Un virus sur mon ordinateur !!!
Hors ligneCoralie63 Le 12/04/2010 à 17:43 Profil de Coralie63 Configuration de Coralie63

Bonjour à toutes et tous !!!

Voici la définition du virus qui vient de squatter mon ordinateur  : WORM/Ircbot.94866.1

D' avance un grand MERCI à tout ceux qui m' aideront à m' en débarrasser ...l

 

Hors ligneMister_masque Le 12/04/2010 à 18:58 Profil de Mister_masque Configuration de Mister_masque

Salut :)

 

Télécharge http://oldtimer.geekstogo.com/OTL.exe sur ton Bureau.

 

Fait un double-clic sur l'icône d'OTL pour le lancer

Assure toi d'avoir fermé toutes les applications en court de fonctionnement

Quand la fenêtre d'OTL apparaît, assure toi que dans la section "Rapport" (en haut à droite) la case "Rapport Minimal" soit cochée.

 

Copies et colles le contenue de cette citation dans la partie inférieure d'OTL "Personalisation"

 

 

netsvcs
msconfig
safebootminimal
drivers32
/md5start
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
vaxscsi.sys
nvatabus.sys
SiSRaid.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
nvstor32.sys
ahcix86s.sys
nvrd32.sys
/md5stop
%SYSTEMDRIVE%\*.exe
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles

 

Cliques sur l'icône "Analyse" (en haut à gauche) .

Laisse le scan aller à son terme sans te servir du PC

A la fin du scan un ou deux rapports vont s'ouvrir "OTL.Txt" et ( ou ) "Extras.Txt"( dans certains cas).

Copie et colle le ou les rapports dans ta réponse

 

@+

--
Hors ligneCoralie63 Le 13/04/2010 à 08:37 Profil de Coralie63 Configuration de Coralie63

Mister_masque a écrit:

Salut :)

 

Télécharge http://oldtimer.geekstogo.com/OTL.exe sur ton Bureau.

 

Fait un double-clic sur l'icône d'OTL pour le lancer

Assure toi d'avoir fermé toutes les applications en court de fonctionnement

Quand la fenêtre d'OTL apparaît, assure toi que dans la section "Rapport" (en haut à droite) la case "Rapport Minimal" soit cochée.

 

Copies et colles le contenue de cette citation dans la partie inférieure d'OTL "Personalisation"

 

 

netsvcs
msconfig
safebootminimal
drivers32
/md5start
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
vaxscsi.sys
nvatabus.sys
SiSRaid.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
nvstor32.sys
ahcix86s.sys
nvrd32.sys
/md5stop
%SYSTEMDRIVE%\*.exe
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles

 

Cliques sur l'icône "Analyse" (en haut à gauche) .

Laisse le scan aller à son terme sans te servir du PC

A la fin du scan un ou deux rapports vont s'ouvrir "OTL.Txt" et ( ou ) "Extras.Txt"( dans certains cas).

Copie et colle le ou les rapports dans ta réponse

 

@+

Bonjour et merci pour ton aide , voici le rapport que tu m' as demandé : 

 

OTL logfile created on: 13/04/2010 08:30:57 - Run 1
OTL by OldTimer - Version 3.2.1.1     Folder = C:\Users\Jean Paul & Coralie\Documents\Downloads
Windows Vista Home Premium Edition  (Version = 6.0.6000) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18904)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy
 
3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 64,00% Memory free
6,00 Gb Paging File | 5,00 Gb Available in Paging File | 82,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 136,36 Gb Total Space | 38,66 Gb Free Space | 28,35% Space Free | Partition Type: NTFS
Drive D: | 10,00 Gb Total Space | 5,80 Gb Free Space | 58,01% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
 
Computer Name: PC
Current User Name: Jean Paul & Coralie
Logged in as Administrator.
 
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
 
[color=#E56717]========== Processes (SafeList) ==========[/color]
 
PRC - [2010/04/13 08:30:29 | 000,561,664 | ---- | M] (OldTimer Tools) -- C:\Users\Jean Paul & Coralie\Documents\Downloads\OTL.exe
PRC - [2010/04/11 08:16:33 | 000,094,866 | ---- | M] () -- C:\Users\Public\infocard.exe
PRC - [2010/03/28 05:13:16 | 000,530,416 | ---- | M] (Google Inc.) -- C:\Users\Jean Paul & Coralie\AppData\Local\Google\Chrome\Application\chrome.exe
PRC - [2009/10/07 09:55:27 | 000,185,089 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2009/10/07 09:55:27 | 000,108,289 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2009/03/02 13:08:11 | 000,209,153 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2009/02/06 18:07:48 | 000,027,512 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Contacts\wlcomm.exe
PRC - [2009/01/26 16:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
PRC - [2008/10/29 08:20:29 | 002,923,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008/01/02 06:37:16 | 000,405,504 | ---- | M] (IDT, Inc.) -- C:\Program Files\Sigmatel\C-Major Audio\WDM\sttray.exe
PRC - [2008/01/02 06:37:08 | 000,102,400 | ---- | M] (IDT, Inc.) -- C:\Windows\System32\stacsv.exe
PRC - [2008/01/02 06:37:02 | 000,073,728 | ---- | M] (Andrea Electronics Corporation) -- C:\Windows\System32\AEstSrv.exe
PRC - [2007/12/03 07:58:54 | 000,036,864 | ---- | M] (Creative Technology Ltd.) -- C:\Windows\OEM02Mon.exe
PRC - [2007/11/28 13:12:40 | 000,095,584 | ---- | M] (Microsoft® Corporation) -- C:\PROGRA~1\MICROS~3\WkDStore.exe
PRC - [2007/11/28 13:12:40 | 000,091,488 | ---- | M] (Microsoft® Corporation) -- C:\PROGRA~1\MICROS~3\wkgdcach.exe
PRC - [2007/11/15 11:23:56 | 000,202,544 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\Dell Support Center\bin\sprtsvc.exe
PRC - [2007/11/15 11:23:56 | 000,202,544 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\Dell Support Center\bin\sprtcmd.exe
PRC - [2007/09/24 11:27:38 | 000,040,960 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\HidFind.exe
PRC - [2007/09/24 11:27:30 | 000,159,744 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\Apoint.exe
PRC - [2007/09/24 11:27:28 | 000,050,736 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\ApMsgFwd.exe
PRC - [2007/09/24 11:27:28 | 000,049,152 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\Apntex.exe
PRC - [2006/11/02 11:44:59 | 000,068,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conime.exe
 
 
[color=#E56717]========== Modules (SafeList) ==========[/color]
 
MOD - [2010/04/13 08:30:29 | 000,561,664 | ---- | M] (OldTimer Tools) -- C:\Users\Jean Paul & Coralie\Documents\Downloads\OTL.exe
MOD - [2006/11/02 11:38:57 | 001,648,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll
 
 
[color=#E56717]========== Win32 Services (SafeList) ==========[/color]
 
SRV - [2009/10/07 09:55:27 | 000,185,089 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2009/10/07 09:55:27 | 000,108,289 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2009/01/26 16:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) [Auto | Running] -- C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe -- (SBSDWSCService)
SRV - [2008/12/12 21:39:26 | 000,029,744 | ---- | M] (Google) [On_Demand | Stopped] -- C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe -- (GoogleDesktopManager-061008-081103)
SRV - [2008/03/26 08:46:11 | 000,265,912 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)
SRV - [2008/01/02 06:37:08 | 000,102,400 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\System32\stacsv.exe -- (STacSV)
SRV - [2008/01/02 06:37:02 | 000,073,728 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\System32\AEstSrv.exe -- (AESTFilters)
SRV - [2007/11/15 11:23:56 | 000,202,544 | ---- | M] (SupportSoft, Inc.) [Auto | Running] -- C:\Program Files\Dell Support Center\bin\sprtsvc.exe -- (sprtsvc_dellsupportcenter) SupportSoft Sprocket Service (dellsupportcenter)
 
 
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
 
DRV - [2009/12/10 21:27:14 | 000,056,816 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2009/10/07 09:55:27 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2009/05/25 13:12:28 | 000,012,928 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\lgvmodem.sys -- (LGVMODEM)
DRV - [2009/05/25 13:12:28 | 000,012,032 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\lgbtport.sys -- (LgBttPort)
DRV - [2009/05/25 13:12:26 | 000,010,496 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\lgbtbus.sys -- (lgbusenum)
DRV - [2009/03/30 10:32:47 | 000,096,104 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2009/02/13 12:34:33 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Program Files\Avira\AntiVir Desktop\avgio.sys -- (avgio)
DRV - [2008/07/08 15:55:56 | 000,121,344 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgmdmdm.sys -- (lgmdmdm)
DRV - [2008/07/08 15:55:56 | 000,114,944 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgmdmgmt.sys -- (lgmdmgmt) LG Mobile USB WMC Device Management Drivers (WDM)
DRV - [2008/07/08 15:55:56 | 000,111,232 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgmdobex.sys -- (lgmdobex)
DRV - [2008/07/08 15:55:56 | 000,089,600 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgmdbus.sys -- (lgmdbus) LG Mobile driver (WDM)
DRV - [2008/07/08 15:55:56 | 000,014,976 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgmdmdfl.sys -- (lgmdmdfl)
DRV - [2008/03/26 08:57:00 | 000,020,152 | ---- | M] (VIA Technologies, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\viaide.sys -- (viaide)
DRV - [2008/03/26 08:57:00 | 000,019,128 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide)
DRV - [2008/03/26 08:57:00 | 000,017,592 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\aliide.sys -- (aliide)
DRV - [2008/01/02 06:37:18 | 000,330,240 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\stwrt.sys -- (STHDA)
DRV - [2007/12/12 09:03:12 | 001,044,984 | ---- | M] (Broadcom Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\BCMWL6.SYS -- (BCM43XX)
DRV - [2007/12/03 07:59:06 | 000,007,424 | ---- | M] (EyePower Games Pte. Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\OEM02Vfx.sys -- (OEM02Vfx)
DRV - [2007/12/03 07:58:50 | 000,235,648 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\OEM02Dev.sys -- (OEM02Dev)
DRV - [2007/09/25 10:40:58 | 007,617,600 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2007/09/24 11:27:26 | 000,155,136 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Apfiltr.sys -- (ApfiltrService)
DRV - [2007/02/12 23:36:54 | 000,277,784 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\iastor.sys -- (iaStor)
DRV - [2006/11/27 09:48:46 | 000,037,376 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rixdptsk.sys -- (rismxdp)
DRV - [2006/11/27 09:48:44 | 000,043,520 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimsptsk.sys -- (rimsptsk)
DRV - [2006/11/27 09:48:44 | 000,032,256 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2006/11/21 14:25:44 | 000,045,568 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\bcm4sbxp.sys -- (bcm4sbxp)
DRV - [2006/11/03 04:43:30 | 000,986,624 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSX_DPV.sys -- (HSF_DPV)
DRV - [2006/11/03 04:42:18 | 000,206,848 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSXHWAZL.sys -- (HSXHWAZL)
DRV - [2006/11/03 04:42:08 | 000,659,968 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSX_CNXT.sys -- (winachsf)
DRV - [2006/11/02 11:51:45 | 000,900,712 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300)
DRV - [2006/11/02 11:51:38 | 000,420,968 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx)
DRV - [2006/11/02 11:51:34 | 000,316,520 | ---- | M] (Emulex) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor)
DRV - [2006/11/02 11:51:32 | 000,297,576 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci)
DRV - [2006/11/02 11:51:25 | 000,235,112 | ---- | M] (ULi Electronics Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci)
DRV - [2006/11/02 11:51:25 | 000,232,040 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV)
DRV - [2006/11/02 11:51:00 | 000,147,048 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320)
DRV - [2006/11/02 11:50:45 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2)
DRV - [2006/11/02 11:50:41 | 000,112,232 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid)
DRV - [2006/11/02 11:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx)
DRV - [2006/11/02 11:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata)
DRV - [2006/11/02 11:50:35 | 000,098,408 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m)
DRV - [2006/11/02 11:50:24 | 000,088,680 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid)
DRV - [2006/11/02 11:50:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960)
DRV - [2006/11/02 11:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp)
DRV - [2006/11/02 11:50:16 | 000,071,784 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4)
DRV - [2006/11/02 11:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor)
DRV - [2006/11/02 11:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx)
DRV - [2006/11/02 11:50:10 | 000,067,688 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas)
DRV - [2006/11/02 11:50:10 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI)
DRV - [2006/11/02 11:50:10 | 000,038,504 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid2.sys -- (SiSRaid2)
DRV - [2006/11/02 11:50:10 | 000,037,480 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs)
DRV - [2006/11/02 11:50:09 | 000,067,688 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arc.sys -- (arc)
DRV - [2006/11/02 11:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid)
DRV - [2006/11/02 11:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi)
DRV - [2006/11/02 11:50:05 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS)
DRV - [2006/11/02 11:50:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx)
DRV - [2006/11/02 11:50:04 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC)
DRV - [2006/11/02 11:50:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3)
DRV - [2006/11/02 11:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x)
DRV - [2006/11/02 11:49:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi)
DRV - [2006/11/02 11:49:53 | 000,028,776 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasas.sys -- (megasas)
DRV - [2006/11/02 10:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
DRV - [2006/11/02 10:24:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer)
DRV - [2006/11/02 10:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp)
DRV - [2006/11/02 10:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo)
DRV - [2006/11/02 10:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm)
DRV - [2006/11/02 10:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm)
DRV - [2006/11/02 09:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi)
DRV - [2006/11/02 09:36:43 | 002,028,032 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (R300)
DRV - [2006/11/02 09:30:55 | 000,200,704 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\e1e6032.sys -- (e1express) Pilote de la connexion réseau Intel(R)
DRV - [2006/11/02 09:30:54 | 000,117,760 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60) Intel(R)
DRV - [2006/08/05 02:39:10 | 000,008,192 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio)
 
 
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== Internet Explorer ==========[/color]
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://gllod.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
 
FF - HKLM\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2009/09/18 11:09:36 | 000,000,000 | ---D | M]
 
[2010/02/08 12:13:14 | 000,000,000 | ---D | M] -- C:\Users\Jean Paul & Coralie\AppData\Roaming\mozilla\Extensions
[2010/02/08 12:13:14 | 000,000,000 | ---D | M] -- C:\Users\Jean Paul & Coralie\AppData\Roaming\mozilla\Extensions\mozswing@mozswing.org
 
O1 HOSTS File: ([2006/09/18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1             localhost
O2 - BHO: (HP Print Enhancer) - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Dell\BAE\BAE.dll (Dell Inc.)
O2 - BHO: (HP Smart BHO Class) - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
O4 - HKLM..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe (Alps Electric Co., Ltd.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [DellSupportCenter] C:\Program Files\Dell Support Center\bin\sprtcmd.exe (SupportSoft, Inc.)
O4 - HKLM..\Run: [dscactivate] C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe ( )
O4 - HKLM..\Run: [ECenter] C:\DELL\E-Center\EULALauncher.exe ( )
O4 - HKLM..\Run: [Firewall Administrating] C:\Users\Public\infocard.exe ()
O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [MSConfig] C:\Windows\System32\msconfig.exe (Microsoft Corporation)
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NVHotkey] C:\Windows\System32\nvHotkey.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvSvc] C:\Windows\System32\nvsvc.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [OEM02Mon.exe] C:\Windows\OEM02Mon.exe (Creative Technology Ltd.)
O4 - HKLM..\Run: [SigmatelSysTrayApp] C:\Program Files\SigmaTel\C-Major Audio\WDM\sttray.exe (IDT, Inc.)
O4 - HKCU..\Run: [DellSupportCenter] C:\Program Files\Dell Support Center\bin\sprtcmd.exe (SupportSoft, Inc.)
O4 - HKCU..\Run: [Firewall Administrating] C:\Users\Public\infocard.exe ()
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)
O9 - Extra Button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: Afficher ou masquer l'HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll (Safer Networking Limited)
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Ranges: GD ([http] in Local intranet)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_19-windows-i586.cab (Java Plug-in 1.6.0_19)
O16 - DPF: {CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_19-windows-i586.cab (Java Plug-in 1.6.0_19)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_19-windows-i586.cab (Java Plug-in 1.6.0_19)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\PROGRA~1\COMMON~1\MICROS~1\WEBCOM~1\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\PROGRA~1\COMMON~1\MICROS~1\WEBCOM~1\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL) - C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL (Google)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Jean Paul & Coralie\Pictures\Eté 2009\DSC03296.JPG
O24 - Desktop BackupWallPaper: C:\Users\Jean Paul & Coralie\Pictures\Eté 2009\DSC03296.JPG
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{3bee2f03-aa6b-11de-b601-001d09c79778}\Shell - "" = AutoRun
O33 - MountPoints2\{3bee2f03-aa6b-11de-b601-001d09c79778}\Shell\AutoRun\command - "" = G:\LaunchU3.exe -- File not found
O33 - MountPoints2\{7f527107-2424-11de-a23b-001d09c79778}\Shell\AutoRun\command - "" = F:\InstallTomTomHOME.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
 
[2010/04/12 00:29:28 | 000,000,000 | ---D | C] -- C:\Users\Jean Paul & Coralie\Documents\Downloads
[2010/04/11 22:35:23 | 000,000,000 | ---D | C] -- C:\Users\Jean Paul & Coralie\AppData\Local\Deployment
[2010/04/03 13:37:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2010/04/03 13:37:31 | 000,153,376 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe
[2010/04/03 13:37:31 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe
[2010/04/03 13:37:31 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe
[2010/03/31 07:24:15 | 001,638,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2010/03/31 07:24:15 | 001,469,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2010/03/31 07:24:15 | 000,611,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll
[2010/03/31 07:24:15 | 000,594,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2010/03/31 07:24:15 | 000,387,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2010/03/31 07:24:15 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2010/03/31 07:24:15 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2010/03/31 07:24:15 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2010/03/31 07:24:15 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2010/03/31 07:24:15 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2010/03/31 07:24:15 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2010/03/31 07:24:15 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2010/03/31 07:24:15 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2010/03/31 07:24:15 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2010/03/31 07:24:15 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2010/03/24 09:42:18 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\browserchoice.exe
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
 
[2010/04/13 08:31:42 | 006,815,744 | -HS- | M] () -- C:\Users\Jean Paul & Coralie\ntuser.dat
[2010/04/13 08:30:40 | 000,000,460 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{9B2C8687-78F4-4ABA-9752-4C79630F6FF5}.job
[2010/04/13 07:45:04 | 001,519,970 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2010/04/13 07:45:04 | 000,693,588 | ---- | M] () -- C:\Windows\System32\perfh00C.dat
[2010/04/13 07:45:04 | 000,613,046 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010/04/13 07:45:04 | 000,118,450 | ---- | M] () -- C:\Windows\System32\perfc00C.dat
[2010/04/13 07:45:04 | 000,104,768 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010/04/13 07:40:20 | 000,028,665 | ---- | M] () -- C:\Users\Jean Paul & Coralie\AppData\Roaming\nvModes.001
[2010/04/13 07:40:05 | 000,003,472 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010/04/13 07:40:05 | 000,003,472 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010/04/13 07:40:02 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010/04/13 07:39:54 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010/04/12 23:39:46 | 000,001,080 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3259191653-780756460-2240654689-1000Core.job
[2010/04/12 22:40:00 | 000,001,132 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3259191653-780756460-2240654689-1000UA.job
[2010/04/12 20:13:31 | 004,214,826 | -H-- | M] () -- C:\Users\Jean Paul & Coralie\AppData\Local\IconCache.db
[2010/04/12 19:45:45 | 000,028,665 | ---- | M] () -- C:\Users\Jean Paul & Coralie\AppData\Roaming\nvModes.dat
[2010/04/11 22:45:36 | 000,002,114 | ---- | M] () -- C:\Users\Jean Paul & Coralie\Desktop\Google Chrome.lnk
[2010/04/09 13:50:42 | 000,002,834 | ---- | M] () -- C:\Users\Jean Paul & Coralie\AppData\Roaming\wklnhst.dat
[2010/04/08 16:48:33 | 000,001,921 | ---- | M] () -- C:\Users\Public\Desktop\Sam Swift et les roses cachées d'Athènes.lnk
[2010/04/05 22:18:03 | 000,001,614 | ---- | M] () -- C:\Users\Jean Paul & Coralie\Desktop\Calculator.lnk
[2010/04/03 13:33:39 | 000,000,844 | ---- | M] () -- C:\Users\Jean Paul & Coralie\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/04/02 18:14:25 | 000,017,408 | ---- | M] () -- C:\Users\Jean Paul & Coralie\Documents\Enveloppe EQUI FORME.wps
[2010/04/02 08:03:30 | 000,002,022 | ---- | M] () -- C:\Users\Jean Paul & Coralie\Desktop\Autour du Monde.lnk
[2010/03/30 00:46:30 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010/03/30 00:45:52 | 000,020,824 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2010/03/24 09:50:22 | 000,001,591 | ---- | M] () -- C:\Users\Public\Desktop\Choix de navigateur .lnk
[2010/03/21 13:46:51 | 000,001,702 | ---- | M] () -- C:\Users\Jean Paul & Coralie\Desktop\LimeWire 5.5.7.lnk
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
[color=#E56717]========== Files Created - No Company Name ==========[/color]
 
[2010/04/11 22:45:36 | 000,002,114 | ---- | C] () -- C:\Users\Jean Paul & Coralie\Desktop\Google Chrome.lnk
[2010/04/11 22:35:48 | 000,001,132 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3259191653-780756460-2240654689-1000UA.job
[2010/04/11 22:35:45 | 000,001,080 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3259191653-780756460-2240654689-1000Core.job
[2010/04/08 16:48:33 | 000,001,921 | ---- | C] () -- C:\Users\Public\Desktop\Sam Swift et les roses cachées d'Athènes.lnk
[2010/04/05 22:18:03 | 000,001,614 | ---- | C] () -- C:\Users\Jean Paul & Coralie\Desktop\Calculator.lnk
[2010/04/03 13:33:39 | 000,000,844 | ---- | C] () -- C:\Users\Jean Paul & Coralie\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/04/02 08:03:30 | 000,002,022 | ---- | C] () -- C:\Users\Jean Paul & Coralie\Desktop\Autour du Monde.lnk
[2010/03/24 09:50:22 | 000,001,591 | ---- | C] () -- C:\Users\Public\Desktop\Choix de navigateur .lnk
[2010/03/21 13:46:51 | 000,001,702 | ---- | C] () -- C:\Users\Jean Paul & Coralie\Desktop\LimeWire 5.5.7.lnk
[2009/12/16 12:30:12 | 000,000,184 | ---- | C] () -- C:\Users\Jean Paul & Coralie\AppData\Local\setup.log
[2009/12/16 12:30:03 | 000,000,487 | ---- | C] () -- C:\Users\Jean Paul & Coralie\AppData\Local\intall.iss
[2009/10/05 20:12:35 | 000,000,642 | ---- | C] () -- C:\Windows\ODBC.INI
[2009/08/03 15:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll
[2009/05/03 17:31:24 | 000,524,288 | -HS- | C] () -- C:\Users\Jean Paul & Coralie\ntuser.dat{53e57fd9-37f7-11de-9882-001d09c79778}.TMContainer00000000000000000002.regtrans-ms
[2009/05/03 17:31:24 | 000,524,288 | -HS- | C] () -- C:\Users\Jean Paul & Coralie\ntuser.dat{53e57fd9-37f7-11de-9882-001d09c79778}.TMContainer00000000000000000001.regtrans-ms
[2009/05/03 17:31:24 | 000,065,536 | -HS- | C] () -- C:\Users\Jean Paul & Coralie\ntuser.dat{53e57fd9-37f7-11de-9882-001d09c79778}.TM.blf
[2009/04/17 16:02:10 | 000,000,552 | ---- | C] () -- C:\Users\Jean Paul & Coralie\AppData\Local\d3d8caps.dat
[2009/03/28 21:10:41 | 000,003,030 | ---- | C] () -- C:\ProgramData\hpzinstall.log
[2009/02/23 13:17:18 | 000,096,768 | ---- | C] () -- C:\Windows\SlantAdj.dll
[2009/02/15 13:00:45 | 000,524,288 | -HS- | C] () -- C:\Users\Jean Paul & Coralie\ntuser.dat{c245a597-fb4d-11dd-b3ed-001d09c79778}.TMContainer00000000000000000002.regtrans-ms
[2009/02/15 13:00:45 | 000,524,288 | -HS- | C] () -- C:\Users\Jean Paul & Coralie\ntuser.dat{c245a597-fb4d-11dd-b3ed-001d09c79778}.TMContainer00000000000000000001.regtrans-ms
[2009/02/15 13:00:45 | 000,065,536 | -HS- | C] () -- C:\Users\Jean Paul & Coralie\ntuser.dat{c245a597-fb4d-11dd-b3ed-001d09c79778}.TM.blf
[2009/02/15 12:46:18 | 000,524,288 | -HS- | C] () -- C:\Users\Jean Paul & Coralie\ntuser.dat{397a39ff-fb4c-11dd-ac68-001d09c79778}.TMContainer00000000000000000002.regtrans-ms
[2009/02/15 12:46:18 | 000,524,288 | -HS- | C] () -- C:\Users\Jean Paul & Coralie\ntuser.dat{397a39ff-fb4c-11dd-ac68-001d09c79778}.TMContainer00000000000000000001.regtrans-ms
[2009/02/15 12:46:18 | 000,065,536 | -HS- | C] () -- C:\Users\Jean Paul & Coralie\ntuser.dat{397a39ff-fb4c-11dd-ac68-001d09c79778}.TM.blf
[2009/02/05 16:19:13 | 000,524,288 | -HS- | C] () -- C:\Users\Jean Paul & Coralie\ntuser.dat{99bef59d-f38c-11dd-aa0c-001d09c79778}.TMContainer00000000000000000002.regtrans-ms
[2009/02/05 16:19:13 | 000,524,288 | -HS- | C] () -- C:\Users\Jean Paul & Coralie\ntuser.dat{99bef59d-f38c-11dd-aa0c-001d09c79778}.TMContainer00000000000000000001.regtrans-ms
[2009/02/05 16:19:13 | 000,065,536 | -HS- | C] () -- C:\Users\Jean Paul & Coralie\ntuser.dat{99bef59d-f38c-11dd-aa0c-001d09c79778}.TM.blf
[2009/02/05 15:56:11 | 000,524,288 | -HS- | C] () -- C:\Users\Jean Paul & Coralie\ntuser.dat{4230be39-f378-11dd-8b64-001d09c79778}.TMContainer00000000000000000002.regtrans-ms
[2009/02/05 15:56:11 | 000,524,288 | -HS- | C] () -- C:\Users\Jean Paul & Coralie\ntuser.dat{4230be39-f378-11dd-8b64-001d09c79778}.TMContainer00000000000000000001.regtrans-ms
[2009/02/05 15:56:11 | 000,065,536 | -HS- | C] () -- C:\Users\Jean Paul & Coralie\ntuser.dat{4230be39-f378-11dd-8b64-001d09c79778}.TM.blf
[2009/01/27 16:05:57 | 000,002,834 | ---- | C] () -- C:\Users\Jean Paul & Coralie\AppData\Roaming\wklnhst.dat
[2008/11/10 12:39:06 | 000,000,680 | ---- | C] () -- C:\Users\Jean Paul & Coralie\AppData\Local\d3d9caps.dat
[2008/08/07 16:43:08 | 000,028,665 | ---- | C] () -- C:\Users\Jean Paul & Coralie\AppData\Roaming\nvModes.001
[2008/08/07 12:35:33 | 000,028,665 | ---- | C] () -- C:\Users\Jean Paul & Coralie\AppData\Roaming\nvModes.dat
[2008/08/07 10:57:40 | 000,167,936 | ---- | C] () -- C:\Users\Jean Paul & Coralie\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/08/07 10:31:16 | 006,815,744 | -HS- | C] () -- C:\Users\Jean Paul & Coralie\ntuser.dat
[2008/08/07 10:31:16 | 002,097,152 | -HS- | C] () -- C:\Users\Jean Paul & Coralie\ntuser.dat_previous
[2008/08/07 10:31:16 | 000,524,288 | -HS- | C] () -- C:\Users\Jean Paul & Coralie\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000002.regtrans-ms
[2008/08/07 10:31:16 | 000,524,288 | -HS- | C] () -- C:\Users\Jean Paul & Coralie\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regtrans-ms
[2008/08/07 10:31:16 | 000,262,144 | -H-- | C] () -- C:\Users\Jean Paul & Coralie\ntuser.dat.LOG1
[2008/08/07 10:31:16 | 000,065,536 | -HS- | C] () -- C:\Users\Jean Paul & Coralie\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TM.blf
[2008/08/07 10:31:16 | 000,000,020 | -HS- | C] () -- C:\Users\Jean Paul & Coralie\ntuser.ini
[2008/08/07 10:31:16 | 000,000,000 | -H-- | C] () -- C:\Users\Jean Paul & Coralie\ntuser.dat.LOG2
[2008/06/12 20:36:38 | 000,007,680 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2008/04/12 07:41:20 | 000,180,224 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2008/04/12 07:30:20 | 000,765,952 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2008/03/26 08:57:26 | 000,016,480 | ---- | C] () -- C:\Windows\System32\rixdicon.dll
[2008/03/26 01:18:34 | 000,054,784 | ---- | C] () -- C:\Windows\System32\bcmwlrmt.dll
[2007/02/05 20:05:26 | 000,000,038 | ---- | C] () -- C:\Windows\AviSplitter.INI
[2006/11/02 14:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 12:25:44 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll
[2006/11/02 12:25:26 | 000,557,568 | ---- | C] () -- C:\Windows\System32\hpotscl1.dll
[2006/11/02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2003/04/01 10:58:02 | 000,005,260 | ---- | C] () -- C:\Windows\System32\OUTLPERF.INI
 
[color=#E56717]========== Alternate Data Streams ==========[/color]
 
@Alternate Data Stream - 99 bytes -> C:\ProgramData\TEMP:CB0AACC9
@Alternate Data Stream - 99 bytes -> C:\ProgramData\TEMP:C0A9D0E7
@Alternate Data Stream - 99 bytes -> C:\ProgramData\TEMP:81ED9272
@Alternate Data Stream - 99 bytes -> C:\ProgramData\TEMP:2BC498A4
@Alternate Data Stream - 98 bytes -> C:\ProgramData\TEMP:D2C57161
@Alternate Data Stream - 97 bytes -> C:\ProgramData\TEMP:275AA066
@Alternate Data Stream - 95 bytes -> C:\ProgramData\TEMP:5D351BC6
@Alternate Data Stream - 94 bytes -> C:\ProgramData\TEMP:90B52091
@Alternate Data Stream - 151 bytes -> C:\ProgramData\TEMP:981349EA
@Alternate Data Stream - 145 bytes -> C:\ProgramData\TEMP:4CD2D817
@Alternate Data Stream - 144 bytes -> C:\ProgramData\TEMP:FDD78BE5
@Alternate Data Stream - 144 bytes -> C:\ProgramData\TEMP:E7123C4C
@Alternate Data Stream - 142 bytes -> C:\ProgramData\TEMP:8BBD1F9A
@Alternate Data Stream - 142 bytes -> C:\ProgramData\TEMP:7C0CBD4C
@Alternate Data Stream - 141 bytes -> C:\ProgramData\TEMP:2E0A3B1D
@Alternate Data Stream - 140 bytes -> C:\ProgramData\TEMP:9B0F9E15
@Alternate Data Stream - 139 bytes -> C:\ProgramData\TEMP:F878F14A
@Alternate Data Stream - 139 bytes -> C:\ProgramData\TEMP:8DCF53BE
@Alternate Data Stream - 138 bytes -> C:\ProgramData\TEMP:CF2C26D2
@Alternate Data Stream - 137 bytes -> C:\ProgramData\TEMP:D9B06E3D
@Alternate Data Stream - 136 bytes -> C:\ProgramData\TEMP:687D1056
@Alternate Data Stream - 136 bytes -> C:\ProgramData\TEMP:550179F5
@Alternate Data Stream - 135 bytes -> C:\ProgramData\TEMP:D93DCF15
@Alternate Data Stream - 135 bytes -> C:\ProgramData\TEMP:25DEF972
@Alternate Data Stream - 133 bytes -> C:\ProgramData\TEMP:426796C0
@Alternate Data Stream - 132 bytes -> C:\ProgramData\TEMP:CCBF0D67
@Alternate Data Stream - 132 bytes -> C:\ProgramData\TEMP:A724744F
@Alternate Data Stream - 132 bytes -> C:\ProgramData\TEMP:001F2DD1
@Alternate Data Stream - 130 bytes -> C:\ProgramData\TEMP:7F66BF58
@Alternate Data Stream - 129 bytes -> C:\ProgramData\TEMP:8E7F155B
@Alternate Data Stream - 129 bytes -> C:\ProgramData\TEMP:5A27D490
@Alternate Data Stream - 129 bytes -> C:\ProgramData\TEMP:561B1D2B
@Alternate Data Stream - 129 bytes -> C:\ProgramData\TEMP:016C09C5
@Alternate Data Stream - 128 bytes -> C:\ProgramData\TEMP:7B52659E
@Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:FDAF118C
@Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:3C9CF9A7
@Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:2871B698
@Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:101708D3
@Alternate Data Stream - 126 bytes -> C:\ProgramData\TEMP:C40E212B
@Alternate Data Stream - 126 bytes -> C:\ProgramData\TEMP:260575F1
@Alternate Data Stream - 125 bytes -> C:\ProgramData\TEMP:FC2E567F
@Alternate Data Stream - 125 bytes -> C:\ProgramData\TEMP:DE47A3DA
@Alternate Data Stream - 125 bytes -> C:\ProgramData\TEMP:4FFA5B5C
@Alternate Data Stream - 124 bytes -> C:\ProgramData\TEMP:BD9F7E4E
@Alternate Data Stream - 124 bytes -> C:\ProgramData\TEMP:9F36615A
@Alternate Data Stream - 124 bytes -> C:\ProgramData\TEMP:3F22DA14
@Alternate Data Stream - 124 bytes -> C:\ProgramData\TEMP:0E341035
@Alternate Data Stream - 124 bytes -> C:\ProgramData\TEMP:0D31DA45
@Alternate Data Stream - 124 bytes -> C:\ProgramData\TEMP:090FB735
@Alternate Data Stream - 122 bytes -> C:\ProgramData\TEMP:926B6E7A
@Alternate Data Stream - 122 bytes -> C:\ProgramData\TEMP:71FA8B7F
@Alternate Data Stream - 121 bytes -> C:\ProgramData\TEMP:8AB6C1D7
@Alternate Data Stream - 121 bytes -> C:\ProgramData\TEMP:85C3B823
@Alternate Data Stream - 121 bytes -> C:\ProgramData\TEMP:814B9485
@Alternate Data Stream - 120 bytes -> C:\ProgramData\TEMP:FDDD8917
@Alternate Data Stream - 120 bytes -> C:\ProgramData\TEMP:F14D1F80
@Alternate Data Stream - 120 bytes -> C:\ProgramData\TEMP:88698068
@Alternate Data Stream - 119 bytes -> C:\ProgramData\TEMP:B1FBA7E1
@Alternate Data Stream - 119 bytes -> C:\ProgramData\TEMP:918B7566
@Alternate Data Stream - 119 bytes -> C:\ProgramData\TEMP:861A898F
@Alternate Data Stream - 118 bytes -> C:\ProgramData\TEMP:5BC73C48
@Alternate Data Stream - 118 bytes -> C:\ProgramData\TEMP:26C3D553
@Alternate Data Stream - 117 bytes -> C:\ProgramData\TEMP:5C12E68D
@Alternate Data Stream - 117 bytes -> C:\ProgramData\TEMP:3B812EE0
@Alternate Data Stream - 117 bytes -> C:\ProgramData\TEMP:3B3A35EC
@Alternate Data Stream - 116 bytes -> C:\ProgramData\TEMP:D1B5B4F1
@Alternate Data Stream - 115 bytes -> C:\ProgramData\TEMP:76BE9842
@Alternate Data Stream - 115 bytes -> C:\ProgramData\TEMP:225CD7D5
@Alternate Data Stream - 114 bytes -> C:\ProgramData\TEMP:98DFF516
@Alternate Data Stream - 114 bytes -> C:\ProgramData\TEMP:43301D1D
@Alternate Data Stream - 114 bytes -> C:\ProgramData\TEMP:270A3983
@Alternate Data Stream - 113 bytes -> C:\ProgramData\TEMP:A3B8F70C
@Alternate Data Stream - 113 bytes -> C:\ProgramData\TEMP:08D8BB20
@Alternate Data Stream - 111 bytes -> C:\ProgramData\TEMP:51E1A4D8
@Alternate Data Stream - 110 bytes -> C:\ProgramData\TEMP:62197B73
@Alternate Data Stream - 110 bytes -> C:\ProgramData\TEMP:55F44B88
@Alternate Data Stream - 109 bytes -> C:\ProgramData\TEMP:B652B720
@Alternate Data Stream - 109 bytes -> C:\ProgramData\TEMP:9ACB70D7
@Alternate Data Stream - 109 bytes -> C:\ProgramData\TEMP:9398DBB4
@Alternate Data Stream - 109 bytes -> C:\ProgramData\TEMP:4DCAC4BC
@Alternate Data Stream - 109 bytes -> C:\ProgramData\TEMP:3C5ABDC7
@Alternate Data Stream - 108 bytes -> C:\ProgramData\TEMP:74B9EA7F
@Alternate Data Stream - 108 bytes -> C:\ProgramData\TEMP:389D51A1
@Alternate Data Stream - 107 bytes -> C:\ProgramData\TEMP:BDCD8531
@Alternate Data Stream - 107 bytes -> C:\ProgramData\TEMP:90D89144
@Alternate Data Stream - 107 bytes -> C:\ProgramData\TEMP:0ED4AC2F
@Alternate Data Stream - 107 bytes -> C:\ProgramData\TEMP:0C5AF2AA
@Alternate Data Stream - 106 bytes -> C:\ProgramData\TEMP:A296A63F
@Alternate Data Stream - 106 bytes -> C:\ProgramData\TEMP:3C75E5BE
@Alternate Data Stream - 106 bytes -> C:\ProgramData\TEMP:24FECE50
@Alternate Data Stream - 105 bytes -> C:\ProgramData\TEMP:F65733F1
@Alternate Data Stream - 105 bytes -> C:\ProgramData\TEMP:E32966C0
@Alternate Data Stream - 105 bytes -> C:\ProgramData\TEMP:07241935
@Alternate Data Stream - 104 bytes -> C:\ProgramData\TEMP:C8AC644A
@Alternate Data Stream - 104 bytes -> C:\ProgramData\TEMP:331B76C7
@Alternate Data Stream - 103 bytes -> C:\ProgramData\TEMP:A56D6987
@Alternate Data Stream - 103 bytes -> C:\ProgramData\TEMP:162D3733
@Alternate Data Stream - 102 bytes -> C:\ProgramData\TEMP:D507B5A8
@Alternate Data Stream - 102 bytes -> C:\ProgramData\TEMP:7A0EFE63
@Alternate Data Stream - 101 bytes -> C:\ProgramData\TEMP:CB0EB1DE
@Alternate Data Stream - 101 bytes -> C:\ProgramData\TEMP:4FE30352
@Alternate Data Stream - 100 bytes -> C:\ProgramData\TEMP:B2CD146E
@Alternate Data Stream - 100 bytes -> C:\ProgramData\TEMP:7C412B92
@Alternate Data Stream - 100 bytes -> C:\ProgramData\TEMP:13AA281B
< End of report >
Hors ligneMister_masque Le 13/04/2010 à 21:20 Profil de Mister_masque Configuration de Mister_masque

Infection MSN.

 

Télécharge, installe et met à jour http://www.malwarebytes.org/mbam/program/mbam-setup.exe

Fait un examen rapide. Clique sur "Afficher les résultats" puis sur "Supprimer la sélection" et poste le rapport.

--
Hors ligneCoralie63 Le 13/04/2010 à 21:57 Profil de Coralie63 Configuration de Coralie63

Mister_masque a écrit:

Infection MSN.

 

Télécharge, installe et met à jour http://www.malwarebytes.org/mbam/program/mbam-setup.exe

Fait un examen rapide. Clique sur "Afficher les résultats" puis sur "Supprimer la sélection" et poste le rapport.

Merci pour ton aide 

Voici le rapport en espérant qu' il s' agisse bien de celui que tu attends ...

 

 

Malwarebytes' Anti-Malware 1.45
www.malwarebytes.org
 
Version de la base de données: 3985
 
Windows 6.0.6000
Internet Explorer 8.0.6001.18904
 
13/04/2010 21:53:47
mbam-log-2010-04-13 (21-53-47).txt
 
Type d'examen: Examen rapide
Elément(s) analysé(s): 103976
Temps écoulé: 6 minute(s), 37 seconde(s)
 
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 2
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 1
 
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
 
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
 
Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
 
Valeur(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\firewall administrating (Worm.Bot.Gen) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\firewall administrating (Worm.Bot.Gen) -> No action taken.
 
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
 
Dossier(s) infecté(s):
(Aucun élément nuisible détecté)
 
Fichier(s) infecté(s):
C:\Users\Public\infocard.exe (Worm.Bot.Gen) -> No action taken.
 
Hors ligneMister_masque Le 13/04/2010 à 21:58 Profil de Mister_masque Configuration de Mister_masque

Parfait. Tu n'es plus infecté, tu n'as plus qu'a changer ta page d'accueil Internet explorer.

Tout va pour le mieu ?

--
Hors ligneCoralie63 Le 14/04/2010 à 10:58 Profil de Coralie63 Configuration de Coralie63

 Tout a l' air parfait !!! Je viens d' effectuer un scan avec mon antivirus et plus aucun résultat positif ne s' affiche !!!

Un grand MERCI pour ton aide .

Au plaisir .

Coralie .

Vous avez résolu votre problème avec VIC ? Faites-le savoir sur les réseaux sociaux !
Vulgarisation-informatique.com
Cours en informatique & tutoriels