Marc12

A+

Bonjour Analyse antivirus kapersky Merci beaucoup de m'avoir aider a résoudre mon problème tout et redevenu normal, j'ai suivi le tuto http://theknitter-apollo.xooit.com/t3155-Virus-Removal-Tool-en-francais.htm#p19148 tout ses passer normalement mais le rapport m'indique que des fichiers son protéger par mot de passe,alor que je nai mis aucun mot de passe sur les fichiers de mon pc donc je vouler savoir ese que le scanner les a analyser ou pas?Comment le retiré le mot de passe? De plus je voie que les fichiers C:\System Volume Information\ apparaisse comme nn traiter ese possible que des virus se serai caché la dedans comment faire pour les analyser? je suis pas trés fort en informatique n'hésitez pas a bien m'expliquer merci d'avance 09/08/2011 23:35:10 Protégé par un mot de passe C:\Documents and Settings\mokrane\AppData\Local\Temp\RarSFX1\7477641rar.exe 09/08/2011 23:46:19 Protégé par un mot de passe C:\Documents and Settings\mokrane\Downloads\setup_11.0.0.1245.x01_2011_08_09_19_16.exe/# 09/08/2011 23:46:57 Protégé par un mot de passe C:\Documents and Settings\mokrane\Downloads\VideoCardStabilityTestSetup.exe/data0035/Stability Test.mdl 09/08/2011 23:55:05 Protégé par un mot de passe C:\Documents and Settings\mokrane\Local Settings\Temp\RarSFX1\7477641rar.exe 10/08/2011 00:18:08 Protégé par un mot de passe C:\Users\mokrane\Downloads\VideoCardStabilityTestSetup.exe/data0035/Stability Test.mdl 10/08/2011 00:18:06 Protégé par un mot de passe C:\Users\mokrane\Downloads\setup_11.0.0.1245.x01_2011_08_09_19_16.exe/# 10/08/2011 00:18:04 Protégé par un mot de passe C:\Users\mokrane\Downloads\setup_11.0.0.1245.x01_2011_08_09_19_16.exe/7477641rar.exe 10/08/2011 00:16:01 Protégé par un mot de passe C:\Users\mokrane\AppData\Local\Temp\RarSFX1\7477641rar.exe 10/08/2011 01:04:51 Protégé par un mot de passe C:\Users\mokrane\Downloads\setup_11.0.0.1245.x01_2011_08_09_19_16.exe/# 10/08/2011 01:04:49 Protégé par un mot de passe C:\Users\mokrane\Downloads\setup_11.0.0.1245.x01_2011_08_09_19_16.exe/7477641rar.exe 10/08/2011 01:04:43 Protégé par un mot de passe D:\PC-DE-MOKRANE\Backup Set 2011-02-18 144338\Backup Files 2011-03-01 193058\Backup files 1.zip/C\Users\mokrane\AppData\Roaming\GlarySoft\Glary Utilities\Backups\40593,6041625231/glary.ini 10/08/2011 01:04:43 Protégé par un mot de passe D:\PC-DE-MOKRANE\Backup Set 2011-02-18 144338\Backup Files 2011-03-01 193058\Backup files 1.zip/C\Users\mokrane\AppData\Roaming\GlarySoft\Glary Utilities\Backups\40593,5371941551/glary.ini 10/08/2011 00:16:01 Protégé par un mot de passe C:\Users\mokrane\AppData\Local\Temp\RarSFX0\7477641rar.exe 10/08/2011 00:19:58 Protégé par un mot de passe C:\Users\mokrane\Local Settings\Temp\RarSFX1\7477641rar.exe 10/08/2011 00:19:58 Protégé par un mot de passe C:\Users\mokrane\Local Settings\Temp\RarSFX0\7477641rar.exe 09/08/2011 23:55:05 Protégé par un mot de passe C:\Documents and Settings\mokrane\Local Settings\Temp\RarSFX0\7477641rar.exe 09/08/2011 23:46:18 Protégé par un mot de passe C:\Documents and Settings\mokrane\Downloads\setup_11.0.0.1245.x01_2011_08_09_19_16.exe/7477641rar.exe 10/08/2011 01:20:59 Protégé par un mot de passe C:\Documents and Settings\mokrane\Local Settings\Temp\RarSFX1\7477641rar.exe 10/08/2011 01:20:58 Protégé par un mot de passe C:\Documents and Settings\mokrane\Local Settings\Temp\RarSFX0\7477641rar.exe 10/08/2011 01:34:56 Protégé par un mot de passe C:\Users\mokrane\Downloads\VideoCardStabilityTestSetup.exe/data0035/Stability Test.mdl 10/08/2011 01:36:50 Protégé par un mot de passe C:\Users\mokrane\Local Settings\Temp\RarSFX1\7477641rar.exe 10/08/2011 01:36:50 Protégé par un mot de passe C:\Users\mokrane\Local Settings\Temp\RarSFX0\7477641rar.exe 10/08/2011 01:56:08 Protégé par un mot de passe D:\PC-DE-MOKRANE\Backup Set 2011-02-18 144338\Backup Files 2011-03-01 193058\Backup files 1.zip/C\Users\mokrane\AppData\Roaming\GlarySoft\Glary Utilities\Backups\40593,6041625231/glary.ini 10/08/2011 01:56:08 Protégé par un mot de passe D:\PC-DE-MOKRANE\Backup Set 2011-02-18 144338\Backup Files 2011-03-01 193058\Backup files 1.zip/C\Users\mokrane\AppData\Roaming\GlarySoft\Glary Utilities\Backups\40593,5371941551/glary.ini 10/08/2011 01:34:54 Protégé par un mot de passe C:\Users\mokrane\Downloads\setup_11.0.0.1245.x01_2011_08_09_19_16.exe/# 10/08/2011 01:34:52 Protégé par un mot de passe C:\Users\mokrane\Downloads\setup_11.0.0.1245.x01_2011_08_09_19_16.exe/7477641rar.exe 10/08/2011 01:32:50 Protégé par un mot de passe C:\Users\mokrane\AppData\Local\Temp\RarSFX1\7477641rar.exe 10/08/2011 01:32:50 Protégé par un mot de passe C:\Users\mokrane\AppData\Local\Temp\RarSFX0\7477641rar.exe 10/08/2011 01:19:00 Protégé par un mot de passe C:\Documents and Settings\mokrane\Downloads\VideoCardStabilityTestSetup.exe/data0035/Stability Test.mdl 10/08/2011 01:18:59 Protégé par un mot de passe C:\Documents and Settings\mokrane\Downloads\setup_11.0.0.1245.x01_2011_08_09_19_16.exe/# 10/08/2011 01:18:57 Protégé par un mot de passe C:\Documents and Settings\mokrane\Downloads\setup_11.0.0.1245.x01_2011_08_09_19_16.exe/7477641rar.exe 10/08/2011 01:16:50 Protégé par un mot de passe C:\Documents and Settings\mokrane\AppData\Local\Temp\RarSFX1\7477641rar.exe 10/08/2011 01:16:50 Protégé par un mot de passe C:\Documents and Settings\mokrane\AppData\Local\Temp\RarSFX0\7477641rar.exe 09/08/2011 23:35:10 Protégé par un mot de passe C:\Documents and Settings\mokrane\AppData\Local\Temp\RarSFX0\7477641rar.exe 10/08/2011 01:30:08 Non traités C:\System Volume Information\{fb7f1cf8-bf27-11e0-88c9-00238b9d3889}{3808876b-c176-4e48-b7ae-04046e6cc752} Accès refusé 10/08/2011 01:30:08 Non traités C:\System Volume Information\{b8f39b90-bdce-11e0-a625-00238b9d3889}{3808876b-c176-4e48-b7ae-04046e6cc752} Accès refusé 10/08/2011 01:30:08 Non traités C:\System Volume Information\{b83b8925-c256-11e0-9edc-00238b9d3889}{3808876b-c176-4e48-b7ae-04046e6cc752} Accès refusé 10/08/2011 01:30:08 Non traités C:\System Volume Information\{9b2e7b33-c0db-11e0-99e5-00238b9d3889}{3808876b-c176-4e48-b7ae-04046e6cc752} Accès refusé 10/08/2011 01:30:08 Non traités C:\System Volume Information\{64992776-c02b-11e0-9788-00238b9d3889}{3808876b-c176-4e48-b7ae-04046e6cc752} Accès refusé 10/08/2011 01:30:08 Non traités C:\System Volume Information\{3808876b-c176-4e48-b7ae-04046e6cc752} Accès refusé 10/08/2011 01:30:08 Non traités C:\System Volume Information\{2ccfa8d5-bf75-11e0-9f6c-00238b9d3889}{3808876b-c176-4e48-b7ae-04046e6cc752} Accès refusé 10/08/2011 01:30:08 Non traités C:\System Volume Information\{2ccfa8c1-bf75-11e0-9f6c-00238b9d3889}{3808876b-c176-4e48-b7ae-04046e6cc752} Accès refusé 10/08/2011 01:30:08 Non traités C:\System Volume Information\{2ccfa8bd-bf75-11e0-9f6c-00238b9d3889}{3808876b-c176-4e48-b7ae-04046e6cc752} Accès refusé 10/08/2011 01:30:08 Non traités C:\System Volume Information\{1b977734-be65-11e0-ad46-00238b9d3889}{3808876b-c176-4e48-b7ae-04046e6cc752} Accès refusé 10/08/2011 01:30:08 Non traités C:\System Volume Information\{1b977730-be65-11e0-ad46-00238b9d3889}{3808876b-c176-4e48-b7ae-04046e6cc752} Accès refusé 10/08/2011 01:30:08 Non traités C:\System Volume Information\{091dc6b8-c290-11e0-8954-00238b9d3889}{3808876b-c176-4e48-b7ae-04046e6cc752} Accès refusé 10/08/2011 01:30:08 Non traités C:\System Volume Information\{03d63025-c18e-11e0-a623-00238b9d3889}{3808876b-c176-4e48-b7ae-04046e6cc752} Accès refusé 10/08/2011 00:13:13 Non traités C:\System Volume Information\{fb7f1cf8-bf27-11e0-88c9-00238b9d3889}{3808876b-c176-4e48-b7ae-04046e6cc752} Accès refusé 10/08/2011 00:13:13 Non traités C:\System Volume Information\{b8f39b90-bdce-11e0-a625-00238b9d3889}{3808876b-c176-4e48-b7ae-04046e6cc752} Accès refusé 10/08/2011 00:13:13 Non traités C:\System Volume Information\{b83b8925-c256-11e0-9edc-00238b9d3889}{3808876b-c176-4e48-b7ae-04046e6cc752} Accès refusé 10/08/2011 00:13:13 Non traités C:\System Volume Information\{9b2e7b33-c0db-11e0-99e5-00238b9d3889}{3808876b-c176-4e48-b7ae-04046e6cc752} Accès refusé 10/08/2011 00:13:13 Non traités C:\System Volume Information\{64992776-c02b-11e0-9788-00238b9d3889}{3808876b-c176-4e48-b7ae-04046e6cc752} Accès refusé 10/08/2011 00:13:13 Non traités C:\System Volume Information\{3808876b-c176-4e48-b7ae-04046e6cc752} Accès refusé 10/08/2011 00:13:13 Non traités C:\System Volume Information\{2ccfa8d5-bf75-11e0-9f6c-00238b9d3889}{3808876b-c176-4e48-b7ae-04046e6cc752} Accès refusé 10/08/2011 00:13:13 Non traités C:\System Volume Information\{2ccfa8c1-bf75-11e0-9f6c-00238b9d3889}{3808876b-c176-4e48-b7ae-04046e6cc752} Accès refusé 10/08/2011 00:13:13 Non traités C:\System Volume Information\{2ccfa8bd-bf75-11e0-9f6c-00238b9d3889}{3808876b-c176-4e48-b7ae-04046e6cc752} Accès refusé 10/08/2011 00:13:13 Non traités C:\System Volume Information\{1b977734-be65-11e0-ad46-00238b9d3889}{3808876b-c176-4e48-b7ae-04046e6cc752} Accès refusé 10/08/2011 00:13:13 Non traités C:\System Volume Information\{1b977730-be65-11e0-ad46-00238b9d3889}{3808876b-c176-4e48-b7ae-04046e6cc752} Accès refusé 10/08/2011 00:13:13 Non traités C:\System Volume Information\{091dc6b8-c290-11e0-8954-00238b9d3889}{3808876b-c176-4e48-b7ae-04046e6cc752} Accès refusé 10/08/2011 00:13:13 Non traités C:\System Volume Information\{03d63025-c18e-11e0-a623-00238b9d3889}{3808876b-c176-4e48-b7ae-04046e6cc752} Accès refusé 10/08/2011 01:13:53 Non traités c:\pagefile.sys Objet bloqué 09/08/2011 23:25:32 Non traités C:\pagefile.sys Objet bloqué 09/08/2011 23:29:25 Compacté: UPX C:\ACER\Preload\AutoRun\APP\eDataSecurity Management\Setup.exe/Acer eDataSecurity Management.msi/Data1.cab/htca_selfextract.bin/data0000 10/08/2011 00:01:33 Compacté: UPX C:\Program Files\InstallShield Installation Information\{5DB1DF0C-AABC-4362-8A6D-CEFDFB036E41}\ISSetup.dll 09/08/2011 23:44:12 Compacté: UPX C:\Documents and Settings\mokrane\Downloads\Firefox Setup 3.6.14.exe 09/08/2011 23:45:06 Compacté: UPX C:\Documents and Settings\mokrane\Downloads\Firefox Setup 4.0.1.exe 09/08/2011 23:44:08 Compacté: UPX C:\Documents and Settings\mokrane\Downloads\everest_2.20_fr.exe/data0011 09/08/2011 23:44:08 Compacté: UPX C:\Documents and Settings\mokrane\Downloads\everest_2.20_fr.exe/data0010 10/08/2011 00:01:16 Compacté: UPX C:\Program Files\InstallShield Installation Information\{A77255C4-AFCB-44A3-BF0F-2091A71FFD9E}\data1.cab/_IsRes.dll 10/08/2011 00:01:16 Compacté: UPX C:\Program Files\InstallShield Installation Information\{A77255C4-AFCB-44A3-BF0F-2091A71FFD9E}\data1.cab/_IsRes.dll 10/08/2011 00:01:16 Compacté: UPX C:\Program Files\InstallShield Installation Information\{A77255C4-AFCB-44A3-BF0F-2091A71FFD9E}\data1.cab/_IsRes.dll 10/08/2011 00:01:16 Compacté: UPX C:\Program Files\InstallShield Installation Information\{A77255C4-AFCB-44A3-BF0F-2091A71FFD9E}\data1.cab/_IsRes.dll 10/08/2011 00:01:51 Compacté: UPX C:\Program Files\InstallShield Installation Information\{A77255C4-AFCB-44A3-BF0F-2091A71FFD9E}\data1.hdr/_IsRes.dll 10/08/2011 00:01:51 Compacté: UPX C:\Program Files\InstallShield Installation Information\{A77255C4-AFCB-44A3-BF0F-2091A71FFD9E}\data1.hdr/_IsRes.dll 10/08/2011 00:01:51 Compacté: UPX C:\Program Files\InstallShield Installation Information\{A77255C4-AFCB-44A3-BF0F-2091A71FFD9E}\data1.hdr/_IsRes.dll 10/08/2011 00:01:51 Compacté: UPX C:\Program Files\InstallShield Installation Information\{A77255C4-AFCB-44A3-BF0F-2091A71FFD9E}\data1.hdr/_IsRes.dll 10/08/2011 00:21:41 Compacté: UPX C:\Windows\Downloaded Program Files\qsax.dll 10/08/2011 00:01:50 Compacté: UPX C:\Program Files\InstallShield Installation Information\{A77255C4-AFCB-44A3-BF0F-2091A71FFD9E}\data1.hdr/_IsRes.dll 10/08/2011 00:01:50 Compacté: UPX C:\Program Files\InstallShield Installation Information\{A77255C4-AFCB-44A3-BF0F-2091A71FFD9E}\data1.hdr/_IsRes.dll 10/08/2011 00:01:50 Compacté: UPX C:\Program Files\InstallShield Installation Information\{A77255C4-AFCB-44A3-BF0F-2091A71FFD9E}\data1.hdr/_IsRes.dll 10/08/2011 00:01:50 Compacté: UPX C:\Program Files\InstallShield Installation Information\{A77255C4-AFCB-44A3-BF0F-2091A71FFD9E}\data1.hdr/_IsRes.dll 10/08/2011 00:01:49 Compacté: UPX C:\Program Files\InstallShield Installation Information\{A77255C4-AFCB-44A3-BF0F-2091A71FFD9E}\data1.hdr/_IsRes.dll 10/08/2011 00:08:25 Compacté: UPX C:\Program Files\Microsoft Works\lnchtour.exe/flash.ocx 10/08/2011 00:31:38 Compacté: UPX C:\Windows\System32\VCCLSID.exe 10/08/2011 00:31:38 Compacté: UPX C:\Windows\System32\VACFix.exe 10/08/2011 00:31:32 Compacté: UPX C:\Windows\System32\swxcacls.exe 10/08/2011 00:31:32 Compacté: UPX C:\Windows\System32\swreg.exe 10/08/2011 00:31:32 Compacté: UPX C:\Windows\System32\swsc.exe 10/08/2011 01:02:15 Compacté: UPX D:\PC-DE-MOKRANE\Backup Set 2011-02-18 144338\Backup Files 2011-02-18 144338\Backup files 5.zip/C\Users\mokrane\AppData\Local\Mozilla\Firefox\Profiles\hpqni28e.default\Cache\905967D3d01 10/08/2011 00:31:30 Compacté: UPX C:\Windows\System32\SrchSTS.exe 10/08/2011 00:01:49 Compacté: UPX C:\Program Files\InstallShield Installation Information\{A77255C4-AFCB-44A3-BF0F-2091A71FFD9E}\data1.hdr/isrt.dll 10/08/2011 00:01:49 Compacté: UPX C:\Program Files\InstallShield Installation Information\{A77255C4-AFCB-44A3-BF0F-2091A71FFD9E}\ISSetup.dll 10/08/2011 00:01:15 Compacté: UPX C:\Program Files\InstallShield Installation Information\{A77255C4-AFCB-44A3-BF0F-2091A71FFD9E}\data1.cab/_IsRes.dll 10/08/2011 00:01:15 Compacté: UPX C:\Program Files\InstallShield Installation Information\{A77255C4-AFCB-44A3-BF0F-2091A71FFD9E}\data1.cab/_IsRes.dll 10/08/2011 00:12:28 Compacté: UPX C:\Program Files\ZHPDiag\mbr.exe 10/08/2011 00:31:50 Compacté: UPX C:\Windows\System32\WS2Fix.exe 10/08/2011 00:12:28 Compacté: UPX C:\Program Files\ZHPDiag\catchme.exe 10/08/2011 00:01:15 Compacté: UPX C:\Program Files\InstallShield Installation Information\{A77255C4-AFCB-44A3-BF0F-2091A71FFD9E}\data1.cab/_IsRes.dll 10/08/2011 00:30:18 Compacté: UPX C:\Windows\System32\Agent.OMZ.Fix.exe 10/08/2011 00:30:16 Compacté: UPX C:\Windows\System32\404Fix.exe 10/08/2011 00:01:15 Compacté: UPX C:\Program Files\InstallShield Installation Information\{A77255C4-AFCB-44A3-BF0F-2091A71FFD9E}\data1.cab/_IsRes.dll 10/08/2011 00:01:14 Compacté: UPX C:\Program Files\InstallShield Installation Information\{A77255C4-AFCB-44A3-BF0F-2091A71FFD9E}\data1.cab/_IsRes.dll 10/08/2011 00:08:23 Compacté: UPX C:\Program Files\Microsoft Works\lnchtour.exe/fwrapper_full.exe 10/08/2011 00:01:14 Compacté: UPX C:\Program Files\InstallShield Installation Information\{A77255C4-AFCB-44A3-BF0F-2091A71FFD9E}\data1.cab/isrt.dll 09/08/2011 23:44:08 Compacté: UPX C:\Documents and Settings\mokrane\Downloads\everest_2.20_fr.exe/data0009 10/08/2011 00:02:15 Compacté: UPX C:\Program Files\Lopxp\tools\swreg.exe 10/08/2011 00:02:15 Compacté: UPX C:\Program Files\Lopxp\tools\Str.exe 10/08/2011 00:31:11 Compacté: UPX C:\Windows\System32\o4Patch.exe 09/08/2011 23:44:08 Compacté: UPX C:\Documents and Settings\mokrane\Downloads\everest_2.20_fr.exe/data0008 09/08/2011 23:44:08 Compacté: UPX C:\Documents and Settings\mokrane\Downloads\everest_2.20_fr.exe/data0005 09/08/2011 23:55:46 Compacté: UPX C:\My Shared Folder\Kazaa.Lite.2.7.exe/data0000/data0023 09/08/2011 23:44:08 Compacté: UPX C:\Documents and Settings\mokrane\Downloads\everest_2.20_fr.exe/data0004 09/08/2011 23:53:06 Compacté: UPX C:\Documents and Settings\mokrane\Downloads\ZHPDiag2.exe/data0015 10/08/2011 01:06:38 Compacté: UPX c:\Windows\Downloaded Program Files\qsax.dll 09/08/2011 23:53:05 Compacté: UPX C:\Documents and Settings\mokrane\Downloads\ZHPDiag2.exe/data0011 09/08/2011 23:52:55 Compacté: UPX C:\Documents and Settings\mokrane\Downloads\YVB526Setup.exe/YVB59x.exe 09/08/2011 23:52:52 Compacté: UPX C:\Documents and Settings\mokrane\Downloads\YVB526Setup.exe/YVB5.exe 09/08/2011 23:53:18 Compacté: UPX C:\Documents and Settings\mokrane\Downloads\ArcaVirMicroScan\avms.exe/# 09/08/2011 23:53:16 Compacté: UPX C:\Documents and Settings\mokrane\Downloads\ArcaVirMicroScan\avms.exe 09/08/2011 23:53:15 Compacté: UPX C:\Documents and Settings\mokrane\Downloads\ArcaVirMicroScan\abmaster.dll 09/08/2011 23:53:15 Compacté: UPX C:\Documents and Settings\mokrane\Downloads\ArcaVirMicroScan\ArcaVirMicroScan.dll 10/08/2011 01:11:14 Compacté: UPX c:\Windows\System32\Agent.OMZ.Fix.exe

re ok merci de mavoir répondu et merci pour ton aide dans la quarantaine de Microsoft Security Essentials il a les deux virus je fais quoi je les supprime comment ? en supprimant les fichiers directement? Virus:VBS/Ramnit.B Adware:Win32/Offerbox file:C\$RECYCLE.BIN\1-5-21-4240076097-598381721-3003195341-1000\$RJ0ZYKR\OB.exe

voici le rapport Malwarebytes' Anti-Malware 1.51.1.1800 www.malwarebytes.org Version de la base de données: 7417 Windows 6.0.6002 Service Pack 2 Internet Explorer 9.0.8112.16421 09/08/2011 17:05:09 mbam-log-2011-08-09 (17-05-09).txt Type d'examen: Examen complet (C:\|D:\|F:\|) Elément(s) analysé(s): 302304 Temps écoulé: 1 heure(s), 1 minute(s), 18 seconde(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 0 Valeur(s) du Registre infectée(s): 0 Elément(s) de données du Registre infecté(s): 0 Dossier(s) infecté(s): 0 Fichier(s) infecté(s): 0 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): (Aucun élément nuisible détecté) Valeur(s) du Registre infectée(s): (Aucun élément nuisible détecté) Elément(s) de données du Registre infecté(s): (Aucun élément nuisible détecté) Dossier(s) infecté(s): (Aucun élément nuisible détecté) Fichier(s) infecté(s): (Aucun élément nuisible détecté) re jai un probléme ese normale aprés la désinfection arcavir micro scan mafiche un message d'alerte m'indiquant que le fichier C:\Windows\System32\Agent.OMZ.Fix.exe<UPX>:Agent.OMZ.Fix.exe <- Worm.Autorun.Bpbi : No action est infecté a quoi sert ce fichiers? dois je le supprimer ? j'ai effectué un scan avec le scanner jotti il me detecte Troj.W32.Agent.aif voici le lien Error

voici le rapport Usbfix ############################## | UsbFix 7.055 | [suppression] Utilisateur: mokrane (Administrateur) # PC-DE-MOKRANE [Acer, inc. Aspire 6530] Mis à jour le 06/08/2011 par El Desaparecido Lancé à 14:57:16 | 09/08/2011 Site Web: http://www.teamxscript.org Submit your sample: http://www.teamxscript.org/Upload.php Contact: TeamXscript.ElDesaparecido@gmail.com CPU: AMD Athlon X2 Dual-Core QL-62 CPU 2: AMD Athlon X2 Dual-Core QL-62 Microsoft® Windows Vista™ Édition Familiale Basique (6.0.6002 32-Bit) # Service Pack 2 Internet Explorer 9.0.8112.16421 Pare-feu Windows: Activé RAM -> 2814 Mo C:\ (%systemdrive%) -> Disque fixe # 110 Go (61 Go libre(s) - 55%) [ACER] # NTFS D:\ -> Disque fixe # 107 Go (104 Go libre(s) - 97%) [DATA] # NTFS F:\ -> CD-ROM ################## | Éléments infectieux | Supprimé! C:\Users\Public\NTUSER.DAT{c9917ae2-aef8-11df-8104-00238b9d3889}.TM.blf Supprimé! C:\Users\Public\NTUSER.DAT{c9917ae2-aef8-11df-8104-00238b9d3889}.TMContainer00000000000000000001.regtrans-ms Supprimé! C:\Users\Public\NTUSER.DAT{c9917ae2-aef8-11df-8104-00238b9d3889}.TMContainer00000000000000000002.regtrans-ms Supprimé! C:\Users\Public\NTUSER.DAT{e7d6ca3d-6724-11df-897b-00238b9d3889}.TM.blf Supprimé! C:\Users\Public\NTUSER.DAT{e7d6ca3d-6724-11df-897b-00238b9d3889}.TMContainer00000000000000000001.regtrans-ms Supprimé! C:\Users\Public\NTUSER.DAT{e7d6ca3d-6724-11df-897b-00238b9d3889}.TMContainer00000000000000000002.regtrans-ms Supprimé! C:\Users\mokrane\AppData\Roaming\lowsec Supprimé! C:\$RECYCLE.BIN\S-1-5-21-424076097-598381721-3003195341-1000 Supprimé! D:\$RECYCLE.BIN\S-1-5-21-424076097-598381721-3003195341-1000 Supprimé! D:\$RECYCLE.BIN\S-1-5-21-424076097-598381721-3003195341-500 Supprimé! D:\$RECYCLE.BIN\S-1-5-21-424076097-598381721-3003195341-501 ################## | Registre | Supprimé! HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System|DisableRegistryTools Supprimé! HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\explorer|NoDrives ################## | Mountpoints2 | ################## | Listing | [09/08/2011 - 15:00:03 | SHD ] C:\$RECYCLE.BIN [04/03/2011 - 19:54:42 | D ] C:\ACER [12/08/2009 - 12:22:05 | D ] C:\ACERSW [18/09/2006 - 23:43:36 | N | 24] C:\autoexec.bat [17/01/2009 - 17:58:41 | D ] C:\book [07/05/2011 - 20:58:54 | D ] C:\Boot [11/04/2009 - 08:36:36 | RASH | 333257] C:\bootmgr [17/01/2009 - 23:19:15 | N | 8192] C:\BOOTSECT.BAK [15/02/2011 - 09:27:32 | N | 26] C:\CaptImag.ini [29/03/2009 - 21:44:37 | D ] C:\CLSetup [18/09/2006 - 23:43:37 | N | 10] C:\config.sys [02/11/2006 - 14:59:44 | SHD ] C:\Documents and Settings [31/03/2011 - 20:34:35 | D ] C:\Downloads [25/07/2010 - 04:21:41 | D ] C:\DVR110 [29/05/2011 - 17:54:55 | D ] C:\GAMIGO [23/05/2010 - 22:14:44 | D ] C:\HJT [30/09/2009 - 11:36:28 | N | 0] C:\IO.SYS [29/03/2009 - 21:44:37 | N | 20] C:\Medion.ini [30/09/2009 - 11:36:28 | N | 0] C:\MSDOS.SYS [17/01/2009 - 16:49:29 | RD ] C:\MSOCache [28/03/2011 - 22:04:14 | D ] C:\My Shared Folder [31/10/2010 - 02:06:17 | D ] C:\nDoors [29/05/2011 - 00:45:02 | D ] C:\Netmarble [09/08/2011 - 14:30:23 | ASH | 3264860160] C:\pagefile.sys [29/03/2009 - 21:40:55 | N | 60] C:\Partition.txt [21/01/2008 - 04:43:50 | D ] C:\PerfLogs [02/08/2011 - 18:54:37 | N | 512] C:\PhysicalDisk0_MBR.bin [15/07/2010 - 03:10:33 | D ] C:\Poker [04/08/2011 - 10:56:53 | D ] C:\Program Files [04/08/2011 - 10:37:22 | D ] C:\ProgramData [29/03/2011 - 00:18:30 | N | 6277] C:\rapport.txt [29/03/2009 - 21:30:48 | N | 997] C:\RHDSetup.log [17/07/2010 - 15:04:03 | D ] C:\Saved Games [15/02/2011 - 06:47:09 | D ] C:\SMCLpav [09/08/2011 - 10:37:05 | SHD ] C:\System Volume Information [09/08/2011 - 15:00:03 | D ] C:\UsbFix [09/08/2011 - 14:57:16 | A | 3802] C:\UsbFix.txt [21/02/2010 - 16:57:18 | D ] C:\Users [30/07/2011 - 22:59:56 | D ] C:\Windows [01/08/2011 - 23:52:32 | N | 1072] C:\ZHPExportRegistry-01-08-2011-23-52-32.txt [03/08/2011 - 03:40:41 | N | 2046] C:\ZHPExportRegistry-03-08-2011-03-40-41.txt [22/05/2010 - 02:44:59 | D ] C:\_845931_ [09/08/2011 - 15:00:03 | D ] D:\$RECYCLE.BIN [23/07/2010 - 04:28:48 | D ] D:\a5e3de4ebb52f1a1b8d05e472155 [16/02/2011 - 09:06:32 | N | 528] D:\MediaID.bin [18/02/2011 - 15:48:49 | D ] D:\PC-DE-MOKRANE [29/09/2009 - 09:44:27 | SHD ] D:\System Volume Information ################## | Vaccin | C:\Autorun.inf -> Vaccin créé par UsbFix (TeamXscript) D:\Autorun.inf -> Vaccin créé par UsbFix (TeamXscript) ################## | Upload | Veuillez envoyer le fichier: C:\UsbFix_Upload_Me_PC-DE-MOKRANE.zip http://www.teamxscript.org/Upload.php Merci de votre contribution. ################## | E.O.F |

Voici le rapport Rapport de ZHPDiag v1.28.132 par Nicolas Coolman, Update du 08/08/2011 Run by mokrane at 09/08/2011 15:11:14 Web site : ZHPDiag Outil de diagnostic ---\\ Web Browser MSIE: Internet Explorer v9.0.8112.16421 MFIE: Mozilla Firefox v (Defaut) ---\\ Windows Product Information Windows Vista Home Basic Edition, 32-bit Service Pack 2 (Build 6002) Windows Server License Manager Script : OK ~ Vista, OEM_SLP channel System Locked Preinstallation (OEM_SLP) : OK Windows ID Activation : OK ~ Windows Partial Key : 8QXTR Windows License : OK Windows Automatic Updates : OK ---\\ System Information ~ Processor: x86 Family 17 Model 3 Stepping 1, AuthenticAMD ~ Operating System: 32 Bits Boot mode: Normal (Normal boot) Total RAM: 2813 MB (60% free) System Restore: Activé (Enable) System drive C: has 61 GB (55%) free of 110 GB ---\\ Logged in mode ~ Computer Name: PC-DE-MOKRANE ~ User Name: mokrane ~ All Users Names: mokrane, Administrateur, ~ Unselected Option: O45,O61,O62,O65,O66,O82 Logged in as Administrator ---\\ Environnement Variables ~ System Unit : C:\ ~ %AppData% : C:\Users\mokrane\AppData\Roaming\ ~ %Desktop% : C:\Users\mokrane\Desktop\ ~ %Favorites% : C:\Users\mokrane\Favorites\ ~ %LocalAppData% : C:\Users\mokrane\AppData\Local\ ~ %StartMenu% : C:\Users\mokrane\AppData\Roaming\Microsoft\Windows\Start Menu\ ~ %Windir% : C:\Windows\ ~ %System% : C:\Windows\system32\ ---\\ DOS/Devices C:\ Hard drive, Flash drive, Thumb drive (Free 61 Go of 110 Go) D:\ Hard drive, Flash drive, Thumb drive (Free 104 Go of 107 Go) F:\ CD-ROM drive (Not Inserted) ---\\ Security Center & Tools Informations [HKLM\SOFTWARE\Microsoft\Security Center] AntiSpywareOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center] FirewallOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center] UacDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] UpdatesDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] UacDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoDesktop: OK [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoFolderOptions: OK [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoDesktop: OK [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoStartMenuSubFolder: OK [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoResolveSearch: OK [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoClose: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] NoActiveDesktopChanges: OK [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] DisableTaskMgr: OK [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] DisableRegistryTools: OK [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] NoDispScrSavPage: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: Modified [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowSearch: OK [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings] WarnOnHTTPSToHTTPRedirect: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK [HKLM\SYSTEM\CurrentControlSet\Services] wscsvc : OK ~ Scan Security Center in 00mn 00s ---\\ Recherche particulière de fichiers génériques [MD5.D07D4C3038F3578FFCE1C0237F2A1253] - (.Microsoft Corporation - Explorateur Windows.) (.09/08/2011 - 07:27:36.) -- C:\Windows\Explorer.exe [2926592] [MD5.4B555106290BD117334E9A08761C035A] - (....) (.09/08/2011 - 10:45:37.) -- C:\Windows\system32\rundll32.exe [44544] [MD5.101BA3EA053480BB5D957EF37C06B5ED] - (.Microsoft Corporation - Application de démarrage de Windows.) (.09/08/2011 - 03:33:13.) -- C:\Windows\system32\Wininit.exe [96768] [MD5.A1236375B74EA63C75657D564890C436] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.09/08/2011 - 20:50:11.) -- C:\Windows\system32\wininet.dll [1126912] [MD5.898E7C06A350D4A1A64A9EA264D55452] - (.Microsoft Corporation - Application d'ouverture de session Windows.) (.09/08/2011 - 07:28:13.) -- C:\Windows\system32\Winlogon.exe [314368] [MD5.1F05B78AB91C9075565A9D8A4B880BC4] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.07/08/2011 - 07:32:26.) -- C:\Windows\system32\drivers\atapi.sys [19944] [MD5.6A4A98CEE84CF9E99564510DDA4BAA47] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.07/08/2011 - 07:32:49.) -- C:\Windows\system32\drivers\ntfs.sys [1083880] [MD5.95F5FF73B076576C41740F1A842B9B57] - (....) (.07/08/2011 - 08:20:47.) -- C:\Windows\system32\fr-FR\user32.dll.mui [20480] ~ Scan Generic Processes in 00mn 00s ---\\ Etat des fichiers cachés (Caché/Total) ~ Mes images (My Pictures) : 1/9 ~ Mes musiques (My Musics) : 3/8 ~ Mes Videos (My Videos) : 1/3 ~ Mes Favoris (My Favorites) : 23/224 ~ Mes Documents (My Documents) : 4/221 ~ Mon Bureau (My Desktop) : 1/22 ~ Menu demarrer (Programs) : 6/33 ~ Scan Hidden Files in 00mn 00s ---\\ Processus lancés [MD5.14E13FA6A8D45DCF6CAAFE7D8CA56BAE] - (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe [912344] [MD5.F452EB003A302B8B53D40C527A78B6A5] - (.Mozilla Corporation - Plugin Container for Firefox.) -- C:\Program Files\Mozilla Firefox\plugin-container.exe [16856] [MD5.904E13BA41AF2E353A32CF351CA53639] - (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe [748336] [MD5.BFE22B3612180DB6974617CC6F89A1D7] - (.acer - Acer Empowering Technology Framework Notifi.) -- C:\Program Files\Acer\Empowering Technology\NotificationCenter\Framework.NotificationCenter.exe [380928] [MD5.B5B4E81AADFDF95345186A023A99D2E6] - (.Nicolas Coolman - Diagnostic Tool.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [664576] [MD5.C7FBDD1ED42F82BFA35167A5C9803EA3] - (.Microsoft Corporation - PresentationFontCache.exe.) -- C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe [43904] [MD5.90DC23D940551DB35367FB1E40575B25] - (.Microsoft Corporation - Antimalware Service Executable.) -- C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe [11736] [MD5.F25247D0E011A643EE60052CE23BE05E] - (.Pas de propriétaire - Acer Empowering Technology Framework Servic.) -- C:\Program Files\Acer\Empowering Technology\Service\ETService.exe [24576] [MD5.86EBD8B1F23E743AAD21F4D5B4D40985] - (.Microsoft Corporation - SQL Browser Service EXE.) -- C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe [238944] [MD5.862BB4CBC05D80C5B45BE430E5EF872F] - (.Microsoft Corporation - Service de gestion des licences Microsoft.) -- C:\Windows\system32\SLsvc.exe [3408896] [MD5.5DAF7081A4BB112FA3F1915819330A3E] - (...) -- C:\Program Files\ZHPDiag\pv.exe [61440] ~ Scan Processes Running in 00mn 00s ---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3) C:\Users\mokrane\AppData\Roaming\Mozilla\Firefox\Profiles\4dpqnmjj.default\prefs.js C:\Users\mokrane\AppData\Roaming\Mozilla\Firefox\Profiles\hpqni28e.default\prefs.js C:\Users\mokrane\AppData\Roaming\Mozilla\Firefox\Profiles\pyr4h83q.default\prefs.js M3 - MFPP: Plugins - [mokrane] -- C:\Program Files\Mozilla FireFox\searchplugins\amazon-france.xml M3 - MFPP: Plugins - [mokrane] -- C:\Program Files\Mozilla FireFox\searchplugins\cnrtl-tlfi-fr.xml M3 - MFPP: Plugins - [mokrane] -- C:\Program Files\Mozilla FireFox\searchplugins\eBay-france.xml M3 - MFPP: Plugins - [mokrane] -- C:\Program Files\Mozilla FireFox\searchplugins\google.xml M3 - MFPP: Plugins - [mokrane] -- C:\Program Files\Mozilla FireFox\searchplugins\wikipedia-fr.xml M3 - MFPP: Plugins - [mokrane] -- C:\Program Files\Mozilla FireFox\searchplugins\yahoo-france.xml M0 - MFSP: prefs.js [mokrane - pyr4h83q.default] http://www.siteduzero.com/ M2 - MFEP: prefs.js [mokrane - pyr4h83q.default\{0b38152b-1b20-484d-a11f-5e04a9b0661f}] [] Winamp Toolbar v5.6.16.1 (.AOL Inc..) M2 - MFEP: prefs.js [mokrane - pyr4h83q.default\{3112ca9c-de6d-4884-a869-9855de68056c}] [] Google Toolbar for Firefox v7.1.20110512W (.Google Inc..) P2 - FPN:Firefox Plugin Navigator . (.BitComet - BitCometAgent v1.23 for Firefox.) -- C:\Program Files\Mozilla Firefox\Plugins\npBitCometAgent.dll P2 - FPN:Firefox Plugin Navigator . (.Sun Microsystems, Inc. - NPRuntime Script Plug-in Library for Java Deploy.) -- C:\Program Files\Mozilla Firefox\Plugins\npdeployJava1.dll P2 - FPN:Firefox Plugin Navigator . (.AOL LLC - npdnu.) -- C:\Program Files\Mozilla Firefox\Plugins\npdnu.dll P2 - FPN:Firefox Plugin Navigator . (.AOL LLC - npdnupdater2.) -- C:\Program Files\Mozilla Firefox\Plugins\npdnupdater2.dll P2 - FPN:Firefox Plugin Navigator . (.mozilla.org - Default Plug-in.) -- C:\Program Files\Mozilla Firefox\Plugins\npnul32.dll P2 - FPN:Firefox Plugin Navigator . (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape "9.4.5".) -- C:\Program Files\Mozilla Firefox\Plugins\nppdf32.dll P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (...) -- C:\Windows\system32\Macromed\Flash\NPSWF32.dll P2 - FPN: [HKLM] [@adobe.com/ShockwavePlayer] - (.Adobe Systems, Inc. - Adobe Shockwave for Director Netscape plug-in, version 11.5.9.620.) -- C:\Windows\system32\Adobe\Director\np32dsw.dll P2 - FPN: [HKLM] [@java.com/JavaPlugin] - (.Sun Microsystems, Inc. - Next Generation Java Plug-in 1.6.0_26 for Mozilla browsers.) -- C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (. Microsoft Corporation - 4.0.60531.0.) -- C:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll P2 - FPN: [HKLM] [@microsoft.com/WPF,version=3.5] - (.Microsoft Corporation - Windows Presentation Foundation (WPF) plug-in for Mozilla browsers.) -- C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll P2 - FPN: [HKLM] [@pack.google.com/Google Updater;version=14] - (.Google - Google Updater plugin<br><a href="http://pack.google.com/">http://pack.) -- C:\Program Files\Google\Google Updater\2.4.2166.3772\npCIDetect14.dll P2 - FPN: [HKLM] [@pandonetworks.com/PandoWebPlugin] - (.Pando Networks - Pando Web Plugin.) -- C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=3] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=9] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll P2 - FPN: [HKLM] [Adobe Reader] - (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape "9.4.5".) -- C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll P2 - FPN: [HKCU] [pandonetworks.com/PandoWebPlugin] - (.Pando Networks - Pando Web Plugin.) -- C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll ~ Scan Firefox Browser in 00mn 00s ---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4) R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = MSN : Hotmail, Messenger, Bing, Actualité et Sport R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN : Hotmail, Messenger, Bing, Actualité et Sport R0 - HKUS\S-1-5-21-424076097-598381721-3003195341-1000\Software\Microsoft\Internet Explorer\Main,Start Page = MSN : Hotmail, Messenger, Bing, Actualité et Sport R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Search Microsoft.com R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Microsoft Corporation R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Microsoft Corporation R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk R1 - HKUS\S-1-5-21-424076097-598381721-3003195341-1000\Software\Microsoft\Internet Explorer\Main,Search Page = Search Microsoft.com R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Navigateur Internet.) (9.00.8112.16421 (WIN7_IE9_RTM.110308-0330)) -- C:\Windows\system32\ieframe.dll R4 - HKCU\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,Enabled = 2 ~ Scan IE Browser in 00mn 00s ---\\ Internet Explorer, Proxy Management (R5) R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http://127.0.0.1:8080 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll ~ Scan Proxy management in 00mn 00s ---\\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2) F2 - REG:system.ini: UserInit=C:\Windows\system32\Userinit.exe, F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl" ~ Scan Keys in 00mn 00s ---\\ Redirection du fichier Hosts (O1) ~ Scan Hosts File in 00mn 00s ---\\ Browser Helper Objects de navigateur (O2) O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} Clé orpheline O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corp. - Microsoft® Windows Live ID Login Helper.) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} . (.Google Inc. - Google Toolbar.) -- C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Program Files\Java\jre6\bin\jp2ssv.dll ~ Scan BHO in 00mn 00s ---\\ Internet Explorer Toolbars (O3) O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} . (.Egis Incorporated. - Acer eDataSecurity Management Explorer Tool.) -- C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} . (.Google Inc. - Google Toolbar.) -- C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll ~ Scan Toolbar in 00mn 00s ---\\ Applications démarrées par registre & par dossier (O4) O4 - HKLM\..\Run: [synTPEnh] . (.Synaptics, Inc. - Synaptics TouchPad Enhancements.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe O4 - HKLM\..\Run: [MSC] . (.Microsoft Corporation - Microsoft Security Client User Interface.) -- C:\Program Files\Microsoft Security Client\msseces.exe O4 - HKLM\..\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] . (.Sun Microsystems, Inc. - Java Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe O4 - HKLM\..\Run: [Google Quick Search Box] . (.Google Inc. - Google Quick Search Box.) -- C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe O4 - HKCU\..\Run: [WindowsWelcomeCenter] oobefldr.dll O4 - HKCU\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [WMPNSCFG] . (.Microsoft Corporation - Application de configuration du service Par.) -- C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKUS\S-1-5-21-424076097-598381721-3003195341-1000\..\Run: [WindowsWelcomeCenter] oobefldr.dll O4 - HKUS\S-1-5-21-424076097-598381721-3003195341-1000\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKUS\S-1-5-21-424076097-598381721-3003195341-1000\..\Run: [WMPNSCFG] . (.Microsoft Corporation - Application de configuration du service Par.) -- C:\Program Files\Windows Media Player\WMPNSCFG.exe ~ Scan Application in 00mn 00s ---\\ Autres liens utilisateurs (O4) O4 - Global Startup: C:\Users\mokrane\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe O4 - Global Startup: C:\Users\mokrane\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Secunia PSI.lnk . (.Secunia.) -- C:\Program Files\Secunia\PSI\psi.exe O4 - Global Startup: C:\Users\mokrane\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Mail.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Mail\WinMail.exe O4 - Global Startup: C:\Users\mokrane\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Media Player\wmplayer.exe O4 - Global Startup: C:\Users\mokrane\Desktop\ArcaVirMicroScan.lnk . (.ArcaBit.) -- C:\Users\mokrane\Downloads\ArcaVirMicroScan\arcavirmicroscan.exe O4 - Global Startup: C:\Users\mokrane\Desktop\Glary Utilities.lnk . (.Glarysoft Ltd.) -- C:\Program Files\Glary Utilities\Integrator.exe O4 - Global Startup: C:\Users\mokrane\Desktop\Jouer à Yu-Gi-Oh Virtual Battle 5.lnk . (.B@Z - Corporation.) -- C:\Program Files\Yu-Gi-Oh Virtual Battle 5\YVB5.exe O4 - Global Startup: C:\Users\mokrane\Desktop\MA_CV+Lettre Motivation 24-2-11.doc - Raccourci.lnk . (...) -- C:\Users\mokrane\Downloads\MA_CV+Lettre Motivation 24-2-11.doc O4 - Global Startup: C:\Users\mokrane\Desktop\Play PKR.lnk . (.PKR Ltd.) -- C:\Program Files\PKR\pkr.exe O4 - Global Startup: C:\Users\mokrane\Desktop\Revo Uninstaller.lnk . (.VS Revo Group.) -- C:\Program Files\VS Revo Group\Revo Uninstaller\Revouninstaller.exe O4 - Global Startup: C:\Users\mokrane\Desktop\SpeedFan.lnk . (.Almico Software (www.almico.com).) -- C:\Program Files\SpeedFan\speedfan.exe O4 - Global Startup: C:\Users\mokrane\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe O4 - Global Startup: C:\Users\mokrane\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Malwarebytes' Anti-Malware.lnk . (.Malwarebytes Corporation.) -- C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe O4 - Global Startup: C:\Users\mokrane\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk . (.Mozilla Corporation.) -- C:\Program Files\Mozilla Firefox\firefox.exe ~ Scan Global Startup in 00mn 00s ---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8) O8 - Extra context menu item: Google Sidewiki... . (.Google Inc. - Google Toolbar for Internet Explorer.) -- C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_70C5B381380DB17F.dll ~ Scan IE Menu Contextuel in 00mn 00s ---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9) O9 - Extra button: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} . (.Microsoft Corporation - Microsoft Office OneNote Internet Explorer Add-in.) -- C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: Uninstall BitDefender Online Scanner - {85d1f590-48f4-11d9-9669-0800200c9a66} . (.Microsoft Corporation - Microsoft Office OneNote Internet Explorer Add-in.) -- C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: Uninstall BitDefender Online Scanner - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (...) -- C:\PROGRA~1\MICROS~2\Office12\REFBARH.ICO ~ Scan IE Extra Buttons in 00mn 00s ---\\ Winsock hijacker (Layered Service Provider) (O10) O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d'affectation de noms de messagerie.) -- C:\Windows\system32\napinsp.dll O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Windows Sockets Helper DLL.) -- C:\Windows\system32\wshbth.dll O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\Windows\system32\mswsock.dll O10 - WLSP:\000000000007\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll ~ Scan Winsock in 00mn 00s ---\\ Objets ActiveX (Downloaded Program Files)(O16) O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} (Shockwave ActiveX Control) - http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab O16 - DPF: {4B54A9DE-EF1C-4EBE-A328-7C28EA3B433A} (BitDefender QuickScan Control) - http://quickscan.bitdefender.com/qsax/qsax.cab O16 - DPF: {5C1B293E-DA77-4AFF-8B52-63DEF8C8A071} (NetmarbleAutoUpdater Class) - http://download.netmarble.net/ActiveX/NMAutoUpdateX/NMAutoUpdateX_1.0.1.1_20091109.cab O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scanner/sources/en/scan8/oscan8.cab O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} () - http://download.eset.com/special/eos/OnlineScanner.cab O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} () - http://fichiers.touslesdrivers.com/maconfig/MaConfig_5_1_2_3.cab O16 - DPF: {89F434A7-4A49-4394-AC02-007480331AE2} (NetmarbleSystemIDInfo Class) - http://download.netmarble.net/ActiveX/NMAutoUpdateX/SystemIDInfo/NMSystemIDInfo_1.0.0.1.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} () - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O16 - DPF: {E6BB2089-163F-466B-812A-748096614DFD} (CAScanner Control) - http://cainternetsecurity.net/scanner/cascanner.cab ~ Scan Objets ActiveX in 00mn 00s ---\\ Modification Domaine/Adresses DNS (O17) O17 - HKLM\System\CCS\Services\Tcpip\..\{A0A16707-B5D8-429F-AA03-BD8CF1FF9ABF}: DhcpNameServer = 89.2.0.1 89.2.0.2 O17 - HKLM\System\CCS\Services\Tcpip\..\{C947780A-18BF-4E8E-B762-514C6B932905}: DhcpNameServer = 89.2.0.1 89.2.0.2 O17 - HKLM\System\CCS\Services\Tcpip\..\{C947780A-18BF-4E8E-B762-514C6B932905}: DhcpDomain = noos.fr O17 - HKLM\System\CS1\Services\Tcpip\..\{A0A16707-B5D8-429F-AA03-BD8CF1FF9ABF}: DhcpNameServer = 89.2.0.1 89.2.0.2 O17 - HKLM\System\CS1\Services\Tcpip\..\{C947780A-18BF-4E8E-B762-514C6B932905}: DhcpNameServer = 89.2.0.1 89.2.0.2 O17 - HKLM\System\CS1\Services\Tcpip\..\{C947780A-18BF-4E8E-B762-514C6B932905}: DhcpDomain = noos.fr O17 - HKLM\System\CS3\Services\Tcpip\..\{A0A16707-B5D8-429F-AA03-BD8CF1FF9ABF}: DhcpNameServer = 89.2.0.1 89.2.0.2 O17 - HKLM\System\CS3\Services\Tcpip\..\{C947780A-18BF-4E8E-B762-514C6B932905}: DhcpNameServer = 89.2.0.1 89.2.0.2 O17 - HKLM\System\CS3\Services\Tcpip\..\{C947780A-18BF-4E8E-B762-514C6B932905}: DhcpDomain = noos.fr ~ Scan Domain in 00mn 00s ---\\ Protocole additionnel (O18) O18 - Handler: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft ®.) -- C:\Windows\system32\mshtml.dll O18 - Handler: cdl - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll O18 - Handler: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- C:\Windows\System32\msvidctl.dll O18 - Handler: file - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll O18 - Handler: ftp - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll O18 - Handler: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll O18 - Handler: http - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll O18 - Handler: https - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll O18 - Handler: its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll O18 - Handler: javascript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft ®.) -- C:\Windows\system32\mshtml.dll O18 - Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} . (.Microsoft Corporation - Windows Live Messenger Protocol Handler Mod.) -- C:\Program Files\Windows Live\Messenger\msgrapp.dll O18 - Handler: local - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll O18 - Handler: mailto - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft ®.) -- C:\Windows\system32\mshtml.dll O18 - Handler: mhtml - {05300401-BCBC-11d0-85E3-00C04FD85AB4} . (.Microsoft Corporation - Microsoft Internet Messaging API Resources.) -- C:\Windows\system32\inetcomm.dll O18 - Handler: mk - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll O18 - Handler: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} . (.Microsoft Corporation - Microsoft® Help Data Services Module.) -- C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll O18 - Handler: ms-its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll O18 - Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- c:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll O18 - Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} . (.Microsoft Corporation - Windows Live Messenger Protocol Handler Mod.) -- C:\Program Files\Windows Live\Messenger\msgrapp.dll O18 - Handler: res - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft ®.) -- C:\Windows\system32\mshtml.dll O18 - Handler: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- C:\Windows\System32\msvidctl.dll O18 - Handler: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft ®.) -- C:\Windows\system32\mshtml.dll O18 - Handler: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} . (.Microsoft Corporation - Windows Live Mail.) -- C:\Program Files\Windows Live\Mail\mailcomm.dll O18 - Filter: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\system32\mscoree.dll O18 - Filter: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\system32\mscoree.dll O18 - Filter: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\system32\mscoree.dll O18 - Filter: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL ~ Scan Protocole Additionnel in 00mn 00s ---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21) O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} . (.Microsoft Corporation - Contrôleur de site Web.) -- C:\Windows\System32\webcheck.dll ~ Scan SSODL in 00mn 00s ---\\ Clé de Registre autorun SharedTaskScheduler (STS) (O22) O22 - SharedTaskScheduler: (no name) - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\Windows\system32\browseui.dll ~ Scan STS/SSO in 00mn 00s ---\\ Liste des services NT non Microsoft et non désactivés (O23) O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) . (.Agere Systems - Agere Soft Modem Call Progress Service.) - C:\Windows\system32\agrsmsvc.exe O23 - Service: (Ati External Event Utility) . (.ATI Technologies Inc. - ATI External Event Utility EXE Module.) - C:\Windows\system32\Ati2evxx.exe O23 - Service: eDataSecurity Service (eDataSecurity Service) . (.Egis Incorporated - Acer eDataSecurity Management Service.) - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe O23 - Service: Empowering Technology Service (ETService) . (.Pas de propriétaire - Acer Empowering Technology Framework Servic.) - C:\Program Files\Acer\Empowering Technology\Service\ETService.exe O23 - Service: (gpsvc) - Clé orpheline O23 - Service: Service Google Update (gupdate) (gupdate) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) . (.Google - gusvc.) - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: (MBAMService) . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: MobilityService (MobilityService) . (.Pas de propriétaire - app.) - C:\Acer\Mobility Center\MobilityService.exe O23 - Service: Soluto PCGenome Core Service (SolutoService) . (.Soluto - Soluto Anti-Frustration Software.) - C:\Program Files\Soluto\SolutoService.exe ~ Scan Services in 00mn 00s ---\\ Enumération Active Desktop & MHTML Editor (O24) O24 - Default MHTML Editor: Last - .(...) - (.not file.) ~ Scan Desktop Component in 00mn 00s ---\\ Tâches planifiées en automatique (O39) O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GlaryInitialize.job O39 - APT:Automatic Planified Task - C:\Windows\Tasks\Google Software Updater.job O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job [MD5.923E02CA12F54B2F086DDB9C683E46E5] [APT] [GlaryInitialize] (.Glarysoft Ltd.) -- C:\Program Files\Glary Utilities\initialize.exe [MD5.156D0E674372EA396FD2760AB54C362F] [APT] [Google Software Updater] (.Google.) -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [MD5.8F0DE4FEF8201E306F9938B0905AC96A] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) -- C:\Program Files\Google\Update\GoogleUpdate.exe [MD5.8F0DE4FEF8201E306F9938B0905AC96A] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) -- C:\Program Files\Google\Update\GoogleUpdate.exe ~ Scan Scheduled Task in 00mn 05s ---\\ Pilotes lancés au démarrage (O41) O41 - Driver: (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\Windows\system32\drivers\afd.sys O41 - Driver: (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\system32\DRIVERS\cdrom.sys O41 - Driver: C:\Windows\system32\drivers\dfsc.sys (DfsC) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\system32\Drivers\dfsc.sys O41 - Driver: (i8042prt) . (.Microsoft Corporation - Pilote de port i8042.) - C:\Windows\system32\DRIVERS\i8042prt.sys O41 - Driver: (kbdclass) . (.Microsoft Corporation - Pilote de la classe Clavier.) - C:\Windows\system32\DRIVERS\kbdclass.sys O41 - Driver: (kbdhid) . (.Microsoft Corporation - Pilote de filtre clavier HID.) - C:\Windows\system32\DRIVERS\kbdhid.sys O41 - Driver: (mouclass) . (.Microsoft Corporation - Pilote de la classe Souris.) - C:\Windows\system32\DRIVERS\mouclass.sys O41 - Driver: (MpFilter) . (.Microsoft Corporation - Microsoft antimalware file system filter dr.) - C:\Windows\system32\DRIVERS\MpFilter.sys O41 - Driver: (MpKsl103f620f) . (.Microsoft Corporation - KSLDriver.) - C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{6391DF0B-2F7B-4352-BDA7-22B676176FE1}\MpKsl103f620f.sys O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\system32\DRIVERS\netbios.sys O41 - Driver: (netbt) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\system32\DRIVERS\netbt.sys O41 - Driver: (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\system32\drivers\nsiproxy.sys O41 - Driver: C:\Windows\system32\drivers\pacer.sys (PSched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\Windows\system32\DRIVERS\pacer.sys O41 - Driver: (RasAcd) . (.Microsoft Corporation - RAS Automatic Connection Driver.) - C:\Windows\system32\DRIVERS\rasacd.sys O41 - Driver: (rdbss) . (.Microsoft Corporation - Redirected Drive Buffering SubSystem Driver.) - C:\Windows\system32\DRIVERS\rdbss.sys O41 - Driver: (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\system32\DRIVERS\RDPCDD.sys O41 - Driver: (RDPENCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\system32\drivers\rdpencdd.sys O41 - Driver: C:\Windows\system32\tcpipcfg.dll (Smb) . (.Microsoft Corporation - SMB Transport driver.) - C:\Windows\system32\DRIVERS\smb.sys O41 - Driver: C:\Windows\system32\tcpipcfg.dll (Tcpip) . (.Microsoft Corporation - TCP/IP Driver.) - C:\Windows\system32\drivers\tcpip.sys O41 - Driver: C:\Windows\system32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\system32\DRIVERS\tdx.sys O41 - Driver: (TermDD) . (.Microsoft Corporation - Terminal Server Driver.) - C:\Windows\system32\DRIVERS\termdd.sys O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\Windows\system32\drivers\vga.sys O41 - Driver: (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\system32\DRIVERS\wanarp.sys ~ Scan Drivers in 00mn 00s ---\\ Logiciels installés (O42) O42 - Logiciel: Update for Microsoft Office 2007 (KB2508958) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438} O42 - Logiciel: Acer Crystal Eye Webcam 2.0.8.3 - (.SuYin.) [HKLM] -- {A77255C4-AFCB-44A3-BF0F-2091A71FFD9E} O42 - Logiciel: Acer Empowering Technology - (.Acer Incorporated.) [HKLM] -- {8F1B6239-FEA0-450A-A950-B05276CE177C} O42 - Logiciel: Acer GridVista - (.Pas de propriétaire.) [HKLM] -- GridVista O42 - Logiciel: Acer Mobility Center Plug-In - (.Acer Inc..) [HKLM] -- {11316260-6666-467B-AC34-183FCB5D4335} O42 - Logiciel: Acer Product Registration - (.Acer Incorporated.) [HKLM] -- {DA20E1A8-07CB-4EE7-9B72-A7E28C953F0E} O42 - Logiciel: Acer ScreenSaver - (.Acer Incorporated.) [HKLM] -- {79DD56FC-DB8B-47F5-9C80-78B62E05F9BC} O42 - Logiciel: Acer eAudio Management - (.CyberLink Corp..) [HKLM] -- {57265292-228A-41FA-9AEC-4620CBCC2739} O42 - Logiciel: Acer ePower Management - (.Acer Incorporated.) [HKLM] -- {58E5844B-7CE2-413D-83D1-99294BF6C74F} O42 - Logiciel: Acer eRecovery Management - (.Acer Incorporated.) [HKLM] -- {7F811A54-5A09-4579-90E1-C93498E230D9} O42 - Logiciel: Acer eSettings Management - (.Acer Incorporated.) [HKLM] -- {13D85C14-2B85-419F-AC41-C7F21E68B25D} O42 - Logiciel: Adobe AIR - (.Adobe Systems Incorporated.) [HKLM] -- Adobe AIR O42 - Logiciel: Adobe Flash Player 10 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX O42 - Logiciel: Adobe Flash Player 10 Plugin - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player Plugin O42 - Logiciel: Adobe Shockwave Player 11.5 - (.Adobe Systems, Inc..) [HKLM] -- Adobe Shockwave Player O42 - Logiciel: Agere Systems HDA Modem - (.Agere Systems.) [HKLM] -- Agere Systems Soft Modem O42 - Logiciel: Atheros Communications Inc.® AR8121/AR8113/AR8114 Gigabit/Fast Ethernet Driver - (.Atheros Communications Inc..) [HKLM] -- {3108C217-BE83-42E4-AE9E-A56A2A92E549} O42 - Logiciel: CodeBlocks - (.The Code::Blocks Team.) [HKCU] -- CodeBlocks O42 - Logiciel: Download Updater (AOL LLC) - (.Pas de propriétaire.) [HKLM] -- SoftwareUpdUtility O42 - Logiciel: Glary Utilities 2.33.0.1158 - (.Glarysoft Ltd.) [HKLM] -- Glary Utilities_is1 O42 - Logiciel: Google Toolbar for Internet Explorer - (.Google Inc..) [HKLM] -- {2318C2B1-4965-11d4-9B18-009027A5CD4F} O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB953595 O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB958484 O42 - Logiciel: Launch Manager - (.Pas de propriétaire.) [HKLM] -- LManager O42 - Logiciel: Logiciel d'archivage WinRAR - (.Pas de propriétaire.) [HKLM] -- WinRAR archiver O42 - Logiciel: MSDN Library pour les éditions Microsoft Visual Studio 2008 Express - (.Microsoft Corporation.) [HKLM] -- MSDN Library for Microsoft Visual Studio 2008 Express Editions O42 - Logiciel: Malwarebytes' Anti-Malware version 1.51.1.1800 - (.Malwarebytes Corporation.) [HKLM] -- Malwarebytes' Anti-Malware_is1 O42 - Logiciel: Microsoft .NET Framework 3.5 SP1 - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 3.5 SP1 O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Client Profile O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0016-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C} O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0018-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C} O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001B-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C} O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-006E-040C-0000-0000000FF1CE}_HOMESTUDENTR_{B165D3C2-40AE-4D39-86F7-E5C87C4264C0} O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-00A1-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C} O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B} O42 - Logiciel: Microsoft Office Home and Student 2007 - (.Microsoft Corporation.) [HKLM] -- HOMESTUDENTR O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0401-0000-0000000FF1CE}_HOMESTUDENTR_{14809F99-C601-4D4A-9391-F1E8FAA964C5} O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A0516415-ED61-419A-981D-93596DA74165} O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045} O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787} O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0413-0000-0000000FF1CE}_HOMESTUDENTR_{D66D5A44-E480-4BA4-B4F2-C554F6B30EBB} O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{187308AB-5FA7-4F14-9AB9-D290383A10D9} O42 - Logiciel: Microsoft SQL Server 2005 - (.Microsoft Corporation.) [HKLM] -- Microsoft SQL Server 2005 O42 - Logiciel: Microsoft Security Essentials - (.Microsoft Corporation.) [HKLM] -- Microsoft Security Client O42 - Logiciel: Microsoft Visual C++ 2008 Express - Français - (.Microsoft Corporation.) [HKLM] -- Microsoft Visual C++ 2008 Express Edition - FRA O42 - Logiciel: Module linguistique Microsoft .NET Framework 3.5 SP1- fra - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 3.5 Language Pack SP1 - fra O42 - Logiciel: Mozilla Firefox (3.6.19) - (.Mozilla.) [HKLM] -- Mozilla Firefox (3.6.19) O42 - Logiciel: NTI Media Maker 8 - (.NewTech Infosystems.) [HKLM] -- InstallShield_{2413930C-8309-47A6-BC61-5EF27A4222BC} O42 - Logiciel: PKR - (.PKR Ltd.) [HKLM] -- PKR O42 - Logiciel: PhotoNow! - (.CyberLink Corp..) [HKLM] -- {D36DD326-7280-11D8-97C8-000129760CBE} O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC} O42 - Logiciel: Realtek USB 2.0 Card Reader - (.Realtek Semiconductor Corp..) [HKLM] -- {DC24971E-1946-445D-8A82-CE685433FA7D} O42 - Logiciel: Revo Uninstaller 1.92 - (.VS Revo Group.) [HKLM] -- Revo Uninstaller O42 - Logiciel: Sandlot Games Client Services 1.2.2 - (.Sandlot Games.) [HKLM] -- Sandlot Games Client Services 1.2.2_is1 O42 - Logiciel: Secunia PSI - (.Pas de propriétaire.) [HKLM] -- Secunia PSI O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2288621) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{5C497F0B-2061-4CC9-A61C-6B45B867354D} O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2288931) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{CD769337-C8AC-46DB-A7DC-643E50089263} O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2345043) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{536FB502-775F-4494-BACE-C02CC90B7A5B} O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2509488) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{AD0DE453-0804-4495-9C91-33D0F9AA5463} O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB969559) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{69F52148-9BF6-4CDC-BF76-103DEAF3DD08} O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB976321) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{7F207DCA-3399-40CB-A968-6E5991B1421A} O42 - Logiciel: Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB2416473 O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2446708 O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2478663 O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2518870 O42 - Logiciel: Security Update for Microsoft Office 2007 System (KB2541012) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{CD907315-705A-4475-A1A0-2A1245803E4D} O42 - Logiciel: Security Update for Microsoft Office Excel 2007 (KB2541007) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{A0173254-F442-4D04-9154-43FA157B83D0} O42 - Logiciel: Security Update for Microsoft Office InfoPath 2007 (KB979441) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{8CCB781A-CF6B-4FCB-B6D8-59C64DF5C6DB} O42 - Logiciel: Security Update for Microsoft Office PowerPoint 2007 (KB2535818) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{8588DD11-6BD7-4400-B55C-DD5AB74B43E1} O42 - Logiciel: Security Update for Microsoft Office PowerPoint Viewer 2007 (KB2464623) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{D75E6D0C-BADF-4F41-98B2-0C0F02C15062} O42 - Logiciel: Security Update for Microsoft Office Visio Viewer 2007 (KB973709) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{71127777-8B2C-4F97-AF7A-6CF8CAC8224D} O42 - Logiciel: Security Update for Microsoft Office Word 2007 (KB2344993) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{7A5B74FA-7A92-4FC9-821A-2DD5D4E73E48} O42 - Logiciel: Security Update for Microsoft Office system 2007 (972581) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF} O42 - Logiciel: Security Update for Microsoft Office system 2007 (KB974234) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{FCD742B9-7A55-44BC-A776-F795F21FEDDC} O42 - Logiciel: SpeedFan (remove only) - (.Pas de propriétaire.) [HKLM] -- SpeedFan O42 - Logiciel: Synaptics Pointing Device Driver - (.Synaptics.) [HKLM] -- SynTPDeinstKey O42 - Logiciel: Update for 2007 Microsoft Office System (KB967642) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D} O42 - Logiciel: Update for Microsoft .NET Framework 3.5 SP1 (KB963707) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707 O42 - Logiciel: Update for Microsoft Office 2007 System (KB2539530) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B4CEEAE-AA88-490C-BCB2-AAC3421981A4} O42 - Logiciel: Update for Microsoft Office OneNote 2007 (KB980729) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{329050A9-EF80-40F9-B633-74508F54C1FF} O42 - Logiciel: VLC media player 1.1.10 - (.VideoLAN.) [HKLM] -- VLC media player O42 - Logiciel: Visual C++ 2008 x86 Runtime - v9.0.30729.01 - (.Microsoft Corporation.) [HKLM] -- {F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01 O42 - Logiciel: Windows Live - (.Microsoft Corporation.) [HKLM] -- WinLiveSuite O42 - Logiciel: Yu-Gi-Oh Virtual Battle 5.26 - (.Pas de propriétaire.) [HKLM] -- Yu-Gi-Oh Virtual Battle 5.26 ---\\ HKCU & HKLM Software Keys [HKCU\Software\ACE Compression Software] [HKCU\Software\ATI Technologies Inc.] [HKCU\Software\ATI] [HKCU\Software\Acer] [HKCU\Software\Adobe] [HKCU\Software\AhnLab] [HKCU\Software\Andrei Jefremov] [HKCU\Software\AppConf] [HKCU\Software\AppDataLow\LastScanTime] [HKCU\Software\AppDataLow\Software\Adobe] [HKCU\Software\AppDataLow\Software\Google] [HKCU\Software\AppDataLow\Software\Microsoft] [HKCU\Software\AppDataLow\Software\Monitored] [HKCU\Software\AppDataLow\Software\settings] [HKCU\Software\AppDataLow\Software] [HKCU\Software\AppDataLow] [HKCU\Software\Apple Inc.] [HKCU\Software\ArcaBit] [HKCU\Software\Astonsoft] [HKCU\Software\Beroux] [HKCU\Software\BillP Studios] [HKCU\Software\BitDefender] [HKCU\Software\Bugsplat] [HKCU\Software\CPUID] [HKCU\Software\Canneverbe Limited] [HKCU\Software\ClassesB] [HKCU\Software\Classes] [HKCU\Software\Clients] [HKCU\Software\CyberLink] [HKCU\Software\Digital River] [HKCU\Software\DivXNetworks] [HKCU\Software\ESET] [HKCU\Software\F-Secure] [HKCU\Software\Full Tilt Poker.Net] [HKCU\Software\Full Tilt Poker] [HKCU\Software\GlarySoft] [HKCU\Software\Google] [HKCU\Software\IGA] [HKCU\Software\IM Providers] [HKCU\Software\INCAInternet] [HKCU\Software\JavaSoft] [HKCU\Software\K-Dat] [HKCU\Software\K-Lite] [HKCU\Software\KaZuperNodes] [HKCU\Software\Kazaa] [HKCU\Software\Lavalys] [HKCU\Software\Licenses] [HKCU\Software\Macromedia] [HKCU\Software\Magnet] [HKCU\Software\Malwarebytes' Anti-Malware] [HKCU\Software\Martin Prikryl] [HKCU\Software\Meridian93] [HKCU\Software\MozillaPlugins] [HKCU\Software\Mozilla] [HKCU\Software\Nero] [HKCU\Software\Netscape] [HKCU\Software\NewTech Infosystems] [HKCU\Software\Northcode Inc] [HKCU\Software\ODBC] [HKCU\Software\ORL] [HKCU\Software\OXXOgames] [HKCU\Software\Pando Networks] [HKCU\Software\Policies] [HKCU\Software\Putt_Man] [HKCU\Software\Quanta] [HKCU\Software\Realtek] [HKCU\Software\Safer Networking Limited] [HKCU\Software\Secunia] [HKCU\Software\Seifert] [HKCU\Software\Skype] [HKCU\Software\SoftLogica] [HKCU\Software\Softonic] [HKCU\Software\Sonix] [HKCU\Software\SpeedBit] [HKCU\Software\SpeedFan] [HKCU\Software\Synaptics] [HKCU\Software\Sysinternals] [HKCU\Software\TikGames] [HKCU\Software\Trolltech] [HKCU\Software\Usbfix] [HKCU\Software\VB and VBA Program Settings] [HKCU\Software\VSRevoGroup] [HKCU\Software\WinRAR SFX] [HKCU\Software\WinRAR] [HKCU\Software\YahooPartnerToolbar] [HKCU\Software\eSupport.com] [HKCU\Software\ej-technologies] [HKCU\Software\gPotato] [HKCU\Software\nSplitter] [HKLM\Software\AMD] [HKLM\Software\ATI Technologies] [HKLM\Software\ATI] [HKLM\Software\Adobe] [HKLM\Software\Agere] [HKLM\Software\Ahead] [HKLM\Software\AppDataLow] [HKLM\Software\ArcaBit] [HKLM\Software\BillP Studios] [HKLM\Software\BrowserChoice] [HKLM\Software\Caphyon] [HKLM\Software\Classes] [HKLM\Software\Clients] [HKLM\Software\CyberLink] [HKLM\Software\Digital River] [HKLM\Software\DivXNetworks] [HKLM\Software\Dofus 2] [HKLM\Software\Eset] [HKLM\Software\FileZilla 3] [HKLM\Software\Full Tilt Poker] [HKLM\Software\Google] [HKLM\Software\InstalledOptions] [HKLM\Software\Intel] [HKLM\Software\JavaSoft] [HKLM\Software\JreMetrics] [HKLM\Software\K-Lite] [HKLM\Software\KLExtensions] [HKLM\Software\KasperskyLab] [HKLM\Software\Kazaa] [HKLM\Software\Licenses] [HKLM\Software\MP3Shield] [HKLM\Software\Macromedia] [HKLM\Software\Magnet] [HKLM\Software\Malwarebytes' Anti-Malware (Trial)] [HKLM\Software\Malwarebytes' Anti-Malware] [HKLM\Software\Martin Prikryl] [HKLM\Software\MozillaPlugins] [HKLM\Software\Mozilla] [HKLM\Software\Nero] [HKLM\Software\Netmarble] [HKLM\Software\NewTech Infosystems] [HKLM\Software\ODBC] [HKLM\Software\ORL] [HKLM\Software\OemSetup] [HKLM\Software\PCTools] [HKLM\Software\Panda Software] [HKLM\Software\Pando Networks] [HKLM\Software\Policies] [HKLM\Software\Quanta] [HKLM\Software\RealVNC] [HKLM\Software\Realtek Semiconductor Corp.] [HKLM\Software\Realtek] [HKLM\Software\RegisteredApplications] [HKLM\Software\Safer Networking Limited] [HKLM\Software\Secunia] [HKLM\Software\SecureDigitalServices] [HKLM\Software\Soluto] [HKLM\Software\SpeedBit] [HKLM\Software\Synaptics] [HKLM\Software\Trad-FR] [HKLM\Software\Uniblue] [HKLM\Software\VideoLAN] [HKLM\Software\WOW6432Node] [HKLM\Software\WinRAR] [HKLM\Software\Winbond Electronics Corporation] [HKLM\Software\XPeFlag] [HKLM\Software\acer] [HKLM\Software\mcafeeupdater] [HKLM\Software\mozilla.org] [HKLM\Software\nSplitter] ~ Scan Softwares in 00mn 01s ---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43) O43 - CFD: 17/04/2011 - 11:27:50 - [0] ----D- C:\Program Files\7-Zip O43 - CFD: 12/08/2009 - 12:22:20 - [159378396] ----D- C:\Program Files\Acer O43 - CFD: 11/02/2011 - 13:47:44 - [253536] ----D- C:\Program Files\Acer Arcade Deluxe O43 - CFD: 13/10/2010 - 12:04:18 - [33] ----D- C:\Program Files\Acer GameZone O43 - CFD: 29/03/2009 - 21:39:38 - [1372369] ----D- C:\Program Files\Acer Inc O43 - CFD: 29/03/2009 - 21:50:04 - [0] ----D- C:\Program Files\Acer Incorporated O43 - CFD: 19/12/2010 - 13:15:06 - [162960192] ----D- C:\Program Files\Adobe O43 - CFD: 17/01/2009 - 16:35:14 - [62929] ----D- C:\Program Files\AMD O43 - CFD: 25/07/2010 - 05:22:02 - [0] ----D- C:\Program Files\Astonsoft O43 - CFD: 29/03/2009 - 21:26:54 - [14304513] ----D- C:\Program Files\ATI O43 - CFD: 29/03/2009 - 21:27:30 - [62169297] ----D- C:\Program Files\ATI Technologies O43 - CFD: 12/02/2011 - 04:09:08 - [1717] ----D- C:\Program Files\BillP Studios O43 - CFD: 20/07/2010 - 23:23:40 - [0] ----D- C:\Program Files\burnatonce O43 - CFD: 24/05/2011 - 19:53:34 - [155175258] ----D- C:\Program Files\CodeBlocks O43 - CFD: 26/07/2011 - 02:37:18 - [686102970] ----D- C:\Program Files\Common Files O43 - CFD: 30/07/2011 - 00:12:30 - [0] ----D- C:\Program Files\Convar O43 - CFD: 04/03/2011 - 20:35:06 - [21837248] ----D- C:\Program Files\Cyberlink O43 - CFD: 25/10/2010 - 15:04:30 - [0] ----D- C:\Program Files\Dofus O43 - CFD: 26/03/2011 - 22:56:30 - [0] ----D- C:\Program Files\Enigma Software Group O43 - CFD: 01/08/2011 - 00:14:26 - [0] ----D- C:\Program Files\ESET O43 - CFD: 22/02/2011 - 16:59:48 - [0] ----D- C:\Program Files\eSobi O43 - CFD: 12/08/2009 - 12:14:20 - [0] -SH-D- C:\Program Files\Fichiers communs O43 - CFD: 10/04/2011 - 22:46:52 - [16450755] ----D- C:\Program Files\FileZilla FTP Client O43 - CFD: 14/08/2010 - 01:28:46 - [244935] ----D- C:\Program Files\Full Tilt Poker O43 - CFD: 11/11/2010 - 18:28:02 - [51426] ----D- C:\Program Files\Full Tilt Poker.Fr O43 - CFD: 31/07/2010 - 15:10:24 - [51116] ----D- C:\Program Files\Full Tilt Poker.Net O43 - CFD: 31/10/2010 - 05:03:14 - [356871] ----D- C:\Program Files\Gameforge4D O43 - CFD: 12/04/2011 - 21:34:18 - [19491903] ----D- C:\Program Files\Glary Utilities O43 - CFD: 15/07/2011 - 15:33:56 - [30020077] ----D- C:\Program Files\Google O43 - CFD: 29/05/2011 - 13:31:02 - [76127967] --H-D- C:\Program Files\InstallShield Installation Information O43 - CFD: 17/06/2011 - 23:43:26 - [5368163] ----D- C:\Program Files\Internet Explorer O43 - CFD: 06/07/2011 - 19:18:38 - [90783833] ----D- C:\Program Files\Java O43 - CFD: 30/07/2010 - 14:41:42 - [11233] ----D- C:\Program Files\JDownloader O43 - CFD: 11/07/2011 - 18:00:28 - [897540727] ----D- C:\Program Files\Konami O43 - CFD: 29/03/2009 - 21:38:24 - [2669521] ----D- C:\Program Files\Launch Manager O43 - CFD: 12/02/2011 - 08:34:10 - [0] ----D- C:\Program Files\Lavasoft O43 - CFD: 29/07/2010 - 04:20:00 - [0] ----D- C:\Program Files\LimeWire O43 - CFD: 29/03/2011 - 00:20:08 - [364866] ----D- C:\Program Files\Lopxp O43 - CFD: 29/07/2011 - 20:37:58 - [6971897] ----D- C:\Program Files\Malwarebytes' Anti-Malware O43 - CFD: 02/11/2006 - 14:35:52 - [46946424] ----D- C:\Program Files\Microsoft Games O43 - CFD: 29/06/2011 - 16:45:26 - [379106053] ----D- C:\Program Files\Microsoft Office O43 - CFD: 17/01/2009 - 16:55:32 - [7791803] ----D- C:\Program Files\Microsoft Office Suite Activation Assistant O43 - CFD: 24/05/2011 - 20:22:02 - [125368757] ----D- C:\Program Files\Microsoft SDKs O43 - CFD: 25/05/2011 - 19:39:30 - [18381112] ----D- C:\Program Files\Microsoft Security Client O43 - CFD: 17/06/2011 - 23:46:28 - [38411899] ----D- C:\Program Files\Microsoft Silverlight O43 - CFD: 25/05/2011 - 19:24:44 - [258268675] ----D- C:\Program Files\Microsoft SQL Server O43 - CFD: 24/05/2011 - 20:31:16 - [881505335] ----D- C:\Program Files\Microsoft Visual Studio 9.0 O43 - CFD: 24/11/2009 - 08:31:32 - [151889282] ----D- C:\Program Files\Microsoft Works O43 - CFD: 24/05/2011 - 20:42:36 - [9707749] ----D- C:\Program Files\Microsoft.NET O43 - CFD: 11/08/2010 - 21:53:12 - [20470054] ----D- C:\Program Files\Movie Maker O43 - CFD: 15/07/2011 - 15:08:28 - [31632114] ----D- C:\Program Files\Mozilla Firefox O43 - CFD: 02/11/2006 - 14:35:52 - [25757] ----D- C:\Program Files\MSBuild O43 - CFD: 17/01/2009 - 16:07:08 - [0] ----D- C:\Program Files\MSXML 4.0 O43 - CFD: 21/02/2011 - 00:49:16 - [195064176] ----D- C:\Program Files\NewTech Infosystems O43 - CFD: 31/10/2010 - 01:47:44 - [7373686] ----D- C:\Program Files\Pando Networks O43 - CFD: 21/07/2011 - 20:56:36 - [1166610803] ----D- C:\Program Files\PKR O43 - CFD: 17/01/2009 - 16:36:02 - [30988128] ----D- C:\Program Files\Realtek O43 - CFD: 02/11/2006 - 14:35:52 - [60923158] ----D- C:\Program Files\Reference Assemblies O43 - CFD: 13/02/2011 - 11:09:44 - [3528565] ----D- C:\Program Files\Secunia O43 - CFD: 25/07/2010 - 05:20:42 - [0] ----D- C:\Program Files\SlySoft O43 - CFD: 22/02/2011 - 22:23:38 - [0] ----D- C:\Program Files\SoftLogica O43 - CFD: 30/06/2011 - 00:34:08 - [25991883] ----D- C:\Program Files\Soluto O43 - CFD: 04/03/2011 - 18:30:50 - [0] ----D- C:\Program Files\Spartez O43 - CFD: 09/08/2011 - 10:44:32 - [5674823] ----D- C:\Program Files\SpeedFan O43 - CFD: 01/08/2011 - 23:52:24 - [1168216] ----D- C:\Program Files\Spybot - Search & Destroy O43 - CFD: 29/03/2009 - 21:36:54 - [15083609] ----D- C:\Program Files\Synaptics O43 - CFD: 13/08/2010 - 18:41:24 - [0] ----D- C:\Program Files\TightVNC O43 - CFD: 13/08/2010 - 17:07:32 - [367428] ----D- C:\Program Files\UltraVNC O43 - CFD: 02/11/2006 - 14:58:20 - [0] --H-D- C:\Program Files\Uninstall Information O43 - CFD: 25/09/2009 - 03:48:14 - [84701799] ----D- C:\Program Files\VideoLAN O43 - CFD: 14/02/2011 - 10:28:06 - [6812742] ----D- C:\Program Files\VS Revo Group O43 - CFD: 26/10/2010 - 03:35:40 - [217687] ----D- C:\Program Files\Wakfu O43 - CFD: 17/01/2009 - 16:44:04 - [2355255] ----D- C:\Program Files\Winbond Electronics Corporation O43 - CFD: 04/03/2011 - 20:09:46 - [812064] ----D- C:\Program Files\WinDirStat O43 - CFD: 14/08/2009 - 17:33:44 - [1016832] ----D- C:\Program Files\Windows Calendar O43 - CFD: 14/08/2009 - 17:33:40 - [2737152] ----D- C:\Program Files\Windows Collaboration O43 - CFD: 14/08/2009 - 17:33:34 - [4490624] ----D- C:\Program Files\Windows Defender O43 - CFD: 10/04/2011 - 21:53:02 - [96474941] ----D- C:\Program Files\Windows Live O43 - CFD: 17/06/2011 - 23:31:48 - [8935608] ----D- C:\Program Files\Windows Mail O43 - CFD: 10/04/2011 - 21:16:54 - [4498121] ----D- C:\Program Files\Windows Media Player O43 - CFD: 12/08/2009 - 12:14:20 - [7957544] ----D- C:\Program Files\Windows NT O43 - CFD: 14/08/2009 - 17:33:38 - [8228002] ----D- C:\Program Files\Windows Photo Gallery O43 - CFD: 18/11/2009 - 04:51:00 - [134144] ----D- C:\Program Files\Windows Portable Devices O43 - CFD: 14/08/2009 - 17:33:40 - [6527690] ----D- C:\Program Files\Windows Sidebar O43 - CFD: 24/07/2010 - 03:16:46 - [3887186] ----D- C:\Program Files\WinRAR O43 - CFD: 11/07/2011 - 19:31:30 - [50309281] ----D- C:\Program Files\Yu-Gi-Oh Virtual Battle 5 O43 - CFD: 09/08/2011 - 15:11:34 - [4735500] ----D- C:\Program Files\ZHPDiag O43 - CFD: 13/10/2010 - 11:01:12 - [6247934] ----D- C:\Program Files\Common Files\Adobe O43 - CFD: 29/04/2011 - 20:38:24 - [31116142] ----D- C:\Program Files\Common Files\Adobe AIR O43 - CFD: 17/01/2009 - 16:52:24 - [92976] ----D- C:\Program Files\Common Files\DESIGNER O43 - CFD: 29/05/2011 - 17:04:36 - [24619886] ----D- C:\Program Files\Common Files\INCA Shared O43 - CFD: 17/01/2009 - 17:11:04 - [3186279] ----D- C:\Program Files\Common Files\InstallShield O43 - CFD: 06/07/2011 - 19:26:04 - [1258951] ----D- C:\Program Files\Common Files\Java O43 - CFD: 24/05/2011 - 20:25:16 - [1565696] ----D- C:\Program Files\Common Files\Merge Modules O43 - CFD: 24/05/2011 - 20:42:48 - [274929604] ----D- C:\Program Files\Common Files\microsoft shared O43 - CFD: 17/01/2009 - 17:27:48 - [354896] ----D- C:\Program Files\Common Files\Oberon Media O43 - CFD: 23/05/2010 - 17:35:00 - [2543410] ----D- C:\Program Files\Common Files\PC Tools O43 - CFD: 04/10/2010 - 05:22:14 - [1353730] ----D- C:\Program Files\Common Files\Sandlot Shared O43 - CFD: 02/11/2006 - 13:18:34 - [2702] ----D- C:\Program Files\Common Files\Services O43 - CFD: 26/07/2011 - 02:37:18 - [240776] ----D- C:\Program Files\Common Files\Software Update Utility O43 - CFD: 02/11/2006 - 13:18:34 - [41101735] ----D- C:\Program Files\Common Files\SpeechEngines O43 - CFD: 14/08/2009 - 17:33:38 - [42750094] ----D- C:\Program Files\Common Files\System O43 - CFD: 17/01/2009 - 17:11:36 - [218672879] ----D- C:\Program Files\Common Files\Windows Live O43 - CFD: 26/03/2011 - 22:18:26 - [36065280] ----D- C:\Program Files\Common Files\Wise Installation Wizard O43 - CFD: 13/10/2010 - 11:01:12 - [763] ----D- C:\ProgramData\Adobe O43 - CFD: 22/03/2011 - 08:39:36 - [11286] ----D- C:\ProgramData\Apple O43 - CFD: 20/03/2011 - 02:59:42 - [0] ----D- C:\ProgramData\Apple Computer O43 - CFD: 02/11/2006 - 14:59:46 - [0] -SH-D- C:\ProgramData\Application Data O43 - CFD: 04/10/2010 - 12:49:56 - [354] ----D- C:\ProgramData\Arcade Lab O43 - CFD: 29/03/2009 - 21:36:58 - [188] ----D- C:\ProgramData\ATI O43 - CFD: 12/08/2009 - 12:14:20 - [0] -SH-D- C:\ProgramData\Bureau O43 - CFD: 30/07/2011 - 23:09:32 - [0] ----D- C:\ProgramData\CA O43 - CFD: 20/07/2010 - 21:31:04 - [0] ----D- C:\ProgramData\Canneverbe Limited O43 - CFD: 11/02/2011 - 13:54:42 - [29306] ----D- C:\ProgramData\CyberLink O43 - CFD: 16/02/2011 - 07:45:02 - [0] ----D- C:\ProgramData\DAEMON Tools Lite O43 - CFD: 16/02/2011 - 07:57:16 - [1548] ----D- C:\ProgramData\DAEMON Tools Pro O43 - CFD: 02/11/2006 - 14:59:46 - [0] -SH-D- C:\ProgramData\Desktop O43 - CFD: 02/11/2006 - 14:59:46 - [0] -SH-D- C:\ProgramData\Documents O43 - CFD: 31/03/2011 - 00:35:50 - [0] ----D- C:\ProgramData\eMule O43 - CFD: 22/02/2011 - 17:02:18 - [0] ----D- C:\ProgramData\eSobi O43 - CFD: 12/08/2009 - 12:14:20 - [0] -SH-D- C:\ProgramData\Favoris O43 - CFD: 02/11/2006 - 14:59:46 - [0] -SH-D- C:\ProgramData\Favorites O43 - CFD: 13/03/2011 - 16:53:52 - [539746] ----D- C:\ProgramData\Google O43 - CFD: 15/07/2011 - 15:34:18 - [18513] ----D- C:\ProgramData\Google Updater O43 - CFD: 25/05/2011 - 18:50:12 - [77072947] ----D- C:\ProgramData\Kaspersky Lab O43 - CFD: 21/05/2010 - 22:30:44 - [78795352] ----D- C:\ProgramData\Kaspersky Lab Setup Files O43 - CFD: 12/02/2011 - 23:14:54 - [72] ----D- C:\ProgramData\Lavasoft O43 - CFD: 23/05/2010 - 17:49:02 - [16663418] ----D- C:\ProgramData\Malwarebytes O43 - CFD: 18/02/2011 - 16:14:48 - [11256] ----D- C:\ProgramData\McAfee O43 - CFD: 12/08/2009 - 12:14:20 - [0] -SH-D- C:\ProgramData\Menu Démarrer O43 - CFD: 04/10/2010 - 12:47:28 - [125600] ----D- C:\ProgramData\Meridian93 O43 - CFD: 25/05/2011 - 19:39:04 - [489561994] -S--D- C:\ProgramData\Microsoft O43 - CFD: 17/06/2011 - 23:41:50 - [63871634] ----D- C:\ProgramData\Microsoft Help O43 - CFD: 12/08/2009 - 12:14:20 - [0] -SH-D- C:\ProgramData\Modèles O43 - CFD: 25/07/2010 - 05:18:52 - [529] ----D- C:\ProgramData\Nero O43 - CFD: 12/07/2010 - 13:26:30 - [0] ----D- C:\ProgramData\NOS O43 - CFD: 29/05/2011 - 13:24:20 - [438] ----D- C:\ProgramData\PMB Files O43 - CFD: 04/10/2010 - 05:22:04 - [525] ----D- C:\ProgramData\Sandlot Games O43 - CFD: 17/07/2011 - 17:07:56 - [11349061] ----D- C:\ProgramData\Soluto O43 - CFD: 05/10/2010 - 06:17:32 - [4349] ----D- C:\ProgramData\SpinTop Games O43 - CFD: 02/11/2006 - 14:59:46 - [0] -SH-D- C:\ProgramData\Start Menu O43 - CFD: 23/05/2010 - 23:23:30 - [259] ----D- C:\ProgramData\Sun O43 - CFD: 07/12/2010 - 13:37:04 - [90183] ---AD- C:\ProgramData\Temp O43 - CFD: 02/11/2006 - 14:59:46 - [0] -SH-D- C:\ProgramData\Templates O43 - CFD: 05/10/2010 - 01:59:32 - [16997] ----D- C:\ProgramData\TERMINAL Studio O43 - CFD: 19/03/2011 - 15:45:08 - [6156] ----D- C:\ProgramData\WindSolutions O43 - CFD: 12/02/2011 - 23:15:54 - [3563451] --H-D- C:\ProgramData\{589802B2-1BF3-4609-9ADE-CF6E6608D06D} O43 - CFD: 11/10/2010 - 20:28:34 - [0] -SH-D- C:\Users\mokrane\AppData\Roaming\.# O43 - CFD: 17/01/2009 - 17:26:42 - [34405] ----D- C:\Users\mokrane\AppData\Roaming\Acer GameZone Console O43 - CFD: 23/05/2010 - 23:33:44 - [6841149] ----D- C:\Users\mokrane\AppData\Roaming\Adobe O43 - CFD: 25/01/2010 - 17:49:02 - [4648] ----D- C:\Users\mokrane\AppData\Roaming\app O43 - CFD: 19/03/2011 - 16:39:00 - [5252511] ----D- C:\Users\mokrane\AppData\Roaming\Apple Computer O43 - CFD: 31/07/2011 - 13:24:18 - [1] ----D- C:\Users\mokrane\AppData\Roaming\ArcaBit O43 - CFD: 05/08/2011 - 17:31:06 - [2742] ----D- C:\Users\mokrane\AppData\Roaming\ArcaVirMicroScan O43 - CFD: 12/08/2009 - 12:24:46 - [0] ----D- C:\Users\mokrane\AppData\Roaming\ATI O43 - CFD: 13/02/2011 - 00:08:26 - [173579] ----D- C:\Users\mokrane\AppData\Roaming\Azureus O43 - CFD: 04/08/2011 - 10:57:06 - [20939] ----D- C:\Users\mokrane\AppData\Roaming\BatteryBar O43 - CFD: 22/05/2011 - 10:30:42 - [0] ----D- C:\Users\mokrane\AppData\Roaming\BitComet O43 - CFD: 20/07/2010 - 21:31:04 - [1295] ----D- C:\Users\mokrane\AppData\Roaming\Canneverbe Limited O43 - CFD: 30/07/2011 - 00:12:12 - [21380] ----D- C:\Users\mokrane\AppData\Roaming\codeblocks O43 - CFD: 04/03/2011 - 20:23:12 - [115524] ----D- C:\Users\mokrane\AppData\Roaming\CyberLink O43 - CFD: 16/02/2011 - 07:45:04 - [0] ----D- C:\Users\mokrane\AppData\Roaming\DAEMON Tools Lite O43 - CFD: 16/02/2011 - 08:04:32 - [1122] ----D- C:\Users\mokrane\AppData\Roaming\DAEMON Tools Pro O43 - CFD: 23/07/2010 - 21:21:36 - [2792] ----D- C:\Users\mokrane\AppData\Roaming\DeepBurner O43 - CFD: 13/04/2011 - 20:00:30 - [7498436] ----D- C:\Users\mokrane\AppData\Roaming\Dofus 2 O43 - CFD: 22/12/2010 - 21:29:32 - [8699] ----D- C:\Users\mokrane\AppData\Roaming\Dofus-2.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1 O43 - CFD: 26/01/2010 - 02:02:06 - [0] ----D- C:\Users\mokrane\AppData\Roaming\Dofus-3.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1 O43 - CFD: 22/12/2010 - 21:38:22 - [6202] ----D- C:\Users\mokrane\AppData\Roaming\Dofus.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1 O43 - CFD: 19/02/2011 - 20:47:54 - [0] ----D- C:\Users\mokrane\AppData\Roaming\EasyBurner O43 - CFD: 22/02/2011 - 17:02:18 - [0] ----D- C:\Users\mokrane\AppData\Roaming\eSobi O43 - CFD: 10/04/2011 - 22:49:24 - [15687] ----D- C:\Users\mokrane\AppData\Roaming\FileZilla O43 - CFD: 07/06/2011 - 00:18:36 - [16519] ----D- C:\Users\mokrane\AppData\Roaming\FOG Downloader O43 - CFD: 29/07/2011 - 21:01:28 - [0] ----D- C:\Users\mokrane\AppData\Roaming\GetRightToGo O43 - CFD: 19/02/2011 - 14:39:48 - [12096] ----D- C:\Users\mokrane\AppData\Roaming\GlarySoft O43 - CFD: 12/08/2009 - 13:29:44 - [4844] ----D- C:\Users\mokrane\AppData\Roaming\Google O43 - CFD: 12/08/2009 - 12:24:10 - [0] ----D- C:\Users\mokrane\AppData\Roaming\Identities O43 - CFD: 12/08/2009 - 12:24:36 - [74890] ----D- C:\Users\mokrane\AppData\Roaming\Macromedia O43 - CFD: 23/05/2010 - 17:52:08 - [39668] ----D- C:\Users\mokrane\AppData\Roaming\Malwarebytes O43 - CFD: 04/10/2010 - 12:46:26 - [40606] ----D- C:\Users\mokrane\AppData\Roaming\Meridian93 O43 - CFD: 24/05/2011 - 20:28:58 - [18150690] -S--D- C:\Users\mokrane\AppData\Roaming\Microsoft O43 - CFD: 25/09/2009 - 03:02:06 - [28441649] ----D- C:\Users\mokrane\AppData\Roaming\Mozilla O43 - CFD: 25/07/2010 - 04:53:04 - [37390] ----D- C:\Users\mokrane\AppData\Roaming\Nero O43 - CFD: 11/02/2011 - 13:54:42 - [1468682] ----D- C:\Users\mokrane\AppData\Roaming\PowerCinema O43 - CFD: 31/07/2011 - 01:08:52 - [397855] ----D- C:\Users\mokrane\AppData\Roaming\QuickScan O43 - CFD: 25/01/2010 - 17:49:02 - [0] ----D- C:\Users\mokrane\AppData\Roaming\Reg.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1 O43 - CFD: 01/08/2011 - 01:52:42 - [0] ----D- C:\Users\mokrane\AppData\Roaming\Skype O43 - CFD: 12/08/2009 - 13:25:38 - [6887] ----D- C:\Users\mokrane\AppData\Roaming\SoftDMA O43 - CFD: 16/11/2010 - 03:09:52 - [48812] ----D- C:\Users\mokrane\AppData\Roaming\SunGrazer O43 - CFD: 06/08/2010 - 01:23:20 - [8704] ----D- C:\Users\mokrane\AppData\Roaming\Template O43 - CFD: 12/02/2011 - 23:57:52 - [8690] ----D- C:\Users\mokrane\AppData\Roaming\Uniblue O43 - CFD: 21/05/2011 - 21:46:34 - [775459] ----D- C:\Users\mokrane\AppData\Roaming\uTorrent O43 - CFD: 25/09/2009 - 03:56:42 - [477919] ----D- C:\Users\mokrane\AppData\Roaming\vlc O43 - CFD: 23/05/2011 - 21:20:54 - [0] ----D- C:\Users\mokrane\AppData\Roaming\VSRevoGroup O43 - CFD: 19/03/2011 - 15:47:42 - [8428] ----D- C:\Users\mokrane\AppData\Roaming\WindSolutions O43 - CFD: 12/02/2011 - 04:09:22 - [61] ----D- C:\Users\mokrane\AppData\Roaming\WinPatrol O43 - CFD: 24/07/2010 - 03:17:24 - [12] ----D- C:\Users\mokrane\AppData\Roaming\WinRAR O43 - CFD: 08/07/2011 - 10:31:00 - [461420] ----D- C:\Users\mokrane\AppData\Local\Adobe O43 - CFD: 12/03/2011 - 14:32:38 - [0] ----D- C:\Users\mokrane\AppData\Local\Apple O43 - CFD: 12/03/2011 - 14:56:06 - [0] ----D- C:\Users\mokrane\AppData\Local\Apple Computer O43 - CFD: 12/08/2009 - 12:21:30 - [21447401288] -SH-D- C:\Users\mokrane\AppData\Local\Application Data O43 - CFD: 12/08/2009 - 12:24:46 - [40534] ----D- C:\Users\mokrane\AppData\Local\ATI O43 - CFD: 11/08/2010 - 04:16:10 - [464807] ----D- C:\Users\mokrane\AppData\Local\cache O43 - CFD: 12/08/2009 - 13:25:38 - [661504] ----D- C:\Users\mokrane\AppData\Local\CyberLink O43 - CFD: 31/03/2011 - 00:34:56 - [0] ----D- C:\Users\mokrane\AppData\Local\eMule O43 - CFD: 30/07/2010 - 16:52:46 - [233467] ----D- C:\Users\mokrane\AppData\Local\FullTiltPoker.NET O43 - CFD: 29/07/2011 - 22:44:36 - [417256228] ----D- C:\Users\mokrane\AppData\Local\Google O43 - CFD: 12/08/2009 - 12:21:30 - [0] -SH-D- C:\Users\mokrane\AppData\Local\Historique O43 - CFD: 25/05/2011 - 19:20:48 - [1222982972] ----D- C:\Users\mokrane\AppData\Local\Microsoft O43 - CFD: 02/07/2011 - 13:27:26 - [733089] ----D- C:\Users\mokrane\AppData\Local\Microsoft Games O43 - CFD: 24/05/2011 - 20:28:32 - [0] ----D- C:\Users\mokrane\AppData\Local\Microsoft Help O43 - CFD: 25/09/2009 - 03:01:32 - [49892722] ----D- C:\Users\mokrane\AppData\Local\Mozilla O43 - CFD: 04/10/2010 - 18:42:12 - [312] ----D- C:\Users\mokrane\AppData\Local\Oberon Games O43 - CFD: 12/02/2011 - 23:56:24 - [0] ----D- C:\Users\mokrane\AppData\Local\PackageAware O43 - CFD: 29/05/2011 - 14:53:26 - [195392] ----D- C:\Users\mokrane\AppData\Local\PMB Files O43 - CFD: 13/02/2011 - 11:09:48 - [0] ----D- C:\Users\mokrane\AppData\Local\Secunia CSI O43 - CFD: 13/02/2011 - 10:52:52 - [0] ----D- C:\Users\mokrane\AppData\Local\Secunia PSI O43 - CFD: 12/02/2011 - 08:35:30 - [0] ----D- C:\Users\mokrane\AppData\Local\Sunbelt Software O43 - CFD: 09/08/2011 - 15:11:46 - [362178702] ----D- C:\Users\mokrane\AppData\Local\Temp O43 - CFD: 12/08/2009 - 12:21:30 - [0] -SH-D- C:\Users\mokrane\AppData\Local\Temporary Internet Files O43 - CFD: 28/03/2011 - 18:19:52 - [5380] ----D- C:\Users\mokrane\AppData\Local\ThemeMii O43 - CFD: 14/02/2011 - 17:07:56 - [384999] ----D- C:\Users\mokrane\AppData\Local\VirtualStore O43 - CFD: 05/08/2011 - 18:14:52 - [127803297] ----D- C:\Users\mokrane\AppData\Local\Windows Live O43 - CFD: 09/08/2011 - 14:35:00 - [0] ----D- C:\Users\mokrane\AppData\Local\{26A8EA07-E23F-4A07-8BDF-428414F5BA6E} O43 - CFD: 05/08/2011 - 18:14:52 - [0] ----D- C:\Users\mokrane\AppData\Local\{309B086C-5EC7-4DFB-BAA6-38D8FC4B191C} O43 - CFD: 06/08/2011 - 12:26:32 - [0] ----D- C:\Users\mokrane\AppData\Local\{89CF3BB9-0818-45C9-96B7-B62428CB4183} O43 - CFD: 05/08/2011 - 20:53:56 - [0] ----D- C:\Users\mokrane\AppData\Local\{D9423FCC-9172-4275-85FA-E4201D65734B} O43 - CFD: 13/04/2011 - 19:26:30 - [102400] ----D- C:\Users\mokrane\AppData\Local\{FB0725AB-14E7-480F-BA34-B3B13E1178E4} O43 - CFD: 09/08/2011 - 14:35:02 - [0] ----D- C:\Users\mokrane\AppData\Local\{FC925665-B259-4822-8CA3-9825BC30F90B} O43 - CFD: 06/08/2011 - 12:26:44 - [0] ----D- C:\Users\mokrane\AppData\Local\{FD868C54-08D4-4ED1-8A42-B52CFED62426} ~ Scan Program Folder in 00mn 13s ---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44) O44 - LFC:[MD5.A4E10DC09E8AB5B92925254E7AF58070] - 09/08/2011 - 14:03:37 ---A- . (...) -- C:\UsbFix.txt [4764] O44 - LFC:[MD5.ECAABC92091491BEBB86FA08FA6D51DC] - 09/08/2011 - 14:02:28 ---A- . (...) -- C:\UsbFix_Upload_Me_PC-DE-MOKRANE.zip [2079507] O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 09/08/2011 - 13:58:19 ---A- . (...) -- C:\Windows\system32\LogConfigTemp.xml [0] O44 - LFC:[MD5.638AF26F89D829F2D1C1E178C4B040A0] - 09/08/2011 - 13:34:00 ---A- . (...) -- C:\Windows\WindowsUpdate.log [1903063] O44 - LFC:[MD5.84159CA7E090EFE63A7F587F6D68AE6A] - 09/08/2011 - 13:32:55 ---A- . (...) -- C:\Windows\system32\.lck [1479] O44 - LFC:[MD5.707678F95146BB40C97ECB11ECCDAF3A] - 09/08/2011 - 13:32:55 ---A- . (...) -- C:\Windows\system32\.rsp [6076] O44 - LFC:[MD5.2DE0B7351A732031AE625B398637D2E1] - 09/08/2011 - 13:30:28 -S-A- . (...) -- C:\Windows\bootstat.dat [67584] O44 - LFC:[MD5.FA45A025C1FCE0C1627C983FC233E873] - 09/08/2011 - 13:30:23 ---A- . (...) -- C:\Windows\PFRO.log [1675370] O44 - LFC:[MD5.A4001C78F2806662B3BD91ACB44E6330] - 02/08/2011 - 13:51:08 ---A- . (...) -- C:\Windows\system32\initdebug.nfo [45] O44 - LFC:[MD5.FAAEA8D92B163497A4D692FC2009846D] - 01/08/2011 - 01:35:34 ---A- . (...) -- C:\Windows\system32\perfh00C.dat [3467038] O44 - LFC:[MD5.80D934C13C66F50905EA09FF9EA57E92] - 01/08/2011 - 01:35:33 ---A- . (...) -- C:\Windows\system32\PerfStringBackup.INI [5982] O44 - LFC:[MD5.7905AF7B0C5AB07B5B1A40114C78E253] - 01/08/2011 - 01:35:33 ---A- . (...) -- C:\Windows\system32\perfc009.dat [948678] O44 - LFC:[MD5.B2BFD9622A5A26908EC4F07D1EBC8372] - 01/08/2011 - 01:35:33 ---A- . (...) -- C:\Windows\system32\perfc00C.dat [1092356] O44 - LFC:[MD5.6E20C106AE3F0B72E8F4EB731B433155] - 01/08/2011 - 01:35:33 ---A- . (...) -- C:\Windows\system32\perfh009.dat [1505138] O44 - LFC:[MD5.0E981DEA97B7EEF53A96CC2F3FBF3FC3] - 11/07/2011 - 20:51:28 ---A- . (...) -- C:\Windows\DirectX.log [307959] ~ Scan Files in 00mn 04s ---\\ Contrôle du Safe Boot (CSB) (O49) O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\system32\Drivers\sermouse.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\system32\Drivers\vga.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vgasave.sys . (...) -- C:\Windows\system32\Drivers\vgasave.sys (.not file.) O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\system32\Drivers\volmgr.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgrx.sys . (.Microsoft Corporation - Volume Manager Extension Driver.) -- C:\Windows\system32\Drivers\volmgrx.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys . (.Microsoft Corporation - IP Network Address Translator.) -- C:\Windows\system32\Drivers\ipnat.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\nsiproxy.sys . (.Microsoft Corporation - NSI Proxy.) -- C:\Windows\system32\Drivers\nsiproxy.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpencdd.sys . (.Microsoft Corporation - RDP Miniport.) -- C:\Windows\system32\Drivers\rdpencdd.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\system32\Drivers\sermouse.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\system32\Drivers\vga.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vgasave.sys . (...) -- C:\Windows\system32\Drivers\vgasave.sys (.not file.) O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\system32\Drivers\volmgr.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgrx.sys . (.Microsoft Corporation - Volume Manager Extension Driver.) -- C:\Windows\system32\Drivers\volmgrx.sys ~ Scan CSB in 00mn 00s ---\\ Trojan Driver Search Data (HKLM) (O52) O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\Windows\System32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm O52 - TDSD: \Drivers32\"vidc.cvid"="iccvid.dll" . (.Radius Inc. - Codec Cinepak®.) -- C:\Windows\system32\iccvid.dll O52 - TDSD: \drivers.desc\"C:\Windows\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm ~ Scan Keys in 00mn 00s ---\\ ShareTools MSconfig StartupReg (O53) O53 - SMSR:HKLM\...\startupreg\4StoryPrePatch [Key] . (.Zamiinc - Pas de description.) -- C:\Program Files\Gameforge4D\4Story\PrePatch.exe O53 - SMSR:HKLM\...\startupreg\Adobe ARM [Key] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe O53 - SMSR:HKLM\...\startupreg\Adobe Reader Speed Launcher [Key] . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe O53 - SMSR:HKLM\...\startupreg\eAudio [Key] . (.Acer Incorporated - Notification tool for RealTek audio chip.) -- C:\Program Files\Acer\Empowering Technology\eAudio\eAudio.exe O53 - SMSR:HKLM\...\startupreg\eDataSecurity Loader [Key] . (.Egis Incorporated - Acer eDataSecurity Management Loader.) -- C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe O53 - SMSR:HKLM\...\startupreg\ePower_DMC [Key] . (.Acer Inc. - Acer ePower Management - DMC.) -- C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe O53 - SMSR:HKLM\...\startupreg\LManager [Key] . (.Dritek System Inc. - Launch Manager.) -- C:\PROGRA~1\LAUNCH~1\QtZgAcer.exe O53 - SMSR:HKLM\...\startupreg\PLFSetI [Key] . (.Pas de propriétaire - DefaultSettingEXE MFC Application.) -- C:\Windows\PLFSetI.exe O53 - SMSR:HKLM\...\startupreg\ProductReg [Key] . (.Acer - ProductR Application.) -- C:\Program Files\Acer\WR_PopUp\ProductReg.exe O53 - SMSR:HKLM\...\startupreg\StartCCC [Key] . (.Advanced Micro Devices, Inc. - Catalyst® Control Center Launcher.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe O53 - SMSR:HKLM\...\startupreg\SunJavaUpdateSched [Key] . (.Sun Microsystems, Inc. - Java Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe O53 - SMSR:HKLM\...\startupreg\swg [Key] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O53 - SMSR:HKLM\...\startupreg\Windows Defender [Key] . (.Microsoft Corporation - Windows Defender User Interface.) -- C:\Program Files\Windows Defender\MSASCui.exe ~ Scan SMSR Keys in 00mn 00s ---\\ Microsoft Control Security Providers (O54) O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - TS Single Sign On Security Package.) -- C:\Windows\system32\credssp.dll O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - TS Single Sign On Security Package.) -- C:\Windows\system32\credssp.dll ~ Scan Keys in 00mn 00s ---\\ Microsoft Windows Policies System (O55) O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=2 O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=1 O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1 O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=0 O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1 O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1 O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=1 O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0 O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0 O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"= O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"= O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0 O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1 O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1 O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0 O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0 ~ Scan Keys in 00mn 00s ---\\ Microsoft Windows Policies Explorer (O56) O56 - MWPE:[HKCU\...\policies\Explorer] - "ClearRecentDocsOnExit"=1 O56 - MWPE:[HKCU\...\policies\Explorer] - "NoDriveAutoRun"=3 O56 - MWPE:[HKCU\...\policies\Explorer] - "NoDriveTypeAutoRun"=0 O56 - MWPE:[HKLM\...\policies\Explorer] - "BindDirectlyToPropertySetStorage"=0 O56 - MWPE:[HKLM\...\policies\Explorer] - "NoDriveTypeAutoRun"=0 O56 - MWPE:[HKLM\...\policies\Explorer] - "NoDriveAutoRun"=3 ~ Scan Keys in 00mn 00s ---\\ Liste des Drivers Système (O58) O58 - SDL:[MD5.04F0FCAC69C7C71A3AC4EB97FAFC8303] - 07/08/2011 - 03:32:46 ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\system32\drivers\adp94xx.sys [422968] O58 - SDL:[MD5.60505E0041F7751BDBB80F88BF45C2CE] - 07/08/2011 - 03:32:51 ---A- . (.Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) -- C:\Windows\system32\drivers\adpahci.sys [300600] O58 - SDL:[MD5.8A42779B02AEC986EAB64ECFC98F8BD7] - 07/08/2011 - 03:32:52 ---A- . (.Adaptec, Inc. - Adaptec LH Ultra160 Driver (x86).) -- C:\Windows\system32\drivers\adpu160m.sys [101432] O58 - SDL:[MD5.241C9E37F8CE45EF51C3DE27515CA4E5] - 07/08/2011 - 03:32:53 ---A- . (.Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver.) -- C:\Windows\system32\drivers\adpu320.sys [149560] O58 - SDL:[MD5.1CFEBA39FC613E45B49D3EDDFBCDA289] - 09/08/2011 - 05:13:00 ---A- . (.Agere Systems - SoftModem Device Driver.) -- C:\Windows\system32\drivers\AGRSM.sys [1203776] O58 - SDL:[MD5.03081E98C515CB838434D252F407F6E8] - 09/08/2011 - 04:18:46 ---A- . (.Advanced Micro Devices, Inc - AMD AHCI Compatible Controller Driver for Windows family.) -- C:\Windows\system32\drivers\ahcix86s.sys [183312] O58 - SDL:[MD5.9EAEF5FC9B8E351AFA7E78A6FAE91F91] - 07/08/2011 - 03:32:21 ---A- . (.Acer Laboratories Inc. - ALi mini IDE Driver.) -- C:\Windows\system32\drivers\aliide.sys [17464] O58 - SDL:[MD5.5D2888182FB46632511ACEE92FDAD522] - 07/08/2011 - 03:32:49 ---A- . (.Adaptec, Inc. - Adaptec RAID Storport Driver.) -- C:\Windows\system32\drivers\arc.sys [79416] O58 - SDL:[MD5.5E2A321BD7C8B3624E41FDEC3E244945] - 07/08/2011 - 03:32:50 ---A- . (.Adaptec, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\Windows\system32\drivers\arcsas.sys [79928] O58 - SDL:[MD5.5B01AF89D16D562825C4DB4530F20CBB] - 09/08/2011 - 01:53:02 ---A- . (.Adaptec - ASPI for WIN32 Kernel Driver.) -- C:\Windows\system32\drivers\ASPI32.SYS [16877] O58 - SDL:[MD5.8BE56F8300E1C37B578DA23C71816B7A] - 09/08/2011 - 08:53:48 ---A- . (.Atheros Communications, Inc. - Atheros Extensible Wireless LAN device driver.) -- C:\Windows\system32\drivers\athr.sys [919552] O58 - SDL:[MD5.44FA26470D4C8123CCF71F4200B782D3] - 07/08/2011 - 03:45:00 ---A- . (.Atheros Communications, Inc. - Atheros Extensible Wireless LAN device driver.) -- C:\Windows\system32\drivers\athrusb.sys [904192] O58 - SDL:[MD5.7526AD10925D1AA9E4E6B0FB393B701F] - 09/08/2011 - 04:17:14 ---A- . (.ATI Technologies Inc. - ATI Radeon Kernel Mode Driver.) -- C:\Windows\system32\drivers\atikmdag.sys [4172288] O58 - SDL:[MD5.C9797B6CF53DF73CAFEC1EC218B3227C] - 07/08/2011 - 04:16:12 ---A- . (.Advanced Micro Devices, Inc. - AMD multi-vendor Miniport Driver.) -- C:\Windows\system32\drivers\atikmpag.sys [88064] O58 - SDL:[MD5.5A1465AD2E7C1BC39CDA12A355329096] - 07/08/2011 - 04:18:08 ---A- . (.ATI Technologies Inc. - ATI PCIE Driver for ATI PCIE chipset.) -- C:\Windows\system32\drivers\AtiPcie.sys [14352] O58 - SDL:[MD5.7526AD10925D1AA9E4E6B0FB393B701F] - 07/08/2011 - 04:17:14 ---A- . (.ATI Technologies Inc. - ATI Radeon Kernel Mode Driver.) -- C:\Windows\system32\drivers\atipmdag.sys [4172288] O58 - SDL:[MD5.14FE36D8F2C6A2435275338D061A0B66] - 07/08/2011 - 17:27:05 ---A- . (.Avira GmbH - Avira Minifilter Driver.) -- C:\Windows\system32\drivers\avgntflt.sys [56816] O58 - SDL:[MD5.9F9ACC7F7CCDE8A15C282D3F88B43309] - 07/08/2011 - 09:24:45 ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver.) -- C:\Windows\system32\drivers\brfiltlo.sys [13568] O58 - SDL:[MD5.56801AD62213A41F6497F96DEE83755A] - 07/08/2011 - 09:24:46 ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver.) -- C:\Windows\system32\drivers\brfiltup.sys [5248] O58 - SDL:[MD5.B304E75CFF293029EDDF094246747113] - 07/08/2011 - 09:25:24 ---A- . (.Brother Industries Ltd. - Pilote Brother Série I/F (WDM).) -- C:\Windows\system32\drivers\BrSerId.sys [71808] O58 - SDL:[MD5.203F0B1E73ADADBBB7B7B1FABD901F6B] - 07/08/2011 - 09:24:44 ---A- . (.Brother Industries Ltd. - Brother Serial driver (WDM version).) -- C:\Windows\system32\drivers\BrSerWdm.sys [62336] O58 - SDL:[MD5.BD456606156BA17E60A04E18016AE54B] - 07/08/2011 - 09:24:44 ---A- . (.Brother Industries Ltd. - Brother USB MDM Driver.) -- C:\Windows\system32\drivers\BrUsbMdm.sys [12160] O58 - SDL:[MD5.AF72ED54503F717A43268B3CC5FAEC2E] - 07/08/2011 - 09:24:47 ---A- . (.Brother Industries Ltd. - Brother USB Serial Driver.) -- C:\Windows\system32\drivers\brusbser.sys [11904] O58 - SDL:[MD5.0CA25E686A4928484E9FDABD168AB629] - 07/08/2011 - 03:32:21 ---A- . (.CMD Technology, Inc. - CMD PCI IDE Bus Driver.) -- C:\Windows\system32\drivers\cmdide.sys [19000] O58 - SDL:[MD5.AE1FDF7BF7BB6C6A70F67699D880592A] - 07/08/2011 - 10:50:11 ---A- . (.Adaptec, Inc. - Adaptec Ultra SCSI miniport.) -- C:\Windows\system32\drivers\djsvs.sys [71272] O58 - SDL:[MD5.73BAF270D24FE726B9CD7F80BB17A23D] - 09/08/2011 - 14:29:38 ---A- . (.Dritek System Inc. - Dritek PS2 Keyboard Filter Driver.) -- C:\Windows\system32\drivers\DKbFltr.sys [21264] O58 - SDL:[MD5.5425F74AC0C1DBD96A1E04F17D63F94C] - 07/08/2011 - 03:32:50 ---A- . (.Intel Corporation - Pilote désérialisé NDIS 6 de la carte Intel® PRO/1000.) -- C:\Windows\system32\drivers\e1g60i32.sys [118784] O58 - SDL:[MD5.23B62471681A124889978F6295B3F4C6] - 07/08/2011 - 03:32:48 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\system32\drivers\elxstor.sys [342584] O58 - SDL:[MD5.16EE7B23A009E00D835CDB79574A91A6] - 07/08/2011 - 03:32:52 ---A- . (.Hewlett-Packard Company - Smart Array Storport Driver.) -- C:\Windows\system32\drivers\HpCISSs.sys [40504] O58 - SDL:[MD5.54155EA1B0DF185878E0FC9EC3AC3A14] - 07/08/2011 - 03:32:49 ---A- . (.Intel Corporation - Intel Matrix Storage Manager driver (base).) -- C:\Windows\system32\drivers\iaStorV.sys [235064] O58 - SDL:[MD5.2D077BF86E843F901D8DB709C95B49A5] - 07/08/2011 - 10:50:17 ---A- . (.Intel Corp./ICP vortex GmbH - Intel/ICP Raid Storport Driver.) -- C:\Windows\system32\drivers\iirsp.sys [41576] O58 - SDL:[MD5.58FF11C95C3681C9250914521CB9F036] - 09/08/2011 - 10:04:16 ---A- . (.Acer, Inc. - int15.) -- C:\Windows\system32\drivers\int15.sys [12832] O58 - SDL:[MD5.8C7FA71CB1EBCD3EDE8958D27B1BF0B4] - 07/08/2011 - 09:42:20 ---A- . (.Acer, Inc. - int15.) -- C:\Windows\system32\drivers\int15_64.sys [17952] O58 - SDL:[MD5.BCED60D16156E428F8DF8CF27B0DF150] - 07/08/2011 - 10:50:07 ---A- . (.Integrated Technology Express, Inc. - ITE IT8211 ATA/ATAPI SCSI miniport.) -- C:\Windows\system32\drivers\iteatapi.sys [35944] O58 - SDL:[MD5.06FA654504A498C30ADCA8BEC4E87E7E] - 07/08/2011 - 10:50:09 ---A- . (.Integrated Technology Express, Inc. - ITE IT8212 ATA RAID SCSI miniport.) -- C:\Windows\system32\drivers\iteraid.sys [35944] O58 - SDL:[MD5.F736EE0D4DA5B9BCC2C8539C8ADD06E2] - 07/08/2011 - 15:05:35 ---A- . (.Kaspersky Lab, SLA - Kaspersky Lab Mini Driver.) -- C:\Windows\system32\drivers\klmd.sys [47952] O58 - SDL:[MD5.24ABDDEB766C8459F9D562EB083B6CB8] - 09/08/2011 - 05:18:22 ---A- . (.Atheros Communications, Inc. - Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller.) -- C:\Windows\system32\drivers\L1E60x86.sys [48640] O58 - SDL:[MD5.C7E15E82879BF3235B559563D4185365] - 07/08/2011 - 03:32:49 ---A- . (.LSI Logic - LSI Logic Fusion-MPT FC Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_fc.sys [96312] O58 - SDL:[MD5.EE01EBAE8C9BF0FA072E0FF68718920A] - 07/08/2011 - 03:32:51 ---A- . (.LSI Logic - LSI Logic Fusion-MPT SAS Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_sas.sys [89656] O58 - SDL:[MD5.912A04696E9CA30146A62AFA1463DD5C] - 07/08/2011 - 03:32:48 ---A- . (.LSI Logic - LSI Logic Fusion-MPT SCSI Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_scsi.sys [96312] O58 - SDL:[MD5.ECA00EED9AB95489007B0EF84C7149DE] - 09/08/2011 - 18:52:42 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Windows\system32\drivers\mbam.sys [22712] O58 - SDL:[MD5.B18225739ED9CAA83BA2DF966E9F43E8] - 09/08/2011 - 18:52:42 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Windows\system32\drivers\mbamswissarmy.sys [41272] O58 - SDL:[MD5.0001CE609D66632FA17B84705F658879] - 07/08/2011 - 03:32:53 ---A- . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows Vista/Longhorn for x.) -- C:\Windows\system32\drivers\megasas.sys [31288] O58 - SDL:[MD5.C252F32CD9A49DBFC25ECF26EBD51A99] - 07/08/2011 - 03:32:52 ---A- . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\Windows\system32\drivers\MegaSR.sys [386616] O58 - SDL:[MD5.4FBBB70D30FD20EC51F80061703B001E] - 07/08/2011 - 10:49:59 ---A- . (.LSI Logic Corporation - MegaRAID RAID Controller Driver for Windows Vista/Longhorn for.) -- C:\Windows\system32\drivers\Mraid35x.sys [33384] O58 - SDL:[MD5.95725C00B580ED75A80E94ACBC77CDBC] - 07/08/2011 - 11:26:20 ---A- . (.Ralink Technology, Corp. - Ralink 802.11 Wireless Adapter Driver.) -- C:\Windows\system32\drivers\netr28.sys [419328] O58 - SDL:[MD5.2E7FB731D4790A1BC6270ACCEFACB36E] - 07/08/2011 - 10:50:19 ---A- . (.IBM Corporation - IBM ServeRAID Controller Driver.) -- C:\Windows\system32\drivers\nfrd960.sys [45160] O58 - SDL:[MD5.2757D2BA59AEE155209E24942AB127C9] - 09/08/2011 - 10:52:06 ---A- . (.NewTech Infosystems, Inc. - NTI CD-ROM Filter Driver.) -- C:\Windows\system32\drivers\NTIDrvr.sys [14848] O58 - SDL:[MD5.E875C093AEC0C978A90F30C9E0DFBB72] - 07/08/2011 - 08:36:50 ---A- . (.N-trig Innovative Technologies - Pilote intégré de digitalisateur de tablette N-trig.) -- C:\Windows\system32\drivers\ntrigdigi.sys [20608] O58 - SDL:[MD5.2EDF9E7751554B42CBB60116DE727101] - 07/08/2011 - 03:32:47 ---A- . (.NVIDIA Corporation - NVIDIA® nForce RAID Driver.) -- C:\Windows\system32\drivers\nvraid.sys [102968] O58 - SDL:[MD5.ABED0C09758D1D97DB0042DBB2688177] - 07/08/2011 - 03:32:47 ---A- . (.NVIDIA Corporation - NVIDIA® nForce Sata Performance Driver.) -- C:\Windows\system32\drivers\nvstor.sys [45112] O58 - SDL:[MD5.3ADB8BD6154A3EF87496E8FCE9C22493] - 07/08/2011 - 08:37:16 ---A- . (.Panda Security, S.L. - Panda Boot Driver.) -- C:\Windows\system32\drivers\pavboot.sys [28552] O58 - SDL:[MD5.CC174F32CC9C18EA3109C4B0FC2CA8DF] - 07/08/2011 - 12:54:20 ---A- . (.PC Tools - PC Tools App Monitor Driver.) -- C:\Windows\system32\drivers\PCTAppEvent.sys [88040] O58 - SDL:[MD5.807FF1DD6E1BDF8E7D2062FCA0DAECAF] - 07/08/2011 - 09:06:14 ---A- . (.PC Tools - PC Tools KDS Core Driver.) -- C:\Windows\system32\drivers\PCTCore.sys [218592] O58 - SDL:[MD5.628321C8DD76AD369B362B202E655A68] - 07/08/2011 - 17:53:10 ---A- . (.Egis Incorporated - Acer eDataSecurity Management PSD Filter Driver.) -- C:\Windows\system32\drivers\psdfilter.sys [18992] O58 - SDL:[MD5.79D7117E62709C7690CF3DD55ACEAD37] - 09/08/2011 - 17:53:10 ---A- . (.Egis Incorporated - Acer eDataSecurity Management PSD Named Pipe Driver.) -- C:\Windows\system32\drivers\PSDNServ.sys [16944] O58 - SDL:[MD5.CAE5E82827990CF4BD4A49576BDE3A43] - 09/08/2011 - 17:53:12 ---A- . (.Egis Incorporated - Acer eDataSecurity Management PSD Virtual Disk Driver.) -- C:\Windows\system32\drivers\PSDVdisk.sys [60464] O58 - SDL:[MD5.1DF21F001F3A94EBA4A2950C70CC358F] - 07/08/2011 - 15:05:32 ---A- . (.Secunia - Secunia PSI Driver.) -- C:\Windows\system32\drivers\psi_mf.sys [14904] O58 - SDL:[MD5.0A6DB55AFB7820C99AA1F3A1D270F4F6] - 07/08/2011 - 03:32:50 ---A- . (.QLogic Corporation - QLogic Fibre Channel Stor Miniport Driver.) -- C:\Windows\system32\drivers\ql2300.sys [1122360] O58 - SDL:[MD5.81A7E5C076E59995D54BC1ED3A16E60B] - 07/08/2011 - 10:50:35 ---A- . (.QLogic Corporation - QLogic iSCSI Storport Miniport Driver.) -- C:\Windows\system32\drivers\ql40xx.sys [106088] O58 - SDL:[MD5.A95B16FF762FF217847B97E6F05778EE] - 09/08/2011 - 10:30:22 ---A- . (.Realtek Semiconductor Corp. - Realtek® High Definition Audio Function Driver.) -- C:\Windows\system32\drivers\RtHDMIV.sys [155808] O58 - SDL:[MD5.B8716D9677B04B82FA405C8C54954728] - 09/08/2011 - 11:49:28 ---A- . (.Realtek Semiconductor Corp. - Realtek® High Definition Audio Function Driver.) -- C:\Windows\system32\drivers\RTKVHDA.sys [2169944] O58 - SDL:[MD5.B0538DEA03E088B80482CA939F4E8740] - 09/08/2011 - 19:01:50 ---A- . (.Realtek Semiconductor Corp. - Realtek USB Mass Storage Driver for Vista.) -- C:\Windows\system32\drivers\RTSTOR.sys [62464] O58 - SDL:[MD5.C1AE5D1F53285D79A0B73A62AF20734F] - 07/08/2011 - 07:37:33 ---A- . (.Sunbelt Software - Anti-Rootkit Engine.) -- C:\Windows\system32\drivers\SBREDrv.sys [98392] O58 - SDL:[MD5.90A3935D05B494A5A39D37E71F09A677] - 09/08/2011 - 07:37:21 ---A- . (.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) -- C:\Windows\system32\drivers\secdrv.sys [20480] O58 - SDL:[MD5.A99C6C8B0BAA970D8AA59DDC50B57F94] - 07/08/2011 - 03:32:52 ---A- . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\Windows\system32\drivers\sisraid4.sys [74808] O58 - SDL:[MD5.FF35C2D01AC36B446A1B997F305F0FC2] - 07/08/2011 - 12:34:52 ---A- . (.Soluto LTD. - Soluto PCGenome Core Driver.) -- C:\Windows\system32\drivers\Soluto.sys [51144] O58 - SDL:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 31/07/2011 - 00:00:00 ---A- . (...) -- C:\Windows\system32\drivers\sptd.sys [431672] O58 - SDL:[MD5.192AA3AC01DF071B541094F251DEED10] - 07/08/2011 - 10:50:05 ---A- . (.LSI Logic - LSI Logic 8XX SCSI Miniport Driver.) -- C:\Windows\system32\drivers\symc8xx.sys [35944] O58 - SDL:[MD5.8C8EB8C76736EBAF3B13B633B2E64125] - 07/08/2011 - 10:49:56 ---A- . (.LSI Logic - LSI Logic Hi-Perf SCSI Miniport Driver.) -- C:\Windows\system32\drivers\sym_hi.sys [31848] O58 - SDL:[MD5.8072AF52B5FD103BBBA387A1E49F62CB] - 07/08/2011 - 10:50:03 ---A- . (.LSI Logic - LSI Logic Ultra160 SCSI Miniport Driver.) -- C:\Windows\system32\drivers\sym_u3.sys [34920] O58 - SDL:[MD5.4C9BB4B3B9EAC26211484C30B914C6DC] - 09/08/2011 - 03:08:42 ---A- . (.Synaptics, Inc. - Synaptics Touchpad Driver.) -- C:\Windows\system32\drivers\SynTP.sys [199472] O58 - SDL:[MD5.72B9E77565DA5FA564581976E000D29B] - 07/08/2011 - 12:56:16 ---A- . (.UPEK Inc. - TouchChip USB Kernel Driver.) -- C:\Windows\system32\drivers\tcusb.sys [50576] O58 - SDL:[MD5.97DD70FECA64FB4F63DE7BB7E66A80B1] - 07/08/2011 - 12:15:48 ---A- . (.EnTech Taiwan - TVicPort Driver for Windows NT/2000/XP.) -- C:\Windows\system32\drivers\TVicPort.sys [14544] O58 - SDL:[MD5.F763E070843EE2803DE1395002B42938] - 07/08/2011 - 10:51:50 ---A- . (.NewTech Infosystems Corporation - NTI CDROM Filter Driver.) -- C:\Windows\system32\drivers\UBHelper.sys [13824] O58 - SDL:[MD5.9224BB254F591DE4CA8D572A5F0D635C] - 07/08/2011 - 03:32:45 ---A- . (.ULi Electronics Inc. - ULi SATA Controller Driver.) -- C:\Windows\system32\drivers\uliahci.sys [238648] O58 - SDL:[MD5.8514D0E5CD0534467C5FC61BE94A569F] - 07/08/2011 - 10:50:35 ---A- . (.Promise Technology, Inc. - Promise Ultra/Sata Series Driver for Win2003.) -- C:\Windows\system32\drivers\ulsata.sys [98408] O58 - SDL:[MD5.38C3C6E62B157A6BC46594FADA45C62B] - 07/08/2011 - 03:32:49 ---A- . (.Promise Technology, Inc. - Promise SATAII150 Series Windows Drivers.) -- C:\Windows\system32\drivers\ulsata2.sys [115816] O58 - SDL:[MD5.EDCA5124B54BCF04E5C0538AA397A9C1] - 09/08/2011 - 17:54:20 ---A- . (.Advanced Micro Devices Inc. - AMD USB Filter Driver.) -- C:\Windows\system32\drivers\usbfilter.sys [22072] O58 - SDL:[MD5.AADF5587A4063F52C2C3FED7887426FC] - 07/08/2011 - 03:32:21 ---A- . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) -- C:\Windows\system32\drivers\viaide.sys [20024] O58 - SDL:[MD5.587253E09325E6BF226B299774B728A9] - 07/08/2011 - 03:32:49 ---A- . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\Windows\system32\drivers\vsmraid.sys [130616] O58 - SDL:[MD5.3FA87D56769838AAC82FAFC3E78FC732] - 09/08/2011 - 07:51:40 ---A- . (.Winbond Electronics Corporation - Winbond MCE CIR Port Driver.) -- C:\Windows\system32\drivers\winbondcir.sys [43008] O58 - SDL:[MD5.40AC8590CC9006DBB99FFCB37879D4C6] - 07/08/2011 - 12:15:48 ---A- . (.Zeal SoftStudio - zntport.) -- C:\Windows\system32\drivers\zntport.sys [6080] O58 - SDL:[MD5.8AAD333C876590293F72B315E162BCC7] - 09/08/2011 - 08:09:42 ---A- . (...) -- C:\Windows\system32\ANSI.SYS [9029] O58 - SDL:[MD5.0FE9F16075C9ACB941C957B7C649176E] - 09/08/2011 - 08:09:45 ---A- . (...) -- C:\Windows\system32\country.sys [27097] O58 - SDL:[MD5.77EBF3E9386DAA51551AF429052D88D0] - 07/08/2011 - 20:33:26 ---A- . (...) -- C:\Windows\system32\giveio.sys [5248] O58 - SDL:[MD5.E6BC0F98FECEF245A0010D350C1A0B9B] - 09/08/2011 - 08:09:41 ---A- . (...) -- C:\Windows\system32\HIMEM.SYS [4768] O58 - SDL:[MD5.492090267B9608C62B956CD29BE3AFB7] - 09/08/2011 - 08:09:44 ---A- . (...) -- C:\Windows\system32\KEY01.SYS [42809] O58 - SDL:[MD5.FBBCFEC1379C5C02D88A361993EDF1B8] - 09/08/2011 - 08:09:44 ---A- . (...) -- C:\Windows\system32\KEYBOARD.SYS [42537] O58 - SDL:[MD5.9131FE60ADFAB595C8DA53AD6A06AA31] - 07/08/2011 - 22:43:08 ---A- . (.INCA Internet Co., Ltd. - nProtect NPSC Kernel Mode Driver for NT.) -- C:\Windows\system32\npptNT2.sys [4682] O58 - SDL:[MD5.FFFF296A08DBF2AC0126C62E3778AC0D] - 09/08/2011 - 08:09:29 ---A- . (...) -- C:\Windows\system32\NTDOS.SYS [27866] O58 - SDL:[MD5.CF9ED169FF86D935E47999E82359E898] - 09/08/2011 - 08:09:35 ---A- . (...) -- C:\Windows\system32\NTDOS404.SYS [29146] O58 - SDL:[MD5.03B945AC0481CD8BB161C3569D8ED1C3] - 09/08/2011 - 08:09:38 ---A- . (...) -- C:\Windows\system32\NTDOS411.SYS [29370] O58 - SDL:[MD5.BBC957DC18C17CC027EB80B7C77F2AEA] - 09/08/2011 - 08:09:40 ---A- . (...) -- C:\Windows\system32\NTDOS412.SYS [29274] O58 - SDL:[MD5.3CFFAEFFF23B0D208214A6D3061A5B1B] - 09/08/2011 - 08:09:31 ---A- . (...) -- C:\Windows\system32\NTDOS804.SYS [29146] O58 - SDL:[MD5.2E4112FB7D1B76E11ADFD7487B5D0E95] - 09/08/2011 - 08:09:20 ---A- . (...) -- C:\Windows\system32\NTIO.SYS [33952] O58 - SDL:[MD5.A98EBD4C2DF983665BF2D1AF49949974] - 09/08/2011 - 08:09:23 ---A- . (...) -- C:\Windows\system32\NTIO404.SYS [34672] O58 - SDL:[MD5.3F7E6406EDEF197C5CAAB2240EEF6F48] - 09/08/2011 - 08:09:24 ---A- . (...) -- C:\Windows\system32\NTIO411.SYS [35776] O58 - SDL:[MD5.3E64D681B776CC57BDC38A46D881F85B] - 09/08/2011 - 08:09:26 ---A- . (...) -- C:\Windows\system32\NTIO412.SYS [35536] O58 - SDL:[MD5.D86B6435729231C171432B4E77801BDB] - 09/08/2011 - 08:09:22 ---A- . (...) -- C:\Windows\system32\NTIO804.SYS [34672] O58 - SDL:[MD5.3FA2E254BFBCE52B3C6F1BF23AAB6911] - 07/08/2011 - 17:08:54 ---A- . (.Almico Software - SpeedFan x32 Driver.) -- C:\Windows\system32\speedfan.sys [25240] ~ Scan Drivers in 00mn 47s ---\\ Liste des outils de nettoyage (O63) O63 - Logiciel: UsbFix By El Desaparecido - (.El Desaparecido.) [HKLM] -- Usbfix O63 - Logiciel: ZHPDiag 1.28 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 ~ Scan ADS in 00mn 00s ---\\ Liste des services Legacy (O64) O64 - Services: CurCS - ??/??/???? - C:\Users\mokrane\AppData\Local\Temp\catchme.sys (.not file.) - catchme (catchme) .(...) - LEGACY_CATCHME O64 - Services: CurCS - 03/04/1996 - C:\Windows\system32\giveio.sys - giveio (giveio) .(...) - LEGACY_GIVEIO O64 - Services: CurCS - 01/10/2008 - C:\Windows\system32\drivers\int15.sys - int15(int15) .(.Acer, Inc. - int15.) - LEGACY_INT15 O64 - Services: CurCS - 23/05/2010 - C:\Windows\system32\drivers\klmd.sys - klmd23(klmd23) .(.Kaspersky Lab, SLA - Kaspersky Lab Mini Driver.) - LEGACY_KLMD23 O64 - Services: CurCS - 06/07/2011 - C:\Windows\system32\drivers\mbam.sys - MBAMProtector(MBAMProtector) .(.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) - LEGACY_MBAMPROTECTOR O64 - Services: CurCS - ??/??/???? - C:\Windows\system32\Drivers\neokdss.sys (.not file.) - neokdss (neokdss) .(...) - LEGACY_NEOKDSS O64 - Services: CurCS - 30/06/2009 - C:\Windows\system32\drivers\pavboot.sys - pavboot(pavboot) .(.Panda Security, S.L. - Panda Boot Driver.) - LEGACY_PAVBOOT O64 - Services: CurCS - 29/07/2008 - C:\Windows\system32\DRIVERS\psdfilter.sys - PSDFilter(PSDFilter) .(.Egis Incorporated - Acer eDataSecurity Management PSD Filter Dr.) - LEGACY_PSDFILTER O64 - Services: CurCS - 29/07/2008 - C:\Windows\system32\DRIVERS\PSDNServ.sys - PSDNServ(PSDNServ) .(.Egis Incorporated - Acer eDataSecurity Management PSD Named Pip.) - LEGACY_PSDNSERV O64 - Services: CurCS - 29/07/2008 - C:\Windows\system32\DRIVERS\PSDVdisk.sys - PSDVdisk(psdvdisk) .(.Egis Incorporated - Acer eDataSecurity Management PSD Virtual D.) - LEGACY_PSDVDISK O64 - Services: CurCS - 07/07/2010 - C:\Windows\system32\DRIVERS\psi_mf.sys - PSI(PSI) .(.Secunia - Secunia PSI Driver.) - LEGACY_PSI O64 - Services: CurCS - 26/06/2011 - C:\Windows\system32\DRIVERS\Soluto.sys - Soluto(Soluto) .(.Soluto LTD. - Soluto PCGenome Core Driver.) - LEGACY_SOLUTO O64 - Services: CurCS - 18/03/2011 - C:\Windows\system32\speedfan.sys - speedfan(speedfan) .(.Almico Software - SpeedFan x32 Driver.) - LEGACY_SPEEDFAN O64 - Services: CurCS - ??/??/???? - C:\Windows\system32\Drivers\sptd.sys - sptd (sptd) .(...) - LEGACY_SPTD O64 - Services: CurCS - 26/05/2008 - C:\Program Files\Acer\Empowering Technology\eRecovery\WSVD.sys - WSVD(WSVD) .(.CyberLink - WIN32.) - LEGACY_WSVD ~ Scan Services in 00mn 06s ---\\ File Associations Shell Spawning (O67) O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] (. - .) -- "%1" %* O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\system32\shell32.dll O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- "%1" %* O67 - Shell Spawning: <.com> <comfile>[HKLM\..\open\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- "%1" %* O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.html> <htmlfile>[HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\IEXPLORE.exe O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe O67 - Shell Spawning: <.bat> <batfile>[HKCU\..\open\Command] (.Not Key.) O67 - Shell Spawning: <.cmd> <cmdfile>[HKCU\..\open\Command] (.Not Key.) O67 - Shell Spawning: <.com> <comfile>[HKCU\..\open\Command] (.Not Key.) O67 - Shell Spawning: <.html> <FirefoxHTML>[HKCU\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe O67 - Shell Spawning: <.com> <>[HKU\..\open\Command] (.Not Key.) O67 - Shell Spawning: <.exe> <>[HKU\..\open\Command] (.Not Key.) O67 - Shell Spawning: <.bat> <batfile>[HKCR\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.cpl> <cplfile>[HKCR\..\cplopen\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\system32\shell32.dll O67 - Shell Spawning: <.cmd> <cmdfile>[HKCR\..\open\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- "%1" %* O67 - Shell Spawning: <.com> <comfile>[HKCR\..\open\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- "%1" %* O67 - Shell Spawning: <.exe> <exefile>[HKCR\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.html> <FirefoxHTML>[HKCR\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe O67 - Shell Spawning: <.js> <JSFile>[HKCR\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe O67 - Shell Spawning: <.reg> <regfile>[HKCR\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe ~ Scan Keys in 00mn 00s ---\\ Start Menu Internet (O68) O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\IEXPLORE.exe ~ Scan Keys in 00mn 00s ---\\ Search Browser Infection (O69) O69 - SBI: SearchScopes [HKCU] ${searchCLSID} - (@ieframe.dll,-12512) - Bing O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (Bing) - Bing O69 - SBI: SearchScopes [HKCU] {65D2BE66-070E-493F-BD42-347FC4861016} - (Google) - Google O69 - SBI: SearchScopes [HKCU] {67A2568C-7A0A-4EED-AECC-B5405DE63B64} - (Google) - Google O69 - SBI: SearchScopes [HKCU] {AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8} - (DAEMON Search) - DAEMON-Search.com :: EXPLORE ~ Scan Keys in 00mn 00s ---\\ Recherche particuliere à la racine de certains dossiers (O84) [MD5.7E7EB7AFF595774E5E500B34058CC1A7] [sPRF][09/08/2011] (...) -- C:\Users\mokrane\AppData\Local\Temp\sfamcc00001.dll [192512] [MD5.7E7EB7AFF595774E5E500B34058CC1A7] [sPRF][03/08/2011] (...) -- C:\Users\mokrane\AppData\Local\Temp\sfamcc00002.dll [192512] [MD5.A4A8CE1C7696B143356208609BA1A4C9] [sPRF][18/12/2010] (...) -- C:\Users\mokrane\AppData\Local\Temp\sfextra.dll [55296] [MD5.0D67B42B14304488C2342F61172A3A56] [sPRF][09/08/2011] (.El Desaparecido.com - UsbFix.) -- C:\Users\mokrane\Desktop\UsbFix.exe [1235521] [MD5.926B2A1332775D6C23FD276351639A74] [sPRF][01/07/2011] (...) -- C:\Users\mokrane\Desktop\vlc-1.1.10-win32.exe [21022914] [MD5.18075B2C9F0F300BEE209744A8BEC353] [sPRF][05/01/2009] (...) -- C:\Windows\Downloaded Program Files\bdcore.dll [32] [MD5.61FB16B6016BCC9AA42E02F787DC87FC] [sPRF][26/01/2010] (.Adobe Systems Incorporated - Adobe® Flash® Player ActiveX Installer.) -- C:\Windows\Downloaded Program Files\FP_AX_CAB_INSTALLER.exe [1955384] [MD5.2B1C4C87EB20ADDBA59DCA975E28DFFB] [sPRF][05/01/2009] (...) -- C:\Windows\Downloaded Program Files\ipsupd.dll [741376] [MD5.18075B2C9F0F300BEE209744A8BEC353] [sPRF][05/01/2009] (...) -- C:\Windows\Downloaded Program Files\libfn.dll [32] [MD5.296D82A66880F9186C62C87BF588C448] [sPRF][08/10/2009] (.CJInternet Inc. - Netmarble Auto Update Module.) -- C:\Windows\Downloaded Program Files\NMAutoUpdateX.dll [108056] [MD5.C916859724A976A47F8A08E6D85EB84D] [sPRF][21/01/2009] (.CJInternet Inc. - Netmarble System ID Informaion Module.) -- C:\Windows\Downloaded Program Files\NMSystemIDInfo.dll [108096] [MD5.F43C810230BEAEF1D3BAF3D645B3E46C] [sPRF][20/03/2009] (.CA - eTrust PestPatrol version 5 SDK.) -- C:\Windows\Downloaded Program Files\ppctl.dll [820464] [MD5.823451876778F382B23AFE20EF2DDC20] [sPRF][20/07/2011] (.BitDefender LLC - BitDefender QuickScan.) -- C:\Windows\Downloaded Program Files\qsax.dll [1220672] ~ Scan Files in 00mn 00s ---\\ Firewall Active Exception List (FirewallRules) (O87) O87 - FAEL: "{C9F8FC4D-A06E-4F89-BF10-0D1105158EED}" | In - Domain - P6 - TRUE | .(.Pas de propriétaire - Pando Media Booster.) -- C:\Program Files\Pando Networks\Media Booster\PMB.exe O87 - FAEL: "{B4F62EFB-63F8-4F5E-87FB-619272A372F8}" | In - Domain - P17 - TRUE | .(.Pas de propriétaire - Pando Media Booster.) -- C:\Program Files\Pando Networks\Media Booster\PMB.exe O87 - FAEL: "{DC0656C4-9B4E-4AFC-91C2-C6C9B1C822AB}" | In - Private - P6 - TRUE | .(.Pas de propriétaire - Pando Media Booster.) -- C:\Program Files\Pando Networks\Media Booster\PMB.exe O87 - FAEL: "{132F5DE8-FF3B-4E5D-A47C-F3F12CA06A8F}" | In - Private - P17 - TRUE | .(.Pas de propriétaire - Pando Media Booster.) -- C:\Program Files\Pando Networks\Media Booster\PMB.exe O87 - FAEL: "{A4759238-8465-40C3-ACE7-3D91A8B65FE1}" | In - None - P17 - TRUE | .(.Pas de propriétaire - Pando Media Booster.) -- C:\Program Files\Pando Networks\Media Booster\PMB.exe O87 - FAEL: "{568AB570-EC48-4FB7-8E32-732574E243D8}" | In - Private - P6 - TRUE | .(.Soluto Inc - Soluto Installer.) -- C:\Users\mokrane\Downloads\solutoinstaller.exe O87 - FAEL: "{8A09D93C-19A9-42FC-93E5-00378B0CC032}" | In - Private - P17 - TRUE | .(.Soluto Inc - Soluto Installer.) -- C:\Users\mokrane\Downloads\solutoinstaller.exe O87 - FAEL: "{DF740F14-B164-4418-8B11-5F647AE51EBB}" | In - Private - P6 - TRUE | .(.Soluto - Soluto Anti-Frustration Software.) -- C:\Program Files\Soluto\Soluto.exe O87 - FAEL: "{C553DA7C-F506-4535-8629-90ACA9A0F1AF}" | In - Private - P17 - TRUE | .(.Soluto - Soluto Anti-Frustration Software.) -- C:\Program Files\Soluto\Soluto.exe O87 - FAEL: "{F24CCB76-55A5-441C-BC88-D41733FA15D8}" | In - Private - P6 - TRUE | .(.Soluto - Soluto Anti-Frustration Software.) -- C:\Program Files\Soluto\SolutoService.exe O87 - FAEL: "{DC6B94C0-0B17-4F74-B6FB-7F365D1B00C7}" | In - Private - P17 - TRUE | .(.Soluto - Soluto Anti-Frustration Software.) -- C:\Program Files\Soluto\SolutoService.exe O87 - FAEL: "{B7154539-1358-4692-948A-C4A4AC5ABA04}" | In - Private - P6 - TRUE | .(.Soluto - Soluto Anti-Frustration Software.) -- C:\Program Files\Soluto\SolutoConsole.exe O87 - FAEL: "{B25792A8-9020-4687-95B3-084D922EC2EA}" | In - Private - P17 - TRUE | .(.Soluto - Soluto Anti-Frustration Software.) -- C:\Program Files\Soluto\SolutoConsole.exe O87 - FAEL: "{B76116BA-8483-4AC7-9A8D-512BDBB3E172}" | In - Private - P6 - TRUE | .(.Soluto - Soluto Anti-Frustration Software.) -- C:\Program Files\Soluto\SolutoUpdateService.exe O87 - FAEL: "{81BF8932-C171-42FD-900D-A13C6909B8A0}" | In - Private - P17 - TRUE | .(.Soluto - Soluto Anti-Frustration Software.) -- C:\Program Files\Soluto\SolutoUpdateService.exe ~ Scan Firewall in 00mn 01s ---\\ Recherche détournement de DNS routeur (O89) Serveur : ns1.numericable.net Address: 89.2.0.1 Nom : www.l.google.com Addresses: 209.85.148.147 209.85.148.106 209.85.148.104 209.85.148.99 209.85.148.105 209.85.148.103 Aliases: www.google.fr www.google.com ~ Scan DNS in 00mn 02s ---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped) SS - | Auto 09/08/2011 13312 | (AgereModemAudio) . (.Agere Systems.) - C:\Windows\system32\agrsmsvc.exe SS - | Auto 09/08/2011 724992 | (Ati External Event Utility) . (.ATI Technologies Inc..) - C:\Windows\system32\Ati2evxx.exe SS - | Auto 09/08/2011 500784 | (eDataSecurity Service) . (.Egis Incorporated.) - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe SR - | Auto 09/08/2011 24576 | (ETService) . (...) - C:\Program Files\Acer\Empowering Technology\Service\ETService.exe SS - | Auto 09/08/2011 135664 | (gupdate) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe SS - | Demand 09/08/2011 135664 | (gupdatem) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe SS - | Auto 09/08/2011 194104 | (gusvc) . (.Google.) - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe SS - | Auto 09/08/2011 366640 | (MBAMService) . (.Malwarebytes Corporation.) - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe SS - | Auto 09/08/2011 110592 | (MobilityService) . (...) - C:\Acer\Mobility Center\MobilityService.exe SS - | Demand 09/08/2011 4023760 | (npggsvc) . (.INCA Internet Co., Ltd..) - C:\Windows\system32\GameMon.des SS - | Auto 09/08/2011 376352 | (SolutoService) . (.Soluto.) - C:\Program Files\Soluto\SolutoService.exe SR - | Auto 09/08/2011 21504 | C:\Windows\system32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\system32\svchost.exe ~ Scan Services in 00mn 03s ---\\ Recherche Master Boot Record Infection (MBR)(O80) Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, GMER - Rootkit Detector and Remover Run by mokrane at 09/08/2011 15:13:33 device: opened successfully user: MBR read successfully Disk trace: called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys PCTCore.sys storport.sys hal.dll ahcix86s.sys C:\Windows\system32\drivers\PCTCore.sys PC Tools Kernel Driver Suite C:\Windows\system32\DRIVERS\ahcix86s.sys Advanced Micro Devices, Inc AMD AHCI Compatible Controller 1 ntkrnlpa!IofCallDriver[0x84050912] -> \Device\Harddisk0\DR0[0x888CC4D8] 3 CLASSPNP[0x853BE8B3] -> ntkrnlpa!IofCallDriver[0x84050912] -> [0x888CCDA0] 5 PCTCore[0x846D1EAE] -> ntkrnlpa!IofCallDriver[0x84050912] -> \Device\00000067[0x87DB8C90] kernel: MBR read successfully user & kernel MBR OK error: Read Ressources système insuffisantes pour terminer le service demandé. ~ Scan MBR in 00mn 05s ---\\ Recherche Master Boot Record Infection (MBRCheck)(O80) Written by ad13, http://ad13.geekstog Run by mokrane at 09/08/2011 15:13:35 ********* Dump file Name ********* C:\PhysicalDisk0_MBR.bin ~ Scan MBR in 00mn 07s End of the scan (1285 lines in 02mn 20s)(0)

Bonjour voici le rapport ############################## | UsbFix 7.055 | [Recherche] Utilisateur: mokrane (Administrateur) # PC-DE-MOKRANE [Acer, inc. Aspire 6530] Mis à jour le 06/08/2011 par El Desaparecido Lancé à 14:39:05 | 09/08/2011 Site Web: http://www.teamxscript.org Submit your sample: http://www.teamxscript.org/Upload.php Contact: TeamXscript.ElDesaparecido@gmail.com CPU: AMD Athlon X2 Dual-Core QL-62 CPU 2: AMD Athlon X2 Dual-Core QL-62 Microsoft® Windows Vista™ Édition Familiale Basique (6.0.6002 32-Bit) # Service Pack 2 Internet Explorer 9.0.8112.16421 Pare-feu Windows: Désactivé /!\ RAM -> 2814 Mo C:\ (%systemdrive%) -> Disque fixe # 110 Go (61 Go libre(s) - 55%) [ACER] # NTFS D:\ -> Disque fixe # 107 Go (104 Go libre(s) - 97%) [DATA] # NTFS F:\ -> CD-ROM ################## | Éléments infectieux | Présent! C:\Users\Public\NTUSER.DAT{c9917ae2-aef8-11df-8104-00238b9d3889}.TM.blf Présent! C:\Users\Public\NTUSER.DAT{c9917ae2-aef8-11df-8104-00238b9d3889}.TMContainer00000000000000000001.regtrans-ms Présent! C:\Users\Public\NTUSER.DAT{c9917ae2-aef8-11df-8104-00238b9d3889}.TMContainer00000000000000000002.regtrans-ms Présent! C:\Users\Public\NTUSER.DAT{e7d6ca3d-6724-11df-897b-00238b9d3889}.TM.blf Présent! C:\Users\Public\NTUSER.DAT{e7d6ca3d-6724-11df-897b-00238b9d3889}.TMContainer00000000000000000001.regtrans-ms Présent! C:\Users\Public\NTUSER.DAT{e7d6ca3d-6724-11df-897b-00238b9d3889}.TMContainer00000000000000000002.regtrans-ms Présent! C:\Users\mokrane\AppData\Roaming\lowsec Présent! C:\Users\mokrane\AppData\Roaming\lowsec\local.ds Présent! C:\Users\mokrane\AppData\Roaming\lowsec\user.ds ################## | Registre | Présent! HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System|DisableRegistryTools Présent! HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\explorer|NoDrives ################## | Mountpoints2 | ################## | Vaccin | (!) Cet ordinateur n'est pas vacciné! ################## | E.O.F |

bonjour je crois que on ma oublié voici le lien de mon sujet http://forum.zebulon.fr/aide-virus-t187091.html

Bonjour J'ai un probleme mon pc a crashé (reste alumer sur ecran noir )... J'ai realiser un scanne avec microsoft security essentials m'indiquant que mon pc est infecter ... ,il la trouver des virus qui on était placer en quarantaine ,je vous demande votre aide Je ne sais pas trop quoi faire avec?? merci voici le nom Virus:VBS/Ramnit.B containerfile:C:\Users\mokrane\AppData\Local\Microsoft\Windows\Tempory Internet Files\Content.IE5\455344TJ\donation[1].htm containerfile:C:\Users\mokrane\AppData\Local\Microsoft\Windows\Tempory Internet Files\Content.IE5\455344TJ\donation[2].htm containerfile:C:\Users\mokrane\AppData\Local\Microsoft\Windows\Tempory Internet Files\Content.IE5\455344TJ\donation[3].htm containerfile:C:\Users\mokrane\AppData\Local\Microsoft\Windows\Tempory Internet Files\Content.IE5\455344TJ\donation[4].htm containerfile:C:\Users\mokrane\AppData\Local\Microsoft\Windows\Tempory Internet Files\Content.IE5\455344TJ\donation[5].htm containerfile:C:\Users\mokrane\AppData\Local\Microsoft\Windows\Tempory Internet Files\Content.IE5\455344TJ\donation[8].htm containerfile:C:\Users\mokrane\AppData\Local\Microsoft\Windows\Tempory Internet Files\Content.IE5\455344TJ\donation[9].htm containerfile:C:\Users\mokrane\AppData\Local\Microsoft\Windows\Tempory Internet Files\Content.IE5\5W9280LQ\donation[1].htm containerfile:C:\Users\mokrane\AppData\Local\Microsoft\Windows\Tempory Internet Files\Content.IE5\5W9280LQ\donation[2].htm containerfile:C:\Users\mokrane\AppData\Local\Microsoft\Windows\Tempory Internet Files\Content.IE5\5W9280LQ\donation[3].htm containerfile:C:\Users\mokrane\AppData\Local\Microsoft\Windows\Tempory Internet Files\Content.IE5\5W9280LQ\donation[4].htm containerfile:C:\Users\mokrane\AppData\Local\Microsoft\Windows\Tempory Internet Files\Content.IE5\7MIN7P8N\donation[1].htm containerfile:C:\Users\mokrane\AppData\Local\Microsoft\Windows\Tempory Internet Files\Content.IE5\MZDU9XFA\donation[1].htm containerfile:C:\Users\mokrane\AppData\Local\Microsoft\Windows\Tempory Internet Files\Content.IE5\WZVPUTI3\donation[1].htm containerfile:C:\Users\mokrane\AppData\Local\Microsoft\Windows\Tempory Internet Files\Content.IE5\XSHFGL3I\donation[1].htm containerfile:C:\Users\mokrane\AppData\Local\Microsoft\Windows\Tempory Internet Files\Content.IE5\XSHFGL3I\donation[2].htm file:C:\Users\mokrane\AppData\Local\Microsoft\Windows\Tempory Internet Files\Content.IE5\455344TJ\donation[1].htm->(SCRIPT0002) file:C:\Users\mokrane\AppData\Local\Microsoft\Windows\Tempory Internet Files\Content.IE5\455344TJ\donation[2].htm->(SCRIPT0002) file:C:\Users\mokrane\AppData\Local\Microsoft\Windows\Tempory Internet Files\Content.IE5\455344TJ\donation[3].htm->(SCRIPT0002) file:C:\Users\mokrane\AppData\Local\Microsoft\Windows\Tempory Internet Files\Content.IE5\455344TJ\donation[4].htm->(SCRIPT0002) file:C:\Users\mokrane\AppData\Local\Microsoft\Windows\Tempory Internet Files\Content.IE5\455344TJ\donation[5].htm->(SCRIPT0002) file:C:\Users\mokrane\AppData\Local\Microsoft\Windows\Tempory Internet Files\Content.IE5\455344TJ\donation[8].htm->(SCRIPT0002) file:C:\Users\mokrane\AppData\Local\Microsoft\Windows\Tempory Internet Files\Content.IE5\455344TJ\donation[9].htm->(SCRIPT0002) file:C:\Users\mokrane\AppData\Local\Microsoft\Windows\Tempory Internet Files\Content.IE5\5W9280LQ\donation[1].htm->(SCRIPT0002) file:C:\Users\mokrane\AppData\Local\Microsoft\Windows\Tempory Internet Files\Content.IE5\5W9280LQ\donation[2].htm->(SCRIPT0002) file:C:\Users\mokrane\AppData\Local\Microsoft\Windows\Tempory Internet Files\Content.IE5\5W9280LQ\donation[3].htm->(SCRIPT0002) file:C:\Users\mokrane\AppData\Local\Microsoft\Windows\Tempory Internet Files\Content.IE5\5W9280LQ\donation[4].htm->(SCRIPT0002) file:C:\Users\mokrane\AppData\Local\Microsoft\Windows\Tempory Internet Files\Content.IE5\7MIN7P8N\donation[1].htm->(SCRIPT0002) file:C:\Users\mokrane\AppData\Local\Microsoft\Windows\Tempory Internet Files\Content.IE5\MZDU9XFA\donation[1].htm->(SCRIPT0002) file:C:\Users\mokrane\AppData\Local\Microsoft\Windows\Tempory Internet Files\Content.IE5\WZVPUTI3\donation[1].htm->(SCRIPT0002) file:C:\Users\mokrane\AppData\Local\Microsoft\Windows\Tempory Internet Files\Content.IE5\XSHFGL3I\donation[1].htm->(SCRIPT0002) file:C:\Users\mokrane\AppData\Local\Microsoft\Windows\Tempory Internet Files\Content.IE5\XSHFGL3I\donation[2].htm->(SCRIPT0002) voici le rapport arcavirmicroscan ArcaVirMicroScan - Scanning report [2011.08.05 17:31:04] Base date : 2011.08.05 01:53:29 [scanning : C:] C:\Windows\System32\Agent.OMZ.Fix.exe<UPX>:Agent.OMZ.Fix.exe <- Worm.Autorun.Bpbi : No action [scanning : D:] D:\PC-DE-MOKRANE\Backup Set 2011-02-18 144338\Backup Files 2011-02-18 144338\Backup files 18.zip<ZIP>:C\Users\mokrane\Documents\Vuze Downloads\Naruto Shippuden Ultimate Ninja 5 [PAL] [spanish] [PS2DVD] [www.consolasatope.com]\Naruto Shippuden Ultimate Ninja 5 [PAL] [spanish] [PS2DVD] [www.consolasatope.com].iso <- ArchBomb : No action [scanning : F:] Scanned objects : 640279 Infected objects : 6 C:\Documents and Settings\mokrane\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\4\8f85c44-12ac87d5<ZIP>:vload.class <- Generic.30.31629 : Delete C:\Documents and Settings\mokrane\Downloads\Dolphin_Official_Release_2.0_7330.exe <- Generic.18.39652 : Delete