Mon pc est infecté par des page de pubs non désirées

Sécurité et insécurité. Virus, Trojans, Spywares, Failles etc. …

Modérateur: Modérateurs et Modératrices

Règles du forum
Assiste.com a suspendu l'assistance à la décontamination après presque 15 ans sur l'ancien forum puis celui-ci. Voir :

Procédure de décontamination 1 - Anti-malware
Décontamination anti-malwares

Procédure de décontamination 2 - Anti-malware et antivirus (La Manip)
La Manip - Procédure standard de décontamination

Entretien périodique d'un PC sous Windows
Entretien périodique d'un PC sous Windows

Protection des navigateurs, de la navigation et de la vie privée
Protéger le navigateur, la navigation et la vie privée

Mon pc est infecté par des page de pubs non désirées

Messagede jean06 » 17 Mar 2011, 15:34

Bonjour ,
J'ai en permanence des pages de pubs qui s'affichent lorsque je surf sur internet avec une mention en haut a gauche " AD TO SHIP " .
J'ai tout essayé ..SPYBOT ,Malwarebytes,AD-R, en plus j'ai avast sur mon poste comme anti virus
J'ai donc passé une analyse OTL et j'ai les fichiers de sortie d'analyse .Qui peut m'aider ?
Merci
jean06
 
Messages: 2
Inscription: 17 Mar 2011, 15:19

Re: Mon pc est infecté par des page de pubs non désirées

Messagede nickW » 18 Mar 2011, 01:51

Bonsoir,

Tant que tu n'enverras pas les rapports de MBAM et OTL sur le forum, je ne pourrai pas établir de diagnostic!


Il faut cliquer sur le bouton "Répondre" Image pour continuer dans ce fil de discussion et envoyer un seul rapport par nouveau message.

A suivre,
nickW - Image
30/07/2012: Plus de désinfection de PC jusqu'à nouvel ordre.
Pas de demande d'analyse de log en MP (Message Privé)
Mes configs
Avatar de l’utilisateur
nickW
Modérateur
 
Messages: 21698
Inscription: 20 Mai 2004, 17:41
Localisation: Dordogne/Île de France

Re: Mon pc est infecté par des page de pubs non désirées

Messagede jean06 » 20 Mar 2011, 17:54

Bonsoir,
Voici les rapports
Je vous remercie
****************************************************************************************
****************************************************************************************
Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Version de la base de données: 6084

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

17/03/2011 17:29:26
mbam-log-2011-03-17 (17-29-26).txt

Type d'examen: Examen complet (A:\|C:\|D:\|E:\|F:\|)
Elément(s) analysé(s): 255686
Temps écoulé: 1 heure(s), 42 minute(s), 54 seconde(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 0

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
(Aucun élément nuisible détecté)
********************************************************************************************
*******************************************************************************************
OTL logfile created on: 17/03/2011 15:13:44 - Run 4
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Documents and Settings\JeanPierre\Mes documents\Téléchargements
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 72,00% Memory free
4,00 Gb Paging File | 3,00 Gb Available in Paging File | 90,00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 114,49 Gb Total Space | 61,20 Gb Free Space | 53,46% Space Free | Partition Type: NTFS
Drive F: | 247,72 Mb Total Space | 82,95 Mb Free Space | 33,49% Space Free | Partition Type: FAT

Computer Name: JEAN-PIERRE | User Name: JeanPierre | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Documents and Settings\JeanPierre\Mes documents\Téléchargements\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files\Alwil Software\Avast5\AvastUI.exe (AVAST Software)
PRC - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (AVAST Software)
PRC - C:\Program Files\Alwil Software\Avast5\afwServ.exe (AVAST Software)
PRC - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
PRC - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe (TomTom)
PRC - C:\WINDOWS\system32\TUProgSt.exe (TuneUp Software)
PRC - C:\WINDOWS\system32\slserv.exe (Smart Link)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe (Acronis)
PRC - C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe (Cisco Systems, Inc.)
PRC - C:\apps\ABOARD\ABOARD.EXE (NEC Computers International)
PRC - C:\apps\ABOARD\AOSD.EXE (NEC Computers International)


========== Modules (SafeList) ==========

MOD - C:\Documents and Settings\JeanPierre\Mes documents\Téléchargements\OTL.exe (OldTimer Tools)
MOD - C:\Program Files\Alwil Software\Avast5\snxhk.dll (AVAST Software)
MOD - C:\Program Files\Alwil Software\Avast5\ashShell.dll (AVAST Software)
MOD - C:\WINDOWS\system32\odbc32.dll (Microsoft Corporation)
MOD - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll (Microsoft Corporation)
MOD - C:\WINDOWS\system32\WMVCore.dll (Microsoft Corporation)
MOD - C:\WINDOWS\system32\LMIRfsClientNP.dll (LogMeIn, Inc.)
MOD - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6001.22319_x-ww_f0b4c2df\GdiPlus.dll (Microsoft Corporation)
MOD - C:\WINDOWS\system32\winsta.dll (Microsoft Corporation)
MOD - C:\WINDOWS\system32\sti.dll (Microsoft Corporation)
MOD - C:\WINDOWS\system32\shgina.dll (Microsoft Corporation)
MOD - C:\WINDOWS\system32\ntlanman.dll (Microsoft Corporation)
MOD - C:\WINDOWS\system32\netui1.dll (Microsoft Corporation)
MOD - C:\WINDOWS\system32\netui0.dll (Microsoft Corporation)
MOD - C:\WINDOWS\system32\netrap.dll (Microsoft Corporation)
MOD - C:\WINDOWS\system32\msgina.dll (Microsoft Corporation)
MOD - C:\WINDOWS\system32\mlang.dll (Microsoft Corporation)
MOD - C:\WINDOWS\system32\drprov.dll (Microsoft Corporation)
MOD - C:\WINDOWS\system32\davclnt.dll (Microsoft Corporation)
MOD - C:\WINDOWS\system32\wmasf.dll (Microsoft Corporation)
MOD - C:\WINDOWS\system32\odbcint.dll (Microsoft Corporation)
MOD - C:\WINDOWS\system32\PortableDeviceApi.dll (Microsoft Corporation)
MOD - C:\WINDOWS\system32\framedyn.dll (Microsoft Corporation)
MOD - C:\WINDOWS\system32\serwvdrv.dll (Microsoft Corporation)
MOD - C:\WINDOWS\system32\umdmxfrm.dll (Microsoft Corporation)


========== Win32 Services (SafeList) ==========

SRV - (HidServ) -- File not found
SRV - (avast! Antivirus) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (AVAST Software)
SRV - (avast! Firewall) -- C:\Program Files\Alwil Software\Avast5\afwServ.exe (AVAST Software)
SRV - (MBAMService) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (TomTomHOMEService) -- C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe (TomTom)
SRV - (maconfservice) -- C:\Program Files\ma-config.com\maconfservice.exe (CybelSoft)
SRV - (TuneUp.ProgramStatisticsSvc) -- C:\WINDOWS\system32\TUProgSt.exe (TuneUp Software)
SRV - (TuneUp.Defrag) -- C:\WINDOWS\system32\TuneUpDefragService.exe (TuneUp Software)
SRV - (UxTuneUp) -- C:\WINDOWS\system32\uxtuneup.dll (TuneUp Software)
SRV - (odserv) -- C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\ODSERV.EXE (Microsoft Corporation)
SRV - (SLService) -- C:\WINDOWS\System32\slserv.exe (Smart Link)
SRV - (ProtexisLicensing) -- C:\WINDOWS\system32\PSIService.exe ()
SRV - (ose) -- C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation)
SRV - (AcrSch2Svc) -- C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe (Acronis)
SRV - (CVPND) -- C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe (Cisco Systems, Inc.)


========== Driver Services (SafeList) ==========

DRV - (aswFW) -- C:\WINDOWS\System32\drivers\aswFW.sys (AVAST Software)
DRV - (aswSnx) -- C:\WINDOWS\System32\drivers\aswSnx.sys (AVAST Software)
DRV - (aswSP) -- C:\WINDOWS\System32\drivers\aswSP.sys (AVAST Software)
DRV - (aswNdis2) -- C:\WINDOWS\System32\drivers\aswNdis2.sys (AVAST Software)
DRV - (aswTdi) -- C:\WINDOWS\System32\drivers\aswTdi.sys (AVAST Software)
DRV - (aswMon2) -- C:\WINDOWS\System32\drivers\aswmon2.sys (AVAST Software)
DRV - (aswRdr) -- C:\WINDOWS\System32\drivers\aswRdr.sys (AVAST Software)
DRV - (Aavmker4) -- C:\WINDOWS\System32\drivers\aavmker4.sys (AVAST Software)
DRV - (aswFsBlk) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys (AVAST Software)
DRV - (aswNdis) -- C:\WINDOWS\system32\DRIVERS\aswNdis.sys (ALWIL Software)
DRV - (MBAMProtector) -- C:\WINDOWS\system32\drivers\mbam.sys (Malwarebytes Corporation)
DRV - (driverhardwarev2) -- C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys (CybelSoft)
DRV - (LMIRfsClientNP) -- C:\WINDOWS\System32\LMIRfsClientNP.dll (LogMeIn, Inc.)
DRV - (StarOpen) -- C:\WINDOWS\System32\drivers\StarOpen.sys ()
DRV - (tifsfilter) -- C:\WINDOWS\system32\drivers\tifsfilt.sys (Acronis)
DRV - (timounter) -- C:\WINDOWS\system32\DRIVERS\timntr.sys (Acronis)
DRV - (snapman) -- C:\WINDOWS\system32\DRIVERS\snapman.sys (Acronis)
DRV - (LMIRfsDriver) -- C:\WINDOWS\system32\drivers\LMIRfsDriver.sys (LogMeIn, Inc.)
DRV - (pavboot) -- C:\WINDOWS\system32\drivers\pavboot.sys (Panda Security, S.L.)
DRV - (ati2mtag) -- C:\WINDOWS\system32\drivers\ati2mtag.sys (ATI Technologies Inc.)
DRV - (ssm_mdm) -- C:\WINDOWS\system32\drivers\ssm_mdm.sys (MCCI)
DRV - (ssm_mdfl) -- C:\WINDOWS\system32\drivers\ssm_mdfl.sys (MCCI)
DRV - (ssm_bus) SAMSUNG Mobile USB Device II 1.0 driver (WDM) -- C:\WINDOWS\system32\drivers\ssm_bus.sys (MCCI)
DRV - (SlNtHal) -- C:\WINDOWS\system32\drivers\slnthal.sys (Smart Link)
DRV - (SlWdmSup) -- C:\WINDOWS\system32\drivers\slwdmsup.sys (Smart Link)
DRV - (Slntamr) -- C:\WINDOWS\system32\drivers\slntamr.sys (Smart Link)
DRV - (NtMtlFax) -- C:\WINDOWS\system32\drivers\ntmtlfax.sys (Smart Link)
DRV - (Mtlmnt5) -- C:\WINDOWS\system32\drivers\mtlmnt5.sys (Smart Link)
DRV - (RecAgent) -- C:\WINDOWS\system32\DRIVERS\RecAgent.sys (Smart Link)
DRV - (Mtlstrm) -- C:\WINDOWS\system32\drivers\mtlstrm.sys (Smart Link)
DRV - (rtl8139) Pilote NT de carte Realtek PCI Fast Ethernet à base RTL8139(A/B/C) -- C:\WINDOWS\system32\drivers\RTL8139.sys (Realtek Semiconductor Corporation)
DRV - (CVPNDRVA) -- C:\WINDOWS\system32\drivers\CVPNDRVA.sys (Cisco Systems, Inc.)
DRV - (ALCXWDM) Service for Realtek AC97 Audio (WDM) -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS (Realtek Semiconductor Corp.)
DRV - (ALCXSENS) -- C:\WINDOWS\system32\drivers\ALCXSENS.SYS (Sensaura)
DRV - (ASAPIW2k) -- C:\WINDOWS\system32\drivers\asapiW2k.sys (Pinnacle Systems GmbH)
DRV - (pfc) -- C:\WINDOWS\system32\drivers\pfc.sys (Padus, Inc.)
DRV - (vsdatant) -- C:\WINDOWS\system32\vsdatant.sys (Zone Labs Inc.)
DRV - (DNE) -- C:\WINDOWS\system32\drivers\dne2000.sys (Deterministic Networks, Inc.)
DRV - (CVirtA) -- C:\WINDOWS\system32\drivers\CVirtA.sys (Cisco Systems, Inc.)
DRV - (as6eio) -- C:\WINDOWS\System32\drivers\as6eio.SYS ()


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-1177238915-1220945662-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.aliceadsl.fr/
IE - HKU\S-1-5-21-1177238915-1220945662-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1177238915-1220945662-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "AutoConfigURL" = https://netscop01.com/pacnetscop.php?RECALL=

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://www.aliceadsl.fr/"
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {71328583-3CA7-4809-B4BA-570A85818FBB}:0.6.3
FF - prefs.js..extensions.enabledItems: {602694e0-af95-c67b-9b42-1bf53ba82147}:4.6.7.4
FF - prefs.js..extensions.enabledItems: testpilot@labs.mozilla.com:1.0.6
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.3
FF - prefs.js..network.proxy.autoconfig_url: "https://netscop01.com/pacnetscop.php?RECALL="
FF - prefs.js..network.proxy.type: 0


FF - HKLM\software\mozilla\Mozilla Firefox 3.6.15\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/03/11 18:32:22 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.15\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/03/09 07:03:28 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird

[2009/10/24 10:23:34 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\JeanPierre\Application Data\Mozilla\Extensions
[2008/12/08 20:28:39 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\JeanPierre\Application Data\Mozilla\Extensions\home2@tomtom.com
[2011/03/16 21:30:38 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\JeanPierre\Application Data\Mozilla\Firefox\Profiles\uy498t83.default\extensions
[2010/10/20 09:57:14 | 000,000,000 | ---D | M] (CacheViewer) -- C:\Documents and Settings\JeanPierre\Application Data\Mozilla\Firefox\Profiles\uy498t83.default\extensions\{71328583-3CA7-4809-B4BA-570A85818FBB}
[2011/03/02 08:56:36 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Documents and Settings\JeanPierre\Application Data\Mozilla\Firefox\Profiles\uy498t83.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2011/02/28 18:45:21 | 000,000,000 | ---D | M] (Feedback) -- C:\Documents and Settings\JeanPierre\Application Data\Mozilla\Firefox\Profiles\uy498t83.default\extensions\testpilot@labs.mozilla.com
[2011/03/16 21:30:38 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011/02/17 15:05:02 | 000,000,000 | ---D | M] (z) -- C:\Program Files\Mozilla Firefox\extensions\{602694e0-af95-c67b-9b42-1bf53ba82147}
[2010/04/27 19:04:22 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010/04/27 19:04:00 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2009/08/02 12:24:44 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION
[2010/04/27 19:03:59 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2007/03/27 10:50:58 | 001,093,632 | ---- | M] (UNISYS France) -- C:\Program Files\Mozilla Firefox\plugins\npornap.dll
[2010/12/03 19:04:57 | 000,001,516 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazon-france.xml
[2010/12/03 19:04:57 | 000,001,822 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\cnrtl-tlfi-fr.xml
[2010/12/03 19:04:57 | 000,000,757 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay-france.xml
[2009/10/25 03:37:12 | 000,002,663 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\SiteVacuum.xml
[2010/12/03 19:04:57 | 000,001,426 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-fr.xml
[2010/12/03 19:04:57 | 000,000,956 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo-france.xml

O1 HOSTS File: ([2011/02/27 18:12:56 | 000,430,148 | R--- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 14807 more lines...
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4 - HKLM..\Run: [ACTIVBOARD] c:\apps\ABOARD\ABOARD.EXE (NEC Computers International)
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1177238915-1220945662-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1177238915-1220945662-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run: Policies = C:\Documents and Settings\JeanPierre\Application Data\snsetup.exe
O9 - Extra Button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll ()
O9 - Extra 'Tools' menuitem : Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll ()
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O9 - Extra Button: Ghost Navigator - {ECC5777A-6E88-BFCE-13CE-81F134789E7B} - File not found
O9 - Extra 'Tools' menuitem : Ghost Navigator - {ECC5777A-6E88-BFCE-13CE-81F134789E7B} - File not found
O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} http://acs.pandasoftware.com/activescan ... stubie.cab (ActiveScan 2.0 Installer Class)
O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} http://www.monalbum.fr/v3/skinsrc/core/ ... oader5.cab (Image Uploader Control)
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} http://config.zebulon.fr/plugins/MaConfig_4_0_3_1.cab (Ma-Config control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {8F48147B-78D9-40F9-ACC0-BDDE59B246F4} http://abonnement.aliceadsl.fr/configur ... Helper.cab (AccountHelper Class)
O16 - DPF: {C1FDEE68-98D5-4F42-A4DD-D0BECF5077EB} http://tools.ebayimg.com/pm/activex/eBa ... 0-27-0.cab (EPUImageControl Class)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/shoc ... wflash.cab (Shockwave Flash Object)
O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} https://secure.logmein.com/activex/ractrl.cab?lmi=100 (Performance Viewer Activex Control)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O20 - Winlogon\Notify\LMIinit: DllName - LMIinit.dll - C:\WINDOWS\System32\LMIinit.dll (LogMeIn, Inc.)
O24 - Desktop Components:0 (Ma page d'accueil) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\JeanPierre\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\JeanPierre\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O30 - LSA: Authentication Packages - (relog_ap) - C:\WINDOWS\System32\relog_ap.dll (Acronis)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008/10/27 12:17:26 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{174249e4-c556-11dd-b9bc-000d61151923}\Shell\AutoRun\command - "" = G:\InstallTomTomHOME.exe
O33 - MountPoints2\{8e28f4ba-a422-11dd-b96d-000d61151923}\Shell\AutoRun\command - "" = H:\wdsync.exe
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/03/12 18:53:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Google Earth
[2011/03/09 07:54:28 | 000,000,000 | ---D | C] -- C:\FyK
[2011/03/09 07:39:10 | 000,000,000 | ---D | C] -- C:\Program Files\Ad-Remover
[2011/02/28 18:54:19 | 000,000,000 | ---D | C] -- C:\Program Files\Fichiers communs\Scanner
[2011/02/28 18:44:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Mozilla Firefox
[2011/02/23 12:02:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Spybot - Search & Destroy
[2011/02/23 12:01:54 | 000,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy
[2011/02/23 12:01:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
[2011/02/21 22:57:18 | 000,000,000 | -H-D | C] -- C:\WINDOWS\ie8
[2011/02/20 13:58:47 | 000,371,544 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys
[2011/02/20 13:58:45 | 000,101,976 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFW.sys
[2011/02/20 13:58:27 | 000,192,728 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswNdis2.sys
[2011/02/20 13:58:26 | 000,012,112 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswNdis.sys
[2011/02/20 13:57:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\avast! Internet Security
[2011/02/20 11:08:01 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2011/02/20 11:07:59 | 000,000,000 | ---D | C] -- C:\rsit
[2011/02/20 10:31:36 | 000,222,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MpSigStub.exe.old
[2011/02/18 11:04:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\JeanPierre\Application Data\Malwarebytes
[2011/02/18 11:04:14 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2011/02/18 11:04:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Malwarebytes' Anti-Malware
[2011/02/18 11:04:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2011/02/18 11:04:10 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2011/02/18 11:04:10 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011/02/18 09:33:58 | 000,000,000 | ---D | C] -- C:\Program Files\Enigma Software Group
[2011/02/18 09:33:21 | 000,000,000 | ---D | C] -- C:\Program Files\Fichiers communs\Wise Installation Wizard
[2011/02/17 20:22:52 | 000,000,000 | ---D | C] -- C:\WINDOWS\SxsCaPendDel
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[3 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/03/17 15:04:01 | 000,001,054 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011/03/17 15:00:01 | 000,000,518 | ---- | M] () -- C:\WINDOWS\tasks\Maintenance en 1 clic.job
[2011/03/17 14:50:39 | 000,001,050 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011/03/17 14:46:06 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/03/17 14:44:47 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/03/17 14:44:41 | 2147,012,608 | -HS- | M] () -- C:\hiberfil.sys
[2011/03/17 14:10:15 | 000,000,212 | -HS- | M] () -- C:\boot.ini
[2011/03/17 09:59:15 | 000,052,224 | ---- | M] () -- C:\Documents and Settings\JeanPierre\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/03/15 22:36:52 | 000,001,826 | -H-- | M] () -- C:\Documents and Settings\JeanPierre\Mes documents\Default.rdp
[2011/03/15 06:02:21 | 000,002,541 | ---- | M] () -- C:\Documents and Settings\JeanPierre\Application Data\Microsoft\Internet Explorer\Quick Launch\Jasc Paint Shop Pro 9.lnk
[2011/03/12 18:10:16 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\LauncherAccess.dt
[2011/03/10 11:43:00 | 000,000,978 | ---- | M] () -- C:\Documents and Settings\JeanPierre\Bureau\Raccourci vers OTL.exe.lnk
[2011/03/09 08:08:04 | 000,003,121 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2011/03/09 07:39:12 | 000,001,566 | ---- | M] () -- C:\Documents and Settings\JeanPierre\Bureau\AD-R.lnk
[2011/03/09 07:04:58 | 000,001,355 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2011/02/28 19:11:24 | 000,000,199 | ---- | M] () -- C:\Documents and Settings\JeanPierre\Bureau\Ebay USA .url
[2011/02/28 19:08:21 | 000,000,199 | ---- | M] () -- C:\Documents and Settings\JeanPierre\Bureau\Ebay FRANCE.url
[2011/02/28 18:44:53 | 000,001,632 | ---- | M] () -- C:\Documents and Settings\JeanPierre\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2011/02/28 18:44:53 | 000,001,614 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Mozilla Firefox.lnk
[2011/02/27 18:12:56 | 000,430,148 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2011/02/27 18:12:00 | 000,000,128 | ---- | M] () -- C:\WINDOWS\WININIT.INI
[2011/02/23 19:04:56 | 000,430,044 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20110227-181256.backup
[2011/02/23 18:56:21 | 000,000,904 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20110223-190456.backup
[2011/02/23 18:54:40 | 000,430,044 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20110223-185621.backup
[2011/02/23 18:52:40 | 000,430,044 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20110223-185440.backup
[2011/02/23 16:04:21 | 000,040,648 | ---- | M] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2011/02/23 16:04:17 | 000,190,016 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2011/02/23 15:57:38 | 000,101,976 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFW.sys
[2011/02/23 15:56:55 | 000,371,544 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys
[2011/02/23 15:56:45 | 000,301,528 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2011/02/23 15:56:41 | 000,192,728 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswNdis2.sys
[2011/02/23 15:55:49 | 000,049,240 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2011/02/23 15:55:47 | 000,102,232 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2011/02/23 15:55:44 | 000,096,344 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2011/02/23 15:55:10 | 000,025,432 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2011/02/23 15:54:57 | 000,030,680 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2011/02/23 15:54:55 | 000,019,544 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2011/02/23 12:08:14 | 000,000,790 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20110223-185240.backup
[2011/02/23 12:02:06 | 000,000,963 | ---- | M] () -- C:\Documents and Settings\JeanPierre\Application Data\Microsoft\Internet Explorer\Quick Launch\Spybot - Search & Destroy.lnk
[2011/02/23 12:02:06 | 000,000,945 | ---- | M] () -- C:\Documents and Settings\JeanPierre\Bureau\Spybot - Search & Destroy.lnk
[2011/02/21 23:02:52 | 000,000,827 | ---- | M] () -- C:\Documents and Settings\JeanPierre\Application Data\Microsoft\Internet Explorer\Quick Launch\Démarrer Internet Explorer.lnk
[2011/02/20 13:57:45 | 000,001,712 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\avast! Internet Security.lnk
[2011/02/20 12:09:14 | 000,001,912 | ---- | M] () -- C:\WINDOWS\epplauncher.mif
[2011/02/18 11:04:15 | 000,000,796 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Malwarebytes' Anti-Malware.lnk
[2011/02/17 15:04:23 | 000,074,673 | ---- | M] () -- C:\WINDOWS\System32\duigzbziaggljekqv.exe.old
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[3 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/03/10 11:43:00 | 000,000,978 | ---- | C] () -- C:\Documents and Settings\JeanPierre\Bureau\Raccourci vers OTL.exe.lnk
[2011/03/09 07:39:12 | 000,001,566 | ---- | C] () -- C:\Documents and Settings\JeanPierre\Bureau\AD-R.lnk
[2011/02/28 19:08:58 | 000,000,199 | ---- | C] () -- C:\Documents and Settings\JeanPierre\Bureau\Ebay USA .url
[2011/02/28 19:06:28 | 000,000,199 | ---- | C] () -- C:\Documents and Settings\JeanPierre\Bureau\Ebay FRANCE.url
[2011/02/28 18:44:53 | 000,001,632 | ---- | C] () -- C:\Documents and Settings\JeanPierre\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2011/02/28 18:44:53 | 000,001,614 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Mozilla Firefox.lnk
[2011/02/23 12:02:06 | 000,000,963 | ---- | C] () -- C:\Documents and Settings\JeanPierre\Application Data\Microsoft\Internet Explorer\Quick Launch\Spybot - Search & Destroy.lnk
[2011/02/23 12:02:06 | 000,000,945 | ---- | C] () -- C:\Documents and Settings\JeanPierre\Bureau\Spybot - Search & Destroy.lnk
[2011/02/20 13:57:45 | 000,001,712 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\avast! Internet Security.lnk
[2011/02/20 10:29:42 | 000,001,912 | ---- | C] () -- C:\WINDOWS\epplauncher.mif
[2011/02/18 11:04:15 | 000,000,796 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Malwarebytes' Anti-Malware.lnk
[2011/02/17 15:04:23 | 000,074,673 | ---- | C] () -- C:\WINDOWS\System32\duigzbziaggljekqv.exe.old
[2011/02/10 00:30:34 | 002,630,144 | ---- | C] () -- C:\WINDOWS\System32\5c37a31b.dll
[2010/10/28 18:59:32 | 043,678,784 | ---- | C] () -- C:\WINDOWS\_Avast! Antivirus Pro 5.0.677 Final cracked.exe
[2010/05/19 20:52:25 | 000,520,192 | ---- | C] () -- C:\WINDOWS\System32\ati2sgag.exe
[2010/05/15 20:19:29 | 000,000,036 | ---- | C] () -- C:\Documents and Settings\JeanPierre\Local Settings\Application Data\housecall.guid.cache
[2010/03/25 16:27:54 | 000,000,051 | ---- | C] () -- C:\WINDOWS\npornap.INI
[2010/01/29 21:05:38 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2009/10/24 10:23:13 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2009/08/19 09:07:29 | 000,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.ini
[2009/08/19 09:07:19 | 000,881,664 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2009/08/19 09:07:19 | 000,205,824 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2009/08/19 09:07:04 | 000,085,504 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2009/07/31 15:12:31 | 000,000,128 | ---- | C] () -- C:\WINDOWS\WININIT.INI
[2009/07/03 19:22:19 | 000,000,029 | ---- | C] () -- C:\WINDOWS\DEBUGSM.INI
[2009/07/03 19:13:10 | 000,049,152 | ---- | C] () -- C:\WINDOWS\StiRegstFre.dll
[2009/07/03 19:10:33 | 000,111,932 | ---- | C] () -- C:\WINDOWS\System32\EPPICPrinterDB.dat
[2009/07/03 19:10:33 | 000,031,053 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern131.dat
[2009/07/03 19:10:33 | 000,027,417 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern121.dat
[2009/07/03 19:10:33 | 000,026,154 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern1.dat
[2009/07/03 19:10:33 | 000,024,903 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern3.dat
[2009/07/03 19:10:33 | 000,021,390 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern5.dat
[2009/07/03 19:10:33 | 000,020,148 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern2.dat
[2009/07/03 19:10:33 | 000,011,811 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern4.dat
[2009/07/03 19:10:33 | 000,004,943 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern6.dat
[2009/07/03 19:10:33 | 000,001,146 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_DU.dat
[2009/07/03 19:10:33 | 000,001,139 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_PT.dat
[2009/07/03 19:10:33 | 000,001,139 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_BP.dat
[2009/07/03 19:10:33 | 000,001,136 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_ES.dat
[2009/07/03 19:10:33 | 000,001,129 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_FR.dat
[2009/07/03 19:10:33 | 000,001,129 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_CF.dat
[2009/07/03 19:10:33 | 000,001,120 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_IT.dat
[2009/07/03 19:10:33 | 000,001,107 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_GE.dat
[2009/07/03 19:10:33 | 000,001,104 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_EN.dat
[2009/07/03 19:10:33 | 000,000,097 | ---- | C] () -- C:\WINDOWS\System32\PICSDK.ini
[2009/07/03 19:09:27 | 000,000,027 | ---- | C] () -- C:\WINDOWS\CDE P34903590EF.ini
[2009/07/03 18:57:09 | 000,064,000 | ---- | C] () -- C:\WINDOWS\System32\esfw52.bin
[2009/05/22 06:41:43 | 000,307,200 | ---- | C] () -- C:\WINDOWS\System32\libmng.dll
[2009/04/07 16:08:11 | 000,000,320 | ---- | C] () -- C:\WINDOWS\wexpert6.ini
[2009/02/14 15:00:34 | 000,000,054 | ---- | C] () -- C:\WINDOWS\JascCmdFile.INI
[2009/02/02 18:10:49 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\LauncherAccess.dt
[2009/02/02 16:43:21 | 000,005,632 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys
[2009/02/01 09:15:42 | 000,000,168 | RHS- | C] () -- C:\WINDOWS\System32\94D4E1C5B1.sys
[2008/11/29 11:02:44 | 000,000,092 | ---- | C] () -- C:\WINDOWS\NAVIGMA.INI
[2008/11/01 09:03:12 | 000,052,224 | ---- | C] () -- C:\Documents and Settings\JeanPierre\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/10/31 19:10:07 | 000,037,888 | ---- | C] () -- C:\WINDOWS\System32\setupnt.dll
[2008/10/27 19:10:59 | 000,406,016 | ---- | C] () -- C:\WINDOWS\System32\PSDrvCheck.exe
[2008/10/27 18:04:40 | 000,003,616 | ---- | C] () -- C:\WINDOWS\System32\drivers\AS6EIO.SYS
[2008/10/27 18:04:40 | 000,001,523 | ---- | C] () -- C:\WINDOWS\EASY32.INI
[2008/10/27 18:04:40 | 000,000,528 | ---- | C] () -- C:\WINDOWS\SUPMINI.INI
[2008/10/27 17:27:39 | 000,139,280 | ---- | C] () -- C:\WINDOWS\System32\CSGina.dll
[2008/10/27 13:06:21 | 000,004,205 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2008/10/27 13:04:40 | 000,287,704 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2008/10/27 12:20:07 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2008/10/27 12:13:32 | 000,021,892 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2007/08/06 10:07:30 | 000,008,520 | ---- | C] () -- C:\WINDOWS\System32\ractrlkeyhook.dll
[2007/06/05 13:20:32 | 000,177,704 | ---- | C] () -- C:\WINDOWS\System32\PSIService.exe
[2006/07/17 15:34:16 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\ssleay32.dll
[2006/07/17 15:34:14 | 000,679,936 | ---- | C] () -- C:\WINDOWS\System32\libeay32.dll
[2005/08/26 15:54:14 | 000,127,614 | ---- | C] () -- C:\WINDOWS\System32\atiicdxx.dat
[2005/08/09 23:12:28 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2004/08/05 13:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2004/08/05 13:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2004/08/05 13:00:00 | 000,503,238 | ---- | C] () -- C:\WINDOWS\System32\perfh00C.dat
[2004/08/05 13:00:00 | 000,435,260 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2004/08/05 13:00:00 | 000,322,810 | ---- | C] () -- C:\WINDOWS\System32\perfi00C.dat
[2004/08/05 13:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2004/08/05 13:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2004/08/05 13:00:00 | 000,081,386 | ---- | C] () -- C:\WINDOWS\System32\perfc00C.dat
[2004/08/05 13:00:00 | 000,068,156 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2004/08/05 13:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2004/08/05 13:00:00 | 000,034,108 | ---- | C] () -- C:\WINDOWS\System32\perfd00C.dat
[2004/08/05 13:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2004/08/05 13:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004/08/05 13:00:00 | 000,004,463 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2004/08/05 13:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2004/08/05 13:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2004/02/09 15:18:18 | 000,155,648 | ---- | C] () -- C:\WINDOWS\System32\RTLCPAPI.dll
[2004/01/22 19:06:32 | 000,168,448 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2003/12/22 14:40:06 | 001,663,068 | ---- | C] () -- C:\WINDOWS\System32\libmmd.dll
[2002/10/12 15:42:20 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2002/05/24 01:00:00 | 000,208,896 | ---- | C] () -- C:\WINDOWS\System32\lockout.dll
[2002/05/24 01:00:00 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\lockres.dll
[2001/09/17 13:20:02 | 000,009,216 | ---- | C] () -- C:\WINDOWS\System32\cpuinf32.dll
[2001/08/31 15:33:58 | 000,425,984 | ---- | C] () -- C:\WINDOWS\System32\VxDMDcDlg.dll

========== LOP Check ==========

[2008/10/27 14:36:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Acronis
[2010/12/05 15:05:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Alwil Software
[2009/05/16 09:06:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Babylon
[2009/02/25 21:03:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\BufferZone
[2009/04/19 09:29:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Downloaded Installations
[2009/04/13 20:07:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ESET
[2009/07/20 12:17:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\LogMeIn
[2010/04/15 12:51:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ma-config.com
[2010/04/12 12:33:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Drivers HeadQuarters
[2008/10/27 18:47:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Pinnacle
[2008/12/08 19:38:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TomTom
[2009/02/26 21:45:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TuneUp Software
[2009/10/10 14:33:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Winferno
[2009/02/27 18:57:30 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Application Data\{55A29068-F2CE-456C-9148-C869879E2357}
[2009/05/16 09:06:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\JeanPierre\Application Data\Babylon
[2009/07/03 20:34:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\JeanPierre\Application Data\EPSON
[2009/04/14 17:27:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\JeanPierre\Application Data\ESET
[2011/03/07 19:06:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\JeanPierre\Application Data\FileZilla
[2010/12/02 23:08:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\JeanPierre\Application Data\gtk-2.0
[2008/10/31 19:12:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\JeanPierre\Application Data\Micro Application
[2009/02/02 18:11:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\JeanPierre\Application Data\Samsung
[2008/12/08 20:28:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\JeanPierre\Application Data\TomTom
[2009/02/26 21:46:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\JeanPierre\Application Data\TuneUp Software
[2009/04/05 16:37:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\JeanPierre\Application Data\VERITAS
[2010/07/01 13:59:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\JeanPierre\Application Data\Voxmobili
[2009/04/03 18:50:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\JeanPierre\Application Data\Windows Search
[2011/03/17 15:00:01 | 000,000,518 | ---- | M] () -- C:\WINDOWS\Tasks\Maintenance en 1 clic.job

========== Purity Check ==========



< End of report >
jean06
 
Messages: 2
Inscription: 17 Mar 2011, 15:19

Re: Mon pc est infecté par des page de pubs non désirées

Messagede nickW » 21 Mar 2011, 01:20

Bonsoir,

Tu penses vraiment que ton PC est protégé par: _Avast! Antivirus Pro 5.0.677 Final cracked.exe



Je vois que tu as utilisé rsit et Ad-Remover.
As-tu déjà demandé de l'aide sur un autre forum? Lequel? Peux-tu fournir le lien de ton sujet?


Il manque la fin du rapport OTL.Txt et la totalité du rapport Extras.Txt
Il faut les envoyer sur le forum dans plusieurs messages, toujours en utilisant le bouton Image

A suivre,
nickW - Image
30/07/2012: Plus de désinfection de PC jusqu'à nouvel ordre.
Pas de demande d'analyse de log en MP (Message Privé)
Mes configs
Avatar de l’utilisateur
nickW
Modérateur
 
Messages: 21698
Inscription: 20 Mai 2004, 17:41
Localisation: Dordogne/Île de France


Retourner vers Sécurité (Contamination - Décontamination)

Qui est en ligne

Utilisateurs parcourant ce forum: Google [Bot] et 12 invités

cron