Pubs intempestives IE

Résolu
oni Messages postés 34 Statut Membre -  
oni Messages postés 34 Statut Membre -
Bonjour,

J'ai depuis quelques temps des ouvertures de fenêtres Chrome et/ou IE contenant des pubs (alors que je crois n'avoir jamais lancé IE), c'est probablement un virus..

J'ai fais un coup de Malwarebyte sans résultat
J'ai essayé Hijackthis mais rien de "nasty" après je sais pas trop..
Je viens de lancer OTL mais je ne sais pas comment lire ce rapport :O

Je met plus bas le rapport OTL au cas ou quelqu'un sache/veuille bien le lire.
Sinon si vous avez une solution merci ^^










Rapport OTL


OTL logfile created on: 14/05/2012 13:43:47 - Run 1
OTL by OldTimer - Version 3.2.43.0 Folder = C:\Users\Romain\Desktop
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 0000040c | Country: France | Language: FRA | Date Format: dd/MM/yyyy

7,98 Gb Total Physical Memory | 6,35 Gb Available Physical Memory | 79,58% Memory free
15,97 Gb Paging File | 14,06 Gb Available in Paging File | 88,05% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 111,69 Gb Total Space | 35,61 Gb Free Space | 31,88% Space Free | Partition Type: NTFS
Drive E: | 931,51 Gb Total Space | 682,07 Gb Free Space | 73,22% Space Free | Partition Type: NTFS

Computer Name: PC-ROMAIN | User Name: Romain | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - [2012/05/14 13:41:07 | 000,595,456 | ---- | M] (OldTimer Tools) -- C:\Users\Romain\Desktop\OTL.exe
PRC - [2012/05/04 15:31:46 | 000,544,432 | ---- | M] (Boxore OU) -- C:\Program Files (x86)\Boxore\BoxoreClient\boxore.exe
PRC - [2012/04/04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012/04/04 15:56:38 | 000,462,408 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2012/03/27 15:05:36 | 000,990,056 | ---- | M] (Tuto4PC) -- C:\Users\Romain\AppData\Roaming\Tuto4pc\Tuto4pc\UpdateTuto4PCHP.exe
PRC - [2012/03/27 15:05:34 | 004,651,880 | ---- | M] (Tuto4PC) -- C:\Program Files (x86)\Tuto4pc\tuto4pc.exe
PRC - [2012/03/07 01:15:17 | 004,241,512 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2012/03/07 01:15:14 | 000,044,768 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2012/02/29 14:26:46 | 000,382,272 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2012/01/03 15:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011/03/24 06:37:18 | 000,493,384 | ---- | M] (Splashtop Inc.) -- C:\Program Files (x86)\Splashtop\Splashtop Connect Firefox Software Updater\WCUService.exe
PRC - [2011/03/22 10:37:16 | 000,497,480 | ---- | M] (Splashtop Inc.) -- C:\Program Files (x86)\Splashtop\Splashtop Connect IE Software Updater\WCUService.exe
PRC - [2011/02/09 14:20:42 | 000,013,336 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2010/11/21 05:24:27 | 000,257,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
PRC - [2010/11/15 13:21:56 | 000,841,544 | ---- | M] (Splashtop Inc.) -- C:\Program Files (x86)\Splashtop\Splashtop Connect\ZyngaGamesAgent.exe
PRC - [2010/11/15 13:21:54 | 000,477,000 | ---- | M] (Splashtop Inc.) -- C:\Program Files (x86)\Splashtop\Splashtop Connect\BackService.exe
PRC - [2010/04/22 16:05:26 | 001,011,712 | ---- | M] (Gigabyte Technology CO., LTD.) -- C:\Program Files (x86)\GIGABYTE\smart6\timelock\AlarmClock.exe
PRC - [2009/12/01 15:13:08 | 000,035,880 | ---- | M] () -- C:\Program Files (x86)\GIGABYTE\smart6\dbios\SDBMSG.exe
PRC - [2009/10/13 17:39:46 | 000,114,688 | ---- | M] (Gigabyte Technology CO., LTD.) -- C:\Program Files (x86)\GIGABYTE\smart6\timelock\TimeMgmtDaemon.exe
PRC - [2009/06/17 17:13:06 | 000,068,136 | ---- | M] () -- C:\Program Files (x86)\GIGABYTE\EnergySaver2\des2svr.exe
PRC - [2009/01/26 15:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
PRC - [2007/09/02 13:58:52 | 000,495,616 | ---- | M] () -- E:\Programmes\RocketDock\RocketDock.exe


[color=#E56717]========== Modules (No Company Name) ==========[/color]

MOD - [2012/05/11 15:16:30 | 012,433,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\90555968565afd59bce4b0974e9903bd\System.Windows.Forms.ni.dll
MOD - [2012/05/11 15:16:25 | 001,590,784 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\69f6e582cb79f107c61308b468c1a215\System.Drawing.ni.dll
MOD - [2012/05/11 15:16:08 | 007,967,232 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\ce9ff6baf9053ed2ed673d948179195c\System.ni.dll
MOD - [2012/05/11 15:16:03 | 011,492,864 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\acfc1391e45fedd2a359778ea57d914c\mscorlib.ni.dll
MOD - [2011/03/17 01:11:16 | 004,297,568 | ---- | M] () -- C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
MOD - [2009/12/01 15:13:08 | 000,035,880 | ---- | M] () -- C:\Program Files (x86)\GIGABYTE\smart6\dbios\SDBMSG.exe
MOD - [2009/06/10 17:28:56 | 000,106,496 | ---- | M] () -- C:\Program Files (x86)\GIGABYTE\smart6\dbios\DBIOS.dll
MOD - [2007/09/02 13:58:52 | 000,495,616 | ---- | M] () -- E:\Programmes\RocketDock\RocketDock.exe
MOD - [2007/09/02 13:57:36 | 000,069,632 | ---- | M] () -- E:\Programmes\RocketDock\RocketDock.dll


[color=#E56717]========== Win32 Services (SafeList) ==========[/color]

SRV:[b]64bit:[/b] - [2012/03/07 01:15:14 | 000,044,768 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV:[b]64bit:[/b] - [2010/04/06 17:30:38 | 000,031,272 | ---- | M] () [On_Demand | Stopped] -- C:\Windows\SysNative\AppleChargerSrv.exe -- (AppleChargerSrv)
SRV:[b]64bit:[/b] - [2009/07/14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)
SRV:[b]64bit:[/b] - [2009/07/14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2012/05/05 00:12:12 | 000,257,696 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/04/08 19:39:51 | 000,138,416 | ---- | M] (Boxore OU.) [Auto | Stopped] -- C:\Program Files (x86)\Software\Update\SoftwareUpdate.exe -- (supdate) Software Update Service (supdate)
SRV - [2012/04/07 13:52:33 | 000,489,256 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2012/04/04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012/03/14 02:42:00 | 004,072,416 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\Windows\SysWOW64\GameMon.des -- (npggsvc)
SRV - [2012/03/01 02:02:00 | 002,348,352 | ---- | M] (NVIDIA Corporation) [Auto | Stopped] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2012/02/29 14:26:46 | 000,382,272 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2012/02/29 09:50:48 | 000,158,856 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/01/03 15:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011/12/14 16:57:00 | 002,123,584 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe -- (TuneUp.UtilitiesSvc)
SRV - [2011/03/24 06:37:18 | 000,493,384 | ---- | M] (Splashtop Inc.) [Auto | Running] -- C:\Program Files (x86)\Splashtop\Splashtop Connect Firefox Software Updater\WCUService.exe -- (WCUService_STC_FF)
SRV - [2011/03/22 10:37:16 | 000,497,480 | ---- | M] (Splashtop Inc.) [Auto | Running] -- C:\Program Files (x86)\Splashtop\Splashtop Connect IE Software Updater\WCUService.exe -- (WCUService_STC_IE)
SRV - [2011/02/09 14:20:42 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc) Intel(R)
SRV - [2010/12/31 08:39:54 | 008,133,120 | ---- | M] () [On_Demand | Stopped] -- E:\wamp\bin\mysql\mysql5.5.8\bin\mysqld.exe -- (wampmysqld)
SRV - [2010/12/31 08:39:42 | 000,020,549 | ---- | M] (Apache Software Foundation) [On_Demand | Stopped] -- E:\wamp\bin\apache\Apache2.2.17\bin\httpd.exe -- (wampapache)
SRV - [2010/11/15 13:21:54 | 000,477,000 | ---- | M] (Splashtop Inc.) [Auto | Running] -- C:\Program Files (x86)\Splashtop\Splashtop Connect\BackService.exe -- (SCBackService)
SRV - [2010/03/18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/10/13 17:39:46 | 000,114,688 | ---- | M] (Gigabyte Technology CO., LTD.) [Auto | Running] -- C:\Program Files (x86)\GIGABYTE\smart6\timelock\TimeMgmtDaemon.exe -- (Smart TimeLock)
SRV - [2009/06/17 17:13:06 | 000,068,136 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\GIGABYTE\EnergySaver2\des2svr.exe -- (DES2 Service)
SRV - [2009/06/10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2007/09/04 19:31:22 | 000,180,224 | ---- | M] (NVIDIA) [Auto | Running] -- E:\Programmes\Nvidia\nTune\nTuneService.exe -- (nTuneService)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV:[b]64bit:[/b] - [2012/04/04 15:56:40 | 000,024,904 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:[b]64bit:[/b] - [2012/03/07 01:04:06 | 000,819,032 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:[b]64bit:[/b] - [2012/03/07 01:04:04 | 000,337,240 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:[b]64bit:[/b] - [2012/03/07 01:02:20 | 000,053,080 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:[b]64bit:[/b] - [2012/03/07 01:01:57 | 000,059,224 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi)
DRV:[b]64bit:[/b] - [2012/03/07 01:01:52 | 000,069,976 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:[b]64bit:[/b] - [2012/03/07 01:01:32 | 000,024,408 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV:[b]64bit:[/b] - [2012/03/01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:[b]64bit:[/b] - [2012/01/26 19:23:14 | 000,283,200 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:[b]64bit:[/b] - [2012/01/17 14:45:56 | 000,188,224 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:[b]64bit:[/b] - [2011/12/08 06:22:28 | 000,177,640 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadmdm.sys -- (ssadmdm)
DRV:[b]64bit:[/b] - [2011/12/08 06:22:28 | 000,157,672 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadbus.sys -- (ssadbus) SAMSUNG Android USB Composite Device driver (WDM)
DRV:[b]64bit:[/b] - [2011/12/08 06:22:28 | 000,016,872 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadmdfl.sys -- (ssadmdfl) SAMSUNG Android USB Modem (Filter)
DRV:[b]64bit:[/b] - [2011/08/01 16:59:06 | 000,045,416 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\point64.sys -- (Point64)
DRV:[b]64bit:[/b] - [2011/07/28 19:37:10 | 000,052,584 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\dc3d.sys -- (dc3d) MS Hardware Device Detection Driver (USB)
DRV:[b]64bit:[/b] - [2011/03/11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:[b]64bit:[/b] - [2011/03/11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:[b]64bit:[/b] - [2011/03/07 11:22:00 | 000,065,280 | ---- | M] (Etron Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\EtronXHCI.sys -- (EtronXHCI)
DRV:[b]64bit:[/b] - [2011/03/07 11:22:00 | 000,040,832 | ---- | M] (Etron Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\EtronHub3.sys -- (EtronHub3)
DRV:[b]64bit:[/b] - [2011/02/09 14:06:44 | 000,555,032 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:[b]64bit:[/b] - [2011/01/13 13:58:00 | 000,413,800 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:[b]64bit:[/b] - [2011/01/10 19:16:08 | 000,021,104 | ---- | M] () [Kernel | System | Running] -- C:\Windows\SysNative\drivers\AppleCharger.sys -- (AppleCharger)
DRV:[b]64bit:[/b] - [2010/12/21 07:55:02 | 000,172,104 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sscdmdm.sys -- (sscdmdm)
DRV:[b]64bit:[/b] - [2010/12/21 07:55:02 | 000,136,264 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sscdbus.sys -- (sscdbus) SAMSUNG USB Composite Device driver (WDM)
DRV:[b]64bit:[/b] - [2010/12/21 07:55:02 | 000,019,016 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sscdmdfl.sys -- (sscdmdfl)
DRV:[b]64bit:[/b] - [2010/11/21 05:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:[b]64bit:[/b] - [2010/11/21 05:23:48 | 000,071,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:[b]64bit:[/b] - [2010/11/21 05:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:[b]64bit:[/b] - [2010/11/21 05:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:[b]64bit:[/b] - [2010/09/21 10:59:38 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64) Intel(R)
DRV:[b]64bit:[/b] - [2009/07/14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:[b]64bit:[/b] - [2009/07/14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:[b]64bit:[/b] - [2009/07/14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:[b]64bit:[/b] - [2009/06/10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:[b]64bit:[/b] - [2009/06/10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:[b]64bit:[/b] - [2009/06/10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:[b]64bit:[/b] - [2009/06/10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2012/05/14 08:30:23 | 000,025,640 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\gdrv.sys -- (gdrv)
DRV - [2012/05/07 16:41:58 | 000,030,528 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\GVTDrv64.sys -- (GVTDrv64)
DRV - [2012/05/06 19:42:50 | 000,025,640 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\etdrv.sys -- (etdrv)
DRV - [2012/05/05 09:48:47 | 000,019,952 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition\RivaTuner64.sys -- (RivaTuner64)
DRV - [2011/12/12 20:31:38 | 000,011,856 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesDriver64.sys -- (TuneUpUtilitiesDrv)
DRV - [2010/03/18 00:34:36 | 000,068,440 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- E:\Programmes\Visual Studio 2010\Team Tools\Performance Tools\x64\VSPerfDrv100.sys -- (VSPerfDrv100)
DRV - [2009/07/14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2007/09/04 19:26:38 | 000,039,968 | ---- | M] (NVidia Corp.) [Kernel | On_Demand | Running] -- C:\Windows\nvoclk64.sys -- (NVR0Dev)
DRV - [2006/07/24 17:05:00 | 000,005,632 | ---- | M] () [File_System | System | Stopped] -- C:\Windows\SysWow64\drivers\StarOpen.sys -- (StarOpen)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = https://www.bing.com/?scope=web&mkt=fr-FR{searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = https://www.bing.com/?scope=web&mkt=fr-FR{searchTerms}&FORM=IE8SRC


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-2390116191-247924314-3108975822-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/
IE - HKU\S-1-5-21-2390116191-247924314-3108975822-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = https://www.msn.com/fr-fr?ocid=iehp
IE - HKU\S-1-5-21-2390116191-247924314-3108975822-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = fr-FR
IE - HKU\S-1-5-21-2390116191-247924314-3108975822-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 67 FE 30 04 A9 E9 CC 01 [binary data]
IE - HKU\S-1-5-21-2390116191-247924314-3108975822-1000\..\URLSearchHook: {0F3DC9E0-C459-4a40-BCF8-747BD9322E10} - C:\Program Files (x86)\Splashtop\Splashtop Connect IE\AddressBarSearch.dll (Splashtop Inc.)
IE - HKU\S-1-5-21-2390116191-247924314-3108975822-1000\..\SearchScopes,DefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
IE - HKU\S-1-5-21-2390116191-247924314-3108975822-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = https://www.bing.com/?scope=web&mkt=fr-FR{searchTerms}&form=SPLBR1&pc=SPLH
IE - HKU\S-1-5-21-2390116191-247924314-3108975822-1000\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylon.com/?q={searchTerms}&AF=109989&tt=270312_bext_fix&babsrc=SP_ss&mntrId=04ab9d0f0000000000001c6f65c523f7
IE - HKU\S-1-5-21-2390116191-247924314-3108975822-1000\..\SearchScopes\{41109B4A-25A4-4fcd-B457-30F49E93FAB1}: "URL" = https://cse.google.com/cse?cx=partner-pub-3794288947762788%3A7941509802&ie=UTF-8&sa=Search&siteurl=www.google.com%2Fcse%2Fhome%3Fcx%3Dpartner-pub-3794288947762788%3A7941509802&q={searchTerms}
IE - HKU\S-1-5-21-2390116191-247924314-3108975822-1000\..\SearchScopes\{4F165F1A-AFF2-4a0c-B9D5-E8737B9229DA}: "URL" = https://fr.search.yahoo.com/web{searchTerms}&fr=chr-devicevm&type=IEBDSV
IE - HKU\S-1-5-21-2390116191-247924314-3108975822-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..browser.search.defaultenginename: "Search the web (Babylon)"
FF - prefs.js..browser.search.order.1: "Search the web (Babylon)"
FF - prefs.js..browser.search.selectedEngine: "Search the web (Babylon)"
FF - prefs.js..browser.startup.homepage: "http://search.babylon.com/?AF=109989&tt=270312_bext_fix&babsrc=HP_ss&mntrId=04ab9d0f0000000000001c6f65c523f7"
FF - prefs.js..keyword.URL: "http://search.babylon.com/?AF=109989&tt=270312_bext_fix&babsrc=adbartrp&mntrId=04ab9d0f0000000000001c6f65c523f7&q="


FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_2_202_235.dll File not found
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MIF5BA~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.3.1: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.3.1: C:\Program Files (x86)\Oracle\JavaFX 2.0 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MIF5BA~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MIF5BA~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@Webzen.com/NPBrowserExt: C:\Program Files (x86)\WEBZEN\BrowserExtension\NPWZCmnCtrl.dll (WEBZEN)
FF - HKLM\Software\MozillaPlugins\@www.dlmanager.net/omaha/tools//Software Update;version=8: C:\Program Files (x86)\Software\Update\1.2.195.0\npSoftwareOneClick8.dll (Boxore OU.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Romain\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Romain\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{91c612bf-2a7a-48b8-8c8c-6de28589b7a1}: C:\Program Files (x86)\Splashtop\Splashtop Connect for Firefox\{91c612bf-2a7a-48b8-8c8c-6de28589b7a1} [2012/01/19 20:46:52 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{91c612bf-2a7a-48b8-8c8c-6de28589b7a0}: C:\Program Files (x86)\Splashtop\Splashtop Connect for Firefox\{91c612bf-2a7a-48b8-8c8c-6de28589b7a0} [2012/01/19 20:46:52 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{d9284e50-81fc-11da-a72b-0800200c9a66}: C:\Program Files (x86)\Splashtop\Splashtop Connect for Firefox\{d9284e50-81fc-11da-a72b-0800200c9a66} [2012/01/19 20:46:52 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012/04/10 00:37:56 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{9CD2384C-143B-4790-A075-E7FEFE2A554B}: C:\Program Files (x86)\Boxore\BoxoreClient\BoxoreExtension\MozillaFirefox\
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/02/01 23:16:13 | 000,000,000 | ---D | M]

[2012/02/01 23:16:16 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Romain\AppData\Roaming\mozilla\Extensions
[2012/03/28 12:16:16 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Romain\AppData\Roaming\mozilla\Firefox\Profiles\ihikbsrz.default\extensions
[2012/05/03 17:45:50 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2012/03/24 16:50:40 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2012/03/26 10:48:27 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}
[2012/04/10 00:37:56 | 000,000,000 | ---D | M] (avast! WebRep) -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF
[2012/02/01 23:18:03 | 000,145,972 | ---- | M] () (No name found) -- C:\USERS\ROMAIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IHIKBSRZ.DEFAULT\EXTENSIONS\UNPLUG@COMPUNACH.XPI
[2012/01/29 18:20:05 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012/01/29 16:07:26 | 000,001,516 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazon-france.xml
[2012/03/28 12:16:02 | 000,002,355 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml
[2012/01/29 15:55:12 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012/01/29 16:07:26 | 000,001,822 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\cnrtl-tlfi-fr.xml
[2012/01/29 16:07:26 | 000,001,154 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-france.xml
[2012/01/29 16:07:26 | 000,001,426 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-fr.xml
[2012/01/29 16:07:26 | 000,000,956 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-france.xml

[color=#E56717]========== Chrome ==========[/color]

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms},
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Romain\AppData\Local\Google\Chrome\Application\18.0.1025.168\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Romain\AppData\Local\Google\Chrome\Application\18.0.1025.168\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Romain\AppData\Local\Google\Chrome\Application\18.0.1025.168\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MIF5BA~1\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MIF5BA~1\Office14\NPSPWRAP.DLL
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll
CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
CHR - plugin: Java(TM) Platform SE 7 U3 (Enabled) = C:\Program Files (x86)\Oracle\JavaFX 2.0 Runtime\bin\plugin2\npjp2.dll
CHR - plugin: Java Deployment Toolkit 7.0.30.255 (Enabled) = C:\Windows\system32\npDeployJava1.dll
CHR - plugin: Pando Web Plugin (Enabled) = C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
CHR - plugin: Software Update (Enabled) = C:\Program Files (x86)\Software\Update\1.2.195.0\npSoftwareOneClick8.dll
CHR - plugin: WEBZEN Browser Extension (Enabled) = C:\Program Files (x86)\WEBZEN\BrowserExtension\NPWZCmnCtrl.dll
CHR - plugin: Google Update (Enabled) = C:\Users\Romain\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - Extension: Angry Birds = C:\Users\Romain\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj\1.1.2.1_0\
CHR - Extension: 3DTin = C:\Users\Romain\AppData\Local\Google\Chrome\User Data\Default\Extensions\algoakekcdmbbikdjgjdahbfihboglmi\1.0_0\
CHR - Extension: Dragon Age Legends: Remix 01 = C:\Users\Romain\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkiinhllammkfejicmjmhnanlbifccfj\3_0\
CHR - Extension: YouTube = C:\Users\Romain\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Firebug Lite for Google Chrome\u2122 = C:\Users\Romain\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmagokdooijbeehmkpknfglimnifench\1.4.0.11967_0\
CHR - Extension: Recherche Google = C:\Users\Romain\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: Sleepy Jack = C:\Users\Romain\AppData\Local\Google\Chrome\User Data\Default\Extensions\edjdoaebnejlnjknbkbacepgemnjlmfc\23_0\
CHR - Extension: AdBlock = C:\Users\Romain\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.5.33_0\
CHR - Extension: Isoball 3 = C:\Users\Romain\AppData\Local\Google\Chrome\User Data\Default\Extensions\iajlkcpgcnbhfhpdeooockfaincfkjjj\1.2.1_0\
CHR - Extension: avast! WebRep = C:\Users\Romain\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1426_0\
CHR - Extension: Smart Display = C:\Users\Romain\AppData\Local\Google\Chrome\User Data\Default\Extensions\jeaihkehdlhkocphopopahkfjcfcphef\1.1_0\
CHR - Extension: Fieldrunners = C:\Users\Romain\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkpikhjbfbffdblahfidklcohlaeabak\1.0.0.5_0\
CHR - Extension: Gmail = C:\Users\Romain\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2012/04/20 17:51:34 | 000,000,849 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2:[b]64bit:[/b] - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:[b]64bit:[/b] - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MIF5BA~1\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2:[b]64bit:[/b] - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MIF5BA~1\Office14\URLREDIR.DLL (Microsoft Corporation)
O2:[b]64bit:[/b] - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Tuto4pcBHO Class) - {7A66EB91-F7D3-4de2-8CA9-12C12AF3D5F2} - C:\Program Files (x86)\Tuto4pc\Tuto4pcBHO.dll (Tuto4PC)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.0 Runtime\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Programme d'assistance de Microsoft Web Test Recorder 10.0) - {DDA57003-0068-4ed2-9D32-4D1EC707D94D} - E:\Programmes\Visual Studio 2010\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll (Microsoft Corporation)
O3:[b]64bit:[/b] - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O4:[b]64bit:[/b] - HKLM..\Run: [IntelliPoint] c:\Program Files\Microsoft IntelliPoint\ipoint.exe (Microsoft Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [itype] c:\Program Files\Microsoft IntelliType Pro\itype.exe (Microsoft Corporation)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [Boxore Client] C:\Program Files (x86)\Boxore\BoxoreClient\boxore.exe (Boxore OU)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [STCAgent] C:\Program Files (x86)\Splashtop\Splashtop Connect IE\STCAgent.exe (Splashtop Inc.)
O4 - HKLM..\Run: [Tutorials] C:\Program Files (x86)\Tuto4pc\tuto4pc.exe (Tuto4PC)
O4 - HKLM..\Run: [ZyngaGamesAgent] C:\Program Files (x86)\Splashtop\Splashtop Connect\ZyngaGamesAgent.exe (Splashtop Inc.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-2390116191-247924314-3108975822-1000..\Run: [NVIDIA nTune] E:\Programmes\Nvidia\nTune\nTuneCmd.exe (NVIDIA)
O4 - HKU\S-1-5-21-2390116191-247924314-3108975822-1000..\Run: [RocketDock] E:\Programmes\RocketDock\RocketDock.exe ()
O4 - HKLM..\RunOnce: [SDBOK] C:\Program Files (x86)\GIGABYTE\smart6\dbios\Run.exe ()
O4 - HKLM..\RunOnce: [UpdateTuto4PCHP] C:\Users\Romain\AppData\Roaming\Tuto4pc\Tuto4pc\UpdateTuto4PCHP.exe (Tuto4PC)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:[b]64bit:[/b] - Extra context menu item: &Envoyer à OneNote - res://C:\PROGRA~1\MIF5BA~1\Office14\ONBttnIE.dll/105 File not found
O8:[b]64bit:[/b] - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MIF5BA~1\Office14\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: &Envoyer à OneNote - res://C:\PROGRA~1\MIF5BA~1\Office14\ONBttnIE.dll/105 File not found
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MIF5BA~1\Office14\EXCEL.EXE/3000 File not found
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O13[b]64bit:[/b] - gopher Prefix: missing
O13 - gopher Prefix: missing
O16:[b]64bit:[/b] - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinstall-1_7_0_03-windows-i586.cab (Java Plug-in 10.3.0)
O16:[b]64bit:[/b] - DPF: {CAFEEFAC-0017-0000-0003-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_03-windows-i586.cab (Java Plug-in 1.7.0_03)
O16:[b]64bit:[/b] - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_03-windows-i586.cab (Java Plug-in 1.7.0_03)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinstall-1_7_0_03-windows-i586.cab (Java Plug-in 10.3.1)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-0017-0000-0003-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_03-windows-i586.cab (Java Plug-in 1.7.0_03)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_03-windows-i586.cab (Java Plug-in 1.7.0_03)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F607F419-6CD0-4685-9FC8-BED7240D8DA3}: DhcpNameServer = 192.168.1.1
O18:[b]64bit:[/b] - Protocol\Handler\skype4com - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18:[b]64bit:[/b] - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28:[b]64bit:[/b] - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~1\MIF5BA~1\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{32cc4763-42cb-11e1-bd81-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{32cc4763-42cb-11e1-bd81-806e6f6e6963}\Shell\AutoRun\command - "" = D:\Run.exe
O33 - MountPoints2\{bc1982e1-4841-11e1-9a33-1c6f65c523f7}\Shell - "" = AutoRun
O33 - MountPoints2\{bc1982e1-4841-11e1-9a33-1c6f65c523f7}\Shell\AutoRun\command - "" = F:\SETUP.EXE
O33 - MountPoints2\{bc1982e1-4841-11e1-9a33-1c6f65c523f7}\Shell\configure\command - "" = F:\SETUP.EXE
O33 - MountPoints2\{bc1982e1-4841-11e1-9a33-1c6f65c523f7}\Shell\install\command - "" = F:\SETUP.EXE
O34 - HKLM BootExecute: (autocheck autochk *)
O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %*
O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

NetSvcs:[b]64bit:[/b] AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2012/05/14 13:41:04 | 000,595,456 | ---- | C] (OldTimer Tools) -- C:\Users\Romain\Desktop\OTL.exe
[2012/05/14 13:38:08 | 000,000,000 | ---D | C] -- C:\Users\Romain\AppData\Local\Tuto4PC
[2012/05/14 13:38:07 | 000,000,000 | ---D | C] -- C:\Users\Romain\AppData\Roaming\Tuto4pc
[2012/05/14 13:38:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Tuto4pc
[2012/05/14 13:38:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tuto4pc
[2012/05/14 13:36:46 | 023,873,711 | ---- | C] (Media Player) -- C:\Users\Romain\Desktop\media.player.codec.pack.v3.9.6.setup.exe
[2012/05/11 16:40:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy
[2012/05/11 16:40:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2012/05/11 16:40:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot - Search & Destroy
[2012/05/10 20:06:19 | 000,000,000 | ---D | C] -- C:\Users\Romain\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2012/05/10 17:54:30 | 001,544,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll
[2012/05/10 17:54:29 | 005,559,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2012/05/10 17:54:28 | 003,968,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2012/05/10 17:54:28 | 003,913,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2012/05/06 14:57:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NVIDIA nTune Performance Application
[2012/05/05 09:48:36 | 000,000,000 | ---D | C] -- C:\Users\Romain\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition
[2012/05/05 09:48:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition
[2012/05/04 21:57:24 | 000,000,000 | ---D | C] -- E:\Documents\progr
[2012/05/04 21:56:00 | 000,000,000 | ---D | C] -- E:\Documents\Zicmu
[2012/04/22 09:36:10 | 000,000,000 | ---D | C] -- C:\Users\Romain\AppData\Roaming\GetRightToGo
[2012/04/21 00:56:22 | 000,000,000 | ---D | C] -- C:\Users\Romain\AppData\Roaming\Malwarebytes
[2012/04/21 00:56:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012/04/21 00:56:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012/04/21 00:56:17 | 000,024,904 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012/04/21 00:56:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012/04/20 17:52:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WampServer
[2012/04/15 10:56:57 | 000,230,920 | ---- | C] (WEBZEN, INC.) -- C:\Windows\SysWow64\EPWZCmnCtrl.dll
[2012/04/15 10:56:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\WEBZEN
[2012/04/15 10:56:49 | 000,000,000 | ---D | C] -- C:\ProgramData\WEBZEN
[2012/04/15 10:52:44 | 004,072,416 | ---- | C] (INCA Internet Co., Ltd.) -- C:\Windows\SysWow64\GameMon.des
[2012/04/14 22:10:18 | 000,004,682 | ---- | C] (INCA Internet Co., Ltd.) -- C:\Windows\SysWow64\npptNT2.sys
[2012/04/14 22:10:07 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\INCA Shared
[2012/04/14 21:12:10 | 008,744,608 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerInstaller.exe

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2012/05/14 13:44:05 | 000,001,086 | ---- | M] () -- C:\Windows\tasks\SoftwareUpdateTaskMachineUA.job
[2012/05/14 13:41:07 | 000,595,456 | ---- | M] (OldTimer Tools) -- C:\Users\Romain\Desktop\OTL.exe
[2012/05/14 13:37:16 | 023,873,711 | ---- | M] (Media Player) -- C:\Users\Romain\Desktop\media.player.codec.pack.v3.9.6.setup.exe
[2012/05/14 13:12:00 | 000,001,002 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/05/14 12:48:00 | 000,001,082 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2390116191-247924314-3108975822-1000UA.job
[2012/05/14 08:37:26 | 000,022,224 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/05/14 08:37:26 | 000,022,224 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/05/14 08:36:14 | 001,848,024 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/05/14 08:36:14 | 000,811,126 | ---- | M] () -- C:\Windows\SysNative\perfh00C.dat
[2012/05/14 08:36:14 | 000,718,008 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/05/14 08:36:14 | 000,173,734 | ---- | M] () -- C:\Windows\SysNative\perfc00C.dat
[2012/05/14 08:36:14 | 000,146,030 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/05/14 08:30:23 | 000,025,640 | ---- | M] (Windows (R) Server 2003 DDK provider) -- C:\Windows\gdrv.sys
[2012/05/14 08:30:17 | 000,001,082 | ---- | M] () -- C:\Windows\tasks\SoftwareUpdateTaskMachineCore.job
[2012/05/14 08:30:15 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/05/14 08:30:12 | 2134,204,415 | -HS- | M] () -- C:\hiberfil.sys
[2012/05/13 19:48:00 | 000,001,030 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2390116191-247924314-3108975822-1000Core.job
[2012/05/11 16:40:54 | 000,001,258 | ---- | M] () -- C:\Users\Romain\Desktop\Spybot - Search & Destroy.lnk
[2012/05/11 15:13:12 | 000,418,224 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012/05/07 16:41:58 | 000,030,528 | ---- | M] () -- C:\Windows\GVTDrv64.sys
[2012/05/06 19:42:50 | 000,025,640 | ---- | M] (Windows (R) Server 2003 DDK provider) -- C:\Windows\etdrv.sys
[2012/05/06 16:19:16 | 001,227,020 | ---- | M] () -- E:\Documents\CS.pdf
[2012/05/06 15:01:48 | 000,001,857 | ---- | M] () -- C:\Users\Romain\Desktop\nvCplUI.exe - Raccourci.lnk
[2012/05/05 00:12:12 | 000,419,488 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2012/05/05 00:12:12 | 000,070,304 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2012/05/05 00:12:09 | 008,744,608 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerInstaller.exe
[2012/05/04 23:50:43 | 893,938,434 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2012/04/30 16:25:40 | 000,000,755 | ---- | M] () -- C:\Users\Romain\Desktop\The Binding of Isaac.lnk
[2012/04/30 12:34:13 | 000,131,012 | ---- | M] () -- E:\Documents\Imprimer - Payer votre annonce.pdf
[2012/04/21 12:14:01 | 000,000,859 | ---- | M] () -- C:\Users\Romain\Desktop\Mes documents.lnk
[2012/04/21 00:56:18 | 000,001,109 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/04/20 17:52:38 | 000,000,533 | ---- | M] () -- C:\Users\Romain\Desktop\WampServer.lnk

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2012/05/11 16:40:54 | 000,001,258 | ---- | C] () -- C:\Users\Romain\Desktop\Spybot - Search & Destroy.lnk
[2012/05/06 16:18:52 | 001,227,020 | ---- | C] () -- E:\Documents\CS.pdf
[2012/05/06 15:01:48 | 000,001,857 | ---- | C] () -- C:\Users\Romain\Desktop\nvCplUI.exe - Raccourci.lnk
[2012/05/03 19:43:08 | 000,001,082 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2390116191-247924314-3108975822-1000UA.job
[2012/05/03 19:43:08 | 000,001,030 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2390116191-247924314-3108975822-1000Core.job
[2012/04/30 12:34:13 | 000,131,012 | ---- | C] () -- E:\Documents\Imprimer - Payer votre annonce.pdf
[2012/04/21 00:56:18 | 000,001,109 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/04/20 17:52:38 | 000,000,533 | ---- | C] () -- C:\Users\Romain\Desktop\WampServer.lnk
[2012/04/14 22:10:18 | 000,005,174 | ---- | C] () -- C:\Windows\SysWow64\nppt9x.vxd
[2012/03/09 20:35:16 | 000,000,162 | ---- | C] () -- C:\Windows\ODBC.INI
[2012/02/29 14:26:56 | 000,416,064 | ---- | C] () -- C:\Windows\SysWow64\nvStreaming.exe
[2012/02/11 13:12:33 | 000,007,602 | ---- | C] () -- C:\Users\Romain\AppData\Local\Resmon.ResmonCfg
[2012/01/30 18:12:32 | 000,033,792 | ---- | C] () -- C:\Users\Romain\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/01/30 18:06:26 | 000,000,000 | ---- | C] () -- C:\ProgramData\LauncherAccess.dt
[2012/01/30 18:05:34 | 000,005,632 | ---- | C] () -- C:\Windows\SysWow64\drivers\StarOpen.sys
[2012/01/26 19:30:00 | 001,825,634 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012/01/19 22:15:52 | 000,030,528 | ---- | C] () -- C:\Windows\GVTDrv64.sys
[2012/01/19 22:06:30 | 000,008,192 | ---- | C] () -- C:\Windows\SysWow64\drivers\IntelMEFWVer.dll
[2012/01/19 20:45:49 | 000,000,010 | ---- | C] () -- C:\Windows\GSetup.ini
[2011/01/29 18:00:22 | 000,974,848 | ---- | C] () -- C:\Windows\SysWow64\cis-2.4.dll
[2011/01/29 18:00:22 | 000,081,920 | ---- | C] () -- C:\Windows\SysWow64\issacapi_bs-2.3.dll
[2011/01/29 18:00:22 | 000,065,536 | ---- | C] () -- C:\Windows\SysWow64\issacapi_pe-2.3.dll
[2011/01/29 18:00:22 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\issacapi_se-2.3.dll
[2010/05/24 21:33:00 | 004,670,829 | ---- | C] () -- C:\Windows\SysWow64\libavcodec.dll
[2010/05/24 21:33:00 | 001,529,856 | ---- | C] () -- C:\Windows\SysWow64\ff_samplerate.dll
[2010/05/24 21:33:00 | 001,447,921 | ---- | C] () -- C:\Windows\SysWow64\ffmpegmt.dll
[2010/05/24 21:33:00 | 000,877,385 | ---- | C] () -- C:\Windows\SysWow64\ff_x264.dll
[2010/05/24 21:33:00 | 000,810,113 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2010/05/24 21:33:00 | 000,336,384 | ---- | C] () -- C:\Windows\SysWow64\ff_libfaad2.dll
[2010/05/24 21:33:00 | 000,324,096 | ---- | C] () -- C:\Windows\SysWow64\TomsMoComp_ff.dll
[2010/05/24 21:33:00 | 000,248,320 | ---- | C] () -- C:\Windows\SysWow64\ff_kernelDeint.dll
[2010/05/24 21:33:00 | 000,216,576 | ---- | C] () -- C:\Windows\SysWow64\ff_libdts.dll
[2010/05/24 21:33:00 | 000,151,552 | ---- | C] () -- C:\Windows\SysWow64\ff_libmad.dll
[2010/05/24 21:33:00 | 000,145,408 | ---- | C] () -- C:\Windows\SysWow64\libmpeg2_ff.dll
[2010/05/24 21:33:00 | 000,139,944 | ---- | C] () -- C:\Windows\SysWow64\libmplayer.dll
[2010/05/24 21:33:00 | 000,121,856 | ---- | C] () -- C:\Windows\SysWow64\ff_liba52.dll
[2010/05/24 21:33:00 | 000,116,736 | ---- | C] () -- C:\Windows\SysWow64\ff_tremor.dll
[2010/05/24 21:33:00 | 000,108,032 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2010/05/24 21:33:00 | 000,100,864 | ---- | C] () -- C:\Windows\SysWow64\ff_wmv9.dll
[2010/05/24 21:33:00 | 000,097,792 | ---- | C] () -- C:\Windows\SysWow64\ff_unrar.dll
[2010/05/19 22:59:20 | 000,150,528 | ---- | C] () -- C:\Windows\SysWow64\mkx.dll
[2010/05/19 22:59:10 | 000,109,568 | ---- | C] () -- C:\Windows\SysWow64\avi.dll
[2010/05/19 22:59:02 | 000,141,824 | ---- | C] () -- C:\Windows\SysWow64\mp4.dll
[2010/05/19 22:58:52 | 000,123,392 | ---- | C] () -- C:\Windows\SysWow64\ogm.dll
[2010/05/19 22:58:24 | 000,113,152 | ---- | C] () -- C:\Windows\SysWow64\dsmux.exe
[2010/05/19 22:58:18 | 000,154,112 | ---- | C] () -- C:\Windows\SysWow64\ts.dll
[2010/05/19 22:58:08 | 000,249,856 | ---- | C] () -- C:\Windows\SysWow64\dxr.dll
[2010/05/19 22:57:42 | 000,097,792 | ---- | C] () -- C:\Windows\SysWow64\avs.dll
[2010/05/19 22:57:38 | 000,137,728 | ---- | C] () -- C:\Windows\SysWow64\mkv2vfr.exe
[2010/05/19 22:57:26 | 000,093,184 | ---- | C] () -- C:\Windows\SysWow64\avss.dll
[2010/05/19 22:57:20 | 000,358,400 | ---- | C] () -- C:\Windows\SysWow64\gdsmux.exe
[2010/05/19 22:55:40 | 000,080,384 | ---- | C] () -- C:\Windows\SysWow64\mkzlib.dll
[2010/05/19 22:55:36 | 000,024,576 | ---- | C] () -- C:\Windows\SysWow64\mkunicode.dll

[color=#E56717]========== LOP Check ==========[/color]

[2012/05/13 20:24:25 | 000,000,000 | ---D | M] -- C:\Users\Romain\AppData\Roaming\Azureus
[2012/01/26 19:27:54 | 000,000,000 | ---D | M] -- C:\Users\Romain\AppData\Roaming\DAEMON Tools Lite
[2012/04/07 12:07:31 | 000,000,000 | ---D | M] -- C:\Users\Romain\AppData\Roaming\DeepBurner
[2012/01/25 21:59:40 | 000,000,000 | ---D | M] -- C:\Users\Romain\AppData\Roaming\e-academy Inc
[2012/05/11 16:40:11 | 000,000,000 | ---D | M] -- C:\Users\Romain\AppData\Roaming\GetRightToGo
[2012/01/25 19:22:34 | 000,000,000 | ---D | M] -- C:\Users\Romain\AppData\Roaming\LolClient
[2012/04/10 21:31:51 | 000,000,000 | ---D | M] -- C:\Users\Romain\AppData\Roaming\Mumble
[2012/01/30 20:33:44 | 000,000,000 | ---D | M] -- C:\Users\Romain\AppData\Roaming\Notepad++
[2012/03/30 18:59:01 | 000,000,000 | ---D | M] -- C:\Users\Romain\AppData\Roaming\pdfforge
[2012/04/07 19:13:36 | 000,000,000 | ---D | M] -- C:\Users\Romain\AppData\Roaming\Samsung
[2012/03/09 19:27:23 | 000,000,000 | ---D | M] -- C:\Users\Romain\AppData\Roaming\Sparx Systems
[2012/01/25 19:14:27 | 000,000,000 | ---D | M] -- C:\Users\Romain\AppData\Roaming\Splashtop
[2012/03/26 12:26:31 | 000,000,000 | ---D | M] -- C:\Users\Romain\AppData\Roaming\Subversion
[2012/04/30 17:40:34 | 000,000,000 | ---D | M] -- C:\Users\Romain\AppData\Roaming\TS3Client
[2012/01/26 22:16:32 | 000,000,000 | ---D | M] -- C:\Users\Romain\AppData\Roaming\ts3overlay
[2012/01/28 11:19:57 | 000,000,000 | ---D | M] -- C:\Users\Romain\AppData\Roaming\TuneUp Software
[2012/05/14 13:38:07 | 000,000,000 | ---D | M] -- C:\Users\Romain\AppData\Roaming\Tuto4pc
[2012/05/01 23:13:55 | 000,032,496 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2012/05/14 08:30:17 | 000,001,082 | ---- | M] () -- C:\Windows\Tasks\SoftwareUpdateTaskMachineCore.job
[2012/05/14 13:44:05 | 000,001,086 | ---- | M] () -- C:\Windows\Tasks\SoftwareUpdateTaskMachineUA.job

[color=#E56717]========== Purity Check ==========[/color]



[color=#E56717]========== Custom Scans ==========[/color]

[color=#A23BEC]< >[/color]

[color=#A23BEC]< %SYSTEMDRIVE%\*.* >[/color]
[2012/01/19 22:08:52 | 000,000,174 | ---- | M] () -- C:\csb.log
[2012/05/14 08:30:12 | 2134,204,415 | -HS- | M] () -- C:\hiberfil.sys
[2012/01/19 20:48:28 | 000,000,189 | ---- | M] () -- C:\Install.log
[2012/05/14 08:30:14 | 4277,264,383 | -HS- | M] () -- C:\pagefile.sys
[2012/01/19 20:48:04 | 000,002,150 | ---- | M] () -- C:\RHDSetup.log
[2012/03/28 12:16:11 | 000,000,237 | ---- | M] () -- C:\user.js

[color=#A23BEC]< >[/color]

[color=#A23BEC]< %systemroot%\*. /mp /s >[/color]

[color=#A23BEC]< >[/color]

[color=#A23BEC]< %systemroot%\System32\config\*.sav >[/color]

[color=#A23BEC]< >[/color]

[color=#A23BEC]< %systemroot%\Tasks\*.job /lockedfiles >[/color]

[color=#A23BEC]< >[/color]

[color=#A23BEC]< %systemroot%\system32\drivers\*.sys /lockedfiles >[/color]

[color=#A23BEC]< >[/color]

[color=#A23BEC]< %systemroot%\system32\*.dll /lockedfiles >[/color]

[color=#A23BEC]< >[/color]

[color=#A23BEC]< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >[/color]

[color=#A23BEC]< >[/color]

[color=#A23BEC]< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >[/color]

[color=#A23BEC]< >[/color]

[color=#A23BEC]< MD5 for: EXPLORER.EXE >[/color]
[2011/02/26 07:19:21 | 002,616,320
A voir également:

10 réponses

Réponse 1 / 10
Destrio5 Messages postés 99820 Statut Modérateur 10 304
 
Bonjour,

--> Désinstalle Spybot - Search & Destroy.

--> Télécharge et lance AdwCleaner (de Xplode), choisis l'option "Suppression" et poste le rapport :
http://general-changelog-team.fr/fr/downloads/viewdownload/20-outils-de-xplode/2-adwcleaner
1
Réponse 2 / 10
^Abel^ Messages postés 22775 Statut Contributeur 6 873
 
Bonjour,
Téléchargez cet utilitaire. Merci "Xplode".
Cliquez sur "Supression". Laissez faire l'ordinateur sera redémarré, et vous affichera un rapport.
1
Réponse 3 / 10
oni Messages postés 34 Statut Membre
 
Merci messieurs,

Voici le rapport:

PS: Spybot, c'est mauvais?




# AdwCleaner v1.606 - Rapport créé le 14/05/2012 à 15:02:14
# Mis à jour le 10/05/2012 par Xplode
# Système d'exploitation : Windows 7 Professional Service Pack 1 (64 bits)
# Nom d'utilisateur : Romain - PC-ROMAIN
# Exécuté depuis : C:\Users\Romain\Downloads\adwcleaner.exe
# Option [Suppression]


***** [Services] *****

Arrêté & Supprimé : supdate

***** [Fichiers / Dossiers] *****

Dossier Supprimé : C:\Users\Romain\AppData\Local\Tuto4pc
Dossier Supprimé : C:\Users\Romain\AppData\Local\Temp\BabylonToolbar
Dossier Supprimé : C:\Users\Romain\AppData\Roaming\pdfforge
Dossier Supprimé : C:\Users\Romain\AppData\Roaming\Tuto4pc
Dossier Supprimé : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tuto4pc
Dossier Supprimé : C:\Program Files (x86)\Boxore
Dossier Supprimé : C:\Program Files (x86)\Tuto4pc
Fichier Supprimé : C:\Program Files (x86)\Mozilla Firefox\searchplugins\babylon.xml

***** [Registre] *****

Clé Supprimée : HKCU\Software\Softonic
Clé Supprimée : HKCU\Software\Tuto4PC
Clé Supprimée : HKCU\Software\AppDataLow\Software\PriceGong
Clé Supprimée : HKLM\SOFTWARE\Boxore
Clé Supprimée : HKLM\SOFTWARE\Software
Clé Supprimée : HKLM\SOFTWARE\Tuto4pc
Clé Supprimée : HKLM\SOFTWARE\Classes\Software.OneClickCtrl.8
Clé Supprimée : HKLM\SOFTWARE\Classes\SoftwareUpdate.CoreClass
Clé Supprimée : HKLM\SOFTWARE\Classes\SoftwareUpdate.CoreClass.1
Clé Supprimée : HKLM\SOFTWARE\Classes\SoftwareUpdate.OnDemandCOMClassMachine
Clé Supprimée : HKLM\SOFTWARE\Classes\SoftwareUpdate.OnDemandCOMClassMachine.1.0
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Clé Supprimée : HKLM\SOFTWARE\Classes\Installer\Features\64A6E60055D801F4BB8AC269354B72B8
Clé Supprimée : HKLM\SOFTWARE\Classes\Installer\Products\64A6E60055D801F4BB8AC269354B72B8
Clé Supprimée : HKLM\SOFTWARE\Classes\Installer\UpgradeCodes\1C875DDE39636004CA8CDAEC335B4160
Clé Supprimée : HKLM\SOFTWARE\Classes\Installer\UpgradeCodes\BA086F2D38A8E1A47912955A68B3AD24
Clé Supprimée : HKLM\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\0563B8630D62D75ABBC8AB1E4BDFB5A899B24D43
Clé Supprimée : HKLM\SOFTWARE\Classes\MIME\Database\Content Type\application/x-vnd.software.oneclickctrl.8
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{006E6A46-8D55-4F10-BBA8-2C9653B4278B}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Tuto4pc_is1
Valeur Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [Boxore Client]
[x64] Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\1C875DDE39636004CA8CDAEC335B4160
[x64] Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\BA086F2D38A8E1A47912955A68B3AD24

***** [Registre - GUID] *****

Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{32451DFC-C23B-4E12-866C-FC7982238504}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{092A2C6B-43EE-4F9F-8F8E-14ED5E11C14B}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{257A6158-1416-4B31-9BF8-29FF49F3814F}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{32451DFC-C23B-4E12-866C-FC7982238504}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{AC5C4189-A8A0-4C9D-8910-C9CEF8360077}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{C9FC4C5A-2C9B-4E41-8DA2-2F379D74CF45}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{736EF78E-5A04-46F9-893E-EDEC6EA5DF45}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{7A1BCE27-099C-4628-B63A-AEC00C6376B3}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{AF3AFF7C-B9E9-48DD-9002-212B6DEAAC02}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{DBE82879-914A-422F-BAE9-2ECC80BE536F}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{E12D7149-73EF-45E4-A1E9-99FD7DAE62D3}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{F2B184F1-547C-4EE9-BFC4-AC489C7077D9}
Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{2D5E2D34-BED5-4B9F-9793-A31E26E6806E}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C9FC4C5A-2C9B-4E41-8DA2-2F379D74CF45}
Clé Supprimée : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C9FC4C5A-2C9B-4E41-8DA2-2F379D74CF45}
[x64] Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}

***** [Navigateurs] *****

-\\ Internet Explorer v9.0.8112.16421

[OK] Le registre ne contient aucune entrée illégitime.

-\\ Mozilla Firefox v10.0 (fr)

Nom du profil : default
Fichier : C:\Users\Romain\AppData\Roaming\Mozilla\Firefox\Profiles\ihikbsrz.default\prefs.js

C:\Users\Romain\AppData\Roaming\Mozilla\Firefox\Profiles\ihikbsrz.default\user.js ... Supprimé !

Supprimée : user_pref("browser.babylon.HPOnNewTab", "search.babylon.com");
Supprimée : user_pref("browser.search.defaultenginename", "Search the web (Babylon)");
Supprimée : user_pref("browser.search.order.1", "Search the web (Babylon)");
Supprimée : user_pref("browser.search.selectedEngine", "Search the web (Babylon)");
Supprimée : user_pref("browser.startup.homepage", "hxxp://search.babylon.com/?AF=109989&tt=270312_bext_fix&babsr[...]
Supprimée : user_pref("extensions.BabylonToolbar_i.aflt", "babsst");
Supprimée : user_pref("extensions.BabylonToolbar_i.babExt", "");
Supprimée : user_pref("extensions.BabylonToolbar_i.babTrack", "affID=109989");
Supprimée : user_pref("extensions.BabylonToolbar_i.hardId", "04ab9d0f0000000000001c6f65c523f7");
Supprimée : user_pref("extensions.BabylonToolbar_i.id", "04ab9d0f0000000000001c6f65c523f7");
Supprimée : user_pref("extensions.BabylonToolbar_i.instlDay", "15427");
Supprimée : user_pref("extensions.BabylonToolbar_i.instlRef", "sst");
Supprimée : user_pref("extensions.BabylonToolbar_i.newTab", true);
Supprimée : user_pref("extensions.BabylonToolbar_i.newTabUrl", "hxxp://search.babylon.com/?AF=109989&tt=270312_b[...]
Supprimée : user_pref("extensions.BabylonToolbar_i.prdct", "BabylonToolbar");
Supprimée : user_pref("extensions.BabylonToolbar_i.prtnrId", "babylon");
Supprimée : user_pref("extensions.BabylonToolbar_i.smplGrp", "none");
Supprimée : user_pref("extensions.BabylonToolbar_i.srcExt", "ss");
Supprimée : user_pref("extensions.BabylonToolbar_i.tlbrId", "tb9");
Supprimée : user_pref("extensions.BabylonToolbar_i.vrsn", "1.5.3.17");
Supprimée : user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.5.3.1712:16:11");
Supprimée : user_pref("extensions.BabylonToolbar_i.vrsni", "1.5.3.17");
Supprimée : user_pref("keyword.URL", "hxxp://search.babylon.com/?AF=109989&tt=270312_bext_fix&babsrc=adbartrp&mn[...]

-\\ Google Chrome v18.0.1025.168

Fichier : C:\Users\Romain\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] Le fichier ne contient aucune entrée illégitime.

*************************

AdwCleaner[S1].txt - [6933 octets] - [14/05/2012 15:02:14]

########## EOF - C:\AdwCleaner[S1].txt - [7061 octets] ##########
0
^Abel^ Messages postés 22775 Statut Contributeur 6 873
 
Privilégiez la navigation avec "Firefox" en lui ajoutant le module Adblok+ afin de vous protéger des pubs.
un peu de lecture, pour l'avenir ;-)
0
oni Messages postés 34 Statut Membre
 
En fait j'utilise Chrome avec adBlock ^^
Ces pubs sont des ouvertures de fenêtres avec ddifférents sites. Des fois des sites de poker, des fois des sites de cul... Elles s'ouvrent aléatoirement (des fois même quand je ne navigue pa)
0
Réponse 4 / 10
Destrio5 Messages postés 99820 Statut Modérateur 10 304
 
Spybot ne sert pas à grand chose et son TeaTimer peut gêner la désinfection.

AdwCleaner a fait son travail, tu peux le désinstaller.

Héberge un rapport d'OTL sur ce site http://pjjoint.malekal.com/ puis poste le lien donné ici.
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 10
oni Messages postés 34 Statut Membre
 
Merci ;)

Le fichier généré par OTL est:
https://pjjoint.malekal.com/files.php?id=20120514_o15m9u10g13j6

Ceci est le fichier Extras que me génère également OTL
https://pjjoint.malekal.com/files.php?id=20120514_n7q5l7j12n11
0
Réponse 6 / 10
Destrio5 Messages postés 99820 Statut Modérateur 10 304
 
--> Double-clique sur OTL pour le lancer.
(Sous Vista/Win7, il faut cliquer droit sur OTL et choisir Exécuter en tant qu'administrateur)
--> Sous l'onglet Personnalisation en bas de la fenêtre, copie-colle le texte suivant (entre les deux espaces) :




:OTL
[2012/05/11 16:40:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot - Search & Destroy
[2012/05/11 16:40:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
O33 - MountPoints2\{32cc4763-42cb-11e1-bd81-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{32cc4763-42cb-11e1-bd81-806e6f6e6963}\Shell\AutoRun\command - "" = D:\Run.exe
O2 - BHO: (Tuto4pcBHO Class) - {7A66EB91-F7D3-4de2-8CA9-12C12AF3D5F2} - C:\Program Files (x86)\Tuto4pc\Tuto4pcBHO.dll File not found
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{9CD2384C-143B-4790-A075-E7FEFE2A554B}: C:\Program Files (x86)\Boxore\BoxoreClient\BoxoreExtension\MozillaFirefox\
FF - HKLM\Software\MozillaPlugins\@www.dlmanager.net/omaha/tools//Software Update;version=8: C:\Program Files (x86)\Software\Update\1.2.195.0\npSoftwareOneClick8.dll (Boxore OU.)
IE - HKU\S-1-5-21-2390116191-247924314-3108975822-1000\..\SearchScopes,DefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}

:reg
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Tuto Avast_is1"=-
"Tuto Firefox_is1"=-

:commands
[emptytemp]
[reboot]




--> Puis clique sur le bouton Correction en haut de la fenêtre.
--> Laisse le programme travailler, redémarre une fois le fix terminé.
--> Poste le rapport qui s'affichera après redémarrage.
0
Réponse 7 / 10
oni Messages postés 34 Statut Membre
 
C'est fait:


All processes killed
========== OTL ==========
C:\Program Files (x86)\Spybot - Search & Destroy folder moved successfully.
C:\ProgramData\Spybot - Search & Destroy\Recovery folder moved successfully.
C:\ProgramData\Spybot - Search & Destroy\Logs folder moved successfully.
C:\ProgramData\Spybot - Search & Destroy folder moved successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{32cc4763-42cb-11e1-bd81-806e6f6e6963}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{32cc4763-42cb-11e1-bd81-806e6f6e6963}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{32cc4763-42cb-11e1-bd81-806e6f6e6963}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{32cc4763-42cb-11e1-bd81-806e6f6e6963}\ not found.
File D:\Run.exe not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7A66EB91-F7D3-4de2-8CA9-12C12AF3D5F2}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7A66EB91-F7D3-4de2-8CA9-12C12AF3D5F2}\ deleted successfully.
File HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{9CD2384C-143B-4790-A075-E7FEFE2A554B}: C:\Program Files (x86)\Boxore\BoxoreClient\BoxoreExtension\MozillaFirefox not found.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@www.dlmanager.net/omaha/tools//Software Update;version=8\ deleted successfully.
C:\Program Files (x86)\Software\Update\1.2.195.0\npSoftwareOneClick8.dll moved successfully.
HKEY_USERS\S-1-5-21-2390116191-247924314-3108975822-1000\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\\Tuto Avast_is1 not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\\Tuto Firefox_is1 not found.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Public

User: Romain
->Temp folder emptied: 19794918 bytes
->Temporary Internet Files folder emptied: 87399774 bytes
->Java cache emptied: 1288904 bytes
->FireFox cache emptied: 72897911 bytes
->Google Chrome cache emptied: 335495255 bytes
->Flash cache emptied: 9243 bytes

User: UpdatusUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 52407148 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 85548 bytes
%systemroot%\sysnative\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment folder emptied: 556 bytes
RecycleBin emptied: 616680259 bytes

Total Files Cleaned = 1 131,00 mb


OTL by OldTimer - Version 3.2.43.0 log created on 05142012_155139

Files\Folders moved on Reboot...
C:\Users\Romain\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
File move failed. C:\Windows\temp\_avast_\Webshlock.txt scheduled to be moved on reboot.

Registry entries deleted on Reboot...
0
Réponse 8 / 10
Destrio5 Messages postés 99820 Statut Modérateur 10 304
 
Plus de souci ?

Mets à jour Malwarebytes' Anti-Malware et fais un examen rapide.
0
Réponse 9 / 10
oni Messages postés 34 Statut Membre
 
Pour l'instant non mais c'est un peu quand ça veut les pubs.. Je repasse ce soir pour confirmer l'absence de souci ;)

Ok malwarebyte m'a trouvé quelques broutilles que j'ai viré. on va voir


Merci beaucoup ;)
0
Réponse 10 / 10
oni Messages postés 34 Statut Membre
 
RAS donc disons que c'est réglé.

Merci ^^
0

Discussions similaires

Prélèvement Apple.com Bill
Eva_007 -
kikine -

8 réponses
Prélèvement inconnu APPLE.COM/BILL ORIGINE IRL
leon274 -
HelpiOS -

1 réponse
apparation intempestives de pub type site de rencontre et photo dans le même ton
Crokino -
Crokino -

6 réponses
Prélèvements sur Itunes.com/bill Itunes.com Lu
christinesibille -
Rahimullah -

71 réponses