Aller au contenu


  • Compteur de contenus

  • Inscription

  • Dernière visite

Tout ce qui a été posté par NickCouk

  1. Merci pour le lien.... J'ai essayé de désactiver certains services, et verrai dans les temps qui viennent si ça aide.
  2. Bonjour, J'ai un petit soucis de lenteur avec mon PC et serais content si vous pouviez m'aider à résoudre le problème, s'il vous plait. Une fois par jour, un processus (svchost.exe) occupe plus de 100,000 Ko de mémoire et me bloque l'ordi pendant environ 30 minutes (parfois, un processus wuauclt.exe prend le relais). Ni Malwarebytes' Anti-Malware ni Avira ne détectent de virus et j'ai récemment dû réinstaller tout sur l'ordi). Je n'arrive pas à identifier d'où vient le problème et comment le résoudre (je pensais au début que c'étaient les mises à jour Windows qui engendraient ça... mais je ne suis pas sûr). Merci en tout cas d'avance pour votre aide N.C.
  3. Bonjour ! OK, merci pour le retour. Oui Eh bien très grand merci à tous les deux... et aussi merci a Bleuet qui avait ete un des premiers a poster une réponse sur mon sujet Ciao Nick
  4. Bonsoir... OK, merci Antivir semble OK... Il m'a juste détecté un objet "hidden": Starting search for hidden objects. HKEY_LOCAL_MACHINE\System\ControlSet001\Services\NtmsSvc\Config\Standalone\drivelist [NOTE] The registry entry is invisible. J'ai passé MBAM "rapide", et il ne m'a rien détecté d'anormal... ... Et voilà... un pc presque tout neuf... Merci.... A+ Nick
  5. Bonsoir... Oui, j'ai l'impression... en tout cas j'espere... J'ai IExplorer 8... peut-etre devrais-je mettre le 9, puis ce sera tout. Maintenant, il ne me reste plus qu'a passer un scan complet avec MBAM et antivir, puis ce sera quasi comme a l'origine .... Mais bon, apres cette looooooongue journee, les scans attendront demain... J'ai hate d'aller ..... Bon WeekEnd !!! Nick
  6. Bonsoir TomTom et Tibonhomme !!! @Tibonhomme: Merci pour les explications complémentaires sur les rapports... Oui, espérons Ca ne peut pas venir d'une mauvaise mise à jour de ma part de IExplorer qui aurait commencé a télécharger des mises à jour de SP3 ?... Oh, non, faut pas être désolé. Vous avez fait tout ce que vous avez pu et c'est déjà plus que ce que j'aurai pu tester tout seul... Oops... trop tard ... ça peut créer des problèmes plus tard ou je les aurais déjà remarqués à l'installation ? OK, merci pour l'info... D'accord, merci pour votre disponibilité . @TomTom: Ah, oui, merci, je l'aurais oublié cette mise à jour là... Ok, merci pour la proposition . Je pense finir demain soir. A+ N.
  7. Bonjour, Voilà, j'ai commencé l'installation... Antivir, SP3... et tout le reste... je n'ai pas encore fini, mais jusqu'à présent, ça a l'air l'aller... Par contre, petite question, avant de refaire trop de bêtises, je voulais juste m'assurer: il n'y a pas d'incompatibilité entre Antivir, CCleaner, Malwarebytes' Anti-Malware et PSI Secunia.. ? Je peux avoir les 4 sur mon PC, n'est-ce pas ? Sinon, en re-installant tout, je me suis rappelé quelque chose: je ne sais pas si c'est lié au beug, mais pour ce qui est de SP3 installé partiellement sur l'ancienne installation, la raison est peut-être la suivante: environ 3 semaine avant le beug, j'ai fait une mise à jour de IExplorer vers IE8... je n'ai ensuite plus utilisé IE, mais il me semble que juste après l'installation, il m'a mis quelques message d'erreurs concernant les incompatibilités de version ou de-je-sais-plus-trop-quoi... Bref... je finirai tout ça demain Merci encore A+ Nick
  8. Bonsoir, OK, je vais tenter de commencer la reinstallation ce soir... En tout cas, merci beaucoup a tous les deux pour votre aide, pour tout le temps passe, pour la patience, votre tenacite... et pour votre sympathie.... Je vous tiendrai au courant du resultat... je croise les doigts. A+ Nick
  9. Bonjour, euh... non... j'ai juste insere le DVD-ROM de restauration Toshiba, mais sans aller plus loin que les menus principaux... mais comme il ne me proposait pas de "recuperation", j'ai fait les manip avec un cd de recup issu du net ( trouve sur "")... a+ N.
  10. Bonsoir... Merci pour la traduction des resultats de TestDisk . Merci pour ces nouvelles instructions. Voici le resultat: Je n'ai pas l'ecran "continue" entre "proceed" et "Intel". Quand je clique Proceed, il passe direct a l'ecran avec Intel Apres, j'ai: Partition Start End Size in sectors 1 * HPFS - NTFS 0 1 1 12160 254 63 195366402 Oui, il est marque la meme chose qu'avant, mais surligne en vert. Oui, HPFS - NTFS 0 1 1 12160 254 63 195366402 est bien la seule partition affichee. Elle est deja affichee durant l'analyse, alors que les pourcentages defilent (mais sans l'asterix devant). A la fin du scan, un D apparait devant. Et au-dessus, une "deuxieme" partition apparait: D HPFS - NTFS 0 1 1 12134 254 63 194948712 Si je selectionne cette partition, en bas de page, il est ecrit: "NFTS found using backup sector!, 99 GB / 92 GiB" Si je selectionne la partition que tu mentionne, il est ecrit "NFTS, 100 GB / 93 GiB" Dans le D HPFS - NTFS 0 1 1 12160 254 63 195366402 que tu mentionnais, il y a bien des dossiers (les droits en ecriture/lecture (me semble-t-il) dans la premiere colomne (genre dr-xr-xr-x), 0 dans la deuxieme et troisieme colomne, un nombre dans la troisieme (tailles des dossiers?), les dates, et les noms de dossier (Documents and Settings, aec.sys, agp440.sys, atapi.sys, AUTOEXEC.BAT, boot.ini, bootex.log, Bootfont.bin, cdrom.sys, Config.Msi, disk.sys, drwtsn32.log, Extras.Txt, hiberfil.sys, I386,, ............ TOOLSCD, VALUEADD, WINDOWS) La lettre devant est un D. Dans cette partition qui est apparue(D HPFS - NTFS 0 1 1 12134 254 63 194948712 liee au message "NFTS found using backup sector!, 99 GB / 92 GiB"), si je tape P, il me dit: "Can't open filesystem. Filesystem seems damaged" Et voila... ... ce dernier message ne me dit rien de bien... et vous ? A+ Nick
  11. J'avais pourtant fait les deux... je ne sais pas pourquoi il n'est pas apparu dans le log?... Bref, je l'ai refait et le revoila : Search results for TSXT_kern_i386.sys 342574b9ce3adee78cb5d7d67c0b911e /mnt/sda1/Program Files/TOSHIBA/Tvs/TSXT_kern_i386.sys 28.5K Jul 28 2004 342574b9ce3adee78cb5d7d67c0b911e /mnt/sda1/WINDOWS/system32/drivers/TSXT_kern_i386.sys 28.5K Jul 28 2004 Search results for WOWXT_kern_i386.sys 97eb24f1a5c3e78a61158b2531d61ba4 /mnt/sda1/Program Files/TOSHIBA/Tvs/WOWXT_kern_i386.sys 27.4K May 21 2004 97eb24f1a5c3e78a61158b2531d61ba4 /mnt/sda1/WINDOWS/system32/drivers/WOWXT_kern_i386.sys 27.4K May 21 2004
  12. voila, c'est fait ... Ici, le fichier testdisk1.log Mon May 16 14:15:34 2011 Command line: TestDisk TestDisk 6.12-WIP, Data Recovery Utility, April 2010 Christophe GRENIER <> Main Page - CGSecurity OS: Linux, kernel (#5 SMP Mon Dec 7 11:56:35 UTC 2009) i686 Compiler: GCC 4.4 - Jul 27 2010 17:00:22 ext2fs lib: 1.41.9, ntfs lib: 10:0:0, reiserfs lib: 0.3.1-rc8, ewf lib: 20080501 /dev/sda: LBA, HPA, LBA48, DCO support /dev/sda: size 195371568 sectors /dev/sda: user_max 195371568 sectors /dev/sda: native_max 195371568 sectors /dev/sda: dco 195371568 sectors Warning: can't get size for Disk /dev/mapper/control - 0 B - CHS 1 1 1, sector size=512 /dev/sr0 is not an ATA disk Hard disk list Disk /dev/sda - 100 GB / 93 GiB - CHS 12161 255 63, sector size=512 - ATA TOSHIBA MK1031GA Disk /dev/sdb - 8006 MB / 7636 MiB - CHS 1021 247 62, sector size=512 - Kingston DataTraveler G3 Disk /dev/sr0 - 67 MB / 64 MiB - CHS 32770 1 1 (RO), sector size=2048 - MATSHITA DVD-RAM UJ-831S Partition table type (auto): Intel Disk /dev/sda - 100 GB / 93 GiB - ATA TOSHIBA MK1031GA Partition table type: Intel Analyse Disk /dev/sda - 100 GB / 93 GiB - CHS 12161 255 63 Geometry from i386 MBR: head=255 sector=63 NTFS at 0/1/1 get_geometry_from_list_part_aux head=255 nbr=2 get_geometry_from_list_part_aux head=8 nbr=1 get_geometry_from_list_part_aux head=16 nbr=1 get_geometry_from_list_part_aux head=32 nbr=1 get_geometry_from_list_part_aux head=64 nbr=1 get_geometry_from_list_part_aux head=128 nbr=1 get_geometry_from_list_part_aux head=240 nbr=1 get_geometry_from_list_part_aux head=255 nbr=2 Current partition structure: 1 * HPFS - NTFS 0 1 1 12160 254 63 195366402 Ask the user for vista mode Allow partial last cylinder : No search_vista_part: 0 search_part() Disk /dev/sda - 100 GB / 93 GiB - CHS 12161 255 63 NTFS at 0/1/1 filesystem size 195366402 sectors_per_cluster 8 mft_lcn 16 mftmirr_lcn 3052617 clusters_per_mft_record -10 clusters_per_index_record 1 HPFS - NTFS 0 1 1 12160 254 63 195366402 NTFS, 100 GB / 93 GiB get_geometry_from_list_part_aux head=255 nbr=2 get_geometry_from_list_part_aux head=8 nbr=1 get_geometry_from_list_part_aux head=16 nbr=1 get_geometry_from_list_part_aux head=32 nbr=1 get_geometry_from_list_part_aux head=64 nbr=1 get_geometry_from_list_part_aux head=128 nbr=1 get_geometry_from_list_part_aux head=240 nbr=1 get_geometry_from_list_part_aux head=255 nbr=2 Results * HPFS - NTFS 0 1 1 12160 254 63 195366402 NTFS, 100 GB / 93 GiB interface_write() 1 * HPFS - NTFS 0 1 1 12160 254 63 195366402 search_part() Disk /dev/sda - 100 GB / 93 GiB - CHS 12161 255 63 NTFS at 0/1/1 filesystem size 195366402 sectors_per_cluster 8 mft_lcn 16 mftmirr_lcn 3052617 clusters_per_mft_record -10 clusters_per_index_record 1 HPFS - NTFS 0 1 1 12160 254 63 195366402 NTFS, 100 GB / 93 GiB NTFS at 12134/254/63 filesystem size 194948712 sectors_per_cluster 8 mft_lcn 16 mftmirr_lcn 3046090 clusters_per_mft_record -10 clusters_per_index_record 1 HPFS - NTFS 0 1 1 12134 254 63 194948712 NTFS found using backup sector!, 99 GB / 92 GiB NTFS at 12160/254/63 filesystem size 195366402 sectors_per_cluster 8 mft_lcn 16 mftmirr_lcn 3052617 clusters_per_mft_record -10 clusters_per_index_record 1 HPFS - NTFS 0 1 1 12160 254 63 195366402 NTFS found using backup sector!, 100 GB / 93 GiB get_geometry_from_list_part_aux head=255 nbr=4 get_geometry_from_list_part_aux head=8 nbr=2 get_geometry_from_list_part_aux head=16 nbr=2 get_geometry_from_list_part_aux head=32 nbr=2 get_geometry_from_list_part_aux head=64 nbr=2 get_geometry_from_list_part_aux head=128 nbr=2 get_geometry_from_list_part_aux head=240 nbr=2 get_geometry_from_list_part_aux head=255 nbr=4 Results HPFS - NTFS 0 1 1 12134 254 63 194948712 NTFS found using backup sector!, 99 GB / 92 GiB HPFS - NTFS 0 1 1 12160 254 63 195366402 NTFS, 100 GB / 93 GiB interface_write() No partition found or selected for recovery simulate write! write_mbr_i386: starting... write_all_log_i386: starting... No extended partition TestDisk exited normally. =============================================================================== Voila le testdisk.log: Mon May 16 14:33:48 2011 Command line: TestDisk TestDisk 6.12-WIP, Data Recovery Utility, April 2010 Christophe GRENIER <> Main Page - CGSecurity OS: Linux, kernel (#5 SMP Mon Dec 7 11:56:35 UTC 2009) i686 Compiler: GCC 4.4 - Jul 27 2010 17:00:22 ext2fs lib: 1.41.9, ntfs lib: 10:0:0, reiserfs lib: 0.3.1-rc8, ewf lib: 20080501 /dev/sda: LBA, HPA, LBA48, DCO support /dev/sda: size 195371568 sectors /dev/sda: user_max 195371568 sectors /dev/sda: native_max 195371568 sectors /dev/sda: dco 195371568 sectors Warning: can't get size for Disk /dev/mapper/control - 0 B - CHS 1 1 1, sector size=512 /dev/sr0 is not an ATA disk Hard disk list Disk /dev/sda - 100 GB / 93 GiB - CHS 12161 255 63, sector size=512 - ATA TOSHIBA MK1031GA Disk /dev/sdb - 8006 MB / 7636 MiB - CHS 1021 247 62, sector size=512 - Kingston DataTraveler G3 Disk /dev/sr0 - 67 MB / 64 MiB - CHS 32770 1 1 (RO), sector size=2048 - MATSHITA DVD-RAM UJ-831S Partition table type (auto): Intel Disk /dev/sda - 100 GB / 93 GiB - ATA TOSHIBA MK1031GA Partition table type: Intel Interface Advanced Geometry from i386 MBR: head=255 sector=63 NTFS at 0/1/1 get_geometry_from_list_part_aux head=255 nbr=2 get_geometry_from_list_part_aux head=8 nbr=1 get_geometry_from_list_part_aux head=16 nbr=1 get_geometry_from_list_part_aux head=32 nbr=1 get_geometry_from_list_part_aux head=64 nbr=1 get_geometry_from_list_part_aux head=128 nbr=1 get_geometry_from_list_part_aux head=240 nbr=1 get_geometry_from_list_part_aux head=255 nbr=2 1 * HPFS - NTFS 0 1 1 12160 254 63 195366402 NTFS, 100 GB / 93 GiB ntfs_boot_sector 1 * HPFS - NTFS 0 1 1 12160 254 63 195366402 NTFS, 100 GB / 93 GiB NTFS at 0/1/1 NTFS at 0/1/1 filesystem size 195366402 sectors_per_cluster 8 mft_lcn 16 mftmirr_lcn 3052617 clusters_per_mft_record -10 clusters_per_index_record 1 Boot sector Status: OK Backup boot sector Status: OK Sectors are identical. A valid NTFS Boot sector must be present in order to access any data; even if the partition is not bootable. Boot sector Backup boot sector 0000 eb52904e 54465320 .R.NTFS eb52904e 54465320 .R.NTFS 0008 20202000 02080000 ..... 20202000 02080000 ..... 0010 00000000 00f80000 ........ 00000000 00f80000 ........ 0018 3f00ff00 3f000000 ?...?... 3f00ff00 3f000000 ?...?... 0020 00000000 80008000 ........ 00000000 80008000 ........ 0028 010ea50b 00000000 ........ 010ea50b 00000000 ........ 0030 10000000 00000000 ........ 10000000 00000000 ........ 0038 49942e00 00000000 I....... 49942e00 00000000 I....... 0040 f6000000 01000000 ........ f6000000 01000000 ........ 0048 4804a308 44a30834 H...D..4 4804a308 44a30834 H...D..4 0050 00000000 fa33c08e .....3.. 00000000 fa33c08e .....3.. 0058 d0bc007c fbb8c007 ...|.... d0bc007c fbb8c007 ...|.... 0060 8ed8e816 00b8000d ........ 8ed8e816 00b8000d ........ 0068 8ec033db c6060e00 ..3..... 8ec033db c6060e00 ..3..... 0070 10e85300 68000d68 ..S.h..h 10e85300 68000d68 ..S.h..h 0078 6a02cb8a 162400b4 j....$.. 6a02cb8a 162400b4 j....$.. 0080 08cd1373 05b9ffff ...s.... 08cd1373 05b9ffff ...s.... 0088 8af1660f b6c64066 ..f...@f 8af1660f b6c64066 ..f...@f 0090 0fb6d180 e23ff7e2 .....?.. 0fb6d180 e23ff7e2 .....?.. 0098 86cdc0ed 0641660f .....Af. 86cdc0ed 0641660f .....Af. 00A0 b7c966f7 e166a320 ..f..f. b7c966f7 e166a320 ..f..f. 00A8 00c3b441 bbaa558a ...A..U. 00c3b441 bbaa558a ...A..U. 00B0 162400cd 13720f81 .$...r.. 162400cd 13720f81 .$...r.. 00B8 fb55aa75 09f6c101 .U.u.... fb55aa75 09f6c101 .U.u.... 00C0 7404fe06 1400c366 t......f 7404fe06 1400c366 t......f 00C8 601e0666 a1100066 `..f...f 601e0666 a1100066 `..f...f 00D0 03061c00 663b0620 ....f;. 03061c00 663b0620 ....f;. 00D8 000f823a 001e666a 000f823a 001e666a 00E0 00665006 53666810 .fP.Sfh. 00665006 53666810 .fP.Sfh. 00E8 00010080 3e140000 ....>... 00010080 3e140000 ....>... 00F0 0f850c00 e8b3ff80 ........ 0f850c00 e8b3ff80 ........ 00F8 3e140000 0f846100 >.....a. 3e140000 0f846100 >.....a. 0100 b4428a16 2400161f .B..$... b4428a16 2400161f .B..$... 0108 8bf4cd13 66585b07 ....fX[. 8bf4cd13 66585b07 ....fX[. 0110 66586658 1feb2d66 fXfX..-f 66586658 1feb2d66 fXfX..-f 0118 33d2660f b70e1800 3.f..... 33d2660f b70e1800 3.f..... 0120 66f7f1fe c28aca66 f......f 66f7f1fe c28aca66 f......f 0128 8bd066c1 ea10f736 ..f....6 8bd066c1 ea10f736 ..f....6 0130 1a0086d6 8a162400 ......$. 1a0086d6 8a162400 ......$. 0138 8ae8c0e4 060accb8 ........ 8ae8c0e4 060accb8 ........ 0140 0102cd13 0f821900 ........ 0102cd13 0f821900 ........ 0148 8cc00520 008ec066 ... ...f 8cc00520 008ec066 ... ...f 0150 ff061000 ff0e0e00 ........ ff061000 ff0e0e00 ........ 0158 0f856fff 071f6661 ..o...fa 0f856fff 071f6661 ..o...fa 0160 c3a0f801 e80900a0 ........ c3a0f801 e80900a0 ........ 0168 fb01e803 00fbebfe ........ fb01e803 00fbebfe ........ 0170 b4018bf0 ac3c0074 .....<.t b4018bf0 ac3c0074 .....<.t 0178 09b40ebb 0700cd10 ........ 09b40ebb 0700cd10 ........ 0180 ebf2c30d 0a412064 .....A d ebf2c30d 0a412064 .....A d 0188 69736b20 72656164 isk read 69736b20 72656164 isk read 0190 20657272 6f72206f error o 20657272 6f72206f error o 0198 63637572 72656400 ccurred. 63637572 72656400 ccurred. 01A0 0d0a4e54 4c445220 ..NTLDR 0d0a4e54 4c445220 ..NTLDR 01A8 6973206d 69737369 is missi 6973206d 69737369 is missi 01B0 6e67000d 0a4e544c ng...NTL 6e67000d 0a4e544c ng...NTL 01B8 44522069 7320636f DR is co 44522069 7320636f DR is co 01C0 6d707265 73736564 mpressed 6d707265 73736564 mpressed 01C8 000d0a50 72657373 ...Press 000d0a50 72657373 ...Press 01D0 20437472 6c2b416c Ctrl+Al 20437472 6c2b416c Ctrl+Al 01D8 742b4465 6c20746f t+Del to 742b4465 6c20746f t+Del to 01E0 20726573 74617274 restart 20726573 74617274 restart 01E8 0d0a0000 00000000 ........ 0d0a0000 00000000 ........ 01F0 00000000 00000000 ........ 00000000 00000000 ........ 01F8 83a0b3c9 000055aa ......U. 83a0b3c9 000055aa ......U. ntfs_boot_sector 1 * HPFS - NTFS 0 1 1 12160 254 63 195366402 NTFS, 100 GB / 93 GiB NTFS at 0/1/1 NTFS at 0/1/1 filesystem size 195366402 sectors_per_cluster 8 mft_lcn 16 mftmirr_lcn 3052617 clusters_per_mft_record -10 clusters_per_index_record 1 Boot sector Status: OK Backup boot sector Status: OK Sectors are identical. A valid NTFS Boot sector must be present in order to access any data; even if the partition is not bootable. TestDisk exited normally. ====================================================================== et voila le filefind.txt: Search results for TSXT_kern_i386.sys 342574b9ce3adee78cb5d7d67c0b911e /mnt/sda1/Program Files/TOSHIBA/Tvs/TSXT_kern_i386.sys 28.5K Jul 28 2004 342574b9ce3adee78cb5d7d67c0b911e /mnt/sda1/WINDOWS/system32/drivers/TSXT_kern_i386.sys 28.5K Jul 28 2004 =============================================================================== Merci et A+ N.
  13. re, lors de l'etape 2, le texte de la partition n est plus surligne en vert mais en blanc... ce signifie quelque chose ce code de couleur ou je continue quand meme ? A+ N.
  14. Bonjour, OK, je commence la procedure... A+ N.
  15. et voila la deuxieme partie OTLPE... Ca m a l air ok, mais comme la procedure a l air critique, je vais quand meme attendre votre feu vert avant de passer a xPud... ========== OTL ========== ========== FILES ========== aec.sys extracted to C:\ aec.sys extracted to C:\ File C:\windows\system32\drivers\aec.sys successfully replaced with c:\aec.sys AGP440.sys extracted to C:\ AGP440.sys extracted to C:\ File C:\windows\system32\drivers\agp440.sys successfully replaced with c:\agp440.sys atapi.sys extracted to C:\ atapi.sys extracted to C:\ File C:\windows\system32\drivers\atapi.sys successfully replaced with c:\atapi.sys cdrom.sys extracted to C:\ cdrom.sys extracted to C:\ File c:\windows\system32\drivers\cdrom.sys successfully replaced with c:\cdrom.sys disk.sys extracted to C:\ disk.sys extracted to C:\ File c:\windows\system32\drivers\disk.sys successfully replaced with c:\disk.sys i8042prt.sys extracted to C:\ i8042prt.sys extracted to C:\ File c:\windows\system32\drivers\i8042prt.sys successfully replaced with c:\i8042prt.sys imapi.sys extracted to C:\ imapi.sys extracted to C:\ File c:\windows\system32\drivers\imapi.sys successfully replaced with c:\imapi.sys intelide.sys extracted to C:\ intelide.sys extracted to C:\ File c:\windows\system32\drivers\intelide.sys successfully replaced with c:\intelide.sys mrxsmb.sys extracted to C:\ mrxsmb.sys extracted to C:\ File c:\windows\system32\drivers\mrxsmb.sys successfully replaced with c:\mrxsmb.sys redbook.sys extracted to C:\ redbook.sys extracted to C:\ File c:\windows\system32\drivers\redbook.sys successfully replaced with c:\redbook.sys termdd.sys extracted to C:\ termdd.sys extracted to C:\ File c:\windows\system32\drivers\termdd.sys successfully replaced with c:\termdd.sys ========== REGISTRY ========== ========== COMMANDS ========== OTLPE by OldTimer - Version log created on 05162011_071325 Bon Dimanche A+ N.
  16. Bonjour a vous deux... voila les resultats: apres la premiere partie OTLPE ========== OTL ========== ========== FILES ========== File\Folder C:\WINDOWS\Driver Cache\i386\ not found. File\Folder C:\WINDOWS\ServicePackFiles\i386\ not found. File\Folder C:\WINDOWS\Driver Cache\i386\ not found. File\Folder C:\WINDOWS\ServicePackFiles\i386\ not found. File\Folder C:\WINDOWS\Driver Cache\i386\ not found. File\Folder C:\WINDOWS\ServicePackFiles\i386\ not found. File\Folder C:\WINDOWS\Driver Cache\i386\ not found. File\Folder C:\WINDOWS\ServicePackFiles\i386\ not found. File\Folder C:\WINDOWS\Driver Cache\i386\ not found. File\Folder C:\WINDOWS\ServicePackFiles\i386\ not found. File\Folder C:\WINDOWS\Driver Cache\i386\ not found. File\Folder C:\WINDOWS\ServicePackFiles\i386\ not found. File\Folder C:\WINDOWS\Driver Cache\i386\ not found. File\Folder C:\WINDOWS\ServicePackFiles\i386\ not found. File\Folder C:\WINDOWS\Driver Cache\i386\ not found. File\Folder C:\WINDOWS\ServicePackFiles\i386\ not found. File\Folder C:\WINDOWS\Driver Cache\i386\ not found. File\Folder C:\WINDOWS\ServicePackFiles\i386\ not found. File\Folder C:\WINDOWS\SoftwareDistribution\Download\699ee2ac4f9ea8ea1babe26c8f35b4ef\SP3GDR\mrxsmb.sys not found. C:\WINDOWS\$hf_mig$\KB978251\SP3QFE\mrxsmb.sys moved successfully. File\Folder C:\WINDOWS\$hf_mig$\KB978251\SP3GDR\mrxsmb.sys not found. C:\WINDOWS\$hf_mig$\KB957097\SP3QFE\mrxsmb.sys moved successfully. File\Folder C:\WINDOWS\$hf_mig$\KB957097\SP3GDR\mrxsmb.sys not found. C:\WINDOWS\$hf_mig$\KB980232\SP3QFE\mrxsmb.sys moved successfully. File\Folder C:\WINDOWS\$hf_mig$\KB980232\SP3GDR\mrxsmb.sys not found. File\Folder C:\WINDOWS\$hf_mig$\KB2511455\SP3QFE\mrxsmb.sys not found. File\Folder C:\WINDOWS\SoftwareDistribution\Download\699ee2ac4f9ea8ea1babe26c8f35b4ef\SP3QFE\mrxsmb.sys not found. File\Folder C:\WINDOWS\Driver Cache\i386\ not found. File\Folder C:\WINDOWS\ServicePackFiles\i386\ not found. C:\WINDOWS\$hf_mig$\KB968389\SP3QFE\netlogon.dll moved successfully. C:\WINDOWS\$hf_mig$\KB975467\SP3QFE\netlogon.dll moved successfully. C:\WINDOWS\$hf_mig$\KB956572\SP3QFE\services.exe moved successfully. File\Folder C:\WINDOWS\$hf_mig$\KB956572\SP3GDR\services.exe not found. File\Folder C:\WINDOWS\$hf_mig$\KB2347290\SP3QFE\spoolsv.exe not found. File\Folder C:\WINDOWS\$hf_mig$\KB951748\SP3GDR\tcpip.sys not found. C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\tcpip.sys moved successfully. File\Folder C:\WINDOWS\$hf_mig$\KB2509553\SP3QFE\tcpip.sys not found. File\Folder C:\WINDOWS\SoftwareDistribution\Download\f96addb4e216f2399cbadef9606eabb2\sp3qfe\tcpip.sys not found. File\Folder C:\WINDOWS\Driver Cache\i386\ not found. File\Folder C:\WINDOWS\ServicePackFiles\i386\ not found. C:\WINDOWS\$hf_mig$\KB979559\SP3QFE\win32k.sys moved successfully. File\Folder C:\WINDOWS\$hf_mig$\KB979559\SP3GDR\win32k.sys not found. C:\WINDOWS\$hf_mig$\KB969947\SP3QFE\win32k.sys moved successfully. File\Folder C:\WINDOWS\$hf_mig$\KB969947\SP3GDR\win32k.sys not found. File\Folder C:\WINDOWS\SoftwareDistribution\Download\45fa26c815a59b9da6bd422e449ae5ac\sp3gdr\win32k.sys not found. File\Folder C:\WINDOWS\SoftwareDistribution\Download\45fa26c815a59b9da6bd422e449ae5ac\sp3qfe\win32k.sys not found. File\Folder C:\WINDOWS\$hf_mig$\KB2506223\SP3QFE\win32k.sys not found. File\Folder C:\WINDOWS\$hf_mig$\KB2479628\SP3QFE\win32k.sys not found. C:\redbook.sys moved successfully. C:\termdd.sys moved successfully. C:\mrxsmb.sys moved successfully. C:\imapi.sys moved successfully. C:\intelide.sys moved successfully. C:\i8042prt.sys moved successfully. C:\disk.sys moved successfully. C:\cdrom.sys moved successfully. C:\agp440.sys moved successfully. C:\aec.sys moved successfully. C:\atapi.sys moved successfully. ========== REGISTRY ========== HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\shell\open\command\\""|""%1" %*" /E : value set successfully! ========== COMMANDS ========== OTLPE by OldTimer - Version log created on 05162011_070940
  17. Bonsoir a tous les deux... Merci pour la suite des instructions... La permiere partie est faite (OPLTE) voila les fichiers que j'ai recupere avant de redemarrer: OTL: - Service gratuit de dépôt de fichiers Extras: - Service gratuit de dépôt de fichiers et le log... en copie ci-dessous... Bon, je passe a la suite malgre les messages du log ? A+ N. ========== OTL ========== HKU\Nicolas_ON_C\Software\Microsoft\Internet Explorer\Main\\First Home Page| /E : value set successfully! C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF\chrome\content folder moved successfully. C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF\chrome folder moved successfully. C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF folder moved successfully. Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}\ deleted successfully. Error: Unable to interpret <:file> in the current context! Error: Unable to interpret <C:\WINDOWS\Driver Cache\i386\ > in the current context! Error: Unable to interpret <C:\WINDOWS\ServicePackFiles\i386\ > in the current context! Error: Unable to interpret <C:\WINDOWS\Driver Cache\i386\ > in the current context! Error: Unable to interpret <C:\WINDOWS\ServicePackFiles\i386\> in the current context! Error: Unable to interpret <C:\WINDOWS\Driver Cache\i386\> in the current context! Error: Unable to interpret <C:\WINDOWS\ServicePackFiles\i386\ > in the current context! Error: Unable to interpret <C:\WINDOWS\Driver Cache\i386\> in the current context! Error: Unable to interpret <C:\WINDOWS\ServicePackFiles\i386\ > in the current context! Error: Unable to interpret <C:\WINDOWS\Driver Cache\i386\ > in the current context! Error: Unable to interpret <C:\WINDOWS\ServicePackFiles\i386\> in the current context! Error: Unable to interpret <C:\WINDOWS\Driver Cache\i386\ > in the current context! Error: Unable to interpret <C:\WINDOWS\ServicePackFiles\i386\ > in the current context! Error: Unable to interpret <C:\WINDOWS\Driver Cache\i386\ > in the current context! Error: Unable to interpret <C:\WINDOWS\ServicePackFiles\i386\ > in the current context! Error: Unable to interpret <C:\WINDOWS\Driver Cache\i386\ > in the current context! Error: Unable to interpret <C:\WINDOWS\ServicePackFiles\i386\> in the current context! Error: Unable to interpret <C:\WINDOWS\Driver Cache\i386\> in the current context! Error: Unable to interpret <C:\WINDOWS\ServicePackFiles\i386\> in the current context! Error: Unable to interpret <C:\WINDOWS\SoftwareDistribution\Download\699ee2ac4f9ea8ea1babe26c8f35b4ef\SP3GDR\mrxsmb.sys> in the current context! Error: Unable to interpret <C:\WINDOWS\$hf_mig$\KB978251\SP3QFE\mrxsmb.sys> in the current context! Error: Unable to interpret <C:\WINDOWS\$hf_mig$\KB978251\SP3GDR\mrxsmb.sys > in the current context! Error: Unable to interpret <C:\WINDOWS\$hf_mig$\KB957097\SP3QFE\mrxsmb.sys > in the current context! Error: Unable to interpret <C:\WINDOWS\$hf_mig$\KB957097\SP3GDR\mrxsmb.sys > in the current context! Error: Unable to interpret <C:\WINDOWS\$hf_mig$\KB980232\SP3QFE\mrxsmb.sys > in the current context! Error: Unable to interpret <C:\WINDOWS\$hf_mig$\KB980232\SP3GDR\mrxsmb.sys> in the current context! Error: Unable to interpret <C:\WINDOWS\$hf_mig$\KB2511455\SP3QFE\mrxsmb.sys> in the current context! Error: Unable to interpret <C:\WINDOWS\SoftwareDistribution\Download\699ee2ac4f9ea8ea1babe26c8f35b4ef\SP3QFE\mrxsmb.sys > in the current context! Error: Unable to interpret <C:\WINDOWS\Driver Cache\i386\> in the current context! Error: Unable to interpret <C:\WINDOWS\ServicePackFiles\i386\> in the current context! Error: Unable to interpret <C:\WINDOWS\$hf_mig$\KB968389\SP3QFE\netlogon.dll> in the current context! Error: Unable to interpret <C:\WINDOWS\$hf_mig$\KB975467\SP3QFE\netlogon.dll> in the current context! Error: Unable to interpret <C:\WINDOWS\$hf_mig$\KB956572\SP3QFE\services.exe> in the current context! Error: Unable to interpret <C:\WINDOWS\$hf_mig$\KB956572\SP3GDR\services.exe> in the current context! Error: Unable to interpret <C:\WINDOWS\$hf_mig$\KB2347290\SP3QFE\spoolsv.exe> in the current context! Error: Unable to interpret <C:\WINDOWS\$hf_mig$\KB951748\SP3GDR\tcpip.sys> in the current context! Error: Unable to interpret <C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\tcpip.sys> in the current context! Error: Unable to interpret <C:\WINDOWS\$hf_mig$\KB2509553\SP3QFE\tcpip.sys> in the current context! Error: Unable to interpret <C:\WINDOWS\SoftwareDistribution\Download\f96addb4e216f2399cbadef9606eabb2\sp3qfe\tcpip.sys> in the current context! Error: Unable to interpret <C:\WINDOWS\Driver Cache\i386\> in the current context! Error: Unable to interpret <C:\WINDOWS\ServicePackFiles\i386\ > in the current context! Error: Unable to interpret <C:\WINDOWS\$hf_mig$\KB979559\SP3QFE\win32k.sys> in the current context! Error: Unable to interpret <C:\WINDOWS\$hf_mig$\KB979559\SP3GDR\win32k.sys> in the current context! Error: Unable to interpret <C:\WINDOWS\$hf_mig$\KB969947\SP3QFE\win32k.sys > in the current context! Error: Unable to interpret <C:\WINDOWS\$hf_mig$\KB969947\SP3GDR\win32k.sys> in the current context! Error: Unable to interpret <C:\WINDOWS\SoftwareDistribution\Download\45fa26c815a59b9da6bd422e449ae5ac\sp3gdr\win32k.sys > in the current context! Error: Unable to interpret <C:\WINDOWS\SoftwareDistribution\Download\45fa26c815a59b9da6bd422e449ae5ac\sp3qfe\win32k.sys> in the current context! Error: Unable to interpret <C:\WINDOWS\$hf_mig$\KB2506223\SP3QFE\win32k.sys> in the current context! Error: Unable to interpret <C:\WINDOWS\$hf_mig$\KB2479628\SP3QFE\win32k.sys> in the current context! Error: Unable to interpret <C:\redbook.sys> in the current context! Error: Unable to interpret <C:\termdd.sys> in the current context! Error: Unable to interpret <C:\mrxsmb.sys> in the current context! Error: Unable to interpret <C:\imapi.sys> in the current context! Error: Unable to interpret <C:\intelide.sys> in the current context! Error: Unable to interpret <C:\i8042prt.sys> in the current context! Error: Unable to interpret <C:\disk.sys> in the current context! Error: Unable to interpret <C:\cdrom.sys> in the current context! Error: Unable to interpret <C:\agp440.sys> in the current context! Error: Unable to interpret <C:\aec.sys> in the current context! Error: Unable to interpret <C:\atapi.sys> in the current context! Error: Unable to interpret <C:\I386\ /e> in the current context! Error: Unable to interpret <C:\WINDOWS\Driver Cache\i386\ /e> in the current context! Error: Unable to interpret <c:\windows\system32\drivers\aec.sys|C:\aec.sys /replace> in the current context! Error: Unable to interpret <C:\I386\ /e> in the current context! Error: Unable to interpret <C:\WINDOWS\Driver Cache\i386\ /e> in the current context! Error: Unable to interpret <c:\windows\system32\drivers\agp440.sys|C:\agp440.sys /replace > in the current context! Error: Unable to interpret <C:\I386\ /e> in the current context! Error: Unable to interpret <C:\WINDOWS\Driver Cache\i386\ /e> in the current context! Error: Unable to interpret <c:\windows\system32\drivers\aec.sys|C:\atapi.sys /replace> in the current context! Error: Unable to interpret <C:\I386\ /e> in the current context! Error: Unable to interpret <C:\WINDOWS\Driver Cache\i386\ /e> in the current context! Error: Unable to interpret <c:\windows\system32\drivers\cdrom.sys|C:\cdrom.sys /replace> in the current context! Error: Unable to interpret <C:\I386\ /e> in the current context! Error: Unable to interpret <C:\WINDOWS\Driver Cache\i386\ /e> in the current context! Error: Unable to interpret <c:\windows\system32\drivers\disk.sys|C:\disk.sys /replace> in the current context! Error: Unable to interpret <C:\I386\ /e> in the current context! Error: Unable to interpret <C:\WINDOWS\Driver Cache\i386\ /e> in the current context! Error: Unable to interpret <c:\windows\system32\drivers\i8042prt.sys|C:\i8042prt.sys /replace> in the current context! Error: Unable to interpret <C:\I386\ /e> in the current context! Error: Unable to interpret <C:\WINDOWS\Driver Cache\i386\ /e> in the current context! Error: Unable to interpret <c:\windows\system32\drivers\imapi.sys|C:\imapi.sys /replace > in the current context! Error: Unable to interpret <C:\I386\ /e> in the current context! Error: Unable to interpret <C:\WINDOWS\Driver Cache\i386\ /e> in the current context! Error: Unable to interpret <c:\windows\system32\drivers\intelide.sys|C:\intelide.sys /replace> in the current context! Error: Unable to interpret <C:\I386\ /e> in the current context! Error: Unable to interpret <C:\WINDOWS\Driver Cache\i386\ /e> in the current context! Error: Unable to interpret <c:\windows\system32\drivers\mrxsmb.sys|C:\mrxsmb.sys /replace > in the current context! Error: Unable to interpret <C:\I386\ /e> in the current context! Error: Unable to interpret <C:\WINDOWS\Driver Cache\i386\ /e> in the current context! Error: Unable to interpret <c:\windows\system32\drivers\redbook.sys|C:\redbook.sys /replace > in the current context! Error: Unable to interpret <C:\I386\ /e> in the current context! Error: Unable to interpret <C:\WINDOWS\Driver Cache\i386\ /e> in the current context! Error: Unable to interpret <c:\windows\system32\drivers\termdd.sys|C:\termdd.sys /replace > in the current context! ========== REGISTRY ========== HKEY_LOCAL_MACHINE\SOFTWARE_ON_C\Microsoft\Windows\CurrentVersion\explorer\\"AlwaysUnloadDll"|dword:00000001 /E : value set successfully! HKEY_CURRENT_USER\Software_ON_C\Microsoft\Windows\CurrentVersion\Explorer\\"DesktopProcess"|dword:00000001 /E : value set successfully! HKEY_USERS\.DEFAULT\Software_ON_C\Microsoft\Windows\CurrentVersion\Explorer\\"DesktopProcess"|dword:00000001 /E : value set successfully! HKEY_LOCAL_MACHINE\SYSTEM_ON_C\CurrentControlSet\Services\RpcSs\\"Start"|dword:00000002 /E : value set successfully! HKEY_LOCAL_MACHINE\SYSTEM_ON_C\CurrentControlSet\Services\COMSysApp\\"Start"|dword:00000002 /E : value set successfully! HKEY_LOCAL_MACHINE\SYSTEM_ON_C\CurrentControlSet\Services\SCardSvr\\"Start"|dword:00000002 /E : value set successfully! HKEY_LOCAL_MACHINE\SYSTEM_ON_C\CurrentControlSet\Services\Dhcp\\"Start"|dword:00000002 /E : value set successfully! HKEY_LOCAL_MACHINE\SYSTEM_ON_C\CurrentControlSet\Services\Dnscache\\"Start"|dword:00000002 /E : value set successfully! HKEY_LOCAL_MACHINE\SYSTEM_ON_C\CurrentControlSet\Services\seclogon\\"Start"|dword:00000002 /E : value set successfully! HKEY_LOCAL_MACHINE\SYSTEM_ON_C\CurrentControlSet\Services\ShellHWDetection\\"Start"|dword:00000002 /E : value set successfully! HKEY_LOCAL_MACHINE\SYSTEM_ON_C\CurrentControlSet\Services\ProtectedStorage\\"Start"|dword:00000002 /E : value set successfully! HKEY_LOCAL_MACHINE\SYSTEM_ON_C\CurrentControlSet\Services\Browser\\"Start"|dword:00000002 /E : value set successfully! HKEY_LOCAL_MACHINE\SYSTEM_ON_C\CurrentControlSet\Services\SamSs\\"Start"|dword:00000002 /E : value set successfully! HKEY_LOCAL_MACHINE\SYSTEM_ON_C\CurrentControlSet\Services\dmserver\\"Start"|dword:00000002 /E : value set successfully! HKEY_LOCAL_MACHINE\SYSTEM_ON_C\CurrentControlSet\Services\winmgmt\\"Start"|dword:00000002 /E : value set successfully! HKEY_LOCAL_MACHINE\SYSTEM_ON_C\CurrentControlSet\Services\Eventlog\\"Start"|dword:00000002 /E : value set successfully! HKEY_LOCAL_MACHINE\SYSTEM_ON_C\CurrentControlSet\Services\PlugPlay\\"Start"|dword:00000002 /E : value set successfully! HKEY_LOCAL_MACHINE\SYSTEM_ON_C\CurrentControlSet\Services\lanmanserver\\"Start"|dword:00000002 /E : value set successfully! HKEY_LOCAL_MACHINE\SYSTEM_ON_C\CurrentControlSet\Services\EventSystem\\"Start"|dword:00000002 /E : value set successfully! HKEY_LOCAL_MACHINE\SYSTEM_ON_C\CurrentControlSet\Services\srservice\\"Start"|dword:00000002 /E : value set successfully! HKEY_LOCAL_MACHINE\SYSTEM_ON_C\CurrentControlSet\Services\CryptSvc\\"Start"|dword:00000002 /E : value set successfully! HKEY_LOCAL_MACHINE\SYSTEM_ON_C\CurrentControlSet\Services\lanmanworkstation\\"Start"|dword:00000002 /E : value set successfully! HKEY_LOCAL_MACHINE\SYSTEM_ON_C\CurrentControlSet\Services\EventSystem\\"Start"|dword:00000002 /E : value set successfully! HKEY_LOCAL_MACHINE\SYSTEM_ON_C\CurrentControlSet\Services\Themes\\"Start"|dword:00000002 /E : value set successfully! HKEY_LOCAL_MACHINE\SYSTEM_ON_C\CurrentControlSet\Services\Schedule\\"Start"|dword:00000002 /E : value set successfully! HKEY_LOCAL_MACHINE\SYSTEM_ON_C\CurrentControlSet\Services\helpsvc\\"Start"|dword:00000002 /E : value set successfully! HKEY_LOCAL_MACHINE\SYSTEM_ON_C\CurrentControlSet\Services\AudioSrv\\"Start"|dword:00000002 /E : value set successfully! HKEY_LOCAL_MACHINE\SYSTEM_ON_C\CurrentControlSet\Services\TrkWks\\"Start"|dword:00000002 /E : value set successfully! HKEY_LOCAL_MACHINE\SYSTEM_ON_C\CurrentControlSet\Services\SENS\\"Start"|dword:00000002 /E : value set successfully! HKEY_LOCAL_MACHINE\SYSTEM_ON_C\CurrentControlSet\Services\srservice\\"Start"|dword:00000002 /E : value set successfully! HKEY_LOCAL_MACHINE\SYSTEM_ON_C\CurrentControlSet\Control\CrashControl\\"AutoReboot"|dword:00000000 /E : value set successfully! HKEY_CURRENT_USER\Control Panel\Desktop\\"ScreenSaveActive"|"0" /E : value set successfully! HKEY_LOCAL_MACHINE\SYSTEM_ON_C\ControlSet001\Control\FileSystem\\"ConfigFileAllocSize"|dword:00000200 /E : value set successfully! HKEY_LOCAL_MACHINE\SYSTEM_ON_C\ControlSet002\Control\FileSystem\\"ConfigFileAllocSize"|dword:00000200 /E : value set successfully! HKEY_LOCAL_MACHINE\SYSTEM_ON_C\CurrentControlSet\Control\FileSystem\\"ConfigFileAllocSize"|dword:00000200 /E : value set successfully! HKEY_LOCAL_MACHINE\SYSTEM_ON_C\CurrentControlSet\Control\Session Manager\Memory Management\\"DisablePagingExecutive"|dword:00000001 /E : value set successfully! HKEY_LOCAL_MACHINE\SYSTEM_ON_C\CurrentControlSet\Control\Session Manager\Memory Management\\"LargeSystemCache"|dword:00000001 /E : value set successfully! HKEY_LOCAL_MACHINE\SOFTWARE_ON_C\Microsoft\Windows\CurrentVersion\policies\system\\"DisableRegistryTools"|dword:00000000 /E : value set successfully! HKEY_LOCAL_MACHINE\SOFTWARE_ON_C\Microsoft\Windows\CurrentVersion\policies\system\\"DisableTaskMgr"|dword:00000000 /E : value set successfully! HKEY_LOCAL_MACHINE\SOFTWARE_ON_C\Microsoft\Windows\CurrentVersion\policies\system\\"Logoff"|dword:00000000 /E : value set successfully! HKEY_LOCAL_MACHINE\SOFTWARE_ON_C\Microsoft\Windows\CurrentVersion\policies\system\\"StartMenuLogOff"|dword:00000000 /E : value set successfully! HKEY_LOCAL_MACHINE\SOFTWARE_ON_C\Microsoft\Windows\CurrentVersion\policies\system\\"NoClose"|dword:00000000 /E : value set successfully! HKEY_LOCAL_MACHINE\SOFTWARE_ON_C\Microsoft\Windows\CurrentVersion\policies\system\\"NoRun"|dword:00000000 /E : value set successfully! HKEY_CURRENT_USER\Software_ON_C\Microsoft\Windows\CurrentVersion\Group Policy Objects\LocalUser\Software\Microsoft\Windows\CurrentVersion\Policies\System\\"DisableTaskMgr"|dword:00000000 /E : value set successfully! HKEY_CURRENT_USER\Software_ON_C\Microsoft\Windows\CurrentVersion\Group Policy Objects\LocalUser\Software\Microsoft\Windows\CurrentVersion\Policies\System\\"Logoff"|dword:00000000 /E : value set successfully! HKEY_CURRENT_USER\Software_ON_C\Microsoft\Windows\CurrentVersion\Group Policy Objects\LocalUser\Software\Microsoft\Windows\CurrentVersion\Policies\System\\"StartMenuLogOff"|dword:00000000 /E : value set successfully! HKEY_CURRENT_USER\Software_ON_C\Microsoft\Windows\CurrentVersion\Group Policy Objects\LocalUser\Software\Microsoft\Windows\CurrentVersion\Policies\System\\"NoClose"|dword:00000000 /E : value set successfully! HKEY_CURRENT_USER\Software_ON_C\Microsoft\Windows\CurrentVersion\Group Policy Objects\LocalUser\Software\Microsoft\Windows\CurrentVersion\Policies\System\\"NoRun"|dword:00000000 /E : value set successfully! HKEY_CURRENT_USER\Software_ON_C\Microsoft\Windows\CurrentVersion\Group Policy Objects\LocalUser\Software\Microsoft\Windows\CurrentVersion\Policies\System\\"**del.DisableTaskMgr"|" " /E : value set successfully! HKEY_CURRENT_USER\SOFTWARE_ON_C\Microsoft\Windows\CurrentVersion\policies\system\\"DisableRegistryTools"|dword:00000000 /E : value set successfully! HKEY_CURRENT_USER\SOFTWARE_ON_C\Microsoft\Windows\CurrentVersion\policies\system\\"DisableTaskMgr"|dword:00000000 /E : value set successfully! HKEY_CURRENT_USER\SOFTWARE_ON_C\Microsoft\Windows\CurrentVersion\policies\system\\"Logoff"|dword:00000000 /E : value set successfully! HKEY_CURRENT_USER\SOFTWARE_ON_C\Microsoft\Windows\CurrentVersion\policies\system\\"StartMenuLogOff"|dword:00000000 /E : value set successfully! HKEY_CURRENT_USER\SOFTWARE_ON_C\Microsoft\Windows\CurrentVersion\policies\system\\"NoClose"|dword:00000000 /E : value set successfully! HKEY_CURRENT_USER\SOFTWARE_ON_C\Microsoft\Windows\CurrentVersion\policies\system\\"NoRun"|dword:00000000 /E : value set successfully! HKEY_LOCAL_MACHINE\SOFTWARE_ON_C\Microsoft\Windows NT\CurrentVersion\Winlogon\\"DisableCAD"|dword:00000000 /E : value set successfully! HKEY_CURRENT_USER\Software_ON_C\Microsoft\Windows\CurrentVersion\Policies\Explorer\\"NoControlPanel"|dword:00000000 /E : value set successfully! HKEY_CURRENT_USER\Software_ON_C\Microsoft\Windows\CurrentVersion\Policies\Explorer\\"NoWindowsUpdate"|dword:00000000 /E : value set successfully! HKEY_CURRENT_USER\Software_ON_C\Microsoft\Windows\CurrentVersion\Policies\Explorer\\"NoRun"|dword:00000000 /E : value set successfully! HKEY_LOCAL_MACHINE\Software_ON_C\Microsoft\Windows\CurrentVersion\Policies\Explorer\\"DisableTaskMgr"|dword:00000000 /E : value set successfully! HKEY_LOCAL_MACHINE\Software_ON_C\Microsoft\Windows\CurrentVersion\Policies\Explorer\\"DisableCMD"|dword:00000000 /E : value set successfully! HKEY_LOCAL_MACHINE\Software_ON_C\Microsoft\Windows\CurrentVersion\Policies\Explorer\\"Disable cpl"|dword:00000000 /E : value set successfully! HKEY_LOCAL_MACHINE\Software_ON_C\Microsoft\Windows\CurrentVersion\Policies\Explorer\\"DisallowRun"|dword:00000000 /E : value set successfully! HKEY_LOCAL_MACHINE\Software_ON_C\Microsoft\Windows\CurrentVersion\Policies\Explorer\\"NoTrayContextMenu"|dword:00000000 /E : value set successfully! HKEY_LOCAL_MACHINE\Software_ON_C\Microsoft\Windows\CurrentVersion\Policies\Explorer\\"NoViewContextMenu"|dword:00000000 /E : value set successfully! HKEY_CURRENT_USER\Software_ON_C\Microsoft\Windows\CurrentVersion\Policies\Explorer\\"DisableTaskMgr"|dword:00000000 /E : value set successfully! HKEY_CURRENT_USER\Software_ON_C\Microsoft\Windows\CurrentVersion\Policies\Explorer\\"DisableCMD"|dword:00000000 /E : value set successfully! HKEY_CURRENT_USER\Software_ON_C\Microsoft\Windows\CurrentVersion\Policies\Explorer\\"Disable cpl"|dword:00000000 /E : value set successfully! HKEY_CURRENT_USER\Software_ON_C\Microsoft\Windows\CurrentVersion\Policies\Explorer\\"DisallowRun"|dword:00000000 /E : value set successfully! HKEY_CURRENT_USER\Software_ON_C\Microsoft\Windows\CurrentVersion\Policies\Explorer\\"NoDesktop"|dword:00000000 /E : value set successfully! HKEY_CURRENT_USER\Software_ON_C\Microsoft\Windows\CurrentVersion\Policies\Explorer\\"NoTrayContextMenu"|dword:00000000 /E : value set successfully! HKEY_CURRENT_USER\Software_ON_C\Microsoft\Windows\CurrentVersion\Policies\Explorer\\"NoViewContextMenu"|dword:00000000 /E : value set successfully! Registry key HKEY_LOCAL_MACHINE\SOFTWARE_ON_C\Policies\Microsoft\Windows NT/SystemRestore not found. Registry key HKEY_CURRENT_USER\SOFTWARE_ON_C\Policies\Microsoft\Windows NT/SystemRestore not found. HKEY_LOCAL_MACHINE\SYSTEM_ON_C\ControlSet001\Control\SafeBoot\Option\\"OptionValue"|dword:00000000 /E : value set successfully! HKEY_LOCAL_MACHINE\SYSTEM_ON_C\controlset002\Control\SafeBoot\Option\\"OptionValue"|dword:00000000 /E : value set successfully! HKEY_LOCAL_MACHINE\SYSTEM_ON_C\CurrentControlSet\Control\SafeBoot\Option\\"OptionValue"|dword:00000000 /E : value set successfully! HKEY_LOCAL_MACHINE\SOFTWARE_ON_C\Microsoft\Windows NT\CurrentVersion\Winlogon\\"Shell"|"Explorer.exe" /E : value set successfully! HKEY_CURRENT_USER\Software_ON_C\Microsoft\Windows\CurrentVersion\Policies\Explorer\\"NoActiveDesktop"|dword:00000001 /E : value set successfully! HKEY_CURRENT_USER\Software_ON_C\Microsoft\Windows\CurrentVersion\Policies\Explorer\\"NoDispBackgroundPage"|dword:00000000 /E : value set successfully! HKEY_CURRENT_USER\Software_ON_C\Microsoft\Windows\CurrentVersion\Policies\Explorer\\"NoSaveSettings"|dword:00000000 /E : value set successfully! ========== COMMANDS ========== OTLPE by OldTimer - Version log created on 05152011_213513 Euh... dans le rapport ci-dessus, il y a des endroits ou il y a marque "Error: Unable to interpret", je passe a la suite quand meme ? A+ N.
  18. Hello... voila, chkdsk et OPLTE faits... voici le rapport: OTL: - Service gratuit de dépôt de fichiers Extras: - Service gratuit de dépôt de fichiers allez, a mon tour de A+ N.
  19. OK, merci pour le lien ... et je aussi 2 fois cette commande ? Allez, j arrete de t embeter pour ce soir... Bonne nuit N.
  20. Ah non, en fait, en tapant help chkdsk, il semble ne reconnaitre que /P et /R ...c'est tout
  21. Hello, Ben oui... sauf que j'ai pris les rapport apres le script mais avant de redemarrer Il ne reconnait pas l instruction.... c'est auoi la derniere lettre? i (isidore) l(lucien) ou le chiffre 1 (il ne reconnait aucun des 3) Bonne nuit A+ N.
  22. P.S.... j ai encore l ecran bleu au demarrage... A+ N.
  23. Bonsoir.... Merci pour les instructions ... Voila le fichier OTL: - Service gratuit de dépôt de fichiers En bonus, voila le fichier Extra: - Service gratuit de dépôt de fichiers et en super bonus, le log affiche a la fin du runfix: ========== OTL ========== C:\Documents and Settings\Nicolas\Local Settings\Application Data\Secunia PSI folder moved successfully. C:\Program Files\Secunia\PSI\SUA\768300f77bf877de417449fd7e977645 folder moved successfully. C:\Program Files\Secunia\PSI\SUA folder moved successfully. C:\Program Files\Secunia\PSI folder moved successfully. C:\Program Files\Secunia folder moved successfully. C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Secunia PSI.lnk moved successfully. File C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Secunia PSI.lnk not found. C:\Documents and Settings\Nicolas\Application Data\\SUPERAntiSpyware\SDDLLS folder moved successfully. C:\Documents and Settings\Nicolas\Application Data\\SUPERAntiSpyware\Quarantine folder moved successfully. C:\Documents and Settings\Nicolas\Application Data\\SUPERAntiSpyware\Logs folder moved successfully. C:\Documents and Settings\Nicolas\Application Data\\SUPERAntiSpyware\AppLogs folder moved successfully. C:\Documents and Settings\Nicolas\Application Data\\SUPERAntiSpyware folder moved successfully. C:\Documents and Settings\Nicolas\Application Data\ folder moved successfully. C:\Program Files\SUPERAntiSpyware\Plugins folder moved successfully. C:\Program Files\SUPERAntiSpyware\Language folder moved successfully. C:\Program Files\SUPERAntiSpyware folder moved successfully. ========== FILES ========== File C:\redbook.sys successfully replaced with c:\windows\system32\drivers\redbook.sys File C:\termdd.sys successfully replaced with c:\windows\system32\drivers\termdd.sys File C:\mrxsmb.sys successfully replaced with c:\windows\system32\drivers\mrxsmb.sys File C:\imapi.sys successfully replaced with c:\windows\system32\drivers\imapi.sys File C:\intelide.sys successfully replaced with c:\windows\system32\drivers\intelide.sys File C:\i8042prt.sys successfully replaced with c:\windows\system32\drivers\i8042prt.sys File C:\disk.sys successfully replaced with c:\windows\system32\drivers\disk.sys File C:\cdrom.sys successfully replaced with c:\windows\system32\drivers\cdrom.sys File C:\agp440.sys successfully replaced with c:\windows\system32\drivers\agp440.sys File C:\aec.sys successfully replaced with c:\windows\system32\drivers\aec.sys File C:\atapi.sys successfully replaced with c:\windows\system32\drivers\aec.sys ========== REGISTRY ========== HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\\"AlwaysUnloadDll"|dword:00000001 /E : value set successfully! HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\\"DesktopProcess"|dword:00000001 /E : value set successfully! HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\\"DesktopProcess"|dword:00000001 /E : value set successfully! HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RpcSs\\"Start"|dword:00000002 /E : value set successfully! HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\COMSysApp\\"Start"|dword:00000002 /E : value set successfully! HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SCardSvr\\"Start"|dword:00000002 /E : value set successfully! HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dhcp\\"Start"|dword:00000002 /E : value set successfully! HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\\"Start"|dword:00000002 /E : value set successfully! HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\seclogon\\"Start"|dword:00000002 /E : value set successfully! HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ShellHWDetection\\"Start"|dword:00000002 /E : value set successfully! HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ProtectedStorage\\"Start"|dword:00000002 /E : value set successfully! HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Browser\\"Start"|dword:00000002 /E : value set successfully! HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SamSs\\"Start"|dword:00000002 /E : value set successfully! HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\dmserver\\"Start"|dword:00000002 /E : value set successfully! HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\winmgmt\\"Start"|dword:00000002 /E : value set successfully! HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\\"Start"|dword:00000002 /E : value set successfully! HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\PlugPlay\\"Start"|dword:00000002 /E : value set successfully! HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\lanmanserver\\"Start"|dword:00000002 /E : value set successfully! HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\EventSystem\\"Start"|dword:00000002 /E : value set successfully! HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\srservice\\"Start"|dword:00000002 /E : value set successfully! HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\CryptSvc\\"Start"|dword:00000002 /E : value set successfully! HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\lanmanworkstation\\"Start"|dword:00000002 /E : value set successfully! HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\EventSystem\\"Start"|dword:00000002 /E : value set successfully! HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Themes\\"Start"|dword:00000002 /E : value set successfully! HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Schedule\\"Start"|dword:00000002 /E : value set successfully! HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\helpsvc\\"Start"|dword:00000002 /E : value set successfully! HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\AudioSrv\\"Start"|dword:00000002 /E : value set successfully! HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TrkWks\\"Start"|dword:00000002 /E : value set successfully! HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SENS\\"Start"|dword:00000002 /E : value set successfully! HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\srservice\\"Start"|dword:00000002 /E : value set successfully! HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\CrashControl\\"AutoReboot"|dword:00000000 /E : value set successfully! HKEY_CURRENT_USER\Control Panel\Desktop\\"ScreenSaveActive"|"0" /E : value set successfully! HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\FileSystem\\"ConfigFileAllocSize"|dword:00000200 /E : value set successfully! HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\FileSystem\\"ConfigFileAllocSize"|dword:00000200 /E : value set successfully! HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\FileSystem\\"ConfigFileAllocSize"|dword:00000200 /E : value set successfully! HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Memory Management\\"DisablePagingExecutive"|dword:00000001 /E : value set successfully! HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Memory Management\\"LargeSystemCache"|dword:00000001 /E : value set successfully! HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\"DisableRegistryTools"|dword:00000000 /E : value set successfully! HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\"DisableTaskMgr"|dword:00000000 /E : value set successfully! HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\"Logoff"|dword:00000000 /E : value set successfully! HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\"StartMenuLogOff"|dword:00000000 /E : value set successfully! HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\"NoClose"|dword:00000000 /E : value set successfully! HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\"NoRun"|dword:00000000 /E : value set successfully! HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Group Policy Objects\LocalUser\Software\Microsoft\Windows\CurrentVersion\Policies\System\\"DisableTaskMgr"|dword:00000000 /E : value set successfully! HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Group Policy Objects\LocalUser\Software\Microsoft\Windows\CurrentVersion\Policies\System\\"Logoff"|dword:00000000 /E : value set successfully! HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Group Policy Objects\LocalUser\Software\Microsoft\Windows\CurrentVersion\Policies\System\\"StartMenuLogOff"|dword:00000000 /E : value set successfully! HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Group Policy Objects\LocalUser\Software\Microsoft\Windows\CurrentVersion\Policies\System\\"NoClose"|dword:00000000 /E : value set successfully! HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Group Policy Objects\LocalUser\Software\Microsoft\Windows\CurrentVersion\Policies\System\\"NoRun"|dword:00000000 /E : value set successfully! HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Group Policy Objects\LocalUser\Software\Microsoft\Windows\CurrentVersion\Policies\System\\"**del.DisableTaskMgr"|" " /E : value set successfully! HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\"DisableRegistryTools"|dword:00000000 /E : value set successfully! HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\"DisableTaskMgr"|dword:00000000 /E : value set successfully! HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\"Logoff"|dword:00000000 /E : value set successfully! HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\"StartMenuLogOff"|dword:00000000 /E : value set successfully! HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\"NoClose"|dword:00000000 /E : value set successfully! HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\"NoRun"|dword:00000000 /E : value set successfully! HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\"DisableCAD"|dword:00000000 /E : value set successfully! HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\"NoControlPanel"|dword:00000000 /E : value set successfully! HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\"NoWindowsUpdate"|dword:00000000 /E : value set successfully! HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\"NoRun"|dword:00000000 /E : value set successfully! HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\"DisableTaskMgr"|dword:00000000 /E : value set successfully! HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\"DisableCMD"|dword:00000000 /E : value set successfully! HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\"Disable cpl"|dword:00000000 /E : value set successfully! HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\"DisallowRun"|dword:00000000 /E : value set successfully! HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\"NoTrayContextMenu"|dword:00000000 /E : value set successfully! HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\"NoViewContextMenu"|dword:00000000 /E : value set successfully! HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\"DisableTaskMgr"|dword:00000000 /E : value set successfully! HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\"DisableCMD"|dword:00000000 /E : value set successfully! HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\"Disable cpl"|dword:00000000 /E : value set successfully! HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\"DisallowRun"|dword:00000000 /E : value set successfully! HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\"NoDesktop"|dword:00000000 /E : value set successfully! HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\"NoTrayContextMenu"|dword:00000000 /E : value set successfully! HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\"NoViewContextMenu"|dword:00000000 /E : value set successfully! Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT/SystemRestore not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Policies\Microsoft\Windows NT/SystemRestore not found. HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SafeBoot\Option\\"OptionValue"|dword:00000000 /E : value set successfully! HKEY_LOCAL_MACHINE\SYSTEM\controlset002\Control\SafeBoot\Option\\"OptionValue"|dword:00000000 /E : value set successfully! HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Option\\"OptionValue"|dword:00000000 /E : value set successfully! HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\"Shell"|"Explorer.exe" /E : value set successfully! HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\"NoActiveDesktop"|dword:00000001 /E : value set successfully! HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\"NoDispBackgroundPage"|dword:00000000 /E : value set successfully! HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\"NoSaveSettings"|dword:00000000 /E : value set successfully! ========== COMMANDS ========== OTLPE by OldTimer - Version log created on 05142011_211902 Y a du "successfully" partoutm chouette.... A+ N.
  24. Bonjour.... Merci pour vos commandes... voila le fichier mbr: - Service gratuit de dépôt de fichiers et voila le contenu de filefind: Search results for Winlogon.exe dd73d6b9f6b4cb630cf35b438b540174 /mnt/sda1/WINDOWS/ServicePackFiles/i386/winlogon.exe 500.0K Apr 14 2008 dd73d6b9f6b4cb630cf35b438b540174 /mnt/sda1/WINDOWS/system32/winlogon.exe 500.0K Apr 14 2008 d2de785aeab0bb8ca4c14a8a199dbe4e /mnt/sda1/WINDOWS/$NtServicePackUninstall$/winlogon.exe 494.5K Aug 5 2004 Search results for explorer.exe f2317622d29f9ff0f88aeecd5f60f0dd /mnt/sda1/WINDOWS/ServicePackFiles/i386/explorer.exe 1013.5K Apr 14 2008 f2317622d29f9ff0f88aeecd5f60f0dd /mnt/sda1/WINDOWS/explorer.exe 1013.5K Apr 14 2008 4c33e5b9a6197b6ed215f6cfba0a2daa /mnt/sda1/WINDOWS/$NtServicePackUninstall$/explorer.exe 1012.0K Aug 5 2004 Search results for Userinit.exe e74ddb12188c2ff57a78624dbf7332fc /mnt/sda1/WINDOWS/ServicePackFiles/i386/userinit.exe 26.0K Apr 14 2008 e74ddb12188c2ff57a78624dbf7332fc /mnt/sda1/WINDOWS/system32/userinit.exe 26.0K Apr 14 2008 d6d65ea32b190401b57edb6706f29669 /mnt/sda1/WINDOWS/$NtServicePackUninstall$/userinit.exe 24.5K Aug 5 2004 (... Je me reconnecterai assez tard ce soir... ) A+ Nick
  25. Salut TomTom... Merci pour le message... cependant, je ne suis pas sur de tout comprendre... Dis-moi si je comprend bien: 1/ je tape "bash" 2/ quand il a fini, je tape "Winlogon.exe" 3/ quand il a fini, je tape "explorer.exe" 4/ quand il a fini, je tape "Userinit.exe" 5/ quand il a fini, je tape "exit" ??? et c'est apres aue je ne comprends plus... 6/ Je rouvre le terminal ??? 7/ je tape " bash type" ??? 8/ quand il a fini, je tape "dd if = / dev / sda bs de mbr.bin = 512 count = 1" ??? ou se situent les espaces? : ici :? "dd <espace> if=/dev/sda <espace> bs <espace> de <espace> mbr.bin = 512 <espace> count = 1" ? Tu parles de bs = 512 et de Compter 1, mais je ne les vois pas dans la commande... Tu veux tous les fichiers crees ou que certains ? ( report.txt, filefind.txt, RegReport.txt et mbr.bin)? Merci encore pour les precisions... A+ N.
  • Créer...