[OK] demande d'analyse de log

Sécurité et insécurité. Virus, Trojans, Spywares, Failles etc. …

Modérateur: Modérateurs et Modératrices

Règles du forum
Assiste.com a suspendu l'assistance à la décontamination après presque 15 ans sur l'ancien forum puis celui-ci. Voir :

Procédure de décontamination 1 - Anti-malware
Décontamination anti-malwares

Procédure de décontamination 2 - Anti-malware et antivirus (La Manip)
La Manip - Procédure standard de décontamination

Entretien périodique d'un PC sous Windows
Entretien périodique d'un PC sous Windows

Protection des navigateurs, de la navigation et de la vie privée
Protéger le navigateur, la navigation et la vie privée

Messagede nikko33 » 20 Mar 2010, 12:54

Salut,

désolé pour le retard :D

avant tout je voudrais te montrer les virus mis en quarantaine par AVG:

"Infection";"Cheval de Troie : Generic15.ARYG";"G:\System Volume Information\_restore{078D8A33-11E7-431A-A4FD-90A007596662}\RP158\A0048943.exe";"";"07/03/2010, 20:40:39"

"Infection";"Cheval de Troie : Generic10.RYO";"G:\System Volume Information\_restore{078D8A33-11E7-431A-A4FD-90A007596662}\RP158\A0048944.exe";"";"08/03/2010, 15:23:50"

"Infection";"Cheval de Troie : KillAV.PY";"G:\System Volume Information\_restore{078D8A33-11E7-431A-A4FD-90A007596662}\RP160\A0049342.exe";"";"09/03/2010, 09:57:02"

"Infection";"Cheval de Troie : Generic16.ANYQ";"G:\System Volume Information\_restore{078D8A33-11E7-431A-A4FD-90A007596662}\RP138\A0039236.exe";"";"17/03/2010, 12:47:28"

"Infection";"Cheval de Troie : KillAV.PY";"G:\System Volume Information\_restore{078D8A33-11E7-431A-A4FD-90A007596662}\RP175\A0051049.exe";"";"17/03/2010, 12:47:56"

"Infection";"Cheval de Troie : Generic16.ANYQ";"G:\System Volume Information\_restore{078D8A33-11E7-431A-A4FD-90A007596662}\RP97\A0027348.exe";"";"17/03/2010, 12:48:08"

je continue les manips...
nikko33
 
Messages: 25
Inscription: 10 Mar 2010, 11:06

Messagede nikko33 » 20 Mar 2010, 13:06

Voici le rapport de correction OTL

Error: Unable to interpret <rien> in the current context!
========== PROCESSES ==========
Process explorer.exe killed successfully!
========== OTL ==========
ADS C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP:DFC5A2B2 deleted successfully.
ADS C:\Program Files\Fichiers communs\System:l4Zz2hqXdet4KgcGdmc23A deleted successfully.
ADS C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP:A8ADE5D8 deleted successfully.
ADS C:\Documents and Settings\All Users\Application Data\Microsoft:iXjO1agiYovzNO82dt26o deleted successfully.
ADS C:\Documents and Settings\All Users\Application Data\Microsoft:uzzTC3PVg8HLqjtXTTPv26o deleted successfully.
ADS C:\Program Files\Outlook Express:aBnc0asnL7FPYnXQma deleted successfully.
========== COMMANDS ==========

OTL by OldTimer - Version 3.1.37.3 log created on 03202010_130001

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...
nikko33
 
Messages: 25
Inscription: 10 Mar 2010, 11:06

Messagede nikko33 » 20 Mar 2010, 13:07

Et le rapport principal:

OTL logfile created on: 20/03/2010 13:03:48 - Run 5
OTL by OldTimer - Version 3.1.37.3 Folder = G:\mozilla downloads
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 81,00% Memory free
6,00 Gb Paging File | 5,00 Gb Available in Paging File | 93,00% Paging File free
Paging file location(s): C:\pagefile.sys 0 0 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 186,31 Gb Total Space | 73,56 Gb Free Space | 39,48% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
Drive G: | 465,76 Gb Total Space | 162,91 Gb Free Space | 34,98% Space Free | Partition Type: NTFS
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: XPSP2-9972C5432
Current User Name: Admin
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 14 Days
Output = Standard
Quick Scan

========== Processes (SafeList) ==========

PRC - [2010/03/20 12:56:52 | 000,555,520 | ---- | M] (OldTimer Tools) -- G:\mozilla downloads\OTL.exe
PRC - [2010/03/07 15:11:10 | 001,086,744 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgchsvx.exe
PRC - [2010/03/07 15:11:09 | 000,617,752 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgnsx.exe
PRC - [2010/03/07 15:11:09 | 000,508,184 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgrsx.exe
PRC - [2010/03/07 15:11:08 | 000,710,424 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgcsrvx.exe
PRC - [2010/03/07 15:11:04 | 002,059,544 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgtray.exe
PRC - [2010/03/07 15:11:03 | 000,836,888 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgam.exe
PRC - [2010/03/07 15:10:59 | 000,308,064 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgwdsvc.exe
PRC - [2010/02/10 15:35:13 | 000,604,488 | ---- | M] (TuneUp Software) -- C:\WINDOWS\system32\TUProgSt.exe
PRC - [2010/01/16 04:14:02 | 000,910,296 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2010/01/07 16:07:10 | 000,236,368 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2009/07/29 14:28:40 | 000,252,424 | ---- | M] (Avid Technology, Inc.) -- C:\WINDOWS\system32\MAFWTray.exe
PRC - [2009/07/09 11:22:18 | 000,144,712 | ---- | M] (Apple Inc.) -- C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
PRC - [2009/05/15 07:35:52 | 000,935,208 | ---- | M] (Nero AG) -- C:\Program Files\Fichiers communs\Nero\Nero BackItUp 4\NBService.exe
PRC - [2008/04/14 03:34:03 | 001,037,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2005/02/08 05:00:00 | 000,098,304 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\WINDOWS\system32\spool\drivers\w32x86\3\E_FATIACE.EXE
PRC - [2004/03/12 21:43:18 | 000,081,920 | ---- | M] (DAEMON'S HOME) -- C:\Program Files\D-Tools\daemon.exe


========== Modules (SafeList) ==========

MOD - [2010/03/20 12:56:52 | 000,555,520 | ---- | M] (OldTimer Tools) -- G:\mozilla downloads\OTL.exe


========== Win32 Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- -- (NIHardwareService)
SRV - [2010/03/07 15:10:59 | 000,308,064 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG9\avgwdsvc.exe -- (avg9wd)
SRV - [2010/02/10 15:35:13 | 000,604,488 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\WINDOWS\system32\TUProgSt.exe -- (TuneUp.ProgramStatisticsSvc)
SRV - [2010/02/10 15:35:11 | 000,361,288 | ---- | M] (TuneUp Software) [On_Demand | Stopped] -- C:\WINDOWS\system32\TuneUpDefragService.exe -- (TuneUp.Defrag)
SRV - [2010/01/26 17:45:08 | 000,243,056 | ---- | M] (CybelSoft) [On_Demand | Stopped] -- C:\Program Files\ma-config.com\maconfservice.exe -- (maconfservice)
SRV - [2010/01/07 16:07:10 | 000,236,368 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2009/11/16 12:25:48 | 000,029,000 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\WINDOWS\system32\uxtuneup.dll -- (UxTuneUp)
SRV - [2009/07/09 11:22:18 | 000,144,712 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2009/05/15 07:35:52 | 000,935,208 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files\Fichiers communs\Nero\Nero BackItUp 4\NBService.exe -- (Nero BackItUp Scheduler 4.0)
SRV - [2009/02/16 12:34:34 | 000,415,152 | ---- | M] (telechargement.fr) [Auto | Stopped] -- C:\WINDOWS\System32\pr2ausyt.exe -- (pr2ausyt) Techniques audionumeriques en homestudio Drivers Auto Removal (pr2ausyt)
SRV - [2007/01/19 10:49:26 | 000,049,152 | ---- | M] (Wireless Service) [On_Demand | Stopped] -- C:\Program Files\ANI\ANIWZCS2 Service\ANIWZCSdS.exe -- (ANIWZCSdService)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://google.fr/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore = http://www.google.fr/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultengine: ""
FF - prefs.js..browser.search.defaultenginename: ""
FF - prefs.js..browser.search.defaulturl: ""
FF - prefs.js..browser.search.order.1: ""
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.google.fr/"
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.1.3
FF - prefs.js..extensions.enabledItems: {3f963a5b-e555-4543-90e2-c3908898db71}:9.0.0.783
FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.7.1
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {74a734dd-b3a8-bc83-23f5-fcc9ce1134c0}:4.6.6.4


FF - HKLM\software\mozilla\Firefox\Extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: C:\Program Files\AVG\AVG9\Firefox [2010/03/07 15:10:59 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/03/09 12:24:31 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/03/09 12:24:29 | 000,000,000 | ---D | M]

[2009/09/11 18:47:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin.XPSP2-9972C5432\Application Data\Mozilla\Extensions
[2010/03/19 17:20:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin.XPSP2-9972C5432\Application Data\Mozilla\Firefox\Profiles\f07vxccg.default\extensions
[2009/10/19 18:40:35 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Admin.XPSP2-9972C5432\Application Data\Mozilla\Firefox\Profiles\f07vxccg.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/03/09 15:40:48 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Documents and Settings\Admin.XPSP2-9972C5432\Application Data\Mozilla\Firefox\Profiles\f07vxccg.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2010/01/17 22:07:44 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Documents and Settings\Admin.XPSP2-9972C5432\Application Data\Mozilla\Firefox\Profiles\f07vxccg.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2009/10/17 13:49:05 | 000,002,171 | ---- | M] () -- C:\Documents and Settings\Admin.XPSP2-9972C5432\Application Data\Mozilla\Firefox\Profiles\f07vxccg.default\searchplugins\bing.xml
[2010/03/19 17:20:20 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010/02/20 17:23:41 | 000,000,000 | ---D | M] (LoudMo Contextual Ad Assistant) -- C:\Program Files\Mozilla Firefox\extensions\{74a734dd-b3a8-bc83-23f5-fcc9ce1134c0}
[2010/01/16 02:10:07 | 000,001,516 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazon-france.xml
[2010/01/16 02:10:07 | 000,001,822 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\cnrtl-tlfi-fr.xml
[2010/01/16 02:10:07 | 000,000,757 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay-france.xml
[2010/01/16 02:10:07 | 000,001,426 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-fr.xml
[2010/01/16 02:10:07 | 000,000,652 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo-france.xml

Hosts file not found
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Programme d'aide de l'Assistant de connexion Windows Live) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (TextAloud) - {F053C368-5458-45B2-9B4D-D8914BDDDBFF} - C:\Program Files\TextAloud\TAForIE.dll ()
O4 - HKLM..\Run: [Adobe ARM] C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [AVG9_TRAY] C:\Program Files\AVG\AVG9\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [DAEMON Tools-1033] C:\Program Files\D-Tools\daemon.exe (DAEMON'S HOME)
O4 - HKLM..\Run: [EPSON Stylus DX3800 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIACE.EXE (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [M-Audio Taskbar Icon] C:\WINDOWS\system32\MAFWTray.exe (Avid Technology, Inc.)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [SpyBlocker] C:\Program Files\SpyBlocker Software\spyblocker.exe (SpyBlocker Software)
O4 - Startup: C:\Documents and Settings\Admin.XPSP2-9972C5432\Menu Démarrer\Programmes\Démarrage\ERUNT AutoBackup.lnk = C:\Program Files\ERUNT\AUTOBACK.EXE ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: MemCheckBoxInRunDlg = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMBalloonTip = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktopCleanupWizard = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoWelcomeScreen = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoAutoUpdate = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 0
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office10\EXCEL.EXE (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Program Files\Fichiers communs\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UIHost - (%SystemRoot%\system32\logonui.exe) - C:\WINDOWS\System32\logonui.exe File not found
O20 - Winlogon\Notify\avgrsstarter: DllName - avgrsstx.dll - C:\WINDOWS\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)
O24 - Desktop Components:0 (Ma page d'accueil) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Admin.XPSP2-9972C5432\Mes documents\My Wallpapers\Default.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Admin.XPSP2-9972C5432\Mes documents\My Wallpapers\Default.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008/03/19 01:56:08 | 000,000,095 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 14 Days ==========

[2010/03/17 16:04:09 | 000,000,000 | -H-D | C] -- C:\$AVG
[2010/03/17 16:03:12 | 000,065,536 | ---- | C] (FLOMIX Studios) -- C:\WINDOWS\System32\foxcbmp3.dll
[2010/03/17 16:03:12 | 000,020,480 | ---- | C] (MegaSolutions) -- C:\WINDOWS\sbuninst.exe
[2010/03/17 16:03:10 | 000,000,000 | ---D | C] -- C:\Program Files\SpyBlocker Software
[2010/03/17 16:02:59 | 000,796,672 | ---- | C] (Qsc) -- C:\WINDOWS\GPInstall.exe
[2010/03/16 18:26:59 | 000,000,000 | ---D | C] -- C:\Program Files\Yieldmanagercookie Removal Tool
[2010/03/14 16:46:35 | 000,000,000 | ---D | C] -- C:\ToolBar SD
[2010/03/12 15:41:48 | 000,000,000 | ---D | C] -- C:\WINDOWS\Performance
[2010/03/12 15:41:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Admin.XPSP2-9972C5432\Local Settings\Application Data\Microsoft Corporation
[2010/03/12 15:41:25 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Windows 7 Upgrade Advisor
[2010/03/10 10:50:05 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2010/03/10 10:47:01 | 000,000,000 | ---D | C] -- C:\Program Files\ERUNT
[2010/03/09 16:53:27 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\{A6CBE6A2-B738-440D-B19A-60D7C36810C7}
[2010/03/09 16:52:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Admin.XPSP2-9972C5432\Mes documents\Reaktor 5
[2010/03/08 22:06:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Admin.XPSP2-9972C5432\Application Data\AVG9
[2010/03/08 13:45:28 | 000,000,000 | ---D | C] -- C:\Program Files\VirtualDub
[2010/03/08 11:55:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Admin.XPSP2-9972C5432\Bureau\photos omnia
[2010/03/07 15:11:32 | 000,012,464 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\avgrsstx.dll
[2010/03/07 15:11:31 | 000,242,696 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgtdix.sys
[2010/03/07 15:11:31 | 000,052,872 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgrkx86.sys
[2010/03/07 15:11:26 | 000,216,200 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgldx86.sys
[2010/03/07 15:11:24 | 000,029,512 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgmfx86.sys
[2010/03/07 15:11:18 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\Avg
[2010/03/07 15:10:58 | 000,000,000 | ---D | C] -- C:\Program Files\AVG
[2010/03/07 15:10:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\avg9
[2010/03/07 14:08:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Grisoft
[2010/03/07 14:08:20 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Admin.XPSP2-9972C5432\Recent
[2010/03/07 14:07:37 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2010/03/07 13:40:29 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010/03/07 13:40:26 | 000,019,160 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010/03/07 13:40:26 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010/03/07 13:24:52 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2010/03/06 14:07:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Admin.XPSP2-9972C5432\Bureau\photos A4
[2009/09/11 21:02:53 | 000,156,800 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\d346bus.sys
[2009/09/11 21:02:53 | 000,005,248 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\d346prt.sys
[2009/02/10 18:54:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Google
[2009/01/30 14:13:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Google
[2008/09/06 19:29:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Apple
[2008/03/31 16:39:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft
[2008/03/19 00:28:40 | 000,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Application Data\Microsoft
[2008/03/19 00:23:36 | 000,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Application Data\Microsoft
[2008/03/19 00:23:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft
[1 C:\Documents and Settings\Admin.XPSP2-9972C5432\Application Data\*.tmp files -> C:\Documents and Settings\Admin.XPSP2-9972C5432\Application Data\*.tmp -> ]

========== Files - Modified Within 14 Days ==========

[2010/03/20 13:02:24 | 000,250,073 | ---- | M] () -- C:\WINDOWS\System32\NvApps.xml
[2010/03/20 13:02:16 | 000,000,508 | ---- | M] () -- C:\WINDOWS\tasks\Maintenance en 1 clic.job
[2010/03/20 13:02:06 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/03/20 13:01:35 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/03/20 13:00:10 | 011,796,480 | ---- | M] () -- C:\Documents and Settings\Admin.XPSP2-9972C5432\NTUSER.DAT
[2010/03/20 13:00:10 | 000,000,184 | -HS- | M] () -- C:\Documents and Settings\Admin.XPSP2-9972C5432\ntuser.ini
[2010/03/20 12:39:31 | 057,417,231 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\incavi.avm
[2010/03/20 12:06:23 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/03/19 18:15:20 | 000,966,825 | ---- | M] () -- C:\Documents and Settings\Admin.XPSP2-9972C5432\Bureau\P1040689.JPG
[2010/03/19 18:06:44 | 000,005,060 | ---- | M] () -- C:\Documents and Settings\Admin.XPSP2-9972C5432\Bureau\product-746935.jpg
[2010/03/19 10:45:49 | 000,041,472 | ---- | M] () -- C:\Documents and Settings\Admin.XPSP2-9972C5432\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/03/18 22:17:34 | 000,000,153 | ---- | M] () -- C:\Documents and Settings\Admin.XPSP2-9972C5432\Application Data\default.rss
[2010/03/18 22:17:32 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2010/03/17 16:06:35 | 000,000,014 | ---- | M] () -- C:\WINDOWS\scode8.cfg
[2010/03/17 16:03:12 | 000,001,661 | ---- | M] () -- C:\Documents and Settings\Admin.XPSP2-9972C5432\Bureau\SpyBlocker.lnk
[2010/03/17 16:02:59 | 000,796,672 | ---- | M] (Qsc) -- C:\WINDOWS\GPInstall.exe
[2010/03/16 17:47:47 | 012,944,018 | -H-- | M] () -- C:\Documents and Settings\Admin.XPSP2-9972C5432\Local Settings\Application Data\IconCache.db
[2010/03/13 01:04:16 | 000,000,693 | ---- | M] () -- C:\Documents and Settings\Admin.XPSP2-9972C5432\Bureau\MP3GainGUI.lnk
[2010/03/10 10:49:01 | 000,000,777 | ---- | M] () -- C:\Documents and Settings\Admin.XPSP2-9972C5432\Menu Démarrer\Programmes\Démarrage\ERUNT AutoBackup.lnk
[2010/03/10 10:47:04 | 000,000,602 | ---- | M] () -- C:\Documents and Settings\Admin.XPSP2-9972C5432\Bureau\ERUNT.lnk
[2010/03/10 10:24:18 | 000,673,051 | ---- | M] () -- C:\Documents and Settings\Admin.XPSP2-9972C5432\Bureau\P1040688.JPG
[2010/03/09 16:53:25 | 000,000,786 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Bureau\Reaktor 5.lnk
[2010/03/09 12:24:32 | 000,001,612 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Bureau\Mozilla Firefox.lnk
[2010/03/08 13:45:28 | 000,000,660 | ---- | M] () -- C:\Documents and Settings\Admin.XPSP2-9972C5432\Bureau\VirtualDub.lnk
[2010/03/07 15:11:32 | 000,012,464 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\avgrsstx.dll
[2010/03/07 15:11:32 | 000,001,517 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Bureau\AVG 9.0.lnk
[2010/03/07 15:11:31 | 000,242,696 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgtdix.sys
[2010/03/07 15:11:31 | 000,052,872 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgrkx86.sys
[2010/03/07 15:11:26 | 000,216,200 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgldx86.sys
[2010/03/07 15:11:24 | 000,113,461 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\iavichjw.avm
[2010/03/07 15:11:24 | 000,029,512 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgmfx86.sys
[2010/03/07 14:07:38 | 000,001,558 | ---- | M] () -- C:\Documents and Settings\Admin.XPSP2-9972C5432\Bureau\CCleaner.lnk
[2010/03/07 13:40:31 | 000,000,706 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Bureau\Malwarebytes' Anti-Malware.lnk
[2010/03/07 13:25:01 | 000,001,744 | ---- | M] () -- C:\Documents and Settings\Admin.XPSP2-9972C5432\Bureau\HijackThis.lnk
[2010/03/06 20:36:40 | 000,001,673 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Bureau\FileZilla Client.lnk
[1 C:\Documents and Settings\Admin.XPSP2-9972C5432\Application Data\*.tmp files -> C:\Documents and Settings\Admin.XPSP2-9972C5432\Application Data\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/03/19 18:06:44 | 000,005,060 | ---- | C] () -- C:\Documents and Settings\Admin.XPSP2-9972C5432\Bureau\product-746935.jpg
[2010/03/19 18:03:19 | 000,966,825 | ---- | C] () -- C:\Documents and Settings\Admin.XPSP2-9972C5432\Bureau\P1040689.JPG
[2010/03/17 16:06:35 | 000,000,014 | ---- | C] () -- C:\WINDOWS\scode8.cfg
[2010/03/17 16:03:12 | 000,001,661 | ---- | C] () -- C:\Documents and Settings\Admin.XPSP2-9972C5432\Bureau\SpyBlocker.lnk
[2010/03/17 16:03:11 | 000,057,399 | ---- | C] () -- C:\WINDOWS\System32\Registry.ocx
[2010/03/17 16:02:59 | 000,008,784 | ---- | C] () -- C:\WINDOWS\F_France.gpl
[2010/03/13 01:04:16 | 000,000,693 | ---- | C] () -- C:\Documents and Settings\Admin.XPSP2-9972C5432\Bureau\MP3GainGUI.lnk
[2010/03/10 10:49:01 | 000,000,777 | ---- | C] () -- C:\Documents and Settings\Admin.XPSP2-9972C5432\Menu Démarrer\Programmes\Démarrage\ERUNT AutoBackup.lnk
[2010/03/10 10:47:04 | 000,000,602 | ---- | C] () -- C:\Documents and Settings\Admin.XPSP2-9972C5432\Bureau\ERUNT.lnk
[2010/03/10 10:10:24 | 000,673,051 | ---- | C] () -- C:\Documents and Settings\Admin.XPSP2-9972C5432\Bureau\P1040688.JPG
[2010/03/09 16:53:25 | 000,000,786 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Bureau\Reaktor 5.lnk
[2010/03/09 12:24:32 | 000,001,612 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Bureau\Mozilla Firefox.lnk
[2010/03/08 13:45:28 | 000,000,660 | ---- | C] () -- C:\Documents and Settings\Admin.XPSP2-9972C5432\Bureau\VirtualDub.lnk
[2010/03/07 15:11:32 | 000,001,517 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Bureau\AVG 9.0.lnk
[2010/03/07 15:11:24 | 000,113,461 | ---- | C] () -- C:\WINDOWS\System32\drivers\Avg\iavichjw.avm
[2010/03/07 15:11:18 | 057,417,231 | ---- | C] () -- C:\WINDOWS\System32\drivers\Avg\incavi.avm
[2010/03/07 14:07:38 | 000,001,558 | ---- | C] () -- C:\Documents and Settings\Admin.XPSP2-9972C5432\Bureau\CCleaner.lnk
[2010/03/07 13:40:31 | 000,000,706 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Bureau\Malwarebytes' Anti-Malware.lnk
[2010/03/07 13:24:52 | 000,001,744 | ---- | C] () -- C:\Documents and Settings\Admin.XPSP2-9972C5432\Bureau\HijackThis.lnk
[2010/03/01 05:42:34 | 000,000,162 | ---- | C] () -- C:\WINDOWS\msmmdx9.ini
[2010/02/21 20:51:15 | 000,000,370 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2010/02/20 16:46:45 | 000,162,304 | ---- | C] () -- C:\WINDOWS\System32\ztvunrar36.dll
[2010/02/20 16:46:45 | 000,153,088 | ---- | C] () -- C:\WINDOWS\System32\UNRAR3.dll
[2010/02/20 16:46:45 | 000,077,312 | ---- | C] () -- C:\WINDOWS\System32\ztvunace26.dll
[2010/02/20 16:46:45 | 000,075,264 | ---- | C] () -- C:\WINDOWS\System32\unacev2.dll
[2010/02/18 10:34:16 | 001,273,856 | ---- | C] () -- C:\WINDOWS\System32\s-yf1D2MUl.dll
[2010/02/08 18:37:29 | 000,000,000 | -H-- | C] () -- C:\Documents and Settings\Admin.XPSP2-9972C5432\Application Data\.6B0BC6D25F423BE6.sys
[2010/02/07 17:50:23 | 000,000,000 | -H-- | C] () -- C:\Documents and Settings\Admin.XPSP2-9972C5432\Application Data\.6B0BC6D2D2AEB6BA.sys
[2010/02/07 17:32:15 | 000,000,000 | -H-- | C] () -- C:\Documents and Settings\Admin.XPSP2-9972C5432\Application Data\.6B0BC6D291FA33FC.sys
[2010/02/07 17:31:49 | 000,000,000 | -H-- | C] () -- C:\Documents and Settings\Admin.XPSP2-9972C5432\Application Data\.6B0BC6D272B730B3.sys
[2010/02/07 17:31:33 | 000,000,000 | -H-- | C] () -- C:\Documents and Settings\Admin.XPSP2-9972C5432\Application Data\.6B0BC6D2D8910D51.sys
[2010/02/07 17:30:59 | 000,000,000 | -H-- | C] () -- C:\Documents and Settings\Admin.XPSP2-9972C5432\Application Data\.6B0BC6D2D8910D50.sys
[2010/02/07 17:23:26 | 000,000,021 | ---- | C] () -- C:\Documents and Settings\Admin.XPSP2-9972C5432\Application Data\iasna_C92E1371-3DF5-4322-9729-82CC0DD90EC5.dll
[2010/02/07 17:07:42 | 000,000,000 | -H-- | C] () -- C:\Documents and Settings\Admin.XPSP2-9972C5432\Application Data\.6B0BC6D23E818710.sys
[2010/02/07 16:58:05 | 000,000,000 | -H-- | C] () -- C:\Documents and Settings\Admin.XPSP2-9972C5432\Application Data\.6B0BC6D2C0ADD4DD.sys
[2009/12/24 12:49:39 | 000,000,153 | ---- | C] () -- C:\Documents and Settings\Admin.XPSP2-9972C5432\Application Data\default.rss
[2009/12/22 12:48:46 | 000,499,246 | ---- | C] () -- C:\WINDOWS\System32\sqlite3.dll
[2009/12/18 12:23:15 | 000,000,021 | ---- | C] () -- C:\Documents and Settings\Admin.XPSP2-9972C5432\Application Data\iasna_C92E1371-3DF5-4322-9729-82CC0DD90EC8.dll
[2009/12/18 12:23:08 | 000,000,021 | ---- | C] () -- C:\Documents and Settings\Admin.XPSP2-9972C5432\Application Data\iasna_496F4C99-60CC-4b9e-AC1B-FA060E643C30.dll
[2009/12/18 12:23:05 | 000,000,021 | ---- | C] () -- C:\Documents and Settings\Admin.XPSP2-9972C5432\Application Data\iasna_FB9AECF7-F56E-4c47-A862-8892AA545109.dll
[2009/12/18 12:22:58 | 000,000,010 | ---- | C] () -- C:\Documents and Settings\Admin.XPSP2-9972C5432\Application Data\iasna_F4F01109-B336-401f-BDE2-7C1926744122.dll
[2009/12/18 12:22:56 | 000,000,021 | ---- | C] () -- C:\Documents and Settings\Admin.XPSP2-9972C5432\Application Data\iasna_82424970-0916-4145-974C-09EBC0BE67BF.dll
[2009/12/01 13:13:07 | 000,000,000 | -H-- | C] () -- C:\Documents and Settings\Admin.XPSP2-9972C5432\Application Data\.6B0BC6D220543E20.sys
[2009/12/01 12:12:58 | 000,000,000 | -H-- | C] () -- C:\Documents and Settings\Admin.XPSP2-9972C5432\Application Data\.6B0BC6D220543E1F.sys
[2009/11/07 15:02:07 | 000,000,086 | ---- | C] () -- C:\Documents and Settings\Admin.XPSP2-9972C5432\Application Data\default.pls
[2009/11/07 15:00:50 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2009/10/19 18:50:09 | 000,000,379 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2009/10/19 18:41:56 | 000,004,767 | ---- | C] () -- C:\WINDOWS\Irremote.ini
[2009/10/16 18:28:37 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\JJAKEn.dll
[2009/10/08 14:46:10 | 000,041,472 | ---- | C] () -- C:\Documents and Settings\Admin.XPSP2-9972C5432\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/10/06 15:15:23 | 000,000,099 | ---- | C] () -- C:\WINDOWS\System32\PICSDK.ini
[2009/10/06 15:14:01 | 000,000,025 | ---- | C] () -- C:\WINDOWS\CDE DX3800EFGIPSD.ini
[2009/09/12 18:02:56 | 000,010,886 | ---- | C] () -- C:\WINDOWS\System32\RdCi1027.dll
[2009/09/12 16:40:02 | 000,002,240 | ---- | C] () -- C:\WINDOWS\LENDIG.sys
[2009/09/11 22:28:35 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\FxShared.dll
[2009/09/11 22:28:35 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\com.fxpansion.fxshared.dll
[2009/09/11 21:51:38 | 000,001,025 | ---- | C] () -- C:\WINDOWS\System32\sysprs7.dll
[2009/09/11 21:51:38 | 000,001,025 | ---- | C] () -- C:\WINDOWS\System32\clauth2.dll
[2009/09/11 21:51:38 | 000,001,025 | ---- | C] () -- C:\WINDOWS\System32\clauth1.dll
[2009/09/11 21:51:38 | 000,000,205 | ---- | C] () -- C:\WINDOWS\System32\lsprst7.dll
[2009/09/11 21:51:38 | 000,000,073 | ---- | C] () -- C:\WINDOWS\System32\ssprs.dll
[2009/09/11 21:08:55 | 000,163,840 | ---- | C] () -- C:\WINDOWS\System32\ArtFfct.dll
[2009/09/11 16:48:39 | 000,073,728 | ---- | C] () -- C:\WINDOWS\System32\RtNicProp32.dll
[2009/09/11 15:32:17 | 000,190,464 | ---- | C] () -- C:\WINDOWS\System32\WgaLogon.dll
[2009/08/09 16:00:00 | 001,210,208 | ---- | C] () -- C:\Documents and Settings\Admin.XPSP2-9972C5432\Application Data\MMultiBandAutopanpresets.xml
[2009/08/09 16:00:00 | 000,919,437 | ---- | C] () -- C:\Documents and Settings\Admin.XPSP2-9972C5432\Application Data\MMultiBandVibratopresets.xml
[2009/08/09 16:00:00 | 000,886,643 | ---- | C] () -- C:\Documents and Settings\Admin.XPSP2-9972C5432\Application Data\MMultiBandRingModulatorpresets.xml
[2009/08/09 16:00:00 | 000,857,792 | ---- | C] () -- C:\Documents and Settings\Admin.XPSP2-9972C5432\Application Data\MMultiBandPhaserpresets.xml
[2009/08/09 16:00:00 | 000,614,095 | ---- | C] () -- C:\Documents and Settings\Admin.XPSP2-9972C5432\Application Data\MMultiBandTremolopresets.xml
[2009/08/09 16:00:00 | 000,335,546 | ---- | C] () -- C:\Documents and Settings\Admin.XPSP2-9972C5432\Application Data\MReverbpresets.xml
[2009/08/09 16:00:00 | 000,244,500 | ---- | C] () -- C:\Documents and Settings\Admin.XPSP2-9972C5432\Application Data\MMultiBandWaveShaperpresets.xml
[2009/08/09 16:00:00 | 000,172,324 | ---- | C] () -- C:\Documents and Settings\Admin.XPSP2-9972C5432\Application Data\MAnalyzerpresets.xml
[2009/08/09 16:00:00 | 000,140,966 | ---- | C] () -- C:\Documents and Settings\Admin.XPSP2-9972C5432\Application Data\MMultiBandDynamicspresets.xml
[2009/08/09 16:00:00 | 000,050,760 | ---- | C] () -- C:\Documents and Settings\Admin.XPSP2-9972C5432\Application Data\MSpectralDynamicspresets.xml
[2009/08/09 16:00:00 | 000,026,438 | ---- | C] () -- C:\Documents and Settings\Admin.XPSP2-9972C5432\Application Data\MDynamicspresets.xml
[2009/08/09 16:00:00 | 000,022,238 | ---- | C] () -- C:\Documents and Settings\Admin.XPSP2-9972C5432\Application Data\MMultiBandLimiterpresets.xml
[2009/08/09 16:00:00 | 000,010,486 | ---- | C] () -- C:\Documents and Settings\Admin.XPSP2-9972C5432\Application Data\MEqualizerLinearPhasepresets.xml
[2009/08/09 16:00:00 | 000,007,954 | ---- | C] () -- C:\Documents and Settings\Admin.XPSP2-9972C5432\Application Data\MEqualizerpresets.xml
[2009/08/09 16:00:00 | 000,006,753 | ---- | C] () -- C:\Documents and Settings\Admin.XPSP2-9972C5432\Application Data\MCompressorpresets.xml
[2009/08/09 16:00:00 | 000,005,160 | ---- | C] () -- C:\Documents and Settings\Admin.XPSP2-9972C5432\Application Data\MWaveShaperpresets.xml
[2009/08/09 16:00:00 | 000,004,150 | ---- | C] () -- C:\Documents and Settings\Admin.XPSP2-9972C5432\Application Data\MStereoProcessorpresets.xml
[2009/08/09 16:00:00 | 000,002,841 | ---- | C] () -- C:\Documents and Settings\Admin.XPSP2-9972C5432\Application Data\MRingModulatorpresets.xml
[2009/08/09 16:00:00 | 000,002,615 | ---- | C] () -- C:\Documents and Settings\Admin.XPSP2-9972C5432\Application Data\MPhaserpresets.xml
[2009/08/09 16:00:00 | 000,001,725 | ---- | C] () -- C:\Documents and Settings\Admin.XPSP2-9972C5432\Application Data\MStereoExpanderpresets.xml
[2009/08/09 16:00:00 | 000,001,403 | ---- | C] () -- C:\Documents and Settings\Admin.XPSP2-9972C5432\Application Data\MUltraMaximizerpresets.xml
[2009/08/09 16:00:00 | 000,001,107 | ---- | C] () -- C:\Documents and Settings\Admin.XPSP2-9972C5432\Application Data\MVibratopresets.xml
[2009/08/09 16:00:00 | 000,000,990 | ---- | C] () -- C:\Documents and Settings\Admin.XPSP2-9972C5432\Application Data\MTremolopresets.xml
[2009/08/09 16:00:00 | 000,000,683 | ---- | C] () -- C:\Documents and Settings\Admin.XPSP2-9972C5432\Application Data\MAutopanpresets.xml
[2009/08/09 16:00:00 | 000,000,620 | ---- | C] () -- C:\Documents and Settings\Admin.XPSP2-9972C5432\Application Data\MLimiterpresets.xml
[2006/11/08 06:41:21 | 000,106,496 | ---- | C] () -- C:\WINDOWS\System32\8ddeb654.dll
[2006/02/01 14:41:21 | 000,008,192 | ---- | C] () -- C:\WINDOWS\System32\41b10d68.dll
[2006/02/01 14:41:20 | 000,000,034 | ---- | C] () -- C:\WINDOWS\System32\862606e3.dll
[2004/08/03 21:59:44 | 000,096,512 | ---- | C] () -- C:\WINDOWS\System32\drivers\atapi.sys
[2004/03/15 18:28:50 | 000,069,120 | ---- | C] () -- C:\WINDOWS\daemon.dll
[2001/10/02 17:17:26 | 001,769,312 | ---- | C] () -- C:\WINDOWS\System32\winsock.dll

========== LOP Check ==========

[2009/12/16 14:57:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin.XPSP2-9972C5432\Application Data\4Front
[2010/01/11 12:40:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin.XPSP2-9972C5432\Application Data\Ableton
[2010/03/08 22:06:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin.XPSP2-9972C5432\Application Data\AVG9
[2010/01/23 21:53:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin.XPSP2-9972C5432\Application Data\BitTorrent
[2009/10/06 16:17:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin.XPSP2-9972C5432\Application Data\EPSON
[2009/12/27 17:20:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin.XPSP2-9972C5432\Application Data\FabFilter
[2010/03/05 09:08:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin.XPSP2-9972C5432\Application Data\Facebook
[2010/03/19 12:48:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin.XPSP2-9972C5432\Application Data\FileZilla
[2010/02/21 16:32:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin.XPSP2-9972C5432\Application Data\foobar2000
[2010/02/13 12:58:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin.XPSP2-9972C5432\Application Data\FXpansion
[2010/01/07 22:07:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin.XPSP2-9972C5432\Application Data\Gena01
[2009/09/12 16:38:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin.XPSP2-9972C5432\Application Data\iZotope
[2009/10/20 00:44:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin.XPSP2-9972C5432\Application Data\MeldaProduction MAutoEqualizer
[2010/02/20 00:02:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin.XPSP2-9972C5432\Application Data\MeldaProduction MCompressor
[2010/01/28 23:55:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin.XPSP2-9972C5432\Application Data\MeldaProduction MMultiBandDynamics
[2009/10/25 18:37:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin.XPSP2-9972C5432\Application Data\MeldaProduction MMultiBandLimiter
[2010/01/28 23:59:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin.XPSP2-9972C5432\Application Data\MeldaProduction MStereoExpander
[2009/11/06 22:43:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin.XPSP2-9972C5432\Application Data\MeldaProduction MStereoProcessor
[2009/10/20 00:44:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin.XPSP2-9972C5432\Application Data\MSPS
[2009/12/15 16:21:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin.XPSP2-9972C5432\Application Data\nView_Wallpaper
[2009/10/18 21:27:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin.XPSP2-9972C5432\Application Data\Publish Providers
[2010/03/05 07:41:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin.XPSP2-9972C5432\Application Data\QuickScan
[2009/11/06 11:33:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin.XPSP2-9972C5432\Application Data\Rapid Evolution 2
[2009/10/25 21:50:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin.XPSP2-9972C5432\Application Data\Sony
[2009/10/16 19:08:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin.XPSP2-9972C5432\Application Data\Sony Setup
[2009/12/19 19:37:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin.XPSP2-9972C5432\Application Data\Steinberg
[2009/10/30 23:10:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin.XPSP2-9972C5432\Application Data\TuneUp Software
[2009/11/27 18:45:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin.XPSP2-9972C5432\Application Data\VirSyn Software Synthesizer
[2009/11/17 18:55:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin.XPSP2-9972C5432\Application Data\VitySoft
[2009/09/12 21:14:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin.XPSP2-9972C5432\Application Data\Waves Audio
[2009/11/06 13:21:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin.XPSP2-9972C5432\Application Data\~LM00001.tmp
[2009/12/16 14:56:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\4Front
[2009/09/11 16:31:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Ableton
[2010/02/19 14:21:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Alwil Software
[2010/02/07 17:23:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Audio Damage
[2010/03/07 15:10:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\avg9
[2009/09/11 22:01:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Cakewalk
[2010/01/07 21:55:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Doctor Web
[2010/03/07 14:08:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Grisoft
[2010/03/10 11:18:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\ma-config.com
[2010/01/04 21:10:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Native Instruments
[2009/12/21 23:40:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Note
[2009/12/01 22:20:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\OrbNetworks
[2009/12/27 17:21:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Spectrasonics
[2009/12/19 19:16:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Steinberg
[2010/02/19 13:15:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP
[2009/10/30 23:10:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\TuneUp Software
[2009/10/06 15:19:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\UDL
[2009/11/27 18:48:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\VST3 Presets
[2009/11/27 01:27:02 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\{4275E5EA-6E30-48EB-A209-F964539CBE1C}
[2009/10/30 23:10:16 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\{55A29068-F2CE-456C-9148-C869879E2357}
[2009/10/17 00:43:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2010/03/09 16:53:30 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\{A6CBE6A2-B738-440D-B19A-60D7C36810C7}
[2009/11/27 01:31:46 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\{BF329843-149E-4A5A-82A1-0250286442D0}
[2009/11/25 17:20:53 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\{C2686527-0D57-4F0B-ADAB-EE203CA30FC6}
[2009/11/27 01:29:07 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\{E7D4E1BB-A8A8-4E3B-BEA6-38DD8E4522DF}
[2010/03/20 13:02:16 | 000,000,508 | ---- | M] () -- C:\WINDOWS\Tasks\Maintenance en 1 clic.job

========== Purity Check ==========


<End>
nikko33
 
Messages: 25
Inscription: 10 Mar 2010, 11:06

Messagede nikko33 » 20 Mar 2010, 13:12

J'ai laissé le PC allumé la nuit dernière et ce matin il avait encore planté sans raison apparente , les ad servers sont toujours là et le démarrage rame toujours (ça bloque juste avant de rentrer mes identifiants)...

merci pour ta patience... :D
nikko33
 
Messages: 25
Inscription: 10 Mar 2010, 11:06

Messagede nickW » 22 Mar 2010, 00:33

Bonsoir,

Ce que détecte AVG se trouve dans les dossiers de la Restauration système et n'est pas dangereux (bien évidemment tant que l'on n'utilise pas cette Restauration système).

Ces détections sont bien souvent des faux-positifs (les fichiers sont cryptés et compressés, ce qui donne lieu à de fausses détections).


Qu'appelles-tu exactement les "ad servers"?


Peux-tu relancer un "Examen rapide" avec Malwarebytes' Anti-Malware (MBAM) et envoyer le rapport?

A suivre,
nickW - Image
30/07/2012: Plus de désinfection de PC jusqu'à nouvel ordre.
Pas de demande d'analyse de log en MP (Message Privé)
Mes configs
Avatar de l’utilisateur
nickW
Modérateur
 
Messages: 21698
Inscription: 20 Mai 2004, 17:41
Localisation: Dordogne/Île de France

Messagede nikko33 » 22 Mar 2010, 11:53

Salut nickw,

les adservers ce sont les pubs intempestives qui me pourrissent mozilla ex: "yieldmanager" ou "primavega" et c'est sur le site s'assiste que j'ai compris que c'était ça. Pour l'instant je n'ai rien trouvé pour les supprimer.

Malwarebytes' Anti-Malware 1.44
Version de la base de données: 3898
Windows 5.1.2600 Service Pack 3
Internet Explorer 6.0.2900.5512

22/03/2010 11:54:09
mbam-log-2010-03-22 (11-54-06).txt

Type de recherche: Examen rapide
Eléments examinés: 169539
Temps écoulé: 4 minute(s), 56 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 1
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 1

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
C:\Program Files\Windows Live\Messenger\msimg32.dll (Adware.MyWebSearch) -> No action taken.

Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
C:\Program Files\Windows Live\Messenger\msimg32.dll (Adware.MyWebSearch) -> No action taken.
nikko33
 
Messages: 25
Inscription: 10 Mar 2010, 11:06

Messagede nickW » 22 Mar 2010, 23:52

Bonsoir,

On continue ...

Étape 1: OTL (de OldTimer), préparation du nettoyage

Supprimer le fichier fix.txt créé précédemment.

Ouvrir une fenêtre du Bloc-notes, via Démarrer---->Exécuter, taper notepad puis cliquer sur OK

Sélectionner toutes les lignes de la zone blanche située sous "Code:" ci-dessous, puis appuyer simultanément sur les touches Ctrl et C

Code: Tout sélectionner
rien

:Processes
firefox.exe

:otl
FF - prefs.js..extensions.enabledItems: {74a734dd-b3a8-bc83-23f5-fcc9ce1134c0}:4.6.6.4
[2010/02/20 17:23:41 | 000,000,000 | ---D | M] (LoudMo Contextual Ad Assistant) -- C:\Program Files\Mozilla Firefox\extensions\{74a734dd-b3a8-bc83-23f5-fcc9ce1134c0}



Retourner dans la fenêtre du Bloc-notes, faire un clic droit dans la fenêtre et choisir Coller
Vérifier dans le menu Format (en haut) que "Retour automatique à ligne" n'est pas actif (pas coché).
Enregistrer le fichier sous le nom fix.txt <---- ne pas modifier le nom du fichier
Fermer le Bloc-notes.

Note: Les lignes de la zone Code ci-dessus ont été créées exclusivement pour CET utilisateur: nikko33.
si vous n'êtes pas CET utilisateur, il ne faut pas les utiliser: elles pourraient endommager votre système.



Étape 2: Pas de processus de contrôle en temps réel
Désactiver le module résident de l'antivirus.
Image AVG: lancer AVG, double clic sur le composant "Bouclier résident", décocher "Bouclier résident actif"


Étape 3: OTL (de OldTimer), nettoyage

Faire un double clic sur OTL.exe pour lancer l'outil.

L'écran principal de OTL s'affiche:
Image

Cliquer sur le bouton Run Fix: Image

Il y a ouverture d'une petite fenêtre "Information": Image

Cliquer sur le bouton Yes.

A partir de la nouvelle fenêtre "Ouvrir", naviguer jusqu'au dossier de sauvegarde du fichier fix.txt puis cliquer sur le bouton Ouvrir.

Le contenu du fichier fix.txt est ainsi inséré dans le panneau "Custom Scans/Fixes" Image

Fermer toutes les fenêtres de programme ouvertes autres que OTL (navigateur, traitement de texte, etc...): un redémarrage du PC va se produire.

Cliquer de nouveau sur le bouton Run Fix: Image

Note: Si un redémarrage est demandé, cliquer sur Oui/Yes

Lorsque l'outil a terminé son travail, il y a affichage dans une petite fenêtre du message "Fix Complete! Click OK to open the fix log". Cliquer sur OK puis fermer OTL.


Étape 4: Pas de processus de contrôle en temps réel
Si un redémarrage a eu lieu et si le module résident de l'antivirus a été réactivé, il faut de nouveau le désactiver .
Image AVG: lancer AVG, double clic sur le composant "Bouclier résident", décocher "Bouclier résident actif"


Étape 5: Malwarebytes' Anti-Malware, nettoyage
Fermer toutes les fenêtres de programme ouvertes.
Lancer Malwarebytes' Anti-Malware via le Menu Démarrer.
Dans l'onglet Paramètres, vérifier que toutes les cases sont cochées sauf "Créer une option dans le menu contextuel pour analyser des fichiers (clic droit)".
Dans l'onglet Mise à jour, cliquer sur le bouton Recherche de mise à jour et installer toutes les mises à jour trouvées.
Dans l'onglet Recherche, cocher le bouton radio situé devant "Exécuter un examen rapide" puis cliquer sur le bouton Rechercher.
Attendre sans rien faire d'autre la fin de la recherche; dans la fenêtre annonçant la fin de l'analyse, cliquer sur OK; puis cliquer sur le bouton "Afficher les résultats".

Si des éléments nuisibles ont été détectés, cliquer sur le bouton "Supprimer la sélection"
Attendre patiemment sans rien faire d'autre la fin du nettoyage.
Un redémarrage est parfois nécessaire. Accepter.
Une fenêtre du Bloc-notes s'ouvre pour afficher le rapport. Fermer le Bloc-notes.
Cliquer sur le bouton "Quitter" pour fermer Malwarebytes' Anti-Malware.


Étape 6: Désinstallation
Démarrer-->Paramètres-->Panneau de Configuration-->Ajout/Suppression de programmes
Rechercher et désinstaller (si trouvé) LoudMo Contextual Ad Assistant


Étape 7: OTL (de OldTimer), analyse rapide
Fermer toutes les fenêtres de programme ouvertes.

Faire un double clic sur OTL.exe pour lancer l'outil.

L'écran principal de OTL s'affiche:
Image

Cliquer sur le bouton Quick Scan:
Image


Laisser l'outil travailler sans l'interrompre.
Lorsque l'outil a terminé, il y a ouverture d'une fenêtre du Bloc-notes contenant un rapport (log).
Fermer le Bloc-notes.
Fermer la fenêtre de OTL.


Étape 8: Processus de contrôle en temps réel
Important: Réactiver le module résident de l'antivirus.


Étape 9: Résultats
Envoyer en réponse:
*- le rapport de correction de OTL (contenu du fichier SystemDrive\_OTL\MovedFiles\********_******.log - les *** sont des chiffres représentant la date [moisjourannée] et l'heure)
[SystemDrive représente la partition sur laquelle est installé le système, généralement C:]
*- le rapport de Malwarebytes' Anti-Malware (contenu du fichier mbam-log-****-**-** (**-**-**).txt situé dans le dossier SystemDrive\Documents and Settings\<tonprofil>\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs où ****-** (**-**-**) représente la date [année-mois-jour] et l'heure [hh-mn-ss])
[SystemDrive représente la partition sur laquelle est installé le système, généralement C:]

Envoyer ensuite en réponse dans un message distinct (à cause de la longueur du log):
*- le rapport principal de OTL (contenu du fichier OTL.txt situé sur le Bureau).
Le rapport envoyé sur le forum doit se terminer par une ligne contenant <End>. Si ce n'est pas le cas, il est incomplet, et doit alors être découpé en plusieurs messages.

Note importante: Pour l'envoi de ta(tes) réponse(s), il ne faut pas créer un nouveau sujet, mais cliquer sur le bouton "Répondre"
Image pour continuer dans ce fil de discussion.


Dans ta réponse, n'oublie pas de donner le plus d'informations possible sur l'état du PC: amélioration / disparition / aggravation des symptômes d'infection.

A suivre,
nickW - Image
30/07/2012: Plus de désinfection de PC jusqu'à nouvel ordre.
Pas de demande d'analyse de log en MP (Message Privé)
Mes configs
Avatar de l’utilisateur
nickW
Modérateur
 
Messages: 21698
Inscription: 20 Mai 2004, 17:41
Localisation: Dordogne/Île de France

Messagede nikko33 » 24 Mar 2010, 13:17

Salut,

rapport de correction OTL

Error: Unable to interpret <rien> in the current context!
========== PROCESSES ==========
Process firefox.exe killed successfully!
========== OTL ==========
Prefs.js: {74a734dd-b3a8-bc83-23f5-fcc9ce1134c0}:4.6.6.4 removed from extensions.enabledItems
C:\Program Files\Mozilla Firefox\extensions\{74a734dd-b3a8-bc83-23f5-fcc9ce1134c0}\components folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{74a734dd-b3a8-bc83-23f5-fcc9ce1134c0}\chrome folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{74a734dd-b3a8-bc83-23f5-fcc9ce1134c0} folder moved successfully.

OTL by OldTimer - Version 3.1.37.3 log created on 03232010_115651
nikko33
 
Messages: 25
Inscription: 10 Mar 2010, 11:06

Messagede nikko33 » 24 Mar 2010, 13:21

rapport Malwarebytes

Malwarebytes' Anti-Malware 1.41
Version de la base de données: 3220
Windows 5.1.2600 Service Pack 3

23/11/2009 23:42:14
mbam-log-2009-11-23 (23-42-14).txt

Type de recherche: Examen rapide
Eléments examinés: 143242
Temps écoulé: 6 minute(s), 2 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 2
Elément(s) de données du Registre infecté(s): 4
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 3

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\cmSTP (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\IEudinit (Trojan.Agent) -> Quarantined and deleted successfully.

Elément(s) de données du Registre infecté(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoSMHelp (Hijack.Help) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
C:\WINDOWS\cmstp.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Admin.XPSP2-9972C5432\Local Settings\Application Data\Microsoft\sessmgr.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\ieudinit.exe (Trojan.Agent) -> Quarantined and deleted successfully.
nikko33
 
Messages: 25
Inscription: 10 Mar 2010, 11:06

Messagede nikko33 » 24 Mar 2010, 13:28

enfin le rapport OTL

OTL logfile created on: 24/03/2010 13:27:50 - Run 7
OTL by OldTimer - Version 3.1.37.3 Folder = G:\mozilla downloads
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 74,00% Memory free
6,00 Gb Paging File | 5,00 Gb Available in Paging File | 90,00% Paging File free
Paging file location(s): C:\pagefile.sys 0 0 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 186,31 Gb Total Space | 81,24 Gb Free Space | 43,60% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
Drive G: | 465,76 Gb Total Space | 163,55 Gb Free Space | 35,11% Space Free | Partition Type: NTFS
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: XPSP2-9972C5432
Current User Name: Admin
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 14 Days
Output = Standard
Quick Scan

========== Processes (SafeList) ==========

PRC - [2010/03/20 12:56:52 | 000,555,520 | ---- | M] (OldTimer Tools) -- G:\mozilla downloads\OTL.exe
PRC - [2010/03/07 15:11:10 | 001,086,744 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgchsvx.exe
PRC - [2010/03/07 15:11:09 | 000,617,752 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgnsx.exe
PRC - [2010/03/07 15:11:09 | 000,508,184 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgrsx.exe
PRC - [2010/03/07 15:11:08 | 000,710,424 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgcsrvx.exe
PRC - [2010/03/07 15:11:04 | 002,059,544 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgtray.exe
PRC - [2010/03/07 15:11:03 | 000,836,888 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgam.exe
PRC - [2010/03/07 15:10:59 | 000,308,064 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgwdsvc.exe
PRC - [2010/02/10 15:35:13 | 000,604,488 | ---- | M] (TuneUp Software) -- C:\WINDOWS\system32\TUProgSt.exe
PRC - [2010/01/16 04:14:02 | 000,910,296 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2010/01/07 16:07:10 | 000,236,368 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2009/07/29 14:28:40 | 000,252,424 | ---- | M] (Avid Technology, Inc.) -- C:\WINDOWS\system32\MAFWTray.exe
PRC - [2009/07/09 11:22:18 | 000,144,712 | ---- | M] (Apple Inc.) -- C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
PRC - [2009/05/15 07:35:52 | 000,935,208 | ---- | M] (Nero AG) -- C:\Program Files\Fichiers communs\Nero\Nero BackItUp 4\NBService.exe
PRC - [2009/02/06 17:07:48 | 000,027,512 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Contacts\wlcomm.exe
PRC - [2008/04/14 03:34:03 | 001,037,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2005/02/08 05:00:00 | 000,098,304 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\WINDOWS\system32\spool\drivers\w32x86\3\E_FATIACE.EXE
PRC - [2004/03/12 21:43:18 | 000,081,920 | ---- | M] (DAEMON'S HOME) -- C:\Program Files\D-Tools\daemon.exe


========== Modules (SafeList) ==========

MOD - [2010/03/20 12:56:52 | 000,555,520 | ---- | M] (OldTimer Tools) -- G:\mozilla downloads\OTL.exe


========== Win32 Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- -- (NIHardwareService)
SRV - [2010/03/07 15:10:59 | 000,308,064 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG9\avgwdsvc.exe -- (avg9wd)
SRV - [2010/02/10 15:35:13 | 000,604,488 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\WINDOWS\system32\TUProgSt.exe -- (TuneUp.ProgramStatisticsSvc)
SRV - [2010/02/10 15:35:11 | 000,361,288 | ---- | M] (TuneUp Software) [On_Demand | Stopped] -- C:\WINDOWS\system32\TuneUpDefragService.exe -- (TuneUp.Defrag)
SRV - [2010/01/26 17:45:08 | 000,243,056 | ---- | M] (CybelSoft) [On_Demand | Stopped] -- C:\Program Files\ma-config.com\maconfservice.exe -- (maconfservice)
SRV - [2010/01/07 16:07:10 | 000,236,368 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2009/11/16 12:25:48 | 000,029,000 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\WINDOWS\system32\uxtuneup.dll -- (UxTuneUp)
SRV - [2009/07/09 11:22:18 | 000,144,712 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2009/05/15 07:35:52 | 000,935,208 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files\Fichiers communs\Nero\Nero BackItUp 4\NBService.exe -- (Nero BackItUp Scheduler 4.0)
SRV - [2009/02/16 12:34:34 | 000,415,152 | ---- | M] (telechargement.fr) [Auto | Stopped] -- C:\WINDOWS\System32\pr2ausyt.exe -- (pr2ausyt) Techniques audionumeriques en homestudio Drivers Auto Removal (pr2ausyt)
SRV - [2007/01/19 10:49:26 | 000,049,152 | ---- | M] (Wireless Service) [On_Demand | Stopped] -- C:\Program Files\ANI\ANIWZCS2 Service\ANIWZCSdS.exe -- (ANIWZCSdService)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://google.fr/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore = http://www.google.fr/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultengine: ""
FF - prefs.js..browser.search.defaultenginename: ""
FF - prefs.js..browser.search.defaulturl: ""
FF - prefs.js..browser.search.order.1: ""
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.google.fr/"
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.1.3
FF - prefs.js..extensions.enabledItems: {3f963a5b-e555-4543-90e2-c3908898db71}:9.0.0.783
FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.7.1
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0


FF - HKLM\software\mozilla\Firefox\Extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: C:\Program Files\AVG\AVG9\Firefox [2010/03/07 15:10:59 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/03/09 12:24:31 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/03/09 12:24:29 | 000,000,000 | ---D | M]

[2009/09/11 18:47:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin.XPSP2-9972C5432\Application Data\Mozilla\Extensions
[2010/03/24 12:31:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin.XPSP2-9972C5432\Application Data\Mozilla\Firefox\Profiles\f07vxccg.default\extensions
[2009/10/19 18:40:35 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Admin.XPSP2-9972C5432\Application Data\Mozilla\Firefox\Profiles\f07vxccg.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/03/09 15:40:48 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Documents and Settings\Admin.XPSP2-9972C5432\Application Data\Mozilla\Firefox\Profiles\f07vxccg.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2010/01/17 22:07:44 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Documents and Settings\Admin.XPSP2-9972C5432\Application Data\Mozilla\Firefox\Profiles\f07vxccg.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2009/10/17 13:49:05 | 000,002,171 | ---- | M] () -- C:\Documents and Settings\Admin.XPSP2-9972C5432\Application Data\Mozilla\Firefox\Profiles\f07vxccg.default\searchplugins\bing.xml
[2010/03/23 12:05:51 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010/01/16 02:10:07 | 000,001,516 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazon-france.xml
[2010/01/16 02:10:07 | 000,001,822 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\cnrtl-tlfi-fr.xml
[2010/01/16 02:10:07 | 000,000,757 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay-france.xml
[2010/01/16 02:10:07 | 000,001,426 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-fr.xml
[2010/01/16 02:10:07 | 000,000,652 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo-france.xml

Hosts file not found
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Programme d'aide de l'Assistant de connexion Windows Live) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (TextAloud) - {F053C368-5458-45B2-9B4D-D8914BDDDBFF} - C:\Program Files\TextAloud\TAForIE.dll ()
O4 - HKLM..\Run: [Adobe ARM] C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [AVG9_TRAY] C:\Program Files\AVG\AVG9\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [DAEMON Tools-1033] C:\Program Files\D-Tools\daemon.exe (DAEMON'S HOME)
O4 - HKLM..\Run: [EPSON Stylus DX3800 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIACE.EXE (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [M-Audio Taskbar Icon] C:\WINDOWS\system32\MAFWTray.exe (Avid Technology, Inc.)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - Startup: C:\Documents and Settings\Admin.XPSP2-9972C5432\Menu Démarrer\Programmes\Démarrage\ERUNT AutoBackup.lnk = C:\Program Files\ERUNT\AUTOBACK.EXE ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: MemCheckBoxInRunDlg = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMBalloonTip = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktopCleanupWizard = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoWelcomeScreen = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoAutoUpdate = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 0
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office10\EXCEL.EXE (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Program Files\Fichiers communs\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UIHost - (%SystemRoot%\system32\logonui.exe) - C:\WINDOWS\System32\logonui.exe File not found
O20 - Winlogon\Notify\avgrsstarter: DllName - avgrsstx.dll - C:\WINDOWS\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)
O24 - Desktop Components:0 (Ma page d'accueil) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Admin.XPSP2-9972C5432\Mes documents\My Wallpapers\Default.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Admin.XPSP2-9972C5432\Mes documents\My Wallpapers\Default.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008/03/19 01:56:08 | 000,000,095 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 14 Days ==========

[2010/03/21 23:59:01 | 000,000,000 | ---D | C] -- C:\Program Files\Mixed In Key 4
[2010/03/21 23:27:55 | 000,000,000 | ---D | C] -- C:\Program Files\Platinum Notes
[2010/03/21 22:48:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Admin.XPSP2-9972C5432\Local Settings\Application Data\eLicenser
[2010/03/21 22:39:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Syncrosoft
[2010/03/21 22:39:09 | 000,000,000 | ---D | C] -- C:\Program Files\Syncrosoft
[2010/03/21 22:39:09 | 000,000,000 | ---D | C] -- C:\Program Files\eLicenser
[2010/03/21 22:39:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\eLicenser
[2010/03/21 22:39:07 | 001,261,568 | ---- | C] (Steinberg Media Technologies GmbH) -- C:\WINDOWS\System32\SYNSOACC.dll
[2010/03/21 22:38:50 | 000,000,000 | ---D | C] -- C:\Program Files\Fichiers communs\Intel
[2010/03/17 16:04:09 | 000,000,000 | -H-D | C] -- C:\$AVG
[2010/03/17 16:03:12 | 000,065,536 | ---- | C] (FLOMIX Studios) -- C:\WINDOWS\System32\foxcbmp3.dll
[2010/03/17 16:02:59 | 000,796,672 | ---- | C] (Qsc) -- C:\WINDOWS\GPInstall.exe
[2010/03/14 16:46:35 | 000,000,000 | ---D | C] -- C:\ToolBar SD
[2010/03/12 15:41:48 | 000,000,000 | ---D | C] -- C:\WINDOWS\Performance
[2010/03/12 15:41:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Admin.XPSP2-9972C5432\Local Settings\Application Data\Microsoft Corporation
[2009/09/11 21:02:53 | 000,156,800 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\d346bus.sys
[2009/09/11 21:02:53 | 000,005,248 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\d346prt.sys
[2009/02/10 18:54:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Google
[2009/01/30 14:13:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Google
[2008/09/06 19:29:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Apple
[2008/03/31 16:39:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft
[2008/03/19 00:28:40 | 000,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Application Data\Microsoft
[2008/03/19 00:23:36 | 000,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Application Data\Microsoft
[2008/03/19 00:23:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft
[1 C:\Documents and Settings\Admin.XPSP2-9972C5432\Application Data\*.tmp files -> C:\Documents and Settings\Admin.XPSP2-9972C5432\Application Data\*.tmp -> ]

========== Files - Modified Within 14 Days ==========

[2010/03/24 13:00:05 | 000,000,508 | ---- | M] () -- C:\WINDOWS\tasks\Maintenance en 1 clic.job
[2010/03/24 12:38:47 | 057,623,175 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\incavi.avm
[2010/03/23 12:04:43 | 000,250,073 | ---- | M] () -- C:\WINDOWS\System32\NvApps.xml
[2010/03/23 12:04:32 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/03/23 12:04:31 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/03/23 12:04:00 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/03/23 12:03:25 | 011,534,336 | ---- | M] () -- C:\Documents and Settings\Admin.XPSP2-9972C5432\NTUSER.DAT
[2010/03/23 12:03:25 | 000,000,184 | -HS- | M] () -- C:\Documents and Settings\Admin.XPSP2-9972C5432\ntuser.ini
[2010/03/23 12:03:21 | 014,013,282 | -H-- | M] () -- C:\Documents and Settings\Admin.XPSP2-9972C5432\Local Settings\Application Data\IconCache.db
[2010/03/22 16:40:20 | 000,043,008 | ---- | M] () -- C:\Documents and Settings\Admin.XPSP2-9972C5432\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/03/22 00:27:18 | 000,000,045 | ---- | M] () -- C:\WINDOWS\System32\SYNSOPOS.exe.cfg
[2010/03/22 00:15:03 | 000,000,087 | ---- | M] () -- C:\WINDOWS\System32\ssprs.tgz
[2010/03/22 00:15:03 | 000,000,073 | ---- | M] () -- C:\WINDOWS\System32\ssprs.dll
[2010/03/22 00:15:02 | 000,000,219 | ---- | M] () -- C:\WINDOWS\System32\lsprst7.tgz
[2010/03/22 00:15:02 | 000,000,205 | ---- | M] () -- C:\WINDOWS\System32\lsprst7.dll
[2010/03/21 23:59:02 | 000,000,826 | ---- | M] () -- C:\Documents and Settings\Admin.XPSP2-9972C5432\Bureau\Mixed In Key 4.lnk
[2010/03/21 23:27:57 | 000,000,848 | ---- | M] () -- C:\Documents and Settings\Admin.XPSP2-9972C5432\Bureau\Platinum Notes 2.0.lnk
[2010/03/21 22:39:53 | 000,002,892 | ---- | M] () -- C:\WINDOWS\System32\audcon.sys
[2010/03/18 22:17:34 | 000,000,153 | ---- | M] () -- C:\Documents and Settings\Admin.XPSP2-9972C5432\Application Data\default.rss
[2010/03/18 22:17:32 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2010/03/17 16:06:35 | 000,000,014 | ---- | M] () -- C:\WINDOWS\scode8.cfg
[2010/03/17 16:02:59 | 000,796,672 | ---- | M] (Qsc) -- C:\WINDOWS\GPInstall.exe
[2010/03/13 01:04:16 | 000,000,693 | ---- | M] () -- C:\Documents and Settings\Admin.XPSP2-9972C5432\Bureau\MP3GainGUI.lnk
[1 C:\Documents and Settings\Admin.XPSP2-9972C5432\Application Data\*.tmp files -> C:\Documents and Settings\Admin.XPSP2-9972C5432\Application Data\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/03/21 23:59:02 | 000,000,826 | ---- | C] () -- C:\Documents and Settings\Admin.XPSP2-9972C5432\Bureau\Mixed In Key 4.lnk
[2010/03/21 23:27:57 | 000,000,848 | ---- | C] () -- C:\Documents and Settings\Admin.XPSP2-9972C5432\Bureau\Platinum Notes 2.0.lnk
[2010/03/21 22:39:53 | 000,002,892 | ---- | C] () -- C:\WINDOWS\System32\audcon.sys
[2010/03/21 22:39:10 | 000,147,425 | ---- | C] () -- C:\WINDOWS\System32\SYNSOACC-Aide.chm
[2010/03/21 22:39:10 | 000,120,468 | ---- | C] () -- C:\WINDOWS\System32\SYNSOACC-Hilfe.chm
[2010/03/21 22:39:10 | 000,114,279 | ---- | C] () -- C:\WINDOWS\System32\SYNSOACC-Help.chm
[2010/03/21 22:39:07 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\SYNSOPOS.exe
[2010/03/21 22:39:07 | 000,000,045 | ---- | C] () -- C:\WINDOWS\System32\SYNSOPOS.exe.cfg
[2010/03/17 16:06:35 | 000,000,014 | ---- | C] () -- C:\WINDOWS\scode8.cfg
[2010/03/17 16:03:11 | 000,057,399 | ---- | C] () -- C:\WINDOWS\System32\Registry.ocx
[2010/03/17 16:02:59 | 000,008,784 | ---- | C] () -- C:\WINDOWS\F_France.gpl
[2010/03/13 01:04:16 | 000,000,693 | ---- | C] () -- C:\Documents and Settings\Admin.XPSP2-9972C5432\Bureau\MP3GainGUI.lnk
[2010/03/01 05:42:34 | 000,000,162 | ---- | C] () -- C:\WINDOWS\msmmdx9.ini
[2010/02/21 20:51:15 | 000,000,370 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2010/02/20 16:46:45 | 000,162,304 | ---- | C] () -- C:\WINDOWS\System32\ztvunrar36.dll
[2010/02/20 16:46:45 | 000,153,088 | ---- | C] () -- C:\WINDOWS\System32\UNRAR3.dll
[2010/02/20 16:46:45 | 000,077,312 | ---- | C] () -- C:\WINDOWS\System32\ztvunace26.dll
[2010/02/20 16:46:45 | 000,075,264 | ---- | C] () -- C:\WINDOWS\System32\unacev2.dll
[2010/02/18 10:34:16 | 001,273,856 | ---- | C] () -- C:\WINDOWS\System32\s-yf1D2MUl.dll
[2010/02/08 18:37:29 | 000,000,000 | -H-- | C] () -- C:\Documents and Settings\Admin.XPSP2-9972C5432\Application Data\.6B0BC6D25F423BE6.sys
[2010/02/07 17:50:23 | 000,000,000 | -H-- | C] () -- C:\Documents and Settings\Admin.XPSP2-9972C5432\Application Data\.6B0BC6D2D2AEB6BA.sys
[2010/02/07 17:32:15 | 000,000,000 | -H-- | C] () -- C:\Documents and Settings\Admin.XPSP2-9972C5432\Application Data\.6B0BC6D291FA33FC.sys
[2010/02/07 17:31:49 | 000,000,000 | -H-- | C] () -- C:\Documents and Settings\Admin.XPSP2-9972C5432\Application Data\.6B0BC6D272B730B3.sys
[2010/02/07 17:31:33 | 000,000,000 | -H-- | C] () -- C:\Documents and Settings\Admin.XPSP2-9972C5432\Application Data\.6B0BC6D2D8910D51.sys
[2010/02/07 17:30:59 | 000,000,000 | -H-- | C] () -- C:\Documents and Settings\Admin.XPSP2-9972C5432\Application Data\.6B0BC6D2D8910D50.sys
[2010/02/07 17:23:26 | 000,000,021 | ---- | C] () -- C:\Documents and Settings\Admin.XPSP2-9972C5432\Application Data\iasna_C92E1371-3DF5-4322-9729-82CC0DD90EC5.dll
[2010/02/07 17:07:42 | 000,000,000 | -H-- | C] () -- C:\Documents and Settings\Admin.XPSP2-9972C5432\Application Data\.6B0BC6D23E818710.sys
[2010/02/07 16:58:05 | 000,000,000 | -H-- | C] () -- C:\Documents and Settings\Admin.XPSP2-9972C5432\Application Data\.6B0BC6D2C0ADD4DD.sys
[2009/12/24 12:49:39 | 000,000,153 | ---- | C] () -- C:\Documents and Settings\Admin.XPSP2-9972C5432\Application Data\default.rss
[2009/12/22 12:48:46 | 000,499,246 | ---- | C] () -- C:\WINDOWS\System32\sqlite3.dll
[2009/12/18 12:23:15 | 000,000,021 | ---- | C] () -- C:\Documents and Settings\Admin.XPSP2-9972C5432\Application Data\iasna_C92E1371-3DF5-4322-9729-82CC0DD90EC8.dll
[2009/12/18 12:23:08 | 000,000,021 | ---- | C] () -- C:\Documents and Settings\Admin.XPSP2-9972C5432\Application Data\iasna_496F4C99-60CC-4b9e-AC1B-FA060E643C30.dll
[2009/12/18 12:23:05 | 000,000,021 | ---- | C] () -- C:\Documents and Settings\Admin.XPSP2-9972C5432\Application Data\iasna_FB9AECF7-F56E-4c47-A862-8892AA545109.dll
[2009/12/18 12:22:58 | 000,000,010 | ---- | C] () -- C:\Documents and Settings\Admin.XPSP2-9972C5432\Application Data\iasna_F4F01109-B336-401f-BDE2-7C1926744122.dll
[2009/12/18 12:22:56 | 000,000,021 | ---- | C] () -- C:\Documents and Settings\Admin.XPSP2-9972C5432\Application Data\iasna_82424970-0916-4145-974C-09EBC0BE67BF.dll
[2009/12/01 13:13:07 | 000,000,000 | -H-- | C] () -- C:\Documents and Settings\Admin.XPSP2-9972C5432\Application Data\.6B0BC6D220543E20.sys
[2009/12/01 12:12:58 | 000,000,000 | -H-- | C] () -- C:\Documents and Settings\Admin.XPSP2-9972C5432\Application Data\.6B0BC6D220543E1F.sys
[2009/11/07 15:02:07 | 000,000,086 | ---- | C] () -- C:\Documents and Settings\Admin.XPSP2-9972C5432\Application Data\default.pls
[2009/11/07 15:00:50 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2009/10/19 18:50:09 | 000,000,379 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2009/10/19 18:41:56 | 000,004,767 | ---- | C] () -- C:\WINDOWS\Irremote.ini
[2009/10/16 18:28:37 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\JJAKEn.dll
[2009/10/08 14:46:10 | 000,043,008 | ---- | C] () -- C:\Documents and Settings\Admin.XPSP2-9972C5432\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/10/06 15:15:23 | 000,000,099 | ---- | C] () -- C:\WINDOWS\System32\PICSDK.ini
[2009/10/06 15:14:01 | 000,000,025 | ---- | C] () -- C:\WINDOWS\CDE DX3800EFGIPSD.ini
[2009/09/12 18:02:56 | 000,010,886 | ---- | C] () -- C:\WINDOWS\System32\RdCi1027.dll
[2009/09/12 16:40:02 | 000,002,240 | ---- | C] () -- C:\WINDOWS\LENDIG.sys
[2009/09/11 22:28:35 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\FxShared.dll
[2009/09/11 22:28:35 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\com.fxpansion.fxshared.dll
[2009/09/11 21:51:38 | 000,001,025 | ---- | C] () -- C:\WINDOWS\System32\sysprs7.dll
[2009/09/11 21:51:38 | 000,001,025 | ---- | C] () -- C:\WINDOWS\System32\clauth2.dll
[2009/09/11 21:51:38 | 000,001,025 | ---- | C] () -- C:\WINDOWS\System32\clauth1.dll
[2009/09/11 21:51:38 | 000,000,205 | ---- | C] () -- C:\WINDOWS\System32\lsprst7.dll
[2009/09/11 21:51:38 | 000,000,073 | ---- | C] () -- C:\WINDOWS\System32\ssprs.dll
[2009/09/11 21:08:55 | 000,163,840 | ---- | C] () -- C:\WINDOWS\System32\ArtFfct.dll
[2009/09/11 16:48:39 | 000,073,728 | ---- | C] () -- C:\WINDOWS\System32\RtNicProp32.dll
[2009/09/11 15:32:17 | 000,190,464 | ---- | C] () -- C:\WINDOWS\System32\WgaLogon.dll
[2009/08/09 16:00:00 | 001,210,208 | ---- | C] () -- C:\Documents and Settings\Admin.XPSP2-9972C5432\Application Data\MMultiBandAutopanpresets.xml
[2009/08/09 16:00:00 | 000,919,437 | ---- | C] () -- C:\Documents and Settings\Admin.XPSP2-9972C5432\Application Data\MMultiBandVibratopresets.xml
[2009/08/09 16:00:00 | 000,886,643 | ---- | C] () -- C:\Documents and Settings\Admin.XPSP2-9972C5432\Application Data\MMultiBandRingModulatorpresets.xml
[2009/08/09 16:00:00 | 000,857,792 | ---- | C] () -- C:\Documents and Settings\Admin.XPSP2-9972C5432\Application Data\MMultiBandPhaserpresets.xml
[2009/08/09 16:00:00 | 000,614,095 | ---- | C] () -- C:\Documents and Settings\Admin.XPSP2-9972C5432\Application Data\MMultiBandTremolopresets.xml
[2009/08/09 16:00:00 | 000,335,546 | ---- | C] () -- C:\Documents and Settings\Admin.XPSP2-9972C5432\Application Data\MReverbpresets.xml
[2009/08/09 16:00:00 | 000,244,500 | ---- | C] () -- C:\Documents and Settings\Admin.XPSP2-9972C5432\Application Data\MMultiBandWaveShaperpresets.xml
[2009/08/09 16:00:00 | 000,172,324 | ---- | C] () -- C:\Documents and Settings\Admin.XPSP2-9972C5432\Application Data\MAnalyzerpresets.xml
[2009/08/09 16:00:00 | 000,140,966 | ---- | C] () -- C:\Documents and Settings\Admin.XPSP2-9972C5432\Application Data\MMultiBandDynamicspresets.xml
[2009/08/09 16:00:00 | 000,050,760 | ---- | C] () -- C:\Documents and Settings\Admin.XPSP2-9972C5432\Application Data\MSpectralDynamicspresets.xml
[2009/08/09 16:00:00 | 000,026,438 | ---- | C] () -- C:\Documents and Settings\Admin.XPSP2-9972C5432\Application Data\MDynamicspresets.xml
[2009/08/09 16:00:00 | 000,022,238 | ---- | C] () -- C:\Documents and Settings\Admin.XPSP2-9972C5432\Application Data\MMultiBandLimiterpresets.xml
[2009/08/09 16:00:00 | 000,010,486 | ---- | C] () -- C:\Documents and Settings\Admin.XPSP2-9972C5432\Application Data\MEqualizerLinearPhasepresets.xml
[2009/08/09 16:00:00 | 000,007,954 | ---- | C] () -- C:\Documents and Settings\Admin.XPSP2-9972C5432\Application Data\MEqualizerpresets.xml
[2009/08/09 16:00:00 | 000,006,753 | ---- | C] () -- C:\Documents and Settings\Admin.XPSP2-9972C5432\Application Data\MCompressorpresets.xml
[2009/08/09 16:00:00 | 000,005,160 | ---- | C] () -- C:\Documents and Settings\Admin.XPSP2-9972C5432\Application Data\MWaveShaperpresets.xml
[2009/08/09 16:00:00 | 000,004,150 | ---- | C] () -- C:\Documents and Settings\Admin.XPSP2-9972C5432\Application Data\MStereoProcessorpresets.xml
[2009/08/09 16:00:00 | 000,002,841 | ---- | C] () -- C:\Documents and Settings\Admin.XPSP2-9972C5432\Application Data\MRingModulatorpresets.xml
[2009/08/09 16:00:00 | 000,002,615 | ---- | C] () -- C:\Documents and Settings\Admin.XPSP2-9972C5432\Application Data\MPhaserpresets.xml
[2009/08/09 16:00:00 | 000,001,725 | ---- | C] () -- C:\Documents and Settings\Admin.XPSP2-9972C5432\Application Data\MStereoExpanderpresets.xml
[2009/08/09 16:00:00 | 000,001,403 | ---- | C] () -- C:\Documents and Settings\Admin.XPSP2-9972C5432\Application Data\MUltraMaximizerpresets.xml
[2009/08/09 16:00:00 | 000,001,107 | ---- | C] () -- C:\Documents and Settings\Admin.XPSP2-9972C5432\Application Data\MVibratopresets.xml
[2009/08/09 16:00:00 | 000,000,990 | ---- | C] () -- C:\Documents and Settings\Admin.XPSP2-9972C5432\Application Data\MTremolopresets.xml
[2009/08/09 16:00:00 | 000,000,683 | ---- | C] () -- C:\Documents and Settings\Admin.XPSP2-9972C5432\Application Data\MAutopanpresets.xml
[2009/08/09 16:00:00 | 000,000,620 | ---- | C] () -- C:\Documents and Settings\Admin.XPSP2-9972C5432\Application Data\MLimiterpresets.xml
[2006/11/08 06:41:21 | 000,106,496 | ---- | C] () -- C:\WINDOWS\System32\8ddeb654.dll
[2006/02/01 14:41:21 | 000,008,192 | ---- | C] () -- C:\WINDOWS\System32\41b10d68.dll
[2006/02/01 14:41:20 | 000,000,034 | ---- | C] () -- C:\WINDOWS\System32\862606e3.dll
[2004/08/03 21:59:44 | 000,096,512 | ---- | C] () -- C:\WINDOWS\System32\drivers\atapi.sys
[2004/03/15 18:28:50 | 000,069,120 | ---- | C] () -- C:\WINDOWS\daemon.dll
[2001/10/02 17:17:26 | 001,769,312 | ---- | C] () -- C:\WINDOWS\System32\winsock.dll

========== LOP Check ==========

[2009/12/16 14:57:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin.XPSP2-9972C5432\Application Data\4Front
[2010/01/11 12:40:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin.XPSP2-9972C5432\Application Data\Ableton
[2010/03/08 22:06:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin.XPSP2-9972C5432\Application Data\AVG9
[2010/01/23 21:53:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin.XPSP2-9972C5432\Application Data\BitTorrent
[2009/10/06 16:17:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin.XPSP2-9972C5432\Application Data\EPSON
[2009/12/27 17:20:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin.XPSP2-9972C5432\Application Data\FabFilter
[2010/03/05 09:08:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin.XPSP2-9972C5432\Application Data\Facebook
[2010/03/23 16:39:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin.XPSP2-9972C5432\Application Data\FileZilla
[2010/02/21 16:32:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin.XPSP2-9972C5432\Application Data\foobar2000
[2010/02/13 12:58:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin.XPSP2-9972C5432\Application Data\FXpansion
[2010/01/07 22:07:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin.XPSP2-9972C5432\Application Data\Gena01
[2009/09/12 16:38:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin.XPSP2-9972C5432\Application Data\iZotope
[2009/10/20 00:44:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin.XPSP2-9972C5432\Application Data\MeldaProduction MAutoEqualizer
[2010/02/20 00:02:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin.XPSP2-9972C5432\Application Data\MeldaProduction MCompressor
[2010/01/28 23:55:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin.XPSP2-9972C5432\Application Data\MeldaProduction MMultiBandDynamics
[2009/10/25 18:37:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin.XPSP2-9972C5432\Application Data\MeldaProduction MMultiBandLimiter
[2010/01/28 23:59:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin.XPSP2-9972C5432\Application Data\MeldaProduction MStereoExpander
[2009/11/06 22:43:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin.XPSP2-9972C5432\Application Data\MeldaProduction MStereoProcessor
[2009/10/20 00:44:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin.XPSP2-9972C5432\Application Data\MSPS
[2009/12/15 16:21:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin.XPSP2-9972C5432\Application Data\nView_Wallpaper
[2009/10/18 21:27:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin.XPSP2-9972C5432\Application Data\Publish Providers
[2010/03/05 07:41:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin.XPSP2-9972C5432\Application Data\QuickScan
[2009/11/06 11:33:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin.XPSP2-9972C5432\Application Data\Rapid Evolution 2
[2009/10/25 21:50:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin.XPSP2-9972C5432\Application Data\Sony
[2009/10/16 19:08:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin.XPSP2-9972C5432\Application Data\Sony Setup
[2009/12/19 19:37:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin.XPSP2-9972C5432\Application Data\Steinberg
[2009/10/30 23:10:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin.XPSP2-9972C5432\Application Data\TuneUp Software
[2009/11/27 18:45:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin.XPSP2-9972C5432\Application Data\VirSyn Software Synthesizer
[2009/11/17 18:55:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin.XPSP2-9972C5432\Application Data\VitySoft
[2009/09/12 21:14:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin.XPSP2-9972C5432\Application Data\Waves Audio
[2009/11/06 13:21:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin.XPSP2-9972C5432\Application Data\~LM00001.tmp
[2009/12/16 14:56:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\4Front
[2009/09/11 16:31:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Ableton
[2010/02/19 14:21:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Alwil Software
[2010/02/07 17:23:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Audio Damage
[2010/03/07 15:10:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\avg9
[2009/09/11 22:01:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Cakewalk
[2010/01/07 21:55:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Doctor Web
[2010/03/21 22:40:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\eLicenser
[2010/03/07 14:08:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Grisoft
[2010/03/10 11:18:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\ma-config.com
[2010/01/04 21:10:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Native Instruments
[2009/12/21 23:40:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Note
[2009/12/01 22:20:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\OrbNetworks
[2009/12/27 17:21:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Spectrasonics
[2009/12/19 19:16:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Steinberg
[2010/03/21 22:39:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Syncrosoft
[2010/02/19 13:15:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP
[2009/10/30 23:10:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\TuneUp Software
[2009/10/06 15:19:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\UDL
[2009/11/27 18:48:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\VST3 Presets
[2009/11/27 01:27:02 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\{4275E5EA-6E30-48EB-A209-F964539CBE1C}
[2009/10/30 23:10:16 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\{55A29068-F2CE-456C-9148-C869879E2357}
[2009/10/17 00:43:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2010/03/09 16:53:30 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\{A6CBE6A2-B738-440D-B19A-60D7C36810C7}
[2009/11/27 01:31:46 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\{BF329843-149E-4A5A-82A1-0250286442D0}
[2009/11/25 17:20:53 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\{C2686527-0D57-4F0B-ADAB-EE203CA30FC6}
[2009/11/27 01:29:07 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\{E7D4E1BB-A8A8-4E3B-BEA6-38DD8E4522DF}
[2010/03/24 13:00:05 | 000,000,508 | ---- | M] () -- C:\WINDOWS\Tasks\Maintenance en 1 clic.job

========== Purity Check ==========


<End>
nikko33
 
Messages: 25
Inscription: 10 Mar 2010, 11:06

PrécédenteSuivante

Retourner vers Sécurité (Contamination - Décontamination)

Qui est en ligne

Utilisateurs parcourant ce forum: Aucun utilisateur enregistré et 33 invités