[|Résolus] Virus sshnas.dll
Dernière réponse : dans Sécurité
salut a tout les inetneaute de tom's guide!
Mon antivirus (avira) me previent souvent qu'il y a un virus (trj) lorsque je suis sur le net mais je ne peut le suprimer. Je vous demande de m'aider svp j'ai vu dans des autre forum le méme probléme mais il demander souvent de faire des manipulation personnalisé.j'espére avoir de vos réponse merci![:)]( ":)")
Mon antivirus (avira) me previent souvent qu'il y a un virus (trj) lorsque je suis sur le net mais je ne peut le suprimer. Je vous demande de m'aider svp j'ai vu dans des autre forum le méme probléme mais il demander souvent de faire des manipulation personnalisé.j'espére avoir de vos réponse merci
Autres pages sur : resolus virus sshnas dll
Lassé par la pub ? Créez un compte
Bonjour,
Télécharge OTL (de OldTimer) sur ton Bureau.
Double-clique sur OTL pour le lancer.
(Sous Vista/Win7, il faut cliquer droit sur OTL et choisir Exécuter en tant qu'administrateur)
Une fenêtre apparaît. Dans la section Rapport en haut de cette fenêtre, coche Rapport minimal.
Coche également les cases à côté de Recherche Lop et Recherche Purity.
Enfin, clique sur le bouton Analyse. Le scan ne prendra pas beaucoup de temps.
Une fois l'analyse terminée, deux fenêtres vont s'ouvrir dans le Bloc-notes : OTL.txt et Extras.txt. Ils se trouvent au même endroit que OTL (donc par défaut sur le Bureau).
Pour me transmettre les rapports :
Clique sur ce lien : http://www.cijoint.fr/
Clique sur Parcourir... et cherche le fichier du rapport que tu souhaites me transmettre.
Clique sur Ouvrir.
Clique sur Cliquez ici pour déposer le fichier.
Un lien de cette forme, hxxp://www.cijoint.fr/cjlink.php?file=cj200905/cijSKAP5fU.txt, est ajouté dans la page.
Copie-colle ce lien dans ta réponse.
(Sous Vista/Win7, il faut cliquer droit sur OTL et choisir Exécuter en tant qu'administrateur)
Pour me transmettre les rapports :
voila pour OTL.txt === http://www.cijoint.fr/cjlink.php?file=cj201004/cijIVx49...
et pour Extras.txt == http://www.cijoint.fr/cjlink.php?file=cj201004/cijP7rju...
et pour Extras.txt == http://www.cijoint.fr/cjlink.php?file=cj201004/cijP7rju...
Citation :
L'examen s'est terminé normalement. Cliquez sur 'Afficher les résultats' pour afficher tous les objets trouvés.
Malwarebytes' Anti-Malware 1.45
www.malwarebytes.org
Version de la base de données: 3978
Windows 5.1.2600 Service Pack 2
Internet Explorer 6.0.2900.2180
11/04/2010 19:58:00
mbam-log-2010-04-11 (19-58-00).txt
Type d'examen: Examen rapide
Elément(s) analysé(s): 98438
Temps écoulé: 4 minute(s), 17 seconde(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 1
Clé(s) du Registre infectée(s): 5
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 1
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
c:\WINDOWS\system32\sshnas21.dll (Trojan.Downloader) -> Delete on reboot.
Clé(s) du Registre infectée(s):
HKEY_CURRENT_USER\Software\YVIBBBHA8C (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sshnas (Trojan.Downloader) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\XML (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Handle (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\WEK9EMDHI9 (Trojan.Agent) -> Quarantined and deleted successfully.
Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
(Aucun élément nuisible détecté)
Fichier(s) infecté(s):
C:\WINDOWS\system32\sshnas21.dll (Trojan.Downloader) -> Delete on reboot.
www.malwarebytes.org
Version de la base de données: 3978
Windows 5.1.2600 Service Pack 2
Internet Explorer 6.0.2900.2180
11/04/2010 19:58:00
mbam-log-2010-04-11 (19-58-00).txt
Type d'examen: Examen rapide
Elément(s) analysé(s): 98438
Temps écoulé: 4 minute(s), 17 seconde(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 1
Clé(s) du Registre infectée(s): 5
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 1
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
c:\WINDOWS\system32\sshnas21.dll (Trojan.Downloader) -> Delete on reboot.
Clé(s) du Registre infectée(s):
HKEY_CURRENT_USER\Software\YVIBBBHA8C (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sshnas (Trojan.Downloader) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\XML (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Handle (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\WEK9EMDHI9 (Trojan.Agent) -> Quarantined and deleted successfully.
Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
(Aucun élément nuisible détecté)
Fichier(s) infecté(s):
C:\WINDOWS\system32\sshnas21.dll (Trojan.Downloader) -> Delete on reboot.
OTL logfile created on: 11/04/2010 20:25:03 - Run 2
OTL by OldTimer - Version 3.2.1.1 Folder = C:\Documents and Settings\NC2400\Bureau
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy
2,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 77,00% Memory free
4,00 Gb Paging File | 3,00 Gb Available in Paging File | 91,00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 55,88 Gb Total Space | 25,29 Gb Free Space | 45,26% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: NC2400-245F5E96
Current User Name: NC2400
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
========== Processes (SafeList) ==========
PRC - C:\Documents and Settings\NC2400\Bureau\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
PRC - C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
PRC - C:\Program Files\Hewlett-Packard\IAM\Bin\asghost.exe (Cognizance Corporation)
PRC - C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\pthosttr.exe (Hewlett-Packard Development Company, L.P.)
PRC - C:\Program Files\Analog Devices\Core\smax4pnp.exe (Analog Devices, Inc.)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
========== Modules (SafeList) ==========
MOD - C:\Documents and Settings\NC2400\Bureau\OTL.exe (OldTimer Tools)
MOD - C:\WINDOWS\system32\APSHook.dll (Bioscrypt Inc.)
MOD - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll (Microsoft Corporation)
========== Win32 Services (SafeList) ==========
SRV - (AntiVirSchedulerService) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
SRV - (AntiVirService) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV - (maconfservice) -- C:\Program Files\ma-config.com\maconfservice.exe (CybelSoft)
SRV - (ASBroker) -- C:\Program Files\Hewlett-Packard\IAM\Bin\ASWLNPkg.dll (Cognizance Corporation)
SRV - (ASChannel) -- C:\Program Files\Hewlett-Packard\IAM\Bin\ASChnl.dll (Cognizance Corporation)
========== Driver Services (SafeList) ==========
DRV - (avgntflt) -- C:\WINDOWS\system32\drivers\avgntflt.sys (Avira GmbH)
DRV - (ssmdrv) -- C:\WINDOWS\system32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (driverhardwarev2) -- C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys (CybelSoft)
DRV - (avipbb) -- C:\WINDOWS\system32\drivers\avipbb.sys (Avira GmbH)
DRV - (avgio) -- C:\Program Files\Avira\AntiVir Desktop\avgio.sys (Avira GmbH)
DRV - (SynTP) -- C:\WINDOWS\system32\drivers\SynTP.sys (Synaptics, Inc.)
DRV - (ADIHdAudAddService) -- C:\WINDOWS\system32\drivers\ADIHdAud.sys (Analog Devices, Inc.)
DRV - (ATSWPDRV) AuthenTec TruePrint USB Driver (SwipeSensor) -- C:\WINDOWS\system32\drivers\atswpdrv.sys (AuthenTec, Inc.)
DRV - (Accelerometer) -- C:\WINDOWS\system32\drivers\Accelerometer.sys (Hewlett-Packard Corporation)
DRV - (hpdskflt) -- C:\WINDOWS\system32\DRIVERS\hpdskflt.sys (Hewlett-Packard Corporation)
DRV - (IFXTPM) -- C:\WINDOWS\system32\drivers\ifxtpm.sys (Infineon Technologies AG)
DRV - (HBtnKey) -- C:\WINDOWS\system32\drivers\CPQBttn.sys (Hewlett-Packard Development Company, L.P.)
DRV - (eabfiltr) -- C:\WINDOWS\system32\drivers\eabfiltr.sys (Hewlett-Packard Development Company, L.P.)
DRV - (eabusb) -- C:\WINDOWS\system32\drivers\EabUsb.sys (Hewlett-Packard Development Company, L.P.)
DRV - (w39n51) Intel(R) -- C:\WINDOWS\system32\drivers\w39n51.sys (Intel® Corporation)
DRV - (b57w2k) -- C:\WINDOWS\system32\drivers\b57xp32.sys (Broadcom Corporation)
DRV - (HSF_DPV) -- C:\WINDOWS\system32\drivers\HSF_DPV.sys (Conexant Systems, Inc.)
DRV - (winachsf) -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys (Conexant Systems, Inc.)
DRV - (HSFHWAZL) -- C:\WINDOWS\system32\drivers\HSFHWAZL.sys (Conexant Systems, Inc.)
DRV - (HDAudBus) -- C:\WINDOWS\system32\drivers\Hdaudbus.sys (Windows (R) Server 2003 DDK provider)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..extensions.enabledItems: {40a1f5d7-afc2-498f-b264-02668d616ff6}:1.1
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.9\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/04/05 10:42:48 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.9\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/04/05 10:42:48 | 000,000,000 | ---D | M]
[2010/01/29 16:59:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NC2400\Application Data\Mozilla\Extensions
[2010/04/11 19:58:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NC2400\Application Data\Mozilla\Firefox\Profiles\r63v6tv5.default\extensions
[2010/04/05 19:30:04 | 000,000,000 | ---D | M] (Mega Manager Integration) -- C:\Documents and Settings\NC2400\Application Data\Mozilla\Firefox\Profiles\r63v6tv5.default\extensions\{40a1f5d7-afc2-498f-b264-02668d616ff6}
[2010/01/29 17:46:27 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010/04/05 10:42:39 | 000,001,516 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazon-france.xml
[2010/04/05 10:42:39 | 000,001,822 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\cnrtl-tlfi-fr.xml
[2010/04/05 10:42:39 | 000,000,757 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay-france.xml
[2010/04/05 10:42:39 | 000,001,426 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-fr.xml
[2010/04/05 10:42:39 | 000,000,652 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo-france.xml
O1 HOSTS File: ([2004/08/19 19:38:32 | 000,000,790 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (IeMonitorBho Class) - {bf00e119-21a3-4fd1-b178-3b8537e75c92} - C:\Program Files\Megaupload\Mega Manager\MegaIEMn.dll (Megaupload Limited)
O2 - BHO: (Credential Manager for HP ProtectTools) - {DF21F1DB-80C6-11D3-9483-B03D0EC10000} - C:\Program Files\Hewlett-Packard\IAM\Bin\ItIEAddIn.dll (Bioscrypt Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [CognizanceTS] C:\Program Files\Hewlett-Packard\IAM\Bin\ASTSVCC.dll (Cognizance Corporation)
O4 - HKLM..\Run: [PTHOSTTR] C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\PTHOSTTR.EXE (Hewlett-Packard Development Company, L.P.)
O4 - HKLM..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe (Analog Devices, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Download Link Using Mega Manager... - C:\Program Files\Megaupload\Mega Manager\mm_file.htm ()
O16 - DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} http://h20270.www2.hp.com/ediags/gmn2/install/HPProduct... (GMNRev Class)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/shockwave/cabs/flash... (Shockwave Flash Object)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (APSHook.dll) - C:\WINDOWS\System32\APSHook.dll (Bioscrypt Inc.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\WINDOWS\System32\igfxdev.dll (Intel Corporation)
O20 - Winlogon\Notify\OneCard: DllName - C:\Program Files\Hewlett-Packard\IAM\Bin\ASWLNPkg.dll - C:\Program Files\Hewlett-Packard\IAM\Bin\ASWLNPkg.dll (Cognizance Corporation)
O24 - Desktop Components:0 (Ma page d'accueil) - About:Home
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Colline verdoyante.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Colline verdoyante.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010/01/29 17:22:31 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2010/04/11 19:51:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NC2400\Application Data\Malwarebytes
[2010/04/11 19:51:39 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010/04/11 19:51:35 | 000,020,824 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010/04/11 19:51:35 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010/04/11 19:51:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2010/04/11 19:50:18 | 005,918,776 | ---- | C] (Malwarebytes Corporation ) -- C:\Documents and Settings\NC2400\Bureau\mbam-setup.exe
[2010/04/11 19:02:02 | 000,561,664 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\NC2400\Bureau\OTL.exe
[2010/04/11 18:36:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\pss
[2010/04/11 00:18:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\Adobe
[2010/04/09 23:10:49 | 000,096,104 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avipbb.sys
[2010/04/09 23:10:49 | 000,056,816 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntflt.sys
[2010/04/09 23:10:49 | 000,045,416 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntdd.sys
[2010/04/09 23:10:49 | 000,022,360 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntmgr.sys
[2010/04/09 23:10:48 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\ssmdrv.sys
[2010/04/09 23:10:44 | 000,000,000 | ---D | C] -- C:\Program Files\Avira
[2010/04/09 23:10:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Avira
[2010/04/09 23:05:27 | 000,000,000 | ---D | C] -- C:\WINDOWS\CSC
[2010/04/05 23:21:03 | 000,000,000 | --SD | C] -- C:\Documents and Settings\NC2400\UserData
[2010/04/05 22:20:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NC2400\Application Data\WinRAR
[2010/04/05 22:20:16 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR
[2010/04/05 13:35:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NC2400\Mes documents\My Downloads
[2010/04/05 13:29:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NC2400\Application Data\Megaupload
[2010/04/05 13:28:02 | 000,000,000 | ---D | C] -- C:\Program Files\Megaupload
[2010/04/05 10:42:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NC2400\Local Settings\Application Data\Identities
[2010/04/04 15:49:28 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2010/04/03 16:47:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
[2010/04/03 16:34:56 | 000,000,000 | ---D | C] -- C:\WINDOWS\ServicePackFiles
[2010/03/30 11:00:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NC2400\Mes documents\Downloads
[2010/03/30 10:15:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Google
[2010/03/30 10:10:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Google
[2010/03/30 10:10:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NC2400\Local Settings\Application Data\Temp
[2010/03/30 10:10:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NC2400\Local Settings\Application Data\Google
[2010/03/30 10:10:24 | 000,000,000 | ---D | C] -- C:\Program Files\Google
[2010/03/30 10:09:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Alwil Software
[2010/03/30 10:07:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot_bak
[2010/03/30 10:03:19 | 000,272,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bthport.sys
[2010/03/30 10:02:47 | 000,453,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mrxsmb.sys
[2010/03/30 10:01:34 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\browserchoice.exe
[2010/03/30 10:00:56 | 002,059,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrnlpa.exe
[2010/03/30 10:00:55 | 002,017,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrpamp.exe
[2010/03/30 10:00:54 | 002,182,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntoskrnl.exe
[2010/03/30 10:00:51 | 002,138,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrnlmp.exe
[2010/03/29 21:33:42 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$MSI31Uninstall_KB893803v2$
[2010/03/29 21:33:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\PreInstall
[2010/03/29 21:33:11 | 000,018,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spmsg.dll
[2010/03/29 21:33:09 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$hf_mig$
[2010/03/29 21:22:52 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\SoftwareDistribution
[2010/03/26 02:27:11 | 000,006,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\splitter.sys
[2010/03/26 02:27:08 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wdmaud.sys
[2010/03/26 02:27:05 | 000,052,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dmusic.sys
[2010/03/26 02:26:58 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\swmidi.sys
[2010/03/26 02:26:55 | 000,142,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aec.sys
[2010/03/26 02:26:53 | 000,171,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kmixer.sys
[2010/03/26 02:26:51 | 000,002,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\drmkaud.sys
[2010/03/26 02:26:49 | 000,060,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sysaudio.sys
[2010/03/26 02:26:45 | 000,007,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mskssrv.sys
[2010/03/26 02:26:43 | 000,004,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mspqm.sys
[2010/03/26 02:26:40 | 000,005,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mspclock.sys
[2010/03/26 02:26:32 | 000,000,000 | ---D | C] -- C:\Program Files\CONEXANT
[2010/03/26 02:24:25 | 000,000,000 | ---D | C] -- C:\Program Files\Analog Devices
[2010/03/26 02:24:24 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ksuser.dll
[2010/03/26 02:24:24 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ksuser.dll
[2010/03/26 02:24:23 | 000,130,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ksproxy.ax
[2010/03/26 02:24:23 | 000,130,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ksproxy.ax
[2010/03/26 02:24:23 | 000,060,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\drmk.sys
[2010/03/26 02:24:23 | 000,060,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\drmk.sys
[2010/03/26 02:21:51 | 000,026,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spupdsvc.exe
[2010/03/26 02:13:18 | 000,000,000 | ---D | C] -- C:\Program Files\HP
[2010/03/26 02:13:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\Downloaded Installations
[2010/03/25 23:01:10 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ptpusb.dll
[2010/03/25 23:01:09 | 000,159,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ptpusd.dll
[2010/03/25 23:01:06 | 000,015,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbscan.sys
[2010/03/25 22:48:00 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mouhid.sys
[2010/03/25 22:47:51 | 000,009,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hidusb.sys
[2010/03/16 17:18:39 | 000,053,248 | ---- | C] (Windows XP Bundled build C-Centric Single User) -- C:\WINDOWS\System32\CSVer.dll
[2010/03/16 17:18:39 | 000,000,000 | ---D | C] -- C:\Program Files\Intel
[2010/03/16 17:18:39 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\DRVSTORE
[2010/03/16 17:15:50 | 000,000,000 | ---D | C] -- C:\Intel
[2010/01/29 17:29:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft
[2010/01/29 17:26:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft
[2010/01/29 17:22:27 | 000,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Application Data\Microsoft
[2010/01/29 17:22:27 | 000,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Application Data\Microsoft
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2010/04/11 20:25:00 | 000,001,054 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010/04/11 20:24:07 | 000,368,314 | ---- | M] () -- C:\WINDOWS\System32\perfh00C.dat
[2010/04/11 20:24:07 | 000,311,938 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010/04/11 20:24:07 | 000,049,054 | ---- | M] () -- C:\WINDOWS\System32\perfc00C.dat
[2010/04/11 20:24:07 | 000,040,326 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010/04/11 20:24:06 | 000,775,210 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010/04/11 20:19:40 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/04/11 20:19:19 | 000,001,050 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010/04/11 20:19:17 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/04/11 20:19:15 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/04/11 20:18:25 | 001,572,864 | -H-- | M] () -- C:\Documents and Settings\NC2400\NTUSER.DAT
[2010/04/11 20:18:19 | 000,000,184 | -HS- | M] () -- C:\Documents and Settings\NC2400\ntuser.ini
[2010/04/11 20:17:57 | 002,692,294 | -H-- | M] () -- C:\Documents and Settings\NC2400\Local Settings\Application Data\IconCache.db
[2010/04/11 19:51:42 | 000,000,696 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Malwarebytes' Anti-Malware.lnk
[2010/04/11 19:51:15 | 005,918,776 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\NC2400\Bureau\mbam-setup.exe
[2010/04/11 19:50:00 | 000,000,050 | ---- | M] () -- C:\WINDOWS\MegaManager.INI
[2010/04/11 19:02:11 | 000,561,664 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\NC2400\Bureau\OTL.exe
[2010/04/10 23:13:41 | 000,034,816 | ---- | M] () -- C:\Documents and Settings\NC2400\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/04/10 15:17:08 | 000,000,343 | ---- | M] () -- C:\Documents and Settings\NC2400\Bureau\Mes documents.lnk
[2010/04/10 14:29:49 | 000,056,816 | ---- | M] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntflt.sys
[2010/04/10 14:29:49 | 000,028,520 | ---- | M] (Avira GmbH) -- C:\WINDOWS\System32\drivers\ssmdrv.sys
[2010/04/09 23:11:08 | 000,001,707 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Avira AntiVir Control Center.lnk
[2010/04/09 23:06:31 | 000,003,072 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2010/04/07 22:58:39 | 000,001,891 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010/04/05 13:29:30 | 000,001,668 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Mega Manager.lnk
[2010/04/03 17:25:54 | 000,001,813 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Google Chrome.lnk
[2010/04/03 16:47:29 | 000,012,328 | ---- | M] () -- C:\Documents and Settings\NC2400\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2010/04/03 16:45:20 | 000,090,296 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/04/03 16:43:43 | 018,499,623 | ---- | M] () -- C:\Documents and Settings\NC2400\Mes documents\vlc-1.0.5-win32.exe
[2010/03/30 00:46:30 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010/03/30 00:45:52 | 000,020,824 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files Created - No Company Name ==========
[2010/04/11 19:51:42 | 000,000,696 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Malwarebytes' Anti-Malware.lnk
[2010/04/10 15:17:08 | 000,000,343 | ---- | C] () -- C:\Documents and Settings\NC2400\Bureau\Mes documents.lnk
[2010/04/09 23:11:08 | 000,001,707 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Avira AntiVir Control Center.lnk
[2010/04/05 13:48:19 | 000,000,050 | ---- | C] () -- C:\WINDOWS\MegaManager.INI
[2010/04/05 13:29:30 | 000,001,668 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Mega Manager.lnk
[2010/04/04 16:04:32 | 000,034,816 | ---- | C] () -- C:\Documents and Settings\NC2400\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/04/03 16:42:45 | 018,499,623 | ---- | C] () -- C:\Documents and Settings\NC2400\Mes documents\vlc-1.0.5-win32.exe
[2010/03/30 10:11:56 | 000,001,813 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Google Chrome.lnk
[2010/03/30 10:10:40 | 000,001,054 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010/03/30 10:10:39 | 000,001,050 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010/01/29 17:31:44 | 000,001,024 | -H-- | C] () -- C:\Documents and Settings\NC2400\ntuser.dat.LOG
[2010/01/29 17:31:44 | 000,000,184 | -HS- | C] () -- C:\Documents and Settings\NC2400\ntuser.ini
[2010/01/29 17:31:42 | 001,572,864 | -H-- | C] () -- C:\Documents and Settings\NC2400\NTUSER.DAT
[2004/08/19 19:46:32 | 000,027,440 | ---- | C] () -- C:\WINDOWS\System32\drivers\secdrv.sys
[1998/05/07 03:10:00 | 000,069,632 | R--- | C] () -- C:\WINDOWS\System32\ODMA32.dll
========== LOP Check ==========
[2010/03/30 10:09:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Alwil Software
[2010/03/16 17:11:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ma-config.com
[2010/04/05 13:29:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NC2400\Application Data\Megaupload
========== Purity Check ==========
< End of report >
OTL by OldTimer - Version 3.2.1.1 Folder = C:\Documents and Settings\NC2400\Bureau
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy
2,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 77,00% Memory free
4,00 Gb Paging File | 3,00 Gb Available in Paging File | 91,00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 55,88 Gb Total Space | 25,29 Gb Free Space | 45,26% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: NC2400-245F5E96
Current User Name: NC2400
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
========== Processes (SafeList) ==========
PRC - C:\Documents and Settings\NC2400\Bureau\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
PRC - C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
PRC - C:\Program Files\Hewlett-Packard\IAM\Bin\asghost.exe (Cognizance Corporation)
PRC - C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\pthosttr.exe (Hewlett-Packard Development Company, L.P.)
PRC - C:\Program Files\Analog Devices\Core\smax4pnp.exe (Analog Devices, Inc.)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
========== Modules (SafeList) ==========
MOD - C:\Documents and Settings\NC2400\Bureau\OTL.exe (OldTimer Tools)
MOD - C:\WINDOWS\system32\APSHook.dll (Bioscrypt Inc.)
MOD - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll (Microsoft Corporation)
========== Win32 Services (SafeList) ==========
SRV - (AntiVirSchedulerService) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
SRV - (AntiVirService) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV - (maconfservice) -- C:\Program Files\ma-config.com\maconfservice.exe (CybelSoft)
SRV - (ASBroker) -- C:\Program Files\Hewlett-Packard\IAM\Bin\ASWLNPkg.dll (Cognizance Corporation)
SRV - (ASChannel) -- C:\Program Files\Hewlett-Packard\IAM\Bin\ASChnl.dll (Cognizance Corporation)
========== Driver Services (SafeList) ==========
DRV - (avgntflt) -- C:\WINDOWS\system32\drivers\avgntflt.sys (Avira GmbH)
DRV - (ssmdrv) -- C:\WINDOWS\system32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (driverhardwarev2) -- C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys (CybelSoft)
DRV - (avipbb) -- C:\WINDOWS\system32\drivers\avipbb.sys (Avira GmbH)
DRV - (avgio) -- C:\Program Files\Avira\AntiVir Desktop\avgio.sys (Avira GmbH)
DRV - (SynTP) -- C:\WINDOWS\system32\drivers\SynTP.sys (Synaptics, Inc.)
DRV - (ADIHdAudAddService) -- C:\WINDOWS\system32\drivers\ADIHdAud.sys (Analog Devices, Inc.)
DRV - (ATSWPDRV) AuthenTec TruePrint USB Driver (SwipeSensor) -- C:\WINDOWS\system32\drivers\atswpdrv.sys (AuthenTec, Inc.)
DRV - (Accelerometer) -- C:\WINDOWS\system32\drivers\Accelerometer.sys (Hewlett-Packard Corporation)
DRV - (hpdskflt) -- C:\WINDOWS\system32\DRIVERS\hpdskflt.sys (Hewlett-Packard Corporation)
DRV - (IFXTPM) -- C:\WINDOWS\system32\drivers\ifxtpm.sys (Infineon Technologies AG)
DRV - (HBtnKey) -- C:\WINDOWS\system32\drivers\CPQBttn.sys (Hewlett-Packard Development Company, L.P.)
DRV - (eabfiltr) -- C:\WINDOWS\system32\drivers\eabfiltr.sys (Hewlett-Packard Development Company, L.P.)
DRV - (eabusb) -- C:\WINDOWS\system32\drivers\EabUsb.sys (Hewlett-Packard Development Company, L.P.)
DRV - (w39n51) Intel(R) -- C:\WINDOWS\system32\drivers\w39n51.sys (Intel® Corporation)
DRV - (b57w2k) -- C:\WINDOWS\system32\drivers\b57xp32.sys (Broadcom Corporation)
DRV - (HSF_DPV) -- C:\WINDOWS\system32\drivers\HSF_DPV.sys (Conexant Systems, Inc.)
DRV - (winachsf) -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys (Conexant Systems, Inc.)
DRV - (HSFHWAZL) -- C:\WINDOWS\system32\drivers\HSFHWAZL.sys (Conexant Systems, Inc.)
DRV - (HDAudBus) -- C:\WINDOWS\system32\drivers\Hdaudbus.sys (Windows (R) Server 2003 DDK provider)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..extensions.enabledItems: {40a1f5d7-afc2-498f-b264-02668d616ff6}:1.1
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.9\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/04/05 10:42:48 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.9\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/04/05 10:42:48 | 000,000,000 | ---D | M]
[2010/01/29 16:59:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NC2400\Application Data\Mozilla\Extensions
[2010/04/11 19:58:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NC2400\Application Data\Mozilla\Firefox\Profiles\r63v6tv5.default\extensions
[2010/04/05 19:30:04 | 000,000,000 | ---D | M] (Mega Manager Integration) -- C:\Documents and Settings\NC2400\Application Data\Mozilla\Firefox\Profiles\r63v6tv5.default\extensions\{40a1f5d7-afc2-498f-b264-02668d616ff6}
[2010/01/29 17:46:27 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010/04/05 10:42:39 | 000,001,516 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazon-france.xml
[2010/04/05 10:42:39 | 000,001,822 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\cnrtl-tlfi-fr.xml
[2010/04/05 10:42:39 | 000,000,757 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay-france.xml
[2010/04/05 10:42:39 | 000,001,426 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-fr.xml
[2010/04/05 10:42:39 | 000,000,652 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo-france.xml
O1 HOSTS File: ([2004/08/19 19:38:32 | 000,000,790 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (IeMonitorBho Class) - {bf00e119-21a3-4fd1-b178-3b8537e75c92} - C:\Program Files\Megaupload\Mega Manager\MegaIEMn.dll (Megaupload Limited)
O2 - BHO: (Credential Manager for HP ProtectTools) - {DF21F1DB-80C6-11D3-9483-B03D0EC10000} - C:\Program Files\Hewlett-Packard\IAM\Bin\ItIEAddIn.dll (Bioscrypt Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [CognizanceTS] C:\Program Files\Hewlett-Packard\IAM\Bin\ASTSVCC.dll (Cognizance Corporation)
O4 - HKLM..\Run: [PTHOSTTR] C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\PTHOSTTR.EXE (Hewlett-Packard Development Company, L.P.)
O4 - HKLM..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe (Analog Devices, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Download Link Using Mega Manager... - C:\Program Files\Megaupload\Mega Manager\mm_file.htm ()
O16 - DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} http://h20270.www2.hp.com/ediags/gmn2/install/HPProduct... (GMNRev Class)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/shockwave/cabs/flash... (Shockwave Flash Object)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (APSHook.dll) - C:\WINDOWS\System32\APSHook.dll (Bioscrypt Inc.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\WINDOWS\System32\igfxdev.dll (Intel Corporation)
O20 - Winlogon\Notify\OneCard: DllName - C:\Program Files\Hewlett-Packard\IAM\Bin\ASWLNPkg.dll - C:\Program Files\Hewlett-Packard\IAM\Bin\ASWLNPkg.dll (Cognizance Corporation)
O24 - Desktop Components:0 (Ma page d'accueil) - About:Home
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Colline verdoyante.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Colline verdoyante.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010/01/29 17:22:31 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2010/04/11 19:51:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NC2400\Application Data\Malwarebytes
[2010/04/11 19:51:39 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010/04/11 19:51:35 | 000,020,824 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010/04/11 19:51:35 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010/04/11 19:51:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2010/04/11 19:50:18 | 005,918,776 | ---- | C] (Malwarebytes Corporation ) -- C:\Documents and Settings\NC2400\Bureau\mbam-setup.exe
[2010/04/11 19:02:02 | 000,561,664 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\NC2400\Bureau\OTL.exe
[2010/04/11 18:36:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\pss
[2010/04/11 00:18:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\Adobe
[2010/04/09 23:10:49 | 000,096,104 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avipbb.sys
[2010/04/09 23:10:49 | 000,056,816 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntflt.sys
[2010/04/09 23:10:49 | 000,045,416 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntdd.sys
[2010/04/09 23:10:49 | 000,022,360 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntmgr.sys
[2010/04/09 23:10:48 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\ssmdrv.sys
[2010/04/09 23:10:44 | 000,000,000 | ---D | C] -- C:\Program Files\Avira
[2010/04/09 23:10:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Avira
[2010/04/09 23:05:27 | 000,000,000 | ---D | C] -- C:\WINDOWS\CSC
[2010/04/05 23:21:03 | 000,000,000 | --SD | C] -- C:\Documents and Settings\NC2400\UserData
[2010/04/05 22:20:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NC2400\Application Data\WinRAR
[2010/04/05 22:20:16 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR
[2010/04/05 13:35:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NC2400\Mes documents\My Downloads
[2010/04/05 13:29:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NC2400\Application Data\Megaupload
[2010/04/05 13:28:02 | 000,000,000 | ---D | C] -- C:\Program Files\Megaupload
[2010/04/05 10:42:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NC2400\Local Settings\Application Data\Identities
[2010/04/04 15:49:28 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2010/04/03 16:47:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
[2010/04/03 16:34:56 | 000,000,000 | ---D | C] -- C:\WINDOWS\ServicePackFiles
[2010/03/30 11:00:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NC2400\Mes documents\Downloads
[2010/03/30 10:15:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Google
[2010/03/30 10:10:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Google
[2010/03/30 10:10:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NC2400\Local Settings\Application Data\Temp
[2010/03/30 10:10:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NC2400\Local Settings\Application Data\Google
[2010/03/30 10:10:24 | 000,000,000 | ---D | C] -- C:\Program Files\Google
[2010/03/30 10:09:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Alwil Software
[2010/03/30 10:07:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot_bak
[2010/03/30 10:03:19 | 000,272,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bthport.sys
[2010/03/30 10:02:47 | 000,453,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mrxsmb.sys
[2010/03/30 10:01:34 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\browserchoice.exe
[2010/03/30 10:00:56 | 002,059,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrnlpa.exe
[2010/03/30 10:00:55 | 002,017,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrpamp.exe
[2010/03/30 10:00:54 | 002,182,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntoskrnl.exe
[2010/03/30 10:00:51 | 002,138,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrnlmp.exe
[2010/03/29 21:33:42 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$MSI31Uninstall_KB893803v2$
[2010/03/29 21:33:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\PreInstall
[2010/03/29 21:33:11 | 000,018,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spmsg.dll
[2010/03/29 21:33:09 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$hf_mig$
[2010/03/29 21:22:52 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\SoftwareDistribution
[2010/03/26 02:27:11 | 000,006,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\splitter.sys
[2010/03/26 02:27:08 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wdmaud.sys
[2010/03/26 02:27:05 | 000,052,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dmusic.sys
[2010/03/26 02:26:58 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\swmidi.sys
[2010/03/26 02:26:55 | 000,142,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aec.sys
[2010/03/26 02:26:53 | 000,171,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kmixer.sys
[2010/03/26 02:26:51 | 000,002,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\drmkaud.sys
[2010/03/26 02:26:49 | 000,060,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sysaudio.sys
[2010/03/26 02:26:45 | 000,007,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mskssrv.sys
[2010/03/26 02:26:43 | 000,004,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mspqm.sys
[2010/03/26 02:26:40 | 000,005,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mspclock.sys
[2010/03/26 02:26:32 | 000,000,000 | ---D | C] -- C:\Program Files\CONEXANT
[2010/03/26 02:24:25 | 000,000,000 | ---D | C] -- C:\Program Files\Analog Devices
[2010/03/26 02:24:24 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ksuser.dll
[2010/03/26 02:24:24 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ksuser.dll
[2010/03/26 02:24:23 | 000,130,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ksproxy.ax
[2010/03/26 02:24:23 | 000,130,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ksproxy.ax
[2010/03/26 02:24:23 | 000,060,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\drmk.sys
[2010/03/26 02:24:23 | 000,060,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\drmk.sys
[2010/03/26 02:21:51 | 000,026,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spupdsvc.exe
[2010/03/26 02:13:18 | 000,000,000 | ---D | C] -- C:\Program Files\HP
[2010/03/26 02:13:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\Downloaded Installations
[2010/03/25 23:01:10 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ptpusb.dll
[2010/03/25 23:01:09 | 000,159,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ptpusd.dll
[2010/03/25 23:01:06 | 000,015,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbscan.sys
[2010/03/25 22:48:00 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mouhid.sys
[2010/03/25 22:47:51 | 000,009,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hidusb.sys
[2010/03/16 17:18:39 | 000,053,248 | ---- | C] (Windows XP Bundled build C-Centric Single User) -- C:\WINDOWS\System32\CSVer.dll
[2010/03/16 17:18:39 | 000,000,000 | ---D | C] -- C:\Program Files\Intel
[2010/03/16 17:18:39 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\DRVSTORE
[2010/03/16 17:15:50 | 000,000,000 | ---D | C] -- C:\Intel
[2010/01/29 17:29:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft
[2010/01/29 17:26:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft
[2010/01/29 17:22:27 | 000,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Application Data\Microsoft
[2010/01/29 17:22:27 | 000,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Application Data\Microsoft
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2010/04/11 20:25:00 | 000,001,054 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010/04/11 20:24:07 | 000,368,314 | ---- | M] () -- C:\WINDOWS\System32\perfh00C.dat
[2010/04/11 20:24:07 | 000,311,938 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010/04/11 20:24:07 | 000,049,054 | ---- | M] () -- C:\WINDOWS\System32\perfc00C.dat
[2010/04/11 20:24:07 | 000,040,326 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010/04/11 20:24:06 | 000,775,210 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010/04/11 20:19:40 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/04/11 20:19:19 | 000,001,050 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010/04/11 20:19:17 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/04/11 20:19:15 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/04/11 20:18:25 | 001,572,864 | -H-- | M] () -- C:\Documents and Settings\NC2400\NTUSER.DAT
[2010/04/11 20:18:19 | 000,000,184 | -HS- | M] () -- C:\Documents and Settings\NC2400\ntuser.ini
[2010/04/11 20:17:57 | 002,692,294 | -H-- | M] () -- C:\Documents and Settings\NC2400\Local Settings\Application Data\IconCache.db
[2010/04/11 19:51:42 | 000,000,696 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Malwarebytes' Anti-Malware.lnk
[2010/04/11 19:51:15 | 005,918,776 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\NC2400\Bureau\mbam-setup.exe
[2010/04/11 19:50:00 | 000,000,050 | ---- | M] () -- C:\WINDOWS\MegaManager.INI
[2010/04/11 19:02:11 | 000,561,664 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\NC2400\Bureau\OTL.exe
[2010/04/10 23:13:41 | 000,034,816 | ---- | M] () -- C:\Documents and Settings\NC2400\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/04/10 15:17:08 | 000,000,343 | ---- | M] () -- C:\Documents and Settings\NC2400\Bureau\Mes documents.lnk
[2010/04/10 14:29:49 | 000,056,816 | ---- | M] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntflt.sys
[2010/04/10 14:29:49 | 000,028,520 | ---- | M] (Avira GmbH) -- C:\WINDOWS\System32\drivers\ssmdrv.sys
[2010/04/09 23:11:08 | 000,001,707 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Avira AntiVir Control Center.lnk
[2010/04/09 23:06:31 | 000,003,072 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2010/04/07 22:58:39 | 000,001,891 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010/04/05 13:29:30 | 000,001,668 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Mega Manager.lnk
[2010/04/03 17:25:54 | 000,001,813 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Google Chrome.lnk
[2010/04/03 16:47:29 | 000,012,328 | ---- | M] () -- C:\Documents and Settings\NC2400\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2010/04/03 16:45:20 | 000,090,296 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/04/03 16:43:43 | 018,499,623 | ---- | M] () -- C:\Documents and Settings\NC2400\Mes documents\vlc-1.0.5-win32.exe
[2010/03/30 00:46:30 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010/03/30 00:45:52 | 000,020,824 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files Created - No Company Name ==========
[2010/04/11 19:51:42 | 000,000,696 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Malwarebytes' Anti-Malware.lnk
[2010/04/10 15:17:08 | 000,000,343 | ---- | C] () -- C:\Documents and Settings\NC2400\Bureau\Mes documents.lnk
[2010/04/09 23:11:08 | 000,001,707 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Avira AntiVir Control Center.lnk
[2010/04/05 13:48:19 | 000,000,050 | ---- | C] () -- C:\WINDOWS\MegaManager.INI
[2010/04/05 13:29:30 | 000,001,668 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Mega Manager.lnk
[2010/04/04 16:04:32 | 000,034,816 | ---- | C] () -- C:\Documents and Settings\NC2400\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/04/03 16:42:45 | 018,499,623 | ---- | C] () -- C:\Documents and Settings\NC2400\Mes documents\vlc-1.0.5-win32.exe
[2010/03/30 10:11:56 | 000,001,813 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Google Chrome.lnk
[2010/03/30 10:10:40 | 000,001,054 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010/03/30 10:10:39 | 000,001,050 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010/01/29 17:31:44 | 000,001,024 | -H-- | C] () -- C:\Documents and Settings\NC2400\ntuser.dat.LOG
[2010/01/29 17:31:44 | 000,000,184 | -HS- | C] () -- C:\Documents and Settings\NC2400\ntuser.ini
[2010/01/29 17:31:42 | 001,572,864 | -H-- | C] () -- C:\Documents and Settings\NC2400\NTUSER.DAT
[2004/08/19 19:46:32 | 000,027,440 | ---- | C] () -- C:\WINDOWS\System32\drivers\secdrv.sys
[1998/05/07 03:10:00 | 000,069,632 | R--- | C] () -- C:\WINDOWS\System32\ODMA32.dll
========== LOP Check ==========
[2010/03/30 10:09:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Alwil Software
[2010/03/16 17:11:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ma-config.com
[2010/04/05 13:29:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NC2400\Application Data\Megaupload
========== Purity Check ==========
< End of report >
1/
Télécharge ToolsCleaner2 sur ton Bureau.
Double-clique sur ToolsCleaner2.exe pour le lancer.
Clique sur Recherche et laisse le scan agir.
Clique sur Suppression pour finaliser.
Tu peux, si tu le souhaites, te servir des Options Facultatives.
Clique sur Quitter pour obtenir le rapport.
Poste le rapport (TCleaner.txt) qui se trouve à la racine de ton disque dur (C:\).
2/
Télécharge et installe CCleaner (N'installe pas la Yahoo! Toolbar).
Lance-le. Va dans Options puis Avancé et décoche la case Effacer uniquement les fichiers etc....
Va dans Nettoyeur, choisis Analyse. Une fois terminé, lance le nettoyage.
3/
Il est nécessaire de désactiver puis réactiver la restauration système pour la purger.
==Prévention==
Pour supprimer les popups d'AntiVir : Lien
Conserve MBAM. Il te servira à scanner les fichiers douteux en complément de l'antivirus et scanne le disque dur régulièrement.
Vérifie que les mises à jour automatiques sont bien activées (Menu Démarrer, clique droit sur Poste de travail, Propriétés, onglet Mises à jour automatiques).
Par rapport au P2P : Lien
Voici un dossier complet (A lire avec Adobe Reader ou Foxit Reader) : Lien
==Problème résolu ?==
--> Si tu estimes que ton problème est résolu, ajoute [Résolu] au titre. Pour cela :
Clique, dans ton premier message, sur le bouton Editer ![]()
.
Ajoute la mention [Résolu] devant le titre.
Clique ensuite sur Valider votre message.
Sois plus vigilant(e) sur Internet![;)]( ";)")
2/
3/
==Prévention==
Pour supprimer les popups d'AntiVir : Lien
Conserve MBAM. Il te servira à scanner les fichiers douteux en complément de l'antivirus et scanne le disque dur régulièrement.
Vérifie que les mises à jour automatiques sont bien activées (Menu Démarrer, clique droit sur Poste de travail, Propriétés, onglet Mises à jour automatiques).
Par rapport au P2P : Lien
Voici un dossier complet (A lire avec Adobe Reader ou Foxit Reader) : Lien
==Problème résolu ?==
--> Si tu estimes que ton problème est résolu, ajoute [Résolu] au titre. Pour cela :
.Sois plus vigilant(e) sur Internet
Lassé par la pub ? Créez un compte
- Contenus similaires :
- solutionsVirus qui modifie mes fichier dll
- ForumVirus fichier dll system32
- ForumVirus win32 vundo dll trj
- ForumVirus dans le volume et dll introuvable
- ForumProbleme de virus trojan et dll
- ForumVirus une dll infectee par adware.virtumond
- ForumVirus accroche sur fichier dll
- ForumVirus infecte par stealthsws114.h dll
- ForumVirus .dll
- ForumProbleme avec un virus spam .dll
- Voir plus
