[OK] ouverture intempestive de pages internet

Sécurité et insécurité. Virus, Trojans, Spywares, Failles etc. …

Modérateur: Modérateurs et Modératrices

Règles du forum
Assiste.com a suspendu l'assistance à la décontamination après presque 15 ans sur l'ancien forum puis celui-ci. Voir :

Procédure de décontamination 1 - Anti-malware
Décontamination anti-malwares

Procédure de décontamination 2 - Anti-malware et antivirus (La Manip)
La Manip - Procédure standard de décontamination

Entretien périodique d'un PC sous Windows
Entretien périodique d'un PC sous Windows

Protection des navigateurs, de la navigation et de la vie privée
Protéger le navigateur, la navigation et la vie privée

[OK] ouverture intempestive de pages internet

Messagede graceh » 17 Juil 2011, 23:18

Bonsoir,

depuis quelques semaines, chaque fois que j'ouvre une page internet, d'autres pages s'ouvrent, très souvent des pages publicitaires, mais en arrière plan, et ne bloquent pas la page sur laquelle je navigue ; j'ai testé navilog et le résultat etait négatif, j'utilise régulièrement ccleaner, spybot, et malwarebytes ; mon anti virus est avast ; par contre j'évite les mises à jours.
j'ai utilisé HijackThis et vous trouverez ci-dessous le résultat :

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:56:59, on 17/07/2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Apps\Softex\OmniPass\Omniserv.exe
C:\Program Files\Packard Bell\SrvCDEject.exe
C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
C:\Program Files\Sonic\DigitalMedia LE v7\MyDVD LE\USBDeviceService.exe
C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
C:\WINDOWS\system32\dllhost.exe
C:\Apps\Softex\OmniPass\OPXPApp.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\Program Files\Realtek\Card Reader Software\DriveIcon\DriveIcon.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Fingerprint Sensor\ATSwpNav.exe
c:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE
C:\Program Files\Sonic\DigitalMedia LE v7\MyDVD LE\DetectorApp.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\AVAST Software\Avast\avastUI.exe
C:\APPS\SMP\SmpSys.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
c:\Program Files\ATI Technologies\ATI.ACE\cli.exe
c:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.google.fr/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Packard Bell
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: OfferBox - {FC0D62C2-9640-4AEB-A5D5-CF25DF11FA8C} - C:\Program Files\OfferBox\OfferBoxBHO.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [DriveIcons] "C:\Program Files\Realtek\Card Reader Software\DriveIcon\DriveIcon.exe"
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [ATICCC] "c:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe"
O4 - HKLM\..\Run: [ATSwpNav] "C:\Program Files\Fingerprint Sensor\ATSwpNav" -run
O4 - HKLM\..\Run: [DetectorApp] C:\Program Files\Sonic\DigitalMedia LE v7\MyDVD LE\DetectorApp.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKCU\..\Run: [SmpcSys] C:\APPS\SMP\SmpSys.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_43C348BC2E93EB2B.dll/cmsidewiki.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\jp2iexp.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\jp2iexp.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\fr.htm
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupda ... 2811825046
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Service Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Service Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Softex OmniPass Service (omniserv) - Softex Inc. - C:\Apps\Softex\OmniPass\Omniserv.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: SrvCDEject - Unknown owner - C:\Program Files\Packard Bell\SrvCDEject.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
O23 - Service: USBDeviceService - Unknown owner - C:\Program Files\Sonic\DigitalMedia LE v7\MyDVD LE\USBDeviceService.exe
O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe

--
End of file - 8340 bytes

a l'avance je vous remercie de la réponse.

Bonsoir.

Henry G.
graceh
 
Messages: 5
Inscription: 16 Juil 2011, 13:31

Re: ouverture intempestive de pages internet

Messagede nickW » 18 Juil 2011, 00:05

Bonsoir,

A LIRE IMPÉRATIVEMENT avant de créer un sujet

... et désinstaller OfferBox.

Salut,
nickW - Image
30/07/2012: Plus de désinfection de PC jusqu'à nouvel ordre.
Pas de demande d'analyse de log en MP (Message Privé)
Mes configs
Avatar de l’utilisateur
nickW
Modérateur
 
Messages: 21698
Inscription: 20 Mai 2004, 17:41
Localisation: Dordogne/Île de France

Re: ouverture intempestive de pages internet

Messagede graceh » 18 Juil 2011, 19:44

Bonsoir,

Encore toutes mes excuses, mais j'ai oublié l'essentiel, lire avant de poster un sujet !!

depuis quelques semaines lorsque je vais sur internet j'ai d'autres pages qui s'ouvrent en arrière plan sans que je l'ai sollicité ; j'utilise régulièrement ccleaner afin d'éliminer les cookies ; et depuis peu spybot.

J'ai bien tout lu, et suivi les différentes étapes.

En premier, je joins ci-dessous le rapport Malwarebytes :

Malwarebytes' Anti-Malware 1.51.1.1800
www.malwarebytes.org

Version de la base de données: 7192

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

18/07/2011 19:48:33
mbam-log-2011-07-18 (19-48-33).txt

Type d'examen: Examen rapide
Elément(s) analysé(s): 162490
Temps écoulé: 3 minute(s), 3 seconde(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 0

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
(Aucun élément nuisible détecté)



Ensuite, ci-dessous le rapport OTL.Txt :


OTL logfile created on: 18/07/2011 19:56:53 - Run 1
OTL by OldTimer - Version 3.2.26.1 Folder = C:\Documents and Settings\Grace\Bureau
Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

2,00 Gb Total Physical Memory | 1,33 Gb Available Physical Memory | 66,57% Memory free
3,85 Gb Paging File | 3,27 Gb Available in Paging File | 85,12% Paging File free
Paging file location(s): C:\pagefile.sys 0 0 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 298,08 Gb Total Space | 75,28 Gb Free Space | 25,26% Space Free | Partition Type: NTFS

Computer Name: SN121463130315 | User Name: Grace | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/07/18 19:09:21 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Grace\Bureau\OTL.exe
PRC - [2011/07/06 19:52:38 | 000,449,584 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2011/07/06 19:52:38 | 000,366,640 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2011/07/04 13:43:54 | 003,493,720 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2011/07/04 13:43:51 | 000,042,184 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2009/03/05 16:07:20 | 002,260,480 | RHS- | M] (Safer-Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
PRC - [2008/04/14 04:34:03 | 001,037,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2006/07/25 10:48:30 | 000,613,376 | ---- | M] () -- C:\Program Files\Packard Bell\SrvCDEject.exe
PRC - [2006/01/02 17:41:22 | 000,045,056 | ---- | M] (ATI Technologies Inc.) -- c:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
PRC - [2005/12/09 19:44:20 | 000,656,896 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Program Files\Realtek\Card Reader Software\DriveIcon\DriveIcon.exe
PRC - [2005/11/17 09:51:08 | 000,975,360 | ---- | M] (Packard Bell BV) -- C:\APPS\SMP\SMPSYS.EXE
PRC - [2005/10/20 06:15:00 | 000,102,400 | ---- | M] () -- C:\Program Files\Sonic\DigitalMedia LE v7\MyDVD LE\DetectorApp.exe
PRC - [2005/10/20 06:15:00 | 000,090,112 | ---- | M] () -- C:\Program Files\Sonic\DigitalMedia LE v7\MyDVD LE\USBDeviceService.exe
PRC - [2005/08/12 16:55:34 | 000,014,336 | ---- | M] () -- C:\APPS\Softex\OmniPass\OPXPApp.exe
PRC - [2005/08/12 16:55:32 | 000,032,768 | ---- | M] (Softex Inc.) -- C:\APPS\Softex\OmniPass\OmniServ.exe
PRC - [2005/04/04 21:20:32 | 001,102,848 | ---- | M] (AuthenTec, Inc.) -- C:\Program Files\Fingerprint Sensor\ATSwpNav.exe
PRC - [2005/01/31 09:45:20 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) -- C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
PRC - [2004/04/08 05:25:04 | 001,135,728 | ---- | M] (America Online, Inc.) -- C:\Program Files\Fichiers communs\AOL\ACS\AOLacsd.exe
PRC - [2001/11/12 13:31:48 | 000,020,480 | ---- | M] (X10) -- C:\Program Files\Common Files\X10\Common\X10nets.exe


========== Modules (SafeList) ==========

MOD - [2011/07/18 19:09:21 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Grace\Bureau\OTL.exe
MOD - [2011/07/04 13:43:51 | 000,199,792 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\snxhk.dll
MOD - [2011/07/04 13:43:46 | 000,122,512 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\ashShell.dll
MOD - [2010/08/23 18:12:39 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
MOD - [2010/06/19 21:37:56 | 000,378,264 | ---- | M] (Adobe Systems, Inc.) -- C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\pdfshell.dll
MOD - [2009/07/12 01:12:06 | 000,632,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e6967989\msvcr80.dll


========== Win32 Services (SafeList) ==========

SRV - [2011/07/06 19:52:38 | 000,366,640 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2011/07/04 13:43:51 | 000,042,184 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2010/06/14 15:07:14 | 000,615,936 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2006/07/25 10:48:30 | 000,613,376 | ---- | M] () [Auto | Running] -- C:\Program Files\Packard Bell\SrvCDEject.exe -- (SrvCDEject)
SRV - [2005/10/20 06:15:00 | 000,090,112 | ---- | M] () [Auto | Running] -- C:\Program Files\Sonic\DigitalMedia LE v7\MyDVD LE\USBDeviceService.exe -- (USBDeviceService)
SRV - [2005/08/12 16:55:32 | 000,032,768 | ---- | M] (Softex Inc.) [Auto | Running] -- C:\APPS\Softex\OmniPass\OmniServ.exe -- (omniserv)
SRV - [2005/01/31 09:45:20 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) [Auto | Running] -- C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe -- (UleadBurningHelper)
SRV - [2004/04/08 05:25:04 | 001,135,728 | ---- | M] (America Online, Inc.) [Auto | Running] -- C:\Program Files\Fichiers communs\AOL\ACS\AOLacsd.exe -- (AOL ACS)
SRV - [2001/11/12 13:31:48 | 000,020,480 | ---- | M] (X10) [Auto | Running] -- C:\Program Files\Common Files\X10\Common\X10nets.exe -- (x10nets)


========== Driver Services (SafeList) ==========

DRV - [2011/07/06 19:52:42 | 000,022,712 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2011/07/04 13:36:43 | 000,441,176 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2011/07/04 13:36:32 | 000,309,848 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2011/07/04 13:35:23 | 000,043,608 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2011/07/04 13:35:12 | 000,102,616 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2011/07/04 13:32:32 | 000,025,432 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2011/07/04 13:32:13 | 000,030,808 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2011/07/04 13:32:12 | 000,019,544 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2010/04/29 21:26:26 | 000,008,552 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\asctrm.sys -- (ASCTRM)
DRV - [2010/02/26 14:32:58 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2010/02/26 14:32:46 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2010/02/26 14:32:44 | 000,022,528 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2010/02/26 14:32:44 | 000,018,176 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2008/08/26 10:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2008/04/13 20:46:22 | 000,015,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mpe.sys -- (MPE)
DRV - [2007/01/31 15:33:46 | 000,005,632 | ---- | M] (GRISOFT, s.r.o.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\avgarkt.sys -- (AVG Anti-Rootkit)
DRV - [2007/01/18 14:00:28 | 000,003,968 | ---- | M] (GRISOFT, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AvgArCln.sys -- (AvgArCln)
DRV - [2006/07/18 22:07:56 | 001,675,776 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2006/07/11 21:38:30 | 000,020,480 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus)
DRV - [2006/07/11 21:38:28 | 000,057,856 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD)
DRV - [2006/06/28 17:38:56 | 000,105,088 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\nvata.sys -- (nvata)
DRV - [2006/06/28 16:25:24 | 004,304,384 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.Sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2006/06/19 00:37:34 | 000,036,864 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AmdK8.sys -- (AmdK8)
DRV - [2006/04/28 16:34:00 | 000,882,688 | ---- | M] (Philips Semiconductors GmbH) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\3xHybrid.sys -- (3xHybrid)
DRV - [2005/11/28 10:45:16 | 000,007,040 | ---- | M] (X10 Wireless Technology, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\x10hid.sys -- (X10Hid)
DRV - [2005/03/29 18:02:22 | 000,116,594 | ---- | M] (AuthenTec, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ATSwpDrv.sys -- (ATSWPDRV) AuthenTec TruePrint USB Driver (AES2500)
DRV - [2003/01/10 16:13:04 | 000,033,588 | ---- | M] (America Online, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\wanatw4.sys -- (wanatw) WAN Miniport (ATW)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =



IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-2421290597-2343571141-326271542-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKU\S-1-5-21-2421290597-2343571141-326271542-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar =
IE - HKU\S-1-5-21-2421290597-2343571141-326271542-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
IE - HKU\S-1-5-21-2421290597-2343571141-326271542-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
IE - HKU\S-1-5-21-2421290597-2343571141-326271542-1005\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKU\S-1-5-21-2421290597-2343571141-326271542-1005\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKU\S-1-5-21-2421290597-2343571141-326271542-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.57\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.57\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@viewpoint.com/VMP: C:\Program Files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll ()

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}: C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension\ [2010/07/14 12:14:49 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\{CCB7D94B-CA92-4E3F-B79D-ADE0F07ADC74}: C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtension\ [2010/07/14 12:14:50 | 000,000,000 | ---D | M]


O1 HOSTS File: ([2011/07/16 18:07:50 | 000,435,706 | R--- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 14994 more lines...
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKU\S-1-5-21-2421290597-2343571141-326271542-1005\..\Toolbar\ShellBrowser: (no name) - {C4069E3A-68F1-403E-B40E-20066696354B} - No CLSID value found.
O3 - HKU\S-1-5-21-2421290597-2343571141-326271542-1005\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [ATICCC] c:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe ()
O4 - HKLM..\Run: [ATSwpNav] C:\Program Files\Fingerprint Sensor\ATSwpNav.exe (AuthenTec, Inc.)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [DetectorApp] C:\Program Files\Sonic\DigitalMedia LE v7\MyDVD LE\DetectorApp.exe ()
O4 - HKLM..\Run: [DriveIcons] C:\Program Files\Realtek\Card Reader Software\DriveIcon\DriveIcon.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [IMJPMIG8.1] C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)
O4 - HKU\S-1-5-21-2421290597-2343571141-326271542-1005..\Run: [] File not found
O4 - HKU\S-1-5-21-2421290597-2343571141-326271542-1005..\Run: [SmpcSys] C:\APPS\SMP\SMPSYS.EXE (Packard Bell BV)
O4 - HKU\S-1-5-21-2421290597-2343571141-326271542-1005..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - Startup: C:\Documents and Settings\Grace\Menu Démarrer\Programmes\Démarrage\ERUNT AutoBackup.lnk = C:\Program Files\ERUNT\AUTOBACK.EXE ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallVisualStyle = C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles (Microsoft)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallTheme = C:\WINDOWS\Resources\Themes\Royale.theme ()
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-2421290597-2343571141-326271542-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra 'Tools' menuitem : Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\npjpi160_25.dll (Sun Microsystems, Inc.)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/ ... ontrol.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.microsoft.com/windowsupda ... 2811825046 (WUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_25)
O16 - DPF: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_25)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_25)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O20 - Winlogon\Notify\OPXPGina: DllName - C:\Apps\Softex\OmniPass\opxpgina.dll - C:\APPS\Softex\OmniPass\OPXPGina.dll ()
O24 - Desktop Components:0 (Ma page d'accueil) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Grace\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Grace\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

CREATERESTOREPOINT
Restore point Set: OTL Restore Point
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 30 Days ==========

[2011/07/18 19:25:16 | 000,000,000 | ---D | C] -- C:\Program Files\ERUNT
[2011/07/18 19:25:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\ERUNT
[2011/07/18 19:18:47 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2011/07/18 19:09:12 | 000,579,584 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Grace\Bureau\OTL.exe
[2011/07/18 19:07:24 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Grace\Recent
[2011/07/17 23:56:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HijackThis
[2011/07/17 23:56:17 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2011/07/17 23:11:51 | 000,003,968 | ---- | C] (GRISOFT, s.r.o.) -- C:\WINDOWS\System32\drivers\AvgArCln.sys
[2011/07/17 23:11:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\AVG Anti-Rootkit Free
[2011/07/17 23:11:50 | 000,000,000 | ---D | C] -- C:\Program Files\GRISOFT
[2011/07/16 18:03:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Spybot - Search & Destroy
[2011/07/16 18:03:42 | 000,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy
[2011/07/16 18:03:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
[2011/07/16 14:15:04 | 000,000,000 | ---D | C] -- C:\Program Files\Navilog1
[2011/07/16 14:15:04 | 000,000,000 | ---D | C] -- C:\Navilog1
[2011/07/16 13:47:52 | 000,000,000 | ---D | C] -- C:\ToolBar SD
[2011/07/11 20:12:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Moovida
[2011/07/11 20:01:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\pss
[2011/07/10 19:59:05 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\appmgmt
[2011/07/10 19:02:08 | 000,309,848 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2011/07/10 19:02:08 | 000,019,544 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2011/07/10 19:02:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\avast! Free Antivirus
[2011/07/10 19:02:07 | 000,441,176 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys
[2011/07/10 19:02:07 | 000,102,616 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2011/07/10 19:02:07 | 000,096,344 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2011/07/10 19:02:07 | 000,043,608 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2011/07/10 19:02:07 | 000,030,808 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2011/07/10 19:02:07 | 000,025,432 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2011/07/10 19:01:58 | 000,199,304 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2011/07/10 19:01:58 | 000,040,112 | ---- | C] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2011/07/10 19:01:47 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2011/07/10 19:01:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AVAST Software
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/07/18 19:58:25 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2011/07/18 19:25:21 | 000,000,770 | ---- | M] () -- C:\Documents and Settings\Grace\Menu Démarrer\Programmes\Démarrage\ERUNT AutoBackup.lnk
[2011/07/18 19:25:16 | 000,000,614 | ---- | M] () -- C:\Documents and Settings\Grace\Bureau\NTREGOPT.lnk
[2011/07/18 19:25:16 | 000,000,595 | ---- | M] () -- C:\Documents and Settings\Grace\Bureau\ERUNT.lnk
[2011/07/18 19:22:27 | 000,001,052 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011/07/18 19:21:47 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/07/18 19:21:39 | 2145,964,032 | -HS- | M] () -- C:\hiberfil.sys
[2011/07/18 19:20:59 | 008,388,608 | ---- | M] () -- C:\Documents and Settings\Grace\NTUSER.bak
[2011/07/18 19:17:00 | 000,001,056 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011/07/18 19:09:21 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Grace\Bureau\OTL.exe
[2011/07/16 18:51:01 | 000,000,685 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\CCleaner.lnk
[2011/07/16 18:07:50 | 000,435,706 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2011/07/16 18:03:47 | 000,000,954 | ---- | M] () -- C:\Documents and Settings\Grace\Application Data\Microsoft\Internet Explorer\Quick Launch\Spybot - Search & Destroy.lnk
[2011/07/16 18:03:47 | 000,000,936 | ---- | M] () -- C:\Documents and Settings\Grace\Bureau\Spybot - Search & Destroy.lnk
[2011/07/14 19:35:39 | 000,000,289 | RHS- | M] () -- C:\BOOT.INI
[2011/07/14 19:34:10 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/07/10 19:02:08 | 000,001,692 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\avast! Free Antivirus.lnk
[2011/07/10 19:02:07 | 000,003,120 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2011/07/10 18:27:52 | 000,404,640 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2011/07/09 20:07:45 | 000,204,920 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011/07/06 19:52:42 | 000,041,272 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2011/07/06 19:52:42 | 000,022,712 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2011/07/04 20:29:00 | 000,511,074 | ---- | M] () -- C:\WINDOWS\System32\perfh00C.dat
[2011/07/04 20:29:00 | 000,441,680 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011/07/04 20:29:00 | 000,085,150 | ---- | M] () -- C:\WINDOWS\System32\perfc00C.dat
[2011/07/04 20:29:00 | 000,071,616 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011/07/04 13:43:53 | 000,040,112 | ---- | M] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2011/07/04 13:43:51 | 000,199,304 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2011/07/04 13:36:43 | 000,441,176 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys
[2011/07/04 13:36:32 | 000,309,848 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2011/07/04 13:35:23 | 000,043,608 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2011/07/04 13:35:12 | 000,102,616 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2011/07/04 13:35:09 | 000,096,344 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2011/07/04 13:32:32 | 000,025,432 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2011/07/04 13:32:13 | 000,030,808 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2011/07/04 13:32:12 | 000,019,544 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/07/18 19:58:25 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2011/07/18 19:25:21 | 000,000,770 | ---- | C] () -- C:\Documents and Settings\Grace\Menu Démarrer\Programmes\Démarrage\ERUNT AutoBackup.lnk
[2011/07/18 19:25:16 | 000,000,614 | ---- | C] () -- C:\Documents and Settings\Grace\Bureau\NTREGOPT.lnk
[2011/07/18 19:25:16 | 000,000,595 | ---- | C] () -- C:\Documents and Settings\Grace\Bureau\ERUNT.lnk
[2011/07/16 18:03:47 | 000,000,954 | ---- | C] () -- C:\Documents and Settings\Grace\Application Data\Microsoft\Internet Explorer\Quick Launch\Spybot - Search & Destroy.lnk
[2011/07/16 18:03:47 | 000,000,936 | ---- | C] () -- C:\Documents and Settings\Grace\Bureau\Spybot - Search & Destroy.lnk
[2011/07/10 19:02:08 | 000,001,692 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\avast! Free Antivirus.lnk
[2010/05/26 21:24:28 | 000,116,224 | ---- | C] () -- C:\WINDOWS\System32\pdfcmnnt.dll
[2010/05/03 12:29:44 | 000,211,456 | ---- | C] () -- C:\Documents and Settings\Grace\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/04/29 21:50:45 | 000,000,128 | ---- | C] () -- C:\Documents and Settings\Grace\Local Settings\Application Data\fusioncache.dat
[2010/04/29 21:40:00 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2010/04/29 21:33:37 | 000,000,602 | ---- | C] () -- C:\WINDOWS\System32\SETUPPC.INI
[2010/04/29 21:29:01 | 000,000,059 | ---- | C] () -- C:\WINDOWS\WININIT.INI
[2010/04/29 21:27:10 | 000,007,604 | ---- | C] () -- C:\WINDOWS\HDReg.ini
[2010/04/29 21:25:53 | 000,000,335 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2010/04/29 21:14:04 | 000,127,184 | ---- | C] () -- C:\WINDOWS\Unwise.exe
[2010/04/29 21:12:17 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\34CoInstaller.dll
[2010/04/29 21:12:06 | 000,000,008 | ---- | C] () -- C:\WINDOWS\System32\drivers\RtkHDAud.dat
[2010/04/29 21:12:04 | 000,135,168 | ---- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll
[2010/04/29 21:12:04 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2010/04/29 21:11:21 | 000,548,864 | ---- | C] () -- C:\WINDOWS\mHotkey.exe
[2010/04/29 21:11:21 | 000,294,912 | ---- | C] () -- C:\WINDOWS\PIC.dll
[2010/04/29 21:11:03 | 000,129,084 | ---- | C] () -- C:\WINDOWS\System32\atiicdxx.dat
[2010/03/03 02:00:00 | 004,555,278 | ---- | C] () -- C:\WINDOWS\System32\libavcodec.dll
[2010/03/03 02:00:00 | 001,449,935 | ---- | C] () -- C:\WINDOWS\System32\ffmpegmt.dll
[2010/03/03 02:00:00 | 000,882,688 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2010/03/03 02:00:00 | 000,877,385 | ---- | C] () -- C:\WINDOWS\System32\ff_x264.dll
[2010/03/03 02:00:00 | 000,556,491 | ---- | C] () -- C:\WINDOWS\System32\libmplayer.dll
[2010/03/03 02:00:00 | 000,336,384 | ---- | C] () -- C:\WINDOWS\System32\ff_libfaad2.dll
[2010/03/03 02:00:00 | 000,324,096 | ---- | C] () -- C:\WINDOWS\System32\TomsMoComp_ff.dll
[2010/03/03 02:00:00 | 000,248,320 | ---- | C] () -- C:\WINDOWS\System32\ff_kernelDeint.dll
[2010/03/03 02:00:00 | 000,216,576 | ---- | C] () -- C:\WINDOWS\System32\ff_libdts.dll
[2010/03/03 02:00:00 | 000,169,984 | ---- | C] () -- C:\WINDOWS\System32\ff_samplerate.dll
[2010/03/03 02:00:00 | 000,151,552 | ---- | C] () -- C:\WINDOWS\System32\ff_libmad.dll
[2010/03/03 02:00:00 | 000,145,408 | ---- | C] () -- C:\WINDOWS\System32\libmpeg2_ff.dll
[2010/03/03 02:00:00 | 000,121,856 | ---- | C] () -- C:\WINDOWS\System32\ff_liba52.dll
[2010/03/03 02:00:00 | 000,116,736 | ---- | C] () -- C:\WINDOWS\System32\ff_tremor.dll
[2010/03/03 02:00:00 | 000,100,864 | ---- | C] () -- C:\WINDOWS\System32\ff_wmv9.dll
[2010/03/03 02:00:00 | 000,097,792 | ---- | C] () -- C:\WINDOWS\System32\ff_unrar.dll
[2010/03/03 02:00:00 | 000,085,504 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2009/11/14 20:37:08 | 000,154,112 | ---- | C] () -- C:\WINDOWS\System32\ts.dll
[2009/11/14 20:33:40 | 000,357,888 | ---- | C] () -- C:\WINDOWS\System32\gdsmux.exe
[2009/11/14 20:33:38 | 000,249,856 | ---- | C] () -- C:\WINDOWS\System32\dxr.dll
[2009/11/14 20:11:50 | 000,093,184 | ---- | C] () -- C:\WINDOWS\System32\avss.dll
[2009/11/14 20:11:42 | 000,150,016 | ---- | C] () -- C:\WINDOWS\System32\mkx.dll
[2009/11/14 20:11:42 | 000,141,824 | ---- | C] () -- C:\WINDOWS\System32\mp4.dll
[2009/11/14 20:11:40 | 000,123,392 | ---- | C] () -- C:\WINDOWS\System32\ogm.dll
[2009/11/14 20:11:40 | 000,109,568 | ---- | C] () -- C:\WINDOWS\System32\avi.dll
[2009/11/14 20:11:38 | 000,097,792 | ---- | C] () -- C:\WINDOWS\System32\avs.dll
[2009/11/14 20:11:36 | 000,136,704 | ---- | C] () -- C:\WINDOWS\System32\mkv2vfr.exe
[2009/11/14 20:11:36 | 000,113,152 | ---- | C] () -- C:\WINDOWS\System32\dsmux.exe
[2009/11/14 20:11:32 | 000,080,384 | ---- | C] () -- C:\WINDOWS\System32\mkzlib.dll
[2009/11/14 20:11:32 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\mkunicode.dll
[2009/08/11 23:21:26 | 000,087,552 | ---- | C] () -- C:\WINDOWS\System32\ac3config.exe
[2009/06/07 18:24:04 | 000,180,224 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2009/01/11 00:15:44 | 000,159,744 | ---- | C] () -- C:\WINDOWS\System32\mmfinfo.dll
[2008/11/06 18:37:32 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2007/10/13 11:30:20 | 000,000,137 | ---- | C] () -- C:\WINDOWS\System32\Registration.ini
[2006/07/26 08:57:34 | 000,006,741 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2006/01/12 12:23:10 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2005/08/05 15:38:54 | 000,235,008 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2004/09/23 19:22:30 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2004/09/23 19:04:19 | 000,021,892 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2004/09/23 18:53:16 | 000,004,205 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2004/09/23 18:50:23 | 000,204,920 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2004/09/23 18:12:38 | 000,511,074 | ---- | C] () -- C:\WINDOWS\System32\perfh00C.dat
[2004/09/23 18:12:38 | 000,322,810 | ---- | C] () -- C:\WINDOWS\System32\perfi00C.dat
[2004/09/23 18:12:38 | 000,085,150 | ---- | C] () -- C:\WINDOWS\System32\perfc00C.dat
[2004/09/23 18:12:38 | 000,034,108 | ---- | C] () -- C:\WINDOWS\System32\perfd00C.dat
[2004/09/23 18:11:26 | 000,291,840 | ---- | C] () -- C:\WINDOWS\System32\sbe(2).dll
[2004/09/23 18:11:26 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004/09/23 18:11:20 | 000,441,680 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2004/09/23 18:11:20 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2004/09/23 18:11:20 | 000,071,616 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2004/09/23 18:11:20 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2004/09/23 18:11:18 | 000,004,613 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2004/09/23 18:11:13 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2004/09/23 18:11:07 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2004/09/23 18:10:47 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2004/09/23 18:10:46 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2004/09/23 18:10:25 | 000,456,192 | ---- | C] () -- C:\WINDOWS\System32\encdec(2).dll
[2004/09/23 18:10:24 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2004/09/23 18:10:02 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin

========== LOP Check ==========

[2010/05/03 19:52:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Grace\Application Data\DeepBurner
[2010/07/20 20:21:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Grace\Application Data\gtk-2.0
[2011/02/18 13:44:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Grace\Application Data\Icones
[2011/07/11 20:14:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Grace\Application Data\moovida-1
[2010/07/14 12:34:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Grace\Application Data\Nokia
[2010/07/14 12:34:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Grace\Application Data\Nokia Ovi Suite
[2010/05/03 11:33:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Grace\Application Data\OD2
[2011/07/18 19:06:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Grace\Application Data\OfferBox
[2010/07/14 12:34:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Grace\Application Data\PC Suite
[2011/07/10 21:17:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Grace\Application Data\PriceGong
[2011/05/27 00:05:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Grace\Application Data\Ulead Systems
[2011/07/16 13:27:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Grace\Application Data\uTorrent
[2010/06/07 16:16:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Grace\Application Data\VadeRetro
[2010/05/16 19:52:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Grace\Application Data\widestream
[2011/05/26 23:38:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Grace\Application Data\XnConvert
[2010/05/02 16:41:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Alwil Software
[2011/07/10 19:01:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVAST Software
[2011/01/14 01:10:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MumboJumbo
[2011/05/24 23:48:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Nokia
[2010/07/14 12:11:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NokiaInstallerCache
[2010/04/29 21:25:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\OD2
[2010/07/14 12:16:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Suite
[2010/04/29 21:36:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SmartSound Software Inc
[2010/04/29 21:36:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ulead Systems
[2010/04/29 21:27:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\VadeRetro
[2010/04/29 21:26:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint
[2010/05/26 21:19:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Zylom
[2010/04/29 21:14:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\X10 Commander

========== Purity Check ==========



========== Custom Scans ==========


< %SYSTEMDRIVE%\*.exe >


< MD5 for: AGP440.SYS >
[2004/08/10 14:00:00 | 017,013,719 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2010/05/03 18:33:02 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
[2004/08/10 14:00:00 | 017,013,719 | ---- | M] () .cab file -- C:\WINDOWS\I386\sp2.cab:AGP440.sys
[2010/05/03 18:33:02 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys
[2008/04/13 20:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008/04/13 20:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\System32\drivers\agp440.sys
[2004/08/03 23:07:42 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\WINDOWS\$NtServicePackUninstall$\agp440.sys

< MD5 for: ATAPI.SYS >
[2004/08/10 14:00:00 | 017,013,719 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2010/05/03 18:33:02 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2004/08/10 14:00:00 | 017,013,719 | ---- | M] () .cab file -- C:\WINDOWS\I386\sp2.cab:atapi.sys
[2010/05/03 18:33:02 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008/04/13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008/04/13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\System32\drivers\atapi.sys
[2004/08/03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys

< MD5 for: CTFMON.EXE >
[2004/08/10 14:00:00 | 000,015,360 | ---- | M] (Microsoft Corporation) MD5=5584247B568C2E53934873F4B655FE6A -- C:\WINDOWS\$NtServicePackUninstall$\ctfmon.exe
[2008/04/14 04:33:59 | 000,015,360 | ---- | M] (Microsoft Corporation) MD5=59DC5BB82E4C8E0B3EADCFDBC44BA6E4 -- C:\WINDOWS\ServicePackFiles\i386\ctfmon.exe
[2008/04/14 04:33:59 | 000,015,360 | ---- | M] (Microsoft Corporation) MD5=59DC5BB82E4C8E0B3EADCFDBC44BA6E4 -- C:\WINDOWS\System32\ctfmon.exe

< MD5 for: EVENTLOG.DLL >
[2004/08/10 14:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=21E83876A6287F15538EF187D286FE11 -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll
[2008/04/14 04:33:24 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=4EC800BDF80521B0207BD2301DFC7D14 -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008/04/14 04:33:24 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=4EC800BDF80521B0207BD2301DFC7D14 -- C:\WINDOWS\System32\eventlog.dll

< MD5 for: EXPLORER.EXE >
[2004/08/10 14:00:00 | 001,036,288 | ---- | M] (Microsoft Corporation) MD5=4C33E5B9A6197B6ED215F6CFBA0A2DAA -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe
[2008/04/14 04:34:03 | 001,037,824 | ---- | M] (Microsoft Corporation) MD5=F2317622D29F9FF0F88AEECD5F60F0DD -- C:\WINDOWS\explorer.exe
[2008/04/14 04:34:03 | 001,037,824 | ---- | M] (Microsoft Corporation) MD5=F2317622D29F9FF0F88AEECD5F60F0DD -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe

< MD5 for: NETLOGON.DLL >
[2008/04/14 04:33:34 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=04821179C3171554C1BD1F9888A113E2 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2008/04/14 04:33:34 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=04821179C3171554C1BD1F9888A113E2 -- C:\WINDOWS\System32\netlogon.dll
[2009/02/06 20:46:49 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=ECD7791E0E9246CA5F218A19F3911EB9 -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll

< MD5 for: NVATA.SYS >
[2006/06/28 17:38:56 | 000,105,088 | ---- | M] (NVIDIA Corporation) MD5=9ECCD189A9554C30A0D18A429778C7BA -- C:\PNP\MOBO\NVATA.SYS
[2006/06/28 17:38:56 | 000,105,088 | ---- | M] (NVIDIA Corporation) MD5=9ECCD189A9554C30A0D18A429778C7BA -- C:\WINDOWS\System32\drivers\nvata.sys

< MD5 for: NVATABUS.SYS >
[2006/06/28 17:38:56 | 000,105,088 | ---- | M] (NVIDIA Corporation) MD5=9ECCD189A9554C30A0D18A429778C7BA -- C:\PNP\MOBO\NVATABUS.SYS

< MD5 for: SCECLI.DLL >
[2008/04/14 04:33:40 | 000,187,392 | ---- | M] (Microsoft Corporation) MD5=973B36634C544948C663E8269AA1B3A3 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008/04/14 04:33:40 | 000,187,392 | ---- | M] (Microsoft Corporation) MD5=973B36634C544948C663E8269AA1B3A3 -- C:\WINDOWS\System32\scecli.dll
[2004/08/10 14:00:00 | 000,186,368 | ---- | M] (Microsoft Corporation) MD5=DEC0397F35D027874804EC72979D03CC -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll

< MD5 for: USERINIT.EXE >
[2004/08/10 14:00:00 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=D6D65EA32B190401B57EDB6706F29669 -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe
[2008/04/14 04:34:26 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=E74DDB12188C2FF57A78624DBF7332FC -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2008/04/14 04:34:26 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=E74DDB12188C2FF57A78624DBF7332FC -- C:\WINDOWS\System32\userinit.exe

< MD5 for: WINLOGON.EXE >
[2004/08/10 14:00:00 | 000,506,368 | ---- | M] (Microsoft Corporation) MD5=D2DE785AEAB0BB8CA4C14A8A199DBE4E -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2008/04/14 04:34:28 | 000,512,000 | ---- | M] (Microsoft Corporation) MD5=DD73D6B9F6B4CB630CF35B438B540174 -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008/04/14 04:34:28 | 000,512,000 | ---- | M] (Microsoft Corporation) MD5=DD73D6B9F6B4CB630CF35B438B540174 -- C:\WINDOWS\System32\winlogon.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[2 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %systemroot%\Tasks\*.job /lockedfiles >

< End of report >

la suite sur le message suivant .....................
graceh
 
Messages: 5
Inscription: 16 Juil 2011, 13:31

Re: ouverture intempestive de pages internet

Messagede graceh » 18 Juil 2011, 19:45

Bonsoir,

je poste la suite : Extras.Txt :

ensuite le rapport Extras.Txt :

OTL Extras logfile created on: 18/07/2011 19:56:53 - Run 1
OTL by OldTimer - Version 3.2.26.1 Folder = C:\Documents and Settings\Grace\Bureau
Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

2,00 Gb Total Physical Memory | 1,33 Gb Available Physical Memory | 66,57% Memory free
3,85 Gb Paging File | 3,27 Gb Available in Paging File | 85,12% Paging File free
Paging file location(s): C:\pagefile.sys 0 0 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 298,08 Gb Total Space | 75,28 Gb Free Space | 25,26% Space Free | Partition Type: NTFS

Computer Name: SN121463130315 | User Name: Grace | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

[HKEY_USERS\S-1-5-21-2421290597-2343571141-326271542-1005\SOFTWARE\Classes\<extension>]
.html [@ = htmlfile] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
http [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1"
https [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1"
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%ProgramFiles%\AOL 9.0\aol.exe" = %ProgramFiles%\AOL 9.0\aol.exe:*:Enabled:AOL -- (America Online, Inc.)
"%ProgramFiles%\UBISOFT\Splinter Cell Pandora Tomorrow\logo_ubi.exe" = %ProgramFiles%\UBISOFT\Splinter Cell Pandora Tomorrow\logo_ubi.exe:*:Enabled:SPLINTER CELL PANDORA
"%ProgramFiles%\UBISOFT\Splinter Cell Pandora Tomorrow\pandora.exe" = %ProgramFiles%\UBISOFT\Splinter Cell Pandora Tomorrow\pandora.exe:*:Enabled:PANDORA
"C:\APPS\Inventime\my.exe" = C:\APPS\Inventime\my.exe:*:Enabled:INVENTIME
"C:\Program Files\eMule\emule.exe" = C:\Program Files\eMule\emule.exe:*:Enabled:eMule
"C:\Program Files\PhotoJoy\Bin\PjApp.exe" = C:\Program Files\PhotoJoy\Bin\PjApp.exe:*:Enabled:PhotoJoy
"C:\Program Files\PhotoJoy\Bin\PjImp.exe" = C:\Program Files\PhotoJoy\Bin\PjImp.exe:*:Enabled:PhotoJoy
"C:\Program Files\PhotoJoy\Bin\PhotoJoy.exe" = C:\Program Files\PhotoJoy\Bin\PhotoJoy.exe:*:Enabled:PhotoJoy


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{075473F5-846A-448B-BCB3-104AA1760205}" = Sonic RecordNow Data
"{1373559F-6DC6-44EA-9079-6ABDCCE8CDAD}" = OviMPlatform
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{21657574-BD54-48A2-9450-EB03B2C7FC29}" = Sonic MyDVD LE
"{26A24AE4-039D-4CA4-87B4-2F83216025FF}" = Java(TM) 6 Update 25
"{2852AC2C-B2FC-4F4A-A573-D466C872E688}" = ATI Catalyst Control Center
"{29F563F4-8807-4496-8463-441EAA0E96AB}" = PC Connectivity Solution
"{2ADE2157-7A5E-122C-B51D-EB8A01B15943}" = DeepBurner v1.9.0.228
"{2D10FC46-1D96-44C4-8855-85F21B9B011E}" = Ovi Desktop Sync Engine
"{31E1050B-F69F-4A16-8F5A-E44D31901250}" = Ulead DVD DiskRecorder 2.1.1
"{350C940c-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A7FDA4D-F4D7-4A49-934A-066D59A43C7E}" = SmartSound Quicktracks Plugin
"{5A065EA0-0EEC-4E94-A2A0-40812576C122}" = Ulead PhotoImpact 10 SE
"{5E8A1B08-0FBD-4543-9646-F2C2D0D05750}" = Macromedia Flash Player 8
"{63E949F6-03BC-5C40-FF1F-C8B3B9A1E18E}" = Visual C++ 8.0 CRT.Policy (x86) WinSXS MSM
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Sonic Express Labeler
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{68B7C6D9-1DF2-54C1-FF1F-C8B3B9A1E18E}" = Visual C++ 8.0 MFC.Policy (x86) WinSXS MSM
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{70001F01-A93D-40A4-B832-123F54A2068E}" = NEC Back to School Keyboard 2005
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7655E113-C306-11D9-A373-0050BAE317E1}" = MCE Software Encoder 1.0
"{7D1D6A24-65D4-454C-8815-4F08A5FFF12C}" = Macromedia Shockwave Player
"{8070452B-15D6-4169-B9B9-FCC3B54588AD}" = Nokia Ovi Suite
"{8EAB2384-C794-40ED-A9DD-3270A0D2BB76}" = Ulead VideoStudio 9.0 SE DVD
"{98CB24AD-52FB-DB5F-FF1F-C8B3B9A1E18E}" = Visual C++ 8.0 CRT (x86) WinSXS MSM
"{9941F0AA-B903-4AF4-A055-83A9815CC011}" = Sonic Encoders
"{9BAE13A2-E7AF-D6C3-FF1F-C8B3B9A1E18E}" = Visual C++ 8.0 MFC (x86) WinSXS MSM
"{A0D65C73-F2C5-432F-8788-90F8A2E99B98}" = Nokia Ovi Suite Software Updater
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A43BF6A5-D5F0-4AAA-BF41-65995063EC44}" = MSXML 6.0 Parser
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AB708C9B-97C8-4AC9-899B-DBF226AC9382}" = Sonic RecordNow Audio
"{AC76BA86-7AD7-1036-7B44-A93000000001}" = Adobe Reader 9.3.4 - Français
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{B12665F4-4E93-4AB4-B7FC-37053B524629}" = Sonic RecordNow Copy
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B9A7B5EE-9B7B-4A09-BCAE-8738B20F38EA}" = Moovida
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{DC24971E-1946-445D-8A82-CE685433FA7D}" =
"{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}" = Codeur Windows Media Série 9
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F196AC50-7C95-42E1-9947-BDAB18BF3C8C}" = Microsoft .NET Framework 2.0 Language Pack - FRA
"{F1FDAA01-988C-423F-AC12-0D8F333943FD}" = Nokia Connectivity Cable Driver
"{FB159DD9-6E5F-4C94-B288-E9D1D9FAFBA1}" = ATNavigation
"504244733D18C8F63FF584AEB290E3904E791693" = Package de pilotes Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0)
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"avast" = avast! Free Antivirus
"AVGantiRootkit" = AVG Anti-Rootkit Free
"CCleaner" = CCleaner
"Destinator Console" = Destinator Console
"ERUNT_is1" = ERUNT 1.1j
"HijackThis" = HijackThis 2.0.2
"ie8" = Windows Internet Explorer 8
"InstallShield_{4A7FDA4D-F4D7-4A49-934A-066D59A43C7E}" = SmartSound Quicktracks Plugin
"LUXOR Game Collection" = LUXOR Game Collection
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware version 1.51.1.1800
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 2.0 Language Pack - FRA" = Module de prise en charge linguistique de Microsoft .NET Framework 2.0 - FRA
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Moovida" = Moovida 2.1.1.0
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"Nokia Ovi Suite" = Nokia Ovi Suite
"NVIDIA Drivers" = NVIDIA Drivers
"QuickTime" = QuickTime
"Wdf01009" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
"Windows Media Encoder 9" = Codeur Windows Media Série 9
"Windows XP Service" = Windows XP Service Pack 3
"WinRAR archiver" = Archiveur WinRAR
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"X10Hardware" = X10 Hardware(TM)
"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 10/07/2011 15:15:26 | Computer Name = SN121463130315 | Source = .NET Runtime 2.0 Error Reporting | ID = 5000
Description = EventType clr20r3, P1 moovida.exe, P2 2.1.1.0, P3 4dc16ceb, P4 mscorlib,
P5 2.0.0.0, P6 4be90358, P7 198, P8 cb, P9 system.io.filenotfoundexception, P10
NIL.

Error - 10/07/2011 15:44:35 | Computer Name = SN121463130315 | Source = .NET Runtime 2.0 Error Reporting | ID = 5000
Description = EventType clr20r3, P1 moovida.exe, P2 2.1.1.0, P3 4dc16ceb, P4 mscorlib,
P5 2.0.0.0, P6 4be90358, P7 198, P8 cb, P9 system.io.filenotfoundexception, P10
NIL.

Error - 11/07/2011 13:48:31 | Computer Name = SN121463130315 | Source = Application Error | ID = 1000
Description = Application défaillante mhotkey.exe, version 3.0.0.14, module défaillant
mhotkey.exe, version 3.0.0.14, adresse de défaillance 0x0000a189.

Error - 11/07/2011 13:54:52 | Computer Name = SN121463130315 | Source = Application Error | ID = 1000
Description = Application défaillante mhotkey.exe, version 3.0.0.14, module défaillant
mhotkey.exe, version 3.0.0.14, adresse de défaillance 0x0000a189.

Error - 11/07/2011 14:12:30 | Computer Name = SN121463130315 | Source = .NET Runtime 2.0 Error Reporting | ID = 5000
Description = EventType clr20r3, P1 moovida.exe, P2 2.1.1.0, P3 4dc16ceb, P4 mscorlib,
P5 2.0.0.0, P6 4be90358, P7 198, P8 cb, P9 system.io.filenotfoundexception, P10
NIL.

Error - 11/07/2011 14:13:33 | Computer Name = SN121463130315 | Source = .NET Runtime 2.0 Error Reporting | ID = 5000
Description = EventType clr20r3, P1 moovida.exe, P2 2.1.1.0, P3 4dc16ceb, P4 mscorlib,
P5 2.0.0.0, P6 4be90358, P7 198, P8 cb, P9 system.io.filenotfoundexception, P10
NIL.

Error - 11/07/2011 17:50:20 | Computer Name = SN121463130315 | Source = .NET Runtime 2.0 Error Reporting | ID = 5000
Description = EventType clr20r3, P1 moovida.exe, P2 2.1.1.0, P3 4dc16ceb, P4 mscorlib,
P5 2.0.0.0, P6 4be90358, P7 198, P8 cb, P9 system.io.filenotfoundexception, P10
NIL.

Error - 11/07/2011 17:51:47 | Computer Name = SN121463130315 | Source = .NET Runtime 2.0 Error Reporting | ID = 5000
Description = EventType clr20r3, P1 moovida.exe, P2 2.1.1.0, P3 4dc16ceb, P4 mscorlib,
P5 2.0.0.0, P6 4be90358, P7 198, P8 cb, P9 system.io.filenotfoundexception, P10
NIL.

Error - 11/07/2011 17:52:16 | Computer Name = SN121463130315 | Source = .NET Runtime 2.0 Error Reporting | ID = 5000
Description = EventType clr20r3, P1 moovida.exe, P2 2.1.1.0, P3 4dc16ceb, P4 mscorlib,
P5 2.0.0.0, P6 4be90358, P7 198, P8 cb, P9 system.io.filenotfoundexception, P10
NIL.

Error - 16/07/2011 08:18:31 | Computer Name = SN121463130315 | Source = Application Error | ID = 1000
Description = Application défaillante explorer.exe, version 6.0.2900.5512, module
défaillant unknown, version 0.0.0.0, adresse de défaillance 0x715e9e59.

[ System Events ]
Error - 17/07/2011 12:44:54 | Computer Name = SN121463130315 | Source = Service Control Manager | ID = 7009
Description = Délai (30000 millisecondes) d'attente pour une connexion du service
Windows User Mode Driver Framework.

Error - 17/07/2011 12:44:54 | Computer Name = SN121463130315 | Source = Service Control Manager | ID = 7000
Description = Le service Windows User Mode Driver Framework n'a pas pu démarrer
en raison de l'erreur : %%1053

Error - 17/07/2011 12:47:53 | Computer Name = SN121463130315 | Source = Service Control Manager | ID = 7009
Description = Délai (30000 millisecondes) d'attente pour une connexion du service
Windows User Mode Driver Framework.

Error - 17/07/2011 12:47:53 | Computer Name = SN121463130315 | Source = Service Control Manager | ID = 7000
Description = Le service Windows User Mode Driver Framework n'a pas pu démarrer
en raison de l'erreur : %%1053

Error - 17/07/2011 17:13:17 | Computer Name = SN121463130315 | Source = Service Control Manager | ID = 7009
Description = Délai (30000 millisecondes) d'attente pour une connexion du service
Windows User Mode Driver Framework.

Error - 17/07/2011 17:13:17 | Computer Name = SN121463130315 | Source = Service Control Manager | ID = 7000
Description = Le service Windows User Mode Driver Framework n'a pas pu démarrer
en raison de l'erreur : %%1053

Error - 18/07/2011 05:33:23 | Computer Name = SN121463130315 | Source = Service Control Manager | ID = 7009
Description = Délai (30000 millisecondes) d'attente pour une connexion du service
Windows User Mode Driver Framework.

Error - 18/07/2011 05:33:23 | Computer Name = SN121463130315 | Source = Service Control Manager | ID = 7000
Description = Le service Windows User Mode Driver Framework n'a pas pu démarrer
en raison de l'erreur : %%1053

Error - 18/07/2011 13:22:14 | Computer Name = SN121463130315 | Source = Service Control Manager | ID = 7009
Description = Délai (30000 millisecondes) d'attente pour une connexion du service
Windows User Mode Driver Framework.

Error - 18/07/2011 13:22:14 | Computer Name = SN121463130315 | Source = Service Control Manager | ID = 7000
Description = Le service Windows User Mode Driver Framework n'a pas pu démarrer
en raison de l'erreur : %%1053


< End of report >


A l'avance je vous remercie de l'aide que vous pourrez m'apporter.

Cordialemenet

HENRY G.
graceh
 
Messages: 5
Inscription: 16 Juil 2011, 13:31

Re: ouverture intempestive de pages internet

Messagede nickW » 21 Juil 2011, 01:10

Bonsoir,

Utilisation d'un autre outil:


Étape 1: Ad-Remover (de la TeamXscript), téléchargement
Télécharger Ad-Remover depuis la page ci-dessous:
http://www.teamxscript.org/adremoverTelechargement.html

Cliquer sur le bouton Bleu Download Image
Enregistrer le fichier AD-R.exe sur le Bureau.


Étape 2: Ad-Remover (de la TeamXscript), analyse
S'il s'agit du premier lancement d'Ad-Remover, faire un double clic sur le fichier AD-R.exe Image,
sinon faire un double clic sur le raccourci AD-R Image, sur le Bureau.

L'écran principal d'Ad-Remover s'affiche:
Image

Cliquer sur le bouton Scanner et confirmer en cliquant sur le bouton Oui Image.

Laisser l'outil travailler sans l'interrompre.
Lorsque l'outil a terminé, il y a ouverture d'une fenêtre du Bloc-notes contenant un rapport (log).
Fermer la fenêtre d'Ad-Remover en cliquant sur le bouton Quitter Image.
Fermer le Bloc-notes.


Étape 3: Résultat
Envoyer en réponse:
*- le rapport d'analyse d'Ad-Remover (contenu du fichier %SystemDrive%\Ad-Report-SCAN[n].txt, n étant un numéro d'ordre).
[%SystemDrive% représente la partition sur laquelle est installé le système, généralement C:]

A suivre,
nickW - Image
30/07/2012: Plus de désinfection de PC jusqu'à nouvel ordre.
Pas de demande d'analyse de log en MP (Message Privé)
Mes configs
Avatar de l’utilisateur
nickW
Modérateur
 
Messages: 21698
Inscription: 20 Mai 2004, 17:41
Localisation: Dordogne/Île de France

Re: ouverture intempestive de pages internet

Messagede graceh » 26 Juil 2011, 10:28

Bonjour,

Veuillez trouver ci-dessous le rapport "ad-report scan" :

======= RAPPORT D'AD-REMOVER 2.0.0.2,G | UNIQUEMENT XP/VISTA/7 =======

Mis à jour par TeamXscript le 12/04/11
Contact: AdRemover[DOT]contact[AT]gmail[DOT]com
Site web: http://www.teamxscript.org

C:\Program Files\Ad-Remover\main.exe (SCAN [1]) -> Lancé à 11:14:58 le 26/07/2011, Mode normal

Microsoft Windows XP Professionnel Service Pack 3 (X86)
Grace@SN121463130315 ( )

============== RECHERCHE ==============


Fichier trouvé: C:\WINDOWS\system32\ConduitEngine.tmp
Dossier trouvé: C:\Documents and Settings\Grace\Local Settings\Application Data\Conduit
Dossier trouvé: C:\Documents and Settings\Grace\Application Data\PriceGong
Dossier trouvé: C:\Documents and Settings\All Users\Application Data\Viewpoint
Dossier trouvé: C:\Program Files\Viewpoint
Dossier trouvé: C:\Documents and Settings\Grace\Application Data\OfferBox

Clé trouvée: HKLM\Software\Classes\CLSID\{03F998B2-0E00-11D3-A498-00104B6EB52E}
Clé trouvée: HKLM\Software\Classes\CLSID\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
Clé trouvée: HKLM\Software\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
Clé trouvée: HKLM\Software\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
Clé trouvée: HKLM\Software\Classes\AxMetaStream.MetaStreamCtl
Clé trouvée: HKLM\Software\Classes\AxMetaStream.MetaStreamCtl.1
Clé trouvée: HKLM\Software\Classes\AxMetaStream.MetaStreamCtlSecondary
Clé trouvée: HKLM\Software\Classes\AxMetaStream.MetaStreamCtlSecondary.1
Clé trouvée: HKLM\Software\Classes\Conduit.Engine
Clé trouvée: HKLM\Software\Classes\Toolbar.CT1210541
Clé trouvée: HKLM\Software\Classes\Toolbar.CT2851639
Clé trouvée: HKLM\Software\Classes\Toolbar.CT2966884
Clé trouvée: HKLM\Software\Conduit
Clé trouvée: HKLM\Software\MetaStream
Clé trouvée: HKLM\Software\Viewpoint
Clé trouvée: HKCU\Software\conduitEngine
Clé trouvée: HKCU\Software\FissaSearch
Clé trouvée: HKCU\Software\OfferBox
Clé trouvée: HKCU\Software\PriceGong
Clé trouvée: HKCU\Software\Spointer
Clé trouvée: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
Clé trouvée: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{b41306c6-96d0-442a-bcc4-b0f621e82ce9}
Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\ViewpointMediaPlayer
Clé trouvée: HKLM\Software\Microsoft\Active Setup\Installed Components\{03F998B2-0E00-11D3-A498-00104B6EB52E}
Clé trouvée: HKLM\Software\Microsoft\Active Setup\Installed Components\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
Clé trouvée: HKLM\Software\MozillaPlugins\@viewpoint.com/VMP


============== SCAN ADDITIONNEL ==============

**** Mozilla Firefox Version [5.0.1 (fr)] ****

HKLM_MozillaPlugins\@viewpoint.com/VMP (x)
Searchplugins\bing.xml ( hxxp://www.bing.com/search)
Components\browsercomps.dll (Mozilla Foundation)
HKLM_Extensions|{A27F3FEF-1113-4cfb-A032-8E12D7D8EE70} - C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension\

-- C:\Documents and Settings\Grace\Application Data\Mozilla\FireFox\Profiles\djm5u8hv.default --
Prefs.js - browser.startup.homepage_override.buildID, 20110707182747
Prefs.js - browser.startup.homepage_override.mstone, rv:5.0.1

========================================

**** Internet Explorer Version [8.0.6001.18702] ****

HKCU_Main|Default_Search_URL - hxxp://www.google.com/ie
HKCU_Main|Start Page - hxxp://www.google.fr/
HKLM_Main|Default_Page_URL - hxxp://go.microsoft.com/fwlink/?LinkId=69157
HKLM_Main|Default_Search_URL - hxxp://go.microsoft.com/fwlink/?LinkId=54896
HKLM_Main|Search Page - hxxp://go.microsoft.com/fwlink/?LinkId=54896
HKLM_Main|Start Page - hxxp://www.msn.com/
HKCU_SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b} - "PhotoJoy Bar Customized Web Search" (hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT...)
HKCU_SearchScopes\{b41306c6-96d0-442a-bcc4-b0f621e82ce9} - "Fissa" (hxxp://www.fissa.com/fr/results/?s=b&c= ... K4n&d=2&q={searchTe...)
HKCU_Toolbar\ShellBrowser|{C4069E3A-68F1-403E-B40E-20066696354B} (x)
HKLM_Toolbar|{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} (C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll)
HKCU_ElevationPolicy\{D3DE705E-0BB6-47E6-AB61-6FF78BE040A0} - C:\Program Files\Internet Explorer\minftnet.exe (Synersoft)
HKLM_ElevationPolicy\abc49cdb-4f35-4a8e-865d-bfadb2f0acc5 - C:\Program Files\Online_Sharing\Online_SharingToolbarHelper.exe (x)
HKLM_ElevationPolicy\b2a34fab-3daf-4abe-a516-fe837f86b745 - C:\Program Files\Online_Sharing\Online_SharingToolbarHelper.exe (x)
HKLM_ElevationPolicy\c8392873-6b5b-44c9-9c0e-39b453f5acd3 - C:\Program Files\Online_Sharing\Online_SharingToolbarHelper.exe (x)
HKLM_ElevationPolicy\{A2D14993-7315-4f91-AD76-20605495ED6C} - C:\Program Files\ESTsoft\ALUpdate\ALUpExt.exe (x)
HKLM_ElevationPolicy\{F2632B95-A2AD-4283-B49A-34D4802BA647} - C:\Program Files\ESTsoft\ALUpdate\ALUpdate.exe (x)
HKLM_Extensions\{08B0E5C0-4FCB-11CF-AAA5-00401C608501} - "?" (?)
HKLM_Extensions\{CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - "Real.com" (C:\Program Files\Real\RealPlayer\eb_inact.ico)
HKLM_Extensions\{DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - "?" (?)
HKLM_Extensions\{e2e2dd38-d088-4134-82b7-f2ba38496583} - "?" (?)
BHO\{02478D38-C3F9-4efb-9B51-7695ECA05670} (?)
BHO\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - "avast! WebRep" (C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll)

========================================

C:\Program Files\Ad-Remover\Quarantine: 0 Fichier(s)
C:\Program Files\Ad-Remover\Backup: 2 Fichier(s)

C:\Ad-Report-SCAN[1].txt - 26/07/2011 11:15:37 (4704 Octet(s))

Fin à: 11:16:02, 26/07/2011

============== E.O.F ==============

a l'avance je vous remercie du temps que vous consacrez à mon problème.

Bien cordialement.

HENRY G.
graceh
 
Messages: 5
Inscription: 16 Juil 2011, 13:31

Re: ouverture intempestive de pages internet

Messagede nickW » 26 Juil 2011, 17:14

Bonjour,


Encore des pages publicitaires?

Dans l'affirmative, adresse des sites.

A suivre,
nickW - Image
30/07/2012: Plus de désinfection de PC jusqu'à nouvel ordre.
Pas de demande d'analyse de log en MP (Message Privé)
Mes configs
Avatar de l’utilisateur
nickW
Modérateur
 
Messages: 21698
Inscription: 20 Mai 2004, 17:41
Localisation: Dordogne/Île de France

Re: ouverture intempestive de pages internet

Messagede graceh » 06 Aoû 2011, 08:10

Bonjour,

A l'avance merci de m'avoir aidé, je n'ai plus de page internet qui s'ouvre ; par contre mon ordinateur m'a laché, c'est pourquoi je vous réponds aussi tard ; mais cela faisait quelques jours que je n'avais plus de problème sur internet.

Encore merci.

HENRY G.
graceh
 
Messages: 5
Inscription: 16 Juil 2011, 13:31


Retourner vers Sécurité (Contamination - Décontamination)

Qui est en ligne

Utilisateurs parcourant ce forum: Aucun utilisateur enregistré et 32 invités

cron