Security Tool

JuSoleil · le 28 Nov 2010 19:02

Bonjour,

Je cherche quelqu'un pou m'aider SVP :cry:

. Je viens d'attraper le virus Security Tool sur mon PC. Je naviguais sur Internet Explorer et j'ai ouvert une nouvelle fenêtre. C'est à ce moment-là qu'une application Security Tool s'est affichée et a commencé à scanner mon ordinateur, j'ai tout de suite appuyer sur Stop pour arrêter le scan mais l'application est restée ouverte. J'ai ensuite essayé de re-démarrer mais le virus m'en empêcheait.

Je ne sais pas quoi faire, me connaissances en info sont très limitées et j'ai peur de perdre mes données (quelques années de travail :S ).

Je vous remercie d'avance.

Ju

Del-crosseur · le 28 Nov 2010 19:08

Bonsoir , pour faire avancer la chose avant que je m'absente cette semaine puis qu'une autre personne te prenne en charge , je vais te demander de suivre cette procédure
-> preparer-demande-aide-desinfection-vt-54149.html

Si tu n'arrive pas à démarrer/Téléchargez "OTL" ou "USBFix"... Lance ton PC en Mode Sanc echec pour pouvoir lancer les outils de nettoyages/Diagnostiques sans problème.

@ ++

JuSoleil · le 28 Nov 2010 20:38

voici le rapport OTL

Code: Tout sélectionner: OTL logfile created on: 28/11/2010 20:22:29 - Run 1 OTL by OldTimer - Version 3.2.17.3 Folder = C:\Users\Juliana Lima\Desktop Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18975) Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy 3,00 Gb Total Physical Memory | 3,00 Gb Available Physical Memory | 85,00% Memory free 6,00 Gb Paging File | 6,00 Gb Available in Paging File | 96,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 293,33 Gb Total Space | 179,63 Gb Free Space | 61,24% Space Free | Partition Type: NTFS Drive D: | 293,08 Gb Total Space | 216,54 Gb Free Space | 73,89% Space Free | Partition Type: NTFS Drive G: | 1,87 Gb Total Space | 1,64 Gb Free Space | 87,52% Space Free | Partition Type: FAT32 Computer Name: JULIANALIMA | User Name: Juliana Lima | Logged in as Administrator. Boot Mode: SafeMode | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2010/11/28 20:17:34 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Juliana Lima\Desktop\OTL.exe PRC - [2009/04/11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe PRC - [2008/11/13 09:33:54 | 000,097,128 | ---- | M] (Microsoft Corp.) -- C:\Program Files\Microsoft\Office Live\OfficeLiveSignIn.exe [color=#E56717]========== Modules (SafeList) ==========[/color] MOD - [2010/11/28 20:17:34 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Juliana Lima\Desktop\OTL.exe MOD - [2010/08/31 16:43:52 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - [2010/11/17 11:21:26 | 000,052,824 | ---- | M] ( ) [Unknown | Stopped] -- C:\PROGRA~1\GbPlugin\GbpSv.exe -- (GbpSv) SRV - [2010/10/16 00:40:40 | 000,037,664 | ---- | M] (Apple Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device) SRV - [2010/08/17 13:39:03 | 000,135,336 | ---- | M] (Avira GmbH) [Auto | Stopped] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService) SRV - [2010/08/17 13:38:55 | 000,267,944 | ---- | M] (Avira GmbH) [Auto | Stopped] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService) SRV - [2010/08/08 16:27:47 | 000,030,192 | ---- | M] (Google) [On_Demand | Stopped] -- C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe -- (GoogleDesktopManager-051210-111108) SRV - [2010/03/18 12:16:28 | 000,753,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe -- (WPFFontCache_v0400) SRV - [2010/03/18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2010/01/15 13:49:20 | 000,227,232 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe -- (McComponentHostService) SRV - [2009/11/29 18:03:45 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service) SRV - [2009/10/14 16:12:21 | 000,085,096 | ---- | M] (Autodesk) [On_Demand | Stopped] -- C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe -- (Autodesk Licensing Service) SRV - [2009/09/25 02:27:04 | 000,793,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\FntCache.dll -- (FontCache) SRV - [2009/05/19 11:36:18 | 000,240,512 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe -- (SeaPort) SRV - [2008/03/04 22:38:34 | 000,500,784 | ---- | M] (Egis Incorporated) [Auto | Stopped] -- C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe -- (eDataSecurity Service) SRV - [2008/01/25 17:49:04 | 000,269,448 | ---- | M] (CyberLink) [Auto | Stopped] -- C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe -- (Acer HomeMedia Connect Service) SRV - [2008/01/21 03:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend) SRV - [2007/12/19 17:09:22 | 000,024,576 | ---- | M] () [Auto | Stopped] -- C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe -- (eSettingsService) SRV - [2007/10/17 09:38:20 | 000,028,672 | ---- | M] () [Auto | Stopped] -- C:\Acer\Empowering Technology\ePerformance\MemCheck.exe -- (AcerMemUsageCheckService) SRV - [2007/09/10 14:28:18 | 000,057,344 | ---- | M] (Acer Inc.) [Auto | Stopped] -- C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe -- (eRecoveryService) SRV - [2007/02/06 17:47:12 | 000,105,248 | ---- | M] (Logitech Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe -- (LVSrvLauncher) SRV - [2007/02/06 17:45:26 | 000,109,344 | ---- | M] (Logitech Inc.) [Auto | Stopped] -- c:\program files\common files\logishrd\lvmvfm\LVPrcSrv.exe -- (LVPrcSrv) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\lv302af.sys -- (pepifilter) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\LVUSBSta.sys -- (LVUSBSta) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\ipinip.sys -- (IpInIp) DRV - [2010/11/17 11:19:38 | 000,047,008 | ---- | M] (GAS Tecnologia) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\gbpkm.sys -- (GbpKm) DRV - [2010/08/17 13:39:11 | 000,126,856 | ---- | M] (Avira GmbH) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb) DRV - [2010/08/17 13:39:11 | 000,060,936 | ---- | M] (Avira GmbH) [File_System | Auto | Stopped] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt) DRV - [2010/06/17 15:28:02 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv) DRV - [2009/12/14 11:25:06 | 000,691,696 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot | Stopped] -- C:\Windows\System32\Drivers\sptd.sys -- (sptd) DRV - [2009/04/11 05:42:54 | 000,073,216 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\USBAUDIO.sys -- (usbaudio) Pilote USB audio (WDM) DRV - [2009/02/13 11:34:33 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System | Stopped] -- C:\Program Files\Avira\AntiVir Desktop\avgio.sys -- (avgio) DRV - [2008/11/11 12:42:00 | 000,024,832 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgusbmodem.sys -- (USBModem) DRV - [2008/11/11 12:41:00 | 000,019,968 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgusbdiag.sys -- (UsbDiag) DRV - [2008/11/11 12:41:00 | 000,013,056 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgusbbus.sys -- (usbbus) DRV - [2008/07/08 08:11:00 | 000,103,936 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ZTEusbser6k.sys -- (ZTEusbser6k) DRV - [2008/07/08 08:11:00 | 000,103,936 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ZTEusbnmea.sys -- (ZTEusbnmea) DRV - [2008/07/08 08:11:00 | 000,103,936 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ZTEusbmdm6k.sys -- (ZTEusbmdm6k) DRV - [2008/03/04 22:38:44 | 000,060,464 | ---- | M] (Egis Incorporated) [Kernel | Auto | Stopped] -- C:\Windows\System32\drivers\PSDVdisk.sys -- (psdvdisk) DRV - [2008/03/04 22:38:44 | 000,016,944 | ---- | M] (Egis Incorporated) [Kernel | Auto | Stopped] -- C:\Windows\System32\drivers\PSDNServ.sys -- (PSDNServ) DRV - [2008/03/04 22:38:42 | 000,018,992 | ---- | M] (Egis Incorporated) [File_System | Boot | Running] -- C:\Windows\system32\DRIVERS\psdfilter.sys -- (PSDFilter) DRV - [2008/01/21 03:23:27 | 000,386,616 | ---- | M] (LSI Corporation, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasr.sys -- (MegaSR) DRV - [2008/01/21 03:23:27 | 000,149,560 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320) DRV - [2008/01/21 03:23:27 | 000,031,288 | ---- | M] (LSI Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasas.sys -- (megasas) DRV - [2008/01/21 03:23:26 | 000,101,432 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m) DRV - [2008/01/21 03:23:26 | 000,074,808 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4) DRV - [2008/01/21 03:23:26 | 000,040,504 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs) DRV - [2008/01/21 03:23:25 | 000,300,600 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci) DRV - [2008/01/21 03:23:25 | 000,089,656 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS) DRV - [2008/01/21 03:23:24 | 001,122,360 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300) DRV - [2008/01/21 03:23:24 | 000,118,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60) Intel(R) DRV - [2008/01/21 03:23:24 | 000,079,928 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas) DRV - [2008/01/21 03:23:23 | 000,235,064 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV) DRV - [2008/01/21 03:23:23 | 000,130,616 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid) DRV - [2008/01/21 03:23:23 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2) DRV - [2008/01/21 03:23:23 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI) DRV - [2008/01/21 03:23:23 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC) DRV - [2008/01/21 03:23:23 | 000,079,416 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arc.sys -- (arc) DRV - [2008/01/21 03:23:22 | 000,342,584 | ---- | M] (Emulex) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor) DRV - [2008/01/21 03:23:21 | 000,422,968 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx) DRV - [2008/01/21 03:23:21 | 000,102,968 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid) DRV - [2008/01/21 03:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor) DRV - [2008/01/21 03:23:20 | 000,238,648 | ---- | M] (ULi Electronics Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci) DRV - [2008/01/21 03:23:00 | 000,020,024 | ---- | M] (VIA Technologies, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\viaide.sys -- (viaide) DRV - [2008/01/21 03:23:00 | 000,019,000 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide) DRV - [2008/01/21 03:23:00 | 000,017,464 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\aliide.sys -- (aliide) DRV - [2007/11/06 08:30:48 | 000,006,080 | ---- | M] (Zeal SoftStudio) [Kernel | Auto | Stopped] -- C:\Windows\System32\drivers\zntport.sys -- (zntport) DRV - [2007/11/06 08:30:46 | 000,014,544 | ---- | M] (EnTech Taiwan) [Kernel | Auto | Stopped] -- C:\Windows\System32\drivers\TVicPort.sys -- (tvicport) DRV - [2007/06/26 15:00:42 | 002,770,432 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag) DRV - [2007/06/22 10:34:00 | 001,788,056 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\RTKVHDA.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM) DRV - [2007/06/18 11:03:32 | 000,737,280 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\athr.sys -- (athr) DRV - [2007/05/14 03:10:00 | 000,135,400 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\RtHDMIV.sys -- (RTHDMIAzAudService) DRV - [2007/04/30 06:42:14 | 000,081,408 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169) DRV - [2007/04/11 05:24:38 | 000,006,144 | ---- | M] (NewTech Infosystems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NTIDrvr.sys -- (NTIDrvr) DRV - [2007/02/06 17:45:04 | 000,025,632 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\LVPr2Mon.sys -- (LVPr2Mon) DRV - [2007/02/06 17:42:40 | 001,691,808 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Lvckap.sys -- (LVcKap) DRV - [2006/12/08 08:12:02 | 000,076,584 | ---- | M] () [Kernel | Auto | Stopped] -- C:\Acer\Empowering Technology\eRecovery\int15.sys -- (int15) DRV - [2006/11/02 10:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx) DRV - [2006/11/02 10:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata) DRV - [2006/11/02 10:50:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960) DRV - [2006/11/02 10:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp) DRV - [2006/11/02 10:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx) DRV - [2006/11/02 10:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid) DRV - [2006/11/02 10:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi) DRV - [2006/11/02 10:50:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx) DRV - [2006/11/02 10:50:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3) DRV - [2006/11/02 10:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x) DRV - [2006/11/02 10:49:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi) DRV - [2006/11/02 09:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM) DRV - [2006/11/02 09:24:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer) DRV - [2006/11/02 09:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp) DRV - [2006/11/02 09:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo) DRV - [2006/11/02 09:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm) DRV - [2006/11/02 09:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm) DRV - [2006/11/02 08:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr.fr.acer.yahoo.com IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.duxet.com/ IE - HKLM\..\URLSearchHook: {7b13ec3e-999a-4b70-b9cb-2617b8323822} - C:\Program Files\Zynga\tbZyng.dll (Conduit Ltd.) IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-1623852516-2988552793-76773825-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACAW&l=040c&s=1&o=vp32&d=0209&m=aspire_l5100 IE - HKU\S-1-5-21-1623852516-2988552793-76773825-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://global.acer.com [binary data] IE - HKU\S-1-5-21-1623852516-2988552793-76773825-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://home.microsoft.com/access/allinone.asp IE - HKU\S-1-5-21-1623852516-2988552793-76773825-1000\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1 IE - HKU\S-1-5-21-1623852516-2988552793-76773825-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.igoogle.fr/ IE - HKU\S-1-5-21-1623852516-2988552793-76773825-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKU\S-1-5-21-1623852516-2988552793-76773825-1000\..\URLSearchHook: {7b13ec3e-999a-4b70-b9cb-2617b8323822} - C:\Program Files\Zynga\tbZyng.dll (Conduit Ltd.) IE - HKU\S-1-5-21-1623852516-2988552793-76773825-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-1623852516-2988552793-76773825-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.search.defaultengine: "Ask.com" FF - prefs.js..browser.search.defaultenginename: "Ask.com" FF - prefs.js..browser.search.defaulturl: "http://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=" FF - prefs.js..browser.search.order.1: "Ask.com" FF - prefs.js..browser.search.selectedEngine: "Ask.com" FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "http://en-us.start.mozilla.com/firefox?client=firefox-a&rls=org.mozilla:fr:official" FF - prefs.js..extensions.enabledItems: DTToolbar@toolbarnet.com:1.1.2.0185 FF - prefs.js..extensions.enabledItems: {87F8774F-B485-47E2-A755-A40A8A5E886C}:1.0.14.3 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20 FF - HKLM\software\mozilla\Mozilla Firefox 3.6.10\extensions\\Components: C:\Users\Invité\AppData\Local\Mozilla Firefox\components [2010/10/27 19:18:48 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.10\extensions\\Plugins: C:\Users\Invité\AppData\Local\Mozilla Firefox\plugins [2010/11/20 17:24:55 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/10/27 19:18:48 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/10/27 19:18:48 | 000,000,000 | ---D | M] [2010/01/25 16:54:37 | 000,000,000 | ---D | M] -- C:\Users\Juliana Lima\AppData\Roaming\mozilla\Extensions [2010/01/11 17:15:32 | 000,000,000 | ---D | M] -- C:\Users\Juliana Lima\AppData\Roaming\mozilla\Extensions\mozswing@mozswing.org [2010/11/27 13:15:20 | 000,000,000 | ---D | M] -- C:\Users\Juliana Lima\AppData\Roaming\mozilla\Firefox\Profiles\t1bnznt7.default\extensions [2010/04/27 16:56:02 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Juliana Lima\AppData\Roaming\mozilla\Firefox\Profiles\t1bnznt7.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2010/09/14 11:59:12 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Juliana Lima\AppData\Roaming\mozilla\Firefox\Profiles\t1bnznt7.default\extensions\{87F8774F-B485-47E2-A755-A40A8A5E886C} [2010/04/09 09:31:38 | 000,000,000 | ---D | M] -- C:\Users\Juliana Lima\AppData\Roaming\mozilla\Firefox\Profiles\t1bnznt7.default\extensions\DTToolbar@toolbarnet.com [2010/09/14 11:59:18 | 000,002,253 | ---- | M] () -- C:\Users\Juliana Lima\AppData\Roaming\Mozilla\FireFox\Profiles\t1bnznt7.default\searchplugins\askcom.xml [2009/12/14 11:27:27 | 000,002,055 | ---- | M] () -- C:\Users\Juliana Lima\AppData\Roaming\Mozilla\FireFox\Profiles\t1bnznt7.default\searchplugins\daemon-search.xml [2010/06/11 16:36:45 | 000,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions [2009/05/16 15:50:27 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Program Files\mozilla firefox\extensions\{3112ca9c-de6d-4884-a869-9855de68056c} [2010/06/11 16:36:45 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} [2010/01/25 16:54:35 | 000,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\talkback@mozilla.org [2010/04/12 16:29:19 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll [2010/03/12 18:43:15 | 000,001,516 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazon-france.xml [2010/03/12 18:43:15 | 000,001,822 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\cnrtl-tlfi-fr.xml [2010/03/12 18:43:15 | 000,000,757 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-france.xml [2010/01/26 21:03:42 | 000,000,748 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\MediaDICO-fr.xml [2010/03/12 18:43:15 | 000,001,426 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-fr.xml [2010/03/24 18:04:41 | 000,000,956 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-france.xml O1 HOSTS File: ([2009/12/28 13:30:45 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found. O2 - BHO: (Aide pour le lien d'Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found. O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation) O2 - BHO: (Zynga Toolbar) - {7b13ec3e-999a-4b70-b9cb-2617b8323822} - C:\Program Files\Zynga\tbZyng.dll (Conduit Ltd.) O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll (Google Inc.) O2 - BHO: (GbIehObj Class) - {C41A1C0E-EA6C-11D4-B1B8-444553540000} - C:\PROGRAM FILES\GBPLUGIN\gbieh.dll (Banco do Brasil) O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation) O3 - HKLM\..\Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - No CLSID value found. O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation) O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll () O3 - HKLM\..\Toolbar: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll (Egis Incorporated.) O3 - HKLM\..\Toolbar: (Zynga Toolbar) - {7b13ec3e-999a-4b70-b9cb-2617b8323822} - C:\Program Files\Zynga\tbZyng.dll (Conduit Ltd.) O3 - HKU\S-1-5-21-1623852516-2988552793-76773825-1000\..\Toolbar\ShellBrowser: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477E-A7DD-396DB0476E29} - C:\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll (Egis Incorporated.) O3 - HKU\S-1-5-21-1623852516-2988552793-76773825-1000\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation) O3 - HKU\S-1-5-21-1623852516-2988552793-76773825-1000\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O3 - HKU\S-1-5-21-1623852516-2988552793-76773825-1000\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll () O3 - HKU\S-1-5-21-1623852516-2988552793-76773825-1000\..\Toolbar\WebBrowser: (Zynga Toolbar) - {7B13EC3E-999A-4B70-B9CB-2617B8323822} - C:\Program Files\Zynga\tbZyng.dll (Conduit Ltd.) O4 - HKLM..\Run: [Acer Empowering Technology Monitor] C:\Acer\Empowering Technology\SysMonitor.exe () O4 - HKLM..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe File not found O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [Apanel] C:\ACERSW\config\NewSetApanel.cmd File not found O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) O4 - HKLM..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe (Egis Incorporated) O4 - HKLM..\Run: [eRecoveryService] File not found O4 - HKLM..\Run: [Google Desktop Search] C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe (Google) O4 - HKLM..\Run: [LogitechCommunicationsManager] C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe (Logitech Inc.) O4 - HKLM..\Run: [LogitechQuickCamRibbon] C:\Program Files\Logitech\QuickCam10\QuickCam10.exe () O4 - HKLM..\Run: [PCMMediaSharing] C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exe () O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor) O4 - HKLM..\Run: [Skytel] C:\Windows\SkyTel.exe (Realtek Semiconductor Corp.) O4 - HKLM..\Run: [StartCCC] c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe () O4 - HKLM..\Run: [WarReg_PopUp] C:\Acer\WR_PopUp\WarReg_PopUp.exe (Acer Inc.) O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation) O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation) O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation) O4 - HKU\S-1-5-21-1623852516-2988552793-76773825-1000..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd) O4 - HKU\S-1-5-21-1623852516-2988552793-76773825-1000..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.) O4 - HKU\S-1-5-21-1623852516-2988552793-76773825-1000..\Run: [Uniblue RegistryBooster 2] c:\program files\uniblue\registrybooster 2\StartRegistryBooster.exe File not found O4 - HKLM..\RunOnce: [] File not found O4 - HKU\S-1-5-21-1623852516-2988552793-76773825-1000..\RunOnce: [39416288] C:\Users\Juliana Lima\AppData\Local\39416288.exe () O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_950DF09FAB501E03.dll (Google Inc.) O9 - Extra Button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation) O9 - Extra Button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: Pesquisar - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\OFFICE11\REFIEBAR.DLL (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O13 - gopher Prefix: missing O15 - HKU\S-1-5-21-1623852516-2988552793-76773825-1000\..Trusted Domains: bancobrasil.com.br ([www14] * in Trusted sites) O15 - HKU\S-1-5-21-1623852516-2988552793-76773825-1000\..Trusted Domains: bancobrasil.com.br ([www2] * in Trusted sites) O15 - HKU\S-1-5-21-1623852516-2988552793-76773825-1000\..Trusted Domains: bb.com.br ([www] * in Trusted sites) O15 - HKU\S-1-5-21-1623852516-2988552793-76773825-1000\..Trusted Domains: localhost ([]http in Local intranet) O15 - HKU\S-1-5-21-1623852516-2988552793-76773825-1000\..Trusted Ranges: GD ([http] in Local intranet) O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab (Facebook Photo Uploader 5 Control) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22) O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22) O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.) O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} http://gfx2.hotmail.com/mail/w4/pr01/photouploadcontrol/VistaMSNPUpldpt-br.cab (Windows Live Hotmail Photo Upload Tool) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation) O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation) O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\PROGRA~1\COMMON~1\MICROS~1\WEBCOM~1\10\OWC10.DLL (Microsoft Corporation) O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\PROGRA~1\COMMON~1\MICROS~1\WEBCOM~1\11\OWC11.DLL (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation) O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL) - C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL (Google) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - Winlogon\Notify\ GbPluginBb: DllName - C:\Program Files\GbPlugin\gbieh.dll - C:\Program Files\GbPlugin\gbieh.dll (Banco do Brasil) O24 - Desktop WallPaper: D:\Mes Documents\Imagens Massa\birzilamp.jpg O24 - Desktop BackupWallPaper: D:\Mes Documents\Imagens Massa\birzilamp.jpg O28 - HKLM ShellExecuteHooks: {E37CB5F0-51F5-4395-A808-5FA49E399F83} - C:\PROGRAM FILES\GBPLUGIN\gbieh.dll (Banco do Brasil) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006/09/18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O32 - AutoRun File - [2010/11/28 20:18:39 | 000,000,000 | RHSD | M] - C:\Autorun.inf -- [ NTFS ] O32 - AutoRun File - [2010/11/28 20:18:40 | 000,000,000 | RHSD | M] - D:\Autorun.inf -- [ NTFS ] O32 - AutoRun File - [2010/11/28 20:18:44 | 000,000,000 | RHSD | M] - G:\Autorun.inf -- [ FAT32 ] O33 - MountPoints2\{23e15644-f567-11de-95a5-00226846b14c}\Shell - "" = AutoRun O33 - MountPoints2\{23e15644-f567-11de-95a5-00226846b14c}\Shell\AutoRun\command - "" = I:\iStudio.exe -- File not found O33 - MountPoints2\{3d737940-8782-11df-a886-00226846b14c}\Shell\AutoRun\command - "" = I:\U3ROM\flyhigh.exe -- File not found O33 - MountPoints2\{3d737940-8782-11df-a886-00226846b14c}\Shell\Explore\Command - "" = I:\U3ROM\flyhigh.exe -- File not found O33 - MountPoints2\{3d737940-8782-11df-a886-00226846b14c}\Shell\opeN\commanD - "" = I:\U3ROM\flyhigh.exe -- File not found O33 - MountPoints2\{6df5e640-e89b-11de-81da-00226846b14c}\Shell - "" = AutoRun O33 - MountPoints2\{6df5e640-e89b-11de-81da-00226846b14c}\Shell\AutoRun\command - "" = H:\AutoPlay.exe -- File not found O33 - MountPoints2\{92705b7e-bf05-11de-90a7-00226846b14c}\Shell\AutoRun\command - "" = p.exe O33 - MountPoints2\{92705b7e-bf05-11de-90a7-00226846b14c}\Shell\open\Command - "" = p.exe O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* NetSvcs: FastUserSwitchingCompatibility - File not found NetSvcs: Ias - File not found NetSvcs: Nla - File not found NetSvcs: Ntmssvc - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: SRService - File not found NetSvcs: WmdmPmSp - File not found NetSvcs: LogonHours - File not found NetSvcs: PCAudit - File not found NetSvcs: helpsvc - File not found NetSvcs: uploadmgr - File not found SafeBootMin: AppMgmt - Service SafeBootMin: Base - Driver Group SafeBootMin: Boot Bus Extender - Driver Group SafeBootMin: Boot file system - Driver Group SafeBootMin: File system - Driver Group SafeBootMin: Filter - Driver Group SafeBootMin: HelpSvc - Service SafeBootMin: NTDS - File not found SafeBootMin: PCI Configuration - Driver Group SafeBootMin: PNP Filter - Driver Group SafeBootMin: Primary disk - Driver Group SafeBootMin: sacsvr - Service SafeBootMin: SCSI Class - Driver Group SafeBootMin: System Bus Extender - Driver Group SafeBootMin: WinDefend - C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation) SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices SafeBootNet: AppMgmt - Service SafeBootNet: Base - Driver Group SafeBootNet: Boot Bus Extender - Driver Group SafeBootNet: Boot file system - Driver Group SafeBootNet: File system - Driver Group SafeBootNet: Filter - Driver Group SafeBootNet: HelpSvc - Service SafeBootNet: Messenger - Service SafeBootNet: NDIS Wrapper - Driver Group SafeBootNet: NetBIOSGroup - Driver Group SafeBootNet: NetDDEGroup - Driver Group SafeBootNet: Network - Driver Group SafeBootNet: NetworkProvider - Driver Group SafeBootNet: NTDS - File not found SafeBootNet: PCI Configuration - Driver Group SafeBootNet: PNP Filter - Driver Group SafeBootNet: PNP_TDI - Driver Group SafeBootNet: Primary disk - Driver Group SafeBootNet: rdsessmgr - Service SafeBootNet: sacsvr - Service SafeBootNet: SCSI Class - Driver Group SafeBootNet: Streams Drivers - Driver Group SafeBootNet: System Bus Extender - Driver Group SafeBootNet: TDI - Driver Group SafeBootNet: WinDefend - C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation) SafeBootNet: WudfPf - Driver SafeBootNet: WudfUsbccidDriver - Driver SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices ActiveX: {04ECB346-1DCC-FECC-FCCC-C18FF1D22E11} - Java (Sun) ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun) ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 11.0 ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6 ActiveX: {5DED7EFB-A2BE-476A-2E6F-D267A4CD0780} - Internet Explorer ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements ActiveX: {6B2BED97-3B8B-DFA3-42F6-CFF468DA7AF9} - Microsoft Windows Media Player ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access ActiveX: {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - Pastas da Web ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7 ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\system32\ie4uinit.exe -BaseSettings ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding ActiveX: {B9B8F354-B169-3F50-471B-C8EF01A01F9E} - ActiveX: {C6BAF60B-6E91-453F-BFF9-D3789CFEFCDD} - .NET Framework ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1 ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help ActiveX: {E2A6E871-98FC-B69F-5CB7-0B53F0552C5E} - ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\system32\unregmp2.exe /ShowWMP ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\system32\ie4uinit.exe -UserIconConfig ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP Drivers32: msacm.ac3filter - C:\Windows\System32\ac3filter.acm () Drivers32: msacm.avis - C:\Windows\System32\ff_acm.acm () Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS) Drivers32: msacm.mkdmp3enc - C:\PROGRA~1\ACERAR~1\ACERVI~1\Kernel\Burner\MKDMP3Enc.ACM File not found Drivers32: MSVideo - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation) Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation) Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.) Drivers32: VIDC.FFDS - C:\Windows\System32\ff_vfw.dll () Drivers32: VIDC.I420 - C:\Windows\System32\lvcodec2.dll (Logitech Inc.) Drivers32: vidc.XVID - C:\Windows\System32\xvidvfw.dll () [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2010/11/28 20:18:48 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Users\Juliana Lima\Desktop\OTL.exe [2010/11/28 20:18:39 | 000,000,000 | RHSD | C] -- C:\Autorun.inf [2010/11/28 20:16:14 | 000,000,000 | ---D | C] -- C:\UsbFix [2010/11/28 20:16:12 | 001,217,143 | ---- | C] (El Desaparecido & C_XX) -- C:\Users\Juliana Lima\Desktop\UsbFix.exe [2010/11/28 17:03:04 | 000,000,000 | ---D | C] -- C:\Users\Juliana Lima\AppData\Roaming\Avira [2010/11/23 22:35:11 | 000,000,000 | ---D | C] -- C:\Program Files\iPod [2010/11/23 22:35:09 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes [2010/11/21 23:52:53 | 000,000,000 | ---D | C] -- C:\Users\Juliana Lima\Desktop\portable [2010/11/20 17:28:36 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java [2010/11/20 17:24:55 | 000,153,376 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe [2010/11/20 17:24:55 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe [2010/11/20 17:24:55 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe [2010/11/10 09:55:26 | 000,000,000 | ---D | C] -- C:\Program Files\TweetDeck [2010/04/14 07:11:44 | 004,522,360 | ---- | C] (Softland ) -- C:\Program Files\dopdf-7.exe [2009/10/14 16:24:46 | 069,298,208 | ---- | C] (Google) -- C:\Program Files\GoogleSketchUpProWFR.exe [2009/10/04 13:45:44 | 000,570,208 | ---- | C] (Google Inc.) -- C:\Program Files\googleupdatesetup.exe [2009/05/16 16:07:06 | 001,161,576 | ---- | C] (Microsoft Corporation) -- C:\Program Files\wlsetup-custom.exe [2009/05/16 15:40:26 | 001,164,456 | ---- | C] (Adobe Systems Incorporated) -- C:\Program Files\install_flash_player.exe [2009/05/16 15:39:06 | 020,942,920 | ---- | C] (Skype Technologies S.A. ) -- C:\Program Files\SkypeSetup.exe [2009/05/16 15:36:26 | 003,178,448 | ---- | C] (Bitberry Software ) -- C:\Program Files\BitZipper50TrialSetupFr.exe [2009/02/14 17:55:17 | 000,049,152 | ---- | C] ( ) -- C:\Windows\INTEROP.IWSHRUNTIMELIBRARY.DLL [1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ] [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2010/11/28 20:18:58 | 000,678,056 | ---- | M] () -- C:\Windows\System32\perfh00C.dat [2010/11/28 20:18:58 | 000,595,386 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2010/11/28 20:18:58 | 000,126,042 | ---- | M] () -- C:\Windows\System32\perfc00C.dat [2010/11/28 20:18:58 | 000,103,460 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2010/11/28 20:17:34 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Juliana Lima\Desktop\OTL.exe [2010/11/28 20:14:40 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2010/11/28 20:12:16 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2010/11/28 20:12:16 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2010/11/28 19:21:06 | 001,217,143 | ---- | M] (El Desaparecido & C_XX) -- C:\Users\Juliana Lima\Desktop\UsbFix.exe [2010/11/28 17:39:12 | 000,002,305 | ---- | M] () -- C:\Users\Juliana Lima\Application Data\Microsoft\Internet Explorer\Quick Launch\Apple Safari.lnk [2010/11/28 17:37:22 | 000,001,062 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2010/11/28 17:18:05 | 000,001,066 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2010/11/28 17:01:31 | 000,888,832 | ---- | M] () -- C:\Users\Juliana Lima\AppData\Local\39416288.exe [2010/11/23 22:35:59 | 000,001,668 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk [2010/11/23 22:28:17 | 000,001,854 | ---- | M] () -- C:\Users\Public\Desktop\Safari.lnk [2010/11/20 17:30:11 | 001,964,064 | ---- | M] () -- C:\Windows\System32\drivers\LVMVdrv.sys [2010/11/20 17:30:06 | 000,001,949 | ---- | M] () -- C:\Users\Public\Desktop\Logitech QuickCam.lnk [2010/11/20 17:13:45 | 002,687,512 | ---- | M] () -- C:\Windows\System32\drivers\LV302V32.SYS [2010/11/17 11:19:38 | 000,047,008 | ---- | M] (GAS Tecnologia) -- C:\Windows\System32\drivers\gbpkm.sys [2010/11/08 21:06:09 | 000,002,619 | ---- | M] () -- C:\Users\Juliana Lima\Desktop\CorelDRAW 12.lnk [2010/11/07 21:25:29 | 000,002,507 | ---- | M] () -- C:\Users\Juliana Lima\Desktop\Microsoft Office Word 2003.lnk [2010/11/05 01:12:36 | 000,537,935 | ---- | M] () -- C:\Users\Juliana Lima\Desktop\titulo.pdf [1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2010/11/28 17:01:31 | 000,888,832 | ---- | C] () -- C:\Users\Juliana Lima\AppData\Local\39416288.exe [2010/11/23 22:35:59 | 000,001,668 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk [2010/11/20 17:06:48 | 000,001,949 | ---- | C] () -- C:\Users\Public\Desktop\Logitech QuickCam.lnk [2010/11/05 01:12:36 | 000,537,935 | ---- | C] () -- C:\Users\Juliana Lima\Desktop\titulo.pdf [2010/01/28 02:09:54 | 000,085,504 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll [2009/11/29 18:09:13 | 002,463,976 | ---- | C] () -- C:\Windows\System32\NPSWF32.dll [2009/10/21 16:32:47 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll [2009/05/30 01:37:40 | 000,205,824 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll [2009/05/30 01:31:52 | 000,881,664 | ---- | C] () -- C:\Windows\System32\xvidcore.dll [2009/05/20 18:07:26 | 000,000,418 | ---- | C] () -- C:\Windows\ODBC.INI [2009/05/16 16:04:24 | 030,143,928 | ---- | C] () -- C:\Program Files\avira_antivir_personal_free.exe [2009/05/16 15:38:09 | 009,516,033 | ---- | C] () -- C:\Program Files\vlc-0.8.6b-win32.exe [2009/05/16 15:36:39 | 006,626,008 | ---- | C] () -- C:\Program Files\FirefoxGoogleToolbarSetup.exe [2009/05/16 15:36:05 | 017,176,744 | ---- | C] () -- C:\Program Files\antivir_workstation_win7u_en_h.exe [2009/04/30 22:55:58 | 002,687,512 | ---- | C] () -- C:\Windows\System32\drivers\LV302V32.SYS [2009/04/30 22:39:36 | 000,082,289 | ---- | C] () -- C:\Windows\System32\lvcoinst.ini [2009/04/30 21:55:58 | 002,687,512 | ---- | C] () -- C:\Windows\System32\drivers\LV302V32.SYS.off [2009/02/26 12:55:43 | 000,000,044 | ---- | C] () -- C:\Windows\Acer(Normal).ini [2009/02/26 12:55:43 | 000,000,042 | ---- | C] () -- C:\Windows\Acer(Wide).ini [2007/09/04 11:56:10 | 000,164,352 | ---- | C] () -- C:\Windows\System32\unrar.dll [2007/04/11 15:18:52 | 000,001,024 | RH-- | C] () -- C:\Windows\System32\NTIBUN4.dll [2007/04/11 12:56:56 | 000,000,734 | ---- | C] () -- C:\Windows\generic.ini [2007/04/11 12:56:56 | 000,000,125 | ---- | C] () -- C:\Windows\Alaunch.ini [2007/04/11 12:54:50 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll [2007/04/11 05:08:42 | 000,015,656 | ---- | C] () -- C:\Windows\System32\drivers\int15_64.sys [2007/02/06 17:45:04 | 000,025,632 | ---- | C] () -- C:\Windows\System32\drivers\LVPr2Mon.sys [2007/02/06 17:44:36 | 001,964,064 | ---- | C] () -- C:\Windows\System32\drivers\LVMVDrv.sys.off [2007/02/06 17:44:36 | 001,964,064 | ---- | C] () -- C:\Windows\System32\drivers\LVMVdrv.sys [2007/02/06 17:42:40 | 001,691,808 | ---- | C] () -- C:\Windows\System32\drivers\Lvckap.sys [2007/02/05 19:05:26 | 000,000,038 | ---- | C] () -- C:\Windows\AviSplitter.INI [2006/11/02 13:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll [2006/11/02 08:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini [2003/04/07 07:30:02 | 000,005,383 | ---- | C] () -- C:\Windows\System32\OUTLPERF.INI [2001/12/26 14:12:30 | 000,065,536 | ---- | C] () -- C:\Windows\System32\multiplex_vcd.dll [2001/09/03 21:46:38 | 000,110,592 | ---- | C] () -- C:\Windows\System32\Hmpg12.dll [2001/07/30 14:33:56 | 000,118,784 | ---- | C] () -- C:\Windows\System32\HMPV2_ENC.dll [2001/07/23 20:04:36 | 000,118,784 | ---- | C] () -- C:\Windows\System32\HMPV2_ENC_MMX.dll [color=#E56717]========== LOP Check ==========[/color] [2007/04/11 04:20:30 | 000,000,000 | ---D | M] -- C:\Users\Default\AppData\Roaming\Acer GameZone Console [2007/04/11 04:20:30 | 000,000,000 | ---D | M] -- C:\Users\Default User\AppData\Roaming\Acer GameZone Console [2007/04/11 04:20:30 | 000,000,000 | ---D | M] -- C:\Users\Invité\AppData\Roaming\Acer GameZone Console [2010/06/30 23:03:09 | 000,000,000 | ---D | M] -- C:\Users\Invité\AppData\Roaming\Autodesk [2010/11/20 17:39:16 | 000,000,000 | -HSD | M] -- C:\Users\Juliana Lima\AppData\Roaming\.# [2010/06/06 17:15:26 | 000,000,000 | ---D | M] -- C:\Users\Juliana Lima\AppData\Roaming\Abvent [2010/06/07 09:14:31 | 000,000,000 | ---D | M] -- C:\Users\Juliana Lima\AppData\Roaming\Abvent_Artlantis2 [2007/04/11 04:20:30 | 000,000,000 | ---D | M] -- C:\Users\Juliana Lima\AppData\Roaming\Acer GameZone Console [2009/10/14 16:15:59 | 000,000,000 | ---D | M] -- C:\Users\Juliana Lima\AppData\Roaming\Autodesk [2009/12/11 20:33:02 | 000,000,000 | ---D | M] -- C:\Users\Juliana Lima\AppData\Roaming\Big Fish Games [2009/05/16 15:50:44 | 000,000,000 | ---D | M] -- C:\Users\Juliana Lima\AppData\Roaming\BitZipper [2009/12/14 11:32:03 | 000,000,000 | ---D | M] -- C:\Users\Juliana Lima\AppData\Roaming\DAEMON Tools Lite [2010/05/05 21:10:35 | 000,000,000 | ---D | M] -- C:\Users\Juliana Lima\AppData\Roaming\E7F8387C4BDBC0244535BAF3FA2026F9 [2010/03/05 17:48:50 | 000,000,000 | ---D | M] -- C:\Users\Juliana Lima\AppData\Roaming\eSobi [2009/12/11 13:38:11 | 000,000,000 | ---D | M] -- C:\Users\Juliana Lima\AppData\Roaming\FloodLightGames [2010/04/25 18:10:51 | 000,000,000 | ---D | M] -- C:\Users\Juliana Lima\AppData\Roaming\Graphisoft [2009/12/11 22:49:43 | 000,000,000 | ---D | M] -- C:\Users\Juliana Lima\AppData\Roaming\iWin [2010/03/06 20:29:13 | 000,000,000 | ---D | M] -- C:\Users\Juliana Lima\AppData\Roaming\Leadertech [2010/04/14 07:12:48 | 000,000,000 | ---D | M] -- C:\Users\Juliana Lima\AppData\Roaming\Softland [2010/05/12 09:19:17 | 000,000,000 | ---D | M] -- C:\Users\Juliana Lima\AppData\Roaming\TweetDeckFast.FFF259DC0CE2657847BBB4AFF0E62062EFC56543.1 [2009/11/29 16:58:12 | 000,000,000 | ---D | M] -- C:\Users\Juliana Lima\AppData\Roaming\Uniblue [2010/03/05 18:04:21 | 000,000,000 | ---D | M] -- C:\Users\Juliana Lima\AppData\Roaming\VistaCodecs [2010/11/28 20:12:27 | 000,032,562 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Custom Scans ==========[/color] [color=#A23BEC]< %systemroot%\system32\drivers\*.sys /lockedfiles >[/color] [2010/11/17 11:19:38 | 000,047,008 | ---- | M] (GAS Tecnologia)[b] Unable to obtain MD5[/b] -- C:\Windows\System32\drivers\gbpkm.sys [color=#A23BEC]< %ALLUSERSPROFILE%\Application Data\*. >[/color] [color=#A23BEC]< %ALLUSERSPROFILE%\Application Data\*.exe /s >[/color] [color=#A23BEC]< %APPDATA%\*. >[/color] [2010/11/20 17:39:16 | 000,000,000 | -HSD | M] -- C:\Users\Juliana Lima\AppData\Roaming\.# [2010/06/06 17:15:26 | 000,000,000 | ---D | M] -- C:\Users\Juliana Lima\AppData\Roaming\Abvent [2010/06/07 09:14:31 | 000,000,000 | ---D | M] -- C:\Users\Juliana Lima\AppData\Roaming\Abvent_Artlantis2 [2007/04/11 04:20:30 | 000,000,000 | ---D | M] -- C:\Users\Juliana Lima\AppData\Roaming\Acer GameZone Console [2010/11/21 23:47:51 | 000,000,000 | ---D | M] -- C:\Users\Juliana Lima\AppData\Roaming\Adobe [2009/12/29 19:44:44 | 000,000,000 | ---D | M] -- C:\Users\Juliana Lima\AppData\Roaming\AdobeAUM [2010/09/05 14:26:14 | 000,000,000 | ---D | M] -- C:\Users\Juliana Lima\AppData\Roaming\Apple Computer [2009/05/16 13:08:07 | 000,000,000 | ---D | M] -- C:\Users\Juliana Lima\AppData\Roaming\ATI [2009/10/14 16:15:59 | 000,000,000 | ---D | M] -- C:\Users\Juliana Lima\AppData\Roaming\Autodesk [2010/11/28 17:03:04 | 000,000,000 | ---D | M] -- C:\Users\Juliana Lima\AppData\Roaming\Avira [2009/12/11 20:33:02 | 000,000,000 | ---D | M] -- C:\Users\Juliana Lima\AppData\Roaming\Big Fish Games [2009/05/16 15:50:44 | 000,000,000 | ---D | M] -- C:\Users\Juliana Lima\AppData\Roaming\BitZipper [2009/05/25 22:12:55 | 000,000,000 | ---D | M] -- C:\Users\Juliana Lima\AppData\Roaming\Corel [2009/12/14 11:32:03 | 000,000,000 | ---D | M] -- C:\Users\Juliana Lima\AppData\Roaming\DAEMON Tools Lite [2010/06/04 17:59:01 | 000,000,000 | ---D | M] -- C:\Users\Juliana Lima\AppData\Roaming\dvdcss [2010/05/05 21:10:35 | 000,000,000 | ---D | M] -- C:\Users\Juliana Lima\AppData\Roaming\E7F8387C4BDBC0244535BAF3FA2026F9 [2010/03/05 17:48:50 | 000,000,000 | ---D | M] -- C:\Users\Juliana Lima\AppData\Roaming\eSobi [2009/12/11 13:38:11 | 000,000,000 | ---D | M] -- C:\Users\Juliana Lima\AppData\Roaming\FloodLightGames [2009/10/14 19:13:45 | 000,000,000 | ---D | M] -- C:\Users\Juliana Lima\AppData\Roaming\Google [2010/04/25 18:10:51 | 000,000,000 | ---D | M] -- C:\Users\Juliana Lima\AppData\Roaming\Graphisoft [2009/05/16 13:07:43 | 000,000,000 | ---D | M] -- C:\Users\Juliana Lima\AppData\Roaming\Identities [2009/12/11 22:49:43 | 000,000,000 | ---D | M] -- C:\Users\Juliana Lima\AppData\Roaming\iWin [2010/03/06 20:29:13 | 000,000,000 | ---D | M] -- C:\Users\Juliana Lima\AppData\Roaming\Leadertech [2009/05/16 13:08:03 | 000,000,000 | ---D | M] -- C:\Users\Juliana Lima\AppData\Roaming\Macromedia [2006/11/02 13:37:34 | 000,000,000 | ---D | M] -- C:\Users\Juliana Lima\AppData\Roaming\Media Center Programs [2010/11/20 17:09:47 | 000,000,000 | --SD | M] -- C:\Users\Juliana Lima\AppData\Roaming\Microsoft [2010/01/11 17:15:32 | 000,000,000 | ---D | M] -- C:\Users\Juliana Lima\AppData\Roaming\Mozilla [2010/08/03 21:24:29 | 000,000,000 | ---D | M] -- C:\Users\Juliana Lima\AppData\Roaming\Skype [2010/04/14 07:12:48 | 000,000,000 | ---D | M] -- C:\Users\Juliana Lima\AppData\Roaming\Softland [2010/05/12 09:19:17 | 000,000,000 | ---D | M] -- C:\Users\Juliana Lima\AppData\Roaming\TweetDeckFast.FFF259DC0CE2657847BBB4AFF0E62062EFC56543.1 [2009/11/29 16:58:12 | 000,000,000 | ---D | M] -- C:\Users\Juliana Lima\AppData\Roaming\Uniblue [2010/03/05 18:04:21 | 000,000,000 | ---D | M] -- C:\Users\Juliana Lima\AppData\Roaming\VistaCodecs [2009/06/29 21:09:22 | 000,000,000 | ---D | M] -- C:\Users\Juliana Lima\AppData\Roaming\vlc [color=#A23BEC]< %APPDATA%\*.exe /s >[/color] [2010/05/05 21:10:36 | 000,743,424 | ---- | M] (MS) -- C:\Users\Juliana Lima\AppData\Roaming\E7F8387C4BDBC0244535BAF3FA2026F9\gotnewupdate000.exe [2010/06/11 17:00:09 | 000,053,632 | ---- | M] (Adobe Systems Inc.) -- C:\Users\Juliana Lima\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe [2009/10/04 18:27:23 | 001,961,720 | ---- | M] (Adobe Systems Incorporated) -- C:\Users\Juliana Lima\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\fpupdateax\fpupdateax.exe [2009/10/04 18:34:19 | 001,924,440 | ---- | M] (Adobe Systems Incorporated) -- C:\Users\Juliana Lima\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\fpupdatepl\fpupdatepl.exe [2010/11/20 17:09:58 | 000,010,134 | R--- | M] () -- C:\Users\Juliana Lima\AppData\Roaming\Microsoft\Installer\{35725FBC-A136-4A46-9F29-091759D9BB93}\ARPPRODUCTICON.exe [2010/11/20 17:09:47 | 000,010,134 | R--- | M] () -- C:\Users\Juliana Lima\AppData\Roaming\Microsoft\Installer\{EA516024-D84D-41F1-814F-83175A6188F2}\ARPPRODUCTICON.exe [color=#A23BEC]< %SYSTEMDRIVE%\*.exe >[/color] [color=#A23BEC]< MD5 for: AGP440.SYS >[/color] [2008/01/21 03:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\drivers\AGP440.sys [2008/01/21 03:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_51b95d75\AGP440.sys [2008/01/21 03:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\AGP440.sys [2008/01/21 03:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys [2008/01/21 03:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\AGP440.sys [2006/11/02 10:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys [color=#A23BEC]< MD5 for: ATAPI.SYS >[/color] [2009/04/11 07:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\drivers\atapi.sys [2009/04/11 07:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_b12d8e84\atapi.sys [2009/04/11 07:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys [2008/01/21 03:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys [2008/01/21 03:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys [2006/11/02 10:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys [color=#A23BEC]< MD5 for: CDROM.SYS >[/color] [2008/01/21 03:23:02 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=1EC25CEA0DE6AC4718BF89F9E1778B57 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_a29e71c6\cdrom.sys [2008/01/21 03:23:02 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=1EC25CEA0DE6AC4718BF89F9E1778B57 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.0.6001.18000_none_5fa95be2a3c76a4a\cdrom.sys [2009/04/11 05:39:17 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 -- C:\Windows\System32\drivers\cdrom.sys [2009/04/11 05:39:17 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_c949a5b6\cdrom.sys [2009/04/11 05:39:17 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.0.6002.18005_none_6194d4eea0e93596\cdrom.sys [2006/11/02 09:51:44 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=8D1866E61AF096AE8B582454F5E4D303 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_e487f727\cdrom.sys [color=#A23BEC]< MD5 for: CNGAUDIT.DLL >[/color] [2006/11/02 10:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\System32\cngaudit.dll [2006/11/02 10:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll [color=#A23BEC]< MD5 for: DISK.SYS >[/color] [2009/04/11 07:32:31 | 000,053,736 | ---- | M] (Microsoft Corporation) MD5=5D4AEFC3386920236A548271F8F1AF6A -- C:\Windows\System32\drivers\disk.sys [2009/04/11 07:32:31 | 000,053,736 | ---- | M] (Microsoft Corporation) MD5=5D4AEFC3386920236A548271F8F1AF6A -- C:\Windows\System32\DriverStore\FileRepository\disk.inf_5c850fad\disk.sys [2009/04/11 07:32:31 | 000,053,736 | ---- | M] (Microsoft Corporation) MD5=5D4AEFC3386920236A548271F8F1AF6A -- C:\Windows\winsxs\x86_disk.inf_31bf3856ad364e35_6.0.6002.18005_none_fbb1faf0714e4ea6\disk.sys [2008/01/21 03:23:20 | 000,055,352 | ---- | M] (Microsoft Corporation) MD5=64109E623ABD6955C8FB110B592E68B7 -- C:\Windows\System32\DriverStore\FileRepository\disk.inf_90722180\disk.sys [2008/01/21 03:23:20 | 000,055,352 | ---- | M] (Microsoft Corporation) MD5=64109E623ABD6955C8FB110B592E68B7 -- C:\Windows\winsxs\x86_disk.inf_31bf3856ad364e35_6.0.6001.18000_none_f9c681e4742c835a\disk.sys [2006/11/02 10:49:51 | 000,052,840 | ---- | M] (Microsoft Corporation) MD5=841AF4C4D41D3E3B2F244E976B0F7963 -- C:\Windows\System32\DriverStore\FileRepository\disk.inf_e0b0b355\disk.sys [color=#A23BEC]< MD5 for: EXPLORER.EXE >[/color] [2008/10/29 07:20:29 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=37440D09DEAE0B672A04DCCF7ABF06BE -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_4f83bb287ccdb7e3\explorer.exe [2008/10/29 07:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_5177ca9879e978e8\explorer.exe [2008/10/30 04:59:17 | 002,927,616 | ---- | M] (Microsoft Corporation) MD5=50BA5850147410CDE89C523AD3BC606E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_51e4f8c7931bd1e1\explorer.exe [2009/04/11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\explorer.exe [2009/04/11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_53a0201e76de3a0b\explorer.exe [2008/10/28 03:15:02 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=E7156B0B74762D9DE0E66BDCDE06E5FB -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_5033cb5995cd990b\explorer.exe [2008/01/21 03:24:24 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=FFA764631CB70A30065C12EF8E174F9F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_51b4a71279bc6ebf\explorer.exe [color=#A23BEC]< MD5 for: IASTORV.SYS >[/color] [2008/01/21 03:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\drivers\iaStorV.sys [2008/01/21 03:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_c9df7691\iaStorV.sys [2008/01/21 03:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.0.6001.18000_none_af11527887c7fa8f\iaStorV.sys [2006/11/02 10:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_37cdafa4\iaStorV.sys [color=#A23BEC]< MD5 for: NDIS.SYS >[/color] [2009/04/11 07:32:49 | 000,527,848 | ---- | M] (Microsoft Corporation) MD5=1357274D1883F68300AEADD15D7BBB42 -- C:\Windows\System32\drivers\ndis.sys [2009/04/11 07:32:49 | 000,527,848 | ---- | M] (Microsoft Corporation) MD5=1357274D1883F68300AEADD15D7BBB42 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6002.18005_none_a9b2a4d31930d864\ndis.sys [2008/01/21 03:23:50 | 000,529,464 | ---- | M] (Microsoft Corporation) MD5=9BDC71790FA08F0A0B5F10462B1BD0B1 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6001.18000_none_a7c72bc71c0f0d18\ndis.sys [color=#A23BEC]< MD5 for: NETLOGON.DLL >[/color] [2009/04/11 07:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\System32\netlogon.dll [2009/04/11 07:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_ffa3304f351bb3a3\netlogon.dll [2008/01/21 03:24:05 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_fdb7b74337f9e857\netlogon.dll [color=#A23BEC]< MD5 for: NVSTOR.SYS >[/color] [2006/11/02 10:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvstor.sys [2008/01/21 03:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\drivers\nvstor.sys [2008/01/21 03:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_31c3d71d\nvstor.sys [2008/01/21 03:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvstor.sys [color=#A23BEC]< MD5 for: RASACD.SYS >[/color] [2008/01/21 03:24:19 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=147D7F9C556D259924351FEB0DE606C3 -- C:\Windows\System32\drivers\rasacd.sys [2008/01/21 03:24:19 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=147D7F9C556D259924351FEB0DE606C3 -- C:\Windows\winsxs\x86_microsoft-windows-rasautodial_31bf3856ad364e35_6.0.6001.18000_none_0fd9feb665531f63\rasacd.sys [color=#A23BEC]< MD5 for: RDPWD.SYS >[/color] [2009/04/11 05:51:27 | 000,180,736 | ---- | M] (Microsoft Corporation) MD5=30BFBDFB7F95559EDE971F9DDB9A00BA -- C:\Windows\System32\drivers\rdpwd.sys [2009/04/11 05:51:27 | 000,180,736 | ---- | M] (Microsoft Corporation) MD5=30BFBDFB7F95559EDE971F9DDB9A00BA -- C:\Windows\winsxs\x86_microsoft-windows-t..dp-winstationdriver_31bf3856ad364e35_6.0.6002.18005_none_4d610153d22453a6\rdpwd.sys [2008/01/21 03:24:49 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=E1C18F4097A5ABCEC941DC4B2F99DB7E -- C:\Windows\winsxs\x86_microsoft-windows-t..dp-winstationdriver_31bf3856ad364e35_6.0.6001.18000_none_4b758847d502885a\rdpwd.sys [color=#A23BEC]< MD5 for: SCECLI.DLL >[/color] [2008/01/21 03:24:50 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_380de25bd91b6f12\scecli.dll [2009/04/11 07:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\System32\scecli.dll [2009/04/11 07:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_39f95b67d63d3a5e\scecli.dll [color=#A23BEC]< MD5 for: SFLOPPY.SYS >[/color] [2006/11/02 09:51:40 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=46ED8E91793B2E6F848015445A0AC188 -- C:\Windows\System32\drivers\sfloppy.sys [2006/11/02 09:51:40 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=46ED8E91793B2E6F848015445A0AC188 -- C:\Windows\System32\DriverStore\FileRepository\flpydisk.inf_7a4ca8e4\sfloppy.sys [2008/01/21 03:23:20 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=C33BFBD6E9E41FCD9FFEF9729E9FAED6 -- C:\Windows\System32\DriverStore\FileRepository\flpydisk.inf_36da1340\sfloppy.sys [2008/01/21 03:23:20 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=C33BFBD6E9E41FCD9FFEF9729E9FAED6 -- C:\Windows\winsxs\x86_flpydisk.inf_31bf3856ad364e35_6.0.6001.18000_none_e70a102d7a7bbf43\sfloppy.sys [color=#A23BEC]< MD5 for: TCPIP.SYS >[/color] [2008/04/26 09:08:16 | 000,891,448 | ---- | M] (Microsoft Corporation) MD5=01EC1E92595F839BEE70D439C46796E3 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22167_none_b36dd19b7fae39c7\tcpip.sys [2009/04/11 07:33:02 | 000,897,000 | ---- | M] (Microsoft Corporation) MD5=0E6B0885C3D5E4643ED2D043DE3433D8 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18005_none_b5098b5e63880c42\tcpip.sys [2009/12/08 21:52:30 | 000,897,624 | ---- | M] (Microsoft Corporation) MD5=1ACBB7A47E78F4CC82D2EFFB72901528 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18377_none_b2d96a966698ad63\tcpip.sys [2009/08/15 22:30:53 | 000,816,640 | ---- | M] (Microsoft Corporation) MD5=2512B4D1353370D6688B1AF1F5AFA1CF -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.21108_none_6030d425ab49af00\tcpip.sys [2009/08/14 18:01:55 | 000,900,168 | ---- | M] (Microsoft Corporation) MD5=2608E71AAD54564647D4BB984E1925AA -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22497_none_b34d67897fc6850f\tcpip.sys [2010/02/18 12:51:51 | 000,818,688 | ---- | M] (Microsoft Corporation) MD5=2C1F7005AA3B62721BFDB307BD5F5010 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.21226_none_6019359fab5bb15b\tcpip.sys [2010/02/18 15:49:38 | 000,898,952 | ---- | M] (Microsoft Corporation) MD5=2EAE4500984C2F8DACFB977060300A15 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18427_none_b30f7c1866701ed5\tcpip.sys [2009/08/14 15:24:47 | 000,813,568 | ---- | M] (Microsoft Corporation) MD5=300208927321066EA53761FDC98747C6 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16908_none_5fa75f38922bdbf4\tcpip.sys [2009/12/08 21:15:00 | 000,907,832 | ---- | M] (Microsoft Corporation) MD5=46E6685F3E92AEC743773ADD4CD54F57 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22283_none_b53aaa1b7ce8560d\tcpip.sys [2010/02/18 15:07:16 | 000,904,576 | ---- | M] (Microsoft Corporation) MD5=48CBE6D53632D0067C2D6B20F90D84CA -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18209_none_b50d905263846bec\tcpip.sys [2010/02/18 13:05:37 | 000,815,104 | ---- | M] (Microsoft Corporation) MD5=4A82FA8F0DF67AA354580C3FAAF8BDE3 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.17021_none_5f8a957c924295b7\tcpip.sys [2009/12/08 21:37:09 | 000,900,696 | ---- | M] (Microsoft Corporation) MD5=5653230D480A9C54D169E1B080B72CF5 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22577_none_b36309477fb64a54\tcpip.sys [2010/06/16 16:55:58 | 000,902,032 | ---- | M] (Microsoft Corporation) MD5=6216A954ED7045B62880A92D6C9B9FC7 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22713_none_b39feb737f8937a0\tcpip.sys [2009/08/14 17:27:34 | 000,904,776 | ---- | M] (Microsoft Corporation) MD5=65877AA1B6A7CB797488E831698973E9 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18091_none_b4a43aea63d4a25f\tcpip.sys [2010/06/16 17:39:32 | 000,912,776 | ---- | M] (Microsoft Corporation) MD5=6A10AFCE0B38371064BE41C1FBFD3C6B -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22425_none_b57d8e037cb5db63\tcpip.sys [2010/06/16 16:59:54 | 000,898,952 | ---- | M] (Microsoft Corporation) MD5=782568AB6A43160A159B6215B70BCCE9 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18493_none_b2bfcb7c66ac7d10\tcpip.sys [2008/04/26 09:26:49 | 000,891,448 | ---- | M] (Microsoft Corporation) MD5=82E266BEE5F0167E41C6ECFDD2A79C02 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18063_none_b2e033a8669434a1\tcpip.sys [2009/12/08 18:58:13 | 000,813,568 | ---- | M] (Microsoft Corporation) MD5=8734BD051FFDCBF8425CF222141C3741 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16973_none_5f56ae52926920d8\tcpip.sys [2009/08/14 18:07:56 | 000,897,608 | ---- | M] (Microsoft Corporation) MD5=8A7AD2A214233F684242F289ED83EBC3 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18311_none_b3144862666d6db3\tcpip.sys [2010/02/18 18:36:50 | 000,902,024 | ---- | M] (Microsoft Corporation) MD5=93A5655CD9CD2F080EF1CB71A3666215 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22636_none_b38d4a937f96be60\tcpip.sys [2010/06/16 17:04:57 | 000,905,088 | ---- | M] (Microsoft Corporation) MD5=A474879AFA4A596B3A531F3E69730DBF -- C:\Windows\System32\drivers\tcpip.sys [2010/06/16 17:04:57 | 000,905,088 | ---- | M] (Microsoft Corporation) MD5=A474879AFA4A596B3A531F3E69730DBF -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18272_none_b4baded863c37e22\tcpip.sys [2009/12/08 18:45:32 | 000,816,640 | ---- | M] (Microsoft Corporation) MD5=CA3A5756672013A66BB9D547A5A62DCA -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.21175_none_5fe223d3ab852692\tcpip.sys [2010/02/18 15:22:11 | 000,910,216 | ---- | M] (Microsoft Corporation) MD5=D9F5DD5BBC8348E8F8220CCBF14C022E -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22341_none_b563eb1d7cc9b0c2\tcpip.sys [2009/12/08 21:01:08 | 000,904,776 | ---- | M] (Microsoft Corporation) MD5=DA467E7619AE5F4588E6262C13C8940A -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18160_none_b4c3ac4a63bd325c\tcpip.sys [2008/01/21 03:25:03 | 000,891,448 | ---- | M] (Microsoft Corporation) MD5=FC6E2835D667774D409C7C7021EAF9C4 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18000_none_b31e1252666640f6\tcpip.sys [2009/08/14 17:33:50 | 000,905,784 | ---- | M] (Microsoft Corporation) MD5=FF71856BD4CD6D4367F9FD84BE79A874 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22200_none_b58e289d7caa2a80\tcpip.sys [color=#A23BEC]< MD5 for: TDPIPE.SYS >[/color] [2008/01/21 03:24:08 | 000,017,920 | ---- | M] (Microsoft Corporation) MD5=5DCF5E267BE67A1AE926F2DF77FBCC56 -- C:\Windows\System32\drivers\tdpipe.sys [2008/01/21 03:24:08 | 000,017,920 | ---- | M] (Microsoft Corporation) MD5=5DCF5E267BE67A1AE926F2DF77FBCC56 -- C:\Windows\winsxs\x86_microsoft-windows-t..es-transportdrivers_31bf3856ad364e35_6.0.6001.18000_none_dbac376c44b742d7\tdpipe.sys [color=#A23BEC]< MD5 for: TDTCP.SYS >[/color] [2008/01/21 03:24:08 | 000,029,184 | ---- | M] (Microsoft Corporation) MD5=389C63E32B3CEFED425B61ED92D3F021 -- C:\Windows\System32\drivers\tdtcp.sys [2008/01/21 03:24:08 | 000,029,184 | ---- | M] (Microsoft Corporation) MD5=389C63E32B3CEFED425B61ED92D3F021 -- C:\Windows\winsxs\x86_microsoft-windows-t..es-transportdrivers_31bf3856ad364e35_6.0.6001.18000_none_dbac376c44b742d7\tdtcp.sys [color=#A23BEC]< MD5 for: USBPRINT.SYS >[/color] [2006/11/02 10:14:58 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=B51E52ACF758BE00EF3A58EA452FE360 -- C:\Windows\System32\drivers\usbprint.sys [2006/11/02 10:14:58 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=B51E52ACF758BE00EF3A58EA452FE360 -- C:\Windows\System32\DriverStore\FileRepository\usbprint.inf_35521f61\usbprint.sys [2008/01/21 03:23:22 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=E75C4B5269091D15A2E7DC0B6D35F2F5 -- C:\Windows\System32\DriverStore\FileRepository\usbprint.inf_29f90369\usbprint.sys [2008/01/21 03:23:22 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=E75C4B5269091D15A2E7DC0B6D35F2F5 -- C:\Windows\winsxs\x86_usbprint.inf_31bf3856ad364e35_6.0.6001.18000_none_32f9c26ac169fb1e\usbprint.sys [color=#A23BEC]< MD5 for: USBSCAN.SYS >[/color] [2008/01/21 03:23:27 | 000,035,328 | ---- | M] (Microsoft Corporation) MD5=A508C9BD8724980512136B039BBA65E9 -- C:\Windows\System32\DriverStore\FileRepository\sti.inf_0bb72b9f\usbscan.sys [2008/01/21 03:23:27 | 000,035,328 | ---- | M] (Microsoft Corporation) MD5=A508C9BD8724980512136B039BBA65E9 -- C:\Windows\System32\DriverStore\FileRepository\sti.inf_67b3f94c\usbscan.sys [2008/01/21 03:23:27 | 000,035,328 | ---- | M] (Microsoft Corporation) MD5=A508C9BD8724980512136B039BBA65E9 -- C:\Windows\winsxs\x86_sti.inf_31bf3856ad364e35_6.0.6001.18000_none_59ded168e0c6a0d3\usbscan.sys [2008/01/21 03:23:27 | 000,035,328 | ---- | M] (Microsoft Corporation) MD5=A508C9BD8724980512136B039BBA65E9 -- C:\Windows\winsxs\x86_sti.inf_31bf3856ad364e35_6.0.6002.18005_none_5bca4a74dde86c1f\usbscan.sys [2006/11/02 10:14:17 | 000,035,328 | ---- | M] (Microsoft Corporation) MD5=B1F95285C08DDFE00C0B955462637EC7 -- C:\Windows\System32\DriverStore\FileRepository\sti.inf_727905e0\usbscan.sys [color=#A23BEC]< MD5 for: USERINIT.EXE >[/color] [2008/01/21 03:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\System32\userinit.exe [2008/01/21 03:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe [color=#A23BEC]< MD5 for: WININIT.EXE >[/color] [2008/01/21 03:23:42 | 000,096,768 | ---- | M] (Microsoft Corporation) MD5=101BA3EA053480BB5D957EF37C06B5ED -- C:\Windows\System32\wininit.exe [2008/01/21 03:23:42 | 000,096,768 | ---- | M] (Microsoft Corporation) MD5=101BA3EA053480BB5D957EF37C06B5ED -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.0.6001.18000_none_30f2b8cf0450a6a2\wininit.exe [color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color] [2009/04/11 07:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\System32\winlogon.exe [2009/04/11 07:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe [2008/01/21 03:24:49 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe [color=#A23BEC]< %systemroot%\*. /mp /s >[/color] [color=#A23BEC]< %systemroot%\system32\*.dll /lockedfiles >[/color] [1 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ] [color=#A23BEC]< %systemroot%\Tasks\*.job /lockedfiles >[/color] [color=#E56717]========== Alternate Data Streams ==========[/color] @Alternate Data Stream - 204 bytes -> C:\Windows\System32\drivers:GbpKmAp.lst @Alternate Data Stream - 2 bytes -> C:\Windows\System32:503F8CE5_Bb.gbp @Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:B623B5B8 @Alternate Data Stream - 126 bytes -> C:\ProgramData\TEMP:193426B4 @Alternate Data Stream - 124 bytes -> C:\ProgramData\TEMP:861A898F @Alternate Data Stream - 122 bytes -> C:\ProgramData\TEMP:3B360415 @Alternate Data Stream - 120 bytes -> C:\ProgramData\TEMP:4BB26BE9 @Alternate Data Stream - 119 bytes -> C:\ProgramData\TEMP:C95B63DA @Alternate Data Stream - 111 bytes -> C:\ProgramData\TEMP:131C0EE9 < End of report >

danakil · le 29 Nov 2010 06:25

Salut tlm!

JuSoleil, fais ceci je te prie :

• Télécharge UsbFix de C_XX- Chiquitine29 sur ton Bureau.
• Lance l'installation avec les paramètres par défaut.
/!\ Branche tes sources de données externes à ton PC (clé USB,disque dur externe,etc...) sans les ouvrir /!\
• Double-clique sur le raccourci UsbFix sur ton Bureau.
( Vista et Seven >fais un clic droit > Exécuter en tant qu'administrateur)
• Choisis l'option 1. Recherche
• Laisse travailler l'outil.
• Poste le rapport UsbFix.txt

Note : le rapport UsbFix.txt est sauvegardé à la racine du disque (C:\UsbFix.txt).

JuSoleil · le 29 Nov 2010 16:44

Voici le 2e rapport USBfix

Code: Tout sélectionner: ############################## | UsbFix 7.035 | [Recherche] Utilisateur: Juliana Lima (Administrateur) # JULIANALIMA [Acer Aspire L5100] Mis ‡ jour le 22/11/10 par El Desaparecido / C_XX LancÈ ‡ 15:41:03 | 29/11/2010 Site Web: http://www.teamxscript.org Contact: eldesaparecido@teamxscript.org CPU: AMD Athlon(tm) 64 X2 Dual Core Processor 5000+ CPU 2: AMD Athlon(tm) 64 X2 Dual Core Processor 5000+ MicrosoftÆ Windows Vistaô …dition Familiale Premium (6.0.6002 32-Bit) # Service Pack 2 Internet Explorer 8.0.6001.18975 RAM -> 3071 Mo C:\ (%systemdrive%) -> Disque fixe # 293 Go (180 Go libre(s) - 61%) [ACER] # NTFS D:\ -> Disque fixe # 293 Go (217 Go libre(s) - 74%) [DATA] # NTFS E:\ -> CD-ROM G:\ -> Disque amovible # 2 Go (2 Go libre(s) - 88%) [JULIANA] # FAT32 ################## | …lÈments infectieux | PrÈsent! C:\Users\Juliana Lima\AppData\Local\39416288.exe ################## | Registre | ################## | Mountpoints2 | HKCU\.\.\.\.\Explorer\MountPoints2\{23e15644-f567-11de-95a5-00226846b14c} Shell\AutoRun\Command = I:\iStudio.exe HKCU\.\.\.\.\Explorer\MountPoints2\{3d737940-8782-11df-a886-00226846b14c} Shell\AutoRun\Command = I:\U3ROM/flyhigh.exe Shell\Explore\Command = I:\U3ROM/flyhigh.exe Shell\opeN\Command = I:\U3ROM/flyhigh.exe HKCU\.\.\.\.\Explorer\MountPoints2\{6df5e640-e89b-11de-81da-00226846b14c} Shell\AutoRun\Command = H:\AutoPlay.exe -auto -c HKCU\.\.\.\.\Explorer\MountPoints2\{92705b7e-bf05-11de-90a7-00226846b14c} Shell\AutoRun\Command = p.exe Shell\open\Command = p.exe ################## | Vaccin | C:\Autorun.inf -> Dossier crÈÈ par UsbFix (El Desaparecido & C_XX) D:\Autorun.inf -> Dossier crÈÈ par UsbFix (El Desaparecido & C_XX) G:\Autorun.inf -> Dossier crÈÈ par UsbFix (El Desaparecido & C_XX) ################## | E.O.F |

danakil · le 29 Nov 2010 17:19

Re,

Désactive ton Anti-Virus et toutes les protections pour le nettoyage de UsbFix:
http://forum.pcastuces.com/desactiver_l ... -f31s4.htm

Relance UsbFix avec tous les périphériques branchés.
> Sélectionne l'option Suppression
Laissez travailler l'outil.
Le menu démarrer et les icônes vont disparaître.. c'est normal.
Si un message te demande de redémarrer l'ordinateur fais le ...

***

Au redémarrage, le fix se relance... laisses l'opération s'effectuer.
Le bloc note s'ouvrira avec un rapport, envoies le dans la prochaine réponse.

* Note : Le rapport UsbFix.txt est sauvegardé a la racine du disque. ( C:\UsbFix.txt )

( CTRL+A Pour tout sélectionner , CTRL+C pour copier et CTRL+V pour coller )

* Note2 : "Process.exe", une composante de l'outil, est détecté par certains antivirus (AntiVir, Dr.Web, Kaspersky Anti-Virus) comme étant un RiskTool.
Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus.
Mis entre de mauvaises mains, cet utilitaire pourrait arrêter des logiciels de sécurité (Antivirus, Firewall...) d'où l'alerte émise par ces antivirus.

UsbFix peut te demander d'uploader un dossier compressé à cette adresse :
http://www.teamxscript.org/Sample/Upload.php
Si c'est le cas, le fichier zippé est enregistré sur ton Bureau.
Merci de l'envoyer à l'adresse indiquée afin d'aider l'auteur de UsbFix dans ses recherches.

JuSoleil · le 29 Nov 2010 18:50

Ok, voici le rapport de USB fix. Par contre, je n'ai pas trouvé de dossier zippé sur le bureau...
Que dois-je faire maintenant?? :-?

Code: Tout sélectionner: ############################## | UsbFix 7.035 | [Suppression] Utilisateur: Juliana Lima (Administrateur) # JULIANALIMA [Acer Aspire L5100] Mis ‡ jour le 22/11/10 par El Desaparecido / C_XX LancÈ ‡ 17:28:11 | 29/11/2010 Site Web: http://www.teamxscript.org Contact: eldesaparecido@teamxscript.org CPU: AMD Athlon(tm) 64 X2 Dual Core Processor 5000+ CPU 2: AMD Athlon(tm) 64 X2 Dual Core Processor 5000+ MicrosoftÆ Windows Vistaô …dition Familiale Premium (6.0.6002 32-Bit) # Service Pack 2 Internet Explorer 8.0.6001.18975 RAM -> 3071 Mo C:\ (%systemdrive%) -> Disque fixe # 293 Go (180 Go libre(s) - 61%) [ACER] # NTFS D:\ -> Disque fixe # 293 Go (217 Go libre(s) - 74%) [DATA] # NTFS E:\ -> CD-ROM G:\ -> Disque amovible # 2 Go (2 Go libre(s) - 88%) [JULIANA] # FAT32 ################## | …lÈments infectieux | SupprimÈ! C:\Users\Juliana Lima\AppData\Local\39416288.exe SupprimÈ! C:\$RECYCLE.BIN\S-1-5-18 SupprimÈ! C:\$RECYCLE.BIN\S-1-5-21-1623852516-2988552793-76773825-1000 SupprimÈ! C:\$RECYCLE.BIN\S-1-5-21-1623852516-2988552793-76773825-500 SupprimÈ! C:\$RECYCLE.BIN\S-1-5-21-1623852516-2988552793-76773825-501 SupprimÈ! D:\$RECYCLE.BIN\S-1-5-18 SupprimÈ! D:\$RECYCLE.BIN\S-1-5-21-1623852516-2988552793-76773825-1000 SupprimÈ! D:\$RECYCLE.BIN\S-1-5-21-1623852516-2988552793-76773825-500 SupprimÈ! D:\$RECYCLE.BIN\S-1-5-21-1623852516-2988552793-76773825-501 ################## | Registre | ################## | Mountpoints2 | SupprimÈ! HKCU\.\.\.\.\Explorer\MountPoints2\{23e15644-f567-11de-95a5-00226846b14c} SupprimÈ! HKCU\.\.\.\.\Explorer\MountPoints2\{3d737940-8782-11df-a886-00226846b14c} SupprimÈ! HKCU\.\.\.\.\Explorer\MountPoints2\{6df5e640-e89b-11de-81da-00226846b14c} SupprimÈ! HKCU\.\.\.\.\Explorer\MountPoints2\{92705b7e-bf05-11de-90a7-00226846b14c} ################## | Listing | [29/11/2010 - 17:31:31 | SHD ] C:\$RECYCLE.BIN [16/05/2009 - 13:08:17 | D ] C:\Acer [16/05/2009 - 13:08:41 | D ] C:\AcerSW [18/09/2006 - 22:43:36 | N | 24] C:\autoexec.bat [28/11/2010 - 20:18:39 | RASHD ] C:\Autorun.inf [11/04/2007 - 05:26:35 | N | 706778] C:\bknowsetup.log [11/04/2007 - 12:56:55 | D ] C:\Book [14/10/2010 - 19:35:50 | D ] C:\Boot [11/04/2009 - 07:36:36 | RASH | 333257] C:\bootmgr [11/04/2007 - 12:58:07 | N | 8192] C:\BOOTSECT.BAK [23/11/2010 - 22:36:44 | D ] C:\Config.Msi [18/09/2006 - 22:43:37 | N | 10] C:\config.sys [02/11/2006 - 14:02:03 | SHD ] C:\Documents and Settings [11/04/2007 - 12:56:55 | D ] C:\DRV [11/04/2007 - 04:44:31 | RHD ] C:\MSOCache [29/02/2004 - 16:44:34 | N | 52576] C:\orange.bmp [29/11/2010 - 17:23:42 | ASH | 3534307328] C:\pagefile.sys [21/01/2008 - 03:32:31 | D ] C:\PerfLogs [23/11/2010 - 22:35:11 | D ] C:\Program Files [16/10/2010 - 07:52:59 | HD ] C:\ProgramData [11/04/2007 - 05:00:15 | N | 644] C:\RHDSetup.log [11/04/2007 - 05:26:35 | N | 32] C:\setup.log [28/11/2010 - 17:26:53 | SHD ] C:\System Volume Information [29/11/2010 - 17:31:31 | D ] C:\UsbFix [29/11/2010 - 17:28:12 | A | 842] C:\UsbFix.txt [09/07/2009 - 18:54:04 | D ] C:\Users [04/06/2010 - 17:41:50 | N | 0] C:\VRLServer2.txt [24/11/2010 - 10:44:18 | D ] C:\Windows [29/11/2010 - 17:31:31 | SHD ] D:\$RECYCLE.BIN [26/09/2010 - 18:22:18 | D ] D:\ARCHITECTURE [28/11/2010 - 20:18:40 | RASHD ] D:\Autorun.inf [16/05/2009 - 13:06:51 | D ] D:\erData [08/05/2010 - 12:09:20 | D ] D:\Mes Documents [26/02/2009 - 12:35:57 | SHD ] D:\System Volume Information [17/08/2010 - 11:02:22 | N | 4096] G:\._.Trashes [28/11/2010 - 20:17:34 | N | 575488] G:\OTL.exe [17/08/2010 - 11:02:22 | D ] G:\.Trashes [17/08/2010 - 11:02:22 | D ] G:\.Spotlight-V100 [28/11/2010 - 19:21:06 | N | 1217143] G:\UsbFix.exe [28/11/2010 - 20:11:10 | N | 4096] G:\._UsbFix.exe [28/11/2010 - 20:17:56 | N | 4096] G:\._OTL.exe [28/11/2010 - 20:21:06 | N | 18432] G:\otl.doc [28/11/2010 - 20:21:22 | N | 4096] G:\._otl.doc [16/06/2010 - 12:41:18 | D ] G:\IMPRIMER [17/08/2010 - 22:00:46 | D ] G:\musics pour polir un mirroir [21/11/2010 - 23:54:44 | D ] G:\portable [28/11/2010 - 20:18:44 | RASHD ] G:\Autorun.inf [28/11/2010 - 20:36:56 | N | 166484] G:\OTLrapport.txt [29/11/2010 - 15:47:16 | N | 1840] G:\UsbFix_rapport.txt ################## | Vaccin | C:\Autorun.inf -> Dossier crÈÈ par UsbFix (El Desaparecido & C_XX) D:\Autorun.inf -> Dossier crÈÈ par UsbFix (El Desaparecido & C_XX) G:\Autorun.inf -> Dossier crÈÈ par UsbFix (El Desaparecido & C_XX) ################## | Upload | Veuillez envoyer le fichier: C:\UsbFix_Upload_Me_JULIANALIMA.zip http://www.teamxscript.org/Upload.php Merci de votre contribution. ################## | E.O.F |

danakil · le 29 Nov 2010 19:42

je n'ai pas trouvé de dossier zippé sur le bureau...

Veuillez envoyer le fichier: C:\UsbFix_Upload_Me_JULIANALIMA.zip
http://www.teamxscript.org/Upload.php

Tu ne le vois pas directement sur la racine ici: --> C:\ ?
On s'en occupera en fin de désinfection :wink:

Fais ceci maintenant :
Connectes toi ici --> tutoriel-malwarebytes-anti-malware-vt-46564.html
Lis bien le tuto en images et applique les procédures.
En fin de scan poste-moi stp le rapport de Suppression :wink:

JuSoleil · le 03 Déc 2010 17:18

Bonjour,

Tout d'abord je voulais m'excuser de l'absence de réponse. J'étais vraiment prise par mon boulot cette semaine :S.
Enfin.... voici le rapport de Malwarebytes:

Code: Tout sélectionner: Malwarebytes' Anti-Malware 1.50 www.malwarebytes.org Version de la base de donnÈes: 5214 Windows 6.0.6002 Service Pack 2 (Safe Mode) Internet Explorer 8.0.6001.18975 03/12/2010 17:08:59 mbam-log-2010-12-03 (17-08-59).txt Type d'examen: Examen complet (C:\|D:\|E:\|F:\|G:\|) ElÈment(s) analysÈ(s): 427367 Temps ÈcoulÈ: 40 minute(s), 43 seconde(s) Processus mÈmoire infectÈ(s): 0 Module(s) mÈmoire infectÈ(s): 0 ClÈ(s) du Registre infectÈe(s): 0 Valeur(s) du Registre infectÈe(s): 0 ElÈment(s) de donnÈes du Registre infectÈ(s): 0 Dossier(s) infectÈ(s): 0 Fichier(s) infectÈ(s): 22 Processus mÈmoire infectÈ(s): (Aucun ÈlÈment nuisible dÈtectÈ) Module(s) mÈmoire infectÈ(s): (Aucun ÈlÈment nuisible dÈtectÈ) ClÈ(s) du Registre infectÈe(s): (Aucun ÈlÈment nuisible dÈtectÈ) Valeur(s) du Registre infectÈe(s): (Aucun ÈlÈment nuisible dÈtectÈ) ElÈment(s) de donnÈes du Registre infectÈ(s): (Aucun ÈlÈment nuisible dÈtectÈ) Dossier(s) infectÈ(s): (Aucun ÈlÈment nuisible dÈtectÈ) Fichier(s) infectÈ(s): c:\UsbFix\quarantine\C\Users\juliana lima\AppData\Local\39416288.exe.vir (Rogue.SecurityTool) -> Quarantined and deleted successfully. c:\Users\juliana lima\AppData\Local\Temp\9176.tmp (Rootkit.Agent) -> Quarantined and deleted successfully. c:\Users\juliana lima\AppData\Local\Temp\9F2A.tmp (Rootkit.Agent) -> Quarantined and deleted successfully. c:\Users\juliana lima\AppData\Local\Temp\A767.tmp (Rootkit.Agent) -> Quarantined and deleted successfully. c:\Users\juliana lima\AppData\Local\Temp\RarSFX1\smwi1550.exe (Adware.BHO) -> Quarantined and deleted successfully. c:\Users\juliana lima\AppData\Roaming\e7f8387c4bdbc0244535baf3fa2026f9\gotnewupdate000.exe (Malware.Packer.Gen) -> Quarantined and deleted successfully. c:\Users\juliana lima\Desktop\Ju\Bureau\programas de arquitetura\autocad2004\BIN\ACADFEUI\SETUP.EXE (Heuristics.Shuriken) -> Quarantined and deleted successfully. c:\Users\juliana lima\Desktop\Ju\Bureau\programas de arquitetura\autocad2004\BIN\ACADFEUI\SUPPORT\ADNIW\SETUP.EXE (Heuristics.Shuriken) -> Quarantined and deleted successfully. c:\Users\juliana lima\Desktop\Ju\Bureau\programas de arquitetura\autocad2004\BIN\ACADFEUI\SUPPORT\cadmanager\SETUP.EXE (Heuristics.Shuriken) -> Quarantined and deleted successfully. c:\Users\juliana lima\Desktop\Ju\Bureau\programas de arquitetura\autocad2004\BIN\ACADFEUI\SUPPORT\EXPRESS\SETUP.EXE (Heuristics.Shuriken) -> Quarantined and deleted successfully. c:\Users\juliana lima\Desktop\Ju\Bureau\programas de arquitetura\autocad2004\BIN\ACADFEUI\SUPPORT\NLM\SETUP.EXE (Heuristics.Shuriken) -> Quarantined and deleted successfully. c:\Users\juliana lima\downloads\install_fullpackcodecs_fr(2).exe (Trojan.Downloader) -> Quarantined and deleted successfully. c:\Users\juliana lima\downloads\install_fullpackcodecs_fr(3).exe (Trojan.Downloader) -> Quarantined and deleted successfully. c:\Users\juliana lima\downloads\install_fullpackcodecs_fr.exe (Trojan.Downloader) -> Quarantined and deleted successfully. c:\Windows\Temp\_ex-68.exe (Rogue.SecurityTool) -> Quarantined and deleted successfully. d:\mes documents\Bureau\programas de arquitetura\autocad2004\BIN\ACADFEUI\SETUP.EXE (Heuristics.Shuriken) -> Quarantined and deleted successfully. d:\mes documents\Bureau\programas de arquitetura\autocad2004\BIN\ACADFEUI\SUPPORT\ADNIW\SETUP.EXE (Heuristics.Shuriken) -> Quarantined and deleted successfully. d:\mes documents\Bureau\programas de arquitetura\autocad2004\BIN\ACADFEUI\SUPPORT\cadmanager\SETUP.EXE (Heuristics.Shuriken) -> Quarantined and deleted successfully. d:\mes documents\Bureau\programas de arquitetura\autocad2004\BIN\ACADFEUI\SUPPORT\EXPRESS\SETUP.EXE (Heuristics.Shuriken) -> Quarantined and deleted successfully. d:\mes documents\Bureau\programas de arquitetura\autocad2004\BIN\ACADFEUI\SUPPORT\NLM\SETUP.EXE (Heuristics.Shuriken) -> Quarantined and deleted successfully. c:\Users\juliana lima\AppData\Roaming\microsoft\Windows\start menu\Programs\security tool.lnk (Rogue.SecurityTool) -> Quarantined and deleted successfully. c:\Windows\Temp\_ex-08.exe (Trojan.Dropper) -> Quarantined and deleted successfully.

Voilà, merci encore pour la prise en charge

danakil · le 03 Déc 2010 19:38

Salut!

Security Tool est désinstallé, nous allons terminer le nettoyage ...

Fais ceci maintenant :
> Télécharge ToolsCleaner2 de A.Rothstein & dj QUIOU sur ton Bureau.
> Double-clics dessus pour lancer.
(Vista & Seven > Clic droit dessus > Exécuter en tant qu'Administrateur).

Clique sur le bouton "Recherche" et laisse le scan se dérouler (il peut durer quelques minutes).

* Durant le scan de recherche, ne clique pas dans la fenêtre active, cela provoquerait un bug du programme.
* Si la mention "ne réponds pas" apparaît dans la fenêtre de ToolsCleaner, ne t'en soucis pas et laisse le programme se terminer.

A la fin de la recherche, Clique sur le bouton "Suppression".
Consulte éventuellement les "options facultatives".

> Enfin Poste ici le contenu du rapport.

Security Tool

Security Tool

Re: Security Tool

Re: Security Tool

Re: Security Tool

Re: Security Tool

Re: Security Tool

Re: Security Tool

Re: Security Tool

Re: Security Tool

Re: Security Tool

Sujets similaires

Qui est en ligne