Votre question

Je n'ai plus accès à mon disque dur

Tags :
  • Sécurité
Dernière réponse : dans Sécurité et virus
1 Août 2011 14:50:46

Bonjour,

Je n'ai plus accès à mon disque dur, il me dit que je n'ai plus les permissions requises aidés moi svp

Cordialement

Julien

Autres pages sur : acces disque dur

1 Août 2011 14:58:15

Un ami est venu à la maison pour me mettre un logiciel, suite à cela s'est produit, de plus il y a un logiciel qui démarre de façon forcé au démarrage.

Que faire ?
1 Août 2011 15:08:13

salut c'est quoi qu'il t'a installé ?
Contenus similaires
1 Août 2011 15:38:28

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:37:50, on 01/08/2011
Platform: Unknown Windows (WinNT 6.01.3505 SP1)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal

Running processes:
C:\Windows\SOUNDMAN.EXE
C:\Program Files (x86)\RocketDock\RocketDock.exe
C:\Program Files (x86)\Common Files\server.exe
C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
C:\Users\COMMUN\AppData\Local\Temp\TuneUp Utilities 2011 v10.0.2011.65 + Crack-Serials [ChattChitto RG].exe
C:\Program Files (x86)\AVG\AVG8\avgtray.exe
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Users\COMMUN\AppData\Local\Temp\ir_ext_temp_0\autorun.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: SearchHook Class - {BC86E1AB-EDA5-4059-938F-CE307B0C6F0A} - C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\AddressBarSearch.dll
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG8\avgssie.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~2\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [BCU] "C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKCU\..\Run: [RocketDock] "C:\Program Files (x86)\RocketDock\RocketDock.exe"
O4 - HKCU\..\Run: [TuneUpUpdates] C:\Program Files (x86)\Common Files\server.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVICE RÉSEAU')
O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1
O8 - Extra context menu item: &Envoyer à OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: Notes &liées OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: Notes &liées OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O13 - Gopher Prefix:
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scanner/sourc...
O17 - HKLM\System\CCS\Services\Tcpip\..\{8894C794-4715-4005-9CBB-493F7944DEC3}: NameServer = 192.168.1.1
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG8\avgpp.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Acronis OS Selector Reinstall Service (AcronisOSSReinstallSvc) - Unknown owner - C:\Program Files (x86)\Common Files\Acronis\Partition Suite\oss_reinstall_svc.exe
O23 - Service: Service Scheduler2 Acronis (AcrSch2Svc) - Acronis - C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
O23 - Service: Acronis Nonstop Backup service (afcdpsrv) - Acronis - C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: ASUS Com Service (asComSvc) - Unknown owner - C:\Program Files (x86)\ASUS\AXSP\1.00.13\atkexComSvc.exe
O23 - Service: ASUS HM Com Service (asHmComSvc) - Unknown owner - C:\Program Files (x86)\ASUS\AAHM\1.00.13\aaHMSvc.exe
O23 - Service: ASUS System Control Service (AsSysCtrlService) - Unknown owner - C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~2\AVG\AVG8\avgwdsvc.exe
O23 - Service: Browser Configuration Utility Service (BCUService) - DeviceVM, Inc. - C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCUService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Futuremark SystemInfo Service - Futuremark Corporation - C:\Program Files (x86)\Common Files\Futuremark Shared\Futuremark SystemInfo\FMSISvc.exe
O23 - Service: Giraffic Video Accelerator (Giraffic) - Giraffic - C:\Program Files (x86)\Giraffic\GirafficWatchdog.exe
O23 - Service: Service Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Service Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\x64\maconfservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: NBService - Nero AG - C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NMIndexingService - Nero AG - C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: O&O Defrag - O&O Software GmbH - C:\Program Files\OO Software\Defrag\oodag.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 14346 bytes


Peut être que cela peut être utile
1 Août 2011 16:24:11

en esperant que la prochaine fois tu ne feras plus installer des programmes pourris

  • desactive ton antivirus
  • desactive Windows defender si présent
  • desactive ton pare-feu

    Télécharge ici : Pre_Scan , puis enregistre-le sur ton bureau

    s'il n'est pas sur ton bureau coupe-le de ton dossier telechargements et colle-le sur ton bureau

    Avertissement: Il y aura une extinction courte du bureau --> pas de panique.

    une fois telechargé lance-le , laisse faire le scan jusqu'à l'apparition de "Pre_scan.txt" sur le bureau.

  • si l'outil detecte un proxy et que tu n'en as pas installé
    clique sur "supprimer le proxy"

  • si l'outil semble ne pas avoir fonctionné renomme-le winlogon , ou change son extension en .com ou .scr

    Il se peut que l'outil soit un peu long sur la reattribution des fichiers tout depend combien tu en as , laisse-le travailler

  • Poste Pre_Scan.txt qui apparaitra sur le bureau en fin de scan

    NE LE POSTE PAS SUR LE FORUM (il est trop long)

  • clique sur ce lien : http://www.cijoint.fr/

  • Clique sur Parcourir et cherche le fichier ci-dessus.

  • Clique sur Ouvrir.

  • Clique sur "Cliquez ici pour déposer le fichier".

    Un lien de cette forme :

    http://www.cijoint.fr/cjlink.php?file=cjge368/cijSKAP5f...

    est ajouté dans la page.

  • Copie ce lien dans ta réponse.
    1 Août 2011 17:02:11

    effectivement il n'y en avait pas sinon il aurait été indiqué dans hijackthis je regarde ton log
    1 Août 2011 17:05:54

    Merci j'attends ta rep
    1 Août 2011 17:10:12

    je vois que tu as adobe reader 9.0 , desinstalle-le , on mettra le dernier

    adobe reader non à jour => risque d'attaque par fichier PDF

    =========================================

    desinstalle aussi spybot , il est obsolète et ralentit ton systeme pour trois cookies , c'est pas interessant

    =========================================

    ta version d'Avast n'est pas à jour non plus , garde-le pour l instant on fera le changement au final

    ==========================================

    glisser une icone d'un fichier sur Pre_Scan , Pre_Script apparaitra

    ouvre Pre_script et colle ce qui suit en gras, à l'interieur du texte qui s'ouvre ,
    sans les lignes , en une seule fois en le mettant en surbrillance :
    ___________________________________________________
    folder::
    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy
    C:\ProgramData\Spybot - Search & Destroy
    C:\Program Files (x86)\Spybot - Search & Destroy

    Host::

    ___________________________________________________

    copie-le (ctrl+c ou clique droit sur la selection puis => copier)

    puis onglet fichier => enregistrer (pas enregistrer sous...) , puis ferme le texte

    poste Pre_Script.txt qui apparaitra sur le bureau en fin de travail
    1 Août 2011 17:31:46

    Voilà, tous est fait

    Voilà Pré_script : http://www.cijoint.fr/cjlink.php?file=cj201108/cijiKoGQ...


    Que dois je faire maintenant ?


    gen-h@ckm@n a dit :
    je vois que tu as adobe reader 9.0 , desinstalle-le , on mettra le dernier

    adobe reader non à jour => risque d'attaque par fichier PDF

    =========================================

    desinstalle aussi spybot , il est obsolète et ralentit ton systeme pour trois cookies , c'est pas interessant

    =========================================

    ta version d'Avast n'est pas à jour non plus , garde-le pour l instant on fera le changement au final

    ==========================================

    glisser une icone d'un fichier sur Pre_Scan , Pre_Script apparaitra

    ouvre Pre_script et colle ce qui suit en gras, à l'interieur du texte qui s'ouvre ,
    sans les lignes , en une seule fois en le mettant en surbrillance :
    ___________________________________________________
    folder::
    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy
    C:\ProgramData\Spybot - Search & Destroy
    C:\Program Files (x86)\Spybot - Search & Destroy

    Host::

    ___________________________________________________

    copie-le (ctrl+c ou clique droit sur la selection puis => copier)

    puis onglet fichier => enregistrer (pas enregistrer sous...) , puis ferme le texte

    poste Pre_Script.txt qui apparaitra sur le bureau en fin de travail

    1 Août 2011 17:41:11

    oups bug de click dsl le pc ne m'affichais pas mes postes
    1 Août 2011 19:00:29

    disque dur et autres fichiers mais pour accéder à mon disque je dois le faire en saisissant l'adresse de celui-ci à savoir : C:/
    1 Août 2011 19:11:33

    Fais analyser le(s) fichier(s) suivants sur Virustotal :

    http://www.virustotal.com/index.html Virus Total

    clique sur "Parcourir" et trouve puis selectionne ce(s) fichier(s) :

    C:\WINDOWS\Explorer.exe

  • Clique maintenant sur Envoyer le fichier. et laisse travailler tant que "Situation actuelle : en cours d'analyse" est affiché.
  • Il est possible que le fichier soit mis en file d'attente en raison d'un grand nombre de demandes d'analyses. En ce cas, il te faudra patienter sans actualiser la page.
  • Lorsque l'analyse est terminée colle le lien de(s)( la) page(s) dans ta prochaine réponse.
    1 Août 2011 19:32:21


    3 VT Community user(s) with a total of 11633 reputation credit(s) say(s) this sample is goodware. 0 VT Community user(s) with a total of 0 reputation credit(s) say(s) this sample is malware.
    File name: explorer.exe
    Submission date: 2011-07-31 09:49:06 (UTC)
    Current status: finished
    Result: 0 /43 (0.0%)
    VT Community

    goodware
    Safety score: 100.0%
    Compact
    Print results
    Antivirus Version Last Update Result
    AhnLab-V3 2011.07.31.00 2011.07.30 -
    AntiVir 7.11.12.167 2011.07.29 -
    Antiy-AVL 2.0.3.7 2011.07.31 -
    Avast 4.8.1351.0 2011.07.31 -
    Avast5 5.0.677.0 2011.07.30 -
    AVG 10.0.0.1190 2011.07.31 -
    BitDefender 7.2 2011.07.31 -
    CAT-QuickHeal 11.00 2011.07.31 -
    ClamAV 0.97.0.0 2011.07.30 -
    Commtouch 5.3.2.6 2011.07.31 -
    Comodo 9572 2011.07.31 -
    DrWeb 5.0.2.03300 2011.07.31 -
    Emsisoft 5.1.0.8 2011.07.31 -
    eSafe 7.0.17.0 2011.07.27 -
    eTrust-Vet 36.1.8472 2011.07.29 -
    F-Prot 4.6.2.117 2011.07.31 -
    F-Secure 9.0.16440.0 2011.07.29 -
    Fortinet 4.2.257.0 2011.07.30 -
    GData 22 2011.07.31 -
    Ikarus T3.1.1.104.0 2011.07.31 -
    Jiangmin 13.0.900 2011.07.30 -
    K7AntiVirus 9.109.4961 2011.07.29 -
    Kaspersky 9.0.0.837 2011.07.31 -
    McAfee 5.400.0.1158 2011.07.31 -
    McAfee-GW-Edition 2010.1D 2011.07.31 -
    Microsoft 1.7104 2011.07.31 -
    NOD32 6337 2011.07.31 -
    Norman 6.07.10 2011.07.30 -
    nProtect 2011-07-31.01 2011.07.31 -
    Panda 10.0.3.5 2011.07.30 -
    PCTools 8.0.0.5 2011.07.31 -
    Prevx 3.0 2011.07.31 -
    Rising 23.68.04.03 2011.07.29 -
    Sophos 4.67.0 2011.07.31 -
    SUPERAntiSpyware 4.40.0.1006 2011.07.30 -
    Symantec 20111.1.0.186 2011.07.31 -
    TheHacker 6.7.0.1.266 2011.07.31 -
    TrendMicro 9.200.0.1012 2011.07.31 -
    TrendMicro-HouseCall 9.200.0.1012 2011.07.31 -
    VBA32 3.12.16.4 2011.07.29 -
    VIPRE 10017 2011.07.31 -
    ViRobot 2011.7.30.4597 2011.07.30 -
    VirusBuster 14.0.146.2 2011.07.30 -
    Additional informationShow all
    MD5 : 332feab1435662fc6c672e25beb37be3
    SHA1 : 5a49d7390ee87519b9d69d3e4aa66ca066cc8255
    SHA256: 6bed1a3a956a859ef4420feb2466c040800eaf01ef53214ef9dab53aeff1cff0
    ssdeep: 49152:S/Co9niu04mHTaSk1EeC72ZbhvYYYYYYYYYYYRYYYYYYYYYYE3iA7/eFUJN9ojoI:uC0i
    scClvYYYYYYYYYYYRYYYYYYYYYY9
    File size : 2871808 bytes
    First seen: 2011-04-27 14:24:57
    Last seen : 2011-07-31 09:49:06
    Magic: PE32+ executable for MS Windows (GUI) Mono/.Net assembly
    TrID:
    Win64 Executable Generic (95.5%)
    Generic Win/DOS Executable (2.2%)
    DOS Executable Generic (2.2%)
    Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)
    sigcheck:
    publisher....: Microsoft Corporation
    copyright....: (c) Microsoft Corporation. All rights reserved.
    product......: Microsoft_ Windows_ Operating System
    description..: Windows Explorer
    original name: EXPLORER.EXE
    internal name: explorer
    file version.: 6.1.7601.17567 (win7sp1_gdr.110224-1502)
    comments.....: n/a
    signers......: -
    signing date.: -
    verified.....: Unsigned
    PEiD: -
    PEInfo: PE structure information

    [[ basic data ]]
    entrypointaddress: 0x2B754
    timedatestamp....: 0x4D672EE4 (Fri Feb 25 04:24:04 2011)
    machinetype......: 0x8664

    [[ 6 section(s) ]]
    name, viradd, virsiz, rawdsiz, ntropy, md5
    .text, 0x1000, 0xB7AB9, 0xB7C00, 6.32, b4133bf2b80cee197db6bcd7b2743057
    .rdata, 0xB9000, 0x2EB94, 0x2EC00, 3.92, 2e6d17738cdab583f5761296def8b387
    .data, 0xE8000, 0x4064, 0x3C00, 0.83, 7a054877883eaf3ea1456db0449f6f8e
    .pdata, 0xED000, 0xCE04, 0xD000, 6.0, 1bd0dfded3d15b232def7fcac2d5bcf4
    .rsrc, 0xFA000, 0x1C2E88, 0x1C3000, 5.52, 6a4f43dfc1fafe36f32002e923f59f58
    .reloc, 0x2BD000, 0x265C, 0x2800, 5.4, 2e64a2723dada71870193642dc849502

    [[ 19 import(s) ]]
    advapi32.dll: RegCreateKeyW, RegCloseKey, RegOpenKeyExW, RegGetValueW, EventWrite, EventEnabled, GetTraceLoggerHandle, GetTraceEnableLevel, GetTraceEnableFlags, RegisterTraceGuidsW, UnregisterTraceGuids, RegQueryValueExW, GetLengthSid, GetTokenInformation, OpenProcessToken, RegCreateKeyExW, RegSetValueExW, EventRegister, RegDeleteKeyExW, EventUnregister, TraceMessage, RegOpenKeyW, RegDeleteValueW, RegQueryInfoKeyW, RegEnumValueW, LsaOpenPolicy, GetSidSubAuthorityCount, LsaClose, IsValidSid, LsaFreeMemory, StartTraceW, EnableTraceEx, StopTraceW, CryptAcquireContextW, CryptCreateHash, CryptHashData, CryptGetHashParam, CryptDestroyHash, CryptReleaseContext, StartServiceW, CreateWellKnownSid, RegEnumKeyExW, GetSidSubAuthority, LsaLookupSids, ConvertSidToStringSidW, ConvertStringSecurityDescriptorToSecurityDescriptorW, CheckTokenMembership, QueryServiceStatus, OpenSCManagerW, OpenServiceW, CloseServiceHandle, ConvertStringSidToSidW, OpenThreadToken
    dwmapi.dll: -, -, DwmEnableBlurBehindWindow, DwmSetWindowAttribute, DwmIsCompositionEnabled, DwmQueryThumbnailSourceSize, -, DwmUpdateThumbnailProperties, DwmUnregisterThumbnail, -, -
    explorerframe.dll: -, -
    gdi32.dll: LPtoDP, GetRgnBox, OffsetViewportOrgEx, GetStockObject, GdiFlush, CombineRgn, OffsetRgn, SetLayout, SetWindowOrgEx, StretchBlt, GetTextExtentPoint32W, CreatePen, Polyline, GetRegionData, GetTextColor, GetLayout, GetTextMetricsW, ExtCreateRegion, SetDIBits, SelectClipRgn, SetViewportOrgEx, GetViewportOrgEx, IntersectClipRect, GetClipRgn, CreateRectRgn, GetBkColor, PatBlt, CreateBitmap, SetBkMode, SetTextColor, SetBkColor, OffsetWindowOrgEx, CreateCompatibleBitmap, GetTextExtentPointW, GetClipBox, GetObjectW, GdiAlphaBlend, BitBlt, GetDeviceCaps, CreateFontIndirectW, CreateRectRgnIndirect, CreateCompatibleDC, CreateDIBSection, SelectObject, DeleteObject, DeleteDC, ExtTextOutW
    gdiplus.dll: GdipSetInterpolationMode, GdipDrawImageRectI, GdipCloneImage, GdipGetImageWidth, GdipGetImageHeight, GdipCreateBitmapFromHBITMAP, GdiplusStartup, GdiplusShutdown, GdipFree, GdipAlloc, GdipDisposeImage, GdipCreateFromHDC, GdipDeleteGraphics, GdipSetCompositingMode
    kernel32.dll: DelayLoadFailureHook, LoadLibraryExA, ReadFile, GetFileSize, CreateFileW, FlushInstructionCache, RaiseException, SetLastError, OpenThread, GetSystemTimeAsFileTime, GetLocaleInfoW, GetDateFormatW, GetTimeFormatW, GetLocalTime, MultiByteToWideChar, GetCurrentThreadId, GetCurrentProcessId, GetModuleHandleW, OpenEventW, InterlockedPopEntrySList, FindClose, FindNextFileW, GetLongPathNameW, SetProcessShutdownParameters, GetStartupInfoW, ReleaseMutex, CreateMutexW, InitializeCriticalSection, DeleteCriticalSection, VirtualAlloc, InterlockedPushEntrySList, SetUnhandledExceptionFilter, QueryPerformanceCounter, TerminateProcess, UnhandledExceptionFilter, RtlVirtualUnwind, RtlLookupFunctionEntry, VirtualFree, RtlCaptureContext, lstrcmpiW, CompareStringOrdinal, FindFirstFileW, SetErrorMode, CreateEventW, GetSystemDirectoryW, GetVersionExW, FreeLibrary, GetProcAddress, LoadLibraryW, GetUserDefaultUILanguage, WaitForSingleObject, SetTermsrvAppInstallMode, GetFileAttributesW, RegisterApplicationRestart, GlobalGetAtomNameW, ExpandEnvironmentStringsW, SystemTimeToFileTime, GetSystemTime, MulDiv, GetTickCount64, GetThreadPriority, LeaveCriticalSection, EnterCriticalSection, SetEvent, GetCurrentThread, SetThreadPriority, GetTickCount, GetUserDefaultLangID, ExitProcess, HeapDestroy, UnmapViewOfFile, MapViewOfFile, SearchPathW, GetDynamicTimeZoneInformation, GetTimeZoneInformation, GetBinaryTypeW, QueryPerformanceFrequency, QueueUserWorkItem, LoadLibraryExW, GetProductInfo, TerminateThread, CreateIoCompletionPort, GetQueuedCompletionStatus, LoadLibraryA, DeleteFileW, GetProcessId, GetModuleHandleA, GetWindowsDirectoryW, CompareStringW, lstrcmpA, CompareFileTime, QueryFullProcessImageNameW, CreateFileMappingW, ResetEvent, WideCharToMultiByte, GlobalFree, DuplicateHandle, GetCurrentDirectoryW, WaitForMultipleObjects, GetComputerNameW, GlobalLock, GlobalUnlock, GlobalAlloc, lstrlenA, DeactivateActCtx, ActivateActCtx, ReleaseActCtx, CreateActCtxW, LockResource, LoadResource, FindResourceExW, HeapAlloc, HeapFree, GetProcessHeap, GetCurrentProcess, GetCommandLineW, GetPrivateProfileStringW, GetModuleFileNameW, CreateProcessW, lstrlenW, OpenProcess, LocalFree, LocalAlloc, QueryInformationJobObject, Sleep, CreateThread, SetPriorityClass, GetPriorityClass, ResumeThread, AssignProcessToJobObject, SetInformationJobObject, GetLastError, CreateJobObjectW, CloseHandle
    msvcrt.dll: _vsnwprintf, free, wcsstr, iswalpha, wcschr, realloc, _wcsicmp, cosf, _wtoi, memcmp, sqrt, ceil, bsearch, __wgetmainargs, __C_specific_handler, _XcptFilter, _exit, _cexit, exit, _wcmdln, _initterm, _amsg_exit, __setusermatherr, _commode, _terminate@@YAXXZ, _onexit, _lock, __dllonexit, _unlock, __set_app_type, memmove, memcpy, memset, _fmode, malloc, sin
    ntdll.dll: WinSqmSetString, WinSqmSetDWORD, WinSqmAddToStreamEx, NtSetSystemInformation, WinSqmAddToStream, WinSqmEventEnabled, WinSqmIsOptedIn, NtSetInformationProcess, NtQueryInformationToken, NtOpenProcessToken, NtClose, NtOpenThreadToken, RtlGetProductInfo, EtwEventEnabled, EtwEventWrite, NtQueryInformationProcess
    ole32.dll: CoInitializeEx, CLSIDFromString, CoGetMalloc, CoGetInterfaceAndReleaseStream, RevokeDragDrop, RegisterDragDrop, CoUninitialize, CoInitialize, CoMarshalInterThreadInterfaceInStream, CoFreeUnusedLibraries, CoRegisterMessageFilter, StringFromGUID2, OleUninitialize, OleInitialize, CoRevokeClassObject, CoRegisterClassObject, CoCreateInstance, CoTaskMemFree, CreateStreamOnHGlobal, ReleaseStgMedium, PropVariantClear, CreateBindCtx, CoTaskMemAlloc, CoCreateFreeThreadedMarshaler
    oleaut32.dll: -, -, -, -, -, -
    powrprof.dll: CallNtPowerInformation, PowerDeterminePlatformRole, GetPwrCapabilities
    propsys.dll: PSCreateMemoryPropertyStore, VariantToStringAlloc, VariantToStringWithDefault, PropVariantToString, VariantToBooleanWithDefault, PropVariantToInt64, VariantToInt32WithDefault, PropVariantToBoolean, PropVariantToUInt64, PropVariantToUInt32, PropVariantToStringAlloc
    rpcrt4.dll: NdrClientCall3, I_RpcExceptionFilter, RpcStringFreeW, RpcBindingFree, RpcBindingSetAuthInfoExW, RpcStringBindingComposeW, RpcBindingFromStringBindingW
    secur32.dll: GetUserNameExW
    shell32.dll: -, -, -, SHCreateDataObject, SHGetLocalizedName, -, -, -, -, -, -, Shell_GetCachedImageIndexW, -, -, -, -, -, -, SHGetStockIconInfo, -, -, SHGetPropertyStoreForWindow, -, -, -, -, -, -, SHGetSpecialFolderLocation, SHCreateItemWithParent, SHBindToFolderIDListParent, SHBindToFolderIDListParentEx, -, SHChangeNotify, -, -, SHGetFileInfoW, -, -, -, SHParseDisplayName, -, -, SHGetFolderLocation, -, SHGetSpecialFolderPathW, SHBindToObject, -, -, -, -, -, -, SHGetKnownFolderIDList, ShellExecuteExW, -, -, -, -, SHGetNameFromIDList, -, SHCreateShellItem, -, -, -, -, SHChangeNotifyRegisterThread, -, -, -, -, -, -, -, -, -, -, SHGetPathFromIDListW, -, -, SHFileOperationW, SHGetFolderPathEx, SHUpdateRecycleBinIcon, -, -, -, -, SHBindToParent, SHGetFolderPathW, SHGetPathFromIDListA, ShellExecuteW, SHEnableServiceObject, -, -, -, -, -, SHGetIDListFromObject, SHCreateItemFromIDList, -, SHAddToRecentDocs, Shell_NotifyIconW, Shell_NotifyIconGetRect, ExtractIconExW, SHEvaluateSystemCommandTemplate, -, SHCreateShellItemArrayFromIDLists, -, -, DragQueryFileW, SHGetKnownFolderPath, SHCreateShellItemArrayFromShellItem, SHCreateItemFromParsingName, -
    shlwapi.dll: StrStrIW, -, -, AssocQueryStringW, PathQuoteSpacesW, -, SHDeleteKeyW, -, -, SHRegGetUSValueW, -, -, -, -, -, -, -, PathIsNetworkPathW, -, SHOpenRegStream2W, -, SHRegGetBoolUSValueW, -, SHStrDupW, StrChrIW, -, -, -, PathFileExistsW, PathGetDriveNumberW, -, -, -, -, -, PathRemoveFileSpecW, PathIsDirectoryW, -, -, SHRegGetValueW, -, ChrCmpIW, -, AssocQueryKeyW, PathStripPathW, -, PathIsRootW, -, PathParseIconLocationW, StrCmpIW, -, StrCmpW, PathIsPrefixW, -, -, -, -, -, -, SHCreateStreamOnFileW, SHQueryInfoKeyW, StrCmpNW, StrTrimW, -, -, -, PathStripToRootW, StrRetToBufW, PathCommonPrefixW, -, -, -, -, SHStrDupA, -, PathRemoveExtensionW, -, PathIsFileSpecW, -, -, AssocCreate, -, -, -, StrRetToStrW, StrToIntW, StrChrW, -, -, -, PathCombineW, -, SHCreateThreadRef, SHSetThreadRef, -, SHGetValueW, PathFindFileNameW, PathRemoveArgsW, PathRemoveBlanksW, StrCmpNIW, PathGetArgsW, -, -, SHSetValueW, SHDeleteValueW, PathAppendW, -, -, -, -, -, -, PathFindExtensionW, -, -
    slc.dll: SLGetWindowsInformationDWORD
    user32.dll: CopyRect, SetRect, CreateWindowExW, DialogBoxParamW, GetClassInfoW, GetClassInfoExW, GetMenuItemInfoW, GetMenuItemCount, DefWindowProcW, ActivateKeyboardLayout, GetCursorPos, InsertMenuW, GetMenuStringW, SetMenuItemInfoW, InsertMenuItemW, IsChild, IsWinEventHookInstalled, IsProcessDPIAware, IsRectEmpty, UnionRect, GetClassLongW, SetClassLongW, GetGUIThreadInfo, GetDlgCtrlID, GetNextDlgGroupItem, GetNextDlgTabItem, MoveWindow, ChildWindowFromPointEx, GetWindowDC, CharUpperW, UnregisterClassW, FrameRect, WindowFromDC, SendMessageCallbackW, UpdateLayeredWindow, GetUserObjectInformationW, GetProcessWindowStation, GetThreadDesktop, ShowWindowAsync, BringWindowToTop, GetClassLongPtrW, GetIconInfo, RegisterShellHookWindow, DeregisterShellHookWindow, FlashWindowEx, SetThreadDesktop, EndTask, OpenInputDesktop, CloseDesktop, GetMenuState, IsZoomed, SetScrollInfo, GetScrollInfo, SetScrollPos, InternalGetWindowText, GetWindowInfo, GetCaretBlinkTime, SetLayeredWindowAttributes, GetLayeredWindowAttributes, GetUpdateRect, SetWindowsHookExW, UnhookWindowsHookEx, CallNextHookEx, SetFocus, GetAncestor, ReleaseCapture, GetDoubleClickTime, RegisterWindowMessageW, SetWindowTextW, SetWindowPlacement, SetRectEmpty, EnumDisplayMonitors, InflateRect, EqualRect, UpdateWindow, GetMonitorInfoW, MonitorFromPoint, MonitorFromRect, CharPrevW, GetMessageW, TranslateMessage, DispatchMessageW, CreatePopupMenu, GetMenuDefaultItem, SendNotifyMessageW, LockSetForegroundWindow, ChangeWindowMessageFilterEx, IntersectRect, MonitorFromWindow, IsWindowVisible, GetForegroundWindow, EnumWindows, GetParent, IsWindow, TranslateAcceleratorW, WaitMessage, GetWindowTextW, GetClientRect, TrackPopupMenuEx, SetActiveWindow, GetKeyState, GhostWindowFromHungWindow, RegisterClassW, LoadCursorW, SubtractRect, RedrawWindow, BeginDeferWindowPos, DeferWindowPos, EndDeferWindowPos, InvalidateRect, OffsetRect, SendMessageTimeoutW, SetWindowRgn, UpdateLayeredWindowIndirect, GetWindowRgnBox, LoadImageW, GetWindowPlacement, SetForegroundWindow, GetLastInputInfo, RemovePropW, GetLastActivePopup, SwitchToThisWindow, MessageBeep, GetActiveWindow, GetFocus, SetCursor, UnregisterHotKey, RegisterHotKey, SendDlgItemMessageW, EndDialog, GetDesktopWindow, GetAsyncKeyState, ChildWindowFromPoint, SetCursorPos, GetMessagePos, BeginPaint, FillRect, DrawEdge, EndPaint, GetSystemMenu, EnableMenuItem, ExitWindowsEx, LoadIconW, DestroyIcon, IsIconic, DeleteMenu, CheckMenuItem, ModifyMenuW, WindowFromPoint, ClientToScreen, TrackPopupMenu, IsHungAppWindow, GetWindowThreadProcessId, AppendMenuW, CascadeWindows, TileWindows, LockWorkStation, ScreenToClient, RegisterClipboardFormatW, NotifyWinEvent, GetSysColor, DrawFocusRect, AdjustWindowRectEx, CopyIcon, MsgWaitForMultipleObjects, SetWinEventHook, RegisterClassExW, GetDlgItem, EnableWindow, GetDlgItemInt, SetDlgItemInt, IsDlgButtonChecked, IsWindowEnabled, CheckDlgButton, CallWindowProcW, SetCapture, DrawTextW, AdjustWindowRect, CalculatePopupWindowPosition, GetMessageExtraInfo, GetCapture, SetGestureConfig, DrawIconEx, RemoveMenu, SetMenuDefaultItem, LoadMenuW, GetSubMenu, AllowSetForegroundWindow, LoadAcceleratorsW, TrackMouseEvent, CharNextW, GetWindow, GetSysColorBrush, GetPropW, HungWindowFromGhostWindow, SetWindowCompositionAttribute, GetWindowLongW, MsgWaitForMultipleObjectsEx, EnumChildWindows, SendMessageW, PtInRect, GetKeyboardLayout, GetWindowRect, DestroyMenu, SystemParametersInfoW, ShowWindow, MapWindowPoints, SetTimer, SetPropW, KillTimer, SetWindowPos, GetWindowLongPtrW, PostQuitMessage, SetWindowLongPtrW, DestroyWindow, ShutdownBlockReasonCreate, LoadStringW, PostMessageW, PeekMessageW, ReleaseDC, GetDC, FindWindowW, GetSystemMetrics, GetShellWindow, GetClassNameW
    uxtheme.dll: GetThemeBackgroundExtent, GetThemeBackgroundRegion, GetThemeColor, IsThemePartDefined, GetThemeRect, DrawThemeIcon, GetBufferedPaintBits, BufferedPaintClear, IsAppThemed, IsCompositionActive, OpenThemeData, CloseThemeData, SetWindowTheme, GetThemeMetric, DrawThemeBackground, GetThemeTextExtent, DrawThemeText, GetThemeBool, DrawThemeParentBackground, GetWindowTheme, GetThemeBackgroundContentRect, GetThemePartSize, BeginBufferedPaint, DrawThemeTextEx, EndBufferedPaint, GetThemeMargins, BufferedPaintInit, BufferedPaintUnInit, IsThemeActive, -
    Androguard:
    -
    ExifTool:
    file metadata
    CharacterSet: Unicode
    CodeSize: 752640
    CompanyName: Microsoft Corporation
    EntryPoint: 0x2b754
    FileDescription: Windows Explorer
    FileFlagsMask: 0x003f
    FileOS: Windows NT 32-bit
    FileSize: 2.7 MB
    FileSubtype: 0
    FileType: Win32 EXE
    FileVersion: 6.1.7601.17567 (win7sp1_gdr.110224-1502)
    FileVersionNumber: 6.1.7601.17567
    ImageVersion: 6.1
    InitializedDataSize: 2119168
    InternalName: explorer
    LanguageCode: English (U.S.)
    LegalCopyright: Microsoft Corporation. All rights reserved.
    LinkerVersion: 9.0
    MIMEType: application/octet-stream
    MachineType: AMD AMD64
    OSVersion: 6.1
    ObjectFileType: Executable application
    OriginalFilename: EXPLORER.EXE
    PEType: PE32+
    ProductName: Microsoft Windows Operating System
    ProductVersion: 6.1.7601.17567
    ProductVersionNumber: 6.1.7601.17567
    Subsystem: Windows GUI
    SubsystemVersion: 6.1
    TimeStamp: 2011:02:25 05:24:04+01:00
    UninitializedDataSize: 0
    Symantec reputation:Suspicious.Insight
    1 Août 2011 19:32:42

    Voilà et merci
    1 Août 2011 19:36:58


    3 VT Community user(s) with a total of 11633 reputation credit(s) say(s) this sample is goodware. 0 VT Community user(s) with a total of 0 reputation credit(s) say(s) this sample is malware.
    File name: explorer.exe
    Submission date: 2011-07-31 09:49:06 (UTC)
    Current status: finished
    Result: 0 /43 (0.0%)
    VT Community

    goodware
    Safety score: 100.0%
    Compact
    Print results
    Antivirus Version Last Update Result
    AhnLab-V3 2011.07.31.00 2011.07.30 -
    AntiVir 7.11.12.167 2011.07.29 -
    Antiy-AVL 2.0.3.7 2011.07.31 -
    Avast 4.8.1351.0 2011.07.31 -
    Avast5 5.0.677.0 2011.07.30 -
    AVG 10.0.0.1190 2011.07.31 -
    BitDefender 7.2 2011.07.31 -
    CAT-QuickHeal 11.00 2011.07.31 -
    ClamAV 0.97.0.0 2011.07.30 -
    Commtouch 5.3.2.6 2011.07.31 -
    Comodo 9572 2011.07.31 -
    DrWeb 5.0.2.03300 2011.07.31 -
    Emsisoft 5.1.0.8 2011.07.31 -
    eSafe 7.0.17.0 2011.07.27 -
    eTrust-Vet 36.1.8472 2011.07.29 -
    F-Prot 4.6.2.117 2011.07.31 -
    F-Secure 9.0.16440.0 2011.07.29 -
    Fortinet 4.2.257.0 2011.07.30 -
    GData 22 2011.07.31 -
    Ikarus T3.1.1.104.0 2011.07.31 -
    Jiangmin 13.0.900 2011.07.30 -
    K7AntiVirus 9.109.4961 2011.07.29 -
    Kaspersky 9.0.0.837 2011.07.31 -
    McAfee 5.400.0.1158 2011.07.31 -
    McAfee-GW-Edition 2010.1D 2011.07.31 -
    Microsoft 1.7104 2011.07.31 -
    NOD32 6337 2011.07.31 -
    Norman 6.07.10 2011.07.30 -
    nProtect 2011-07-31.01 2011.07.31 -
    Panda 10.0.3.5 2011.07.30 -
    PCTools 8.0.0.5 2011.07.31 -
    Prevx 3.0 2011.07.31 -
    Rising 23.68.04.03 2011.07.29 -
    Sophos 4.67.0 2011.07.31 -
    SUPERAntiSpyware 4.40.0.1006 2011.07.30 -
    Symantec 20111.1.0.186 2011.07.31 -
    TheHacker 6.7.0.1.266 2011.07.31 -
    TrendMicro 9.200.0.1012 2011.07.31 -
    TrendMicro-HouseCall 9.200.0.1012 2011.07.31 -
    VBA32 3.12.16.4 2011.07.29 -
    VIPRE 10017 2011.07.31 -
    ViRobot 2011.7.30.4597 2011.07.30 -
    VirusBuster 14.0.146.2 2011.07.30 -
    Additional informationShow all
    MD5 : 332feab1435662fc6c672e25beb37be3
    SHA1 : 5a49d7390ee87519b9d69d3e4aa66ca066cc8255
    SHA256: 6bed1a3a956a859ef4420feb2466c040800eaf01ef53214ef9dab53aeff1cff0
    ssdeep: 49152:S/Co9niu04mHTaSk1EeC72ZbhvYYYYYYYYYYYRYYYYYYYYYYE3iA7/eFUJN9ojoI:uC0i
    scClvYYYYYYYYYYYRYYYYYYYYYY9
    File size : 2871808 bytes
    First seen: 2011-04-27 14:24:57
    Last seen : 2011-07-31 09:49:06
    Magic: PE32+ executable for MS Windows (GUI) Mono/.Net assembly
    TrID:
    Win64 Executable Generic (95.5%)
    Generic Win/DOS Executable (2.2%)
    DOS Executable Generic (2.2%)
    Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)
    sigcheck:
    publisher....: Microsoft Corporation
    copyright....: (c) Microsoft Corporation. All rights reserved.
    product......: Microsoft_ Windows_ Operating System
    description..: Windows Explorer
    original name: EXPLORER.EXE
    internal name: explorer
    file version.: 6.1.7601.17567 (win7sp1_gdr.110224-1502)
    comments.....: n/a
    signers......: -
    signing date.: -
    verified.....: Unsigned
    PEiD: -
    PEInfo: PE structure information

    [[ basic data ]]
    entrypointaddress: 0x2B754
    timedatestamp....: 0x4D672EE4 (Fri Feb 25 04:24:04 2011)
    machinetype......: 0x8664

    [[ 6 section(s) ]]
    name, viradd, virsiz, rawdsiz, ntropy, md5
    .text, 0x1000, 0xB7AB9, 0xB7C00, 6.32, b4133bf2b80cee197db6bcd7b2743057
    .rdata, 0xB9000, 0x2EB94, 0x2EC00, 3.92, 2e6d17738cdab583f5761296def8b387
    .data, 0xE8000, 0x4064, 0x3C00, 0.83, 7a054877883eaf3ea1456db0449f6f8e
    .pdata, 0xED000, 0xCE04, 0xD000, 6.0, 1bd0dfded3d15b232def7fcac2d5bcf4
    .rsrc, 0xFA000, 0x1C2E88, 0x1C3000, 5.52, 6a4f43dfc1fafe36f32002e923f59f58
    .reloc, 0x2BD000, 0x265C, 0x2800, 5.4, 2e64a2723dada71870193642dc849502

    [[ 19 import(s) ]]
    advapi32.dll: RegCreateKeyW, RegCloseKey, RegOpenKeyExW, RegGetValueW, EventWrite, EventEnabled, GetTraceLoggerHandle, GetTraceEnableLevel, GetTraceEnableFlags, RegisterTraceGuidsW, UnregisterTraceGuids, RegQueryValueExW, GetLengthSid, GetTokenInformation, OpenProcessToken, RegCreateKeyExW, RegSetValueExW, EventRegister, RegDeleteKeyExW, EventUnregister, TraceMessage, RegOpenKeyW, RegDeleteValueW, RegQueryInfoKeyW, RegEnumValueW, LsaOpenPolicy, GetSidSubAuthorityCount, LsaClose, IsValidSid, LsaFreeMemory, StartTraceW, EnableTraceEx, StopTraceW, CryptAcquireContextW, CryptCreateHash, CryptHashData, CryptGetHashParam, CryptDestroyHash, CryptReleaseContext, StartServiceW, CreateWellKnownSid, RegEnumKeyExW, GetSidSubAuthority, LsaLookupSids, ConvertSidToStringSidW, ConvertStringSecurityDescriptorToSecurityDescriptorW, CheckTokenMembership, QueryServiceStatus, OpenSCManagerW, OpenServiceW, CloseServiceHandle, ConvertStringSidToSidW, OpenThreadToken
    dwmapi.dll: -, -, DwmEnableBlurBehindWindow, DwmSetWindowAttribute, DwmIsCompositionEnabled, DwmQueryThumbnailSourceSize, -, DwmUpdateThumbnailProperties, DwmUnregisterThumbnail, -, -
    explorerframe.dll: -, -
    gdi32.dll: LPtoDP, GetRgnBox, OffsetViewportOrgEx, GetStockObject, GdiFlush, CombineRgn, OffsetRgn, SetLayout, SetWindowOrgEx, StretchBlt, GetTextExtentPoint32W, CreatePen, Polyline, GetRegionData, GetTextColor, GetLayout, GetTextMetricsW, ExtCreateRegion, SetDIBits, SelectClipRgn, SetViewportOrgEx, GetViewportOrgEx, IntersectClipRect, GetClipRgn, CreateRectRgn, GetBkColor, PatBlt, CreateBitmap, SetBkMode, SetTextColor, SetBkColor, OffsetWindowOrgEx, CreateCompatibleBitmap, GetTextExtentPointW, GetClipBox, GetObjectW, GdiAlphaBlend, BitBlt, GetDeviceCaps, CreateFontIndirectW, CreateRectRgnIndirect, CreateCompatibleDC, CreateDIBSection, SelectObject, DeleteObject, DeleteDC, ExtTextOutW
    gdiplus.dll: GdipSetInterpolationMode, GdipDrawImageRectI, GdipCloneImage, GdipGetImageWidth, GdipGetImageHeight, GdipCreateBitmapFromHBITMAP, GdiplusStartup, GdiplusShutdown, GdipFree, GdipAlloc, GdipDisposeImage, GdipCreateFromHDC, GdipDeleteGraphics, GdipSetCompositingMode
    kernel32.dll: DelayLoadFailureHook, LoadLibraryExA, ReadFile, GetFileSize, CreateFileW, FlushInstructionCache, RaiseException, SetLastError, OpenThread, GetSystemTimeAsFileTime, GetLocaleInfoW, GetDateFormatW, GetTimeFormatW, GetLocalTime, MultiByteToWideChar, GetCurrentThreadId, GetCurrentProcessId, GetModuleHandleW, OpenEventW, InterlockedPopEntrySList, FindClose, FindNextFileW, GetLongPathNameW, SetProcessShutdownParameters, GetStartupInfoW, ReleaseMutex, CreateMutexW, InitializeCriticalSection, DeleteCriticalSection, VirtualAlloc, InterlockedPushEntrySList, SetUnhandledExceptionFilter, QueryPerformanceCounter, TerminateProcess, UnhandledExceptionFilter, RtlVirtualUnwind, RtlLookupFunctionEntry, VirtualFree, RtlCaptureContext, lstrcmpiW, CompareStringOrdinal, FindFirstFileW, SetErrorMode, CreateEventW, GetSystemDirectoryW, GetVersionExW, FreeLibrary, GetProcAddress, LoadLibraryW, GetUserDefaultUILanguage, WaitForSingleObject, SetTermsrvAppInstallMode, GetFileAttributesW, RegisterApplicationRestart, GlobalGetAtomNameW, ExpandEnvironmentStringsW, SystemTimeToFileTime, GetSystemTime, MulDiv, GetTickCount64, GetThreadPriority, LeaveCriticalSection, EnterCriticalSection, SetEvent, GetCurrentThread, SetThreadPriority, GetTickCount, GetUserDefaultLangID, ExitProcess, HeapDestroy, UnmapViewOfFile, MapViewOfFile, SearchPathW, GetDynamicTimeZoneInformation, GetTimeZoneInformation, GetBinaryTypeW, QueryPerformanceFrequency, QueueUserWorkItem, LoadLibraryExW, GetProductInfo, TerminateThread, CreateIoCompletionPort, GetQueuedCompletionStatus, LoadLibraryA, DeleteFileW, GetProcessId, GetModuleHandleA, GetWindowsDirectoryW, CompareStringW, lstrcmpA, CompareFileTime, QueryFullProcessImageNameW, CreateFileMappingW, ResetEvent, WideCharToMultiByte, GlobalFree, DuplicateHandle, GetCurrentDirectoryW, WaitForMultipleObjects, GetComputerNameW, GlobalLock, GlobalUnlock, GlobalAlloc, lstrlenA, DeactivateActCtx, ActivateActCtx, ReleaseActCtx, CreateActCtxW, LockResource, LoadResource, FindResourceExW, HeapAlloc, HeapFree, GetProcessHeap, GetCurrentProcess, GetCommandLineW, GetPrivateProfileStringW, GetModuleFileNameW, CreateProcessW, lstrlenW, OpenProcess, LocalFree, LocalAlloc, QueryInformationJobObject, Sleep, CreateThread, SetPriorityClass, GetPriorityClass, ResumeThread, AssignProcessToJobObject, SetInformationJobObject, GetLastError, CreateJobObjectW, CloseHandle
    msvcrt.dll: _vsnwprintf, free, wcsstr, iswalpha, wcschr, realloc, _wcsicmp, cosf, _wtoi, memcmp, sqrt, ceil, bsearch, __wgetmainargs, __C_specific_handler, _XcptFilter, _exit, _cexit, exit, _wcmdln, _initterm, _amsg_exit, __setusermatherr, _commode, _terminate@@YAXXZ, _onexit, _lock, __dllonexit, _unlock, __set_app_type, memmove, memcpy, memset, _fmode, malloc, sin
    ntdll.dll: WinSqmSetString, WinSqmSetDWORD, WinSqmAddToStreamEx, NtSetSystemInformation, WinSqmAddToStream, WinSqmEventEnabled, WinSqmIsOptedIn, NtSetInformationProcess, NtQueryInformationToken, NtOpenProcessToken, NtClose, NtOpenThreadToken, RtlGetProductInfo, EtwEventEnabled, EtwEventWrite, NtQueryInformationProcess
    ole32.dll: CoInitializeEx, CLSIDFromString, CoGetMalloc, CoGetInterfaceAndReleaseStream, RevokeDragDrop, RegisterDragDrop, CoUninitialize, CoInitialize, CoMarshalInterThreadInterfaceInStream, CoFreeUnusedLibraries, CoRegisterMessageFilter, StringFromGUID2, OleUninitialize, OleInitialize, CoRevokeClassObject, CoRegisterClassObject, CoCreateInstance, CoTaskMemFree, CreateStreamOnHGlobal, ReleaseStgMedium, PropVariantClear, CreateBindCtx, CoTaskMemAlloc, CoCreateFreeThreadedMarshaler
    oleaut32.dll: -, -, -, -, -, -
    powrprof.dll: CallNtPowerInformation, PowerDeterminePlatformRole, GetPwrCapabilities
    propsys.dll: PSCreateMemoryPropertyStore, VariantToStringAlloc, VariantToStringWithDefault, PropVariantToString, VariantToBooleanWithDefault, PropVariantToInt64, VariantToInt32WithDefault, PropVariantToBoolean, PropVariantToUInt64, PropVariantToUInt32, PropVariantToStringAlloc
    rpcrt4.dll: NdrClientCall3, I_RpcExceptionFilter, RpcStringFreeW, RpcBindingFree, RpcBindingSetAuthInfoExW, RpcStringBindingComposeW, RpcBindingFromStringBindingW
    secur32.dll: GetUserNameExW
    shell32.dll: -, -, -, SHCreateDataObject, SHGetLocalizedName, -, -, -, -, -, -, Shell_GetCachedImageIndexW, -, -, -, -, -, -, SHGetStockIconInfo, -, -, SHGetPropertyStoreForWindow, -, -, -, -, -, -, SHGetSpecialFolderLocation, SHCreateItemWithParent, SHBindToFolderIDListParent, SHBindToFolderIDListParentEx, -, SHChangeNotify, -, -, SHGetFileInfoW, -, -, -, SHParseDisplayName, -, -, SHGetFolderLocation, -, SHGetSpecialFolderPathW, SHBindToObject, -, -, -, -, -, -, SHGetKnownFolderIDList, ShellExecuteExW, -, -, -, -, SHGetNameFromIDList, -, SHCreateShellItem, -, -, -, -, SHChangeNotifyRegisterThread, -, -, -, -, -, -, -, -, -, -, SHGetPathFromIDListW, -, -, SHFileOperationW, SHGetFolderPathEx, SHUpdateRecycleBinIcon, -, -, -, -, SHBindToParent, SHGetFolderPathW, SHGetPathFromIDListA, ShellExecuteW, SHEnableServiceObject, -, -, -, -, -, SHGetIDListFromObject, SHCreateItemFromIDList, -, SHAddToRecentDocs, Shell_NotifyIconW, Shell_NotifyIconGetRect, ExtractIconExW, SHEvaluateSystemCommandTemplate, -, SHCreateShellItemArrayFromIDLists, -, -, DragQueryFileW, SHGetKnownFolderPath, SHCreateShellItemArrayFromShellItem, SHCreateItemFromParsingName, -
    shlwapi.dll: StrStrIW, -, -, AssocQueryStringW, PathQuoteSpacesW, -, SHDeleteKeyW, -, -, SHRegGetUSValueW, -, -, -, -, -, -, -, PathIsNetworkPathW, -, SHOpenRegStream2W, -, SHRegGetBoolUSValueW, -, SHStrDupW, StrChrIW, -, -, -, PathFileExistsW, PathGetDriveNumberW, -, -, -, -, -, PathRemoveFileSpecW, PathIsDirectoryW, -, -, SHRegGetValueW, -, ChrCmpIW, -, AssocQueryKeyW, PathStripPathW, -, PathIsRootW, -, PathParseIconLocationW, StrCmpIW, -, StrCmpW, PathIsPrefixW, -, -, -, -, -, -, SHCreateStreamOnFileW, SHQueryInfoKeyW, StrCmpNW, StrTrimW, -, -, -, PathStripToRootW, StrRetToBufW, PathCommonPrefixW, -, -, -, -, SHStrDupA, -, PathRemoveExtensionW, -, PathIsFileSpecW, -, -, AssocCreate, -, -, -, StrRetToStrW, StrToIntW, StrChrW, -, -, -, PathCombineW, -, SHCreateThreadRef, SHSetThreadRef, -, SHGetValueW, PathFindFileNameW, PathRemoveArgsW, PathRemoveBlanksW, StrCmpNIW, PathGetArgsW, -, -, SHSetValueW, SHDeleteValueW, PathAppendW, -, -, -, -, -, -, PathFindExtensionW, -, -
    slc.dll: SLGetWindowsInformationDWORD
    user32.dll: CopyRect, SetRect, CreateWindowExW, DialogBoxParamW, GetClassInfoW, GetClassInfoExW, GetMenuItemInfoW, GetMenuItemCount, DefWindowProcW, ActivateKeyboardLayout, GetCursorPos, InsertMenuW, GetMenuStringW, SetMenuItemInfoW, InsertMenuItemW, IsChild, IsWinEventHookInstalled, IsProcessDPIAware, IsRectEmpty, UnionRect, GetClassLongW, SetClassLongW, GetGUIThreadInfo, GetDlgCtrlID, GetNextDlgGroupItem, GetNextDlgTabItem, MoveWindow, ChildWindowFromPointEx, GetWindowDC, CharUpperW, UnregisterClassW, FrameRect, WindowFromDC, SendMessageCallbackW, UpdateLayeredWindow, GetUserObjectInformationW, GetProcessWindowStation, GetThreadDesktop, ShowWindowAsync, BringWindowToTop, GetClassLongPtrW, GetIconInfo, RegisterShellHookWindow, DeregisterShellHookWindow, FlashWindowEx, SetThreadDesktop, EndTask, OpenInputDesktop, CloseDesktop, GetMenuState, IsZoomed, SetScrollInfo, GetScrollInfo, SetScrollPos, InternalGetWindowText, GetWindowInfo, GetCaretBlinkTime, SetLayeredWindowAttributes, GetLayeredWindowAttributes, GetUpdateRect, SetWindowsHookExW, UnhookWindowsHookEx, CallNextHookEx, SetFocus, GetAncestor, ReleaseCapture, GetDoubleClickTime, RegisterWindowMessageW, SetWindowTextW, SetWindowPlacement, SetRectEmpty, EnumDisplayMonitors, InflateRect, EqualRect, UpdateWindow, GetMonitorInfoW, MonitorFromPoint, MonitorFromRect, CharPrevW, GetMessageW, TranslateMessage, DispatchMessageW, CreatePopupMenu, GetMenuDefaultItem, SendNotifyMessageW, LockSetForegroundWindow, ChangeWindowMessageFilterEx, IntersectRect, MonitorFromWindow, IsWindowVisible, GetForegroundWindow, EnumWindows, GetParent, IsWindow, TranslateAcceleratorW, WaitMessage, GetWindowTextW, GetClientRect, TrackPopupMenuEx, SetActiveWindow, GetKeyState, GhostWindowFromHungWindow, RegisterClassW, LoadCursorW, SubtractRect, RedrawWindow, BeginDeferWindowPos, DeferWindowPos, EndDeferWindowPos, InvalidateRect, OffsetRect, SendMessageTimeoutW, SetWindowRgn, UpdateLayeredWindowIndirect, GetWindowRgnBox, LoadImageW, GetWindowPlacement, SetForegroundWindow, GetLastInputInfo, RemovePropW, GetLastActivePopup, SwitchToThisWindow, MessageBeep, GetActiveWindow, GetFocus, SetCursor, UnregisterHotKey, RegisterHotKey, SendDlgItemMessageW, EndDialog, GetDesktopWindow, GetAsyncKeyState, ChildWindowFromPoint, SetCursorPos, GetMessagePos, BeginPaint, FillRect, DrawEdge, EndPaint, GetSystemMenu, EnableMenuItem, ExitWindowsEx, LoadIconW, DestroyIcon, IsIconic, DeleteMenu, CheckMenuItem, ModifyMenuW, WindowFromPoint, ClientToScreen, TrackPopupMenu, IsHungAppWindow, GetWindowThreadProcessId, AppendMenuW, CascadeWindows, TileWindows, LockWorkStation, ScreenToClient, RegisterClipboardFormatW, NotifyWinEvent, GetSysColor, DrawFocusRect, AdjustWindowRectEx, CopyIcon, MsgWaitForMultipleObjects, SetWinEventHook, RegisterClassExW, GetDlgItem, EnableWindow, GetDlgItemInt, SetDlgItemInt, IsDlgButtonChecked, IsWindowEnabled, CheckDlgButton, CallWindowProcW, SetCapture, DrawTextW, AdjustWindowRect, CalculatePopupWindowPosition, GetMessageExtraInfo, GetCapture, SetGestureConfig, DrawIconEx, RemoveMenu, SetMenuDefaultItem, LoadMenuW, GetSubMenu, AllowSetForegroundWindow, LoadAcceleratorsW, TrackMouseEvent, CharNextW, GetWindow, GetSysColorBrush, GetPropW, HungWindowFromGhostWindow, SetWindowCompositionAttribute, GetWindowLongW, MsgWaitForMultipleObjectsEx, EnumChildWindows, SendMessageW, PtInRect, GetKeyboardLayout, GetWindowRect, DestroyMenu, SystemParametersInfoW, ShowWindow, MapWindowPoints, SetTimer, SetPropW, KillTimer, SetWindowPos, GetWindowLongPtrW, PostQuitMessage, SetWindowLongPtrW, DestroyWindow, ShutdownBlockReasonCreate, LoadStringW, PostMessageW, PeekMessageW, ReleaseDC, GetDC, FindWindowW, GetSystemMetrics, GetShellWindow, GetClassNameW
    uxtheme.dll: GetThemeBackgroundExtent, GetThemeBackgroundRegion, GetThemeColor, IsThemePartDefined, GetThemeRect, DrawThemeIcon, GetBufferedPaintBits, BufferedPaintClear, IsAppThemed, IsCompositionActive, OpenThemeData, CloseThemeData, SetWindowTheme, GetThemeMetric, DrawThemeBackground, GetThemeTextExtent, DrawThemeText, GetThemeBool, DrawThemeParentBackground, GetWindowTheme, GetThemeBackgroundContentRect, GetThemePartSize, BeginBufferedPaint, DrawThemeTextEx, EndBufferedPaint, GetThemeMargins, BufferedPaintInit, BufferedPaintUnInit, IsThemeActive, -
    Androguard:
    -
    ExifTool:
    file metadata
    CharacterSet: Unicode
    CodeSize: 752640
    CompanyName: Microsoft Corporation
    EntryPoint: 0x2b754
    FileDescription: Windows Explorer
    FileFlagsMask: 0x003f
    FileOS: Windows NT 32-bit
    FileSize: 2.7 MB
    FileSubtype: 0
    FileType: Win32 EXE
    FileVersion: 6.1.7601.17567 (win7sp1_gdr.110224-1502)
    FileVersionNumber: 6.1.7601.17567
    ImageVersion: 6.1
    InitializedDataSize: 2119168
    InternalName: explorer
    LanguageCode: English (U.S.)
    LegalCopyright: Microsoft Corporation. All rights reserved.
    LinkerVersion: 9.0
    MIMEType: application/octet-stream
    MachineType: AMD AMD64
    OSVersion: 6.1
    ObjectFileType%
    1 Août 2011 19:38:07

    j'aurais bien voulu le lien de la page comme demandé .....
    2 Août 2011 14:09:44

    Je suis sous seven hors le logiciel ne marche pas même en mode compatibilité :S
    2 Août 2011 14:26:10

    tu as essayé quelle compatibilité ?
    2 Août 2011 14:34:54

    win xp win server et win vista
    Il me dit que tweak UI ne peut mon fonctionner avec mon ordinateur, qu'il faut que je prenne une version Tweak UI à jour, hors je n'en ai pas trouver :s
    2 Août 2011 14:37:36

    bonjour :

    Télécharge ici : http://www.teamxscript.org/usbfixTelechargement.html USBFIX sur ton bureau

    branche tous tes periphériques sans les ouvrir

    /!\ Désactive provisoirement et seulement le temps de l'utilisation d'USBFIX, la protection en temps réel de ton Antivirus et de tes Antispywares, qui peuvent gêner fortement la procédure de recherche et de nettoyage de l'outil.

    si tu as XP => double clique
    si tu as Vista ou windows 7 => clic droit "executer en tant que...."


    sur l'icône Usbfix située sur ton Bureau.
    Sur la page, clique sur le bouton :

    choisi l option Suppression

    UsbFix scannera ton pc , laisse travailler l outil.

    Ensuite post le rapport UsbFix.txt qui apparaitra avec le bureau .

    Note : Le rapport UsbFix.txt est sauvegardé a la racine du disque.( C:\UsbFix.txt )

    ( CTRL+A Pour tout selectionner , CTRL+C pour copier et CTRL+V pour coller )
    2 Août 2011 15:00:32

    ############################## | UsbFix 7.053 | [Suppression]

    Utilisateur: COMMUN (Administrateur) # RAPHAEL [System manufacturer System Product Name]
    Mis à jour le 30/07/2011 par El Desaparecido
    Lancé à 14:53:03 | 02/08/2011
    Site Web: http://www.teamxscript.org
    Submit your sample: http://www.teamxscript.org/Upload.php
    Contact: TeamXscript.ElDesaparecido@gmail.com

    CPU: Intel(R) Core(TM) i5-2500K CPU @ 3.30GHz
    CPU 2: Intel(R) Core(TM) i5-2500K CPU @ 3.30GHz
    Microsoft Windows 7 Édition Intégrale (6.1.7601 64-Bit) # Service Pack 1
    Internet Explorer 9.0.8112.16421

    Pare-feu Windows: Activé
    RAM -> 4077 Mo
    C:\ (%systemdrive%) -> Disque fixe # 466 Go (230 Go libre(s) - 49%) [] # NTFS
    D:\ -> CD-ROM
    H:\ -> CD-ROM

    ################## | Éléments infectieux |

    Supprimé! C:\$RECYCLE.BIN\S-1-5-21-26150009-3402966595-637292963-1000

    ################## | Registre |

    Supprimé! HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\explorer|NoDrives

    ################## | Mountpoints2 |


    ################## | Listing |

    [01/08/2011 - 19:33:20 | D ] C:\$AVG8.VAULT$
    [02/08/2011 - 14:54:38 | SHD ] C:\$Recycle.Bin
    [11/04/2011 - 11:55:31 | D ] C:\ATI
    [14/07/2009 - 07:08:56 | SHD ] C:\Documents and Settings
    [25/06/2011 - 18:42:15 | D ] C:\Fraps
    [13/06/2011 - 17:59:44 | D ] C:\Intel
    [01/08/2011 - 17:17:46 | D ] C:\Kill'em
    [01/12/2006 - 23:37:14 | N | 904704] C:\msdia80.dll
    [22/06/2011 - 11:19:09 | RHD ] C:\MSOCache
    [30/06/2010 - 09:49:28 | D ] C:\NVIDIA
    [29/02/2004 - 17:44:34 | N | 52576] C:\orange.bmp
    [02/08/2011 - 14:12:22 | ASH | 4590055424] C:\pagefile.sys
    [14/07/2009 - 05:20:08 | D ] C:\PerfLogs
    [02/08/2011 - 14:45:31 | D ] C:\Program Files
    [01/08/2011 - 17:38:43 | D ] C:\Program Files (x86)
    [01/08/2011 - 17:17:46 | HD ] C:\ProgramData
    [16/01/2010 - 18:01:35 | SHD ] C:\Recovery
    [13/06/2011 - 18:01:18 | N | 2142] C:\RHDSetup.log
    [13/06/2011 - 13:59:29 | N | 90] C:\setup.log
    [01/08/2011 - 19:27:38 | SHD ] C:\System Volume Information
    [02/08/2011 - 14:54:38 | D ] C:\UsbFix
    [02/08/2011 - 14:53:04 | A | 2064] C:\UsbFix.txt
    [16/01/2010 - 18:01:42 | D ] C:\Users
    [20/03/2010 - 00:26:36 | D ] C:\UT2004
    [02/08/2011 - 14:45:31 | D ] C:\Windows

    ################## | Vaccin |

    C:\Autorun.inf -> Vaccin créé par UsbFix (TeamXscript)

    ################## | Upload |

    Veuillez envoyer le fichier: C:\UsbFix_Upload_Me_RAPHAEL.zip
    http://www.teamxscript.org/Upload.php
    Merci de votre contribution.

    ################## | E.O.F |

    Voilà le disque est réapparu ensuite que dois-je faire ?

    Merci encore Gen !!
    2 Août 2011 15:05:41

    le fichier explorer.exe ne me convient pas je sens qu'il y a un truc planqué derriere

    /!\ ATTENTION SUIVRE A LA LETTRE CES INDICATIONS/!\

    __________________________________________________________
    >Ce logiciel n'est à utiliser que prescrit par un helper qualifié et formé à l'outil.<
    >>>>>>>Ne pas utiliser en dehors de ce cas de figure : dangereux!<<<<<<<<
    =====================================================


    Surtout , pense à l'enregistrement à renommer Combofix en "ton prenom.exe" avant qu'il soit enregistré sur ton disque dur

    Telecharge ici : http://download.bleepingcomputer.com/sUBs/ComboFix.exe Combofix

    Si tu utilises AVG, IL FAUT IMPERATIVEMENT LE DESINSTALLER avant d'utiliser Combofix car il peut causer des dégâts en interaction avec l'outil pouvant mener à la réinstallation totale du système.
    La simple désactivation du résident n'est pas suffisante.
    Télécharge le désinstalleur d'AVG sur ce lien : http://www.avg.com/fr-fr/outils-telecharges
    Choisis la version adéquate (32 ou 64 bits)/!\

    _________________________________________________________
    >> referme les fenêtres de<souligne> tous les programmes en cours.
    >> Désactive provisoirement et seulement le temps de l'utilisation de ComboFix,
    >>la protection en temps réel de ton Antivirus et de tes Antispywares,
    >>qui peuvent gêner fortement la procédure de recherche et de nettoyage de l'outil.
    °°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°


    si tu as XP => double clique
    si tu as Vista ou windows 7 => clic droit "executer en tant que...."


    sur combofix renommé

    !!!!!NE TOUCHE A RIEN PENDANT LE TRAVAIL DE COMBOFIX (SOURIS/CLAVIER.....)!!!!!

    n'oublie pas de reactiver la garde de ton Antivirus et de tes Antispywares, avant de te reconnecter à internet.

    Reviens sur le forum, et copie et colle la totalité du contenu de C:\Combofix.txt dans ton prochain message.

    3 Août 2011 20:57:22

    ComboFix 11-08-03.02 - COMMUN 03/08/2011 20:48:17.1.4 - x64
    Microsoft Windows 7 Édition Intégrale 6.1.7601.1.1252.33.1036.18.4077.2553 [GMT 2:00]
    Lancé depuis: c:\users\COMMUN\Desktop\raphael.exe
    AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
    SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
    SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    * Un nouveau point de restauration a été créé
    .
    .
    (((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    c:\users\Public\ACTOFWAR.EXE
    c:\windows\7Loader.TAG
    c:\windows\Fonts\NfoViewer.ttf
    c:\windows\SysWow64\local.txt
    .
    .
    ((((((((((((((((((((((((((((( Fichiers créés du 2011-07-03 au 2011-08-03 ))))))))))))))))))))))))))))))))))))
    .
    .
    2011-08-03 18:53 . 2011-08-03 18:53 -------- d-----w- c:\users\Default\AppData\Local\temp
    2011-08-02 12:51 . 2011-08-02 12:55 -------- d-----w- C:\UsbFix
    2011-08-02 12:45 . 2011-08-03 18:42 -------- d-----w- c:\windows\Tweak-7
    2011-08-01 16:31 . 2011-08-01 16:31 -------- d-----w- c:\program files (x86)\Common Files\Adobe
    2011-08-01 15:01 . 2011-08-01 15:17 -------- d-----w- C:\Kill'em
    2011-08-01 13:37 . 2011-08-01 13:37 -------- d-----w- c:\program files (x86)\Trend Micro
    2011-08-01 12:40 . 2011-08-01 12:40 -------- d-sh--w- c:\programdata\{24036256-BFDB-4CD3-BE8A-A3D6160F2E16}
    2011-08-01 11:28 . 2011-08-01 11:28 -------- d-----w- c:\windows\Sun
    2011-08-01 11:14 . 2011-08-01 11:14 -------- d-----w- c:\users\COMMUN\AppData\Roaming\Origin
    2011-08-01 11:14 . 2011-08-01 11:14 -------- d-----w- c:\users\COMMUN\AppData\Local\Origin
    2011-08-01 11:14 . 2011-08-01 11:14 -------- d-----w- c:\programdata\Origin
    2011-08-01 11:14 . 2011-08-01 11:14 -------- d-----w- c:\program files (x86)\Origin Games
    2011-08-01 11:14 . 2011-08-01 11:14 -------- d-----w- c:\program files (x86)\Origin
    2011-07-29 20:47 . 2011-07-29 21:33 -------- d-----w- c:\users\COMMUN\AppData\Roaming\FileZilla
    2011-07-29 20:47 . 2011-07-29 20:47 -------- d-----w- c:\program files (x86)\FileZilla FTP Client
    2011-07-29 09:10 . 2011-07-13 04:53 8578896 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{5E66CE72-75F6-4D91-806E-5BA9CD0D047E}\mpengine.dll
    2011-07-15 19:36 . 2011-07-15 19:39 -------- d-----w- c:\program files (x86)\JPEG Compression
    2011-07-15 19:36 . 2004-03-09 07:00 1081616 ----a-w- c:\windows\SysWow64\MSCOMCTL.OCX
    2011-07-13 11:10 . 2011-07-14 19:55 -------- d-----w- c:\users\COMMUN\AppData\Roaming\.minecraft
    2011-07-08 14:38 . 2011-08-03 18:33 -------- d-----w- c:\program files (x86)\Giraffic
    2011-07-08 14:38 . 2011-07-08 14:38 -------- d-----w- c:\programdata\Giraffic
    .
    .
    .
    (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2011-07-15 09:22 . 2010-04-28 19:53 43520 ----a-w- c:\windows\SysWow64\CmdLineExt03.dll
    2011-07-04 11:43 . 2010-06-30 05:59 40112 ----a-w- c:\windows\avastSS.scr
    2011-07-04 11:43 . 2010-01-16 17:15 199304 ----a-w- c:\windows\SysWow64\aswBoot.exe
    2011-07-04 11:43 . 2011-01-24 08:00 253888 ----a-w- c:\windows\system32\aswBoot.exe
    2011-07-04 11:36 . 2005-11-21 22:14 600920 ----a-w- c:\windows\system32\drivers\aswSnx.sys
    2011-07-04 11:36 . 2010-01-16 17:15 288088 ----a-w- c:\windows\system32\drivers\aswSP.sys
    2011-07-04 11:35 . 2010-01-16 17:15 45400 ----a-w- c:\windows\system32\drivers\aswTdi.sys
    2011-07-04 11:32 . 2010-01-16 17:15 31064 ----a-w- c:\windows\system32\drivers\aswRdr.sys
    2011-07-04 11:32 . 2010-01-16 17:15 64856 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
    2011-07-04 11:32 . 2010-01-16 17:15 22360 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
    2011-06-24 15:11 . 2011-06-24 15:11 0 ----a-w- c:\windows\system32\uxt7696.tmp
    2011-06-15 16:10 . 2011-06-15 16:10 472808 ----a-w- c:\windows\SysWow64\deployJava1.dll
    2011-06-14 17:38 . 2011-06-24 17:04 2899176 ----a-w- c:\windows\system32\drivers\RTKVHD64.sys
    2011-06-14 11:40 . 2011-06-24 17:04 1483264 ----a-w- c:\windows\system32\RCoRes64.dat
    2011-06-13 17:04 . 2011-06-24 17:04 1560680 ----a-w- c:\windows\system32\RTSnMg64.cpl
    2011-06-13 16:24 . 2010-02-18 11:55 111928 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
    2011-06-13 13:31 . 2011-06-13 13:31 1076544 ----a-w- c:\windows\PE_Rom.dll
    2011-06-13 07:21 . 2010-01-17 15:00 3711256 ----a-w- c:\windows\system32\AutoPartNt.exe
    2011-06-10 15:35 . 2011-06-24 17:04 603472 ----a-w- c:\windows\system32\KAAPORT64.dll
    2011-06-07 15:09 . 2011-06-24 17:04 2405992 ----a-w- c:\windows\system32\RtPgEx64.dll
    2011-06-03 12:11 . 2011-06-24 17:04 1805928 ----a-w- c:\windows\system32\RtkApi64.dll
    2011-06-03 05:57 . 2011-07-13 09:48 44032 ----a-w- c:\windows\apppatch\acwow64.dll
    2011-06-02 15:03 . 2011-06-24 17:04 92264 ----a-w- c:\windows\system32\RCoInst64.dll
    2011-05-31 08:09 . 2011-06-13 10:55 3114088 ----a-w- c:\windows\system32\RtkAPO64.dll
    2011-05-31 07:42 . 2011-06-24 17:03 712296 ----a-w- c:\windows\system32\DTSSymmetryDLL64.dll
    2011-05-31 07:42 . 2011-06-24 17:03 693352 ----a-w- c:\windows\system32\DTSVoiceClarityDLL64.dll
    2011-05-31 07:42 . 2011-06-24 17:03 491112 ----a-w- c:\windows\system32\DTSNeoPCDLL64.dll
    2011-05-31 07:42 . 2011-06-24 17:03 1756264 ----a-w- c:\windows\system32\DTSS2SpeakerDLL64.dll
    2011-05-31 07:42 . 2011-06-24 17:03 1568360 ----a-w- c:\windows\system32\DTSS2HeadphoneDLL64.dll
    2011-05-31 07:42 . 2011-06-24 17:03 728680 ----a-w- c:\windows\system32\DTSBassEnhancementDLL64.dll
    2011-05-31 07:42 . 2011-06-24 17:03 432744 ----a-w- c:\windows\system32\DTSLimiterDLL64.dll
    2011-05-31 07:42 . 2011-06-24 17:03 428648 ----a-w- c:\windows\system32\DTSGainCompensatorDLL64.dll
    2011-05-31 07:42 . 2011-06-24 17:03 242792 ----a-w- c:\windows\system32\DTSLFXAPO64.dll
    2011-05-31 07:42 . 2011-06-24 17:03 242792 ----a-w- c:\windows\system32\DTSGFXAPO64.dll
    2011-05-31 07:42 . 2011-06-24 17:03 241768 ----a-w- c:\windows\system32\DTSGFXAPONS64.dll
    2011-05-31 07:42 . 2011-06-24 17:03 1486952 ----a-w- c:\windows\system32\DTSBoostDLL64.dll
    2011-05-28 12:56 . 2011-05-28 12:56 71680 ----a-w- c:\windows\system32\frapsv64.dll
    2011-05-28 12:56 . 2011-05-28 12:56 65536 ----a-w- c:\windows\SysWow64\frapsvid.dll
    2011-05-27 15:58 . 2011-06-13 16:00 1284712 ----a-w- c:\windows\RtlExUpd.dll
    2011-05-25 04:26 . 2011-05-25 04:26 9359872 ----a-w- c:\windows\system32\drivers\atikmdag.sys
    2011-05-25 03:53 . 2011-05-25 03:53 23336960 ----a-w- c:\windows\system32\atio6axx.dll
    2011-05-25 03:31 . 2011-05-25 03:31 17940992 ----a-w- c:\windows\SysWow64\atioglxx.dll
    2011-05-25 03:07 . 2011-05-25 03:07 151552 ----a-w- c:\windows\system32\atiapfxx.exe
    2011-05-25 03:07 . 2011-05-25 03:07 688128 ----a-w- c:\windows\SysWow64\aticfx32.dll
    2011-05-25 03:06 . 2011-04-20 02:07 811008 ----a-w- c:\windows\system32\aticfx64.dll
    2011-05-25 03:04 . 2011-05-25 03:04 462848 ----a-w- c:\windows\system32\ATIDEMGX.dll
    2011-05-25 03:04 . 2011-05-25 03:04 485376 ----a-w- c:\windows\system32\atieclxx.exe
    2011-05-25 03:03 . 2011-05-25 03:03 204288 ----a-w- c:\windows\system32\atiesrxx.exe
    2011-05-25 03:02 . 2011-05-25 03:02 120320 ----a-w- c:\windows\system32\atitmm64.dll
    2011-05-25 03:02 . 2011-05-25 03:02 423424 ----a-w- c:\windows\system32\atipdl64.dll
    2011-05-25 03:02 . 2011-05-25 03:02 356352 ----a-w- c:\windows\SysWow64\atipdlxx.dll
    2011-05-25 03:02 . 2011-05-25 03:02 278528 ----a-w- c:\windows\SysWow64\Oemdspif.dll
    2011-05-25 03:01 . 2011-05-25 03:01 16384 ----a-w- c:\windows\system32\atimuixx.dll
    2011-05-25 03:01 . 2011-05-25 03:01 59392 ----a-w- c:\windows\system32\atiedu64.dll
    2011-05-25 03:01 . 2011-05-25 03:01 43520 ----a-w- c:\windows\SysWow64\ati2edxx.dll
    2011-05-25 03:00 . 2011-05-25 03:00 1113088 ----a-w- c:\windows\system32\atiumd6v.dll
    2011-05-25 02:59 . 2011-05-25 02:59 1828864 ----a-w- c:\windows\SysWow64\atiumdmv.dll
    2011-05-25 02:59 . 2011-05-25 02:59 3810816 ----a-w- c:\windows\system32\atiumd6a.dll
    2011-05-25 02:58 . 2011-05-25 02:58 4219904 ----a-w- c:\windows\SysWow64\atidxx32.dll
    2011-05-25 02:50 . 2011-05-25 02:50 4017152 ----a-w- c:\windows\SysWow64\atiumdva.dll
    2011-05-25 02:49 . 2011-04-20 01:49 5008384 ----a-w- c:\windows\system32\atidxx64.dll
    2011-05-25 02:47 . 2011-05-25 02:47 51200 ----a-w- c:\windows\system32\aticalrt64.dll
    2011-05-25 02:47 . 2011-05-25 02:47 46080 ----a-w- c:\windows\SysWow64\aticalrt.dll
    2011-05-25 02:47 . 2011-05-25 02:47 44544 ----a-w- c:\windows\system32\aticalcl64.dll
    2011-05-25 02:47 . 2011-05-25 02:47 44032 ----a-w- c:\windows\SysWow64\aticalcl.dll
    2011-05-25 02:47 . 2011-05-25 02:47 8489472 ----a-w- c:\windows\system32\aticaldd64.dll
    2011-05-25 02:43 . 2011-05-25 02:43 6847488 ----a-w- c:\windows\SysWow64\aticaldd.dll
    2011-05-25 02:39 . 2011-05-25 02:39 4330496 ----a-w- c:\windows\SysWow64\atiumdag.dll
    2011-05-25 02:38 . 2011-05-25 02:38 53760 ----a-w- c:\windows\system32\atimpc64.dll
    2011-05-25 02:38 . 2011-05-25 02:38 53760 ----a-w- c:\windows\system32\amdpcom64.dll
    2011-05-25 02:38 . 2011-05-25 02:38 52736 ----a-w- c:\windows\SysWow64\atimpc32.dll
    2011-05-25 02:38 . 2011-05-25 02:38 52736 ----a-w- c:\windows\SysWow64\amdpcom32.dll
    2011-05-25 02:33 . 2011-05-25 02:33 5486592 ----a-w- c:\windows\system32\atiumd64.dll
    2011-05-25 02:26 . 2011-05-25 02:26 366592 ----a-w- c:\windows\system32\atiadlxx.dll
    2011-05-25 02:26 . 2011-05-25 02:26 262144 ----a-w- c:\windows\SysWow64\atiadlxy.dll
    2011-05-25 02:26 . 2011-05-25 02:26 14848 ----a-w- c:\windows\system32\atig6pxx.dll
    2011-05-25 02:26 . 2011-05-25 02:26 12800 ----a-w- c:\windows\SysWow64\atiglpxx.dll
    2011-05-25 02:26 . 2011-05-25 02:26 12800 ----a-w- c:\windows\system32\atiglpxx.dll
    2011-05-25 02:25 . 2011-05-25 02:25 39936 ----a-w- c:\windows\system32\atig6txx.dll
    2011-05-25 02:25 . 2011-05-25 02:25 32768 ----a-w- c:\windows\SysWow64\atigktxx.dll
    2011-05-25 02:25 . 2011-05-25 02:25 309760 ----a-w- c:\windows\system32\drivers\atikmpag.sys
    2011-05-25 02:24 . 2011-04-20 01:21 40960 ----a-w- c:\windows\system32\atiuxp64.dll
    2011-05-25 02:24 . 2011-05-25 02:24 31744 ----a-w- c:\windows\SysWow64\atiuxpag.dll
    2011-05-25 02:24 . 2011-05-25 02:24 38912 ----a-w- c:\windows\system32\atiu9p64.dll
    2011-05-25 02:24 . 2011-05-25 02:24 29184 ----a-w- c:\windows\SysWow64\atiu9pag.dll
    2011-05-25 02:24 . 2011-05-25 02:24 53248 ----a-w- c:\windows\system32\drivers\ati2erec.dll
    2011-05-25 02:19 . 2011-04-20 01:27 58880 ----a-w- c:\windows\system32\coinst.dll
    2011-05-24 21:44 . 2011-05-24 21:44 61952 ----a-w- c:\windows\system32\OVDecode64.dll
    2011-05-24 21:44 . 2011-05-24 21:44 59904 ----a-w- c:\windows\SysWow64\OVDecode.dll
    2011-05-24 21:44 . 2011-05-24 21:44 16672768 ----a-w- c:\windows\system32\amdocl64.dll
    2011-05-24 21:43 . 2011-05-24 21:43 12798976 ----a-w- c:\windows\SysWow64\amdocl.dll
    2011-05-24 17:14 . 2010-01-16 17:42 270720 ------w- c:\windows\system32\MpSigStub.exe
    2011-05-24 11:42 . 2011-06-29 10:01 404480 ----a-w- c:\windows\system32\umpnpmgr.dll
    2011-05-24 10:40 . 2011-06-29 10:01 64512 ----a-w- c:\windows\SysWow64\devobj.dll
    2011-05-24 10:40 . 2011-06-29 10:01 44544 ----a-w- c:\windows\SysWow64\devrtl.dll
    2011-05-24 10:39 . 2011-06-29 10:01 145920 ----a-w- c:\windows\SysWow64\cfgmgr32.dll
    2011-05-24 10:37 . 2011-06-29 10:01 252928 ----a-w- c:\windows\SysWow64\drvinst.exe
    2011-05-23 15:12 . 2011-06-24 17:04 1245288 ----a-w- c:\windows\system32\RTCOM64.dll
    2011-05-16 20:55 . 2011-06-13 16:01 107552 ----a-w- c:\windows\system32\RTNUninst64.dll
    2011-05-16 20:55 . 2011-06-13 10:50 74272 ----a-w- c:\windows\system32\RtNicProp64.dll
    .
    .
    ((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
    REGEDIT4
    .
    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "RocketDock"="c:\program files (x86)\RocketDock\RocketDock.exe" [2007-09-02 495616]
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
    "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2011-04-08 254696]
    "BCU"="c:\program files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe" [2010-03-05 411864]
    "StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-05-24 336384]
    "IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2011-05-19 284440]
    "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-06-06 937920]
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
    "ConsentPromptBehaviorAdmin"= 0 (0x0)
    "ConsentPromptBehaviorUser"= 3 (0x3)
    "EnableLUA"= 0 (0x0)
    "EnableUIADesktopToggle"= 0 (0x0)
    "PromptOnSecureDesktop"= 0 (0x0)
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
    "aux"=wdmaud.drv
    .
    [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
    BootExecute REG_MULTI_SZ autocheck autochk *\0oodbs
    .
    [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
    Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
    "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    "TrueImageMonitor.exe"=c:\program files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
    "Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
    "ASUS Ai Charger"=c:\program files (x86)\ASUS\ASUS Ai Charger\AiChargerAP.exe
    "BCU"="c:\program files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe"
    "ClockGen"=c:\users\COMMUN\Desktop\OUTILS\Overclock\Overclock CPU\ClockGen 1053\ClockGen 1053.exe -i p=0
    "QuickTime Task"="c:\program files (x86)\QuickTime\qttask.exe" -atboottime
    "Google Updater"="c:\program files (x86)\Google\Google Updater\GoogleUpdater.exe" -systray -startup
    .
    R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
    R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
    R2 gupdate;Service Google Update (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-01-17 133104]
    R3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [x]
    R3 cpuz130;cpuz130;c:\users\COMMUN\AppData\Local\Temp\cpuz130\cpuz_x64.sys [x]
    R3 cpuz135;cpuz135;c:\windows\TEMP\cpuz135\cpuz135_x64.sys [x]
    R3 driverhardwarev2x64;driverhardwarev2x64;c:\program files\ma-config.com\Drivers\driverhardwarev2x64.sys [2010-08-30 15872]
    R3 Futuremark SystemInfo Service;Futuremark SystemInfo Service;c:\program files (x86)\Common Files\Futuremark Shared\Futuremark SystemInfo\FMSISvc.exe [2011-03-01 130976]
    R3 gupdatem;Service Google Update (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-01-17 133104]
    R3 maconfservice;Ma-Config Service;c:\program files\ma-config.com\x64\maconfservice.exe [2011-03-23 420864]
    R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\Microsoft Office\Office14\GROOVE.EXE [2010-12-27 51727736]
    R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440]
    R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
    R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [x]
    R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x]
    R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
    R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x]
    R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]
    S0 AiCharger;ASUS Charger Driver;c:\windows\system32\DRIVERS\AiCharger.sys [x]
    S0 mv91xx;mv91xx;c:\windows\system32\DRIVERS\mv91xx.sys [x]
    S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [x]
    S0 tdrpman251;Acronis Try&Decide and Restore Points filter (build 251);c:\windows\system32\DRIVERS\tdrpm251.sys [x]
    S1 AsUpIO;AsUpIO;SysWow64\drivers\AsUpIO.sys [x]
    S1 aswSnx;aswSnx; [x]
    S1 aswSP;aswSP; [x]
    S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]
    S2 afcdpsrv;Acronis Nonstop Backup service;c:\program files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe [2011-01-31 2326920]
    S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
    S2 asComSvc;ASUS Com Service;c:\program files (x86)\ASUS\AXSP\1.00.13\atkexComSvc.exe [2010-11-03 918144]
    S2 asHmComSvc;ASUS HM Com Service;c:\program files (x86)\ASUS\AAHM\1.00.13\aaHMSvc.exe [2010-12-02 915584]
    S2 AsSysCtrlService;ASUS System Control Service;c:\program files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe [2010-10-21 586880]
    S2 aswFsBlk;aswFsBlk; [x]
    S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [x]
    S2 BCUService;Browser Configuration Utility Service;c:\program files (x86)\DeviceVM\Browser Configuration Utility\BCUService.exe [2010-03-05 235752]
    S2 Giraffic;Giraffic Video Accelerator;c:\program files (x86)\Giraffic\GirafficWatchdog.exe [2011-06-27 2211984]
    S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-05-19 13592]
    S3 afcdp;afcdp;c:\windows\system32\DRIVERS\afcdp.sys [x]
    S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [x]
    S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [x]
    S3 asmthub3;ASMedia USB3 Hub Service;c:\windows\system32\DRIVERS\asmthub3.sys [x]
    S3 asmtxhci;ASMEDIA XHCI Service;c:\windows\system32\DRIVERS\asmtxhci.sys [x]
    S3 ICCWDT;Intel(R) Watchdog Timer Driver (Intel(R) WDT);c:\windows\system32\DRIVERS\ICCWDT.sys [x]
    S3 MEIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [x]
    S3 Point64;Microsoft IntelliPoint Filter Driver;c:\windows\system32\DRIVERS\point64.sys [x]
    S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]
    S3 SIS163u;SiS163 USB Wireless LAN Adapter Driver;c:\windows\system32\DRIVERS\sis163u.sys [x]
    .
    .
    Contenu du dossier 'Tâches planifiées'
    .
    2011-08-01 c:\windows\Tasks\AppleSoftwareUpdate.job
    - c:\program files (x86)\Apple Software Update\SoftwareUpdate.exe [2006-08-29 13:21]
    .
    2011-08-03 c:\windows\Tasks\Google Software Updater.job
    - c:\program files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2010-01-17 09:13]
    .
    2011-08-03 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
    - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-01-17 09:49]
    .
    2011-08-02 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
    - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-01-17 09:49]
    .
    .
    --------- x86-64 -----------
    .
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
    @="{472083B0-C522-11CF-8763-00608CC02F24}"
    [HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
    2011-07-04 11:43 134384 ----a-w- c:\program files\Alwil Software\Avast5\ashShA64.dll
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "SoundMan"="SOUNDMAN.EXE" [2009-04-14 604704]
    "IntelliPoint"="c:\program files\Microsoft IntelliPoint\ipoint.exe" [2011-04-13 2399632]
    "itype"="c:\program files\Microsoft IntelliType Pro\itype.exe" [2011-04-13 1860496]
    "OODefragTray"="c:\program files\OO Software\Defrag\oodtray.exe" [2009-09-25 3834112]
    .
    [hkey_local_machine\software\microsoft\windows\currentversion\explorer\SharedTaskScheduler]
    "{1984DD45-52CF-49cd-AB77-18F378FEA264}"= "c:\program files (x86)\Stardock\Fences\FencesMenu64.dll" [2010-06-22 253288]
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
    "LoadAppInit_DLLs"=0x0
    .
    ------- Examen supplémentaire -------
    .
    uLocal Page = c:\windows\SysWOW64\blank.htm
    mLocal Page = c:\windows\SysWOW64\blank.htm
    uInternet Settings,ProxyOverride = *.local
    IE: &Envoyer à OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105
    IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
    TCP: DhcpNameServer = 192.168.1.1
    TCP: Interfaces\{0F3EF679-BEC5-4676-B863-E6CA7F85F5F4}: DhcpNameServer = 192.168.1.1
    TCP: Interfaces\{8894C794-4715-4005-9CBB-493F7944DEC3}: NameServer = 192.168.1.1
    .
    - - - - ORPHELINS SUPPRIMES - - - -
    .
    AddRemove-PunkBusterSvc - c:\windows\system32\pbsvc.exe
    .
    .
    .
    --------------------- CLES DE REGISTRE BLOQUEES ---------------------
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\System*]
    "OODEFRAG11.00.00.01WORKSTATION"="5817FC2ECC07511F1E5382A3A55EF5373F55908CD81F4C767FC14CB1D29B7F020081A2D5298F8A5E60D113DD19FB2B942FE742FEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74C5D575E7D6A3B9808BA7FD869164D67945D575E7D6A3B98088EDD5E5BE2F6E667970F33B84CF32EAF1575F1FEF7F2C565BEB1AAAD6CD28BEA8A2F3E46D0B5E725CFC29DA08F7EC415EC3727DD834F286881AB11AFB746EDE7B1BDE15BB717032D7D067E26E9EC3FAB2868BF01822041872DAA210800B9E843486678D5B7C94E300A41C4A17787E04002FB82B0B3CB8016ED4F9998435235718A96DA4BB04C6D6A624C027C19CAD6F2B459D94F966BB8B7F02EDFD544646FBEB8AF04664854E5E9F5F6EBB5F4672D3A065B554DF44DA2666ACCFB478C7C97C99585166166479E14BA025CDE72C0D85DB8CF27B356F0D7F110A9190964579204E8E2D590B6C1E7A0A7A4D11EC1F1AE79177C271C098DD8FA9CB307CC5DE7A936FD822C582913F11BBA086DADD0C4E8006F155038200D8976CECFB95549D507F9A59727B0723F5263F3C975DD56BBA6341347BFC8F18AAF2FE8D3497B3FFA3DBD324675A78AFC022C587CD38DCB0A693157B03B27975A78C2328E722C9AE4BEC57CA6ED5F2EB7DEFEF0A616B56E9998619664A6BDEF017122743F93657BD7E5A6DFC7088C5C0FA936C9C16FDF3D85FD862D6A0F8B9C3710957F18313F43496ECDBBA9E1F859D78882F33B34A9801F48367EBCA124846BAAB3A5C3F35E1BE3F6777240BB00AD18856703F65EC5BEE98A586ECA332F51BE7CEB3D5CA601EB868638EDF5F995A68C8CBB91498D7A47203929E7F6B967F087248020F23AF6E642047619A7A6BC52A2EE2CB97C82A2292D303AD899501C96CD2706AE0AC0A47DE0BCEC63A66E108680E3B99E4F222CBAB12E71B1FD353137506B67CA9C748168D8602940B6A1BB5B7C0336E373F79895825485E7E0CB9C0E7F3DE0DA93309BA2DB831028123582AAA1CA49320EB1FE9628AA8377771BEB1882CA85C9D0F391E94B1ED61664C2B897309CF0363B9F895D5E1ACD5B67CDBB98B1A9BA07A76218C2BD8D0988D08647841C3C7B9F073976D017F01717CBB241149BCEBA83614577737C9105866A61AC9A0B550CA4F3981899F563692F35BCC2D68096133638088C08884FFC933C59F9455A749BFCF7FA54A5D286A12D25039CEC5640241BDC3AC64E134EF9BD4195D3B4980B75E5FDC1A5243B54F02014C13C2B4670A630F28F2BDA027BD3156BE3F25D8AED381F63F49B8BEF2CDA98EAD426A42F2CA1F793E15105F0A63BAC1F36A577A6D65A6E7ABBD595E450382C0A42F1B52161F3F84AA96666AE05339BB61F4D7E98E2A19C08650D3F43E6B775452E4AFBE15D4EBE1709AA5EBBAD11FC7ED9DE33"
    "OODEFRAG12.00.00.01PROFESSIONAL"="9D871BF1626487738CD75D5E1896B576D12BDA5A33EF34C06E764233A67BB7B998E7237442004F8E3D51B07EE06F94945D9DE4336BE63541B5D66DB1A43C43A7B2BCE09CD11C5A8A3F6DD4F922371502DB19B497F587D1AC03C7ED8C6A15C6F165B26FBDBC5965D3F3AA737B7CB09052B10D9D2B09549F60E2C86701DEE8B55E04795C4D419EE0B80F8AA4D223E115FEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74C5D575E7D6A3B9808BA7FD869164D67945D575E7D6A3B9808A6A0AC4980AC7933836259AF488108EAF3C6C08B8A0D76EBA2E2C22486714AABD8EB7C6B7F862A4A7E569CB1FBEA2D9FA49E89AB1C74112C30E099508AF6EEE10644588871531135522EDF25074F4F035450B7B2AA54FCC4C97D531289626695D9D397E55D6A61051DB2EB4DB8686C3FA90A6573DA58597BBD6AFD69A1F20F48EBEF5553FDC15A995F018EE7817E432EAE4CB236F93F874A402CA5C9187D0F31B7C5B011AD64FE05FE06979F776FDB64D26C3EB475DB2EDD689DDC9A55EAC93B1FD14E5470EE9A904587DB19D5AE7D22E6922E1E5F16371830EDBBB863366D8466E7D445691135B7E09D3468784236E222BBAD16F06AD00F799CDC74F37067DF352F7081E191A229E0327D18634456529FB7E9B38366ED0C86FEDD11593DEAD218A2501BC649F3C8BB8697A73B63F250DB2C130196ACC38B7EC1E1468D56EF997F0FA815A726042DCB2EE6064960E672BB92DF7D4CF6CB40EC608FC02B06B1A0BF99B069BBA76DA3CC90D41D7D934E8003B60B9C6C8E468FC12E9121F02E2E0D91B7A4055BE410A9E16ACEC368E509F65EB84F45615433924F4F16FA45C229B291344449828791F40F49C3C9BF563E075A8FF1D23A3A5A184F3DD0552ECBAA9D3FAE520BD1C9D86BBD13A970DD7755146B02B613A9C7459ED948F7ADD8E4FB8C009817140F8092A93CFE786EC0ED7EB866AD66CA0797C1DEEF11C5731440AE701C3ADD1F238F2FFD3C192D6D8975A63F8683CF2FCD5B62C1760C790BD4A014F13F2DF65F9B6F61EDD1C0478AFEDC0629694745EC1BD37D63B18455CAB15E436AFAE035F9272E232FF6A8CDD80B04942B12931BA1B359AC965097208068E598E74218F0859D6D302D095BC75EBA63112E6653ABE07C57CEE05EB6246C5737B2AEEE680612F4620888C9324215C185F8CD3148D3B282CC05F9D229B0C002E7F3333C3FD29F4CD5ED945EDDCDE9F38695DA21877690F2CCB6D1820798A8921F0521CAD8BBA1E3A46C58D0627E41CB1AED59C8F8F7E9227F8C882ABE313C5219CF579FC8A8031F414E900D16EDEE6886CF031D5943A1061FF5F46792D58E33A604E6237605208930A32AE42638BD0B264B43793AC510B97B251FBF186521C7AB1498A01CC04ACE0BC14B8F"
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
    @Denied: (Full) (Everyone)
    .
    Heure de fin: 2011-08-03 20:54:30
    ComboFix-quarantined-files.txt 2011-08-03 18:54
    .
    Avant-CF: 243 855 634 432 octets libres
    Après-CF: 244 432 748 544 octets libres
    .
    - - End Of File - - D50102AECFF3163CE19F142200A79C20

    Merci ;) 
    3 Août 2011 22:27:55

    il est cracké ce windows 7 !! c'est pour cela que explorer ne plait guere.....
    4 Août 2011 23:16:46

    Erf c'est mon pote qui me l'a fait, c'est gênant ?
    5 Août 2011 12:27:23

    salut vu que ton windows n'est pas officiel , l'aide n'est pas possible
    5 Août 2011 23:45:15

    Peux tu tout de même me dire si mon windows est infecté svp comme cela je pourrais le nettoyer.

    Merci pour toute l'aide apporté précédemment gen-h@ckm@n
    Tom's guide dans le monde
    • Allemagne
    • Italie
    • Irlande
    • Royaume Uni
    • Etats Unis
    Suivre Tom's Guide
    Inscrivez-vous à la Newsletter
    • ajouter à twitter
    • ajouter à facebook
    • ajouter un flux RSS