Ordinateur mort ?Résolu/Fermé

Question

Bonjour, 

J'avais posté une demande d'aide (disparition de Firefox), j'avais reçu de l'aide et tout semblait bien aller mais . . . (31 jan 13)

Depuis cet après-midi, l'ordi se coupe sans crier gare, indique "erreur disque", refuse de travailler,  . . . . . . . . rien ne va plus (comme à la roulette) mais je n'ai gagné que des problèmes.

Même en mode sans échec, il me nargue ;-)

Pourriez-vous m'aider ?

Merci d'avance

P.S. en cas de besoin, j'ai un second pour le dialogue

Bien à vous,

Configuration: Windows XP / Firefox 18.0

rapirapo · Answer

Re,

je n'ai aucune connaissance et je sais pas être beaucoup plus précis.

Merci quand même

g3n-h@ckm@n · Answer

salut deja des precisions sur "il me nargue" merci

rapirapo · Answer

Bon(jour)soir,

En fait, il se coupe, il est très très très lent, . . . 

Il se coupe et redémarre seul, à 2 ou 3 reprises il s'est bloqué (page noire) et demande de faire ctrl + alt + delete pour se relancer, . . .

Il n'exécute les commandes qu'après un délai très long

Pour le moment, il semble tenir le coup.
Je précise qu'il est impossible de restaurer (restauration incomplète)

Merci à vous

g3n-h@ckm@n · Answer

Attention !!! : Seuls ces liens sont officiels ne pas telecharger l'outil sur d'autres liens !!
Attention !!! : cet outil peut etre détecté à tort comme virus
Attention !!! : cet outil est puissant suivre scrupuleusement les instructions ci-dessous

tous les processus "non vitaux de windows" vont être coupés , enregistre ton travail. Il y aura une extinction du bureau pendant le scan --> pas de panique.

Désactive toutes tes protections si possible , antivirus , sandbox , pare-feux , etc....: https://forum.pcastuces.com/default.asp

telecharge et enregistre Pre_Scan sur ton bureau :

http://services.service-webmaster.fr/cpt-clics/clics-30453-6820.html (renommé winlogon)

ou , si le lien n'est pas fonctionnel :

http://www.security-helpzone.com/Tools/g3n/winlogon.exe (renommé winlogon)

si l'outil est relancé plusieurs fois , il te proposera un menu et qu'aucune option n'est demandée, lance l'option "Scan|Kill"

si l'outil est bloqué par l'infection utilise cette version avec ces autres extensions :

http://www.security-helpzone.com/Tools/g3n/Pre_Scan.scr
http://www.security-helpzone.com/Tools/g3n/Pre_Scan.pif
http://www.security-helpzone.com/Tools/g3n/Pre_Scan.com

si l'outil detecte un proxy et que tu n'en as pas installé clique sur "supprimer le proxy"

Il se peut que des fenêtres noires clignotent , laisse-le travailler.

l'outil va envoyer sur un serveur les virus qu'il a mis en quarantaine afin que je puisse l'ameliorer et etudier ces infections plus en profondeur.

Laisse l'outil redemarrer ton pc.

Poste Pre_Scan_la_date_et_l'heure.txt qui apparaitra à la racine de ton disque système ( généralement C:\ )

NE LE POSTE PAS SUR LE FORUM !!! (il est trop long)

Heberge le rapport sur https://www.cjoint.com/ puis donne le lien obtenu en echange sur le forum où tu te fais aider

g3n-h@ckm@n · Answer

ok :)

rapirapo · Answer

Bonjour,

Cela a pris un temps fou !

J'ai abandonné l'attente car "boulot" oblige (dodo pour les vieux ;-).

Avant le café, je te transmets le rapport :

https://www.cjoint.com/c/CCwgeDvg8Sx

Je suivrai les réponses en fonstion de ma présence à la maison.

Encore merci

g3n-h@ckm@n · Answer

hello le rapport n'est pas complet du tout.....

y'en a que 10%

rapirapo · Answer

bonjour 

Je n'ai que ça mais l'ordi était éteint à mon réveil. 

Tu veux que je refasse un pré scan ? 

Merci

P.S. suis au boulot mais je peux vite passer at home.

g3n-h@ckm@n · Answer

en mode sans echec alors

rapirapo · Answer

R.I.P. . . . . . . .  .

Au matin, il s'est lancé normalement mais était éteint.

Quand je suis allé chez moi, j'ai eu en primeur ce message sur fond noir : "reboot and select proper boot device or insert boot média in selected boot device and press a key"

Il se lance, exécute les 'ordres' puis tourne en boucle : s'éteint et s'allume'

Même en mode sans échec.
J"ai vérifié il n'y a que ce rapport et il a créé un sous dossier pre scan mais j'ai rien trouvé ou alors je suis trop "biesse" (belgicisme) ;-)

Là de nouveau au boulot, nouvel essai dès que possible
Si je sais faire autre chose me le faire savoir

Merci
Bien à toi

g3n-h@ckm@n · Answer

/!\ ATTENTION SUIVRE A LA LETTRE CES INDICATIONS/!\

Desactive tes protections : https://forum.pcastuces.com/default.asp

clique droit sur ce lien : Combofix =>enregistrer la cible sous....=> sur ton bureau => du nom que tu veux

Avant d'utiliser ComboFix : 

Utilise Defogger pour désactiver temporairement les logiciels d'emulation :

&#9654 Télécharge Defogger (de jpshortstuff) sur ton Bureau

&#9654 Lance le : clique sur "Disable" et fais redémarrer l'ordinateur si l'outil te le demande

Note : Quand nous aurons terminé la désinfection, tu pourras réactiver ces logiciels en relançant Defogger et en cliquant sur "Re-enable" 

si tu as XP => double clique
si tu as Vista ou windows 7 => clic droit "executer en tant que...." 

sur combofix renommé 

¤¤¤¤¤¤¤¤¤¤ LAISSE-LE INSTALLER LA CONSOLE DE RECUPERATION S'IL TE LE DEMANDE ¤¤¤¤¤¤¤¤¤¤

&#9654 !!!!!NE TOUCHE A RIEN PENDANT LE TRAVAIL DE COMBOFIX (SOURIS/CLAVIER.....)!!!!!

&#9654 n'oublie pas de reactiver la garde de ton Antivirus et de tes Antispywares, avant de te reconnecter à internet. 

&#9654&#9654 Reviens sur le forum, et copie et colle la totalité du contenu de C:\Combofix.txt dans ton prochain message. 

 
&#9654&#9654&#9654 Si, après le redémarrage de votre pc par combofix, vous avez des erreurs "Clé marquée pour suppression" ou des soucis de connexion internet, redémarrez à nouveau votre ordinateur

rapirapo · Answer

Bonjoue,

vraiment désolé mais .......

J'ai lancé pre scan le 21/03 vers 16.30 hrs et il a scanné jusqu'à plus de 03.00 hrs avant de m'indiquer un un manque de mémoire virtuelle (j'ai cliqué ok) puis il s'est bloqué plus tard avec un message d'erreur "error allocating memory" j'ai cliqué ok.
Il s'est mis sur l'écran noir du 'mode sans échec' je l'ai coupé 2 ou 3 hrs plus tardcar plus rien ne se passait et le ventilateur tournait à plein régime.

J'ai nettoyé celui qui était "plus que crade".

Là, je suis en mode normal, je te poste le rapport pre scan et fais l'autre manipulation

	https://www.cjoint.com/c/CCxiJqjOH9n

rapirapo · Answer

Rere,

 Je poste le rapport combix

ComboFix 13-03-21.02 - Administrateur 23/03/2013   9:05.2.2 - x86
Microsoft Windows XP Professionnel  5.1.2600.3.1252.33.1036.18.511.305 [GMT 1:00]
Lancé depuis: h:\documents and settings\Administrateur\Mes documents\Téléchargements\ComboFix.exe
AV: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}
.
.
((((((((((((((((((((((((((((((((((((   Autres suppressions   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
h:\documents and settings\All Users\Application Data\TEMP
h:\windows\system32\Cache
h:\windows\system32\Cache\272512937d9e61a4.fb
h:\windows\system32\Cache\287204568329e189.fb
h:\windows\system32\Cache\28bc8f716fd76a47.fb
h:\windows\system32\Cache\2c53092c95605355.fb
h:\windows\system32\Cache\31a0997e9a5b5eb3.fb
h:\windows\system32\Cache\32c84fe32bb74d60.fb
h:\windows\system32\Cache\3917078cb68ec657.fb
h:\windows\system32\Cache\590ba23ce359fd0c.fb
h:\windows\system32\Cache\610289e025a3ee9a.fb
h:\windows\system32\Cache\651c5d3cdbfb8bd1.fb
h:\windows\system32\Cache\6c59ac5e7e7a3ad0.fb
h:\windows\system32\Cache\6d03dad1035885d3.fb
h:\windows\system32\Cache\6ea5635fe24f2436.fb
h:\windows\system32\Cache\81dc659d227f33ca.fb
h:\windows\system32\Cache\a8556537add6dfc5.fb
h:\windows\system32\Cache\ad10a52aff5e038d.fb
h:\windows\system32\Cache\c1fa887b03019701.fb
h:\windows\system32\Cache\c4d28dca2e7648be.fb
h:\windows\system32\Cache\d201ef9910cd39de.fb
h:\windows\system32\Cache\d2e94710a5708128.fb
h:\windows\system32\Cache\d79b9dfe81484ec4.fb
h:\windows\system32\Cache\e11df42d52ac7e9f.fb
h:\windows\system32\Cache\f010621f1679f984.fb
h:\windows\system32\Cache\f998975c9cc711ee.fb
h:\windows\system32\URTTemp
h:\windows\system32\URTTempegtlib.exe
.
.
(((((((((((((((((((((((((((((   Fichiers créés du 2013-02-23 au 2013-03-23  ))))))))))))))))))))))))))))))))))))
.
.
2013-03-22 15:44 . 2013-03-23 00:54	--------	d-----w-	H:\Pre_Scan
2013-03-21 16:39 . 2013-03-21 17:11	40776	----a-w-	h:\windows\system32\drivers\mbamswissarmy.sys
2013-03-21 16:24 . 2013-02-12 00:32	12928	-c----w-	h:\windows\system32\dllcache\usb8023.sys
2013-03-21 16:24 . 2013-02-12 00:32	12928	-c----w-	h:\windows\system32\dllcache\usb8023x.sys
2013-03-16 06:30 . 2013-03-16 06:30	4546560	----a-w-	h:\windows\system32\GPhotos.scr
.
.
.
((((((((((((((((((((((((((((((((((   Compte-rendu de Find3M   ))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-03-14 18:29 . 2012-06-23 12:53	693976	----a-w-	h:\windows\system32\FlashPlayerApp.exe
2013-03-14 18:29 . 2011-09-10 06:32	73432	----a-w-	h:\windows\system32\FlashPlayerCPLApp.cpl
2013-02-12 00:32 . 2012-05-20 12:42	12928	------w-	h:\windows\system32\drivers\usb8023x.sys
2013-02-12 00:32 . 2005-12-15 12:00	12928	----a-w-	h:\windows\system32\drivers\usb8023.sys
2013-02-05 19:56 . 2005-12-15 12:00	916480	----a-w-	h:\windows\system32\wininet.dll
2013-02-05 19:56 . 2005-12-15 12:00	43520	------w-	h:\windows\system32\licmgr10.dll
2013-02-05 19:56 . 2005-12-15 12:00	1469440	------w-	h:\windows\system32\inetcpl.cpl
2013-02-05 05:54 . 2005-12-15 12:00	385024	------w-	h:\windows\system32\html.iec
2013-01-26 03:55 . 2005-12-15 12:00	552448	----a-w-	h:\windows\system32\oleaut32.dll
2013-01-08 18:28 . 2012-09-05 06:32	31576	----a-w-	h:\windows\system32\drivers\avgtpx86.sys
2013-01-07 07:24 . 2005-12-15 12:00	2150912	----a-w-	h:\windows\system32
toskrnl.exe
2013-01-07 07:24 . 2005-12-05 13:18	2029568	----a-w-	h:\windows\system32
tkrnlpa.exe
2013-01-04 10:09 . 2005-12-15 12:00	1867392	----a-w-	h:\windows\system32\win32k.sys
2013-01-02 06:49 . 2005-12-15 12:00	148992	----a-w-	h:\windows\system32\mpg2splt.ax
2013-01-02 06:49 . 2005-12-15 12:00	1298432	----a-w-	h:\windows\system32\quartz.dll
2012-12-29 14:25 . 2012-12-29 14:25	294912	----a-w-	h:\windows\HideWin.exe
2013-01-16 20:10 . 2013-01-25 13:47	262552	----a-w-	h:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((   Points de chargement Reg   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés 
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"TaskSwitchXP"="h:\program files\TaskSwitchXP\TaskSwitchXP.exe" [2005-08-24 61952]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools-1033"="h:\program files\D-Tools\daemon.exe" [2004-08-22 81920]
"NvCplDaemon"="h:\windows\system32\NvCpl.dll" [2009-03-27 13684736]
"nwiz"="nwiz.exe" [2009-03-27 1657376]
"NvMediaCenter"="h:\windows\system32\NvMcTray.dll" [2009-03-27 86016]
"SoundMan"="SOUNDMAN.EXE" [2005-04-06 90112]
"AlcWzrd"="ALCWZRD.EXE" [2005-04-06 2805248]
"HP Software Update"="h:\program files\HP\HP Software Update\HPWuSchd2.exe" [2011-01-12 49208]
"AVG_TRAY"="h:\program files\AVG\AVG2012\avgtray.exe" [2012-11-19 2598520]
"Adobe ARM"="h:\program files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe" [2012-12-18 946352]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="h:\windows\system32\CTFMON.EXE" [2008-04-13 15360]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"nlsf"="move" [X]
"nlhr"="h:\windows\System32\AdvPack.Dll" [2009-03-08 128512]
"tscuninstall"="h:\windows\system32	scupgrd.exe" [2005-12-15 44544]
.
h:\documents and settings\Papa\Menu Démarrer\Programmes\Démarrage\
LimeWire On Startup.lnk - c:\program files\LimeWire\LimeWire.exe [N/A]
.
h:\documents and settings\Administrateur\Menu Démarrer\Programmes\Démarrage\
Alertes de surveillance de l'encre - .lnk - h:\windows\system32\RunDll32.exe [2005-12-15 33792]
Alertes de surveillance de l'encre - HP Deskjet 3070 B611 series.lnk - h:\windows\system32\RunDll32.exe [2005-12-15 33792]
.
h:\documents and settings\All Users\Menu Démarrer\Programmes\Démarrage\
TClock.lnk - h:\program files\Accessoires\Outils système\TClock	clock.exe [2010-8-14 44544]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"UIHost"=hex(2):58,50,69,7a,65,5f,4c,6f,67,6f,6e,2e,65,78,65,00
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute	REG_MULTI_SZ   	autocheck autochk *\0h:\progra~1\AVG\AVG2012\avgrsx.exe /sync /restart
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe"=
"h:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"=
"h:\Program Files\Windows Live\Messenger\wlcsdk.exe"=
"h:\Program Files\Windows Live\Messenger\msnmsgr.exe"=
"h:\Program Files\AVG\AVG2012\avgmfapx.exe"=
"%windir%\Network Diagnostic\xpnetdiag.exe"=
"h:\Program Files\AVG\AVG2012\avgnsx.exe"=
"h:\Program Files\AVG\AVG2012\avgdiagex.exe"=
"h:\Program Files\AVG\AVG2012\avgemcx.exe"=
.
R0 AVGIDSHX;AVGIDSHX;h:\windows\system32\drivers\avgidshx.sys [19/04/2012 03:50 24896]
R0 Avgrkx86;AVG Anti-Rootkit Driver;h:\windows\system32\drivers\avgrkx86.sys [13/09/2011 05:30 31952]
R0 d347bus;d347bus;h:\windows\system32\drivers\d347bus.sys [16/09/2010 08:35 155136]
R0 d347prt;d347prt;h:\windows\system32\drivers\d347prt.sys [16/09/2010 08:35 5248]
R0 sptd;sptd;h:\windows\system32\drivers\sptd.sys [16/09/2010 07:35 721904]
R1 Avgldx86;AVG AVI Loader Driver;h:\windows\system32\drivers\avgldx86.sys [07/10/2011 05:23 250080]
R1 Avgtdix;AVG TDI Driver;h:\windows\system32\drivers\avgtdix.sys [11/07/2011 00:14 301920]
R1 avgtp;avgtp;h:\windows\system32\drivers\avgtpx86.sys [05/09/2012 07:32 31576]
R2 AVGIDSAgent;AVGIDSAgent;h:\program files\AVG\AVG2012\avgidsagent.exe [02/11/2012 03:51 5174392]
R2 avgwd;AVG WatchDog;h:\program files\AVG\AVG2012\avgwdsvc.exe [14/02/2012 03:53 193288]
R3 AVGIDSDriver;AVGIDSDriver;h:\windows\system32\drivers\avgidsdriverx.sys [23/12/2011 12:32 142176]
R3 AVGIDSFilter;AVGIDSFilter;h:\windows\system32\drivers\avgidsfilterx.sys [23/12/2011 12:32 24144]
R3 AVGIDSShim;AVGIDSShim;h:\windows\system32\drivers\avgidsshimx.sys [23/12/2011 12:32 17232]
S2 vToolbarUpdater14.0.1;vToolbarUpdater14.0.1;h:\program files\Fichiers communs\AVG Secure Search\vToolbarUpdater\14.0.1\ToolbarUpdater.exe --> h:\program files\Fichiers communs\AVG Secure Search\vToolbarUpdater\14.0.1\ToolbarUpdater.exe [?]
S3 epmntdrv;epmntdrv;h:\windows\system32\epmntdrv.sys [16/09/2010 10:14 13192]
S3 EuGdiDrv;EuGdiDrv;h:\windows\system32\EuGdiDrv.sys [16/09/2010 10:14 8456]
S3 maconfservice;Ma-Config Service;h:\program files\ma-config.com\maconfservice.exe [12/09/2010 14:30 251248]
S3 MBAMSwissArmy;MBAMSwissArmy;h:\windows\system32\drivers\mbamswissarmy.sys [21/03/2013 17:39 40776]
.
Contenu du dossier 'Tâches planifiées'
.
2013-03-23 h:\windows\Tasks\Adobe Flash Player Updater.job
- h:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-23 18:29]
.
.
------- Examen supplémentaire -------
.
uDefault_search_url = hxxp://www.google.com/ie
uStart page = hxxp://www.google.com/
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - h:\windows\system32\GPhotos.scr/200
IE: E&xporter vers Microsoft Excel - h:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.2.1
FF - ProfilePath - h:\documents and settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\vhqa4q4j.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.be/
FF - prefs.js: network.proxy.type - 4
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2013-03-23 09:42
Windows 5.1.2600 Service Pack 3 NTFS
.
Recherche de processus cachés ... 
.
Recherche d'éléments en démarrage automatique cachés ... 
.
Recherche de fichiers cachés ... 
.
Scan terminé avec succès
Fichiers cachés: 0
.
**************************************************************************
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------
.
[HKEY_USERS\S-1-5-21-1715567821-1390067357-839522115-500\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (Administrator)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
   d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,d4,29,2f,62,4e,7d,41,4b,a1,2c,dc,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
   d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,70,e1,f9,03,77,44,a0,4f,8a,ba,d9,\
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@h:\WINDOWS\system32\Macromed\Flash\FlashUtil32_11_6_602_180_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="h:\WINDOWS\system32\Macromed\Flash\FlashUtil32_11_6_602_180_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
Heure de fin: 2013-03-23  09:45:30
ComboFix-quarantined-files.txt  2013-03-23 08:45
ComboFix2.txt  2012-06-17 13:19
.
Avant-CF: 73 589 604 352 octets libres
Après-CF: 73 641 512 960 octets libres
.
- - End Of File - - D6B3099B983701F08B58F4CAAE848F77

Je mets aussi sur ci=joint au cas où il passe pas sur le forum

https://www.cjoint.com/c/CCxjYUL4TuS  

A tantôt

g3n-h@ckm@n · Answer

re 

relance pre_scan , clique sur diag , heberge le rapport pre_diag et donne le lien  
  
¤¤¤¤¤¤¤¤¤¤_Pre_Scan_Concept_¤¤¤¤¤¤¤¤¤¤

rapirapo · Answer

Rere,  

quand je lance pre scan je n'ai plus rien à l'écran sauf son travail.  

je fais diag après ?  

Merci 

oups j'ai rien dit ;-))))))))) et c'est parti

rapirapo · Answer

Rerererererererererererererererere

celui là il a de la gueule ;!!!!!!!!!!!! (longueur)

Comment on s'y retrouve là dedans ?  beurkkkkkkkkkkkkkkkk


https://www.cjoint.com/c/CCxmsvOsEoB 

merci et bien à toi

g3n-h@ckm@n · Answer

pourquoi ton windows n'est-il pas une version legale ?

rapirapo · Answer

Je l'avais déjà signalé sur CCM. 
J'ai acheté l'ordinateur nouveau. 

Puis je l'ai mis une fois en réparation et il m'est revenu comme cela ! ! ! 
Il y a plusieurs années !!!!!!!!!!!!!!!!!!!!!!!
:-(

g3n-h@ckm@n · Answer

ben dis donc !!! sympa le reparateur !!!!

pour info :

https://www.commentcamarche.net/faq/2981-j-utilise-une-version-piratee-de-windows

je regarde ton rapport plus en detail....

g3n-h@ckm@n · Answer

bien !

desinstalle tout Java

===========

desinstalle tout ce qui contient le mot "Toolbar" , ca relentit tes navigateurs et t'affilie à des services de publicité ciblée 
 
===========

ne telecharge plus sur les sites Softonic , 01net , telechargergratuit.com , telecharger.com , ils mettent des barres d'outils pourries et des adwares dans les installeurs de programmes

==========

selectionne ce texte , puis CTRL + C :

Kill::

search::
spax.sys 

RegRead::
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ControlPanel\NameSpace\{18646F66-8C25-0000-BEE4-C2CE1298969D}] 

Key::
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{86BCE89F-9FD5-46BE-88D1-9AB111C3618B}]
[HKLM\Software\mozilla\Firefox\Extensions]|[ocr@babylon.com] 
[HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8AD9C840-044E-11D1-B3E9-00805F499D93}]
[HKCR\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}]
[HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}]
[HKCR\CLSID\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}]     
[HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}]
[HKCR\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}]
[HKU\S-1-5-21-1715567821-1390067357-839522115-500\Software\YahooPartnerToolbar]     
[HKLM\System\CurrentControlSet\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]|[1900:UDP] 
[HKLM\System\CurrentControlSet\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]|[2869:TCP]
[HKCR\Installer\Products\4EA42A62D9304AC4784BF238120653FF]

File|Fold::
H:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\vhqa4q4j.default\searchplugins\flv-runner-customized-web-search.xml 
H:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} 
H:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} 
H:\WINDOWS\$Tmp 
H:\Documents and Settings\Administrateur\Bureau\SoftonicDownloader73110.exe 
H:\Documents and Settings\Papa\Local Settings\Application Data\prvlcl.dat 
H:\Documents and Settings\Pioupiou\Local Settings\Application Data\d3d9caps.tmp 
H:\Documents and Settings\Pioupiou\Local Settings\Application Data\prvlcl.dat 
H:\Documents and Settings\Maman\Local Settings\Application Data\prvlcl.dat 
H:\Program Files\McAfee Security Scan     

Driver::
98845316
VTOOLBARUPDATER14.0.1

Clean::

MBR::

Reboot::       

Relance Pre_scan puis choisis l'option "Script"

une page va s'ouvrir

logiquement le texte que tu as sélectionné s'y trouve déjà , donc tu fermes et le programme va travailler.

sinon colle-le (clic droit/coller ou ctrl+V) dans la page vierge.

puis onglet fichier => enregistrer (pas enregistrer sous...) , puis ferme le texte

des fenetres noires risquent de clignoter , c'est normal , c'est le programme qui travaille 

poste Pre_Script.txt qui apparaitra sur le bureau en fin de travail

rapirapo · Answer

REEEEEEEEEEEEEEEEEEEEEEEEEEE désolé pour le retard mais j'ai fait la sieste, je travaille cette nuit, il neige, il gèle, . . . parfait. Il a redémarré seul : normal ? Voilà le rapport ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Pre_Script | 3.0321 ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Administrateur : Microsoft Windows XP (32 bits) Switchs : https://gen-hackman.kanak.fr/ New restorepoint created Script : 16:38:33 ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ ¤¤¤¤¤¤¤¤¤¤ | Stopped Processes (672) -- avgrsx.exe (708) -- avgcsrvx.exe (1828) -- spoolsv.exe (2028) -- WgaTray.exe (348) -- avgwdsvc.exe (580) -- nvsvc32.exe (844) -- SeaPort.exe (1332) -- daemon.exe (1424) -- SOUNDMAN.EXE (1464) -- ALCWZRD.EXE (1508) -- hpwuschd2.exe (1652) -- avgtray.exe (600) -- avgidsagent.exe (1972) -- TaskSwitchXP.exe (2084) -- ctfmon.exe (2116) -- avgnsx.exe (2160) -- tclock.exe (3632) -- wscntfy.exe (3728) -- alg.exe (460) -- wuauclt.exe (4072) -- explorer.exe (1460) -- firefox.exe (1064) -- msiexec.exe ¤¤¤¤¤¤¤¤¤¤ | File search ¤¤¤¤¤¤¤¤¤¤ | RegRead : [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ControlPanel\NameSpace\{18646F66-8C25-0000-BEE4-C2CE1298969D}]|[Default] : Win 2K Style User Accounts ¤¤¤¤¤¤¤¤¤¤ | Deletion | Drivers | Services Service : 98845316 Not actif Service : VTOOLBARUPDATER14.0.1 Not actif Deleted : [HKLM\..\ControlSet001\..\Root\LEGACY_98845316] Deleted : [HKLM\..\ControlSet003\..\Root\LEGACY_98845316] Deleted : [HKLM\..\ControlSet001\..\Root\LEGACY_VTOOLBARUPDATER14.0.1] Deleted : [HKLM\..\ControlSet003\Services\VTOOLBARUPDATER14.0.1] Deleted : [HKLM\..\ControlSet003\..\Root\LEGACY_VTOOLBARUPDATER14.0.1] ¤ ¤¤¤¤¤¤¤¤¤¤ | Registry Deletions Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{86BCE89F-9FD5-46BE-88D1-9AB111C3618B} Value Deleted : [HKLM\Software\mozilla\Firefox\Extensions]:ocr@babylon.com Key Deleted : HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8AD9C840-044E-11D1-B3E9-00805F499D93} Key Deleted : HKCR\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93} Key Deleted : HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} Key Deleted : HKCR\CLSID\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} Key Deleted : HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} Key Deleted : HKCR\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} Key Deleted : HKU\S-1-5-21-1715567821-1390067357-839522115-500\Software\YahooPartnerToolbar Value Deleted : [HKLM\System\CurrentControlSet\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]:1900:UDP Value Deleted : [HKLM\System\CurrentControlSet\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]:2869:TCP Key Deleted : HKCR\Installer\Products\4EA42A62D9304AC4784BF238120653FF ¤ File Moved to quarantine successfully : |A| - H:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\vhqa4q4j.default\searchplugins\flv-runner-customized-web-search.xml Folder Moved to quarantine successfully : |D| - H:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} H:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} : Not Found ! File Moved to quarantine successfully : |A| - H:\WINDOWS\$Tmp File Moved to quarantine successfully : |A| - H:\Documents and Settings\Administrateur\Bureau\SoftonicDownloader73110.exe File Moved to quarantine successfully : |AC| - H:\Documents and Settings\Papa\Local Settings\Application Data\prvlcl.dat File Moved to quarantine successfully : |AC| - H:\Documents and Settings\Pioupiou\Local Settings\Application Data\d3d9caps.tmp File Moved to quarantine successfully : |AC| - H:\Documents and Settings\Pioupiou\Local Settings\Application Data\prvlcl.dat File Moved to quarantine successfully : |AC| - H:\Documents and Settings\Maman\Local Settings\Application Data\prvlcl.dat Folder Moved to quarantine successfully : |D| - H:\Program Files\McAfee Security Scan ¤¤¤¤¤¤¤¤¤¤ | MBR Windows Version: Windows XP Professional Windows Information: Service Pack 3 (build 2600) Logical Drives Mask: 0x00001fd0 Analysis of file "H:\Pre_Scan\MBR.bin": Windows XP MBR code detected Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net Windows 5.1.2600 Disk: WDC_WD3202ABYS-02B7A0 rev.02.03B03 -> Harddisk0\DR0 -> \Device\Ide\IdeDeviceP1T0L0-e device: opened successfully user: MBR read successfully Disk trace: called modules: ntkrnlpa.exe catchme.sys CLASSPNP.SYS disk.sys >>UNKNOWN [0x829CAF00]<< H:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\catchme.sys _asm { JMP 0x4; } 1 ntkrnlpa!IofCallDriver[0x804EF1F0] -> \Device\Harddisk0\DR0[0x82DE4AB8] 3 CLASSPNP[0xF8585FD7] -> ntkrnlpa!IofCallDriver[0x804EF1F0] -> \Device\Ide\IdeDeviceP1T0L0-e[0x82D30D98] \Driver\atapi[0x82DCB6C0] -> IRP_MJ_CREATE -> 0x829CAF00 kernel: MBR read successfully _asm { XOR AX, AX; MOV SS, AX; MOV SP, 0x7c00; STI ; PUSH AX; POP ES; PUSH AX; POP DS; CLD ; MOV SI, 0x7c1b; MOV DI, 0x61b; PUSH AX; PUSH DI; MOV CX, 0x1e5; REP MOVSB ; RETF ; MOV BP, 0x7be; MOV CL, 0x4; CMP [BP+0x0], CH; JL 0x2e; JNZ 0x3a; } detected disk devices: detected hooks: \Driver\atapi -> 0x829caf00 user & kernel MBR OK Warning: possible MBR rootkit infection ! ¤ ¤¤¤¤¤¤¤¤¤¤ | Disk cleaning Disk cleaned ¤ End : 16:42:28 ¤¤¤¤¤¤¤¤¤¤ ( EOF ) ¤¤¤¤¤¤¤¤¤¤ S'il le faut, je sais l'heberger maintenant ;-))))))) Merciiiiiiiiiiiiiiiiiiiiiiiiiiiiii

rapirapo · Answer

Je pars au boulot jusque minimum 05.00 Hrs.
J'exécute mes devoirs ;-) dès que possible

merci pour tout

g3n-h@ckm@n · Answer

Il a redémarré seul : normal ? 

oui ^^

=========

Télécharge et enregistre Malwarebytes Anti Rootkit en cliquant sur ce lien   sur ton Bureau : 

https://data-cdn.mbamupdates.com/web/mbar-1.10.3.1001.exe 

* Décompresse le fichier mbar xxxxx.zip sur ton bureau (clic droit sur mbarxxx.zip et choisir decompresser ici)  
*Lance le en double-cliquant sur le fichier mbar.exe.  (dans le repertoire mbar) 
  

/!\ Important: Sous Vista et Windows 7, il faut lancer le fichier par  clic-droit -> Exécuter en tant qu'administrateur 


*  Dans la fêntre suivante, clique sur "Next" 

* Clique sur l'option de mise à jour "Update"  

* Patientez pendant la mise à jour, puis cliquez sur "Next" 

* Si cela n'est pas déjà fait, sélectionne "[bles 3 cases (drivers, Sectors, System)". 

* Patienter 


* Une fois le scan terminé, une fenêtre s'ouvre, clic sur OK. Deux possibilités s'offrent à toi : 

==> Si le programme n'a rien trouvé, clique sur Exit.  

==> Si des infections sont présentes ton PC redemarrera plusieurs fois 


2 Rapports sont générés et sont enregistrés dans le repertoire d'ou tu as lancé Mbar.exe en général le Bureau. 

==> system-log.txt 
==> mbar-log-la date-(*****).txt 

* poste les 2 rapports dans ta prochaine réponse en fichiers joints.

rapirapo · Answer

re, no malware found Voici les rapports Malwarebytes Anti-Rootkit BETA 1.01.0.1021 www.malwarebytes.org Database version: v2013.03.24.03 Windows XP Service Pack 3 x86 NTFS Internet Explorer 8.0.6001.18702 Administrateur :: IND_PC [administrator] 24/03/2013 11:53:27 mbar-log-2013-03-24 (11-53-27).txt Scan type: Quick scan Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P Scan options disabled: Objects scanned: 26615 Time elapsed: 13 minute(s), 30 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 0 (No malicious items detected) (end) --------------------------------------- Malwarebytes Anti-Rootkit BETA 1.01.0.1021 (c) Malwarebytes Corporation 2011-2012 OS version: 5.1.2600 Windows XP Service Pack 3 x86 Account is Administrative Internet Explorer version: 8.0.6001.18702 File system is: NTFS Disk drives: H:\ DRIVE_FIXED, M:\ DRIVE_FIXED CPU speed: 3.201000 GHz Memory total: 536129536, free: 78479360 Bien à toi ------------ Kernel report ------------ 03/24/2013 11:39:16 ------------ Loaded modules ----------- \WINDOWS\system32 tkrnlpa.exe \WINDOWS\system32\hal.dll \WINDOWS\system32\KDCOM.DLL \WINDOWS\system32\BOOTVID.dll spkn.sys \WINDOWS\System32\Drivers\WMILIB.SYS \WINDOWS\System32\Drivers\SCSIPORT.SYS d347bus.sys ACPI.sys pci.sys ohci1394.sys \WINDOWS\system32\DRIVERS\1394BUS.SYS isapnp.sys pciide.sys \WINDOWS\system32\DRIVERS\PCIIDEX.SYS MountMgr.sys ftdisk.sys dmload.sys dmio.sys PartMgr.sys VolSnap.sys d347prt.sys disk.sys \WINDOWS\system32\DRIVERS\CLASSPNP.SYS fltmgr.sys sr.sys KSecDD.sys Ntfs.sys NDIS.sys Mup.sys avgrkx86.sys avgidshx.sys \SystemRoot\system32\DRIVERS\intelppm.sys \SystemRoot\system32\DRIVERS v4_mini.sys \SystemRoot\system32\DRIVERS\VIDEOPRT.SYS \SystemRoot\system32\DRIVERS\HDAudBus.sys \SystemRoot\system32\DRIVERS\usbuhci.sys \SystemRoot\system32\DRIVERS\USBPORT.SYS \SystemRoot\system32\DRIVERS\usbehci.sys \SystemRoot\system32\DRIVERS\Rtnicxp.sys \SystemRoot\system32\DRIVERS\parport.sys \SystemRoot\system32\DRIVERS\imapi.sys \SystemRoot\system32\DRIVERS\cdrom.sys \SystemRoot\system32\DRIVERS edbook.sys \SystemRoot\system32\DRIVERS\ks.sys \SystemRoot\system32\DRIVERS\audstub.sys \SystemRoot\system32\DRIVERS asl2tp.sys \SystemRoot\system32\DRIVERS distapi.sys \SystemRoot\system32\DRIVERS diswan.sys \SystemRoot\system32\DRIVERS aspppoe.sys \SystemRoot\system32\DRIVERS aspptp.sys \SystemRoot\system32\DRIVERS\TDI.SYS \SystemRoot\system32\DRIVERS\psched.sys \SystemRoot\system32\DRIVERS\msgpc.sys \SystemRoot\system32\DRIVERS\ptilink.sys \SystemRoot\system32\DRIVERS aspti.sys \SystemRoot\system32\DRIVERS dpdr.sys \SystemRoot\system32\DRIVERS ermdd.sys \SystemRoot\system32\DRIVERS\kbdclass.sys \SystemRoot\system32\DRIVERS\mouclass.sys \SystemRoot\system32\DRIVERS\swenum.sys \SystemRoot\system32\DRIVERS\update.sys \SystemRoot\system32\DRIVERS\mssmbios.sys \SystemRoot\System32\Drivers\NDProxy.SYS \SystemRoot\system32\drivers\RtkHDAud.sys \SystemRoot\system32\drivers\portcls.sys \SystemRoot\system32\drivers\drmk.sys \SystemRoot\system32\DRIVERS\usbhub.sys \SystemRoot\system32\DRIVERS\USBD.SYS \SystemRoot\system32\DRIVERS\avgmfx86.sys \SystemRoot\System32\Drivers\Fs_Rec.SYS \SystemRoot\System32\Drivers\Null.SYS \SystemRoot\System32\Drivers\Beep.SYS \??\H:\WINDOWS\system32\drivers\avgtpx86.sys \SystemRoot\system32\DRIVERS\HIDPARSE.SYS \SystemRoot\System32\drivers\vga.sys \SystemRoot\System32\Drivers\mnmdd.SYS \SystemRoot\System32\DRIVERS\RDPCDD.sys \SystemRoot\System32\Drivers\Msfs.SYS \SystemRoot\System32\Drivers\Npfs.SYS \SystemRoot\system32\DRIVERS asacd.sys \SystemRoot\system32\DRIVERS\ipsec.sys \SystemRoot\system32\DRIVERS cpip.sys \SystemRoot\system32\DRIVERS\avgtdix.sys \SystemRoot\system32\DRIVERS\ipnat.sys \SystemRoot\system32\DRIVERS\wanarp.sys \SystemRoot\system32\DRIVERS etbt.sys \SystemRoot\System32\drivers\ws2ifsl.sys \SystemRoot\System32\drivers\afd.sys \SystemRoot\system32\DRIVERS etbios.sys \SystemRoot\system32\DRIVERS dbss.sys \SystemRoot\system32\DRIVERS\mrxsmb.sys \SystemRoot\System32\Drivers\Fips.SYS \SystemRoot\system32\DRIVERS\avgldx86.sys \SystemRoot\system32\DRIVERS\usbccgp.sys \SystemRoot\system32\DRIVERS\hidusb.sys \SystemRoot\system32\DRIVERS\HIDCLASS.SYS \SystemRoot\system32\DRIVERS\kbdhid.sys \SystemRoot\system32\DRIVERS\mouhid.sys \SystemRoot\system32\DRIVERS\USBSTOR.SYS \SystemRoot\System32\Drivers\Cdfs.SYS \SystemRoot\System32\Drivers\dump_atapi.sys \SystemRoot\System32\Drivers\dump_WMILIB.SYS \SystemRoot\System32\win32k.sys \SystemRoot\System32\drivers\Dxapi.sys \SystemRoot\System32\watchdog.sys \SystemRoot\System32\drivers\dxg.sys \SystemRoot\System32\drivers\dxgthk.sys \SystemRoot\System32 v4_disp.dll \SystemRoot\System32\ATMFD.DLL \SystemRoot\system32\DRIVERS disuio.sys \SystemRoot\system32\drivers\wdmaud.sys \SystemRoot\system32\drivers\sysaudio.sys \SystemRoot\system32\DRIVERS\mrxdav.sys \SystemRoot\System32\Drivers\ParVdm.SYS \SystemRoot\System32\Drivers\StarOpen.SYS \SystemRoot\system32\DRIVERS\avgidsshimx.sys \SystemRoot\system32\DRIVERS\srv.sys \SystemRoot\system32\DRIVERS\secdrv.sys \SystemRoot\system32\DRIVERS\avgidsfilterx.sys \SystemRoot\system32\DRIVERS\avgidsdriverx.sys \SystemRoot\System32\Drivers\HTTP.sys \SystemRoot\system32\drivers\kmixer.sys \??\H:\WINDOWS\system32\drivers\mbamchameleon.sys \??\H:\WINDOWS\system32\drivers\mbamswissarmy.sys \WINDOWS\system32 tdll.dll ----------- End ----------- <<<1>>> Upper Device Name: \Device\Harddisk4\DR6 Upper Device Object: 0xffffffff82a15ab8 Upper Device Driver Name: \Driver\Disk\ Lower Device Name: \Device\00000080\ Lower Device Object: 0xffffffff82b3c8f0 Lower Device Driver Name: \Driver\usbstor\ Driver name found: usbstor Initialization returned 0x0 Load Function returned 0x0 <<<1>>> Upper Device Name: \Device\Harddisk3\DR5 Upper Device Object: 0xffffffff82a12ab8 Upper Device Driver Name: \Driver\Disk\ Lower Device Name: \Device\0000007f\ Lower Device Object: 0xffffffff82a1c498 Lower Device Driver Name: \Driver\usbstor\ Driver name found: usbstor <<<1>>> Upper Device Name: \Device\Harddisk2\DR4 Upper Device Object: 0xffffffff82b7c310 Upper Device Driver Name: \Driver\Disk\ Lower Device Name: \Device\0000007e\ Lower Device Object: 0xffffffff829be030 Lower Device Driver Name: \Driver\usbstor\ Driver name found: usbstor <<<1>>> Upper Device Name: \Device\Harddisk1\DR3 Upper Device Object: 0xffffffff829ee668 Upper Device Driver Name: \Driver\Disk\ Lower Device Name: \Device\0000007d\ Lower Device Object: 0xffffffff829c8228 Lower Device Driver Name: \Driver\usbstor\ Driver name found: usbstor <<<1>>> Upper Device Name: \Device\Harddisk0\DR0 Upper Device Object: 0xffffffff82cd8ab8 Upper Device Driver Name: \Driver\Disk\ Lower Device Name: \Device\Ide\IdeDeviceP1T0L0-e\ Lower Device Object: 0xffffffff82cd7d98 Lower Device Driver Name: \Driver\atapi\ Driver name found: atapi Load Function returned 0xc0000001 Downloaded database version: v2013.03.24.03 Initializing... Done! <<<2>>> Device number: 0, partition: 1 Physical Sector Size: 512 Drive: 0, DevicePointer: 0xffffffff82cd8ab8, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\ --------- Disk Stack ------ DevicePointer: 0xffffffff82cd8890, DeviceName: Unknown, DriverName: \Driver\PartMgr\ DevicePointer: 0xffffffff82cd8ab8, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\ DevicePointer: 0xffffffff82cd7d98, DeviceName: \Device\Ide\IdeDeviceP1T0L0-e\, DriverName: \Driver\atapi\ ------------ End ---------- Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\ Upper DeviceData: 0x0, 0x0, 0x0 Lower DeviceData: 0x0, 0x0, 0x0 <<<3>>> Volume: H: File system type: NTFS SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes Scanning directory: H:\WINDOWS\system32\drivers... <<<2>>> Device number: 0, partition: 1 <<<3>>> Volume: H: File system type: NTFS SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes Read File: File "H:\WINDOWS\system32\drivers\gm.dls" is compressed (flags = 1) Read File: File "H:\WINDOWS\system32\drivers\gmreadme.txt" is compressed (flags = 1) File user open failed: H:\WINDOWS\system32\drivers\sptd.sys (0x00000020) Read File: File "H:\WINDOWS\system32\drivers\CamF0111.bin" is compressed (flags = 1) Read File: File "H:\WINDOWS\system32\drivers\CamF0121.bin" is compressed (flags = 1) Read File: File "H:\WINDOWS\system32\drivers\CamF2111.bin" is compressed (flags = 1) Read File: File "H:\WINDOWS\system32\drivers\CamF3111.bin" is compressed (flags = 1) Read File: File "H:\WINDOWS\system32\drivers\CamH0111.bin" is compressed (flags = 1) Read File: File "H:\WINDOWS\system32\drivers\CamH2111.bin" is compressed (flags = 1) Read File: File "H:\WINDOWS\system32\drivers\CamH3111.bin" is compressed (flags = 1) Done! Drive 0 Scanning MBR on drive 0... Inspecting partition table: MBR Signature: 55AA Disk Signature: C95BC95B Partition information: Partition 0 type is Primary (0x7) Partition is ACTIVE. Partition starts at LBA: 63 Numsec = 204709617 Partition file system is NTFS Partition is bootable Partition 1 type is Extended with LBA (0xf) Partition is NOT ACTIVE. Partition starts at LBA: 204709680 Numsec = 420426720 Partition 2 type is Empty (0x0) Partition is NOT ACTIVE. Partition starts at LBA: 0 Numsec = 0 Partition 3 type is Empty (0x0) Partition is NOT ACTIVE. Partition starts at LBA: 0 Numsec = 0 Disk Size: 320072933376 bytes Sector size: 512 bytes Scanning physical sectors of unpartitioned space on drive 0 (1-62-625122448-625142448)... Physical Sector Size: 0 Drive: 1, DevicePointer: 0xffffffff829ee668, DeviceName: \Device\Harddisk1\DR3\, DriverName: \Driver\Disk\ --------- Disk Stack ------ DevicePointer: 0xffffffff829e56b8, DeviceName: Unknown, DriverName: \Driver\PartMgr\ DevicePointer: 0xffffffff829ee668, DeviceName: \Device\Harddisk1\DR3\, DriverName: \Driver\Disk\ DevicePointer: 0xffffffff829c8228, DeviceName: \Device\0000007d\, DriverName: \Driver\usbstor\ ------------ End ---------- Physical Sector Size: 0 Drive: 2, DevicePointer: 0xffffffff82b7c310, DeviceName: \Device\Harddisk2\DR4\, DriverName: \Driver\Disk\ --------- Disk Stack ------ DevicePointer: 0xffffffff829f4850, DeviceName: Unknown, DriverName: \Driver\PartMgr\ DevicePointer: 0xffffffff82b7c310, DeviceName: \Device\Harddisk2\DR4\, DriverName: \Driver\Disk\ DevicePointer: 0xffffffff829be030, DeviceName: \Device\0000007e\, DriverName: \Driver\usbstor\ ------------ End ---------- Physical Sector Size: 0 Drive: 3, DevicePointer: 0xffffffff82a12ab8, DeviceName: \Device\Harddisk3\DR5\, DriverName: \Driver\Disk\ --------- Disk Stack ------ DevicePointer: 0xffffffff829d0290, DeviceName: Unknown, DriverName: \Driver\PartMgr\ DevicePointer: 0xffffffff82a12ab8, DeviceName: \Device\Harddisk3\DR5\, DriverName: \Driver\Disk\ DevicePointer: 0xffffffff82a1c498, DeviceName: \Device\0000007f\, DriverName: \Driver\usbstor\ ------------ End ---------- Physical Sector Size: 0 Drive: 4, DevicePointer: 0xffffffff82a15ab8, DeviceName: \Device\Harddisk4\DR6\, DriverName: \Driver\Disk\ --------- Disk Stack ------ DevicePointer: 0xffffffff829d1c78, DeviceName: Unknown, DriverName: \Driver\PartMgr\ DevicePointer: 0xffffffff82a15ab8, DeviceName: \Device\Harddisk4\DR6\, DriverName: \Driver\Disk\ DevicePointer: 0xffffffff82b3c8f0, DeviceName: \Device\00000080\, DriverName: \Driver\usbstor\ ------------ End ---------- Done! Performing system, memory and registry scan... Read File: File "h:\Documents and Settings\Administrateur\Application Data\Microsoft\Internet Explorer\brndlog.bak" is compressed (flags = 1) Read File: File "h:\Documents and Settings\Administrateur\Application Data\Microsoft\Media Player\001403D7.wpl" is compressed (flags = 1) Read File: File "h:\Documents and Settings\Administrateur\Application Data\Microsoft\Office\CLView12.pip" is compressed (flags = 1) Read File: File "h:\Documents and Settings\Administrateur\Application Data\Microsoft\Protect\CREDHIST" is compressed (flags = 1) Read File: File "h:\Documents and Settings\Administrateur\Application Data\Microsoft\UProof\ExcludeDictionaryEN0809.lex" is compressed (flags = 1) Read File: File "h:\Documents and Settings\Administrateur\Application Data\Microsoft\UProof\ExcludeDictionaryFR080c.lex" is compressed (flags = 1) Read File: File "h:\Documents and Settings\Administrateur\Application Data\Microsoft\UProof\ExcludeDictionaryGE0407.lex" is compressed (flags = 1) Read File: File "h:\Documents and Settings\Administrateur\Application Data\Microsoft\UProof\ExcludeDictionaryNL0413.lex" is compressed (flags = 1) Read File: File "h:\Documents and Settings\All Users\Application Data\Ament.ini" is compressed (flags = 1) Read File: File "h:\Documents and Settings\All Users\Application Data\AVG2012\log\avgual.2013-03-23.log" is compressed (flags = 1) Read File: File "h:\Documents and Settings\All Users\Application Data\Common Files\62A20411-1D0D-FAB8-E87E-EB93EE2B1344" is compressed (flags = 1) Read File: File "h:\Documents and Settings\All Users\Application Data\ma-config.com\Logs\activex.txt" is compressed (flags = 1) Read File: File "h:\Documents and Settings\All Users\Application Data\Microsoft Help\Hx.hxn" is compressed (flags = 1) Read File: File "h:\Documents and Settings\All Users\Application Data\Microsoft Help\Hx_1036_MValidator.Lck" is compressed (flags = 1) Read File: File "h:\Documents and Settings\All Users\Application Data\Microsoft Help\MS.EXCEL.12.1036.hxn" is compressed (flags = 1) Read File: File "h:\Documents and Settings\All Users\Application Data\Microsoft Help\MS.EXCEL.12.1036_1036_MValidator.Lck" is compressed (flags = 1) Read File: File "h:\Documents and Settings\All Users\Application Data\Microsoft Help\MS.GRAPH.12.1036.hxn" is compressed (flags = 1) Read File: File "h:\Documents and Settings\All Users\Application Data\Microsoft Help\MS.INFOPATH.12.1036.hxn" is compressed (flags = 1) Read File: File "h:\Documents and Settings\All Users\Application Data\Microsoft Help\MS.INFOPATHEDITOR.12.1036.hxn" is compressed (flags = 1) Read File: File "h:\Documents and Settings\All Users\Application Data\Microsoft Help\MS.MSE_LEGACY.12.1036.hxn" is compressed (flags = 1) Read File: File "h:\Documents and Settings\All Users\Application Data\Microsoft Help\MS.MSPUB.12.1036.hxn" is compressed (flags = 1) Read File: File "h:\Documents and Settings\All Users\Application Data\Microsoft Help\MS.MSTORE.12.1036.hxn" is compressed (flags = 1) Read File: File "h:\Documents and Settings\All Users\Application Data\Microsoft Help\MS.OIS.12.1036.hxn" is compressed (flags = 1) Read File: File "h:\Documents and Settings\All Users\Application Data\Microsoft Help\MS.OUTLOOK.12.1036.hxn" is compressed (flags = 1) Read File: File "h:\Documents and Settings\All Users\Application Data\Microsoft Help\MS.POWERPNT.12.1036.hxn" is compressed (flags = 1) Read File: File "h:\Documents and Settings\All Users\Application Data\Microsoft Help\MS.POWERPNT.12.1036_1036_MValidator.Lck" is compressed (flags = 1) Read File: File "h:\Documents and Settings\All Users\Application Data\Microsoft Help\MS.RIBBON.12.1036.hxn" is compressed (flags = 1) Read File: File "h:\Documents and Settings\All Users\Application Data\Microsoft Help\MS.SETLANG.12.1036.hxn" is compressed (flags = 1) Read File: File "h:\Documents and Settings\All Users\Application Data\Microsoft Help\MS.VBE.DEV.12.1036.hxn" is compressed (flags = 1) Read File: File "h:\Documents and Settings\All Users\Application Data\Microsoft Help\MS.WINWORD.12.1036.hxn" is compressed (flags = 1) Read File: File "h:\Documents and Settings\All Users\Application Data\Microsoft Help\MS.WINWORD.12.1036_1036_MValidator.Lck" is compressed (flags = 1) Read File: File "h:\Documents and Settings\All Users\Application Data\PCPitstop\Scheduler-20100925.log" is compressed (flags = 1) Read File: File "h:\Documents and Settings\All Users\Application Data\PCPitstop\Scheduler-20101004.log" is compressed (flags = 1) Read File: File "h:\Documents and Settings\All Users\Application Data\Zylom\ZylomGamesPlayer sIZylomPlugin.xpt" is compressed (flags = 1) Read File: File "h:\Documents and Settings\Default User\Application Data\desktop.ini" is compressed (flags = 1) Read File: File "h:\Documents and Settings\Default User\Application Data\Microsoft\Internet Explorer\brndlog.bak" is compressed (flags = 1) Read File: File "h:\Documents and Settings\Default User\Application Data\Microsoft\Internet Explorer\brndlog.txt" is compressed (flags = 1) Read File: File "h:\Documents and Settings\Maman\Application Data\Microsoft\Internet Explorer\brndlog.bak" is compressed (flags = 1) Read File: File "h:\Documents and Settings\Maman\Application Data\Microsoft\Protect\CREDHIST" is compressed (flags = 1) Read File: File "h:\Documents and Settings\Maman\Application Data\Microsoft\UProof\CUSTOM.DIC" is compressed (flags = 1) Read File: File "h:\Documents and Settings\Maman\Application Data\Microsoft\UProof\ExcludeDictionaryEN0409.lex" is compressed (flags = 1) Read File: File "h:\Documents and Settings\Maman\Application Data\Microsoft\UProof\ExcludeDictionaryFR040c.lex" is compressed (flags = 1) Read File: File "h:\Documents and Settings\Papa\Application Data\LimeWire\createtimes.cache" is compressed (flags = 1) Read File: File "h:\Documents and Settings\Papa\Application Data\LimeWire\installation.props" is compressed (flags = 1) Read File: File "h:\Documents and Settings\Papa\Application Data\LimeWire\library.dat" is compressed (flags = 1) Read File: File "h:\Documents and Settings\Papa\Application Data\LimeWire\mojito.props" is compressed (flags = 1) Read File: File "h:\Documents and Settings\Papa\Application Data\LimeWire\player.props" is compressed (flags = 1) Read File: File "h:\Documents and Settings\Papa\Application Data\LimeWire\questions.props" is compressed (flags = 1) Read File: File "h:\Documents and Settings\Papa\Application Data\LimeWire estaccess.txt" is compressed (flags = 1) Read File: File "h:\Documents and Settings\Papa\Application Data\LimeWire ables.props" is compressed (flags = 1) Read File: File "h:\Documents and Settings\Papa\Application Data\LimeWire\versions.props" is compressed (flags = 1) Read File: File "h:\Documents and Settings\Papa\Application Data\LimeWire\mozilla-profile\extensions.ini" is compressed (flags = 1) Read File: File "h:\Documents and Settings\Papa\Application Data\LimeWire\mozilla-profile\prefs.js" is compressed (flags = 1) Read File: File "h:\Documents and Settings\Papa\Application Data\LimeWire\promotion\promodb.log" is compressed (flags = 1) Read File: File "h:\Documents and Settings\Papa\Application Data\LimeWire\promotion\promodb.properties" is compressed (flags = 1) Read File: File "h:\Documents and Settings\Papa\Application Data\Microsoft\Internet Explorer\brndlog.bak" is compressed (flags = 1) Read File: File "h:\Documents and Settings\Papa\Application Data\Microsoft\Media Player\00319B86.wpl" is compressed (flags = 1) Read File: File "h:\Documents and Settings\Papa\Application Data\Microsoft\Office\CLView12.pip" is compressed (flags = 1) Read File: File "h:\Documents and Settings\Papa\Application Data\Microsoft\Protect\CREDHIST" is compressed (flags = 1) Read File: File "h:\Documents and Settings\Papa\Application Data\Microsoft\UProof\CUSTOM.DIC" is compressed (flags = 1) Read File: File "h:\Documents and Settings\Papa\Application Data\Microsoft\UProof\ExcludeDictionaryEN0409.lex" is compressed (flags = 1) Read File: File "h:\Documents and Settings\Papa\Application Data\Microsoft\UProof\ExcludeDictionaryFR040c.lex" is compressed (flags = 1) Read File: File "h:\Documents and Settings\Papa\Application Data\Real\Msg\Category.dat" is compressed (flags = 1) Read File: File "h:\Documents and Settings\Papa\Application Data\Real\Msg\SCategory.dat" is compressed (flags = 1) Read File: File "h:\Documents and Settings\Papa\Application Data\vlc\ml.xspf" is compressed (flags = 1) Read File: File "h:\Documents and Settings\Pioupiou\Application Data\Microsoft\Internet Explorer\brndlog.bak" is compressed (flags = 1) Read File: File "h:\Documents and Settings\Pioupiou\Application Data\Microsoft\Office\CLView12.pip" is compressed (flags = 1) Read File: File "h:\Documents and Settings\Pioupiou\Application Data\Microsoft\PowerPoint\PPT12.pcb" is compressed (flags = 1) Read File: File "h:\Documents and Settings\Pioupiou\Application Data\Microsoft\Protect\CREDHIST" is compressed (flags = 1) Read File: File "h:\Documents and Settings\Pioupiou\Application Data\Microsoft\UProof\ExcludeDictionaryEN0409.lex" is compressed (flags = 1) Read File: File "h:\Documents and Settings\Pioupiou\Application Data\Microsoft\UProof\ExcludeDictionaryFR080c.lex" is compressed (flags = 1) Read File: File "h:\Documents and Settings\Pioupiou\Application Data\Real\RealPlayer\viz.ini" is compressed (flags = 1) Read File: File "h:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\Internet Explorer\brndlog.bak" is compressed (flags = 1) Read File: File "h:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\Internet Explorer\brndlog.txt" is compressed (flags = 1) Read File: File "h:\Program Files\Fichiers communs\System\ado\MDACReadme.htm" is compressed (flags = 1) Read File: File "h:\Documents and Settings\Papa\Bureau\Mes documents.lnk" is compressed (flags = 1) Read File: File "h:\Program Files\Outlook Express\msoe.txt" is compressed (flags = 1) Read File: File "h:\Program Files\Windows Media Player pdrmv2.zip" is compressed (flags = 1) Read File: File "h:\Documents and Settings\Default User\Menu Démarrer\Programmes\Démarrage\desktop.ini" is compressed (flags = 1) Read File: File "h:\WINDOWS\system32\config\systemprofile\Menu Démarrer\Programmes\Démarrage\desktop.ini" is compressed (flags = 1) Read File: File "h:\WINDOWS\system32\dsound.vxd" is compressed (flags = 1) Read File: File "h:\WINDOWS\system32\l_except.nls" is compressed (flags = 1) Read File: File "h:\WINDOWS\system32\pscript.sep" is compressed (flags = 1) Read File: File "h:\WINDOWS\system32\cmos.ram" is compressed (flags = 1) Read File: File "h:\WINDOWS\system32\desktop.ini" is compressed (flags = 1) Read File: File "h:\WINDOWS\system32\pcl.sep" is compressed (flags = 1) Read File: File "h:\WINDOWS\system32\perfwci.h" is compressed (flags = 1) Read File: File "h:\WINDOWS\system32\perfci.h" is compressed (flags = 1) Read File: File "h:\WINDOWS\system32\perffilt.h" is compressed (flags = 1) Read File: File "h:\WINDOWS\system32\prodspec.ini" is compressed (flags = 1) Read File: File "h:\WINDOWS\system32\Chaînes.scf" is compressed (flags = 1) Read File: File "h:\WINDOWS\system32\login.cmd" is compressed (flags = 1) Read File: File "h:\WINDOWS\system32\logonui.exe.manifest" is compressed (flags = 1) Read File: File "h:\WINDOWS\system32\drivers\etc etworks" is compressed (flags = 1) Read File: File "h:\WINDOWS\system32\oobe\migip.dun" is compressed (flags = 1) Read File: File "h:\WINDOWS\system32\oobe\migrate.isp" is compressed (flags = 1) Read File: File "h:\WINDOWS\system32\oobe\msobe.isp" is compressed (flags = 1) Read File: File "h:\WINDOWS\system32\oobe\obeip.dun" is compressed (flags = 1) Read File: File "h:\WINDOWS\system32\oobe eg.isp" is compressed (flags = 1) Read File: File "h:\WINDOWS\system32\wbem\wmiclivalueformat.xsl" is compressed (flags = 1) Read File: File "h:\Documents and Settings\Pioupiou\Local Settings\Temp\Twain001.Mtx" is compressed (flags = 1) Read File: File "h:\Documents and Settings\Pioupiou\Local Settings\Temp\Twunk001.MTX" is compressed (flags = 1) Read File: File "h:\Documents and Settings\Pioupiou\Local Settings\Temp\chrome_installer.log" is compressed (flags = 1) Read File: File "h:\Documents and Settings\Pioupiou\Local Settings\Temp\Historique\History.IE5\desktop.ini" is compressed (flags = 1) Read File: File "h:\Documents and Settings\Pioupiou\Local Settings\Temp\Temporary Internet Files\Content.IE5\desktop.ini" is compressed (flags = 1) Read File: File "h:\Documents and Settings\Pioupiou\Local Settings\Temp\Temporary Internet Files\Content.IE5\4TIR45AF\desktop.ini" is compressed (flags = 1) Read File: File "h:\Documents and Settings\Pioupiou\Local Settings\Temp\Temporary Internet Files\Content.IE5\CHIBCP2V\desktop.ini" is compressed (flags = 1) Read File: File "h:\Documents and Settings\Pioupiou\Local Settings\Temp\Temporary Internet Files\Content.IE5\G1MRO9UN\desktop.ini" is compressed (flags = 1) Read File: File "h:\Documents and Settings\Pioupiou\Local Settings\Temp\Temporary Internet Files\Content.IE5\O5MJOXQB\desktop.ini" is compressed (flags = 1) Read File: File "h:\Documents and Settings\Pioupiou\Local Settings\Temp\plugtmp-1\plugin-yellowPageService-1.xml" is compressed (flags = 1) Read File: File "h:\Documents and Settings\Pioupiou\Local Settings\Temp\plugtmp-1\plugin-crossdomain.xml" is compressed (flags = 1) Read File: File "h:\Documents and Settings\Pioupiou\Local Settings\Temp\plugtmp-1\plugin-footer_nikestore.css" is compressed (flags = 1) Read File: File "h:\Documents and Settings\Pioupiou\Local Settings\Temp\plugtmp-1\plugin-minicart_nikestore.css" is compressed (flags = 1) Read File: File "h:\Documents and Settings\Pioupiou\Local Settings\Temp\plugtmp-1\plugin-yellowPageService-2.xml" is compressed (flags = 1) Read File: File "h:\Documents and Settings\Pioupiou\Local Settings\Temp\plugtmp-1\plugin-yellowPageService-3.xml" is compressed (flags = 1) Read File: File "h:\Documents and Settings\Pioupiou\Local Settings\Temp\plugtmp-1\plugin-yellowPageService-4.xml" is compressed (flags = 1) Read File: File "h:\Documents and Settings\Pioupiou\Local Settings\Temp\plugtmp-1\plugin-yellowPageService-5.xml" is compressed (flags = 1) Read File: File "h:\Documents and Settings\Pioupiou\Local Settings\Temp\plugtmp-1\plugin-yellowPageService-6.xml" is compressed (flags = 1) Read File: File "h:\Documents and Settings\Pioupiou\Local Settings\Temp\plugtmp-1\plugin-yellowPageService-7.xml" is compressed (flags = 1) Read File: File "h:\Documents and Settings\Pioupiou\Local Settings\Temp\plugtmp-1\plugin-yellowPageService-8.xml" is compressed (flags = 1) Read File: File "h:\Documents and Settings\Pioupiou\Local Settings\Temp\plugtmp-1\plugin-yellowPageService-9.xml" is compressed (flags = 1) Read File: File "h:\Documents and Settings\Pioupiou\Local Settings\Temp\plugtmp-1\plugin-yellowPageService.xml" is compressed (flags = 1) Read File: File "h:\Documents and Settings\Administrateur\.recently-used.xbel" is compressed (flags = 1) Read File: File "h:\Documents and Settings\LocalService tuser.ini" is compressed (flags = 1) Read File: File "h:\Documents and Settings\NetworkService tuser.ini" is compressed (flags = 1) Read File: File "h:\Documents and Settings\Default User\Local Settings\desktop.ini" is compressed (flags = 1) Read File: File "h:\WINDOWS\system32\config\systemprofile\Local Settings\desktop.ini" is compressed (flags = 1) Read File: File "h:\Documents and Settings\Papa\Local Settings\Application Data\FASTWiz.log" is compressed (flags = 1) Read File: File "h:\Documents and Settings\Papa\Local Settings\Application Data\fusioncache.dat" is compressed (flags = 1) Read File: File "h:\Documents and Settings\Pioupiou\Local Settings\Application Data\fusioncache.dat" is compressed (flags = 1) Read File: File "h:\WINDOWS\NAVIGMA.INI" is compressed (flags = 1) Read File: File "h:\WINDOWS\Timezone.exe.manifest" is compressed (flags = 1) Read File: File "h:\WINDOWS\vb.ini" is compressed (flags = 1) Read File: File "h:\WINDOWS\vbaddin.ini" is compressed (flags = 1) Read File: File "h:\WINDOWS\INSECTE.JEU" is compressed (flags = 1) Read File: File "h:\WINDOWS\explorer.scf" is compressed (flags = 1) Read File: File "h:\WINDOWS\assembly\GAC\Accessibility\1.0.5000.0__b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1) Read File: File "h:\WINDOWS\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1) Read File: File "h:\WINDOWS\assembly\GAC\AxInterop.LTRASTERVIEWLib\1.0.0.0__a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1) Read File: File "h:\WINDOWS\assembly\GAC\AxInterop.MediaPlayer\1.0.0.0__a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1) Read File: File "h:\WINDOWS\assembly\GAC\AxInterop.SHDocVw\1.1.0.0__a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1) Read File: File "h:\WINDOWS\assembly\GAC\cscompmgd\7.0.5000.0__b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1) Read File: File "h:\WINDOWS\assembly\GAC\CustomMarshalers\1.0.5000.0__b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1) Read File: File "h:\WINDOWS\assembly\GAC\Extensibility\7.0.3300.0__b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1) Read File: File "h:\WINDOWS\assembly\GAC\hplMosaicNet\1.1.0.0__0d5444959b41355f\__AssemblyInfo__.ini" is compressed (flags = 1) Read File: File "h:\WINDOWS\assembly\GAC\HPODMmcLib\1.0.0.0__a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1) Read File: File "h:\WINDOWS\assembly\GAC\hpqactiv\3.0.0.0__a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1) Read File: File "h:\WINDOWS\assembly\GAC\hpqactiv.resources\3.0.0.0_fr_a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1) Read File: File "h:\WINDOWS\assembly\GAC\hpqalb\3.0.0.0__a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1) Read File: File "h:\WINDOWS\assembly\GAC\hpqasset\3.0.0.0__a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1) Read File: File "h:\WINDOWS\assembly\GAC\hpqcalp\3.0.0.0__a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1) Read File: File "h:\WINDOWS\assembly\GAC\hpqcalp.resources\3.0.0.0_fr_a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1) Read File: File "h:\WINDOWS\assembly\GAC\hpqcalrsc\3.0.0.0__a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1) Read File: File "h:\WINDOWS\assembly\GAC\hpqcalrsc.resources\3.0.0.0_fr_a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1) Read File: File "h:\WINDOWS\assembly\GAC\mscomctl\10.0.4504.0__31bf3856ad364e35\__AssemblyInfo__.ini" is compressed (flags = 1) Read File: File "h:\WINDOWS\assembly\GAC\mscorcfg\1.0.5000.0__b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1) Read File: File "h:\WINDOWS\assembly\GAC\mscorcfg.resources\1.0.5000.0_fr_b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1) Read File: File "h:\WINDOWS\assembly\GAC\mscorlib.resources\1.0.5000.0_fr_b77a5c561934e089\__AssemblyInfo__.ini" is compressed (flags = 1) Read File: File "h:\WINDOWS\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1) Read File: File "h:\WINDOWS\assembly\GAC\office\12.0.0.0__71e9bce111e9429c\__AssemblyInfo__.ini" is compressed (flags = 1) Read File: File "h:\WINDOWS\assembly\GAC\Policy.11.0.Microsoft.Office.Interop.Excel\12.0.0.0__71e9bce111e9429c\__AssemblyInfo__.ini" is compressed (flags = 1) Read File: File "h:\WINDOWS\assembly\GAC\Policy.11.0.Microsoft.Office.Interop.Graph\12.0.0.0__71e9bce111e9429c\__AssemblyInfo__.ini" is compressed (flags = 1) Read File: File "h:\WINDOWS\assembly\GAC\Policy.11.0.Microsoft.Office.Interop.InfoPath\12.0.0.0__71e9bce111e9429c\__AssemblyInfo__.ini" is compressed (flags = 1) Read File: File "h:\WINDOWS\assembly\GAC\Policy.11.0.Microsoft.Office.Interop.InfoPath.Xml\12.0.0.0__71e9bce111e9429c\__AssemblyInfo__.ini" is compressed (flags = 1) Read File: File "h:\WINDOWS\assembly\GAC\Policy.11.0.Microsoft.Office.Interop.Outlook\12.0.0.0__71e9bce111e9429c\__AssemblyInfo__.ini" is compressed (flags = 1) Read File: File "h:\WINDOWS\assembly\GAC\Policy.11.0.Microsoft.Office.Interop.OutlookViewCtl\12.0.0.0__71e9bce111e9429c\__AssemblyInfo__.ini" is compressed (flags = 1) Read File: File "h:\WINDOWS\assembly\GAC\Policy.11.0.Microsoft.Office.Interop.PowerPoint\12.0.0.0__71e9bce111e9429c\__AssemblyInfo__.ini" is compressed (flags = 1) Read File: File "h:\WINDOWS\assembly\GAC\Microsoft.Office.Interop.Publisher\12.0.0.0__71e9bce111e9429c\__AssemblyInfo__.ini" is compressed (flags = 1) Read File: File "h:\WINDOWS\assembly\GAC\Microsoft.Office.Interop.SmartTag\12.0.0.0__71e9bce111e9429c\__AssemblyInfo__.ini" is compressed (flags = 1) Read File: File "h:\WINDOWS\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1) Read File: File "h:\WINDOWS\assembly\GAC\Microsoft.Vbe.Interop.Forms\11.0.0.0__71e9bce111e9429c\__AssemblyInfo__.ini" is compressed (flags = 1) Read File: File "h:\WINDOWS\assembly\GAC\Microsoft.VisualBasic\7.0.5000.0__b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1) Read File: File "h:\WINDOWS\assembly\GAC\Microsoft.VisualBasic.resources\7.0.5000.0_fr_b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1) Read File: File "h:\WINDOWS\assembly\GAC\Microsoft.VisualBasic.Vsa\7.0.5000.0__b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1) Read File: File "h:\WINDOWS\assembly\GAC\Microsoft.VisualC\7.0.5000.0__b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1) Read File: File "h:\WINDOWS\assembly\GAC\Microsoft.Vsa\7.0.5000.0__b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1) Read File: File "h:\WINDOWS\assembly\GAC\Microsoft.Vsa.Vb.CodeDOMProcessor\7.0.5000.0__b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1) Read File: File "h:\WINDOWS\assembly\GAC\Microsoft_VsaVb\7.0.5000.0__b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1) Read File: File "h:\WINDOWS\assembly\GAC\Policy.11.0.Microsoft.Office.Interop.SmartTag\12.0.0.0__71e9bce111e9429c\__AssemblyInfo__.ini" is compressed (flags = 1) Read File: File "h:\WINDOWS\assembly\GAC\Policy.11.0.Microsoft.Vbe.Interop\12.0.0.0__71e9bce111e9429c\__AssemblyInfo__.ini" is compressed (flags = 1) Read File: File "h:\WINDOWS\assembly\GAC\Policy.11.0.office\12.0.0.0__71e9bce111e9429c\__AssemblyInfo__.ini" is compressed (flags = 1) Read File: File "h:\WINDOWS\assembly\GAC\Regcode\1.0.5000.0__b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1) Read File: File "h:\WINDOWS\assembly\GAC\Regcode.resources\1.0.5000.0_fr_b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1) Read File: File "h:\WINDOWS\assembly\GAC\stdole\7.0.3300.0__b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1) Read File: File "h:\WINDOWS\assembly\GAC\System.Configuration.Install\1.0.5000.0__b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1) Read File: File "h:\WINDOWS\assembly\GAC\System.Configuration.Install.resources\1.0.5000.0_fr_b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1) Read File: File "h:\WINDOWS\assembly\GAC\System.Data\1.0.5000.0__b77a5c561934e089\__AssemblyInfo__.ini" is compressed (flags = 1) Read File: File "h:\WINDOWS\assembly\GAC\System.Data.OracleClient\1.0.5000.0__b77a5c561934e089\__AssemblyInfo__.ini" is compressed (flags = 1) Read File: File "h:\WINDOWS\assembly\GAC\System.Data.resources\1.0.5000.0_fr_b77a5c561934e089\__AssemblyInfo__.ini" is compressed (flags = 1) Read File: File "h:\WINDOWS\assembly\GAC\System.Design\1.0.5000.0__b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1) Read File: File "h:\WINDOWS\assembly\GAC\System.Design.resources\1.0.5000.0_fr_b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1) Read File: File "h:\WINDOWS\assembly\GAC\System.DirectoryServices\1.0.5000.0__b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1) Read File: File "h:\WINDOWS\assembly\GAC\hpqccrsc\3.0.0.0__a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1) Read File: File "h:\WINDOWS\assembly\GAC\hpqfmrsc.resources\3.0.0.0_fr_a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1) Read File: File "h:\WINDOWS\assembly\GAC\hpqptfnd\3.0.0.0__a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1) Read File: File "h:\WINDOWS\assembly\GAC\hpqvec\3.0.0.0__a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1) Read File: File "h:\WINDOWS\assembly\GAC\Interop.hpodio08\3.0.0.0__a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1) Read File: File "h:\WINDOWS\assembly\GAC\ipdmctrl\11.0.0.0__71e9bce111e9429c\__AssemblyInfo__.ini" is compressed (flags = 1) Read File: File "h:\WINDOWS\assembly\GAC\Microsoft.Office.Interop.Outlook\12.0.0.0__71e9bce111e9429c\__AssemblyInfo__.ini" is compressed (flags = 1) Read File: File "h:\WINDOWS\assembly\GAC\Policy.11.0.Microsoft.Office.Interop.Publisher\12.0.0.0__71e9bce111e9429c\__AssemblyInfo__.ini" is compressed (flags = 1) Read File: File "h:\WINDOWS\assembly\GAC\System.DirectoryServices.resources\1.0.5000.0_fr_b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1) Read File: File "h:\WINDOWS\assembly\GAC\System.Web.resources\1.0.5000.0_fr_b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1) Read File: File "h:\WINDOWS\assembly\GAC\System.Web.Services\1.0.5000.0__b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1) Read File: File "h:\WINDOWS\assembly\GAC\System.Web.Services.resources\1.0.5000.0_fr_b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1) Read File: File "h:\WINDOWS\assembly\GAC\SYSTEM.WINDOWS.FORMS.resources\1.0.5000.0_fr_b77a5c561934e089\__AssemblyInfo__.ini" is compressed (flags = 1) Read File: File "h:\WINDOWS\assembly\GAC\System.Xml\1.0.5000.0__b77a5c561934e089\__AssemblyInfo__.ini" is compressed (flags = 1) Read File: File "h:\WINDOWS\assembly\GAC\System.XML.resources\1.0.5000.0_fr_b77a5c561934e089\__AssemblyInfo__.ini" is compressed (flags = 1) Read File: File "h:\WINDOWS\assembly\GAC\System.Drawing.Design\1.0.5000.0__b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1) Read File: File "h:\WINDOWS\assembly\GAC\System.Drawing.Design.resources\1.0.5000.0_fr_b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1) Read File: File "h:\WINDOWS\assembly\GAC\System.Drawing.resources\1.0.5000.0_fr_b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1) Read File: File "h:\WINDOWS\assembly\GAC\System.EnterpriseServices\1.0.5000.0__b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1) Read File: File "h:\WINDOWS\assembly\GAC\System.EnterpriseServices.resources\1.0.5000.0_fr_b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1) Read File: File "h:\WINDOWS\assembly\GAC\System.Management\1.0.5000.0__b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1) Read File: File "h:\WINDOWS\assembly\GAC\system.management.resources\1.0.5000.0_fr_b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1) Read File: File "h:\WINDOWS\assembly\GAC\System.Messaging\1.0.5000.0__b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1) Read File: File "h:\WINDOWS\assembly\GAC\System.Messaging.resources\1.0.5000.0_fr_b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1) Read File: File "h:\WINDOWS\assembly\GAC\System.resources\1.0.5000.0_fr_b77a5c561934e089\__AssemblyInfo__.ini" is compressed (flags = 1) Read File: File "h:\WINDOWS\assembly\GAC\System.Runtime.Remoting\1.0.5000.0__b77a5c561934e089\__AssemblyInfo__.ini" is compressed (flags = 1) Read File: File "h:\WINDOWS\assembly\GAC\System.Runtime.Remoting.resources\1.0.5000.0_fr_b77a5c561934e089\__AssemblyInfo__.ini" is compressed (flags = 1) Read File: File "h:\WINDOWS\assembly\GAC\System.Runtime.Serialization.Formatters.Soap\1.0.5000.0__b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1) Read File: File "h:\WINDOWS\assembly\GAC\System.Runtime.Serialization.Formatters.Soap.resources\1.0.5000.0_fr_b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1) Read File: File "h:\WINDOWS\assembly\GAC\System.Security.resources\1.0.5000.0_fr_b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1) Read File: File "h:\WINDOWS\assembly\GAC\System.ServiceProcess\1.0.5000.0__b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1) Read File: File "h:\WINDOWS\assembly\GAC\System.ServiceProcess.resources\1.0.5000.0_fr_b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1) Read File: File "h:\WINDOWS\assembly\GAC\System.Web.Mobile\1.0.5000.0__b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1) Read File: File "h:\WINDOWS\assembly\GAC\System.Web.Mobile.resources\1.0.5000.0_fr_b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1) Read File: File "h:\WINDOWS\assembly\GAC\System.Web.RegularExpressions\1.0.5000.0__b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1) Read File: File "h:\WINDOWS\assembly\GAC\ISymWrapper\1.0.5000.0__b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1) Read File: File "h:\WINDOWS\assembly\GAC\LEAD\13.0.0.66__9cf889f53ea9b907\__AssemblyInfo__.ini" is compressed (flags = 1) Read File: File "h:\WINDOWS\assembly\GAC\LEAD.Drawing\13.0.0.66__9cf889f53ea9b907\__AssemblyInfo__.ini" is compressed (flags = 1) Read File: File "h:\WINDOWS\assembly\GAC\LEAD.Drawing.Imaging.Codecs\13.0.0.66__9cf889f53ea9b907\__AssemblyInfo__.ini" is compressed (flags = 1) Read File: File "h:\WINDOWS\assembly\GAC\LEAD.Drawing.Imaging.ImageProcessing\13.0.0.66__9cf889f53ea9b907\__AssemblyInfo__.ini" is compressed (flags = 1) Read File: File "h:\WINDOWS\assembly\GAC\LEAD.Drawing.Imaging.Ocr\13.0.0.35__9cf889f53ea9b907\__AssemblyInfo__.ini" is compressed (flags = 1) Read File: File "h:\WINDOWS\assembly\GAC\LEAD.Drawing.Imaging.Twain\13.0.0.66__9cf889f53ea9b907\__AssemblyInfo__.ini" is compressed (flags = 1) Read File: File "h:\WINDOWS\assembly\GAC\LEAD.Windows.Forms\13.0.0.66__9cf889f53ea9b907\__AssemblyInfo__.ini" is compressed (flags = 1) Read File: File "h:\WINDOWS\assembly\GAC\LEAD.Windows.Forms.CommonDialogs\13.0.0.66__9cf889f53ea9b907\__AssemblyInfo__.ini" is compressed (flags = 1) Read File: File "h:\WINDOWS\assembly\GAC\LEAD.Windows.Forms.DrawingContainer\13.0.0.66__9cf889f53ea9b907\__AssemblyInfo__.ini" is compressed (flags = 1) Read File: File "h:\WINDOWS\assembly\GAC\LEAD.Windows.Forms.hp\13.0.0.58__9cf889f53ea9b907\__AssemblyInfo__.ini" is compressed (flags = 1) Read File: File "h:\WINDOWS\assembly\GAC\LEAD.Wrapper\13.0.0.66__9cf889f53ea9b907\__AssemblyInfo__.ini" is compressed (flags = 1) Read File: File "h:\WINDOWS\assembly\GAC\IEExecRemote\1.0.5000.0__b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1) Read File: File "h:\WINDOWS\assembly\GAC\IEHost\1.0.5000.0__b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1) Read File: File "h:\WINDOWS\assembly\GAC\IIEHost\1.0.5000.0__b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1) Read File: File "h:\WINDOWS\assembly\GAC\Interop.HPDarc\1.0.0.0__19565c63d39c2842\__AssemblyInfo__.ini" is compressed (flags = 1) Read File: File "h:\WINDOWS\assembly\GAC\Interop.hpocxi08\3.0.0.0__a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1) Read File: File "h:\WINDOWS\assembly\GAC\interop.hpodae\2.0.506.1634__a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1) Read File: File "h:\WINDOWS\assembly\GAC\interop.hpodai\2.0.506.1634__a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1) Read File: File "h:\WINDOWS\assembly\GAC\interop.hpodaud\2.0.506.1634__a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1) Read File: File "h:\WINDOWS\assembly\GAC\Interop.hpodeb08\3.0.0.0__a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1) Read File: File "h:\WINDOWS\assembly\GAC\Interop.hpodev08\3.0.0.0__a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1) Read File: File "h:\WINDOWS\assembly\GAC\hpqgldlg\3.0.0.0__a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1) Read File: File "h:\WINDOWS\assembly\GAC\hpqgldlg.resources\3.0.0.0_fr_a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1) Read File: File "h:\WINDOWS\assembly\GAC\hpqglutl\3.0.0.0__a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1) Read File: File "h:\WINDOWS\assembly\GAC\hpqgprsc\3.0.0.0__a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1) Read File: File "h:\WINDOWS\assembly\GAC\hpqgprsc.resources\3.0.0.0_fr_a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1) Read File: File "h:\WINDOWS\assembly\GAC\hpqgskin\3.0.0.0__a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1) Read File: File "h:\WINDOWS\assembly\GAC\hpqgtpin\3.0.0.0__a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1) Read File: File "h:\WINDOWS\assembly\GAC\hpqgtpin.resources\3.0.0.0_fr_a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1) Read File: File "h:\WINDOWS\assembly\GAC\hpqietpz\3.0.0.0__a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1) Read File: File "h:\WINDOWS\assembly\GAC\hpqietpz.resources\3.0.0.0_fr_a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1) Read File: File "h:\WINDOWS\assembly\GAC\hpqiface\3.0.0.0__a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1) Read File: File "h:\WINDOWS\assembly\GAC\hpqimgrc\3.0.0.0__a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1) Read File: File "h:\WINDOWS\assembly\GAC\hpqimlib\3.0.0.0__a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1) Read File: File "h:\WINDOWS\assembly\GAC\hpqisrtb\4.0.0.0__a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1) Read File: File "h:\WINDOWS\assembly\GAC\hpqisrtb.resources\4.0.0.0_fr_a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1) Read File: File "h:\WINDOWS\assembly\GAC\hpqistab\4.0.0.0__a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1) Read File: File "h:\WINDOWS\assembly\GAC\hpqmdmr\3.0.0.0__a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1) Read File: File "h:\WINDOWS\assembly\GAC\hpqmdmr.resources\3.0.0.0_fr_a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1) Read File: File "h:\WINDOWS\assembly\GAC\interop.hpodmmc\1.0.0.0__a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1) Read File: File "h:\WINDOWS\assembly\GAC\interop.hpodmp\2.0.506.1634__a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1) Read File: File "h:\WINDOWS\assembly\GAC\interop.hpodmpv\2.0.506.1634__a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1) Read File: File "h:\WINDOWS\assembly\GAC\interop.hpodmpv_md\2.0.506.1634__a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1) Read File: File "h:\WINDOWS\assembly\GAC\interop.hpodprint2\4.0.0.0__a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1) Read File: File "h:\WINDOWS\assembly\GAC\interop.hpodtrk\2.0.506.1634__a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1) Read File: File "h:\WINDOWS\assembly\GAC\interop.hpodvid\2.0.506.1634__a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1) Read File: File "h:\WINDOWS\assembly\GAC\interop.hpodxmlutil\2.0.506.1634__a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1) Read File: File "h:\WINDOWS\assembly\GAC\interop.hpqcldat\1.0.0.0__a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1) Read File: File "h:\WINDOWS\assembly\GAC\Interop.hpqcxm08\3.0.0.0__a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1) Read File: File "h:\WINDOWS\assembly\GAC\Interop.hpqdstcp\3.0.0.0__a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1) Read File: File "h:\WINDOWS\assembly\GAC\interop.hpqimgr\1.0.0.0__a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1) Read File: File "h:\WINDOWS\assembly\GAC\Interop.hprblog\3.0.0.0__a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1) Read File: File "h:\WINDOWS\assembly\GAC\Interop.LTANNLib\1.0.0.0__a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1) Read File: File "h:\WINDOWS\assembly\GAC\Interop.MediaPlayer\1.0.0.0__a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1) Read File: File "h:\WINDOWS\assembly\GAC\Interop.MsHtmHst\0.0.0.0__a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1) Read File: File "h:\WINDOWS\assembly\GAC\Interop.SHDocVw\1.1.0.0__a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1) Read File: File "h:\WINDOWS\assembly\GAC\LTRASTERIOLib\1.0.0.0__a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1) Read File: File "h:\WINDOWS\assembly\GAC\LTRASTERLib\1.0.0.0__a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1) Read File: File "h:\WINDOWS\assembly\GAC\LTRASTERVIEWLib\1.0.0.0__a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1) Read File: File "h:\WINDOWS\assembly\GAC\Microsoft.JScript\7.0.5000.0__b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1) Read File: File "h:\WINDOWS\assembly\GAC\Microsoft.JScript.resources\7.0.5000.0_fr_b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1) Read File: File "h:\WINDOWS\assembly\GAC\Microsoft.mshtml\7.0.3300.0__b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1) Read File: File "h:\WINDOWS\assembly\GAC\Microsoft.Office.InfoPath.Permission\12.0.0.0__71e9bce111e9429c\__AssemblyInfo__.ini" is compressed (flags = 1) Read File: File "h:\WINDOWS\assembly\GAC\Microsoft.Office.Interop.Access.Dao\12.0.0.0__71e9bce111e9429c\__AssemblyInfo__.ini" is compressed (flags = 1) Read File: File "h:\WINDOWS\assembly\GAC\Microsoft.Office.Interop.InfoPath\12.0.0.0__71e9bce111e9429c\__AssemblyInfo__.ini" is compressed (flags = 1) Read File: File "h:\WINDOWS\assembly\GAC\Microsoft.Office.Interop.InfoPath.SemiTrust\11.0.0.0__71e9bce111e9429c\__AssemblyInfo__.ini" is compressed (flags = 1) Read File: File "h:\WINDOWS\assembly\GAC\Microsoft.Office.Interop.InfoPath.Xml\12.0.0.0__71e9bce111e9429c\__AssemblyInfo__.ini" is compressed (flags = 1) Read File: File "h:\WINDOWS\assembly\GAC\hpqccrsc.resources\3.0.0.0_fr_a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1) Read File: File "h:\WINDOWS\assembly\GAC\hpqcmctl\3.0.0.0__a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1) Read File: File "h:\WINDOWS\assembly\GAC\hpqcmctl.resources\3.0.0.0_fr_a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1) Read File: File "h:\WINDOWS\assembly\GAC\hpqcpint\3.0.0.0__a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1) Read File: File "h:\WINDOWS\assembly\GAC\hpqcprsc\3.0.0.0__a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1) Read File: File "h:\WINDOWS\assembly\GAC\hpqcprsc.resources\3.0.0.0_fr_a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1) Read File: File "h:\WINDOWS\assembly\GAC\hpqdcprf\3.0.0.0__a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1) Read File: File "h:\WINDOWS\assembly\GAC\hpqdcprf.resources\3.0.0.0_fr_a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1) Read File: File "h:\WINDOWS\assembly\GAC\hpqdcrsc\3.0.0.0__a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1) Read File: File "h:\WINDOWS\assembly\GAC\hpqdcrsc.resources\3.0.0.0_fr_a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1) Read File: File "h:\WINDOWS\assembly\GAC\hpqdocpt\3.0.0.0__a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1) Read File: File "h:\WINDOWS\assembly\GAC\hpqdocpt.resources\3.0.0.0_fr_a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1) Read File: File "h:\WINDOWS\assembly\GAC\hpqdocvw\3.0.0.0__a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1) Read File: File "h:\WINDOWS\assembly\GAC\hpqdocvw.resources\3.0.0.0_fr_a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1) Read File: File "h:\WINDOWS\assembly\GAC\hpqeal\3.0.0.0__a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1) Read File: File "h:\WINDOWS\assembly\GAC\hpqedppi\3.0.0.0__a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1) Read File: File "h:\WINDOWS\assembly\GAC\hpqfmrsc\3.0.0.0__a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1) Read File: File "h:\WINDOWS\assembly\GAC\hpqptfx\3.0.0.0__a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1) Read File: File "h:\WINDOWS\assembly\GAC\hpqptfx.resources\3.0.0.0_fr_a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1) Read File: File "h:\WINDOWS\assembly\GAC\hpqptint\3.0.0.0__a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1) Read File: File "h:\WINDOWS\assembly\GAC\hpqptint.resources\3.0.0.0_fr_a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1) Read File: File "h:\WINDOWS\assembly\GAC\hpqshfop\3.0.0.0__a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1) Read File: File "h:\WINDOWS\assembly\GAC\hpqshfop.resources\3.0.0.0_fr_a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1) Read File: File "h:\WINDOWS\assembly\GAC\hpqthrsc\3.0.0.0__a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1) Read File: File "h:\WINDOWS\assembly\GAC\hpqthrsc.resources\3.0.0.0_fr_a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1) Read File: File "h:\WINDOWS\assembly\GAC\hpqthumb\3.0.0.0__a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1) Read File: File "h:\WINDOWS\assembly\GAC\hpqtray\3.0.0.0__a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1) Read File: File "h:\WINDOWS\assembly\GAC\hpqtray.resources\3.0.0.0_fr_a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1) Read File: File "h:\WINDOWS\assembly\GAC\hpqutils\3.0.0.0__a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1) Read File: File "h:\WINDOWS\assembly\GAC\hpqmpvad\3.0.0.0__a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1) Read File: File "h:\WINDOWS\assembly\GAC\hpqmydoc\3.0.0.0__a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1) Read File: File "h:\WINDOWS\assembly\GAC\hpqmydoc.resources\3.0.0.0_fr_a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1) Read File: File "h:\WINDOWS\assembly\GAC\hpqmyint\3.0.0.0__a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1) Read File: File "h:\WINDOWS\assembly\GAC\hpqntrop\3.0.0.0__a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1) Read File: File "h:\WINDOWS\assembly\GAC\hpqpaac\3.0.0.0__a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1) Read File: File "h:\WINDOWS\assembly\GAC\hpqpanop\3.0.0.0__a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1) Read File: File "h:\WINDOWS\assembly\GAC\hpqpanop.resources\3.0.0.0_fr_a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1) Read File: File "h:\WINDOWS\assembly\GAC\hpqpdmdl\3.0.0.0__a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1) Read File: File "h:\WINDOWS\assembly\GAC\hpqpel10\3.0.0.0__a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1) Read File: File "h:\WINDOWS\assembly\GAC\hpqpel10.resources\3.0.0.0_fr_a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1) Read File: File "h:\WINDOWS\assembly\GAC\hpqprif\3.0.0.0__a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1) Read File: File "h:\WINDOWS\assembly\GAC\hpqprjfx\3.0.0.0__a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1) Read File: File "h:\WINDOWS\assembly\GAC\hpqprjfx.resources\3.0.0.0_fr_a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1) Read File: File "h:\WINDOWS\assembly\GAC\hpqprrsc\3.0.0.0__a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1) Read File: File "h:\WINDOWS\assembly\GAC\hpqprrsc.resources\3.0.0.0_fr_a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1) Read File: File "h:\WINDOWS\assembly\GAC\hpqprt\3.0.0.0__a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1) Read File: File "h:\WINDOWS\assembly\GAC\hpqprt.resources\3.0.0.0_fr_a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1) Read File: File "h:\WINDOWS\assembly\GAC\hpqprutl\3.0.0.0__a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1) Read File: File "h:\WINDOWS\assembly\GAC\hpqprutl.resources\3.0.0.0_fr_a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1) Read File: File "h:\WINDOWS\Help\ciadmin.htm" is compressed (flags = 1) Read File: File "h:\WINDOWS\Help\conf.cnt" is compressed (flags = 1) Read File: File "h:\WINDOWS\Help\connect.cnt" is compressed (flags = 1) Read File: File "h:\WINDOWS\Help\mshearts.cnt" is compressed (flags = 1) Read File: File "h:\WINDOWS\Help\msnauth.cnt" is compressed (flags = 1) Read File: File "h:\WINDOWS\Help ocontnt.cnt" is compressed (flags = 1) Read File: File "h:\WINDOWS\Help atings.cnt" is compressed (flags = 1) Read File: File "h:\WINDOWS\Help\update.cnt" is compressed (

g3n-h@ckm@n · Answer

Fais analyser le(s) fichier(s) suivants sur Virustotal :

Virus Total

    clique sur "Parcourir" et trouve puis selectionne ce(s) fichier(s) :

 C:\Pre_Scan\MBR.bin

    * Clique maintenant sur Envoyer le fichier. et laisse travailler tant que "Situation actuelle : en cours d'analyse" est affiché.
    * Il est possible que le fichier soit mis en file d'attente en raison d'un grand nombre de demandes d'analyses. En ce cas, il te faudra patienter sans actualiser la page.
    * Lorsque l'analyse est terminée colle le lien de(s)( la) page(s)  dans ta prochaine réponse.

rapirapo · Answer

Re,

Pas bien compris mais c'est ça ?

https://www.virustotal.com/gui/file/21b3abb1d4ed793d3050b5d9c03c5f45984e0a8af6e9688132cb051a0d63f2a1

bien à toi

g3n-h@ckm@n · Answer

ouaip..... on en est où de tes soucis ?

rapirapo · Answer

Re,

ça a l'air d'aller

il "déconne" plus, supporte sa charge de travail, . . . 
respecte lesd 'ordres' et ne me nargue plus ;-)

surtout il reste "on"

bien à toi

g3n-h@ckm@n · Answer

ok on fait un scan generaliste et on plie avec un grand menage

 fermer toutes les fenêtres et applications lors de l'installation et de l'analyse.


&#9654 Télécharge ici :

Malwarebytes  

&#9654 Installe le ( choisis bien "francais" ; ne modifie pas les paramètres d'installe ) et mets le à jour .

relance malwarebytes en suivant scrupuleusement ces consignes :

! Déconnecte toi et ferme toutes applications en cours !

&#9654 Lance Malwarebyte's .

Fais un examen dit "Complet" .

&#9654 Laisse le programme travailler ( et ne rien faire d'autre avec le PC durant le scan ).
&#9654 à la fin tu cliques sur "résultat" .
&#9654 Vérifie que tous les objets infectés soient validés, puis clique sur " suppression " .

&#9654 Note : si il faut redémarrer ton PC pour finir le nettoyage, fais le !


&#9654 Poste le rapport sauvegardé après la suppression des objets infectés (dans l'onglet "rapport/log"de Malwarebytes, le dernier en date)

rapirapo · Answer

Bouh ;-)

rien détecté !

Malwarebytes Anti-Malware 1.70.0.1100
www.malwarebytes.org

Version de la base de données: v2013.03.24.04

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Administrateur :: IND_PC [administrateur]

24/03/2013 13:46:41
mbam-log-2013-03-24 (13-46-41).txt

Type d'examen: Examen complet (H:\|M:\|)
Options d'examen activées: Mémoire | Démarrage | Registre | Système de fichiers | Heuristique/Extra | Heuristique/Shuriken | PUP | PUM
Options d'examen désactivées: P2P
Elément(s) analysé(s): 391677
Temps écoulé: 1 heure(s), 16 minute(s), 44 seconde(s)

Processus mémoire détecté(s): 0
(Aucun élément nuisible détecté)

Module(s) mémoire détecté(s): 0
(Aucun élément nuisible détecté)

Clé(s) du Registre détectée(s): 0
(Aucun élément nuisible détecté)

Valeur(s) du Registre détectée(s): 0
(Aucun élément nuisible détecté)

Elément(s) de données du Registre détecté(s): 0
(Aucun élément nuisible détecté)

Dossier(s) détecté(s): 0
(Aucun élément nuisible détecté)

Fichier(s) détecté(s): 0
(Aucun élément nuisible détecté)

(fin)

Il tient la route !!!!

bien à toi

g3n-h@ckm@n · Answer

le menage :

 https://gen-hackman.kanak.fr/

rapirapo · Answer

Re,

j'espère que j'y suis !!!!!


# DelFix v10.1 - Rapport créé le 24/03/2013 à 20:22:35




# Mis à jour le 23/02/2013 par Xplode
# Nom d'utilisateur : Administrateur - IND_PC

~ Suppression des outils de désinfection ...

Supprimé : H:\Qoobox
Supprimé : H:\USBFix
Supprimé : H:\pre_scan
Supprimé : H:\ZHP
Supprimé : H:\Documents and Settings\All Users\Menu Démarrer\Programmes\ZHP
Supprimé : H:\Program Files\ZHPDiag
Supprimé : H:\ComboFix.txt
Supprimé : H:\Documents and Settings\All Users\Bureau\ZHPDiag.lnk
Supprimé : H:\Documents and Settings\All Users\Bureau\ZHPFix.lnk
Supprimé : H:\Documents and Settings\Administrateur\Mes documents\Téléchargements\adwcleaner(2).exe
Supprimé : H:\Documents and Settings\Administrateur\Mes documents\Téléchargements\ComboFix.exe
Supprimé : H:\Documents and Settings\Administrateur\Mes documents\Téléchargements\Defogger.exe
Supprimé : H:\Documents and Settings\Administrateur\Mes documents\Téléchargements\defogger_disable.log
Supprimé : H:\Documents and Settings\Administrateur\Mes documents\Téléchargements\defogger_enable.log
Supprimé : H:\Documents and Settings\Administrateur\Mes documents\Téléchargements\winlogon(1).exe
Supprimé : H:\Documents and Settings\Administrateur\Mes documents\Téléchargements\winlogon.exe
Supprimé : H:\Documents and Settings\Administrateur\Mes documents\Téléchargements\ZHPDiag2.exe
Supprimé : H:\WINDOWS\grep.exe
Supprimé : H:\WINDOWS\PEV.exe
Supprimé : H:\WINDOWS\NIRCMD.exe
Supprimé : H:\WINDOWS\MBR.exe
Supprimé : H:\WINDOWS\SED.exe
Supprimé : H:\WINDOWS\SWREG.exe
Supprimé : H:\WINDOWS\SWSC.exe
Supprimé : H:\WINDOWS\SWXCACLS.exe
Supprimé : H:\WINDOWS\Zip.exe
Supprimée : HKCU\Software\g3n-h@ckm@n
Supprimée : HKCU\Software\USBFix
Supprimée : HKLM\SOFTWARE\AdwCleaner
Supprimée : HKLM\SOFTWARE\g3n-h@ckm@n
Supprimée : HKLM\SOFTWARE\Swearware
Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\USBFix
Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ZHPDiag_is1
Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\combofix.exe

~ Purge de la restauration système ...

Supprimé : RP #173 [Software Distribution Service 3.0 | 12/30/2012 02:00:46]
Supprimé : RP #174 [Software Distribution Service 3.0 | 12/31/2012 00:01:05]
Supprimé : RP #175 [Software Distribution Service 3.0 | 12/31/2012 16:57:31]
Supprimé : RP #176 [Point de vérification système | 01/01/2013 21:13:37]
Supprimé : RP #177 [Software Distribution Service 3.0 | 01/02/2013 02:00:19]
Supprimé : RP #178 [Software Distribution Service 3.0 | 01/02/2013 12:00:58]
Supprimé : RP #179 [Point de vérification système | 01/03/2013 15:18:23]
Supprimé : RP #180 [Software Distribution Service 3.0 | 01/04/2013 01:09:47]
Supprimé : RP #181 [Software Distribution Service 3.0 | 01/04/2013 12:56:44]
Supprimé : RP #182 [Software Distribution Service 3.0 | 01/05/2013 00:00:13]
Supprimé : RP #183 [Point de vérification système | 01/06/2013 00:29:17]
Supprimé : RP #184 [Software Distribution Service 3.0 | 01/06/2013 02:00:16]
Supprimé : RP #185 [Software Distribution Service 3.0 | 01/06/2013 22:53:29]
Supprimé : RP #186 [Software Distribution Service 3.0 | 01/07/2013 22:41:51]
Supprimé : RP #187 [Software Distribution Service 3.0 | 01/08/2013 18:40:46]
Supprimé : RP #188 [Point de vérification système | 01/12/2013 10:56:38]
Supprimé : RP #189 [Software Distribution Service 3.0 | 01/13/2013 00:26:40]
Supprimé : RP #190 [Software Distribution Service 3.0 | 01/13/2013 23:33:17]
Supprimé : RP #191 [Software Distribution Service 3.0 | 01/14/2013 22:22:28]
Supprimé : RP #192 [Removed Adobe Reader X (10.1.1) - Français. | 01/15/2013 23:05:22]
Supprimé : RP #193 [Installed Adobe Reader XI (11.0.01) - Français. | 01/15/2013 23:09:43]
Supprimé : RP #194 [Installed Windows XP --  Software Updates KB952011. | 01/15/2013 23:20:43]
Supprimé : RP #195 [Software Distribution Service 3.0 | 01/16/2013 02:00:20]
Supprimé : RP #196 [Software Distribution Service 3.0 | 01/16/2013 13:15:39]
Supprimé : RP #197 [Software Distribution Service 3.0 | 01/19/2013 01:44:18]
Supprimé : RP #198 [Opération de restauration | 01/19/2013 09:30:06]
Supprimé : RP #199 [Software Distribution Service 3.0 | 01/20/2013 02:00:18]
Supprimé : RP #200 [Software Distribution Service 3.0 | 01/20/2013 22:54:10]
Supprimé : RP #201 [Point de vérification système | 01/21/2013 23:29:32]
Supprimé : RP #202 [Software Distribution Service 3.0 | 01/22/2013 02:00:17]
Supprimé : RP #203 [Software Distribution Service 3.0 | 01/22/2013 22:24:16]
Supprimé : RP #204 [Software Distribution Service 3.0 | 01/24/2013 16:07:14]
Supprimé : RP #205 [Software Distribution Service 3.0 | 01/25/2013 02:00:22]
Supprimé : RP #206 [Opération de restauration | 01/25/2013 13:13:28]
Supprimé : RP #207 [Opération de restauration | 01/25/2013 13:38:28]
Supprimé : RP #208 [Software Distribution Service 3.0 | 01/25/2013 23:32:07]
Supprimé : RP #209 [Software Distribution Service 3.0 | 01/26/2013 21:54:23]
Supprimé : RP #210 [Point de vérification système | 01/28/2013 13:07:22]
Supprimé : RP #211 [Software Distribution Service 3.0 | 01/28/2013 17:06:36]
Supprimé : RP #212 [BIOS | 01/29/2013 19:30:30]
Supprimé : RP #213 [Software Distribution Service 3.0 | 01/29/2013 21:34:25]
Supprimé : RP #214 [Software Distribution Service 3.0 | 01/30/2013 10:22:49]
Supprimé : RP #215 [Point de vérification système | 01/31/2013 12:11:55]
Supprimé : RP #216 [Software Distribution Service 3.0 | 02/01/2013 02:00:18]
Supprimé : RP #217 [Software Distribution Service 3.0 | 02/01/2013 22:11:46]
Supprimé : RP #218 [Point de vérification système | 02/03/2013 17:18:23]
Supprimé : RP #219 [Software Distribution Service 3.0 | 02/04/2013 02:00:23]
Supprimé : RP #220 [Software Distribution Service 3.0 | 02/05/2013 02:00:16]
Supprimé : RP #221 [Software Distribution Service 3.0 | 02/06/2013 02:00:15]
Supprimé : RP #222 [Software Distribution Service 3.0 | 02/07/2013 02:00:15]
Supprimé : RP #223 [Software Distribution Service 3.0 | 02/08/2013 02:00:14]
Supprimé : RP #224 [Software Distribution Service 3.0 | 02/09/2013 02:00:14]
Supprimé : RP #225 [Software Distribution Service 3.0 | 02/10/2013 02:00:20]
Supprimé : RP #226 [Software Distribution Service 3.0 | 02/11/2013 02:00:22]
Supprimé : RP #227 [Software Distribution Service 3.0 | 02/12/2013 02:00:21]
Supprimé : RP #228 [Software Distribution Service 3.0 | 02/13/2013 02:00:21]
Supprimé : RP #229 [Software Distribution Service 3.0 | 02/14/2013 02:00:39]
Supprimé : RP #230 [Software Distribution Service 3.0 | 02/15/2013 02:00:19]
Supprimé : RP #231 [Software Distribution Service 3.0 | 02/16/2013 02:00:15]
Supprimé : RP #232 [Software Distribution Service 3.0 | 02/17/2013 02:00:15]
Supprimé : RP #233 [Software Distribution Service 3.0 | 02/17/2013 20:22:56]
Supprimé : RP #234 [Point de vérification système | 02/18/2013 21:04:40]
Supprimé : RP #235 [Software Distribution Service 3.0 | 02/19/2013 02:00:32]
Supprimé : RP #236 [Software Distribution Service 3.0 | 02/19/2013 22:22:41]
Supprimé : RP #237 [Point de vérification système | 02/23/2013 09:15:52]
Supprimé : RP #238 [Software Distribution Service 3.0 | 02/23/2013 09:32:58]
Supprimé : RP #239 [Software Distribution Service 3.0 | 02/24/2013 02:00:15]
Supprimé : RP #240 [Software Distribution Service 3.0 | 02/24/2013 20:57:04]
Supprimé : RP #241 [Point de vérification système | 02/25/2013 21:52:00]
Supprimé : RP #242 [Software Distribution Service 3.0 | 02/26/2013 02:00:15]
Supprimé : RP #243 [Software Distribution Service 3.0 | 02/26/2013 06:51:31]
Supprimé : RP #244 [Software Distribution Service 3.0 | 02/27/2013 02:00:21]
Supprimé : RP #245 [Software Distribution Service 3.0 | 02/27/2013 06:32:29]
Supprimé : RP #246 [Software Distribution Service 3.0 | 02/28/2013 02:00:18]
Supprimé : RP #247 [Software Distribution Service 3.0 | 03/01/2013 02:00:19]
Supprimé : RP #248 [Software Distribution Service 3.0 | 03/02/2013 02:00:21]
Supprimé : RP #249 [Software Distribution Service 3.0 | 03/02/2013 07:46:30]
Supprimé : RP #250 [Software Distribution Service 3.0 | 03/03/2013 11:50:50]
Supprimé : RP #251 [Software Distribution Service 3.0 | 03/03/2013 15:38:03]
Supprimé : RP #252 [Point de vérification système | 03/04/2013 17:37:25]
Supprimé : RP #253 [Software Distribution Service 3.0 | 03/05/2013 02:00:15]
Supprimé : RP #254 [Software Distribution Service 3.0 | 03/06/2013 11:01:19]
Supprimé : RP #255 [Software Distribution Service 3.0 | 03/06/2013 11:44:11]
Supprimé : RP #256 [Software Distribution Service 3.0 | 03/09/2013 03:22:58]
Supprimé : RP #257 [Software Distribution Service 3.0 | 03/09/2013 18:24:47]
Supprimé : RP #258 [Point de vérification système | 01/01/2002 00:44:44]
Supprimé : RP #259 [Software Distribution Service 3.0 | 03/10/2013 13:45:44]
Supprimé : RP #260 [Software Distribution Service 3.0 | 03/10/2013 21:43:21]
Supprimé : RP #261 [Software Distribution Service 3.0 | 03/11/2013 21:43:38]
Supprimé : RP #262 [Point de vérification système | 03/14/2013 18:17:36]
Supprimé : RP #263 [Software Distribution Service 3.0 | 03/14/2013 19:33:04]
Supprimé : RP #264 [Point de vérification système | 03/15/2013 20:28:13]
Supprimé : RP #265 [Software Distribution Service 3.0 | 03/16/2013 10:48:56]
Supprimé : RP #266 [Software Distribution Service 3.0 | 03/17/2013 02:00:19]
Supprimé : RP #267 [Software Distribution Service 3.0 | 03/17/2013 10:34:18]
Supprimé : RP #268 [Software Distribution Service 3.0 | 03/18/2013 12:12:34]
Supprimé : RP #269 [Software Distribution Service 3.0 | 03/18/2013 23:45:51]
Supprimé : RP #270 [Software Distribution Service 3.0 | 03/20/2013 05:40:12]
Supprimé : RP #271 [Software Distribution Service 3.0 | 03/20/2013 05:57:42]
Supprimé : RP #272 [Software Distribution Service 3.0 | 03/21/2013 16:23:38]
Supprimé : RP #273 [Opération de restauration | 03/21/2013 16:50:19]
Supprimé : RP #274 [Software Distribution Service 3.0 | 03/22/2013 04:58:53]
Supprimé : RP #275 [Software Distribution Service 3.0 | 03/22/2013 05:37:22]
Supprimé : RP #276 [Software Distribution Service 3.0 | 03/23/2013 07:26:24]
Supprimé : RP #277 [Supprimé Java(TM) 6 Update 35 | 03/23/2013 15:33:57]
Supprimé : RP #278 [Software Distribution Service 3.0 | 03/23/2013 18:25:28]
Supprimé : RP #279 [Point de vérification système | 03/24/2013 18:34:43]
Supprimé : RP #280 [Removed Adobe Reader XI (11.0.02) - Français. | 03/24/2013 19:11:34]

Nouveau point de restauration créé !

~ Réinitialisation des paramètres système ... OK

########## - EOF - ##########

Je n'ai pas fini mais je poste ça au cas ........
et surtout pour ne rien oublier

je continue ;-)))))

rapirapo · Answer

Bonsoir, 

voilà, je pense que j'ai fait tout sauf le "killer" 

j'ai mis pare-feu, défragmenté, ...... , wot enfin j'ai suivi les consignes. 

Je vais lire le reste mais pas to=day ;-) 

J'ai créé un point de restauration, je lui ai donné ton nom ;-)

Je reviens demain pour finir si nécessaire 

Merci beaucoup

rapirapo · Answer

en reconnaissance du travail effectué ;-)

rapirapo · Answer

c'est fini ? 

si oui, 14168855686528788669686828/ de fois merci et je mettrai résolu ;-) 

bien à toi et à + (même si je ne l'espère pas : visite ccm = prob) ;-)

oups vais pas vu 
bonne nuit et encore merci pour ta patience et ton efficacité

bizz

g3n-h@ckm@n · Answer

good night :)

Ordinateur mort ?

36 réponses

Discussions similaires

Newsletters