Se connecter / S'enregistrer
Votre question

Ordi long a demarrer ou ne demarre pas

Tags :
  • Sécurité
Dernière réponse : dans Sécurité et virus
16 Avril 2008 10:58:47

Bonjour à tous!!!

Alors moi je sollicite votre aide ces derniers temps, mon pc a du mal à démarrer: Soit il est très long a démarrer, soit il ne démarre pas et je dois de ce fait le redémarrer plusieurs fois afin d'arriver a mon bureau et pouvoir (enfin) l'utiliser

Je craint que tout cela soit du a un virus ou autre chose donc je vous demande si vous pourriez m'aider a résoudre ce problème

Merci d'avance à tous.

Autres pages sur : ordi long demarrer demarre

16 Avril 2008 11:50:15

Svp quelqu'un pourrait m'aider?
Contenus similaires
16 Avril 2008 12:22:19

Merci pour ta réponse

TIen la rapport HiJackThis

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:21:16, on 16/04/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\PROGRA~1\FREEDO~1\fdm.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.www.daemon-search.com/default
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://recherche.neuf.fr/ie/default.html
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll
O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: TransBar.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\TransBar\TransBar.exe
O4 - Startup: UberIcon.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe
O8 - Extra context menu item: Tout télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlall.htm
O8 - Extra context menu item: Télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dllink.htm
O8 - Extra context menu item: Télécharger la sélection avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Télécharger la vidéo avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlfvideo.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: http://asia.msi.com.tw
O15 - Trusted Zone: http://global.msi.com.tw
O15 - Trusted Zone: http://www.msi.com.tw
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986....
O16 - DPF: {4C39376E-FA9D-4349-BACC-D305C1750EF3} (EPUImageControl Class) - http://tools.ebayimg.com/pm/activex/eBay_Enhanced_Pictu...
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownload/srl/2.0.0....
O16 - DPF: {8167C273-DF59-4416-B647-C8BB2C7EE83E} (WebSDev Control) - http://liveupdate.msi.com.tw/autobios/LOnline/install.c...
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} - http://fichiers.touslesdrivers.com/fichiers/hardwaredet...
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab569...
O16 - DPF: {F8C5C0F1-D884-43EB-A5A0-9E1C4A102FA8} (GoPetsWeb Control) - https://secure.gopetslive.com/dev/GoPetsWeb.cab
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: C-DillaCdaC11BA - C-Dilla Ltd - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

--
End of file - 8613 bytes
16 Avril 2008 12:33:15

Re,

Rien à signaler sur le log hijackthis.

Télécharge Deckard's System Scanner (DSS) (ou DSS) sur ton Bureau.
NB : Tu dois être connecté avec des droits d'Administrateur.
  • ferme toutes les applications et fenêtres
  • double-clique sur dss.exe pour le lancer et suis les instructions ci-dessous
    Attention, il est conseillé de stopper temporairement les logiciels résidents de protection (pare-feu, antivirus, etc.)
  • s'il s'agit d'une première utilisation ou d'une nouvelle version de DSS :
  • tu devras cliquer 2 fois sur le OK des boîtes de dialogue
    Attention, si tu tardes trop, la réponse Abandon sera automatiquement validée
  • quand le traitement est terminé (clique sur OK), deux fichiers texte s'affichent :
    main.txt <- ouvert en premier plan et en plein écran
    extra.txt <- ouvert en second plan et en fenêtré (regarde la barre des taches)
    S'il s'agit d'une utilisation supplémentaire de DSS :
  • tu n'auras pas de boîte de dialogue (pas de OK)
  • quand le traitement est terminé, un fichier texte s'affiche :
    main.txt <- ouvert en premier plan et en plein écran

  • copie (Ctrl+A puis Ctrl+C) et colle (Ctrl+V) le contenu de main.txt dans ton prochain post
  • copie de même le contenu de extra.txt dans ton prochain post, si tu as ce fichier (première utilisation)
  • n'oublie pas de réactiver les protections si elles ont été stoppées.



    Ce que fait DSS :
  • crée un point de restauration dans Windows XP et Vista
  • nettoie les fichiers temporaires, DPF-Downloaded Program Files et le Cache Internet, vide la Corbeille de tous les lecteurs
  • vérifie quelques zones importantes de ton système et établit un rapport pour examen par ton conseiller en sécurité. DSS lance automatiquement HijackThis pour toi; il va aussi créer un raccourci HijackThis sur ton Bureau si tu n'as pas déjà HijackThis d'installé.

    ;) 
    16 Avril 2008 12:43:21

    alors voila

    rapport de Main.txt

    Deckard's System Scanner v20071014.68
    Run by Anthony on 2008-04-16 12:39:29
    Computer is in Normal Mode.
    --------------------------------------------------------------------------------

    -- System Restore --------------------------------------------------------------

    Successfully created a Deckard's System Scanner Restore Point.


    -- Last 5 Restore Point(s) --
    139: 2008-04-16 10:39:38 UTC - RP207 - Deckard's System Scanner Restore Point
    138: 2008-04-15 22:00:22 UTC - RP206 - Supprimé Ultimate Spider-Man (TM)
    137: 2008-04-15 20:27:17 UTC - RP205 - Shockwave Player
    136: 2008-04-15 20:26:38 UTC - RP204 - Shockwave Player
    135: 2008-04-15 20:24:34 UTC - RP203 - Installed OpenOffice.org 2.4


    -- First Restore Point --
    1: 2008-01-17 16:51:52 UTC - RP69 - Point de vérification système


    Backed up registry hives.
    Performed disk cleanup.



    -- HijackThis (run as Anthony.exe) ---------------------------------------------

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 12:40:15, on 16/04/2008
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16640)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
    C:\WINDOWS\system32\drivers\CDAC11BA.EXE
    C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\WINDOWS\system32\PnkBstrA.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\RTHDCPL.EXE
    C:\WINDOWS\system32\RUNDLL32.EXE
    C:\WINDOWS\system32\ctfmon.exe
    C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe
    C:\PROGRA~1\FREEDO~1\fdm.exe
    C:\WINDOWS\system32\wscntfy.exe
    C:\Downloads\Software\dss.exe
    C:\PROGRA~1\TRENDM~1\HIJACK~1\Anthony.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.www.daemon-search.com/default
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://recherche.neuf.fr/ie/default.html
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll
    O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll
    O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
    O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
    O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
    O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - Startup: TransBar.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\TransBar\TransBar.exe
    O4 - Startup: UberIcon.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe
    O8 - Extra context menu item: Tout télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlall.htm
    O8 - Extra context menu item: Télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dllink.htm
    O8 - Extra context menu item: Télécharger la sélection avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlselected.htm
    O8 - Extra context menu item: Télécharger la vidéo avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlfvideo.htm
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O15 - Trusted Zone: http://asia.msi.com.tw
    O15 - Trusted Zone: http://global.msi.com.tw
    O15 - Trusted Zone: http://www.msi.com.tw
    O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab
    O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986....
    O16 - DPF: {4C39376E-FA9D-4349-BACC-D305C1750EF3} (EPUImageControl Class) - http://tools.ebayimg.com/pm/activex/eBay_Enhanced_Pictu...
    O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
    O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownload/srl/2.0.0....
    O16 - DPF: {8167C273-DF59-4416-B647-C8BB2C7EE83E} (WebSDev Control) - http://liveupdate.msi.com.tw/autobios/LOnline/install.c...
    O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} - http://fichiers.touslesdrivers.com/fichiers/hardwaredet...
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
    O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab569...
    O16 - DPF: {F8C5C0F1-D884-43EB-A5A0-9E1C4A102FA8} (GoPetsWeb Control) - https://secure.gopetslive.com/dev/GoPetsWeb.cab
    O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
    O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
    O23 - Service: C-DillaCdaC11BA - C-Dilla Ltd - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
    O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

    --
    End of file - 8461 bytes

    -- File Associations -----------------------------------------------------------

    All associations okay.


    -- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------

    R0 BTHidMgr (Bluetooth HID Manager Service) - c:\windows\system32\drivers\bthidmgr.sys <Not Verified; IVT Corporation; BlueSoleil(c)>
    R0 sfdrv01 (StarForce Protection Environment Driver (version 1.x)) - c:\windows\system32\drivers\sfdrv01.sys <Not Verified; Protection Technology; StarForce Protection System>
    R0 sfhlp02 (StarForce Protection Helper Driver (version 2.x)) - c:\windows\system32\drivers\sfhlp02.sys <Not Verified; Protection Technology; StarForce Protection System>
    R0 sfvfs02 (StarForce Protection VFS Driver (version 2.x)) - c:\windows\system32\drivers\sfvfs02.sys <Not Verified; Protection Technology; StarForce Protection System>
    R2 CdaC15BA - c:\windows\system32\drivers\cdac15ba.sys
    R3 ovt519 (Eye Toy) - c:\windows\system32\drivers\ov519vid.sys <Not Verified; OmniVision Technologies, Inc.; Dual Mode USB Camera 519>

    S3 BlueletAudio (Bluetooth Audio Service) - c:\windows\system32\drivers\blueletaudio.sys <Not Verified; IVT Corporation; Windows (R) 2000 DDK driver>
    S3 BT (Bluetooth PAN Network Adapter) - c:\windows\system32\drivers\btnetdrv.sys <Not Verified; IVT Corporation; BlueSoleil>
    S3 BTHidEnum (Bluetooth HID Enumerator) - c:\windows\system32\drivers\vbtenum.sys
    S3 giveio - c:\windows\system32\giveio.sys
    S3 GMSIPCI - e:\install\gmsipci.sys (file missing)
    S3 VComm (Virtual Serial port driver) - c:\windows\system32\drivers\vcomm.sys <Not Verified; IVT Corporation; BlueSoleil>
    S3 VcommMgr (Bluetooth VComm Manager Service) - c:\windows\system32\drivers\vcommmgr.sys <Not Verified; IVT Corporation; BlueSoleil>


    -- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------

    R2 AntiVirScheduler (AntiVir PersonalEdition Classic Scheduler) - "c:\program files\avira\antivir personaledition classic\sched.exe" <Not Verified; Avira GmbH; Scheduler>
    R2 C-DillaCdaC11BA - c:\windows\system32\drivers\cdac11ba.exe <Not Verified; C-Dilla Ltd; SafeCast Windows NT>


    -- Device Manager: Disabled ----------------------------------------------------

    Class GUID: {4D36E96F-E325-11CE-BFC1-08002BE10318}
    Description: Souris Microsoft PS/2
    Device ID: ACPI\PNP0F03\4&2B0A5BEB&0
    Manufacturer: Microsoft
    Name: Souris Microsoft PS/2
    PNP Device ID: ACPI\PNP0F03\4&2B0A5BEB&0
    Service: i8042prt

    Class GUID: {4D36E97E-E325-11CE-BFC1-08002BE10318}
    Description: USB Device
    Device ID: USB\VID_1110&PID_6489\5&28C564E5&0&4
    Manufacturer:
    Name: USB Device
    PNP Device ID: USB\VID_1110&PID_6489\5&28C564E5&0&4
    Service:

    Class GUID: {4D36E97E-E325-11CE-BFC1-08002BE10318}
    Description: Contrôleur multimédia
    Device ID: PCI\VEN_1131&DEV_7133&SUBSYS_48451043&REV_F0\4&D9F7D03&0&0830
    Manufacturer:
    Name: Contrôleur multimédia
    PNP Device ID: PCI\VEN_1131&DEV_7133&SUBSYS_48451043&REV_F0\4&D9F7D03&0&0830
    Service:


    -- Scheduled Tasks -------------------------------------------------------------

    2008-04-15 22:34:35 412 --a------ C:\WINDOWS\Tasks\Norton Security Scan.job


    -- Files created between 2008-03-16 and 2008-04-16 -----------------------------

    2008-04-16 11:08:58 0 d--hs---- C:\Documents and Settings\Anthony\Recent
    2008-04-16 00:16:38 0 d-------- C:\Program Files\Free Hide Folder
    2008-04-15 22:33:28 0 d-------- C:\Program Files\Fichiers communs\Symantec Shared
    2008-04-15 22:26:56 0 d-------- C:\Program Files\Norton Security Scan
    2008-04-15 22:24:38 0 d-------- C:\Program Files\OpenOffice.org 2.4
    2008-04-15 20:54:54 0 d-------- C:\Documents and Settings\All Users\Application Data\Google Updater
    2008-04-15 20:53:47 0 d-------- C:\Documents and Settings\All Users\Application Data\Adobe
    2008-04-15 20:44:33 0 d-------- C:\WINDOWS\RegisteredPackages
    2008-04-15 18:02:23 86016 --a------ C:\WINDOWS\unvise32.exe <Not Verified; MindVision Software; Installer VISE>
    2008-04-15 18:01:38 0 d-------- C:\Program Files\Rippackv3
    2008-04-15 17:58:31 0 d-------- C:\Program Files\WinASPI
    2008-04-15 17:57:29 0 d-------- C:\Documents and Settings\Anthony\NeoDivX Suite
    2008-04-15 17:41:30 0 d-------- C:\Documents and Settings\All Users\Application Data\DVD Shrink
    2008-04-15 13:55:44 0 d-------- C:\Downloads
    2008-04-15 12:15:42 0 d-------- C:\Documents and Settings\Anthony\Application Data\Free Download Manager
    2008-04-15 12:15:37 0 d-------- C:\Documents and Settings\All Users\Application Data\FreeDownloadManager.ORG
    2008-04-15 12:15:36 0 d-------- C:\Program Files\Free Download Manager
    2008-04-14 00:54:15 0 d-------- C:\Program Files\Morgan
    2008-04-14 00:54:07 209636 --a------ C:\WINDOWS\IPUI_DivXG400.exe <Not Verified; ; wingpack Application>
    2008-04-14 00:31:37 0 d-------- C:\Documents and Settings\Anthony\Application Data\dvdcss
    2008-04-14 00:30:42 0 d-------- C:\Program Files\DAEMON Tools Lite
    2008-04-11 20:12:48 0 d--hs---- C:\Documents and Settings\Valérie\Recent
    2008-03-30 17:46:01 0 d-------- C:\Program Files\BDGest Evolution
    2008-03-30 16:56:13 0 d-------- C:\Program Files\AviSynth 2.5
    2008-03-30 16:55:35 0 d-------- C:\Program Files\BatchDPG
    2008-03-22 11:43:29 664 --a------ C:\WINDOWS\system32\d3d9caps.dat
    2008-03-20 20:25:21 0 d-------- C:\Documents and Settings\Océane\Application Data\OpenOffice.org2
    2008-03-20 16:37:50 0 d-------- C:\Documents and Settings\Valérie\Application Data\ABBYY
    2008-03-20 16:37:23 0 d--h----- C:\C_DILLA
    2008-03-20 16:37:22 8864 --a------ C:\WINDOWS\system32\drivers\CDAC15BA.SYS


    -- Find3M Report ---------------------------------------------------------------

    2008-04-16 12:29:26 0 d-------- C:\Program Files\eMule
    2008-04-16 11:07:29 0 d-------- C:\Documents and Settings\Anthony\Application Data\uTorrent
    2008-04-15 22:33:28 0 d-------- C:\Program Files\Fichiers communs
    2008-04-15 22:29:39 4212 ---h----- C:\WINDOWS\system32\zllictbl.dat
    2008-04-15 22:24:05 0 d-------- C:\Program Files\OpenOffice.org 2.3
    2008-04-15 20:54:54 0 d-------- C:\Program Files\Google
    2008-04-15 20:53:53 0 d-------- C:\Program Files\Fichiers communs\Adobe
    2008-04-15 20:44:35 0 d-------- C:\Program Files\Movie Maker
    2008-04-15 18:02:23 0 d-------- C:\Program Files\DivX
    2008-04-15 17:59:32 0 d-------- C:\Program Files\K-Lite Codec Pack
    2008-04-15 15:35:22 0 d--h----- C:\Program Files\InstallShield Installation Information
    2008-04-15 11:50:39 0 d-------- C:\Program Files\TrackMania Nations ESWC
    2008-04-03 22:32:05 0 d-------- C:\Program Files\TuxPaint
    2008-03-30 11:13:12 0 d-------- C:\Documents and Settings\Anthony\Application Data\OpenOffice.org2
    2008-03-30 10:44:59 473864 --a------ C:\WINDOWS\system32\perfh00C.dat
    2008-03-30 10:44:59 77468 --a------ C:\WINDOWS\system32\perfc00C.dat
    2008-03-29 16:39:54 0 d-------- C:\Program Files\Messenger Plus! Live
    2008-03-15 17:00:41 0 d-------- C:\Program Files\MP3Gain
    2008-03-05 13:48:04 0 d-------- C:\Program Files\World of Warcraft
    2008-03-03 19:23:58 0 d-------- C:\Program Files\eBay
    2008-03-02 13:58:01 0 d-------- C:\Program Files\Trend Micro
    2008-03-01 16:42:46 0 d-------- C:\Program Files\ABBYY PDF Transformer 2.0
    2008-02-27 21:23:15 0 d-------- C:\Program Files\Windows Live
    2008-02-23 20:06:02 0 d-------- C:\Program Files\Fichiers communs\InstallShield
    2008-02-23 20:02:51 0 d-------- C:\Program Files\EPSON
    2008-02-23 20:02:03 0 d-------- C:\Program Files\ABBYY FineReader 6.0 Sprint
    2008-02-23 19:58:55 0 d-------- C:\Documents and Settings\Anthony\Application Data\InstallShield
    2008-02-21 17:29:30 0 d-------- C:\Program Files\SSC Service Utility
    2008-02-21 17:19:44 5248 --a------ C:\WINDOWS\system32\giveio.sys
    2008-02-21 16:31:40 0 d-------- C:\Documents and Settings\Anthony\Application Data\Help
    2008-02-20 22:27:57 0 d-------- C:\Documents and Settings\Anthony\Application Data\Media Player Classic
    2008-02-20 21:04:41 0 d-------- C:\Program Files\WinAVI MP4 Converter
    2008-02-20 20:57:41 0 d-------- C:\Program Files\Real Alternative
    2008-02-20 20:57:37 0 d-------- C:\Documents and Settings\Anthony\Application Data\Real
    2008-02-20 13:31:18 1044480 -ra------ C:\WINDOWS\system32\roboex32.dll <Not Verified; eHelp Corporation.; RoboHELP for WinHelp 9.2>
    2008-02-20 13:31:18 49152 -ra------ C:\WINDOWS\system32\inetwh32.dll <Not Verified; Blue Sky Software Corporation.; Blue Sky Software - INETWH32>
    2008-02-18 15:52:57 0 d-------- C:\Program Files\Bethesda Softworks
    2008-02-17 23:46:32 0 d-------- C:\Program Files\PhotoFiltre
    2008-02-01 12:17:40 587264 --a------ C:\WINDOWS\WLXPGSS.SCR <Not Verified; Microsoft Corporation; Galerie de photos Windows Live>


    -- Registry Dump ---------------------------------------------------------------

    *Note* empty entries & legit default entries are not shown


    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [05/12/2007 02:41]
    "RTHDCPL"="RTHDCPL.EXE" [27/09/2007 15:20 C:\WINDOWS\RTHDCPL.exe]
    "Alcmtr"="ALCMTR.EXE" [03/05/2005 19:43 C:\WINDOWS\Alcmtr.exe]
    "nwiz"="nwiz.exe" [05/12/2007 02:41 C:\WINDOWS\system32\nwiz.exe]
    "NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [05/12/2007 02:41]
    "avgnt"="C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [24/12/2007 14:00]
    "ZoneAlarm Client"="C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" [13/03/2008 23:11]

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [02/03/2006 14:00]

    C:\Documents and Settings\Anthony\Menu D‚marrer\Programmes\D‚marrage\
    TransBar.lnk - C:\WINDOWS\BricoPacks\Vista Inspirat 2\TransBar\TransBar.exe [01/06/2005 21:41:18]
    UberIcon.lnk - C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe [21/05/2006 09:43:08]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
    "AllowLegacyWebView"=1 (0x1)
    "AllowUnhashedWebView"=1 (0x1)

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^BlueSoleil.lnk]
    path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\BlueSoleil.lnk
    backup=C:\WINDOWS\pss\BlueSoleil.lnkCommon Startup

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Google Updater.lnk]
    path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Google Updater.lnk
    backup=C:\WINDOWS\pss\Google Updater.lnkCommon Startup

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Anthony^Menu Démarrer^Programmes^Démarrage^Y'z Shadow.lnk]
    path=C:\Documents and Settings\Anthony\Menu Démarrer\Programmes\Démarrage\Y'z Shadow.lnk
    backup=C:\WINDOWS\pss\Y'z Shadow.lnkStartup


    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
    "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\avgnt]
    "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE]
    C:\WINDOWS\system32\ctfmon.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
    "C:\Program Files\DAEMON Tools Lite\daemon.exe"

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogProtect]
    "C:\Documents and Settings\Valérie\Mes documents\LogProtect\LogProtect.exe"

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
    "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
    RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
    RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
    nwiz.exe /install

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RocketDock]
    "C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe"

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
    "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SW20]
    C:\WINDOWS\system32\sw20.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SW24]
    C:\WINDOWS\system32\sw24.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Transcode360]
    C:\Program Files\Transcode360\Transcode360Tray.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Trickler]
    "c:\program files\divx\divx pro codec\gain_trickler_3202.exe"

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Veoh]
    "C:\Program Files\Veoh Networks\Veoh\VeohClient.exe" /VeohHide

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinSys2]
    C:\WINDOWS\system32\winsys2.exe




    -- Hosts -----------------------------------------------------------------------

    127.0.0.1 007guard.com
    127.0.0.1 www.007guard.com
    127.0.0.1 008i.com
    127.0.0.1 008k.com
    127.0.0.1 www.008k.com
    127.0.0.1 00hq.com
    127.0.0.1 www.00hq.com
    127.0.0.1 010402.com
    127.0.0.1 032439.com
    127.0.0.1 www.032439.com

    8142 more entries in hosts file.


    -- End of Deckard's System Scanner: finished at 2008-04-16 12:40:55 ------------


    rapport de extra.txt

    Deckard's System Scanner v20071014.68
    Extra logfile - please post this as an attachment with your post.
    --------------------------------------------------------------------------------

    -- System Information ----------------------------------------------------------

    Microsoft Windows XP Édition familiale (build 2600) SP 2.0
    Architecture: X86; Language: French

    CPU 0: AMD Athlon(tm) 64 X2 Dual Core Processor 3600+
    CPU 1: AMD Athlon(tm) 64 X2 Dual Core Processor 3600+
    Percentage of Memory in Use: 35%
    Physical Memory (total/avail): 1023.36 MiB / 659.27 MiB
    Pagefile Memory (total/avail): 2461.21 MiB / 2142.21 MiB
    Virtual Memory (total/avail): 2047.88 MiB / 1921.87 MiB

    C: is Fixed (NTFS) - 186.3 GiB total, 71.97 GiB free.
    D: is CDROM (UDF)
    E: is CDROM (Unformatted)
    F: is CDROM (No Media)
    G: is Fixed (FAT32) - 372.52 GiB total, 330.86 GiB free.
    H: is Removable (No Media)

    \\.\PHYSICALDRIVE0 - ST3200822AS - 186.31 GiB - 1 partition
    \PARTITION0 (bootable) - Système de fichiers installable - 186.3 GiB - C:

    \\.\PHYSICALDRIVE2 - Generic STORAGE DEVICE USB Device

    \\.\PHYSICALDRIVE1 - SAMSUNG HD402LJ USB Device - 372.61 GiB - 1 partition
    \PARTITION0 - Unknown - 372.61 GiB - G:



    -- Security Center -------------------------------------------------------------

    AUOptions is scheduled to auto-install.
    Windows Internal Firewall is disabled.

    FirstRunDisabled is set.

    FW: ZoneAlarm Firewall v7.0.470.000 (Check Point, LTD.) Disabled
    AV: Avira AntiVir PersonalEdition v 7.0.3.158
    (Avira GmbH)

    [HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
    "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
    "C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
    "C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
    "%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

    [HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
    "C:\\WINDOWS\\system32\\sessmgr.exe"="C:\\WINDOWS\\system32\\sessmgr.exe:*:D isabled:@xpsp2res.dll,-22019"
    "C:\\WINDOWS\\system32\\ZoneLabs\\avsys\\ScanningProcess.exe"="C:\\WINDOWS\\system32\\ZoneLabs\\avsys\\ScanningProcess.exe:*:D isabled:Kaspersky AV Scanner"
    "C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
    "C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
    "C:\\Program Files\\IVT Corporation\\BlueSoleil\\BlueSoleil.exe"="C:\\Program Files\\IVT Corporation\\BlueSoleil\\BlueSoleil.exe:*:Enabled:BlueSoleil"
    "C:\\Documents and Settings\\Anthony\\Bureau\\utorrent.exe"="C:\\Documents and Settings\\Anthony\\Bureau\\utorrent.exe:*:Enabled:µTorrent"
    "%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
    "C:\\Program Files\\uTorrent\\uTorrent.exe"="C:\\Program Files\\uTorrent\\uTorrent.exe:*:Enabled:µTorrent"
    "C:\\WINDOWS\\system32\\PnkBstrA.exe"="C:\\WINDOWS\\system32\\PnkBstrA.exe:*:Enabled:p nkBstrA"
    "C:\\WINDOWS\\system32\\PnkBstrB.exe"="C:\\WINDOWS\\system32\\PnkBstrB.exe:*:Enabled:p nkBstrB"
    "C:\\Program Files\\Activision\\Call of Duty 4 - Modern Warfare\\iw3mp.exe"="C:\\Program Files\\Activision\\Call of Duty 4 - Modern Warfare\\iw3mp.exe:*:Enabled:Call of Duty(R) 4 - Modern Warfare(TM) "
    "C:\\Program Files\\Messenger\\msmsgs.exe"="C:\\Program Files\\Messenger\\msmsgs.exe:*:Enabled:Windows Messenger"


    -- Environment Variables -------------------------------------------------------

    ALLUSERSPROFILE=C:\Documents and Settings\All Users
    APPDATA=C:\Documents and Settings\Anthony\Application Data
    CommonProgramFiles=C:\Program Files\Fichiers communs
    COMPUTERNAME=VALERIE
    ComSpec=C:\WINDOWS\system32\cmd.exe
    FP_NO_HOST_CHECK=NO
    HOMEDRIVE=C:
    HOMEPATH=\Documents and Settings\Anthony
    LOGONSERVER=\\VALERIE
    NUMBER_OF_PROCESSORS=2
    OS=Windows_NT
    Path=C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\Program Files\Smart Projects\IsoBuster
    PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
    PROCESSOR_ARCHITECTURE=x86
    PROCESSOR_IDENTIFIER=x86 Family 15 Model 75 Stepping 2, AuthenticAMD
    PROCESSOR_LEVEL=15
    PROCESSOR_REVISION=4b02
    ProgramFiles=C:\Program Files
    PROMPT=$P$G
    SESSIONNAME=Console
    SystemDrive=C:
    SystemRoot=C:\WINDOWS
    TEMP=C:\DOCUME~1\Anthony\LOCALS~1\Temp
    TMP=C:\DOCUME~1\Anthony\LOCALS~1\Temp
    tvdumpflags=8
    USERDOMAIN=VALERIE
    USERNAME=Anthony
    USERPROFILE=C:\Documents and Settings\Anthony
    windir=C:\WINDOWS


    -- User Profiles ---------------------------------------------------------------

    Valérie (admin)
    Anthony (admin)
    Océane (admin)


    -- Add/Remove Programs ---------------------------------------------------------

    --> rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
    ABBYY FineReader 5.0 Sprint Plus --> MsiExec.exe /X{D1696920-9794-4BBC-8A30-7A88763DE5A2}
    ABBYY FineReader 6.0 --> MsiExec.exe /I{AF600F7B-67A7-48D9-BA3B-0FF97F35F970}
    ABBYY FineReader 6.0 Sprint --> MsiExec.exe /I{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}
    ABBYY PDF Transformer 2.0 --> MsiExec.exe /I{FA200000-0001-0000-0000-074957833700}
    Ad-Aware SE Personal --> C:\PROGRA~1\Lavasoft\AD-AWA~1\UNWISE.EXE C:\PROGRA~1\Lavasoft\AD-AWA~1\INSTALL.LOG
    Adobe Acrobat 5.0 --> C:\WINDOWS\ISUN040C.EXE -f"C:\Program Files\Fichiers communs\Adobe\Acrobat 5.0\NT\Uninst.isu" -c"C:\Program Files\Fichiers communs\Adobe\Acrobat 5.0\NT\Uninst.dll"
    Adobe Flash Player ActiveX --> C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
    Adobe Flash Player Plugin --> C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
    Adobe Reader 8.1.2 --> MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A81200000003}
    Adobe Shockwave Player 11 --> C:\WINDOWS\system32\adobe\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Adobe\SHOCKW~1\Install.log
    Archiveur WinRAR --> C:\Program Files\WinRAR\uninstall.exe
    ArcSoft PhotoImpression --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6C5D7191-140A-11D6-B5A0-0050DA208A93}\SETUP.EXE" -l0x40c -uninst
    Assistant de connexion Windows Live --> MsiExec.exe /I{AFA4E5FD-ED70-4D92-99D0-162FD56DC986}
    µTorrent --> "C:\Program Files\uTorrent\uTorrent.exe" /UNINSTALL
    Audacity 1.2.6 --> "C:\Program Files\Audacity\unins000.exe"
    Avira AntiVir PersonalEdition Classic --> C:\Program Files\Avira\AntiVir PersonalEdition Classic\SETUP.EXE /REMOVE
    Call of Duty(R) 4 - Modern Warfare(TM) --> C:\Program Files\InstallShield Installation Information\{E48469CC-635E-4FD5-A122-1497C286D217}\setup.exe -runfromtemp -l0x0409
    Call of Duty(R) 4 - Modern Warfare(TM) 1.4 Patch --> C:\Program Files\InstallShield Installation Information\{3BD633E0-4BF8-4499-9149-88F0767D449C}\setup.exe -runfromtemp -l0x0409
    Camera RAW Plug-In for EPSON Creativity Suite --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{93EA9C3E-BDFD-4309-A605-9B5BBC0CCEFD}\SETUP.EXE" -l0x40c UNINST
    CCleaner (remove only) --> "C:\Program Files\CCleaner\uninst.exe"
    Compel Adaptec WinASPI --> "C:\Program Files\WinASPI\unins000.exe"
    Cryptext (Remove Only) --> rundll32 setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\system32\ShellExt\Cryptext.inf
    D-Link VGA Webcam --> C:\WINDOWS\CleanDev.exe C:\WINDOWS\ov519.TXT
    DivX 5.0.2 Pro Bundle --> C:\WINDOWS\unvise32.exe C:\Program Files\DivX\uninstal.log
    DivX Content Uploader --> C:\Program Files\DivX\DivXContentUploaderUninstall.exe /CUPLOADER
    DivX Web Player --> C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN
    DivXG400 --> "C:\WINDOWS\IPUI_DivXG400.exe" /U /D
    eMule --> "C:\Program Files\eMule\Uninstall.exe"
    EPSON Attach To Email --> C:\Program Files\Fichiers communs\InstallShield\Driver\8\Intel 32\IDriver.exe /M{20C45B32-5AB6-46A4-94EF-58950CAF05E5} /l1033 ADDREMOVEDLG
    EPSON Copy Utility 3 --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{67EDD823-135A-4D59-87BD-950616D6E857}\SETUP.EXE" -l0x40c -UnInstall
    EPSON Easy Photo Print --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3D78F2A2-C893-4ABD-B5FE-AD7011837755}\SETUP.EXE" -l0x40c UNINST
    EPSON File Manager --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2EB81825-E9EE-44F4-8F51-1240C3898DC6}\Setup.exe" -l0x40c UNINST
    EPSON Logiciel imprimante --> C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\EPUPDATE.EXE /R
    EPSON Scan --> C:\Program Files\epson\escndv\setup\setup.exe /r
    EPSON Scan Assistant --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2A88F1BF-7041-4E42-84B1-6B4ACB83AC64}\Setup.exe" -l0x40c -u
    EPSON Stylus CX7300_CX8300_DX7400_DX8400 Manuel --> C:\Program Files\EPSON\TPMANUAL\ES_CX_DX\FRA\USE_G\DOCUNINS.EXE
    EPSON Web-To-Page --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7F14F68C-17FA-4F88-B3FD-7F449C1EBF32}\SETUP.EXE" -l0x40c -anything
    Free Download Manager 2.5 --> "C:\Program Files\Free Download Manager\unins000.exe"
    Galerie de photos Windows Live --> MsiExec.exe /X{A70FA218-6598-4AC9-813D-63597C5DD068}
    Google Earth --> MsiExec.exe /I{1E04F83B-2AB9-4301-9EF7-E86307F79C72}
    Google Toolbar for Internet Explorer --> MsiExec.exe /I{DBEA1034-5882-4A88-8033-81C4EF0CFA29}
    Google Toolbar for Internet Explorer --> regsvr32 /u /s "c:\program files\google\googletoolbar1.dll"
    Google Updater --> "C:\Program Files\Google\Google Updater\GoogleUpdater.exe" -uninstall
    HijackThis 2.0.2 --> "C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
    IsoBuster 2.3 --> "C:\Program Files\Smart Projects\IsoBuster\Uninst\unins000.exe"
    Java(TM) 6 Update 3 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160030}
    JkDefrag 3.26 Fr --> "C:\Program Files\JkDefrag\unins000.exe"
    K-Lite Codec Pack 2.81 Full --> "C:\Program Files\K-Lite Codec Pack\unins000.exe"
    Kaspersky Online Scanner --> C:\WINDOWS\system32\KASPER~1\KASPER~1\kavuninstall.exe
    Language pack for Ad-Aware SE --> C:\PROGRA~1\Lavasoft\AD-AWA~1\Plugins\Langs\UNWISE.EXE C:\PROGRA~1\Lavasoft\AD-AWA~1\Plugins\Langs\INSTALL.LOG
    Les Sims 2 --> C:\Program Files\EA GAMES\Les Sims 2\EAUninstall.exe
    Les Sims 2 : Nuits de Folie --> C:\Program Files\EA GAMES\Les Sims 2 Nuits de Folie\EAUninstall.exe
    Les Sims 2 Académie --> C:\Program Files\EA GAMES\Les Sims 2 Académie\EAUninstall.exe
    Les Sims 2 : La bonne affaire --> C:\Program Files\EA GAMES\Les Sims 2 La bonne affaire\EAUninstall.exe
    Les Sims™ 2 Animaux & Cie --> C:\Program Files\EA GAMES\Les Sims 2 Animaux & Cie\EAUninstall.exe
    Les Sims™ 2 Au fil des saisons --> C:\Program Files\EA GAMES\Les Sims 2 Au fil des saisons\EAUninstall.exe
    Les Sims™ 2 Bon Voyage --> C:\Program Files\EA GAMES\Les Sims 2 Bon Voyage\EAUninstall.exe
    LogProtect version 1.1.3 --> "C:\Documents and Settings\Valérie\Mes documents\LogProtect\unins000.exe"
    Messenger Plus! Live --> "C:\Program Files\Messenger Plus! Live\Uninstall.exe"
    Microsoft Compression Client Pack 1.0 for Windows XP --> "C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
    Microsoft SQL Server 2005 Compact Edition [ENU] --> MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
    Microsoft User-Mode Driver Framework Feature Pack 1.0 --> "C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB911164) -->
    Mozilla Firefox (2.0.0.13) --> C:\Program Files\Mozilla Firefox\uninstall\helper.exe
    Neuf - Kit de connexion --> C:\Program Files\Neuf\Kit\uninstall.exe
    Norton Security Scan --> MsiExec.exe /I{1A8A214F-6BAC-4E01-A27D-25C19A484908}
    NVIDIA Drivers --> C:\WINDOWS\system32\nvuninst.exe UninstallGUI
    Oblivion --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{35CB6715-41F8-4F99-8881-6FC75BF054B0}\setup.exe" -l0x40c -removeonly
    OpenOffice.org 2.4 --> MsiExec.exe /I{2BB8FBB4-CFF9-434E-AA0A-40F5379C1602}
    Pack Vista Inspirat 2 1.0 --> C:\WINDOWS\BricoPacks\Vista Inspirat 2\Remove.exe
    Package de pilotes Windows - Advanced Micro Devices (AmdK8) Processor (05/27/2006 1.3.2.0) --> C:\PROGRA~1\DIFX\7B44739871F4D539FA473F57A832EA4B6A59EF06\DPInst.exe /d /u C:\WINDOWS\system32\DRVSTORE\amdk8_1F9DE4E49C97F59EE9F75C34E0E91E568FC9EEB2\amdk8.inf
    PhotoFiltre --> "C:\Program Files\PhotoFiltre\Uninst.exe"
    Real Alternative 1.60 Lite --> "C:\Program Files\Real Alternative\unins000.exe"
    Realtek High Definition Audio Driver --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\Setup.exe" -l0x40c -removeonly
    ScanToWeb --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EBAE381B-60A6-4863-AA9F-FCAB755BC9E5}\setup.exe" ADDREMOVEDLG
    Spybot - Search & Destroy --> "C:\Program Files\Spybot - Search & Destroy\unins000.exe"
    System Requirements Lab --> C:\Program Files\SystemRequirementsLab\Uninstall.exe
    TH Calculator --> C:\Program Files\TH Calculator\Uninstal.exe
    TrackMania Nations ESWC 1.7.9 --> "C:\Program Files\TrackMania Nations ESWC\unins000.exe"
    Tux Paint 0.9.19 --> "C:\Program Files\TuxPaint\unins000.exe"
    Ultimate Spider-Man (TM) --> C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{CC35B08B-4EC1-4759-B159-0EC4E69C3E7C}
    VeohTV BETA --> C:\Program Files\InstallShield Installation Information\{97A96172-A963-4A37-9FFB-DA6805BB915A}\setup.exe -runfromtemp -l0x0409
    VideoLAN VLC media player 0.8.6f --> C:\Program Files\VideoLAN\VLC\uninstall.exe
    Vista --> "C:\WINDOWS\uninstall Vista.exe"
    Waver Version 2.95 --> "C:\Program Files\Flop\Waver\unins000.exe"
    Windows Imaging Component --> "C:\WINDOWS\$NtUninstallWIC$\spuninst\spuninst.exe"
    Windows Live installer --> MsiExec.exe /X{FD44E544-E7D0-4DBA-9FA0-8AE1A1300390}
    Windows Live Mail --> MsiExec.exe /I{C514C594-23AA-4F13-A070-DB8BDB27594F}
    Windows Live Messenger --> MsiExec.exe /X{BADF6744-3787-48F6-B8C9-4C4995401D65}
    Windows Media Format 11 runtime --> "C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
    World of Warcraft --> C:\Program Files\Fichiers communs\Blizzard Entertainment\World of Warcraft\Uninstall.exe
    ZoneAlarm --> C:\Program Files\Zone Labs\ZoneAlarm\zauninst.exe


    -- Application Event Log -------------------------------------------------------

    Event Record #/Type5027 / Success
    Event Submitted/Written: 04/16/2008 10:29:42 AM
    Event ID/Source: 12001 / usnjsvc
    Event Description:
    The Messenger Sharing USN Journal Reader service started successfully.

    Event Record #/Type5003 / Error
    Event Submitted/Written: 04/15/2008 05:58:47 PM
    Event ID/Source: 1000 / Application Error
    Event Description:
    Application défaillante neodivxsuite.exe, version 0.0.0.0, module défaillant ghctmvds.ols, version 4.0.0.0, adresse de défaillance 0x00193149.
    Traitement de l'événement propre au support pour [neodivxsuite.exe!ws!]

    Event Record #/Type4946 / Success
    Event Submitted/Written: 04/15/2008 10:07:11 AM
    Event ID/Source: 12001 / usnjsvc
    Event Description:
    The Messenger Sharing USN Journal Reader service started successfully.

    Event Record #/Type4918 / Success
    Event Submitted/Written: 04/14/2008 10:02:43 AM
    Event ID/Source: 12001 / usnjsvc
    Event Description:
    The Messenger Sharing USN Journal Reader service started successfully.

    Event Record #/Type4870 / Success
    Event Submitted/Written: 04/13/2008 09:33:58 AM
    Event ID/Source: 12001 / usnjsvc
    Event Description:
    The Messenger Sharing USN Journal Reader service started successfully.



    -- Security Event Log ----------------------------------------------------------

    No Errors/Warnings found.


    -- System Event Log ------------------------------------------------------------

    Event Record #/Type10983 / Warning
    Event Submitted/Written: 04/16/2008 11:37:02 AM
    Event ID/Source: 1007 / Dhcp
    Event Description:
    Votre ordinateur a automatiquement configuré l'adresse IP pour la
    carte avec l'adresse réseau 0016178F0DF8. L'adresse IP utilisée est 169.254.231.235.

    Event Record #/Type10982 / Warning
    Event Submitted/Written: 04/16/2008 11:36:57 AM
    Event ID/Source: 1003 / Dhcp
    Event Description:
    Votre ordinateur n'a pas pu renouveler son adresse à partir du réseau (à partir
    du serveur DHCP) pour la carte réseau dont l'adresse réseau est 0016178F0DF8. Il s'est
    produit l'erreur suivante :
    %%121.
    Votre ordinateur va continuer à essayer d'obtenir sa propre adresse auprès du
    serveur d'adresse réseau (DHCP).

    Event Record #/Type10981 / Warning
    Event Submitted/Written: 04/16/2008 11:36:29 AM
    Event ID/Source: 1003 / Dhcp
    Event Description:
    Votre ordinateur n'a pas pu renouveler son adresse à partir du réseau (à partir
    du serveur DHCP) pour la carte réseau dont l'adresse réseau est 0016178F0DF8. Il s'est
    produit l'erreur suivante :
    %%1223.
    Votre ordinateur va continuer à essayer d'obtenir sa propre adresse auprès du
    serveur d'adresse réseau (DHCP).

    Event Record #/Type10913 / Error
    Event Submitted/Written: 04/16/2008 11:09:16 AM
    Event ID/Source: 10005 / DCOM
    Event Description:
    DCOM a reçu l'erreur "%%1084" lors de la mise en route du service EventSystem avec les arguments ""
    pour démarrer le serveur :
    {1BE1F766-5536-11D1-B726-00C04FB926AF}

    Event Record #/Type10912 / Error
    Event Submitted/Written: 04/16/2008 11:04:31 AM
    Event ID/Source: 7026 / Service Control Manager
    Event Description:
    Le pilote de démarrage système ou d'amorçage suivant n'a pas pu se charger :
    AFD
    AmdK8
    avgio
    avipbb
    Fips
    IPSec
    KLIF
    MRxSmb
    NetBIOS
    NetBT
    RasAcd
    Rdbss
    ssmdrv
    Tcpip
    Tcpip6
    vsdatant



    -- End of Deckard's System Scanner: finished at 2008-04-16 12:40:55 ------------

    16 Avril 2008 14:07:00

    Re,

    J'ai trouvé quelque chose :)  Mais je vais vérifier quelques trucs avant :) 

    1) Télécharge SystemScan de la team SuspectFile
  • double-clique dessus (Ignore les alertes de ton antivirus s'il y en a.)
  • Clique sur Unselect all
  • Coche uniquement cette case
    -Recent Files, days old 60 days
  • Puis clique sur scan now, soit patient.
  • Une fois qu'il aura terminé, un rapport va s'ouvrir. Poste-le en entier.

    2) Télécharge Gmer.
    Dézippe le dans un dossier ou sur ton bureau.

    Déconnecte toi d'Internet puis et ferme tous les programmes.
    Double-clique sur Gmer.exe.

    IMPORTANT: Si une alerte de ton antivirus apparaît pour le fichier gmer.sys ou gmer.exe, laisse le s'executer.

    Clique sur l'onglet rootkit.
    A droite, coche Files et Services.
    Clique maintenant sur Scan.

    Lorsque le scan est terminé, clique sur Copy.

    Ouvre le Bloc-notes puis clique sur le Menu Edition / Coller.
    Le rapport doit alors apparaître.
    Enregistre le fichier sur ton bureau et copie/colle le contenu ici.

    ;) 
    16 Avril 2008 14:25:08

    re
    rapport systemscan

    SystemScan - www.suspectfile.com - ver. 3.5.5 (code: holifay & bReAkdOWn)

    Running on: Windows XP HOME Edition, Service Pack 2 (2600.5.1)
    System directory: C:\WINDOWS
    SystemScan file: C:\Downloads\Software\sys92171.exe
    Running in: User mode
    Date: 16/04/2008
    Time: 14:15:42

    Output limited to:
    -Recent files

    ===================== RECENT FILES =====================

    Showing files newer than 60 days

    ----- recent files in C:\
    18/02/2008 20:52:20 (DIR) 0 byte 58 days old -- EPSON
    20/02/2008 21:04:32 6476 byte 56 days old -- MP4debug.log
    24/02/2008 03:11:36 244 byte 52 days old -- sqmnoopt10.sqm
    24/02/2008 03:11:36 268 byte 52 days old -- sqmdata10.sqm
    02/03/2008 18:11:14 (DIR) 0 byte 45 days old -- .mtvconvertertmp
    02/03/2008 19:04:59 244 byte 45 days old -- sqmnoopt11.sqm
    02/03/2008 19:04:59 268 byte 45 days old -- sqmdata11.sqm
    02/03/2008 19:05:00 172 byte 45 days old -- sqmnoopt12.sqm
    02/03/2008 19:05:00 172 byte 45 days old -- sqmdata12.sqm
    03/03/2008 19:24:20 418 byte 44 days old -- InstallHelper.log
    20/03/2008 16:37:23 (DIR) 0 byte 27 days old -- C_DILLA
    04/04/2008 11:59:51 268 byte 12 days old -- sqmdata13.sqm
    04/04/2008 11:59:51 244 byte 12 days old -- sqmnoopt13.sqm
    04/04/2008 12:00:07 172 byte 12 days old -- sqmnoopt14.sqm
    04/04/2008 12:00:07 172 byte 12 days old -- sqmdata14.sqm
    04/04/2008 12:00:09 172 byte 12 days old -- sqmnoopt15.sqm
    04/04/2008 12:00:09 172 byte 12 days old -- sqmdata15.sqm
    04/04/2008 12:00:11 172 byte 12 days old -- sqmdata16.sqm
    04/04/2008 12:00:11 172 byte 12 days old -- sqmnoopt16.sqm
    04/04/2008 12:00:12 172 byte 12 days old -- sqmdata17.sqm
    04/04/2008 12:00:12 172 byte 12 days old -- sqmnoopt17.sqm
    04/04/2008 12:00:14 172 byte 12 days old -- sqmnoopt18.sqm
    04/04/2008 12:00:14 172 byte 12 days old -- sqmdata18.sqm
    04/04/2008 12:00:16 172 byte 12 days old -- sqmdata19.sqm
    04/04/2008 12:00:16 172 byte 12 days old -- sqmnoopt19.sqm
    04/04/2008 12:00:22 172 byte 12 days old -- sqmnoopt00.sqm
    04/04/2008 12:00:22 172 byte 12 days old -- sqmdata00.sqm
    04/04/2008 12:00:23 172 byte 12 days old -- sqmnoopt02.sqm
    04/04/2008 12:00:23 172 byte 12 days old -- sqmnoopt01.sqm
    04/04/2008 12:00:23 172 byte 12 days old -- sqmdata02.sqm
    04/04/2008 12:00:23 172 byte 12 days old -- sqmdata01.sqm
    04/04/2008 12:00:26 172 byte 12 days old -- sqmdata03.sqm
    04/04/2008 12:00:26 172 byte 12 days old -- sqmnoopt03.sqm
    04/04/2008 12:00:27 172 byte 12 days old -- sqmdata04.sqm
    04/04/2008 12:00:27 172 byte 12 days old -- sqmnoopt04.sqm
    14/04/2008 00:08:41 244 byte 2 days old -- sqmnoopt05.sqm
    14/04/2008 00:08:42 232 byte 2 days old -- sqmdata05.sqm
    15/04/2008 15:35:24 26 byte 1 days old -- usm.txt
    16/04/2008 00:17:17 (DIR) 0 byte 0 days old -- Downloads
    16/04/2008 02:12:09 (DIR) 0 byte 0 days old -- Program Files
    16/04/2008 02:17:10 (DIR) 0 byte 0 days old -- Config.Msi
    16/04/2008 11:03:46 239 byte 0 days old -- boot.ini
    16/04/2008 11:42:19 (DIR)1610612736 byte 0 days old -- pagefile.sys
    16/04/2008 12:38:51 (DIR) 0 byte 0 days old -- Deckard
    16/04/2008 12:39:38 (DIR) 0 byte 0 days old -- WINDOWS

    ----- recent files in C:\WINDOWS\
    21/02/2008 11:01:21 (DIR) 0 byte 55 days old -- Registration
    23/02/2008 19:55:46 25 byte 53 days old -- CDE DX8400DEFGIPS.ini
    23/02/2008 19:55:57 (DIR) 0 byte 53 days old -- twain_32
    02/03/2008 14:03:02 (DIR) 0 byte 45 days old -- eHome
    03/03/2008 19:23:10 (DIR) 0 byte 44 days old -- Downloaded Installations
    13/03/2008 23:11:10 75248 byte 34 days old -- zllsputility.exe
    09/04/2008 09:07:58 (DIR) 0 byte 7 days old -- ie7updates
    09/04/2008 09:08:19 (DIR) 0 byte 7 days old -- $hf_mig$
    11/04/2008 20:12:48 (DIR) 0 byte 5 days old -- Debug
    14/04/2008 15:43:58 23 byte 2 days old -- BlendSettings.ini
    15/04/2008 15:35:09 259 byte 1 days old -- game.ini
    15/04/2008 17:58:31 (DIR) 0 byte 1 days old -- system
    15/04/2008 18:02:35 209636 byte 1 days old -- IPUI_DivXG400.exe
    15/04/2008 20:44:33 (DIR) 0 byte 1 days old -- RegisteredPackages
    15/04/2008 22:24:43 (DIR) 0 byte 1 days old -- Fonts
    15/04/2008 22:25:51 (DIR) 0 byte 1 days old -- assembly
    15/04/2008 22:34:32 (DIR) 0 byte 1 days old -- Tasks
    15/04/2008 22:34:38 (DIR) 0 byte 1 days old -- Installer
    15/04/2008 23:08:59 (DIR) 0 byte 1 days old -- inf
    16/04/2008 11:03:46 227 byte 0 days old -- system.ini
    16/04/2008 11:03:46 746 byte 0 days old -- win.ini
    16/04/2008 11:03:46 (DIR) 0 byte 0 days old -- pss
    16/04/2008 11:07:09 (DIR) 0 byte 0 days old -- system32
    16/04/2008 11:09:19 (DIR) 0 byte 0 days old -- security
    16/04/2008 11:10:32 0 byte 0 days old -- Sti_Trace.log
    16/04/2008 11:38:46 1130 byte 0 days old -- SchedLgU.Txt
    16/04/2008 11:42:23 2048 byte 0 days old -- bootstat.dat
    16/04/2008 11:42:31 0 byte 0 days old -- 0.log
    16/04/2008 11:42:42 50 byte 0 days old -- wiaservc.log
    16/04/2008 11:42:42 26213 byte 0 days old -- WindowsUpdate.log
    16/04/2008 11:42:42 159 byte 0 days old -- wiadebug.log
    16/04/2008 11:44:38 20361 byte 0 days old -- setupapi.log
    16/04/2008 12:39:38 (DIR) 0 byte 0 days old -- ERDNT
    16/04/2008 12:40:09 (DIR) 0 byte 0 days old -- Downloaded Program Files
    16/04/2008 13:43:06 (DIR) 0 byte 0 days old -- Temp
    16/04/2008 14:07:24 (DIR) 0 byte 0 days old -- Internet Logs
    16/04/2008 14:15:20 (DIR) 0 byte 0 days old -- Prefetch

    ----- recent files in C:\WINDOWS\Downloaded Program Files\

    ----- recent files in C:\WINDOWS\system\

    ----- recent files in C:\WINDOWS\system32\
    19/02/2008 13:46:39 (DIR) 0 byte 57 days old -- ReinstallBackups
    20/02/2008 07:35:05 45568 byte 56 days old -- dnsrslvr.dll
    20/02/2008 07:35:05 148992 byte 56 days old -- dnsapi.dll
    20/02/2008 08:51:00 282624 byte 56 days old -- gdi32.dll
    20/02/2008 13:31:18 49152 byte 56 days old -- inetwh32.dll
    20/02/2008 13:31:18 1044480 byte 56 days old -- roboex32.dll
    20/02/2008 21:24:31 (DIR) 0 byte 56 days old -- URTTEMP
    21/02/2008 17:19:44 5248 byte 55 days old -- giveio.sys
    22/02/2008 12:00:51 13824 byte 54 days old -- ieudinit.exe
    27/02/2008 21:23:22 (DIR) 0 byte 49 days old -- DirectX
    29/02/2008 10:56:41 70656 byte 47 days old -- ie4uinit.exe
    01/03/2008 14:58:06 153088 byte 46 days old -- ieakeng.dll
    01/03/2008 14:58:06 230400 byte 46 days old -- ieaksie.dll
    01/03/2008 14:58:06 124928 byte 46 days old -- advpack.dll
    01/03/2008 14:58:06 63488 byte 46 days old -- icardie.dll
    01/03/2008 14:58:06 133120 byte 46 days old -- extmgr.dll
    01/03/2008 14:58:06 347136 byte 46 days old -- dxtmsft.dll
    01/03/2008 14:58:06 214528 byte 46 days old -- dxtrans.dll
    01/03/2008 14:58:07 384512 byte 46 days old -- iedkcs32.dll
    01/03/2008 14:58:07 383488 byte 46 days old -- ieapfltr.dll
    01/03/2008 14:58:08 44544 byte 46 days old -- iernonce.dll
    01/03/2008 14:58:08 27648 byte 46 days old -- jsproxy.dll
    01/03/2008 14:58:08 1831424 byte 46 days old -- inetcpl.cpl
    01/03/2008 14:58:08 459264 byte 46 days old -- msfeeds.dll
    01/03/2008 14:58:08 52224 byte 46 days old -- msfeedsbs.dll
    01/03/2008 14:58:08 267776 byte 46 days old -- iertutil.dll
    01/03/2008 14:58:08 6066176 byte 46 days old -- ieframe.dll
    01/03/2008 14:58:09 478208 byte 46 days old -- mshtmled.dll
    01/03/2008 14:58:10 102912 byte 46 days old -- occache.dll
    01/03/2008 14:58:10 671232 byte 46 days old -- mstime.dll
    01/03/2008 14:58:10 193024 byte 46 days old -- msrating.dll
    01/03/2008 14:58:10 105984 byte 46 days old -- url.dll
    01/03/2008 14:58:10 1159680 byte 46 days old -- urlmon.dll
    01/03/2008 14:58:10 44544 byte 46 days old -- pngfilt.dll
    01/03/2008 14:58:11 826368 byte 46 days old -- wininet.dll
    01/03/2008 14:58:11 233472 byte 46 days old -- webcheck.dll
    01/03/2008 18:28:10 3591680 byte 46 days old -- mshtml.dll
    13/03/2008 23:10:52 103912 byte 34 days old -- vsmonapi.dll
    13/03/2008 23:10:52 161256 byte 34 days old -- vsinit.dll
    13/03/2008 23:10:52 83432 byte 34 days old -- vsdata.dll
    13/03/2008 23:10:54 275944 byte 34 days old -- vspubapi.dll
    13/03/2008 23:10:54 71144 byte 34 days old -- vsregexp.dll
    13/03/2008 23:10:54 472552 byte 34 days old -- vsutil.dll
    13/03/2008 23:10:56 83432 byte 34 days old -- zlcomm.dll
    13/03/2008 23:10:56 99816 byte 34 days old -- vsxml.dll
    13/03/2008 23:10:56 46568 byte 34 days old -- vswmi.dll
    13/03/2008 23:10:56 71144 byte 34 days old -- zlcommdb.dll
    13/03/2008 23:11:02 1086952 byte 34 days old -- zpeng24.dll
    13/03/2008 23:11:18 394952 byte 34 days old -- vsdatant.sys
    15/03/2008 19:35:46 (DIR) 0 byte 32 days old -- Kaspersky Lab
    20/03/2008 10:09:22 1845376 byte 27 days old -- win32k.sys
    22/03/2008 11:43:29 664 byte 25 days old -- d3d9caps.dat
    30/03/2008 10:44:59 405888 byte 17 days old -- perfh009.dat
    30/03/2008 10:44:59 473864 byte 17 days old -- perfh00C.dat
    30/03/2008 10:44:59 63470 byte 17 days old -- perfc009.dat
    30/03/2008 10:44:59 77468 byte 17 days old -- perfc00C.dat
    30/03/2008 10:44:59 1033152 byte 17 days old -- PerfStringBackup.INI
    06/04/2008 07:56:20 19836024 byte 10 days old -- MRT.exe
    14/04/2008 09:57:44 2422 byte 2 days old -- wpa.dbl
    14/04/2008 19:32:17 (DIR) 0 byte 2 days old -- ShellExt
    15/04/2008 18:02:32 53248 byte 1 days old -- DivXAF.ax
    15/04/2008 18:02:35 21810 byte 1 days old -- divxg400.htm
    15/04/2008 18:02:35 184320 byte 1 days old -- DivXG400.ax
    15/04/2008 20:44:40 (DIR) 0 byte 1 days old -- dllcache
    15/04/2008 22:27:03 (DIR) 0 byte 1 days old -- Adobe
    15/04/2008 22:29:39 4212 byte 1 days old -- zllictbl.dat
    15/04/2008 22:30:42 (DIR) 0 byte 1 days old -- CatRoot
    16/04/2008 02:17:10 (DIR) 0 byte 0 days old -- ZoneLabs
    16/04/2008 02:17:14 125320 byte 0 days old -- FNTCACHE.DAT
    16/04/2008 02:17:16 (DIR) 0 byte 0 days old -- drivers
    16/04/2008 11:10:31 (DIR) 0 byte 0 days old -- LogFiles
    16/04/2008 11:44:35 (DIR) 0 byte 0 days old -- CatRoot2
    16/04/2008 12:41:15 352921 byte 0 days old -- vsconfig.xml

    ----- recent files in C:\WINDOWS\system32\drivers\
    21/02/2008 01:52:53 (DIR) 0 byte 55 days old -- UMDF
    20/03/2008 16:37:22 8864 byte 27 days old -- CDAC15BA.SYS
    13/04/2008 09:05:39 717296 byte 3 days old -- sptd.sys
    15/04/2008 00:58:14 (DIR) 0 byte 1 days old -- etc
    16/04/2008 11:38:48 2252 byte 0 days old -- fidbox.idx
    16/04/2008 14:15:18 223264 byte 0 days old -- fidbox.dat

    ----- recent files in C:\WINDOWS\temp\
    16/04/2008 12:40:27 108 byte 0 days old -- teredo.txt
    16/04/2008 12:41:10 256 byte 0 days old -- ZLT03cb7.TMP
    16/04/2008 12:41:11 256 byte 0 days old -- ZLT03cba.TMP

    ----- recent files in C:\Program Files\
    17/02/2008 23:46:32 (DIR) 0 byte 59 days old -- PhotoFiltre
    18/02/2008 15:52:57 (DIR) 0 byte 58 days old -- Bethesda Softworks
    20/02/2008 20:57:41 (DIR) 0 byte 56 days old -- Real Alternative
    20/02/2008 21:04:41 (DIR) 0 byte 56 days old -- WinAVI MP4 Converter
    21/02/2008 17:29:30 (DIR) 0 byte 55 days old -- SSC Service Utility
    23/02/2008 20:02:03 (DIR) 0 byte 53 days old -- ABBYY FineReader 6.0 Sprint
    23/02/2008 20:02:51 (DIR) 0 byte 53 days old -- EPSON
    27/02/2008 21:23:15 (DIR) 0 byte 49 days old -- Windows Live
    01/03/2008 16:42:46 (DIR) 0 byte 46 days old -- ABBYY PDF Transformer 2.0
    02/03/2008 13:58:01 (DIR) 0 byte 45 days old -- Trend Micro
    03/03/2008 19:23:58 (DIR) 0 byte 44 days old -- eBay
    05/03/2008 13:48:04 (DIR) 0 byte 42 days old -- World of Warcraft
    15/03/2008 17:00:41 (DIR) 0 byte 32 days old -- MP3Gain
    29/03/2008 16:39:54 (DIR) 0 byte 18 days old -- Messenger Plus! Live
    30/03/2008 16:55:56 (DIR) 0 byte 17 days old -- BatchDPG
    30/03/2008 17:48:02 (DIR) 0 byte 17 days old -- BDGest Evolution
    03/04/2008 22:32:05 (DIR) 0 byte 13 days old -- TuxPaint
    09/04/2008 09:08:05 (DIR) 0 byte 7 days old -- Internet Explorer
    14/04/2008 00:30:45 (DIR) 0 byte 2 days old -- DAEMON Tools Lite
    15/04/2008 12:15:41 (DIR) 0 byte 1 days old -- Free Download Manager
    15/04/2008 15:35:22 (DIR) 0 byte 1 days old -- InstallShield Installation Information
    15/04/2008 17:58:31 (DIR) 0 byte 1 days old -- WinASPI
    15/04/2008 17:59:22 (DIR) 0 byte 1 days old -- AviSynth 2.5
    15/04/2008 17:59:32 (DIR) 0 byte 1 days old -- K-Lite Codec Pack
    15/04/2008 18:02:23 (DIR) 0 byte 1 days old -- DivX
    15/04/2008 18:16:10 (DIR) 0 byte 1 days old -- Morgan
    15/04/2008 18:16:27 (DIR) 0 byte 1 days old -- Rippackv3
    15/04/2008 20:44:35 (DIR) 0 byte 1 days old -- Movie Maker
    15/04/2008 20:53:28 (DIR) 0 byte 1 days old -- Adobe
    15/04/2008 20:54:54 (DIR) 0 byte 1 days old -- Google
    15/04/2008 22:24:05 (DIR) 0 byte 1 days old -- OpenOffice.org 2.3
    15/04/2008 22:24:45 (DIR) 0 byte 1 days old -- OpenOffice.org 2.4
    15/04/2008 22:33:28 (DIR) 0 byte 1 days old -- Fichiers communs
    15/04/2008 22:34:35 (DIR) 0 byte 1 days old -- Norton Security Scan
    16/04/2008 00:17:31 (DIR) 0 byte 0 days old -- Free Hide Folder
    16/04/2008 12:29:26 (DIR) 0 byte 0 days old -- eMule
    16/04/2008 13:33:13 (DIR) 0 byte 0 days old -- Mozilla Firefox
    16/04/2008 14:06:14 (DIR) 0 byte 0 days old -- TrackMania Nations ESWC

    ----- recent files in C:\Program Files\Fichiers communs\
    23/02/2008 20:06:02 (DIR) 0 byte 53 days old -- InstallShield
    02/03/2008 14:02:42 (DIR) 0 byte 45 days old -- Microsoft Shared
    15/04/2008 20:53:53 (DIR) 0 byte 1 days old -- Adobe
    16/04/2008 10:18:26 (DIR) 0 byte 0 days old -- Symantec Shared

    ----- recent files in C:\Documents and Settings\Anthony\Application Data\
    20/02/2008 20:57:37 (DIR) 0 byte 56 days old -- Real
    20/02/2008 22:27:57 (DIR) 0 byte 56 days old -- Media Player Classic
    21/02/2008 16:31:40 (DIR) 0 byte 55 days old -- Help
    23/02/2008 19:58:55 (DIR) 0 byte 53 days old -- InstallShield
    01/03/2008 16:16:35 (DIR) 0 byte 46 days old -- Microsoft
    30/03/2008 11:13:12 (DIR) 0 byte 17 days old -- OpenOffice.org2
    14/04/2008 00:31:37 (DIR) 0 byte 2 days old -- dvdcss
    16/04/2008 14:01:52 (DIR) 0 byte 0 days old -- uTorrent
    16/04/2008 14:14:58 (DIR) 0 byte 0 days old -- Free Download Manager

    ----- recent files in C:\DOCUME~1\Anthony\LOCALS~1\Temp\
    16/04/2008 14:07:23 (DIR) 0 byte 0 days old -- plugtmp
    16/04/2008 14:11:24 14937710 byte 0 days old -- flaBC.tmp
    16/04/2008 14:15:10 34 byte 0 days old -- systemscan.ini
    16/04/2008 14:15:11 16384 byte 0 days old -- ~DFB0C7.tmp
    16/04/2008 14:15:11 (DIR) 0 byte 0 days old -- nsgC0.tmp

    ==========================================
    Scan completed in 0,1 minutes
    End of report


    ~~~~~~~~~~~~~~~~~~~~~-----CREDITS-----~~~~~~~~~~~~~~~~~~~~~
    SystemScan uses some freeware tools that remain property of their authors:

    * SteelWerX Registry Console Tool, Who Am I (Bobby Flekman: www.xs4all.nl/~fstaal01) --> "Registry scan", "PC accounts "
    * dumphive (Markus Stephany)--> "Registry scan"
    * Listdlls (M.Russinovich, B.Cogswell: www.sysinternals.com) --> "Loaded modules"
    * Catchme & MBR Rootkit detector (gmer: www.gmer.net) --> "Hidden objects", "Alternate Data Streams" & "Master Boot Record"
    ---> NOTE: SystemScan integrates "The Avenger" from Swandog46 (http://swandog46.geekstogo.com) to allow you to remove malwares found in this log

    Thanks to all of them for their hard work



    rapport gmer:

    GMER 1.0.14.14205 - http://www.gmer.net
    Rootkit scan 2008-04-16 14:24:33
    Windows 5.1.2600 Service Pack 2


    ---- Files - GMER 1.0.14 ----

    File C:\Documents and Settings\Anthony\Local Settings\Temp\flaC8.tmp 14799664 bytes

    ---- EOF - GMER 1.0.14 ----
    16 Avril 2008 14:32:11

    Re,

    1) Affiche les fichiers et dossiers cachés …
    Pour ce faire, tu vas dans un dossier, par ex. "Mes Images".
    Ensuite, clique sur > Outils > Options des dossiers ...
    clique sur l' onglet « Affichage » et ...
    coche ---> Afficher les fichiers et dossiers cachés
    décoche > Masquer les extensions des fichiers dont le type est connu
    décoche > Masquer les fichiers protégés du système d' exploitation (recommandé).
    « Appliquer » et « OK ».

    2) Rends toi sur ce lien : Virus Total
  • Clique sur Parcourir
  • Rends toi jusque sur ce fichier si tu le trouves :

    C:\WINDOWS\system32\winsys2.exe

  • Clique sur Envoyer le fichier et laisse travailler tant que "Situation actuelle : en cours d'analyse" est affiché.
  • Il est possible que le fichier soit mis en file d'attente en raison d'un grand nombre de demandes d'analyses. En ce cas, il te faudra patienter sans actualiser la page.
  • Lorsque l'analyse est terminée ("Situation actuelle: terminé"), clique sur Formaté
  • Une nouvelle fenêtre de ton navigateur va apparaître
  • Clique alors sur cette image :
  • Fais un clic droit sur la page, et choisis Sélectionner tout, puis copier
  • Enfin colle le résultat dans ta prochaine réponse.
    Note : Peu importe le résultat, il est important de me communiquer le résultat de toute l'analyse.
    Il est possible que tes outils de sécurité réagissent à l'envoi du fichier, en ce cas il te faudra ignorer les alertes.

    ;) 
    16 Avril 2008 15:02:43

    voila le rapport
    Fichier winsys2.exe reçu le 2008.04.15 16:47:01 (CET)
    Antivirus Version Dernière mise à jour Résultat
    AhnLab-V3 2008.4.15.1 2008.04.15 -
    AntiVir 7.6.0.85 2008.04.15 -
    Authentium 4.93.8 2008.04.14 -
    Avast 4.8.1169.0 2008.04.15 -
    AVG 7.5.0.516 2008.04.15 -
    BitDefender 7.2 2008.04.15 -
    CAT-QuickHeal 9.50 2008.04.14 -
    ClamAV 0.92.1 2008.04.15 -
    DrWeb 4.44.0.09170 2008.04.15 -
    eSafe 7.0.15.0 2008.04.09 -
    eTrust-Vet 31.3.5700 2008.04.15 -
    Ewido 4.0 2008.04.15 -
    F-Prot 4.4.2.54 2008.04.14 -
    F-Secure 6.70.13260.0 2008.04.15 -
    FileAdvisor 1 2008.04.15 -
    Fortinet 3.14.0.0 2008.04.15 -
    Ikarus T3.1.1.26 2008.04.15 -
    Kaspersky 7.0.0.125 2008.04.15 -
    McAfee 5273 2008.04.14 -
    Microsoft 1.3408 2008.04.14 -
    NOD32v2 3027 2008.04.15 -
    Norman 5.80.02 2008.04.15 -
    Panda 9.0.0.4 2008.04.14 -
    Prevx1 V2 2008.04.15 -
    Rising 20.40.11.00 2008.04.15 -
    Sophos 4.28.0 2008.04.15 MadCodeHook
    Sunbelt 3.0.1041.0 2008.04.12 -
    Symantec 10 2008.04.15 -
    TheHacker 6.2.92.277 2008.04.14 -
    VBA32 3.12.6.4 2008.04.14 -
    VirusBuster 4.3.26:9 2008.04.15 -
    Webwasher-Gateway 6.6.2 2008.04.15 -
    Information additionnelle
    File size: 217088 bytes
    MD5...: 246ed5328f940e4fdaab0b2fc987da01
    SHA1..: d5e2592cf25b48efb1225e37c45bce99a13466c8
    SHA256: a12b18fcdd5e76711c8cfd6010ecdb1f6a4bf27cc48f0ecf70291591770cb457
    SHA512: eda78432518373137d1170fc98c58bea33485c9db1115899f7eea9d20f03a8d3<br>64fd4e936bac44bd2dd6e6f690c7b0e1cdf0b7af6c6acf7b44fe1d7aed0daea9
    PEiD..: -
    PEInfo: PE Structure information<br><br>( base data )<br>entrypointaddress.: 0x40eee7<br>timedatestamp.....: 0x45220536 (Tue Oct 03 06:37:42 2006)<br>machinetype.......: 0x14c (I386)<br><br>( 4 sections )<br>name viradd virsiz rawdsiz ntrpy md5<br>.text 0x1000 0x1f6d6 0x20000 6.61 d2f22979f1ff4b51abdd7563aeb45bda<br>.rdata 0x21000 0x7676 0x8000 4.79 2568b87b9e716158c4b0ee05d59ef976<br>.data 0x29000 0x5a74 0x2000 3.85 6d7f74470b50f6760435bdc1865de721<br>.rsrc 0x2f000 0x9290 0xa000 5.56 b596ffd3a165cb398764578107bedac4<br><br>( 8 imports ) <br>> MADCHOOK.DLL: InjectLibraryA, UninjectLibraryA<br>> KERNEL32.dll: SetErrorMode, HeapFree, HeapAlloc, VirtualAlloc, HeapReAlloc, GetCommandLineA, GetProcessHeap, GetStartupInfoA, RaiseException, RtlUnwind, ExitProcess, HeapSize, TerminateProcess, UnhandledExceptionFilter, SetUnhandledExceptionFilter, IsDebuggerPresent, HeapDestroy, HeapCreate, VirtualFree, GetStdHandle, Sleep, FreeEnvironmentStringsA, GetEnvironmentStrings, FreeEnvironmentStringsW, GetEnvironmentStringsW, SetHandleCount, GetFileType, QueryPerformanceCounter, GetTickCount, GetSystemTimeAsFileTime, GetACP, GetConsoleCP, GetConsoleMode, LCMapStringA, LCMapStringW, GetStringTypeA, GetStringTypeW, SetStdHandle, WriteConsoleA, GetConsoleOutputCP, WriteConsoleW, GetOEMCP, GetCPInfo, CreateFileA, GetCurrentProcess, GetThreadLocale, FlushFileBuffers, SetFilePointer, WriteFile, ReadFile, GlobalFlags, InterlockedIncrement, TlsFree, DeleteCriticalSection, LocalReAlloc, TlsSetValue, TlsAlloc, InitializeCriticalSection, GlobalHandle, GlobalReAlloc, EnterCriticalSection, TlsGetValue, LeaveCriticalSection, LocalAlloc, GlobalGetAtomNameA, GlobalFindAtomA, lstrcmpW, GetVersionExA, InterlockedDecrement, GetModuleFileNameW, FreeResource, CloseHandle, WritePrivateProfileStringA, GlobalAddAtomA, GetCurrentProcessId, GetCurrentThread, GetCurrentThreadId, ConvertDefaultLocale, GetModuleFileNameA, EnumResourceLanguagesA, GetLocaleInfoA, LoadLibraryA, lstrcmpA, FreeLibrary, GlobalDeleteAtom, GetModuleHandleA, GetProcAddress, GlobalFree, GlobalAlloc, GlobalLock, GlobalUnlock, FormatMessageA, LocalFree, FindResourceA, LoadResource, LockResource, SizeofResource, MulDiv, SetLastError, GetVersion, CompareStringA, GetLastError, InterlockedExchange, MultiByteToWideChar, WideCharToMultiByte, lstrlenA<br>> USER32.dll: LoadCursorA, GetSysColorBrush, ShowWindow, SetWindowTextA, IsDialogMessageA, RegisterWindowMessageA, SendDlgItemMessageA, WinHelpA, GetCapture, GetClassLongA, GetClassNameA, SetPropA, GetPropA, RemovePropA, SetFocus, GetWindowTextA, GetForegroundWindow, GetTopWindow, GetMessageTime, GetMessagePos, MapWindowPoints, SetForegroundWindow, UpdateWindow, GetMenu, CreateWindowExA, GetClassInfoA, RegisterClassA, AdjustWindowRectEx, CopyRect, PtInRect, GetDlgCtrlID, DefWindowProcA, CallWindowProcA, SetWindowLongA, SetWindowPos, SystemParametersInfoA, GetWindowPlacement, GetWindowRect, GetWindow, UnhookWindowsHookEx, GetSysColor, EndPaint, BeginPaint, ReleaseDC, GetDC, ClientToScreen, GrayStringA, DrawTextExA, DrawTextA, TabbedTextOutA, GetDesktopWindow, SetActiveWindow, CreateDialogIndirectParamA, DestroyWindow, IsWindow, EnableWindow, GetSystemMetrics, GetDlgItem, GetNextDlgTabItem, EndDialog, SetWindowsHookExA, CallNextHookEx, GetMessageA, TranslateMessage, DispatchMessageA, GetActiveWindow, IsWindowVisible, GetKeyState, PeekMessageA, GetCursorPos, DestroyMenu, UnregisterClassA, PostMessageA, SendMessageA, GetClientRect, DrawIcon, LoadIconA, IsIconic, GetSubMenu, GetMenuItemCount, GetMenuItemID, GetMenuState, CheckMenuItem, EnableMenuItem, ModifyMenuA, GetParent, ValidateRect, GetWindowThreadProcessId, GetWindowLongA, GetLastActivePopup, IsWindowEnabled, MessageBoxA, SetCursor, PostQuitMessage, SetMenuItemBitmaps, GetMenuCheckMarkDimensions, LoadBitmapA, GetFocus, GetClassInfoExA<br>> GDI32.dll: SetWindowExtEx, ScaleWindowExtEx, DeleteDC, GetStockObject, RectVisible, ScaleViewportExtEx, SetViewportExtEx, OffsetViewportOrgEx, SetViewportOrgEx, SelectObject, Escape, ExtTextOutA, GetDeviceCaps, PtVisible, GetObjectA, DeleteObject, GetClipBox, SetMapMode, SetTextColor, SetBkColor, RestoreDC, SaveDC, CreateBitmap, TextOutA<br>> WINSPOOL.DRV: ClosePrinter, DocumentPropertiesA, OpenPrinterA<br>> ADVAPI32.dll: RegQueryValueA, RegEnumKeyA, RegDeleteKeyA, RegOpenKeyA, RegCloseKey, RegOpenKeyExA, RegCreateKeyExA, RegQueryValueExA, RegSetValueExA<br>> SHLWAPI.dll: PathFindFileNameA, PathFindExtensionA<br>> OLEAUT32.dll: -, -, -<br><br>( 0 exports ) <br>

    Antivirus Version Dernière mise à jour Résultat
    AhnLab-V3 2008.4.15.1 2008.04.15 -
    AntiVir 7.6.0.85 2008.04.15 -
    Authentium 4.93.8 2008.04.14 -
    Avast 4.8.1169.0 2008.04.15 -
    AVG 7.5.0.516 2008.04.15 -
    BitDefender 7.2 2008.04.15 -
    CAT-QuickHeal 9.50 2008.04.14 -
    ClamAV 0.92.1 2008.04.15 -
    DrWeb 4.44.0.09170 2008.04.15 -
    eSafe 7.0.15.0 2008.04.09 -
    eTrust-Vet 31.3.5700 2008.04.15 -
    Ewido 4.0 2008.04.15 -
    F-Prot 4.4.2.54 2008.04.14 -
    F-Secure 6.70.13260.0 2008.04.15 -
    FileAdvisor 1 2008.04.15 -
    Fortinet 3.14.0.0 2008.04.15 -
    Ikarus T3.1.1.26 2008.04.15 -
    Kaspersky 7.0.0.125 2008.04.15 -
    McAfee 5273 2008.04.14 -
    Microsoft 1.3408 2008.04.14 -
    NOD32v2 3027 2008.04.15 -
    Norman 5.80.02 2008.04.15 -
    Panda 9.0.0.4 2008.04.14 -
    Prevx1 V2 2008.04.15 -
    Rising 20.40.11.00 2008.04.15 -
    Sophos 4.28.0 2008.04.15 MadCodeHook
    Sunbelt 3.0.1041.0 2008.04.12 -
    Symantec 10 2008.04.15 -
    TheHacker 6.2.92.277 2008.04.14 -
    VBA32 3.12.6.4 2008.04.14 -
    VirusBuster 4.3.26:9 2008.04.15 -
    Webwasher-Gateway 6.6.2 2008.04.15 -

    Information additionnelle
    File size: 217088 bytes
    MD5...: 246ed5328f940e4fdaab0b2fc987da01
    SHA1..: d5e2592cf25b48efb1225e37c45bce99a13466c8
    SHA256: a12b18fcdd5e76711c8cfd6010ecdb1f6a4bf27cc48f0ecf70291591770cb457
    SHA512: eda78432518373137d1170fc98c58bea33485c9db1115899f7eea9d20f03a8d3<br>64fd4e936bac44bd2dd6e6f690c7b0e1cdf0b7af6c6acf7b44fe1d7aed0daea9
    PEiD..: -
    PEInfo: PE Structure information<br><br>( base data )<br>entrypointaddress.: 0x40eee7<br>timedatestamp.....: 0x45220536 (Tue Oct 03 06:37:42 2006)<br>machinetype.......: 0x14c (I386)<br><br>( 4 sections )<br>name viradd virsiz rawdsiz ntrpy md5<br>.text 0x1000 0x1f6d6 0x20000 6.61 d2f22979f1ff4b51abdd7563aeb45bda<br>.rdata 0x21000 0x7676 0x8000 4.79 2568b87b9e716158c4b0ee05d59ef976<br>.data 0x29000 0x5a74 0x2000 3.85 6d7f74470b50f6760435bdc1865de721<br>.rsrc 0x2f000 0x9290 0xa000 5.56 b596ffd3a165cb398764578107bedac4<br><br>( 8 imports ) <br>> MADCHOOK.DLL: InjectLibraryA, UninjectLibraryA<br>> KERNEL32.dll: SetErrorMode, HeapFree, HeapAlloc, VirtualAlloc, HeapReAlloc, GetCommandLineA, GetProcessHeap, GetStartupInfoA, RaiseException, RtlUnwind, ExitProcess, HeapSize, TerminateProcess, UnhandledExceptionFilter, SetUnhandledExceptionFilter, IsDebuggerPresent, HeapDestroy, HeapCreate, VirtualFree, GetStdHandle, Sleep, FreeEnvironmentStringsA, GetEnvironmentStrings, FreeEnvironmentStringsW, GetEnvironmentStringsW, SetHandleCount, GetFileType, QueryPerformanceCounter, GetTickCount, GetSystemTimeAsFileTime, GetACP, GetConsoleCP, GetConsoleMode, LCMapStringA, LCMapStringW, GetStringTypeA, GetStringTypeW, SetStdHandle, WriteConsoleA, GetConsoleOutputCP, WriteConsoleW, GetOEMCP, GetCPInfo, CreateFileA, GetCurrentProcess, GetThreadLocale, FlushFileBuffers, SetFilePointer, WriteFile, ReadFile, GlobalFlags, InterlockedIncrement, TlsFree, DeleteCriticalSection, LocalReAlloc, TlsSetValue, TlsAlloc, InitializeCriticalSection, GlobalHandle, GlobalReAlloc, EnterCriticalSection, TlsGetValue, LeaveCriticalSection, LocalAlloc, GlobalGetAtomNameA, GlobalFindAtomA, lstrcmpW, GetVersionExA, InterlockedDecrement, GetModuleFileNameW, FreeResource, CloseHandle, WritePrivateProfileStringA, GlobalAddAtomA, GetCurrentProcessId, GetCurrentThread, GetCurrentThreadId, ConvertDefaultLocale, GetModuleFileNameA, EnumResourceLanguagesA, GetLocaleInfoA, LoadLibraryA, lstrcmpA, FreeLibrary, GlobalDeleteAtom, GetModuleHandleA, GetProcAddress, GlobalFree, GlobalAlloc, GlobalLock, GlobalUnlock, FormatMessageA, LocalFree, FindResourceA, LoadResource, LockResource, SizeofResource, MulDiv, SetLastError, GetVersion, CompareStringA, GetLastError, InterlockedExchange, MultiByteToWideChar, WideCharToMultiByte, lstrlenA<br>> USER32.dll: LoadCursorA, GetSysColorBrush, ShowWindow, SetWindowTextA, IsDialogMessageA, RegisterWindowMessageA, SendDlgItemMessageA, WinHelpA, GetCapture, GetClassLongA, GetClassNameA, SetPropA, GetPropA, RemovePropA, SetFocus, GetWindowTextA, GetForegroundWindow, GetTopWindow, GetMessageTime, GetMessagePos, MapWindowPoints, SetForegroundWindow, UpdateWindow, GetMenu, CreateWindowExA, GetClassInfoA, RegisterClassA, AdjustWindowRectEx, CopyRect, PtInRect, GetDlgCtrlID, DefWindowProcA, CallWindowProcA, SetWindowLongA, SetWindowPos, SystemParametersInfoA, GetWindowPlacement, GetWindowRect, GetWindow, UnhookWindowsHookEx, GetSysColor, EndPaint, BeginPaint, ReleaseDC, GetDC, ClientToScreen, GrayStringA, DrawTextExA, DrawTextA, TabbedTextOutA, GetDesktopWindow, SetActiveWindow, CreateDialogIndirectParamA, DestroyWindow, IsWindow, EnableWindow, GetSystemMetrics, GetDlgItem, GetNextDlgTabItem, EndDialog, SetWindowsHookExA, CallNextHookEx, GetMessageA, TranslateMessage, DispatchMessageA, GetActiveWindow, IsWindowVisible, GetKeyState, PeekMessageA, GetCursorPos, DestroyMenu, UnregisterClassA, PostMessageA, SendMessageA, GetClientRect, DrawIcon, LoadIconA, IsIconic, GetSubMenu, GetMenuItemCount, GetMenuItemID, GetMenuState, CheckMenuItem, EnableMenuItem, ModifyMenuA, GetParent, ValidateRect, GetWindowThreadProcessId, GetWindowLongA, GetLastActivePopup, IsWindowEnabled, MessageBoxA, SetCursor, PostQuitMessage, SetMenuItemBitmaps, GetMenuCheckMarkDimensions, LoadBitmapA, GetFocus, GetClassInfoExA<br>> GDI32.dll: SetWindowExtEx, ScaleWindowExtEx, DeleteDC, GetStockObject, RectVisible, ScaleViewportExtEx, SetViewportExtEx, OffsetViewportOrgEx, SetViewportOrgEx, SelectObject, Escape, ExtTextOutA, GetDeviceCaps, PtVisible, GetObjectA, DeleteObject, GetClipBox, SetMapMode, SetTextColor, SetBkColor, RestoreDC, SaveDC, CreateBitmap, TextOutA<br>> WINSPOOL.DRV: ClosePrinter, DocumentPropertiesA, OpenPrinterA<br>> ADVAPI32.dll: RegQueryValueA, RegEnumKeyA, RegDeleteKeyA, RegOpenKeyA, RegCloseKey, RegOpenKeyExA, RegCreateKeyExA, RegQueryValueExA, RegSetValueExA<br>> SHLWAPI.dll: PathFindFileNameA, PathFindExtensionA<br>> OLEAUT32.dll: -, -, -<br><br>( 0 exports ) <br>
    Tom's guide dans le monde
    • Allemagne
    • Italie
    • Irlande
    • Royaume Uni
    • Etats Unis
    Suivre Tom's Guide
    Inscrivez-vous à la Newsletter
    • ajouter à twitter
    • ajouter à facebook
    • ajouter un flux RSS