings\Claire Schmitt\Application Data\OnlineArmor
2010-02-24 03:16 . 2010-02-24 03:16 -------- d-----w- c:\program files\Tall Emu
2010-02-24 02:59 . 2010-02-24 02:59 -------- d-----w- c:\program files\Sophos
2010-02-24 02:55 . 2010-02-24 01:36 -------- d-----w- c:\program files\a-squared Free
2010-01-09 22:38 . 2010-01-09 22:38 664 ----a-w- c:\windows\system32\d3d9caps.dat
2010-01-09 22:38 . 2010-01-09 22:38 552 ----a-w- c:\windows\system32\d3d8caps.dat
2009-12-31 16:50 . 2010-02-28 20:36 353792 ----a-w- c:\windows\system32\drivers\srv.sys
2009-12-25 21:53 . 2009-08-31 04:36 55824 ----a-w- c:\documents and settings\Claire Schmitt\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-12-22 05:09 . 2010-02-28 20:36 671232 ------w- c:\windows\system32\wininet.dll
2009-12-17 07:41 . 2010-02-28 19:46 347648 ----a-w- c:\windows\system32\mspaint.exe
2009-12-14 07:09 . 2010-02-28 20:35 33280 ----a-w- c:\windows\system32\csrsrv.dll
2008-05-07 08:34 . 2009-03-02 08:37 15523560 ----a-w- c:\program files\U1 Setup.exe
.

((((((((((((((((((((((((((((( SnapShot@2010-03-10_03.30.19 )))))))))))))))))))))))))))))))))))))))))
.
+ 2010-03-13 16:04 . 2010-03-13 16:04 16384 c:\windows\Temp\Perflib_Perfdata_684.dat
- 2009-03-02 08:43 . 2009-05-26 11:40 18296 c:\windows\system32\spmsg.dll
+ 2009-03-02 08:43 . 2008-07-08 13:03 18296 c:\windows\system32\spmsg.dll
+ 2010-02-28 20:35 . 2010-03-13 15:43 69476 c:\windows\system32\perfc009.dat
- 2010-02-28 20:35 . 2010-02-27 22:19 69476 c:\windows\system32\perfc009.dat
+ 2010-03-13 15:51 . 2010-03-13 15:51 32768 c:\windows\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat
- 2009-03-02 09:31 . 2010-02-13 16:37 32768 c:\windows\system32\config\systemprofile\Local Settings\Historique\History.IE5\index.dat
+ 2009-03-02 09:31 . 2010-03-13 15:45 32768 c:\windows\system32\config\systemprofile\Local Settings\Historique\History.IE5\index.dat
+ 2010-03-13 15:51 . 2010-03-13 15:45 16384 c:\windows\system32\config\systemprofile\Cookies\index.dat
+ 2010-02-28 20:35 . 2010-03-13 15:43 435486 c:\windows\system32\perfh009.dat
- 2010-02-28 20:35 . 2010-02-27 22:19 435486 c:\windows\system32\perfh009.dat
+ 2010-02-28 19:47 . 2009-10-23 15:28 3558912 c:\windows\system32\dllcache\moviemk.exe
- 2010-02-28 19:47 . 2008-04-14 12:00 3558912 c:\windows\system32\dllcache\moviemk.exe
+ 2009-09-22 13:10 . 2010-03-02 05:30 31648712 c:\windows\system32\MRT.exe
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverla yidentifiers\OverlayIconExtension1]
@="{fe25455d-b4c2-4e32-97d2-92632ec1c224}"
[HKEY_CLASSES_ROOT\CLSID\{fe25455d-b4c2-4e32-97d2-92632ec1c224}]
2008-07-25 15:16 282112 ----a-w- c:\windows\system32\mscoree.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverla yidentifiers\OverlayIconExtension2]
@="{1fae2d88-a78e-4f03-909f-be818a3c1ce6}"
[HKEY_CLASSES_ROOT\CLSID\{1fae2d88-a78e-4f03-909f-be818a3c1ce6}]
2008-07-25 15:16 282112 ----a-w- c:\windows\system32\mscoree.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2007-12-19 135168]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2007-12-19 159744]
"Persistence"="c:\windows\system32\igfxpers.exe" [2007-12-19 131072]
"ETDWare"="c:\program files\Elantech\ETDCtrl.exe" [2009-01-23 416768]
"AsusTray"="c:\program files\EeePC\ACPI\AsTray.exe" [2008-12-04 114688]
"AsusACPIServer"="c:\program files\EeePC\ACPI\AsAcpiSvr.exe" [2008-12-17 622592]
"AsusEPCMonitor"="c:\program files\EeePC\ACPI\AsEPCMon.exe" [2008-05-21 94208]
"RTHDCPL"="RTHDCPL.EXE" [2009-02-13 17508864]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-12-06 149280]
"@OnlineArmor GUI"="c:\program files\Tall Emu\Online Armor\oaui.exe" [2009-12-05 6622920]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
BTTray.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2008-9-2 604776]
SuperHybridEngine.lnk - c:\program files\ASUS\EeePC\Super Hybrid Engine\SuperHybridEngine.exe [2009-3-2 376832]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHoo ks]
"{4F07DA45-8170-4859-9B5F-037EF2970034}"= "c:\progra~1\TALLEM~1\ONLINE~1\oaevent.dll" [2009-12-05 923336]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2007-05-11 02:06 40048 ----a-w- c:\program files\Adobe\Reader 8.0\Reader\reader_sl.exe

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedAppl ications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

R1 OADevice;OADriver;c:\windows\system32\drivers\OADriver.sys [23/02/2010 22:16 223312]
R1 OAmon;OAmon;c:\windows\system32\drivers\OAmon.sys [23/02/2010 22:16 24656]
R1 OAnet;OAnet;c:\windows\system32\drivers\OAnet.sys [23/02/2010 22:16 29776]
R1 SAVRKBootTasks;Boot Tasks Driver;c:\windows\system32\SAVRKBootTasks.sys [23/02/2010 22:11 18816]
R2 a2free;a-squared Free Service;c:\program files\a-squared Free\a2service.exe [23/02/2010 20:36 1858144]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\Avira\AntiVir Desktop\sched.exe [05/09/2009 10:37 108289]
R2 OAcat;Online Armor Helper Service;c:\program files\Tall Emu\Online Armor\oacat.exe [23/02/2010 22:16 1282248]
R2 SvcOnlineArmor;Online Armor;c:\program files\Tall Emu\Online Armor\oasrv.exe [23/02/2010 22:16 3291336]
R3 RT80x86;Ralink 802.11n Wireless Driver;c:\windows\system32\drivers\rt2860.sys [02/03/2009 03:32 704384]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [02/03/2009 03:30 1684736]
S3 MEMSWEEP2;MEMSWEEP2;\??\c:\windows\system32\1C.tmp --> c:\windows\system32\1C.tmp [?]
.
.
------- Examen supplémentaire -------
.
uStart Page = http://www.gmer.net
Rootkit scan 2010-03-13 11:04
Windows 5.1.2600 Service Pack 3 NTFS

Recherche de processus cachés ...

Recherche d'éléments en démarrage automatique cachés ...

Recherche de fichiers cachés ...

Scan terminé avec succès
Fichiers cachés: 0

**************************************************************************

Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net

device: opened successfully
user: MBR read successfully
called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys >>UNKNOWN [0x86536369]<<
kernel: MBR read successfully
detected MBR rootkit hooks:
\Driver\Disk -> CLASSPNP.SYS @ 0xf75ccf28
\Driver\ACPI -> ACPI.sys @ 0xf745ecb8
\Driver\atapi -> atapi.sys @ 0xf7416852
\Driver\iaStor -> iaStor.sys @ 0xf7373e74
IoDeviceObjectType -> DeleteProcedure -> ntkrnlpa.exe @ 0x805836a8
ParseProcedure -> ntkrnlpa.exe @ 0x805827e8
\Device\Harddisk0\DR0 -> DeleteProcedure -> ntkrnlpa.exe @ 0x805836a8
ParseProcedure -> ntkrnlpa.exe @ 0x805827e8
user & kernel MBR OK

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\MEMSWEEP2]
"ImagePath"="\??\c:\windows\system32\1C.tmp"
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify]
@DACL=(02 0000)

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
@DACL=(02 0000)
@SACL=
@=""
"DLLName"="igfxdev.dll"
"Asynchronous"=dword:00000001
"Impersonate"=dword:00000001
"Unlock"="WinlogonUnlockEvent"
.
--------------------- DLLs chargées dans les processus actifs ---------------------

- - - - - - - > 'explorer.exe'(3048)
c:\program files\Tall Emu\Online Armor\OAwatch.dll
c:\program files\ASUS\Eee Storage\XPClient.dll
c:\windows\system32\btmmhook.dll
c:\windows\system32\eappprxy.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\btncopy.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
c:\program files\Fichiers communs\Adobe\Acrobat\ActiveX\PDFShell.dll
c:\program files\Fichiers communs\Adobe\Acrobat\ActiveX\PDFShell.FRA
.
------------------------ Autres processus actifs ------------------------
.
c:\program files\Avira\AntiVir Desktop\avguard.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\windows\RTHDCPL.EXE
c:\windows\system32\igfxsrvc.exe
c:\windows\system32\igfxext.exe
c:\program files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
c:\program files\Tall Emu\Online Armor\OAhlp.exe
c:\windows\system32\wbem\wmiapsrv.exe
.
**************************************************************************
.
Heure de fin: 2010-03-13 11:12:35 - La machine a redémarré
ComboFix-quarantined-files.txt 2010-03-13 16:12
ComboFix2.txt 2010-03-10 03:35

Avant-CF: 42 898 468 864 octets libres
Après-CF: 42 864 996 352 octets libres

- - End Of File - - 67A960C0BD45835890052DAED962D565

re,
refais ceci:

Ensuite fais ceci:

Télécharge Malwarebytes' Anti-Malware et installe le (assure toi qu'il se soit bien mis à jour avant de passer à la suite).

-->source ici
note:
=========
Si tu as déjà le logiciel sur ta machine, faire une mise à jour

ensuite,

* Redémarre en mode sans échec :

o Après avoir entendu l'ordinateur biper lors du démarrage, mais avant que l'icône Windows apparaisse, tapote la touche F8 (une pression par seconde).
o A la place du chargement normal de Windows, un menu avec différentes options devrait aparaître.
o Choisis la première option, pour exécuter Windows en mode sans échec, puis appuie sur "Entrée".
o Choisis ton compte.

* Si besoin: pour une aide visuelle clic ici

* Lance MBAM et sélectionne "Exécuter un examen rapide". Patiente le temps du scan.
* Une fois le scan terminé,clique sur "Supprimer la sélection".


Si MBAM a besoin de redémarrer pour terminer la suppression, accepte en cliquant sur Ok.
Enregistre le rapport sur ton Bureau lorsqu'il s'affichera.
Poste le rapport dans ta prochaine réponse.

ps:
--->aide visuelle sur Mbam ici

Re,

Je n'arrive toujours pas a démarrer en mode sans échec, mais voici le rapport en mode normal:

Malwarebytes' Anti-Malware 1.44
Version de la base de données: 3868
Windows 5.1.2600 Service Pack 3
Internet Explorer 6.0.2900.5512

14/03/2010 18:22:20
mbam-log-2010-03-14 (18-22-19).txt

Type de recherche: Examen rapide
Eléments examinés: 114197
Temps écoulé: 6 minute(s), 54 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 4
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 0

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\{19127ad2-394b-70f5-c650-b97867baa1f7} (Backdoor.Bot) -> Quarantined and deleted successfully.
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\{43bf8cd1-c5d5-2230-7bb2-98f22c2b7dc6} (Backdoor.Bot) -> Quarantined and deleted successfully.
HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\{19127ad2-394b-70f5-c650-b97867baa1f7} (Backdoor.Bot) -> Quarantined and deleted successfully.
HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\{43bf8cd1-c5d5-2230-7bb2-98f22c2b7dc6} (Backdoor.Bot) -> Quarantined and deleted successfully.

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
(Aucun élément nuisible détecté)

re,
La machine ne peut pas démarrer en mode sans echec, voila ce qu'on va faire :

* Télécharge SafeBootKeyRepair de sUBs sur ton bureau.
http://download.bleepingcomputer.com/sU ... Repair.exe
* Lance-le et suis les instructions.
* Quand il a fini, essaye de démarrer en mode sans echec.

re,

Opération effectuée, mais toujours impossible de démarrer en mode sans échec.

Si ca t'intéresse, voici le rapport de l'opération:

Reg export of SafeBoot key after repair:
========================

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot]
"AlternateShell"="cmd.exe"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\AppMgmt]
@="Service"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\Base]
@="Driver Group"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\Boot Bus Extender]
@="Driver Group"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\Boot file system]
@="Driver Group"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\CryptSvc]
@="Service"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\DcomLaunch]
@="Service"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\dmadmin]
@="Service"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\dmboot.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\dmio.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\dmload.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\dmserver]
@="Service"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\EventLog]
@="Service"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\File system]
@="Driver Group"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\Filter]
@="Driver Group"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\HelpSvc]
@="Service"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\Netlogon]
@="Service"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\PCI Configuration]
@="Driver Group"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\PEVSystemStart]
@="Service"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\PlugPlay]
@="Service"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\PNP Filter]
@="Driver Group"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\Primary disk]
@="Driver Group"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\procexp90.Sys]
@="Driver"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\RpcSs]
@="Service"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\SCSI Class]
@="Driver Group"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\sermouse.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\sr.sys]
@="FSFilter System Recovery"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\SRService]
@="Service"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\System Bus Extender]
@="Driver Group"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\vga.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\vgasave.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\WinMgmt]
@="Service"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\{36FC9E60-C465-11CF-8056-444553540000}]
@="Universal Serial Bus controllers"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\{4D36E965-E325-11CE-BFC1-08002BE10318}]
@="CD-ROM Drive"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\{4D36E967-E325-11CE-BFC1-08002BE10318}]
@="DiskDrive"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\{4D36E969-E325-11CE-BFC1-08002BE10318}]
@="Standard floppy disk controller"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\{4D36E96A-E325-11CE-BFC1-08002BE10318}]
@="Hdc"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\{4D36E96B-E325-11CE-BFC1-08002BE10318}]
@="Keyboard"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\{4D36E96F-E325-11CE-BFC1-08002BE10318}]
@="Mouse"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\{4D36E977-E325-11CE-BFC1-08002BE10318}]
@="PCMCIA Adapters"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\{4D36E97B-E325-11CE-BFC1-08002BE10318}]
@="SCSIAdapter"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\{4D36E97D-E325-11CE-BFC1-08002BE10318}]
@="System"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\{4D36E980-E325-11CE-BFC1-08002BE10318}]
@="Floppy disk drive"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\{71A27CDD-812A-11D0-BEC7-08002BE2092F}]
@="Volume"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}]
@="Human Interface Devices"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\AFD]
@="Service"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\AppMgmt]
@="Service"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\Base]
@="Driver Group"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\Boot Bus Extender]
@="Driver Group"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\Boot file system]
@="Driver Group"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\Browser]
@="Service"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\CryptSvc]
@="Service"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\DcomLaunch]
@="Service"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\Dhcp]
@="Service"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\dmadmin]
@="Service"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\dmboot.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\dmio.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\dmload.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\dmserver]
@="Service"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\DnsCache]
@="Service"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\EventLog]
@="Service"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\File system]
@="Driver Group"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\Filter]
@="Driver Group"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\HelpSvc]
@="Service"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\ip6fw.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\ipnat.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\LanmanServer]
@="Service"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\LanmanWorkstatio n]
@="Service"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\LmHosts]
@="Service"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\Messenger]
@="Service"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\NDIS]
@="Driver Group"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\NDIS Wrapper]
@="Driver Group"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\Ndisuio]
@="Service"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\NetBIOS]
@="Service"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\NetBIOSGroup]
@="Driver Group"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\NetBT]
@="Service"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\NetDDEGroup]
@="Driver Group"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\Netlogon]
@="Service"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\NetMan]
@="Service"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\Network]
@="Driver Group"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\NetworkProvider]
@="Driver Group"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\NtLmSsp]
@="Service"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\PCI Configuration]
@="Driver Group"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\PEVSystemStart]
@="Service"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\PlugPlay]
@="Service"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\PNP Filter]
@="Driver Group"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\PNP_TDI]
@="Driver Group"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\Primary disk]
@="Driver Group"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\procexp90.Sys]
@="Driver"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\rdpcdd.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\rdpdd.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\rdpwd.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\rdsessmgr]
@="Service"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\RpcSs]
@="Service"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\SCSI Class]
@="Driver Group"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\sermouse.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\SharedAccess]
@="Service"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\sr.sys]
@="FSFilter System Recovery"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\SRService]
@="Service"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\Streams Drivers]
@="Driver Group"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\System Bus Extender]
@="Driver Group"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\Tcpip]
@="Service"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\TDI]
@="Driver Group"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\tdpipe.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\tdtcp.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\termservice]
@="Service"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\vga.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\vgasave.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\WinMgmt]
@="Service"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\{36FC9E60-C465-11CF-8056-444553540000}]
@="Universal Serial Bus controllers"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\{4D36E965-E325-11CE-BFC1-08002BE10318}]
@="CD-ROM Drive"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\{4D36E967-E325-11CE-BFC1-08002BE10318}]
@="DiskDrive"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\{4D36E969-E325-11CE-BFC1-08002BE10318}]
@="Standard floppy disk controller"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\{4D36E96A-E325-11CE-BFC1-08002BE10318}]
@="Hdc"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\{4D36E96B-E325-11CE-BFC1-08002BE10318}]
@="Keyboard"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\{4D36E96F-E325-11CE-BFC1-08002BE10318}]
@="Mouse"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\{4D36E972-E325-11CE-BFC1-08002BE10318}]
@="Net"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\{4D36E973-E325-11CE-BFC1-08002BE10318}]
@="NetClient"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\{4D36E974-E325-11CE-BFC1-08002BE10318}]
@="NetService"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\{4D36E975-E325-11CE-BFC1-08002BE10318}]
@="NetTrans"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\{4D36E977-E325-11CE-BFC1-08002BE10318}]
@="PCMCIA Adapters"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\{4D36E97B-E325-11CE-BFC1-08002BE10318}]
@="SCSIAdapter"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\{4D36E97D-E325-11CE-BFC1-08002BE10318}]
@="System"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\{4D36E980-E325-11CE-BFC1-08002BE10318}]
@="Floppy disk drive"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\{71A27CDD-812A-11D0-BEC7-08002BE2092F}]
@="Volume"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}]
@="Human Interface Devices"

========================

HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\minimal\PEVSystemStart
HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\minimal\procexp90.Sys

re,
ok si après redémarrage l'OS ne veut pas du mode sans échec...l'OS est corrompu sans aucun doute possible

Ok, donc il faudrait que j'essaye le CD fourni avec la boite du PC ou que je trouve un CD de Windows XP sp3...?
Faut-il formater avant de faire une telle opération?

re,
je conseille une réparation avec le cd de XPSP3, c'est plus facile

Salut,

je voulais savoir si je pouvais restaurer windows xp sp3 à partir d'une image CD fourni sur le site de windows et avec Daemon tools, ou il faut obligatoirement un CD physique?

re,
là je ne capte pas bien

tu me précises ?

En fait, sur le site internet de microsoft, tu peux télécharger ce fichier:
Windows XP Service Pack 3 - Fichier d'image de CD ISO-9660

Je demandais si je pouvais résoudre mes problemes en téléchargeant ce fichier, le faire marcher avec Daemon tools pour qu'il répare les fichiers qui sont corrompus.

Mais je crois que ca n'installe que les mises à jours pour passer au sp3. Du coup, je pense que je vais tenter le coup avec le DVD de restauration fourni car je n'ai que ça!

re,

non il sagit du sp3 mis sur un cd, et non de l'install complet de Windows SP3

l'équivalent de ceci...
http://mi.cnrs-orleans.fr/Updates/WinXP ... Xp_Sp3.htm