A voir également:
- Problème d'infection trojans
- Infection ou pas ??? - Forum Virus
- Infection ou pas? ✓ - Forum Virus
- Infection ad.doubleclick.net ✓ - Forum Virus
- Infection FileRepMetagen - Forum Virus
- Infection SIM ✓ - Forum Virus
62 réponses
Utilisateur anonyme
8 mai 2009 à 13:58
8 mai 2009 à 13:58
ok normal tu as vista
---> Désactive ton antivirus le temps de la manipulation car OTMoveIt3 est détecté comme une infection à tort.
---> Télécharge OTMoveIt3 (OldTimer) sur ton Bureau :
---> Double-clique sur OTMoveIt3.exe afin de le lancer.
---> Copie (Ctrl+C) le texte suivant ci-dessous :
:processes
explorer.exe
:services
ar4qs08q
:files
C:\Program Files\Malwarebytes' Anti-Malware(13)
:reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"=-
"Adobe Reader Speed Launcher"=-
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"MsnMsgr"=-
"IDMan"=-
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableCAD"=-
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoFind"=-
"NoFolderOptions"=-
"NoRun"=-
"NoWinKeys"=-
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoLogOff"=-
:commands
[purity]
[emptytemp]
[start explorer]
[reboot]
---> Colle (Ctrl+V) le texte précédemment copié dans le cadre Paste Instructions for Items to be Moved.
---> Clique maintenant sur le bouton MoveIt! puis ferme OTMoveIt3.
Si un fichier ou dossier ne peut pas être supprimé immédiatement, le logiciel te demandera de redémarrer.
Accepte en cliquant sur YES.
---> Poste le rapport situé dans ce dossier : C:\_OTMoveIt\MovedFiles\
Le nom du rapport correspond au moment de sa création : date_heure.log
---> Désactive ton antivirus le temps de la manipulation car OTMoveIt3 est détecté comme une infection à tort.
---> Télécharge OTMoveIt3 (OldTimer) sur ton Bureau :
---> Double-clique sur OTMoveIt3.exe afin de le lancer.
---> Copie (Ctrl+C) le texte suivant ci-dessous :
:processes
explorer.exe
:services
ar4qs08q
:files
C:\Program Files\Malwarebytes' Anti-Malware(13)
:reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"=-
"Adobe Reader Speed Launcher"=-
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"MsnMsgr"=-
"IDMan"=-
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableCAD"=-
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoFind"=-
"NoFolderOptions"=-
"NoRun"=-
"NoWinKeys"=-
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoLogOff"=-
:commands
[purity]
[emptytemp]
[start explorer]
[reboot]
---> Colle (Ctrl+V) le texte précédemment copié dans le cadre Paste Instructions for Items to be Moved.
---> Clique maintenant sur le bouton MoveIt! puis ferme OTMoveIt3.
Si un fichier ou dossier ne peut pas être supprimé immédiatement, le logiciel te demandera de redémarrer.
Accepte en cliquant sur YES.
---> Poste le rapport situé dans ce dossier : C:\_OTMoveIt\MovedFiles\
Le nom du rapport correspond au moment de sa création : date_heure.log
========== PROCESSES ==========
Process explorer.exe killed successfully.
========== SERVICES/DRIVERS ==========
Service\Driver ar4qs08q not found.
Service\Driver key ar4qs08q deleted successfully.
========== FILES ==========
C:\Program Files\Malwarebytes' Anti-Malware(13)\Languages moved successfully.
C:\Program Files\Malwarebytes' Anti-Malware(13) moved successfully.
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}\\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}\\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Adobe Reader Speed Launcher deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\MsnMsgr deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\IDMan deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System\\DisableCAD deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer\\NoFind deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer\\NoFolderOptions deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer\\NoRun deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer\\NoWinKeys deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer\\NoLogOff deleted successfully.
========== COMMANDS ==========
User's Temp folder emptied.
User's Internet Explorer cache folder emptied.
Windows Temp folder emptied.
FireFox cache emptied.
Temp folders emptied.
Explorer started successfully
OTMoveIt3 by OldTimer - Version 1.0.11.0 log created on 05082009_141009
Process explorer.exe killed successfully.
========== SERVICES/DRIVERS ==========
Service\Driver ar4qs08q not found.
Service\Driver key ar4qs08q deleted successfully.
========== FILES ==========
C:\Program Files\Malwarebytes' Anti-Malware(13)\Languages moved successfully.
C:\Program Files\Malwarebytes' Anti-Malware(13) moved successfully.
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}\\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}\\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Adobe Reader Speed Launcher deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\MsnMsgr deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\IDMan deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System\\DisableCAD deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer\\NoFind deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer\\NoFolderOptions deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer\\NoRun deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer\\NoWinKeys deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer\\NoLogOff deleted successfully.
========== COMMANDS ==========
User's Temp folder emptied.
User's Internet Explorer cache folder emptied.
Windows Temp folder emptied.
FireFox cache emptied.
Temp folders emptied.
Explorer started successfully
OTMoveIt3 by OldTimer - Version 1.0.11.0 log created on 05082009_141009
Utilisateur anonyme
8 mai 2009 à 15:19
8 mai 2009 à 15:19
> Télécharge Dr Web CureIt sur ton Bureau :
- Double clique <drweb-cureit.exe> et ensuite clique sur <Analyse>;
- Clique <Ok> à l'invite de l'analyse rapide. S'il trouve des processus infectés alors clique le bouton <Oui>.
Note : une fenêtre s'ouvrira avec options pour "Commander" ou "50% de réduction" : Quitte en cliquant le "X".
- Lorsque le scan rapide est terminé, clique sur le menu <Options> puis <Changer la configuration> ; Choisis l'onglet <Scanner>, et décoche <Analyse heuristique>. Clique ensuite sur <Ok>.
- De retour à la fenêtre principale : clique pour activer <Analyse complète>
- Clique le bouton avec flèche verte sur la droite, et le scan débutera.
- Clique <Oui> pour tout à l'invite "Désinfecter ?" lorsqu'un fichier est détecté, et ensuite clique "Désinfecter".
- Lorsque le scan sera complété, regarde si tu peux cliquer sur l' icône, adjacente aux fichiers détectés (plusieurs feuilles l'une sur l'autre). Si oui, alors clique dessus et ensuite clique sur l'icône <Suivant>, au dessous, et choisis <Déplacer en quarantaine l'objet indésirable>.
- Du menu principal de l'outil, au haut à gauche, clique sur le menu <Fichier> et choisis <Enregistrer le rapport>. Sauvegarde le rapport sur ton Bureau. Ce dernier se nommera DrWeb.csv
- Ferme Dr.Web Cureit
- Redémarre ton ordi (important car certains fichiers peuvent être déplacés/réparés au redémarrage).
- Suite au redémarrage, poste (Copie/Colle) le contenu du rapport de Dr.Web dans ta prochaine réponse.
- Double clique <drweb-cureit.exe> et ensuite clique sur <Analyse>;
- Clique <Ok> à l'invite de l'analyse rapide. S'il trouve des processus infectés alors clique le bouton <Oui>.
Note : une fenêtre s'ouvrira avec options pour "Commander" ou "50% de réduction" : Quitte en cliquant le "X".
- Lorsque le scan rapide est terminé, clique sur le menu <Options> puis <Changer la configuration> ; Choisis l'onglet <Scanner>, et décoche <Analyse heuristique>. Clique ensuite sur <Ok>.
- De retour à la fenêtre principale : clique pour activer <Analyse complète>
- Clique le bouton avec flèche verte sur la droite, et le scan débutera.
- Clique <Oui> pour tout à l'invite "Désinfecter ?" lorsqu'un fichier est détecté, et ensuite clique "Désinfecter".
- Lorsque le scan sera complété, regarde si tu peux cliquer sur l' icône, adjacente aux fichiers détectés (plusieurs feuilles l'une sur l'autre). Si oui, alors clique dessus et ensuite clique sur l'icône <Suivant>, au dessous, et choisis <Déplacer en quarantaine l'objet indésirable>.
- Du menu principal de l'outil, au haut à gauche, clique sur le menu <Fichier> et choisis <Enregistrer le rapport>. Sauvegarde le rapport sur ton Bureau. Ce dernier se nommera DrWeb.csv
- Ferme Dr.Web Cureit
- Redémarre ton ordi (important car certains fichiers peuvent être déplacés/réparés au redémarrage).
- Suite au redémarrage, poste (Copie/Colle) le contenu du rapport de Dr.Web dans ta prochaine réponse.
Lancé depuis 15h30, il vient seulement de finir l'analyse complète, mais au moment de sauvegarder, l'ordi a planté et m'a mit un écran d'erreur bleu, et a redémarré.
Il n'a évidement rien sauvegardé...
Donc je relance l'analyse, ce qui me prendra la nuit, je posterai demain matin!
Il n'a évidement rien sauvegardé...
Donc je relance l'analyse, ce qui me prendra la nuit, je posterai demain matin!
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
UsbFix.exe\data014 C:\Documents and Settings\alain\DoctorWeb\Quarantine\UsbFix.exe Tool.Prockill
UsbFix.exe C:\Documents and Settings\alain\DoctorWeb\Quarantine Conteneur comporte des objets infectés
UsbFix_0.exe\data014 C:\Documents and Settings\alain\DoctorWeb\Quarantine\UsbFix_0.exe Tool.Prockill
UsbFix_0.exe C:\Documents and Settings\alain\DoctorWeb\Quarantine Conteneur comporte des objets infectés
UsbFix.exe\data014 G:\UsbFix.exe Tool.Prockill
UsbFix.exe G:\ Conteneur comporte des objets infectés
UsbFix.exe C:\Documents and Settings\alain\DoctorWeb\Quarantine Conteneur comporte des objets infectés
UsbFix_0.exe\data014 C:\Documents and Settings\alain\DoctorWeb\Quarantine\UsbFix_0.exe Tool.Prockill
UsbFix_0.exe C:\Documents and Settings\alain\DoctorWeb\Quarantine Conteneur comporte des objets infectés
UsbFix.exe\data014 G:\UsbFix.exe Tool.Prockill
UsbFix.exe G:\ Conteneur comporte des objets infectés
Je sais pas si ça peut faire avancer et t'aider, mais en renommant les logiciels que j'arrivais pas à lancer, ils s'ouvrent!
Logfile of random's system information tool 1.06 (written by random/random)
Run by alain at 2009-05-10 13:40:32
Microsoft® Windows Vista™ Édition Familiale Premium Service Pack 1
System drive C: has 82 GB (56%) free of 148 GB
Total RAM: 3066 MB (56% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:40:36, on 10/05/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18226)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Windows\System32\mobsync.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe
C:\Program Files\Acer\Empowering Technology\eAudio\eAudio.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Launch Manager\QtZgAcer.EXE
C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe
C:\Program Files\Acer\Acer Bio Protection\PdtWzd.exe
C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe
C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe
C:\Program Files\Acer Arcade Deluxe\PlayMovie\PMVService.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Common Files\Nikon\Monitor\NkMonitor.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Internet Download Manager\IDMan.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Users\alain\AppData\Local\Temp\RtkBtMnt.exe
C:\Program Files\Internet Download Manager\IEMonitor.exe
C:\Program Files\Acer\Acer Bio Protection\PwdBank.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Mozilla Thunderbird\thunderbird.exe
C:\Windows\system32\conime.exe
C:\Windows\system32\rundll32.exe
C:\Program Files\Common Files\Adobe\Updater6\Adobe_Updater.exe
C:\Program Files\Mozilla Firefox\firefo.exe
G:\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\alain.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACAW&l=040c&s=2&o=vp32&d=1008&m=aspire_6930g
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.bing.com/?cc=fr&toHttps=1&redig=55729C844D6A45819CAD368B3E178C9F
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://mystart.incredimail.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACAW&l=040c&s=2&o=vp32&d=1008&m=aspire_6930g
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer.com/rdr.aspx?b=ACAW&l=040c&s=2&o=vp32&d=1008&m=aspire_6930g
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: ShowBarObj Class - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\ActiveToolBand.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe
O4 - HKLM\..\Run: [eAudio] "C:\Program Files\Acer\Empowering Technology\eAudio\eAudio.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\QtZgAcer.EXE
O4 - HKLM\..\Run: [ePower_DMC] C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe
O4 - HKLM\..\Run: [ZPdtWzdVitaKey MC3000] "C:\Program Files\Acer\Acer Bio Protection\PdtWzd.exe" show
O4 - HKLM\..\Run: [ArcadeDeluxeAgent] "C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe"
O4 - HKLM\..\Run: [CLMLServer] "C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe"
O4 - HKLM\..\Run: [PlayMovie] "C:\Program Files\Acer Arcade Deluxe\PlayMovie\PMVService.exe"
O4 - HKLM\..\Run: [WarReg_PopUp] C:\Program Files\Acer\WR_PopUp\WarReg_PopUp.exe
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [Nikon Transfer Monitor] C:\Program Files\Common Files\Nikon\Monitor\NkMonitor.exe
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Télécharger avec IDM - C:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: Télécharger le contenu de video FLV avec IDM - C:\Program Files\Internet Download Manager\IEGetVL.htm
O8 - Extra context menu item: Télécharger tous les liens avec IDM - C:\Program Files\Internet Download Manager\IEGetAll.htm
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w3/resources/VistaMSNPUpldfr-fr.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} - https://www.touslesdrivers.com/index.php?v_page=29
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://wwwimages.adobe.com/www.adobe.com/products/acrobat/nos/gp.cab
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O20 - Winlogon Notify: AWinNotifyVitaKey MC3000 - C:\Program Files\Acer\Acer Bio Protection\WinNotify.dll
O20 - Winlogon Notify: spba - C:\Program Files\Common Files\SPBA\homefus2.dll
O23 - Service: Planificateur Avira AntiVir Personal - Free Antivirus (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: NTI Backup Now 5 Agent Service (BUNAgentSvc) - NewTech Infosystems, Inc. - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe
O23 - Service: CLHNService - Unknown owner - C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe
O23 - Service: eDataSecurity Service - Egis Incorporated - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
O23 - Service: Empowering Technology Service (ETService) - Unknown owner - C:\Program Files\Acer\Empowering Technology\Service\ETService.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: getPlus(R) Helper - NOS Microsystems Ltd. - C:\Program Files\NOS\bin\getPlus_HelperSvc.exe
O23 - Service: Google Desktop Manager 5.8.809.23506 (GoogleDesktopManager-092308-165331) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Service Google Update (gupdate1c9b181bfc42490) (gupdate1c9b181bfc42490) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iGroupTec Service (IGBASVC) - Unknown owner - C:\Program Files\Acer\Acer Bio Protection\BASVC.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe
O23 - Service: NTI Backup Now 5 Backup Service (NTIBackupSvc) - NewTech InfoSystems, Inc. - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
O23 - Service: NTI Backup Now 5 Scheduler Service (NTISchedulerSvc) - Unknown owner - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
Run by alain at 2009-05-10 13:40:32
Microsoft® Windows Vista™ Édition Familiale Premium Service Pack 1
System drive C: has 82 GB (56%) free of 148 GB
Total RAM: 3066 MB (56% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:40:36, on 10/05/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18226)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Windows\System32\mobsync.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe
C:\Program Files\Acer\Empowering Technology\eAudio\eAudio.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Launch Manager\QtZgAcer.EXE
C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe
C:\Program Files\Acer\Acer Bio Protection\PdtWzd.exe
C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe
C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe
C:\Program Files\Acer Arcade Deluxe\PlayMovie\PMVService.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Common Files\Nikon\Monitor\NkMonitor.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Internet Download Manager\IDMan.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Users\alain\AppData\Local\Temp\RtkBtMnt.exe
C:\Program Files\Internet Download Manager\IEMonitor.exe
C:\Program Files\Acer\Acer Bio Protection\PwdBank.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Mozilla Thunderbird\thunderbird.exe
C:\Windows\system32\conime.exe
C:\Windows\system32\rundll32.exe
C:\Program Files\Common Files\Adobe\Updater6\Adobe_Updater.exe
C:\Program Files\Mozilla Firefox\firefo.exe
G:\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\alain.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACAW&l=040c&s=2&o=vp32&d=1008&m=aspire_6930g
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.bing.com/?cc=fr&toHttps=1&redig=55729C844D6A45819CAD368B3E178C9F
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://mystart.incredimail.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACAW&l=040c&s=2&o=vp32&d=1008&m=aspire_6930g
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer.com/rdr.aspx?b=ACAW&l=040c&s=2&o=vp32&d=1008&m=aspire_6930g
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: ShowBarObj Class - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\ActiveToolBand.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe
O4 - HKLM\..\Run: [eAudio] "C:\Program Files\Acer\Empowering Technology\eAudio\eAudio.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\QtZgAcer.EXE
O4 - HKLM\..\Run: [ePower_DMC] C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe
O4 - HKLM\..\Run: [ZPdtWzdVitaKey MC3000] "C:\Program Files\Acer\Acer Bio Protection\PdtWzd.exe" show
O4 - HKLM\..\Run: [ArcadeDeluxeAgent] "C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe"
O4 - HKLM\..\Run: [CLMLServer] "C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe"
O4 - HKLM\..\Run: [PlayMovie] "C:\Program Files\Acer Arcade Deluxe\PlayMovie\PMVService.exe"
O4 - HKLM\..\Run: [WarReg_PopUp] C:\Program Files\Acer\WR_PopUp\WarReg_PopUp.exe
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [Nikon Transfer Monitor] C:\Program Files\Common Files\Nikon\Monitor\NkMonitor.exe
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Télécharger avec IDM - C:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: Télécharger le contenu de video FLV avec IDM - C:\Program Files\Internet Download Manager\IEGetVL.htm
O8 - Extra context menu item: Télécharger tous les liens avec IDM - C:\Program Files\Internet Download Manager\IEGetAll.htm
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w3/resources/VistaMSNPUpldfr-fr.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} - https://www.touslesdrivers.com/index.php?v_page=29
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://wwwimages.adobe.com/www.adobe.com/products/acrobat/nos/gp.cab
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O20 - Winlogon Notify: AWinNotifyVitaKey MC3000 - C:\Program Files\Acer\Acer Bio Protection\WinNotify.dll
O20 - Winlogon Notify: spba - C:\Program Files\Common Files\SPBA\homefus2.dll
O23 - Service: Planificateur Avira AntiVir Personal - Free Antivirus (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: NTI Backup Now 5 Agent Service (BUNAgentSvc) - NewTech Infosystems, Inc. - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe
O23 - Service: CLHNService - Unknown owner - C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe
O23 - Service: eDataSecurity Service - Egis Incorporated - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
O23 - Service: Empowering Technology Service (ETService) - Unknown owner - C:\Program Files\Acer\Empowering Technology\Service\ETService.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: getPlus(R) Helper - NOS Microsystems Ltd. - C:\Program Files\NOS\bin\getPlus_HelperSvc.exe
O23 - Service: Google Desktop Manager 5.8.809.23506 (GoogleDesktopManager-092308-165331) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Service Google Update (gupdate1c9b181bfc42490) (gupdate1c9b181bfc42490) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iGroupTec Service (IGBASVC) - Unknown owner - C:\Program Files\Acer\Acer Bio Protection\BASVC.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe
O23 - Service: NTI Backup Now 5 Backup Service (NTIBackupSvc) - NewTech InfoSystems, Inc. - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
O23 - Service: NTI Backup Now 5 Scheduler Service (NTISchedulerSvc) - Unknown owner - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
Utilisateur anonyme
10 mai 2009 à 14:04
10 mai 2009 à 14:04
---> Désactive ton antivirus le temps de la manipulation car OTMoveIt3 est détecté comme une infection à tort.
---> Télécharge OTMoveIt3 (OldTimer) sur ton Bureau :
---> Double-clique sur OTMoveIt3.exe afin de le lancer.
---> Copie (Ctrl+C) le texte suivant ci-dessous :
:processes
explorer.exe
:files
G:\Start.exe
:reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"=-
"Nikon Transfer Monitor"=-
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"MsnMsgr"=-
"IDMan"=-
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableCAD"=-
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{eb673e70-f1e4-11dd-aa11-00238b055027}\shell\Auto\command]
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{eb673e70-f1e4-11dd-aa11-00238b055027}\shell\AutoRun\command]
:commands
[purity]
[emptytemp]
[start explorer]
[reboot]
---> Colle (Ctrl+V) le texte précédemment copié dans le cadre Paste Instructions for Items to be Moved.
---> Clique maintenant sur le bouton MoveIt! puis ferme OTMoveIt3.
Si un fichier ou dossier ne peut pas être supprimé immédiatement, le logiciel te demandera de redémarrer.
Accepte en cliquant sur YES.
---> Poste le rapport situé dans ce dossier : C:\_OTMoveIt\MovedFiles\
Le nom du rapport correspond au moment de sa création : date_heure.log
---> Télécharge OTMoveIt3 (OldTimer) sur ton Bureau :
---> Double-clique sur OTMoveIt3.exe afin de le lancer.
---> Copie (Ctrl+C) le texte suivant ci-dessous :
:processes
explorer.exe
:files
G:\Start.exe
:reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"=-
"Nikon Transfer Monitor"=-
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"MsnMsgr"=-
"IDMan"=-
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableCAD"=-
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{eb673e70-f1e4-11dd-aa11-00238b055027}\shell\Auto\command]
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{eb673e70-f1e4-11dd-aa11-00238b055027}\shell\AutoRun\command]
:commands
[purity]
[emptytemp]
[start explorer]
[reboot]
---> Colle (Ctrl+V) le texte précédemment copié dans le cadre Paste Instructions for Items to be Moved.
---> Clique maintenant sur le bouton MoveIt! puis ferme OTMoveIt3.
Si un fichier ou dossier ne peut pas être supprimé immédiatement, le logiciel te demandera de redémarrer.
Accepte en cliquant sur YES.
---> Poste le rapport situé dans ce dossier : C:\_OTMoveIt\MovedFiles\
Le nom du rapport correspond au moment de sa création : date_heure.log
========== PROCESSES ==========
Process explorer.exe killed successfully.
========== FILES ==========
File/Folder G:\Start.exe not found.
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}\\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}\\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Nikon Transfer Monitor deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\MsnMsgr deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\IDMan deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System\\DisableCAD deleted successfully.
Registry key HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{eb673e70-f1e4-11dd-aa11-00238b055027}\shell\Auto\command\\ deleted successfully.
Registry key HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{eb673e70-f1e4-11dd-aa11-00238b055027}\shell\AutoRun\command\\ deleted successfully.
========== COMMANDS ==========
File delete failed. C:\Users\alain\AppData\Local\Temp\etilqs_nS2p1X1sdiCpHaBbi2Q0 scheduled to be deleted on reboot.
File delete failed. C:\Users\alain\AppData\Local\Temp\RtkBtMnt.exe scheduled to be deleted on reboot.
User's Temp folder emptied.
User's Internet Explorer cache folder emptied.
Windows Temp folder emptied.
File delete failed. C:\Users\alain\AppData\Local\Mozilla\Firefox\Profiles\uv0kql7v.default\Cache\_CACHE_001_ scheduled to be deleted on reboot.
File delete failed. C:\Users\alain\AppData\Local\Mozilla\Firefox\Profiles\uv0kql7v.default\Cache\_CACHE_002_ scheduled to be deleted on reboot.
File delete failed. C:\Users\alain\AppData\Local\Mozilla\Firefox\Profiles\uv0kql7v.default\Cache\_CACHE_003_ scheduled to be deleted on reboot.
File delete failed. C:\Users\alain\AppData\Local\Mozilla\Firefox\Profiles\uv0kql7v.default\Cache\_CACHE_MAP_ scheduled to be deleted on reboot.
File delete failed. C:\Users\alain\AppData\Local\Mozilla\Firefox\Profiles\uv0kql7v.default\urlclassifier3.sqlite scheduled to be deleted on reboot.
File delete failed. C:\Users\alain\AppData\Local\Mozilla\Firefox\Profiles\uv0kql7v.default\XUL.mfl scheduled to be deleted on reboot.
FireFox cache emptied.
Temp folders emptied.
Explorer started successfully
OTMoveIt3 by OldTimer - Version 1.0.11.0 log created on 05102009_142436
Par contre, à chaque fois que je lance un programme comme ça, quand il redemarre juste après, quand l'icone de windows charge, l'ecran se bloque et plus rien ne se passe.
Donc je coupe et je redemarre, et il me lance toujours un programme (startup quelquechose) qui répare l'ordi, et quand j'arrive enfin sur windows, je ne peux toujours pas ouvrir les logiciels... :(
Process explorer.exe killed successfully.
========== FILES ==========
File/Folder G:\Start.exe not found.
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}\\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}\\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Nikon Transfer Monitor deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\MsnMsgr deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\IDMan deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System\\DisableCAD deleted successfully.
Registry key HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{eb673e70-f1e4-11dd-aa11-00238b055027}\shell\Auto\command\\ deleted successfully.
Registry key HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{eb673e70-f1e4-11dd-aa11-00238b055027}\shell\AutoRun\command\\ deleted successfully.
========== COMMANDS ==========
File delete failed. C:\Users\alain\AppData\Local\Temp\etilqs_nS2p1X1sdiCpHaBbi2Q0 scheduled to be deleted on reboot.
File delete failed. C:\Users\alain\AppData\Local\Temp\RtkBtMnt.exe scheduled to be deleted on reboot.
User's Temp folder emptied.
User's Internet Explorer cache folder emptied.
Windows Temp folder emptied.
File delete failed. C:\Users\alain\AppData\Local\Mozilla\Firefox\Profiles\uv0kql7v.default\Cache\_CACHE_001_ scheduled to be deleted on reboot.
File delete failed. C:\Users\alain\AppData\Local\Mozilla\Firefox\Profiles\uv0kql7v.default\Cache\_CACHE_002_ scheduled to be deleted on reboot.
File delete failed. C:\Users\alain\AppData\Local\Mozilla\Firefox\Profiles\uv0kql7v.default\Cache\_CACHE_003_ scheduled to be deleted on reboot.
File delete failed. C:\Users\alain\AppData\Local\Mozilla\Firefox\Profiles\uv0kql7v.default\Cache\_CACHE_MAP_ scheduled to be deleted on reboot.
File delete failed. C:\Users\alain\AppData\Local\Mozilla\Firefox\Profiles\uv0kql7v.default\urlclassifier3.sqlite scheduled to be deleted on reboot.
File delete failed. C:\Users\alain\AppData\Local\Mozilla\Firefox\Profiles\uv0kql7v.default\XUL.mfl scheduled to be deleted on reboot.
FireFox cache emptied.
Temp folders emptied.
Explorer started successfully
OTMoveIt3 by OldTimer - Version 1.0.11.0 log created on 05102009_142436
Par contre, à chaque fois que je lance un programme comme ça, quand il redemarre juste après, quand l'icone de windows charge, l'ecran se bloque et plus rien ne se passe.
Donc je coupe et je redemarre, et il me lance toujours un programme (startup quelquechose) qui répare l'ordi, et quand j'arrive enfin sur windows, je ne peux toujours pas ouvrir les logiciels... :(
Utilisateur anonyme
10 mai 2009 à 15:16
10 mai 2009 à 15:16
il me lance toujours un programme (startup quelquechose) tu peux en dire plus ?
Alors quand je lance des programmes comme OTMoveIt3, et qu'il me demande de rebooter, l'ordi se relance et bloque sur la page de chargement de windows:
http://img13.imageshack.us/img13/6118/n952384.jpg
Comme ça bloque indéfiniment sur ça, je coupe manuellement l'ordi et je le rallume, et il me met la page là:
http://img8.imageshack.us/img8/3826/n952385.jpg
Si je remets "démarrer windows normalement", il bloquera toujours comme sur la photo précédente, donc il faut que je mette "lancer l'outil de redémarrage système".
Donc là il me lance ça:
http://img13.imageshack.us/img13/2396/n952386.jpg
Puis ça:
https://imageshack.com/
Après ça, je peux revenir enfin sur windows, ça supprime tous les programmes comme OTmoveIt3, drweb-cureit, etc., que j'installe depuis avant hier, et ça ne résoud toujours pas le problème des logiciels comme Internet Explorer, Malwarebytes ou encore Mozilla, qui ne s'ouvrent toujours pas!
Sinon je peux toujours essayer de réinstaller windows, mais je sais pas si même ça ca permettra de resoudre le pb!
http://img13.imageshack.us/img13/6118/n952384.jpg
Comme ça bloque indéfiniment sur ça, je coupe manuellement l'ordi et je le rallume, et il me met la page là:
http://img8.imageshack.us/img8/3826/n952385.jpg
Si je remets "démarrer windows normalement", il bloquera toujours comme sur la photo précédente, donc il faut que je mette "lancer l'outil de redémarrage système".
Donc là il me lance ça:
http://img13.imageshack.us/img13/2396/n952386.jpg
Puis ça:
https://imageshack.com/
Après ça, je peux revenir enfin sur windows, ça supprime tous les programmes comme OTmoveIt3, drweb-cureit, etc., que j'installe depuis avant hier, et ça ne résoud toujours pas le problème des logiciels comme Internet Explorer, Malwarebytes ou encore Mozilla, qui ne s'ouvrent toujours pas!
Sinon je peux toujours essayer de réinstaller windows, mais je sais pas si même ça ca permettra de resoudre le pb!
Utilisateur anonyme
10 mai 2009 à 17:00
10 mai 2009 à 17:00
essaie de faire ceci :
Clique sur le menu Demarrer /Panneau de configuration/Options des dossiers/ puis dans l'onglet Affichage
- Coche Afficher les fichiers et dossiers cachés
- Décoche Masquer les extensions des fichiers dont le type est connu
- Décoche Masquer les fichiers protégés du système d'exploitation (recommandé)
clique sur Appliquer, puis OK.
N'oublie pas de recacher à nouveau les fichiers cachés et protégés du système d'exploitation en fin de désinfection, c'est important
Fais analyser le(s) fichier(s) suivants sur Virustotal :
Virus Total
* Clique sur Parcourir en haut, choisis Poste de travail et cherche ce fichier :
C:\Program Files\Common Files\SPBA\homefus2.dll
* Clique maintenant sur Envoyer le fichier. et laisse travailler tant que "Situation actuelle : en cours d'analyse" est affiché.
* Il est possible que le fichier soit mis en file d'attente en raison d'un grand nombre de demandes d'analyses. En ce cas, il te faudra patienter sans actualiser la page.
* Lorsque l'analyse est terminée ("Situation actuelle: terminé"), clique sur Formaté
* Une nouvelle fenêtre de ton navigateur va apparaître
* Clique alors sur les deux fleches
* Fais un clic droit sur la page, et choisis Sélectionner tout, puis copier
* Enfin colle le résultat dans ta prochaine réponse.
Clique sur le menu Demarrer /Panneau de configuration/Options des dossiers/ puis dans l'onglet Affichage
- Coche Afficher les fichiers et dossiers cachés
- Décoche Masquer les extensions des fichiers dont le type est connu
- Décoche Masquer les fichiers protégés du système d'exploitation (recommandé)
clique sur Appliquer, puis OK.
N'oublie pas de recacher à nouveau les fichiers cachés et protégés du système d'exploitation en fin de désinfection, c'est important
Fais analyser le(s) fichier(s) suivants sur Virustotal :
Virus Total
* Clique sur Parcourir en haut, choisis Poste de travail et cherche ce fichier :
C:\Program Files\Common Files\SPBA\homefus2.dll
* Clique maintenant sur Envoyer le fichier. et laisse travailler tant que "Situation actuelle : en cours d'analyse" est affiché.
* Il est possible que le fichier soit mis en file d'attente en raison d'un grand nombre de demandes d'analyses. En ce cas, il te faudra patienter sans actualiser la page.
* Lorsque l'analyse est terminée ("Situation actuelle: terminé"), clique sur Formaté
* Une nouvelle fenêtre de ton navigateur va apparaître
* Clique alors sur les deux fleches
* Fais un clic droit sur la page, et choisis Sélectionner tout, puis copier
* Enfin colle le résultat dans ta prochaine réponse.
Fichier homefus2.dll reçu le 2009.05.10 18:01:02 (CET)
Antivirus Version Dernière mise à jour Résultat
a-squared 4.0.0.101 2009.05.10 -
AhnLab-V3 5.0.0.2 2009.05.09 -
AntiVir 7.9.0.166 2009.05.10 -
Antiy-AVL 2.0.3.1 2009.05.08 -
Authentium 5.1.2.4 2009.05.09 -
Avast 4.8.1335.0 2009.05.09 -
AVG 8.5.0.327 2009.05.10 -
BitDefender 7.2 2009.05.10 -
CAT-QuickHeal 10.00 2009.05.09 -
ClamAV 0.94.1 2009.05.10 -
Comodo 1157 2009.05.08 -
DrWeb 5.0.0.12182 2009.05.10 -
eSafe 7.0.17.0 2009.05.10 -
eTrust-Vet 31.6.6497 2009.05.08 -
F-Prot 4.4.4.56 2009.05.09 -
F-Secure 8.0.14470.0 2009.05.09 -
Fortinet 3.117.0.0 2009.05.10 -
GData 19 2009.05.10 -
Ikarus T3.1.1.49.0 2009.05.10 -
K7AntiVirus 7.10.729 2009.05.08 -
Kaspersky 7.0.0.125 2009.05.10 -
McAfee 5611 2009.05.10 -
McAfee+Artemis 5611 2009.05.10 -
McAfee-GW-Edition 6.7.6 2009.05.10 -
Microsoft 1.4602 2009.05.10 -
NOD32 4063 2009.05.08 -
Norman 6.01.05 2009.05.08 -
nProtect 2009.1.8.0 2009.05.10 -
Panda 10.0.0.14 2009.05.10 -
PCTools 4.4.2.0 2009.05.07 -
Prevx 3.0 2009.05.10 -
Rising 21.28.62.00 2009.05.10 -
Sophos 4.41.0 2009.05.10 -
Sunbelt 3.2.1858.2 2009.05.09 -
Symantec 1.4.4.12 2009.05.10 -
TheHacker 6.3.4.1.324 2009.05.09 -
TrendMicro 8.950.0.1092 2009.05.08 -
VBA32 3.12.10.4 2009.05.09 -
ViRobot 2009.5.9.1727 2009.05.09 -
VirusBuster 4.6.5.0 2009.05.10 -
Information additionnelle
File size: 567560 bytes
MD5...: 2b997108ddea8d324be558a72a5cc8ab
SHA1..: 55a9d8b7c2b35bb248109a8514d9535ca9554c37
SHA256: d41962b91fe55ef89514e83ce11ab18cc30eed2d6cd5fbfeddac22d0b613756e
SHA512: 4ab7752c1866657e5408657106a8e63d1f49678827656fe6622a0f1f076458fb<br>9fa24a2513aba4bf2b51ac0e88d1760a719f80d50f33042a7c7e819087023993
ssdeep: 12288:kzm8WlKxvrwDKX+YmncyVi66CHESU4HvA:kS8Z55Gcoi6NkSU7<br>
PEiD..: -
TrID..: File type identification<br>Win32 Executable MS Visual C++ (generic) (65.2%)<br>Win32 Executable Generic (14.7%)<br>Win32 Dynamic Link Library (generic) (13.1%)<br>Generic Win/DOS Executable (3.4%)<br>DOS Executable Generic (3.4%)
PEInfo: PE Structure information<br><br>( base data )<br>entrypointaddress.: 0x21cb8<br>timedatestamp.....: 0x47e90b0c (Tue Mar 25 14:24:12 2008)<br>machinetype.......: 0x14c (I386)<br><br>( 6 sections )<br>name viradd virsiz rawdsiz ntrpy md5<br>.text 0x1000 0x25228 0x25400 6.55 68552808f50f530c66d67da51cf1694b<br>.rdata 0x27000 0x1de0d 0x1e000 4.38 e6d0686f2a2c91e8b757a5796719a1d3<br>.data 0x45000 0x3ba0 0x3600 4.52 e88421d5926f7a003640171157bcadef<br>.HKT 0x49000 0xc 0x200 0.00 bf619eac0cdf3f68d496ea9344137e8b<br>.rsrc 0x4a000 0x3cd90 0x3ce00 7.94 56cebb92cdcaf9b11176f5a326cb5676<br>.reloc 0x87000 0x5562 0x5600 5.75 0507d19b79abd669d574b94216f6f0b0<br><br>( 13 imports ) <br>> KERNEL32.dll: CreateFileW, GetSystemDirectoryW, MulDiv, GetComputerNameW, LoadLibraryA, AddAtomW, CreateMutexW, CreateEventW, OpenEventW, FindAtomW, ResetEvent, QueryPerformanceCounter, IsDebuggerPresent, SetUnhandledExceptionFilter, GetFileSize, TerminateProcess, VirtualAlloc, VirtualFree, IsProcessorFeaturePresent, InterlockedCompareExchange, GetVersionExA, GetThreadLocale, GetLocaleInfoA, GetACP, InterlockedExchange, GetProcessHeap, HeapAlloc, HeapFree, ReadFile, UnhandledExceptionFilter, WaitForSingleObject, GetCurrentProcessId, DeleteAtom, CallNamedPipeW, GetLocaleInfoW, SetEvent, LocalFree, CloseHandle, GetCurrentProcess, FlushInstructionCache, GetVersionExW, FindResourceExW, LockResource, Sleep, FindResourceW, LoadResource, SizeofResource, FreeLibrary, lstrcmpiW, InterlockedDecrement, InterlockedIncrement, lstrlenW, GetModuleHandleA, LoadLibraryExW, GetCurrentThreadId, OutputDebugStringA, LoadLibraryW, DeleteCriticalSection, InitializeCriticalSection, LeaveCriticalSection, EnterCriticalSection, RaiseException, MultiByteToWideChar, GetModuleFileNameW, GetLastError, GetUserDefaultLangID, SetLastError, GetTickCount, GetVersion, GetFileAttributesW, GetProcAddress, GetModuleHandleW, GetSystemTimeAsFileTime, LocalAlloc<br>> USER32.dll: GetWindowRect, BringWindowToTop, SetWindowPos, GetDlgItem, OpenDesktopW, UnregisterClassA, ExitWindowsEx, SetWindowLongW, DestroyWindow, GetParent, BeginPaint, EndPaint, CharNextW, EnableWindow, DrawIconEx, CreateIconIndirect, DrawTextW, GetDC, SystemParametersInfoW, GetKeyboardLayout, GetKeyboardLayoutNameW, GetKeyboardLayoutList, MessageBoxW, RegisterWindowMessageW, EnumDesktopWindows, IsWindowVisible, SetThreadDesktop, EndDialog, SetWindowTextW, CreateWindowExW, SetTimer, GetDlgItemTextW, ScreenToClient, SetFocus, LoadImageW, DispatchMessageW, TranslateMessage, GetActiveWindow, AttachThreadInput, GetWindowThreadProcessId, GetForegroundWindow, SendInput, GetThreadDesktop, SetCursorPos, GetCursorPos, ReleaseDC, keybd_event, EnumChildWindows, EnumWindows, CloseDesktop, MapWindowPoints, GetWindow, MoveWindow, FillRect, GetClientRect, GetWindowLongW, KillTimer, SendMessageW, DestroyIcon, GetSysColor, PostMessageW, DefWindowProcW, GetSystemMetrics, SetForegroundWindow, DialogBoxIndirectParamW, CreateDialogIndirectParamW, IsWindow, SetDlgItemTextW, SetActiveWindow, RedrawWindow, ShowWindow, InvalidateRect, FindWindowW, CallWindowProcW<br>> GDI32.dll: GetDeviceCaps, SetBkMode, CreateFontIndirectW, CreateCompatibleDC, CreateCompatibleBitmap, CreateBitmap, DeleteObject, SelectObject, SetBkColor, SetTextColor, ExtTextOutW, GetStockObject, PatBlt, DeleteDC, CreateSolidBrush<br>> ADVAPI32.dll: RegQueryValueExW, InitiateSystemShutdownExW, ConvertStringSidToSidW, EqualSid, ConvertSidToStringSidW, GetTokenInformation, AllocateAndInitializeSid, FreeSid, RegNotifyChangeKeyValue, OpenProcessToken, LookupPrivilegeValueW, AdjustTokenPrivileges, LookupAccountSidW, GetSidSubAuthorityCount, GetSidLengthRequired, GetSidIdentifierAuthority, InitializeSid, RegCloseKey, RegOpenKeyExW, RegDeleteKeyW, RegDeleteValueW, RegCreateKeyExW, RegSetValueExW, RegQueryInfoKeyW, RegEnumKeyExW, LogonUserW, ImpersonateLoggedOnUser, RevertToSelf, GetSidSubAuthority, LookupAccountNameW<br>> SHELL32.dll: ExtractIconExW<br>> IMM32.dll: ImmGetIMEFileNameW, ImmIsIME<br>> RPCRT4.dll: UuidCreate<br>> gdiplus.dll: GdiplusStartup, GdiplusShutdown<br>> NETAPI32.dll: NetUserChangePassword, NetApiBufferFree, NetUserModalsGet<br>> Secur32.dll: LsaCallAuthenticationPackage, LsaRegisterLogonProcess, LsaLookupAuthenticationPackage<br>> ole32.dll: CoTaskMemAlloc, CoTaskMemFree, CoCreateInstance, CoTaskMemRealloc<br>> OLEAUT32.dll: -<br>> MSVCR80.dll: __clean_type_info_names_internal, _crt_debugger_hook, __type_info_dtor_internal_method@type_info@@QAEXXZ, __CppXcptFilter, _adjust_fdiv, _amsg_exit, _initterm_e, _initterm, _encoded_null, _malloc_crt, _decode_pointer, _onexit, _lock, _encode_pointer, __dllonexit, _unlock, _except_handler4_common, _terminate@@YAXXZ, fwrite, _wfopen, fseek, fgetpos, fread, fclose, _wtoi, swscanf, wcsstr, strcpy, _wcsicmp, wcstoul, memcpy, _wcsupr, _vsnwprintf, wcscspn, wcsspn, wcscat, __0exception@std@@QAE@XZ, __0exception@std@@QAE@ABV01@@Z, memmove_s, strlen, __1exception@std@@UAE@XZ, _what@exception@std@@UBEPBDXZ, __0exception@std@@QAE@ABQBD@Z, _invalid_parameter_noinfo, _purecall, wcscmp, _mbslen, _recalloc, wcsncpy_s, memcpy_s, malloc, __CxxFrameHandler3, __2@YAPAXI@Z, _CxxThrowException, memset, free, wcsncpy, wcscpy, wcslen, wcsrchr, ___V@YAXPAX@Z, __3@YAXPAX@Z<br><br>( 12 exports ) <br>InitializeChangeNotifyS, LockEventS, LogoffEventS, LogonEventS, Module_GetStaticList_2_ql2, Module_IsUnlocked_2_ql2, PasswordChangeNotifyS, PasswordFilterS, ShellStartEventS, ShutdownEventS, StartupEventS, UnlockEventS<br>
PDFiD.: -
RDS...: NSRL Reference Data Set<br>-
Antivirus Version Dernière mise à jour Résultat
a-squared 4.0.0.101 2009.05.10 -
AhnLab-V3 5.0.0.2 2009.05.09 -
AntiVir 7.9.0.166 2009.05.10 -
Antiy-AVL 2.0.3.1 2009.05.08 -
Authentium 5.1.2.4 2009.05.09 -
Avast 4.8.1335.0 2009.05.09 -
AVG 8.5.0.327 2009.05.10 -
BitDefender 7.2 2009.05.10 -
CAT-QuickHeal 10.00 2009.05.09 -
ClamAV 0.94.1 2009.05.10 -
Comodo 1157 2009.05.08 -
DrWeb 5.0.0.12182 2009.05.10 -
eSafe 7.0.17.0 2009.05.10 -
eTrust-Vet 31.6.6497 2009.05.08 -
F-Prot 4.4.4.56 2009.05.09 -
F-Secure 8.0.14470.0 2009.05.09 -
Fortinet 3.117.0.0 2009.05.10 -
GData 19 2009.05.10 -
Ikarus T3.1.1.49.0 2009.05.10 -
K7AntiVirus 7.10.729 2009.05.08 -
Kaspersky 7.0.0.125 2009.05.10 -
McAfee 5611 2009.05.10 -
McAfee+Artemis 5611 2009.05.10 -
McAfee-GW-Edition 6.7.6 2009.05.10 -
Microsoft 1.4602 2009.05.10 -
NOD32 4063 2009.05.08 -
Norman 6.01.05 2009.05.08 -
nProtect 2009.1.8.0 2009.05.10 -
Panda 10.0.0.14 2009.05.10 -
PCTools 4.4.2.0 2009.05.07 -
Prevx 3.0 2009.05.10 -
Rising 21.28.62.00 2009.05.10 -
Sophos 4.41.0 2009.05.10 -
Sunbelt 3.2.1858.2 2009.05.09 -
Symantec 1.4.4.12 2009.05.10 -
TheHacker 6.3.4.1.324 2009.05.09 -
TrendMicro 8.950.0.1092 2009.05.08 -
VBA32 3.12.10.4 2009.05.09 -
ViRobot 2009.5.9.1727 2009.05.09 -
VirusBuster 4.6.5.0 2009.05.10 -
Information additionnelle
File size: 567560 bytes
MD5...: 2b997108ddea8d324be558a72a5cc8ab
SHA1..: 55a9d8b7c2b35bb248109a8514d9535ca9554c37
SHA256: d41962b91fe55ef89514e83ce11ab18cc30eed2d6cd5fbfeddac22d0b613756e
SHA512: 4ab7752c1866657e5408657106a8e63d1f49678827656fe6622a0f1f076458fb<br>9fa24a2513aba4bf2b51ac0e88d1760a719f80d50f33042a7c7e819087023993
ssdeep: 12288:kzm8WlKxvrwDKX+YmncyVi66CHESU4HvA:kS8Z55Gcoi6NkSU7<br>
PEiD..: -
TrID..: File type identification<br>Win32 Executable MS Visual C++ (generic) (65.2%)<br>Win32 Executable Generic (14.7%)<br>Win32 Dynamic Link Library (generic) (13.1%)<br>Generic Win/DOS Executable (3.4%)<br>DOS Executable Generic (3.4%)
PEInfo: PE Structure information<br><br>( base data )<br>entrypointaddress.: 0x21cb8<br>timedatestamp.....: 0x47e90b0c (Tue Mar 25 14:24:12 2008)<br>machinetype.......: 0x14c (I386)<br><br>( 6 sections )<br>name viradd virsiz rawdsiz ntrpy md5<br>.text 0x1000 0x25228 0x25400 6.55 68552808f50f530c66d67da51cf1694b<br>.rdata 0x27000 0x1de0d 0x1e000 4.38 e6d0686f2a2c91e8b757a5796719a1d3<br>.data 0x45000 0x3ba0 0x3600 4.52 e88421d5926f7a003640171157bcadef<br>.HKT 0x49000 0xc 0x200 0.00 bf619eac0cdf3f68d496ea9344137e8b<br>.rsrc 0x4a000 0x3cd90 0x3ce00 7.94 56cebb92cdcaf9b11176f5a326cb5676<br>.reloc 0x87000 0x5562 0x5600 5.75 0507d19b79abd669d574b94216f6f0b0<br><br>( 13 imports ) <br>> KERNEL32.dll: CreateFileW, GetSystemDirectoryW, MulDiv, GetComputerNameW, LoadLibraryA, AddAtomW, CreateMutexW, CreateEventW, OpenEventW, FindAtomW, ResetEvent, QueryPerformanceCounter, IsDebuggerPresent, SetUnhandledExceptionFilter, GetFileSize, TerminateProcess, VirtualAlloc, VirtualFree, IsProcessorFeaturePresent, InterlockedCompareExchange, GetVersionExA, GetThreadLocale, GetLocaleInfoA, GetACP, InterlockedExchange, GetProcessHeap, HeapAlloc, HeapFree, ReadFile, UnhandledExceptionFilter, WaitForSingleObject, GetCurrentProcessId, DeleteAtom, CallNamedPipeW, GetLocaleInfoW, SetEvent, LocalFree, CloseHandle, GetCurrentProcess, FlushInstructionCache, GetVersionExW, FindResourceExW, LockResource, Sleep, FindResourceW, LoadResource, SizeofResource, FreeLibrary, lstrcmpiW, InterlockedDecrement, InterlockedIncrement, lstrlenW, GetModuleHandleA, LoadLibraryExW, GetCurrentThreadId, OutputDebugStringA, LoadLibraryW, DeleteCriticalSection, InitializeCriticalSection, LeaveCriticalSection, EnterCriticalSection, RaiseException, MultiByteToWideChar, GetModuleFileNameW, GetLastError, GetUserDefaultLangID, SetLastError, GetTickCount, GetVersion, GetFileAttributesW, GetProcAddress, GetModuleHandleW, GetSystemTimeAsFileTime, LocalAlloc<br>> USER32.dll: GetWindowRect, BringWindowToTop, SetWindowPos, GetDlgItem, OpenDesktopW, UnregisterClassA, ExitWindowsEx, SetWindowLongW, DestroyWindow, GetParent, BeginPaint, EndPaint, CharNextW, EnableWindow, DrawIconEx, CreateIconIndirect, DrawTextW, GetDC, SystemParametersInfoW, GetKeyboardLayout, GetKeyboardLayoutNameW, GetKeyboardLayoutList, MessageBoxW, RegisterWindowMessageW, EnumDesktopWindows, IsWindowVisible, SetThreadDesktop, EndDialog, SetWindowTextW, CreateWindowExW, SetTimer, GetDlgItemTextW, ScreenToClient, SetFocus, LoadImageW, DispatchMessageW, TranslateMessage, GetActiveWindow, AttachThreadInput, GetWindowThreadProcessId, GetForegroundWindow, SendInput, GetThreadDesktop, SetCursorPos, GetCursorPos, ReleaseDC, keybd_event, EnumChildWindows, EnumWindows, CloseDesktop, MapWindowPoints, GetWindow, MoveWindow, FillRect, GetClientRect, GetWindowLongW, KillTimer, SendMessageW, DestroyIcon, GetSysColor, PostMessageW, DefWindowProcW, GetSystemMetrics, SetForegroundWindow, DialogBoxIndirectParamW, CreateDialogIndirectParamW, IsWindow, SetDlgItemTextW, SetActiveWindow, RedrawWindow, ShowWindow, InvalidateRect, FindWindowW, CallWindowProcW<br>> GDI32.dll: GetDeviceCaps, SetBkMode, CreateFontIndirectW, CreateCompatibleDC, CreateCompatibleBitmap, CreateBitmap, DeleteObject, SelectObject, SetBkColor, SetTextColor, ExtTextOutW, GetStockObject, PatBlt, DeleteDC, CreateSolidBrush<br>> ADVAPI32.dll: RegQueryValueExW, InitiateSystemShutdownExW, ConvertStringSidToSidW, EqualSid, ConvertSidToStringSidW, GetTokenInformation, AllocateAndInitializeSid, FreeSid, RegNotifyChangeKeyValue, OpenProcessToken, LookupPrivilegeValueW, AdjustTokenPrivileges, LookupAccountSidW, GetSidSubAuthorityCount, GetSidLengthRequired, GetSidIdentifierAuthority, InitializeSid, RegCloseKey, RegOpenKeyExW, RegDeleteKeyW, RegDeleteValueW, RegCreateKeyExW, RegSetValueExW, RegQueryInfoKeyW, RegEnumKeyExW, LogonUserW, ImpersonateLoggedOnUser, RevertToSelf, GetSidSubAuthority, LookupAccountNameW<br>> SHELL32.dll: ExtractIconExW<br>> IMM32.dll: ImmGetIMEFileNameW, ImmIsIME<br>> RPCRT4.dll: UuidCreate<br>> gdiplus.dll: GdiplusStartup, GdiplusShutdown<br>> NETAPI32.dll: NetUserChangePassword, NetApiBufferFree, NetUserModalsGet<br>> Secur32.dll: LsaCallAuthenticationPackage, LsaRegisterLogonProcess, LsaLookupAuthenticationPackage<br>> ole32.dll: CoTaskMemAlloc, CoTaskMemFree, CoCreateInstance, CoTaskMemRealloc<br>> OLEAUT32.dll: -<br>> MSVCR80.dll: __clean_type_info_names_internal, _crt_debugger_hook, __type_info_dtor_internal_method@type_info@@QAEXXZ, __CppXcptFilter, _adjust_fdiv, _amsg_exit, _initterm_e, _initterm, _encoded_null, _malloc_crt, _decode_pointer, _onexit, _lock, _encode_pointer, __dllonexit, _unlock, _except_handler4_common, _terminate@@YAXXZ, fwrite, _wfopen, fseek, fgetpos, fread, fclose, _wtoi, swscanf, wcsstr, strcpy, _wcsicmp, wcstoul, memcpy, _wcsupr, _vsnwprintf, wcscspn, wcsspn, wcscat, __0exception@std@@QAE@XZ, __0exception@std@@QAE@ABV01@@Z, memmove_s, strlen, __1exception@std@@UAE@XZ, _what@exception@std@@UBEPBDXZ, __0exception@std@@QAE@ABQBD@Z, _invalid_parameter_noinfo, _purecall, wcscmp, _mbslen, _recalloc, wcsncpy_s, memcpy_s, malloc, __CxxFrameHandler3, __2@YAPAXI@Z, _CxxThrowException, memset, free, wcsncpy, wcscpy, wcslen, wcsrchr, ___V@YAXPAX@Z, __3@YAXPAX@Z<br><br>( 12 exports ) <br>InitializeChangeNotifyS, LockEventS, LogoffEventS, LogonEventS, Module_GetStaticList_2_ql2, Module_IsUnlocked_2_ql2, PasswordChangeNotifyS, PasswordFilterS, ShellStartEventS, ShutdownEventS, StartupEventS, UnlockEventS<br>
PDFiD.: -
RDS...: NSRL Reference Data Set<br>-
Antivirus Version Dernière mise à jour Résultat
a-squared 4.0.0.101 2009.05.10 -
AhnLab-V3 5.0.0.2 2009.05.09 -
AntiVir 7.9.0.166 2009.05.10 -
Antiy-AVL 2.0.3.1 2009.05.08 -
Authentium 5.1.2.4 2009.05.09 -
Avast 4.8.1335.0 2009.05.09 -
AVG 8.5.0.327 2009.05.10 -
BitDefender 7.2 2009.05.10 -
CAT-QuickHeal 10.00 2009.05.09 -
ClamAV 0.94.1 2009.05.10 -
Comodo 1157 2009.05.08 -
DrWeb 5.0.0.12182 2009.05.10 -
eSafe 7.0.17.0 2009.05.10 -
eTrust-Vet 31.6.6497 2009.05.08 -
F-Prot 4.4.4.56 2009.05.09 -
F-Secure 8.0.14470.0 2009.05.09 -
Fortinet 3.117.0.0 2009.05.10 -
GData 19 2009.05.10 -
Ikarus T3.1.1.49.0 2009.05.10 -
K7AntiVirus 7.10.729 2009.05.08 -
Kaspersky 7.0.0.125 2009.05.10 -
McAfee 5611 2009.05.10 -
McAfee+Artemis 5611 2009.05.10 -
McAfee-GW-Edition 6.7.6 2009.05.10 -
Microsoft 1.4602 2009.05.10 -
NOD32 4063 2009.05.08 -
Norman 6.01.05 2009.05.08 -
nProtect 2009.1.8.0 2009.05.10 -
Panda 10.0.0.14 2009.05.10 -
PCTools 4.4.2.0 2009.05.07 -
Prevx 3.0 2009.05.10 -
Rising 21.28.62.00 2009.05.10 -
Sophos 4.41.0 2009.05.10 -
Sunbelt 3.2.1858.2 2009.05.09 -
Symantec 1.4.4.12 2009.05.10 -
TheHacker 6.3.4.1.324 2009.05.09 -
TrendMicro 8.950.0.1092 2009.05.08 -
VBA32 3.12.10.4 2009.05.09 -
ViRobot 2009.5.9.1727 2009.05.09 -
VirusBuster 4.6.5.0 2009.05.10 -
Information additionnelle
File size: 567560 bytes
MD5...: 2b997108ddea8d324be558a72a5cc8ab
SHA1..: 55a9d8b7c2b35bb248109a8514d9535ca9554c37
SHA256: d41962b91fe55ef89514e83ce11ab18cc30eed2d6cd5fbfeddac22d0b613756e
SHA512: 4ab7752c1866657e5408657106a8e63d1f49678827656fe6622a0f1f076458fb<br>9fa24a2513aba4bf2b51ac0e88d1760a719f80d50f33042a7c7e819087023993
ssdeep: 12288:kzm8WlKxvrwDKX+YmncyVi66CHESU4HvA:kS8Z55Gcoi6NkSU7<br>
PEiD..: -
TrID..: File type identification<br>Win32 Executable MS Visual C++ (generic) (65.2%)<br>Win32 Executable Generic (14.7%)<br>Win32 Dynamic Link Library (generic) (13.1%)<br>Generic Win/DOS Executable (3.4%)<br>DOS Executable Generic (3.4%)
PEInfo: PE Structure information<br><br>( base data )<br>entrypointaddress.: 0x21cb8<br>timedatestamp.....: 0x47e90b0c (Tue Mar 25 14:24:12 2008)<br>machinetype.......: 0x14c (I386)<br><br>( 6 sections )<br>name viradd virsiz rawdsiz ntrpy md5<br>.text 0x1000 0x25228 0x25400 6.55 68552808f50f530c66d67da51cf1694b<br>.rdata 0x27000 0x1de0d 0x1e000 4.38 e6d0686f2a2c91e8b757a5796719a1d3<br>.data 0x45000 0x3ba0 0x3600 4.52 e88421d5926f7a003640171157bcadef<br>.HKT 0x49000 0xc 0x200 0.00 bf619eac0cdf3f68d496ea9344137e8b<br>.rsrc 0x4a000 0x3cd90 0x3ce00 7.94 56cebb92cdcaf9b11176f5a326cb5676<br>.reloc 0x87000 0x5562 0x5600 5.75 0507d19b79abd669d574b94216f6f0b0<br><br>( 13 imports ) <br>> KERNEL32.dll: CreateFileW, GetSystemDirectoryW, MulDiv, GetComputerNameW, LoadLibraryA, AddAtomW, CreateMutexW, CreateEventW, OpenEventW, FindAtomW, ResetEvent, QueryPerformanceCounter, IsDebuggerPresent, SetUnhandledExceptionFilter, GetFileSize, TerminateProcess, VirtualAlloc, VirtualFree, IsProcessorFeaturePresent, InterlockedCompareExchange, GetVersionExA, GetThreadLocale, GetLocaleInfoA, GetACP, InterlockedExchange, GetProcessHeap, HeapAlloc, HeapFree, ReadFile, UnhandledExceptionFilter, WaitForSingleObject, GetCurrentProcessId, DeleteAtom, CallNamedPipeW, GetLocaleInfoW, SetEvent, LocalFree, CloseHandle, GetCurrentProcess, FlushInstructionCache, GetVersionExW, FindResourceExW, LockResource, Sleep, FindResourceW, LoadResource, SizeofResource, FreeLibrary, lstrcmpiW, InterlockedDecrement, InterlockedIncrement, lstrlenW, GetModuleHandleA, LoadLibraryExW, GetCurrentThreadId, OutputDebugStringA, LoadLibraryW, DeleteCriticalSection, InitializeCriticalSection, LeaveCriticalSection, EnterCriticalSection, RaiseException, MultiByteToWideChar, GetModuleFileNameW, GetLastError, GetUserDefaultLangID, SetLastError, GetTickCount, GetVersion, GetFileAttributesW, GetProcAddress, GetModuleHandleW, GetSystemTimeAsFileTime, LocalAlloc<br>> USER32.dll: GetWindowRect, BringWindowToTop, SetWindowPos, GetDlgItem, OpenDesktopW, UnregisterClassA, ExitWindowsEx, SetWindowLongW, DestroyWindow, GetParent, BeginPaint, EndPaint, CharNextW, EnableWindow, DrawIconEx, CreateIconIndirect, DrawTextW, GetDC, SystemParametersInfoW, GetKeyboardLayout, GetKeyboardLayoutNameW, GetKeyboardLayoutList, MessageBoxW, RegisterWindowMessageW, EnumDesktopWindows, IsWindowVisible, SetThreadDesktop, EndDialog, SetWindowTextW, CreateWindowExW, SetTimer, GetDlgItemTextW, ScreenToClient, SetFocus, LoadImageW, DispatchMessageW, TranslateMessage, GetActiveWindow, AttachThreadInput, GetWindowThreadProcessId, GetForegroundWindow, SendInput, GetThreadDesktop, SetCursorPos, GetCursorPos, ReleaseDC, keybd_event, EnumChildWindows, EnumWindows, CloseDesktop, MapWindowPoints, GetWindow, MoveWindow, FillRect, GetClientRect, GetWindowLongW, KillTimer, SendMessageW, DestroyIcon, GetSysColor, PostMessageW, DefWindowProcW, GetSystemMetrics, SetForegroundWindow, DialogBoxIndirectParamW, CreateDialogIndirectParamW, IsWindow, SetDlgItemTextW, SetActiveWindow, RedrawWindow, ShowWindow, InvalidateRect, FindWindowW, CallWindowProcW<br>> GDI32.dll: GetDeviceCaps, SetBkMode, CreateFontIndirectW, CreateCompatibleDC, CreateCompatibleBitmap, CreateBitmap, DeleteObject, SelectObject, SetBkColor, SetTextColor, ExtTextOutW, GetStockObject, PatBlt, DeleteDC, CreateSolidBrush<br>> ADVAPI32.dll: RegQueryValueExW, InitiateSystemShutdownExW, ConvertStringSidToSidW, EqualSid, ConvertSidToStringSidW, GetTokenInformation, AllocateAndInitializeSid, FreeSid, RegNotifyChangeKeyValue, OpenProcessToken, LookupPrivilegeValueW, AdjustTokenPrivileges, LookupAccountSidW, GetSidSubAuthorityCount, GetSidLengthRequired, GetSidIdentifierAuthority, InitializeSid, RegCloseKey, RegOpenKeyExW, RegDeleteKeyW, RegDeleteValueW, RegCreateKeyExW, RegSetValueExW, RegQueryInfoKeyW, RegEnumKeyExW, LogonUserW, ImpersonateLoggedOnUser, RevertToSelf, GetSidSubAuthority, LookupAccountNameW<br>> SHELL32.dll: ExtractIconExW<br>> IMM32.dll: ImmGetIMEFileNameW, ImmIsIME<br>> RPCRT4.dll: UuidCreate<br>> gdiplus.dll: GdiplusStartup, GdiplusShutdown<br>> NETAPI32.dll: NetUserChangePassword, NetApiBufferFree, NetUserModalsGet<br>> Secur32.dll: LsaCallAuthenticationPackage, LsaRegisterLogonProcess, LsaLookupAuthenticationPackage<br>> ole32.dll: CoTaskMemAlloc, CoTaskMemFree, CoCreateInstance, CoTaskMemRealloc<br>> OLEAUT32.dll: -<br>> MSVCR80.dll: __clean_type_info_names_internal, _crt_debugger_hook, __type_info_dtor_internal_method@type_info@@QAEXXZ, __CppXcptFilter, _adjust_fdiv, _amsg_exit, _initterm_e, _initterm, _encoded_null, _malloc_crt, _decode_pointer, _onexit, _lock, _encode_pointer, __dllonexit, _unlock, _except_handler4_common, _terminate@@YAXXZ, fwrite, _wfopen, fseek, fgetpos, fread, fclose, _wtoi, swscanf, wcsstr, strcpy, _wcsicmp, wcstoul, memcpy, _wcsupr, _vsnwprintf, wcscspn, wcsspn, wcscat, __0exception@std@@QAE@XZ, __0exception@std@@QAE@ABV01@@Z, memmove_s, strlen, __1exception@std@@UAE@XZ, _what@exception@std@@UBEPBDXZ, __0exception@std@@QAE@ABQBD@Z, _invalid_parameter_noinfo, _purecall, wcscmp, _mbslen, _recalloc, wcsncpy_s, memcpy_s, malloc, __CxxFrameHandler3, __2@YAPAXI@Z, _CxxThrowException, memset, free, wcsncpy, wcscpy, wcslen, wcsrchr, ___V@YAXPAX@Z, __3@YAXPAX@Z<br><br>( 12 exports ) <br>InitializeChangeNotifyS, LockEventS, LogoffEventS, LogonEventS, Module_GetStaticList_2_ql2, Module_IsUnlocked_2_ql2, PasswordChangeNotifyS, PasswordFilterS, ShellStartEventS, ShutdownEventS, StartupEventS, UnlockEventS<br>
PDFiD.: -
RDS...: NSRL Reference Data Set<br>-
Antivirus Version Dernière mise à jour Résultat
a-squared 4.0.0.101 2009.05.10 -
AhnLab-V3 5.0.0.2 2009.05.09 -
AntiVir 7.9.0.166 2009.05.10 -
Antiy-AVL 2.0.3.1 2009.05.08 -
Authentium 5.1.2.4 2009.05.09 -
Avast 4.8.1335.0 2009.05.09 -
AVG 8.5.0.327 2009.05.10 -
BitDefender 7.2 2009.05.10 -
CAT-QuickHeal 10.00 2009.05.09 -
ClamAV 0.94.1 2009.05.10 -
Comodo 1157 2009.05.08 -
DrWeb 5.0.0.12182 2009.05.10 -
eSafe 7.0.17.0 2009.05.10 -
eTrust-Vet 31.6.6497 2009.05.08 -
F-Prot 4.4.4.56 2009.05.09 -
F-Secure 8.0.14470.0 2009.05.09 -
Fortinet 3.117.0.0 2009.05.10 -
GData 19 2009.05.10 -
Ikarus T3.1.1.49.0 2009.05.10 -
K7AntiVirus 7.10.729 2009.05.08 -
Kaspersky 7.0.0.125 2009.05.10 -
McAfee 5611 2009.05.10 -
McAfee+Artemis 5611 2009.05.10 -
McAfee-GW-Edition 6.7.6 2009.05.10 -
Microsoft 1.4602 2009.05.10 -
NOD32 4063 2009.05.08 -
Norman 6.01.05 2009.05.08 -
nProtect 2009.1.8.0 2009.05.10 -
Panda 10.0.0.14 2009.05.10 -
PCTools 4.4.2.0 2009.05.07 -
Prevx 3.0 2009.05.10 -
Rising 21.28.62.00 2009.05.10 -
Sophos 4.41.0 2009.05.10 -
Sunbelt 3.2.1858.2 2009.05.09 -
Symantec 1.4.4.12 2009.05.10 -
TheHacker 6.3.4.1.324 2009.05.09 -
TrendMicro 8.950.0.1092 2009.05.08 -
VBA32 3.12.10.4 2009.05.09 -
ViRobot 2009.5.9.1727 2009.05.09 -
VirusBuster 4.6.5.0 2009.05.10 -
Information additionnelle
File size: 567560 bytes
MD5...: 2b997108ddea8d324be558a72a5cc8ab
SHA1..: 55a9d8b7c2b35bb248109a8514d9535ca9554c37
SHA256: d41962b91fe55ef89514e83ce11ab18cc30eed2d6cd5fbfeddac22d0b613756e
SHA512: 4ab7752c1866657e5408657106a8e63d1f49678827656fe6622a0f1f076458fb<br>9fa24a2513aba4bf2b51ac0e88d1760a719f80d50f33042a7c7e819087023993
ssdeep: 12288:kzm8WlKxvrwDKX+YmncyVi66CHESU4HvA:kS8Z55Gcoi6NkSU7<br>
PEiD..: -
TrID..: File type identification<br>Win32 Executable MS Visual C++ (generic) (65.2%)<br>Win32 Executable Generic (14.7%)<br>Win32 Dynamic Link Library (generic) (13.1%)<br>Generic Win/DOS Executable (3.4%)<br>DOS Executable Generic (3.4%)
PEInfo: PE Structure information<br><br>( base data )<br>entrypointaddress.: 0x21cb8<br>timedatestamp.....: 0x47e90b0c (Tue Mar 25 14:24:12 2008)<br>machinetype.......: 0x14c (I386)<br><br>( 6 sections )<br>name viradd virsiz rawdsiz ntrpy md5<br>.text 0x1000 0x25228 0x25400 6.55 68552808f50f530c66d67da51cf1694b<br>.rdata 0x27000 0x1de0d 0x1e000 4.38 e6d0686f2a2c91e8b757a5796719a1d3<br>.data 0x45000 0x3ba0 0x3600 4.52 e88421d5926f7a003640171157bcadef<br>.HKT 0x49000 0xc 0x200 0.00 bf619eac0cdf3f68d496ea9344137e8b<br>.rsrc 0x4a000 0x3cd90 0x3ce00 7.94 56cebb92cdcaf9b11176f5a326cb5676<br>.reloc 0x87000 0x5562 0x5600 5.75 0507d19b79abd669d574b94216f6f0b0<br><br>( 13 imports ) <br>> KERNEL32.dll: CreateFileW, GetSystemDirectoryW, MulDiv, GetComputerNameW, LoadLibraryA, AddAtomW, CreateMutexW, CreateEventW, OpenEventW, FindAtomW, ResetEvent, QueryPerformanceCounter, IsDebuggerPresent, SetUnhandledExceptionFilter, GetFileSize, TerminateProcess, VirtualAlloc, VirtualFree, IsProcessorFeaturePresent, InterlockedCompareExchange, GetVersionExA, GetThreadLocale, GetLocaleInfoA, GetACP, InterlockedExchange, GetProcessHeap, HeapAlloc, HeapFree, ReadFile, UnhandledExceptionFilter, WaitForSingleObject, GetCurrentProcessId, DeleteAtom, CallNamedPipeW, GetLocaleInfoW, SetEvent, LocalFree, CloseHandle, GetCurrentProcess, FlushInstructionCache, GetVersionExW, FindResourceExW, LockResource, Sleep, FindResourceW, LoadResource, SizeofResource, FreeLibrary, lstrcmpiW, InterlockedDecrement, InterlockedIncrement, lstrlenW, GetModuleHandleA, LoadLibraryExW, GetCurrentThreadId, OutputDebugStringA, LoadLibraryW, DeleteCriticalSection, InitializeCriticalSection, LeaveCriticalSection, EnterCriticalSection, RaiseException, MultiByteToWideChar, GetModuleFileNameW, GetLastError, GetUserDefaultLangID, SetLastError, GetTickCount, GetVersion, GetFileAttributesW, GetProcAddress, GetModuleHandleW, GetSystemTimeAsFileTime, LocalAlloc<br>> USER32.dll: GetWindowRect, BringWindowToTop, SetWindowPos, GetDlgItem, OpenDesktopW, UnregisterClassA, ExitWindowsEx, SetWindowLongW, DestroyWindow, GetParent, BeginPaint, EndPaint, CharNextW, EnableWindow, DrawIconEx, CreateIconIndirect, DrawTextW, GetDC, SystemParametersInfoW, GetKeyboardLayout, GetKeyboardLayoutNameW, GetKeyboardLayoutList, MessageBoxW, RegisterWindowMessageW, EnumDesktopWindows, IsWindowVisible, SetThreadDesktop, EndDialog, SetWindowTextW, CreateWindowExW, SetTimer, GetDlgItemTextW, ScreenToClient, SetFocus, LoadImageW, DispatchMessageW, TranslateMessage, GetActiveWindow, AttachThreadInput, GetWindowThreadProcessId, GetForegroundWindow, SendInput, GetThreadDesktop, SetCursorPos, GetCursorPos, ReleaseDC, keybd_event, EnumChildWindows, EnumWindows, CloseDesktop, MapWindowPoints, GetWindow, MoveWindow, FillRect, GetClientRect, GetWindowLongW, KillTimer, SendMessageW, DestroyIcon, GetSysColor, PostMessageW, DefWindowProcW, GetSystemMetrics, SetForegroundWindow, DialogBoxIndirectParamW, CreateDialogIndirectParamW, IsWindow, SetDlgItemTextW, SetActiveWindow, RedrawWindow, ShowWindow, InvalidateRect, FindWindowW, CallWindowProcW<br>> GDI32.dll: GetDeviceCaps, SetBkMode, CreateFontIndirectW, CreateCompatibleDC, CreateCompatibleBitmap, CreateBitmap, DeleteObject, SelectObject, SetBkColor, SetTextColor, ExtTextOutW, GetStockObject, PatBlt, DeleteDC, CreateSolidBrush<br>> ADVAPI32.dll: RegQueryValueExW, InitiateSystemShutdownExW, ConvertStringSidToSidW, EqualSid, ConvertSidToStringSidW, GetTokenInformation, AllocateAndInitializeSid, FreeSid, RegNotifyChangeKeyValue, OpenProcessToken, LookupPrivilegeValueW, AdjustTokenPrivileges, LookupAccountSidW, GetSidSubAuthorityCount, GetSidLengthRequired, GetSidIdentifierAuthority, InitializeSid, RegCloseKey, RegOpenKeyExW, RegDeleteKeyW, RegDeleteValueW, RegCreateKeyExW, RegSetValueExW, RegQueryInfoKeyW, RegEnumKeyExW, LogonUserW, ImpersonateLoggedOnUser, RevertToSelf, GetSidSubAuthority, LookupAccountNameW<br>> SHELL32.dll: ExtractIconExW<br>> IMM32.dll: ImmGetIMEFileNameW, ImmIsIME<br>> RPCRT4.dll: UuidCreate<br>> gdiplus.dll: GdiplusStartup, GdiplusShutdown<br>> NETAPI32.dll: NetUserChangePassword, NetApiBufferFree, NetUserModalsGet<br>> Secur32.dll: LsaCallAuthenticationPackage, LsaRegisterLogonProcess, LsaLookupAuthenticationPackage<br>> ole32.dll: CoTaskMemAlloc, CoTaskMemFree, CoCreateInstance, CoTaskMemRealloc<br>> OLEAUT32.dll: -<br>> MSVCR80.dll: __clean_type_info_names_internal, _crt_debugger_hook, __type_info_dtor_internal_method@type_info@@QAEXXZ, __CppXcptFilter, _adjust_fdiv, _amsg_exit, _initterm_e, _initterm, _encoded_null, _malloc_crt, _decode_pointer, _onexit, _lock, _encode_pointer, __dllonexit, _unlock, _except_handler4_common, _terminate@@YAXXZ, fwrite, _wfopen, fseek, fgetpos, fread, fclose, _wtoi, swscanf, wcsstr, strcpy, _wcsicmp, wcstoul, memcpy, _wcsupr, _vsnwprintf, wcscspn, wcsspn, wcscat, __0exception@std@@QAE@XZ, __0exception@std@@QAE@ABV01@@Z, memmove_s, strlen, __1exception@std@@UAE@XZ, _what@exception@std@@UBEPBDXZ, __0exception@std@@QAE@ABQBD@Z, _invalid_parameter_noinfo, _purecall, wcscmp, _mbslen, _recalloc, wcsncpy_s, memcpy_s, malloc, __CxxFrameHandler3, __2@YAPAXI@Z, _CxxThrowException, memset, free, wcsncpy, wcscpy, wcslen, wcsrchr, ___V@YAXPAX@Z, __3@YAXPAX@Z<br><br>( 12 exports ) <br>InitializeChangeNotifyS, LockEventS, LogoffEventS, LogonEventS, Module_GetStaticList_2_ql2, Module_IsUnlocked_2_ql2, PasswordChangeNotifyS, PasswordFilterS, ShellStartEventS, ShutdownEventS, StartupEventS, UnlockEventS<br>
PDFiD.: -
RDS...: NSRL Reference Data Set<br>-
Utilisateur anonyme
10 mai 2009 à 18:07
10 mai 2009 à 18:07
Desactive ton Anti-virus le temps de la manip car il est detecte a tort comme infection puis :
Télécharge SYS_List
et enregistre-le sur ton bureau et pas ailleurs
Execute-le (en tant qu'administrateur sous vista)
et renvoie le rapport situé à la racine du disque systeme
Télécharge SYS_List
et enregistre-le sur ton bureau et pas ailleurs
Execute-le (en tant qu'administrateur sous vista)
et renvoie le rapport situé à la racine du disque systeme
Microsoft Windows [version 6.0.6001]
10/05/2009
Le volume dans le lecteur C s'appelle ACER
Le num‚ro de s‚rie du volume est DE29-E480
R‚pertoire de C:\Windows\System32\drivers
02/11/2006 10:55 53ÿ376 1394bus.sys
21/01/2008 04:23 266ÿ808 acpi.sys
21/01/2008 04:23 422ÿ968 adp94xx.sys
21/01/2008 04:23 300ÿ600 adpahci.sys
21/01/2008 04:23 101ÿ432 adpu160m.sys
21/01/2008 04:23 149ÿ560 adpu320.sys
21/01/2008 04:24 273ÿ920 afd.sys
21/01/2008 04:23 56ÿ376 AGP440.sys
11/10/2008 02:49 42ÿ608 AlfaFF.sys
21/01/2008 04:23 17ÿ464 aliide.sys
21/01/2008 04:23 57ÿ400 AMDAGP.SYS
21/01/2008 04:23 17ÿ976 amdide.sys
21/01/2008 04:23 41ÿ472 amdk7.sys
21/01/2008 04:23 44ÿ032 amdk8.sys
21/01/2008 04:23 79ÿ416 arc.sys
21/01/2008 04:23 79ÿ928 arcsas.sys
21/01/2008 04:24 17ÿ408 asyncmac.sys
21/01/2008 04:23 21ÿ560 atapi.sys
21/01/2008 04:23 110ÿ136 ataport.sys
19/05/2008 13:42 912ÿ384 athr.sys
30/10/2008 10:21 75ÿ072 avipbb.sys
21/01/2008 04:23 28ÿ216 battc.sys
21/01/2008 04:23 12ÿ288 bdasup.sys
21/01/2008 04:23 6ÿ144 beep.sys
21/01/2008 04:23 45ÿ568 blbdrive.sys
21/01/2008 04:23 69ÿ632 bowser.sys
02/11/2006 10:24 13ÿ568 BrFiltLo.sys
02/11/2006 10:24 5ÿ248 BrFiltUp.sys
21/01/2008 04:23 93ÿ696 bridge.sys
02/11/2006 10:25 71ÿ808 BrSerId.sys
02/11/2006 10:24 62ÿ336 BrSerWdm.sys
02/11/2006 10:24 12ÿ160 BrUsbMdm.sys
02/11/2006 10:24 11ÿ904 BrUsbSer.sys
02/11/2006 10:55 39ÿ936 bthmodem.sys
21/01/2008 04:23 70ÿ144 cdfs.sys
21/01/2008 04:23 67ÿ072 cdrom.sys
21/01/2008 04:23 35ÿ328 circlass.sys
21/01/2008 04:24 127ÿ544 Classpnp.sys
21/01/2008 04:23 14ÿ208 CmBatt.sys
21/01/2008 04:23 19ÿ000 cmdide.sys
21/01/2008 04:23 20ÿ792 compbatt.sys
21/01/2008 04:23 36ÿ408 crashdmp.sys
21/01/2008 04:23 24ÿ632 crcdisk.sys
21/01/2008 04:23 40ÿ960 crusoe.sys
21/01/2008 04:24 75ÿ264 dfsc.sys
21/01/2008 04:23 55ÿ352 disk.sys
21/01/2008 04:24 19ÿ968 Diskdump.sys
02/11/2006 11:50 71ÿ272 djsvs.sys
02/11/2006 15:29 21ÿ264 DKbFltr.sys
21/01/2008 04:23 130ÿ048 drmk.sys
21/01/2008 04:23 5ÿ632 drmkaud.sys
21/01/2008 04:24 29ÿ240 Dumpata.sys
21/01/2008 04:24 13ÿ312 dxapi.sys
21/01/2008 04:24 76ÿ288 dxg.sys
02/08/2008 03:01 625ÿ152 dxgkrnl.sys
21/01/2008 04:23 118ÿ784 E1G60I32.sys
21/01/2008 04:23 143ÿ416 ecache.sys
21/01/2008 04:23 342ÿ584 elxstor.sys
21/01/2008 04:23 6ÿ656 errdev.sys
21/01/2008 04:25 136ÿ192 exfat.sys
21/01/2008 04:24 143ÿ360 fastfat.sys
21/01/2008 04:23 25ÿ088 fdc.sys
21/01/2008 04:24 58ÿ936 fileinfo.sys
21/01/2008 04:24 27ÿ648 filetrace.sys
21/01/2008 04:23 20ÿ480 flpydisk.sys
21/01/2008 04:24 192ÿ056 fltMgr.sys
21/01/2008 04:24 12ÿ800 fs_rec.sys
21/01/2008 04:23 101ÿ432 FWPKCLNT.SYS
21/01/2008 04:23 61ÿ496 GAGP30KX.SYS
21/01/2008 04:23 53ÿ760 hdaudbus.sys
02/11/2006 09:36 235ÿ520 HdAudio.sys
02/11/2006 10:55 29ÿ184 hidbth.sys
21/01/2008 04:23 38ÿ912 hidclass.sys
21/01/2008 04:23 21ÿ504 hidir.sys
21/01/2008 04:23 25ÿ472 hidparse.sys
21/01/2008 04:23 12ÿ288 hidusb.sys
21/01/2008 04:23 40ÿ504 HpCISSs.sys
26/03/2008 00:39 207ÿ872 HSXHWAZL.sys
26/03/2008 00:38 661ÿ504 HSX_CNXT.sys
26/03/2008 00:41 980ÿ992 HSX_DPV.sys
21/01/2008 04:23 401ÿ408 http.sys
21/01/2008 04:23 19ÿ000 i2omgmt.sys
21/01/2008 04:23 30ÿ264 i2omp.sys
21/01/2008 04:23 54ÿ784 i8042prt.sys
20/07/2008 17:44 324ÿ120 iaStor.sys
21/01/2008 04:23 235ÿ064 iaStorV.sys
02/11/2006 11:50 41ÿ576 iirsp.sys
26/01/2007 08:32 69ÿ632 int15.sys
02/06/2008 09:20 17ÿ952 int15_64.sys
21/01/2008 04:23 17ÿ976 intelide.sys
21/01/2008 04:23 41ÿ472 intelppm.sys
21/01/2008 04:24 47ÿ616 ipfltdrv.sys
21/01/2008 04:23 64ÿ512 IPMIDrv.sys
21/01/2008 04:24 100ÿ864 ipnat.sys
21/01/2008 04:24 95ÿ744 irda.sys
21/01/2008 04:23 13ÿ312 irenum.sys
21/01/2008 04:23 49ÿ720 isapnp.sys
02/11/2006 11:50 35ÿ944 iteatapi.sys
02/11/2006 11:50 35ÿ944 iteraid.sys
21/01/2008 04:23 35ÿ384 kbdclass.sys
21/01/2008 04:23 15ÿ872 kbdhid.sys
21/01/2008 04:24 148ÿ992 ks.sys
21/01/2008 04:24 441ÿ400 ksecdd.sys
19/05/2008 18:23 47ÿ104 L1E60x86.sys
21/01/2008 04:24 47ÿ104 lltdio.sys
21/01/2008 04:23 96ÿ312 lsi_fc.sys
21/01/2008 04:23 89ÿ656 lsi_sas.sys
21/01/2008 04:23 96ÿ312 lsi_scsi.sys
21/01/2008 04:24 84ÿ480 luafv.sys
06/04/2009 15:32 15ÿ504 mbam.sys
06/04/2009 15:32 38ÿ496 mbamswissarmy.sys
21/01/2008 04:24 18ÿ944 mcd.sys
19/06/2006 07:26 12ÿ672 mdmxsdk.sys
21/01/2008 04:23 31ÿ288 megasas.sys
21/01/2008 04:23 386ÿ616 MegaSR.sys
21/01/2008 04:24 31ÿ744 modem.sys
21/01/2008 04:23 41ÿ984 monitor.sys
21/01/2008 04:23 34ÿ360 mouclass.sys
21/01/2008 04:23 15ÿ872 mouhid.sys
21/01/2008 04:23 57ÿ400 mountmgr.sys
21/01/2008 04:23 105ÿ016 mpio.sys
21/01/2008 04:24 64ÿ000 mpsdrv.sys
02/11/2006 11:49 33ÿ384 Mraid35x.sys
21/01/2008 04:23 110ÿ080 mrxdav.sys
21/01/2008 04:24 105ÿ472 mrxsmb.sys
27/08/2008 03:05 212ÿ480 mrxsmb10.sys
21/01/2008 04:24 78ÿ848 mrxsmb20.sys
21/01/2008 04:23 28ÿ728 msahci.sys
21/01/2008 04:23 94ÿ776 msdsm.sys
21/01/2008 04:23 22ÿ528 msfs.sys
21/01/2008 04:23 16ÿ440 msisadrv.sys
21/01/2008 04:23 181ÿ304 msiscsi.sys
21/01/2008 04:24 8ÿ192 mskssrv.sys
21/01/2008 04:24 5ÿ888 mspclock.sys
21/01/2008 04:24 5ÿ504 mspqm.sys
21/01/2008 04:24 163ÿ384 msrpc.sys
21/01/2008 04:23 31ÿ288 mssmbios.sys
21/01/2008 04:24 6ÿ016 mstee.sys
21/01/2008 04:24 49ÿ720 mup.sys
02/02/2009 19:38 27ÿ136 nchssvad.sys
21/01/2008 04:23 529ÿ464 ndis.sys
21/01/2008 04:24 20ÿ992 ndistapi.sys
21/01/2008 04:24 16ÿ896 ndisuio.sys
21/01/2008 04:24 121ÿ344 ndiswan.sys
21/01/2008 04:24 49ÿ664 ndproxy.sys
21/01/2008 04:24 35ÿ840 netbios.sys
21/01/2008 04:24 184ÿ320 netbt.sys
21/01/2008 04:24 223ÿ288 netio.sys
05/05/2008 03:05 3ÿ658ÿ752 NETw5v32.sys
02/11/2006 11:50 45ÿ160 nfrd960.sys
21/01/2008 04:23 34ÿ816 npfs.sys
21/01/2008 04:24 16ÿ384 nsiproxy.sys
21/01/2008 04:23 1ÿ081ÿ912 ntfs.sys
30/01/2008 11:52 14ÿ848 NTIDrvr.sys
02/11/2006 09:36 20ÿ608 ntrigdigi.sys
21/01/2008 04:23 4ÿ608 null.sys
25/06/2008 07:05 44ÿ064 nvhda32v.sys
18/07/2008 18:23 7ÿ545ÿ824 nvlddmkm.sys
21/01/2008 04:23 102ÿ968 nvraid.sys
21/01/2008 04:23 45ÿ112 nvstor.sys
21/01/2008 04:23 109ÿ112 NV_AGP.SYS
20/05/2008 04:07 148ÿ480 nwifi.sys
02/11/2006 10:55 62ÿ080 ohci1394.sys
05/04/2008 03:21 72ÿ192 pacer.sys
02/11/2006 10:51 79ÿ360 parport.sys
21/01/2008 04:24 56ÿ376 partmgr.sys
02/11/2006 10:51 8ÿ704 parvdm.sys
21/01/2008 04:23 151ÿ096 pci.sys
21/01/2008 04:23 16ÿ440 pciide.sys
21/01/2008 04:23 45ÿ112 pciidex.sys
02/11/2006 11:51 167ÿ528 pcmcia.sys
02/11/2006 11:04 878ÿ080 PEAuth.sys
21/01/2008 04:23 167ÿ936 portcls.sys
21/01/2008 04:23 40ÿ960 processr.sys
14/05/2008 17:05 18ÿ992 psdfilter.sys
14/05/2008 17:05 16ÿ944 PSDNServ.sys
14/05/2008 17:05 60ÿ464 PSDVdisk.sys
21/01/2008 04:23 1ÿ122ÿ360 ql2300.sys
02/11/2006 11:50 106ÿ088 ql40xx.sys
21/01/2008 04:23 31ÿ232 qwavedrv.sys
21/01/2008 04:24 11ÿ776 rasacd.sys
21/01/2008 04:24 76ÿ288 rasl2tp.sys
21/01/2008 04:24 41ÿ472 raspppoe.sys
21/01/2008 04:24 62ÿ976 raspptp.sys
21/01/2008 04:25 69ÿ120 rassstp.sys
21/01/2008 04:24 224ÿ768 rdbss.sys
21/01/2008 04:24 6ÿ144 RDPCDD.sys
21/01/2008 04:23 248ÿ832 rdpdr.sys
21/01/2008 04:24 6ÿ144 RDPENCDD.sys
21/01/2008 04:24 181ÿ248 rdpwd.sys
10/05/2008 03:33 113ÿ664 rmcast.sys
21/01/2008 04:24 33ÿ280 RNDISMP.sys
21/01/2008 04:24 8ÿ192 rootmdm.sys
21/01/2008 04:24 60ÿ416 rspndr.sys
07/05/2008 13:22 2ÿ134ÿ424 RTKVHDA.sys
26/03/2008 10:59 61ÿ440 RTSTOR.sys
02/11/2006 11:50 76ÿ392 sbp2port.sys
21/01/2008 04:23 142ÿ904 scsiport.sys
02/11/2006 08:37 20ÿ480 secdrv.sys
02/11/2006 10:51 17ÿ920 serenum.sys
02/11/2006 10:51 83ÿ456 serial.sys
21/01/2008 04:23 19ÿ968 sermouse.sys
21/01/2008 04:23 13ÿ312 sffdisk.sys
21/01/2008 04:23 12ÿ288 sffp_mmc.sys
21/01/2008 04:23 11ÿ776 sffp_sd.sys
21/01/2008 04:23 13ÿ312 sfloppy.sys
21/01/2008 04:23 55ÿ864 SISAGP.SYS
21/01/2008 04:23 41ÿ016 sisraid2.sys
21/01/2008 04:23 74ÿ808 sisraid4.sys
21/01/2008 04:25 66ÿ560 smb.sys
21/01/2008 04:24 17ÿ408 smclib.sys
21/01/2008 04:24 21ÿ048 spldr.sys
21/01/2008 04:24 681ÿ984 spsys.sys
26/12/2008 23:08 717ÿ296 sptd.sys
16/12/2008 04:42 288ÿ768 srv.sys
21/01/2008 04:24 144ÿ384 srv2.sys
21/01/2008 04:23 98ÿ304 srvnet.sys
08/11/2007 18:03 21ÿ248 ssmdrv.sys
21/01/2008 04:24 123ÿ960 Storport.sys
21/01/2008 04:24 52ÿ992 stream.sys
21/01/2008 04:23 15ÿ288 swenum.sys
02/11/2006 11:50 35ÿ944 symc8xx.sys
02/11/2006 11:49 31ÿ848 sym_hi.sys
02/11/2006 11:50 34ÿ920 sym_u3.sys
25/04/2008 04:08 199ÿ472 SynTP.sys
21/01/2008 04:24 24ÿ576 tape.sys
26/04/2008 10:26 891ÿ448 tcpip.sys
21/01/2008 04:23 30ÿ208 tcpipreg.sys
28/04/2008 13:56 50ÿ576 tcusb.sys
21/01/2008 04:24 20ÿ992 tdi.sys
21/01/2008 04:24 17ÿ920 tdpipe.sys
21/01/2008 04:24 29ÿ184 tdtcp.sys
21/01/2008 04:24 71ÿ680 tdx.sys
21/01/2008 04:23 54ÿ328 termdd.sys
21/01/2008 04:24 23ÿ552 tssecsrv.sys
21/01/2008 04:24 15ÿ360 TUNMP.SYS
21/01/2008 04:24 23ÿ040 tunnel.sys
25/02/2008 16:29 14ÿ544 TVicPort.sys
21/01/2008 04:23 59ÿ448 UAGP35.SYS
30/01/2008 11:51 13ÿ824 UBHelper.sys
21/01/2008 04:23 226ÿ816 udfs.sys
21/01/2008 04:23 60ÿ984 ULIAGPKX.SYS
21/01/2008 04:23 238ÿ648 uliahci.sys
02/11/2006 11:50 98ÿ408 ulsata.sys
21/01/2008 04:23 115ÿ816 ulsata2.sys
21/01/2008 04:23 34ÿ816 umbus.sys
21/01/2008 04:23 7ÿ680 umpass.sys
21/01/2008 04:24 15ÿ872 usb8023.sys
21/01/2008 04:24 25ÿ728 USBCAMD.sys
21/01/2008 04:24 25ÿ728 USBCAMD2.sys
21/01/2008 04:23 73ÿ216 usbccgp.sys
02/11/2006 10:55 68ÿ608 usbcir.sys
21/01/2008 04:23 5ÿ888 usbd.sys
21/01/2008 04:23 39ÿ424 usbehci.sys
21/01/2008 04:23 194ÿ560 usbhub.sys
02/11/2006 10:55 19ÿ456 usbohci.sys
21/01/2008 04:23 226ÿ304 usbport.sys
02/11/2006 11:14 18ÿ944 usbprint.sys
21/01/2008 04:23 55ÿ296 USBSTOR.SYS
21/01/2008 04:23 23ÿ552 usbuhci.sys
21/01/2008 04:23 134ÿ016 usbvideo.sys
26/06/2006 12:27 37ÿ120 verysplit.sys
21/01/2008 04:24 25ÿ088 vga.sys
21/01/2008 04:23 26ÿ112 vgapnp.sys
21/01/2008 04:23 56ÿ888 VIAAGP.SYS
21/01/2008 04:23 41ÿ472 viac7.sys
21/01/2008 04:23 20ÿ024 viaide.sys
21/01/2008 04:23 110ÿ080 videoprt.sys
21/01/2008 04:23 52ÿ792 volmgr.sys
21/01/2008 04:24 294ÿ456 volmgrx.sys
21/01/2008 04:23 227ÿ896 volsnap.sys
08/06/2006 17:10 16ÿ896 vsaudio.sys
21/01/2008 04:23 130ÿ616 vsmraid.sys
21/01/2008 04:23 200ÿ704 VSTAZL3.SYS
21/01/2008 04:23 654ÿ336 VSTCNXT3.SYS
21/01/2008 04:23 987ÿ648 VSTDPV3.SYS
02/11/2006 10:52 20ÿ608 wacompen.sys
21/01/2008 04:24 62ÿ464 wanarp.sys
21/01/2008 04:24 32ÿ768 watchdog.sys
21/01/2008 04:23 22ÿ072 wd.sys
21/01/2008 04:23 503ÿ864 Wdf01000.sys
21/01/2008 04:23 35ÿ896 WdfLdr.sys
28/03/2007 07:51 43ÿ008 winbondcir.sys
21/01/2008 04:23 11ÿ264 wmiacpi.sys
21/01/2008 04:23 17ÿ976 wmilib.sys
21/01/2008 04:24 15ÿ872 ws2ifsl.sys
21/01/2008 04:24 51ÿ200 WUDFPf.sys
21/01/2008 04:24 83ÿ328 WUDFRd.sys
19/10/2007 00:36 8ÿ704 XAudio.sys
25/02/2008 16:29 6ÿ080 zntport.sys
290 fichier(s) 44ÿ205ÿ480 octets
0 R‚p(s) 86ÿ159ÿ478ÿ784 octets libres
10/05/2009
Le volume dans le lecteur C s'appelle ACER
Le num‚ro de s‚rie du volume est DE29-E480
R‚pertoire de C:\Windows\System32\drivers
02/11/2006 10:55 53ÿ376 1394bus.sys
21/01/2008 04:23 266ÿ808 acpi.sys
21/01/2008 04:23 422ÿ968 adp94xx.sys
21/01/2008 04:23 300ÿ600 adpahci.sys
21/01/2008 04:23 101ÿ432 adpu160m.sys
21/01/2008 04:23 149ÿ560 adpu320.sys
21/01/2008 04:24 273ÿ920 afd.sys
21/01/2008 04:23 56ÿ376 AGP440.sys
11/10/2008 02:49 42ÿ608 AlfaFF.sys
21/01/2008 04:23 17ÿ464 aliide.sys
21/01/2008 04:23 57ÿ400 AMDAGP.SYS
21/01/2008 04:23 17ÿ976 amdide.sys
21/01/2008 04:23 41ÿ472 amdk7.sys
21/01/2008 04:23 44ÿ032 amdk8.sys
21/01/2008 04:23 79ÿ416 arc.sys
21/01/2008 04:23 79ÿ928 arcsas.sys
21/01/2008 04:24 17ÿ408 asyncmac.sys
21/01/2008 04:23 21ÿ560 atapi.sys
21/01/2008 04:23 110ÿ136 ataport.sys
19/05/2008 13:42 912ÿ384 athr.sys
30/10/2008 10:21 75ÿ072 avipbb.sys
21/01/2008 04:23 28ÿ216 battc.sys
21/01/2008 04:23 12ÿ288 bdasup.sys
21/01/2008 04:23 6ÿ144 beep.sys
21/01/2008 04:23 45ÿ568 blbdrive.sys
21/01/2008 04:23 69ÿ632 bowser.sys
02/11/2006 10:24 13ÿ568 BrFiltLo.sys
02/11/2006 10:24 5ÿ248 BrFiltUp.sys
21/01/2008 04:23 93ÿ696 bridge.sys
02/11/2006 10:25 71ÿ808 BrSerId.sys
02/11/2006 10:24 62ÿ336 BrSerWdm.sys
02/11/2006 10:24 12ÿ160 BrUsbMdm.sys
02/11/2006 10:24 11ÿ904 BrUsbSer.sys
02/11/2006 10:55 39ÿ936 bthmodem.sys
21/01/2008 04:23 70ÿ144 cdfs.sys
21/01/2008 04:23 67ÿ072 cdrom.sys
21/01/2008 04:23 35ÿ328 circlass.sys
21/01/2008 04:24 127ÿ544 Classpnp.sys
21/01/2008 04:23 14ÿ208 CmBatt.sys
21/01/2008 04:23 19ÿ000 cmdide.sys
21/01/2008 04:23 20ÿ792 compbatt.sys
21/01/2008 04:23 36ÿ408 crashdmp.sys
21/01/2008 04:23 24ÿ632 crcdisk.sys
21/01/2008 04:23 40ÿ960 crusoe.sys
21/01/2008 04:24 75ÿ264 dfsc.sys
21/01/2008 04:23 55ÿ352 disk.sys
21/01/2008 04:24 19ÿ968 Diskdump.sys
02/11/2006 11:50 71ÿ272 djsvs.sys
02/11/2006 15:29 21ÿ264 DKbFltr.sys
21/01/2008 04:23 130ÿ048 drmk.sys
21/01/2008 04:23 5ÿ632 drmkaud.sys
21/01/2008 04:24 29ÿ240 Dumpata.sys
21/01/2008 04:24 13ÿ312 dxapi.sys
21/01/2008 04:24 76ÿ288 dxg.sys
02/08/2008 03:01 625ÿ152 dxgkrnl.sys
21/01/2008 04:23 118ÿ784 E1G60I32.sys
21/01/2008 04:23 143ÿ416 ecache.sys
21/01/2008 04:23 342ÿ584 elxstor.sys
21/01/2008 04:23 6ÿ656 errdev.sys
21/01/2008 04:25 136ÿ192 exfat.sys
21/01/2008 04:24 143ÿ360 fastfat.sys
21/01/2008 04:23 25ÿ088 fdc.sys
21/01/2008 04:24 58ÿ936 fileinfo.sys
21/01/2008 04:24 27ÿ648 filetrace.sys
21/01/2008 04:23 20ÿ480 flpydisk.sys
21/01/2008 04:24 192ÿ056 fltMgr.sys
21/01/2008 04:24 12ÿ800 fs_rec.sys
21/01/2008 04:23 101ÿ432 FWPKCLNT.SYS
21/01/2008 04:23 61ÿ496 GAGP30KX.SYS
21/01/2008 04:23 53ÿ760 hdaudbus.sys
02/11/2006 09:36 235ÿ520 HdAudio.sys
02/11/2006 10:55 29ÿ184 hidbth.sys
21/01/2008 04:23 38ÿ912 hidclass.sys
21/01/2008 04:23 21ÿ504 hidir.sys
21/01/2008 04:23 25ÿ472 hidparse.sys
21/01/2008 04:23 12ÿ288 hidusb.sys
21/01/2008 04:23 40ÿ504 HpCISSs.sys
26/03/2008 00:39 207ÿ872 HSXHWAZL.sys
26/03/2008 00:38 661ÿ504 HSX_CNXT.sys
26/03/2008 00:41 980ÿ992 HSX_DPV.sys
21/01/2008 04:23 401ÿ408 http.sys
21/01/2008 04:23 19ÿ000 i2omgmt.sys
21/01/2008 04:23 30ÿ264 i2omp.sys
21/01/2008 04:23 54ÿ784 i8042prt.sys
20/07/2008 17:44 324ÿ120 iaStor.sys
21/01/2008 04:23 235ÿ064 iaStorV.sys
02/11/2006 11:50 41ÿ576 iirsp.sys
26/01/2007 08:32 69ÿ632 int15.sys
02/06/2008 09:20 17ÿ952 int15_64.sys
21/01/2008 04:23 17ÿ976 intelide.sys
21/01/2008 04:23 41ÿ472 intelppm.sys
21/01/2008 04:24 47ÿ616 ipfltdrv.sys
21/01/2008 04:23 64ÿ512 IPMIDrv.sys
21/01/2008 04:24 100ÿ864 ipnat.sys
21/01/2008 04:24 95ÿ744 irda.sys
21/01/2008 04:23 13ÿ312 irenum.sys
21/01/2008 04:23 49ÿ720 isapnp.sys
02/11/2006 11:50 35ÿ944 iteatapi.sys
02/11/2006 11:50 35ÿ944 iteraid.sys
21/01/2008 04:23 35ÿ384 kbdclass.sys
21/01/2008 04:23 15ÿ872 kbdhid.sys
21/01/2008 04:24 148ÿ992 ks.sys
21/01/2008 04:24 441ÿ400 ksecdd.sys
19/05/2008 18:23 47ÿ104 L1E60x86.sys
21/01/2008 04:24 47ÿ104 lltdio.sys
21/01/2008 04:23 96ÿ312 lsi_fc.sys
21/01/2008 04:23 89ÿ656 lsi_sas.sys
21/01/2008 04:23 96ÿ312 lsi_scsi.sys
21/01/2008 04:24 84ÿ480 luafv.sys
06/04/2009 15:32 15ÿ504 mbam.sys
06/04/2009 15:32 38ÿ496 mbamswissarmy.sys
21/01/2008 04:24 18ÿ944 mcd.sys
19/06/2006 07:26 12ÿ672 mdmxsdk.sys
21/01/2008 04:23 31ÿ288 megasas.sys
21/01/2008 04:23 386ÿ616 MegaSR.sys
21/01/2008 04:24 31ÿ744 modem.sys
21/01/2008 04:23 41ÿ984 monitor.sys
21/01/2008 04:23 34ÿ360 mouclass.sys
21/01/2008 04:23 15ÿ872 mouhid.sys
21/01/2008 04:23 57ÿ400 mountmgr.sys
21/01/2008 04:23 105ÿ016 mpio.sys
21/01/2008 04:24 64ÿ000 mpsdrv.sys
02/11/2006 11:49 33ÿ384 Mraid35x.sys
21/01/2008 04:23 110ÿ080 mrxdav.sys
21/01/2008 04:24 105ÿ472 mrxsmb.sys
27/08/2008 03:05 212ÿ480 mrxsmb10.sys
21/01/2008 04:24 78ÿ848 mrxsmb20.sys
21/01/2008 04:23 28ÿ728 msahci.sys
21/01/2008 04:23 94ÿ776 msdsm.sys
21/01/2008 04:23 22ÿ528 msfs.sys
21/01/2008 04:23 16ÿ440 msisadrv.sys
21/01/2008 04:23 181ÿ304 msiscsi.sys
21/01/2008 04:24 8ÿ192 mskssrv.sys
21/01/2008 04:24 5ÿ888 mspclock.sys
21/01/2008 04:24 5ÿ504 mspqm.sys
21/01/2008 04:24 163ÿ384 msrpc.sys
21/01/2008 04:23 31ÿ288 mssmbios.sys
21/01/2008 04:24 6ÿ016 mstee.sys
21/01/2008 04:24 49ÿ720 mup.sys
02/02/2009 19:38 27ÿ136 nchssvad.sys
21/01/2008 04:23 529ÿ464 ndis.sys
21/01/2008 04:24 20ÿ992 ndistapi.sys
21/01/2008 04:24 16ÿ896 ndisuio.sys
21/01/2008 04:24 121ÿ344 ndiswan.sys
21/01/2008 04:24 49ÿ664 ndproxy.sys
21/01/2008 04:24 35ÿ840 netbios.sys
21/01/2008 04:24 184ÿ320 netbt.sys
21/01/2008 04:24 223ÿ288 netio.sys
05/05/2008 03:05 3ÿ658ÿ752 NETw5v32.sys
02/11/2006 11:50 45ÿ160 nfrd960.sys
21/01/2008 04:23 34ÿ816 npfs.sys
21/01/2008 04:24 16ÿ384 nsiproxy.sys
21/01/2008 04:23 1ÿ081ÿ912 ntfs.sys
30/01/2008 11:52 14ÿ848 NTIDrvr.sys
02/11/2006 09:36 20ÿ608 ntrigdigi.sys
21/01/2008 04:23 4ÿ608 null.sys
25/06/2008 07:05 44ÿ064 nvhda32v.sys
18/07/2008 18:23 7ÿ545ÿ824 nvlddmkm.sys
21/01/2008 04:23 102ÿ968 nvraid.sys
21/01/2008 04:23 45ÿ112 nvstor.sys
21/01/2008 04:23 109ÿ112 NV_AGP.SYS
20/05/2008 04:07 148ÿ480 nwifi.sys
02/11/2006 10:55 62ÿ080 ohci1394.sys
05/04/2008 03:21 72ÿ192 pacer.sys
02/11/2006 10:51 79ÿ360 parport.sys
21/01/2008 04:24 56ÿ376 partmgr.sys
02/11/2006 10:51 8ÿ704 parvdm.sys
21/01/2008 04:23 151ÿ096 pci.sys
21/01/2008 04:23 16ÿ440 pciide.sys
21/01/2008 04:23 45ÿ112 pciidex.sys
02/11/2006 11:51 167ÿ528 pcmcia.sys
02/11/2006 11:04 878ÿ080 PEAuth.sys
21/01/2008 04:23 167ÿ936 portcls.sys
21/01/2008 04:23 40ÿ960 processr.sys
14/05/2008 17:05 18ÿ992 psdfilter.sys
14/05/2008 17:05 16ÿ944 PSDNServ.sys
14/05/2008 17:05 60ÿ464 PSDVdisk.sys
21/01/2008 04:23 1ÿ122ÿ360 ql2300.sys
02/11/2006 11:50 106ÿ088 ql40xx.sys
21/01/2008 04:23 31ÿ232 qwavedrv.sys
21/01/2008 04:24 11ÿ776 rasacd.sys
21/01/2008 04:24 76ÿ288 rasl2tp.sys
21/01/2008 04:24 41ÿ472 raspppoe.sys
21/01/2008 04:24 62ÿ976 raspptp.sys
21/01/2008 04:25 69ÿ120 rassstp.sys
21/01/2008 04:24 224ÿ768 rdbss.sys
21/01/2008 04:24 6ÿ144 RDPCDD.sys
21/01/2008 04:23 248ÿ832 rdpdr.sys
21/01/2008 04:24 6ÿ144 RDPENCDD.sys
21/01/2008 04:24 181ÿ248 rdpwd.sys
10/05/2008 03:33 113ÿ664 rmcast.sys
21/01/2008 04:24 33ÿ280 RNDISMP.sys
21/01/2008 04:24 8ÿ192 rootmdm.sys
21/01/2008 04:24 60ÿ416 rspndr.sys
07/05/2008 13:22 2ÿ134ÿ424 RTKVHDA.sys
26/03/2008 10:59 61ÿ440 RTSTOR.sys
02/11/2006 11:50 76ÿ392 sbp2port.sys
21/01/2008 04:23 142ÿ904 scsiport.sys
02/11/2006 08:37 20ÿ480 secdrv.sys
02/11/2006 10:51 17ÿ920 serenum.sys
02/11/2006 10:51 83ÿ456 serial.sys
21/01/2008 04:23 19ÿ968 sermouse.sys
21/01/2008 04:23 13ÿ312 sffdisk.sys
21/01/2008 04:23 12ÿ288 sffp_mmc.sys
21/01/2008 04:23 11ÿ776 sffp_sd.sys
21/01/2008 04:23 13ÿ312 sfloppy.sys
21/01/2008 04:23 55ÿ864 SISAGP.SYS
21/01/2008 04:23 41ÿ016 sisraid2.sys
21/01/2008 04:23 74ÿ808 sisraid4.sys
21/01/2008 04:25 66ÿ560 smb.sys
21/01/2008 04:24 17ÿ408 smclib.sys
21/01/2008 04:24 21ÿ048 spldr.sys
21/01/2008 04:24 681ÿ984 spsys.sys
26/12/2008 23:08 717ÿ296 sptd.sys
16/12/2008 04:42 288ÿ768 srv.sys
21/01/2008 04:24 144ÿ384 srv2.sys
21/01/2008 04:23 98ÿ304 srvnet.sys
08/11/2007 18:03 21ÿ248 ssmdrv.sys
21/01/2008 04:24 123ÿ960 Storport.sys
21/01/2008 04:24 52ÿ992 stream.sys
21/01/2008 04:23 15ÿ288 swenum.sys
02/11/2006 11:50 35ÿ944 symc8xx.sys
02/11/2006 11:49 31ÿ848 sym_hi.sys
02/11/2006 11:50 34ÿ920 sym_u3.sys
25/04/2008 04:08 199ÿ472 SynTP.sys
21/01/2008 04:24 24ÿ576 tape.sys
26/04/2008 10:26 891ÿ448 tcpip.sys
21/01/2008 04:23 30ÿ208 tcpipreg.sys
28/04/2008 13:56 50ÿ576 tcusb.sys
21/01/2008 04:24 20ÿ992 tdi.sys
21/01/2008 04:24 17ÿ920 tdpipe.sys
21/01/2008 04:24 29ÿ184 tdtcp.sys
21/01/2008 04:24 71ÿ680 tdx.sys
21/01/2008 04:23 54ÿ328 termdd.sys
21/01/2008 04:24 23ÿ552 tssecsrv.sys
21/01/2008 04:24 15ÿ360 TUNMP.SYS
21/01/2008 04:24 23ÿ040 tunnel.sys
25/02/2008 16:29 14ÿ544 TVicPort.sys
21/01/2008 04:23 59ÿ448 UAGP35.SYS
30/01/2008 11:51 13ÿ824 UBHelper.sys
21/01/2008 04:23 226ÿ816 udfs.sys
21/01/2008 04:23 60ÿ984 ULIAGPKX.SYS
21/01/2008 04:23 238ÿ648 uliahci.sys
02/11/2006 11:50 98ÿ408 ulsata.sys
21/01/2008 04:23 115ÿ816 ulsata2.sys
21/01/2008 04:23 34ÿ816 umbus.sys
21/01/2008 04:23 7ÿ680 umpass.sys
21/01/2008 04:24 15ÿ872 usb8023.sys
21/01/2008 04:24 25ÿ728 USBCAMD.sys
21/01/2008 04:24 25ÿ728 USBCAMD2.sys
21/01/2008 04:23 73ÿ216 usbccgp.sys
02/11/2006 10:55 68ÿ608 usbcir.sys
21/01/2008 04:23 5ÿ888 usbd.sys
21/01/2008 04:23 39ÿ424 usbehci.sys
21/01/2008 04:23 194ÿ560 usbhub.sys
02/11/2006 10:55 19ÿ456 usbohci.sys
21/01/2008 04:23 226ÿ304 usbport.sys
02/11/2006 11:14 18ÿ944 usbprint.sys
21/01/2008 04:23 55ÿ296 USBSTOR.SYS
21/01/2008 04:23 23ÿ552 usbuhci.sys
21/01/2008 04:23 134ÿ016 usbvideo.sys
26/06/2006 12:27 37ÿ120 verysplit.sys
21/01/2008 04:24 25ÿ088 vga.sys
21/01/2008 04:23 26ÿ112 vgapnp.sys
21/01/2008 04:23 56ÿ888 VIAAGP.SYS
21/01/2008 04:23 41ÿ472 viac7.sys
21/01/2008 04:23 20ÿ024 viaide.sys
21/01/2008 04:23 110ÿ080 videoprt.sys
21/01/2008 04:23 52ÿ792 volmgr.sys
21/01/2008 04:24 294ÿ456 volmgrx.sys
21/01/2008 04:23 227ÿ896 volsnap.sys
08/06/2006 17:10 16ÿ896 vsaudio.sys
21/01/2008 04:23 130ÿ616 vsmraid.sys
21/01/2008 04:23 200ÿ704 VSTAZL3.SYS
21/01/2008 04:23 654ÿ336 VSTCNXT3.SYS
21/01/2008 04:23 987ÿ648 VSTDPV3.SYS
02/11/2006 10:52 20ÿ608 wacompen.sys
21/01/2008 04:24 62ÿ464 wanarp.sys
21/01/2008 04:24 32ÿ768 watchdog.sys
21/01/2008 04:23 22ÿ072 wd.sys
21/01/2008 04:23 503ÿ864 Wdf01000.sys
21/01/2008 04:23 35ÿ896 WdfLdr.sys
28/03/2007 07:51 43ÿ008 winbondcir.sys
21/01/2008 04:23 11ÿ264 wmiacpi.sys
21/01/2008 04:23 17ÿ976 wmilib.sys
21/01/2008 04:24 15ÿ872 ws2ifsl.sys
21/01/2008 04:24 51ÿ200 WUDFPf.sys
21/01/2008 04:24 83ÿ328 WUDFRd.sys
19/10/2007 00:36 8ÿ704 XAudio.sys
25/02/2008 16:29 6ÿ080 zntport.sys
290 fichier(s) 44ÿ205ÿ480 octets
0 R‚p(s) 86ÿ159ÿ478ÿ784 octets libres
Utilisateur anonyme
10 mai 2009 à 18:19
10 mai 2009 à 18:19
-> Scan BitDefender
Fais une analyse antivirus en ligne sur BitDefender on line avec Internet Explorer
* Clique en bas à gauche sur Scan on line.
* Accepte la licence et laisse-le installer l'Active x..
* Laisse-toi guider. Colle son rapport ici.
Aide
Fais une analyse antivirus en ligne sur BitDefender on line avec Internet Explorer
* Clique en bas à gauche sur Scan on line.
* Accepte la licence et laisse-le installer l'Active x..
* Laisse-toi guider. Colle son rapport ici.
Aide
Je ne peux pas lancer internet explorer, il se coupe tout de suite!
Et quand je le lance en mode administrateur, il se lance, mais quand on tape une adresse, il charge la page, mais sans la trouver!
Et quand je le lance en mode administrateur, il se lance, mais quand on tape une adresse, il charge la page, mais sans la trouver!
Utilisateur anonyme
10 mai 2009 à 18:42
10 mai 2009 à 18:42
Télécharge OTListIt2 de OLDTimer
http://oldtimer.geekstogo.com/OTListIt2.exe
et enregistre le sur ton Bureau.
Double clic sur OTListIt2.exe pour le lancer.
Coche les 2 cases Lop et Purity
Coche la case devant "scan all users"
Clic sur Run Scan.
A la fin du scan, le Bloc-Notes va s'ouvrir avec le rapport.
Copie le rapport OtListIt2.txt dans ta prochaine réponse
http://oldtimer.geekstogo.com/OTListIt2.exe
et enregistre le sur ton Bureau.
Double clic sur OTListIt2.exe pour le lancer.
Coche les 2 cases Lop et Purity
Coche la case devant "scan all users"
Clic sur Run Scan.
A la fin du scan, le Bloc-Notes va s'ouvrir avec le rapport.
Copie le rapport OtListIt2.txt dans ta prochaine réponse