VIRUS VIRUS P2P WORM.WIN32 PALEVO.AWAQ Fermé

Question

Bonjour, 
je suis infecté par un virus appelé VIRUS P2P WORM.WIN32 PALEVO.AWAQ le problème c'est que kaspersky le détecte, mais ne peut pas le supprimer. 

A L'AIDE !!!!!!!!


Configuration: Windows 7 / Firefox 3.6.10

Destrio5 · Accepted Answer

--> Télécharge OTL (de OldTimer) sur ton Bureau.
--> Double-clique sur OTL pour le lancer.
(Sous Vista/Win7, il faut cliquer droit sur OTL et choisir Exécuter en tant qu'administrateur)
--> Une fenêtre apparaît. Dans la section Rapport en haut de cette fenêtre, coche Rapport minimal.
--> Coche également les cases à côté de Recherche Lop et Recherche Purity.
--> Enfin, clique sur le bouton Analyse. Le scan ne prendra pas beaucoup de temps.
--> Une fois l'analyse terminée, deux fenêtres vont s'ouvrir dans le Bloc-notes : OTL.txt et Extras.txt. Ils se trouvent au même endroit que OTL (donc par défaut sur le Bureau).

Pour me transmettre les rapports :
--> Clique sur ce lien : http://www.cijoint.fr/
--> Clique sur Parcourir... et cherche le fichier du rapport que tu souhaites me transmettre.
--> Clique sur Ouvrir.
--> Clique sur Cliquez ici pour déposer le fichier.
--> Un lien de cette forme, hxxp://www.cijoint.fr/cjlink.php?file=cj200905/cijSKAP5fU.txt, est ajouté dans la page.
--> Copie-colle ce lien dans ta réponse.

Destrio5 · Answer

Bonjour,

Quel est le fichier détecté ?

kouameseve · Answer

j'ai téléchargé des cours sur internet et parmis, il yen a un qui s'appelle cracker.exe

Destrio5 · Answer

C'est douteux ton truc.

Tu peux l'analyser sur VirusTotal et poster le lien de l'analyse :
https://www.virustotal.com/gui/

kouameseve · Answer

je n'arrive même pas à l'uploader. il me dit qu'il me faut l'autorisation du propriétaire ou d'un administrateur pour ouvrir le fichier

Destrio5 · Answer

Tu peux supprimer le fichier ?

kouameseve · Answer

oui! et le problème persiste

kouameseve · Answer

apparemment ca ne marche pas. j'ai donc fait un copier coller desdits rapports OTL Extras logfile created on: 12/11/2010 07:18:42 - Run 1 OTL by OldTimer - Version 3.2.17.3 Folder = C:\Users\COL N'DRI\Desktop Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 8.0.7600.16385) Locale: 0000040c | Country: France | Language: FRA | Date Format: dd/MM/yyyy 3,00 Gb Total Physical Memory | 3,00 Gb Available Physical Memory | 73,00% Memory free 7,00 Gb Paging File | 6,00 Gb Available in Paging File | 84,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 97,56 Gb Total Space | 63,55 Gb Free Space | 65,14% Space Free | Partition Type: NTFS Drive H: | 498,51 Gb Total Space | 424,33 Gb Free Space | 85,12% Space Free | Partition Type: NTFS Computer Name: COLNDRI-PC | User Name: COL N'DRI | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Extra Registry (SafeList) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\] .cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation) .hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation) [HKEY_CURRENT_USER\SOFTWARE\Classes\] .html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) [color=#E56717]========== Shell Spawning ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation) htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" %1 (Microsoft Corporation) htmlfile [print] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" /p %1 (Microsoft Corporation) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation) scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [AddToPlaylistVLC] -- C:\Program Files\VideoLAN\VLC\vlc.exe --started-from-file --playlist-enqueue "%1" () Directory [Bridge] -- C:\Program Files\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.) Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [PlayWithVLC] -- C:\Program Files\VideoLAN\VLC\vlc.exe --started-from-file --no-playlist-enqueue "%1" () Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [color=#E56717]========== Security Center Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus] "DisableMonitoring" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = Reg Error: Unknown registry data type -- File not found "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [color=#E56717]========== Firewall Settings ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "DisableNotifications" = 0 "EnableFirewall" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "DisableNotifications" = 0 "EnableFirewall" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "DisableNotifications" = 0 "EnableFirewall" = 0 [color=#E56717]========== Authorized Applications List ==========[/color] [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86 "{08C8666B-C502-4AB3-B4CB-D74AC42D14FE}" = Nero BackItUp 10 Help (CHM) "{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86 "{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}" = Adobe Community Help "{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86 "{15FEDA5F-141C-4127-8D7E-B962D1742728}" = Adobe Photoshop CS5 "{16987E99-C95C-4513-9239-7B44A0A71DB5}" = Nero SoundTrax 10 Help (CHM) "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{1F7FB68F-52F6-46A3-B42F-38CE46295AE5}" = Nero MediaHub 10 "{237CCB62-8454-43E3-B158-3ACD0134852E}" = High-Definition Video Playback 10 "{2436F2A8-4B7E-4B6C-AE4E-604C84AA6A4F}" = Nero Core Components 10 "{277C1559-4CF7-44FF-8D07-98AA9C13AABD}" = Nero Multimedia Suite 10 "{329411A0-19F3-4740-874F-17400B126F27}" = Nero Vision 10 Help (CHM) "{33643918-7957-4839-92C7-EA96CB621A98}" = Nero Express 10 Help (CHM) "{34490F4E-48D0-492E-8249-B48BECF0537C}" = Nero DiscSpeed 10 "{3D9892BB-A751-4E48-ADC8-E4289956CE1D}" = QuickTime "{523B2B1B-D8DB-4B41-90FF-C4D799E2758A}" = Nero ControlCenter 10 Help (CHM) "{555868C6-49FB-484F-BB43-8980651A1B00}" = Nero BurnRights 10 Help (CHM) "{5F548A02-80BC-404D-BAE6-F05F9BF6B449}" = Nero DiscCopyGadget 10 Help (CHM) "{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86 "{63AA3EAB-23BB-48B2-9AD0-44F878075604}" = Nero 10 Menu TemplatePack Basic "{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}" = Nero Update "{66049135-9659-4AAD-9169-9CCA269EBB3E}" = Nero InfoTool 10 Help (CHM) "{66F1F013-008F-4875-B283-5A814B820347}" = Kaspersky Internet Security 2011 "{68AB6930-5BFF-4FF6-923B-516A91984FE6}" = Nero BackItUp 10 "{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update "{6B976ADF-8AE8-434E-B282-A06C7F624D2F}" = Python 2.5.2 "{6DFB899F-17A2-48F0-A533-ED8D6866CF38}" = Nero Control Center 10 "{70550193-1C22-445C-8FA4-564E155DB1A7}" = Nero Express 10 "{7A295D8F-484B-4FFB-89AB-C1FD497591FE}" = Nero WaveEditor 10 Help (CHM) "{7A5D731D-B4B3-490E-B339-75685712BAAB}" = Nero Burning ROM 10 "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable "{8ECEC853-5C3D-4B10-B5C7-FF11FF724807}" = Nero Recode 10 "{90140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010 "{90140000-0015-040C-0000-0000000FF1CE}" = Microsoft Office Access MUI (French) 2010 "{90140000-0016-040C-0000-0000000FF1CE}" = Microsoft Office Excel MUI (French) 2010 "{90140000-0018-040C-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (French) 2010 "{90140000-0019-040C-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (French) 2010 "{90140000-001A-040C-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (French) 2010 "{90140000-001B-040C-0000-0000000FF1CE}" = Microsoft Office Word MUI (French) 2010 "{90140000-001F-0401-0000-0000000FF1CE}" = Microsoft Office Proof (Arabic) 2010 "{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010 "{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010 "{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010 "{90140000-001F-0413-0000-0000000FF1CE}" = Microsoft Office Proof (Dutch) 2010 "{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010 "{90140000-002C-040C-0000-0000000FF1CE}" = Microsoft Office Proofing (French) 2010 "{90140000-0044-040C-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (French) 2010 "{90140000-006E-040C-0000-0000000FF1CE}" = Microsoft Office Shared MUI (French) 2010 "{90140000-00A1-040C-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (French) 2010 "{90140000-00BA-040C-0000-0000000FF1CE}" = Microsoft Office Groove MUI (French) 2010 "{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86 "{92E25238-61A3-4ACD-A407-3C480EEF47A7}" = Nero RescueAgent 10 Help (CHM) "{92EC1A84-7FFC-42DF-A8F6-79C21C4765A5}" = Nero DiscCopy Gadget 10 "{943CFD7D-5336-47AF-9418-E02473A5A517}" = Nero BurnRights 10 "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9A4297F3-2A51-4ED9-92CA-4BCB8380947E}" = Nero Vision 10 "{9B6B24BE-80E7-46C4-9FA5-B167D5E0F345}" = Nero BurningROM 10 Help (CHM) "{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR "{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5 "{A93944F2-D2D4-4750-BFE7-9A288FEAF2CF}" = Apple Application Support "{AC76BA86-7AD7-1036-7B44-A93000000001}" = Adobe Reader 9.3 - Français "{ADD72094-D289-4714-A62E-70574478A2BC}" = System Requirements Lab for Intel "{C18A0418-442A-4186-AF98-D08F5054A2FC}" = Nero DiscSpeed 10 Help (CHM) "{C3273C55-E1E4-41FF-8D69-0158090DB8D8}" = Nero CoverDesigner 10 Help (CHM) "{C3580AC4-C827-4332-B935-9A282ED5BB97}" = Nero Dolby Files 10 "{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86 "{D24DB8B9-BB6C-4334-9619-BA1C650E13D3}" = Microsoft Primary Interoperability Assemblies 2005 "{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86 "{DB7C1D4A-08BA-4C7E-A8AA-B7F9BB372DCF}" = Nero Recode 10 Help (CHM) "{DE3A9DC5-9A5D-6485-9662-347162C7E4CA}" = French App Name "{E1EE5339-5D32-458F-BAAB-B19F6301BCE2}" = Nero SoundTrax 10 "{E337E787-CF61-4B7B-B84F-509202A54023}" = Nero RescueAgent 10 "{EAFEF30E-3789-49C7-A6D9-77C12E005BAC}" = Safari "{EDCDFAD5-DF80-4600-A493-E9DAD6810230}" = Nero WaveEditor 10 "{F412B4AF-388C-4FF5-9B2F-33DB1C536953}" = Nero InfoTool 10 "{F467862A-D9CA-47ED-8D81-B4B3C9399272}" = Nero MediaHub 10 Help (CHM) "{F5CB822F-B365-43D1-BCC0-4FDA1A2017A7}" = Nero 10 Movie ThemePack Basic "{F6117F9C-ADB5-4590-9BE4-12C7BEC28702}" = Nero StartSmart 10 Help (CHM) "{F61D489E-6C44-49AC-AD02-7DA8ACA73A65}" = Nero StartSmart 10 "{FCF00A6E-FB58-477A-ABE9-232907105521}" = Nero CoverDesigner 10 "Adobe AIR" = Adobe AIR "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "BitTorrent" = BitTorrent "Blender" = Blender (remove only) "chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help "com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = French App Name "Download Accelerator Plus (DAP)" = Download Accelerator Plus (DAP) "GOM Player" = GOM Player "HP OrderReminder" = HP OrderReminder "HP-LaserJet 1018" = LaserJet 1018 "InstallWIX_{66F1F013-008F-4875-B283-5A814B820347}" = Kaspersky Internet Security 2011 "LeechGet 2009_is1" = LeechGet 2009 Version 2.2 "Mozilla Firefox (3.6.10)" = Mozilla Firefox (3.6.10) "Office14.PROPLUS" = Microsoft Office Professionnel Plus 2010 "VLC media player" = VLC media player 0.9.4 "WinRAR archiver" = Logiciel d'archivage WinRAR "Zuma's Revenge!1.0" = Zuma's Revenge! [color=#E56717]========== HKEY_CURRENT_USER Uninstall List ==========[/color] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "Je me forme à Office" = Je me forme à Office [color=#E56717]========== Last 10 Event Log Errors ==========[/color] [ Application Events ] Error - 05/11/2010 16:41:37 | Computer Name = COLNDRI-PC | Source = Application Error | ID = 1000 Description = Nom de l'application défaillante vlc.exe, version : 0.9.4.0, horodatage : 0x48ea6e62 Nom du module défaillant : libdirect3d_plugin.dll, version : 0.0.0.0, horodatage : 0x48ea6f8a Code d'exception : 0xc0000005 Décalage d'erreur : 0x00005b2c ID du processus défaillant : 0x2938 Heure de début de l'application défaillante : 0x01cb7d29ce3bfb04 Chemin d'accès de l'application défaillante : C:\Program Files\VideoLAN\VLC\vlc.exe Chemin d'accès du module défaillant: C:\Program Files\VideoLAN\VLC\plugins\libdirect3d_plugin.dll ID de rapport : 1586bb0a-e91d-11df-9a38-705ab62bba92 Error - 05/11/2010 16:56:33 | Computer Name = COLNDRI-PC | Source = Application Error | ID = 1000 Description = Nom de l'application défaillante vlc.exe, version : 0.9.4.0, horodatage : 0x48ea6e62 Nom du module défaillant : libdirect3d_plugin.dll, version : 0.0.0.0, horodatage : 0x48ea6f8a Code d'exception : 0xc0000005 Décalage d'erreur : 0x00005b2c ID du processus défaillant : 0x1c30 Heure de début de l'application défaillante : 0x01cb7d2badd3b5ce Chemin d'accès de l'application défaillante : C:\Program Files\VideoLAN\VLC\vlc.exe Chemin d'accès du module défaillant: C:\Program Files\VideoLAN\VLC\plugins\libdirect3d_plugin.dll ID de rapport : 2b3ed7f8-e91f-11df-9a38-705ab62bba92 Error - 05/11/2010 17:38:43 | Computer Name = COLNDRI-PC | Source = Application Error | ID = 1000 Description = Nom de l'application défaillante vlc.exe, version : 0.9.4.0, horodatage : 0x48ea6e62 Nom du module défaillant : libdirect3d_plugin.dll, version : 0.0.0.0, horodatage : 0x48ea6f8a Code d'exception : 0xc0000005 Décalage d'erreur : 0x00005b2c ID du processus défaillant : 0x2100 Heure de début de l'application défaillante : 0x01cb7d3190c67574 Chemin d'accès de l'application défaillante : C:\Program Files\VideoLAN\VLC\vlc.exe Chemin d'accès du module défaillant: C:\Program Files\VideoLAN\VLC\plugins\libdirect3d_plugin.dll ID de rapport : 0f475170-e925-11df-9a38-705ab62bba92 Error - 05/11/2010 21:23:43 | Computer Name = COLNDRI-PC | Source = Microsoft-Windows-Defrag | ID = 257 Description = Error - 05/11/2010 21:27:41 | Computer Name = COLNDRI-PC | Source = SideBySide | ID = 16842815 Description = La création du contexte d'activation a échoué pour « C:\Program Files\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll ». Erreur dans le fichier de manifeste ou de stratégie « C:\Program Files\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll » à la ligne 3. La valeur « MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR » de l'attribut « version » de l'élément « assemblyIdentity » n'est pas valide. Error - 06/11/2010 14:45:46 | Computer Name = COLNDRI-PC | Source = Application Error | ID = 1000 Description = Nom de l'application défaillante vlc.exe, version : 0.9.4.0, horodatage : 0x48ea6e62 Nom du module défaillant : avcodec-51.dll, version : 0.0.0.0, horodatage : 0x48ea6f86 Code d'exception : 0xc0000005 Décalage d'erreur : 0x0032c19b ID du processus défaillant : 0x1fe8 Heure de début de l'application défaillante : 0x01cb7de2d05c8a19 Chemin d'accès de l'application défaillante : C:\Program Files\VideoLAN\VLC\vlc.exe Chemin d'accès du module défaillant: C:\Program Files\VideoLAN\VLC\avcodec-51.dll ID de rapport : 1067b6f4-e9d6-11df-9a38-705ab62bba92 Error - 08/11/2010 07:23:36 | Computer Name = COLNDRI-PC | Source = Application Hang | ID = 1002 Description = Le programme Explorer.EXE version 6.1.7600.16450 a cessé d'interagir avec Windows et a été fermé. Pour déterminer si des informations supplémentaires sont disponibles, consultez l'historique du problème dans le Centre de maintenance. ID de processus : 6b8 Heure de début : 01cb7c20e80d2530 Heure de fin : 285 Chemin d'accès de l'application : C:\Windows\Explorer.EXE ID de rapport : 1d122702-eb2a-11df-9a38-705ab62bba92 Error - 09/11/2010 10:43:39 | Computer Name = COLNDRI-PC | Source = Application Error | ID = 1000 Description = Nom de l'application défaillante vlc.exe, version : 0.9.4.0, horodatage : 0x48ea6e62 Nom du module défaillant : libdirect3d_plugin.dll, version : 0.0.0.0, horodatage : 0x48ea6f8a Code d'exception : 0xc0000005 Décalage d'erreur : 0x00005b2c ID du processus défaillant : 0x16bc Heure de début de l'application défaillante : 0x01cb80127e941d17 Chemin d'accès de l'application défaillante : C:\Program Files\VideoLAN\VLC\vlc.exe Chemin d'accès du module défaillant: C:\Program Files\VideoLAN\VLC\plugins\libdirect3d_plugin.dll ID de rapport : bce2d485-ec0f-11df-af46-705ab62bba92 Error - 11/11/2010 13:07:15 | Computer Name = COLNDRI-PC | Source = Application Hang | ID = 1002 Description = Le programme ZumasRevenge.exe version 1.0.4.9495 a cessé d'interagir avec Windows et a été fermé. Pour déterminer si des informations supplémentaires sont disponibles, consultez l'historique du problème dans le Centre de maintenance. ID de processus : f34 Heure de début : 01cb81c2c2ba3a96 Heure de fin : 45 Chemin d'accès de l'application : C:\Program Files\Zuma's Revenge!\ZumasRevenge.exe ID de rapport : 07df054f-edb6-11df-b577-705ab62bba92 Error - 11/11/2010 15:04:41 | Computer Name = COLNDRI-PC | Source = Application Error | ID = 1000 Description = Nom de l'application défaillante vlc.exe, version : 0.9.4.0, horodatage : 0x48ea6e62 Nom du module défaillant : libdirect3d_plugin.dll, version : 0.0.0.0, horodatage : 0x48ea6f8a Code d'exception : 0xc0000005 Décalage d'erreur : 0x00005b2c ID du processus défaillant : 0xee8 Heure de début de l'application défaillante : 0x01cb81d349bd048e Chemin d'accès de l'application défaillante : C:\Program Files\VideoLAN\VLC\vlc.exe Chemin d'accès du module défaillant: C:\Program Files\VideoLAN\VLC\plugins\libdirect3d_plugin.dll ID de rapport : 896f1cec-edc6-11df-a4fa-705ab62bba92 [ Media Center Events ] Error - 22/10/2010 04:38:15 | Computer Name = COLNDRI-PC | Source = MCUpdate | ID = 0 Description = 08:38:15 - Erreur de connexion à Internet. 08:38:15 - Impossible de contacter le service.. Error - 23/10/2010 06:08:08 | Computer Name = COLNDRI-PC | Source = MCUpdate | ID = 0 Description = 10:08:08 - Erreur de connexion à Internet. 10:08:08 - Impossible de contacter le service.. Error - 24/10/2010 02:44:59 | Computer Name = COLNDRI-PC | Source = MCUpdate | ID = 0 Description = 06:44:59 - Erreur de connexion à Internet. 06:44:59 - Impossible de contacter le service.. Error - 25/10/2010 02:15:21 | Computer Name = COLNDRI-PC | Source = MCUpdate | ID = 0 Description = 06:15:20 - Erreur de connexion à Internet. 06:15:20 - Impossible de contacter le service.. Error - 26/10/2010 04:03:27 | Computer Name = COLNDRI-PC | Source = MCUpdate | ID = 0 Description = 08:03:27 - Erreur de connexion à Internet. 08:03:27 - Impossible de contacter le service.. Error - 29/10/2010 09:08:54 | Computer Name = COLNDRI-PC | Source = MCUpdate | ID = 0 Description = 13:08:54 - Échec de la récupération de MCESpotlight (Erreur : La connexion sous-jacente a été fermée : La connexion a été interrompue de manière inattendue.) Error - 31/10/2010 23:53:03 | Computer Name = COLNDRI-PC | Source = MCUpdate | ID = 0 Description = 03:52:56 - Erreur de connexion à Internet. 03:52:56 - Impossible de contacter le service.. Error - 01/11/2010 00:54:34 | Computer Name = COLNDRI-PC | Source = MCUpdate | ID = 0 Description = 04:54:32 - Erreur de connexion à Internet. 04:54:32 - Impossible de contacter le service.. Error - 01/11/2010 01:55:09 | Computer Name = COLNDRI-PC | Source = MCUpdate | ID = 0 Description = 05:55:07 - Erreur de connexion à Internet. 05:55:07 - Impossible de contacter le service.. Error - 01/11/2010 03:00:36 | Computer Name = COLNDRI-PC | Source = MCUpdate | ID = 0 Description = 07:00:34 - Erreur de connexion à Internet. 07:00:34 - Impossible de contacter le service.. [ System Events ] Error - 12/11/2010 03:18:08 | Computer Name = COLNDRI-PC | Source = atapi | ID = 262155 Description = Le pilote a détecté une erreur du contrôleur sur \Device\Ide\IdePort0. Error - 12/11/2010 03:18:08 | Computer Name = COLNDRI-PC | Source = atapi | ID = 262155 Description = Le pilote a détecté une erreur du contrôleur sur \Device\Ide\IdePort0. Error - 12/11/2010 03:18:08 | Computer Name = COLNDRI-PC | Source = atapi | ID = 262155 Description = Le pilote a détecté une erreur du contrôleur sur \Device\Ide\IdePort0. Error - 12/11/2010 03:18:08 | Computer Name = COLNDRI-PC | Source = atapi | ID = 262155 Description = Le pilote a détecté une erreur du contrôleur sur \Device\Ide\IdePort0. Error - 12/11/2010 03:18:08 | Computer Name = COLNDRI-PC | Source = atapi | ID = 262155 Description = Le pilote a détecté une erreur du contrôleur sur \Device\Ide\IdePort0. Error - 12/11/2010 03:18:08 | Computer Name = COLNDRI-PC | Source = atapi | ID = 262155 Description = Le pilote a détecté une erreur du contrôleur sur \Device\Ide\IdePort0. Error - 12/11/2010 03:18:08 | Computer Name = COLNDRI-PC | Source = atapi | ID = 262155 Description = Le pilote a détecté une erreur du contrôleur sur \Device\Ide\IdePort0. Error - 12/11/2010 03:18:08 | Computer Name = COLNDRI-PC | Source = atapi | ID = 262155 Description = Le pilote a détecté une erreur du contrôleur sur \Device\Ide\IdePort0. Error - 12/11/2010 03:18:08 | Computer Name = COLNDRI-PC | Source = atapi | ID = 262155 Description = Le pilote a détecté une erreur du contrôleur sur \Device\Ide\IdePort0. Error - 12/11/2010 03:18:08 | Computer Name = COLNDRI-PC | Source = atapi | ID = 262155 Description = Le pilote a détecté une erreur du contrôleur sur \Device\Ide\IdePort0. < End of report > et OTL logfile created on: 12/11/2010 07:18:42 - Run 1 OTL by OldTimer - Version 3.2.17.3 Folder = C:\Users\COL N'DRI\Desktop Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 8.0.7600.16385) Locale: 0000040c | Country: France | Language: FRA | Date Format: dd/MM/yyyy 3,00 Gb Total Physical Memory | 3,00 Gb Available Physical Memory | 73,00% Memory free 7,00 Gb Paging File | 6,00 Gb Available in Paging File | 84,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 97,56 Gb Total Space | 63,55 Gb Free Space | 65,14% Space Free | Partition Type: NTFS Drive H: | 498,51 Gb Total Space | 424,33 Gb Free Space | 85,12% Space Free | Partition Type: NTFS Computer Name: COLNDRI-PC | User Name: COL N'DRI | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - C:\Users\COL N'DRI\Desktop\OTL.exe (OldTimer Tools) PRC - C:\Program Files\BitTorrent\BitTorrent.exe (BitTorrent, Inc.) PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) PRC - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe (Kaspersky Lab ZAO) PRC - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\klwtblfs.exe (Kaspersky Lab ZAO) PRC - C:\Windows\KMService.exe () PRC - C:\Program Files\Nero\Nero 10\Nero BackItUp\NBAgent.exe (Nero AG) PRC - C:\Program Files\Nero\Update\NASvc.exe (Nero AG) PRC - C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe (Adobe Systems Incorporated) PRC - C:\Windows\explorer.exe (Microsoft Corporation) PRC - C:\Windows\System32\atieclxx.exe (AMD) PRC - C:\Windows\System32\atiesrxx.exe (AMD) PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation) PRC - C:\Windows\System32\conhost.exe (Microsoft Corporation) PRC - C:\Program Files\Hewlett-Packard\OrderReminder\OrderReminder.exe (Hewlett-Packard) PRC - C:\Windows\System32\srvany.exe () [color=#E56717]========== Modules (SafeList) ==========[/color] MOD - C:\Users\COL N'DRI\Desktop\OTL.exe (OldTimer Tools) MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll (Microsoft Corporation) MOD - C:\Windows\System32\sspicli.dll (Microsoft Corporation) MOD - C:\Windows\System32\sechost.dll (Microsoft Corporation) MOD - C:\Windows\System32\samcli.dll (Microsoft Corporation) MOD - C:\Windows\System32\profapi.dll (Microsoft Corporation) MOD - C:\Windows\System32\netutils.dll (Microsoft Corporation) MOD - C:\Windows\System32\KernelBase.dll (Microsoft Corporation) MOD - C:\Windows\System32\dwmapi.dll (Microsoft Corporation) MOD - C:\Windows\System32\devobj.dll (Microsoft Corporation) MOD - C:\Windows\System32\cryptbase.dll (Microsoft Corporation) MOD - C:\Windows\System32\cfgmgr32.dll (Microsoft Corporation) [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - (WatAdminSvc) -- C:\Windows\System32\Wat\WatAdminSvc.exe (Microsoft Corporation) SRV - (AVP) -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe (Kaspersky Lab ZAO) SRV - (NAUpdate) -- C:\Program Files\Nero\Update\NASvc.exe (Nero AG) SRV - (Microsoft SharePoint Workspace Audit Service) -- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE (Microsoft Corporation) SRV - (SwitchBoard) -- C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated) SRV - (AMD External Events Utility) -- C:\Windows\System32\atiesrxx.exe (AMD) SRV - (WwanSvc) -- C:\Windows\System32\wwansvc.dll (Microsoft Corporation) SRV - (WbioSrvc) -- C:\Windows\System32\wbiosrvc.dll (Microsoft Corporation) SRV - (Power) -- C:\Windows\System32\umpo.dll (Microsoft Corporation) SRV - (Themes) -- C:\Windows\System32\themeservice.dll (Microsoft Corporation) SRV - (sppuinotify) -- C:\Windows\System32\sppuinotify.dll (Microsoft Corporation) SRV - (RpcEptMapper) -- C:\Windows\System32\RpcEpMap.dll (Microsoft Corporation) SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation) SRV - (PeerDistSvc) -- C:\Windows\System32\PeerDistSvc.dll (Microsoft Corporation) SRV - (PNRPsvc) -- C:\Windows\System32\pnrpsvc.dll (Microsoft Corporation) SRV - (p2pimsvc) -- C:\Windows\System32\pnrpsvc.dll (Microsoft Corporation) SRV - (HomeGroupProvider) -- C:\Windows\System32\provsvc.dll (Microsoft Corporation) SRV - (PNRPAutoReg) -- C:\Windows\System32\pnrpauto.dll (Microsoft Corporation) SRV - (WinDefend) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation) SRV - (HomeGroupListener) -- C:\Windows\System32\ListSvc.dll (Microsoft Corporation) SRV - (FontCache) -- C:\Windows\System32\FntCache.dll (Microsoft Corporation) SRV - (Dhcp) -- C:\Windows\System32\dhcpcore.dll (Microsoft Corporation) SRV - (defragsvc) -- C:\Windows\System32\defragsvc.dll (Microsoft Corporation) SRV - (BDESVC) -- C:\Windows\System32\bdesvc.dll (Microsoft Corporation) SRV - (AxInstSV) Programme d'installation ActiveX (AxInstSV) -- C:\Windows\System32\AxInstSv.dll (Microsoft Corporation) SRV - (AppIDSvc) -- C:\Windows\System32\appidsvc.dll (Microsoft Corporation) SRV - (sppsvc) -- C:\Windows\System32\sppsvc.exe (Microsoft Corporation) SRV - (KMService) -- C:\Windows\System32\srvany.exe () [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - (KLIF) -- C:\Windows\System32\drivers\klif.sys (Kaspersky Lab) DRV - (kl2) -- C:\Windows\System32\drivers\kl2.sys (Kaspersky Lab ZAO) DRV - (KL1) -- C:\Windows\system32\DRIVERS\kl1.sys (Kaspersky Lab ZAO) DRV - (KLIM6) -- C:\Windows\System32\drivers\klim6.sys (Kaspersky Lab ZAO) DRV - (KSecPkg) -- C:\Windows\System32\Drivers\ksecpkg.sys (Microsoft Corporation) DRV - (klmouflt) -- C:\Windows\System32\drivers\klmouflt.sys (Kaspersky Lab) DRV - (atikmdag) -- C:\Windows\System32\drivers\atikmdag.sys (ATI Technologies Inc.) DRV - (cmdide) -- C:\Windows\system32\DRIVERS\cmdide.sys (CMD Technology, Inc.) DRV - (adpahci) -- C:\Windows\system32\DRIVERS\adpahci.sys (Adaptec, Inc.) DRV - (adp94xx) -- C:\Windows\system32\DRIVERS\adp94xx.sys (Adaptec, Inc.) DRV - (amdsbs) -- C:\Windows\system32\DRIVERS\amdsbs.sys (AMD Technologies Inc.) DRV - (adpu320) -- C:\Windows\system32\DRIVERS\adpu320.sys (Adaptec, Inc.) DRV - (arcsas) -- C:\Windows\system32\DRIVERS\arcsas.sys (Adaptec, Inc.) DRV - (amdsata) -- C:\Windows\system32\DRIVERS\amdsata.sys (Advanced Micro Devices) DRV - (arc) -- C:\Windows\system32\DRIVERS\arc.sys (Adaptec, Inc.) DRV - (amdxata) -- C:\Windows\system32\DRIVERS\amdxata.sys (Advanced Micro Devices) DRV - (aliide) -- C:\Windows\system32\DRIVERS\aliide.sys (Acer Laboratories Inc.) DRV - (nvstor) -- C:\Windows\system32\DRIVERS\nvstor.sys (NVIDIA Corporation) DRV - (nvraid) -- C:\Windows\system32\DRIVERS\nvraid.sys (NVIDIA Corporation) DRV - (nfrd960) -- C:\Windows\system32\DRIVERS\nfrd960.sys (IBM Corporation) DRV - (LSI_SAS) -- C:\Windows\system32\DRIVERS\lsi_sas.sys (LSI Corporation) DRV - (iaStorV) -- C:\Windows\system32\DRIVERS\iaStorV.sys (Intel Corporation) DRV - (MegaSR) -- C:\Windows\system32\DRIVERS\MegaSR.sys (LSI Corporation, Inc.) DRV - (LSI_SCSI) -- C:\Windows\system32\DRIVERS\lsi_scsi.sys (LSI Corporation) DRV - (LSI_FC) -- C:\Windows\system32\DRIVERS\lsi_fc.sys (LSI Corporation) DRV - (LSI_SAS2) -- C:\Windows\system32\DRIVERS\lsi_sas2.sys (LSI Corporation) DRV - (iirsp) -- C:\Windows\system32\DRIVERS\iirsp.sys (Intel Corp./ICP vortex GmbH) DRV - (megasas) -- C:\Windows\system32\DRIVERS\megasas.sys (LSI Corporation) DRV - (hwpolicy) -- C:\Windows\System32\drivers\hwpolicy.sys (Microsoft Corporation) DRV - (elxstor) -- C:\Windows\system32\DRIVERS\elxstor.sys (Emulex) DRV - (aic78xx) -- C:\Windows\system32\DRIVERS\djsvs.sys (Adaptec, Inc.) DRV - (HpSAMD) -- C:\Windows\system32\DRIVERS\HpSAMD.sys (Hewlett-Packard Company) DRV - (FsDepends) -- C:\Windows\System32\drivers\fsdepends.sys (Microsoft Corporation) DRV - (vsmraid) -- C:\Windows\system32\DRIVERS\vsmraid.sys (VIA Technologies Inc.,Ltd) DRV - (vmbus) -- C:\Windows\system32\DRIVERS\vmbus.sys (Microsoft Corporation) DRV - (vhdmp) -- C:\Windows\system32\DRIVERS\vhdmp.sys (Microsoft Corporation) DRV - (storflt) -- C:\Windows\system32\DRIVERS\vmstorfl.sys (Microsoft Corporation) DRV - (vdrvroot) -- C:\Windows\system32\DRIVERS\vdrvroot.sys (Microsoft Corporation) DRV - (storvsc) -- C:\Windows\system32\DRIVERS\storvsc.sys (Microsoft Corporation) DRV - (WIMMount) -- C:\Windows\System32\drivers\wimmount.sys (Microsoft Corporation) DRV - (viaide) -- C:\Windows\system32\DRIVERS\viaide.sys (VIA Technologies, Inc.) DRV - (ql2300) -- C:\Windows\system32\DRIVERS\ql2300.sys (QLogic Corporation) DRV - (rdyboost) -- C:\Windows\System32\drivers\rdyboost.sys (Microsoft Corporation) DRV - (ql40xx) -- C:\Windows\system32\DRIVERS\ql40xx.sys (QLogic Corporation) DRV - (SiSRaid4) -- C:\Windows\system32\DRIVERS\sisraid4.sys (Silicon Integrated Systems) DRV - (pcw) -- C:\Windows\System32\drivers\pcw.sys (Microsoft Corporation) DRV - (SiSRaid2) -- C:\Windows\system32\DRIVERS\SiSRaid2.sys (Silicon Integrated Systems Corp.) DRV - (stexstor) -- C:\Windows\system32\DRIVERS\stexstor.sys (Promise Technology) DRV - (CNG) -- C:\Windows\System32\Drivers\cng.sys (Microsoft Corporation) DRV - (Brserid) Brother MFC Serial Port Interface Driver (WDM) -- C:\Windows\System32\Drivers\Brserid.sys (Brother Industries Ltd.) DRV - (rdpbus) -- C:\Windows\System32\drivers\rdpbus.sys (Microsoft Corporation) DRV - (RDPREFMP) -- C:\Windows\System32\drivers\RDPREFMP.sys (Microsoft Corporation) DRV - (RasAgileVpn) WAN Miniport (IKEv2) -- C:\Windows\System32\drivers\agilevpn.sys (Microsoft Corporation) DRV - (WfpLwf) -- C:\Windows\System32\drivers\wfplwf.sys (Microsoft Corporation) DRV - (RMCAST) Protocole RMCAST (multidiffusion fiable) -- C:\Windows\System32\drivers\rmcast.sys (Microsoft Corporation) DRV - (NdisCap) -- C:\Windows\System32\drivers\ndiscap.sys (Microsoft Corporation) DRV - (vwifimp) -- C:\Windows\System32\drivers\vwifimp.sys (Microsoft Corporation) DRV - (vwififlt) -- C:\Windows\System32\drivers\vwififlt.sys (Microsoft Corporation) DRV - (vwifibus) -- C:\Windows\System32\drivers\vwifibus.sys (Microsoft Corporation) DRV - (1394ohci) -- C:\Windows\system32\DRIVERS\1394ohci.sys (Microsoft Corporation) DRV - (UmPass) -- C:\Windows\system32\DRIVERS\umpass.sys (Microsoft Corporation) DRV - (mshidkmdf) -- C:\Windows\System32\drivers\mshidkmdf.sys (Microsoft Corporation) DRV - (MTConfig) -- C:\Windows\system32\DRIVERS\MTConfig.sys (Microsoft Corporation) DRV - (CompositeBus) -- C:\Windows\System32\drivers\CompositeBus.sys (Microsoft Corporation) DRV - (AppID) -- C:\Windows\system32\drivers\appid.sys (Microsoft Corporation) DRV - (scfilter) -- C:\Windows\System32\drivers\scfilter.sys (Microsoft Corporation) DRV - (s3cap) -- C:\Windows\system32\DRIVERS\vms3cap.sys (Microsoft Corporation) DRV - (VMBusHID) -- C:\Windows\system32\DRIVERS\VMBusHID.sys (Microsoft Corporation) DRV - (discache) -- C:\Windows\System32\drivers\discache.sys (Microsoft Corporation) DRV - (AcpiPmi) -- C:\Windows\system32\DRIVERS\acpipmi.sys (Microsoft Corporation) DRV - (AmdPPM) -- C:\Windows\system32\DRIVERS\amdppm.sys (Microsoft Corporation) DRV - (hcw85cir) -- C:\Windows\system32\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.) DRV - (BrUsbMdm) -- C:\Windows\System32\Drivers\BrUsbMdm.sys (Brother Industries Ltd.) DRV - (BrUsbSer) -- C:\Windows\System32\Drivers\BrUsbSer.sys (Brother Industries Ltd.) DRV - (BrSerWdm) -- C:\Windows\System32\Drivers\BrSerWdm.sys (Brother Industries Ltd.) DRV - (BrFiltLo) -- C:\Windows\system32\DRIVERS\BrFiltLo.sys (Brother Industries, Ltd.) DRV - (BrFiltUp) -- C:\Windows\system32\DRIVERS\BrFiltUp.sys (Brother Industries, Ltd.) DRV - (b57nd60x) -- C:\Windows\System32\drivers\b57nd60x.sys (Broadcom Corporation) DRV - (ebdrv) -- C:\Windows\system32\DRIVERS\evbdx.sys (Broadcom Corporation) DRV - (b06bdrv) -- C:\Windows\system32\DRIVERS\bxvbdx.sys (Broadcom Corporation) DRV - (L1C) NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20) -- C:\Windows\System32\drivers\L1C62x86.sys (Atheros Communications, Inc.) DRV - (athr) -- C:\Windows\System32\drivers\athr.sys (Atheros Communications, Inc.) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://home.speedbit.com/?aff=105 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = https://www.msn.com/fr-fr?ocid=iehp IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = fr IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 7C 67 B7 9F ED 4C CB 01 [binary data] IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.1 FF - prefs.js..extensions.enabledItems: {19503e42-ca3c-4c27-b1e2-9cdb2170ee34}:1.2.4 FF - prefs.js..extensions.enabledItems: KavAntiBanner@Kaspersky.ru:11.0.0.232 FF - prefs.js..extensions.enabledItems: linkfilter@kaspersky.ru:11.0.0.232 FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.8.1 FF - prefs.js..extensions.enabledItems: anttoolbar@ant.com:2.0.1 FF - prefs.js..network.proxy.http: "200.19.159.34" FF - prefs.js..network.proxy.http_port: 3124 FF - HKLM\software\mozilla\Mozilla Firefox 3.6.10\extensions\Components: C:\Program Files\Mozilla Firefox\components [2010/11/01 14:46:31 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.10\extensions\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/11/01 14:46:31 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Thunderbird\Extensions\{eea12ec4-729d-4703-bc37-106ce9879ce2}: C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\THBExt [2010/09/05 12:26:28 | 000,000,000 | ---D | M] [2010/09/05 12:07:01 | 000,000,000 | ---D | M] -- C:\Users\COL N'DRI\AppData\Roaming\mozilla\Extensions [2010/11/11 19:45:07 | 000,000,000 | ---D | M] -- C:\Users\COL N'DRI\AppData\Roaming\mozilla\Firefox\Profiles\4nzphig3.default\extensions [2010/11/08 16:56:42 | 000,000,000 | ---D | M] (FlashGot) -- C:\Users\COL N'DRI\AppData\Roaming\mozilla\Firefox\Profiles\4nzphig3.default\extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34} [2010/10/28 09:44:26 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\COL N'DRI\AppData\Roaming\mozilla\Firefox\Profiles\4nzphig3.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2010/11/03 10:45:08 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\COL N'DRI\AppData\Roaming\mozilla\Firefox\Profiles\4nzphig3.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} [2010/11/07 09:31:48 | 000,000,000 | ---D | M] -- C:\Users\COL N'DRI\AppData\Roaming\mozilla\Firefox\Profiles\4nzphig3.default\extensions\anttoolbar@ant.com [2010/10/15 10:48:13 | 000,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions [2010/09/05 20:22:16 | 000,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\KavAntiBanner@Kaspersky.ru [2010/09/05 20:22:15 | 000,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\linkfilter@kaspersky.ru [2010/09/25 11:43:46 | 000,423,656 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll [2010/07/23 00:44:11 | 000,001,516 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazon-france.xml [2010/07/23 00:44:11 | 000,001,822 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\cnrtl-tlfi-fr.xml [2010/07/23 00:44:11 | 000,000,757 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-france.xml [2010/07/23 00:44:11 | 000,001,426 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-fr.xml [2010/07/23 00:44:11 | 000,000,956 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-france.xml O1 HOSTS File: ([2009/06/10 21:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O2 - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\ievkbd.dll (Kaspersky Lab ZAO) O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL (Microsoft Corporation) O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL (Microsoft Corporation) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll File not found O2 - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll (Kaspersky Lab ZAO) O4 - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [AdobeCS5ServiceManager] C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [AVP] C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe (Kaspersky Lab ZAO) O4 - HKLM..\Run: [BCSSync] C:\Program Files\Microsoft Office\Office14\BCSSync.exe (Microsoft Corporation) O4 - HKLM..\Run: [NBAgent] C:\Program Files\Nero\Nero 10\Nero BackItUp\NBAgent.exe (Nero AG) O4 - HKLM..\Run: [OrderReminder] C:\Program Files\Hewlett-Packard\OrderReminder\OrderReminder.exe (Hewlett-Packard) O4 - HKLM..\Run: [SwitchBoard] C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated) O4 - HKCU..\Run: [BitTorrent] C:\Program Files\BitTorrent\BitTorrent.exe (BitTorrent, Inc.) O4 - HKCU..\Run: [DownloadAccelerator] C:\Program Files\DAP\DAP.EXE File not found O4 - HKCU..\Run: [DriverScanner] C:\Program Files\Uniblue\DriverScanner\launcher.exe File not found O4 - HKCU..\Run: [LeechGet] File not found O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 28 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1 O8 - Extra context menu item: Ajouter à l'Anti-bannière - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\ie_banner_deny.htm () O8 - Extra context menu item: Analyser avec LeechGet - C:\Program Files\LeechGet 2009\Parser.html () O8 - Extra context menu item: Télécharger en utilisant l'assistant LeechGet - C:\Program Files\LeechGet 2009\Wizard.html () O8 - Extra context menu item: Télécharger en utilisant LeechGet - C:\Program Files\LeechGet 2009\AddUrl.html () O9 - Extra Button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: Clavier &virtuel - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll (Kaspersky Lab ZAO) O9 - Extra Button: Notes &liées OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Notes &liées OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O9 - Extra Button: Analyse des &liens - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll (Kaspersky Lab ZAO) O13 - gopher Prefix: missing O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O20 - AppInit_DLLs: (C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll) - C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll (Kaspersky Lab ZAO) O20 - AppInit_DLLs: (C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll) - C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll (Kaspersky Lab ZAO) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - Winlogon\Notify\klogon: DllName - C:\Windows\system32\klogon.dll - C:\Windows\System32\klogon.dll (Kaspersky Lab ZAO) O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL (Microsoft Corporation) O30 - LSA: Security Packages - (pku2u) - C:\Windows\System32\pku2u.dll (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009/06/10 21:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O33 - MountPoints2\{c39897f7-d502-11df-97a3-705ab62bba92}\Shell - "" = AutoRun O33 - MountPoints2\{c39897f7-d502-11df-97a3-705ab62bba92}\Shell\AutoRun\command - "" = E:\LaunchU3.exe -- File not found O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2010/11/12 07:15:28 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Users\COL N'DRI\Desktop\OTL.exe [2010/11/11 10:50:08 | 000,000,000 | ---D | C] -- C:\Users\COL N'DRI\DoctorWeb [2010/11/11 10:02:34 | 000,000,000 | ---D | C] -- C:\Program Files\LeechGet 2009 [2010/11/10 17:27:06 | 000,000,000 | ---D | C] -- C:\Users\COL N'DRI\Desktop\GenProc [2010/11/08 18:18:06 | 000,000,000 | ---D | C] -- C:\Users\COL N'DRI\Desktop\tut [2010/11/08 16:24:47 | 000,000,000 | ---D | C] -- C:\Users\COL N'DRI\Desktop\tutos [2010/11/07 22:48:19 | 000,000,000 | ---D | C] -- C:\Program Files\BitTorrent [2010/11/07 22:47:50 | 000,000,000 | ---D | C] -- C:\Users\COL N'DRI\AppData\Roaming\BitTorrent [2010/11/03 17:33:01 | 000,000,000 | ---D | C] -- C:\Windows\System32\appmgmt [2010/11/03 10:23:20 | 000,000,000 | ---D | C] -- C:\Users\COL N'DRI\Documents\Downloads [2010/11/03 10:23:13 | 000,000,000 | ---D | C] -- C:\Users\COL N'DRI\AppData\Roaming\DMCache [2010/11/02 13:37:47 | 000,000,000 | ---D | C] -- C:\Users\COL N'DRI\AppData\Roaming\Nero [2010/11/02 13:04:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Nero [2010/11/02 13:03:32 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Nero [2010/11/02 13:03:17 | 000,000,000 | ---D | C] -- C:\Program Files\Nero [2010/11/01 14:53:10 | 000,000,000 | ---D | C] -- C:\Users\COL N'DRI\AppData\Roaming\Apple Computer [2010/11/01 14:53:10 | 000,000,000 | ---D | C] -- C:\Users\COL N'DRI\AppData\Local\Apple Computer [2010/11/01 14:48:07 | 000,000,000 | ---D | C] -- C:\Program Files\Safari [2010/11/01 14:44:44 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime [2010/11/01 14:44:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer [2010/11/01 14:42:46 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple [2010/11/01 14:42:14 | 000,000,000 | ---D | C] -- C:\Users\COL N'DRI\AppData\Local\Apple [2010/11/01 14:41:49 | 000,000,000 | ---D | C] -- C:\Program Files\Apple Software Update [2010/11/01 14:41:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple [2010/10/27 15:30:12 | 000,954,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc40.dll [2010/10/27 15:30:12 | 000,954,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc40u.dll [2010/10/27 15:29:01 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll [2010/10/27 15:28:46 | 000,381,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll [2010/10/27 15:28:46 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll [2010/10/27 15:28:45 | 000,606,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll [2010/10/27 15:28:45 | 000,185,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll [2010/10/27 15:28:45 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll [2010/10/27 15:28:44 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll [2010/10/27 15:28:43 | 000,386,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec [2010/10/27 15:28:43 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll [2010/10/27 15:28:43 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe [2010/10/27 15:28:42 | 001,638,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb [2010/10/27 15:28:13 | 002,327,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys [2010/10/27 15:24:09 | 012,625,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmploc.DLL [2010/10/27 15:15:44 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\t2embed.dll [2010/10/27 15:09:22 | 000,641,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CPFilters.dll [2010/10/27 15:09:22 | 000,417,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdri.dll [2010/10/27 15:09:22 | 000,204,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSNP.ax [2010/10/27 15:09:21 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mpg2splt.ax [2010/10/27 15:01:16 | 000,026,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\Diskdump.sys [2010/10/27 14:51:05 | 000,738,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmpmde.dll [2010/10/27 14:51:03 | 000,363,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\StructuredQuery.dll [2010/10/26 17:18:17 | 000,000,000 | ---D | C] -- C:\Users\COL N'DRI\Desktop\Nouveau dossier [2010/10/26 11:18:07 | 002,319,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_27.dll [2010/10/26 11:17:20 | 000,000,000 | ---D | C] -- C:\Program Files\Micro Application [2010/10/25 08:45:40 | 000,000,000 | ---D | C] -- C:\ProgramData\regid.1986-12.com.adobe [2010/10/25 08:40:01 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe Media Player [2010/10/25 08:36:44 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe AIR [2010/10/22 09:53:01 | 000,000,000 | ---D | C] -- C:\Users\COL N'DRI\AppData\Roaming\vlc [2010/10/21 18:00:55 | 000,000,000 | ---D | C] -- C:\Windows\Minidump [2010/10/21 11:03:16 | 000,000,000 | ---D | C] -- C:\Users\COL N'DRI\RICHMOND [2010/10/18 09:20:58 | 000,000,000 | ---D | C] -- C:\Python25 [2010/10/15 09:22:11 | 000,000,000 | ---D | C] -- C:\Users\COL N'DRI\.thumbnails [2010/10/15 09:19:27 | 000,000,000 | ---D | C] -- C:\Users\COL N'DRI\AppData\Roaming\Blender Foundation [2010/10/15 09:19:19 | 000,000,000 | ---D | C] -- C:\Program Files\Blender Foundation [1 C:\Users\COL N'DRI\Desktop\*.tmp files -> C:\Users\COL N'DRI\Desktop\*.tmp -> ] [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2010/11/12 07:16:21 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\COL N'DRI\Desktop\OTL.exe [2010/11/12 07:13:15 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2010/11/11 20:19:32 | 014,472,171 | ---- | M] () -- C:\Users\COL N'DRI\Desktop\xvideos.com_f4fce0471d1b8cd1d3dadfbf04bc0b4e.flv [2010/11/11 19:07:06 | 000,013,600 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2010/11/11 19:07:06 | 000,013,600 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2010/11/11 19:07:05 | 000,695,004 | ---- | M] () -- C:\Windows\System32\perfh00C.dat [2010/11/11 19:07:05 | 000,607,190 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2010/11/11 19:07:05 | 000,127,684 | ---- | M] () -- C:\Windows\System32\perfc00C.dat [2010/11/11 19:07:05 | 000,103,568 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2010/11/11 19:01:04 | 2815,463,424 | -HS- | M] () -- C:\hiberfil.sys [2010/11/11 14:11:59 | 000,261,556 | ---- | M] () -- C:\Users\COL N'DRI\Desktop\Yao.blend [2010/11/11 14:05:31 | 003,606,227 | ---- | M] () -- C:\Users\COL N'DRI\Desktop\f_you.mp3 [2010/11/11 10:10:37 | 000,000,162 | -H-- | M] () -- C:\Users\COL N'DRI\Desktop\~$p TPC KOUAME KOFFI.doc [2010/11/11 10:02:35 | 000,001,960 | ---- | M] () -- C:\Users\Public\Desktop\LeechGet 2009.lnk [2010/11/11 09:03:56 | 000,261,100 | ---- | M] () -- C:\Users\COL N'DRI\Desktop\Yao.blend1 [2010/11/10 16:04:33 | 048,457,915 | ---- | M] () -- C:\Users\COL N'DRI\Desktop\xvideos.com_08306e20c290a02987fe078a89006bb4.flv [2010/11/10 12:46:34 | 055,912,431 | ---- | M] () -- C:\Users\COL N'DRI\Desktop\xvideos.com_c7c4930bb04c3d34ab0a93b8473916e5.flv [2010/11/10 10:16:50 | 004,073,930 | ---- | M] () -- C:\Users\COL N'DRI\Desktop\xvideos.com_e981fb2ee08514b4d9e494811b8a9121.flv [2010/11/10 09:10:24 | 000,030,208 | ---- | M] () -- C:\Users\COL N'DRI\Desktop\BIP.doc [2010/11/09 11:52:22 | 000,152,012 | ---- | M] () -- C:\Users\COL N'DRI\Desktop\kolou (2).blend [2010/11/09 11:52:21 | 000,152,012 | ---- | M] () -- C:\Users\COL N'DRI\Desktop\kolou.blend [2010/11/09 10:12:10 | 000,033,792 | ---- | M] () -- C:\Users\COL N'DRI\Desktop\rap MUGEF CI M BRA.doc [2010/11/09 10:11:32 | 000,029,696 | ---- | M] () -- C:\Users\COL N'DRI\Desktop\Rap TPC KOUAME KOFFI.doc [2010/11/09 07:23:10 | 000,147,564 | ---- | M] () -- C:\Users\COL N'DRI\Desktop\kolou.blend1 [2010/11/08 13:27:40 | 000,000,000 | ---- | M] () -- C:\Users\COL N'DRI\Desktop\[Vimeo-1132937] Elephants Dream.flv [2010/11/08 13:01:03 | 004,951,672 | ---- | M] () -- C:\Users\COL N'DRI\Desktop\sranblé (2).blend [2010/11/08 09:45:14 | 000,000,162 | -H-- | M] () -- C:\Users\COL N'DRI\Desktop\~$NJUGUAISON MANGER.docx [2010/11/07 22:48:19 | 000,000,999 | ---- | M] () -- C:\Users\COL N'DRI\Application Data\Microsoft\Internet Explorer\Quick Launch\BitTorrent.lnk [2010/11/07 22:48:19 | 000,000,975 | ---- | M] () -- C:\Users\Public\Desktop\BitTorrent.lnk [2010/11/07 20:34:12 | 004,950,932 | ---- | M] () -- C:\Users\COL N'DRI\Desktop\sranblé (2).blend1 [2010/11/06 17:28:00 | 003,987,340 | ---- | M] () -- C:\Users\COL N'DRI\Desktop\sranblé.blend [2010/11/06 17:26:54 | 003,987,340 | ---- | M] () -- C:\Users\COL N'DRI\Desktop\sranblé.blend1 [2010/11/04 23:18:02 | 000,052,235 | ---- | M] () -- C:\Users\COL N'DRI\Desktop\CONJUGUAISON FINIR.docx [2010/11/04 22:25:02 | 000,049,749 | ---- | M] () -- C:\Users\COL N'DRI\Desktop\CONJUGUAISON MANGER.docx [2010/11/02 13:28:38 | 000,003,039 | ---- | M] () -- C:\Users\COL N'DRI\Desktop\Nero Burning ROM.lnk [2010/11/02 13:28:29 | 000,002,983 | ---- | M] () -- C:\Users\COL N'DRI\Desktop\Nero Express.lnk [2010/11/02 13:18:50 | 000,002,991 | ---- | M] () -- C:\Users\Public\Desktop\Nero StartSmart 10.lnk [2010/11/02 13:17:03 | 000,002,927 | ---- | M] () -- C:\Users\Public\Desktop\Nero Vision 10.lnk [2010/11/02 13:15:11 | 000,002,963 | ---- | M] () -- C:\Users\Public\Desktop\Nero MediaHub 10.lnk [2010/11/02 13:07:38 | 000,003,135 | ---- | M] () -- C:\Users\Public\Desktop\Nero BackItUp 10.lnk [2010/11/02 13:05:26 | 000,003,015 | ---- | M] () -- C:\Users\Public\Desktop\Nero Burning ROM 10.lnk [2010/11/01 15:15:34 | 000,002,479 | ---- | M] () -- C:\Users\Public\Desktop\Safari.lnk [2010/11/01 14:48:55 | 000,002,503 | ---- | M] () -- C:\Users\COL N'DRI\Application Data\Microsoft\Internet Explorer\Quick Launch\Apple Safari.lnk [2010/11/01 14:45:59 | 000,001,853 | ---- | M] () -- C:\Users\Public\Desktop\QuickTime Player.lnk [2010/10/30 18:35:02 | 043,527,347 | ---- | M] () -- C:\Users\COL N'DRI\Desktop\Warren.7z [2010/10/30 09:17:10 | 000,002,092 | ---- | M] () -- C:\Users\COL N'DRI\Desktop\Blender.lnk [2010/10/28 03:24:51 | 003,763,184 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2010/10/26 11:17:23 | 000,002,275 | ---- | M] () -- C:\Users\COL N'DRI\Desktop\Je me forme à Office.lnk [2010/10/25 12:23:05 | 000,001,207 | ---- | M] () -- C:\Users\COL N'DRI\Desktop\Adobe Photoshop CS5.lnk [2010/10/24 18:21:25 | 000,016,369 | ---- | M] () -- C:\Users\COL N'DRI\Documents\MESSAGE.docx [2010/10/22 11:39:59 | 000,000,162 | -H-- | M] () -- C:\Users\COL N'DRI\Desktop\~$pp TPC CATH.doc [2010/10/22 11:21:12 | 000,934,024 | ---- | M] () -- C:\Users\COL N'DRI\Desktop\untitled.blend [2010/10/22 09:50:36 | 000,001,066 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk [2010/10/21 18:00:48 | 214,712,299 | ---- | M] () -- C:\Windows\MEMORY.DMP [2010/10/21 08:53:32 | 000,002,078 | ---- | M] () -- C:\Users\Public\Desktop\Blender.lnk [2010/10/19 15:43:06 | 000,000,162 | -H-- | M] () -- C:\Users\COL N'DRI\Desktop\~$NEE 2011.docx [2010/10/19 11:41:44 | 000,222,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe [2010/10/18 12:35:23 | 000,000,162 | -H-- | M] () -- C:\Users\COL N'DRI\Desktop\~$TENTION NOUVELLE CON.docx [2010/10/18 08:46:24 | 001,651,200 | ---- | M] () -- C:\Users\COL N'DRI\Documents\N'GORAN YAO.pub [1 C:\Users\COL N'DRI\Desktop\*.tmp files -> C:\Users\COL N'DRI\Desktop\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2010/11/11 19:48:16 | 014,472,171 | ---- | C] () -- C:\Users\COL N'DRI\Desktop\xvideos.com_f4fce0471d1b8cd1d3dadfbf04bc0b4e.flv [2010/11/11 13:57:23 | 003,606,227 | ---- | C] () -- C:\Users\COL N'DRI\Desktop\f_you.mp3 [2010/11/11 10:10:37 | 000,000,162 | -H-- | C] () -- C:\Users\COL N'DRI\Desktop\~$p TPC KOUAME KOFFI.doc [2010/11/11 10:02:35 | 000,001,960 | ---- | C] () -- C:\Users\Public\Desktop\LeechGet 2009.lnk [2010/11/10 10:40:44 | 055,912,431 | ---- | C] () -- C:\Users\COL N'DRI\Desktop\xvideos.com_c7c4930bb04c3d34ab0a93b8473916e5.flv [2010/11/10 10:16:47 | 004,073,930 | ---- | C] () -- C:\Users\COL N'DRI\Desktop\xvideos.com_e981fb2ee08514b4d9e494811b8a9121.flv [2010/11/09 18:55:31 | 048,457,915 | ---- | C] () -- C:\Users\COL N'DRI\Desktop\xvideos.com_08306e20c290a02987fe078a89006bb4.flv [2010/11/09 13:29:43 | 000,261,556 | ---- | C] () -- C:\Users\COL N'DRI\Desktop\Yao.blend [2010/11/09 13:29:43 | 000,261,100 | ---- | C] () -- C:\Users\COL N'DRI\Desktop\Yao.blend1 [2010/11/09 13:26:43 | 000,152,012 | ---- | C] () -- C:\Users\COL N'DRI\Desktop\kolou (2).blend [2010/11/09 11:43:32 | 000,030,208 | ---- | C] () -- C:\Users\COL N'DRI\Desktop\BIP.doc [2010/11/09 10:12:09 | 000,033,792 | ---- | C] () -- C:\Users\COL N'DRI\Desktop\rap MUGEF CI M BRA.doc [2010/11/09 10:11:31 | 000,029,696 | ---- | C] () -- C:\Users\COL N'DRI\Desktop\Rap TPC KOUAME KOFFI.doc [2010/11/09 08:32:25 | 000,152,012 | ---- | C] () -- C:\Users\COL N'DRI\Desktop\kolou.blend [2010/11/09 08:32:25 | 000,147,564 | ---- | C] () -- C:\Users\COL N'DRI\Desktop\kolou.blend1 [2010/11/08 13:27:16 | 000,000,000 | ---- | C] () -- C:\Users\COL N'DRI\Desktop\[Vimeo-1132937] Elephants Dream.flv [2010/11/08 13:11:08 | 018,467,383 | ---- | C] () -- C:\Users\COL N'DRI\Desktop\05-cycle.flv [2010/11/08 13:11:08 | 010,416,069 | ---- | C] () -- C:\Users\COL N'DRI\Desktop\06-NLA_et_action_modifier.flv [2010/11/08 13:11:08 | 008,642,433 | ---- | C] () -- C:\Users\COL N'DRI\Desktop\02-rigging.flv [2010/11/08 13:11:08 | 007,255,870 | ---- | C] () -- C:\Users\COL N'DRI\Desktop\04-skinning.flv [2010/11/08 13:11:08 | 004,308,319 | ---- | C] () -- C:\Users\COL N'DRI\Desktop\03-contraintes.flv [2010/11/08 13:11:08 | 003,578,443 | ---- | C] () -- C:\Users\COL N'DRI\Desktop\01-Intro.flv [2010/11/08 13:10:05 | 043,527,347 | ---- | C] () -- C:\Users\COL N

Destrio5 · Answer

Je ne vois rien de spécial.

Utilisateur anonyme · Answer

Hello Destrio5 ,

Palevo se situe sur les clé usb ( dossier aléatoire + exe aléatoire ) 

++

Destrio5 · Answer

Ok.

--> Télécharge UsbFix (par El Desaparecido & C_XX) sur ton Bureau.

--> Branche tes sources de données externes à ton PC (clé USB, disque dur externe, carte SD, etc...) sans les ouvrir.

--> Double-clique sur le programme UsbFix situé sur ton Bureau.

--> Choisis l'option Recherche.

--> Laisse travailler l'outil.

--> Poste le rapport UsbFix.txt.

Note : le rapport UsbFix.txt est sauvegardé à la racine du disque (C:\UsbFix.txt).

"Process.exe", une composante de l'outil, est détecté par certains antivirus (AntiVir, Dr.Web, Kaspersky Anti-Virus) comme étant un RiskTool. Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus.

kouameseve · Answer

voici le rapport.....          et merci de ton attention

############################## | UsbFix 7.035 | [Recherche]

Utilisateur: COL N'DRI (Administrateur) # COLNDRI-PC [Acer Aspire 5532]
Mis à jour le 11/11/10 par El Desaparecido / C_XX
Lancé à 19:37:34 | 13/11/2010
Site Web: http://www.teamxscript.org
Contact: eldesaparecido@teamxscript.org

CPU: AMD Athlon(tm) Processor TF-20
Microsoft Windows 7 Édition Intégrale  (6.1.7600 32-Bit) # 
Internet Explorer 8.0.7600.16385

Pare-feu Windows: Désactivé /!\
RAM -> 3580 Mo 
C:\ (%systemdrive%) -> Disque fixe # 98 Go (58 Go libre(s) - 60%) [] # NTFS
D:\ -> CD-ROM
H:\ -> Disque fixe # 499 Go (424 Go libre(s) - 85%) [Données] # NTFS

################## | Éléments infectieux |



################## | Registre |


################## | Mountpoints2 |

HKCU\.\.\.\.\Explorer\MountPoints2\{c39897f7-d502-11df-97a3-705ab62bba92}
Shell\AutoRun\Command = E:\LaunchU3.exe -a


################## | Vaccin |

(!) Cet ordinateur n'est pas vacciné!

################## | E.O.F |

Destrio5 · Answer

Il faudrait savoir quel est le fichier détecté par Kaspersky.

VIRUS VIRUS P2P WORM.WIN32 PALEVO.AWAQ

13 réponses

Discussions similaires