Aller au contenu

minebere

Membres
 Afficher le profil  Afficher son activité

  • Compteur de contenus

    42

  • Inscription

  • Dernière visite

Tout ce qui a été posté par minebere

  1. minebere

    virus

    minebere a répondu à un(e) sujet de minebere dans Analyses et éradication malwares

    Bonjour Gof, En mode sans echec: même probl "impossible d'ouvrir l'application etc..."
  2. minebere

    virus

    minebere a répondu à un(e) sujet de minebere dans Analyses et éradication malwares

    Bonjour Gof Je ne peux toujours pas utiliser OTL ni combo fix comme avant!
  3. minebere

    virus

    minebere a répondu à un(e) sujet de minebere dans Analyses et éradication malwares

    Bonjour Gof, Oui j'ai suivi le procesus que tu avais indiqué. Merci A bientôt
  4. minebere

    virus

    minebere a répondu à un(e) sujet de minebere dans Analyses et éradication malwares

    Bonjour Gof, Voici le fichier texte. Rien n'est infecté c'st plutôt une bonne nouvelle. Je te remercie d'avoir pris de ton temps. En ce qui concerne l'anti virus j'ai microsoft security essential, est ce mieux que avast? Bonne journée et encore merci. Malwarebytes' Anti-Malware 1.46 www.malwarebytes.org Version de la base de données: 4105 Windows 6.1.7600 Internet Explorer 8.0.7600.16385 16/05/2010 09:35:16 mbam-log-2010-05-16 (09-35-16).txt Type d'examen: Examen complet (C:\|D:\|F:\|G:\|H:\|I:\|) Elément(s) analysé(s): 229218 Temps écoulé: 24 minute(s), 3 seconde(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 0 Valeur(s) du Registre infectée(s): 0 Elément(s) de données du Registre infecté(s): 0 Dossier(s) infecté(s): 0 Fichier(s) infecté(s): 0 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): (Aucun élément nuisible détecté) Valeur(s) du Registre infectée(s): (Aucun élément nuisible détecté) Elément(s) de données du Registre infecté(s): (Aucun élément nuisible détecté) Dossier(s) infecté(s): (Aucun élément nuisible détecté) Fichier(s) infecté(s): (Aucun élément nuisible détecté)
  5. minebere

    virus

    minebere a répondu à un(e) sujet de minebere dans Analyses et éradication malwares

    Bonjour Gof, Ci joint le doc texte que tu as demandé, merci de m'aider Bon WE Logfile of random's system information tool 1.07 (written by random/random) Run by Arnaud at 2010-05-11 07:05:10 Microsoft Windows 7 Édition Familiale Premium System drive C: has 388 GB (83%) free of 469 GB Total RAM: 6135 MB (66% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 07:05:15, on 11/05/2010 Platform: Windows 7 (WinNT 6.00.3504) MSIE: Internet Explorer v8.00 (8.00.7600.16385) Boot mode: Normal Running processes: C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files (x86)\Steam\steam.exe C:\Program Files (x86)\Logitech\Logitech Vid\Vid.exe C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe C:\Program Files (x86)\Northstar\SmartCopy\SmartCopy.exe C:\Program Files (x86)\Northstar\SmartLauncher\SmartLauncher.exe C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe C:\Program Files (x86)\Common Files\Logishrd\LQCVFX\COCIManager.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe C:\Program Files (x86)\Windows Live\Toolbar\wltuser.exe C:\Program Files (x86)\Logitech\Logitech Vid\LU\LULnchr.exe C:\Program Files (x86)\Logitech\Logitech Vid\LU\LogitechUpdate.exe C:\Windows\SysWow64\Macromed\Flash\FlashUtil10e.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe C:\Users\Arnaud\Desktop\RSIT.exe C:\Program Files (x86)\trend micro\Arnaud.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACAW&a...354b35pg9815l53 R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer.com/rdr.aspx?b=ACAW&a...354b35pg9815l53 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACAW&a...354b35pg9815l53 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer.com/rdr.aspx?b=ACAW&a...354b35pg9815l53 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=userinit.exe O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe O4 - HKLM\..\Run: [backupManagerTray] "C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" -h -k O4 - HKLM\..\Run: [Hotkey Utility] C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe O4 - HKLM\..\Run: [EgisTecLiveUpdate] "C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [ArcadeDeluxeAgent] "C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe" O4 - HKLM\..\Run: [PlayMovie] "C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe" /hide O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKCU\..\Run: [steam] "C:\Program Files (x86)\Steam\Steam.exe" -silent O4 - HKCU\..\Run: [Logitech Vid] "C:\Program Files (x86)\Logitech\Logitech Vid\vid.exe" -bootmode O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe O4 - HKCU\..\Run: [browserChoice] "C:\Windows\System32\browserchoice.exe" /run O4 - HKCU\..\RunOnce: [spybotDeletingB3747] command.com /c del "C:\Windows\System32\404Fix.exe" O4 - HKCU\..\RunOnce: [spybotDeletingD3277] cmd.exe /c del "C:\Windows\System32\404Fix.exe" O4 - HKCU\..\RunOnce: [spybotDeletingD2942] cmd.exe /c del "C:\Windows\System32\Agent.OMZ.Fix.exe" O4 - HKCU\..\RunOnce: [spybotDeletingD7065] cmd.exe /c del "C:\Windows\System32\IEDFix.exe" O4 - HKCU\..\RunOnce: [spybotDeletingB8330] command.com /c del "C:\Windows\System32\VACFix.exe" O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVICE RÉSEAU') O4 - Global Startup: SmartCopy.lnk = C:\Program Files (x86)\Northstar\SmartCopy\SmartCopy.exe O4 - Global Startup: SmartLauncher.lnk = C:\Program Files (x86)\Northstar\SmartLauncher\SmartLauncher.exe O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2009.0...oUploader55.cab O23 - Service: @%SystemRoot%\system32\aelupsvc.dll,-1 (AeLookupSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: @%systemroot%\system32\appidsvc.dll,-100 (AppIDSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\appinfo.dll,-100 (Appinfo) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-204 (AudioEndpointBuilder) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-200 (AudioSrv) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\AxInstSV.dll,-103 (AxInstSV) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\bdesvc.dll,-100 (BDESVC) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\bfe.dll,-1001 (BFE) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\qmgr.dll,-1000 (BITS) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\browser.dll,-100 (Browser) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\bthserv.dll,-101 (bthserv) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\certprop.dll,-11 (CertPropSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: CrossLoop Service (CrossLoopService) - CrossLoop Inc - C:\Users\Arnaud\AppData\Local\CrossLoop\CrossLoopService.exe O23 - Service: @%SystemRoot%\system32\cryptsvc.dll,-1001 (CryptSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @oleres.dll,-5012 (DcomLaunch) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\defragsvc.dll,-101 (defragsvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\dhcpcore.dll,-100 (Dhcp) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\dnsapi.dll,-101 (Dnscache) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\dot3svc.dll,-1102 (dot3svc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\dps.dll,-500 (DPS) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\eapsvc.dll,-1 (EapHost) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\ehome\ehrecvr.exe,-101 (ehRecvr) - Unknown owner - C:\Windows\ehome\ehRecvr.exe O23 - Service: @%SystemRoot%\ehome\ehsched.exe,-101 (ehSched) - Unknown owner - C:\Windows\ehome\ehsched.exe O23 - Service: @%SystemRoot%\system32\wevtsvc.dll,-200 (eventlog) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @comres.dll,-2450 (EventSystem) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: @%systemroot%\system32\fdPHost.dll,-100 (fdPHost) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\fdrespub.dll,-100 (FDResPub) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\FntCache.dll,-100 (FontCache) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @gpapi.dll,-112 (gpsvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: GRegService (Greg_Service) - Acer Incorporated - C:\Program Files (x86)\Acer\Registration\GregHSRW.exe O23 - Service: Service Google Update (gupdate) (gupdate) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: @%SystemRoot%\System32\hidserv.dll,-101 (hidserv) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\kmsvc.dll,-6 (hkmsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\ListSvc.dll,-100 (HomeGroupListener) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\provsvc.dll,-100 (HomeGroupProvider) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: @%SystemRoot%\system32\ikeext.dll,-501 (IKEEXT) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\IPBusEnum.dll,-102 (IPBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\iphlpsvc.dll,-500 (iphlpsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @comres.dll,-2946 (KtmRm) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\srvsvc.dll,-100 (LanmanServer) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\wkssvc.dll,-100 (LanmanWorkstation) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\lltdres.dll,-1 (lltdsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\lmhsvc.dll,-101 (lmhosts) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Process Monitor (LVPrcS64) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe O23 - Service: @%systemroot%\system32\mmcss.dll,-100 (MMCSS) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\FirewallAPI.dll,-23090 (MpsSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\system32\iscsidsc.dll,-5000 (MSiSCSI) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\msimsg.dll,-27 (msiserver) - Unknown owner - C:\Windows\system32\msiexec.exe O23 - Service: MyWinLocker Service (MWLService) - Egis Technology Inc. - C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe O23 - Service: @%SystemRoot%\system32\qagentrt.dll,-6 (napagent) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\netman.dll,-109 (Netman) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\netprofm.dll,-202 (netprofm) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\nlasvc.dll,-1 (NlaSvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\nsisvc.dll,-200 (nsi) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: NTI IScheduleSvc - NewTech Infosystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\pnrpsvc.dll,-8004 (p2pimsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8006 (p2psvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\pcasvc.dll,-1 (PcaSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\sysWow64\perfhost.exe,-2 (PerfHost) - Unknown owner - C:\Windows\SysWow64\perfhost.exe O23 - Service: @%systemroot%\system32\pla.dll,-500 (pla) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\umpnpmgr.dll,-100 (PlugPlay) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\pnrpauto.dll,-8002 (PNRPAutoReg) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\pnrpsvc.dll,-8000 (PNRPsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\polstore.dll,-5010 (PolicyAgent) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\umpo.dll,-100 (Power) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\profsvc.dll,-300 (ProfSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%Systemroot%\system32\rasauto.dll,-200 (RasAuto) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%Systemroot%\system32\rasmans.dll,-200 (RasMan) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @regsvc.dll,-1 (RemoteRegistry) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%windir%\system32\RpcEpMap.dll,-1001 (RpcEptMapper) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @oleres.dll,-5010 (RpcSs) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe O23 - Service: @%SystemRoot%\System32\SCardSvr.dll,-1 (SCardSvr) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\schedsvc.dll,-100 (Schedule) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\certprop.dll,-13 (SCPolicySvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\sdrsvc.dll,-107 (SDRSVC) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\Sens.dll,-200 (SENS) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\sensrsvc.dll,-1000 (SensrSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\SessEnv.dll,-1026 (SessionEnv) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\shsvcs.dll,-12288 (ShellHWDetection) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppuinotify.dll,-103 (sppuinotify) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\ssdpsrv.dll,-100 (SSDPSRV) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\sstpsvc.dll,-200 (SstpSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe O23 - Service: @%SystemRoot%\system32\wiaservc.dll,-9 (stisvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\swprv.dll,-103 (swprv) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\sysmain.dll,-1000 (SysMain) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\TabSvc.dll,-100 (TabletInputService) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\tapisrv.dll,-10100 (TapiSrv) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\tbssvc.dll,-100 (TBS) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\termsrv.dll,-268 (TermService) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\themeservice.dll,-8192 (Themes) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\mmcss.dll,-102 (THREADORDER) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\trkwks.dll,-1 (TrkWks) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\servicing\TrustedInstaller.exe,-100 (TrustedInstaller) - Unknown owner - C:\Windows\servicing\TrustedInstaller.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: Updater Service - Acer - C:\Program Files\Acer\Acer Updater\UpdaterService.exe O23 - Service: @%systemroot%\system32\upnphost.dll,-213 (upnphost) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: uvnc_service - UltraVNC - C:\Users\Arnaud\AppData\Local\CrossLoop\winvnc.exe O23 - Service: @%SystemRoot%\system32\dwm.exe,-2000 (UxSms) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\w32time.dll,-200 (W32Time) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%systemroot%\system32\wbiosrvc.dll,-100 (WbioSrvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\wcncsvc.dll,-3 (wcncsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\WcsPlugInService.dll,-200 (WcsPlugInService) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\wdi.dll,-502 (WdiServiceHost) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\wdi.dll,-500 (WdiSystemHost) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\webclnt.dll,-100 (WebClient) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\wecsvc.dll,-200 (Wecsvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\wercplsupport.dll,-101 (wercplsupport) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\wersvc.dll,-100 (WerSvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%ProgramFiles%\Windows Defender\MsMpRes.dll,-103 (WinDefend) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\winhttp.dll,-100 (WinHttpAutoProxySvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%Systemroot%\system32\wbem\wmisvc.dll,-205 (Winmgmt) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%Systemroot%\system32\wsmsvc.dll,-101 (WinRM) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\wlansvc.dll,-257 (Wlansvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) O23 - Service: @%SystemRoot%\system32\wpcsvc.dll,-100 (WPCSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\wpdbusenum.dll,-100 (WPDBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\wscsvc.dll,-200 (wscsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\SearchIndexer.exe,-103 (WSearch) - Unknown owner - C:\Windows\system32\SearchIndexer.exe O23 - Service: @%systemroot%\system32\wuaueng.dll,-105 (wuauserv) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\wudfsvc.dll,-1000 (wudfsvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\wwansvc.dll,-257 (WwanSvc) - Unknown owner - C:\Windows\system32\svchost.exe -- End of file - 26180 bytes ======Scheduled tasks folder====== C:\Windows\tasks\GoogleUpdateTaskMachineCore1cac7266d7d59d.job C:\Windows\tasks\GoogleUpdateTaskMachineUA.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}] Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-04-04 75200] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}] Spybot-S&D IE Protection - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll [2009-01-26 1879896] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}] Search Helper - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2009-05-19 137600] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}] Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2010-03-02 279664] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}] Google Toolbar Notifier BHO - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll [2010-03-02 812528] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}] Windows Live Toolbar Helper - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] Locked {2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2010-03-02 279664] {21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "JMB36X IDE Setup"=C:\Windows\RaidTool\xInsIDE.exe [2007-03-20 36864] "BackupManagerTray"=C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe [2009-08-12 261888] "Hotkey Utility"=C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe [2009-08-10 629280] "EgisTecLiveUpdate"=C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe [2009-08-04 199464] "Adobe Reader Speed Launcher"=C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-04-04 36272] "ArcadeDeluxeAgent"=C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe [2009-07-31 128296] "PlayMovie"=C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe [2009-08-04 181480] "Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-03-24 952768] "LogitechQuickCamRibbon"=C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe [2009-10-14 2793304] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "swg"=C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2009-08-15 39408] "Steam"=C:\Program Files (x86)\Steam\Steam.exe [2010-05-07 1238352] "Logitech Vid"=C:\Program Files (x86)\Logitech\Logitech Vid\vid.exe [2009-07-16 5458704] "SpybotSD TeaTimer"=C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe [2009-01-26 2144088] "BrowserChoice"=C:\Windows\System32\browserchoice.exe /run [] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce] "SpybotDeletingB3747"=command.com /c del C:\Windows\System32\404Fix.exe [] "SpybotDeletingD3277"=cmd.exe /c del C:\Windows\System32\404Fix.exe [] "SpybotDeletingD2942"=cmd.exe /c del C:\Windows\System32\Agent.OMZ.Fix.exe [] "SpybotDeletingD7065"=cmd.exe /c del C:\Windows\System32\IEDFix.exe [] "SpybotDeletingB8330"=command.com /c del C:\Windows\System32\VACFix.exe [] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup SmartCopy.lnk - C:\Program Files (x86)\Northstar\SmartCopy\SmartCopy.exe SmartLauncher.lnk - C:\Program Files (x86)\Northstar\SmartLauncher\SmartLauncher.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders] "SecurityProviders"=credssp.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppInfo] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppMgmt] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Base] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Boot Bus Extender] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Boot file system] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CryptSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\DcomLaunch] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EFS] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EventLog] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\File system] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Filter] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HelpSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\KeyIso] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Netlogon] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NTDS] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PCI Configuration] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PlugPlay] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PNP Filter] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Power] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Primary disk] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ProfSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\RpcEptMapper] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\RpcSs] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sacsvr] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SCSI Class] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sermouse.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SWPRV] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\System Bus Extender] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TabletInputService] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TBS] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TrustedInstaller] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\VDS] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vga.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vgasave.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vmms] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgr.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgrx.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinMgmt] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{36FC9E60-C465-11CF-8056-444553540000}] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E965-E325-11CE-BFC1-08002BE10318}] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E967-E325-11CE-BFC1-08002BE10318}] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E969-E325-11CE-BFC1-08002BE10318}] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96A-E325-11CE-BFC1-08002BE10318}] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96B-E325-11CE-BFC1-08002BE10318}] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96F-E325-11CE-BFC1-08002BE10318}] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E977-E325-11CE-BFC1-08002BE10318}] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E97B-E325-11CE-BFC1-08002BE10318}] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E97D-E325-11CE-BFC1-08002BE10318}] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E980-E325-11CE-BFC1-08002BE10318}] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{71A27CDD-812A-11D0-BEC7-08002BE2092F}] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AppInfo] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AppMgmt] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Base] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\BFE] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Boot Bus Extender] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Boot file system] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\bowser] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Browser] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CryptSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\DcomLaunch] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\dfsc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Dhcp] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\DnsCache] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Dot3Svc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Eaphost] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\EFS] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\EventLog] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\File system] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Filter] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HelpSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\IKEEXT] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\ipnat.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\KeyIso] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\LanmanServer] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\LanmanWorkstation] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\LmHosts] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcmscsvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Messenger] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MpfService] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MPSDrv] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MPSSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mrxsmb] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mrxsmb10] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mrxsmb20] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NativeWifiP] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NDIS] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NDIS Wrapper] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\ndiscap] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ndisuio] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetBIOS] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetBIOSGroup] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetBT] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetDDEGroup] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Netlogon] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetMan] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\netprofm] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Network] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetworkProvider] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NlaSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Nsi] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nsiproxy.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NTDS] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PCI Configuration] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PEVSystemStart] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PlugPlay] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PNP Filter] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PNP_TDI] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PolicyAgent] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Power] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Primary disk] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\ProfSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\rdbss] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\rdpencdd.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\rdsessmgr] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\RpcEptMapper] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\RpcSs] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\sacsvr] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SCardSvr] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SCSI Class] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\sermouse.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SharedAccess] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Streams Drivers] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SWPRV] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\System Bus Extender] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TabletInputService] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TBS] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Tcpip] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TDI] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TrustedInstaller] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\VaultSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\VDS] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vga.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vgasave.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vmms] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\volmgr.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\volmgrx.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WinDefend] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WinMgmt] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wlansvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{36FC9E60-C465-11CF-8056-444553540000}] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E965-E325-11CE-BFC1-08002BE10318}] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E967-E325-11CE-BFC1-08002BE10318}] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E969-E325-11CE-BFC1-08002BE10318}] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E96A-E325-11CE-BFC1-08002BE10318}] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E96B-E325-11CE-BFC1-08002BE10318}] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E96F-E325-11CE-BFC1-08002BE10318}] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E972-E325-11CE-BFC1-08002BE10318}] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E973-E325-11CE-BFC1-08002BE10318}] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E974-E325-11CE-BFC1-08002BE10318}] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E975-E325-11CE-BFC1-08002BE10318}] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E977-E325-11CE-BFC1-08002BE10318}] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E97B-E325-11CE-BFC1-08002BE10318}] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E97D-E325-11CE-BFC1-08002BE10318}] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E980-E325-11CE-BFC1-08002BE10318}] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{50DD5230-BA8A-11D1-BF5D-0000F805F530}] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{533C5B84-EC70-11D2-9505-00C04F79DEAF}] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{71A27CDD-812A-11D0-BEC7-08002BE2092F}] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "ConsentPromptBehaviorAdmin"=5 "ConsentPromptBehaviorUser"=3 "EnableUIADesktopToggle"=0 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoActiveDesktop"= "NoActiveDesktopChanges"= "ForceActiveDesktopOn"= [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] ======File associations====== .js - edit - C:\Windows\System32\Notepad.exe %1 .js - open - C:\Windows\System32\WScript.exe "%1" %* ======List of files/folders created in the last 1 months====== 2010-05-11 06:57:10 ----D---- C:\rsit 2010-05-11 06:57:10 ----D---- C:\Program Files (x86)\trend micro 2010-05-08 08:26:04 ----D---- C:\32788R22FWJFW 2010-04-30 16:15:20 ----A---- C:\Windows\SysWOW64\wintrust.dll 2010-04-30 16:15:17 ----A---- C:\Windows\SysWOW64\cabview.dll 2010-04-30 16:15:13 ----A---- C:\Windows\SysWOW64\vbscript.dll 2010-04-30 16:15:09 ----A---- C:\Windows\SysWOW64\mshtml.dll 2010-04-30 16:15:08 ----A---- C:\Windows\SysWOW64\mstime.dll 2010-04-30 16:15:08 ----A---- C:\Windows\SysWOW64\ieframe.dll 2010-04-30 16:15:07 ----A---- C:\Windows\SysWOW64\wininet.dll 2010-04-30 16:15:07 ----A---- C:\Windows\SysWOW64\urlmon.dll 2010-04-30 16:15:07 ----A---- C:\Windows\SysWOW64\msfeedsbs.dll 2010-04-30 16:15:07 ----A---- C:\Windows\SysWOW64\iedkcs32.dll 2010-04-30 16:14:55 ----A---- C:\Windows\SysWOW64\ntoskrnl.exe 2010-04-30 16:14:55 ----A---- C:\Windows\SysWOW64\ntkrnlpa.exe 2010-04-30 16:14:52 ----A---- C:\Windows\SysWOW64\sspicli.dll 2010-04-30 16:14:52 ----A---- C:\Windows\SysWOW64\shell32.dll 2010-04-30 16:14:52 ----A---- C:\Windows\SysWOW64\secur32.dll 2010-04-30 10:38:48 ----D---- C:\Users\Arnaud\AppData\Roaming\Malwarebytes 2010-04-30 10:38:42 ----D---- C:\ProgramData\Malwarebytes 2010-04-29 14:37:18 ----A---- C:\Windows\wininit.ini 2010-04-29 10:59:12 ----D---- C:\ProgramData\Kaspersky Lab 2010-04-29 10:29:59 ----A---- C:\Windows\SysWOW64\tmp.txt 2010-04-29 10:29:59 ----A---- C:\rapport.txt 2010-04-29 10:29:36 ----A---- C:\Windows\SysWOW64\WS2Fix.exe 2010-04-29 10:29:36 ----A---- C:\Windows\SysWOW64\VCCLSID.exe 2010-04-29 10:29:36 ----A---- C:\Windows\SysWOW64\VACFix.exe 2010-04-29 10:29:36 ----A---- C:\Windows\SysWOW64\swxcacls.exe 2010-04-29 10:29:36 ----A---- C:\Windows\SysWOW64\swsc.exe 2010-04-29 10:29:36 ----A---- C:\Windows\SysWOW64\swreg.exe 2010-04-29 10:29:36 ----A---- C:\Windows\SysWOW64\SrchSTS.exe 2010-04-29 10:29:36 ----A---- C:\Windows\SysWOW64\Process.exe 2010-04-29 10:29:36 ----A---- C:\Windows\SysWOW64\o4Patch.exe 2010-04-29 10:29:36 ----A---- C:\Windows\SysWOW64\IEDFix.exe 2010-04-29 10:29:36 ----A---- C:\Windows\SysWOW64\IEDFix.C.exe 2010-04-29 10:29:36 ----A---- C:\Windows\SysWOW64\dumphive.exe 2010-04-29 10:29:36 ----A---- C:\Windows\SysWOW64\Agent.OMZ.Fix.exe 2010-04-29 10:29:36 ----A---- C:\Windows\SysWOW64\404Fix.exe 2010-04-29 10:28:03 ----A---- C:\Windows\ntbtlog.txt 2010-04-24 11:48:02 ----D---- C:\ProgramData\Spybot - Search & Destroy 2010-04-24 11:48:02 ----D---- C:\Program Files (x86)\Spybot - Search & Destroy 2010-04-20 17:57:53 ----D---- C:\Users\Arnaud\AppData\Roaming\GameConsole 2010-04-20 17:57:45 ----SHD---- C:\Users\Arnaud\AppData\Roaming\.# 2010-04-16 16:28:08 ----D---- C:\Program Files (x86)\Microsoft CAPICOM 2.1.0.2 2010-04-16 08:16:57 ----D---- C:\Users\Arnaud\AppData\Roaming\dvdcss 2010-04-16 08:15:23 ----D---- C:\Users\Arnaud\AppData\Roaming\vlc 2010-04-16 08:14:36 ----D---- C:\Program Files (x86)\VideoLAN 2010-04-16 07:30:19 ----D---- C:\Program Files (x86)\uTorrent 2010-04-16 07:29:16 ----D---- C:\Users\Arnaud\AppData\Roaming\uTorrent 2010-04-15 17:38:25 ----D---- C:\Program Files (x86)\Logitech 2010-04-15 17:38:19 ----D---- C:\Users\Arnaud\AppData\Roaming\Leadertech 2010-04-15 17:36:13 ----D---- C:\Program Files (x86)\Common Files\LogiShrd 2010-04-15 17:36:11 ----D---- C:\ProgramData\LogiShrd ======List of files/folders modified in the last 1 months====== 2010-05-11 06:58:47 ----D---- C:\Windows\Prefetch 2010-05-11 06:58:02 ----D---- C:\Windows\Temp 2010-05-11 06:57:10 ----RD---- C:\Program Files (x86) 2010-05-11 06:41:01 ----SHD---- C:\System Volume Information 2010-05-11 06:36:32 ----D---- C:\Windows\System32 2010-05-11 06:30:47 ----D---- C:\Program Files (x86)\Steam 2010-05-09 11:37:44 ----D---- C:\Program Files (x86)\Common Files\Steam 2010-05-05 21:45:50 ----D---- C:\Windows 2010-05-05 18:24:07 ----D---- C:\Windows\SysWOW64 2010-05-05 07:00:13 ----SHD---- C:\Windows\Installer 2010-05-05 07:00:10 ----D---- C:\Windows\inf 2010-05-05 07:00:07 ----D---- C:\ProgramData\NVIDIA 2010-05-05 06:59:38 ----RD---- C:\Program Files 2010-04-30 16:34:27 ----D---- C:\Windows\winsxs 2010-04-30 16:21:20 ----D---- C:\Program Files (x86)\Internet Explorer 2010-04-30 16:15:41 ----D---- C:\Windows\AppPatch 2010-04-30 12:31:50 ----D---- C:\Windows\SysWOW64\drivers 2010-04-30 10:38:42 ----HD---- C:\ProgramData 2010-04-29 10:58:42 ----D---- C:\Windows\Downloaded Program Files 2010-04-25 16:46:28 ----D---- C:\Users\Arnaud\AppData\Roaming\Nero 2010-04-22 16:10:48 ----SD---- C:\Users\Arnaud\AppData\Roaming\Microsoft 2010-04-15 17:36:13 ----D---- C:\Program Files (x86)\Common Files 2010-04-14 08:18:17 ----D---- C:\ProgramData\Microsoft Help
  6. minebere

    virus

    minebere a répondu à un(e) sujet de minebere dans Analyses et éradication malwares

    Bonjour Gof, RSIT exe sur le bureau puis ij'exécute puis il commence à charger comme tu l'as dit l'outil HIjackthis et au 3/4 fin au moment où c'est marqué listing services and drivers il s'arrête de charger et un panneau avec une croix s'ouvre : Line 2563 (File"C\Users\Arnaud Desktop\RSIT.exe Error: Variable used without being declared . Je l'ai fait en mode administrateur. Je comprends rien Merci encore pour tonaide et bonne journée.
  7. minebere

    virus

    minebere a répondu à un(e) sujet de minebere dans Analyses et éradication malwares

    Bonjour Gof, Merci pour ton message. En ce qui concerne mon ordi je pense que j'avais éradiqué le virus avec un petit logiciel et en même temps supprimé un fichier système , bloquant la mise à jour via Windows uptade dû à la restauration système. En tout cas c'est mon copain qui le dit. Ce qui m'étonne c'est que je ne peux toujours pas faire fonctionner OTL (application Win 32 non valide) Donc j'espère que tout est parti! Et comme un ennui n'arrive jamais seul, j'ai mon disque dur externe qui n'est plus reconnu.( il s'appelait Lacie ds le poste de travail maintenant on le voit sous F), mais impossible de l'ouvrir, on me demande si je veux le faormater! J'ai été chercher sur internet un logiciel pour réccupérer mes données, je n'ai réussi à en avoir qu'une petite partie. Bon dimanche
  8. minebere

    virus

    minebere a répondu à un(e) sujet de minebere dans Analyses et éradication malwares

    Merci encore pour ta réponse, C'est que j'avais déjà fait (je l'avais lu sur internet) mais malheureusement même prbl. J'ai un ami qui est venu dimanche et il m'a réglé le prbl. Merci encore à Bientôt
  9. minebere

    virus

    minebere a répondu à un(e) sujet de minebere dans Analyses et éradication malwares

    Rebonjour, En fait tous les petits logiciels comme OTL combofix (etc.. ne veulent pas s'éxécuter. Je crains que cela ne soit un virus très coriace. A bientôt
  10. minebere

    virus

    minebere a répondu à un(e) sujet de minebere dans Analyses et éradication malwares

    C'est plutôt ce fichier là Fichier explorer.exe reçu le 2010.04.29 06:43:02 (UTC)Antivirus Version Dernière mise à jour Résultat a-squared 4.5.0.50 2010.04.29 - AhnLab-V3 5.0.0.2 2010.04.29 - AntiVir 8.2.1.224 2010.04.28 - Antiy-AVL 2.0.3.7 2010.04.28 - Authentium 5.2.0.5 2010.04.29 - Avast 4.8.1351.0 2010.04.28 - Avast5 5.0.332.0 2010.04.28 - AVG 9.0.0.787 2010.04.29 - BitDefender 7.2 2010.04.29 - CAT-QuickHeal 10.00 2010.04.29 - ClamAV 0.96.0.3-git 2010.04.29 - Comodo 4707 2010.04.29 - DrWeb 5.0.2.03300 2010.04.29 - eSafe 7.0.17.0 2010.04.28 - eTrust-Vet 35.2.7456 2010.04.28 - F-Prot 4.5.1.85 2010.04.28 - F-Secure 9.0.15370.0 2010.04.29 - Fortinet 4.0.14.0 2010.04.27 - GData 21 2010.04.29 - Ikarus T3.1.1.80.0 2010.04.29 - Jiangmin 13.0.900 2010.04.29 - Kaspersky 7.0.0.125 2010.04.29 - McAfee 5.400.0.1158 2010.04.29 - McAfee-GW-Edition 6.8.5 2010.04.28 - Microsoft 1.5703 2010.04.29 - NOD32 5070 2010.04.28 - Norman 6.04.11 2010.04.28 - nProtect 2010-04-28.02 2010.04.28 - Panda 10.0.2.7 2010.04.28 - PCTools 7.0.3.5 2010.04.29 - Prevx 3.0 2010.04.29 - Rising 22.45.03.02 2010.04.29 - Sophos 4.53.0 2010.04.29 - Sunbelt 6235 2010.04.28 - Symantec 20091.2.0.41 2010.04.29 - TheHacker 6.5.2.0.272 2010.04.28 - TrendMicro 9.120.0.1004 2010.04.29 - TrendMicro-HouseCall 9.120.0.1004 2010.04.29 - VBA32 3.12.12.4 2010.04.28 - ViRobot 2010.4.27.2295 2010.04.28 - VirusBuster 5.0.27.0 2010.04.28 - Information additionnelle File size: 2870272 bytes MD5...: 9aaaec8dac27aa17b053e6352ad233ae SHA1..: 0f841176602288ee1be832573265f88ca78f4ba7 SHA256: 2d5173acf0bd6ac49670f7c83fd79af552ba9d989de8ba557459191c08a8a1af ssdeep: 49152:En4AcISFxyx5PxlPtBC6g17vYYYYYYYYYYYRYYYYYYYYYYE3iA7/eFUJN9<BR>ojoso6:E4ATjYvYYYYYYYYYYYRYYYYYYYYYYE3O<BR> PEiD..: - PEInfo: PE Structure information<BR><BR>( base data )<BR>entrypointaddress.: 0x2c138<BR>timedatestamp.....: 0x4aebab8d (Sat Oct 31 03:14:21 2009)<BR>machinetype.......: 0x8664 (AMD64)<BR><BR>( 6 sections )<BR>name viradd virsiz rawdsiz ntrpy md5<BR>.text 0x1000 0xb79e9 0xb7a00 6.32 94607f5cea50bb5d1a7b2d25137a96b3<BR>.rdata 0xb9000 0x2ea74 0x2ec00 3.91 3d671428ae02bdefcf61935e382eca08<BR>.data 0xe8000 0x3ed4 0x3a00 0.85 92b3e18ae383403ea3eaf50a2624851e<BR>.pdata 0xec000 0xcc84 0xce00 6.01 8da6f0fc9290daafcd68f0f5a4a7042f<BR>.rsrc 0xf9000 0x1c2e80 0x1c3000 5.52 b4a3c49026c105984586ce6839127d94<BR>.reloc 0x2bc000 0x2654 0x2800 5.40 7c190c6e05cf140be655ffefd35bd491<BR><BR>( 19 imports ) <BR>> ADVAPI32.dll: RegCreateKeyW, RegCloseKey, RegOpenKeyExW, RegGetValueW, EventWrite, EventEnabled, GetTraceLoggerHandle, GetTraceEnableLevel, GetTraceEnableFlags, RegisterTraceGuidsW, UnregisterTraceGuids, RegQueryValueExW, GetLengthSid, GetTokenInformation, OpenProcessToken, RegCreateKeyExW, RegSetValueExW, EventRegister, EventUnregister, TraceMessage, RegOpenKeyW, RegDeleteValueW, RegQueryInfoKeyW, RegEnumValueW, LsaOpenPolicy, GetSidSubAuthorityCount, LsaClose, IsValidSid, LsaFreeMemory, StartTraceW, EnableTraceEx, StopTraceW, CryptAcquireContextW, CryptCreateHash, CryptHashData, CryptGetHashParam, CryptDestroyHash, CryptReleaseContext, StartServiceW, CreateWellKnownSid, RegEnumKeyExW, GetSidSubAuthority, LsaLookupSids, ConvertSidToStringSidW, ConvertStringSecurityDescriptorToSecurityDescriptorW, CheckTokenMembership, QueryServiceStatus, OpenSCManagerW, OpenServiceW, CloseServiceHandle, ConvertStringSidToSidW, OpenThreadToken<BR>> KERNEL32.dll: DelayLoadFailureHook, LoadLibraryExA, ReadFile, GetFileSize, CreateFileW, FlushInstructionCache, RaiseException, SetLastError, OpenThread, GetSystemTimeAsFileTime, GetLocaleInfoW, GetDateFormatW, GetTimeFormatW, GetLocalTime, MultiByteToWideChar, GetCurrentThreadId, GetCurrentProcessId, GetModuleHandleW, OpenEventW, InterlockedPopEntrySList, FindClose, FindNextFileW, GetLongPathNameW, SetProcessShutdownParameters, GetStartupInfoW, ReleaseMutex, CreateMutexW, InitializeCriticalSection, DeleteCriticalSection, VirtualAlloc, InterlockedPushEntrySList, SetUnhandledExceptionFilter, QueryPerformanceCounter, TerminateProcess, UnhandledExceptionFilter, RtlVirtualUnwind, RtlLookupFunctionEntry, RtlCaptureContext, VirtualFree, lstrcmpiW, CompareStringOrdinal, FindFirstFileW, SetErrorMode, CreateEventW, GetSystemDirectoryW, GetVersionExW, FreeLibrary, GetProcAddress, LoadLibraryW, GetUserDefaultUILanguage, WaitForSingleObject, SetTermsrvAppInstallMode, GetFileAttributesW, RegisterApplicationRestart, GlobalGetAtomNameW, ExpandEnvironmentStringsW, SystemTimeToFileTime, GetSystemTime, MulDiv, GetTickCount64, GetThreadPriority, LeaveCriticalSection, EnterCriticalSection, SetEvent, GetCurrentThread, SetThreadPriority, GetTickCount, GetUserDefaultLangID, ExitProcess, HeapDestroy, UnmapViewOfFile, MapViewOfFile, SearchPathW, GetDynamicTimeZoneInformation, GetTimeZoneInformation, GetBinaryTypeW, QueryPerformanceFrequency, QueueUserWorkItem, LoadLibraryExW, GetProductInfo, TerminateThread, CreateIoCompletionPort, GetQueuedCompletionStatus, LoadLibraryA, DeleteFileW, GetProcessId, GetModuleHandleA, GetWindowsDirectoryW, CompareStringW, lstrcmpA, CompareFileTime, QueryFullProcessImageNameW, CreateFileMappingW, ResetEvent, WideCharToMultiByte, GlobalFree, DuplicateHandle, GetCurrentDirectoryW, WaitForMultipleObjects, GetComputerNameW, GlobalLock, GlobalUnlock, GlobalAlloc, lstrlenA, DeactivateActCtx, ActivateActCtx, ReleaseActCtx, CreateActCtxW, LockResource, LoadResource, FindResourceExW, HeapAlloc, HeapFree, GetProcessHeap, GetCurrentProcess, GetCommandLineW, GetPrivateProfileStringW, GetModuleFileNameW, CreateProcessW, lstrlenW, OpenProcess, LocalFree, LocalAlloc, QueryInformationJobObject, Sleep, CreateThread, SetPriorityClass, GetPriorityClass, ResumeThread, AssignProcessToJobObject, SetInformationJobObject, GetLastError, CreateJobObjectW, CloseHandle<BR>> GDI32.dll: LPtoDP, GetRgnBox, OffsetViewportOrgEx, GetStockObject, GdiFlush, CombineRgn, OffsetRgn, SetLayout, SetWindowOrgEx, StretchBlt, GetTextExtentPoint32W, CreatePen, Polyline, GetRegionData, GetTextColor, GetLayout, GetTextMetricsW, ExtCreateRegion, SetDIBits, SelectClipRgn, SetViewportOrgEx, GetViewportOrgEx, IntersectClipRect, GetClipRgn, CreateRectRgn, GetBkColor, PatBlt, CreateBitmap, SetBkMode, SetTextColor, SetBkColor, OffsetWindowOrgEx, CreateCompatibleBitmap, GetTextExtentPointW, GetClipBox, GetObjectW, GdiAlphaBlend, BitBlt, GetDeviceCaps, CreateFontIndirectW, CreateRectRgnIndirect, CreateCompatibleDC, CreateDIBSection, SelectObject, DeleteObject, DeleteDC, ExtTextOutW<BR>> USER32.dll: CopyRect, SetRect, CreateWindowExW, DialogBoxParamW, GetClassInfoW, GetClassInfoExW, GetMenuItemInfoW, GetMenuItemCount, DefWindowProcW, ActivateKeyboardLayout, GetCursorPos, InsertMenuW, GetMenuStringW, SetMenuItemInfoW, InsertMenuItemW, IsChild, IsWinEventHookInstalled, IsProcessDPIAware, IsRectEmpty, UnionRect, GetClassLongW, SetClassLongW, GetGUIThreadInfo, GetDlgCtrlID, GetNextDlgGroupItem, GetNextDlgTabItem, MoveWindow, ChildWindowFromPointEx, GetWindowDC, CharUpperW, UnregisterClassW, FrameRect, WindowFromDC, SendMessageCallbackW, UpdateLayeredWindow, GetUserObjectInformationW, GetProcessWindowStation, GetThreadDesktop, ShowWindowAsync, BringWindowToTop, GetClassLongPtrW, GetIconInfo, RegisterShellHookWindow, DeregisterShellHookWindow, FlashWindowEx, SetThreadDesktop, EndTask, OpenInputDesktop, CloseDesktop, GetMenuState, IsZoomed, SetScrollInfo, GetScrollInfo, SetScrollPos, InternalGetWindowText, GetWindowInfo, GetCaretBlinkTime, SetLayeredWindowAttributes, GetLayeredWindowAttributes, GetUpdateRect, SetWindowsHookExW, UnhookWindowsHookEx, CallNextHookEx, SetFocus, GetAncestor, ReleaseCapture, GetDoubleClickTime, RegisterWindowMessageW, SetWindowTextW, SetWindowPlacement, SetRectEmpty, EnumDisplayMonitors, InflateRect, EqualRect, UpdateWindow, GetMonitorInfoW, MonitorFromPoint, MonitorFromRect, CharPrevW, GetMessageW, TranslateMessage, DispatchMessageW, CreatePopupMenu, GetMenuDefaultItem, SendNotifyMessageW, LockSetForegroundWindow, ChangeWindowMessageFilterEx, IntersectRect, MonitorFromWindow, IsWindowVisible, GetForegroundWindow, EnumWindows, GetParent, IsWindow, TranslateAcceleratorW, WaitMessage, GetWindowTextW, GetClientRect, TrackPopupMenuEx, SetActiveWindow, GetKeyState, GhostWindowFromHungWindow, RegisterClassW, LoadCursorW, SubtractRect, RedrawWindow, BeginDeferWindowPos, DeferWindowPos, EndDeferWindowPos, InvalidateRect, OffsetRect, SendMessageTimeoutW, SetWindowRgn, UpdateLayeredWindowIndirect, GetWindowRgnBox, LoadImageW, GetWindowPlacement, SetForegroundWindow, GetLastInputInfo, RemovePropW, GetLastActivePopup, SwitchToThisWindow, MessageBeep, GetActiveWindow, GetFocus, SetCursor, UnregisterHotKey, RegisterHotKey, SendDlgItemMessageW, EndDialog, GetDesktopWindow, GetAsyncKeyState, ChildWindowFromPoint, SetCursorPos, GetMessagePos, BeginPaint, FillRect, DrawEdge, EndPaint, GetSystemMenu, EnableMenuItem, ExitWindowsEx, LoadIconW, DestroyIcon, IsIconic, DeleteMenu, CheckMenuItem, ModifyMenuW, WindowFromPoint, ClientToScreen, TrackPopupMenu, IsHungAppWindow, GetWindowThreadProcessId, AppendMenuW, CascadeWindows, TileWindows, LockWorkStation, ScreenToClient, RegisterClipboardFormatW, NotifyWinEvent, GetSysColor, DrawFocusRect, AdjustWindowRectEx, CopyIcon, MsgWaitForMultipleObjects, SetWinEventHook, RegisterClassExW, GetDlgItem, EnableWindow, GetDlgItemInt, SetDlgItemInt, IsDlgButtonChecked, IsWindowEnabled, CheckDlgButton, CallWindowProcW, SetCapture, DrawTextW, AdjustWindowRect, CalculatePopupWindowPosition, GetMessageExtraInfo, GetCapture, SetGestureConfig, DrawIconEx, RemoveMenu, SetMenuDefaultItem, LoadMenuW, GetSubMenu, AllowSetForegroundWindow, LoadAcceleratorsW, TrackMouseEvent, CharNextW, GetWindow, GetSysColorBrush, GetPropW, HungWindowFromGhostWindow, SetWindowCompositionAttribute, GetWindowLongW, MsgWaitForMultipleObjectsEx, EnumChildWindows, SendMessageW, PtInRect, GetKeyboardLayout, GetWindowRect, DestroyMenu, SystemParametersInfoW, ShowWindow, MapWindowPoints, SetTimer, SetPropW, KillTimer, SetWindowPos, GetWindowLongPtrW, PostQuitMessage, SetWindowLongPtrW, DestroyWindow, ShutdownBlockReasonCreate, LoadStringW, PostMessageW, PeekMessageW, ReleaseDC, GetDC, FindWindowW, GetSystemMetrics, GetShellWindow, GetClassNameW<BR>> msvcrt.dll: _vsnwprintf, free, wcsstr, iswalpha, wcschr, realloc, _wcsicmp, cosf, _wtoi, memcmp, sqrt, ceil, bsearch, __wgetmainargs, __C_specific_handler, _XcptFilter, _exit, _cexit, exit, _wcmdln, _initterm, _amsg_exit, __setusermatherr, _commode, _terminate@@YAXXZ, _onexit, _lock, __dllonexit, _unlock, __set_app_type, memmove, memcpy, memset, _fmode, malloc, sin<BR>> ntdll.dll: WinSqmSetString, WinSqmSetDWORD, WinSqmAddToStreamEx, NtSetSystemInformation, WinSqmAddToStream, WinSqmEventEnabled, WinSqmIsOptedIn, NtSetInformationProcess, NtQueryInformationToken, NtOpenProcessToken, NtClose, NtOpenThreadToken, RtlGetProductInfo, EtwEventEnabled, EtwEventWrite, NtQueryInformationProcess<BR>> SHLWAPI.dll: StrStrIW, -, -, AssocQueryStringW, PathQuoteSpacesW, -, SHDeleteKeyW, -, -, SHRegGetUSValueW, -, -, -, -, -, -, -, PathIsNetworkPathW, -, SHOpenRegStream2W, -, SHRegGetBoolUSValueW, -, SHStrDupW, StrChrIW, -, -, -, PathFileExistsW, PathGetDriveNumberW, -, -, -, -, -, PathRemoveFileSpecW, PathIsDirectoryW, -, -, SHRegGetValueW, -, ChrCmpIW, -, AssocQueryKeyW, PathStripPathW, -, PathIsRootW, -, PathParseIconLocationW, StrCmpIW, -, StrCmpW, PathIsPrefixW, -, -, -, -, -, -, SHCreateStreamOnFileW, SHQueryInfoKeyW, StrCmpNW, StrTrimW, -, -, -, PathStripToRootW, StrRetToBufW, PathCommonPrefixW, -, -, -, -, SHStrDupA, -, PathRemoveExtensionW, -, PathIsFileSpecW, -, -, AssocCreate, -, -, -, StrRetToStrW, StrToIntW, StrChrW, -, -, -, PathCombineW, -, SHCreateThreadRef, SHSetThreadRef, -, SHGetValueW, PathFindFileNameW, PathRemoveArgsW, PathRemoveBlanksW, StrCmpNIW, PathGetArgsW, -, -, SHSetValueW, SHDeleteValueW, PathAppendW, -, -, -, -, -, -, PathFindExtensionW, -, -<BR>> SHELL32.dll: -, -, -, SHCreateDataObject, SHGetLocalizedName, -, -, -, -, -, -, Shell_GetCachedImageIndexW, -, -, -, -, -, -, SHGetStockIconInfo, -, -, SHGetPropertyStoreForWindow, -, -, -, -, -, -, SHGetSpecialFolderLocation, SHCreateItemWithParent, SHBindToFolderIDListParent, SHBindToFolderIDListParentEx, -, SHChangeNotify, -, -, SHGetFileInfoW, -, -, -, SHParseDisplayName, -, -, SHGetFolderLocation, -, SHGetSpecialFolderPathW, SHBindToObject, -, -, -, -, -, -, SHGetKnownFolderIDList, ShellExecuteExW, -, -, -, -, SHGetNameFromIDList, -, SHCreateShellItem, -, -, -, -, SHChangeNotifyRegisterThread, -, -, -, -, -, -, -, -, -, -, SHGetPathFromIDListW, -, -, SHFileOperationW, SHGetFolderPathEx, SHUpdateRecycleBinIcon, -, -, -, -, SHBindToParent, SHGetFolderPathW, SHGetPathFromIDListA, ShellExecuteW, SHEnableServiceObject, -, -, -, -, SHGetIDListFromObject, -, SHCreateItemFromIDList, -, SHAddToRecentDocs, Shell_NotifyIconW, Shell_NotifyIconGetRect, ExtractIconExW, SHEvaluateSystemCommandTemplate, -, SHCreateShellItemArrayFromIDLists, -, -, DragQueryFileW, SHGetKnownFolderPath, SHCreateShellItemArrayFromShellItem, SHCreateItemFromParsingName, -<BR>> ole32.dll: CoInitializeEx, CLSIDFromString, CoGetMalloc, CoGetInterfaceAndReleaseStream, RevokeDragDrop, RegisterDragDrop, CoUninitialize, CoInitialize, CoMarshalInterThreadInterfaceInStream, CoFreeUnusedLibraries, CoRegisterMessageFilter, StringFromGUID2, OleUninitialize, OleInitialize, CoRevokeClassObject, CoRegisterClassObject, CoCreateInstance, CoTaskMemFree, CreateStreamOnHGlobal, ReleaseStgMedium, PropVariantClear, CreateBindCtx, CoTaskMemAlloc, CoCreateFreeThreadedMarshaler<BR>> OLEAUT32.dll: -, -, -, -, -, -<BR>> EXPLORERFRAME.dll: -, -<BR>> UxTheme.dll: GetThemeBackgroundExtent, GetThemeBackgroundRegion, GetThemeColor, IsThemePartDefined, GetThemeRect, DrawThemeIcon, GetBufferedPaintBits, BufferedPaintClear, IsAppThemed, IsCompositionActive, OpenThemeData, CloseThemeData, SetWindowTheme, GetThemeMetric, DrawThemeBackground, GetThemeTextExtent, DrawThemeText, GetThemeBool, DrawThemeParentBackground, GetWindowTheme, GetThemeBackgroundContentRect, GetThemePartSize, BeginBufferedPaint, DrawThemeTextEx, EndBufferedPaint, GetThemeMargins, BufferedPaintInit, BufferedPaintUnInit, IsThemeActive, -<BR>> POWRPROF.dll: CallNtPowerInformation, PowerDeterminePlatformRole, GetPwrCapabilities<BR>> dwmapi.dll: -, -, DwmEnableBlurBehindWindow, DwmSetWindowAttribute, DwmIsCompositionEnabled, DwmQueryThumbnailSourceSize, -, DwmUpdateThumbnailProperties, DwmUnregisterThumbnail, -, -<BR>> slc.dll: SLGetWindowsInformationDWORD<BR>> gdiplus.dll: GdipSetInterpolationMode, GdipDrawImageRectI, GdipCloneImage, GdipGetImageWidth, GdipGetImageHeight, GdipCreateBitmapFromHBITMAP, GdiplusStartup, GdiplusShutdown, GdipFree, GdipAlloc, GdipDisposeImage, GdipCreateFromHDC, GdipDeleteGraphics, GdipSetCompositingMode<BR>> Secur32.dll: GetUserNameExW<BR>> RPCRT4.dll: NdrClientCall3, I_RpcExceptionFilter, RpcStringFreeW, RpcBindingFree, RpcBindingSetAuthInfoExW, RpcStringBindingComposeW, RpcBindingFromStringBindingW<BR>> PROPSYS.dll: PSCreateMemoryPropertyStore, VariantToStringAlloc, VariantToStringWithDefault, PropVariantToString, VariantToBooleanWithDefault, PropVariantToInt64, VariantToInt32WithDefault, PropVariantToBoolean, PropVariantToUInt64, PropVariantToUInt32, PropVariantToStringAlloc<BR><BR>( 0 exports ) <BR> RDS...: NSRL Reference Data Set<BR>- pdfid.: - sigcheck:<BR>publisher....: Microsoft Corporation<BR>copyright....: © Microsoft Corporation. All rights reserved.<BR>product......: Microsoft_ Windows_ Operating System<BR>description..: Windows Explorer<BR>original name: EXPLORER.EXE<BR>internal name: explorer<BR>file version.: 6.1.7600.16450 (win7_gdr.091030-1504)<BR>comments.....: n/a<BR>signers......: -<BR>signing date.: -<BR>verified.....: Unsigned<BR> trid..: Win64 Executable Generic (95.5%)<BR>Generic Win/DOS Executable (2.2%)<BR>DOS Executable Generic (2.2%)<BR>Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)
  11. minebere

    virus

    minebere a répondu à un(e) sujet de minebere dans Analyses et éradication malwares

    Bonjour, Voici l'anlyse avec virus total? j'ai suivi à la lettre ce que tu as dit. Merci encore de t' occuper de moi. Bonne journée Virustotal est un service qui analyse les fichiers suspects et facilite la détection rapide des virus, vers, chevaux de Troie et toutes sortes de malwares détectés par les moteurs antivirus. Plus d'informations... Fichier explorer.exe reçu le 2010.04.29 06:43:02 (UTC) Situation actuelle: en cours de chargement ... mis en file d'attente en attente en cours d'analyse terminé NON TROUVE ARRETE Résultat: 0/41 (0%) en train de charger les informations du serveur... Votre fichier est dans la file d'attente, en position: ___. L'heure estimée de démarrage est entre ___ et ___ . Ne fermez pas la fenêtre avant la fin de l'analyse. L'analyseur qui traitait votre fichier est actuellement stoppé, nous allons attendre quelques secondes pour tenter de récupérer vos résultats. Si vous attendez depuis plus de cinq minutes, vous devez renvoyer votre fichier. Votre fichier est, en ce moment, en cours d'analyse par VirusTotal, les résultats seront affichés au fur et à mesure de leur génération. Formaté Impression des résultats Votre fichier a expiré ou n'existe pas. Le service est en ce moment, stoppé, votre fichier attend d'être analysé (position : ) depuis une durée indéfinie. Vous pouvez attendre une réponse du Web (re-chargement automatique) ou taper votre e-mail dans le formulaire ci-dessous et cliquer "Demande" pour que le système vous envoie une notification quand l'analyse sera terminée. Email: Antivirus Version Dernière mise à jour Résultat a-squared 4.5.0.50 2010.04.29 - AhnLab-V3 5.0.0.2 2010.04.29 - AntiVir 8.2.1.224 2010.04.28 - Antiy-AVL 2.0.3.7 2010.04.28 - Authentium 5.2.0.5 2010.04.29 - Avast 4.8.1351.0 2010.04.28 - Avast5 5.0.332.0 2010.04.28 - AVG 9.0.0.787 2010.04.29 - BitDefender 7.2 2010.04.29 - CAT-QuickHeal 10.00 2010.04.29 - ClamAV 0.96.0.3-git 2010.04.29 - Comodo 4707 2010.04.29 - DrWeb 5.0.2.03300 2010.04.29 - eSafe 7.0.17.0 2010.04.28 - eTrust-Vet 35.2.7456 2010.04.28 - F-Prot 4.5.1.85 2010.04.28 - F-Secure 9.0.15370.0 2010.04.29 - Fortinet 4.0.14.0 2010.04.27 - GData 21 2010.04.29 - Ikarus T3.1.1.80.0 2010.04.29 - Jiangmin 13.0.900 2010.04.29 - Kaspersky 7.0.0.125 2010.04.29 - McAfee 5.400.0.1158 2010.04.29 - McAfee-GW-Edition 6.8.5 2010.04.28 - Microsoft 1.5703 2010.04.29 - NOD32 5070 2010.04.28 - Norman 6.04.11 2010.04.28 - nProtect 2010-04-28.02 2010.04.28 - Panda 10.0.2.7 2010.04.28 - PCTools 7.0.3.5 2010.04.29 - Prevx 3.0 2010.04.29 - Rising 22.45.03.02 2010.04.29 - Sophos 4.53.0 2010.04.29 - Sunbelt 6235 2010.04.28 - Symantec 20091.2.0.41 2010.04.29 - TheHacker 6.5.2.0.272 2010.04.28 - TrendMicro 9.120.0.1004 2010.04.29 - TrendMicro-HouseCall 9.120.0.1004 2010.04.29 - VBA32 3.12.12.4 2010.04.28 - ViRobot 2010.4.27.2295 2010.04.28 - VirusBuster 5.0.27.0 2010.04.28 - Information additionnelle File size: 2870272 bytes MD5...: 9aaaec8dac27aa17b053e6352ad233ae SHA1..: 0f841176602288ee1be832573265f88ca78f4ba7 SHA256: 2d5173acf0bd6ac49670f7c83fd79af552ba9d989de8ba557459191c08a8a1af ssdeep: 49152:En4AcISFxyx5PxlPtBC6g17vYYYYYYYYYYYRYYYYYYYYYYE3iA7/eFUJN9 ojoso6:E4ATjYvYYYYYYYYYYYRYYYYYYYYYYE3O PEiD..: - PEInfo: PE Structure information ( base data ) entrypointaddress.: 0x2c138 timedatestamp.....: 0x4aebab8d (Sat Oct 31 03:14:21 2009) machinetype.......: 0x8664 (AMD64) ( 6 sections ) name viradd virsiz rawdsiz ntrpy md5 .text 0x1000 0xb79e9 0xb7a00 6.32 94607f5cea50bb5d1a7b2d25137a96b3 .rdata 0xb9000 0x2ea74 0x2ec00 3.91 3d671428ae02bdefcf61935e382eca08 .data 0xe8000 0x3ed4 0x3a00 0.85 92b3e18ae383403ea3eaf50a2624851e .pdata 0xec000 0xcc84 0xce00 6.01 8da6f0fc9290daafcd68f0f5a4a7042f .rsrc 0xf9000 0x1c2e80 0x1c3000 5.52 b4a3c49026c105984586ce6839127d94 .reloc 0x2bc000 0x2654 0x2800 5.40 7c190c6e05cf140be655ffefd35bd491 ( 19 imports ) > ADVAPI32.dll: RegCreateKeyW, RegCloseKey, RegOpenKeyExW, RegGetValueW, EventWrite, EventEnabled, GetTraceLoggerHandle, GetTraceEnableLevel, GetTraceEnableFlags, RegisterTraceGuidsW, UnregisterTraceGuids, RegQueryValueExW, GetLengthSid, GetTokenInformation, OpenProcessToken, RegCreateKeyExW, RegSetValueExW, EventRegister, EventUnregister, TraceMessage, RegOpenKeyW, RegDeleteValueW, RegQueryInfoKeyW, RegEnumValueW, LsaOpenPolicy, GetSidSubAuthorityCount, LsaClose, IsValidSid, LsaFreeMemory, StartTraceW, EnableTraceEx, StopTraceW, CryptAcquireContextW, CryptCreateHash, CryptHashData, CryptGetHashParam, CryptDestroyHash, CryptReleaseContext, StartServiceW, CreateWellKnownSid, RegEnumKeyExW, GetSidSubAuthority, LsaLookupSids, ConvertSidToStringSidW, ConvertStringSecurityDescriptorToSecurityDescriptorW, CheckTokenMembership, QueryServiceStatus, OpenSCManagerW, OpenServiceW, CloseServiceHandle, ConvertStringSidToSidW, OpenThreadToken > KERNEL32.dll: DelayLoadFailureHook, LoadLibraryExA, ReadFile, GetFileSize, CreateFileW, FlushInstructionCache, RaiseException, SetLastError, OpenThread, GetSystemTimeAsFileTime, GetLocaleInfoW, GetDateFormatW, GetTimeFormatW, GetLocalTime, MultiByteToWideChar, GetCurrentThreadId, GetCurrentProcessId, GetModuleHandleW, OpenEventW, InterlockedPopEntrySList, FindClose, FindNextFileW, GetLongPathNameW, SetProcessShutdownParameters, GetStartupInfoW, ReleaseMutex, CreateMutexW, InitializeCriticalSection, DeleteCriticalSection, VirtualAlloc, InterlockedPushEntrySList, SetUnhandledExceptionFilter, QueryPerformanceCounter, TerminateProcess, UnhandledExceptionFilter, RtlVirtualUnwind, RtlLookupFunctionEntry, RtlCaptureContext, VirtualFree, lstrcmpiW, CompareStringOrdinal, FindFirstFileW, SetErrorMode, CreateEventW, GetSystemDirectoryW, GetVersionExW, FreeLibrary, GetProcAddress, LoadLibraryW, GetUserDefaultUILanguage, WaitForSingleObject, SetTermsrvAppInstallMode, GetFileAttributesW, RegisterApplicationRestart, GlobalGetAtomNameW, ExpandEnvironmentStringsW, SystemTimeToFileTime, GetSystemTime, MulDiv, GetTickCount64, GetThreadPriority, LeaveCriticalSection, EnterCriticalSection, SetEvent, GetCurrentThread, SetThreadPriority, GetTickCount, GetUserDefaultLangID, ExitProcess, HeapDestroy, UnmapViewOfFile, MapViewOfFile, SearchPathW, GetDynamicTimeZoneInformation, GetTimeZoneInformation, GetBinaryTypeW, QueryPerformanceFrequency, QueueUserWorkItem, LoadLibraryExW, GetProductInfo, TerminateThread, CreateIoCompletionPort, GetQueuedCompletionStatus, LoadLibraryA, DeleteFileW, GetProcessId, GetModuleHandleA, GetWindowsDirectoryW, CompareStringW, lstrcmpA, CompareFileTime, QueryFullProcessImageNameW, CreateFileMappingW, ResetEvent, WideCharToMultiByte, GlobalFree, DuplicateHandle, GetCurrentDirectoryW, WaitForMultipleObjects, GetComputerNameW, GlobalLock, GlobalUnlock, GlobalAlloc, lstrlenA, DeactivateActCtx, ActivateActCtx, ReleaseActCtx, CreateActCtxW, LockResource, LoadResource, FindResourceExW, HeapAlloc, HeapFree, GetProcessHeap, GetCurrentProcess, GetCommandLineW, GetPrivateProfileStringW, GetModuleFileNameW, CreateProcessW, lstrlenW, OpenProcess, LocalFree, LocalAlloc, QueryInformationJobObject, Sleep, CreateThread, SetPriorityClass, GetPriorityClass, ResumeThread, AssignProcessToJobObject, SetInformationJobObject, GetLastError, CreateJobObjectW, CloseHandle > GDI32.dll: LPtoDP, GetRgnBox, OffsetViewportOrgEx, GetStockObject, GdiFlush, CombineRgn, OffsetRgn, SetLayout, SetWindowOrgEx, StretchBlt, GetTextExtentPoint32W, CreatePen, Polyline, GetRegionData, GetTextColor, GetLayout, GetTextMetricsW, ExtCreateRegion, SetDIBits, SelectClipRgn, SetViewportOrgEx, GetViewportOrgEx, IntersectClipRect, GetClipRgn, CreateRectRgn, GetBkColor, PatBlt, CreateBitmap, SetBkMode, SetTextColor, SetBkColor, OffsetWindowOrgEx, CreateCompatibleBitmap, GetTextExtentPointW, GetClipBox, GetObjectW, GdiAlphaBlend, BitBlt, GetDeviceCaps, CreateFontIndirectW, CreateRectRgnIndirect, CreateCompatibleDC, CreateDIBSection, SelectObject, DeleteObject, DeleteDC, ExtTextOutW > USER32.dll: CopyRect, SetRect, CreateWindowExW, DialogBoxParamW, GetClassInfoW, GetClassInfoExW, GetMenuItemInfoW, GetMenuItemCount, DefWindowProcW, ActivateKeyboardLayout, GetCursorPos, InsertMenuW, GetMenuStringW, SetMenuItemInfoW, InsertMenuItemW, IsChild, IsWinEventHookInstalled, IsProcessDPIAware, IsRectEmpty, UnionRect, GetClassLongW, SetClassLongW, GetGUIThreadInfo, GetDlgCtrlID, GetNextDlgGroupItem, GetNextDlgTabItem, MoveWindow, ChildWindowFromPointEx, GetWindowDC, CharUpperW, UnregisterClassW, FrameRect, WindowFromDC, SendMessageCallbackW, UpdateLayeredWindow, GetUserObjectInformationW, GetProcessWindowStation, GetThreadDesktop, ShowWindowAsync, BringWindowToTop, GetClassLongPtrW, GetIconInfo, RegisterShellHookWindow, DeregisterShellHookWindow, FlashWindowEx, SetThreadDesktop, EndTask, OpenInputDesktop, CloseDesktop, GetMenuState, IsZoomed, SetScrollInfo, GetScrollInfo, SetScrollPos, InternalGetWindowText, GetWindowInfo, GetCaretBlinkTime, SetLayeredWindowAttributes, GetLayeredWindowAttributes, GetUpdateRect, SetWindowsHookExW, UnhookWindowsHookEx, CallNextHookEx, SetFocus, GetAncestor, ReleaseCapture, GetDoubleClickTime, RegisterWindowMessageW, SetWindowTextW, SetWindowPlacement, SetRectEmpty, EnumDisplayMonitors, InflateRect, EqualRect, UpdateWindow, GetMonitorInfoW, MonitorFromPoint, MonitorFromRect, CharPrevW, GetMessageW, TranslateMessage, DispatchMessageW, CreatePopupMenu, GetMenuDefaultItem, SendNotifyMessageW, LockSetForegroundWindow, ChangeWindowMessageFilterEx, IntersectRect, MonitorFromWindow, IsWindowVisible, GetForegroundWindow, EnumWindows, GetParent, IsWindow, TranslateAcceleratorW, WaitMessage, GetWindowTextW, GetClientRect, TrackPopupMenuEx, SetActiveWindow, GetKeyState, GhostWindowFromHungWindow, RegisterClassW, LoadCursorW, SubtractRect, RedrawWindow, BeginDeferWindowPos, DeferWindowPos, EndDeferWindowPos, InvalidateRect, OffsetRect, SendMessageTimeoutW, SetWindowRgn, UpdateLayeredWindowIndirect, GetWindowRgnBox, LoadImageW, GetWindowPlacement, SetForegroundWindow, GetLastInputInfo, RemovePropW, GetLastActivePopup, SwitchToThisWindow, MessageBeep, GetActiveWindow, GetFocus, SetCursor, UnregisterHotKey, RegisterHotKey, SendDlgItemMessageW, EndDialog, GetDesktopWindow, GetAsyncKeyState, ChildWindowFromPoint, SetCursorPos, GetMessagePos, BeginPaint, FillRect, DrawEdge, EndPaint, GetSystemMenu, EnableMenuItem, ExitWindowsEx, LoadIconW, DestroyIcon, IsIconic, DeleteMenu, CheckMenuItem, ModifyMenuW, WindowFromPoint, ClientToScreen, TrackPopupMenu, IsHungAppWindow, GetWindowThreadProcessId, AppendMenuW, CascadeWindows, TileWindows, LockWorkStation, ScreenToClient, RegisterClipboardFormatW, NotifyWinEvent, GetSysColor, DrawFocusRect, AdjustWindowRectEx, CopyIcon, MsgWaitForMultipleObjects, SetWinEventHook, RegisterClassExW, GetDlgItem, EnableWindow, GetDlgItemInt, SetDlgItemInt, IsDlgButtonChecked, IsWindowEnabled, CheckDlgButton, CallWindowProcW, SetCapture, DrawTextW, AdjustWindowRect, CalculatePopupWindowPosition, GetMessageExtraInfo, GetCapture, SetGestureConfig, DrawIconEx, RemoveMenu, SetMenuDefaultItem, LoadMenuW, GetSubMenu, AllowSetForegroundWindow, LoadAcceleratorsW, TrackMouseEvent, CharNextW, GetWindow, GetSysColorBrush, GetPropW, HungWindowFromGhostWindow, SetWindowCompositionAttribute, GetWindowLongW, MsgWaitForMultipleObjectsEx, EnumChildWindows, SendMessageW, PtInRect, GetKeyboardLayout, GetWindowRect, DestroyMenu, SystemParametersInfoW, ShowWindow, MapWindowPoints, SetTimer, SetPropW, KillTimer, SetWindowPos, GetWindowLongPtrW, PostQuitMessage, SetWindowLongPtrW, DestroyWindow, ShutdownBlockReasonCreate, LoadStringW, PostMessageW, PeekMessageW, ReleaseDC, GetDC, FindWindowW, GetSystemMetrics, GetShellWindow, GetClassNameW > msvcrt.dll: _vsnwprintf, free, wcsstr, iswalpha, wcschr, realloc, _wcsicmp, cosf, _wtoi, memcmp, sqrt, ceil, bsearch, __wgetmainargs, __C_specific_handler, _XcptFilter, _exit, _cexit, exit, _wcmdln, _initterm, _amsg_exit, __setusermatherr, _commode, _terminate@@YAXXZ, _onexit, _lock, __dllonexit, _unlock, __set_app_type, memmove, memcpy, memset, _fmode, malloc, sin > ntdll.dll: WinSqmSetString, WinSqmSetDWORD, WinSqmAddToStreamEx, NtSetSystemInformation, WinSqmAddToStream, WinSqmEventEnabled, WinSqmIsOptedIn, NtSetInformationProcess, NtQueryInformationToken, NtOpenProcessToken, NtClose, NtOpenThreadToken, RtlGetProductInfo, EtwEventEnabled, EtwEventWrite, NtQueryInformationProcess > SHLWAPI.dll: StrStrIW, -, -, AssocQueryStringW, PathQuoteSpacesW, -, SHDeleteKeyW, -, -, SHRegGetUSValueW, -, -, -, -, -, -, -, PathIsNetworkPathW, -, SHOpenRegStream2W, -, SHRegGetBoolUSValueW, -, SHStrDupW, StrChrIW, -, -, -, PathFileExistsW, PathGetDriveNumberW, -, -, -, -, -, PathRemoveFileSpecW, PathIsDirectoryW, -, -, SHRegGetValueW, -, ChrCmpIW, -, AssocQueryKeyW, PathStripPathW, -, PathIsRootW, -, PathParseIconLocationW, StrCmpIW, -, StrCmpW, PathIsPrefixW, -, -, -, -, -, -, SHCreateStreamOnFileW, SHQueryInfoKeyW, StrCmpNW, StrTrimW, -, -, -, PathStripToRootW, StrRetToBufW, PathCommonPrefixW, -, -, -, -, SHStrDupA, -, PathRemoveExtensionW, -, PathIsFileSpecW, -, -, AssocCreate, -, -, -, StrRetToStrW, StrToIntW, StrChrW, -, -, -, PathCombineW, -, SHCreateThreadRef, SHSetThreadRef, -, SHGetValueW, PathFindFileNameW, PathRemoveArgsW, PathRemoveBlanksW, StrCmpNIW, PathGetArgsW, -, -, SHSetValueW, SHDeleteValueW, PathAppendW, -, -, -, -, -, -, PathFindExtensionW, -, - > SHELL32.dll: -, -, -, SHCreateDataObject, SHGetLocalizedName, -, -, -, -, -, -, Shell_GetCachedImageIndexW, -, -, -, -, -, -, SHGetStockIconInfo, -, -, SHGetPropertyStoreForWindow, -, -, -, -, -, -, SHGetSpecialFolderLocation, SHCreateItemWithParent, SHBindToFolderIDListParent, SHBindToFolderIDListParentEx, -, SHChangeNotify, -, -, SHGetFileInfoW, -, -, -, SHParseDisplayName, -, -, SHGetFolderLocation, -, SHGetSpecialFolderPathW, SHBindToObject, -, -, -, -, -, -, SHGetKnownFolderIDList, ShellExecuteExW, -, -, -, -, SHGetNameFromIDList, -, SHCreateShellItem, -, -, -, -, SHChangeNotifyRegisterThread, -, -, -, -, -, -, -, -, -, -, SHGetPathFromIDListW, -, -, SHFileOperationW, SHGetFolderPathEx, SHUpdateRecycleBinIcon, -, -, -, -, SHBindToParent, SHGetFolderPathW, SHGetPathFromIDListA, ShellExecuteW, SHEnableServiceObject, -, -, -, -, SHGetIDListFromObject, -, SHCreateItemFromIDList, -, SHAddToRecentDocs, Shell_NotifyIconW, Shell_NotifyIconGetRect, ExtractIconExW, SHEvaluateSystemCommandTemplate, -, SHCreateShellItemArrayFromIDLists, -, -, DragQueryFileW, SHGetKnownFolderPath, SHCreateShellItemArrayFromShellItem, SHCreateItemFromParsingName, - > ole32.dll: CoInitializeEx, CLSIDFromString, CoGetMalloc, CoGetInterfaceAndReleaseStream, RevokeDragDrop, RegisterDragDrop, CoUninitialize, CoInitialize, CoMarshalInterThreadInterfaceInStream, CoFreeUnusedLibraries, CoRegisterMessageFilter, StringFromGUID2, OleUninitialize, OleInitialize, CoRevokeClassObject, CoRegisterClassObject, CoCreateInstance, CoTaskMemFree, CreateStreamOnHGlobal, ReleaseStgMedium, PropVariantClear, CreateBindCtx, CoTaskMemAlloc, CoCreateFreeThreadedMarshaler > OLEAUT32.dll: -, -, -, -, -, - > EXPLORERFRAME.dll: -, - > UxTheme.dll: GetThemeBackgroundExtent, GetThemeBackgroundRegion, GetThemeColor, IsThemePartDefined, GetThemeRect, DrawThemeIcon, GetBufferedPaintBits, BufferedPaintClear, IsAppThemed, IsCompositionActive, OpenThemeData, CloseThemeData, SetWindowTheme, GetThemeMetric, DrawThemeBackground, GetThemeTextExtent, DrawThemeText, GetThemeBool, DrawThemeParentBackground, GetWindowTheme, GetThemeBackgroundContentRect, GetThemePartSize, BeginBufferedPaint, DrawThemeTextEx, EndBufferedPaint, GetThemeMargins, BufferedPaintInit, BufferedPaintUnInit, IsThemeActive, - > POWRPROF.dll: CallNtPowerInformation, PowerDeterminePlatformRole, GetPwrCapabilities > dwmapi.dll: -, -, DwmEnableBlurBehindWindow, DwmSetWindowAttribute, DwmIsCompositionEnabled, DwmQueryThumbnailSourceSize, -, DwmUpdateThumbnailProperties, DwmUnregisterThumbnail, -, - > slc.dll: SLGetWindowsInformationDWORD > gdiplus.dll: GdipSetInterpolationMode, GdipDrawImageRectI, GdipCloneImage, GdipGetImageWidth, GdipGetImageHeight, GdipCreateBitmapFromHBITMAP, GdiplusStartup, GdiplusShutdown, GdipFree, GdipAlloc, GdipDisposeImage, GdipCreateFromHDC, GdipDeleteGraphics, GdipSetCompositingMode > Secur32.dll: GetUserNameExW > RPCRT4.dll: NdrClientCall3, I_RpcExceptionFilter, RpcStringFreeW, RpcBindingFree, RpcBindingSetAuthInfoExW, RpcStringBindingComposeW, RpcBindingFromStringBindingW > PROPSYS.dll: PSCreateMemoryPropertyStore, VariantToStringAlloc, VariantToStringWithDefault, PropVariantToString, VariantToBooleanWithDefault, PropVariantToInt64, VariantToInt32WithDefault, PropVariantToBoolean, PropVariantToUInt64, PropVariantToUInt32, PropVariantToStringAlloc ( 0 exports ) RDS...: NSRL Reference Data Set - pdfid.: - sigcheck: publisher....: Microsoft Corporation copyright....: © Microsoft Corporation. All rights reserved. product......: Microsoft_ Windows_ Operating System description..: Windows Explorer original name: EXPLORER.EXE internal name: explorer file version.: 6.1.7600.16450 (win7_gdr.091030-1504) comments.....: n/a signers......: - signing date.: - verified.....: Unsigned trid..: Win64 Executable Generic (95.5%) Generic Win/DOS Executable (2.2%) DOS Executable Generic (2.2%) Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%) ATTENTION: VirusTotal est un service gratuit offert par Hispasec Sistemas. Il n'y a aucune garantie quant à la disponibilité et la continuité de ce service. Bien que le taux de détection permis par l'utilisation de multiples moteurs antivirus soit bien supérieur à celui offert par seulement un produit, ces résultats NE garantissent PAS qu'un fichier est sans danger. Il n'y a actuellement aucune solution qui offre un taux d'efficacité de 100% pour la détection des virus et malwares. VirusTotal © Hispasec Sistemas - Blog - Contact: info@virustotal.com - Terms of Service & Privacy Policy
  12. minebere

    virus

    minebere a répondu à un(e) sujet de minebere dans Analyses et éradication malwares

    Bonjour, Merci encore de te préoccuper de mon cas. J'ai Windows 7. En fait cela a commencé par une alerte de mon anti vrus windows essential security me signalant le virus nommé ci dessus et m'indiquant qu'il étéit supprimé. je l'ai donc pensé. Mais quand j'ai voulu mettre les mises à jour windows, impossible . A part ça rien de différent. Comme je suis au bureau je n'ai pas encore fait ce que tu dis au dessus, à propos du lien "virus total". Je le fais dès que possible. On m'a parlé aussi de Combo fix pour l'analyse qu'en penses tu? Est ce dangereux de continuer à me servir de l'ordi tant qu'il n'est pas complètement désinfecté? Merci encore bonne journée et à plus tard
  13. minebere

    virus

    minebere a répondu à un(e) sujet de minebere dans Analyses et éradication malwares

  14. minebere

    virus

    minebere a répondu à un(e) sujet de minebere dans Analyses et éradication malwares

    Bonjour, Je l'ai enregistrer sur mon bureau mais: Impossible d'exécuter le logiciel; C:\Arnaud\Desktop\OTL.exe n'est pas une aplication Win 32 valide. Qu'est ce que cela veut dire s'il vous plait. Bonne journée
  15. minebere

    virus

    minebere a répondu à un(e) sujet de minebere dans Analyses et éradication malwares

  16. minebere

    virus

    minebere a répondu à un(e) sujet de minebere dans Analyses et éradication malwares

    Bonjour, Je te remercie pour ta réponse et du temps que tu as pris. Comme je travaille, je vais essayer dès que je peux de faire ce que tu m'as dit et je te tiens au courrant. Bonne journée
  17. minebere
    Bonjour, Je suis novice en informatique. En voulant faire les mises à jour de windows, je viens de m'apercevoir que l'ordi est infecté par Win32/Brontok@mm. Donc les mises à jour ne peuvent pas se faire. Comment faire pour éradiquer ce virus. J'ai été sur des sites mais cela à l'air compliqué pour qq qui débute. Merci pour votre aide
×
×
  • Créer...