Sujet Précédent Sujet Suivant

Probleme de pubs

Résolu/Fermé
laetitia63110 - 3 avril 2011 à 15:38
Malekal_morte- Messages postés 180304 Date d'inscription mercredi 17 mai 2006 Statut Modérateur, Contributeur sécurité Dernière intervention 15 décembre 2020 - 4 avril 2011 à 14:59
Bonjour, je suis envahi de pubs que je sois connectée ou pas, donc après tout les conseils que j'ai lu sur ce forum, j'ai effectué un diagnostique ZHPdiag. le probleme c'est que je sais pas comment le décripter, alors si vous pouviez m'aider ce serait sympa!!!!! un grand merci à vous



6 réponses

Réponse 1 / 6
Malekal_morte- Messages postés 180304 Date d'inscription mercredi 17 mai 2006 Statut Modérateur, Contributeur sécurité Dernière intervention 15 décembre 2020 24 651
3 avril 2011 à 15:38
Salut,


Bienvenue.
Voici la procédure à suivre.
Prière de lire attentivement les instructions pour les suivre correctement.
Bien poster les rapports comme demandés afin de pouvoir les analyser.


Télécharge AD-Remover : http://www.teamxscript.org/adremoverTelechargement.html
Lance le en mode nettoyage
Poste le rapport ici.

ensuite :

Télécharge et installe Malwarebyte : https://www.malekal.com/tutoriel-malwarebyte-anti-malware/
Mets le à jour, fais un scan rapide, supprime tout et poste le rapport ici.
!!! Malwarebyte doit être à jour avant de faire le scan !!!

ensuite :

Tu peux suivre les indications de cette page pour t'aider : https://www.malekal.com/tutorial-otl/

* Télécharge http://www.geekstogo.com/forum/files/file/398-otl-oldtimers-list-it/ sur ton bureau.
(Sous Vista/Win7, il faut cliquer droit sur OTL et choisir Exécuter en tant qu'administrateur)

* Lance OTL
* Sous Peronnalisation, copie-colle ce qu'il y a dans le cadre ci-dessous :
netsvcs
msconfig
safebootminimal
safebootnetwork
activex
drivers32
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%temp%\.exe /s
%SYSTEMDRIVE%\*.exe
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
/md5start
explorer.exe
winlogon.exe
wininit.exe
/md5stop
CREATERESTOREPOINT
nslookup www.google.fr /c
* Clique sur le bouton Analyse.
* Quand le scan est fini, utilise le site http://pjjoint.malekal.com/ pour envoyer les rapports.
Donnes le liens pjjoint ici ensuite pour pouvoir être consultés.
1
laetitia63110
3 avril 2011 à 15:56
merci beaucoup et très rapide!!!
voici le rapport du nettoyage:
======= RAPPORT D'AD-REMOVER 2.0.0.2,F | UNIQUEMENT XP/VISTA/7 =======

Mis à jour par TeamXscript le 01/03/11
Contact: AdRemover[DOT]contact[AT]gmail[DOT]com
Site web: http://www.teamxscript.org

C:\Program Files\Ad-Remover\main.exe (CLEAN [1]) -> Lancé à 15:43:03 le 03/04/2011, Mode normal

Microsoft Windows XP Édition familiale Service Pack 3 (X86)
thibert@PC161562521715 ( )

============== ACTION(S) ==============


Dossier supprimé: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Everest Poker
Dossier supprimé: C:\Program Files\Everest Poker
Dossier supprimé: C:\Documents and Settings\oceane\Application Data\EoRezo
Dossier supprimé: C:\Documents and Settings\thibert\Local Settings\Application Data\EoRezo
Dossier supprimé: C:\Program Files\EoRezo

(!) -- Fichiers temporaires supprimés.


Clé supprimée: HKLM\Software\Classes\CLSID\{C10DC1F4-CCDF-4224-A24D-B23AFC3573C8}
Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C10DC1F4-CCDF-4224-A24D-B23AFC3573C8}
Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C10DC1F4-CCDF-4224-A24D-B23AFC3573C8}
Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C10DC1F4-CCDF-4224-A24D-B23AFC3573C8}
Clé supprimée: HKLM\Software\Classes\Interface\{DF76E9B7-35EC-46FC-AF56-5B79DED9D64F}
Clé supprimée: HKLM\Software\Classes\TypeLib\{18AF7201-4F14-4BCF-93FE-45617CF259FF}
Clé supprimée: HKLM\Software\Classes\EoEngineBHO.EOBHO
Clé supprimée: HKLM\Software\Classes\EoEngineBHO.EOBHO.1
Clé supprimée: HKLM\Software\Classes\AppID\EoEngineBHO.DLL
Clé supprimée: HKLM\Software\Classes\AppID\{AFBB7970-789A-4264-BA70-E8127DECE400}
Clé supprimée: HKLM\Software\EoRezo
Clé supprimée: HKCU\Software\EoRezo
Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\Everest Poker
Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\EoRezo_is1
Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Everest Poker

Valeur supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Run|Eorezo
Valeur supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Run|Softwarehelper


============== SCAN ADDITIONNEL ==============

**** Internet Explorer Version [8.0.6001.18702] ****

HKCU_Main|Default_Page_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
HKCU_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU_Main|Search bar - hxxp://go.microsoft.com/fwlink/?linkid=54896
HKCU_Main|Start Page - hxxp://fr.msn.com/
HKLM_Main|Default_Page_URL - hxxp://go.microsoft.com/fwlink/?LinkId=54896
HKLM_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM_Main|Search bar - hxxp://search.msn.com/spbasic.htm
HKLM_Main|Search Page - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM_Main|Start Page - hxxp://fr.msn.com/
HKCU_SearchScopes\{11B0E3AB-63F4-4E65-B0D2-436B97446D37} - "Kelkoo" (hxxp://fr.kelkoopartners.net/ctl/do/search?siteSearchQuery={searchTerms}&fromfor...)
HKLM_SearchScopes\{11B0E3AB-63F4-4E65-B0D2-436B97446D37} - "Kelkoo" (hxxp://fr.kelkoopartners.net/ctl/do/search?siteSearchQuery={searchTerms}&fromfor...)
HKCU_Toolbar\WebBrowser|{DE9C389F-3316-41A7-809B-AA305ED9D922} (C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll)
HKLM_Toolbar|{DE9C389F-3316-41A7-809B-AA305ED9D922} (C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll)
HKLM_ElevationPolicy\{ADADAEE2-457A-4984-A57C-E01C3A2BA612} - c:\program files\aol\aol toolbar 5.0\AolTbServer.exe (AOL LLC)
HKLM_Extensions\{CCA281CA-C863-46ef-9331-5C8D4460577F} - "@btrez.dll,-4015" (C:\Program Files\WIDCOMM\Bluetooth Software\bt_cold_icon.ico)
HKLM_Extensions\{e2e2dd38-d088-4134-82b7-f2ba38496583} - "?" (?)
BHO\{7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - "AOL Toolbar BHO" (C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll)

========================================

C:\Program Files\Ad-Remover\Quarantine: 145 Fichier(s)
C:\Program Files\Ad-Remover\Backup: 13 Fichier(s)

C:\Ad-Report-CLEAN[1].txt - 03/04/2011 15:43:19 (3655 Octet(s))

Fin à: 15:44:59, 03/04/2011

============== E.O.F ==============
0
laetitia63110
3 avril 2011 à 17:36
et résultat du scan:
Error: Unable to interpret <%ALLUSERSPROFILE%\Application Data\*. > in the current context!
Error: Unable to interpret <%ALLUSERSPROFILE%\Application Data\*.exe /s > in the current context!
Error: Unable to interpret <%APPDATA%\*. > in the current context!
Error: Unable to interpret <%APPDATA%\*.exe /s > in the current context!
Error: Unable to interpret <%temp%\.exe /s > in the current context!
Error: Unable to interpret <%SYSTEMDRIVE%\*.exe > in the current context!
Error: Unable to interpret <%systemroot%\*. /mp /s > in the current context!
Error: Unable to interpret <%systemroot%\system32\*.dll /lockedfiles > in the current context!
Error: Unable to interpret <%systemroot%\Tasks\*.job /lockedfiles > in the current context!
Error: Unable to interpret <%systemroot%\system32\drivers\*.sys /lockedfiles > in the current context!
Error: Unable to interpret <%systemroot%\System32\config\*.sav > in the current context!
Error: Unable to interpret </md5start > in the current context!
Error: Unable to interpret <explorer.exe > in the current context!
Error: Unable to interpret <winlogon.exe > in the current context!
Error: Unable to interpret <wininit.exe > in the current context!
Error: Unable to interpret </md5stop > in the current context!
Error: Unable to interpret <nslookup www.google.fr /c > in the current context!

OTL by OldTimer - Version 3.2.22.3 log created on 04032011_173548
0
laetitia63110
3 avril 2011 à 17:39
merci pour ton aide , j'ai galérée mais j'y serai jamais arrivée sans toi et apparement plus de pubs qui m'inonde!!!! merci et merci!!!!!!
0
Réponse 2 / 6
Malekal_morte- Messages postés 180304 Date d'inscription mercredi 17 mai 2006 Statut Modérateur, Contributeur sécurité Dernière intervention 15 décembre 2020 24 651
3 avril 2011 à 17:41
Pour info tes pubs devaient venir de Eorezo :
Tu as installé des programmes EoRezo, sais-tu que le service transmet certaines informations ? comme par exemple ton adresse, numéro de télephone qui ont été saisis lors de l'inscription ?
EoRezo modifie aussi ta page de démarrge vers lo.st, il se peux aussi que ce site transmettent certaines informations.

Pour plus d'informations se reporter à cette page : https://forum.malekal.com/viewtopic.php?t=18245&start=

Par contre, tu as pas bien suivi les manips pour OTL.
J'aimerai bien voir un rapport pour voir si tu as pas installé d'autres programmes pourris.
0
Réponse 3 / 6
laetitia63110 Messages postés 3 Date d'inscription vendredi 13 novembre 2009 Statut Membre Dernière intervention 4 avril 2011
4 avril 2011 à 13:33
j'envoie le rapport avant correction que j'ai refait:
OTL logfile created on: 04/04/2011 13:04:44 - Run 3
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Documents and Settings\thibert\Bureau
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

894,00 Mb Total Physical Memory | 313,00 Mb Available Physical Memory | 35,00% Memory free
2,00 Gb Paging File | 2,00 Gb Available in Paging File | 75,00% Paging File free
Paging file location(s): C:\pagefile.sys 1344 2688 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 149,04 Gb Total Space | 125,76 Gb Free Space | 84,38% Space Free | Partition Type: NTFS

Computer Name: PC161562521715 | User Name: thibert | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - [2011/04/03 16:59:20 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\thibert\Bureau\OTL.exe
PRC - [2011/03/14 17:31:03 | 000,025,472 | ---- | M] (Uniblue Systems Limited) -- C:\Program Files\Uniblue\RegistryBooster\rbmonitor.exe
PRC - [2011/01/13 10:47:34 | 003,396,624 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
PRC - [2011/01/13 10:47:33 | 000,040,384 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2010/10/29 15:49:28 | 000,249,064 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe
PRC - [2009/07/14 03:54:00 | 000,589,104 | ---- | M] (Hewlett-Packard) -- C:\Program Files\Hewlett-Packard\HP QuickSync\QuickSync.exe
PRC - [2009/07/14 03:54:00 | 000,135,168 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Hewlett-Packard\HP QuickSync\jre\bin\javaw.exe
PRC - [2009/07/13 09:56:02 | 000,458,844 | ---- | M] (IDT, Inc.) -- C:\Program Files\IDT\WDM\sttray.exe
PRC - [2009/07/13 09:56:02 | 000,221,266 | ---- | M] (IDT, Inc.) -- c:\Program Files\IDT\WDM\stacsv.exe
PRC - [2009/07/06 07:06:46 | 000,737,280 | ---- | M] (Andrea Electronics Corporation) -- C:\WINDOWS\system32\AESTFltr.exe
PRC - [2009/06/02 19:05:58 | 000,457,200 | ---- | M] () -- C:\Program Files\Roxio\BackOnTrack\Disaster Recovery\SaibSVC.exe
PRC - [2009/05/05 14:56:52 | 001,451,384 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
PRC - [2009/05/05 14:56:52 | 000,607,584 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
PRC - [2008/12/18 12:05:40 | 000,457,248 | ---- | M] () -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
PRC - [2008/12/18 12:05:40 | 000,191,008 | ---- | M] () -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
PRC - [2008/04/15 14:00:00 | 001,037,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe


[color=#E56717]========== Modules (SafeList) ==========[/color]

MOD - [2011/04/03 16:59:20 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\thibert\Bureau\OTL.exe
MOD - [2011/01/13 10:47:35 | 000,189,728 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\snxhk.dll
MOD - [2010/08/23 18:12:39 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
MOD - [2009/05/05 13:59:54 | 000,094,273 | ---- | M] (Broadcom Corporation.) -- C:\WINDOWS\system32\BtMmHook.dll
MOD - [2009/05/05 13:58:00 | 000,069,697 | ---- | M] () -- C:\Program Files\WIDCOMM\Bluetooth Software\BTKeyInd.dll


[color=#E56717]========== Win32 Services (SafeList) ==========[/color]

SRV - File not found [Disabled | Stopped] -- -- (HidServ)
SRV - File not found [On_Demand | Stopped] -- -- (AppMgmt)
SRV - [2011/01/13 10:47:33 | 000,040,384 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV - [2009/07/13 09:56:02 | 000,221,266 | ---- | M] (IDT, Inc.) [Auto | Running] -- c:\Program Files\IDT\WDM\stacsv.exe -- (STacSV)
SRV - [2009/06/02 19:05:58 | 000,457,200 | ---- | M] () [Auto | Running] -- C:\Program Files\Roxio\BackOnTrack\Disaster Recovery\SaibSVC.exe -- (9734BF6A-2DCD-40f0-BAB0-5AAFEEBE1269)
SRV - [2009/05/22 20:02:20 | 000,250,616 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files\HP Games\HP Game Console\GameConsoleService.exe -- (GameConsoleService)
SRV - [2008/12/18 12:05:40 | 000,457,248 | ---- | M] () [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe -- (ForceWare Intelligent Application Manager (IAM)) ForceWare Intelligent Application Manager (IAM)
SRV - [2008/12/18 12:05:40 | 000,191,008 | ---- | M] () [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe -- (nSvcIp)
SRV - [2008/11/04 02:06:28 | 000,441,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv)
SRV - [2006/10/26 14:03:08 | 000,145,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
SRV - [2004/10/22 03:24:18 | 000,073,728 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- c:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe -- (IDriverT)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - [2011/01/13 10:41:16 | 000,294,608 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2011/01/13 10:40:16 | 000,047,440 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2011/01/13 10:40:04 | 000,100,176 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2011/01/13 10:37:30 | 000,023,632 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2011/01/13 10:37:11 | 000,029,392 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2011/01/13 10:37:09 | 000,017,744 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2009/07/20 15:29:18 | 000,173,952 | ---- | M] (SMI) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SMIksdrv.sys -- (usbsmi)
DRV - [2009/07/13 09:56:02 | 001,643,235 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sthda.sys -- (STHDA)
DRV - [2009/07/09 01:25:16 | 000,212,528 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Apfiltr.sys -- (ApfiltrService)
DRV - [2009/07/01 23:10:54 | 000,103,792 | ---- | M] (Sonic Solutions) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\syscow32x.sys -- (SysCow)
DRV - [2009/06/02 02:57:44 | 001,746,432 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\BCMWL5.SYS -- (BCM43XX)
DRV - [2009/06/02 01:00:00 | 000,025,584 | ---- | M] (Sonic Solutions) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\SaibVd32.sys -- (SaibVd32)
DRV - [2009/06/02 01:00:00 | 000,021,488 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\SahdIa32.sys -- (SahdIa32)
DRV - [2009/06/02 01:00:00 | 000,015,856 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\SaibIa32.sys -- (SaibIa32)
DRV - [2009/05/11 20:49:00 | 000,056,480 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvhda32.sys -- (NVHDA)
DRV - [2009/05/07 02:01:38 | 000,156,816 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btwdndis.sys -- (BTWDNDIS)
DRV - [2009/05/07 02:01:38 | 000,047,272 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btwusb.sys -- (BTWUSB)
DRV - [2009/05/07 02:01:38 | 000,037,160 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btport.sys -- (BTDriver)
DRV - [2009/05/07 02:01:36 | 000,992,424 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btkrnl.sys -- (BTKRNL)
DRV - [2009/05/07 02:01:36 | 000,534,312 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btaudio.sys -- (btaudio)
DRV - [2009/04/21 03:13:34 | 000,113,664 | ---- | M] (Andrea Electronics Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AESTAud.sys -- (AESTAud)
DRV - [2008/11/13 03:58:00 | 000,145,952 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\nvgts.sys -- (nvgts)
DRV - [2008/08/25 13:22:00 | 000,014,208 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvsmu.sys -- (nvsmu)
DRV - [2008/08/01 21:36:00 | 000,054,784 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD)
DRV - [2008/08/01 21:36:00 | 000,022,016 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus)
DRV - [2008/04/14 03:35:40 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139) Pilote NT de carte Realtek PCI Fast Ethernet à base RTL8139(A/B/C)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



O1 HOSTS File: ([2008/04/15 14:00:00 | 000,000,790 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (AOL Toolbar BHO) - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll (AOL LLC)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.6209.1142\swg.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (AOL Toolbar) - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll (AOL LLC)
O3 - HKCU\..\Toolbar\WebBrowser: (AOL Toolbar) - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll (AOL LLC)
O4 - HKLM..\Run: [Adobe ARM] C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AESTFltr] C:\WINDOWS\System32\AESTFltr.exe (Andrea Electronics Corporation)
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [HP] C:\Program Files\Hewlett-Packard\HP QuickSync\QuickSync.exe (Hewlett-Packard)
O4 - HKLM..\Run: [KernelFaultCheck] File not found
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [SoftwareHelper] File not found
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray.exe (IDT, Inc.)
O4 - HKCU..\Run: [RegistryBooster] C:\Program Files\Uniblue\RegistryBooster\launcher.exe (Uniblue Systems Limited)
O4 - Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\BTTray.lnk = C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: &Recherche AOL Toolbar - C:\Documents and Settings\All Users\Application Data\AOL\ieToolbar\resources\fr-FR\local\search.html ()
O8 - Extra context menu item: Envoyer à Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O8 - Extra context menu item: Envoyer au périphérique &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll (Google Inc.)
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\system32\nvLsp.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\WINDOWS\system32\nvLsp.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\WINDOWS\system32\nvLsp.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\WINDOWS\system32\nvLsp.dll (NVIDIA)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Fichiers communs\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Ma page d'accueil) - About:Home
O24 - Desktop WallPaper: C:\WINDOWS\Firestorm High.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Firestorm High.bmp
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: AppMgmt - File not found
NetSvcs: HidServ - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found


SafeBootMin: AppMgmt - File not found
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: sermouse.sys - Driver
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vga.sys - Driver
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

SafeBootNet: AppMgmt - File not found
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: sermouse.sys - Driver
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vga.sys - Driver
SafeBootNet: {1a3e09be-1e45-494b-9174-d7385b45bbf5} -
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Rendu VML (Vector Graphics Rendering)
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 6.4
ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Liaison de données Dynamic HTML pour Java
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe
ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Création avancée
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install
ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - Classes Java DirectAnimation
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.7
ActiveX: {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser
ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {73fa19d0-2d75-11d2-995d-00c04f98bbc9} - Web Folders
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\WINDOWS\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - c:\WINDOWS\system32\Rundll32.exe c:\WINDOWS\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {ACC563BC-4266-43f0-B6ED-9D38C4202C7E} -
ActiveX: {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} - .NET Framework
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Planificateur de tâches
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\WINDOWS\system32\ieudinit.exe
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\WINDOWS\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE

Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)

CREATERESTOREPOINT
Error starting restore point: System Restore is disabled.
Error closing restore point: System Restore is disabled.

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2011/04/03 17:35:48 | 000,000,000 | ---D | C] -- C:\_OTL
[2011/04/03 16:41:39 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\thibert\Bureau\OTL.exe
[2011/04/03 16:20:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\thibert\Application Data\Uniblue
[2011/04/03 16:20:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Uniblue
[2011/04/03 16:20:37 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Application Data\{AB2D8F2E-F7AD-4446-A11A-50D846B2CF2A}
[2011/04/03 16:20:36 | 000,000,000 | ---D | C] -- C:\Program Files\Uniblue
[2011/04/03 16:14:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\thibert\Local Settings\Application Data\PackageAware
[2011/04/03 15:42:57 | 000,000,000 | ---D | C] -- C:\Program Files\Ad-Remover
[2011/04/03 15:06:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\ZHP
[2011/04/03 15:06:10 | 000,000,000 | ---D | C] -- C:\Program Files\ZHPDiag
[2011/04/03 15:05:05 | 002,373,230 | ---- | C] (Nicolas Coolman ) -- C:\Documents and Settings\thibert\Bureau\ZHPDiag2.exe
[2011/04/03 14:18:31 | 000,000,000 | ---D | C] -- C:\Navilog1
[2011/03/26 22:00:03 | 000,000,000 | R--D | C] -- C:\Documents and Settings\thibert\Mes documents\Mes vidéos
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2011/04/04 13:12:00 | 000,000,434 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{1C8086E6-B6E6-43EA-B7D1-B7C0B91E908E}.job
[2011/04/04 12:44:28 | 000,000,282 | ---- | M] () -- C:\WINDOWS\tasks\BackOnTrack Instant Restore Idle.job
[2011/04/04 12:44:00 | 000,236,466 | ---- | M] () -- C:\WINDOWS\System32\NvApps.xml
[2011/04/04 12:43:50 | 000,001,050 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011/04/04 12:43:48 | 000,000,268 | ---- | M] () -- C:\WINDOWS\tasks\RegistryBooster.job
[2011/04/04 12:43:01 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/04/04 12:42:56 | 937,398,272 | -HS- | M] () -- C:\hiberfil.sys
[2011/04/03 21:17:00 | 000,001,054 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011/04/03 16:59:20 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\thibert\Bureau\OTL.exe
[2011/04/03 16:20:43 | 000,001,736 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Uniblue RegistryBooster.lnk
[2011/04/03 16:20:43 | 000,001,719 | ---- | M] () -- C:\Documents and Settings\thibert\Application Data\Microsoft\Internet Explorer\Quick Launch\Uniblue RegistryBooster.lnk
[2011/04/03 15:42:59 | 000,001,554 | ---- | M] () -- C:\Documents and Settings\thibert\Bureau\AD-R.lnk
[2011/04/03 15:18:33 | 000,000,673 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\MBRCheck.lnk
[2011/04/03 15:18:33 | 000,000,666 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\ZHPDiag.lnk
[2011/04/03 15:18:33 | 000,000,661 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\ZHPFix.lnk
[2011/04/03 15:10:10 | 000,000,512 | ---- | M] () -- C:\PhysicalDisk0_MBR.bin
[2011/04/03 15:05:38 | 002,373,230 | ---- | M] (Nicolas Coolman ) -- C:\Documents and Settings\thibert\Bureau\ZHPDiag2.exe
[2011/04/03 14:18:24 | 000,231,564 | ---- | M] () -- C:\Documents and Settings\thibert\Bureau\Navilog1.exe
[2011/04/03 14:03:23 | 000,189,382 | ---- | M] () -- C:\Documents and Settings\thibert\Bureau\Navilog1.zip
[2011/04/03 01:00:40 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2011/04/03 01:00:40 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2011/04/02 00:16:19 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011/04/01 22:08:46 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/03/30 18:47:28 | 000,501,110 | ---- | M] () -- C:\WINDOWS\System32\perfh00C.dat
[2011/03/30 18:47:28 | 000,432,690 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011/03/30 18:47:28 | 000,080,946 | ---- | M] () -- C:\WINDOWS\System32\perfc00C.dat
[2011/03/30 18:47:28 | 000,067,646 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011/03/27 16:17:11 | 000,000,412 | ---- | M] () -- C:\Documents and Settings\thibert\Mes documents\spider.sav
[2011/03/26 21:59:41 | 000,000,800 | ---- | M] () -- C:\Documents and Settings\thibert\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk
[2011/03/26 21:59:41 | 000,000,782 | ---- | M] () -- C:\Documents and Settings\thibert\Bureau\Windows Media Player.lnk
[2011/03/21 23:21:28 | 000,001,729 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Adobe Reader 9.lnk
[2011/03/16 22:53:29 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2011/04/03 16:20:53 | 000,000,268 | ---- | C] () -- C:\WINDOWS\tasks\RegistryBooster.job
[2011/04/03 16:20:43 | 000,001,736 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Uniblue RegistryBooster.lnk
[2011/04/03 16:20:43 | 000,001,719 | ---- | C] () -- C:\Documents and Settings\thibert\Application Data\Microsoft\Internet Explorer\Quick Launch\Uniblue RegistryBooster.lnk
[2011/04/03 15:42:59 | 000,001,554 | ---- | C] () -- C:\Documents and Settings\thibert\Bureau\AD-R.lnk
[2011/04/03 15:10:10 | 000,000,512 | ---- | C] () -- C:\PhysicalDisk0_MBR.bin
[2011/04/03 15:06:17 | 000,000,673 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\MBRCheck.lnk
[2011/04/03 15:06:17 | 000,000,666 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\ZHPDiag.lnk
[2011/04/03 15:06:17 | 000,000,661 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\ZHPFix.lnk
[2011/04/03 14:18:15 | 000,231,564 | ---- | C] () -- C:\Documents and Settings\thibert\Bureau\Navilog1.exe
[2011/04/03 14:03:02 | 000,189,382 | ---- | C] () -- C:\Documents and Settings\thibert\Bureau\Navilog1.zip
[2011/04/03 01:04:25 | 000,000,927 | ---- | C] () -- C:\Documents and Settings\thibert\Menu Démarrer\Programmes\Favoris Bluetooth.lnk
[2011/04/03 01:00:40 | 000,000,000 | RHS- | C] () -- C:\MSDOS.SYS
[2011/04/03 01:00:40 | 000,000,000 | RHS- | C] () -- C:\IO.SYS
[2011/04/02 00:16:19 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011/03/26 21:59:41 | 000,000,800 | ---- | C] () -- C:\Documents and Settings\thibert\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk
[2011/03/26 21:59:40 | 000,000,782 | ---- | C] () -- C:\Documents and Settings\thibert\Bureau\Windows Media Player.lnk
[2010/01/26 03:37:01 | 000,163,840 | ---- | C] () -- C:\WINDOWS\System32\SM37XCoInst.dll
[2009/08/23 09:41:47 | 000,030,194 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2009/08/23 08:37:16 | 000,004,984 | ---- | C] () -- C:\WINDOWS\System32\drivers\nvphy.bin
[2009/06/27 14:01:00 | 001,580,550 | ---- | C] () -- C:\WINDOWS\System32\nvdata.bin
[2009/06/26 16:32:34 | 001,724,416 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2009/06/26 16:32:34 | 001,657,376 | ---- | C] () -- C:\WINDOWS\System32\nwiz.exe
[2009/06/26 16:32:34 | 001,507,328 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2009/06/26 16:32:34 | 001,101,824 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2009/06/26 16:32:34 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2009/06/26 16:32:34 | 000,449,056 | ---- | C] () -- C:\WINDOWS\System32\nvappbar.exe
[2009/05/05 14:00:32 | 002,854,976 | ---- | C] () -- C:\WINDOWS\System32\btwicons.dll
[2009/04/14 13:55:26 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2009/04/14 13:55:22 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2009/04/14 13:23:52 | 000,501,110 | ---- | C] () -- C:\WINDOWS\System32\perfh00C.dat
[2009/04/14 13:23:52 | 000,432,690 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2009/04/14 13:23:52 | 000,080,946 | ---- | C] () -- C:\WINDOWS\System32\perfc00C.dat
[2009/04/14 13:23:52 | 000,067,646 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2009/04/14 13:18:24 | 000,216,064 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2009/04/14 13:15:34 | 000,004,205 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2009/04/14 13:14:00 | 000,021,892 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2008/04/15 14:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2008/04/15 14:00:00 | 000,322,810 | ---- | C] () -- C:\WINDOWS\System32\perfi00C.dat
[2008/04/15 14:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2008/04/15 14:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2008/04/15 14:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2008/04/15 14:00:00 | 000,034,108 | ---- | C] () -- C:\WINDOWS\System32\perfd00C.dat
[2008/04/15 14:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2008/04/15 14:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2008/04/15 14:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin
[2008/04/15 14:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2002/05/29 07:55:42 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2002/05/29 07:54:40 | 000,004,605 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2001/11/14 14:56:00 | 001,802,240 | ---- | C] () -- C:\WINDOWS\System32\lcppn21.dll

[color=#E56717]========== Custom Scans ==========[/color]


[color=#A23BEC]< %ALLUSERSPROFILE%\Application Data\*. >[/color]
[2010/02/07 13:02:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Adobe
[2010/05/10 20:33:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Alwil Software
[2009/08/23 09:17:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AOL
[2010/01/26 22:19:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Google
[2009/08/23 09:09:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\InstallShield
[2010/08/16 19:46:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\McAfee
[2010/09/10 00:11:10 | 000,000,000 | --SD | M] -- C:\Documents and Settings\All Users\Application Data\Microsoft
[2011/01/12 21:36:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Microsoft Help
[2010/03/29 19:52:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Norton
[2009/08/23 08:19:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NortonInstaller
[2009/08/23 09:10:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sonic
[2010/06/29 21:26:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sun
[2010/01/28 18:36:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Symantec
[2009/08/23 09:11:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Uninstall
[2009/08/23 09:37:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WildTangent
[2010/12/12 12:36:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
[2011/04/03 16:20:37 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{AB2D8F2E-F7AD-4446-A11A-50D846B2CF2A}

[color=#A23BEC]< %ALLUSERSPROFILE%\Application Data\*.exe /s >[/color]
[2011/03/21 15:54:52 | 003,003,784 | ---- | M] (Uniblue Systems Ltd ) -- C:\Documents and Settings\All Users\Application Data\{AB2D8F2E-F7AD-4446-A11A-50D846B2CF2A}\bm_installer.exe
[2011/02/26 23:01:17 | 000,523,440 | ---- | M] (Google Inc.) -- C:\Documents and Settings\All Users\Application Data\Google\Google Toolbar\Update\GoogleToolbarInstaller_updater_signed.exe
[2009/07/15 09:39:38 | 004,884,976 | ---- | M] (Sonic Solutions) -- C:\Documents and Settings\All Users\Application Data\Uninstall\{32F9BACF-FCD3-4B6A-AD85-255A449B6FA5}\setup.exe
[2009/04/14 04:58:14 | 116,149,016 | ---- | M] (WildTangent) -- C:\Documents and Settings\All Users\Application Data\WildTangent\0a8cc89f-0959-4987-999e-2db5ac300ca4-extr.exe
[2009/04/14 04:48:46 | 025,432,456 | ---- | M] (WildTangent) -- C:\Documents and Settings\All Users\Application Data\WildTangent\10dbb1bc-ef1b-4c2e-9bea-aaba3f42532c-extr.exe
[2009/04/24 08:37:40 | 103,123,728 | ---- | M] (WildTangent) -- C:\Documents and Settings\All Users\Application Data\WildTangent\134726E5-0682-43C5-8AA2-DD4D6A866DD4-extr.exe
[2009/04/14 04:37:20 | 066,632,544 | ---- | M] (WildTangent) -- C:\Documents and Settings\All Users\Application Data\WildTangent\1e415607-f8a5-481a-99f7-ff818ace4ecb-extr.exe
[2009/04/14 04:58:02 | 373,712,560 | ---- | M] (WildTangent) -- C:\Documents and Settings\All Users\Application Data\WildTangent\1f374c65-f73a-4b65-a27b-52695d80f68c-extr.exe
[2009/04/14 17:50:14 | 026,023,208 | ---- | M] (WildTangent) -- C:\Documents and Settings\All Users\Application Data\WildTangent\2698CE7D-5E0F-45A5-B451-557D8A56C3B9-extr.exe
[2009/04/14 17:56:34 | 070,782,672 | ---- | M] (WildTangent) -- C:\Documents and Settings\All Users\Application Data\WildTangent\27ad6122-ae46-4a13-a1d4-e8e30df8542d-extr.exe
[2009/04/14 18:22:38 | 018,465,576 | ---- | M] (WildTangent) -- C:\Documents and Settings\All Users\Application Data\WildTangent\396dddb2-e59d-44c3-9321-6a2dc7f717a3-extr.exe
[2009/04/14 17:18:56 | 262,299,152 | ---- | M] (WildTangent) -- C:\Documents and Settings\All Users\Application Data\WildTangent\3edea465-61b0-4949-97e6-2cdc82169b9f-extr.exe
[2009/04/24 11:13:06 | 328,030,000 | ---- | M] (WildTangent) -- C:\Documents and Settings\All Users\Application Data\WildTangent\4189e5c0-7eb4-4f54-b7b4-4228a8b03698-extr.exe
[2009/04/24 13:09:16 | 217,178,016 | ---- | M] (WildTangent) -- C:\Documents and Settings\All Users\Application Data\WildTangent\498f27ac-d243-469d-a451-4a557418d77d-extr.exe
[2009/04/24 14:29:02 | 155,359,672 | ---- | M] (WildTangent) -- C:\Documents and Settings\All Users\Application Data\WildTangent\49edfae8-e0cc-45fb-96e6-d60571dd122d-extr.exe
[2009/04/14 17:51:40 | 024,343,096 | ---- | M] (WildTangent) -- C:\Documents and Settings\All Users\Application Data\WildTangent\4bae280a-b121-48bd-9d2c-ec5f3103c761-extr.exe
[2009/04/14 04:04:08 | 043,609,640 | ---- | M] (WildTangent) -- C:\Documents and Settings\All Users\Application Data\WildTangent\5446413b-8694-4af0-86d1-11f30157ac5c-extr.exe
[2009/04/14 04:44:44 | 014,411,352 | ---- | M] (WildTangent) -- C:\Documents and Settings\All Users\Application Data\WildTangent\6B2E06FE-9D3B-476F-A58A-28CD98C654B5-extr.exe
[2009/04/14 18:15:00 | 085,341,344 | ---- | M] (WildTangent) -- C:\Documents and Settings\All Users\Application Data\WildTangent\6e41fe57-1e36-4f26-9b0c-cc7c2417a7d9-extr.exe
[2009/04/24 11:40:10 | 067,277,480 | ---- | M] (WildTangent) -- C:\Documents and Settings\All Users\Application Data\WildTangent\6E7DD52D-205E-4D6D-AF6A-0C34703DFA61-extr.exe
[2009/04/14 18:09:10 | 059,668,896 | ---- | M] (WildTangent) -- C:\Documents and Settings\All Users\Application Data\WildTangent\7c599483-924b-4639-bf41-5308bc517100-extr.exe
[2009/04/14 17:43:24 | 046,883,072 | ---- | M] (WildTangent) -- C:\Documents and Settings\All Users\Application Data\WildTangent\93fc267c-7cef-4feb-9dfa-20c0d602290a-extr.exe
[2009/04/14 17:48:20 | 023,390,080 | ---- | M] (WildTangent) -- C:\Documents and Settings\All Users\Application Data\WildTangent\951226E3-26FC-40BC-8085-3677B1128F59-extr.exe
[2009/04/24 13:40:52 | 215,250,816 | ---- | M] (WildTangent) -- C:\Documents and Settings\All Users\Application Data\WildTangent\b39b5240-8cc9-4d1a-9cd3-2282de842a83-extr.exe
[2009/04/24 15:52:10 | 046,878,152 | ---- | M] (WildTangent) -- C:\Documents and Settings\All Users\Application Data\WildTangent\BC3D43F7-BC64-490D-92B5-D2AABEC7FA85-extr.exe
[2009/04/14 04:54:28 | 059,886,032 | ---- | M] (WildTangent) -- C:\Documents and Settings\All Users\Application Data\WildTangent\c5369c80-0ca2-43c4-b630-967110121b2e-extr.exe
[2009/04/24 15:31:46 | 034,288,056 | ---- | M] (WildTangent) -- C:\Documents and Settings\All Users\Application Data\WildTangent\C8DEFEB5-AFE9-48D0-A9E6-355F537F0BAD-extr.exe
[2009/04/14 17:40:48 | 132,779,872 | ---- | M] (WildTangent) -- C:\Documents and Settings\All Users\Application Data\WildTangent\d56c73f0-825e-4251-80d1-ebfe72def794-extr.exe
[2009/04/14 17:35:16 | 014,181,696 | ---- | M] (WildTangent) -- C:\Documents and Settings\All Users\Application Data\WildTangent\e551d534-a4ef-4dac-9c20-c80b2c806ad8-extr.exe
[2009/04/14 17:22:42 | 047,550,352 | ---- | M] (WildTangent) -- C:\Documents and Settings\All Users\Application Data\WildTangent\e57d92b4-3a89-46b1-9328-7142e56478ff-extr.exe
[2009/04/14 17:46:14 | 048,113,568 | ---- | M] (WildTangent) -- C:\Documents and Settings\All Users\Application Data\WildTangent\f405496e-4cd5-4891-a8bc-3e58bd47b25c-extr.exe
[2009/04/24 07:23:00 | 364,784,016 | ---- | M] (WildTangent) -- C:\Documents and Settings\All Users\Application Data\WildTangent\f861818d-0203-40cd-a8cb-66fadf969fdd-extr.exe
[2009/04/14 17:16:06 | 045,817,568 | ---- | M] (WildTangent) -- C:\Documents and Settings\All Users\Application Data\WildTangent\fb65380e-3812-44f7-bbec-128e82369adf-extr.exe
[2009/04/28 19:08:34 | 013,075,488 | ---- | M] (WildTangent) -- C:\Documents and Settings\All Users\Application Data\WildTangent\oem-eula.exe

[color=#A23BEC]< %APPDATA%\*. >[/color]
[2010/01/28 21:37:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\thibert\Application Data\Adobe
[2010/01/26 22:21:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\thibert\Application Data\Google
[2009/08/23 10:00:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\thibert\Application Data\hpqLog
[2009/08/23 15:54:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\thibert\Application Data\Identities
[2009/08/23 09:16:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\thibert\Application Data\Macromedia
[2011/04/03 01:30:12 | 000,000,000 | --SD | M] -- C:\Documents and Settings\thibert\Application Data\Microsoft
[2009/08/23 09:09:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\thibert\Application Data\Roxio Log Files
[2009/08/23 09:46:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\thibert\Application Data\Sun
[2011/04/03 16:20:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\thibert\Application Data\Uniblue
[2011/04/03 01:00:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\thibert\Application Data\vlc

[color=#A23BEC]< %APPDATA%\*.exe /s >[/color]

[color=#A23BEC]< %temp%\.exe /s >[/color]

[color=#A23BEC]< %SYSTEMDRIVE%\*.exe >[/color]

[color=#A23BEC]< %systemroot%\*. /mp /s >[/color]

[color=#A23BEC]< %systemroot%\system32\*.dll /lockedfiles >[/color]
[2009/03/08 04:31:44 | 000,348,160 | ---- | M] (Microsoft Corporation)[b] Unable to obtain MD5[/b] -- C:\WINDOWS\system32\dxtmsft.dll
[2009/03/08 04:31:38 | 000,216,064 | ---- | M] (Microsoft Corporation)[b] Unable to obtain MD5[/b] -- C:\WINDOWS\system32\dxtrans.dll
[2010/12/21 01:53:03 | 000,184,320 | ---- | M] (Microsoft Corporation)[b] Unable to obtain MD5[/b] -- C:\WINDOWS\system32\iepeers.dll
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

[color=#A23BEC]< %systemroot%\Tasks\*.job /lockedfiles >[/color]

[color=#A23BEC]< %systemroot%\system32\drivers\*.sys /lockedfiles >[/color]

[color=#A23BEC]< %systemroot%\System32\config\*.sav >[/color]
[2009/04/14 15:08:12 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2009/04/14 15:08:12 | 001,069,056 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2009/04/14 15:08:12 | 000,430,080 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav


[color=#A23BEC]< MD5 for: EXPLORER.EXE >[/color]
[2008/04/15 14:00:00 | 001,037,824 | ---- | M] (Microsoft Corporation) MD5=F2317622D29F9FF0F88AEECD5F60F0DD -- C:\WINDOWS\explorer.exe

[color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color]
[2008/04/15 14:00:00 | 000,512,000 | ---- | M] (Microsoft Corporation) MD5=DD73D6B9F6B4CB630CF35B438B540174 -- C:\WINDOWS\system32\winlogon.exe

[color=#A23BEC]< nslookup www.google.fr /c >[/color]
Serveur : livebox.home
Address: 192.168.1.1
Nom : www.l.google.com
Addresses: 209.85.146.104, 209.85.146.105, 209.85.146.147, 209.85.146.99
209.85.146.103, 209.85.146.106
Aliases: WWW.GOOGLE.FR, www.google.com

< End of report >
0
Réponse 4 / 6
laetitia63110 Messages postés 3 Date d'inscription vendredi 13 novembre 2009 Statut Membre Dernière intervention 4 avril 2011
4 avril 2011 à 13:34
et maintenant celui après correction:
Error: Unable to interpret <%ALLUSERSPROFILE%\Application Data\*. > in the current context!
Error: Unable to interpret <%ALLUSERSPROFILE%\Application Data\*.exe /s > in the current context!
Error: Unable to interpret <%APPDATA%\*. > in the current context!
Error: Unable to interpret <%APPDATA%\*.exe /s > in the current context!
Error: Unable to interpret <%temp%\.exe /s > in the current context!
Error: Unable to interpret <%SYSTEMDRIVE%\*.exe > in the current context!
Error: Unable to interpret <%systemroot%\*. /mp /s > in the current context!
Error: Unable to interpret <%systemroot%\system32\*.dll /lockedfiles > in the current context!
Error: Unable to interpret <%systemroot%\Tasks\*.job /lockedfiles > in the current context!
Error: Unable to interpret <%systemroot%\system32\drivers\*.sys /lockedfiles > in the current context!
Error: Unable to interpret <%systemroot%\System32\config\*.sav > in the current context!
Error: Unable to interpret </md5start > in the current context!
Error: Unable to interpret <explorer.exe > in the current context!
Error: Unable to interpret <winlogon.exe > in the current context!
Error: Unable to interpret <wininit.exe > in the current context!
Error: Unable to interpret </md5stop > in the current context!
Error: Unable to interpret <nslookup www.google.fr /c > in the current context!

OTL by OldTimer - Version 3.2.22.3 log created on 04042011_132507
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 6
Malekal_morte- Messages postés 180304 Date d'inscription mercredi 17 mai 2006 Statut Modérateur, Contributeur sécurité Dernière intervention 15 décembre 2020 24 651
4 avril 2011 à 13:35
RegistryBooster = grosse Daube limite arnaque.
A désinstaller.


Avast! est à jour ? la dernière version est la 6 ?

Sinon fais plus attention à ce que tu télécharges.


Fais plus attention à l'avenir....

Maintiens tes logiciel à jour c'est important, utilise ce programme : /faq/13362-mettre-a-jour-son-pc-contre-les-failles-de-securite
Absolument à faire.

Les antivirus ne font pas tout en ce qui concerne la sécurité de ta machine (mettre à jour ses logiciels etc etc)
La meilleur protection reste de connaître les infections pour pouvoir les éviter et avoir de bonne habitude.
Donc faut se documenter.

Un peu de lecture pour éviter les infections :
- connaitre et éviter les infections : https://www.malekal.com/fichiers/projetantimalwares/ProjetAntiMalware-courte.pdf
- sécuriser son PC : http://forum.malekal.com/comment-securiser-son-ordinateur.html
- lire : http://www.commentcamarche.net/faq/27128-malwares-quels-enjeux-version-synthese

Ce qu'il ne faut pas faire :
Je télécharge n'importe quoi - je m'infecte :
https://forums.commentcamarche.net/forum/affich-19719198-onglets-pub-intempestifs#14
https://forums.commentcamarche.net/forum/affich-18347759-le-nouveau-avast-sonne-trop-souvent#9
Je télécharge depuis n'importe où - je m'infecte : https://forums.commentcamarche.net/forum/affich-19916973-clickpotato-vlc-virus#6
Recommandations sur la sécurité : https://forums.commentcamarche.net/forum/affich-18680013-windows-7-et-antispyware#1

Fonctionnement de quelques catégories de malwares :
https://forums.commentcamarche.net/forum/affich-17725521-virus-programme-troyen
https://forums.commentcamarche.net/forum/affich-17746390-concernant-la-propagation-des-virus

Si tu as des questions sur le fonctionement des malwares.
N'hésite pas.

0
Réponse 6 / 6
laetitia63110 Messages postés 3 Date d'inscription vendredi 13 novembre 2009 Statut Membre Dernière intervention 4 avril 2011
4 avril 2011 à 14:51
salut j'ai mis à jour avast et supprimer RegistryBooster!!!!et je vais télécharger le logiciel que tu me conseilles... en tout cas un grand merci à toi pour le temps passé à m'aider,je vais etre plus prudente à l'avenir!!!!!!! encore merci
0
Malekal_morte- Messages postés 180304 Date d'inscription mercredi 17 mai 2006 Statut Modérateur, Contributeur sécurité Dernière intervention 15 décembre 2020 24 651
4 avril 2011 à 14:59
pas de prb :)
0

Discussions similaires

apparation intempestives de pub type site de rencontre et photo dans le même ton
Crokino -
Crokino -

6 réponses
M6 Replay désactiver le bloqueur de publicité
katydel88 -
Mathieu -

14 réponses
Candy crush
eric2850 -
MPMP10 -

6 réponses
Publicités : même son coupé, elles sont à fond
Leboss104 -
loisou17 -

5 réponses