Ordi long a demarrer ou ne demarre pas
Dernière réponse : dans Sécurité
Bonjour à tous!!!
Alors moi je sollicite votre aide ces derniers temps, mon pc a du mal à démarrer: Soit il est très long a démarrer, soit il ne démarre pas et je dois de ce fait le redémarrer plusieurs fois afin d'arriver a mon bureau et pouvoir (enfin) l'utiliser
Je craint que tout cela soit du a un virus ou autre chose donc je vous demande si vous pourriez m'aider a résoudre ce problème
Merci d'avance à tous.
Alors moi je sollicite votre aide ces derniers temps, mon pc a du mal à démarrer: Soit il est très long a démarrer, soit il ne démarre pas et je dois de ce fait le redémarrer plusieurs fois afin d'arriver a mon bureau et pouvoir (enfin) l'utiliser
Je craint que tout cela soit du a un virus ou autre chose donc je vous demande si vous pourriez m'aider a résoudre ce problème
Merci d'avance à tous.
Autres pages sur : ordi long demarrer demarre
Lassé par la pub ? Créez un compte
Bonjour,
Télécharge puis installe Hijackthis (Trend Micro)
Poste ensuite un rapport dans ta prochaine réponse.
AIDE : Comment utiliser Hijackthis v2.0.2
Télécharge puis installe Hijackthis (Trend Micro)
Poste ensuite un rapport dans ta prochaine réponse.
AIDE : Comment utiliser Hijackthis v2.0.2
Merci pour ta réponse
TIen la rapport HiJackThis
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:21:16, on 16/04/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\PROGRA~1\FREEDO~1\fdm.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.www.daemon-search.com/default
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://recherche.neuf.fr/ie/default.html
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll
O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: TransBar.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\TransBar\TransBar.exe
O4 - Startup: UberIcon.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe
O8 - Extra context menu item: Tout télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlall.htm
O8 - Extra context menu item: Télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dllink.htm
O8 - Extra context menu item: Télécharger la sélection avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Télécharger la vidéo avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlfvideo.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: http://asia.msi.com.tw
O15 - Trusted Zone: http://global.msi.com.tw
O15 - Trusted Zone: http://www.msi.com.tw
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986....
O16 - DPF: {4C39376E-FA9D-4349-BACC-D305C1750EF3} (EPUImageControl Class) - http://tools.ebayimg.com/pm/activex/eBay_Enhanced_Pictu...
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownload/srl/2.0.0....
O16 - DPF: {8167C273-DF59-4416-B647-C8BB2C7EE83E} (WebSDev Control) - http://liveupdate.msi.com.tw/autobios/LOnline/install.c...
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} - http://fichiers.touslesdrivers.com/fichiers/hardwaredet...
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab569...
O16 - DPF: {F8C5C0F1-D884-43EB-A5A0-9E1C4A102FA8} (GoPetsWeb Control) - https://secure.gopetslive.com/dev/GoPetsWeb.cab
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: C-DillaCdaC11BA - C-Dilla Ltd - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
--
End of file - 8613 bytes
TIen la rapport HiJackThis
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:21:16, on 16/04/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\PROGRA~1\FREEDO~1\fdm.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.www.daemon-search.com/default
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://recherche.neuf.fr/ie/default.html
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll
O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: TransBar.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\TransBar\TransBar.exe
O4 - Startup: UberIcon.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe
O8 - Extra context menu item: Tout télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlall.htm
O8 - Extra context menu item: Télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dllink.htm
O8 - Extra context menu item: Télécharger la sélection avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Télécharger la vidéo avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlfvideo.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: http://asia.msi.com.tw
O15 - Trusted Zone: http://global.msi.com.tw
O15 - Trusted Zone: http://www.msi.com.tw
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986....
O16 - DPF: {4C39376E-FA9D-4349-BACC-D305C1750EF3} (EPUImageControl Class) - http://tools.ebayimg.com/pm/activex/eBay_Enhanced_Pictu...
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownload/srl/2.0.0....
O16 - DPF: {8167C273-DF59-4416-B647-C8BB2C7EE83E} (WebSDev Control) - http://liveupdate.msi.com.tw/autobios/LOnline/install.c...
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} - http://fichiers.touslesdrivers.com/fichiers/hardwaredet...
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab569...
O16 - DPF: {F8C5C0F1-D884-43EB-A5A0-9E1C4A102FA8} (GoPetsWeb Control) - https://secure.gopetslive.com/dev/GoPetsWeb.cab
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: C-DillaCdaC11BA - C-Dilla Ltd - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
--
End of file - 8613 bytes
Re,
Rien à signaler sur le log hijackthis.
Télécharge Deckard's System Scanner (DSS) (ou DSS) sur ton Bureau.
NB : Tu dois être connecté avec des droits d'Administrateur.
ferme toutes les applications et fenêtres
double-clique sur dss.exe pour le lancer et suis les instructions ci-dessous
Attention, il est conseillé de stopper temporairement les logiciels résidents de protection (pare-feu, antivirus, etc.)
s'il s'agit d'une première utilisation ou d'une nouvelle version de DSS :
tu devras cliquer 2 fois sur le OK des boîtes de dialogue
Attention, si tu tardes trop, la réponse Abandon sera automatiquement validée
quand le traitement est terminé (clique sur OK), deux fichiers texte s'affichent :
main.txt <- ouvert en premier plan et en plein écran
extra.txt <- ouvert en second plan et en fenêtré (regarde la barre des taches)
S'il s'agit d'une utilisation supplémentaire de DSS :
tu n'auras pas de boîte de dialogue (pas de OK)
quand le traitement est terminé, un fichier texte s'affiche :
main.txt <- ouvert en premier plan et en plein écran
copie (Ctrl+A puis Ctrl+C) et colle (Ctrl+V) le contenu de main.txt dans ton prochain post
copie de même le contenu de extra.txt dans ton prochain post, si tu as ce fichier (première utilisation)
n'oublie pas de réactiver les protections si elles ont été stoppées.
Ce que fait DSS :
crée un point de restauration dans Windows XP et Vista
nettoie les fichiers temporaires, DPF-Downloaded Program Files et le Cache Internet, vide la Corbeille de tous les lecteurs
vérifie quelques zones importantes de ton système et établit un rapport pour examen par ton conseiller en sécurité. DSS lance automatiquement HijackThis pour toi; il va aussi créer un raccourci HijackThis sur ton Bureau si tu n'as pas déjà HijackThis d'installé.
![;)]( ";)")
Rien à signaler sur le log hijackthis.
Télécharge Deckard's System Scanner (DSS) (ou DSS) sur ton Bureau.
NB : Tu dois être connecté avec des droits d'Administrateur.
Attention, il est conseillé de stopper temporairement les logiciels résidents de protection (pare-feu, antivirus, etc.)
Attention, si tu tardes trop, la réponse Abandon sera automatiquement validée
main.txt <- ouvert en premier plan et en plein écran
extra.txt <- ouvert en second plan et en fenêtré (regarde la barre des taches)
S'il s'agit d'une utilisation supplémentaire de DSS :
main.txt <- ouvert en premier plan et en plein écran
Ce que fait DSS :
alors voila
rapport de Main.txt
Deckard's System Scanner v20071014.68
Run by Anthony on 2008-04-16 12:39:29
Computer is in Normal Mode.
--------------------------------------------------------------------------------
-- System Restore --------------------------------------------------------------
Successfully created a Deckard's System Scanner Restore Point.
-- Last 5 Restore Point(s) --
139: 2008-04-16 10:39:38 UTC - RP207 - Deckard's System Scanner Restore Point
138: 2008-04-15 22:00:22 UTC - RP206 - Supprimé Ultimate Spider-Man (TM)
137: 2008-04-15 20:27:17 UTC - RP205 - Shockwave Player
136: 2008-04-15 20:26:38 UTC - RP204 - Shockwave Player
135: 2008-04-15 20:24:34 UTC - RP203 - Installed OpenOffice.org 2.4
-- First Restore Point --
1: 2008-01-17 16:51:52 UTC - RP69 - Point de vérification système
Backed up registry hives.
Performed disk cleanup.
-- HijackThis (run as Anthony.exe) ---------------------------------------------
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:40:15, on 16/04/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe
C:\PROGRA~1\FREEDO~1\fdm.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Downloads\Software\dss.exe
C:\PROGRA~1\TRENDM~1\HIJACK~1\Anthony.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.www.daemon-search.com/default
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://recherche.neuf.fr/ie/default.html
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll
O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: TransBar.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\TransBar\TransBar.exe
O4 - Startup: UberIcon.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe
O8 - Extra context menu item: Tout télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlall.htm
O8 - Extra context menu item: Télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dllink.htm
O8 - Extra context menu item: Télécharger la sélection avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Télécharger la vidéo avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlfvideo.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: http://asia.msi.com.tw
O15 - Trusted Zone: http://global.msi.com.tw
O15 - Trusted Zone: http://www.msi.com.tw
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986....
O16 - DPF: {4C39376E-FA9D-4349-BACC-D305C1750EF3} (EPUImageControl Class) - http://tools.ebayimg.com/pm/activex/eBay_Enhanced_Pictu...
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownload/srl/2.0.0....
O16 - DPF: {8167C273-DF59-4416-B647-C8BB2C7EE83E} (WebSDev Control) - http://liveupdate.msi.com.tw/autobios/LOnline/install.c...
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} - http://fichiers.touslesdrivers.com/fichiers/hardwaredet...
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab569...
O16 - DPF: {F8C5C0F1-D884-43EB-A5A0-9E1C4A102FA8} (GoPetsWeb Control) - https://secure.gopetslive.com/dev/GoPetsWeb.cab
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: C-DillaCdaC11BA - C-Dilla Ltd - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
--
End of file - 8461 bytes
-- File Associations -----------------------------------------------------------
All associations okay.
-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------
R0 BTHidMgr (Bluetooth HID Manager Service) - c:\windows\system32\drivers\bthidmgr.sys <Not Verified; IVT Corporation; BlueSoleil(c)>
R0 sfdrv01 (StarForce Protection Environment Driver (version 1.x)) - c:\windows\system32\drivers\sfdrv01.sys <Not Verified; Protection Technology; StarForce Protection System>
R0 sfhlp02 (StarForce Protection Helper Driver (version 2.x)) - c:\windows\system32\drivers\sfhlp02.sys <Not Verified; Protection Technology; StarForce Protection System>
R0 sfvfs02 (StarForce Protection VFS Driver (version 2.x)) - c:\windows\system32\drivers\sfvfs02.sys <Not Verified; Protection Technology; StarForce Protection System>
R2 CdaC15BA - c:\windows\system32\drivers\cdac15ba.sys
R3 ovt519 (Eye Toy) - c:\windows\system32\drivers\ov519vid.sys <Not Verified; OmniVision Technologies, Inc.; Dual Mode USB Camera 519>
S3 BlueletAudio (Bluetooth Audio Service) - c:\windows\system32\drivers\blueletaudio.sys <Not Verified; IVT Corporation; Windows (R) 2000 DDK driver>
S3 BT (Bluetooth PAN Network Adapter) - c:\windows\system32\drivers\btnetdrv.sys <Not Verified; IVT Corporation; BlueSoleil>
S3 BTHidEnum (Bluetooth HID Enumerator) - c:\windows\system32\drivers\vbtenum.sys
S3 giveio - c:\windows\system32\giveio.sys
S3 GMSIPCI - e:\install\gmsipci.sys (file missing)
S3 VComm (Virtual Serial port driver) - c:\windows\system32\drivers\vcomm.sys <Not Verified; IVT Corporation; BlueSoleil>
S3 VcommMgr (Bluetooth VComm Manager Service) - c:\windows\system32\drivers\vcommmgr.sys <Not Verified; IVT Corporation; BlueSoleil>
-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------
R2 AntiVirScheduler (AntiVir PersonalEdition Classic Scheduler) - "c:\program files\avira\antivir personaledition classic\sched.exe" <Not Verified; Avira GmbH; Scheduler>
R2 C-DillaCdaC11BA - c:\windows\system32\drivers\cdac11ba.exe <Not Verified; C-Dilla Ltd; SafeCast Windows NT>
-- Device Manager: Disabled ----------------------------------------------------
Class GUID: {4D36E96F-E325-11CE-BFC1-08002BE10318}
Description: Souris Microsoft PS/2
Device ID: ACPI\PNP0F03\4&2B0A5BEB&0
Manufacturer: Microsoft
Name: Souris Microsoft PS/2
PNP Device ID: ACPI\PNP0F03\4&2B0A5BEB&0
Service: i8042prt
Class GUID: {4D36E97E-E325-11CE-BFC1-08002BE10318}
Description: USB Device
Device ID: USB\VID_1110&PID_6489\5&28C564E5&0&4
Manufacturer:
Name: USB Device
PNP Device ID: USB\VID_1110&PID_6489\5&28C564E5&0&4
Service:
Class GUID: {4D36E97E-E325-11CE-BFC1-08002BE10318}
Description: Contrôleur multimédia
Device ID: PCI\VEN_1131&DEV_7133&SUBSYS_48451043&REV_F0\4&D9F7D03&0&0830
Manufacturer:
Name: Contrôleur multimédia
PNP Device ID: PCI\VEN_1131&DEV_7133&SUBSYS_48451043&REV_F0\4&D9F7D03&0&0830
Service:
-- Scheduled Tasks -------------------------------------------------------------
2008-04-15 22:34:35 412 --a------ C:\WINDOWS\Tasks\Norton Security Scan.job
-- Files created between 2008-03-16 and 2008-04-16 -----------------------------
2008-04-16 11:08:58 0 d--hs---- C:\Documents and Settings\Anthony\Recent
2008-04-16 00:16:38 0 d-------- C:\Program Files\Free Hide Folder
2008-04-15 22:33:28 0 d-------- C:\Program Files\Fichiers communs\Symantec Shared
2008-04-15 22:26:56 0 d-------- C:\Program Files\Norton Security Scan
2008-04-15 22:24:38 0 d-------- C:\Program Files\OpenOffice.org 2.4
2008-04-15 20:54:54 0 d-------- C:\Documents and Settings\All Users\Application Data\Google Updater
2008-04-15 20:53:47 0 d-------- C:\Documents and Settings\All Users\Application Data\Adobe
2008-04-15 20:44:33 0 d-------- C:\WINDOWS\RegisteredPackages
2008-04-15 18:02:23 86016 --a------ C:\WINDOWS\unvise32.exe <Not Verified; MindVision Software; Installer VISE>
2008-04-15 18:01:38 0 d-------- C:\Program Files\Rippackv3
2008-04-15 17:58:31 0 d-------- C:\Program Files\WinASPI
2008-04-15 17:57:29 0 d-------- C:\Documents and Settings\Anthony\NeoDivX Suite
2008-04-15 17:41:30 0 d-------- C:\Documents and Settings\All Users\Application Data\DVD Shrink
2008-04-15 13:55:44 0 d-------- C:\Downloads
2008-04-15 12:15:42 0 d-------- C:\Documents and Settings\Anthony\Application Data\Free Download Manager
2008-04-15 12:15:37 0 d-------- C:\Documents and Settings\All Users\Application Data\FreeDownloadManager.ORG
2008-04-15 12:15:36 0 d-------- C:\Program Files\Free Download Manager
2008-04-14 00:54:15 0 d-------- C:\Program Files\Morgan
2008-04-14 00:54:07 209636 --a------ C:\WINDOWS\IPUI_DivXG400.exe <Not Verified; ; wingpack Application>
2008-04-14 00:31:37 0 d-------- C:\Documents and Settings\Anthony\Application Data\dvdcss
2008-04-14 00:30:42 0 d-------- C:\Program Files\DAEMON Tools Lite
2008-04-11 20:12:48 0 d--hs---- C:\Documents and Settings\Valérie\Recent
2008-03-30 17:46:01 0 d-------- C:\Program Files\BDGest Evolution
2008-03-30 16:56:13 0 d-------- C:\Program Files\AviSynth 2.5
2008-03-30 16:55:35 0 d-------- C:\Program Files\BatchDPG
2008-03-22 11:43:29 664 --a------ C:\WINDOWS\system32\d3d9caps.dat
2008-03-20 20:25:21 0 d-------- C:\Documents and Settings\Océane\Application Data\OpenOffice.org2
2008-03-20 16:37:50 0 d-------- C:\Documents and Settings\Valérie\Application Data\ABBYY
2008-03-20 16:37:23 0 d--h----- C:\C_DILLA
2008-03-20 16:37:22 8864 --a------ C:\WINDOWS\system32\drivers\CDAC15BA.SYS
-- Find3M Report ---------------------------------------------------------------
2008-04-16 12:29:26 0 d-------- C:\Program Files\eMule
2008-04-16 11:07:29 0 d-------- C:\Documents and Settings\Anthony\Application Data\uTorrent
2008-04-15 22:33:28 0 d-------- C:\Program Files\Fichiers communs
2008-04-15 22:29:39 4212 ---h----- C:\WINDOWS\system32\zllictbl.dat
2008-04-15 22:24:05 0 d-------- C:\Program Files\OpenOffice.org 2.3
2008-04-15 20:54:54 0 d-------- C:\Program Files\Google
2008-04-15 20:53:53 0 d-------- C:\Program Files\Fichiers communs\Adobe
2008-04-15 20:44:35 0 d-------- C:\Program Files\Movie Maker
2008-04-15 18:02:23 0 d-------- C:\Program Files\DivX
2008-04-15 17:59:32 0 d-------- C:\Program Files\K-Lite Codec Pack
2008-04-15 15:35:22 0 d--h----- C:\Program Files\InstallShield Installation Information
2008-04-15 11:50:39 0 d-------- C:\Program Files\TrackMania Nations ESWC
2008-04-03 22:32:05 0 d-------- C:\Program Files\TuxPaint
2008-03-30 11:13:12 0 d-------- C:\Documents and Settings\Anthony\Application Data\OpenOffice.org2
2008-03-30 10:44:59 473864 --a------ C:\WINDOWS\system32\perfh00C.dat
2008-03-30 10:44:59 77468 --a------ C:\WINDOWS\system32\perfc00C.dat
2008-03-29 16:39:54 0 d-------- C:\Program Files\Messenger Plus! Live
2008-03-15 17:00:41 0 d-------- C:\Program Files\MP3Gain
2008-03-05 13:48:04 0 d-------- C:\Program Files\World of Warcraft
2008-03-03 19:23:58 0 d-------- C:\Program Files\eBay
2008-03-02 13:58:01 0 d-------- C:\Program Files\Trend Micro
2008-03-01 16:42:46 0 d-------- C:\Program Files\ABBYY PDF Transformer 2.0
2008-02-27 21:23:15 0 d-------- C:\Program Files\Windows Live
2008-02-23 20:06:02 0 d-------- C:\Program Files\Fichiers communs\InstallShield
2008-02-23 20:02:51 0 d-------- C:\Program Files\EPSON
2008-02-23 20:02:03 0 d-------- C:\Program Files\ABBYY FineReader 6.0 Sprint
2008-02-23 19:58:55 0 d-------- C:\Documents and Settings\Anthony\Application Data\InstallShield
2008-02-21 17:29:30 0 d-------- C:\Program Files\SSC Service Utility
2008-02-21 17:19:44 5248 --a------ C:\WINDOWS\system32\giveio.sys
2008-02-21 16:31:40 0 d-------- C:\Documents and Settings\Anthony\Application Data\Help
2008-02-20 22:27:57 0 d-------- C:\Documents and Settings\Anthony\Application Data\Media Player Classic
2008-02-20 21:04:41 0 d-------- C:\Program Files\WinAVI MP4 Converter
2008-02-20 20:57:41 0 d-------- C:\Program Files\Real Alternative
2008-02-20 20:57:37 0 d-------- C:\Documents and Settings\Anthony\Application Data\Real
2008-02-20 13:31:18 1044480 -ra------ C:\WINDOWS\system32\roboex32.dll <Not Verified; eHelp Corporation.; RoboHELP for WinHelp 9.2>
2008-02-20 13:31:18 49152 -ra------ C:\WINDOWS\system32\inetwh32.dll <Not Verified; Blue Sky Software Corporation.; Blue Sky Software - INETWH32>
2008-02-18 15:52:57 0 d-------- C:\Program Files\Bethesda Softworks
2008-02-17 23:46:32 0 d-------- C:\Program Files\PhotoFiltre
2008-02-01 12:17:40 587264 --a------ C:\WINDOWS\WLXPGSS.SCR <Not Verified; Microsoft Corporation; Galerie de photos Windows Live>
-- Registry Dump ---------------------------------------------------------------
*Note* empty entries & legit default entries are not shown
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [05/12/2007 02:41]
"RTHDCPL"="RTHDCPL.EXE" [27/09/2007 15:20 C:\WINDOWS\RTHDCPL.exe]
"Alcmtr"="ALCMTR.EXE" [03/05/2005 19:43 C:\WINDOWS\Alcmtr.exe]
"nwiz"="nwiz.exe" [05/12/2007 02:41 C:\WINDOWS\system32\nwiz.exe]
"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [05/12/2007 02:41]
"avgnt"="C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [24/12/2007 14:00]
"ZoneAlarm Client"="C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" [13/03/2008 23:11]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [02/03/2006 14:00]
C:\Documents and Settings\Anthony\Menu D‚marrer\Programmes\D‚marrage\
TransBar.lnk - C:\WINDOWS\BricoPacks\Vista Inspirat 2\TransBar\TransBar.exe [01/06/2005 21:41:18]
UberIcon.lnk - C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe [21/05/2006 09:43:08]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"AllowLegacyWebView"=1 (0x1)
"AllowUnhashedWebView"=1 (0x1)
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^BlueSoleil.lnk]
path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\BlueSoleil.lnk
backup=C:\WINDOWS\pss\BlueSoleil.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Google Updater.lnk]
path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Google Updater.lnk
backup=C:\WINDOWS\pss\Google Updater.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Anthony^Menu Démarrer^Programmes^Démarrage^Y'z Shadow.lnk]
path=C:\Documents and Settings\Anthony\Menu Démarrer\Programmes\Démarrage\Y'z Shadow.lnk
backup=C:\WINDOWS\pss\Y'z Shadow.lnkStartup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
"C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\avgnt]
"C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE]
C:\WINDOWS\system32\ctfmon.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
"C:\Program Files\DAEMON Tools Lite\daemon.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogProtect]
"C:\Documents and Settings\Valérie\Mes documents\LogProtect\LogProtect.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
nwiz.exe /install
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RocketDock]
"C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
"C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SW20]
C:\WINDOWS\system32\sw20.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SW24]
C:\WINDOWS\system32\sw24.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Transcode360]
C:\Program Files\Transcode360\Transcode360Tray.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Trickler]
"c:\program files\divx\divx pro codec\gain_trickler_3202.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Veoh]
"C:\Program Files\Veoh Networks\Veoh\VeohClient.exe" /VeohHide
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinSys2]
C:\WINDOWS\system32\winsys2.exe
-- Hosts -----------------------------------------------------------------------
127.0.0.1 007guard.com
127.0.0.1 www.007guard.com
127.0.0.1 008i.com
127.0.0.1 008k.com
127.0.0.1 www.008k.com
127.0.0.1 00hq.com
127.0.0.1 www.00hq.com
127.0.0.1 010402.com
127.0.0.1 032439.com
127.0.0.1 www.032439.com
8142 more entries in hosts file.
-- End of Deckard's System Scanner: finished at 2008-04-16 12:40:55 ------------
rapport de extra.txt
Deckard's System Scanner v20071014.68
Extra logfile - please post this as an attachment with your post.
--------------------------------------------------------------------------------
-- System Information ----------------------------------------------------------
Microsoft Windows XP Édition familiale (build 2600) SP 2.0
Architecture: X86; Language: French
CPU 0: AMD Athlon(tm) 64 X2 Dual Core Processor 3600+
CPU 1: AMD Athlon(tm) 64 X2 Dual Core Processor 3600+
Percentage of Memory in Use: 35%
Physical Memory (total/avail): 1023.36 MiB / 659.27 MiB
Pagefile Memory (total/avail): 2461.21 MiB / 2142.21 MiB
Virtual Memory (total/avail): 2047.88 MiB / 1921.87 MiB
C: is Fixed (NTFS) - 186.3 GiB total, 71.97 GiB free.
D: is CDROM (UDF)
E: is CDROM (Unformatted)
F: is CDROM (No Media)
G: is Fixed (FAT32) - 372.52 GiB total, 330.86 GiB free.
H: is Removable (No Media)
\\.\PHYSICALDRIVE0 - ST3200822AS - 186.31 GiB - 1 partition
\PARTITION0 (bootable) - Système de fichiers installable - 186.3 GiB - C:
\\.\PHYSICALDRIVE2 - Generic STORAGE DEVICE USB Device
\\.\PHYSICALDRIVE1 - SAMSUNG HD402LJ USB Device - 372.61 GiB - 1 partition
\PARTITION0 - Unknown - 372.61 GiB - G:
-- Security Center -------------------------------------------------------------
AUOptions is scheduled to auto-install.
Windows Internal Firewall is disabled.
FirstRunDisabled is set.
FW: ZoneAlarm Firewall v7.0.470.000 (Check Point, LTD.) Disabled
AV: Avira AntiVir PersonalEdition v 7.0.3.158
(Avira GmbH)
[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\\WINDOWS\\system32\\sessmgr.exe"="C:\\WINDOWS\\system32\\sessmgr.exe:*![:D]( ":D")
isabled:@xpsp2res.dll,-22019"
"C:\\WINDOWS\\system32\\ZoneLabs\\avsys\\ScanningProcess.exe"="C:\\WINDOWS\\system32\\ZoneLabs\\avsys\\ScanningProcess.exe:*![:D]( ":D")
isabled:Kaspersky AV Scanner"
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
"C:\\Program Files\\IVT Corporation\\BlueSoleil\\BlueSoleil.exe"="C:\\Program Files\\IVT Corporation\\BlueSoleil\\BlueSoleil.exe:*:Enabled:BlueSoleil"
"C:\\Documents and Settings\\Anthony\\Bureau\\utorrent.exe"="C:\\Documents and Settings\\Anthony\\Bureau\\utorrent.exe:*:Enabled:µTorrent"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\uTorrent\\uTorrent.exe"="C:\\Program Files\\uTorrent\\uTorrent.exe:*:Enabled:µTorrent"
"C:\\WINDOWS\\system32\\PnkBstrA.exe"="C:\\WINDOWS\\system32\\PnkBstrA.exe:*:Enabled![:p]( ":p")
nkBstrA"
"C:\\WINDOWS\\system32\\PnkBstrB.exe"="C:\\WINDOWS\\system32\\PnkBstrB.exe:*:Enabled![:p]( ":p")
nkBstrB"
"C:\\Program Files\\Activision\\Call of Duty 4 - Modern Warfare\\iw3mp.exe"="C:\\Program Files\\Activision\\Call of Duty 4 - Modern Warfare\\iw3mp.exe:*:Enabled:Call of Duty(R) 4 - Modern Warfare(TM) "
"C:\\Program Files\\Messenger\\msmsgs.exe"="C:\\Program Files\\Messenger\\msmsgs.exe:*:Enabled:Windows Messenger"
-- Environment Variables -------------------------------------------------------
ALLUSERSPROFILE=C:\Documents and Settings\All Users
APPDATA=C:\Documents and Settings\Anthony\Application Data
CommonProgramFiles=C:\Program Files\Fichiers communs
COMPUTERNAME=VALERIE
ComSpec=C:\WINDOWS\system32\cmd.exe
FP_NO_HOST_CHECK=NO
HOMEDRIVE=C:
HOMEPATH=\Documents and Settings\Anthony
LOGONSERVER=\\VALERIE
NUMBER_OF_PROCESSORS=2
OS=Windows_NT
Path=C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\Program Files\Smart Projects\IsoBuster
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 15 Model 75 Stepping 2, AuthenticAMD
PROCESSOR_LEVEL=15
PROCESSOR_REVISION=4b02
ProgramFiles=C:\Program Files
PROMPT=$P$G
SESSIONNAME=Console
SystemDrive=C:
SystemRoot=C:\WINDOWS
TEMP=C:\DOCUME~1\Anthony\LOCALS~1\Temp
TMP=C:\DOCUME~1\Anthony\LOCALS~1\Temp
tvdumpflags=8
USERDOMAIN=VALERIE
USERNAME=Anthony
USERPROFILE=C:\Documents and Settings\Anthony
windir=C:\WINDOWS
-- User Profiles ---------------------------------------------------------------
Valérie (admin)
Anthony (admin)
Océane (admin)
-- Add/Remove Programs ---------------------------------------------------------
--> rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
ABBYY FineReader 5.0 Sprint Plus --> MsiExec.exe /X{D1696920-9794-4BBC-8A30-7A88763DE5A2}
ABBYY FineReader 6.0 --> MsiExec.exe /I{AF600F7B-67A7-48D9-BA3B-0FF97F35F970}
ABBYY FineReader 6.0 Sprint --> MsiExec.exe /I{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}
ABBYY PDF Transformer 2.0 --> MsiExec.exe /I{FA200000-0001-0000-0000-074957833700}
Ad-Aware SE Personal --> C:\PROGRA~1\Lavasoft\AD-AWA~1\UNWISE.EXE C:\PROGRA~1\Lavasoft\AD-AWA~1\INSTALL.LOG
Adobe Acrobat 5.0 --> C:\WINDOWS\ISUN040C.EXE -f"C:\Program Files\Fichiers communs\Adobe\Acrobat 5.0\NT\Uninst.isu" -c"C:\Program Files\Fichiers communs\Adobe\Acrobat 5.0\NT\Uninst.dll"
Adobe Flash Player ActiveX --> C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player Plugin --> C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Reader 8.1.2 --> MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A81200000003}
Adobe Shockwave Player 11 --> C:\WINDOWS\system32\adobe\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Adobe\SHOCKW~1\Install.log
Archiveur WinRAR --> C:\Program Files\WinRAR\uninstall.exe
ArcSoft PhotoImpression --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6C5D7191-140A-11D6-B5A0-0050DA208A93}\SETUP.EXE" -l0x40c -uninst
Assistant de connexion Windows Live --> MsiExec.exe /I{AFA4E5FD-ED70-4D92-99D0-162FD56DC986}
µTorrent --> "C:\Program Files\uTorrent\uTorrent.exe" /UNINSTALL
Audacity 1.2.6 --> "C:\Program Files\Audacity\unins000.exe"
Avira AntiVir PersonalEdition Classic --> C:\Program Files\Avira\AntiVir PersonalEdition Classic\SETUP.EXE /REMOVE
Call of Duty(R) 4 - Modern Warfare(TM) --> C:\Program Files\InstallShield Installation Information\{E48469CC-635E-4FD5-A122-1497C286D217}\setup.exe -runfromtemp -l0x0409
Call of Duty(R) 4 - Modern Warfare(TM) 1.4 Patch --> C:\Program Files\InstallShield Installation Information\{3BD633E0-4BF8-4499-9149-88F0767D449C}\setup.exe -runfromtemp -l0x0409
Camera RAW Plug-In for EPSON Creativity Suite --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{93EA9C3E-BDFD-4309-A605-9B5BBC0CCEFD}\SETUP.EXE" -l0x40c UNINST
CCleaner (remove only) --> "C:\Program Files\CCleaner\uninst.exe"
Compel Adaptec WinASPI --> "C:\Program Files\WinASPI\unins000.exe"
Cryptext (Remove Only) --> rundll32 setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\system32\ShellExt\Cryptext.inf
D-Link VGA Webcam --> C:\WINDOWS\CleanDev.exe C:\WINDOWS\ov519.TXT
DivX 5.0.2 Pro Bundle --> C:\WINDOWS\unvise32.exe C:\Program Files\DivX\uninstal.log
DivX Content Uploader --> C:\Program Files\DivX\DivXContentUploaderUninstall.exe /CUPLOADER
DivX Web Player --> C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN
DivXG400 --> "C:\WINDOWS\IPUI_DivXG400.exe" /U /D
eMule --> "C:\Program Files\eMule\Uninstall.exe"
EPSON Attach To Email --> C:\Program Files\Fichiers communs\InstallShield\Driver\8\Intel 32\IDriver.exe /M{20C45B32-5AB6-46A4-94EF-58950CAF05E5} /l1033 ADDREMOVEDLG
EPSON Copy Utility 3 --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{67EDD823-135A-4D59-87BD-950616D6E857}\SETUP.EXE" -l0x40c -UnInstall
EPSON Easy Photo Print --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3D78F2A2-C893-4ABD-B5FE-AD7011837755}\SETUP.EXE" -l0x40c UNINST
EPSON File Manager --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2EB81825-E9EE-44F4-8F51-1240C3898DC6}\Setup.exe" -l0x40c UNINST
EPSON Logiciel imprimante --> C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\EPUPDATE.EXE /R
EPSON Scan --> C:\Program Files\epson\escndv\setup\setup.exe /r
EPSON Scan Assistant --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2A88F1BF-7041-4E42-84B1-6B4ACB83AC64}\Setup.exe" -l0x40c -u
EPSON Stylus CX7300_CX8300_DX7400_DX8400 Manuel --> C:\Program Files\EPSON\TPMANUAL\ES_CX_DX\FRA\USE_G\DOCUNINS.EXE
EPSON Web-To-Page --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7F14F68C-17FA-4F88-B3FD-7F449C1EBF32}\SETUP.EXE" -l0x40c -anything
Free Download Manager 2.5 --> "C:\Program Files\Free Download Manager\unins000.exe"
Galerie de photos Windows Live --> MsiExec.exe /X{A70FA218-6598-4AC9-813D-63597C5DD068}
Google Earth --> MsiExec.exe /I{1E04F83B-2AB9-4301-9EF7-E86307F79C72}
Google Toolbar for Internet Explorer --> MsiExec.exe /I{DBEA1034-5882-4A88-8033-81C4EF0CFA29}
Google Toolbar for Internet Explorer --> regsvr32 /u /s "c:\program files\google\googletoolbar1.dll"
Google Updater --> "C:\Program Files\Google\Google Updater\GoogleUpdater.exe" -uninstall
HijackThis 2.0.2 --> "C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
IsoBuster 2.3 --> "C:\Program Files\Smart Projects\IsoBuster\Uninst\unins000.exe"
Java(TM) 6 Update 3 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160030}
JkDefrag 3.26 Fr --> "C:\Program Files\JkDefrag\unins000.exe"
K-Lite Codec Pack 2.81 Full --> "C:\Program Files\K-Lite Codec Pack\unins000.exe"
Kaspersky Online Scanner --> C:\WINDOWS\system32\KASPER~1\KASPER~1\kavuninstall.exe
Language pack for Ad-Aware SE --> C:\PROGRA~1\Lavasoft\AD-AWA~1\Plugins\Langs\UNWISE.EXE C:\PROGRA~1\Lavasoft\AD-AWA~1\Plugins\Langs\INSTALL.LOG
Les Sims 2 --> C:\Program Files\EA GAMES\Les Sims 2\EAUninstall.exe
Les Sims 2 : Nuits de Folie --> C:\Program Files\EA GAMES\Les Sims 2 Nuits de Folie\EAUninstall.exe
Les Sims 2 Académie --> C:\Program Files\EA GAMES\Les Sims 2 Académie\EAUninstall.exe
Les Sims 2 : La bonne affaire --> C:\Program Files\EA GAMES\Les Sims 2 La bonne affaire\EAUninstall.exe
Les Sims™ 2 Animaux & Cie --> C:\Program Files\EA GAMES\Les Sims 2 Animaux & Cie\EAUninstall.exe
Les Sims™ 2 Au fil des saisons --> C:\Program Files\EA GAMES\Les Sims 2 Au fil des saisons\EAUninstall.exe
Les Sims™ 2 Bon Voyage --> C:\Program Files\EA GAMES\Les Sims 2 Bon Voyage\EAUninstall.exe
LogProtect version 1.1.3 --> "C:\Documents and Settings\Valérie\Mes documents\LogProtect\unins000.exe"
Messenger Plus! Live --> "C:\Program Files\Messenger Plus! Live\Uninstall.exe"
Microsoft Compression Client Pack 1.0 for Windows XP --> "C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft SQL Server 2005 Compact Edition [ENU] --> MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
Microsoft User-Mode Driver Framework Feature Pack 1.0 --> "C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB911164) -->
Mozilla Firefox (2.0.0.13) --> C:\Program Files\Mozilla Firefox\uninstall\helper.exe
Neuf - Kit de connexion --> C:\Program Files\Neuf\Kit\uninstall.exe
Norton Security Scan --> MsiExec.exe /I{1A8A214F-6BAC-4E01-A27D-25C19A484908}
NVIDIA Drivers --> C:\WINDOWS\system32\nvuninst.exe UninstallGUI
Oblivion --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{35CB6715-41F8-4F99-8881-6FC75BF054B0}\setup.exe" -l0x40c -removeonly
OpenOffice.org 2.4 --> MsiExec.exe /I{2BB8FBB4-CFF9-434E-AA0A-40F5379C1602}
Pack Vista Inspirat 2 1.0 --> C:\WINDOWS\BricoPacks\Vista Inspirat 2\Remove.exe
Package de pilotes Windows - Advanced Micro Devices (AmdK8) Processor (05/27/2006 1.3.2.0) --> C:\PROGRA~1\DIFX\7B44739871F4D539FA473F57A832EA4B6A59EF06\DPInst.exe /d /u C:\WINDOWS\system32\DRVSTORE\amdk8_1F9DE4E49C97F59EE9F75C34E0E91E568FC9EEB2\amdk8.inf
PhotoFiltre --> "C:\Program Files\PhotoFiltre\Uninst.exe"
Real Alternative 1.60 Lite --> "C:\Program Files\Real Alternative\unins000.exe"
Realtek High Definition Audio Driver --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\Setup.exe" -l0x40c -removeonly
ScanToWeb --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EBAE381B-60A6-4863-AA9F-FCAB755BC9E5}\setup.exe" ADDREMOVEDLG
Spybot - Search & Destroy --> "C:\Program Files\Spybot - Search & Destroy\unins000.exe"
System Requirements Lab --> C:\Program Files\SystemRequirementsLab\Uninstall.exe
TH Calculator --> C:\Program Files\TH Calculator\Uninstal.exe
TrackMania Nations ESWC 1.7.9 --> "C:\Program Files\TrackMania Nations ESWC\unins000.exe"
Tux Paint 0.9.19 --> "C:\Program Files\TuxPaint\unins000.exe"
Ultimate Spider-Man (TM) --> C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{CC35B08B-4EC1-4759-B159-0EC4E69C3E7C}
VeohTV BETA --> C:\Program Files\InstallShield Installation Information\{97A96172-A963-4A37-9FFB-DA6805BB915A}\setup.exe -runfromtemp -l0x0409
VideoLAN VLC media player 0.8.6f --> C:\Program Files\VideoLAN\VLC\uninstall.exe
Vista --> "C:\WINDOWS\uninstall Vista.exe"
Waver Version 2.95 --> "C:\Program Files\Flop\Waver\unins000.exe"
Windows Imaging Component --> "C:\WINDOWS\$NtUninstallWIC$\spuninst\spuninst.exe"
Windows Live installer --> MsiExec.exe /X{FD44E544-E7D0-4DBA-9FA0-8AE1A1300390}
Windows Live Mail --> MsiExec.exe /I{C514C594-23AA-4F13-A070-DB8BDB27594F}
Windows Live Messenger --> MsiExec.exe /X{BADF6744-3787-48F6-B8C9-4C4995401D65}
Windows Media Format 11 runtime --> "C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
World of Warcraft --> C:\Program Files\Fichiers communs\Blizzard Entertainment\World of Warcraft\Uninstall.exe
ZoneAlarm --> C:\Program Files\Zone Labs\ZoneAlarm\zauninst.exe
-- Application Event Log -------------------------------------------------------
Event Record #/Type5027 / Success
Event Submitted/Written: 04/16/2008 10:29:42 AM
Event ID/Source: 12001 / usnjsvc
Event Description:
The Messenger Sharing USN Journal Reader service started successfully.
Event Record #/Type5003 / Error
Event Submitted/Written: 04/15/2008 05:58:47 PM
Event ID/Source: 1000 / Application Error
Event Description:
Application défaillante neodivxsuite.exe, version 0.0.0.0, module défaillant ghctmvds.ols, version 4.0.0.0, adresse de défaillance 0x00193149.
Traitement de l'événement propre au support pour [neodivxsuite.exe!ws!]
Event Record #/Type4946 / Success
Event Submitted/Written: 04/15/2008 10:07:11 AM
Event ID/Source: 12001 / usnjsvc
Event Description:
The Messenger Sharing USN Journal Reader service started successfully.
Event Record #/Type4918 / Success
Event Submitted/Written: 04/14/2008 10:02:43 AM
Event ID/Source: 12001 / usnjsvc
Event Description:
The Messenger Sharing USN Journal Reader service started successfully.
Event Record #/Type4870 / Success
Event Submitted/Written: 04/13/2008 09:33:58 AM
Event ID/Source: 12001 / usnjsvc
Event Description:
The Messenger Sharing USN Journal Reader service started successfully.
-- Security Event Log ----------------------------------------------------------
No Errors/Warnings found.
-- System Event Log ------------------------------------------------------------
Event Record #/Type10983 / Warning
Event Submitted/Written: 04/16/2008 11:37:02 AM
Event ID/Source: 1007 / Dhcp
Event Description:
Votre ordinateur a automatiquement configuré l'adresse IP pour la
carte avec l'adresse réseau 0016178F0DF8. L'adresse IP utilisée est 169.254.231.235.
Event Record #/Type10982 / Warning
Event Submitted/Written: 04/16/2008 11:36:57 AM
Event ID/Source: 1003 / Dhcp
Event Description:
Votre ordinateur n'a pas pu renouveler son adresse à partir du réseau (à partir
du serveur DHCP) pour la carte réseau dont l'adresse réseau est 0016178F0DF8. Il s'est
produit l'erreur suivante :
%%121.
Votre ordinateur va continuer à essayer d'obtenir sa propre adresse auprès du
serveur d'adresse réseau (DHCP).
Event Record #/Type10981 / Warning
Event Submitted/Written: 04/16/2008 11:36:29 AM
Event ID/Source: 1003 / Dhcp
Event Description:
Votre ordinateur n'a pas pu renouveler son adresse à partir du réseau (à partir
du serveur DHCP) pour la carte réseau dont l'adresse réseau est 0016178F0DF8. Il s'est
produit l'erreur suivante :
%%1223.
Votre ordinateur va continuer à essayer d'obtenir sa propre adresse auprès du
serveur d'adresse réseau (DHCP).
Event Record #/Type10913 / Error
Event Submitted/Written: 04/16/2008 11:09:16 AM
Event ID/Source: 10005 / DCOM
Event Description:
DCOM a reçu l'erreur "%%1084" lors de la mise en route du service EventSystem avec les arguments ""
pour démarrer le serveur :
{1BE1F766-5536-11D1-B726-00C04FB926AF}
Event Record #/Type10912 / Error
Event Submitted/Written: 04/16/2008 11:04:31 AM
Event ID/Source: 7026 / Service Control Manager
Event Description:
Le pilote de démarrage système ou d'amorçage suivant n'a pas pu se charger :
AFD
AmdK8
avgio
avipbb
Fips
IPSec
KLIF
MRxSmb
NetBIOS
NetBT
RasAcd
Rdbss
ssmdrv
Tcpip
Tcpip6
vsdatant
-- End of Deckard's System Scanner: finished at 2008-04-16 12:40:55 ------------
rapport de Main.txt
Deckard's System Scanner v20071014.68
Run by Anthony on 2008-04-16 12:39:29
Computer is in Normal Mode.
--------------------------------------------------------------------------------
-- System Restore --------------------------------------------------------------
Successfully created a Deckard's System Scanner Restore Point.
-- Last 5 Restore Point(s) --
139: 2008-04-16 10:39:38 UTC - RP207 - Deckard's System Scanner Restore Point
138: 2008-04-15 22:00:22 UTC - RP206 - Supprimé Ultimate Spider-Man (TM)
137: 2008-04-15 20:27:17 UTC - RP205 - Shockwave Player
136: 2008-04-15 20:26:38 UTC - RP204 - Shockwave Player
135: 2008-04-15 20:24:34 UTC - RP203 - Installed OpenOffice.org 2.4
-- First Restore Point --
1: 2008-01-17 16:51:52 UTC - RP69 - Point de vérification système
Backed up registry hives.
Performed disk cleanup.
-- HijackThis (run as Anthony.exe) ---------------------------------------------
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:40:15, on 16/04/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe
C:\PROGRA~1\FREEDO~1\fdm.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Downloads\Software\dss.exe
C:\PROGRA~1\TRENDM~1\HIJACK~1\Anthony.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.www.daemon-search.com/default
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://recherche.neuf.fr/ie/default.html
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll
O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: TransBar.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\TransBar\TransBar.exe
O4 - Startup: UberIcon.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe
O8 - Extra context menu item: Tout télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlall.htm
O8 - Extra context menu item: Télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dllink.htm
O8 - Extra context menu item: Télécharger la sélection avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Télécharger la vidéo avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlfvideo.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: http://asia.msi.com.tw
O15 - Trusted Zone: http://global.msi.com.tw
O15 - Trusted Zone: http://www.msi.com.tw
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986....
O16 - DPF: {4C39376E-FA9D-4349-BACC-D305C1750EF3} (EPUImageControl Class) - http://tools.ebayimg.com/pm/activex/eBay_Enhanced_Pictu...
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownload/srl/2.0.0....
O16 - DPF: {8167C273-DF59-4416-B647-C8BB2C7EE83E} (WebSDev Control) - http://liveupdate.msi.com.tw/autobios/LOnline/install.c...
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} - http://fichiers.touslesdrivers.com/fichiers/hardwaredet...
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab569...
O16 - DPF: {F8C5C0F1-D884-43EB-A5A0-9E1C4A102FA8} (GoPetsWeb Control) - https://secure.gopetslive.com/dev/GoPetsWeb.cab
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: C-DillaCdaC11BA - C-Dilla Ltd - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
--
End of file - 8461 bytes
-- File Associations -----------------------------------------------------------
All associations okay.
-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------
R0 BTHidMgr (Bluetooth HID Manager Service) - c:\windows\system32\drivers\bthidmgr.sys <Not Verified; IVT Corporation; BlueSoleil(c)>
R0 sfdrv01 (StarForce Protection Environment Driver (version 1.x)) - c:\windows\system32\drivers\sfdrv01.sys <Not Verified; Protection Technology; StarForce Protection System>
R0 sfhlp02 (StarForce Protection Helper Driver (version 2.x)) - c:\windows\system32\drivers\sfhlp02.sys <Not Verified; Protection Technology; StarForce Protection System>
R0 sfvfs02 (StarForce Protection VFS Driver (version 2.x)) - c:\windows\system32\drivers\sfvfs02.sys <Not Verified; Protection Technology; StarForce Protection System>
R2 CdaC15BA - c:\windows\system32\drivers\cdac15ba.sys
R3 ovt519 (Eye Toy) - c:\windows\system32\drivers\ov519vid.sys <Not Verified; OmniVision Technologies, Inc.; Dual Mode USB Camera 519>
S3 BlueletAudio (Bluetooth Audio Service) - c:\windows\system32\drivers\blueletaudio.sys <Not Verified; IVT Corporation; Windows (R) 2000 DDK driver>
S3 BT (Bluetooth PAN Network Adapter) - c:\windows\system32\drivers\btnetdrv.sys <Not Verified; IVT Corporation; BlueSoleil>
S3 BTHidEnum (Bluetooth HID Enumerator) - c:\windows\system32\drivers\vbtenum.sys
S3 giveio - c:\windows\system32\giveio.sys
S3 GMSIPCI - e:\install\gmsipci.sys (file missing)
S3 VComm (Virtual Serial port driver) - c:\windows\system32\drivers\vcomm.sys <Not Verified; IVT Corporation; BlueSoleil>
S3 VcommMgr (Bluetooth VComm Manager Service) - c:\windows\system32\drivers\vcommmgr.sys <Not Verified; IVT Corporation; BlueSoleil>
-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------
R2 AntiVirScheduler (AntiVir PersonalEdition Classic Scheduler) - "c:\program files\avira\antivir personaledition classic\sched.exe" <Not Verified; Avira GmbH; Scheduler>
R2 C-DillaCdaC11BA - c:\windows\system32\drivers\cdac11ba.exe <Not Verified; C-Dilla Ltd; SafeCast Windows NT>
-- Device Manager: Disabled ----------------------------------------------------
Class GUID: {4D36E96F-E325-11CE-BFC1-08002BE10318}
Description: Souris Microsoft PS/2
Device ID: ACPI\PNP0F03\4&2B0A5BEB&0
Manufacturer: Microsoft
Name: Souris Microsoft PS/2
PNP Device ID: ACPI\PNP0F03\4&2B0A5BEB&0
Service: i8042prt
Class GUID: {4D36E97E-E325-11CE-BFC1-08002BE10318}
Description: USB Device
Device ID: USB\VID_1110&PID_6489\5&28C564E5&0&4
Manufacturer:
Name: USB Device
PNP Device ID: USB\VID_1110&PID_6489\5&28C564E5&0&4
Service:
Class GUID: {4D36E97E-E325-11CE-BFC1-08002BE10318}
Description: Contrôleur multimédia
Device ID: PCI\VEN_1131&DEV_7133&SUBSYS_48451043&REV_F0\4&D9F7D03&0&0830
Manufacturer:
Name: Contrôleur multimédia
PNP Device ID: PCI\VEN_1131&DEV_7133&SUBSYS_48451043&REV_F0\4&D9F7D03&0&0830
Service:
-- Scheduled Tasks -------------------------------------------------------------
2008-04-15 22:34:35 412 --a------ C:\WINDOWS\Tasks\Norton Security Scan.job
-- Files created between 2008-03-16 and 2008-04-16 -----------------------------
2008-04-16 11:08:58 0 d--hs---- C:\Documents and Settings\Anthony\Recent
2008-04-16 00:16:38 0 d-------- C:\Program Files\Free Hide Folder
2008-04-15 22:33:28 0 d-------- C:\Program Files\Fichiers communs\Symantec Shared
2008-04-15 22:26:56 0 d-------- C:\Program Files\Norton Security Scan
2008-04-15 22:24:38 0 d-------- C:\Program Files\OpenOffice.org 2.4
2008-04-15 20:54:54 0 d-------- C:\Documents and Settings\All Users\Application Data\Google Updater
2008-04-15 20:53:47 0 d-------- C:\Documents and Settings\All Users\Application Data\Adobe
2008-04-15 20:44:33 0 d-------- C:\WINDOWS\RegisteredPackages
2008-04-15 18:02:23 86016 --a------ C:\WINDOWS\unvise32.exe <Not Verified; MindVision Software; Installer VISE>
2008-04-15 18:01:38 0 d-------- C:\Program Files\Rippackv3
2008-04-15 17:58:31 0 d-------- C:\Program Files\WinASPI
2008-04-15 17:57:29 0 d-------- C:\Documents and Settings\Anthony\NeoDivX Suite
2008-04-15 17:41:30 0 d-------- C:\Documents and Settings\All Users\Application Data\DVD Shrink
2008-04-15 13:55:44 0 d-------- C:\Downloads
2008-04-15 12:15:42 0 d-------- C:\Documents and Settings\Anthony\Application Data\Free Download Manager
2008-04-15 12:15:37 0 d-------- C:\Documents and Settings\All Users\Application Data\FreeDownloadManager.ORG
2008-04-15 12:15:36 0 d-------- C:\Program Files\Free Download Manager
2008-04-14 00:54:15 0 d-------- C:\Program Files\Morgan
2008-04-14 00:54:07 209636 --a------ C:\WINDOWS\IPUI_DivXG400.exe <Not Verified; ; wingpack Application>
2008-04-14 00:31:37 0 d-------- C:\Documents and Settings\Anthony\Application Data\dvdcss
2008-04-14 00:30:42 0 d-------- C:\Program Files\DAEMON Tools Lite
2008-04-11 20:12:48 0 d--hs---- C:\Documents and Settings\Valérie\Recent
2008-03-30 17:46:01 0 d-------- C:\Program Files\BDGest Evolution
2008-03-30 16:56:13 0 d-------- C:\Program Files\AviSynth 2.5
2008-03-30 16:55:35 0 d-------- C:\Program Files\BatchDPG
2008-03-22 11:43:29 664 --a------ C:\WINDOWS\system32\d3d9caps.dat
2008-03-20 20:25:21 0 d-------- C:\Documents and Settings\Océane\Application Data\OpenOffice.org2
2008-03-20 16:37:50 0 d-------- C:\Documents and Settings\Valérie\Application Data\ABBYY
2008-03-20 16:37:23 0 d--h----- C:\C_DILLA
2008-03-20 16:37:22 8864 --a------ C:\WINDOWS\system32\drivers\CDAC15BA.SYS
-- Find3M Report ---------------------------------------------------------------
2008-04-16 12:29:26 0 d-------- C:\Program Files\eMule
2008-04-16 11:07:29 0 d-------- C:\Documents and Settings\Anthony\Application Data\uTorrent
2008-04-15 22:33:28 0 d-------- C:\Program Files\Fichiers communs
2008-04-15 22:29:39 4212 ---h----- C:\WINDOWS\system32\zllictbl.dat
2008-04-15 22:24:05 0 d-------- C:\Program Files\OpenOffice.org 2.3
2008-04-15 20:54:54 0 d-------- C:\Program Files\Google
2008-04-15 20:53:53 0 d-------- C:\Program Files\Fichiers communs\Adobe
2008-04-15 20:44:35 0 d-------- C:\Program Files\Movie Maker
2008-04-15 18:02:23 0 d-------- C:\Program Files\DivX
2008-04-15 17:59:32 0 d-------- C:\Program Files\K-Lite Codec Pack
2008-04-15 15:35:22 0 d--h----- C:\Program Files\InstallShield Installation Information
2008-04-15 11:50:39 0 d-------- C:\Program Files\TrackMania Nations ESWC
2008-04-03 22:32:05 0 d-------- C:\Program Files\TuxPaint
2008-03-30 11:13:12 0 d-------- C:\Documents and Settings\Anthony\Application Data\OpenOffice.org2
2008-03-30 10:44:59 473864 --a------ C:\WINDOWS\system32\perfh00C.dat
2008-03-30 10:44:59 77468 --a------ C:\WINDOWS\system32\perfc00C.dat
2008-03-29 16:39:54 0 d-------- C:\Program Files\Messenger Plus! Live
2008-03-15 17:00:41 0 d-------- C:\Program Files\MP3Gain
2008-03-05 13:48:04 0 d-------- C:\Program Files\World of Warcraft
2008-03-03 19:23:58 0 d-------- C:\Program Files\eBay
2008-03-02 13:58:01 0 d-------- C:\Program Files\Trend Micro
2008-03-01 16:42:46 0 d-------- C:\Program Files\ABBYY PDF Transformer 2.0
2008-02-27 21:23:15 0 d-------- C:\Program Files\Windows Live
2008-02-23 20:06:02 0 d-------- C:\Program Files\Fichiers communs\InstallShield
2008-02-23 20:02:51 0 d-------- C:\Program Files\EPSON
2008-02-23 20:02:03 0 d-------- C:\Program Files\ABBYY FineReader 6.0 Sprint
2008-02-23 19:58:55 0 d-------- C:\Documents and Settings\Anthony\Application Data\InstallShield
2008-02-21 17:29:30 0 d-------- C:\Program Files\SSC Service Utility
2008-02-21 17:19:44 5248 --a------ C:\WINDOWS\system32\giveio.sys
2008-02-21 16:31:40 0 d-------- C:\Documents and Settings\Anthony\Application Data\Help
2008-02-20 22:27:57 0 d-------- C:\Documents and Settings\Anthony\Application Data\Media Player Classic
2008-02-20 21:04:41 0 d-------- C:\Program Files\WinAVI MP4 Converter
2008-02-20 20:57:41 0 d-------- C:\Program Files\Real Alternative
2008-02-20 20:57:37 0 d-------- C:\Documents and Settings\Anthony\Application Data\Real
2008-02-20 13:31:18 1044480 -ra------ C:\WINDOWS\system32\roboex32.dll <Not Verified; eHelp Corporation.; RoboHELP for WinHelp 9.2>
2008-02-20 13:31:18 49152 -ra------ C:\WINDOWS\system32\inetwh32.dll <Not Verified; Blue Sky Software Corporation.; Blue Sky Software - INETWH32>
2008-02-18 15:52:57 0 d-------- C:\Program Files\Bethesda Softworks
2008-02-17 23:46:32 0 d-------- C:\Program Files\PhotoFiltre
2008-02-01 12:17:40 587264 --a------ C:\WINDOWS\WLXPGSS.SCR <Not Verified; Microsoft Corporation; Galerie de photos Windows Live>
-- Registry Dump ---------------------------------------------------------------
*Note* empty entries & legit default entries are not shown
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [05/12/2007 02:41]
"RTHDCPL"="RTHDCPL.EXE" [27/09/2007 15:20 C:\WINDOWS\RTHDCPL.exe]
"Alcmtr"="ALCMTR.EXE" [03/05/2005 19:43 C:\WINDOWS\Alcmtr.exe]
"nwiz"="nwiz.exe" [05/12/2007 02:41 C:\WINDOWS\system32\nwiz.exe]
"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [05/12/2007 02:41]
"avgnt"="C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [24/12/2007 14:00]
"ZoneAlarm Client"="C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" [13/03/2008 23:11]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [02/03/2006 14:00]
C:\Documents and Settings\Anthony\Menu D‚marrer\Programmes\D‚marrage\
TransBar.lnk - C:\WINDOWS\BricoPacks\Vista Inspirat 2\TransBar\TransBar.exe [01/06/2005 21:41:18]
UberIcon.lnk - C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe [21/05/2006 09:43:08]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"AllowLegacyWebView"=1 (0x1)
"AllowUnhashedWebView"=1 (0x1)
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^BlueSoleil.lnk]
path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\BlueSoleil.lnk
backup=C:\WINDOWS\pss\BlueSoleil.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Google Updater.lnk]
path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Google Updater.lnk
backup=C:\WINDOWS\pss\Google Updater.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Anthony^Menu Démarrer^Programmes^Démarrage^Y'z Shadow.lnk]
path=C:\Documents and Settings\Anthony\Menu Démarrer\Programmes\Démarrage\Y'z Shadow.lnk
backup=C:\WINDOWS\pss\Y'z Shadow.lnkStartup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
"C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\avgnt]
"C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE]
C:\WINDOWS\system32\ctfmon.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
"C:\Program Files\DAEMON Tools Lite\daemon.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogProtect]
"C:\Documents and Settings\Valérie\Mes documents\LogProtect\LogProtect.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
nwiz.exe /install
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RocketDock]
"C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
"C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SW20]
C:\WINDOWS\system32\sw20.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SW24]
C:\WINDOWS\system32\sw24.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Transcode360]
C:\Program Files\Transcode360\Transcode360Tray.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Trickler]
"c:\program files\divx\divx pro codec\gain_trickler_3202.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Veoh]
"C:\Program Files\Veoh Networks\Veoh\VeohClient.exe" /VeohHide
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinSys2]
C:\WINDOWS\system32\winsys2.exe
-- Hosts -----------------------------------------------------------------------
127.0.0.1 007guard.com
127.0.0.1 www.007guard.com
127.0.0.1 008i.com
127.0.0.1 008k.com
127.0.0.1 www.008k.com
127.0.0.1 00hq.com
127.0.0.1 www.00hq.com
127.0.0.1 010402.com
127.0.0.1 032439.com
127.0.0.1 www.032439.com
8142 more entries in hosts file.
-- End of Deckard's System Scanner: finished at 2008-04-16 12:40:55 ------------
rapport de extra.txt
Deckard's System Scanner v20071014.68
Extra logfile - please post this as an attachment with your post.
--------------------------------------------------------------------------------
-- System Information ----------------------------------------------------------
Microsoft Windows XP Édition familiale (build 2600) SP 2.0
Architecture: X86; Language: French
CPU 0: AMD Athlon(tm) 64 X2 Dual Core Processor 3600+
CPU 1: AMD Athlon(tm) 64 X2 Dual Core Processor 3600+
Percentage of Memory in Use: 35%
Physical Memory (total/avail): 1023.36 MiB / 659.27 MiB
Pagefile Memory (total/avail): 2461.21 MiB / 2142.21 MiB
Virtual Memory (total/avail): 2047.88 MiB / 1921.87 MiB
C: is Fixed (NTFS) - 186.3 GiB total, 71.97 GiB free.
D: is CDROM (UDF)
E: is CDROM (Unformatted)
F: is CDROM (No Media)
G: is Fixed (FAT32) - 372.52 GiB total, 330.86 GiB free.
H: is Removable (No Media)
\\.\PHYSICALDRIVE0 - ST3200822AS - 186.31 GiB - 1 partition
\PARTITION0 (bootable) - Système de fichiers installable - 186.3 GiB - C:
\\.\PHYSICALDRIVE2 - Generic STORAGE DEVICE USB Device
\\.\PHYSICALDRIVE1 - SAMSUNG HD402LJ USB Device - 372.61 GiB - 1 partition
\PARTITION0 - Unknown - 372.61 GiB - G:
-- Security Center -------------------------------------------------------------
AUOptions is scheduled to auto-install.
Windows Internal Firewall is disabled.
FirstRunDisabled is set.
FW: ZoneAlarm Firewall v7.0.470.000 (Check Point, LTD.) Disabled
AV: Avira AntiVir PersonalEdition v 7.0.3.158
(Avira GmbH)
[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\\WINDOWS\\system32\\sessmgr.exe"="C:\\WINDOWS\\system32\\sessmgr.exe:*
isabled:@xpsp2res.dll,-22019""C:\\WINDOWS\\system32\\ZoneLabs\\avsys\\ScanningProcess.exe"="C:\\WINDOWS\\system32\\ZoneLabs\\avsys\\ScanningProcess.exe:*
isabled:Kaspersky AV Scanner""C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
"C:\\Program Files\\IVT Corporation\\BlueSoleil\\BlueSoleil.exe"="C:\\Program Files\\IVT Corporation\\BlueSoleil\\BlueSoleil.exe:*:Enabled:BlueSoleil"
"C:\\Documents and Settings\\Anthony\\Bureau\\utorrent.exe"="C:\\Documents and Settings\\Anthony\\Bureau\\utorrent.exe:*:Enabled:µTorrent"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\uTorrent\\uTorrent.exe"="C:\\Program Files\\uTorrent\\uTorrent.exe:*:Enabled:µTorrent"
"C:\\WINDOWS\\system32\\PnkBstrA.exe"="C:\\WINDOWS\\system32\\PnkBstrA.exe:*:Enabled
nkBstrA""C:\\WINDOWS\\system32\\PnkBstrB.exe"="C:\\WINDOWS\\system32\\PnkBstrB.exe:*:Enabled
nkBstrB""C:\\Program Files\\Activision\\Call of Duty 4 - Modern Warfare\\iw3mp.exe"="C:\\Program Files\\Activision\\Call of Duty 4 - Modern Warfare\\iw3mp.exe:*:Enabled:Call of Duty(R) 4 - Modern Warfare(TM) "
"C:\\Program Files\\Messenger\\msmsgs.exe"="C:\\Program Files\\Messenger\\msmsgs.exe:*:Enabled:Windows Messenger"
-- Environment Variables -------------------------------------------------------
ALLUSERSPROFILE=C:\Documents and Settings\All Users
APPDATA=C:\Documents and Settings\Anthony\Application Data
CommonProgramFiles=C:\Program Files\Fichiers communs
COMPUTERNAME=VALERIE
ComSpec=C:\WINDOWS\system32\cmd.exe
FP_NO_HOST_CHECK=NO
HOMEDRIVE=C:
HOMEPATH=\Documents and Settings\Anthony
LOGONSERVER=\\VALERIE
NUMBER_OF_PROCESSORS=2
OS=Windows_NT
Path=C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\Program Files\Smart Projects\IsoBuster
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 15 Model 75 Stepping 2, AuthenticAMD
PROCESSOR_LEVEL=15
PROCESSOR_REVISION=4b02
ProgramFiles=C:\Program Files
PROMPT=$P$G
SESSIONNAME=Console
SystemDrive=C:
SystemRoot=C:\WINDOWS
TEMP=C:\DOCUME~1\Anthony\LOCALS~1\Temp
TMP=C:\DOCUME~1\Anthony\LOCALS~1\Temp
tvdumpflags=8
USERDOMAIN=VALERIE
USERNAME=Anthony
USERPROFILE=C:\Documents and Settings\Anthony
windir=C:\WINDOWS
-- User Profiles ---------------------------------------------------------------
Valérie (admin)
Anthony (admin)
Océane (admin)
-- Add/Remove Programs ---------------------------------------------------------
--> rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
ABBYY FineReader 5.0 Sprint Plus --> MsiExec.exe /X{D1696920-9794-4BBC-8A30-7A88763DE5A2}
ABBYY FineReader 6.0 --> MsiExec.exe /I{AF600F7B-67A7-48D9-BA3B-0FF97F35F970}
ABBYY FineReader 6.0 Sprint --> MsiExec.exe /I{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}
ABBYY PDF Transformer 2.0 --> MsiExec.exe /I{FA200000-0001-0000-0000-074957833700}
Ad-Aware SE Personal --> C:\PROGRA~1\Lavasoft\AD-AWA~1\UNWISE.EXE C:\PROGRA~1\Lavasoft\AD-AWA~1\INSTALL.LOG
Adobe Acrobat 5.0 --> C:\WINDOWS\ISUN040C.EXE -f"C:\Program Files\Fichiers communs\Adobe\Acrobat 5.0\NT\Uninst.isu" -c"C:\Program Files\Fichiers communs\Adobe\Acrobat 5.0\NT\Uninst.dll"
Adobe Flash Player ActiveX --> C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player Plugin --> C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Reader 8.1.2 --> MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A81200000003}
Adobe Shockwave Player 11 --> C:\WINDOWS\system32\adobe\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Adobe\SHOCKW~1\Install.log
Archiveur WinRAR --> C:\Program Files\WinRAR\uninstall.exe
ArcSoft PhotoImpression --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6C5D7191-140A-11D6-B5A0-0050DA208A93}\SETUP.EXE" -l0x40c -uninst
Assistant de connexion Windows Live --> MsiExec.exe /I{AFA4E5FD-ED70-4D92-99D0-162FD56DC986}
µTorrent --> "C:\Program Files\uTorrent\uTorrent.exe" /UNINSTALL
Audacity 1.2.6 --> "C:\Program Files\Audacity\unins000.exe"
Avira AntiVir PersonalEdition Classic --> C:\Program Files\Avira\AntiVir PersonalEdition Classic\SETUP.EXE /REMOVE
Call of Duty(R) 4 - Modern Warfare(TM) --> C:\Program Files\InstallShield Installation Information\{E48469CC-635E-4FD5-A122-1497C286D217}\setup.exe -runfromtemp -l0x0409
Call of Duty(R) 4 - Modern Warfare(TM) 1.4 Patch --> C:\Program Files\InstallShield Installation Information\{3BD633E0-4BF8-4499-9149-88F0767D449C}\setup.exe -runfromtemp -l0x0409
Camera RAW Plug-In for EPSON Creativity Suite --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{93EA9C3E-BDFD-4309-A605-9B5BBC0CCEFD}\SETUP.EXE" -l0x40c UNINST
CCleaner (remove only) --> "C:\Program Files\CCleaner\uninst.exe"
Compel Adaptec WinASPI --> "C:\Program Files\WinASPI\unins000.exe"
Cryptext (Remove Only) --> rundll32 setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\system32\ShellExt\Cryptext.inf
D-Link VGA Webcam --> C:\WINDOWS\CleanDev.exe C:\WINDOWS\ov519.TXT
DivX 5.0.2 Pro Bundle --> C:\WINDOWS\unvise32.exe C:\Program Files\DivX\uninstal.log
DivX Content Uploader --> C:\Program Files\DivX\DivXContentUploaderUninstall.exe /CUPLOADER
DivX Web Player --> C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN
DivXG400 --> "C:\WINDOWS\IPUI_DivXG400.exe" /U /D
eMule --> "C:\Program Files\eMule\Uninstall.exe"
EPSON Attach To Email --> C:\Program Files\Fichiers communs\InstallShield\Driver\8\Intel 32\IDriver.exe /M{20C45B32-5AB6-46A4-94EF-58950CAF05E5} /l1033 ADDREMOVEDLG
EPSON Copy Utility 3 --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{67EDD823-135A-4D59-87BD-950616D6E857}\SETUP.EXE" -l0x40c -UnInstall
EPSON Easy Photo Print --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3D78F2A2-C893-4ABD-B5FE-AD7011837755}\SETUP.EXE" -l0x40c UNINST
EPSON File Manager --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2EB81825-E9EE-44F4-8F51-1240C3898DC6}\Setup.exe" -l0x40c UNINST
EPSON Logiciel imprimante --> C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\EPUPDATE.EXE /R
EPSON Scan --> C:\Program Files\epson\escndv\setup\setup.exe /r
EPSON Scan Assistant --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2A88F1BF-7041-4E42-84B1-6B4ACB83AC64}\Setup.exe" -l0x40c -u
EPSON Stylus CX7300_CX8300_DX7400_DX8400 Manuel --> C:\Program Files\EPSON\TPMANUAL\ES_CX_DX\FRA\USE_G\DOCUNINS.EXE
EPSON Web-To-Page --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7F14F68C-17FA-4F88-B3FD-7F449C1EBF32}\SETUP.EXE" -l0x40c -anything
Free Download Manager 2.5 --> "C:\Program Files\Free Download Manager\unins000.exe"
Galerie de photos Windows Live --> MsiExec.exe /X{A70FA218-6598-4AC9-813D-63597C5DD068}
Google Earth --> MsiExec.exe /I{1E04F83B-2AB9-4301-9EF7-E86307F79C72}
Google Toolbar for Internet Explorer --> MsiExec.exe /I{DBEA1034-5882-4A88-8033-81C4EF0CFA29}
Google Toolbar for Internet Explorer --> regsvr32 /u /s "c:\program files\google\googletoolbar1.dll"
Google Updater --> "C:\Program Files\Google\Google Updater\GoogleUpdater.exe" -uninstall
HijackThis 2.0.2 --> "C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
IsoBuster 2.3 --> "C:\Program Files\Smart Projects\IsoBuster\Uninst\unins000.exe"
Java(TM) 6 Update 3 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160030}
JkDefrag 3.26 Fr --> "C:\Program Files\JkDefrag\unins000.exe"
K-Lite Codec Pack 2.81 Full --> "C:\Program Files\K-Lite Codec Pack\unins000.exe"
Kaspersky Online Scanner --> C:\WINDOWS\system32\KASPER~1\KASPER~1\kavuninstall.exe
Language pack for Ad-Aware SE --> C:\PROGRA~1\Lavasoft\AD-AWA~1\Plugins\Langs\UNWISE.EXE C:\PROGRA~1\Lavasoft\AD-AWA~1\Plugins\Langs\INSTALL.LOG
Les Sims 2 --> C:\Program Files\EA GAMES\Les Sims 2\EAUninstall.exe
Les Sims 2 : Nuits de Folie --> C:\Program Files\EA GAMES\Les Sims 2 Nuits de Folie\EAUninstall.exe
Les Sims 2 Académie --> C:\Program Files\EA GAMES\Les Sims 2 Académie\EAUninstall.exe
Les Sims 2 : La bonne affaire --> C:\Program Files\EA GAMES\Les Sims 2 La bonne affaire\EAUninstall.exe
Les Sims™ 2 Animaux & Cie --> C:\Program Files\EA GAMES\Les Sims 2 Animaux & Cie\EAUninstall.exe
Les Sims™ 2 Au fil des saisons --> C:\Program Files\EA GAMES\Les Sims 2 Au fil des saisons\EAUninstall.exe
Les Sims™ 2 Bon Voyage --> C:\Program Files\EA GAMES\Les Sims 2 Bon Voyage\EAUninstall.exe
LogProtect version 1.1.3 --> "C:\Documents and Settings\Valérie\Mes documents\LogProtect\unins000.exe"
Messenger Plus! Live --> "C:\Program Files\Messenger Plus! Live\Uninstall.exe"
Microsoft Compression Client Pack 1.0 for Windows XP --> "C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft SQL Server 2005 Compact Edition [ENU] --> MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
Microsoft User-Mode Driver Framework Feature Pack 1.0 --> "C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB911164) -->
Mozilla Firefox (2.0.0.13) --> C:\Program Files\Mozilla Firefox\uninstall\helper.exe
Neuf - Kit de connexion --> C:\Program Files\Neuf\Kit\uninstall.exe
Norton Security Scan --> MsiExec.exe /I{1A8A214F-6BAC-4E01-A27D-25C19A484908}
NVIDIA Drivers --> C:\WINDOWS\system32\nvuninst.exe UninstallGUI
Oblivion --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{35CB6715-41F8-4F99-8881-6FC75BF054B0}\setup.exe" -l0x40c -removeonly
OpenOffice.org 2.4 --> MsiExec.exe /I{2BB8FBB4-CFF9-434E-AA0A-40F5379C1602}
Pack Vista Inspirat 2 1.0 --> C:\WINDOWS\BricoPacks\Vista Inspirat 2\Remove.exe
Package de pilotes Windows - Advanced Micro Devices (AmdK8) Processor (05/27/2006 1.3.2.0) --> C:\PROGRA~1\DIFX\7B44739871F4D539FA473F57A832EA4B6A59EF06\DPInst.exe /d /u C:\WINDOWS\system32\DRVSTORE\amdk8_1F9DE4E49C97F59EE9F75C34E0E91E568FC9EEB2\amdk8.inf
PhotoFiltre --> "C:\Program Files\PhotoFiltre\Uninst.exe"
Real Alternative 1.60 Lite --> "C:\Program Files\Real Alternative\unins000.exe"
Realtek High Definition Audio Driver --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\Setup.exe" -l0x40c -removeonly
ScanToWeb --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EBAE381B-60A6-4863-AA9F-FCAB755BC9E5}\setup.exe" ADDREMOVEDLG
Spybot - Search & Destroy --> "C:\Program Files\Spybot - Search & Destroy\unins000.exe"
System Requirements Lab --> C:\Program Files\SystemRequirementsLab\Uninstall.exe
TH Calculator --> C:\Program Files\TH Calculator\Uninstal.exe
TrackMania Nations ESWC 1.7.9 --> "C:\Program Files\TrackMania Nations ESWC\unins000.exe"
Tux Paint 0.9.19 --> "C:\Program Files\TuxPaint\unins000.exe"
Ultimate Spider-Man (TM) --> C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{CC35B08B-4EC1-4759-B159-0EC4E69C3E7C}
VeohTV BETA --> C:\Program Files\InstallShield Installation Information\{97A96172-A963-4A37-9FFB-DA6805BB915A}\setup.exe -runfromtemp -l0x0409
VideoLAN VLC media player 0.8.6f --> C:\Program Files\VideoLAN\VLC\uninstall.exe
Vista --> "C:\WINDOWS\uninstall Vista.exe"
Waver Version 2.95 --> "C:\Program Files\Flop\Waver\unins000.exe"
Windows Imaging Component --> "C:\WINDOWS\$NtUninstallWIC$\spuninst\spuninst.exe"
Windows Live installer --> MsiExec.exe /X{FD44E544-E7D0-4DBA-9FA0-8AE1A1300390}
Windows Live Mail --> MsiExec.exe /I{C514C594-23AA-4F13-A070-DB8BDB27594F}
Windows Live Messenger --> MsiExec.exe /X{BADF6744-3787-48F6-B8C9-4C4995401D65}
Windows Media Format 11 runtime --> "C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
World of Warcraft --> C:\Program Files\Fichiers communs\Blizzard Entertainment\World of Warcraft\Uninstall.exe
ZoneAlarm --> C:\Program Files\Zone Labs\ZoneAlarm\zauninst.exe
-- Application Event Log -------------------------------------------------------
Event Record #/Type5027 / Success
Event Submitted/Written: 04/16/2008 10:29:42 AM
Event ID/Source: 12001 / usnjsvc
Event Description:
The Messenger Sharing USN Journal Reader service started successfully.
Event Record #/Type5003 / Error
Event Submitted/Written: 04/15/2008 05:58:47 PM
Event ID/Source: 1000 / Application Error
Event Description:
Application défaillante neodivxsuite.exe, version 0.0.0.0, module défaillant ghctmvds.ols, version 4.0.0.0, adresse de défaillance 0x00193149.
Traitement de l'événement propre au support pour [neodivxsuite.exe!ws!]
Event Record #/Type4946 / Success
Event Submitted/Written: 04/15/2008 10:07:11 AM
Event ID/Source: 12001 / usnjsvc
Event Description:
The Messenger Sharing USN Journal Reader service started successfully.
Event Record #/Type4918 / Success
Event Submitted/Written: 04/14/2008 10:02:43 AM
Event ID/Source: 12001 / usnjsvc
Event Description:
The Messenger Sharing USN Journal Reader service started successfully.
Event Record #/Type4870 / Success
Event Submitted/Written: 04/13/2008 09:33:58 AM
Event ID/Source: 12001 / usnjsvc
Event Description:
The Messenger Sharing USN Journal Reader service started successfully.
-- Security Event Log ----------------------------------------------------------
No Errors/Warnings found.
-- System Event Log ------------------------------------------------------------
Event Record #/Type10983 / Warning
Event Submitted/Written: 04/16/2008 11:37:02 AM
Event ID/Source: 1007 / Dhcp
Event Description:
Votre ordinateur a automatiquement configuré l'adresse IP pour la
carte avec l'adresse réseau 0016178F0DF8. L'adresse IP utilisée est 169.254.231.235.
Event Record #/Type10982 / Warning
Event Submitted/Written: 04/16/2008 11:36:57 AM
Event ID/Source: 1003 / Dhcp
Event Description:
Votre ordinateur n'a pas pu renouveler son adresse à partir du réseau (à partir
du serveur DHCP) pour la carte réseau dont l'adresse réseau est 0016178F0DF8. Il s'est
produit l'erreur suivante :
%%121.
Votre ordinateur va continuer à essayer d'obtenir sa propre adresse auprès du
serveur d'adresse réseau (DHCP).
Event Record #/Type10981 / Warning
Event Submitted/Written: 04/16/2008 11:36:29 AM
Event ID/Source: 1003 / Dhcp
Event Description:
Votre ordinateur n'a pas pu renouveler son adresse à partir du réseau (à partir
du serveur DHCP) pour la carte réseau dont l'adresse réseau est 0016178F0DF8. Il s'est
produit l'erreur suivante :
%%1223.
Votre ordinateur va continuer à essayer d'obtenir sa propre adresse auprès du
serveur d'adresse réseau (DHCP).
Event Record #/Type10913 / Error
Event Submitted/Written: 04/16/2008 11:09:16 AM
Event ID/Source: 10005 / DCOM
Event Description:
DCOM a reçu l'erreur "%%1084" lors de la mise en route du service EventSystem avec les arguments ""
pour démarrer le serveur :
{1BE1F766-5536-11D1-B726-00C04FB926AF}
Event Record #/Type10912 / Error
Event Submitted/Written: 04/16/2008 11:04:31 AM
Event ID/Source: 7026 / Service Control Manager
Event Description:
Le pilote de démarrage système ou d'amorçage suivant n'a pas pu se charger :
AFD
AmdK8
avgio
avipbb
Fips
IPSec
KLIF
MRxSmb
NetBIOS
NetBT
RasAcd
Rdbss
ssmdrv
Tcpip
Tcpip6
vsdatant
-- End of Deckard's System Scanner: finished at 2008-04-16 12:40:55 ------------
Re,
J'ai trouvé quelque chose![:)]( ":)")
Mais je vais vérifier quelques trucs avant ![:)]( ":)")
1) Télécharge SystemScan de la team SuspectFile
double-clique dessus (Ignore les alertes de ton antivirus s'il y en a.)
Clique sur Unselect all
Coche uniquement cette case
-Recent Files, days old 60 days
Puis clique sur scan now, soit patient.
Une fois qu'il aura terminé, un rapport va s'ouvrir. Poste-le en entier.
2) Télécharge Gmer.
Dézippe le dans un dossier ou sur ton bureau.
Déconnecte toi d'Internet puis et ferme tous les programmes.
Double-clique sur Gmer.exe.
IMPORTANT: Si une alerte de ton antivirus apparaît pour le fichier gmer.sys ou gmer.exe, laisse le s'executer.
Clique sur l'onglet rootkit.
A droite, coche Files et Services.
Clique maintenant sur Scan.
Lorsque le scan est terminé, clique sur Copy.
Ouvre le Bloc-notes puis clique sur le Menu Edition / Coller.
Le rapport doit alors apparaître.
Enregistre le fichier sur ton bureau et copie/colle le contenu ici.
![;)]( ";)")
J'ai trouvé quelque chose
Mais je vais vérifier quelques trucs avant 1) Télécharge SystemScan de la team SuspectFile
-Recent Files, days old 60 days
2) Télécharge Gmer.
Dézippe le dans un dossier ou sur ton bureau.
Déconnecte toi d'Internet puis et ferme tous les programmes.
Double-clique sur Gmer.exe.
IMPORTANT: Si une alerte de ton antivirus apparaît pour le fichier gmer.sys ou gmer.exe, laisse le s'executer.
Clique sur l'onglet rootkit.
A droite, coche Files et Services.
Clique maintenant sur Scan.
Lorsque le scan est terminé, clique sur Copy.
Ouvre le Bloc-notes puis clique sur le Menu Edition / Coller.
Le rapport doit alors apparaître.
Enregistre le fichier sur ton bureau et copie/colle le contenu ici.
re
rapport systemscan
SystemScan - www.suspectfile.com - ver. 3.5.5 (code: holifay & bReAkdOWn)
Running on: Windows XP HOME Edition, Service Pack 2 (2600.5.1)
System directory: C:\WINDOWS
SystemScan file: C:\Downloads\Software\sys92171.exe
Running in: User mode
Date: 16/04/2008
Time: 14:15:42
Output limited to:
-Recent files
===================== RECENT FILES =====================
Showing files newer than 60 days
----- recent files in C:\
18/02/2008 20:52:20 (DIR) 0 byte 58 days old -- EPSON
20/02/2008 21:04:32 6476 byte 56 days old -- MP4debug.log
24/02/2008 03:11:36 244 byte 52 days old -- sqmnoopt10.sqm
24/02/2008 03:11:36 268 byte 52 days old -- sqmdata10.sqm
02/03/2008 18:11:14 (DIR) 0 byte 45 days old -- .mtvconvertertmp
02/03/2008 19:04:59 244 byte 45 days old -- sqmnoopt11.sqm
02/03/2008 19:04:59 268 byte 45 days old -- sqmdata11.sqm
02/03/2008 19:05:00 172 byte 45 days old -- sqmnoopt12.sqm
02/03/2008 19:05:00 172 byte 45 days old -- sqmdata12.sqm
03/03/2008 19:24:20 418 byte 44 days old -- InstallHelper.log
20/03/2008 16:37:23 (DIR) 0 byte 27 days old -- C_DILLA
04/04/2008 11:59:51 268 byte 12 days old -- sqmdata13.sqm
04/04/2008 11:59:51 244 byte 12 days old -- sqmnoopt13.sqm
04/04/2008 12:00:07 172 byte 12 days old -- sqmnoopt14.sqm
04/04/2008 12:00:07 172 byte 12 days old -- sqmdata14.sqm
04/04/2008 12:00:09 172 byte 12 days old -- sqmnoopt15.sqm
04/04/2008 12:00:09 172 byte 12 days old -- sqmdata15.sqm
04/04/2008 12:00:11 172 byte 12 days old -- sqmdata16.sqm
04/04/2008 12:00:11 172 byte 12 days old -- sqmnoopt16.sqm
04/04/2008 12:00:12 172 byte 12 days old -- sqmdata17.sqm
04/04/2008 12:00:12 172 byte 12 days old -- sqmnoopt17.sqm
04/04/2008 12:00:14 172 byte 12 days old -- sqmnoopt18.sqm
04/04/2008 12:00:14 172 byte 12 days old -- sqmdata18.sqm
04/04/2008 12:00:16 172 byte 12 days old -- sqmdata19.sqm
04/04/2008 12:00:16 172 byte 12 days old -- sqmnoopt19.sqm
04/04/2008 12:00:22 172 byte 12 days old -- sqmnoopt00.sqm
04/04/2008 12:00:22 172 byte 12 days old -- sqmdata00.sqm
04/04/2008 12:00:23 172 byte 12 days old -- sqmnoopt02.sqm
04/04/2008 12:00:23 172 byte 12 days old -- sqmnoopt01.sqm
04/04/2008 12:00:23 172 byte 12 days old -- sqmdata02.sqm
04/04/2008 12:00:23 172 byte 12 days old -- sqmdata01.sqm
04/04/2008 12:00:26 172 byte 12 days old -- sqmdata03.sqm
04/04/2008 12:00:26 172 byte 12 days old -- sqmnoopt03.sqm
04/04/2008 12:00:27 172 byte 12 days old -- sqmdata04.sqm
04/04/2008 12:00:27 172 byte 12 days old -- sqmnoopt04.sqm
14/04/2008 00:08:41 244 byte 2 days old -- sqmnoopt05.sqm
14/04/2008 00:08:42 232 byte 2 days old -- sqmdata05.sqm
15/04/2008 15:35:24 26 byte 1 days old -- usm.txt
16/04/2008 00:17:17 (DIR) 0 byte 0 days old -- Downloads
16/04/2008 02:12:09 (DIR) 0 byte 0 days old -- Program Files
16/04/2008 02:17:10 (DIR) 0 byte 0 days old -- Config.Msi
16/04/2008 11:03:46 239 byte 0 days old -- boot.ini
16/04/2008 11:42:19 (DIR)1610612736 byte 0 days old -- pagefile.sys
16/04/2008 12:38:51 (DIR) 0 byte 0 days old -- Deckard
16/04/2008 12:39:38 (DIR) 0 byte 0 days old -- WINDOWS
----- recent files in C:\WINDOWS\
21/02/2008 11:01:21 (DIR) 0 byte 55 days old -- Registration
23/02/2008 19:55:46 25 byte 53 days old -- CDE DX8400DEFGIPS.ini
23/02/2008 19:55:57 (DIR) 0 byte 53 days old -- twain_32
02/03/2008 14:03:02 (DIR) 0 byte 45 days old -- eHome
03/03/2008 19:23:10 (DIR) 0 byte 44 days old -- Downloaded Installations
13/03/2008 23:11:10 75248 byte 34 days old -- zllsputility.exe
09/04/2008 09:07:58 (DIR) 0 byte 7 days old -- ie7updates
09/04/2008 09:08:19 (DIR) 0 byte 7 days old -- $hf_mig$
11/04/2008 20:12:48 (DIR) 0 byte 5 days old -- Debug
14/04/2008 15:43:58 23 byte 2 days old -- BlendSettings.ini
15/04/2008 15:35:09 259 byte 1 days old -- game.ini
15/04/2008 17:58:31 (DIR) 0 byte 1 days old -- system
15/04/2008 18:02:35 209636 byte 1 days old -- IPUI_DivXG400.exe
15/04/2008 20:44:33 (DIR) 0 byte 1 days old -- RegisteredPackages
15/04/2008 22:24:43 (DIR) 0 byte 1 days old -- Fonts
15/04/2008 22:25:51 (DIR) 0 byte 1 days old -- assembly
15/04/2008 22:34:32 (DIR) 0 byte 1 days old -- Tasks
15/04/2008 22:34:38 (DIR) 0 byte 1 days old -- Installer
15/04/2008 23:08:59 (DIR) 0 byte 1 days old -- inf
16/04/2008 11:03:46 227 byte 0 days old -- system.ini
16/04/2008 11:03:46 746 byte 0 days old -- win.ini
16/04/2008 11:03:46 (DIR) 0 byte 0 days old -- pss
16/04/2008 11:07:09 (DIR) 0 byte 0 days old -- system32
16/04/2008 11:09:19 (DIR) 0 byte 0 days old -- security
16/04/2008 11:10:32 0 byte 0 days old -- Sti_Trace.log
16/04/2008 11:38:46 1130 byte 0 days old -- SchedLgU.Txt
16/04/2008 11:42:23 2048 byte 0 days old -- bootstat.dat
16/04/2008 11:42:31 0 byte 0 days old -- 0.log
16/04/2008 11:42:42 50 byte 0 days old -- wiaservc.log
16/04/2008 11:42:42 26213 byte 0 days old -- WindowsUpdate.log
16/04/2008 11:42:42 159 byte 0 days old -- wiadebug.log
16/04/2008 11:44:38 20361 byte 0 days old -- setupapi.log
16/04/2008 12:39:38 (DIR) 0 byte 0 days old -- ERDNT
16/04/2008 12:40:09 (DIR) 0 byte 0 days old -- Downloaded Program Files
16/04/2008 13:43:06 (DIR) 0 byte 0 days old -- Temp
16/04/2008 14:07:24 (DIR) 0 byte 0 days old -- Internet Logs
16/04/2008 14:15:20 (DIR) 0 byte 0 days old -- Prefetch
----- recent files in C:\WINDOWS\Downloaded Program Files\
----- recent files in C:\WINDOWS\system\
----- recent files in C:\WINDOWS\system32\
19/02/2008 13:46:39 (DIR) 0 byte 57 days old -- ReinstallBackups
20/02/2008 07:35:05 45568 byte 56 days old -- dnsrslvr.dll
20/02/2008 07:35:05 148992 byte 56 days old -- dnsapi.dll
20/02/2008 08:51:00 282624 byte 56 days old -- gdi32.dll
20/02/2008 13:31:18 49152 byte 56 days old -- inetwh32.dll
20/02/2008 13:31:18 1044480 byte 56 days old -- roboex32.dll
20/02/2008 21:24:31 (DIR) 0 byte 56 days old -- URTTEMP
21/02/2008 17:19:44 5248 byte 55 days old -- giveio.sys
22/02/2008 12:00:51 13824 byte 54 days old -- ieudinit.exe
27/02/2008 21:23:22 (DIR) 0 byte 49 days old -- DirectX
29/02/2008 10:56:41 70656 byte 47 days old -- ie4uinit.exe
01/03/2008 14:58:06 153088 byte 46 days old -- ieakeng.dll
01/03/2008 14:58:06 230400 byte 46 days old -- ieaksie.dll
01/03/2008 14:58:06 124928 byte 46 days old -- advpack.dll
01/03/2008 14:58:06 63488 byte 46 days old -- icardie.dll
01/03/2008 14:58:06 133120 byte 46 days old -- extmgr.dll
01/03/2008 14:58:06 347136 byte 46 days old -- dxtmsft.dll
01/03/2008 14:58:06 214528 byte 46 days old -- dxtrans.dll
01/03/2008 14:58:07 384512 byte 46 days old -- iedkcs32.dll
01/03/2008 14:58:07 383488 byte 46 days old -- ieapfltr.dll
01/03/2008 14:58:08 44544 byte 46 days old -- iernonce.dll
01/03/2008 14:58:08 27648 byte 46 days old -- jsproxy.dll
01/03/2008 14:58:08 1831424 byte 46 days old -- inetcpl.cpl
01/03/2008 14:58:08 459264 byte 46 days old -- msfeeds.dll
01/03/2008 14:58:08 52224 byte 46 days old -- msfeedsbs.dll
01/03/2008 14:58:08 267776 byte 46 days old -- iertutil.dll
01/03/2008 14:58:08 6066176 byte 46 days old -- ieframe.dll
01/03/2008 14:58:09 478208 byte 46 days old -- mshtmled.dll
01/03/2008 14:58:10 102912 byte 46 days old -- occache.dll
01/03/2008 14:58:10 671232 byte 46 days old -- mstime.dll
01/03/2008 14:58:10 193024 byte 46 days old -- msrating.dll
01/03/2008 14:58:10 105984 byte 46 days old -- url.dll
01/03/2008 14:58:10 1159680 byte 46 days old -- urlmon.dll
01/03/2008 14:58:10 44544 byte 46 days old -- pngfilt.dll
01/03/2008 14:58:11 826368 byte 46 days old -- wininet.dll
01/03/2008 14:58:11 233472 byte 46 days old -- webcheck.dll
01/03/2008 18:28:10 3591680 byte 46 days old -- mshtml.dll
13/03/2008 23:10:52 103912 byte 34 days old -- vsmonapi.dll
13/03/2008 23:10:52 161256 byte 34 days old -- vsinit.dll
13/03/2008 23:10:52 83432 byte 34 days old -- vsdata.dll
13/03/2008 23:10:54 275944 byte 34 days old -- vspubapi.dll
13/03/2008 23:10:54 71144 byte 34 days old -- vsregexp.dll
13/03/2008 23:10:54 472552 byte 34 days old -- vsutil.dll
13/03/2008 23:10:56 83432 byte 34 days old -- zlcomm.dll
13/03/2008 23:10:56 99816 byte 34 days old -- vsxml.dll
13/03/2008 23:10:56 46568 byte 34 days old -- vswmi.dll
13/03/2008 23:10:56 71144 byte 34 days old -- zlcommdb.dll
13/03/2008 23:11:02 1086952 byte 34 days old -- zpeng24.dll
13/03/2008 23:11:18 394952 byte 34 days old -- vsdatant.sys
15/03/2008 19:35:46 (DIR) 0 byte 32 days old -- Kaspersky Lab
20/03/2008 10:09:22 1845376 byte 27 days old -- win32k.sys
22/03/2008 11:43:29 664 byte 25 days old -- d3d9caps.dat
30/03/2008 10:44:59 405888 byte 17 days old -- perfh009.dat
30/03/2008 10:44:59 473864 byte 17 days old -- perfh00C.dat
30/03/2008 10:44:59 63470 byte 17 days old -- perfc009.dat
30/03/2008 10:44:59 77468 byte 17 days old -- perfc00C.dat
30/03/2008 10:44:59 1033152 byte 17 days old -- PerfStringBackup.INI
06/04/2008 07:56:20 19836024 byte 10 days old -- MRT.exe
14/04/2008 09:57:44 2422 byte 2 days old -- wpa.dbl
14/04/2008 19:32:17 (DIR) 0 byte 2 days old -- ShellExt
15/04/2008 18:02:32 53248 byte 1 days old -- DivXAF.ax
15/04/2008 18:02:35 21810 byte 1 days old -- divxg400.htm
15/04/2008 18:02:35 184320 byte 1 days old -- DivXG400.ax
15/04/2008 20:44:40 (DIR) 0 byte 1 days old -- dllcache
15/04/2008 22:27:03 (DIR) 0 byte 1 days old -- Adobe
15/04/2008 22:29:39 4212 byte 1 days old -- zllictbl.dat
15/04/2008 22:30:42 (DIR) 0 byte 1 days old -- CatRoot
16/04/2008 02:17:10 (DIR) 0 byte 0 days old -- ZoneLabs
16/04/2008 02:17:14 125320 byte 0 days old -- FNTCACHE.DAT
16/04/2008 02:17:16 (DIR) 0 byte 0 days old -- drivers
16/04/2008 11:10:31 (DIR) 0 byte 0 days old -- LogFiles
16/04/2008 11:44:35 (DIR) 0 byte 0 days old -- CatRoot2
16/04/2008 12:41:15 352921 byte 0 days old -- vsconfig.xml
----- recent files in C:\WINDOWS\system32\drivers\
21/02/2008 01:52:53 (DIR) 0 byte 55 days old -- UMDF
20/03/2008 16:37:22 8864 byte 27 days old -- CDAC15BA.SYS
13/04/2008 09:05:39 717296 byte 3 days old -- sptd.sys
15/04/2008 00:58:14 (DIR) 0 byte 1 days old -- etc
16/04/2008 11:38:48 2252 byte 0 days old -- fidbox.idx
16/04/2008 14:15:18 223264 byte 0 days old -- fidbox.dat
----- recent files in C:\WINDOWS\temp\
16/04/2008 12:40:27 108 byte 0 days old -- teredo.txt
16/04/2008 12:41:10 256 byte 0 days old -- ZLT03cb7.TMP
16/04/2008 12:41:11 256 byte 0 days old -- ZLT03cba.TMP
----- recent files in C:\Program Files\
17/02/2008 23:46:32 (DIR) 0 byte 59 days old -- PhotoFiltre
18/02/2008 15:52:57 (DIR) 0 byte 58 days old -- Bethesda Softworks
20/02/2008 20:57:41 (DIR) 0 byte 56 days old -- Real Alternative
20/02/2008 21:04:41 (DIR) 0 byte 56 days old -- WinAVI MP4 Converter
21/02/2008 17:29:30 (DIR) 0 byte 55 days old -- SSC Service Utility
23/02/2008 20:02:03 (DIR) 0 byte 53 days old -- ABBYY FineReader 6.0 Sprint
23/02/2008 20:02:51 (DIR) 0 byte 53 days old -- EPSON
27/02/2008 21:23:15 (DIR) 0 byte 49 days old -- Windows Live
01/03/2008 16:42:46 (DIR) 0 byte 46 days old -- ABBYY PDF Transformer 2.0
02/03/2008 13:58:01 (DIR) 0 byte 45 days old -- Trend Micro
03/03/2008 19:23:58 (DIR) 0 byte 44 days old -- eBay
05/03/2008 13:48:04 (DIR) 0 byte 42 days old -- World of Warcraft
15/03/2008 17:00:41 (DIR) 0 byte 32 days old -- MP3Gain
29/03/2008 16:39:54 (DIR) 0 byte 18 days old -- Messenger Plus! Live
30/03/2008 16:55:56 (DIR) 0 byte 17 days old -- BatchDPG
30/03/2008 17:48:02 (DIR) 0 byte 17 days old -- BDGest Evolution
03/04/2008 22:32:05 (DIR) 0 byte 13 days old -- TuxPaint
09/04/2008 09:08:05 (DIR) 0 byte 7 days old -- Internet Explorer
14/04/2008 00:30:45 (DIR) 0 byte 2 days old -- DAEMON Tools Lite
15/04/2008 12:15:41 (DIR) 0 byte 1 days old -- Free Download Manager
15/04/2008 15:35:22 (DIR) 0 byte 1 days old -- InstallShield Installation Information
15/04/2008 17:58:31 (DIR) 0 byte 1 days old -- WinASPI
15/04/2008 17:59:22 (DIR) 0 byte 1 days old -- AviSynth 2.5
15/04/2008 17:59:32 (DIR) 0 byte 1 days old -- K-Lite Codec Pack
15/04/2008 18:02:23 (DIR) 0 byte 1 days old -- DivX
15/04/2008 18:16:10 (DIR) 0 byte 1 days old -- Morgan
15/04/2008 18:16:27 (DIR) 0 byte 1 days old -- Rippackv3
15/04/2008 20:44:35 (DIR) 0 byte 1 days old -- Movie Maker
15/04/2008 20:53:28 (DIR) 0 byte 1 days old -- Adobe
15/04/2008 20:54:54 (DIR) 0 byte 1 days old -- Google
15/04/2008 22:24:05 (DIR) 0 byte 1 days old -- OpenOffice.org 2.3
15/04/2008 22:24:45 (DIR) 0 byte 1 days old -- OpenOffice.org 2.4
15/04/2008 22:33:28 (DIR) 0 byte 1 days old -- Fichiers communs
15/04/2008 22:34:35 (DIR) 0 byte 1 days old -- Norton Security Scan
16/04/2008 00:17:31 (DIR) 0 byte 0 days old -- Free Hide Folder
16/04/2008 12:29:26 (DIR) 0 byte 0 days old -- eMule
16/04/2008 13:33:13 (DIR) 0 byte 0 days old -- Mozilla Firefox
16/04/2008 14:06:14 (DIR) 0 byte 0 days old -- TrackMania Nations ESWC
----- recent files in C:\Program Files\Fichiers communs\
23/02/2008 20:06:02 (DIR) 0 byte 53 days old -- InstallShield
02/03/2008 14:02:42 (DIR) 0 byte 45 days old -- Microsoft Shared
15/04/2008 20:53:53 (DIR) 0 byte 1 days old -- Adobe
16/04/2008 10:18:26 (DIR) 0 byte 0 days old -- Symantec Shared
----- recent files in C:\Documents and Settings\Anthony\Application Data\
20/02/2008 20:57:37 (DIR) 0 byte 56 days old -- Real
20/02/2008 22:27:57 (DIR) 0 byte 56 days old -- Media Player Classic
21/02/2008 16:31:40 (DIR) 0 byte 55 days old -- Help
23/02/2008 19:58:55 (DIR) 0 byte 53 days old -- InstallShield
01/03/2008 16:16:35 (DIR) 0 byte 46 days old -- Microsoft
30/03/2008 11:13:12 (DIR) 0 byte 17 days old -- OpenOffice.org2
14/04/2008 00:31:37 (DIR) 0 byte 2 days old -- dvdcss
16/04/2008 14:01:52 (DIR) 0 byte 0 days old -- uTorrent
16/04/2008 14:14:58 (DIR) 0 byte 0 days old -- Free Download Manager
----- recent files in C:\DOCUME~1\Anthony\LOCALS~1\Temp\
16/04/2008 14:07:23 (DIR) 0 byte 0 days old -- plugtmp
16/04/2008 14:11:24 14937710 byte 0 days old -- flaBC.tmp
16/04/2008 14:15:10 34 byte 0 days old -- systemscan.ini
16/04/2008 14:15:11 16384 byte 0 days old -- ~DFB0C7.tmp
16/04/2008 14:15:11 (DIR) 0 byte 0 days old -- nsgC0.tmp
==========================================
Scan completed in 0,1 minutes
End of report
~~~~~~~~~~~~~~~~~~~~~-----CREDITS-----~~~~~~~~~~~~~~~~~~~~~
SystemScan uses some freeware tools that remain property of their authors:
* SteelWerX Registry Console Tool, Who Am I (Bobby Flekman: www.xs4all.nl/~fstaal01) --> "Registry scan", "PC accounts "
* dumphive (Markus Stephany)--> "Registry scan"
* Listdlls (M.Russinovich, B.Cogswell: www.sysinternals.com) --> "Loaded modules"
* Catchme & MBR Rootkit detector (gmer: www.gmer.net) --> "Hidden objects", "Alternate Data Streams" & "Master Boot Record"
---> NOTE: SystemScan integrates "The Avenger" from Swandog46 (http://swandog46.geekstogo.com) to allow you to remove malwares found in this log
Thanks to all of them for their hard work
rapport gmer:
GMER 1.0.14.14205 - http://www.gmer.net
Rootkit scan 2008-04-16 14:24:33
Windows 5.1.2600 Service Pack 2
---- Files - GMER 1.0.14 ----
File C:\Documents and Settings\Anthony\Local Settings\Temp\flaC8.tmp 14799664 bytes
---- EOF - GMER 1.0.14 ----
rapport systemscan
SystemScan - www.suspectfile.com - ver. 3.5.5 (code: holifay & bReAkdOWn)
Running on: Windows XP HOME Edition, Service Pack 2 (2600.5.1)
System directory: C:\WINDOWS
SystemScan file: C:\Downloads\Software\sys92171.exe
Running in: User mode
Date: 16/04/2008
Time: 14:15:42
Output limited to:
-Recent files
===================== RECENT FILES =====================
Showing files newer than 60 days
----- recent files in C:\
18/02/2008 20:52:20 (DIR) 0 byte 58 days old -- EPSON
20/02/2008 21:04:32 6476 byte 56 days old -- MP4debug.log
24/02/2008 03:11:36 244 byte 52 days old -- sqmnoopt10.sqm
24/02/2008 03:11:36 268 byte 52 days old -- sqmdata10.sqm
02/03/2008 18:11:14 (DIR) 0 byte 45 days old -- .mtvconvertertmp
02/03/2008 19:04:59 244 byte 45 days old -- sqmnoopt11.sqm
02/03/2008 19:04:59 268 byte 45 days old -- sqmdata11.sqm
02/03/2008 19:05:00 172 byte 45 days old -- sqmnoopt12.sqm
02/03/2008 19:05:00 172 byte 45 days old -- sqmdata12.sqm
03/03/2008 19:24:20 418 byte 44 days old -- InstallHelper.log
20/03/2008 16:37:23 (DIR) 0 byte 27 days old -- C_DILLA
04/04/2008 11:59:51 268 byte 12 days old -- sqmdata13.sqm
04/04/2008 11:59:51 244 byte 12 days old -- sqmnoopt13.sqm
04/04/2008 12:00:07 172 byte 12 days old -- sqmnoopt14.sqm
04/04/2008 12:00:07 172 byte 12 days old -- sqmdata14.sqm
04/04/2008 12:00:09 172 byte 12 days old -- sqmnoopt15.sqm
04/04/2008 12:00:09 172 byte 12 days old -- sqmdata15.sqm
04/04/2008 12:00:11 172 byte 12 days old -- sqmdata16.sqm
04/04/2008 12:00:11 172 byte 12 days old -- sqmnoopt16.sqm
04/04/2008 12:00:12 172 byte 12 days old -- sqmdata17.sqm
04/04/2008 12:00:12 172 byte 12 days old -- sqmnoopt17.sqm
04/04/2008 12:00:14 172 byte 12 days old -- sqmnoopt18.sqm
04/04/2008 12:00:14 172 byte 12 days old -- sqmdata18.sqm
04/04/2008 12:00:16 172 byte 12 days old -- sqmdata19.sqm
04/04/2008 12:00:16 172 byte 12 days old -- sqmnoopt19.sqm
04/04/2008 12:00:22 172 byte 12 days old -- sqmnoopt00.sqm
04/04/2008 12:00:22 172 byte 12 days old -- sqmdata00.sqm
04/04/2008 12:00:23 172 byte 12 days old -- sqmnoopt02.sqm
04/04/2008 12:00:23 172 byte 12 days old -- sqmnoopt01.sqm
04/04/2008 12:00:23 172 byte 12 days old -- sqmdata02.sqm
04/04/2008 12:00:23 172 byte 12 days old -- sqmdata01.sqm
04/04/2008 12:00:26 172 byte 12 days old -- sqmdata03.sqm
04/04/2008 12:00:26 172 byte 12 days old -- sqmnoopt03.sqm
04/04/2008 12:00:27 172 byte 12 days old -- sqmdata04.sqm
04/04/2008 12:00:27 172 byte 12 days old -- sqmnoopt04.sqm
14/04/2008 00:08:41 244 byte 2 days old -- sqmnoopt05.sqm
14/04/2008 00:08:42 232 byte 2 days old -- sqmdata05.sqm
15/04/2008 15:35:24 26 byte 1 days old -- usm.txt
16/04/2008 00:17:17 (DIR) 0 byte 0 days old -- Downloads
16/04/2008 02:12:09 (DIR) 0 byte 0 days old -- Program Files
16/04/2008 02:17:10 (DIR) 0 byte 0 days old -- Config.Msi
16/04/2008 11:03:46 239 byte 0 days old -- boot.ini
16/04/2008 11:42:19 (DIR)1610612736 byte 0 days old -- pagefile.sys
16/04/2008 12:38:51 (DIR) 0 byte 0 days old -- Deckard
16/04/2008 12:39:38 (DIR) 0 byte 0 days old -- WINDOWS
----- recent files in C:\WINDOWS\
21/02/2008 11:01:21 (DIR) 0 byte 55 days old -- Registration
23/02/2008 19:55:46 25 byte 53 days old -- CDE DX8400DEFGIPS.ini
23/02/2008 19:55:57 (DIR) 0 byte 53 days old -- twain_32
02/03/2008 14:03:02 (DIR) 0 byte 45 days old -- eHome
03/03/2008 19:23:10 (DIR) 0 byte 44 days old -- Downloaded Installations
13/03/2008 23:11:10 75248 byte 34 days old -- zllsputility.exe
09/04/2008 09:07:58 (DIR) 0 byte 7 days old -- ie7updates
09/04/2008 09:08:19 (DIR) 0 byte 7 days old -- $hf_mig$
11/04/2008 20:12:48 (DIR) 0 byte 5 days old -- Debug
14/04/2008 15:43:58 23 byte 2 days old -- BlendSettings.ini
15/04/2008 15:35:09 259 byte 1 days old -- game.ini
15/04/2008 17:58:31 (DIR) 0 byte 1 days old -- system
15/04/2008 18:02:35 209636 byte 1 days old -- IPUI_DivXG400.exe
15/04/2008 20:44:33 (DIR) 0 byte 1 days old -- RegisteredPackages
15/04/2008 22:24:43 (DIR) 0 byte 1 days old -- Fonts
15/04/2008 22:25:51 (DIR) 0 byte 1 days old -- assembly
15/04/2008 22:34:32 (DIR) 0 byte 1 days old -- Tasks
15/04/2008 22:34:38 (DIR) 0 byte 1 days old -- Installer
15/04/2008 23:08:59 (DIR) 0 byte 1 days old -- inf
16/04/2008 11:03:46 227 byte 0 days old -- system.ini
16/04/2008 11:03:46 746 byte 0 days old -- win.ini
16/04/2008 11:03:46 (DIR) 0 byte 0 days old -- pss
16/04/2008 11:07:09 (DIR) 0 byte 0 days old -- system32
16/04/2008 11:09:19 (DIR) 0 byte 0 days old -- security
16/04/2008 11:10:32 0 byte 0 days old -- Sti_Trace.log
16/04/2008 11:38:46 1130 byte 0 days old -- SchedLgU.Txt
16/04/2008 11:42:23 2048 byte 0 days old -- bootstat.dat
16/04/2008 11:42:31 0 byte 0 days old -- 0.log
16/04/2008 11:42:42 50 byte 0 days old -- wiaservc.log
16/04/2008 11:42:42 26213 byte 0 days old -- WindowsUpdate.log
16/04/2008 11:42:42 159 byte 0 days old -- wiadebug.log
16/04/2008 11:44:38 20361 byte 0 days old -- setupapi.log
16/04/2008 12:39:38 (DIR) 0 byte 0 days old -- ERDNT
16/04/2008 12:40:09 (DIR) 0 byte 0 days old -- Downloaded Program Files
16/04/2008 13:43:06 (DIR) 0 byte 0 days old -- Temp
16/04/2008 14:07:24 (DIR) 0 byte 0 days old -- Internet Logs
16/04/2008 14:15:20 (DIR) 0 byte 0 days old -- Prefetch
----- recent files in C:\WINDOWS\Downloaded Program Files\
----- recent files in C:\WINDOWS\system\
----- recent files in C:\WINDOWS\system32\
19/02/2008 13:46:39 (DIR) 0 byte 57 days old -- ReinstallBackups
20/02/2008 07:35:05 45568 byte 56 days old -- dnsrslvr.dll
20/02/2008 07:35:05 148992 byte 56 days old -- dnsapi.dll
20/02/2008 08:51:00 282624 byte 56 days old -- gdi32.dll
20/02/2008 13:31:18 49152 byte 56 days old -- inetwh32.dll
20/02/2008 13:31:18 1044480 byte 56 days old -- roboex32.dll
20/02/2008 21:24:31 (DIR) 0 byte 56 days old -- URTTEMP
21/02/2008 17:19:44 5248 byte 55 days old -- giveio.sys
22/02/2008 12:00:51 13824 byte 54 days old -- ieudinit.exe
27/02/2008 21:23:22 (DIR) 0 byte 49 days old -- DirectX
29/02/2008 10:56:41 70656 byte 47 days old -- ie4uinit.exe
01/03/2008 14:58:06 153088 byte 46 days old -- ieakeng.dll
01/03/2008 14:58:06 230400 byte 46 days old -- ieaksie.dll
01/03/2008 14:58:06 124928 byte 46 days old -- advpack.dll
01/03/2008 14:58:06 63488 byte 46 days old -- icardie.dll
01/03/2008 14:58:06 133120 byte 46 days old -- extmgr.dll
01/03/2008 14:58:06 347136 byte 46 days old -- dxtmsft.dll
01/03/2008 14:58:06 214528 byte 46 days old -- dxtrans.dll
01/03/2008 14:58:07 384512 byte 46 days old -- iedkcs32.dll
01/03/2008 14:58:07 383488 byte 46 days old -- ieapfltr.dll
01/03/2008 14:58:08 44544 byte 46 days old -- iernonce.dll
01/03/2008 14:58:08 27648 byte 46 days old -- jsproxy.dll
01/03/2008 14:58:08 1831424 byte 46 days old -- inetcpl.cpl
01/03/2008 14:58:08 459264 byte 46 days old -- msfeeds.dll
01/03/2008 14:58:08 52224 byte 46 days old -- msfeedsbs.dll
01/03/2008 14:58:08 267776 byte 46 days old -- iertutil.dll
01/03/2008 14:58:08 6066176 byte 46 days old -- ieframe.dll
01/03/2008 14:58:09 478208 byte 46 days old -- mshtmled.dll
01/03/2008 14:58:10 102912 byte 46 days old -- occache.dll
01/03/2008 14:58:10 671232 byte 46 days old -- mstime.dll
01/03/2008 14:58:10 193024 byte 46 days old -- msrating.dll
01/03/2008 14:58:10 105984 byte 46 days old -- url.dll
01/03/2008 14:58:10 1159680 byte 46 days old -- urlmon.dll
01/03/2008 14:58:10 44544 byte 46 days old -- pngfilt.dll
01/03/2008 14:58:11 826368 byte 46 days old -- wininet.dll
01/03/2008 14:58:11 233472 byte 46 days old -- webcheck.dll
01/03/2008 18:28:10 3591680 byte 46 days old -- mshtml.dll
13/03/2008 23:10:52 103912 byte 34 days old -- vsmonapi.dll
13/03/2008 23:10:52 161256 byte 34 days old -- vsinit.dll
13/03/2008 23:10:52 83432 byte 34 days old -- vsdata.dll
13/03/2008 23:10:54 275944 byte 34 days old -- vspubapi.dll
13/03/2008 23:10:54 71144 byte 34 days old -- vsregexp.dll
13/03/2008 23:10:54 472552 byte 34 days old -- vsutil.dll
13/03/2008 23:10:56 83432 byte 34 days old -- zlcomm.dll
13/03/2008 23:10:56 99816 byte 34 days old -- vsxml.dll
13/03/2008 23:10:56 46568 byte 34 days old -- vswmi.dll
13/03/2008 23:10:56 71144 byte 34 days old -- zlcommdb.dll
13/03/2008 23:11:02 1086952 byte 34 days old -- zpeng24.dll
13/03/2008 23:11:18 394952 byte 34 days old -- vsdatant.sys
15/03/2008 19:35:46 (DIR) 0 byte 32 days old -- Kaspersky Lab
20/03/2008 10:09:22 1845376 byte 27 days old -- win32k.sys
22/03/2008 11:43:29 664 byte 25 days old -- d3d9caps.dat
30/03/2008 10:44:59 405888 byte 17 days old -- perfh009.dat
30/03/2008 10:44:59 473864 byte 17 days old -- perfh00C.dat
30/03/2008 10:44:59 63470 byte 17 days old -- perfc009.dat
30/03/2008 10:44:59 77468 byte 17 days old -- perfc00C.dat
30/03/2008 10:44:59 1033152 byte 17 days old -- PerfStringBackup.INI
06/04/2008 07:56:20 19836024 byte 10 days old -- MRT.exe
14/04/2008 09:57:44 2422 byte 2 days old -- wpa.dbl
14/04/2008 19:32:17 (DIR) 0 byte 2 days old -- ShellExt
15/04/2008 18:02:32 53248 byte 1 days old -- DivXAF.ax
15/04/2008 18:02:35 21810 byte 1 days old -- divxg400.htm
15/04/2008 18:02:35 184320 byte 1 days old -- DivXG400.ax
15/04/2008 20:44:40 (DIR) 0 byte 1 days old -- dllcache
15/04/2008 22:27:03 (DIR) 0 byte 1 days old -- Adobe
15/04/2008 22:29:39 4212 byte 1 days old -- zllictbl.dat
15/04/2008 22:30:42 (DIR) 0 byte 1 days old -- CatRoot
16/04/2008 02:17:10 (DIR) 0 byte 0 days old -- ZoneLabs
16/04/2008 02:17:14 125320 byte 0 days old -- FNTCACHE.DAT
16/04/2008 02:17:16 (DIR) 0 byte 0 days old -- drivers
16/04/2008 11:10:31 (DIR) 0 byte 0 days old -- LogFiles
16/04/2008 11:44:35 (DIR) 0 byte 0 days old -- CatRoot2
16/04/2008 12:41:15 352921 byte 0 days old -- vsconfig.xml
----- recent files in C:\WINDOWS\system32\drivers\
21/02/2008 01:52:53 (DIR) 0 byte 55 days old -- UMDF
20/03/2008 16:37:22 8864 byte 27 days old -- CDAC15BA.SYS
13/04/2008 09:05:39 717296 byte 3 days old -- sptd.sys
15/04/2008 00:58:14 (DIR) 0 byte 1 days old -- etc
16/04/2008 11:38:48 2252 byte 0 days old -- fidbox.idx
16/04/2008 14:15:18 223264 byte 0 days old -- fidbox.dat
----- recent files in C:\WINDOWS\temp\
16/04/2008 12:40:27 108 byte 0 days old -- teredo.txt
16/04/2008 12:41:10 256 byte 0 days old -- ZLT03cb7.TMP
16/04/2008 12:41:11 256 byte 0 days old -- ZLT03cba.TMP
----- recent files in C:\Program Files\
17/02/2008 23:46:32 (DIR) 0 byte 59 days old -- PhotoFiltre
18/02/2008 15:52:57 (DIR) 0 byte 58 days old -- Bethesda Softworks
20/02/2008 20:57:41 (DIR) 0 byte 56 days old -- Real Alternative
20/02/2008 21:04:41 (DIR) 0 byte 56 days old -- WinAVI MP4 Converter
21/02/2008 17:29:30 (DIR) 0 byte 55 days old -- SSC Service Utility
23/02/2008 20:02:03 (DIR) 0 byte 53 days old -- ABBYY FineReader 6.0 Sprint
23/02/2008 20:02:51 (DIR) 0 byte 53 days old -- EPSON
27/02/2008 21:23:15 (DIR) 0 byte 49 days old -- Windows Live
01/03/2008 16:42:46 (DIR) 0 byte 46 days old -- ABBYY PDF Transformer 2.0
02/03/2008 13:58:01 (DIR) 0 byte 45 days old -- Trend Micro
03/03/2008 19:23:58 (DIR) 0 byte 44 days old -- eBay
05/03/2008 13:48:04 (DIR) 0 byte 42 days old -- World of Warcraft
15/03/2008 17:00:41 (DIR) 0 byte 32 days old -- MP3Gain
29/03/2008 16:39:54 (DIR) 0 byte 18 days old -- Messenger Plus! Live
30/03/2008 16:55:56 (DIR) 0 byte 17 days old -- BatchDPG
30/03/2008 17:48:02 (DIR) 0 byte 17 days old -- BDGest Evolution
03/04/2008 22:32:05 (DIR) 0 byte 13 days old -- TuxPaint
09/04/2008 09:08:05 (DIR) 0 byte 7 days old -- Internet Explorer
14/04/2008 00:30:45 (DIR) 0 byte 2 days old -- DAEMON Tools Lite
15/04/2008 12:15:41 (DIR) 0 byte 1 days old -- Free Download Manager
15/04/2008 15:35:22 (DIR) 0 byte 1 days old -- InstallShield Installation Information
15/04/2008 17:58:31 (DIR) 0 byte 1 days old -- WinASPI
15/04/2008 17:59:22 (DIR) 0 byte 1 days old -- AviSynth 2.5
15/04/2008 17:59:32 (DIR) 0 byte 1 days old -- K-Lite Codec Pack
15/04/2008 18:02:23 (DIR) 0 byte 1 days old -- DivX
15/04/2008 18:16:10 (DIR) 0 byte 1 days old -- Morgan
15/04/2008 18:16:27 (DIR) 0 byte 1 days old -- Rippackv3
15/04/2008 20:44:35 (DIR) 0 byte 1 days old -- Movie Maker
15/04/2008 20:53:28 (DIR) 0 byte 1 days old -- Adobe
15/04/2008 20:54:54 (DIR) 0 byte 1 days old -- Google
15/04/2008 22:24:05 (DIR) 0 byte 1 days old -- OpenOffice.org 2.3
15/04/2008 22:24:45 (DIR) 0 byte 1 days old -- OpenOffice.org 2.4
15/04/2008 22:33:28 (DIR) 0 byte 1 days old -- Fichiers communs
15/04/2008 22:34:35 (DIR) 0 byte 1 days old -- Norton Security Scan
16/04/2008 00:17:31 (DIR) 0 byte 0 days old -- Free Hide Folder
16/04/2008 12:29:26 (DIR) 0 byte 0 days old -- eMule
16/04/2008 13:33:13 (DIR) 0 byte 0 days old -- Mozilla Firefox
16/04/2008 14:06:14 (DIR) 0 byte 0 days old -- TrackMania Nations ESWC
----- recent files in C:\Program Files\Fichiers communs\
23/02/2008 20:06:02 (DIR) 0 byte 53 days old -- InstallShield
02/03/2008 14:02:42 (DIR) 0 byte 45 days old -- Microsoft Shared
15/04/2008 20:53:53 (DIR) 0 byte 1 days old -- Adobe
16/04/2008 10:18:26 (DIR) 0 byte 0 days old -- Symantec Shared
----- recent files in C:\Documents and Settings\Anthony\Application Data\
20/02/2008 20:57:37 (DIR) 0 byte 56 days old -- Real
20/02/2008 22:27:57 (DIR) 0 byte 56 days old -- Media Player Classic
21/02/2008 16:31:40 (DIR) 0 byte 55 days old -- Help
23/02/2008 19:58:55 (DIR) 0 byte 53 days old -- InstallShield
01/03/2008 16:16:35 (DIR) 0 byte 46 days old -- Microsoft
30/03/2008 11:13:12 (DIR) 0 byte 17 days old -- OpenOffice.org2
14/04/2008 00:31:37 (DIR) 0 byte 2 days old -- dvdcss
16/04/2008 14:01:52 (DIR) 0 byte 0 days old -- uTorrent
16/04/2008 14:14:58 (DIR) 0 byte 0 days old -- Free Download Manager
----- recent files in C:\DOCUME~1\Anthony\LOCALS~1\Temp\
16/04/2008 14:07:23 (DIR) 0 byte 0 days old -- plugtmp
16/04/2008 14:11:24 14937710 byte 0 days old -- flaBC.tmp
16/04/2008 14:15:10 34 byte 0 days old -- systemscan.ini
16/04/2008 14:15:11 16384 byte 0 days old -- ~DFB0C7.tmp
16/04/2008 14:15:11 (DIR) 0 byte 0 days old -- nsgC0.tmp
==========================================
Scan completed in 0,1 minutes
End of report
~~~~~~~~~~~~~~~~~~~~~-----CREDITS-----~~~~~~~~~~~~~~~~~~~~~
SystemScan uses some freeware tools that remain property of their authors:
* SteelWerX Registry Console Tool, Who Am I (Bobby Flekman: www.xs4all.nl/~fstaal01) --> "Registry scan", "PC accounts "
* dumphive (Markus Stephany)--> "Registry scan"
* Listdlls (M.Russinovich, B.Cogswell: www.sysinternals.com) --> "Loaded modules"
* Catchme & MBR Rootkit detector (gmer: www.gmer.net) --> "Hidden objects", "Alternate Data Streams" & "Master Boot Record"
---> NOTE: SystemScan integrates "The Avenger" from Swandog46 (http://swandog46.geekstogo.com) to allow you to remove malwares found in this log
Thanks to all of them for their hard work
rapport gmer:
GMER 1.0.14.14205 - http://www.gmer.net
Rootkit scan 2008-04-16 14:24:33
Windows 5.1.2600 Service Pack 2
---- Files - GMER 1.0.14 ----
File C:\Documents and Settings\Anthony\Local Settings\Temp\flaC8.tmp 14799664 bytes
---- EOF - GMER 1.0.14 ----
Re,
1) Affiche les fichiers et dossiers cachés …
Pour ce faire, tu vas dans un dossier, par ex. "Mes Images".
Ensuite, clique sur > Outils > Options des dossiers ...
clique sur l' onglet « Affichage » et ...
coche ---> Afficher les fichiers et dossiers cachés
décoche > Masquer les extensions des fichiers dont le type est connu
décoche > Masquer les fichiers protégés du système d' exploitation (recommandé).
« Appliquer » et « OK ».
2) Rends toi sur ce lien : Virus Total
Clique sur Parcourir
Rends toi jusque sur ce fichier si tu le trouves :
C:\WINDOWS\system32\winsys2.exe
Clique sur Envoyer le fichier et laisse travailler tant que "Situation actuelle : en cours d'analyse" est affiché.
Il est possible que le fichier soit mis en file d'attente en raison d'un grand nombre de demandes d'analyses. En ce cas, il te faudra patienter sans actualiser la page.
Lorsque l'analyse est terminée ("Situation actuelle: terminé"), clique sur Formaté
Une nouvelle fenêtre de ton navigateur va apparaître
Clique alors sur cette image : ![]()
Fais un clic droit sur la page, et choisis Sélectionner tout, puis copier
Enfin colle le résultat dans ta prochaine réponse.
Note : Peu importe le résultat, il est important de me communiquer le résultat de toute l'analyse.
Il est possible que tes outils de sécurité réagissent à l'envoi du fichier, en ce cas il te faudra ignorer les alertes.
![;)]( ";)")
1) Affiche les fichiers et dossiers cachés …
Pour ce faire, tu vas dans un dossier, par ex. "Mes Images".
Ensuite, clique sur > Outils > Options des dossiers ...
clique sur l' onglet « Affichage » et ...
coche ---> Afficher les fichiers et dossiers cachés
décoche > Masquer les extensions des fichiers dont le type est connu
décoche > Masquer les fichiers protégés du système d' exploitation (recommandé).
« Appliquer » et « OK ».
2) Rends toi sur ce lien : Virus Total
C:\WINDOWS\system32\winsys2.exe
Note : Peu importe le résultat, il est important de me communiquer le résultat de toute l'analyse.
Il est possible que tes outils de sécurité réagissent à l'envoi du fichier, en ce cas il te faudra ignorer les alertes.
voila le rapport
Fichier winsys2.exe reçu le 2008.04.15 16:47:01 (CET)
Antivirus Version Dernière mise à jour Résultat
AhnLab-V3 2008.4.15.1 2008.04.15 -
AntiVir 7.6.0.85 2008.04.15 -
Authentium 4.93.8 2008.04.14 -
Avast 4.8.1169.0 2008.04.15 -
AVG 7.5.0.516 2008.04.15 -
BitDefender 7.2 2008.04.15 -
CAT-QuickHeal 9.50 2008.04.14 -
ClamAV 0.92.1 2008.04.15 -
DrWeb 4.44.0.09170 2008.04.15 -
eSafe 7.0.15.0 2008.04.09 -
eTrust-Vet 31.3.5700 2008.04.15 -
Ewido 4.0 2008.04.15 -
F-Prot 4.4.2.54 2008.04.14 -
F-Secure 6.70.13260.0 2008.04.15 -
FileAdvisor 1 2008.04.15 -
Fortinet 3.14.0.0 2008.04.15 -
Ikarus T3.1.1.26 2008.04.15 -
Kaspersky 7.0.0.125 2008.04.15 -
McAfee 5273 2008.04.14 -
Microsoft 1.3408 2008.04.14 -
NOD32v2 3027 2008.04.15 -
Norman 5.80.02 2008.04.15 -
Panda 9.0.0.4 2008.04.14 -
Prevx1 V2 2008.04.15 -
Rising 20.40.11.00 2008.04.15 -
Sophos 4.28.0 2008.04.15 MadCodeHook
Sunbelt 3.0.1041.0 2008.04.12 -
Symantec 10 2008.04.15 -
TheHacker 6.2.92.277 2008.04.14 -
VBA32 3.12.6.4 2008.04.14 -
VirusBuster 4.3.26:9 2008.04.15 -
Webwasher-Gateway 6.6.2 2008.04.15 -
Information additionnelle
File size: 217088 bytes
MD5...: 246ed5328f940e4fdaab0b2fc987da01
SHA1..: d5e2592cf25b48efb1225e37c45bce99a13466c8
SHA256: a12b18fcdd5e76711c8cfd6010ecdb1f6a4bf27cc48f0ecf70291591770cb457
SHA512: eda78432518373137d1170fc98c58bea33485c9db1115899f7eea9d20f03a8d3<br>64fd4e936bac44bd2dd6e6f690c7b0e1cdf0b7af6c6acf7b44fe1d7aed0daea9
PEiD..: -
PEInfo: PE Structure information<br><br>( base data )<br>entrypointaddress.: 0x40eee7<br>timedatestamp.....: 0x45220536 (Tue Oct 03 06:37:42 2006)<br>machinetype.......: 0x14c (I386)<br><br>( 4 sections )<br>name viradd virsiz rawdsiz ntrpy md5<br>.text 0x1000 0x1f6d6 0x20000 6.61 d2f22979f1ff4b51abdd7563aeb45bda<br>.rdata 0x21000 0x7676 0x8000 4.79 2568b87b9e716158c4b0ee05d59ef976<br>.data 0x29000 0x5a74 0x2000 3.85 6d7f74470b50f6760435bdc1865de721<br>.rsrc 0x2f000 0x9290 0xa000 5.56 b596ffd3a165cb398764578107bedac4<br><br>( 8 imports ) <br>> MADCHOOK.DLL: InjectLibraryA, UninjectLibraryA<br>> KERNEL32.dll: SetErrorMode, HeapFree, HeapAlloc, VirtualAlloc, HeapReAlloc, GetCommandLineA, GetProcessHeap, GetStartupInfoA, RaiseException, RtlUnwind, ExitProcess, HeapSize, TerminateProcess, UnhandledExceptionFilter, SetUnhandledExceptionFilter, IsDebuggerPresent, HeapDestroy, HeapCreate, VirtualFree, GetStdHandle, Sleep, FreeEnvironmentStringsA, GetEnvironmentStrings, FreeEnvironmentStringsW, GetEnvironmentStringsW, SetHandleCount, GetFileType, QueryPerformanceCounter, GetTickCount, GetSystemTimeAsFileTime, GetACP, GetConsoleCP, GetConsoleMode, LCMapStringA, LCMapStringW, GetStringTypeA, GetStringTypeW, SetStdHandle, WriteConsoleA, GetConsoleOutputCP, WriteConsoleW, GetOEMCP, GetCPInfo, CreateFileA, GetCurrentProcess, GetThreadLocale, FlushFileBuffers, SetFilePointer, WriteFile, ReadFile, GlobalFlags, InterlockedIncrement, TlsFree, DeleteCriticalSection, LocalReAlloc, TlsSetValue, TlsAlloc, InitializeCriticalSection, GlobalHandle, GlobalReAlloc, EnterCriticalSection, TlsGetValue, LeaveCriticalSection, LocalAlloc, GlobalGetAtomNameA, GlobalFindAtomA, lstrcmpW, GetVersionExA, InterlockedDecrement, GetModuleFileNameW, FreeResource, CloseHandle, WritePrivateProfileStringA, GlobalAddAtomA, GetCurrentProcessId, GetCurrentThread, GetCurrentThreadId, ConvertDefaultLocale, GetModuleFileNameA, EnumResourceLanguagesA, GetLocaleInfoA, LoadLibraryA, lstrcmpA, FreeLibrary, GlobalDeleteAtom, GetModuleHandleA, GetProcAddress, GlobalFree, GlobalAlloc, GlobalLock, GlobalUnlock, FormatMessageA, LocalFree, FindResourceA, LoadResource, LockResource, SizeofResource, MulDiv, SetLastError, GetVersion, CompareStringA, GetLastError, InterlockedExchange, MultiByteToWideChar, WideCharToMultiByte, lstrlenA<br>> USER32.dll: LoadCursorA, GetSysColorBrush, ShowWindow, SetWindowTextA, IsDialogMessageA, RegisterWindowMessageA, SendDlgItemMessageA, WinHelpA, GetCapture, GetClassLongA, GetClassNameA, SetPropA, GetPropA, RemovePropA, SetFocus, GetWindowTextA, GetForegroundWindow, GetTopWindow, GetMessageTime, GetMessagePos, MapWindowPoints, SetForegroundWindow, UpdateWindow, GetMenu, CreateWindowExA, GetClassInfoA, RegisterClassA, AdjustWindowRectEx, CopyRect, PtInRect, GetDlgCtrlID, DefWindowProcA, CallWindowProcA, SetWindowLongA, SetWindowPos, SystemParametersInfoA, GetWindowPlacement, GetWindowRect, GetWindow, UnhookWindowsHookEx, GetSysColor, EndPaint, BeginPaint, ReleaseDC, GetDC, ClientToScreen, GrayStringA, DrawTextExA, DrawTextA, TabbedTextOutA, GetDesktopWindow, SetActiveWindow, CreateDialogIndirectParamA, DestroyWindow, IsWindow, EnableWindow, GetSystemMetrics, GetDlgItem, GetNextDlgTabItem, EndDialog, SetWindowsHookExA, CallNextHookEx, GetMessageA, TranslateMessage, DispatchMessageA, GetActiveWindow, IsWindowVisible, GetKeyState, PeekMessageA, GetCursorPos, DestroyMenu, UnregisterClassA, PostMessageA, SendMessageA, GetClientRect, DrawIcon, LoadIconA, IsIconic, GetSubMenu, GetMenuItemCount, GetMenuItemID, GetMenuState, CheckMenuItem, EnableMenuItem, ModifyMenuA, GetParent, ValidateRect, GetWindowThreadProcessId, GetWindowLongA, GetLastActivePopup, IsWindowEnabled, MessageBoxA, SetCursor, PostQuitMessage, SetMenuItemBitmaps, GetMenuCheckMarkDimensions, LoadBitmapA, GetFocus, GetClassInfoExA<br>> GDI32.dll: SetWindowExtEx, ScaleWindowExtEx, DeleteDC, GetStockObject, RectVisible, ScaleViewportExtEx, SetViewportExtEx, OffsetViewportOrgEx, SetViewportOrgEx, SelectObject, Escape, ExtTextOutA, GetDeviceCaps, PtVisible, GetObjectA, DeleteObject, GetClipBox, SetMapMode, SetTextColor, SetBkColor, RestoreDC, SaveDC, CreateBitmap, TextOutA<br>> WINSPOOL.DRV: ClosePrinter, DocumentPropertiesA, OpenPrinterA<br>> ADVAPI32.dll: RegQueryValueA, RegEnumKeyA, RegDeleteKeyA, RegOpenKeyA, RegCloseKey, RegOpenKeyExA, RegCreateKeyExA, RegQueryValueExA, RegSetValueExA<br>> SHLWAPI.dll: PathFindFileNameA, PathFindExtensionA<br>> OLEAUT32.dll: -, -, -<br><br>( 0 exports ) <br>
Antivirus Version Dernière mise à jour Résultat
AhnLab-V3 2008.4.15.1 2008.04.15 -
AntiVir 7.6.0.85 2008.04.15 -
Authentium 4.93.8 2008.04.14 -
Avast 4.8.1169.0 2008.04.15 -
AVG 7.5.0.516 2008.04.15 -
BitDefender 7.2 2008.04.15 -
CAT-QuickHeal 9.50 2008.04.14 -
ClamAV 0.92.1 2008.04.15 -
DrWeb 4.44.0.09170 2008.04.15 -
eSafe 7.0.15.0 2008.04.09 -
eTrust-Vet 31.3.5700 2008.04.15 -
Ewido 4.0 2008.04.15 -
F-Prot 4.4.2.54 2008.04.14 -
F-Secure 6.70.13260.0 2008.04.15 -
FileAdvisor 1 2008.04.15 -
Fortinet 3.14.0.0 2008.04.15 -
Ikarus T3.1.1.26 2008.04.15 -
Kaspersky 7.0.0.125 2008.04.15 -
McAfee 5273 2008.04.14 -
Microsoft 1.3408 2008.04.14 -
NOD32v2 3027 2008.04.15 -
Norman 5.80.02 2008.04.15 -
Panda 9.0.0.4 2008.04.14 -
Prevx1 V2 2008.04.15 -
Rising 20.40.11.00 2008.04.15 -
Sophos 4.28.0 2008.04.15 MadCodeHook
Sunbelt 3.0.1041.0 2008.04.12 -
Symantec 10 2008.04.15 -
TheHacker 6.2.92.277 2008.04.14 -
VBA32 3.12.6.4 2008.04.14 -
VirusBuster 4.3.26:9 2008.04.15 -
Webwasher-Gateway 6.6.2 2008.04.15 -
Information additionnelle
File size: 217088 bytes
MD5...: 246ed5328f940e4fdaab0b2fc987da01
SHA1..: d5e2592cf25b48efb1225e37c45bce99a13466c8
SHA256: a12b18fcdd5e76711c8cfd6010ecdb1f6a4bf27cc48f0ecf70291591770cb457
SHA512: eda78432518373137d1170fc98c58bea33485c9db1115899f7eea9d20f03a8d3<br>64fd4e936bac44bd2dd6e6f690c7b0e1cdf0b7af6c6acf7b44fe1d7aed0daea9
PEiD..: -
PEInfo: PE Structure information<br><br>( base data )<br>entrypointaddress.: 0x40eee7<br>timedatestamp.....: 0x45220536 (Tue Oct 03 06:37:42 2006)<br>machinetype.......: 0x14c (I386)<br><br>( 4 sections )<br>name viradd virsiz rawdsiz ntrpy md5<br>.text 0x1000 0x1f6d6 0x20000 6.61 d2f22979f1ff4b51abdd7563aeb45bda<br>.rdata 0x21000 0x7676 0x8000 4.79 2568b87b9e716158c4b0ee05d59ef976<br>.data 0x29000 0x5a74 0x2000 3.85 6d7f74470b50f6760435bdc1865de721<br>.rsrc 0x2f000 0x9290 0xa000 5.56 b596ffd3a165cb398764578107bedac4<br><br>( 8 imports ) <br>> MADCHOOK.DLL: InjectLibraryA, UninjectLibraryA<br>> KERNEL32.dll: SetErrorMode, HeapFree, HeapAlloc, VirtualAlloc, HeapReAlloc, GetCommandLineA, GetProcessHeap, GetStartupInfoA, RaiseException, RtlUnwind, ExitProcess, HeapSize, TerminateProcess, UnhandledExceptionFilter, SetUnhandledExceptionFilter, IsDebuggerPresent, HeapDestroy, HeapCreate, VirtualFree, GetStdHandle, Sleep, FreeEnvironmentStringsA, GetEnvironmentStrings, FreeEnvironmentStringsW, GetEnvironmentStringsW, SetHandleCount, GetFileType, QueryPerformanceCounter, GetTickCount, GetSystemTimeAsFileTime, GetACP, GetConsoleCP, GetConsoleMode, LCMapStringA, LCMapStringW, GetStringTypeA, GetStringTypeW, SetStdHandle, WriteConsoleA, GetConsoleOutputCP, WriteConsoleW, GetOEMCP, GetCPInfo, CreateFileA, GetCurrentProcess, GetThreadLocale, FlushFileBuffers, SetFilePointer, WriteFile, ReadFile, GlobalFlags, InterlockedIncrement, TlsFree, DeleteCriticalSection, LocalReAlloc, TlsSetValue, TlsAlloc, InitializeCriticalSection, GlobalHandle, GlobalReAlloc, EnterCriticalSection, TlsGetValue, LeaveCriticalSection, LocalAlloc, GlobalGetAtomNameA, GlobalFindAtomA, lstrcmpW, GetVersionExA, InterlockedDecrement, GetModuleFileNameW, FreeResource, CloseHandle, WritePrivateProfileStringA, GlobalAddAtomA, GetCurrentProcessId, GetCurrentThread, GetCurrentThreadId, ConvertDefaultLocale, GetModuleFileNameA, EnumResourceLanguagesA, GetLocaleInfoA, LoadLibraryA, lstrcmpA, FreeLibrary, GlobalDeleteAtom, GetModuleHandleA, GetProcAddress, GlobalFree, GlobalAlloc, GlobalLock, GlobalUnlock, FormatMessageA, LocalFree, FindResourceA, LoadResource, LockResource, SizeofResource, MulDiv, SetLastError, GetVersion, CompareStringA, GetLastError, InterlockedExchange, MultiByteToWideChar, WideCharToMultiByte, lstrlenA<br>> USER32.dll: LoadCursorA, GetSysColorBrush, ShowWindow, SetWindowTextA, IsDialogMessageA, RegisterWindowMessageA, SendDlgItemMessageA, WinHelpA, GetCapture, GetClassLongA, GetClassNameA, SetPropA, GetPropA, RemovePropA, SetFocus, GetWindowTextA, GetForegroundWindow, GetTopWindow, GetMessageTime, GetMessagePos, MapWindowPoints, SetForegroundWindow, UpdateWindow, GetMenu, CreateWindowExA, GetClassInfoA, RegisterClassA, AdjustWindowRectEx, CopyRect, PtInRect, GetDlgCtrlID, DefWindowProcA, CallWindowProcA, SetWindowLongA, SetWindowPos, SystemParametersInfoA, GetWindowPlacement, GetWindowRect, GetWindow, UnhookWindowsHookEx, GetSysColor, EndPaint, BeginPaint, ReleaseDC, GetDC, ClientToScreen, GrayStringA, DrawTextExA, DrawTextA, TabbedTextOutA, GetDesktopWindow, SetActiveWindow, CreateDialogIndirectParamA, DestroyWindow, IsWindow, EnableWindow, GetSystemMetrics, GetDlgItem, GetNextDlgTabItem, EndDialog, SetWindowsHookExA, CallNextHookEx, GetMessageA, TranslateMessage, DispatchMessageA, GetActiveWindow, IsWindowVisible, GetKeyState, PeekMessageA, GetCursorPos, DestroyMenu, UnregisterClassA, PostMessageA, SendMessageA, GetClientRect, DrawIcon, LoadIconA, IsIconic, GetSubMenu, GetMenuItemCount, GetMenuItemID, GetMenuState, CheckMenuItem, EnableMenuItem, ModifyMenuA, GetParent, ValidateRect, GetWindowThreadProcessId, GetWindowLongA, GetLastActivePopup, IsWindowEnabled, MessageBoxA, SetCursor, PostQuitMessage, SetMenuItemBitmaps, GetMenuCheckMarkDimensions, LoadBitmapA, GetFocus, GetClassInfoExA<br>> GDI32.dll: SetWindowExtEx, ScaleWindowExtEx, DeleteDC, GetStockObject, RectVisible, ScaleViewportExtEx, SetViewportExtEx, OffsetViewportOrgEx, SetViewportOrgEx, SelectObject, Escape, ExtTextOutA, GetDeviceCaps, PtVisible, GetObjectA, DeleteObject, GetClipBox, SetMapMode, SetTextColor, SetBkColor, RestoreDC, SaveDC, CreateBitmap, TextOutA<br>> WINSPOOL.DRV: ClosePrinter, DocumentPropertiesA, OpenPrinterA<br>> ADVAPI32.dll: RegQueryValueA, RegEnumKeyA, RegDeleteKeyA, RegOpenKeyA, RegCloseKey, RegOpenKeyExA, RegCreateKeyExA, RegQueryValueExA, RegSetValueExA<br>> SHLWAPI.dll: PathFindFileNameA, PathFindExtensionA<br>> OLEAUT32.dll: -, -, -<br><br>( 0 exports ) <br>
Fichier winsys2.exe reçu le 2008.04.15 16:47:01 (CET)
Antivirus Version Dernière mise à jour Résultat
AhnLab-V3 2008.4.15.1 2008.04.15 -
AntiVir 7.6.0.85 2008.04.15 -
Authentium 4.93.8 2008.04.14 -
Avast 4.8.1169.0 2008.04.15 -
AVG 7.5.0.516 2008.04.15 -
BitDefender 7.2 2008.04.15 -
CAT-QuickHeal 9.50 2008.04.14 -
ClamAV 0.92.1 2008.04.15 -
DrWeb 4.44.0.09170 2008.04.15 -
eSafe 7.0.15.0 2008.04.09 -
eTrust-Vet 31.3.5700 2008.04.15 -
Ewido 4.0 2008.04.15 -
F-Prot 4.4.2.54 2008.04.14 -
F-Secure 6.70.13260.0 2008.04.15 -
FileAdvisor 1 2008.04.15 -
Fortinet 3.14.0.0 2008.04.15 -
Ikarus T3.1.1.26 2008.04.15 -
Kaspersky 7.0.0.125 2008.04.15 -
McAfee 5273 2008.04.14 -
Microsoft 1.3408 2008.04.14 -
NOD32v2 3027 2008.04.15 -
Norman 5.80.02 2008.04.15 -
Panda 9.0.0.4 2008.04.14 -
Prevx1 V2 2008.04.15 -
Rising 20.40.11.00 2008.04.15 -
Sophos 4.28.0 2008.04.15 MadCodeHook
Sunbelt 3.0.1041.0 2008.04.12 -
Symantec 10 2008.04.15 -
TheHacker 6.2.92.277 2008.04.14 -
VBA32 3.12.6.4 2008.04.14 -
VirusBuster 4.3.26:9 2008.04.15 -
Webwasher-Gateway 6.6.2 2008.04.15 -
Information additionnelle
File size: 217088 bytes
MD5...: 246ed5328f940e4fdaab0b2fc987da01
SHA1..: d5e2592cf25b48efb1225e37c45bce99a13466c8
SHA256: a12b18fcdd5e76711c8cfd6010ecdb1f6a4bf27cc48f0ecf70291591770cb457
SHA512: eda78432518373137d1170fc98c58bea33485c9db1115899f7eea9d20f03a8d3<br>64fd4e936bac44bd2dd6e6f690c7b0e1cdf0b7af6c6acf7b44fe1d7aed0daea9
PEiD..: -
PEInfo: PE Structure information<br><br>( base data )<br>entrypointaddress.: 0x40eee7<br>timedatestamp.....: 0x45220536 (Tue Oct 03 06:37:42 2006)<br>machinetype.......: 0x14c (I386)<br><br>( 4 sections )<br>name viradd virsiz rawdsiz ntrpy md5<br>.text 0x1000 0x1f6d6 0x20000 6.61 d2f22979f1ff4b51abdd7563aeb45bda<br>.rdata 0x21000 0x7676 0x8000 4.79 2568b87b9e716158c4b0ee05d59ef976<br>.data 0x29000 0x5a74 0x2000 3.85 6d7f74470b50f6760435bdc1865de721<br>.rsrc 0x2f000 0x9290 0xa000 5.56 b596ffd3a165cb398764578107bedac4<br><br>( 8 imports ) <br>> MADCHOOK.DLL: InjectLibraryA, UninjectLibraryA<br>> KERNEL32.dll: SetErrorMode, HeapFree, HeapAlloc, VirtualAlloc, HeapReAlloc, GetCommandLineA, GetProcessHeap, GetStartupInfoA, RaiseException, RtlUnwind, ExitProcess, HeapSize, TerminateProcess, UnhandledExceptionFilter, SetUnhandledExceptionFilter, IsDebuggerPresent, HeapDestroy, HeapCreate, VirtualFree, GetStdHandle, Sleep, FreeEnvironmentStringsA, GetEnvironmentStrings, FreeEnvironmentStringsW, GetEnvironmentStringsW, SetHandleCount, GetFileType, QueryPerformanceCounter, GetTickCount, GetSystemTimeAsFileTime, GetACP, GetConsoleCP, GetConsoleMode, LCMapStringA, LCMapStringW, GetStringTypeA, GetStringTypeW, SetStdHandle, WriteConsoleA, GetConsoleOutputCP, WriteConsoleW, GetOEMCP, GetCPInfo, CreateFileA, GetCurrentProcess, GetThreadLocale, FlushFileBuffers, SetFilePointer, WriteFile, ReadFile, GlobalFlags, InterlockedIncrement, TlsFree, DeleteCriticalSection, LocalReAlloc, TlsSetValue, TlsAlloc, InitializeCriticalSection, GlobalHandle, GlobalReAlloc, EnterCriticalSection, TlsGetValue, LeaveCriticalSection, LocalAlloc, GlobalGetAtomNameA, GlobalFindAtomA, lstrcmpW, GetVersionExA, InterlockedDecrement, GetModuleFileNameW, FreeResource, CloseHandle, WritePrivateProfileStringA, GlobalAddAtomA, GetCurrentProcessId, GetCurrentThread, GetCurrentThreadId, ConvertDefaultLocale, GetModuleFileNameA, EnumResourceLanguagesA, GetLocaleInfoA, LoadLibraryA, lstrcmpA, FreeLibrary, GlobalDeleteAtom, GetModuleHandleA, GetProcAddress, GlobalFree, GlobalAlloc, GlobalLock, GlobalUnlock, FormatMessageA, LocalFree, FindResourceA, LoadResource, LockResource, SizeofResource, MulDiv, SetLastError, GetVersion, CompareStringA, GetLastError, InterlockedExchange, MultiByteToWideChar, WideCharToMultiByte, lstrlenA<br>> USER32.dll: LoadCursorA, GetSysColorBrush, ShowWindow, SetWindowTextA, IsDialogMessageA, RegisterWindowMessageA, SendDlgItemMessageA, WinHelpA, GetCapture, GetClassLongA, GetClassNameA, SetPropA, GetPropA, RemovePropA, SetFocus, GetWindowTextA, GetForegroundWindow, GetTopWindow, GetMessageTime, GetMessagePos, MapWindowPoints, SetForegroundWindow, UpdateWindow, GetMenu, CreateWindowExA, GetClassInfoA, RegisterClassA, AdjustWindowRectEx, CopyRect, PtInRect, GetDlgCtrlID, DefWindowProcA, CallWindowProcA, SetWindowLongA, SetWindowPos, SystemParametersInfoA, GetWindowPlacement, GetWindowRect, GetWindow, UnhookWindowsHookEx, GetSysColor, EndPaint, BeginPaint, ReleaseDC, GetDC, ClientToScreen, GrayStringA, DrawTextExA, DrawTextA, TabbedTextOutA, GetDesktopWindow, SetActiveWindow, CreateDialogIndirectParamA, DestroyWindow, IsWindow, EnableWindow, GetSystemMetrics, GetDlgItem, GetNextDlgTabItem, EndDialog, SetWindowsHookExA, CallNextHookEx, GetMessageA, TranslateMessage, DispatchMessageA, GetActiveWindow, IsWindowVisible, GetKeyState, PeekMessageA, GetCursorPos, DestroyMenu, UnregisterClassA, PostMessageA, SendMessageA, GetClientRect, DrawIcon, LoadIconA, IsIconic, GetSubMenu, GetMenuItemCount, GetMenuItemID, GetMenuState, CheckMenuItem, EnableMenuItem, ModifyMenuA, GetParent, ValidateRect, GetWindowThreadProcessId, GetWindowLongA, GetLastActivePopup, IsWindowEnabled, MessageBoxA, SetCursor, PostQuitMessage, SetMenuItemBitmaps, GetMenuCheckMarkDimensions, LoadBitmapA, GetFocus, GetClassInfoExA<br>> GDI32.dll: SetWindowExtEx, ScaleWindowExtEx, DeleteDC, GetStockObject, RectVisible, ScaleViewportExtEx, SetViewportExtEx, OffsetViewportOrgEx, SetViewportOrgEx, SelectObject, Escape, ExtTextOutA, GetDeviceCaps, PtVisible, GetObjectA, DeleteObject, GetClipBox, SetMapMode, SetTextColor, SetBkColor, RestoreDC, SaveDC, CreateBitmap, TextOutA<br>> WINSPOOL.DRV: ClosePrinter, DocumentPropertiesA, OpenPrinterA<br>> ADVAPI32.dll: RegQueryValueA, RegEnumKeyA, RegDeleteKeyA, RegOpenKeyA, RegCloseKey, RegOpenKeyExA, RegCreateKeyExA, RegQueryValueExA, RegSetValueExA<br>> SHLWAPI.dll: PathFindFileNameA, PathFindExtensionA<br>> OLEAUT32.dll: -, -, -<br><br>( 0 exports ) <br>
Antivirus Version Dernière mise à jour Résultat
AhnLab-V3 2008.4.15.1 2008.04.15 -
AntiVir 7.6.0.85 2008.04.15 -
Authentium 4.93.8 2008.04.14 -
Avast 4.8.1169.0 2008.04.15 -
AVG 7.5.0.516 2008.04.15 -
BitDefender 7.2 2008.04.15 -
CAT-QuickHeal 9.50 2008.04.14 -
ClamAV 0.92.1 2008.04.15 -
DrWeb 4.44.0.09170 2008.04.15 -
eSafe 7.0.15.0 2008.04.09 -
eTrust-Vet 31.3.5700 2008.04.15 -
Ewido 4.0 2008.04.15 -
F-Prot 4.4.2.54 2008.04.14 -
F-Secure 6.70.13260.0 2008.04.15 -
FileAdvisor 1 2008.04.15 -
Fortinet 3.14.0.0 2008.04.15 -
Ikarus T3.1.1.26 2008.04.15 -
Kaspersky 7.0.0.125 2008.04.15 -
McAfee 5273 2008.04.14 -
Microsoft 1.3408 2008.04.14 -
NOD32v2 3027 2008.04.15 -
Norman 5.80.02 2008.04.15 -
Panda 9.0.0.4 2008.04.14 -
Prevx1 V2 2008.04.15 -
Rising 20.40.11.00 2008.04.15 -
Sophos 4.28.0 2008.04.15 MadCodeHook
Sunbelt 3.0.1041.0 2008.04.12 -
Symantec 10 2008.04.15 -
TheHacker 6.2.92.277 2008.04.14 -
VBA32 3.12.6.4 2008.04.14 -
VirusBuster 4.3.26:9 2008.04.15 -
Webwasher-Gateway 6.6.2 2008.04.15 -
Information additionnelle
File size: 217088 bytes
MD5...: 246ed5328f940e4fdaab0b2fc987da01
SHA1..: d5e2592cf25b48efb1225e37c45bce99a13466c8
SHA256: a12b18fcdd5e76711c8cfd6010ecdb1f6a4bf27cc48f0ecf70291591770cb457
SHA512: eda78432518373137d1170fc98c58bea33485c9db1115899f7eea9d20f03a8d3<br>64fd4e936bac44bd2dd6e6f690c7b0e1cdf0b7af6c6acf7b44fe1d7aed0daea9
PEiD..: -
PEInfo: PE Structure information<br><br>( base data )<br>entrypointaddress.: 0x40eee7<br>timedatestamp.....: 0x45220536 (Tue Oct 03 06:37:42 2006)<br>machinetype.......: 0x14c (I386)<br><br>( 4 sections )<br>name viradd virsiz rawdsiz ntrpy md5<br>.text 0x1000 0x1f6d6 0x20000 6.61 d2f22979f1ff4b51abdd7563aeb45bda<br>.rdata 0x21000 0x7676 0x8000 4.79 2568b87b9e716158c4b0ee05d59ef976<br>.data 0x29000 0x5a74 0x2000 3.85 6d7f74470b50f6760435bdc1865de721<br>.rsrc 0x2f000 0x9290 0xa000 5.56 b596ffd3a165cb398764578107bedac4<br><br>( 8 imports ) <br>> MADCHOOK.DLL: InjectLibraryA, UninjectLibraryA<br>> KERNEL32.dll: SetErrorMode, HeapFree, HeapAlloc, VirtualAlloc, HeapReAlloc, GetCommandLineA, GetProcessHeap, GetStartupInfoA, RaiseException, RtlUnwind, ExitProcess, HeapSize, TerminateProcess, UnhandledExceptionFilter, SetUnhandledExceptionFilter, IsDebuggerPresent, HeapDestroy, HeapCreate, VirtualFree, GetStdHandle, Sleep, FreeEnvironmentStringsA, GetEnvironmentStrings, FreeEnvironmentStringsW, GetEnvironmentStringsW, SetHandleCount, GetFileType, QueryPerformanceCounter, GetTickCount, GetSystemTimeAsFileTime, GetACP, GetConsoleCP, GetConsoleMode, LCMapStringA, LCMapStringW, GetStringTypeA, GetStringTypeW, SetStdHandle, WriteConsoleA, GetConsoleOutputCP, WriteConsoleW, GetOEMCP, GetCPInfo, CreateFileA, GetCurrentProcess, GetThreadLocale, FlushFileBuffers, SetFilePointer, WriteFile, ReadFile, GlobalFlags, InterlockedIncrement, TlsFree, DeleteCriticalSection, LocalReAlloc, TlsSetValue, TlsAlloc, InitializeCriticalSection, GlobalHandle, GlobalReAlloc, EnterCriticalSection, TlsGetValue, LeaveCriticalSection, LocalAlloc, GlobalGetAtomNameA, GlobalFindAtomA, lstrcmpW, GetVersionExA, InterlockedDecrement, GetModuleFileNameW, FreeResource, CloseHandle, WritePrivateProfileStringA, GlobalAddAtomA, GetCurrentProcessId, GetCurrentThread, GetCurrentThreadId, ConvertDefaultLocale, GetModuleFileNameA, EnumResourceLanguagesA, GetLocaleInfoA, LoadLibraryA, lstrcmpA, FreeLibrary, GlobalDeleteAtom, GetModuleHandleA, GetProcAddress, GlobalFree, GlobalAlloc, GlobalLock, GlobalUnlock, FormatMessageA, LocalFree, FindResourceA, LoadResource, LockResource, SizeofResource, MulDiv, SetLastError, GetVersion, CompareStringA, GetLastError, InterlockedExchange, MultiByteToWideChar, WideCharToMultiByte, lstrlenA<br>> USER32.dll: LoadCursorA, GetSysColorBrush, ShowWindow, SetWindowTextA, IsDialogMessageA, RegisterWindowMessageA, SendDlgItemMessageA, WinHelpA, GetCapture, GetClassLongA, GetClassNameA, SetPropA, GetPropA, RemovePropA, SetFocus, GetWindowTextA, GetForegroundWindow, GetTopWindow, GetMessageTime, GetMessagePos, MapWindowPoints, SetForegroundWindow, UpdateWindow, GetMenu, CreateWindowExA, GetClassInfoA, RegisterClassA, AdjustWindowRectEx, CopyRect, PtInRect, GetDlgCtrlID, DefWindowProcA, CallWindowProcA, SetWindowLongA, SetWindowPos, SystemParametersInfoA, GetWindowPlacement, GetWindowRect, GetWindow, UnhookWindowsHookEx, GetSysColor, EndPaint, BeginPaint, ReleaseDC, GetDC, ClientToScreen, GrayStringA, DrawTextExA, DrawTextA, TabbedTextOutA, GetDesktopWindow, SetActiveWindow, CreateDialogIndirectParamA, DestroyWindow, IsWindow, EnableWindow, GetSystemMetrics, GetDlgItem, GetNextDlgTabItem, EndDialog, SetWindowsHookExA, CallNextHookEx, GetMessageA, TranslateMessage, DispatchMessageA, GetActiveWindow, IsWindowVisible, GetKeyState, PeekMessageA, GetCursorPos, DestroyMenu, UnregisterClassA, PostMessageA, SendMessageA, GetClientRect, DrawIcon, LoadIconA, IsIconic, GetSubMenu, GetMenuItemCount, GetMenuItemID, GetMenuState, CheckMenuItem, EnableMenuItem, ModifyMenuA, GetParent, ValidateRect, GetWindowThreadProcessId, GetWindowLongA, GetLastActivePopup, IsWindowEnabled, MessageBoxA, SetCursor, PostQuitMessage, SetMenuItemBitmaps, GetMenuCheckMarkDimensions, LoadBitmapA, GetFocus, GetClassInfoExA<br>> GDI32.dll: SetWindowExtEx, ScaleWindowExtEx, DeleteDC, GetStockObject, RectVisible, ScaleViewportExtEx, SetViewportExtEx, OffsetViewportOrgEx, SetViewportOrgEx, SelectObject, Escape, ExtTextOutA, GetDeviceCaps, PtVisible, GetObjectA, DeleteObject, GetClipBox, SetMapMode, SetTextColor, SetBkColor, RestoreDC, SaveDC, CreateBitmap, TextOutA<br>> WINSPOOL.DRV: ClosePrinter, DocumentPropertiesA, OpenPrinterA<br>> ADVAPI32.dll: RegQueryValueA, RegEnumKeyA, RegDeleteKeyA, RegOpenKeyA, RegCloseKey, RegOpenKeyExA, RegCreateKeyExA, RegQueryValueExA, RegSetValueExA<br>> SHLWAPI.dll: PathFindFileNameA, PathFindExtensionA<br>> OLEAUT32.dll: -, -, -<br><br>( 0 exports ) <br>
Lassé par la pub ? Créez un compte
- Contenus similaires :
- ForumOrdi portable asus ne demarre plus
- ForumMon ordi ne veut plus demarrer
- ForumProbleme pour demarrer mon ordi
- ForumMon ordi demarre tout seul
- ForumNouvelle config et ordi ne demarre pas
- ForumDemarre ordi sans window
- ForumOrdi ne demarre pas
- ForumOrdi ne demarre plus
- ForumOrdi demarre en mode sans echec
- ForumOrdi neuf ne demarre pas
- Voir plus
