probleme avec RKIT/Bubnix.abd.1

GMER 1.0.15.15281 - http://www.gmer.net
Rootkit scan 2010-10-12 03:29:03
Windows 6.0.6002 Service Pack 2
Running: vebnukig.exe; Driver: C:\Users\.....\AppData\Local\Temp\uxldapow.sys


---- Services - GMER 1.0.15 ----

Service (*** hidden *** ) [BOOT] kkgunv <-- ROOTKIT !!!
Service (*** hidden *** ) [BOOT] kmrmu <-- ROOTKIT !!!
Service (*** hidden *** ) [MANUAL] cxru92a1 <-- ROOTKIT !!!

---- Kernel code sections - GMER 1.0.15 ----

.text C:\Windows\system32\DRIVERS\atksgt.sys section is writeable [0xA1294300, 0x3B6D8, 0xE8000020]
.text C:\Windows\system32\DRIVERS\lirsgt.sys section is writeable [0xA1344300, 0x1BEE, 0xE8000020]

---- Registry - GMER 1.0.15 ----

Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\S-1-5-21-3728928983-952156366-1598139356-1000@RefCount 5
Reg HKLM\SYSTEM\ControlSet002\Services\kkgunv@ErrorControl 0
Reg HKLM\SYSTEM\ControlSet002\Services\kkgunv@Group Boot Bus Extender
Reg HKLM\SYSTEM\ControlSet002\Services\kkgunv@Start 0
Reg HKLM\SYSTEM\ControlSet002\Services\kkgunv@Type 1
Reg HKLM\SYSTEM\ControlSet002\Services\kkgunv@{3aa30bb4-e017-46c3-4356-426275e9dd4f} 1
Reg HKLM\SYSTEM\ControlSet002\Services\kmrmu@ErrorControl 0
Reg HKLM\SYSTEM\ControlSet002\Services\kmrmu@Group Boot Bus Extender
Reg HKLM\SYSTEM\ControlSet002\Services\kmrmu@Start 0
Reg HKLM\SYSTEM\ControlSet002\Services\kmrmu@Type 1
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 1
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0xBB 0x43 0x96 0xD9 ...
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:\Program Files\DAEMON Tools Lite\
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0 0xD4 0xC3 0x97 0x02 ...
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0x74 0xED 0xF1 0xD2 ...
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0x5E 0x93 0x06 0x48 ...
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq1 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq1@hdf12 0xAC 0xDF 0x25 0xBE ...
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq2 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq2@hdf12 0x9F 0x1A 0x76 0x52 ...
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 0
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0xA9 0x73 0x98 0x1F ...
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh 0x53 0x60 0xE6 0x5B ...
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh 0x6E 0x27 0xFE 0xFE ...
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf41 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf41@khjeh 0x90 0x7B 0xD4 0x7C ...
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf42 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf42@khjeh 0xC1 0xF9 0xA9 0x1A ...
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf43 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf43@khjeh 0xA1 0x59 0xBE 0xA1 ...
Reg HKLM\SYSTEM\ControlSet003\Services\kkgunv@ErrorControl 0
Reg HKLM\SYSTEM\ControlSet003\Services\kkgunv@Group Boot Bus Extender
Reg HKLM\SYSTEM\ControlSet003\Services\kkgunv@Start 0
Reg HKLM\SYSTEM\ControlSet003\Services\kkgunv@Type 1
Reg HKLM\SYSTEM\ControlSet003\Services\kkgunv@{3aa30bb4-e017-46c3-4356-426275e9dd4f} 1
Reg HKLM\SYSTEM\ControlSet003\Services\kmrmu@ErrorControl 0
Reg HKLM\SYSTEM\ControlSet003\Services\kmrmu@Group Boot Bus Extender
Reg HKLM\SYSTEM\ControlSet003\Services\kmrmu@Start 0
Reg HKLM\SYSTEM\ControlSet003\Services\kmrmu@Type 1
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 1
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0xBB 0x43 0x96 0xD9 ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:\Program Files\DAEMON Tools Lite\
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0 0xD4 0xC3 0x97 0x02 ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0x74 0xED 0xF1 0xD2 ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0x5E 0x93 0x06 0x48 ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq1 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq1@hdf12 0xAC 0xDF 0x25 0xBE ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq2 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq2@hdf12 0x9F 0x1A 0x76 0x52 ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 0
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0xA9 0x73 0x98 0x1F ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh 0x53 0x60 0xE6 0x5B ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh 0x6E 0x27 0xFE 0xFE ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf41 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf41@khjeh 0x90 0x7B 0xD4 0x7C ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf42 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf42@khjeh 0xC1 0xF9 0xA9 0x1A ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf43 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf43@khjeh 0xA1 0x59 0xBE 0xA1 ...
Reg HKLM\SYSTEM\ControlSet004\Services\kkgunv@ErrorControl 0
Reg HKLM\SYSTEM\ControlSet004\Services\kkgunv@Group Boot Bus Extender
Reg HKLM\SYSTEM\ControlSet004\Services\kkgunv@Start 0
Reg HKLM\SYSTEM\ControlSet004\Services\kkgunv@Type 1
Reg HKLM\SYSTEM\ControlSet004\Services\kkgunv@{3aa30bb4-e017-46c3-4356-426275e9dd4f} 1
Reg HKLM\SYSTEM\ControlSet004\Services\kmrmu@ErrorControl 0
Reg HKLM\SYSTEM\ControlSet004\Services\kmrmu@Group Boot Bus Extender
Reg HKLM\SYSTEM\ControlSet004\Services\kmrmu@Start 0
Reg HKLM\SYSTEM\ControlSet004\Services\kmrmu@Type 1
Reg HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 1
Reg HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0xBB 0x43 0x96 0xD9 ...
Reg HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:\Program Files\DAEMON Tools Lite\
Reg HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0 0xD4 0xC3 0x97 0x02 ...
Reg HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0x74 0xED 0xF1 0xD2 ...
Reg HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0x5E 0x93 0x06 0x48 ...
Reg HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq1 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq1@hdf12 0xAC 0xDF 0x25 0xBE ...
Reg HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq2 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq2@hdf12 0x9F 0x1A 0x76 0x52 ...
Reg HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 0
Reg HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0xA9 0x73 0x98 0x1F ...
Reg HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh 0x53 0x60 0xE6 0x5B ...
Reg HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh 0x6E 0x27 0xFE 0xFE ...
Reg HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf41 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf41@khjeh 0x90 0x7B 0xD4 0x7C ...
Reg HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf42 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf42@khjeh 0xC1 0xF9 0xA9 0x1A ...
Reg HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf43 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf43@khjeh 0xA1 0x59 0xBE 0xA1 ...
Reg HKLM\SYSTEM\ControlSet005\Services\kkgunv@ErrorControl 0
Reg HKLM\SYSTEM\ControlSet005\Services\kkgunv@Group Boot Bus Extender
Reg HKLM\SYSTEM\ControlSet005\Services\kkgunv@Start 0
Reg HKLM\SYSTEM\ControlSet005\Services\kkgunv@Type 1
Reg HKLM\SYSTEM\ControlSet005\Services\kkgunv@{3aa30bb4-e017-46c3-4356-426275e9dd4f} 1
Reg HKLM\SYSTEM\ControlSet005\Services\kmrmu@ErrorControl 0
Reg HKLM\SYSTEM\ControlSet005\Services\kmrmu@Group Boot Bus Extender
Reg HKLM\SYSTEM\ControlSet005\Services\kmrmu@Start 0
Reg HKLM\SYSTEM\ControlSet005\Services\kmrmu@Type 1
Reg HKLM\SYSTEM\ControlSet005\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet005\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 1
Reg HKLM\SYSTEM\ControlSet005\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0xBB 0x43 0x96 0xD9 ...
Reg HKLM\SYSTEM\ControlSet005\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:\Program Files\DAEMON Tools Lite\
Reg HKLM\SYSTEM\ControlSet005\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0 0xD4 0xC3 0x97 0x02 ...
Reg HKLM\SYSTEM\ControlSet005\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet005\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet005\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0x74 0xED 0xF1 0xD2 ...
Reg HKLM\SYSTEM\ControlSet005\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet005\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0x5E 0x93 0x06 0x48 ...
Reg HKLM\SYSTEM\ControlSet005\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq1 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet005\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq1@hdf12 0xAC 0xDF 0x25 0xBE ...
Reg HKLM\SYSTEM\ControlSet005\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq2 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet005\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq2@hdf12 0x9F 0x1A 0x76 0x52 ...
Reg HKLM\SYSTEM\ControlSet005\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet005\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 0
Reg HKLM\SYSTEM\ControlSet005\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0xA9 0x73 0x98 0x1F ...
Reg HKLM\SYSTEM\ControlSet005\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet005\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh 0x53 0x60 0xE6 0x5B ...
Reg HKLM\SYSTEM\ControlSet005\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet005\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh 0x6E 0x27 0xFE 0xFE ...
Reg HKLM\SYSTEM\ControlSet005\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf41 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet005\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf41@khjeh 0x90 0x7B 0xD4 0x7C ...
Reg HKLM\SYSTEM\ControlSet005\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf42 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet005\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf42@khjeh 0xC1 0xF9 0xA9 0x1A ...
Reg HKLM\SYSTEM\ControlSet005\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf43 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet005\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf43@khjeh 0xA1 0x59 0xBE 0xA1 ...
Reg HKLM\SYSTEM\ControlSet006\Services\kkgunv@ErrorControl 0
Reg HKLM\SYSTEM\ControlSet006\Services\kkgunv@Group Boot Bus Extender
Reg HKLM\SYSTEM\ControlSet006\Services\kkgunv@Start 0
Reg HKLM\SYSTEM\ControlSet006\Services\kkgunv@Type 1
Reg HKLM\SYSTEM\ControlSet006\Services\kkgunv@{3aa30bb4-e017-46c3-4356-426275e9dd4f} 1
Reg HKLM\SYSTEM\ControlSet006\Services\kmrmu@ErrorControl 0
Reg HKLM\SYSTEM\ControlSet006\Services\kmrmu@Group Boot Bus Extender
Reg HKLM\SYSTEM\ControlSet006\Services\kmrmu@Start 0
Reg HKLM\SYSTEM\ControlSet006\Services\kmrmu@Type 1
Reg HKLM\SYSTEM\ControlSet006\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet006\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 1
Reg HKLM\SYSTEM\ControlSet006\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0xBB 0x43 0x96 0xD9 ...
Reg HKLM\SYSTEM\ControlSet006\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:\Program Files\DAEMON Tools Lite\
Reg HKLM\SYSTEM\ControlSet006\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0 0xD4 0xC3 0x97 0x02 ...
Reg HKLM\SYSTEM\ControlSet006\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet006\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet006\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0x74 0xED 0xF1 0xD2 ...
Reg HKLM\SYSTEM\ControlSet006\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet006\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0x5E 0x93 0x06 0x48 ...
Reg HKLM\SYSTEM\ControlSet006\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq1 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet006\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq1@hdf12 0xAC 0xDF 0x25 0xBE ...
Reg HKLM\SYSTEM\ControlSet006\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq2 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet006\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq2@hdf12 0x9F 0x1A 0x76 0x52 ...
Reg HKLM\SYSTEM\ControlSet006\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet006\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 0
Reg HKLM\SYSTEM\ControlSet006\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0xA9 0x73 0x98 0x1F ...
Reg HKLM\SYSTEM\ControlSet006\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet006\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh 0x53 0x60 0xE6 0x5B ...
Reg HKLM\SYSTEM\ControlSet006\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet006\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh 0x6E 0x27 0xFE 0xFE ...
Reg HKLM\SYSTEM\ControlSet006\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf41 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet006\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf41@khjeh 0x90 0x7B 0xD4 0x7C ...
Reg HKLM\SYSTEM\ControlSet006\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf42 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet006\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf42@khjeh 0xC1 0xF9 0xA9 0x1A ...
Reg HKLM\SYSTEM\ControlSet006\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf43 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet006\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf43@khjeh 0xA1 0x59 0xBE 0xA1 ...
Reg HKLM\SYSTEM\ControlSet007\Services\BTHPORT\Parameters\Keys\000a9416c094 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet007\Services\BTHPORT\Parameters\Keys\000a9416c094@001c9af82e85 0x31 0xD7 0xE4 0x5A ...
Reg HKLM\SYSTEM\ControlSet007\Services\BTHPORT\Parameters\Keys\000a9416c094@00229891dcdf 0x69 0xFA 0x74 0xBF ...
Reg HKLM\SYSTEM\ControlSet007\Services\cxru92a1@DisplayName Virtual Bus for Microsoft ACPI-Compliant System
Reg HKLM\SYSTEM\ControlSet007\Services\cxru92a1@ErrorControl 1
Reg HKLM\SYSTEM\ControlSet007\Services\cxru92a1@Start 3
Reg HKLM\SYSTEM\ControlSet007\Services\cxru92a1@Type 1
Reg HKLM\SYSTEM\ControlSet007\Services\kkgunv@ErrorControl 0
Reg HKLM\SYSTEM\ControlSet007\Services\kkgunv@Group Boot Bus Extender
Reg HKLM\SYSTEM\ControlSet007\Services\kkgunv@Start 0
Reg HKLM\SYSTEM\ControlSet007\Services\kkgunv@Type 1
Reg HKLM\SYSTEM\ControlSet007\Services\kkgunv@{3aa30bb4-e017-46c3-4356-426275e9dd4f} 1
Reg HKLM\SYSTEM\ControlSet007\Services\kmrmu@ErrorControl 0
Reg HKLM\SYSTEM\ControlSet007\Services\kmrmu@Group Boot Bus Extender
Reg HKLM\SYSTEM\ControlSet007\Services\kmrmu@Start 0
Reg HKLM\SYSTEM\ControlSet007\Services\kmrmu@Type 1
Reg HKLM\SYSTEM\ControlSet007\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet007\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 1
Reg HKLM\SYSTEM\ControlSet007\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0xBB 0x43 0x96 0xD9 ...
Reg HKLM\SYSTEM\ControlSet007\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:\Program Files\DAEMON Tools Lite\
Reg HKLM\SYSTEM\ControlSet007\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0 0xD4 0xC3 0x97 0x02 ...
Reg HKLM\SYSTEM\ControlSet007\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet007\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet007\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0x74 0xED 0xF1 0xD2 ...
Reg HKLM\SYSTEM\ControlSet007\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet007\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0x5E 0x93 0x06 0x48 ...
Reg HKLM\SYSTEM\ControlSet007\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq1 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet007\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq1@hdf12 0xAC 0xDF 0x25 0xBE ...
Reg HKLM\SYSTEM\ControlSet007\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq2 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet007\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq2@hdf12 0x9F 0x1A 0x76 0x52 ...
Reg HKLM\SYSTEM\ControlSet007\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet007\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 0
Reg HKLM\SYSTEM\ControlSet007\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0xA9 0x73 0x98 0x1F ...
Reg HKLM\SYSTEM\ControlSet007\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet007\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh 0x53 0x60 0xE6 0x5B ...
Reg HKLM\SYSTEM\ControlSet007\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet007\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh 0x6E 0x27 0xFE 0xFE ...
Reg HKLM\SYSTEM\ControlSet007\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf41 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet007\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf41@khjeh 0x90 0x7B 0xD4 0x7C ...
Reg HKLM\SYSTEM\ControlSet007\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf42 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet007\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf42@khjeh 0xC1 0xF9 0xA9 0x1A ...
Reg HKLM\SYSTEM\ControlSet007\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf43 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet007\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf43@khjeh 0xA1 0x59 0xBE 0xA1 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\000a9416c094
Reg HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\000a9416c094@001c9af82e85 0x31 0xD7 0xE4 0x5A ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\000a9416c094@00229891dcdf 0x69 0xFA 0x74 0xBF ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\cxru92a1@DisplayName Virtual Bus for Microsoft ACPI-Compliant System
Reg HKLM\SYSTEM\CurrentControlSet\Services\cxru92a1@ErrorControl 1
Reg HKLM\SYSTEM\CurrentControlSet\Services\cxru92a1@Start 3
Reg HKLM\SYSTEM\CurrentControlSet\Services\cxru92a1@Type 1
Reg HKLM\SYSTEM\CurrentControlSet\Services\kkgunv@ErrorControl 0
Reg HKLM\SYSTEM\CurrentControlSet\Services\kkgunv@Group Boot Bus Extender
Reg HKLM\SYSTEM\CurrentControlSet\Services\kkgunv@Start 0
Reg HKLM\SYSTEM\CurrentControlSet\Services\kkgunv@Type 1
Reg HKLM\SYSTEM\CurrentControlSet\Services\kkgunv@{3aa30bb4-e017-46c3-4356-426275e9dd4f} 1
Reg HKLM\SYSTEM\CurrentControlSet\Services\kmrmu@ErrorControl 0
Reg HKLM\SYSTEM\CurrentControlSet\Services\kmrmu@Group Boot Bus Extender
Reg HKLM\SYSTEM\CurrentControlSet\Services\kmrmu@Start 0
Reg HKLM\SYSTEM\CurrentControlSet\Services\kmrmu@Type 1
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 1
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0xBB 0x43 0x96 0xD9 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:\Program Files\DAEMON Tools Lite\
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0 0xD4 0xC3 0x97 0x02 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0x74 0xED 0xF1 0xD2 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0x5E 0x93 0x06 0x48 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq1
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq1@hdf12 0xAC 0xDF 0x25 0xBE ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq2
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq2@hdf12 0x9F 0x1A 0x76 0x52 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 0
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0xA9 0x73 0x98 0x1F ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh 0x53 0x60 0xE6 0x5B ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh 0x6E 0x27 0xFE 0xFE ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf41
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf41@khjeh 0x90 0x7B 0xD4 0x7C ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf42
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf42@khjeh 0xC1 0xF9 0xA9 0x1A ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf43
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf43@khjeh 0xA1 0x59 0xBE 0xA1 ...

---- Kernel code sections - GMER 1.0.15 ----

? System32\Drivers\kkgunv.sys Un périphérique attaché au système ne fonctionne pas correctement. !
? System32\Drivers\kmrmu.sys Un périphérique attaché au système ne fonctionne pas correctement. !

---- EOF - GMER 1.0.15 ----

Edité par Badis le 12/10/2010 à 03:30

Petite précision , à la fin de l'action de gmer , le message " warning ... " reviens mais là , mais sans la phrase " dou you want to fully scan your system ?"

Bonjour Badis

- Ce pc peut t-il redémarrer en mode sans échec avec prise en charge du réseau ? L'accés au net dans ce cas sera possible

oui , il le peux

heu , petite précision , au cas ou , l'acces au net a tj été possible , le problème , c'est que sa te trouve tj le même virus ou trojan taper à ta porte. Rien que là , en redémarrant le pc , avira m'a affiché un message : Dans le fichier 'C:\Windows\temp\796076e6a298'
un virus ou un programme indésirable 'RKIT/Bubnix.abd.1' [trojan] a été détecté.

Je tiens aussi à préciser , qu'à chaque fois que ses messages arrive , je mets " supprimé "

- Exécute si c'est possible la procédure ci dessous en mode normal sinon choisis le mode sans échec



- Suis précisément les instructions données pour le téléchargement et l'enregistrement du fichier c'est important

- Fais un clic droit sur l'un de ces liens
http://download.bleepingcomputer.co[...]Bs/ComboFix.exe
http://subs.geekstogo.com/ComboFix.exe

- Choisis Enregistrer la cible sous ...
- Choisis le bureau comme lieu d'enregistrement

- Donne lui ce nom ce nom sos.exe clique sur Enregistrer

- Connecte tes sources de données externes
- Désactive ou quitte tous tes logiciels de sécurité (Anntivirus, antispyware, pare feu)

- Fais un double clic sur sos.exe


- Lors de son exécution, ComboFix va vérifier si la Console de récupération Microsoft Windows est installée. Avec des infections comme celles d'aujourd'hui, il est fortement conseillé de l'avoir pré-installée sur votre PC avant toute suppression de nuisibles. Elle te permettra de démarrer dans un mode spécial, de récupération (réparation), qui nous permet de t'aider plus facilement si jamais ton ordinateur rencontre un problème après une tentative de nettoyage


Note : Si la Console de récupération est déjà installée, ComboFix continuera ses procédures de suppression de nuisibles.

- Suis les invites pour permettre à ComboFix de télécharger et installer la Console de récupération Microsoft Windows, et lorsque cela t'est demandé, accepte le Contrat de Licence Utilisateur Final pour installer la Console de récupération Microsoft Windows.

http://img24.xooimage.com/files/7/f[...]e_1-203660f.png

- Une fois que la Console de récupération est installée via ComboFix, tu dois voir le message suivant:
http://img28.xooimage.com/files/1/5[...]e_2-2036630.png

- Clique sur Oui ou appuie sur la touche o
- Laisse ensuite le scan se dérouler sans toucher au clavier ni à la souris.

* Lorsque le scan sera complété, un rapport apparaîtra. Copie/colle ce rapport dans ta prochaine réponse.

NOTE : Le rapport se trouve également ici : C:\Combofix.txt

Salut , déjà merci de prendre le temp de m'aider , c'est toujours agréable de recevoir de l'aide quand on est en galère.
Sinon , j'ai essayé ce que tu m'as dit , mais d'une manière ou d'une autre , le logiciel fait tj le même bloquage. accès refusé.
Même en retéléchargant le fichier en mode sans echec.

On fait autrement pour les fichiers qui résistent.

1) Télécharge The Avenger par Swandog46 sur le Bureau
http://swandog46.geekstogo.com/avenger.zip

* Clic sur Avenger.zip ==> Extraire tout et extraie la totalité de l'archive sur le bureau


2) Surligne le texte en Citation (sans le mot citation) ci-dessous clic droit dessus choisis Copier

Citation :

Files to delete: C:\Windows\temp\796076e6a298 C:\Windows\System32\Drivers\kkgunv.sys C:\Windows\System32\Drivers\kmrmu.sys

3) Démarre Avenger.exe

* Fais un clic droit dans la fenêtre qui est en dessous de Input Script here
* Choisis Paste dans la liste clique ensuite sur Execute


IMPORTANT: Le code ci-dessus a été intentionnellement rédigé pour cet utilisateur.
si vous n'êtes pas cet utilisateur, ne pas appliquer ces directives : elles pourraient endommager votre système.



4) The Avenger va automatiquement faire ce qui suit:
* Il va redémarrer le système. [i]( Dans les cas où le script contient un/des "Drivers to Unload", The Avenger re-démarrera le système 2 fois.)[i/]

* Pendant le redémarrage, il apparaitra brièvement une fenêtre de commande de windows noire sur le bureau, ceci est NORMAL.

*Après le redémarrage, il crée un fichier log qui s'ouvrira, faisant apparaitre les actions exécutées par The Avenger. Ce fichier log se trouve ici : C:\avenger.txt

* The Avenger aura également sauvegardé tous les fichiers, etc., que vous lui avez demandé de supprimer, les aura compactés (zipped) et tranféré l'archive zip ici C:\avenger\backup.zip.

Note : Il est possible qu'il y aie une erreur de démarrage à cause d'une DLL manquante ceci est normal.

5) Pour finir copier/coller le contenu du ficher c:\avenger.txt dans une réponse

voilà ce que avenger m'a renvoyé :
Logfile of The Avenger Version 2.0, (c) by Swandog46
http://swandog46.geekstogo.com

Platform: Windows Vista

*******************

Script file opened successfully.
Script file read successfully.

Backups directory opened successfully at C:\Avenger

*******************

Beginning to process script file:

Rootkit scan active.
No rootkits found!


Error: file "C:\Windows\temp\796076e6a298" not found!
Deletion of file "C:\Windows\temp\796076e6a298" failed!
Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)
--> the object does not exist


Error: could not open file "C:\Windows\System32\Drivers\kkgunv.sys"
Deletion of file "C:\Windows\System32\Drivers\kkgunv.sys" failed!
Status: 0xc0000043 (STATUS_SHARING_VIOLATION)

File "C:\Windows\System32\Drivers\kmrmu.sys" deleted successfully.

Completed script processing.

*******************

Finished! Terminate.


deux petit point important : à chaque fois que avira m'envoie un message de detection de virus ou autre objet dangereux , je mets supprimé ( et je coche meme l'option "mémoriser l'action ... pour ce fichier" )

La deuxieme chose , mon antivirus m'affiche une fenetre avec encore une fois la detection d'un fichier dangereux , mais là , c'est différent :
c:\Avenger\kmrmu.sys
Contient le modèle de détection du rootkit RKIT/Bubnix.ZM

La page est tj ouverte , j'ai préféré t'en parler avant de faire quoi que se soit ( le supprimé quoi )

Après ca , j'ai lancé windows defender , et je sais pas si c'est le hasart mais mon antivirus m'a signalé comme corrompu le fichier userenit dont j'avais parlé dans mon premier message.
Voilà le message :
Dans le fichier 'C:\Windows\System32\us&#1077;rinit.exe'
un virus ou un programme indésirable 'TR/Drop.Sirefef.B.170' [trojan] a été détecté.
Par contre , c'est la premiere fois que le message avec un fichier corrompu dans le dossier temp n'est pas apparu. On croise les doigts.

Edité par Badis le 12/10/2010 à 23:47

Bonjour Badis

- Le plus important pour le moment c'est le rootkit, il devrait être neutralisé puisse qu'il se trouve dans le dossier de sauvegarde d'avenger

- On va appliquer le principe de précautions

- Télécharge RootRepeal http://ad13.geekstogo.com/RootRepeal.zip
- Clic droit sur le fichier ==> Extraire tout et extraie l'archive sur le bureau

- Lance RootRepeal clique en bas sur Files http://moe.mabul.org/up/moe/2010/02[...]70btr1.jpg.html



- Clique ensuite sur Scan
- sur la fenêtre qui apparaît coche C:\ et clique sur Ok

- Le scan va démarrer il peut être assez long
- Ce dernier terminé clique sur Save Report donne un nom à ce fichier
- Enregistre le sur le bureau

- Poste le contenu de ce rapport

Bonjour geronimo

Je viens de démarrer le scan , mais directement , l'antivirus m'alerte d'un fichier corrompu. Encore une fois , différent des autres du dossier temp. En faite , depuis que j'ai ce pc entre les mains ( quelque jours ) , à chaque démarrage , sa m'annonce une découverte de trojan ou virus d'entrée ( une fois l'antivirus bien démarré)mais là , rien. Jusqu'au lancement de rootrepeal. Et là , je recoit coup sur coup 2 alerte.
Je te mets les deux messages ( en faite c'est le même ) et l'action que j'ai fait :
Dans le fichier 'C:\Windows\System32\drivers\cxru92a1.sys'
un virus ou un programme indésirable 'RKIT/Agent.bjpu' [trojan] a été détecté.
Action exécutée : Refuser l'accès

Edité par Badis le 13/10/2010 à 18:27

Désactive ton antivirus et fais le scan avec Rootrepeal poste ensuite son rapport

Le scan est déjà lancé , faut que je l'arrete et que je recommence apres avoir désactivé mon antivirus ?

Non si tu n'a plus d'alertes

L'alerte a été faite , 15 seconde apres avoir cliqué sur scan , la seconde 1 seconde apres , et depuis plus rien , sa fait 20 minutes.

ROOTREPEAL (c) AD, 2007-2009
==================================================
Scan Start Time: 2010/10/13 18:52
Program Version: Version 1.3.5.0
Windows Version: Windows Vista SP2
==================================================

Hidden/Locked Files
-------------------
Path: C:\System Volume Information\{3808876b-c176-4e48-b7ae-04046e6cc752}
Status: Locked to the Windows API!

Path: C:\System Volume Information\{be30a09e-d641-11df-a29f-001e68f51b4f}{3808876b-c176-4e48-b7ae-04046e6cc752}
Status: Locked to the Windows API!

Path: C:\Program Files\Windows Media Player\Network Sharing\RENDER~1.XML
Status: Locked to the Windows API!

Path: C:\Windows\System32\drivers\kkgunv.sys
Status: Locked to the Windows API!

Path: C:\Windows\System32\spool\SpoolerETW.etl
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_microsoft.msxml2_6bd6b9abf345378f_4.20.9870.0_none_b7e00e6c7b30b69b.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.762_none_11ecb0ab9b2caf3c.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.762_none_0c178a139ee2a7ed.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_policy.9.0.microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.21022.8_none_60a5df56e60dc5df.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_microsoft.msxml2_6bd6b9abf345378f_4.20.9848.0_none_b7e811287b298060.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.42_none_0e9c2a8d74fd3ce6.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.21022.8_none_b81d038aaf540e86.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.42_none_dc990e4797f81af1.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_policy.8.0.microsoft.vc80.openmp_1fc8b3b9a1e18e3b_8.0.50727.42_none_7658964504b9f3b6.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_microsoft.msxml2_6bd6b9abf345378f_4.20.9818.0_none_b7e811947b297f6d.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_microsoft.vc90.debugcrt_1fc8b3b9a1e18e3b_9.0.30729.1_none_bb1f6aa1308c35eb.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_policy.8.0.microsoft.vc80.openmp_1fc8b3b9a1e18e3b_8.0.50727.762_none_abac38a907ee8801.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.21022.8_none_bcb86ed6ac711f91.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_policy.9.0.microsoft.vc90.debugmfc_1fc8b3b9a1e18e3b_9.0.30729.1_none_5c94f2bbe7d4aaf6.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.21022.8_none_b59bae9d65014b98.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.42_none_d6c3e7af9bae13a2.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_policy.4.1.microsoft.msxml2r_6bd6b9abf345378f_4.1.1.0_none_8b7b15c031cda6db.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_microsoft.vc90.atl_1fc8b3b9a1e18e3b_9.0.21022.8_none_bdf22a22ab9e15d5.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_policy.8.0.microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.42_none_54c11df268b7c6d9.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_policy.4.20.microsoft.msxml2_6bd6b9abf345378f_4.20.9870.0_none_a6dea5dc0ea08098.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_policy.9.0.microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.1_none_818f59bf601aa775.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.762_none_10b2f55f9bffb8f8.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_policy.9.0.microsoft.vc90.atl_1fc8b3b9a1e18e3b_9.0.30729.1_none_81c25f21d3d46d84.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_policy.9.0.microsoft.vc90.openmp_1fc8b3b9a1e18e3b_9.0.21022.8_none_7ab8cc63a6e4c2a3.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_policy.8.0.microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.762_none_9193a620671dde41.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_microsoft.msxml2r_6bd6b9abf345378f_4.1.1.0_none_365945b9da656e4d.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_policy.4.20.microsoft.msxml2_6bd6b9abf345378f_4.20.9848.0_none_a6e6a8980e994a5d.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.4053_none_cbf21254470d8752.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_policy.9.0.microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.1_none_7dd1e0ebd6590e0b.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_policy.8.0.microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.762_none_8dd7dea5d5a7a18a.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_policy.9.0.microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.21022.8_none_5ce47260749ddc2c.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_policy.8.0.microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.163_none_91949b06671d08ae.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_policy.8.0.microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.42_none_58b19c2866332652.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_policy.8.0.microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.42_none_58843c41d2730d3f.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_microsoft.vc90.atl_1fc8b3b9a1e18e3b_9.0.30729.1_none_e29d1181971ae11e.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_microsoft.msxml2_6bd6b9abf345378f_4.20.9876.0_none_b7e610287b2b4ea5.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.1_none_e163563597edeada.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_policy.8.0.microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.42_none_5c4003bc63e949f6.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_policy.8.0.microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4053_none_516e2e610f48bda6.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_policy.9.0.microsoft.vc90.debugcrt_1fc8b3b9a1e18e3b_9.0.30729.1_none_61305e07e4f1bc01.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_microsoft.vc80.openmp_1fc8b3b9a1e18e3b_8.0.50727.762_none_7b33aa7d218504d2.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_microsoft.msxml2r_6bd6b9abf345378f_4.1.0.0_none_3658456fda6654f6.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_microsoft.vc90.openmp_1fc8b3b9a1e18e3b_9.0.21022.8_none_ecdf8c290e547f39.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_policy.8.0.microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.762_none_8a14c0566bec5b24.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.42_none_db5f52fb98cb24ad.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_policy.9.0.microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.1_none_8550c6b5d18a9128.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.762_none_43efccf17831d131.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_policy.8.0.microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.4053_none_4ddfc6cd11929a02.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_policy.9.0.microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.21022.8_none_5926f98ceadc42c2.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.163_none_10b3ea459bfee365.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4053_none_d08d7da0442a985d.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.4053_none_d1c738ec43578ea1.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_policy.8.0.microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.4053_none_49ef489714173a89.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_policy.8.0.microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.762_none_8e053e8c6967ba9d.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_policy.4.20.microsoft.msxml2_6bd6b9abf345378f_4.20.9876.0_none_a6e4a7980e9b18a2.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.1_none_dcc7eae99ad0d9cf.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_policy.9.0.microsoft.vc90.atl_1fc8b3b9a1e18e3b_9.0.21022.8_none_5d1777c2e857a23b.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_microsoft.vc80.openmp_1fc8b3b9a1e18e3b_8.0.50727.42_none_45e008191e507087.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_microsoft.vc90.debugmfc_1fc8b3b9a1e18e3b_9.0.30729.1_none_bfff6c932d60651e.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.1_none_da4695fc507e16e1.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\msil_system.web.resources_b03f5f7f11d50a3a_6.0.6000.16762_fr-fr_ad22f770b6ff9c3a\SYSTEM~1.DLL
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_microsoft-windows-mediaplayer-core_31bf3856ad364e35_6.0.6001.18185_none_0b1847174f5614f7\RENDER~1.XML
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_microsoft-windows-mediaplayer-core_31bf3856ad364e35_6.0.6001.18289_none_0b1c4a254f52777a\RENDER~1.XML
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_microsoft-windows-mediaplayer-core_31bf3856ad364e35_6.0.6001.18330_none_0b49590d4f3204dd\RENDER~1.XML
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_microsoft-windows-mediaplayer-core_31bf3856ad364e35_6.0.6001.22331_none_0bd3f43c684ec0d7\RENDER~1.XML
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_microsoft-windows-mediaplayer-core_31bf3856ad364e35_6.0.6001.22470_none_0ba7b6286870146b\RENDER~1.XML
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_microsoft-windows-mediaplayer-core_31bf3856ad364e35_6.0.6001.22520_none_0bddc7aa684785dd\RENDER~1.XML
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_microsoft-windows-mediaplayer-core_31bf3856ad364e35_6.0.6002.18005_none_0d553c2b4c3b84e1\RENDER~1.XML
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_microsoft-windows-mediaplayer-core_31bf3856ad364e35_6.0.6002.18065_none_0d145ca34c6c2c87\RENDER~1.XML
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_appdata_b03f5f7f11d50a3a_6.0.6000.20883_none_8469d28baa199a7e\GROUPE~1.XML
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_membership_sql_b03f5f7f11d50a3a_6.0.6001.22230_none_569b6e0c6aa641d3\UNINST~1.SQL
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_appdata_b03f5f7f11d50a3a_6.0.6000.16720_none_9b31bbe79077558b\GROUPE~1.XML
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_mof_b03f5f7f11d50a3a_6.0.6000.16720_none_a54ef540d05f91fc\ASPNET~1.UNI
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_mof_b03f5f7f11d50a3a_6.0.6000.20883_none_8e870be4ea01d6ef\ASPNET~1.UNI
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_mof_b03f5f7f11d50a3a_6.0.6001.18111_none_a529d9f6d0b19e9d\ASPNET~1.UNI
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_mof_b03f5f7f11d50a3a_6.0.6001.22230_none_8e5e4a92ea5717b0\ASPNET~1.UNI
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-msbuild_data_files_b03f5f7f11d50a3a_6.0.6001.18111_none_7c8b5cbf426fb0d2\MICROS~1.TAS
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-msbuild_data_files_b03f5f7f11d50a3a_6.0.6001.22230_none_65bfcd5b5c1529e5\MICROS~1.TAS
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_policy.1.2.microsof..op.security.azroles_31bf3856ad364e35_6.0.6000.16386_none_ea83414c2e75b887\Microsoft.Interop.Security.AzRoles.config
Status: Locked to the Windows API!

Path: c:\windows\winsxs\x86_wpdmtphw.inf.resources_31bf3856ad364e35_6.0.6002.18112_fr-fr_0159d28dcc6507d0\wpdmtphw.inf_loc
Status: Allocation size mismatch (API: 4096, Raw: 384)

Path: C:\Windows\winsxs\x86_wpf-globaluserinterfacecf_31bf3856ad364e35_6.0.6001.18096_none_ada2ec92b42bf87e\GLOBAL~1.COM
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_defwsdlhlpgen_b03f5f7f11d50a3a_6.0.6000.16720_none_38b929534b68462d\DEFAUL~1.ASP
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_defwsdlhlpgen_b03f5f7f11d50a3a_6.0.6000.20883_none_21f13ff7650a8b20\DEFAUL~1.ASP
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_defwsdlhlpgen_b03f5f7f11d50a3a_6.0.6001.18111_none_38940e094bba52ce\DEFAUL~1.ASP
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_defwsdlhlpgen_b03f5f7f11d50a3a_6.0.6001.22230_none_21c87ea5655fcbe1\DEFAUL~1.ASP
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-msbuild_targetfiles_b03f5f7f11d50a3a_6.0.6000.16720_none_8d57832b7d03f5e1\MICROS~3.TAR
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-msbuild_targetfiles_b03f5f7f11d50a3a_6.0.6000.20883_none_768f99cf96a63ad4\MICROS~3.TAR
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-msbuild_targetfiles_b03f5f7f11d50a3a_6.0.6001.18111_none_8d3267e17d560282\MICROS~3.TAR
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-msbuild_targetfiles_b03f5f7f11d50a3a_6.0.6001.22230_none_7666d87d96fb7b95\MICROS~3.TAR
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-msbuild_data_files_b03f5f7f11d50a3a_6.0.6000.16720_none_7cb07809421da431\MICROS~1.TAS
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-msbuild_data_files_b03f5f7f11d50a3a_6.0.6000.20883_none_65e88ead5bbfe924\MICROS~1.TAS
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_membership_sql_b03f5f7f11d50a3a_6.0.6000.16720_none_6d8c18ba50aebc1f\UNINST~1.SQL
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_membership_sql_b03f5f7f11d50a3a_6.0.6000.20883_none_56c42f5e6a510112\UNINST~1.SQL
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_membership_sql_b03f5f7f11d50a3a_6.0.6001.18111_none_6d66fd705100c8c0\UNINST~1.SQL
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_appdata_b03f5f7f11d50a3a_6.0.6001.18111_none_9b0ca09d90c9622c\GROUPE~1.XML
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_appdata_b03f5f7f11d50a3a_6.0.6001.22230_none_84411139aa6edb3f\GROUPE~1.XML
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\msil_system.data.oracleclient.resources_b77a5c561934e089_6.0.6000.16762_fr-fr_8c5076cafc943713\SYSTEM~1.DLL
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\msil_system.data.oracleclient.resources_b77a5c561934e089_6.0.6000.20935_fr-fr_757f8ab1163e9848\SYSTEM~1.DLL
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_wwf-cwetargets_i_31bf3856ad364e35_6.0.6002.18005_none_a247400ed5fa688d\WORKFL~1.TAR
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_wpf-globalserifcf_31bf3856ad364e35_6.0.6000.16708_none_319b7f14a2b4f78c\GLOBAL~1.COM
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_wpf-globalserifcf_31bf3856ad364e35_6.0.6000.20864_none_31e03b2fbc06d9a0\GLOBAL~1.COM
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_wpf-globalserifcf_31bf3856ad364e35_6.0.6001.18096_none_331e6bf4a0265421\GLOBAL~1.COM
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_wpf-globalserifcf_31bf3856ad364e35_6.0.6001.22208_none_340b5a85b8f92847\GLOBAL~1.COM
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_wpf-globalserifcf_31bf3856ad364e35_6.0.6002.18005_none_356532909d048bea\GLOBAL~1.COM
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_wpf-globaluserinterfacecf_31bf3856ad364e35_6.0.6000.16708_none_ac1fffb2b6ba9be9\GLOBAL~1.COM
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_wpf-globaluserinterfacecf_31bf3856ad364e35_6.0.6000.20864_none_ac64bbcdd00c7dfd\GLOBAL~1.COM
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_wpf-system.speech_31bf3856ad364e35_6.0.6000.16708_none_7fdeb5cb1f6006f4\SYSTEM~1.DLL
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_wpf-system.speech_31bf3856ad364e35_6.0.6000.20864_none_802371e638b1e908\SYSTEM~1.DLL
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_wpf-system.speech_31bf3856ad364e35_6.0.6001.18096_none_8161a2ab1cd16389\SYSTEM~1.DLL
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_wpf-system.speech_31bf3856ad364e35_6.0.6001.22208_none_824e913c35a437af\SYSTEM~1.DLL
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_wpf-system.speech_31bf3856ad364e35_6.0.6002.18005_none_83a8694719af9b52\SYSTEM~1.DLL
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\msil_system.xml.resources_b77a5c561934e089_6.0.6000.16762_fr-fr_a4ea15083da42a2d\SYSTEM~1.DLL
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\msil_system.xml.resources_b77a5c561934e089_6.0.6000.20935_fr-fr_8e1928ee574e8b62\SYSTEM~1.DLL
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_wwf-cwetargets_i_31bf3856ad364e35_6.0.6001.22208_none_a0ed6803f1ef04ea\WORKFL~1.TAR
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_wpf-globaluserinterfacecf_31bf3856ad364e35_6.0.6001.22208_none_ae8fdb23ccfecca4\GLOBAL~1.COM
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\msil_system.web.resources_b03f5f7f11d50a3a_6.0.6000.20935_fr-fr_96520b56d0a9fd6f\SYSTEM~1.DLL
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\msil_system.identitymodel.resources_b77a5c561934e089_6.0.6002.18239_fr-fr_312f06d54a7a0ba0\SYSTEM~1.DLL
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\msil_system.identitymodel.resources_b77a5c561934e089_6.0.6002.22380_fr-fr_1a672e8f641c03b0\SYSTEM~1.DLL
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\msil_system.data.oracleclient.resources_b77a5c561934e089_6.0.6001.18155_fr-fr_8c2b2df0fce676f6\SYSTEM~1.DLL
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\msil_system.data.oracleclient.resources_b77a5c561934e089_6.0.6001.22286_fr-fr_75607147168b3ca2\SYSTEM~1.DLL
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\msil_mscorlib.resources_b77a5c561934e089_6.0.6000.16762_fr-fr_bfcc2229d6b5ee8a\MSCORL~1.DLL
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\msil_mscorlib.resources_b77a5c561934e089_6.0.6000.20935_fr-fr_a8fb360ff0604fbf\MSCORL~1.DLL
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\msil_mscorlib.resources_b77a5c561934e089_6.0.6001.18155_fr-fr_bfa6d94fd7082e6d\MSCORL~1.DLL
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\msil_mscorlib.resources_b77a5c561934e089_6.0.6001.22286_fr-fr_a8dc1ca5f0acf419\MSCORL~1.DLL
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\msil_system.xml.resources_b77a5c561934e089_6.0.6001.18155_fr-fr_a4c4cc2e3df66a10\SYSTEM~1.DLL
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\msil_system.xml.resources_b77a5c561934e089_6.0.6001.22286_fr-fr_8dfa0f84579b2fbc\SYSTEM~1.DLL
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_wwf-cwetargets_i_31bf3856ad364e35_6.0.6000.16708_none_9e7d8c92dbaad42f\WORKFL~1.TAR
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_wwf-cwetargets_i_31bf3856ad364e35_6.0.6000.20864_none_9ec248adf4fcb643\WORKFL~1.TAR
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_wwf-cwetargets_i_31bf3856ad364e35_6.0.6001.18096_none_a0007972d91c30c4\WORKFL~1.TAR
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\msil_system.resources_b77a5c561934e089_6.0.6002.18005_fr-fr_c0512a2df8cf6dc0\$$DeleteMe.system.Resources.dll.01cb6992327525ba.0003
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\msil_system.resources_b77a5c561934e089_6.0.6002.18232_fr-fr_c0546f1bf8cc6d84\$$DeleteMe.system.Resources.dll.01cb6992327525ba.0003
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\msil_system.resources_b77a5c561934e089_6.0.6002.22372_fr-fr_a98ac984127032e6\$$DeleteMe.system.Resources.dll.01cb6992327525ba.0003
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_membership_sql_b03f5f7f11d50a3a_6.0.6002.18005_none_6d41994e5153298b\UNINST~1.SQL
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\msil_smdiagnostics.resources_b77a5c561934e089_6.0.6002.18239_fr-fr_a25f65f6a0afb538\SMDIAG~1.DLL
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\msil_smdiagnostics.resources_b77a5c561934e089_6.0.6002.22380_fr-fr_8b978db0ba51ad48\SMDIAG~1.DLL
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6002.18239_fr-fr_e8423b3f2162339b\SYSTEM~1.DLL
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6002.22380_fr-fr_d17a62f93b042bab\SYSTEM~1.DLL
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_microsoft-windows-mediaplayer-core_31bf3856ad364e35_6.0.6002.18111_none_0d466cfd4c47389d\RENDER~1.XML
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_microsoft-windows-mediaplayer-core_31bf3856ad364e35_6.0.6002.22172_none_0d9028a465949c3d\RENDER~1.XML
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_microsoft-windows-mediaplayer-core_31bf3856ad364e35_6.0.6002.22223_none_0dc73a70656b2706\RENDER~1.XML
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\msil_system.web.resources_b03f5f7f11d50a3a_6.0.6001.18155_fr-fr_acfdae96b751dc1d\SYSTEM~1.DLL
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\msil_system.web.resources_b03f5f7f11d50a3a_6.0.6001.22286_fr-fr_9632f1ecd0f6a1c9\SYSTEM~1.DLL
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_microsoft-windows-mediaplayer-core_31bf3856ad364e35_6.0.6000.16789_none_09360999522be962\RENDER~1.XML
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_microsoft-windows-mediaplayer-core_31bf3856ad364e35_6.0.6000.16885_none_09320a57522f812d\RENDER~1.XML
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_microsoft-windows-mediaplayer-core_31bf3856ad364e35_6.0.6000.16926_none_0973ec0f51fdf005\RENDER~1.XML
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_microsoft-windows-mediaplayer-core_31bf3856ad364e35_6.0.6000.20976_none_09c777586b441e5d\RENDER~1.XML
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_microsoft-windows-mediaplayer-core_31bf3856ad364e35_6.0.6000.21083_none_09b97eb06b4f218b\RENDER~1.XML
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_microsoft-windows-mediaplayer-core_31bf3856ad364e35_6.0.6000.21125_none_09fc60b26b1ca9ba\RENDER~1.XML
Status: Locked to the Windows API!

Path: C:\Windows\Microsoft.NET\Framework\v2.0.50727\ASPNET~1.UNI
Status: Locked to the Windows API!

Path: C:\Windows\Microsoft.NET\Framework\v2.0.50727\MICROS~3.TAR
Status: Locked to the Windows API!

Path: C:\Windows\Microsoft.NET\Framework\v2.0.50727\MICROS~1.TAS
Status: Locked to the Windows API!

Path: C:\Windows\Microsoft.NET\Framework\v2.0.50727\SYSTEM~1.DLL
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Temp\PendingDeletes\sortkey.nlp
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Temp\PendingDeletes\sortkey.nlp
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Temp\PendingDeletes\sortkey.nlp
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Temp\PendingDeletes\sorttbls.nlp
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Temp\PendingDeletes\sorttbls.nlp
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Temp\PendingDeletes\sorttbls.nlp
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Temp\PendingDeletes\sorttbls.nlp
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Temp\PendingDeletes\sortkey.nlp
Status: Locked to the Windows API!

Path: C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\SYSTEM~1.DLL
Status: Locked to the Windows API!

Path: C:\Windows\assembly\GAC_32\Policy.1.2.Microsoft.Interop.Security.AzRoles\6.0.6000.16386__31bf3856ad364e35\Microsoft.Interop.Security.AzRoles.config
Status: Locked to the Windows API!

Path: C:\Windows\assembly\GAC_MSIL\System.resources\2.0.0.0_fr_b77a5c561934e089\$$DeleteMe.system.Resources.dll.01cb6992327525ba.0003
Status: Locked to the Windows API!

Path: C:\Windows\assembly\GAC_MSIL\SMDiagnostics.resources\3.0.0.0_fr_b77a5c561934e089\SMDIAG~1.DLL
Status: Locked to the Windows API!

Path: C:\Windows\assembly\GAC_MSIL\System.IdentityModel.resources\3.0.0.0_fr_b77a5c561934e089\SYSTEM~1.DLL
Status: Locked to the Windows API!

Path: C:\Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\SYSTEM~1.DLL
Status: Locked to the Windows API!

Path: C:\Windows\assembly\GAC_MSIL\System.Runtime.Serialization.resources\3.0.0.0_fr_b77a5c561934e089\SYSTEM~1.DLL
Status: Locked to the Windows API!

Path: c:\metaboli\games\rainbowsixvegasfr\kellergame\localization\ita\mp_hoover_02.ita
Status: Allocation size mismatch (API: 65536, Raw: 0)

Path: c:\metaboli\games\rainbowsixvegasfr\kellergame\localization\ita\99_helirides_05innear.ita
Status: Allocation size mismatch (API: 65536, Raw: 0)

Path: c:\metaboli\games\rainbowsixvegasfr\kellergame\localization\ita\99_helirides_06in.ita
Status: Allocation size mismatch (API: 65536, Raw: 0)

Path: c:\metaboli\games\rainbowsixvegasfr\kellergame\localization\ita\loading.ita
Status: Allocation size mismatch (API: 65536, Raw: 0)

Path: c:\metaboli\games\rainbowsixvegasfr\kellergame\localization\ita\mp_casino_01.ita
Status: Allocation size mismatch (API: 65536, Raw: 0)

Path: c:\metaboli\games\rainbowsixvegasfr\kellergame\localization\ita\mp_casino_02.ita
Status: Allocation size mismatch (API: 65536, Raw: 0)

Path: c:\metaboli\games\rainbowsixvegasfr\kellergame\localization\ita\mp_dantes_01.ita
Status: Allocation size mismatch (API: 65536, Raw: 0)

Path: c:\metaboli\games\rainbowsixvegasfr\kellergame\localization\ita\mp_hoover_01.ita
Status: Allocation size mismatch (API: 65536, Raw: 0)

Path: c:\metaboli\games\rainbowsixvegasfr\kellergame\localization\ita\mp_lvu_01.ita
Status: Allocation size mismatch (API: 65536, Raw: 0)

Path: c:\metaboli\games\rainbowsixvegasfr\kellergame\localization\ita\mp_lvu_02.ita
Status: Allocation size mismatch (API: 65536, Raw: 0)

Path: c:\metaboli\games\rainbowsixvegasfr\kellergame\localization\ita\mp_mexico_01.ita
Status: Allocation size mismatch (API: 65536, Raw: 0)

Path: c:\metaboli\games\rainbowsixvegasfr\kellergame\localization\ita\mp_tower_01.ita
Status: Allocation size mismatch (API: 65536, Raw: 0)

Path: c:\metaboli\games\rainbowsixvegasfr\kellergame\localization\ita\r6game.ita
Status: Allocation size mismatch (API: 65536, Raw: 0)

Path: c:\metaboli\games\rainbowsixvegasfr\kellergame\localization\ita\r6hud.ita
Status: Allocation size mismatch (API: 65536, Raw: 0)

Path: c:\metaboli\games\rainbowsixvegasfr\kellergame\localization\ita\r6menus.ita
Status: Allocation size mismatch (API: 131072, Raw: 0)

Path: c:\metaboli\games\rainbowsixvegasfr\kellergame\localization\ita\r6objective.ita
Status: Allocation size mismatch (API: 65536, Raw: 0)

Path: c:\metaboli\games\rainbowsixvegasfr\kellergame\localization\ita\r6tutorial.ita
Status: Allocation size mismatch (API: 65536, Raw: 0)

Path: c:\metaboli\games\rainbowsixvegasfr\kellergame\localization\ita\r6tutorial360.ita
Status: Allocation size mismatch (API: 65536, Raw: 0)

Path: c:\metaboli\games\rainbowsixvegasfr\kellergame\localization\pol\99_helirides_03innear.pol
Status: Allocation size mismatch (API: 65536, Raw: 0)

Path: c:\metaboli\games\rainbowsixvegasfr\kellergame\localization\pol\mp_hoover_02.pol
Status: Allocation size mismatch (API: 65536, Raw: 0)

Path: c:\metaboli\games\rainbowsixvegasfr\kellergame\localization\pol\01_mexico_04.pol
Status: Allocation size mismatch (API: 65536, Raw: 0)

Path: c:\metaboli\games\rainbowsixvegasfr\kellergame\localization\pol\01_mexico_06.pol
Status: Allocation size mismatch (API: 65536, Raw: 0)

Path: c:\metaboli\games\rainbowsixvegasfr\kellergame\localization\pol\02_casino_05.pol
Status: Allocation size mismatch (API: 65536, Raw: 0)

Path: c:\metaboli\games\rainbowsixvegasfr\kellergame\localization\pol\03_fremont_02.pol
Status: Allocation size mismatch (API: 65536, Raw: 0)

Path: c:\metaboli\games\rainbowsixvegasfr\kellergame\localization\pol\03_fremont_03b.pol
Status: Allocation size mismatch (API: 65536, Raw: 0)

Path: c:\metaboli\games\rainbowsixvegasfr\kellergame\localization\pol\05_dantes_04.pol
Status: Allocation size mismatch (API: 65536, Raw: 0)

Path: c:\metaboli\games\rainbowsixvegasfr\kellergame\localization\pol\05_dantes_06.pol
Status: Allocation size mismatch (API: 65536, Raw: 0)

Path: c:\metaboli\games\rainbowsixvegasfr\kellergame\localization\pol\06_dam_02.pol
Status: Allocation size mismatch (API: 65536, Raw: 0)

Path: c:\metaboli\games\rainbowsixvegasfr\kellergame\localization\pol\06_dam_04.pol
Status: Allocation size mismatch (API: 65536, Raw: 0)

Path: c:\metaboli\games\rainbowsixvegasfr\kellergame\localization\pol\06_dam_08.pol
Status: Allocation size mismatch (API: 65536, Raw: 0)

Path: c:\metaboli\games\rainbowsixvegasfr\kellergame\localization\pol\99_helirides_01in.pol
Status: Allocation size mismatch (API: 65536, Raw: 0)

Path: c:\metaboli\games\rainbowsixvegasfr\kellergame\localization\pol\99_helirides_02innear.pol
Status: Allocation size mismatch (API: 65536, Raw: 0)

Path: c:\metaboli\games\rainbowsixvegasfr\kellergame\localization\pol\99_helirides_04innear.pol
Status: Allocation size mismatch (API: 65536, Raw: 0)

Path: c:\metaboli\games\rainbowsixvegasfr\kellergame\localization\pol\99_helirides_05innear.pol
Status: Allocation size mismatch (API: 65536, Raw: 0)

Path: c:\metaboli\games\rainbowsixvegasfr\kellergame\localization\pol\99_helirides_06in.pol
Status: Allocation size mismatch (API: 65536, Raw: 0)

Path: c:\metaboli\games\rainbowsixvegasfr\kellergame\localization\pol\loading.pol
Status: Allocation size mismatch (API: 65536, Raw: 0)

Path: c:\metaboli\games\rainbowsixvegasfr\kellergame\localization\pol\mp_casino_01.pol
Status: Allocation size mismatch (API: 65536, Raw: 0)

Path: c:\metaboli\games\rainbowsixvegasfr\kellergame\localization\pol\mp_casino_02.pol
Status: Allocation size mismatch (API: 65536, Raw: 0)

Path: c:\metaboli\games\rainbowsixvegasfr\kellergame\localization\pol\mp_dantes_01.pol
Status: Allocation size mismatch (API: 65536, Raw: 0)

Path: c:\metaboli\games\rainbowsixvegasfr\kellergame\localization\pol\mp_hoover_01.pol
Status: Allocation size mismatch (API: 65536, Raw: 0)

Path: c:\metaboli\games\rainbowsixvegasfr\kellergame\localization\pol\mp_lvu_01.pol
Status: Allocation size mismatch (API: 65536, Raw: 0)

Path: c:\metaboli\games\rainbowsixvegasfr\kellergame\localization\pol\mp_lvu_02.pol
Status: Allocation size mismatch (API: 65536, Raw: 0)

Path: c:\metaboli\games\rainbowsixvegasfr\kellergame\localization\pol\mp_mexico_01.pol
Status: Allocation size mismatch (API: 65536, Raw: 0)

Path: c:\metaboli\games\rainbowsixvegasfr\kellergame\localization\pol\mp_tower_01.pol
Status: Allocation size mismatch (API: 65536, Raw: 0)

Path: c:\metaboli\games\rainbowsixvegasfr\kellergame\localization\pol\r6game.pol
Status: Allocation size mismatch (API: 65536, Raw: 0)

Path: c:\metaboli\games\rainbowsixvegasfr\kellergame\localization\pol\r6hud.pol
Status: Allocation size mismatch (API: 65536, Raw: 0)

Path: c:\metaboli\games\rainbowsixvegasfr\kellergame\localization\pol\r6menus.pol
Status: Allocation size mismatch (API: 131072, Raw: 0)

Path: c:\metaboli\games\rainbowsixvegasfr\kellergame\localization\pol\r6objective.pol
Status: Allocation size mismatch (API: 65536, Raw: 0)

Path: c:\metaboli\games\rainbowsixvegasfr\kellergame\localization\pol\r6tutorial.pol
Status: Allocation size mismatch (API: 65536, Raw: 0)

Path: c:\metaboli\games\rainbowsixvegasfr\kellergame\localization\pol\r6tutorial360.pol
Status: Allocation size mismatch (API: 65536, Raw: 0)

Path: c:\metaboli\games\rainbowsixvegasfr\kellergame\localization\rus\99_helirides_03innear.rus
Status: Allocation size mismatch (API: 65536, Raw: 0)

Path: c:\metaboli\games\rainbowsixvegasfr\kellergame\localization\rus\mp_hoover_02.rus
Status: Allocation size mismatch (API: 65536, Raw: 0)

Path: c:\metaboli\games\rainbowsixvegasfr\kellergame\localization\rus\01_mexico_04.rus
Status: Allocation size mismatch (API: 65536, Raw: 0)

Path: c:\metaboli\games\rainbowsixvegasfr\kellergame\localization\rus\01_mexico_06.rus
Status: Allocation size mismatch (API: 65536, Raw: 0)

Path: c:\metaboli\games\rainbowsixvegasfr\kellergame\localization\rus\02_casino_03.rus
Status: Allocation size mismatch (API: 65536, Raw: 0)

Path: c:\metaboli\games\rainbowsixvegasfr\kellergame\localization\rus\02_casino_05.rus
Status: Allocation size mismatch (API: 65536, Raw: 0)

Path: c:\metaboli\games\rainbowsixvegasfr\kellergame\localization\rus\02_casino_06.rus
Status: Allocation size mismatch (API: 65536, Raw: 0)

Path: c:\metaboli\games\rainbowsixvegasfr\kellergame\localization\rus\03_fremont_02.rus
Status: Allocation size mismatch (API: 65536, Raw: 0)

Path: c:\metaboli\games\rainbowsixvegasfr\kellergame\localization\rus\03_fremont_03b.rus
Status: Allocation size mismatch (API: 65536, Raw: 0)

Path: c:\metaboli\games\rainbowsixvegasfr\kellergame\localization\rus\05_dantes_06.rus
Status: Allocation size mismatch (API: 65536, Raw: 0)

Path: c:\metaboli\games\rainbowsixvegasfr\kellergame\localization\rus\06_dam_02.rus
Status: Allocation size mismatch (API: 65536, Raw: 0)

Path: c:\metaboli\games\rainbowsixvegasfr\kellergame\localization\rus\06_dam_04.rus
Status: Allocation size mismatch (API: 65536, Raw: 0)

Path: c:\metaboli\games\rainbowsixvegasfr\kellergame\localization\rus\06_dam_08.rus
Status: Allocation size mismatch (API: 65536, Raw: 0)

Path: c:\metaboli\games\rainbowsixvegasfr\kellergame\localization\rus\99_helirides_01in.rus
Status: Allocation size mismatch (API: 65536, Raw: 0)

Path: c:\metaboli\games\rainbowsixvegasfr\kellergame\localization\rus\99_helirides_02innear.rus
Status: Allocation size mismatch (API: 65536, Raw: 0)

Path: c:\metaboli\games\rainbowsixvegasfr\kellergame\localization\rus\99_helirides_04innear.rus
Status: Allocation size mismatch (API: 65536, Raw: 0)

Path: c:\metaboli\games\rainbowsixvegasfr\kellergame\localization\rus\99_helirides_05innear.rus
Status: Allocation size mismatch (API: 65536, Raw: 0)

Path: c:\metaboli\games\rainbowsixvegasfr\kellergame\localization\rus\99_helirides_06in.rus
Status: Allocation size mismatch (API: 65536, Raw: 0)

Path: c:\metaboli\games\rainbowsixvegasfr\kellergame\localization\rus\loading.rus
Status: Allocation size mismatch (API: 65536, Raw: 0)

Path: c:\metaboli\games\rainbowsixvegasfr\kellergame\localization\rus\mp_casino_01.rus
Status: Allocation size mismatch (API: 65536, Raw: 0)

Path: c:\metaboli\games\rainbowsixvegasfr\kellergame\localization\rus\mp_casino_02.rus
Status: Allocation size mismatch (API: 65536, Raw: 0)

Path: c:\metaboli\games\rainbowsixvegasfr\kellergame\localization\rus\mp_dantes_01.rus
Status: Allocation size mismatch (API: 65536, Raw: 0)

Path: c:\metaboli\games\rainbowsixvegasfr\kellergame\localization\rus\mp_hoover_01.rus
Status: Allocation size mismatch (API: 65536, Raw: 0)

Path: c:\metaboli\games\rainbowsixvegasfr\kellergame\localization\rus\mp_lvu_01.rus
Status: Allocation size mismatch (API: 65536, Raw: 0)

Path: c:\metaboli\games\rainbowsixvegasfr\kellergame\localization\rus\mp_lvu_02.rus
Status: Allocation size mismatch (API: 65536, Raw: 0)

Path: c:\metaboli\games\rainbowsixvegasfr\kellergame\localization\rus\mp_mexico_01.rus
Status: Allocation size mismatch (API: 65536, Raw: 0)

Path: c:\metaboli\games\rainbowsixvegasfr\kellergame\localization\rus\mp_tower_01.rus
Status: Allocation size mismatch (API: 65536, Raw: 0)

Path: c:\metaboli\games\rainbowsixvegasfr\kellergame\localization\rus\r6credits.rus
Status: Allocation size mismatch (API: 65536, Raw: 0)

Path: c:\metaboli\games\rainbowsixvegasfr\kellergame\localization\rus\r6game.rus
Status: Allocation size mismatch (API: 65536, Raw: 0)

Path: c:\metaboli\games\rainbowsixvegasfr\kellergame\localization\rus\r6hud.rus
Status: Allocation size mismatch (API: 65536, Raw: 0)

Path: c:\metaboli\games\rainbowsixvegasfr\kellergame\localization\rus\r6menus.rus
Status: Allocation size mismatch (API: 131072, Raw: 0)

Path: c:\metaboli\games\rainbowsixvegasfr\kellergame\localization\rus\r6objective.rus
Status: Allocation size mismatch (API: 65536, Raw: 0)

Path: c:\metaboli\games\rainbowsixvegasfr\kellergame\localization\rus\r6tutorial.rus
Status: Allocation size mismatch (API: 65536, Raw: 0)

Path: c:\metaboli\games\rainbowsixvegasfr\kellergame\localization\rus\r6tutorial360.rus
Status: Allocation size mismatch (API: 65536, Raw: 0)

Path: c:\metaboli\games\destinationtreasureislandfr\datas\cmn\cmn\ins\install.ins
Status: Allocation size mismatch (API: 131072, Raw: 0)

Path: c:\metaboli\games\destinationtreasureislandfr\datas\cmn\hig\vid\kheops.ksv
Status: Allocation size mismatch (API: 1310720, Raw: 0)

Path: c:\metaboli\games\destinationtreasureislandfr\datas\cmn\hig\vid\nobilis.ksv
Status: Allocation size mismatch (API: 4390912, Raw: 4128768)

Path: c:\metaboli\games\destinationtreasureislandfr\datas\loc\fr\hig\vid\cine_02.ksv
Status: Allocation size mismatch (API: 22413312, Raw: 22151168)

Path: c:\metaboli\games\destinationtreasureislandfr\datas\loc\fr\hig\vid\cine_03.ksv
Status: Allocation size mismatch (API: 22609920, Raw: 21954560)

Path: c:\metaboli\games\destinationtreasureislandfr\datas\loc\fr\hig\vid\cine_06.ksv
Status: Allocation size mismatch (API: 5111808, Raw: 4915200)

Path: c:\users\....\appdata\roaming\mozilla\firefox\profiles\m5ls289h.default\cookies.sqlite-journal
Status: Allocation size mismatch (API: 65536, Raw: 0)

Path: C:\Users\....\AppData\Roaming\Mozilla\Firefox\Profiles\m5ls289h.default\sessionstore.js
Status: Could not get file information (Error 0xc0000008)

Path: C:\Users\....\AppData\Local\Mozilla\Firefox\Profiles\m5ls289h.default\Cache\122E9038d01
Status: Visible to the Windows API, but not on disk.

Path: C:\Users\....\AppData\Local\Mozilla\Firefox\Profiles\m5ls289h.default\Cache\1A8ACFA4d01
Status: Visible to the Windows API, but not on disk.

Path: C:\Users\....\AppData\Local\Mozilla\Firefox\Profiles\m5ls289h.default\Cache\39F2E786d01
Status: Visible to the Windows API, but not on disk.

Path: C:\Users\....\AppData\Local\Mozilla\Firefox\Profiles\m5ls289h.default\Cache\401DF3CBd01
Status: Visible to the Windows API, but not on disk.

Path: C:\Users\....\AppData\Local\Mozilla\Firefox\Profiles\m5ls289h.default\Cache\476FD923d01
Status: Visible to the Windows API, but not on disk.

Path: C:\Users\....\AppData\Local\Mozilla\Firefox\Profiles\m5ls289h.default\Cache\497BD4E5d01
Status: Visible to the Windows API, but not on disk.

Path: C:\Users\....\AppData\Local\Mozilla\Firefox\Profiles\m5ls289h.default\Cache\775099CFd01
Status: Visible to the Windows API, but not on disk.

Path: C:\Users\....\AppData\Local\Mozilla\Firefox\Profiles\m5ls289h.default\Cache\79B303B5d01
Status: Visible to the Windows API, but not on disk.

Path: C:\Users\....\AppData\Local\Mozilla\Firefox\Profiles\m5ls289h.default\Cache\7E12F7E9d01
Status: Visible to the Windows API, but not on disk.

Path: C:\Users\....\AppData\Local\Mozilla\Firefox\Profiles\m5ls289h.default\Cache\8020A5B3d01
Status: Visible to the Windows API, but not on disk.

Path: C:\Users\....\AppData\Local\Mozilla\Firefox\Profiles\m5ls289h.default\Cache\80444304d01
Status: Visible to the Windows API, but not on disk.

Path: C:\Users\....\AppData\Local\Mozilla\Firefox\Profiles\m5ls289h.default\Cache\8EBEE286d01
Status: Visible to the Windows API, but not on disk.

Path: C:\Users\....\AppData\Local\Mozilla\Firefox\Profiles\m5ls289h.default\Cache\9BCE8F62d01
Status: Visible to the Windows API, but not on disk.

Path: C:\Users\....\AppData\Local\Mozilla\Firefox\Profiles\m5ls289h.default\Cache\A23B9069d01
Status: Visible to the Windows API, but not on disk.

Path: C:\Users\....\AppData\Local\Mozilla\Firefox\Profiles\m5ls289h.default\Cache\A23B9165d01
Status: Visible to the Windows API, but not on disk.

Path: C:\Users\....\AppData\Local\Mozilla\Firefox\Profiles\m5ls289h.default\Cache\C1C02407d01
Status: Visible to the Windows API, but not on disk.

Path: C:\Users\....\AppData\Local\Mozilla\Firefox\Profiles\m5ls289h.default\Cache\EEFA1325d01
Status: Visible to the Windows API, but not on disk.

Path: C:\Users\....\AppData\Local\Mozilla\Firefox\Profiles\m5ls289h.default\Cache\F0ED4E20d01
Status: Visible to the Windows API, but not on disk.

- Télécharge Dr.Web LiveCD ici http://www.01net.com/telecharger/wi[...]ches/49834.html

- C'est un fichier .iso il te permettra de graver un CD

- Redémarre ton PC avec le CD de Dr Web
- Fais un scan te ton système avec

- Si des fichiers système sont patchés clique sur Désinfecter les autres détruis les

Bonjour. J'ai veillé la nuit pour faire ce que tu m'as dit , car oui , sa viens de se terminer. J'ai d'abors lancé le cd au redémarrage , et j'ai choisi scan , sa a scané mais sa s'est fermé tout seul à la fin. J'ai relancé un scan qui a fait le même résultat. 1h chaque scan. J'ai donc essayé de redémarrer et là , je vois plusieurs options dont un scan , comme j'ai pas eu les options dont tu m'as parlé j'ai décidé de lancer se dernier , et il a duré 6 heures. J'ai laché du regard un tit moment en laissant le pc à coté de moi et en regardant la tv , et d'un coup , le pc s'est mis à redémarrer tout seul. A t'il trop chauffé ? ( car il a chauffé ) A t'il terminé le scan ? En tout cas , là encore , j'ai pas eu d'option affiché. Petit détail important , sur les premiers scan , sa m'affichait 4 ou 5 fichiers suspecté d'etre contaminé. Sur le dernier scan , on avait l'impression que c'était fait sous dos , donc rien , sauf des milliers de fichier qui défilent ( j'ai un mal de crane à force de les regarder ). Voilà pour les nouvelles et je t'avoue que je reste encore septique vu que je n'ai pu faire aucune action à part lancer le scan.
Ps : parmis les fichiers peut etre corrompu , il y a eu le logiciel combofix renommé sos.
En redémarrant je l'ai tout de suite supprimé.

Edité par Badis le 14/10/2010 à 08:17

Bonjour

- Il aurait du y avoir une option réparer arrête ce scan et fais celui-ci

Télécharge CureIt Dr.Web (launch.exe)
ftp://ftp.drweb.com/pub/drweb/cureit/launch.exe
http://www.pcastuces.com/logitheque/cureit.htm

Il ne nécessite pas d'installation.

Tu le lances.

Il va te demander de faire un san en mode protection renforcée

Accepte et suis les instructions données par l'outil

A la fin du scan, clique sur Désinfecter les fichiers qui ne pourront pas l'être seront mis en quarantaine

Poste ensuite son rapport

=============================================================================
Dr.Web Scanner pour Windows v6.00.05 (6.00.05.08310)
© Doctor Web, Ltd., 1992-2010
Journal généré le : 2010-10-14, 08:30:34 [PC][Badis]
Ligne de commande : "C:\Users\\AppData\Local\temp\3ED6C7D6-58B77B00-AF58EF75-1FC01697\473db_xp.exe" /lng:fr-scan /ini:setup_xp.ini /fast
Système d'exploitation: Windows Vista Premium x86 (Build 6002), Service Pack 2
=============================================================================
DwShield a été démarré
Version du moteur: 5.00 (5.00.2.03300)
Version du Core API: 2.02
[Base virale] C:\Users\\AppData\Local\temp\3ED6C7D6-58B77B00-AF58EF75-1FC01697\57155d5b - 423 définitions virales
[Base virale] C:\Users\\AppData\Local\temp\3ED6C7D6-58B77B00-AF58EF75-1FC01697\1353c423 - 3411 définitions virales
[Base virale] C:\Users\\AppData\Local\temp\3ED6C7D6-58B77B00-AF58EF75-1FC01697\d6f8182a - 11234 définitions virales
[Base virale] C:\Users\\AppData\Local\temp\3ED6C7D6-58B77B00-AF58EF75-1FC01697\70440076 - 10356 définitions virales
[Base virale] C:\Users\\AppData\Local\temp\3ED6C7D6-58B77B00-AF58EF75-1FC01697\569275bd - 11383 définitions virales
[Base virale] C:\Users\\AppData\Local\temp\3ED6C7D6-58B77B00-AF58EF75-1FC01697\707dbc59 - 8957 définitions virales
[Base virale] C:\Users\\AppData\Local\temp\3ED6C7D6-58B77B00-AF58EF75-1FC01697\f7b815ac - 11015 définitions virales
[Base virale] C:\Users\\AppData\Local\temp\3ED6C7D6-58B77B00-AF58EF75-1FC01697\3cc23484 - 11168 définitions virales
[Base virale] C:\Users\\AppData\Local\temp\3ED6C7D6-58B77B00-AF58EF75-1FC01697\125abc25 - 7798 définitions virales
[Base virale] C:\Users\\AppData\Local\temp\3ED6C7D6-58B77B00-AF58EF75-1FC01697\bd8dbc9f - 7873 définitions virales
[Base virale] C:\Users\\AppData\Local\temp\3ED6C7D6-58B77B00-AF58EF75-1FC01697\c1983f8a - 6904 définitions virales
[Base virale] C:\Users\\AppData\Local\temp\3ED6C7D6-58B77B00-AF58EF75-1FC01697\c532c9c9 - 6503 définitions virales
[Base virale] C:\Users\\AppData\Local\temp\3ED6C7D6-58B77B00-AF58EF75-1FC01697\cf710c56 - 9823 définitions virales
[Base virale] C:\Users\\AppData\Local\temp\3ED6C7D6-58B77B00-AF58EF75-1FC01697\6fc8caa3 - 7572 définitions virales
[Base virale] C:\Users\\AppData\Local\temp\3ED6C7D6-58B77B00-AF58EF75-1FC01697\0971dc6a - 6996 définitions virales
[Base virale] C:\Users\\AppData\Local\temp\3ED6C7D6-58B77B00-AF58EF75-1FC01697\c6ebc03a - 16360 définitions virales
[Base virale] C:\Users\\AppData\Local\temp\3ED6C7D6-58B77B00-AF58EF75-1FC01697\911f5bc5 - 29168 définitions virales
[Base virale] C:\Users\\AppData\Local\temp\3ED6C7D6-58B77B00-AF58EF75-1FC01697\1b87c7d6 - 34202 définitions virales
[Base virale] C:\Users\\AppData\Local\temp\3ED6C7D6-58B77B00-AF58EF75-1FC01697\dcec769e - 28292 définitions virales
[Base virale] C:\Users\\AppData\Local\temp\3ED6C7D6-58B77B00-AF58EF75-1FC01697\1f765ee4 - 27164 définitions virales
[Base virale] C:\Users\\AppData\Local\temp\3ED6C7D6-58B77B00-AF58EF75-1FC01697\b6802850 - 25131 définitions virales
[Base virale] C:\Users\\AppData\Local\temp\3ED6C7D6-58B77B00-AF58EF75-1FC01697\d59a9567 - 31464 définitions virales
[Base virale] C:\Users\\AppData\Local\temp\3ED6C7D6-58B77B00-AF58EF75-1FC01697\bae2fc91 - 18281 définitions virales
[Base virale] C:\Users\\AppData\Local\temp\3ED6C7D6-58B77B00-AF58EF75-1FC01697\b215c322 - 18009 définitions virales
[Base virale] C:\Users\\AppData\Local\temp\3ED6C7D6-58B77B00-AF58EF75-1FC01697\5caf497f - 24685 définitions virales
[Base virale] C:\Users\\AppData\Local\temp\3ED6C7D6-58B77B00-AF58EF75-1FC01697\a6629613 - 13651 définitions virales
[Base virale] C:\Users\\AppData\Local\temp\3ED6C7D6-58B77B00-AF58EF75-1FC01697\c87d5f27 - 16025 définitions virales
[Base virale] C:\Users\\AppData\Local\temp\3ED6C7D6-58B77B00-AF58EF75-1FC01697\95f6fb0c - 15644 définitions virales
[Base virale] C:\Users\\AppData\Local\temp\3ED6C7D6-58B77B00-AF58EF75-1FC01697\e4aae8e8 - 23265 définitions virales
[Base virale] C:\Users\\AppData\Local\temp\3ED6C7D6-58B77B00-AF58EF75-1FC01697\5b246d50 - 23135 définitions virales
[Base virale] C:\Users\\AppData\Local\temp\3ED6C7D6-58B77B00-AF58EF75-1FC01697\c9c12519 - 20510 définitions virales
[Base virale] C:\Users\\AppData\Local\temp\3ED6C7D6-58B77B00-AF58EF75-1FC01697\28c54313 - 25475 définitions virales
[Base virale] C:\Users\\AppData\Local\temp\3ED6C7D6-58B77B00-AF58EF75-1FC01697\ca7a699b - 16298 définitions virales
[Base virale] C:\Users\\AppData\Local\temp\3ED6C7D6-58B77B00-AF58EF75-1FC01697\947625f0 - 19357 définitions virales
[Base virale] C:\Users\\AppData\Local\temp\3ED6C7D6-58B77B00-AF58EF75-1FC01697\15dad874 - 18381 définitions virales
[Base virale] C:\Users\\AppData\Local\temp\3ED6C7D6-58B77B00-AF58EF75-1FC01697\85682aec - 19562 définitions virales
[Base virale] C:\Users\\AppData\Local\temp\3ED6C7D6-58B77B00-AF58EF75-1FC01697\0bf18240 - 27102 définitions virales
[Base virale] C:\Users\\AppData\Local\temp\3ED6C7D6-58B77B00-AF58EF75-1FC01697\90860ed1 - 21223 définitions virales
[Base virale] C:\Users\\AppData\Local\temp\3ED6C7D6-58B77B00-AF58EF75-1FC01697\5b243a0a - 24847 définitions virales
[Base virale] C:\Users\\AppData\Local\temp\3ED6C7D6-58B77B00-AF58EF75-1FC01697\1da89f79 - 23251 définitions virales
[Base virale] C:\Users\\AppData\Local\temp\3ED6C7D6-58B77B00-AF58EF75-1FC01697\bb692d81 - 14982 définitions virales
[Base virale] C:\Users\\AppData\Local\temp\3ED6C7D6-58B77B00-AF58EF75-1FC01697\41c197ab - 16817 définitions virales
[Base virale] C:\Users\\AppData\Local\temp\3ED6C7D6-58B77B00-AF58EF75-1FC01697\bb30302c - 18725 définitions virales
[Base virale] C:\Users\\AppData\Local\temp\3ED6C7D6-58B77B00-AF58EF75-1FC01697\dde226bf - 18429 définitions virales
[Base virale] C:\Users\\AppData\Local\temp\3ED6C7D6-58B77B00-AF58EF75-1FC01697\bbc3f823 - 6225 définitions virales
[Base virale] C:\Users\\AppData\Local\temp\3ED6C7D6-58B77B00-AF58EF75-1FC01697\f55a6525 - 142240 définitions virales
[Base virale] C:\Users\\AppData\Local\temp\3ED6C7D6-58B77B00-AF58EF75-1FC01697\a79b0f49 - 66726 définitions virales
[Base virale] C:\Users\\AppData\Local\temp\3ED6C7D6-58B77B00-AF58EF75-1FC01697\20172ffd - 24512 définitions virales
[Base virale] C:\Users\\AppData\Local\temp\3ED6C7D6-58B77B00-AF58EF75-1FC01697\b09438f1 - 82762 définitions virales
[Base virale] C:\Users\\AppData\Local\temp\3ED6C7D6-58B77B00-AF58EF75-1FC01697\bdb15c69 - 508543 définitions virales
[Base virale] C:\Users\\AppData\Local\temp\3ED6C7D6-58B77B00-AF58EF75-1FC01697\71ac6f62 - 1338 définitions virales
[Base virale] C:\Users\\AppData\Local\temp\3ED6C7D6-58B77B00-AF58EF75-1FC01697\8e5ec96d - 1959 définitions virales
[Base virale] C:\Users\\AppData\Local\temp\3ED6C7D6-58B77B00-AF58EF75-1FC01697\e343bd53 - 2033 définitions virales
[Base virale] C:\Users\\AppData\Local\temp\3ED6C7D6-58B77B00-AF58EF75-1FC01697\585bbe8c - 1812 définitions virales
[Base virale] C:\Users\\AppData\Local\temp\3ED6C7D6-58B77B00-AF58EF75-1FC01697\99523327 - 1738 définitions virales
[Base virale] C:\Users\\AppData\Local\temp\3ED6C7D6-58B77B00-AF58EF75-1FC01697\199695c3 - 1885 définitions virales
[Base virale] C:\Users\\AppData\Local\temp\3ED6C7D6-58B77B00-AF58EF75-1FC01697\19879293 - 2091 définitions virales
[Base virale] C:\Users\\AppData\Local\temp\3ED6C7D6-58B77B00-AF58EF75-1FC01697\f8595b4e - 1569 définitions virales
[Base virale] C:\Users\\AppData\Local\temp\3ED6C7D6-58B77B00-AF58EF75-1FC01697\c9dd96e5 - 1834 définitions virales
[Base virale] C:\Users\\AppData\Local\temp\3ED6C7D6-58B77B00-AF58EF75-1FC01697\97799e95 - 1654 définitions virales
[Base virale] C:\Users\\AppData\Local\temp\3ED6C7D6-58B77B00-AF58EF75-1FC01697\778c5453 - 1614 définitions virales
[Base virale] C:\Users\\AppData\Local\temp\3ED6C7D6-58B77B00-AF58EF75-1FC01697\acf5550a - 2297 définitions virales
[Base virale] C:\Users\\AppData\Local\temp\3ED6C7D6-58B77B00-AF58EF75-1FC01697\1da0c829 - 2110 définitions virales
[Base virale] C:\Users\\AppData\Local\temp\3ED6C7D6-58B77B00-AF58EF75-1FC01697\c17befb9 - 2007 définitions virales
[Base virale] C:\Users\\AppData\Local\temp\3ED6C7D6-58B77B00-AF58EF75-1FC01697\8a7d8fce - 2370 définitions virales
[Base virale] C:\Users\\AppData\Local\temp\3ED6C7D6-58B77B00-AF58EF75-1FC01697\1e724d5a - 2241 définitions virales
[Base virale] C:\Users\\AppData\Local\temp\3ED6C7D6-58B77B00-AF58EF75-1FC01697\39214ee9 - 2596 définitions virales
[Base virale] C:\Users\\AppData\Local\temp\3ED6C7D6-58B77B00-AF58EF75-1FC01697\7d66157f - 2024 définitions virales
[Base virale] C:\Users\\AppData\Local\temp\3ED6C7D6-58B77B00-AF58EF75-1FC01697\fc5670d2 - 1609 définitions virales
[Base virale] C:\Users\\AppData\Local\temp\3ED6C7D6-58B77B00-AF58EF75-1FC01697\c268dbd8 - 1471 définitions virales
[Base virale] C:\Users\\AppData\Local\temp\3ED6C7D6-58B77B00-AF58EF75-1FC01697\b505dc1b - 1445 définitions virales
[Base virale] C:\Users\\AppData\Local\temp\3ED6C7D6-58B77B00-AF58EF75-1FC01697\7c121fbd - 1895 définitions virales
[Base virale] C:\Users\\AppData\Local\temp\3ED6C7D6-58B77B00-AF58EF75-1FC01697\85ebe55f - 2312 définitions virales
[Base virale] C:\Users\\AppData\Local\temp\3ED6C7D6-58B77B00-AF58EF75-1FC01697\d1528fbd - 3006 définitions virales
[Base virale] C:\Users\\AppData\Local\temp\3ED6C7D6-58B77B00-AF58EF75-1FC01697\eadf8f16 - 2146 définitions virales
[Base virale] C:\Users\\AppData\Local\temp\3ED6C7D6-58B77B00-AF58EF75-1FC01697\7008387f - 1714 définitions virales
[Base virale] C:\Users\\AppData\Local\temp\3ED6C7D6-58B77B00-AF58EF75-1FC01697\cb20ea77 - 2095 définitions virales
[Base virale] C:\Users\\AppData\Local\temp\3ED6C7D6-58B77B00-AF58EF75-1FC01697\2bc0a567 - 2715 définitions virales
[Base virale] C:\Users\\AppData\Local\temp\3ED6C7D6-58B77B00-AF58EF75-1FC01697\d15b7b2d - 2545 définitions virales
[Base virale] C:\Users\\AppData\Local\temp\3ED6C7D6-58B77B00-AF58EF75-1FC01697\44b02428 - 2801 définitions virales
[Base virale] C:\Users\\AppData\Local\temp\3ED6C7D6-58B77B00-AF58EF75-1FC01697\5e191851 - 6197 définitions virales
[Base virale] C:\Users\\AppData\Local\temp\3ED6C7D6-58B77B00-AF58EF75-1FC01697\9665825e - 28348 définitions virales
Total des virus enregistrés : 1677330
[Autovérification] C:\Users\\AppData\Local\temp\3ED6C7D6-58B77B00-AF58EF75-1FC01697\473db_xp.exe
Fichier clé de licence: C:\Users\s\AppData\Local\temp\3ED6C7D6-58B77B00-AF58EF75-1FC01697\setup.key
Numéro de la clé de licence: 0012913379
Enregistré au nom de: An unauthorized User
Activation de la clé de licence: 2010-09-17
Expiration de la clé de licence: 2011-03-20
=============================================================================
Dr.Web Scanner pour Windows v6.00.05 (6.00.05.08310)
© Doctor Web, Ltd., 1992-2010
Journal généré le : 2010-10-14, 08:34:13 [PC][Badis]
Ligne de commande : "C:\Users\\AppData\Local\temp\D298F640-3237870C-7C614ED0-2337ED04\473db_xp.exe" /lng:fr-scan /ini:setup_xp.ini /fast
Système d'exploitation: Windows Vista Premium x86 (Build 6002), Service Pack 2
=============================================================================
DwShield a été démarré
Version du moteur: 5.00 (5.00.2.03300)
Version du Core API: 2.02
[Base virale] C:\Users\\AppData\Local\temp\D298F640-3237870C-7C614ED0-2337ED04\57155d5b - 423 définitions virales
[Base virale] C:\Users\\AppData\Local\temp\D298F640-3237870C-7C614ED0-2337ED04\1353c423 - 3411 définitions virales
[Base virale] C:\Users\\AppData\Local\temp\D298F640-3237870C-7C614ED0-2337ED04\d6f8182a - 11234 définitions virales
[Base virale] C:\Users\\AppData\Local\temp\D298F640-3237870C-7C614ED0-2337ED04\70440076 - 10356 définitions virales
[Base virale] C:\Users\\AppData\Local\temp\D298F640-3237870C-7C614ED0-2337ED04\569275bd - 11383 définitions virales
[Base virale] C:\Users\\AppData\Local\temp\D298F640-3237870C-7C614ED0-2337ED04\707dbc59 - 8957 définitions virales
[Base virale] C:\Users\\AppData\Local\temp\D298F640-3237870C-7C614ED0-2337ED04\f7b815ac - 11015 définitions virales
[Base virale] C:\Users\\AppData\Local\temp\D298F640-3237870C-7C614ED0-2337ED04\3cc23484 - 11168 définitions virales
[Base virale] C:\Users\\AppData\Local\temp\D298F640-3237870C-7C614ED0-2337ED04\125abc25 - 7798 définitions virales
[Base virale] C:\Users\\AppData\Local\temp\D298F640-3237870C-7C614ED0-2337ED04\bd8dbc9f - 7873 définitions virales
[Base virale] C:\Users\\AppData\Local\temp\D298F640-3237870C-7C614ED0-2337ED04\c1983f8a - 6904 définitions virales
[Base virale] C:\Users\\AppData\Local\temp\D298F640-3237870C-7C614ED0-2337ED04\c532c9c9 - 6503 définitions virales
[Base virale] C:\Users\\AppData\Local\temp\D298F640-3237870C-7C614ED0-2337ED04\cf710c56 - 9823 définitions virales
[Base virale] C:\Users\\AppData\Local\temp\D298F640-3237870C-7C614ED0-2337ED04\6fc8caa3 - 7572 définitions virales
[Base virale] C:\Users\\AppData\Local\temp\D298F640-3237870C-7C614ED0-2337ED04\0971dc6a - 6996 définitions virales
[Base virale] C:\Users\\AppData\Local\temp\D298F640-3237870C-7C614ED0-2337ED04\c6ebc03a - 16360 définitions virales
[Base virale] C:\Users\\AppData\Local\temp\D298F640-3237870C-7C614ED0-2337ED04\911f5bc5 - 29168 définitions virales
[Base virale] C:\Users\\AppData\Local\temp\D298F640-3237870C-7C614ED0-2337ED04\1b87c7d6 - 34202 définitions virales
[Base virale] C:\Users\\AppData\Local\temp\D298F640-3237870C-7C614ED0-2337ED04\dcec769e - 28292 définitions virales
[Base virale] C:\Users\\AppData\Local\temp\D298F640-3237870C-7C614ED0-2337ED04\1f765ee4 - 27164 définitions virales
[Base virale] C:\Users\\AppData\Local\temp\D298F640-3237870C-7C614ED0-2337ED04\b6802850 - 25131 définitions virales
[Base virale] C:\Users\\AppData\Local\temp\D298F640-3237870C-7C614ED0-2337ED04\d59a9567 - 31464 définitions virales
[Base virale] C:\Users\\AppData\Local\temp\D298F640-3237870C-7C614ED0-2337ED04\bae2fc91 - 18281 définitions virales
[Base virale] C:\Users\\AppData\Local\temp\D298F640-3237870C-7C614ED0-2337ED04\b215c322 - 18009 définitions virales
[Base virale] C:\Users\\AppData\Local\temp\D298F640-3237870C-7C614ED0-2337ED04\5caf497f - 24685 définitions virales
[Base virale] C:\Users\\AppData\Local\temp\D298F640-3237870C-7C614ED0-2337ED04\a6629613 - 13651 définitions virales
[Base virale] C:\Users\\AppData\Local\temp\D298F640-3237870C-7C614ED0-2337ED04\c87d5f27 - 16025 définitions virales
[Base virale] C:\Users\\AppData\Local\temp\D298F640-3237870C-7C614ED0-2337ED04\95f6fb0c - 15644 définitions virales
[Base virale] C:\Users\\AppData\Local\temp\D298F640-3237870C-7C614ED0-2337ED04\e4aae8e8 - 23265 définitions virales
[Base virale] C:\Users\\AppData\Local\temp\D298F640-3237870C-7C614ED0-2337ED04\5b246d50 - 23135 définitions virales
[Base virale] C:\Users\\AppData\Local\temp\D298F640-3237870C-7C614ED0-2337ED04\c9c12519 - 20510 définitions virales
[Base virale] C:\Users\\AppData\Local\temp\D298F640-3237870C-7C614ED0-2337ED04\28c54313 - 25475 définitions virales
[Base virale] C:\Users\\AppData\Local\temp\D298F640-3237870C-7C614ED0-2337ED04\ca7a699b - 16298 définitions virales
[Base virale] C:\Users\\AppData\Local\temp\D298F640-3237870C-7C614ED0-2337ED04\947625f0 - 19357 définitions virales
[Base virale] C:\Users\\AppData\Local\temp\D298F640-3237870C-7C614ED0-2337ED04\15dad874 - 18381 définitions virales
[Base virale] C:\Users\\AppData\Local\temp\D298F640-3237870C-7C614ED0-2337ED04\85682aec - 19562 définitions virales
[Base virale] C:\Users\\AppData\Local\temp\D298F640-3237870C-7C614ED0-2337ED04\0bf18240 - 27102 définitions virales
[Base virale] C:\Users\\AppData\Local\temp\D298F640-3237870C-7C614ED0-2337ED04\90860ed1 - 21223 définitions virales
[Base virale] C:\Users\\AppData\Local\temp\D298F640-3237870C-7C614ED0-2337ED04\5b243a0a - 24847 définitions virales
[Base virale] C:\Users\\AppData\Local\temp\D298F640-3237870C-7C614ED0-2337ED04\1da89f79 - 23251 définitions virales
[Base virale] C:\Users\\AppData\Local\temp\D298F640-3237870C-7C614ED0-2337ED04\bb692d81 - 14982 définitions virales
[Base virale] C:\Users\\AppData\Local\temp\D298F640-3237870C-7C614ED0-2337ED04\41c197ab - 16817 définitions virales
[Base virale] C:\Users\\AppData\Local\temp\D298F640-3237870C-7C614ED0-2337ED04\bb30302c - 18725 définitions virales
[Base virale] C:\Users\\AppData\Local\temp\D298F640-3237870C-7C614ED0-2337ED04\dde226bf - 18429 définitions virales
[Base virale] C:\Users\\AppData\Local\temp\D298F640-3237870C-7C614ED0-2337ED04\bbc3f823 - 6225 définitions virales
[Base virale] C:\Users\\AppData\Local\temp\D298F640-3237870C-7C614ED0-2337ED04\f55a6525 - 142240 définitions virales
[Base virale] C:\Users\\AppData\Local\temp\D298F640-3237870C-7C614ED0-2337ED04\a79b0f49 - 66726 définitions virales
[Base virale] C:\Users\\AppData\Local\temp\D298F640-3237870C-7C614ED0-2337ED04\20172ffd - 24512 définitions virales
[Base virale] C:\Users\\AppData\Local\temp\D298F640-3237870C-7C614ED0-2337ED04\b09438f1 - 82762 définitions virales
[Base virale] C:\Users\\AppData\Local\temp\D298F640-3237870C-7C614ED0-2337ED04\bdb15c69 - 508543 définitions virales
[Base virale] C:\Users\\AppData\Local\temp\D298F640-3237870C-7C614ED0-2337ED04\71ac6f62 - 1338 définitions virales
[Base virale] C:\Users\\AppData\Local\temp\D298F640-3237870C-7C614ED0-2337ED04\8e5ec96d - 1959 définitions virales
[Base virale] C:\Users\\AppData\Local\temp\D298F640-3237870C-7C614ED0-2337ED04\e343bd53 - 2033 définitions virales
[Base virale] C:\Users\\AppData\Local\temp\D298F640-3237870C-7C614ED0-2337ED04\585bbe8c - 1812 définitions virales
[Base virale] C:\Users\\AppData\Local\temp\D298F640-3237870C-7C614ED0-2337ED04\99523327 - 1738 définitions virales
[Base virale] C:\Users\\AppData\Local\temp\D298F640-3237870C-7C614ED0-2337ED04\199695c3 - 1885 définitions virales
[Base virale] C:\Users\\AppData\Local\temp\D298F640-3237870C-7C614ED0-2337ED04\19879293 - 2091 définitions virales
[Base virale] C:\Users\\AppData\Local\temp\D298F640-3237870C-7C614ED0-2337ED04\f8595b4e - 1569 définitions virales
[Base virale] C:\Users\\AppData\Local\temp\D298F640-3237870C-7C614ED0-2337ED04\c9dd96e5 - 1834 définitions virales
[Base virale] C:\Users\\AppData\Local\temp\D298F640-3237870C-7C614ED0-2337ED04\97799e95 - 1654 définitions virales
[Base virale] C:\Users\\AppData\Local\temp\D298F640-3237870C-7C614ED0-2337ED04\778c5453 - 1614 définitions virales
[Base virale] C:\Users\\AppData\Local\temp\D298F640-3237870C-7C614ED0-2337ED04\acf5550a - 2297 définitions virales
[Base virale] C:\Users\\AppData\Local\temp\D298F640-3237870C-7C614ED0-2337ED04\1da0c829 - 2110 définitions virales
[Base virale] C:\Users\\AppData\Local\temp\D298F640-3237870C-7C614ED0-2337ED04\c17befb9 - 2007 définitions virales
[Base virale] C:\Users\\AppData\Local\temp\D298F640-3237870C-7C614ED0-2337ED04\8a7d8fce - 2370 définitions virales
[Base virale] C:\Users\\AppData\Local\temp\D298F640-3237870C-7C614ED0-2337ED04\1e724d5a - 2241 définitions virales
[Base virale] C:\Users\\AppData\Local\temp\D298F640-3237870C-7C614ED0-2337ED04\39214ee9 - 2596 définitions virales
[Base virale] C:\Users\\AppData\Local\temp\D298F640-3237870C-7C614ED0-2337ED04\7d66157f - 2024 définitions virales
[Base virale] C:\Users\\AppData\Local\temp\D298F640-3237870C-7C614ED0-2337ED04\fc5670d2 - 1609 définitions virales
[Base virale] C:\Users\\AppData\Local\temp\D298F640-3237870C-7C614ED0-2337ED04\c268dbd8 - 1471 définitions virales
[Base virale] C:\Users\\AppData\Local\temp\D298F640-3237870C-7C614ED0-2337ED04\b505dc1b - 1445 définitions virales
[Base virale] C:\Users\\AppData\Local\temp\D298F640-3237870C-7C614ED0-2337ED04\7c121fbd - 1895 définitions virales
[Base virale] C:\Users\\AppData\Local\temp\D298F640-3237870C-7C614ED0-2337ED04\85ebe55f - 2312 définitions virales
[Base virale] C:\Users\\AppData\Local\temp\D298F640-3237870C-7C614ED0-2337ED04\d1528fbd - 3006 définitions virales
[Base virale] C:\Users\\AppData\Local\temp\D298F640-3237870C-7C614ED0-2337ED04\eadf8f16 - 2146 définitions virales
[Base virale] C:\Users\\AppData\Local\temp\D298F640-3237870C-7C614ED0-2337ED04\7008387f - 1714 définitions virales
[Base virale] C:\Users\\AppData\Local\temp\D298F640-3237870C-7C614ED0-2337ED04\cb20ea77 - 2095 définitions virales
[Base virale] C:\Users\\AppData\Local\temp\D298F640-3237870C-7C614ED0-2337ED04\2bc0a567 - 2715 définitions virales
[Base virale] C:\Users\\AppData\Local\temp\D298F640-3237870C-7C614ED0-2337ED04\d15b7b2d - 2545 définitions virales
[Base virale] C:\Users\\AppData\Local\temp\D298F640-3237870C-7C614ED0-2337ED04\44b02428 - 2801 définitions virales
[Base virale] C:\Users\\AppData\Local\temp\D298F640-3237870C-7C614ED0-2337ED04\5e191851 - 6197 définitions virales
[Base virale] C:\Users\\AppData\Local\temp\D298F640-3237870C-7C614ED0-2337ED04\9665825e - 28348 définitions virales
Total des virus enregistrés : 1677330
[Autovérification] C:\Users\\AppData\Local\temp\D298F640-3237870C-7C614ED0-2337ED04\473db_xp.exe
Fichier clé de licence: C:\Users\\AppData\Local\temp\D298F640-3237870C-7C614ED0-2337ED04\setup.key
Numéro de la clé de licence: 0012913379
Enregistré au nom de: An unauthorized User
Activation de la clé de licence: 2010-09-17
Expiration de la clé de licence: 2011-03-20
=============================================================================
Dr.Web Scanner pour Windows v6.00.05 (6.00.05.08310)
© Doctor Web, Ltd., 1992-2010
Journal généré le : 2010-10-14, 08:37:10 [PC][Badis]
Ligne de commande : "C:\Users\\AppData\Local\temp\3F6DFD10-1473A380-372CD420-9EA14A60\473db_xp.exe" /lng:fr-scan /ini:setup_xp.ini /fast
Système d'exploitation: Windows Vista Premium x86 (Build 6002), Service Pack 2
=============================================================================
DwShield a été démarré
Version du moteur: 5.00 (5.00.2.03300)
Version du Core API: 2.02
[Base virale] C:\Users\\AppData\Local\temp\3F6DFD10-1473A380-372CD420-9EA14A60\57155d5b - 423 définitions virales
[Base virale] C:\Users\\AppData\Local\temp\3F6DFD10-1473A380-372CD420-9EA14A60\1353c423 - 3411 définitions virales
[Base virale] C:\Users\\AppData\Local\temp\3F6DFD10-1473A380-372CD420-9EA14A60\d6f8182a - 11234 définitions virales
[Base virale] C:\Users\\AppData\Local\temp\3F6DFD10-1473A380-372CD420-9EA14A60\70440076 - 10356 définitions virales
[Base virale] C:\Users\\AppData\Local\temp\3F6DFD10-1473A380-372CD420-9EA14A60\569275bd - 11383 définitions virales
[Base virale] C:\Users\\AppData\Local\temp\3F6DFD10-1473A380-372CD420-9EA14A60\707dbc59 - 8957 définitions virales
[Base virale] C:\Users\\AppData\Local\temp\3F6DFD10-1473A380-372CD420-9EA14A60\f7b815ac - 11015 définitions virales
[Base virale] C:\Users\\AppData\Local\temp\3F6DFD10-1473A380-372CD420-9EA14A60\3cc23484 - 11168 définitions virales
[Base virale] C:\Users\\AppData\Local\temp\3F6DFD10-1473A380-372CD420-9EA14A60\125abc25 - 7798 définitions virales
[Base virale] C:\Users\\AppData\Local\temp\3F6DFD10-1473A380-372CD420-9EA14A60\bd8dbc9f - 7873 définitions virales
[Base virale] C:\Users\\AppData\Local\temp\3F6DFD10-1473A380-372CD420-9EA14A60\c1983f8a - 6904 définitions virales
[Base virale] C:\Users\\AppData\Local\temp\3F6DFD10-1473A380-372CD420-9EA14A60\c532c9c9 - 6503 définitions virales
[Base virale] C:\Users\\AppData\Local\temp\3F6DFD10-1473A380-372CD420-9EA14A60\cf710c56 - 9823 définitions virales
[Base virale] C:\Users\\AppData\Local\temp\3F6DFD10-1473A380-372CD420-9EA14A60\6fc8caa3 - 7572 définitions virales
[Base virale] C:\Users\\AppData\Local\temp\3F6DFD10-1473A380-372CD420-9EA14A60\0971dc6a - 6996 définitions virales
[Base virale] C:\Users\\AppData\Local\temp\3F6DFD10-1473A380-372CD420-9EA14A60\c6ebc03a - 16360 définitions virales
[Base virale] C:\Users\\AppData\Local\temp\3F6DFD10-1473A380-372CD420-9EA14A60\911f5bc5 - 29168 définitions virales
[Base virale] C:\Users\\AppData\Local\temp\3F6DFD10-1473A380-372CD420-9EA14A60\1b87c7d6 - 34202 définitions virales
[Base virale] C:\Users\\AppData\Local\temp\3F6DFD10-1473A380-372CD420-9EA14A60\dcec769e - 28292 définitions virales
[Base virale] C:\Users\\AppData\Local\temp\3F6DFD10-1473A380-372CD420-9EA14A60\1f765ee4 - 27164 définitions virales
[Base virale] C:\Users\\AppData\Local\temp\3F6DFD10-1473A380-372CD420-9EA14A60\b6802850 - 25131 définitions virales
[Base virale] C:\Users\\AppData\Local\temp\3F6DFD10-1473A380-372CD420-9EA14A60\d59a9567 - 31464 définitions virales
[Base virale] C:\Users\\AppData\Local\temp\3F6DFD10-1473A380-372CD420-9EA14A60\bae2fc91 - 18281 définitions virales
[Base virale] C:\Users\\AppData\Local\temp\3F6DFD10-1473A380-372CD420-9EA14A60\b215c322 - 18009 définitions virales
[Base virale] C:\Users\\AppData\Local\temp\3F6DFD10-1473A380-372CD420-9EA14A60\5caf497f - 24685 définitions virales
[Base virale] C:\Users\\AppData\Local\temp\3F6DFD10-1473A380-372CD420-9EA14A60\a6629613 - 13651 définitions virales
[Base virale] C:\Users\\AppData\Local\temp\3F6DFD10-1473A380-372CD420-9EA14A60\c87d5f27 - 16025 définitions virales
[Base virale] C:\Users\\AppData\Local\temp\3F6DFD10-1473A380-372CD420-9EA14A60\95f6fb0c - 15644 définitions virales
[Base virale] C:\Users\\AppData\Local\temp\3F6DFD10-1473A380-372CD420-9EA14A60\e4aae8e8 - 23265 définitions virales
[Base virale] C:\Users\\AppData\Local\temp\3F6DFD10-1473A380-372CD420-9EA14A60\5b246d50 - 23135 définitions virales
[Base virale] C:\Users\\AppData\Local\temp\3F6DFD10-1473A380-372CD420-9EA14A60\c9c12519 - 20510 définitions virales
[Base virale] C:\Users\\AppData\Local\temp\3F6DFD10-1473A380-372CD420-9EA14A60\28c54313 - 25475 définitions virales
[Base virale] C:\Users\\AppData\Local\temp\3F6DFD10-1473A380-372CD420-9EA14A60\ca7a699b - 16298 définitions virales
[Base virale] C:\Users\\AppData\Local\temp\3F6DFD10-1473A380-372CD420-9EA14A60\947625f0 - 19357 définitions virales
[Base virale] C:\Users\\AppData\Local\temp\3F6DFD10-1473A380-372CD420-9EA14A60\15dad874 - 18381 définitions virales
[Base virale] C:\Users\\AppData\Local\temp\3F6DFD10-1473A380-372CD420-9EA14A60\85682aec - 19562 définitions virales
[Base virale] C:\Users\\AppData\Local\temp\3F6DFD10-1473A380-372CD420-9EA14A60\0bf18240 - 27102 définitions virales
[Base virale] C:\Users\\AppData\Local\temp\3F6DFD10-1473A380-372CD420-9EA14A60\90860ed1 - 21223 définitions virales
[Base virale] C:\Users\\AppData\Local\temp\3F6DFD10-1473A380-372CD420-9EA14A60\5b243a0a - 24847 définitions virales
[Base virale] C:\Users\\AppData\Local\temp\3F6DFD10-1473A380-372CD420-9EA14A60\1da89f79 - 23251 définitions virales
[Base virale] C:\Users\\AppData\Local\temp\3F6DFD10-1473A380-372CD420-9EA14A60\bb692d81 - 14982 définitions virales
[Base virale] C:\Users\\AppData\Local\temp\3F6DFD10-1473A380-372CD420-9EA14A60\41c197ab - 16817 définitions virales
[Base virale] C:\Users\\AppData\Local\temp\3F6DFD10-1473A380-372CD420-9EA14A60\bb30302c - 18725 définitions virales
[Base virale] C:\Users\\AppData\Local\temp\3F6DFD10-1473A380-372CD420-9EA14A60\dde226bf - 18429 définitions virales
[Base virale] C:\Users\\AppData\Local\temp\3F6DFD10-1473A380-372CD420-9EA14A60\bbc3f823 - 6225 définitions virales
[Base virale] C:\Users\\AppData\Local\temp\3F6DFD10-1473A380-372CD420-9EA14A60\f55a6525 - 142240 définitions virales
[Base virale] C:\Users\\AppData\Local\temp\3F6DFD10-1473A380-372CD420-9EA14A60\a79b0f49 - 66726 définitions virales
[Base virale] C:\Users\\AppData\Local\temp\3F6DFD10-1473A380-372CD420-9EA14A60\20172ffd - 24512 définitions virales
[Base virale] C:\Users\\AppData\Local\temp\3F6DFD10-1473A380-372CD420-9EA14A60\b09438f1 - 82762 définitions virales
[Base virale] C:\Users\\AppData\Local\temp\3F6DFD10-1473A380-372CD420-9EA14A60\bdb15c69 - 508543 définitions virales
[Base virale] C:\Users\\AppData\Local\temp\3F6DFD10-1473A380-372CD420-9EA14A60\71ac6f62 - 1338 définitions virales
[Base virale] C:\Users\\AppData\Local\temp\3F6DFD10-1473A380-372CD420-9EA14A60\8e5ec96d - 1959 définitions virales
[Base virale] C:\Users\\AppData\Local\temp\3F6DFD10-1473A380-372CD420-9EA14A60\e343bd53 - 2033 définitions virales
[Base virale] C:\Users\\AppData\Local\temp\3F6DFD10-1473A380-372CD420-9EA14A60\585bbe8c - 1812 définitions virales
[Base virale] C:\Users\\AppData\Local\temp\3F6DFD10-1473A380-372CD420-9EA14A60\99523327 - 1738 définitions virales
[Base virale] C:\Users\\AppData\Local\temp\3F6DFD10-1473A380-372CD420-9EA14A60\199695c3 - 1885 définitions virales
[Base virale] C:\Users\\AppData\Local\temp\3F6DFD10-1473A380-372CD420-9EA14A60\19879293 - 2091 définitions virales
[Base virale] C:\Users\\AppData\Local\temp\3F6DFD10-1473A380-372CD420-9EA14A60\f8595b4e - 1569 définitions virales
[Base virale] C:\Users\\AppData\Local\temp\3F6DFD10-1473A380-372CD420-9EA14A60\c9dd96e5 - 1834 définitions virales
[Base virale] C:\Users\\AppData\Local\temp\3F6DFD10-1473A380-372CD420-9EA14A60\97799e95 - 1654 définitions virales
[Base virale] C:\Users\\AppData\Local\temp\3F6DFD10-1473A380-372CD420-9EA14A60\778c5453 - 1614 définitions virales
[Base virale] C:\Users\\AppData\Local\temp\3F6DFD10-1473A380-372CD420-9EA14A60\acf5550a - 2297 définitions virales
[Base virale] C:\Users\\AppData\Local\temp\3F6DFD10-1473A380-372CD420-9EA14A60\1da0c829 - 2110 définitions virales
[Base virale] C:\Users\\AppData\Local\temp\3F6DFD10-1473A380-372CD420-9EA14A60\c17befb9 - 2007 définitions virales
[Base virale] C:\Users\\AppData\Local\temp\3F6DFD10-1473A380-372CD420-9EA14A60\8a7d8fce - 2370 définitions virales
[Base virale] C:\Users\\AppData\Local\temp\3F6DFD10-1473A380-372CD420-9EA14A60\1e724d5a - 2241 définitions virales
[Base virale] C:\Users\\AppData\Local\temp\3F6DFD10-1473A380-372CD420-9EA14A60\39214ee9 - 2596 définitions virales
[Base virale] C:\Users\\AppData\Local\temp\3F6DFD10-1473A380-372CD420-9EA14A60\7d66157f - 2024 définitions virales
[Base virale] C:\Users\\AppData\Local\temp\3F6DFD10-1473A380-372CD420-9EA14A60\fc5670d2 - 1609 définitions virales
[Base virale] C:\Users\\AppData\Local\temp\3F6DFD10-1473A380-372CD420-9EA14A60\c268dbd8 - 1471 définitions virales
[Base virale] C:\Users\\AppData\Local\temp\3F6DFD10-1473A380-372CD420-9EA14A60\b505dc1b - 1445 définitions virales
[Base virale] C:\Users\\AppData\Local\temp\3F6DFD10-1473A380-372CD420-9EA14A60\7c121fbd - 1895 définitions virales
[Base virale] C:\Users\\AppData\Local\temp\3F6DFD10-1473A380-372CD420-9EA14A60\85ebe55f - 2312 définitions virales
[Base virale] C:\Users\\AppData\Local\temp\3F6DFD10-1473A380-372CD420-9EA14A60\d1528fbd - 3006 définitions virales
[Base virale] C:\Users\\AppData\Local\temp\3F6DFD10-1473A380-372CD420-9EA14A60\eadf8f16 - 2146 définitions virales
[Base virale] C:\Users\\AppData\Local\temp\3F6DFD10-1473A380-372CD420-9EA14A60\7008387f - 1714 définitions virales
[Base virale] C:\Users\\AppData\Local\temp\3F6DFD10-1473A380-372CD420-9EA14A60\cb20ea77 - 2095 définitions virales
[Base virale] C:\Users\\AppData\Local\temp\3F6DFD10-1473A380-372CD420-9EA14A60\2bc0a567 - 2715 définitions virales
[Base virale] C:\Users\\AppData\Local\temp\3F6DFD10-1473A380-372CD420-9EA14A60\d15b7b2d - 2545 définitions virales
[Base virale] C:\Users\\AppData\Local\temp\3F6DFD10-1473A380-372CD420-9EA14A60\44b02428 - 2801 définitions virales
[Base virale] C:\Users\\AppData\Local\temp\3F6DFD10-1473A380-372CD420-9EA14A60\5e191851 - 6197 définitions virales
[Base virale] C:\Users\\AppData\Local\temp\3F6DFD10-1473A380-372CD420-9EA14A60\9665825e - 28348 définitions virales
Total des virus enregistrés : 1677330
[Autovérification] C:\Users\\AppData\Local\temp\3F6DFD10-1473A380-372CD420-9EA14A60\473db_xp.exe
Fichier clé de licence: C:\Users\\AppData\Local\temp\3F6DFD10-1473A380-372CD420-9EA14A60\setup.key
Numéro de la clé de licence: 0012913379
Enregistré au nom de: An unauthorized User
Activation de la clé de licence: 2010-09-17
Expiration de la clé de licence: 2011-03-20

On m'a tj pas proposé de désinfecté mes fichiers et une petite fenetre est apparu pour me dire de faire un scan plus profond mais une fois le scan rapide fini , il y a un carré vert et je peux rien faire à part le fermer. ( une sorte d'offre d'utiliser la version complete gratuit pendant 30 jours et quand je clique dessus , rien )

Exécute la procédure qui est dans ma précédente réponse

justement le problème est là , l'option désinfecté d'apparait pas