Aller au contenu

cof336

Membres
 Afficher le profil  Afficher son activité

  • Compteur de contenus

    17

  • Inscription

  • Dernière visite

Autres informations

  • Mes langues
    Francais,Anglais

cof336's Achievements

Junior Member

Junior Member (3/12)

0

Réputation sur la communauté

  1. cof336
    Je l'ai fait tout semble fonctionner. Je pars en vacances dans 1h je ferai les actions supplémentaires à mon retour. Merci pour tout.
  2. cof336
    Voici le rapport 2012-08-05 11:48:46, Info CSI 00000006 [sR] Verifying 100 (0x0000000000000064) components 2012-08-05 11:48:46, Info CSI 00000007 [sR] Beginning Verify and Repair transaction 2012-08-05 11:48:47, Info CSI 00000009 [sR] Verify complete 2012-08-05 11:48:48, Info CSI 0000000a [sR] Verifying 100 (0x0000000000000064) components 2012-08-05 11:48:48, Info CSI 0000000b [sR] Beginning Verify and Repair transaction 2012-08-05 11:48:49, Info CSI 0000000d [sR] Verify complete 2012-08-05 11:48:50, Info CSI 0000000e [sR] Verifying 100 (0x0000000000000064) components 2012-08-05 11:48:50, Info CSI 0000000f [sR] Beginning Verify and Repair transaction 2012-08-05 11:48:52, Info CSI 00000011 [sR] Verify complete 2012-08-05 11:48:52, Info CSI 00000012 [sR] Verifying 100 (0x0000000000000064) components 2012-08-05 11:48:52, Info CSI 00000013 [sR] Beginning Verify and Repair transaction 2012-08-05 11:48:53, Info CSI 00000015 [sR] Verify complete 2012-08-05 11:48:54, Info CSI 00000016 [sR] Verifying 100 (0x0000000000000064) components 2012-08-05 11:48:54, Info CSI 00000017 [sR] Beginning Verify and Repair transaction 2012-08-05 11:48:56, Info CSI 00000019 [sR] Verify complete 2012-08-05 11:48:57, Info CSI 0000001a [sR] Verifying 100 (0x0000000000000064) components 2012-08-05 11:48:57, Info CSI 0000001b [sR] Beginning Verify and Repair transaction 2012-08-05 11:48:58, Info CSI 0000001d [sR] Verify complete 2012-08-05 11:48:59, Info CSI 0000001e [sR] Verifying 100 (0x0000000000000064) components 2012-08-05 11:48:59, Info CSI 0000001f [sR] Beginning Verify and Repair transaction 2012-08-05 11:49:00, Info CSI 00000021 [sR] Verify complete 2012-08-05 11:49:01, Info CSI 00000022 [sR] Verifying 100 (0x0000000000000064) components 2012-08-05 11:49:01, Info CSI 00000023 [sR] Beginning Verify and Repair transaction 2012-08-05 11:49:02, Info CSI 00000025 [sR] Verify complete 2012-08-05 11:49:03, Info CSI 00000026 [sR] Verifying 100 (0x0000000000000064) components 2012-08-05 11:49:03, Info CSI 00000027 [sR] Beginning Verify and Repair transaction 2012-08-05 11:49:05, Info CSI 00000029 [sR] Verify complete 2012-08-05 11:49:05, Info CSI 0000002a [sR] Verifying 100 (0x0000000000000064) components 2012-08-05 11:49:05, Info CSI 0000002b [sR] Beginning Verify and Repair transaction 2012-08-05 11:49:07, Info CSI 0000002d [sR] Verify complete 2012-08-05 11:49:07, Info CSI 0000002e [sR] Verifying 100 (0x0000000000000064) components 2012-08-05 11:49:07, Info CSI 0000002f [sR] Beginning Verify and Repair transaction 2012-08-05 11:49:09, Info CSI 00000031 [sR] Verify complete 2012-08-05 11:49:09, Info CSI 00000032 [sR] Verifying 100 (0x0000000000000064) components 2012-08-05 11:49:09, Info CSI 00000033 [sR] Beginning Verify and Repair transaction 2012-08-05 11:49:11, Info CSI 00000035 [sR] Verify complete 2012-08-05 11:49:11, Info CSI 00000036 [sR] Verifying 100 (0x0000000000000064) components 2012-08-05 11:49:11, Info CSI 00000037 [sR] Beginning Verify and Repair transaction 2012-08-05 11:49:13, Info CSI 00000039 [sR] Verify complete 2012-08-05 11:49:14, Info CSI 0000003a [sR] Verifying 100 (0x0000000000000064) components 2012-08-05 11:49:14, Info CSI 0000003b [sR] Beginning Verify and Repair transaction 2012-08-05 11:49:15, Info CSI 0000003d [sR] Verify complete 2012-08-05 11:49:16, Info CSI 0000003e [sR] Verifying 100 (0x0000000000000064) components 2012-08-05 11:49:16, Info CSI 0000003f [sR] Beginning Verify and Repair transaction 2012-08-05 11:49:17, Info CSI 00000041 [sR] Verify complete 2012-08-05 11:49:17, Info CSI 00000042 [sR] Verifying 100 (0x0000000000000064) components 2012-08-05 11:49:17, Info CSI 00000043 [sR] Beginning Verify and Repair transaction 2012-08-05 11:49:19, Info CSI 00000045 [sR] Verify complete 2012-08-05 11:49:19, Info CSI 00000046 [sR] Verifying 100 (0x0000000000000064) components 2012-08-05 11:49:19, Info CSI 00000047 [sR] Beginning Verify and Repair transaction 2012-08-05 11:49:21, Info CSI 00000049 [sR] Verify complete 2012-08-05 11:49:21, Info CSI 0000004a [sR] Verifying 100 (0x0000000000000064) components 2012-08-05 11:49:21, Info CSI 0000004b [sR] Beginning Verify and Repair transaction 2012-08-05 11:49:23, Info CSI 0000004d [sR] Verify complete 2012-08-05 11:49:23, Info CSI 0000004e [sR] Verifying 100 (0x0000000000000064) components 2012-08-05 11:49:23, Info CSI 0000004f [sR] Beginning Verify and Repair transaction 2012-08-05 11:49:25, Info CSI 00000051 [sR] Verify complete 2012-08-05 11:49:25, Info CSI 00000052 [sR] Verifying 100 (0x0000000000000064) components 2012-08-05 11:49:25, Info CSI 00000053 [sR] Beginning Verify and Repair transaction 2012-08-05 11:49:27, Info CSI 00000055 [sR] Verify complete 2012-08-05 11:49:27, Info CSI 00000056 [sR] Verifying 100 (0x0000000000000064) components 2012-08-05 11:49:27, Info CSI 00000057 [sR] Beginning Verify and Repair transaction 2012-08-05 11:49:28, Info CSI 00000059 [sR] Verify complete 2012-08-05 11:49:29, Info CSI 0000005a [sR] Verifying 100 (0x0000000000000064) components 2012-08-05 11:49:29, Info CSI 0000005b [sR] Beginning Verify and Repair transaction 2012-08-05 11:49:31, Info CSI 0000005d [sR] Verify complete 2012-08-05 11:49:32, Info CSI 0000005e [sR] Verifying 100 (0x0000000000000064) components 2012-08-05 11:49:32, Info CSI 0000005f [sR] Beginning Verify and Repair transaction 2012-08-05 11:49:33, Info CSI 00000061 [sR] Verify complete 2012-08-05 11:49:34, Info CSI 00000062 [sR] Verifying 100 (0x0000000000000064) components 2012-08-05 11:49:34, Info CSI 00000063 [sR] Beginning Verify and Repair transaction 2012-08-05 11:49:36, Info CSI 00000065 [sR] Verify complete 2012-08-05 11:49:37, Info CSI 00000066 [sR] Verifying 100 (0x0000000000000064) components 2012-08-05 11:49:37, Info CSI 00000067 [sR] Beginning Verify and Repair transaction 2012-08-05 11:49:38, Info CSI 00000069 [sR] Verify complete 2012-08-05 11:49:39, Info CSI 0000006a [sR] Verifying 100 (0x0000000000000064) components 2012-08-05 11:49:39, Info CSI 0000006b [sR] Beginning Verify and Repair transaction 2012-08-05 11:49:41, Info CSI 0000006d [sR] Verify complete 2012-08-05 11:49:41, Info CSI 0000006e [sR] Verifying 100 (0x0000000000000064) components 2012-08-05 11:49:41, Info CSI 0000006f [sR] Beginning Verify and Repair transaction 2012-08-05 11:49:43, Info CSI 00000071 [sR] Verify complete 2012-08-05 11:49:43, Info CSI 00000072 [sR] Verifying 100 (0x0000000000000064) components 2012-08-05 11:49:43, Info CSI 00000073 [sR] Beginning Verify and Repair transaction 2012-08-05 11:49:45, Info CSI 00000075 [sR] Verify complete 2012-08-05 11:49:45, Info CSI 00000076 [sR] Verifying 100 (0x0000000000000064) components 2012-08-05 11:49:45, Info CSI 00000077 [sR] Beginning Verify and Repair transaction 2012-08-05 11:49:46, Info CSI 00000079 [sR] Verify complete 2012-08-05 11:49:47, Info CSI 0000007a [sR] Verifying 100 (0x0000000000000064) components 2012-08-05 11:49:47, Info CSI 0000007b [sR] Beginning Verify and Repair transaction 2012-08-05 11:49:53, Info CSI 0000007d [sR] Verify complete 2012-08-05 11:49:54, Info CSI 0000007e [sR] Verifying 100 (0x0000000000000064) components 2012-08-05 11:49:54, Info CSI 0000007f [sR] Beginning Verify and Repair transaction 2012-08-05 11:49:57, Info CSI 00000081 [sR] Verify complete 2012-08-05 11:49:58, Info CSI 00000082 [sR] Verifying 100 (0x0000000000000064) components 2012-08-05 11:49:58, Info CSI 00000083 [sR] Beginning Verify and Repair transaction 2012-08-05 11:49:59, Info CSI 00000085 [sR] Verify complete 2012-08-05 11:50:00, Info CSI 00000086 [sR] Verifying 100 (0x0000000000000064) components 2012-08-05 11:50:00, Info CSI 00000087 [sR] Beginning Verify and Repair transaction 2012-08-05 11:50:01, Info CSI 00000089 [sR] Verify complete 2012-08-05 11:50:02, Info CSI 0000008a [sR] Verifying 100 (0x0000000000000064) components 2012-08-05 11:50:02, Info CSI 0000008b [sR] Beginning Verify and Repair transaction 2012-08-05 11:50:03, Info CSI 0000008d [sR] Verify complete 2012-08-05 11:50:04, Info CSI 0000008e [sR] Verifying 100 (0x0000000000000064) components 2012-08-05 11:50:04, Info CSI 0000008f [sR] Beginning Verify and Repair transaction 2012-08-05 11:50:08, Info CSI 00000091 [sR] Verify complete 2012-08-05 11:50:08, Info CSI 00000092 [sR] Verifying 100 (0x0000000000000064) components 2012-08-05 11:50:08, Info CSI 00000093 [sR] Beginning Verify and Repair transaction 2012-08-05 11:50:12, Info CSI 00000095 [sR] Verify complete 2012-08-05 11:50:13, Info CSI 00000096 [sR] Verifying 100 (0x0000000000000064) components 2012-08-05 11:50:13, Info CSI 00000097 [sR] Beginning Verify and Repair transaction 2012-08-05 11:50:18, Info CSI 0000009b [sR] Verify complete 2012-08-05 11:50:18, Info CSI 0000009c [sR] Verifying 100 (0x0000000000000064) components 2012-08-05 11:50:18, Info CSI 0000009d [sR] Beginning Verify and Repair transaction 2012-08-05 11:50:24, Info CSI 000000a0 [sR] Verify complete 2012-08-05 11:50:24, Info CSI 000000a1 [sR] Verifying 100 (0x0000000000000064) components 2012-08-05 11:50:24, Info CSI 000000a2 [sR] Beginning Verify and Repair transaction 2012-08-05 11:50:29, Info CSI 000000a6 [sR] Verify complete 2012-08-05 11:50:30, Info CSI 000000a7 [sR] Verifying 100 (0x0000000000000064) components 2012-08-05 11:50:30, Info CSI 000000a8 [sR] Beginning Verify and Repair transaction 2012-08-05 11:50:35, Info CSI 000000aa [sR] Verify complete 2012-08-05 11:50:35, Info CSI 000000ab [sR] Verifying 100 (0x0000000000000064) components 2012-08-05 11:50:35, Info CSI 000000ac [sR] Beginning Verify and Repair transaction 2012-08-05 11:50:42, Info CSI 000000d1 [sR] Verify complete 2012-08-05 11:50:42, Info CSI 000000d2 [sR] Verifying 100 (0x0000000000000064) components 2012-08-05 11:50:42, Info CSI 000000d3 [sR] Beginning Verify and Repair transaction 2012-08-05 11:50:48, Info CSI 000000d5 [sR] Verify complete 2012-08-05 11:50:48, Info CSI 000000d6 [sR] Verifying 100 (0x0000000000000064) components 2012-08-05 11:50:48, Info CSI 000000d7 [sR] Beginning Verify and Repair transaction 2012-08-05 11:50:53, Info CSI 000000d9 [sR] Verify complete 2012-08-05 11:50:53, Info CSI 000000da [sR] Verifying 100 (0x0000000000000064) components 2012-08-05 11:50:53, Info CSI 000000db [sR] Beginning Verify and Repair transaction 2012-08-05 11:50:59, Info CSI 000000dd [sR] Verify complete 2012-08-05 11:51:00, Info CSI 000000de [sR] Verifying 100 (0x0000000000000064) components 2012-08-05 11:51:00, Info CSI 000000df [sR] Beginning Verify and Repair transaction 2012-08-05 11:51:08, Info CSI 000000e1 [sR] Verify complete 2012-08-05 11:51:09, Info CSI 000000e2 [sR] Verifying 100 (0x0000000000000064) components 2012-08-05 11:51:09, Info CSI 000000e3 [sR] Beginning Verify and Repair transaction 2012-08-05 11:51:17, Info CSI 00000107 [sR] Verify complete 2012-08-05 11:51:18, Info CSI 00000108 [sR] Verifying 100 (0x0000000000000064) components 2012-08-05 11:51:18, Info CSI 00000109 [sR] Beginning Verify and Repair transaction 2012-08-05 11:51:30, Info CSI 0000010b [sR] Verify complete 2012-08-05 11:51:31, Info CSI 0000010c [sR] Verifying 100 (0x0000000000000064) components 2012-08-05 11:51:31, Info CSI 0000010d [sR] Beginning Verify and Repair transaction 2012-08-05 11:51:45, Info CSI 0000010f [sR] Verify complete 2012-08-05 11:51:45, Info CSI 00000110 [sR] Verifying 100 (0x0000000000000064) components 2012-08-05 11:51:45, Info CSI 00000111 [sR] Beginning Verify and Repair transaction 2012-08-05 11:51:50, Info CSI 00000113 [sR] Verify complete 2012-08-05 11:51:51, Info CSI 00000114 [sR] Verifying 100 (0x0000000000000064) components 2012-08-05 11:51:51, Info CSI 00000115 [sR] Beginning Verify and Repair transaction 2012-08-05 11:51:53, Info CSI 00000117 [sR] Verify complete 2012-08-05 11:51:53, Info CSI 00000118 [sR] Verifying 100 (0x0000000000000064) components 2012-08-05 11:51:53, Info CSI 00000119 [sR] Beginning Verify and Repair transaction 2012-08-05 11:51:55, Info CSI 0000011b [sR] Verify complete 2012-08-05 11:51:56, Info CSI 0000011c [sR] Verifying 100 (0x0000000000000064) components 2012-08-05 11:51:56, Info CSI 0000011d [sR] Beginning Verify and Repair transaction 2012-08-05 11:52:07, Info CSI 00000130 [sR] Verify complete 2012-08-05 11:52:07, Info CSI 00000131 [sR] Verifying 100 (0x0000000000000064) components 2012-08-05 11:52:07, Info CSI 00000132 [sR] Beginning Verify and Repair transaction 2012-08-05 11:52:11, Info CSI 00000134 [sR] Verify complete 2012-08-05 11:52:11, Info CSI 00000135 [sR] Verifying 100 (0x0000000000000064) components 2012-08-05 11:52:11, Info CSI 00000136 [sR] Beginning Verify and Repair transaction 2012-08-05 11:52:13, Info CSI 00000138 [sR] Verify complete 2012-08-05 11:52:13, Info CSI 00000139 [sR] Verifying 100 (0x0000000000000064) components 2012-08-05 11:52:13, Info CSI 0000013a [sR] Beginning Verify and Repair transaction 2012-08-05 11:52:17, Info CSI 0000013c [sR] Verify complete 2012-08-05 11:52:18, Info CSI 0000013d [sR] Verifying 100 (0x0000000000000064) components 2012-08-05 11:52:18, Info CSI 0000013e [sR] Beginning Verify and Repair transaction 2012-08-05 11:52:23, Info CSI 00000140 [sR] Verify complete 2012-08-05 11:52:23, Info CSI 00000141 [sR] Verifying 100 (0x0000000000000064) components 2012-08-05 11:52:23, Info CSI 00000142 [sR] Beginning Verify and Repair transaction 2012-08-05 11:52:31, Info CSI 00000145 [sR] Verify complete 2012-08-05 11:52:32, Info CSI 00000146 [sR] Verifying 100 (0x0000000000000064) components 2012-08-05 11:52:32, Info CSI 00000147 [sR] Beginning Verify and Repair transaction 2012-08-05 11:52:40, Info CSI 00000149 [sR] Verify complete 2012-08-05 11:52:40, Info CSI 0000014a [sR] Verifying 100 (0x0000000000000064) components 2012-08-05 11:52:40, Info CSI 0000014b [sR] Beginning Verify and Repair transaction 2012-08-05 11:52:43, Info CSI 0000014d [sR] Verify complete 2012-08-05 11:52:43, Info CSI 0000014e [sR] Verifying 100 (0x0000000000000064) components 2012-08-05 11:52:43, Info CSI 0000014f [sR] Beginning Verify and Repair transaction 2012-08-05 11:52:50, Info CSI 00000151 [sR] Verify complete 2012-08-05 11:52:50, Info CSI 00000152 [sR] Verifying 100 (0x0000000000000064) components 2012-08-05 11:52:50, Info CSI 00000153 [sR] Beginning Verify and Repair transaction 2012-08-05 11:52:55, Info CSI 00000155 [sR] Verify complete 2012-08-05 11:52:56, Info CSI 00000156 [sR] Verifying 100 (0x0000000000000064) components 2012-08-05 11:52:56, Info CSI 00000157 [sR] Beginning Verify and Repair transaction 2012-08-05 11:53:06, Info CSI 00000159 [sR] Verify complete 2012-08-05 11:53:06, Info CSI 0000015a [sR] Verifying 100 (0x0000000000000064) components 2012-08-05 11:53:06, Info CSI 0000015b [sR] Beginning Verify and Repair transaction 2012-08-05 11:53:19, Info CSI 00000173 [sR] Verify complete 2012-08-05 11:53:20, Info CSI 00000174 [sR] Verifying 100 (0x0000000000000064) components 2012-08-05 11:53:20, Info CSI 00000175 [sR] Beginning Verify and Repair transaction 2012-08-05 11:53:27, Info CSI 00000177 [sR] Verify complete 2012-08-05 11:53:28, Info CSI 00000178 [sR] Verifying 100 (0x0000000000000064) components 2012-08-05 11:53:28, Info CSI 00000179 [sR] Beginning Verify and Repair transaction 2012-08-05 11:53:52, Info CSI 0000017b [sR] Verify complete 2012-08-05 11:53:52, Info CSI 0000017c [sR] Verifying 100 (0x0000000000000064) components 2012-08-05 11:53:52, Info CSI 0000017d [sR] Beginning Verify and Repair transaction 2012-08-05 11:54:02, Info CSI 0000017f [sR] Verify complete 2012-08-05 11:54:03, Info CSI 00000180 [sR] Verifying 100 (0x0000000000000064) components 2012-08-05 11:54:03, Info CSI 00000181 [sR] Beginning Verify and Repair transaction 2012-08-05 11:54:13, Info CSI 00000183 [sR] Verify complete 2012-08-05 11:54:14, Info CSI 00000184 [sR] Verifying 100 (0x0000000000000064) components 2012-08-05 11:54:14, Info CSI 00000185 [sR] Beginning Verify and Repair transaction 2012-08-05 11:54:22, Info CSI 00000187 [sR] Verify complete 2012-08-05 11:54:22, Info CSI 00000188 [sR] Verifying 100 (0x0000000000000064) components 2012-08-05 11:54:22, Info CSI 00000189 [sR] Beginning Verify and Repair transaction 2012-08-05 11:54:27, Info CSI 0000018b [sR] Verify complete 2012-08-05 11:54:28, Info CSI 0000018c [sR] Verifying 100 (0x0000000000000064) components 2012-08-05 11:54:28, Info CSI 0000018d [sR] Beginning Verify and Repair transaction 2012-08-05 11:54:34, Info CSI 00000191 [sR] Verify complete 2012-08-05 11:54:35, Info CSI 00000192 [sR] Verifying 100 (0x0000000000000064) components 2012-08-05 11:54:35, Info CSI 00000193 [sR] Beginning Verify and Repair transaction 2012-08-05 11:54:43, Info CSI 00000195 [sR] Verify complete 2012-08-05 11:54:44, Info CSI 00000196 [sR] Verifying 100 (0x0000000000000064) components 2012-08-05 11:54:44, Info CSI 00000197 [sR] Beginning Verify and Repair transaction 2012-08-05 11:54:53, Info CSI 00000199 [sR] Repairing corrupted file [ml:520{260},l:46{23}]"\??\C:\Windows\System32"\[l:24{12}]"services.exe" from store 2012-08-05 11:54:54, Info CSI 0000019b [sR] Verify complete 2012-08-05 11:54:54, Info CSI 0000019c [sR] Verifying 100 (0x0000000000000064) components 2012-08-05 11:54:54, Info CSI 0000019d [sR] Beginning Verify and Repair transaction 2012-08-05 11:55:04, Info CSI 0000019f [sR] Verify complete 2012-08-05 11:55:05, Info CSI 000001a0 [sR] Verifying 100 (0x0000000000000064) components 2012-08-05 11:55:05, Info CSI 000001a1 [sR] Beginning Verify and Repair transaction 2012-08-05 11:55:12, Info CSI 000001a3 [sR] Cannot repair member file [l:24{12}]"settings.ini" of Microsoft-Windows-Sidebar, Version = 6.0.6002.18005, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch 2012-08-05 11:55:16, Info CSI 000001a5 [sR] Cannot repair member file [l:24{12}]"settings.ini" of Microsoft-Windows-Sidebar, Version = 6.0.6002.18005, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch 2012-08-05 11:55:16, Info CSI 000001a6 [sR] This component was referenced by [l:162{81}]"Package_17_for_KB948465~31bf3856ad364e35~amd64~~6.0.1.18005.948465-60_neutral_GDR" 2012-08-05 11:55:17, Info CSI 000001a8 [sR] Verify complete 2012-08-05 11:55:17, Info CSI 000001a9 [sR] Verifying 100 (0x0000000000000064) components 2012-08-05 11:55:17, Info CSI 000001aa [sR] Beginning Verify and Repair transaction 2012-08-05 11:55:25, Info CSI 000001ac [sR] Verify complete 2012-08-05 11:55:26, Info CSI 000001ad [sR] Verifying 100 (0x0000000000000064) components 2012-08-05 11:55:26, Info CSI 000001ae [sR] Beginning Verify and Repair transaction 2012-08-05 11:55:34, Info CSI 000001b0 [sR] Verify complete 2012-08-05 11:55:34, Info CSI 000001b1 [sR] Verifying 100 (0x0000000000000064) components 2012-08-05 11:55:34, Info CSI 000001b2 [sR] Beginning Verify and Repair transaction 2012-08-05 11:55:49, Info CSI 000001b5 [sR] Verify complete 2012-08-05 11:55:49, Info CSI 000001b6 [sR] Verifying 100 (0x0000000000000064) components 2012-08-05 11:55:49, Info CSI 000001b7 [sR] Beginning Verify and Repair transaction 2012-08-05 11:55:55, Info CSI 000001b9 [sR] Verify complete 2012-08-05 11:55:56, Info CSI 000001ba [sR] Verifying 100 (0x0000000000000064) components 2012-08-05 11:55:56, Info CSI 000001bb [sR] Beginning Verify and Repair transaction 2012-08-05 11:56:02, Info CSI 000001be [sR] Verify complete 2012-08-05 11:56:03, Info CSI 000001bf [sR] Verifying 100 (0x0000000000000064) components 2012-08-05 11:56:03, Info CSI 000001c0 [sR] Beginning Verify and Repair transaction 2012-08-05 11:56:10, Info CSI 000001c3 [sR] Verify complete 2012-08-05 11:56:11, Info CSI 000001c4 [sR] Verifying 100 (0x0000000000000064) components 2012-08-05 11:56:11, Info CSI 000001c5 [sR] Beginning Verify and Repair transaction 2012-08-05 11:56:21, Info CSI 000001ca [sR] Verify complete 2012-08-05 11:56:21, Info CSI 000001cb [sR] Verifying 100 (0x0000000000000064) components 2012-08-05 11:56:21, Info CSI 000001cc [sR] Beginning Verify and Repair transaction 2012-08-05 11:56:30, Info CSI 000001ce [sR] Verify complete 2012-08-05 11:56:31, Info CSI 000001cf [sR] Verifying 100 (0x0000000000000064) components 2012-08-05 11:56:31, Info CSI 000001d0 [sR] Beginning Verify and Repair transaction 2012-08-05 11:56:42, Info CSI 000001d2 [sR] Verify complete 2012-08-05 11:56:42, Info CSI 000001d3 [sR] Verifying 100 (0x0000000000000064) components 2012-08-05 11:56:42, Info CSI 000001d4 [sR] Beginning Verify and Repair transaction 2012-08-05 11:56:46, Info CSI 000001d6 [sR] Verify complete 2012-08-05 11:56:47, Info CSI 000001d7 [sR] Verifying 100 (0x0000000000000064) components 2012-08-05 11:56:47, Info CSI 000001d8 [sR] Beginning Verify and Repair transaction 2012-08-05 11:56:53, Info CSI 000001da [sR] Verify complete 2012-08-05 11:56:54, Info CSI 000001db [sR] Verifying 100 (0x0000000000000064) components 2012-08-05 11:56:54, Info CSI 000001dc [sR] Beginning Verify and Repair transaction 2012-08-05 11:57:01, Info CSI 000001de [sR] Verify complete 2012-08-05 11:57:02, Info CSI 000001df [sR] Verifying 100 (0x0000000000000064) components 2012-08-05 11:57:02, Info CSI 000001e0 [sR] Beginning Verify and Repair transaction 2012-08-05 11:57:12, Info CSI 000001e2 [sR] Verify complete 2012-08-05 11:57:13, Info CSI 000001e3 [sR] Verifying 100 (0x0000000000000064) components 2012-08-05 11:57:13, Info CSI 000001e4 [sR] Beginning Verify and Repair transaction 2012-08-05 11:57:19, Info CSI 000001e6 [sR] Verify complete 2012-08-05 11:57:20, Info CSI 000001e7 [sR] Verifying 100 (0x0000000000000064) components 2012-08-05 11:57:20, Info CSI 000001e8 [sR] Beginning Verify and Repair transaction 2012-08-05 11:57:34, Info CSI 000001ea [sR] Verify complete 2012-08-05 11:57:35, Info CSI 000001eb [sR] Verifying 100 (0x0000000000000064) components 2012-08-05 11:57:35, Info CSI 000001ec [sR] Beginning Verify and Repair transaction 2012-08-05 11:57:40, Info CSI 000001ee [sR] Verify complete 2012-08-05 11:57:40, Info CSI 000001ef [sR] Verifying 100 (0x0000000000000064) components 2012-08-05 11:57:40, Info CSI 000001f0 [sR] Beginning Verify and Repair transaction 2012-08-05 11:57:50, Info CSI 000001fb [sR] Verify complete 2012-08-05 11:57:52, Info CSI 000001fc [sR] Verifying 100 (0x0000000000000064) components 2012-08-05 11:57:52, Info CSI 000001fd [sR] Beginning Verify and Repair transaction 2012-08-05 11:57:59, Info CSI 000001ff [sR] Verify complete 2012-08-05 11:58:00, Info CSI 00000200 [sR] Verifying 100 (0x0000000000000064) components 2012-08-05 11:58:00, Info CSI 00000201 [sR] Beginning Verify and Repair transaction 2012-08-05 11:58:08, Info CSI 00000203 [sR] Verify complete 2012-08-05 11:58:10, Info CSI 00000204 [sR] Verifying 100 (0x0000000000000064) components 2012-08-05 11:58:10, Info CSI 00000205 [sR] Beginning Verify and Repair transaction 2012-08-05 11:58:19, Info CSI 00000207 [sR] Verify complete 2012-08-05 11:58:20, Info CSI 00000208 [sR] Verifying 100 (0x0000000000000064) components 2012-08-05 11:58:20, Info CSI 00000209 [sR] Beginning Verify and Repair transaction 2012-08-05 11:58:30, Info CSI 0000020b [sR] Verify complete 2012-08-05 11:58:31, Info CSI 0000020c [sR] Verifying 100 (0x0000000000000064) components 2012-08-05 11:58:31, Info CSI 0000020d [sR] Beginning Verify and Repair transaction 2012-08-05 11:58:37, Info CSI 0000020f [sR] Verify complete 2012-08-05 11:58:37, Info CSI 00000210 [sR] Verifying 100 (0x0000000000000064) components 2012-08-05 11:58:37, Info CSI 00000211 [sR] Beginning Verify and Repair transaction 2012-08-05 11:58:40, Info CSI 00000213 [sR] Verify complete 2012-08-05 11:58:40, Info CSI 00000214 [sR] Verifying 100 (0x0000000000000064) components 2012-08-05 11:58:40, Info CSI 00000215 [sR] Beginning Verify and Repair transaction 2012-08-05 11:58:49, Info CSI 00000219 [sR] Verify complete 2012-08-05 11:58:50, Info CSI 0000021a [sR] Verifying 100 (0x0000000000000064) components 2012-08-05 11:58:50, Info CSI 0000021b [sR] Beginning Verify and Repair transaction 2012-08-05 11:58:58, Info CSI 00000220 [sR] Verify complete 2012-08-05 11:58:59, Info CSI 00000221 [sR] Verifying 100 (0x0000000000000064) components 2012-08-05 11:58:59, Info CSI 00000222 [sR] Beginning Verify and Repair transaction 2012-08-05 11:59:01, Info CSI 00000224 [sR] Cannot repair member file [l:24{12}]"settings.ini" of Microsoft-Windows-Sidebar, Version = 6.0.6002.18005, pA = PROCESSOR_ARCHITECTURE_IA32_ON_WIN64 (10), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch 2012-08-05 11:59:11, Info CSI 00000229 [sR] Cannot repair member file [l:24{12}]"settings.ini" of Microsoft-Windows-Sidebar, Version = 6.0.6002.18005, pA = PROCESSOR_ARCHITECTURE_IA32_ON_WIN64 (10), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch 2012-08-05 11:59:11, Info CSI 0000022a [sR] This component was referenced by [l:162{81}]"Package_17_for_KB948465~31bf3856ad364e35~amd64~~6.0.1.18005.948465-60_neutral_GDR" 2012-08-05 11:59:15, Info CSI 00000231 [sR] Verify complete 2012-08-05 11:59:16, Info CSI 00000232 [sR] Verifying 100 (0x0000000000000064) components 2012-08-05 11:59:16, Info CSI 00000233 [sR] Beginning Verify and Repair transaction 2012-08-05 11:59:26, Info CSI 0000023f [sR] Verify complete 2012-08-05 11:59:27, Info CSI 00000240 [sR] Verifying 100 (0x0000000000000064) components 2012-08-05 11:59:27, Info CSI 00000241 [sR] Beginning Verify and Repair transaction 2012-08-05 11:59:32, Info CSI 00000243 [sR] Verify complete 2012-08-05 11:59:33, Info CSI 00000244 [sR] Verifying 100 (0x0000000000000064) components 2012-08-05 11:59:33, Info CSI 00000245 [sR] Beginning Verify and Repair transaction 2012-08-05 11:59:37, Info CSI 00000249 [sR] Verify complete 2012-08-05 11:59:38, Info CSI 0000024a [sR] Verifying 100 (0x0000000000000064) components 2012-08-05 11:59:38, Info CSI 0000024b [sR] Beginning Verify and Repair transaction 2012-08-05 11:59:43, Info CSI 0000024e [sR] Verify complete 2012-08-05 11:59:43, Info CSI 0000024f [sR] Verifying 100 (0x0000000000000064) components 2012-08-05 11:59:43, Info CSI 00000250 [sR] Beginning Verify and Repair transaction 2012-08-05 11:59:52, Info CSI 00000275 [sR] Verify complete 2012-08-05 11:59:52, Info CSI 00000276 [sR] Verifying 100 (0x0000000000000064) components 2012-08-05 11:59:52, Info CSI 00000277 [sR] Beginning Verify and Repair transaction 2012-08-05 11:59:56, Info CSI 00000279 [sR] Verify complete 2012-08-05 11:59:57, Info CSI 0000027a [sR] Verifying 100 (0x0000000000000064) components 2012-08-05 11:59:57, Info CSI 0000027b [sR] Beginning Verify and Repair transaction 2012-08-05 12:00:02, Info CSI 0000027d [sR] Verify complete 2012-08-05 12:00:03, Info CSI 0000027e [sR] Verifying 100 (0x0000000000000064) components 2012-08-05 12:00:03, Info CSI 0000027f [sR] Beginning Verify and Repair transaction 2012-08-05 12:00:09, Info CSI 00000281 [sR] Verify complete 2012-08-05 12:00:10, Info CSI 00000282 [sR] Verifying 100 (0x0000000000000064) components 2012-08-05 12:00:10, Info CSI 00000283 [sR] Beginning Verify and Repair transaction 2012-08-05 12:00:18, Info CSI 00000288 [sR] Verify complete 2012-08-05 12:00:18, Info CSI 00000289 [sR] Verifying 100 (0x0000000000000064) components 2012-08-05 12:00:18, Info CSI 0000028a [sR] Beginning Verify and Repair transaction 2012-08-05 12:00:31, Info CSI 00000290 [sR] Verify complete 2012-08-05 12:00:32, Info CSI 00000291 [sR] Verifying 100 (0x0000000000000064) components 2012-08-05 12:00:32, Info CSI 00000292 [sR] Beginning Verify and Repair transaction 2012-08-05 12:00:39, Info CSI 0000029c [sR] Verify complete 2012-08-05 12:00:39, Info CSI 0000029d [sR] Verifying 100 (0x0000000000000064) components 2012-08-05 12:00:39, Info CSI 0000029e [sR] Beginning Verify and Repair transaction 2012-08-05 12:00:41, Info CSI 000002a0 [sR] Verify complete 2012-08-05 12:00:42, Info CSI 000002a1 [sR] Verifying 100 (0x0000000000000064) components 2012-08-05 12:00:42, Info CSI 000002a2 [sR] Beginning Verify and Repair transaction 2012-08-05 12:00:48, Info CSI 000002a5 [sR] Verify complete 2012-08-05 12:00:49, Info CSI 000002a6 [sR] Verifying 100 (0x0000000000000064) components 2012-08-05 12:00:49, Info CSI 000002a7 [sR] Beginning Verify and Repair transaction 2012-08-05 12:00:57, Info CSI 000002a9 [sR] Repairing corrupted file [ml:520{260},l:76{38}]"\??\C:\Windows\PolicyDefinitions\fr-FR"\[l:24{12}]"InetRes.adml" from store 2012-08-05 12:00:57, Info CSI 000002ac [sR] Repairing corrupted file [ml:520{260},l:64{32}]"\??\C:\Windows\PolicyDefinitions"\[l:24{12}]"inetres.admx" from store 2012-08-05 12:00:58, Info CSI 000002af [sR] Repairing corrupted file [ml:520{260},l:76{38}]"\??\C:\Windows\PolicyDefinitions\en-US"\[l:24{12}]"InetRes.adml" from store 2012-08-05 12:00:58, Info CSI 000002b3 [sR] Verify complete 2012-08-05 12:00:59, Info CSI 000002b4 [sR] Verifying 100 (0x0000000000000064) components 2012-08-05 12:00:59, Info CSI 000002b5 [sR] Beginning Verify and Repair transaction 2012-08-05 12:01:02, Info CSI 000002b7 [sR] Verify complete 2012-08-05 12:01:02, Info CSI 000002b8 [sR] Verifying 100 (0x0000000000000064) components 2012-08-05 12:01:02, Info CSI 000002b9 [sR] Beginning Verify and Repair transaction 2012-08-05 12:01:09, Info CSI 000002bb [sR] Verify complete 2012-08-05 12:01:10, Info CSI 000002bc [sR] Verifying 100 (0x0000000000000064) components 2012-08-05 12:01:10, Info CSI 000002bd [sR] Beginning Verify and Repair transaction 2012-08-05 12:01:15, Info CSI 000002bf [sR] Verify complete 2012-08-05 12:01:15, Info CSI 000002c0 [sR] Verifying 100 (0x0000000000000064) components 2012-08-05 12:01:15, Info CSI 000002c1 [sR] Beginning Verify and Repair transaction 2012-08-05 12:01:27, Info CSI 000002db [sR] Verify complete 2012-08-05 12:01:27, Info CSI 000002dc [sR] Verifying 100 (0x0000000000000064) components 2012-08-05 12:01:27, Info CSI 000002dd [sR] Beginning Verify and Repair transaction 2012-08-05 12:01:35, Info CSI 000002e1 [sR] Verify complete 2012-08-05 12:01:36, Info CSI 000002e2 [sR] Verifying 100 (0x0000000000000064) components 2012-08-05 12:01:36, Info CSI 000002e3 [sR] Beginning Verify and Repair transaction 2012-08-05 12:01:58, Info CSI 000002e5 [sR] Verify complete 2012-08-05 12:01:59, Info CSI 000002e6 [sR] Verifying 100 (0x0000000000000064) components 2012-08-05 12:01:59, Info CSI 000002e7 [sR] Beginning Verify and Repair transaction 2012-08-05 12:02:06, Info CSI 000002e9 [sR] Verify complete 2012-08-05 12:02:07, Info CSI 000002ea [sR] Verifying 100 (0x0000000000000064) components 2012-08-05 12:02:07, Info CSI 000002eb [sR] Beginning Verify and Repair transaction 2012-08-05 12:02:13, Info CSI 000002ed [sR] Verify complete 2012-08-05 12:02:14, Info CSI 000002ee [sR] Verifying 100 (0x0000000000000064) components 2012-08-05 12:02:14, Info CSI 000002ef [sR] Beginning Verify and Repair transaction 2012-08-05 12:02:19, Info CSI 000002f2 [sR] Verify complete 2012-08-05 12:02:20, Info CSI 000002f3 [sR] Verifying 100 (0x0000000000000064) components 2012-08-05 12:02:20, Info CSI 000002f4 [sR] Beginning Verify and Repair transaction 2012-08-05 12:02:28, Info CSI 000002f6 [sR] Verify complete 2012-08-05 12:02:28, Info CSI 000002f7 [sR] Verifying 100 (0x0000000000000064) components 2012-08-05 12:02:28, Info CSI 000002f8 [sR] Beginning Verify and Repair transaction 2012-08-05 12:02:36, Info CSI 000002fa [sR] Verify complete 2012-08-05 12:02:37, Info CSI 000002fb [sR] Verifying 100 (0x0000000000000064) components 2012-08-05 12:02:37, Info CSI 000002fc [sR] Beginning Verify and Repair transaction 2012-08-05 12:02:43, Info CSI 000002fe [sR] Verify complete 2012-08-05 12:02:43, Info CSI 000002ff [sR] Verifying 100 (0x0000000000000064) components 2012-08-05 12:02:43, Info CSI 00000300 [sR] Beginning Verify and Repair transaction 2012-08-05 12:02:48, Info CSI 00000303 [sR] Verify complete 2012-08-05 12:02:49, Info CSI 00000304 [sR] Verifying 100 (0x0000000000000064) components 2012-08-05 12:02:49, Info CSI 00000305 [sR] Beginning Verify and Repair transaction 2012-08-05 12:02:54, Info CSI 00000307 [sR] Verify complete 2012-08-05 12:02:54, Info CSI 00000308 [sR] Verifying 100 (0x0000000000000064) components 2012-08-05 12:02:54, Info CSI 00000309 [sR] Beginning Verify and Repair transaction 2012-08-05 12:03:01, Info CSI 0000030c [sR] Verify complete 2012-08-05 12:03:01, Info CSI 0000030d [sR] Verifying 100 (0x0000000000000064) components 2012-08-05 12:03:01, Info CSI 0000030e [sR] Beginning Verify and Repair transaction 2012-08-05 12:03:09, Info CSI 00000312 [sR] Verify complete 2012-08-05 12:03:10, Info CSI 00000313 [sR] Verifying 100 (0x0000000000000064) components 2012-08-05 12:03:10, Info CSI 00000314 [sR] Beginning Verify and Repair transaction 2012-08-05 12:03:18, Info CSI 00000316 [sR] Verify complete 2012-08-05 12:03:19, Info CSI 00000317 [sR] Verifying 100 (0x0000000000000064) components 2012-08-05 12:03:19, Info CSI 00000318 [sR] Beginning Verify and Repair transaction 2012-08-05 12:03:26, Info CSI 0000031b [sR] Verify complete 2012-08-05 12:03:27, Info CSI 0000031c [sR] Verifying 100 (0x0000000000000064) components 2012-08-05 12:03:27, Info CSI 0000031d [sR] Beginning Verify and Repair transaction 2012-08-05 12:03:33, Info CSI 0000031f [sR] Verify complete 2012-08-05 12:03:34, Info CSI 00000320 [sR] Verifying 100 (0x0000000000000064) components 2012-08-05 12:03:34, Info CSI 00000321 [sR] Beginning Verify and Repair transaction 2012-08-05 12:03:40, Info CSI 00000323 [sR] Verify complete 2012-08-05 12:03:41, Info CSI 00000324 [sR] Verifying 100 (0x0000000000000064) components 2012-08-05 12:03:41, Info CSI 00000325 [sR] Beginning Verify and Repair transaction 2012-08-05 12:03:50, Info CSI 00000327 [sR] Verify complete 2012-08-05 12:03:50, Info CSI 00000328 [sR] Verifying 22 (0x0000000000000016) components 2012-08-05 12:03:50, Info CSI 00000329 [sR] Beginning Verify and Repair transaction 2012-08-05 12:03:51, Info CSI 0000032b [sR] Verify complete 2012-08-05 12:03:51, Info CSI 0000032c [sR] Repairing 6 components 2012-08-05 12:03:51, Info CSI 0000032d [sR] Beginning Verify and Repair transaction 2012-08-05 12:03:51, Info CSI 0000032f [sR] Cannot repair member file [l:24{12}]"settings.ini" of Microsoft-Windows-Sidebar, Version = 6.0.6002.18005, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch 2012-08-05 12:03:51, Info CSI 00000331 [sR] Cannot repair member file [l:24{12}]"settings.ini" of Microsoft-Windows-Sidebar, Version = 6.0.6002.18005, pA = PROCESSOR_ARCHITECTURE_IA32_ON_WIN64 (10), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch 2012-08-05 12:03:51, Info CSI 00000333 [sR] Repairing corrupted file [ml:520{260},l:46{23}]"\??\C:\Windows\System32"\[l:24{12}]"services.exe" from store 2012-08-05 12:03:51, Info CSI 00000335 [sR] Cannot repair member file [l:24{12}]"settings.ini" of Microsoft-Windows-Sidebar, Version = 6.0.6002.18005, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch 2012-08-05 12:03:51, Info CSI 00000336 [sR] This component was referenced by [l:162{81}]"Package_17_for_KB948465~31bf3856ad364e35~amd64~~6.0.1.18005.948465-60_neutral_GDR" 2012-08-05 12:03:52, Info CSI 00000338 [sR] Cannot repair member file [l:24{12}]"settings.ini" of Microsoft-Windows-Sidebar, Version = 6.0.6002.18005, pA = PROCESSOR_ARCHITECTURE_IA32_ON_WIN64 (10), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch 2012-08-05 12:03:52, Info CSI 00000339 [sR] This component was referenced by [l:162{81}]"Package_17_for_KB948465~31bf3856ad364e35~amd64~~6.0.1.18005.948465-60_neutral_GDR" 2012-08-05 12:03:52, Info CSI 0000033b [sR] Repairing corrupted file [ml:520{260},l:76{38}]"\??\C:\Windows\PolicyDefinitions\fr-FR"\[l:24{12}]"InetRes.adml" from store 2012-08-05 12:03:52, Info CSI 0000033e [sR] Repairing corrupted file [ml:520{260},l:64{32}]"\??\C:\Windows\PolicyDefinitions"\[l:24{12}]"inetres.admx" from store 2012-08-05 12:03:52, Info CSI 00000341 [sR] Repairing corrupted file [ml:520{260},l:76{38}]"\??\C:\Windows\PolicyDefinitions\en-US"\[l:24{12}]"InetRes.adml" from store 2012-08-05 12:03:52, Info CSI 00000344 [sR] Repair complete 2012-08-05 12:03:52, Info CSI 00000345 [sR] Committing transaction 2012-08-05 12:03:52, Info CSI 00000349 [sR] Unable to complete Verify and Repair transaction because some of the files that need to be repaired are in use. A reboot is required to complete this operation. 2012-08-05 12:03:52, Info CSI 0000034a [sR] Repairing 6 components 2012-08-05 12:03:52, Info CSI 0000034b [sR] Beginning Verify and Repair transaction 2012-08-05 12:03:52, Info CSI 0000034d [sR] Cannot repair member file [l:24{12}]"settings.ini" of Microsoft-Windows-Sidebar, Version = 6.0.6002.18005, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch 2012-08-05 12:03:52, Info CSI 0000034f [sR] Cannot repair member file [l:24{12}]"settings.ini" of Microsoft-Windows-Sidebar, Version = 6.0.6002.18005, pA = PROCESSOR_ARCHITECTURE_IA32_ON_WIN64 (10), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch 2012-08-05 12:03:53, Info CSI 00000351 [sR] Repairing corrupted file [ml:520{260},l:46{23}]"\??\C:\Windows\System32"\[l:24{12}]"services.exe" from store 2012-08-05 12:03:53, Info CSI 00000353 [sR] Cannot repair member file [l:24{12}]"settings.ini" of Microsoft-Windows-Sidebar, Version = 6.0.6002.18005, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch 2012-08-05 12:03:53, Info CSI 00000354 [sR] This component was referenced by [l:162{81}]"Package_17_for_KB948465~31bf3856ad364e35~amd64~~6.0.1.18005.948465-60_neutral_GDR" 2012-08-05 12:03:53, Info CSI 00000356 [sR] Cannot repair member file [l:24{12}]"settings.ini" of Microsoft-Windows-Sidebar, Version = 6.0.6002.18005, pA = PROCESSOR_ARCHITECTURE_IA32_ON_WIN64 (10), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch 2012-08-05 12:03:53, Info CSI 00000357 [sR] This component was referenced by [l:162{81}]"Package_17_for_KB948465~31bf3856ad364e35~amd64~~6.0.1.18005.948465-60_neutral_GDR" 2012-08-05 12:03:53, Info CSI 00000359 [sR] Repairing corrupted file [ml:520{260},l:76{38}]"\??\C:\Windows\PolicyDefinitions\fr-FR"\[l:24{12}]"InetRes.adml" from store 2012-08-05 12:03:53, Info CSI 0000035c [sR] Repairing corrupted file [ml:520{260},l:64{32}]"\??\C:\Windows\PolicyDefinitions"\[l:24{12}]"inetres.admx" from store 2012-08-05 12:03:53, Info CSI 0000035f [sR] Repairing corrupted file [ml:520{260},l:76{38}]"\??\C:\Windows\PolicyDefinitions\en-US"\[l:24{12}]"InetRes.adml" from store 2012-08-05 12:03:53, Info CSI 00000362 [sR] Repair complete
  3. cof336
    Ci joint le rapport de Combo fix ComboFix 12-08-04.02 - Sophie 04/08/2012 19:19:19.8.4 - x64 MINIMAL Microsoft® Windows Vista™ Édition Familiale Premium 6.0.6002.2.1252.33.1036.18.4094.2954 [GMT 2:00] Lancé depuis: c:\users\Sophie\Desktop\ComboFix.exe SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . . c:\users\Sophie\AppData\Roaming\.# c:\users\Sophie\AppData\Roaming\Island c:\users\Sophie\AppData\Roaming\Island\space.rgt c:\users\Sophie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Live Security Platinum c:\users\Sophie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Live Security Platinum\Live Security Platinum.lnk c:\users\Sophie\Documents\~WRL0001.tmp c:\windows\SysWow64\jucheck.exe c:\windows\SysWow64\jusched.exe . c:\windows\system32\Services.exe . . . est infecté!! . . ((((((((((((((((((((((((((((( Fichiers créés du 2012-07-04 au 2012-08-04 )))))))))))))))))))))))))))))))))))) . . 2012-08-04 19:46 . 2012-08-04 19:52 -------- d-----w- c:\users\Sophie\AppData\Local\temp 2012-08-04 19:46 . 2012-08-04 19:46 -------- d-----w- c:\users\Default\AppData\Local\temp 2012-07-30 05:55 . 2012-07-30 05:55 -------- d-----w- c:\program files (x86)\Common Files\Skype 2012-07-29 20:52 . 2012-07-29 20:52 476976 ----a-w- c:\windows\SysWow64\npdeployJava1.dll 2012-07-29 18:32 . 2012-07-30 05:37 -------- d-----w- C:\ZHP 2012-07-29 18:32 . 2012-07-30 05:33 -------- d-----w- c:\program files (x86)\ZHPDiag 2012-07-29 18:14 . 2012-07-29 18:14 -------- d-sh--w- c:\windows\system32\%APPDATA% 2012-07-29 17:01 . 2012-07-31 17:25 -------- d-----w- c:\programdata\7531CC96031195C8BC1AD5BE2F3B707C 2012-07-28 14:43 . 2012-07-16 00:40 9133488 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{02AD2FC3-9AF1-4990-BD98-F9506EA42EF3}\mpengine.dll 2012-07-28 14:41 . 2012-06-05 16:22 974848 ----a-w- c:\program files\Common Files\System\ado\msado15.dll 2012-07-28 14:41 . 2012-06-05 16:47 708608 ----a-w- c:\program files (x86)\Common Files\System\ado\msado15.dll 2012-07-28 14:41 . 2012-06-05 16:47 1401856 ----a-w- c:\windows\SysWow64\msxml6.dll 2012-07-28 14:41 . 2012-06-05 16:47 1248768 ----a-w- c:\windows\SysWow64\msxml3.dll 2012-07-28 14:41 . 2012-06-05 16:22 1797120 ----a-w- c:\windows\system32\msxml6.dll 2012-07-28 14:41 . 2012-06-05 16:22 1869824 ----a-w- c:\windows\system32\msxml3.dll 2012-07-28 14:41 . 2012-06-04 15:29 516480 ----a-w- c:\windows\system32\drivers\ksecdd.sys 2012-07-28 14:41 . 2012-06-02 00:22 347136 ----a-w- c:\windows\system32\schannel.dll 2012-07-28 14:41 . 2012-06-02 00:22 254464 ----a-w- c:\windows\system32\ncrypt.dll 2012-07-28 14:41 . 2012-06-02 00:05 77312 ----a-w- c:\windows\SysWow64\secur32.dll 2012-07-28 14:41 . 2012-06-02 00:04 278528 ----a-w- c:\windows\SysWow64\schannel.dll 2012-07-28 14:41 . 2012-06-02 00:03 204288 ----a-w- c:\windows\SysWow64\ncrypt.dll 2012-07-28 14:36 . 2012-06-08 17:59 12899840 ----a-w- c:\windows\system32\shell32.dll 2012-07-28 06:54 . 2012-07-28 06:54 -------- d-----w- c:\users\Sophie\AppData\Roaming\PeerNetworking 2012-07-28 06:53 . 2012-07-28 06:53 -------- d-----w- c:\users\Sophie\AppData\Local\MigWiz . . . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2012-08-03 15:13 . 2012-04-20 18:28 426184 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe 2012-08-03 15:13 . 2011-06-03 16:44 70344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl 2012-07-29 20:52 . 2010-06-06 13:30 472880 ----a-w- c:\windows\SysWow64\deployJava1.dll 2012-07-28 21:46 . 2006-11-02 12:35 59701280 ----a-w- c:\windows\system32\mrt.exe 2012-06-02 22:19 . 2012-06-30 16:07 38424 ----a-w- c:\windows\system32\wups.dll 2012-06-02 22:19 . 2012-06-30 16:09 2428952 ----a-w- c:\windows\system32\wuaueng.dll 2012-06-02 22:19 . 2012-06-30 16:09 57880 ----a-w- c:\windows\system32\wuauclt.exe 2012-06-02 22:19 . 2012-06-30 16:09 44056 ----a-w- c:\windows\system32\wups2.dll 2012-06-02 22:19 . 2012-06-30 16:07 35864 ----a-w- c:\windows\SysWow64\wups.dll 2012-06-02 22:19 . 2012-06-30 16:07 701976 ----a-w- c:\windows\system32\wuapi.dll 2012-06-02 22:19 . 2012-06-30 16:07 577048 ----a-w- c:\windows\SysWow64\wuapi.dll 2012-06-02 22:15 . 2012-06-30 16:09 2622464 ----a-w- c:\windows\system32\wucltux.dll 2012-06-02 22:15 . 2012-06-30 16:07 99840 ----a-w- c:\windows\system32\wudriver.dll 2012-06-02 22:12 . 2012-06-30 16:07 88576 ----a-w- c:\windows\SysWow64\wudriver.dll 2012-06-02 13:19 . 2012-06-30 16:07 186752 ----a-w- c:\windows\system32\wuwebv.dll 2012-06-02 13:19 . 2012-06-30 16:07 171904 ----a-w- c:\windows\SysWow64\wuwebv.dll 2012-06-02 13:15 . 2012-06-30 16:07 36864 ----a-w- c:\windows\system32\wuapp.exe 2012-06-02 13:12 . 2012-06-30 16:07 33792 ----a-w- c:\windows\SysWow64\wuapp.exe 2012-05-31 10:25 . 2009-10-03 06:38 279656 ------w- c:\windows\system32\MpSigStub.exe . . ------- Sigcheck ------- Note: Unsigned files aren't necessarily malware. . [-] 2009-04-11 . BC81150939BD52DBC7A08C245F1FB229 . 384512 . . [6.0.6000.16386] .. c:\windows\system32\services.exe . ((((((((((((((((((((((((((((((((( Points de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1555968] "ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 138240] "MobileDocuments"="c:\program files (x86)\Common Files\Apple\Internet Services\ubd.exe" [2012-02-23 59240] "Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2012-07-13 17418928] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "hpsysdrv"="c:\hp\support\hpsysdrv.exe" [2007-04-18 65536] "KBD"="c:\hp\KBD\KbdStub.EXE" [2006-12-08 65536] "HP Health Check Scheduler"="c:\program files (x86)\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe" [2008-06-02 75008] "ANIWZCS2Service"="c:\program files (x86)\ANI\ANIWZCS2 Service\WZCSLDR2.exe" [2007-01-19 49152] "D-Link D-Link Wireless G DWA-110"="c:\program files (x86)\D-Link\D-Link Wireless G DWA-110\AirGCFG.exe" [2008-04-15 1675264] "BrMfcWnd"="c:\program files (x86)\Brother\Brmfcmon\BrMfcWnd.exe" [2007-03-12 663552] "ControlCenter3"="c:\program files (x86)\Brother\ControlCenter3\brctrcen.exe" [2007-01-26 65536] "Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-10-14 39792] "AppleSyncNotifier"="c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2012-02-23 59240] "HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2011-01-12 49208] "TkBellExe"="c:\program files\real\realplayer\Update\realsched.exe" [2011-07-29 273544] "APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-02-20 59240] "iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-03-27 421736] "QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2012-04-18 421888] "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696] . c:\users\Sophie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ Lanceur.lnk - c:\program files (x86)\Micro Application\LauncherMA.exe [2009-2-10 485376] . c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ Logitech Desktop Messenger.lnk - c:\program files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe [2008-12-27 450560] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableUIADesktopToggle"= 0 (0x0) . R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-08-03 250056] S2 acedrv11;acedrv11;c:\windows\system32\drivers\acedrv11.sys [2009-09-15 335288] . . HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs Themes ezSharedSvc . Contenu du dossier 'Tâches planifiées' . 2012-08-04 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-20 15:13] . 2012-08-04 c:\windows\Tasks\GoogleUpdateTaskMachineCore1cc2231f77b9cc5.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2009-10-13 10:34] . 2012-08-04 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2009-10-13 10:34] . 2012-08-04 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1592069587-4290388062-226341724-1000Core.job - c:\users\Sophie\AppData\Local\Google\Update\GoogleUpdate.exe [2009-04-21 10:17] . 2012-08-04 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1592069587-4290388062-226341724-1000UA.job - c:\users\Sophie\AppData\Local\Google\Update\GoogleUpdate.exe [2009-04-21 10:17] . 2012-07-28 c:\windows\Tasks\HPCeeScheduleForSophie.job - c:\program files (x86)\Hewlett-Packard\SDP\Ceement\HPCEE.exe [2008-09-02 18:03] . . --------- X64 Entries ----------- . . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IAAnotif"="c:\program files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2008-11-03 182808] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "LoadAppInit_DLLs"=0x0 . ------- Examen supplémentaire ------- . uLocal Page = c:\windows\system32\blank.htm uDefault_Search_URL = hxxp://www.google.com/ie mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=fr_fr&c=84&bd=Pavilion&pf=cndt mLocal Page = c:\windows\SysWOW64\blank.htm uInternet Settings,ProxyOverride = *.local uSearchAssistant = hxxp://www.google.com/ie uSearchURL,(Default) = hxxp://www.google.com/search?q=%s IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200 IE: E&xporter vers Microsoft Excel - c:\progra~2\MICROS~2\Office12\EXCEL.EXE/3000 TCP: DhcpNameServer = 212.27.40.241 212.27.40.240 DPF: {FAB2BB9D-91E9-457E-9D42-75A7FCCBBC00} - hxxp://www.opticiens-atol.com/pages/collections/adriana/total-immersion/plugin/DFusionHomeWebPlugIn.InstallerFull.exe CLSID: {603d3801-bd81-11d0-a3a5-00c04fd706ec} - %SystemRoot%\SysWow64\browseui.dll . - - - - ORPHELINS SUPPRIMES - - - - . AddRemove-Active WebCam - c:\program files\Active WebCam\PY_UNINSTAL.EXE SOFTWARE\PySoft\Act_WebCam AddRemove-Amazon MP3 Downloader - c:\program files (x86)\Amazon\MP3 Downloader\Uninstall.exe AddRemove-Bejeweled 2 Deluxe 1.0 - c:\program files (x86)\PopCap Games\Bejeweled 2 Deluxe\PopUninstall.exe AddRemove-sp41121 - c:\hp\Softpaq\sp41121\sp41121.exe AddRemove-sp44626 - c:\hp\Softpaq\sp44626\sp44626.exe AddRemove-WT042973 - c:\program files (x86)\HP Games\7 Wonders of the Ancient World\Uninstall.exe AddRemove-WT066393 - c:\program files (x86)\HP Games\Age of Castles\Uninstall.exe AddRemove-WT066397 - c:\program files (x86)\HP Games\Alabama Smith in Escape from Pompeii\Uninstall.exe AddRemove-WT066399 - c:\program files (x86)\HP Games\Alchemy Deluxe\Uninstall.exe . . . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\PCD5SRVC{E2AF211B-86DA020A-05040000}] "ImagePath"="\??\c:\progra~2\PC-DOC~1\PCD5SRVC_x64.pkms" . --------------------- CLES DE REGISTRE BLOQUEES --------------------- . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_270_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_270_ActiveX.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_270.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.11" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_270.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_270.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_270.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}] @Denied: (A 2) (Everyone) @="IFlashBroker4" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{D27CDB6B-AE6D-11CF-96B8-444553540000}] @Denied: (A 2) (Everyone) . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{D27CDB6B-AE6D-11CF-96B8-444553540000}\1.0] @="Shockwave Flash" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{FAB3E735-69C7-453B-A446-B6823C6DF1C9}] @Denied: (A 2) (Everyone) @="" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{FAB3E735-69C7-453B-A446-B6823C6DF1C9}\1.0] @="FlashBroker" . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes] "SymbolicLinkValue"=hex(6):5c,00,52,00,45,00,47,00,49,00,53,00,54,00,52,00,59, 00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\ . ------------------------ Autres processus actifs ------------------------ . c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe c:\program files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe c:\program files (x86)\Common Files\LightScribe\LSSrvc.exe c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe c:\program files (x86)\Brother\ControlCenter3\brccMCtl.exe c:\program files (x86)\Brother\Brmfcmon\BrMfcmon.exe c:\program files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe c:\hp\kbd\kbd.exe c:\program files (x86)\Apple Software Update\SoftwareUpdate.exe . ************************************************************************** . Heure de fin: 2012-08-04 22:00:14 - La machine a redémarré ComboFix-quarantined-files.txt 2012-08-04 20:00 . Avant-CF: 328 854 007 808 octets libres Après-CF: 329 431 379 968 octets libres . - - End Of File - - 9561FFADE51C4998475C228CD3B42E37
  4. cof336
    Je n'ai pas les rapports de Rogue Killer.
  5. cof336
    Combo fix fait ses 50 etapes mais apres il bloque sur un programme qu'il essaie de reparer mais pas de succès. J'ai desinstaller avira aussi. Que dois je faire?
  6. cof336
    Voici le rapport, AVIRA a trouvé en plus TR/ATRAPS.Gen & TR/ATRAPS.Gen2 Rapport de ZHPFix 1.2.07 par Nicolas Coolman, Update du 20/07/2012 Fichier d'export Registre : Run by Sophie at 30/07/2012 07:37:17 Windows Vista Home Premium Edition, 64-bit Service Pack 2 (Build 6002) Web site : ZHPFix Fix de rapport Web site : Blog de NicolasCoolman - ZebHelpProcess - Skyrock.com ========== Clé(s) du Registre ========== SUPPRIME Key*: HKLM\Software\WOW6432Node\Classes\AppID\{937936af-28ca-4973-b8ae-f250406149a2} SUPPRIME Key*: HKLM\Software\Classes\TypeLib\{937936af-28ca-4973-b8ae-f250406149a2} SUPPRIME CLSID MPSK: {42ab41b3-b34b-11de-b324-cc5f2ea1a938} SUPPRIME Key*: HKLM\Software\WOW6432Node\Classes\Interface\{115ccbae-27b0-47c3-ba42-bab708424393} ========== Valeur(s) du Registre ========== ABSENT Valeur Standard Profile: FirewallRaz : ABSENT Valeur Domain Profile: FirewallRaz : Aucune valeur présente dans la clé d'exception du registre (FirewallRaz) ProxyFix : Configuration proxy supprimée avec succès SUPPRIME ProxyServer Value SUPPRIME ProxyEnable Value SUPPRIME EnableHttp1_1 Value SUPPRIME ProxyHttp1.1 Value SUPPRIME ProxyOverride Value ========== Dossier(s) ========== SUPPRIME Folder: C:\Program Files (x86)\PopCap Games SUPPRIME Folder: C:\ProgramData\PopCap Games SUPPRIME Folder: C:\Users\Sophie\AppData\Roaming\iWin SUPPRIME Folder: c:\programdata\microsoft\windows\start menu\programs\popcap games SUPPRIME Folder: C:\Program Files (x86)\Amazon SUPPRIME Folder: C:\Program Files (x86)\Vault Cracker SUPPRIME Folder: C:\Users\Sophie\AppData\Roaming\Amazon SUPPRIME Folder: C:\Users\Sophie\AppData\Local\{0067189C-D97C-430C-AB90-274CFF833946} SUPPRIME Folder: C:\Users\Sophie\AppData\Local\{017D2416-619A-41DC-8A92-BDAF36AFC98D} SUPPRIME Folder: C:\Users\Sophie\AppData\Local\{05CF6889-6218-403E-8AB5-95D2E868E1B5} SUPPRIME Folder: C:\Users\Sophie\AppData\Local\{06A4A2C3-C62D-4DA0-A051-315C40D44E05} SUPPRIME Folder: C:\Users\Sophie\AppData\Local\{09F2E9F5-CA9C-45DD-AC71-48F731561EAF} SUPPRIME Folder: C:\Users\Sophie\AppData\Local\{0F2A67C9-FBF8-4922-A2D7-D366E5E22007} SUPPRIME Folder: C:\Users\Sophie\AppData\Local\{139CB182-17EB-49BF-97EF-7EC6828FA48F} SUPPRIME Folder: C:\Users\Sophie\AppData\Local\{17BAE6AF-C59A-4244-8661-ABD6D3AB6D73} SUPPRIME Folder: C:\Users\Sophie\AppData\Local\{1BE8A088-7C52-4990-8CC7-422870674AE7} SUPPRIME Folder: C:\Users\Sophie\AppData\Local\{1F8577BF-64BA-4F15-987E-4281FDF1B0E7} SUPPRIME Folder: C:\Users\Sophie\AppData\Local\{218C93F0-8219-4069-8D01-B49819AEFE5A} SUPPRIME Folder: C:\Users\Sophie\AppData\Local\{237D6D25-33D2-482D-ADB5-B8BA55BA0DEF} SUPPRIME Folder: C:\Users\Sophie\AppData\Local\{23D8643D-F8D3-42C0-8064-783516962474} SUPPRIME Folder: C:\Users\Sophie\AppData\Local\{2655921D-9018-46FA-8E71-40F510B89CF0} SUPPRIME Folder: C:\Users\Sophie\AppData\Local\{36DCF10B-32E8-4742-BF86-4263BE555D80} SUPPRIME Folder: C:\Users\Sophie\AppData\Local\{3800B777-AD0E-4984-90DF-1EA97AB89CC3} SUPPRIME Folder: C:\Users\Sophie\AppData\Local\{390F406D-DE6C-40D0-892C-B8D414F6066E} SUPPRIME Folder: C:\Users\Sophie\AppData\Local\{3BD62DDE-3EDC-4E7D-A7A7-D43BC08CA297} SUPPRIME Folder: C:\Users\Sophie\AppData\Local\{42B40E5C-2584-4C24-9895-603822608F49} SUPPRIME Folder: C:\Users\Sophie\AppData\Local\{4A8681A5-6C72-4958-BD32-5BD7B9E58F44} SUPPRIME Folder: C:\Users\Sophie\AppData\Local\{4BC19084-2647-4C53-865B-530FE1892253} SUPPRIME Folder: C:\Users\Sophie\AppData\Local\{4FC23FC4-EA4C-431A-B108-25B2824C0383} SUPPRIME Folder: C:\Users\Sophie\AppData\Local\{5343DE42-58EB-4F1B-9A33-076488B70C7D} SUPPRIME Folder: C:\Users\Sophie\AppData\Local\{536D1789-67DC-4762-A1F7-34371214D0C2} SUPPRIME Folder: C:\Users\Sophie\AppData\Local\{54E8C749-8E27-4C41-8418-6206F25437E0} SUPPRIME Folder: C:\Users\Sophie\AppData\Local\{57FB566D-D75B-421F-BF93-F3F05D5DBEDC} SUPPRIME Folder: C:\Users\Sophie\AppData\Local\{5E96ED9F-AC14-401E-8040-2C1F59B6454F} SUPPRIME Folder: C:\Users\Sophie\AppData\Local\{5F222876-E386-4B6D-B2FA-EE8B3EBC21C3} SUPPRIME Folder: C:\Users\Sophie\AppData\Local\{60A51B67-186E-41D0-9F91-2F6AADB33AD2} SUPPRIME Folder: C:\Users\Sophie\AppData\Local\{615C6C3B-1569-4E17-9D01-5FCF5ED0B8AB} SUPPRIME Folder: C:\Users\Sophie\AppData\Local\{619D530B-E298-4703-AFC0-A8199855DE8A} SUPPRIME Folder: C:\Users\Sophie\AppData\Local\{6738D66F-6DA5-41BE-8918-9A98FDF300B5} SUPPRIME Folder: C:\Users\Sophie\AppData\Local\{6A4E7DCF-16A9-4BF5-B04A-04C441542C54} SUPPRIME Folder: C:\Users\Sophie\AppData\Local\{6AE91990-8B8A-4590-88B3-7FBD2D4256FB} SUPPRIME Folder: C:\Users\Sophie\AppData\Local\{70BC74BC-3F75-4BB1-BA60-02FFAA25232F} SUPPRIME Folder: C:\Users\Sophie\AppData\Local\{7431055F-540C-4BC9-B131-C50221B31729} SUPPRIME Folder: C:\Users\Sophie\AppData\Local\{75CAC639-FB6F-474F-A0AD-BBFA635AC6AA} SUPPRIME Folder: C:\Users\Sophie\AppData\Local\{809EE447-4E8C-469F-85C5-CD672A5C9C5E} SUPPRIME Folder: C:\Users\Sophie\AppData\Local\{826DB45B-EE86-4BED-9058-4107D9A13CC1} SUPPRIME Folder: C:\Users\Sophie\AppData\Local\{8455D9A3-52C3-451C-8969-2FDF2D6786F8} SUPPRIME Folder: C:\Users\Sophie\AppData\Local\{85BCB975-2E3D-4BD5-ACC6-232AFEF92D42} SUPPRIME Folder: C:\Users\Sophie\AppData\Local\{8786B827-517C-41EC-A1BA-167BFBF237B7} SUPPRIME Folder: C:\Users\Sophie\AppData\Local\{9006A666-BE0A-49BC-8D46-85F5427EAC3D} SUPPRIME Folder: C:\Users\Sophie\AppData\Local\{9275474F-0697-4E52-9041-A9B5969A62F1} SUPPRIME Folder: C:\Users\Sophie\AppData\Local\{93433076-A22A-4FFC-8D95-103847E69659} SUPPRIME Folder: C:\Users\Sophie\AppData\Local\{9C0AA7BC-603E-47CB-9E06-48C87460723A} SUPPRIME Folder: C:\Users\Sophie\AppData\Local\{9EC95BEC-76F2-4983-B352-B7953CD3B431} SUPPRIME Folder: C:\Users\Sophie\AppData\Local\{A2B0EC19-F206-43EB-A0F1-A06D94561652} SUPPRIME Folder: C:\Users\Sophie\AppData\Local\{A2FA07BC-E011-412C-8CBF-C68725F00E9F} SUPPRIME Folder: C:\Users\Sophie\AppData\Local\{A60D4EE2-3424-4B44-85D8-C8E4B82A78F3} SUPPRIME Folder: C:\Users\Sophie\AppData\Local\{A7816F30-FB7F-442A-AEA3-54733BD6F302} SUPPRIME Folder: C:\Users\Sophie\AppData\Local\{A794A6F2-26D5-4430-AF15-61E8CFBED050} SUPPRIME Folder: C:\Users\Sophie\AppData\Local\{A829EFF3-C664-4510-A399-6A4A0AEA96DD} SUPPRIME Folder: C:\Users\Sophie\AppData\Local\{A8861719-004A-4CC1-9C10-B2C8590604FD} SUPPRIME Folder: C:\Users\Sophie\AppData\Local\{A9A45381-9319-4CF7-9953-110E49F42109} SUPPRIME Folder: C:\Users\Sophie\AppData\Local\{AD45FE1E-F349-4B79-9DE4-7CF7FAB7E44F} SUPPRIME Folder: C:\Users\Sophie\AppData\Local\{B0C2B3FF-1513-4BF5-9D6B-CD5E2A757C29} SUPPRIME Folder: C:\Users\Sophie\AppData\Local\{BD613E2F-326D-4361-97D1-1468EB09EB2D} SUPPRIME Folder: C:\Users\Sophie\AppData\Local\{BEFC8916-03D0-4E68-A4B1-DB01C1C005F4} SUPPRIME Folder: C:\Users\Sophie\AppData\Local\{BFBF2619-C36C-4547-8D38-2A60A80F8D8D} SUPPRIME Folder: C:\Users\Sophie\AppData\Local\{BFC2D941-4989-42E6-941F-841FA7B14775} SUPPRIME Folder: C:\Users\Sophie\AppData\Local\{c27f37da-1373-f2f6-69a8-5dd8c13732b5} SUPPRIME Folder: C:\Users\Sophie\AppData\Local\{C3E8B36D-6B66-44CA-B9E7-2BC3EC6A509C} SUPPRIME Folder: C:\Users\Sophie\AppData\Local\{CC60D1A9-BFB1-4B8F-8DEF-899E6A813DBC} SUPPRIME Folder: C:\Users\Sophie\AppData\Local\{CE765038-C770-4F84-8F9E-9F2D8AA5D1A5} SUPPRIME Folder: C:\Users\Sophie\AppData\Local\{DF0624D3-01AD-4A41-8CCA-E8BE3C35472D} SUPPRIME Folder: C:\Users\Sophie\AppData\Local\{E19F9938-FAA2-4351-9662-EACE995032F8} SUPPRIME Folder: C:\Users\Sophie\AppData\Local\{E2620E71-DEBD-4185-A337-1E802C8AE1E5} SUPPRIME Folder: C:\Users\Sophie\AppData\Local\{E5058908-D6B0-4E48-A3A4-1F6329E19227} SUPPRIME Folder: C:\Users\Sophie\AppData\Local\{E6C4A0C5-2328-477F-8D67-CC64BC9F58E6} SUPPRIME Folder: C:\Users\Sophie\AppData\Local\{E725A5DB-58E3-4B20-9997-5C65BAB17B81} SUPPRIME Folder: C:\Users\Sophie\AppData\Local\{E8905AA4-1875-4ADD-A8EF-06050FDE04D2} SUPPRIME Folder: C:\Users\Sophie\AppData\Local\{F08537AC-C561-415F-ABDF-DB3CC2E8F881} SUPPRIME Folder: C:\Users\Sophie\AppData\Local\{FD949402-1FEC-438A-A57C-DEBCB120BBED} SUPPRIME Flash Cookies: SUPPRIME Temporaires Windows: ========== Fichier(s) ========== ABSENT Folder/File: c:\program files (x86)\popcap games ABSENT Folder/File: c:\programdata\popcap games ABSENT Folder/File: c:\users\sophie\appdata\roaming\iwin ABSENT Folder/File: c:\users\sophie\appdata\local\microsoft\windows\temporary internet files\content.ie5\jek2672j\185.85_desktop_winvista_32bit_international_whql SUPPRIME Flash Cookies: SUPPRIME Temporaires Windows: ========== Tache planifiée ========== SUPPRIME Task: {3298F58F-48DB-49BF-9DA0-94D9480397AF} ========== Restauration Système ========== Point de restauration du système créé avec succès ========== Récapitulatif ========== 4 : Clé(s) du Registre 9 : Valeur(s) du Registre 83 : Dossier(s) 6 : Fichier(s) 1 : Tache planifiée 1 : Restauration Système End of clean in 00mn 57s ========== Chemin de fichier rapport ========== C:\ZHP\ZHPFix[R1].txt - 30/07/2012 07:37:17 [8918]
  7. cof336
    J'ai actionné roguekiller avant votre reponse mais je viens de faire ZhpDiag Le rapport est pjjoint.malekal.com - Submit a file Que dois je faire maintenant et pour eliminer tout les residus. Merci
  8. cof336
    Bonjour L'ordi de ma femme sous vista familiy, est bloqué par live security platinum. Quelqu'un peut il m'aider contre cette galère. Merci
  9. cof336
    Bonjour ou bonsoir à tous, Mon PC portable sous XP (avec toutes les MAJ à priori), le disque dur plein juste au 2/3 (30Go sur les 45Go dispo)et la c'est la galère il rame comme pas possible pour tout, y compris la mise en route. Quelqu'un peut il m'aider merci. Antivir v10 comme antivirus et le parefeu d'XP. Sinon processeur intel celeron 1.30GHz avec 480Mo de RAM ordi un peut vieux mais quand meme!! Jerome
  10. cof336
    Fait. Merci beaucoup pour le coup de main
  11. cof336
    C:\Program Files\Common Files\Companion Wizard moved successfully. < EmptyTemp > File delete failed. C:\DOCUME~1\SOPHIE~1\LOCALS~1\Temp\Acr23.tmp scheduled to be deleted on reboot. File delete failed. C:\DOCUME~1\SOPHIE~1\LOCALS~1\Temp\Acr25.tmp scheduled to be deleted on reboot. File delete failed. C:\DOCUME~1\SOPHIE~1\LOCALS~1\Temp\Acr35.tmp scheduled to be deleted on reboot. File delete failed. C:\DOCUME~1\SOPHIE~1\LOCALS~1\Temp\Acr81.tmp scheduled to be deleted on reboot. File delete failed. C:\DOCUME~1\SOPHIE~1\LOCALS~1\Temp\~DFC5AF.tmp scheduled to be deleted on reboot. File delete failed. C:\DOCUME~1\SOPHIE~1\LOCALS~1\Temp\~DFC5C3.tmp scheduled to be deleted on reboot. File delete failed. C:\DOCUME~1\SOPHIE~1\LOCALS~1\Temp\~DFFDDD.tmp scheduled to be deleted on reboot. Temp folders emptied. IE temp folders emptied. Voici le rapport de OTMove It OTMoveIt2 by OldTimer - Version 1.0.4.2 log created on 05302008_074206 Files moved on Reboot... File C:\DOCUME~1\SOPHIE~1\LOCALS~1\Temp\Acr23.tmp not found! File C:\DOCUME~1\SOPHIE~1\LOCALS~1\Temp\Acr25.tmp not found! File C:\DOCUME~1\SOPHIE~1\LOCALS~1\Temp\Acr35.tmp not found! File C:\DOCUME~1\SOPHIE~1\LOCALS~1\Temp\Acr81.tmp not found! File C:\DOCUME~1\SOPHIE~1\LOCALS~1\Temp\~DFC5AF.tmp not found! File C:\DOCUME~1\SOPHIE~1\LOCALS~1\Temp\~DFC5C3.tmp not found! File C:\DOCUME~1\SOPHIE~1\LOCALS~1\Temp\~DFFDDD.tmp not found! Voici le rapport de HJT Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 08:00:34, on 30/05/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe C:\WINDOWS\system32\drivers\CDAC11BA.EXE C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\SearchIndexer.exe C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe C:\Program Files\QuickTime\qttask.exe C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe C:\Program Files\neuf telecom\neuf Box\Wizard\QuickAccess.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Brother\ControlCenter3\brccMCtl.exe C:\Program Files\Fichiers communs\Teleca Shared\CapabilityManager.exe C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe C:\Program Files\Brother\Brmfcmon\BrMfcmon.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\HPQ\SHARED\HPQWMI.exe C:\Program Files\Fichiers communs\Teleca Shared\Generic.exe C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe C:\Program Files\internet explorer\iexplore.exe C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe C:\DOCUME~1\SOPHIE~1\LOCALS~1\Temp\Répertoire temporaire 1 pour HiJackThis.zip\HijackThis.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ads.eorezo.com/cgi-bin/advert/getad...t&x_dp_id=9 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = http://pac.telenet.be:8080 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file) O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll O2 - BHO: EoRezoBHO - {64F56FC1-1272-44CD-BA6E-39723696E350} - C:\Program Files\EoRezo\EoAdv\EoRezoBHO.dll (file missing) O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O3 - Toolbar: Vue HP - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - C:\Program Files\HP\Digital Imaging\bin\HPDTLK02.dll O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe O4 - HKLM\..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe O4 - HKLM\..\Run: [LSBWatcher] c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe O4 - HKLM\..\Run: [eabconfg.cpl] C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe /Start O4 - HKLM\..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\cpqset.exe O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup O4 - HKLM\..\Run: [sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [sSBkgdUpdate] "C:\Program Files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot O4 - HKLM\..\Run: [PaperPort PTD] "C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe" O4 - HKLM\..\Run: [indexSearch] "C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe" O4 - HKLM\..\Run: [PPort11reminder] "C:\Program Files\ScanSoft\PaperPort\Ereg\Ereg.exe" -r "C:\Documents and Settings\All Users\Application Data\ScanSoft\PaperPort\11\Config\Ereg\Ereg.ini O4 - HKLM\..\Run: [brMfcWnd] C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN O4 - HKLM\..\Run: [ControlCenter3] C:\Program Files\Brother\ControlCenter3\brctrcen.exe /autorun O4 - HKLM\..\Run: [MBBalloon] C:\Program Files\HOTALBUMMyBOX\MBBalloon.exe O4 - HKLM\..\Run: [itsTV] "C:\Program Files\Its Label\ItsTV\ItsTV.exe" O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKCU\..\Run: [Configuration de la neuf Box] C:\Program Files\neuf telecom\neuf Box\Wizard\QuickAccess.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - .DEFAULT User Startup: AutoTBar.exe (User 'Default user') O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\Hp\Digital Imaging\bin\hpqtra08.exe O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/229?68e7b08059bd46649ca4091ff81ba729 O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/230?68e7b08059bd46649ca4091ff81ba729 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O15 - Trusted Zone: http://*.windowsupdate.microsoft.com O15 - Trusted Zone: http://*.windowsupdate.com O16 - DPF: {B79A53C0-1DAC-4636-BACE-FD086A7A79BF} (AdSignerLCContrl Class) - https://static.impots.gouv.fr/tdir/static/a...gnerADP-1.1.cab O16 - DPF: {BA162249-F2C5-4851-8ADC-FC58CB424243} (Image Uploader Control) - http://copainsdavant.linternaute.com/html_...geUploader5.cab O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL O21 - SSODL: gimmicks - {40dcff6e-af8d-4183-8ebe-a82270ac449e} - (no file) O22 - SharedTaskScheduler: gimmicks - {40dcff6e-af8d-4183-8ebe-a82270ac449e} - (no file) O23 - Service: Avira AntiVir Personal – Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe O23 - Service: Avira AntiVir Personal – Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe O23 - Service: HP WMI Interface (hpqwmi) - Hewlett-Packard Development Company, L.P. - C:\Program Files\HPQ\SHARED\HPQWMI.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe -- End of file - 10200 bytes Je serai absent une semaine, mais ca me semble clair, merci beaucoup pour le temps passer. Bonne continuation Jerome
  12. cof336
    Ce fichier n'existait pas C:\WINDOWS\system32\ipsefcpa.ini Voila le rapport de kaspersky KASPERSKY ONLINE SCANNER REPORT Wednesday, May 28, 2008 11:54:23 PM Operating System: Microsoft Windows XP Home Edition, Service Pack 2 (Build 2600) Kaspersky Online Scanner version: 5.0.98.0 Kaspersky Anti-Virus database last update: 28/05/2008 Kaspersky Anti-Virus database records: 809537 Scan Settings Scan using the following antivirus database extended Scan Archives true Scan Mail Bases true Scan Target My Computer C:\ D:\ Scan Statistics Total number of scanned objects 67436 Number of viruses found 1 Number of infected objects 2 Number of suspicious objects 0 Duration of the scan process 01:19:58 Infected Object Name Virus Name Last Action C:\Documents and Settings\All Users\Application Data\Brother\BrLog\BraCTLCN.log Object is locked skipped C:\Documents and Settings\All Users\Application Data\Brother\BrLog\BraSTMLM.log Object is locked skipped C:\Documents and Settings\All Users\Application Data\Brother\BrLog\BraSTMON.log Object is locked skipped C:\Documents and Settings\All Users\Application Data\Brother\BrLog\BraWDLMW.log Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\GatherLogs\SystemIndex\SystemIndex.192.Crwl Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\GatherLogs\SystemIndex\SystemIndex.192.gthr Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\MSS.log Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\MSStmp.log Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010001.wid Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010002.wid Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010003.wid Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010004.wid Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010005.wid Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010006.wid Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010007.wid Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010008.wid Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010009.ci Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010009.wid Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010009.wsb Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001000A.wid Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001000B.wid Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001000C.wid Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010010.wid Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010011.wid Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010012.wid Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010014.wid Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010018.wid Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010019.wid Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001001A.wid Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\INDEX.000 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\PropMap\CiPT0000.000 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\PropMap\Used0000.000 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\SecStore\CiST0000.000 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\SystemIndex.chk1.gthr Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\SystemIndex.chk2.gthr Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\SystemIndex.Ntfy29.gthr Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\tmp.edb Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Windows.edb Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Temp\usgthrsvc\Ntf4.tmp Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Temp\usgthrsvc\Ntf5.tmp Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Temp\usgthrsvc\Perflib_Perfdata_42c.dat Object is locked skipped C:\Documents and Settings\LocalService\Cookies\index.dat Object is locked skipped C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped C:\Documents and Settings\LocalService\Local Settings\Historique\History.IE5\index.dat Object is locked skipped C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped C:\Documents and Settings\sophie chebassier\Application Data\Teleca\Telecalib\Logging\Application logs\SpecificUSB_log.txt Object is locked skipped C:\Documents and Settings\sophie chebassier\Cookies\index.dat Object is locked skipped C:\Documents and Settings\sophie chebassier\Local Settings\Application Data\Google\Google Desktop Search\dbc2e.ht1 Object is locked skipped C:\Documents and Settings\sophie chebassier\Local Settings\Application Data\Google\Google Desktop Search\dbdam Object is locked skipped C:\Documents and Settings\sophie chebassier\Local Settings\Application Data\Google\Google Desktop Search\dbdao Object is locked skipped C:\Documents and Settings\sophie chebassier\Local Settings\Application Data\Google\Google Desktop Search\dbeam Object is locked skipped C:\Documents and Settings\sophie chebassier\Local Settings\Application Data\Google\Google Desktop Search\dbeao Object is locked skipped C:\Documents and Settings\sophie chebassier\Local Settings\Application Data\Google\Google Desktop Search\dbm Object is locked skipped C:\Documents and Settings\sophie chebassier\Local Settings\Application Data\Google\Google Desktop Search\dbu2d.ht1 Object is locked skipped C:\Documents and Settings\sophie chebassier\Local Settings\Application Data\Google\Google Desktop Search\dbvm.cf1 Object is locked skipped C:\Documents and Settings\sophie chebassier\Local Settings\Application Data\Google\Google Desktop Search\dbvmh.ht1 Object is locked skipped C:\Documents and Settings\sophie chebassier\Local Settings\Application Data\Google\Google Desktop Search\fii.cf1 Object is locked skipped C:\Documents and Settings\sophie chebassier\Local Settings\Application Data\Google\Google Desktop Search\fiih.ht1 Object is locked skipped C:\Documents and Settings\sophie chebassier\Local Settings\Application Data\Google\Google Desktop Search\hp Object is locked skipped C:\Documents and Settings\sophie chebassier\Local Settings\Application Data\Google\Google Desktop Search\hpt2i.ht1 Object is locked skipped C:\Documents and Settings\sophie chebassier\Local Settings\Application Data\Google\Google Desktop Search\rpm.cf1 Object is locked skipped C:\Documents and Settings\sophie chebassier\Local Settings\Application Data\Google\Google Desktop Search\rpmh.ht1 Object is locked skipped C:\Documents and Settings\sophie chebassier\Local Settings\Application Data\Google\Google Desktop Search\safeweb\goog-black-enchashm.cf1 Object is locked skipped C:\Documents and Settings\sophie chebassier\Local Settings\Application Data\Google\Google Desktop Search\safeweb\goog-black-enchashmh.ht1 Object is locked skipped C:\Documents and Settings\sophie chebassier\Local Settings\Application Data\Google\Google Desktop Search\safeweb\goog-black-urlm.cf1 Object is locked skipped C:\Documents and Settings\sophie chebassier\Local Settings\Application Data\Google\Google Desktop Search\safeweb\goog-black-urlmh.ht1 Object is locked skipped C:\Documents and Settings\sophie chebassier\Local Settings\Application Data\Google\Google Desktop Search\safeweb\goog-malware-domainm.cf1 Object is locked skipped C:\Documents and Settings\sophie chebassier\Local Settings\Application Data\Google\Google Desktop Search\safeweb\goog-malware-domainmh.ht1 Object is locked skipped C:\Documents and Settings\sophie chebassier\Local Settings\Application Data\Google\Google Desktop Search\safeweb\goog-white-domainm.cf1 Object is locked skipped C:\Documents and Settings\sophie chebassier\Local Settings\Application Data\Google\Google Desktop Search\safeweb\goog-white-domainmh.ht1 Object is locked skipped C:\Documents and Settings\sophie chebassier\Local Settings\Application Data\Microsoft\Messenger\[email protected]\SharingMetadata\Logs\Dfsr00005.log Object is locked skipped C:\Documents and Settings\sophie chebassier\Local Settings\Application Data\Microsoft\Messenger\[email protected]\SharingMetadata\pending.dat Object is locked skipped C:\Documents and Settings\sophie chebassier\Local Settings\Application Data\Microsoft\Messenger\[email protected]\SharingMetadata\Working\database_7E77_5ADA_5A37_7160\dfsr.db Object is locked skipped C:\Documents and Settings\sophie chebassier\Local Settings\Application Data\Microsoft\Messenger\[email protected]\SharingMetadata\Working\database_7E77_5ADA_5A37_7160\fsr.log Object is locked skipped C:\Documents and Settings\sophie chebassier\Local Settings\Application Data\Microsoft\Messenger\[email protected]\SharingMetadata\Working\database_7E77_5ADA_5A37_7160\fsrtmp.log Object is locked skipped C:\Documents and Settings\sophie chebassier\Local Settings\Application Data\Microsoft\Messenger\[email protected]\SharingMetadata\Working\database_7E77_5ADA_5A37_7160\tmp.edb Object is locked skipped C:\Documents and Settings\sophie chebassier\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped C:\Documents and Settings\sophie chebassier\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped C:\Documents and Settings\sophie chebassier\Local Settings\Application Data\Microsoft\Windows Live Contacts\[email protected]\real\members.stg Object is locked skipped C:\Documents and Settings\sophie chebassier\Local Settings\Historique\History.IE5\index.dat Object is locked skipped C:\Documents and Settings\sophie chebassier\Local Settings\Temp\Acr23.tmp Object is locked skipped C:\Documents and Settings\sophie chebassier\Local Settings\Temp\Acr35.tmp Object is locked skipped C:\Documents and Settings\sophie chebassier\Local Settings\Temp\Acr5F.tmp Object is locked skipped C:\Documents and Settings\sophie chebassier\Local Settings\Temp\~DFD5CC.tmp Object is locked skipped C:\Documents and Settings\sophie chebassier\Local Settings\Temp\~DFD5E0.tmp Object is locked skipped C:\Documents and Settings\sophie chebassier\Local Settings\Temp\~DFFDDD.tmp Object is locked skipped C:\Documents and Settings\sophie chebassier\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped C:\Documents and Settings\sophie chebassier\ntuser.dat Object is locked skipped C:\Documents and Settings\sophie chebassier\ntuser.dat.LOG Object is locked skipped C:\Program Files\Common Files\Companion Wizard\WapCHK.dll Infected: not-a-virus:FraudTool.Win32.WinAntiVirus.2006 skipped C:\Program Files\Common Files\Companion Wizard\WapCHK{503AA6ED-31DE-440E-B9FD-E13D5757FB14}.dll Infected: not-a-virus:FraudTool.Win32.WinAntiVirus.2006 skipped C:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP354\change.log Object is locked skipped C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped C:\WINDOWS\SchedLgU.Txt Object is locked skipped C:\WINDOWS\SoftwareDistribution\EventCache\{DE79B985-A8DF-4BAD-A8A4-BECD6629AE8D}.bin Object is locked skipped C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped C:\WINDOWS\Sti_Trace.log Object is locked skipped C:\WINDOWS\system32\CatRoot2\edb.log Object is locked skipped C:\WINDOWS\system32\CatRoot2\tmp.edb Object is locked skipped C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped C:\WINDOWS\system32\config\default Object is locked skipped C:\WINDOWS\system32\config\default.LOG Object is locked skipped C:\WINDOWS\system32\config\ODiag.evt Object is locked skipped C:\WINDOWS\system32\config\OSession.evt Object is locked skipped C:\WINDOWS\system32\config\SAM Object is locked skipped C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped C:\WINDOWS\system32\config\SECURITY Object is locked skipped C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped C:\WINDOWS\system32\config\software Object is locked skipped C:\WINDOWS\system32\config\software.LOG Object is locked skipped C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped C:\WINDOWS\system32\config\system Object is locked skipped C:\WINDOWS\system32\config\system.LOG Object is locked skipped C:\WINDOWS\system32\h323log.txt Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped C:\WINDOWS\wiadebug.log Object is locked skipped C:\WINDOWS\wiaservc.log Object is locked skipped C:\WINDOWS\WindowsUpdate.log Object is locked skipped Scan process completed.
  13. cof336
    Voila le rapport, pour info j'avais enlevé winantivurus pro 200- juste avant d'intaller antivir qui a detecter cette saloperie. ComboFix 08-05-25.3 - sophie chebassier 2008-05-27 20:22:56.3 - NTFSx86 Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.558 [GMT 2:00] Endroit: C:\Documents and Settings\sophie chebassier\Bureau\ComboFix.exe Command switches used :: C:\Documents and Settings\sophie chebassier\Bureau\CFScript.txt * Création d'un nouveau point de restauration AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !! FILE :: C:\WINDOWS\system32\apcfespi.dll C:\WINDOWS\system32\corvtbvg.dll . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . C:\Documents and Settings\sophie chebassier\err.log C:\WINDOWS\system32\corvtbvg.dll . ---- Previous Run ------- . C:\Documents and Settings\All Users\Application Data\WinAntiVirus Pro 2006 C:\Documents and Settings\All Users\Application Data\WinAntiVirus Pro 2006\AVScheduler.dat C:\Documents and Settings\sophie chebassier\Application Data\EoRezo C:\Documents and Settings\sophie chebassier\Application Data\EoRezo\cmhost.cyp C:\Documents and Settings\sophie chebassier\Application Data\EoRezo\ConfMedia.cyp C:\Documents and Settings\sophie chebassier\Application Data\EoRezo\db\cat.cyp C:\Documents and Settings\sophie chebassier\Application Data\EoRezo\eoDesktop\config.xml C:\Documents and Settings\sophie chebassier\Application Data\EoRezo\eoDesktop\eoDesktop.html C:\Documents and Settings\sophie chebassier\Application Data\EoRezo\eoDesktop\userConfig.xml C:\Documents and Settings\sophie chebassier\Application Data\EoRezo\EoWeather.cfg C:\Documents and Settings\sophie chebassier\Application Data\EoRezo\EoWeather\EoWeatherVal_02EC282.cfg C:\Documents and Settings\sophie chebassier\Application Data\EoRezo\EoWeather\images_classic\67_day.png C:\Documents and Settings\sophie chebassier\Application Data\EoRezo\EoWeather\images_classic\67_night.png C:\Documents and Settings\sophie chebassier\Application Data\EoRezo\EoWeather\images_classic\69_day.png C:\Documents and Settings\sophie chebassier\Application Data\EoRezo\EoWeather\images_classic\69_night.png C:\Documents and Settings\sophie chebassier\Application Data\EoRezo\EoWeather\images_classic\70_day.png C:\Documents and Settings\sophie chebassier\Application Data\EoRezo\EoWeather\images_classic\70_night.png C:\Documents and Settings\sophie chebassier\Application Data\EoRezo\EoWeather\images_classic\78_day.png C:\Documents and Settings\sophie chebassier\Application Data\EoRezo\EoWeather\images_classic\78_night.png C:\Documents and Settings\sophie chebassier\Application Data\EoRezo\EoWeather\images_classic\82_day.png C:\Documents and Settings\sophie chebassier\Application Data\EoRezo\EoWeather\images_classic\82_night.png C:\Documents and Settings\sophie chebassier\Application Data\EoRezo\EoWeather\images_classic\83_day.png C:\Documents and Settings\sophie chebassier\Application Data\EoRezo\EoWeather\images_classic\83_night.png C:\Documents and Settings\sophie chebassier\Application Data\EoRezo\EoWeather\images_classic\84_day.png C:\Documents and Settings\sophie chebassier\Application Data\EoRezo\EoWeather\images_classic\84_night.png C:\Documents and Settings\sophie chebassier\Application Data\EoRezo\EoWeather\images_classic\85_day.png C:\Documents and Settings\sophie chebassier\Application Data\EoRezo\EoWeather\images_classic\85_night.png C:\Documents and Settings\sophie chebassier\Application Data\EoRezo\EoWeather\images_classic\89_day.png C:\Documents and Settings\sophie chebassier\Application Data\EoRezo\EoWeather\images_classic\89_night.png C:\Documents and Settings\sophie chebassier\Application Data\EoRezo\EoWeather\images_classic\back.png C:\Documents and Settings\sophie chebassier\Application Data\EoRezo\EoWeather\images_classic\background.png C:\Documents and Settings\sophie chebassier\Application Data\EoRezo\EoWeather\images_classic\background_1.png C:\Documents and Settings\sophie chebassier\Application Data\EoRezo\EoWeather\images_classic\background_1days.png C:\Documents and Settings\sophie chebassier\Application Data\EoRezo\EoWeather\images_classic\background_2days.png C:\Documents and Settings\sophie chebassier\Application Data\EoRezo\EoWeather\images_classic\background_7days.png C:\Documents and Settings\sophie chebassier\Application Data\EoRezo\EoWeather\images_classic\backPressed.png C:\Documents and Settings\sophie chebassier\Application Data\EoRezo\EoWeather\images_classic\band.png C:\Documents and Settings\sophie chebassier\Application Data\EoRezo\EoWeather\images_classic\band_small.png C:\Documents and Settings\sophie chebassier\Application Data\EoRezo\EoWeather\images_classic\close.png C:\Documents and Settings\sophie chebassier\Application Data\EoRezo\EoWeather\images_classic\closePressed.png C:\Documents and Settings\sophie chebassier\Application Data\EoRezo\EoWeather\images_classic\dayPrevisionBackground.png C:\Documents and Settings\sophie chebassier\Application Data\EoRezo\EoWeather\images_classic\dayPrevisionClose.png C:\Documents and Settings\sophie chebassier\Application Data\EoRezo\EoWeather\images_classic\earth.png C:\Documents and Settings\sophie chebassier\Application Data\EoRezo\EoWeather\images_classic\fonds_écran.png C:\Documents and Settings\sophie chebassier\Application Data\EoRezo\EoWeather\images_classic\help.png C:\Documents and Settings\sophie chebassier\Application Data\EoRezo\EoWeather\images_classic\helpPressed.png C:\Documents and Settings\sophie chebassier\Application Data\EoRezo\EoWeather\images_classic\minimise.png C:\Documents and Settings\sophie chebassier\Application Data\EoRezo\EoWeather\images_classic\minimisePressed.png C:\Documents and Settings\sophie chebassier\Application Data\EoRezo\EoWeather\images_classic\next.png C:\Documents and Settings\sophie chebassier\Application Data\EoRezo\EoWeather\images_classic\nextPressed.png C:\Documents and Settings\sophie chebassier\Application Data\EoRezo\EoWeather\images_classic\option.png C:\Documents and Settings\sophie chebassier\Application Data\EoRezo\EoWeather\images_classic\optionPressed.png C:\Documents and Settings\sophie chebassier\Application Data\EoRezo\EoWeather\images_classic\reflet_ecran.png C:\Documents and Settings\sophie chebassier\Application Data\EoRezo\EoWeather\images_classic\small_background.png C:\Documents and Settings\sophie chebassier\Application Data\EoRezo\EoWeather\images_classic\Thumbs.db C:\Documents and Settings\sophie chebassier\Application Data\EoRezo\EoWeather\images_station_meteo\67_day.png C:\Documents and Settings\sophie chebassier\Application Data\EoRezo\EoWeather\images_station_meteo\67_night.png C:\Documents and Settings\sophie chebassier\Application Data\EoRezo\EoWeather\images_station_meteo\69_day.png C:\Documents and Settings\sophie chebassier\Application Data\EoRezo\EoWeather\images_station_meteo\69_night.png C:\Documents and Settings\sophie chebassier\Application Data\EoRezo\EoWeather\images_station_meteo\70_day.png C:\Documents and Settings\sophie chebassier\Application Data\EoRezo\EoWeather\images_station_meteo\70_night.png C:\Documents and Settings\sophie chebassier\Application Data\EoRezo\EoWeather\images_station_meteo\78_day.png C:\Documents and Settings\sophie chebassier\Application Data\EoRezo\EoWeather\images_station_meteo\78_night.png C:\Documents and Settings\sophie chebassier\Application Data\EoRezo\EoWeather\images_station_meteo\82_day.png C:\Documents and Settings\sophie chebassier\Application Data\EoRezo\EoWeather\images_station_meteo\82_night.png C:\Documents and Settings\sophie chebassier\Application Data\EoRezo\EoWeather\images_station_meteo\83_day.png C:\Documents and Settings\sophie chebassier\Application Data\EoRezo\EoWeather\images_station_meteo\83_night.png C:\Documents and Settings\sophie chebassier\Application Data\EoRezo\EoWeather\images_station_meteo\84_day.png C:\Documents and Settings\sophie chebassier\Application Data\EoRezo\EoWeather\images_station_meteo\84_night.png C:\Documents and Settings\sophie chebassier\Application Data\EoRezo\EoWeather\images_station_meteo\85_day.png C:\Documents and Settings\sophie chebassier\Application Data\EoRezo\EoWeather\images_station_meteo\85_night.png C:\Documents and Settings\sophie chebassier\Application Data\EoRezo\EoWeather\images_station_meteo\89_day.png C:\Documents and Settings\sophie chebassier\Application Data\EoRezo\EoWeather\images_station_meteo\89_night.png C:\Documents and Settings\sophie chebassier\Application Data\EoRezo\EoWeather\images_station_meteo\about.png C:\Documents and Settings\sophie chebassier\Application Data\EoRezo\EoWeather\images_station_meteo\back.png C:\Documents and Settings\sophie chebassier\Application Data\EoRezo\EoWeather\images_station_meteo\background.png C:\Documents and Settings\sophie chebassier\Application Data\EoRezo\EoWeather\images_station_meteo\background_1.png C:\Documents and Settings\sophie chebassier\Application Data\EoRezo\EoWeather\images_station_meteo\background_1days.png C:\Documents and Settings\sophie chebassier\Application Data\EoRezo\EoWeather\images_station_meteo\background_2days.png C:\Documents and Settings\sophie chebassier\Application Data\EoRezo\EoWeather\images_station_meteo\background_7days.png C:\Documents and Settings\sophie chebassier\Application Data\EoRezo\EoWeather\images_station_meteo\backPressed.png C:\Documents and Settings\sophie chebassier\Application Data\EoRezo\EoWeather\images_station_meteo\close.png C:\Documents and Settings\sophie chebassier\Application Data\EoRezo\EoWeather\images_station_meteo\closePressed.png C:\Documents and Settings\sophie chebassier\Application Data\EoRezo\EoWeather\images_station_meteo\dayPrevisionBackground.png C:\Documents and Settings\sophie chebassier\Application Data\EoRezo\EoWeather\images_station_meteo\dayPrevisionClose.png C:\Documents and Settings\sophie chebassier\Application Data\EoRezo\EoWeather\images_station_meteo\earth.png C:\Documents and Settings\sophie chebassier\Application Data\EoRezo\EoWeather\images_station_meteo\fonds_écran.png C:\Documents and Settings\sophie chebassier\Application Data\EoRezo\EoWeather\images_station_meteo\help.png C:\Documents and Settings\sophie chebassier\Application Data\EoRezo\EoWeather\images_station_meteo\helpPressed.png C:\Documents and Settings\sophie chebassier\Application Data\EoRezo\EoWeather\images_station_meteo\minimise.png C:\Documents and Settings\sophie chebassier\Application Data\EoRezo\EoWeather\images_station_meteo\minimisePressed.png C:\Documents and Settings\sophie chebassier\Application Data\EoRezo\EoWeather\images_station_meteo\next.png C:\Documents and Settings\sophie chebassier\Application Data\EoRezo\EoWeather\images_station_meteo\nextPressed.png C:\Documents and Settings\sophie chebassier\Application Data\EoRezo\EoWeather\images_station_meteo\option.png C:\Documents and Settings\sophie chebassier\Application Data\EoRezo\EoWeather\images_station_meteo\optionPressed.png C:\Documents and Settings\sophie chebassier\Application Data\EoRezo\EoWeather\images_station_meteo\reflet_ecran.png C:\Documents and Settings\sophie chebassier\Application Data\EoRezo\EoWeather\images_station_meteo\Thumbs.db C:\Documents and Settings\sophie chebassier\Application Data\EoRezo\EoWeather\images_station_meteo\txt_14x13.png C:\Documents and Settings\sophie chebassier\Application Data\EoRezo\host.cyp C:\Documents and Settings\sophie chebassier\Application Data\EoRezo\towns.cfg C:\Documents and Settings\sophie chebassier\Application Data\EoRezo\user.cyp C:\Documents and Settings\sophie chebassier\Application Data\WinAntiVirus Pro 2006 C:\Documents and Settings\sophie chebassier\Application Data\WinAntiVirus Pro 2006\Logs\Activate.log C:\Documents and Settings\sophie chebassier\Application Data\WinAntiVirus Pro 2006\Logs\update.log C:\Documents and Settings\sophie chebassier\Application Data\WinAntiVirus Pro 2006\Logs\wa6Support.log C:\Documents and Settings\sophie chebassier\Application Data\WinAntiVirus Pro 2006\Logs\winav.log C:\Documents and Settings\sophie chebassier\Application Data\WinAntiVirus Pro 2006\PGE.dat C:\Documents and Settings\sophie chebassier\fopn.sys C:\Program Files\EoRezo C:\Program Files\EoRezo\EoAdv\eoAdv.url C:\Program Files\EoRezo\EoAdv\tmp\eoRezoBho.dll.6184 C:\Program Files\Fichiers communs\winantivirus pro 2006 C:\Program Files\Fichiers communs\WinAntiVirus Pro 2006\err.log C:\Program Files\Fichiers communs\WinAntiVirus Pro 2006\wa6pcw.exe C:\Program Files\Fichiers communs\winantivirus pro 2006\WapCHK.dll C:\Program Files\Fichiers communs\winantivirus pro 2006\WAPPChk.dll C:\WA6P C:\WA6P\Quar\Index.dat C:\WA6P\Quar\SOapoldu C:\WA6P\Quar\SOasqeml C:\WA6P\Quar\SObcihcu C:\WA6P\Quar\SObjyixk C:\WA6P\Quar\SObqzdjr C:\WA6P\Quar\SOcatbbi C:\WA6P\Quar\SOcewrax C:\WA6P\Quar\SOckgafe C:\WA6P\Quar\SOdldmhq C:\WA6P\Quar\SOdwqqry C:\WA6P\Quar\SOegfmhu C:\WA6P\Quar\SOemrjkx C:\WA6P\Quar\SOerebah C:\WA6P\Quar\SOfxoiux C:\WA6P\Quar\SOgbmuke C:\WA6P\Quar\SOgjcbrc C:\WA6P\Quar\SOgnyons C:\WA6P\Quar\SOgopuul C:\WA6P\Quar\SOgzntuh C:\WA6P\Quar\SOhfpwny C:\WA6P\Quar\SOhjvxyq C:\WA6P\Quar\SOhxxote C:\WA6P\Quar\SOimhvfr C:\WA6P\Quar\SOiyqyll C:\WA6P\Quar\SOjaqlrt C:\WA6P\Quar\SOjmnjzo C:\WA6P\Quar\SOjuekdc C:\WA6P\Quar\SOkfqnfn C:\WA6P\Quar\SOkvxudp C:\WA6P\Quar\SOldpflz C:\WA6P\Quar\SOlgzmir C:\WA6P\Quar\SOlllpds C:\WA6P\Quar\SOlpaaiz C:\WA6P\Quar\SOlwkdmb C:\WA6P\Quar\SOlzkwfj C:\WA6P\Quar\SOmdezuy C:\WA6P\Quar\SOmljkkf C:\WA6P\Quar\SOndpnqq C:\WA6P\Quar\SOnjgvnt C:\WA6P\Quar\SOnusabs C:\WA6P\Quar\SOocslsi C:\WA6P\Quar\SOoiorhh C:\WA6P\Quar\SOommmak C:\WA6P\Quar\SOoonznm C:\WA6P\Quar\SOoskpjo C:\WA6P\Quar\SOoyaohc C:\WA6P\Quar\SOozrkqy C:\WA6P\Quar\SOpaundl C:\WA6P\Quar\SOpykhlm C:\WA6P\Quar\SOqbctdl C:\WA6P\Quar\SOqluzch C:\WA6P\Quar\SOqngfze C:\WA6P\Quar\SOqyfxkh C:\WA6P\Quar\SOrqaabb C:\WA6P\Quar\SOrwogkl C:\WA6P\Quar\SOrwpdqb C:\WA6P\Quar\SOrxkaxg C:\WA6P\Quar\SOryvhrw C:\WA6P\Quar\SOrzjliv C:\WA6P\Quar\SOsbektz C:\WA6P\Quar\SOseaxku C:\WA6P\Quar\SOsfmdvc C:\WA6P\Quar\SOsnrnms C:\WA6P\Quar\SOsqdfqh C:\WA6P\Quar\SOteyxlt C:\WA6P\Quar\SOtigfeo C:\WA6P\Quar\SOtmyilz C:\WA6P\Quar\SOtueopi C:\WA6P\Quar\SOuabzyx C:\WA6P\Quar\SOufuaqs C:\WA6P\Quar\SOughlmk C:\WA6P\Quar\SOuhjlxz C:\WA6P\Quar\SOujmmvm C:\WA6P\Quar\SOunjwck C:\WA6P\Quar\SOvjvqvx C:\WA6P\Quar\SOvnsawd C:\WA6P\Quar\SOvpbtuf C:\WA6P\Quar\SOvtwrtb C:\WA6P\Quar\SOvxaesa C:\WA6P\Quar\SOwmgbvr C:\WA6P\Quar\SOwnrnsl C:\WA6P\Quar\SOxfmvfp C:\WA6P\Quar\SOxgujsy C:\WA6P\Quar\SOxpwjjj C:\WA6P\Quar\SOxpysgo C:\WA6P\Quar\SOxyxjuo C:\WA6P\Quar\SOycpmcw C:\WA6P\Quar\SOzadppo C:\WA6P\Quar\SOzfoclh C:\WA6P\Quar\SOzksreh C:\WA6P\Quar\SOzrjckd C:\WINDOWS\BM59044253.xml C:\WINDOWS\cookies.ini C:\WINDOWS\pskt.ini C:\WINDOWS\system32\abfbrkhd.exe C:\WINDOWS\system32\camdjqhj.exe C:\WINDOWS\system32\ekbvpqgl.dll C:\WINDOWS\system32\eohvdqwb.ini C:\WINDOWS\system32\iieybtbx.ini C:\WINDOWS\system32\ipsefcpa.ini C:\WINDOWS\system32\lgqpvbke.ini C:\WINDOWS\system32\mcrh.tmp C:\WINDOWS\system32\mflttibe.dll C:\WINDOWS\system32\mmporrqr.ini C:\WINDOWS\system32\mmporrqr.ini2 C:\WINDOWS\system32\nqenklmw.ini C:\WINDOWS\system32\opnlljhf.dll C:\WINDOWS\system32\othkaduu.exe C:\WINDOWS\system32\plbhcgba.ini C:\WINDOWS\system32\qgnthswg.ini C:\WINDOWS\system32\qlojsvjp.dll C:\WINDOWS\system32\rqrropmm.dll C:\WINDOWS\system32\rxuoycka.exe C:\WINDOWS\system32\stera.job C:\WINDOWS\system32\stera.log C:\WINDOWS\system32\uqcrkhti.exe C:\WINDOWS\system32\urlmsnlink.dat C:\WINDOWS\system32\uswmsrmh.exe C:\WINDOWS\system32\wmlkneqn.dll . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\Legacy_FOPN -------\Legacy_VSPF -------\Legacy_VSPF_HK -------\Service_FOPN ((((((((((((((((((((((((((((( Fichiers créés 2008-04-27 to 2008-05-27 )))))))))))))))))))))))))))))))))))) . 2008-05-26 23:21 . 2008-05-26 23:21 206 --a------ C:\WINDOWS\system32\MRT.INI 2008-05-26 23:13 . 2008-05-26 23:13 294 ---hs---- C:\WINDOWS\system32\ipsefcpa.ini 2008-05-25 23:13 . 2008-05-25 23:27 <REP> d-------- C:\HJT 2008-05-24 00:19 . 2008-05-24 00:19 2 --a------ C:\WINDOWS\msoffice.ini 2008-05-23 22:17 . 2008-05-23 22:17 <REP> d-------- C:\Program Files\Avira 2008-05-23 21:56 . 2008-05-23 22:17 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Avira 2008-05-17 18:14 . 2008-05-17 18:57 <REP> d-------- C:\Documents and Settings\sophie chebassier\Application Data\Desperate Housewives 2008-05-17 18:02 . 2008-05-17 18:02 <REP> d-------- C:\Program Files\Buena Vista Games 2008-05-17 18:01 . 2008-05-17 18:14 1,104 --a------ C:\WINDOWS\disney.ini 2008-05-17 18:01 . 2008-05-17 18:01 185 --a------ C:\WINDOWS\disneysy.ini 2008-05-17 17:34 . 2008-05-17 17:34 <REP> d-------- C:\Program Files\Ubisoft 2008-05-15 16:15 . 1997-07-06 20:22 756,736 --------- C:\WINDOWS\system32\ir41_32.dll 2008-05-15 16:14 . 2008-05-15 16:14 <REP> d-------- C:\Program Files\Microsoft Games 2008-04-27 13:17 . 2008-04-27 13:17 <REP> d--hsc--- C:\Program Files\Fichiers communs\WindowsLiveInstaller 2008-04-27 13:16 . 2008-04-27 13:18 <REP> d-------- C:\Program Files\Windows Live 2008-04-27 13:16 . 2008-04-27 13:16 <REP> d-------- C:\Documents and Settings\All Users\Application Data\WLInstaller . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2008-05-25 13:22 --------- d-----w C:\Documents and Settings\sophie chebassier\Application Data\U3 2008-05-23 22:20 --------- d-----w C:\Program Files\Fichiers communs\AOL 2008-05-23 22:20 --------- d-----w C:\Documents and Settings\All Users\Application Data\AOL 2008-05-20 16:10 --------- d-----w C:\Program Files\CDDC-MahJongg 2008-05-17 16:01 --------- d--h--w C:\Program Files\InstallShield Installation Information 2008-05-15 10:00 --------- d-----w C:\Documents and Settings\All Users\Application Data\Microsoft Help 2008-05-13 15:17 --------- d-----w C:\Program Files\HOTALBUMMyBOX 2008-04-01 13:32 --------- d-----w C:\Program Files\PhotoFiltre Studio 2008-04-01 13:32 --------- d-----w C:\Documents and Settings\sophie chebassier\Application Data\ItsLabel 2008-04-01 13:31 --------- d-----w C:\Program Files\Its Label 2008-03-25 04:51 621,344 ----a-w C:\WINDOWS\system32\mswstr10.dll 2008-03-25 04:51 621,344 ------w C:\WINDOWS\system32\dllcache\mswstr10.dll 2008-03-25 04:51 194,144 ----a-w C:\WINDOWS\system32\msjint40.dll 2008-03-25 04:51 194,144 ------w C:\WINDOWS\system32\dllcache\msjint40.dll 2008-03-20 08:09 1,845,376 ----a-w C:\WINDOWS\system32\win32k.sys 2008-03-20 08:09 1,845,376 ------w C:\WINDOWS\system32\dllcache\win32k.sys 2007-03-27 16:40 774,144 ----a-w C:\Program Files\RngInterstitial.dll 2007-01-30 19:37 174 ----a-w C:\Documents and Settings\sophie chebassier\Application Data\wklnhst.dat . ((((((((((((((((((((((((((((( snapshot@2008-05-26_ 0.06.38.28 ))))))))))))))))))))))))))))))))))))))))) . - 2008-05-25 21:55:31 2,048 --s-a-w C:\WINDOWS\bootstat.dat + 2008-05-26 21:23:38 2,048 --s-a-w C:\WINDOWS\bootstat.dat - 2008-04-06 05:56:20 19,836,024 ----a-w C:\WINDOWS\system32\MRT.exe + 2008-05-09 21:35:04 16,863,864 ----a-w C:\WINDOWS\system32\MRT.exe . ((((((((((((((((((((((((((((((((( Point de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))) . . REGEDIT4 *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Configuration de la neuf Box"="C:\Program Files\neuf telecom\neuf Box\Wizard\QuickAccess.exe" [2005-12-13 15:19 389120] "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-05 10:00 15360] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ATIPTA"="C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2005-09-27 22:05 344064] "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 02:11 132496] "HP Software Update"="C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe" [2005-02-17 00:11 49152] "SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [2005-06-19 22:50 729178] "hpWirelessAssistant"="C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe" [2005-05-04 11:59 794624] "iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2004-10-13 17:04 278528] "LSBWatcher"="c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe" [2004-10-14 14:54 253952] "eabconfg.cpl"="C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe" [2005-10-11 17:17 409600] "Cpqset"="C:\Program Files\HPQ\Default Settings\cpqset.exe" [2005-08-01 15:26 233534] "Google Desktop Search"="C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" [2007-09-20 13:26 1838592] "Sony Ericsson PC Suite"="C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" [2005-10-26 16:17 159744] "QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2007-09-21 18:52 155648] "SSBkgdUpdate"="C:\Program Files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2006-10-25 10:03 210472] "PaperPort PTD"="C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe" [2007-01-29 22:12 30248] "IndexSearch"="C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe" [2007-01-29 22:10 46632] "PPort11reminder"="C:\Program Files\ScanSoft\PaperPort\Ereg\Ereg.exe" [2007-02-01 14:46 255528] "BrMfcWnd"="C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe" [2007-03-12 15:51 663552] "ControlCenter3"="C:\Program Files\Brother\ControlCenter3\brctrcen.exe" [2007-01-26 16:58 65536] "MBBalloon"="C:\Program Files\HOTALBUMMyBOX\MBBalloon.exe" [2007-11-30 15:48 789144] "ItsTV"="C:\Program Files\Its Label\ItsTV\ItsTV.exe" [2007-04-26 16:19 2908160] "avgnt"="C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-02-12 10:06 262401] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-05 10:00 15360] C:\Documents and Settings\All Users\Menu D‚marrer\Programmes\D‚marrage\ HP Digital Imaging Monitor.lnk - C:\Program Files\Hp\Digital Imaging\bin\hpqtra08.exe [2004-11-04 19:28:24 258048] [hkey_local_machine\software\microsoft\windows\currentversion\explorer\shellexecutehooks] "{56F9679E-7826-4C84-81F3-532071A8BCC5}"= C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [2007-02-05 15:39 294400] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows] "AppInit_DLLs"=C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "vidc.iv41"= ir41_32.dll [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "C:\\Program Files\\iTunes\\iTunes.exe"= "C:\\Program Files\\Messenger\\msmsgs.exe"= "C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"= "C:\\WINDOWS\\system32\\dpvsetup.exe"= "C:\\Program Files\\Reflex English Cambridge\\data\\fscommand\\flchk.exe"= "C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"= R0 PzWDM;PzWDM;C:\WINDOWS\system32\Drivers\PzWDM.sys [2008-03-17 12:23] R3 HSFHWATI;HSFHWATI;C:\WINDOWS\system32\DRIVERS\HSFHWATI.sys [2005-08-22 11:06] S3 BrScnUsb;Brother USB Still Image driver;C:\WINDOWS\system32\DRIVERS\BrScnUsb.sys [2004-10-15 13:50] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{2123da1c-ae2d-11dc-937d-0014a5735547}] \Shell\AutoRun\command - E:\InstallTomTomHOME.exe . Contenu du dossier 'Scheduled Tasks/Tâches planifiées' "2008-05-26 21:32:01 C:\WINDOWS\Tasks\Vérifier les mises à jour de Windows Live Toolbar.job" - C:\Program Files\Windows Live Toolbar\MSNTBUP.EXE . ************************************************************************** catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-05-27 20:26:46 Windows 5.1.2600 Service Pack 2 NTFS Balayage processus cachés ... Balayage caché autostart entries ... HKLM\Software\Microsoft\Windows\CurrentVersion\Run Cpqset = C:\Program Files\HPQ\Default Settings\cpqset.exe????????5?7?2?5??????? ???B?????????????hLC? ?????? Balayage des fichiers cachés ... Scan terminé avec succès Les fichiers cachés: 0 ************************************************************************** . Temps d'accomplissement: 2008-05-27 20:29:07 ComboFix-quarantined-files.txt 2008-05-27 18:28:19 Pre-Run: 58,575,659,008 octets libres Post-Run: 58,566,062,080 octets libres 384 --- E O F --- 2008-05-26 21:21:55
  14. cof336
    Voici le rapport demandé, il y a eu une MAJ de windows ComboFix 08-05-25.3 - sophie chebassier 2008-05-26 23:04:59.2 - NTFSx86 Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.512 [GMT 2:00] Endroit: C:\Documents and Settings\sophie chebassier\Bureau\ComboFix.exe Command switches used :: C:\Documents and Settings\sophie chebassier\Bureau\CFScript.txt * Création d'un nouveau point de restauration AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !! FILE :: C:\Documents and Settings\sophie chebassier\fopn.sys C:\WINDOWS\system32\qlojsvjp.dll C:\WINDOWS\system32\rqrropmm.dll C:\WINDOWS\system32\wmlkneqn.dll . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . C:\Documents and Settings\sophie chebassier\Application Data\EoRezo C:\Documents and Settings\sophie chebassier\Application Data\EoRezo\cmhost.cyp C:\Documents and Settings\sophie chebassier\Application Data\EoRezo\ConfMedia.cyp C:\Documents and Settings\sophie chebassier\Application Data\EoRezo\db\cat.cyp C:\Documents and Settings\sophie chebassier\Application Data\EoRezo\eoDesktop\config.xml C:\Documents and Settings\sophie chebassier\Application Data\EoRezo\eoDesktop\eoDesktop.html C:\Documents and Settings\sophie chebassier\Application Data\EoRezo\eoDesktop\userConfig.xml C:\Documents and Settings\sophie chebassier\Application Data\EoRezo\EoWeather.cfg C:\Documents and Settings\sophie chebassier\Application Data\EoRezo\EoWeather\EoWeatherVal_02EC282.cfg C:\Documents and Settings\sophie chebassier\Application Data\EoRezo\EoWeather\images_classic\67_day.png C:\Documents and Settings\sophie chebassier\Application Data\EoRezo\EoWeather\images_classic\67_night.png C:\Documents and Settings\sophie chebassier\Application Data\EoRezo\EoWeather\images_classic\69_day.png C:\Documents and Settings\sophie chebassier\Application Data\EoRezo\EoWeather\images_classic\69_night.png C:\Documents and Settings\sophie chebassier\Application Data\EoRezo\EoWeather\images_classic\70_day.png C:\Documents and Settings\sophie chebassier\Application Data\EoRezo\EoWeather\images_classic\70_night.png C:\Documents and Settings\sophie chebassier\Application Data\EoRezo\EoWeather\images_classic\78_day.png C:\Documents and Settings\sophie chebassier\Application Data\EoRezo\EoWeather\images_classic\78_night.png C:\Documents and Settings\sophie chebassier\Application Data\EoRezo\EoWeather\images_classic\82_day.png C:\Documents and Settings\sophie chebassier\Application Data\EoRezo\EoWeather\images_classic\82_night.png C:\Documents and Settings\sophie chebassier\Application Data\EoRezo\EoWeather\images_classic\83_day.png C:\Documents and Settings\sophie chebassier\Application Data\EoRezo\EoWeather\images_classic\83_night.png C:\Documents and Settings\sophie chebassier\Application Data\EoRezo\EoWeather\images_classic\84_day.png C:\Documents and Settings\sophie chebassier\Application Data\EoRezo\EoWeather\images_classic\84_night.png C:\Documents and Settings\sophie chebassier\Application Data\EoRezo\EoWeather\images_classic\85_day.png C:\Documents and Settings\sophie chebassier\Application Data\EoRezo\EoWeather\images_classic\85_night.png C:\Documents and Settings\sophie chebassier\Application Data\EoRezo\EoWeather\images_classic\89_day.png C:\Documents and Settings\sophie chebassier\Application Data\EoRezo\EoWeather\images_classic\89_night.png C:\Documents and Settings\sophie chebassier\Application Data\EoRezo\EoWeather\images_classic\back.png C:\Documents and Settings\sophie chebassier\Application Data\EoRezo\EoWeather\images_classic\background.png C:\Documents and Settings\sophie chebassier\Application Data\EoRezo\EoWeather\images_classic\background_1.png C:\Documents and Settings\sophie chebassier\Application Data\EoRezo\EoWeather\images_classic\background_1days.png C:\Documents and Settings\sophie chebassier\Application Data\EoRezo\EoWeather\images_classic\background_2days.png C:\Documents and Settings\sophie chebassier\Application Data\EoRezo\EoWeather\images_classic\background_7days.png C:\Documents and Settings\sophie chebassier\Application Data\EoRezo\EoWeather\images_classic\backPressed.png C:\Documents and Settings\sophie chebassier\Application Data\EoRezo\EoWeather\images_classic\band.png C:\Documents and Settings\sophie chebassier\Application Data\EoRezo\EoWeather\images_classic\band_small.png C:\Documents and Settings\sophie chebassier\Application Data\EoRezo\EoWeather\images_classic\close.png C:\Documents and Settings\sophie chebassier\Application Data\EoRezo\EoWeather\images_classic\closePressed.png C:\Documents and Settings\sophie chebassier\Application Data\EoRezo\EoWeather\images_classic\dayPrevisionBackground.png C:\Documents and Settings\sophie chebassier\Application Data\EoRezo\EoWeather\images_classic\dayPrevisionClose.png C:\Documents and Settings\sophie chebassier\Application Data\EoRezo\EoWeather\images_classic\earth.png C:\Documents and Settings\sophie chebassier\Application Data\EoRezo\EoWeather\images_classic\fonds_écran.png C:\Documents and Settings\sophie chebassier\Application Data\EoRezo\EoWeather\images_classic\help.png C:\Documents and Settings\sophie chebassier\Application Data\EoRezo\EoWeather\images_classic\helpPressed.png C:\Documents and Settings\sophie chebassier\Application Data\EoRezo\EoWeather\images_classic\minimise.png C:\Documents and Settings\sophie chebassier\Application Data\EoRezo\EoWeather\images_classic\minimisePressed.png C:\Documents and Settings\sophie chebassier\Application Data\EoRezo\EoWeather\images_classic\next.png C:\Documents and Settings\sophie chebassier\Application Data\EoRezo\EoWeather\images_classic\nextPressed.png C:\Documents and Settings\sophie chebassier\Application Data\EoRezo\EoWeather\images_classic\option.png C:\Documents and Settings\sophie chebassier\Application Data\EoRezo\EoWeather\images_classic\optionPressed.png C:\Documents and Settings\sophie chebassier\Application Data\EoRezo\EoWeather\images_classic\reflet_ecran.png C:\Documents and Settings\sophie chebassier\Application Data\EoRezo\EoWeather\images_classic\small_background.png C:\Documents and Settings\sophie chebassier\Application Data\EoRezo\EoWeather\images_classic\Thumbs.db C:\Documents and Settings\sophie chebassier\Application Data\EoRezo\EoWeather\images_station_meteo\67_day.png C:\Documents and Settings\sophie chebassier\Application Data\EoRezo\EoWeather\images_station_meteo\67_night.png C:\Documents and Settings\sophie chebassier\Application Data\EoRezo\EoWeather\images_station_meteo\69_day.png C:\Documents and Settings\sophie chebassier\Application Data\EoRezo\EoWeather\images_station_meteo\69_night.png C:\Documents and Settings\sophie chebassier\Application Data\EoRezo\EoWeather\images_station_meteo\70_day.png C:\Documents and Settings\sophie chebassier\Application Data\EoRezo\EoWeather\images_station_meteo\70_night.png C:\Documents and Settings\sophie chebassier\Application Data\EoRezo\EoWeather\images_station_meteo\78_day.png C:\Documents and Settings\sophie chebassier\Application Data\EoRezo\EoWeather\images_station_meteo\78_night.png C:\Documents and Settings\sophie chebassier\Application Data\EoRezo\EoWeather\images_station_meteo\82_day.png C:\Documents and Settings\sophie chebassier\Application Data\EoRezo\EoWeather\images_station_meteo\82_night.png C:\Documents and Settings\sophie chebassier\Application Data\EoRezo\EoWeather\images_station_meteo\83_day.png C:\Documents and Settings\sophie chebassier\Application Data\EoRezo\EoWeather\images_station_meteo\83_night.png C:\Documents and Settings\sophie chebassier\Application Data\EoRezo\EoWeather\images_station_meteo\84_day.png C:\Documents and Settings\sophie chebassier\Application Data\EoRezo\EoWeather\images_station_meteo\84_night.png C:\Documents and Settings\sophie chebassier\Application Data\EoRezo\EoWeather\images_station_meteo\85_day.png C:\Documents and Settings\sophie chebassier\Application Data\EoRezo\EoWeather\images_station_meteo\85_night.png C:\Documents and Settings\sophie chebassier\Application Data\EoRezo\EoWeather\images_station_meteo\89_day.png C:\Documents and Settings\sophie chebassier\Application Data\EoRezo\EoWeather\images_station_meteo\89_night.png C:\Documents and Settings\sophie chebassier\Application Data\EoRezo\EoWeather\images_station_meteo\about.png C:\Documents and Settings\sophie chebassier\Application Data\EoRezo\EoWeather\images_station_meteo\back.png C:\Documents and Settings\sophie chebassier\Application Data\EoRezo\EoWeather\images_station_meteo\background.png C:\Documents and Settings\sophie chebassier\Application Data\EoRezo\EoWeather\images_station_meteo\background_1.png C:\Documents and Settings\sophie chebassier\Application Data\EoRezo\EoWeather\images_station_meteo\background_1days.png C:\Documents and Settings\sophie chebassier\Application Data\EoRezo\EoWeather\images_station_meteo\background_2days.png C:\Documents and Settings\sophie chebassier\Application Data\EoRezo\EoWeather\images_station_meteo\background_7days.png C:\Documents and Settings\sophie chebassier\Application Data\EoRezo\EoWeather\images_station_meteo\backPressed.png C:\Documents and Settings\sophie chebassier\Application Data\EoRezo\EoWeather\images_station_meteo\close.png C:\Documents and Settings\sophie chebassier\Application Data\EoRezo\EoWeather\images_station_meteo\closePressed.png C:\Documents and Settings\sophie chebassier\Application Data\EoRezo\EoWeather\images_station_meteo\dayPrevisionBackground.png C:\Documents and Settings\sophie chebassier\Application Data\EoRezo\EoWeather\images_station_meteo\dayPrevisionClose.png C:\Documents and Settings\sophie chebassier\Application Data\EoRezo\EoWeather\images_station_meteo\earth.png C:\Documents and Settings\sophie chebassier\Application Data\EoRezo\EoWeather\images_station_meteo\fonds_écran.png C:\Documents and Settings\sophie chebassier\Application Data\EoRezo\EoWeather\images_station_meteo\help.png C:\Documents and Settings\sophie chebassier\Application Data\EoRezo\EoWeather\images_station_meteo\helpPressed.png C:\Documents and Settings\sophie chebassier\Application Data\EoRezo\EoWeather\images_station_meteo\minimise.png C:\Documents and Settings\sophie chebassier\Application Data\EoRezo\EoWeather\images_station_meteo\minimisePressed.png C:\Documents and Settings\sophie chebassier\Application Data\EoRezo\EoWeather\images_station_meteo\next.png C:\Documents and Settings\sophie chebassier\Application Data\EoRezo\EoWeather\images_station_meteo\nextPressed.png C:\Documents and Settings\sophie chebassier\Application Data\EoRezo\EoWeather\images_station_meteo\option.png C:\Documents and Settings\sophie chebassier\Application Data\EoRezo\EoWeather\images_station_meteo\optionPressed.png C:\Documents and Settings\sophie chebassier\Application Data\EoRezo\EoWeather\images_station_meteo\reflet_ecran.png C:\Documents and Settings\sophie chebassier\Application Data\EoRezo\EoWeather\images_station_meteo\Thumbs.db C:\Documents and Settings\sophie chebassier\Application Data\EoRezo\EoWeather\images_station_meteo\txt_14x13.png C:\Documents and Settings\sophie chebassier\Application Data\EoRezo\host.cyp C:\Documents and Settings\sophie chebassier\Application Data\EoRezo\towns.cfg C:\Documents and Settings\sophie chebassier\Application Data\EoRezo\user.cyp C:\Documents and Settings\sophie chebassier\fopn.sys C:\Program Files\EoRezo C:\Program Files\EoRezo\EoAdv\eoAdv.url C:\Program Files\EoRezo\EoAdv\tmp\eoRezoBho.dll.6184 C:\WINDOWS\BM59044253.xml C:\WINDOWS\pskt.ini C:\WINDOWS\system32\ipsefcpa.ini C:\WINDOWS\system32\mmporrqr.ini C:\WINDOWS\system32\mmporrqr.ini2 C:\WINDOWS\system32\qlojsvjp.dll C:\WINDOWS\system32\rqrropmm.dll C:\WINDOWS\system32\rxuoycka.exe C:\WINDOWS\system32\wmlkneqn.dll . ---- Previous Run ------- . C:\Documents and Settings\All Users\Application Data\WinAntiVirus Pro 2006 C:\Documents and Settings\All Users\Application Data\WinAntiVirus Pro 2006\AVScheduler.dat C:\Documents and Settings\sophie chebassier\Application Data\WinAntiVirus Pro 2006 C:\Documents and Settings\sophie chebassier\Application Data\WinAntiVirus Pro 2006\Logs\Activate.log C:\Documents and Settings\sophie chebassier\Application Data\WinAntiVirus Pro 2006\Logs\update.log C:\Documents and Settings\sophie chebassier\Application Data\WinAntiVirus Pro 2006\Logs\wa6Support.log C:\Documents and Settings\sophie chebassier\Application Data\WinAntiVirus Pro 2006\Logs\winav.log C:\Documents and Settings\sophie chebassier\Application Data\WinAntiVirus Pro 2006\PGE.dat C:\Program Files\Fichiers communs\winantivirus pro 2006 C:\Program Files\Fichiers communs\winantivirus pro 2006\err.log C:\Program Files\Fichiers communs\WinAntiVirus Pro 2006\wa6pcw.exe C:\Program Files\Fichiers communs\WinAntiVirus Pro 2006\WapCHK.dll C:\Program Files\Fichiers communs\WinAntiVirus Pro 2006\WAPPChk.dll C:\WA6P C:\WA6P\Quar\Index.dat C:\WA6P\Quar\SOapoldu C:\WA6P\Quar\SOasqeml C:\WA6P\Quar\SObcihcu C:\WA6P\Quar\SObjyixk C:\WA6P\Quar\SObqzdjr C:\WA6P\Quar\SOcatbbi C:\WA6P\Quar\SOcewrax C:\WA6P\Quar\SOckgafe C:\WA6P\Quar\SOdldmhq C:\WA6P\Quar\SOdwqqry C:\WA6P\Quar\SOegfmhu C:\WA6P\Quar\SOemrjkx C:\WA6P\Quar\SOerebah C:\WA6P\Quar\SOfxoiux C:\WA6P\Quar\SOgbmuke C:\WA6P\Quar\SOgjcbrc C:\WA6P\Quar\SOgnyons C:\WA6P\Quar\SOgopuul C:\WA6P\Quar\SOgzntuh C:\WA6P\Quar\SOhfpwny C:\WA6P\Quar\SOhjvxyq C:\WA6P\Quar\SOhxxote C:\WA6P\Quar\SOimhvfr C:\WA6P\Quar\SOiyqyll C:\WA6P\Quar\SOjaqlrt C:\WA6P\Quar\SOjmnjzo C:\WA6P\Quar\SOjuekdc C:\WA6P\Quar\SOkfqnfn C:\WA6P\Quar\SOkvxudp C:\WA6P\Quar\SOldpflz C:\WA6P\Quar\SOlgzmir C:\WA6P\Quar\SOlllpds C:\WA6P\Quar\SOlpaaiz C:\WA6P\Quar\SOlwkdmb C:\WA6P\Quar\SOlzkwfj C:\WA6P\Quar\SOmdezuy C:\WA6P\Quar\SOmljkkf C:\WA6P\Quar\SOndpnqq C:\WA6P\Quar\SOnjgvnt C:\WA6P\Quar\SOnusabs C:\WA6P\Quar\SOocslsi C:\WA6P\Quar\SOoiorhh C:\WA6P\Quar\SOommmak C:\WA6P\Quar\SOoonznm C:\WA6P\Quar\SOoskpjo C:\WA6P\Quar\SOoyaohc C:\WA6P\Quar\SOozrkqy C:\WA6P\Quar\SOpaundl C:\WA6P\Quar\SOpykhlm C:\WA6P\Quar\SOqbctdl C:\WA6P\Quar\SOqluzch C:\WA6P\Quar\SOqngfze C:\WA6P\Quar\SOqyfxkh C:\WA6P\Quar\SOrqaabb C:\WA6P\Quar\SOrwogkl C:\WA6P\Quar\SOrwpdqb C:\WA6P\Quar\SOrxkaxg C:\WA6P\Quar\SOryvhrw C:\WA6P\Quar\SOrzjliv C:\WA6P\Quar\SOsbektz C:\WA6P\Quar\SOseaxku C:\WA6P\Quar\SOsfmdvc C:\WA6P\Quar\SOsnrnms C:\WA6P\Quar\SOsqdfqh C:\WA6P\Quar\SOteyxlt C:\WA6P\Quar\SOtigfeo C:\WA6P\Quar\SOtmyilz C:\WA6P\Quar\SOtueopi C:\WA6P\Quar\SOuabzyx C:\WA6P\Quar\SOufuaqs C:\WA6P\Quar\SOughlmk C:\WA6P\Quar\SOuhjlxz C:\WA6P\Quar\SOujmmvm C:\WA6P\Quar\SOunjwck C:\WA6P\Quar\SOvjvqvx C:\WA6P\Quar\SOvnsawd C:\WA6P\Quar\SOvpbtuf C:\WA6P\Quar\SOvtwrtb C:\WA6P\Quar\SOvxaesa C:\WA6P\Quar\SOwmgbvr C:\WA6P\Quar\SOwnrnsl C:\WA6P\Quar\SOxfmvfp C:\WA6P\Quar\SOxgujsy C:\WA6P\Quar\SOxpwjjj C:\WA6P\Quar\SOxpysgo C:\WA6P\Quar\SOxyxjuo C:\WA6P\Quar\SOycpmcw C:\WA6P\Quar\SOzadppo C:\WA6P\Quar\SOzfoclh C:\WA6P\Quar\SOzksreh C:\WA6P\Quar\SOzrjckd C:\WINDOWS\BM59044253.xml C:\WINDOWS\cookies.ini C:\WINDOWS\pskt.ini C:\WINDOWS\system32\abfbrkhd.exe C:\WINDOWS\system32\camdjqhj.exe C:\WINDOWS\system32\ekbvpqgl.dll C:\WINDOWS\system32\eohvdqwb.ini C:\WINDOWS\system32\iieybtbx.ini C:\WINDOWS\system32\lgqpvbke.ini C:\WINDOWS\system32\mcrh.tmp C:\WINDOWS\system32\mflttibe.dll C:\WINDOWS\system32\mmporrqr.ini C:\WINDOWS\system32\mmporrqr.ini2 C:\WINDOWS\system32\nqenklmw.ini C:\WINDOWS\system32\opnlljhf.dll C:\WINDOWS\system32\othkaduu.exe C:\WINDOWS\system32\plbhcgba.ini C:\WINDOWS\system32\qgnthswg.ini C:\WINDOWS\system32\stera.job C:\WINDOWS\system32\stera.log C:\WINDOWS\system32\uqcrkhti.exe C:\WINDOWS\system32\urlmsnlink.dat C:\WINDOWS\system32\uswmsrmh.exe . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\Legacy_FOPN -------\Legacy_VSPF -------\Legacy_VSPF_HK -------\Service_FOPN ((((((((((((((((((((((((((((( Fichiers cr‚‚s 2008-04-26 to 2008-05-26 )))))))))))))))))))))))))))))))))))) . 2008-05-26 00:08 . 2008-05-26 00:08 109,056 --a------ C:\WINDOWS\system32\corvtbvg.dll 2008-05-26 00:08 . 2008-05-26 00:08 94,208 --a------ C:\WINDOWS\system32\apcfespi.dll 2008-05-25 23:13 . 2008-05-25 23:27 <REP> d-------- C:\HJT 2008-05-24 00:19 . 2008-05-24 00:19 2 --a------ C:\WINDOWS\msoffice.ini 2008-05-23 22:17 . 2008-05-23 22:17 <REP> d-------- C:\Program Files\Avira 2008-05-23 21:56 . 2008-05-23 22:17 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Avira 2008-05-17 18:14 . 2008-05-17 18:57 <REP> d-------- C:\Documents and Settings\sophie chebassier\Application Data\Desperate Housewives 2008-05-17 18:02 . 2008-05-17 18:02 <REP> d-------- C:\Program Files\Buena Vista Games 2008-05-17 18:01 . 2008-05-17 18:14 1,104 --a------ C:\WINDOWS\disney.ini 2008-05-17 18:01 . 2008-05-17 18:01 185 --a------ C:\WINDOWS\disneysy.ini 2008-05-17 17:34 . 2008-05-17 17:34 <REP> d-------- C:\Program Files\Ubisoft 2008-05-15 16:15 . 1997-07-06 20:22 756,736 --------- C:\WINDOWS\system32\ir41_32.dll 2008-05-15 16:14 . 2008-05-15 16:14 <REP> d-------- C:\Program Files\Microsoft Games 2008-04-27 13:17 . 2008-04-27 13:17 <REP> d--hsc--- C:\Program Files\Fichiers communs\WindowsLiveInstaller 2008-04-27 13:16 . 2008-04-27 13:18 <REP> d-------- C:\Program Files\Windows Live 2008-04-27 13:16 . 2008-04-27 13:16 <REP> d-------- C:\Documents and Settings\All Users\Application Data\WLInstaller . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2008-05-25 13:22 --------- d-----w C:\Documents and Settings\sophie chebassier\Application Data\U3 2008-05-23 22:20 --------- d-----w C:\Program Files\Fichiers communs\AOL 2008-05-23 22:20 --------- d-----w C:\Documents and Settings\All Users\Application Data\AOL 2008-05-20 16:10 --------- d-----w C:\Program Files\CDDC-MahJongg 2008-05-17 16:01 --------- d--h--w C:\Program Files\InstallShield Installation Information 2008-05-15 10:00 --------- d-----w C:\Documents and Settings\All Users\Application Data\Microsoft Help 2008-05-13 15:17 --------- d-----w C:\Program Files\HOTALBUMMyBOX 2008-04-01 13:32 --------- d-----w C:\Program Files\PhotoFiltre Studio 2008-04-01 13:32 --------- d-----w C:\Documents and Settings\sophie chebassier\Application Data\ItsLabel 2008-04-01 13:31 --------- d-----w C:\Program Files\Its Label 2007-03-27 16:40 774,144 ----a-w C:\Program Files\RngInterstitial.dll 2007-01-30 19:37 174 ----a-w C:\Documents and Settings\sophie chebassier\Application Data\wklnhst.dat . ((((((((((((((((((((((((((((( snapshot@2008-05-26_ 0.06.38.28 ))))))))))))))))))))))))))))))))))))))))) . - 2008-05-25 21:55:31 2,048 --s-a-w C:\WINDOWS\bootstat.dat + 2008-05-26 21:09:08 2,048 --s-a-w C:\WINDOWS\bootstat.dat . ((((((((((((((((((((((((((((((((( Point de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))) . . REGEDIT4 *Note* les ‚l‚ments vides & les ‚l‚ments initiaux l‚gitimes ne sont pas list‚s [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Configuration de la neuf Box"="C:\Program Files\neuf telecom\neuf Box\Wizard\QuickAccess.exe" [2005-12-13 15:19 389120] "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-05 10:00 15360] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ATIPTA"="C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2005-09-27 22:05 344064] "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 02:11 132496] "HP Software Update"="C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe" [2005-02-17 00:11 49152] "SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [2005-06-19 22:50 729178] "hpWirelessAssistant"="C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe" [2005-05-04 11:59 794624] "iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2004-10-13 17:04 278528] "LSBWatcher"="c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe" [2004-10-14 14:54 253952] "eabconfg.cpl"="C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe" [2005-10-11 17:17 409600] "Cpqset"="C:\Program Files\HPQ\Default Settings\cpqset.exe" [2005-08-01 15:26 233534] "Google Desktop Search"="C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" [2007-09-20 13:26 1838592] "Sony Ericsson PC Suite"="C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" [2005-10-26 16:17 159744] "QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2007-09-21 18:52 155648] "SSBkgdUpdate"="C:\Program Files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2006-10-25 10:03 210472] "PaperPort PTD"="C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe" [2007-01-29 22:12 30248] "IndexSearch"="C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe" [2007-01-29 22:10 46632] "PPort11reminder"="C:\Program Files\ScanSoft\PaperPort\Ereg\Ereg.exe" [2007-02-01 14:46 255528] "BrMfcWnd"="C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe" [2007-03-12 15:51 663552] "ControlCenter3"="C:\Program Files\Brother\ControlCenter3\brctrcen.exe" [2007-01-26 16:58 65536] "MBBalloon"="C:\Program Files\HOTALBUMMyBOX\MBBalloon.exe" [2007-11-30 15:48 789144] "ItsTV"="C:\Program Files\Its Label\ItsTV\ItsTV.exe" [2007-04-26 16:19 2908160] "avgnt"="C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-02-12 10:06 262401] "5a3771cf"="C:\WINDOWS\system32\apcfespi.dll" [2008-05-26 00:08 94208] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-05 10:00 15360] [hkey_local_machine\software\microsoft\windows\currentversion\explorer\shellexecutehooks] "{56F9679E-7826-4C84-81F3-532071A8BCC5}"= C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [2007-02-05 15:39 294400] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows] "AppInit_DLLs"=C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "vidc.iv41"= ir41_32.dll [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "C:\\Program Files\\iTunes\\iTunes.exe"= "C:\\Program Files\\Messenger\\msmsgs.exe"= "C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"= "C:\\WINDOWS\\system32\\dpvsetup.exe"= "C:\\Program Files\\Reflex English Cambridge\\data\\fscommand\\flchk.exe"= "C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"= R0 PzWDM;PzWDM;C:\WINDOWS\system32\Drivers\PzWDM.sys [2008-03-17 12:23] R3 HSFHWATI;HSFHWATI;C:\WINDOWS\system32\DRIVERS\HSFHWATI.sys [2005-08-22 11:06] S3 BrScnUsb;Brother USB Still Image driver;C:\WINDOWS\system32\DRIVERS\BrScnUsb.sys [2004-10-15 13:50] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{2123da1c-ae2d-11dc-937d-0014a5735547}] \Shell\AutoRun\command - E:\InstallTomTomHOME.exe . Contenu du dossier 'Scheduled Tasks/Tƒches planifi‚es' "2008-05-26 20:32:00 C:\WINDOWS\Tasks\Vérifier les mises à jour de Windows Live Toolbar.job"
  15. cof336
    Desolé fausse manip sur l'ordi toujours verolé apriori
×
×
  • Créer...