Sujet Précédent Sujet Suivant

Effacer QVO6

Fermé
haddocks Messages postés 77 Date d'inscription lundi 7 novembre 2005 Statut Membre Dernière intervention 28 décembre 2018 - 8 sept. 2013 à 11:46
Malekal_morte- Messages postés 180304 Date d'inscription mercredi 17 mai 2006 Statut Modérateur, Contributeur sécurité Dernière intervention 15 décembre 2020 - 8 sept. 2013 à 12:50
Bonjour,



comment beaucoup d'entre nous je me suis fait avoir par QVO6 et je n'arrive pas à le supprimer malgré ma lecture assidue des topic concernés.
Win XP pack 3
j'ai supprimé google chrome et il me reste IE.

j'ai passer mon PC à la moulinette de adwcleaner et OTL sans résultat.
Quand j'ouvre IE j'ai tjrs QVO6 en page de démarrage.

je pense avoir supprimé tous les racourcis et demarre IE à partir de:
C:\Program Files\Internet Explorer
avec cette icone de demarrage je n'ai plus accès à la cible!

voici mon/mes rapports

OTL logfile created on: 07/09/2013 23:47:47 - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\hhhhhhhhhhhh\Bureau
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

1,99 Gb Total Physical Memory | 1,57 Gb Available Physical Memory | 78,90% Memory free
4,82 Gb Paging File | 4,57 Gb Available in Paging File | 94,85% Paging File free
Paging file location(s): C:\pagefile.sys 3048 3048 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 30,04 Gb Total Space | 7,77 Gb Free Space | 25,86% Space Free | Partition Type: NTFS
Drive D: | 113,00 Gb Total Space | 19,75 Gb Free Space | 17,48% Space Free | Partition Type: NTFS

Computer Name: MON-A54F424C63 | User Name: hhhhhhhhhhhh | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - [2013/09/07 23:31:50 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\hhhhhhhhhhhh\Bureau\OTL.exe
PRC - [2013/09/06 21:55:25 | 000,342,592 | ---- | M] (Woodtale Technology Inc) -- C:\Documents and Settings\hhhhhhhhhhhh\Local Settings\Application Data\DProtect\DProtectSvc.exe
PRC - [2013/04/04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2012/10/21 14:40:15 | 000,296,096 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Real\RealPlayer\Update\realsched.exe
PRC - [2012/09/17 12:41:54 | 000,254,896 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe
PRC - [2011/12/14 16:57:02 | 001,212,224 | ---- | M] (TuneUp Software) -- C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesApp32.exe
PRC - [2011/12/14 16:57:00 | 001,514,304 | ---- | M] (TuneUp Software) -- C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe
PRC - [2009/09/06 06:06:20 | 000,169,312 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe
PRC - [2008/10/20 11:32:54 | 002,768,896 | ---- | M] () -- C:\Program Files\Samsung\Samsung Battery Manager\BatteryManager.exe
PRC - [2008/10/06 19:07:26 | 000,679,936 | ---- | M] (SAMSUNG Electronics) -- C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe
PRC - [2008/04/14 14:00:00 | 001,037,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2006/11/03 20:19:58 | 000,013,592 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MsMpEng.exe


[color=#E56717]========== Modules (No Company Name) ==========[/color]

MOD - [2013/09/06 21:55:25 | 000,506,944 | ---- | M] () -- C:\Documents and Settings\hhhhhhhhhhhh\Local Settings\Application Data\DProtect\eBP.dll
MOD - [2013/09/06 21:55:25 | 000,062,016 | ---- | M] () -- C:\Documents and Settings\hhhhhhhhhhhh\Local Settings\Application Data\DProtect\eBPSD.dll
MOD - [2011/02/09 02:56:38 | 000,296,448 | ---- | M] () -- C:\Program Files\Notepad++\NppShell_04.dll
MOD - [2008/10/20 11:32:54 | 002,768,896 | ---- | M] () -- C:\Program Files\Samsung\Samsung Battery Manager\BatteryManager.exe
MOD - [2006/08/12 13:48:40 | 000,049,152 | ---- | M] () -- C:\Program Files\Samsung\Easy Display Manager\HookDllPS2.dll


[color=#E56717]========== Services (SafeList) ==========[/color]

SRV - File not found [Auto | Stopped] -- C:\Documents and Settings\hhhhhhhhhhhh\Local Settings\Application Data\Torch\Update\TorchCrashHandler.exe -- (TorchCrashHandler)
SRV - File not found [On_Demand | Stopped] -- %SystemRoot%\System32\appmgmts.dll -- (AppMgmt)
SRV - [2013/09/06 21:55:25 | 000,342,592 | ---- | M] (Woodtale Technology Inc) [Auto | Running] -- C:\Documents and Settings\hhhhhhhhhhhh\Local Settings\Application Data\DProtect\DProtectSvc.exe -- (DPService)
SRV - [2013/04/04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2013/04/04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2012/12/19 00:10:57 | 000,250,808 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/09/23 12:39:48 | 000,312,264 | ---- | M] (CybelSoft) [On_Demand | Stopped] -- C:\Program Files\ma-config.com\maconfservice.exe -- (maconfservice)
SRV - [2011/12/14 16:57:00 | 001,514,304 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe -- (TuneUp.UtilitiesSvc)
SRV - [2011/12/14 16:56:50 | 000,028,992 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\WINDOWS\system32\uxtuneup.dll -- (UxTuneUp)
SRV - [2011/06/03 11:22:37 | 000,867,080 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2011/01/20 03:59:18 | 000,217,088 | ---- | M] (Teruten) [Disabled | Stopped] -- C:\WINDOWS\system32\FsUsbExService.Exe -- (FsUsbExService)
SRV - [2009/09/06 06:06:20 | 000,169,312 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe -- (AdobeActiveFileMonitor8.0)
SRV - [2006/11/03 20:19:58 | 000,013,592 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV - [2005/04/04 00:41:10 | 000,069,632 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe -- (IDriverT)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\Drivers\usbaapl.sys -- (USBAAPL)
DRV - File not found [Kernel | System | Stopped] -- -- (PQNTDrv)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- C:\Program Files\Fichiers communs\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\dgderdrv.sys -- (dgderdrv)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\HHHHHH~1\LOCALS~1\Temp\ASFWHide -- (ASFWHide)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\HHHHHH~1\LOCALS~1\Temp\__Samsung_Update\ADDMEM.SYS -- (ADDMEM)
DRV - [2013/04/04 14:50:32 | 000,022,856 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2011/10/13 18:33:58 | 000,010,064 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Running] -- C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesDriver32.sys -- (TuneUpUtilitiesDrv)
DRV - [2011/07/21 20:55:50 | 000,016,640 | ---- | M] (CybelSoft) [Kernel | On_Demand | Stopped] -- C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys -- (driverhardwarev2)
DRV - [2011/02/04 18:28:56 | 000,297,888 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\yk51x86.sys -- (yukonwxp)
DRV - [2011/01/20 03:59:18 | 000,036,640 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\FsUsbExDisk.Sys -- (FsUsbExDisk)
DRV - [2010/01/27 04:09:02 | 000,050,704 | ---- | M] (CACE Technologies, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\npf.sys -- (npf)
DRV - [2009/06/03 23:05:26 | 001,570,240 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\athw.sys -- (AR5416)
DRV - [2008/09/23 22:23:58 | 000,238,464 | ---- | M] (Vimicro Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\VMC326.sys -- (VMC326)
DRV - [2008/08/27 01:35:00 | 004,753,920 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService)
DRV - [2008/07/29 17:59:08 | 000,879,832 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btkrnl.sys -- (BTKRNL)
DRV - [2008/07/29 17:59:02 | 000,156,816 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btwdndis.sys -- (BTWDNDIS)
DRV - [2008/07/27 01:29:54 | 000,074,688 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btwusb.sys -- (BTWUSB)
DRV - [2008/07/27 01:29:50 | 000,037,280 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btwmodem.sys -- (btwmodem)
DRV - [2008/07/27 01:29:36 | 000,037,424 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btport.sys -- (BTDriver)
DRV - [2008/07/27 01:29:28 | 000,539,640 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btaudio.sys -- (btaudio)
DRV - [2008/01/14 20:01:02 | 000,030,208 | ---- | M] (Samsung Electronics,.LTD) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SamsungEDS.SYS -- (DNSeFilter)
DRV - [2006/08/01 16:57:24 | 000,019,840 | ---- | M] (Samsung) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SUE_PD.sys -- (SUEPD)
DRV - [2005/10/27 06:18:05 | 000,004,300 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\MEMIO.SYS -- (DOSMEMIO)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.qvo6.com/?utm_source=b&utm_medium=nsb1&utm_campaign=eXQ&utm_content=hp&from=nsb1&uid=SAMSUNGXHM160HI_S1WWJD0S273744&ts=1378590072
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.qvo6.com/?utm_source=b&utm_medium=nsb1&utm_campaign=eXQ&utm_content=hp&from=nsb1&uid=SAMSUNGXHM160HI_S1WWJD0S273744&ts=1378590072
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = https://www.google.com/webhp?gws_rd=ssl
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = https://www.google.com/webhp?gws_rd=ssl
IE - HKLM\..\SearchScopes,DefaultScope = {33BB0A4E-99AF-4226-BDF6-49120163DE86}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = https://www.bing.com/?scope=web&mkt=fr-FR{searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}: "URL" = https://www.google.com/webhp?gws_rd=ssl


IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-615890714-1377053193-3904064583-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.qvo6.com/?utm_source=b&utm_medium=nsb1&utm_campaign=eXQ&utm_content=hp&from=nsb1&uid=SAMSUNGXHM160HI_S1WWJD0S273744&ts=1378590072
IE - HKU\S-1-5-21-615890714-1377053193-3904064583-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://search.duxot.com/ [binary data]
IE - HKU\S-1-5-21-615890714-1377053193-3904064583-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = https://www.google.com/?gws_rd=ssl
IE - HKU\S-1-5-21-615890714-1377053193-3904064583-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/?gws_rd=ssl
IE - HKU\S-1-5-21-615890714-1377053193-3904064583-1005\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-615890714-1377053193-3904064583-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.qvo6.com/?utm_source=b&utm_medium=nsb1&utm_campaign=eXQ&utm_content=hp&from=nsb1&uid=SAMSUNGXHM160HI_S1WWJD0S273744&ts=1378590072
IE - HKU\S-1-5-21-615890714-1377053193-3904064583-1005\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = https://www.google.com/?gws_rd=ssl
IE - HKU\S-1-5-21-615890714-1377053193-3904064583-1005\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = https://www.google.com/?gws_rd=ssl
IE - HKU\S-1-5-21-615890714-1377053193-3904064583-1005\..\SearchScopes,DefaultScope = {07EA5077-D1B7-45C8-AD63-0FA149D03658}
IE - HKU\S-1-5-21-615890714-1377053193-3904064583-1005\..\SearchScopes\{07EA5077-D1B7-45C8-AD63-0FA149D03658}: "URL" = https://www.google.com/webhp?gws_rd=ssl{searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}
IE - HKU\S-1-5-21-615890714-1377053193-3904064583-1005\..\SearchScopes\{08CE742D-26A8-478A-8F6D-8F64C24AD455}: "URL" = https://en.wikipedia.org/w/index.php?title=Special:Search&search={searchTerms}
IE - HKU\S-1-5-21-615890714-1377053193-3904064583-1005\..\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}: "URL" = https://www.google.com/webhp?gws_rd=ssl
IE - HKU\S-1-5-21-615890714-1377053193-3904064583-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-615890714-1377053193-3904064583-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>


[color=#E56717]========== FireFox ==========[/color]

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_4_402_287.dll File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_39: C:\WINDOWS\system32\npdeployJava1.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@ma-config.com/HardwareDetection: C:\Program Files\ma-config.com\nphardwaredetection.dll (Cybelsoft)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=15.0.6.14: c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=15.0.6.14: c:\program files\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.6.14: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.6.14: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=15.0.6.14: c:\program files\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.8: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{0153E448-190B-4987-BDE1-F256CADA672F}: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012/10/21 14:41:22 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\KompoZer\Extensions\\Plugins: C:\Program Files\KompoZer\Plugins [2012/09/16 21:51:27 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\KompoZer\Extensions\\Components: C:\Program Files\KompoZer\Components [2011/04/08 19:54:31 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 17.0\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2013/03/11 14:25:03 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 17.0\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins [2012/10/21 14:42:33 | 000,000,000 | ---D | M]

[2012/03/03 14:31:32 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\hhhhhhhhhhhh\Application Data\Mozilla\Extensions
[2011/05/15 15:15:00 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2010/08/22 20:55:51 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2011/02/03 22:26:53 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2011/03/05 20:25:30 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
[2011/02/02 22:40:24 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll

O1 HOSTS File: ([2011/08/28 21:43:04 | 000,000,820 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 activate.adobe.com
O2 - BHO: (Aide pour le lien d'Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Programme d'aide de l'Assistant de connexion Windows Live) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (no name) - !{8e5025c2-8ea3-430d-80b8-a14151068a6d} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKU\S-1-5-21-615890714-1377053193-3904064583-1005\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O4 - HKLM..\Run: [Adobe ARM] C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [BatteryManager] C:\Program Files\Samsung\Samsung Battery Manager\BatteryManager.exe ()
O4 - HKLM..\Run: [DMHotKey] C:\Program Files\Samsung\Easy Display Manager\DMLoader.exe (SAMSUNG Electronics)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\real\realplayer\update\realsched.exe (RealNetworks, Inc.)
O4 - HKU\.DEFAULT..\Run: [DWQueuedReporting] C:\Program Files\Fichiers communs\Microsoft Shared\DW\DWTRIG20.EXE (Microsoft Corporation)
O4 - HKU\S-1-5-18..\Run: [DWQueuedReporting] C:\Program Files\Fichiers communs\Microsoft Shared\DW\DWTRIG20.EXE (Microsoft Corporation)
O4 - HKU\S-1-5-21-615890714-1377053193-3904064583-1005..\Run: [] C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-615890714-1377053193-3904064583-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Envoyer à Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O8 - Extra context menu item: Envoyer au périphérique &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} http://www.ma-config.com/plugins/MaConfig_6_0_0_3.cab ("Ma-Config.com control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_39-windows-i586.cab (Java Plug-in 1.6.0_39)
O16 - DPF: {CAFEEFAC-0015-0000-0000-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0039-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_39-windows-i586.cab (Java Plug-in 1.6.0_39)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_39-windows-i586.cab (Java Plug-in 1.6.0_39)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{82FF6967-D64D-459A-A874-1F6313B4F56F}: DhcpNameServer = 192.168.1.1 192.168.1.1
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (C:\DOCUME~1\HHHHHH~1\LOCALS~1\APPLIC~1\DProtect\eBP.dll) - C:\Documents and Settings\hhhhhhhhhhhh\Local Settings\Application Data\DProtect\eBP.dll ()
O20 - AppInit_DLLs: (C:\DOCUME~1\HHHHHH~1\LOCALS~1\APPLIC~1\DProtect\eBPSD.dll) - C:\Documents and Settings\hhhhhhhhhhhh\Local Settings\Application Data\DProtect\eBPSD.dll ()
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Ma page d'accueil) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\hhhhhhhhhhhh\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\hhhhhhhhhhhh\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O27 - HKLM IFEO\mcsettings.exe: Debugger - C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\setup.exe: Debugger - C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\taskmgr.exe: Debugger - C:\Program Files\TuneUp Utilities 2012\PMLauncher.exe (TuneUp Software)
O28 - HKLM ShellExecuteHooks: {091EB208-39DD-417D-A5DD-7E2C2D8FB9CB} - C:\Program Files\Windows Defender\MpShHook.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008/12/30 23:34:23 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2013/09/07 23:31:34 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\hhhhhhhhhhhh\Bureau\OTL.exe
[2013/09/07 21:47:13 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\hhhhhhhhhhhh\Recent
[2013/09/07 19:36:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\hhhhhhhhhhhh\Menu Démarrer\Programmes\Revo Uninstaller
[2013/09/07 19:36:02 | 000,000,000 | ---D | C] -- C:\Program Files\VS Revo Group
[2013/09/07 19:08:59 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2013/09/07 18:51:35 | 000,000,000 | R--D | C] -- C:\Documents and Settings\hhhhhhhhhhhh\Bureau\Favoris
[2013/09/06 21:55:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\hhhhhhhhhhhh\Local Settings\Application Data\DProtect
[2013/09/06 21:44:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\hhhhhhhhhhhh\Mes documents\Freemake
[2013/09/06 21:43:56 | 000,000,000 | ---D | C] -- C:\Program Files\Freemake
[2013/09/06 21:34:16 | 001,986,560 | ---- | C] (NCT Company Ltd.) -- C:\WINDOWS\System32\AudFile.dll
[2013/09/06 21:34:16 | 001,212,416 | ---- | C] (NCT Company Ltd.) -- C:\WINDOWS\System32\AudioInfos.dll
[2013/09/06 21:34:16 | 000,458,752 | ---- | C] (NCT Company Ltd.) -- C:\WINDOWS\System32\AudPlayer.dll
[2013/09/06 21:34:16 | 000,348,160 | ---- | C] (NCT Company Ltd.) -- C:\WINDOWS\System32\WMAFile.dll
[2013/09/06 21:34:16 | 000,224,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\TABCTL32.OCX
[2013/09/06 21:34:16 | 000,119,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\VB6FR.DLL
[2013/09/06 21:34:16 | 000,115,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msinet.OCX
[2013/09/06 21:34:16 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\TABCTFR.DLL
[2013/09/06 21:34:16 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\inetfr.DLL
[2013/09/06 21:34:15 | 001,081,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mscomctl.ocx
[2013/09/06 21:34:15 | 000,662,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MSCOMCT2.OCX
[2013/09/06 21:34:15 | 000,141,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MSCMCFR.DLL
[2013/09/06 21:34:15 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\Mscc2fr.dll
[2013/09/06 21:33:20 | 000,000,000 | ---D | C] -- C:\Program Files\Free mp3 Wma Converter
[2013/08/24 18:38:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\hhhhhhhhhhhh\Application Data\vlc
[2013/08/24 18:37:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\VideoLAN
[2013/08/24 18:35:40 | 000,000,000 | ---D | C] -- C:\Program Files\Nouveau dossier
[2013/08/13 20:23:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\hhhhhhhhhhhh\Bureau\VOLUME
[2013/08/10 15:32:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Tradexpert2.89A5R
[2013/08/10 15:32:43 | 000,000,000 | ---D | C] -- C:\Program Files\Tradexpert2.89A5R
[2012/10/21 19:18:35 | 003,623,592 | ---- | C] (Ask) -- C:\Program Files\Fichiers communs\ApnToolbarInstaller.exe
[2012/10/21 19:18:35 | 000,143,240 | ---- | C] (Ask.com) -- C:\Program Files\Fichiers communs\ApnStub.exe
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2013/09/07 23:52:00 | 000,001,002 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2013/09/07 23:49:42 | 000,001,097 | ---- | M] () -- C:\Documents and Settings\hhhhhhhhhhhh\Application Data\Microsoft\Internet Explorer\Quick Launch\Démarrer Internet Explorer.lnk
[2013/09/07 23:31:50 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\hhhhhhhhhhhh\Bureau\OTL.exe
[2013/09/07 23:20:40 | 000,000,104 | ---- | M] () -- C:\Documents and Settings\hhhhhhhhhhhh\Application Data\Microsoft\Internet Explorer\Quick Launch\Internet Explorer (2).lnk
[2013/09/07 23:18:42 | 000,000,330 | -H-- | M] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
[2013/09/07 23:16:11 | 000,000,292 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-615890714-1377053193-3904064583-1005.job
[2013/09/07 23:16:04 | 000,001,068 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2013/09/07 23:16:02 | 000,000,300 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-615890714-1377053193-3904064583-1005.job
[2013/09/07 23:15:46 | 000,001,064 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2013/09/07 23:15:27 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013/09/07 23:15:23 | 2137,444,352 | -HS- | M] () -- C:\hiberfil.sys
[2013/09/07 19:36:03 | 000,000,917 | ---- | M] () -- C:\Documents and Settings\hhhhhhhhhhhh\Bureau\Revo Uninstaller.lnk
[2013/09/06 21:19:57 | 000,082,944 | ---- | M] () -- C:\Documents and Settings\hhhhhhhhhhhh\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013/09/06 15:55:05 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2013/09/02 22:29:41 | 000,069,027 | ---- | M] () -- C:\Documents and Settings\hhhhhhhhhhhh\Bureau\CONFIRMATION bravofly.pdf
[2013/08/28 20:05:32 | 000,002,386 | ---- | M] () -- C:\Documents and Settings\hhhhhhhhhhhh\Bureau\sg_backup_2013-08-28-2005.spg
[2013/08/24 20:05:33 | 000,000,166 | ---- | M] () -- C:\WINDOWS\wininit.ini
[2013/08/24 18:37:54 | 000,000,719 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\VLC media player.lnk
[2013/08/24 15:44:27 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Malwarebytes Anti-Malware.lnk
[2013/08/24 15:29:39 | 000,002,090 | ---- | M] () -- C:\Documents and Settings\hhhhhhhhhhhh\Bureau\Facebook.lnk
[2013/08/24 15:29:39 | 000,002,088 | ---- | M] () -- C:\Documents and Settings\hhhhhhhhhhhh\Bureau\Youtube.lnk
[2013/08/24 15:03:51 | 000,002,386 | ---- | M] () -- C:\Documents and Settings\hhhhhhhhhhhh\Bureau\sg_backup_2013-08-24-1503.spg
[2013/08/22 19:44:06 | 001,843,254 | ---- | M] () -- C:\Documents and Settings\hhhhhhhhhhhh\Bureau\Sans titre.bmp
[2013/08/16 23:35:10 | 000,500,910 | ---- | M] () -- C:\WINDOWS\System32\perfh00C.dat
[2013/08/16 23:35:10 | 000,432,784 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2013/08/16 23:35:10 | 000,080,936 | ---- | M] () -- C:\WINDOWS\System32\perfc00C.dat
[2013/08/16 23:35:10 | 000,067,740 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2013/08/10 15:32:46 | 000,000,764 | ---- | M] () -- C:\Documents and Settings\hhhhhhhhhhhh\Bureau\Tradexpert2.89A5R.lnk
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2013/09/07 23:20:40 | 000,000,104 | ---- | C] () -- C:\Documents and Settings\hhhhhhhhhhhh\Application Data\Microsoft\Internet Explorer\Quick Launch\Internet Explorer (2).lnk
[2013/09/07 23:15:23 | 2137,444,352 | -HS- | C] () -- C:\hiberfil.sys
[2013/09/07 21:11:06 | 000,001,097 | ---- | C] () -- C:\Documents and Settings\hhhhhhhhhhhh\Application Data\Microsoft\Internet Explorer\Quick Launch\Démarrer Internet Explorer.lnk
[2013/09/07 21:11:04 | 000,001,085 | ---- | C] () -- C:\Documents and Settings\hhhhhhhhhhhh\Menu Démarrer\Programmes\Internet Explorer.lnk
[2013/09/07 19:36:03 | 000,000,917 | ---- | C] () -- C:\Documents and Settings\hhhhhhhhhhhh\Bureau\Revo Uninstaller.lnk
[2013/09/06 21:51:42 | 000,082,256 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2013/09/06 21:34:16 | 000,116,296 | ---- | C] () -- C:\WINDOWS\System32\NCTWMAProfiles.prx
[2013/09/02 22:29:41 | 000,069,027 | ---- | C] () -- C:\Documents and Settings\hhhhhhhhhhhh\Bureau\CONFIRMATION bravofly.pdf
[2013/08/28 20:05:32 | 000,002,386 | ---- | C] () -- C:\Documents and Settings\hhhhhhhhhhhh\Bureau\sg_backup_2013-08-28-2005.spg
[2013/08/24 20:05:33 | 000,000,166 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2013/08/24 18:37:54 | 000,000,719 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\VLC media player.lnk
[2013/08/24 15:29:39 | 000,002,090 | ---- | C] () -- C:\Documents and Settings\hhhhhhhhhhhh\Bureau\Facebook.lnk
[2013/08/24 15:29:39 | 000,002,088 | ---- | C] () -- C:\Documents and Settings\hhhhhhhhhhhh\Bureau\Youtube.lnk
[2013/08/24 15:03:51 | 000,002,386 | ---- | C] () -- C:\Documents and Settings\hhhhhhhhhhhh\Bureau\sg_backup_2013-08-24-1503.spg
[2013/08/22 19:44:05 | 001,843,254 | ---- | C] () -- C:\Documents and Settings\hhhhhhhhhhhh\Bureau\Sans titre.bmp
[2013/08/10 15:32:46 | 000,000,764 | ---- | C] () -- C:\Documents and Settings\hhhhhhhhhhhh\Bureau\Tradexpert2.89A5R.lnk
[2012/10/21 19:18:36 | 000,444,283 | ---- | C] () -- C:\Program Files\Fichiers communs\WinPcapNmap.exe
[2012/08/24 12:09:33 | 000,030,386 | ---- | C] () -- C:\Documents and Settings\hhhhhhhhhhhh\.recently-used.xbel
[2012/02/14 21:26:16 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2012/01/02 02:02:23 | 000,032,256 | ---- | C] () -- C:\WINDOWS\System32\AVSredirect.dll
[2010/08/14 22:57:45 | 000,001,812 | ---- | C] () -- C:\Documents and Settings\hhhhhhhhhhhh\.jalbum-recent-projects.properties
[2010/08/14 20:02:17 | 000,001,104 | ---- | C] () -- C:\Documents and Settings\hhhhhhhhhhhh\.jalbum-defaults.jap
[2010/08/14 20:02:17 | 000,000,422 | ---- | C] () -- C:\Documents and Settings\hhhhhhhhhhhh\.jalbum-ftp-accounts.xml
[2009/08/01 18:57:05 | 000,000,268 | RH-- | C] () -- C:\Documents and Settings\All Users\Application Data\Drum Kits
[2009/08/01 18:57:05 | 000,000,268 | RH-- | C] () -- C:\Documents and Settings\hhhhhhhhhhhh\Application Data\Displays
[2009/08/01 18:57:05 | 000,000,020 | -H-- | C] () -- C:\Documents and Settings\All Users\Application Data\PKP_DLdw.DAT
[2009/08/01 18:55:56 | 000,000,268 | RH-- | C] () -- C:\Documents and Settings\All Users\Application Data\Documentation
[2009/08/01 18:55:56 | 000,000,268 | RH-- | C] () -- C:\Documents and Settings\hhhhhhhhhhhh\Application Data\Digital Mono
[2009/08/01 18:55:56 | 000,000,020 | -H-- | C] () -- C:\Documents and Settings\All Users\Application Data\PKP_DLdu.DAT
[2009/03/29 20:24:19 | 000,082,944 | ---- | C] () -- C:\Documents and Settings\hhhhhhhhhhhh\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[color=#E56717]========== ZeroAccess Check ==========[/color]

[2009/11/07 20:15:30 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2010/11/05 07:05:16 | 001,510,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009/02/09 12:53:55 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008/04/14 14:00:00 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[color=#E56717]========== LOP Check ==========[/color]

[2010/11/17 19:05:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Alwil Software
[2009/08/01 18:55:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Automator
[2012/01/22 21:47:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVAST Software
[2011/03/05 23:29:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG10
[2011/08/11 00:07:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Badoo
[2009/08/01 18:57:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Bundle
[2009/11/22 12:40:42 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonBJ
[2010/12/18 19:39:26 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Common Files
[2009/08/01 18:57:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\EnterNHelp
[2012/09/29 16:42:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ma-config.com
[2010/12/18 19:36:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MFAData
[2009/08/01 18:56:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Nikon
[2013/08/30 15:42:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Samsung
[2011/02/20 17:42:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Trusteer
[2012/01/08 02:06:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TuneUp Software
[2009/08/01 18:57:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ultima_T15
[2008/12/30 23:41:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WLAN
[2012/01/08 02:04:40 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Application Data\{32364CEA-7855-4A3C-B674-53D8E9B97936}
[2011/01/25 23:14:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2010/01/16 10:32:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\hhhhhhhhhhhh\Application Data\3M
[2011/05/15 15:33:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\hhhhhhhhhhhh\Application Data\Auslogics
[2010/12/18 19:49:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\hhhhhhhhhhhh\Application Data\AVG10
[2011/01/04 23:35:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\hhhhhhhhhhhh\Application Data\CheckPoint
[2011/08/28 12:15:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\hhhhhhhhhhhh\Application Data\com.zoosk.Desktop.096E6A67431258A508A2446A847B240591D2C99B.1
[2012/07/15 15:42:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\hhhhhhhhhhhh\Application Data\ElevatedDiagnostics
[2010/10/11 23:32:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\hhhhhhhhhhhh\Application Data\FileZilla
[2012/10/21 18:55:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\hhhhhhhhhhhh\Application Data\FreeFLVConverter
[2013/08/05 19:52:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\hhhhhhhhhhhh\Application Data\inkscape
[2011/08/28 15:51:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\hhhhhhhhhhhh\Application Data\JAlbum
[2011/04/03 15:12:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\hhhhhhhhhhhh\Application Data\KompoZer
[2011/04/08 19:54:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\hhhhhhhhhhhh\Application Data\kompozer.net
[2009/08/01 20:31:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\hhhhhhhhhhhh\Application Data\Nikon
[2011/04/21 22:24:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\hhhhhhhhhhhh\Application Data\Notepad++
[2009/03/28 15:18:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\hhhhhhhhhhhh\Application Data\OpenOffice.org
[2009/12/26 21:22:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\hhhhhhhhhhhh\Application Data\PeaZip
[2011/07/16 13:18:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\hhhhhhhhhhhh\Application Data\Reviversoft
[2013/08/30 15:42:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\hhhhhhhhhhhh\Application Data\Samsung
[2009/04/09 22:44:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\hhhhhhhhhhhh\Application Data\SystemRequirementsLab
[2012/03/03 14:31:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\hhhhhhhhhhhh\Application Data\Thunderbird
[2012/10/21 21:17:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\hhhhhhhhhhhh\Application Data\Tomato
[2012/01/08 02:05:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\hhhhhhhhhhhh\Application Data\TuneUp Software
[2013/09/06 21:51:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\hhhhhhhhhhhh\Application Data\uTorrent
[2012/10/21 19:47:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\hhhhhhhhhhhh\Application Data\VDownloader
[2012/01/15 11:58:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\TuneUp Software

[color=#E56717]========== Purity Check ==========[/color]



< End of report >




OTL logfile created on: 07/09/2013 23:47:47 - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\hhhhhhhhhhhh\Bureau
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

1,99 Gb Total Physical Memory | 1,57 Gb Available Physical Memory | 78,90% Memory free
4,82 Gb Paging File | 4,57 Gb Available in Paging File | 94,85% Paging File free
Paging file location(s): C:\pagefile.sys 3048 3048 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 30,04 Gb Total Space | 7,77 Gb Free Space | 25,86% Space Free | Partition Type: NTFS
Drive D: | 113,00 Gb Total Space | 19,75 Gb Free Space | 17,48% Space Free | Partition Type: NTFS

Computer Name: MON-A54F424C63 | User Name: hhhhhhhhhhhh | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - [2013/09/07 23:31:50 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\hhhhhhhhhhhh\Bureau\OTL.exe
PRC - [2013/09/06 21:55:25 | 000,342,592 | ---- | M] (Woodtale Technology Inc) -- C:\Documents and Settings\hhhhhhhhhhhh\Local Settings\Application Data\DProtect\DProtectSvc.exe
PRC - [2013/04/04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2012/10/21 14:40:15 | 000,296,096 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Real\RealPlayer\Update\realsched.exe
PRC - [2012/09/17 12:41:54 | 000,254,896 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe
PRC - [2011/12/14 16:57:02 | 001,212,224 | ---- | M] (TuneUp Software) -- C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesApp32.exe
PRC - [2011/12/14 16:57:00 | 001,514,304 | ---- | M] (TuneUp Software) -- C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe
PRC - [2009/09/06 06:06:20 | 000,169,312 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe
PRC - [2008/10/20 11:32:54 | 002,768,896 | ---- | M] () -- C:\Program Files\Samsung\Samsung Battery Manager\BatteryManager.exe
PRC - [2008/10/06 19:07:26 | 000,679,936 | ---- | M] (SAMSUNG Electronics) -- C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe
PRC - [2008/04/14 14:00:00 | 001,037,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2006/11/03 20:19:58 | 000,013,592 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MsMpEng.exe


[color=#E56717]========== Modules (No Company Name) ==========[/color]

MOD - [2013/09/06 21:55:25 | 000,506,944 | ---- | M] () -- C:\Documents and Settings\hhhhhhhhhhhh\Local Settings\Application Data\DProtect\eBP.dll
MOD - [2013/09/06 21:55:25 | 000,062,016 | ---- | M] () -- C:\Documents and Settings\hhhhhhhhhhhh\Local Settings\Application Data\DProtect\eBPSD.dll
MOD - [2011/02/09 02:56:38 | 000,296,448 | ---- | M] () -- C:\Program Files\Notepad++\NppShell_04.dll
MOD - [2008/10/20 11:32:54 | 002,768,896 | ---- | M] () -- C:\Program Files\Samsung\Samsung Battery Manager\BatteryManager.exe
MOD - [2006/08/12 13:48:40 | 000,049,152 | ---- | M] () -- C:\Program Files\Samsung\Easy Display Manager\HookDllPS2.dll


[color=#E56717]========== Services (SafeList) ==========[/color]

SRV - File not found [Auto | Stopped] -- C:\Documents and Settings\hhhhhhhhhhhh\Local Settings\Application Data\Torch\Update\TorchCrashHandler.exe -- (TorchCrashHandler)
SRV - File not found [On_Demand | Stopped] -- %SystemRoot%\System32\appmgmts.dll -- (AppMgmt)
SRV - [2013/09/06 21:55:25 | 000,342,592 | ---- | M] (Woodtale Technology Inc) [Auto | Running] -- C:\Documents and Settings\hhhhhhhhhhhh\Local Settings\Application Data\DProtect\DProtectSvc.exe -- (DPService)
SRV - [2013/04/04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2013/04/04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2012/12/19 00:10:57 | 000,250,808 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/09/23 12:39:48 | 000,312,264 | ---- | M] (CybelSoft) [On_Demand | Stopped] -- C:\Program Files\ma-config.com\maconfservice.exe -- (maconfservice)
SRV - [2011/12/14 16:57:00 | 001,514,304 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe -- (TuneUp.UtilitiesSvc)
SRV - [2011/12/14 16:56:50 | 000,028,992 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\WINDOWS\system32\uxtuneup.dll -- (UxTuneUp)
SRV - [2011/06/03 11:22:37 | 000,867,080 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2011/01/20 03:59:18 | 000,217,088 | ---- | M] (Teruten) [Disabled | Stopped] -- C:\WINDOWS\system32\FsUsbExService.Exe -- (FsUsbExService)
SRV - [2009/09/06 06:06:20 | 000,169,312 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe -- (AdobeActiveFileMonitor8.0)
SRV - [2006/11/03 20:19:58 | 000,013,592 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV - [2005/04/04 00:41:10 | 000,069,632 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe -- (IDriverT)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\Drivers\usbaapl.sys -- (USBAAPL)
DRV - File not found [Kernel | System | Stopped] -- -- (PQNTDrv)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- C:\Program Files\Fichiers communs\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\dgderdrv.sys -- (dgderdrv)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\HHHHHH~1\LOCALS~1\Temp\ASFWHide -- (ASFWHide)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\HHHHHH~1\LOCALS~1\Temp\__Samsung_Update\ADDMEM.SYS -- (ADDMEM)
DRV - [2013/04/04 14:50:32 | 000,022,856 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2011/10/13 18:33:58 | 000,010,064 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Running] -- C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesDriver32.sys -- (TuneUpUtilitiesDrv)
DRV - [2011/07/21 20:55:50 | 000,016,640 | ---- | M] (CybelSoft) [Kernel | On_Demand | Stopped] -- C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys -- (driverhardwarev2)
DRV - [2011/02/04 18:28:56 | 000,297,888 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\yk51x86.sys -- (yukonwxp)
DRV - [2011/01/20 03:59:18 | 000,036,640 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\FsUsbExDisk.Sys -- (FsUsbExDisk)
DRV - [2010/01/27 04:09:02 | 000,050,704 | ---- | M] (CACE Technologies, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\npf.sys -- (npf)
DRV - [2009/06/03 23:05:26 | 001,570,240 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\athw.sys -- (AR5416)
DRV - [2008/09/23 22:23:58 | 000,238,464 | ---- | M] (Vimicro Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\VMC326.sys -- (VMC326)
DRV - [2008/08/27 01:35:00 | 004,753,920 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService)
DRV - [2008/07/29 17:59:08 | 000,879,832 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btkrnl.sys -- (BTKRNL)
DRV - [2008/07/29 17:59:02 | 000,156,816 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btwdndis.sys -- (BTWDNDIS)
DRV - [2008/07/27 01:29:54 | 000,074,688 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btwusb.sys -- (BTWUSB)
DRV - [2008/07/27 01:29:50 | 000,037,280 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btwmodem.sys -- (btwmodem)
DRV - [2008/07/27 01:29:36 | 000,037,424 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btport.sys -- (BTDriver)
DRV - [2008/07/27 01:29:28 | 000,539,640 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btaudio.sys -- (btaudio)
DRV - [2008/01/14 20:01:02 | 000,030,208 | ---- | M] (Samsung Electronics,.LTD) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SamsungEDS.SYS -- (DNSeFilter)
DRV - [2006/08/01 16:57:24 | 000,019,840 | ---- | M] (Samsung) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SUE_PD.sys -- (SUEPD)
DRV - [2005/10/27 06:18:05 | 000,004,300 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\MEMIO.SYS -- (DOSMEMIO)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.qvo6.com/?utm_source=b&utm_medium=nsb1&utm_campaign=eXQ&utm_content=hp&from=nsb1&uid=SAMSUNGXHM160HI_S1WWJD0S273744&ts=1378590072
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.qvo6.com/?utm_source=b&utm_medium=nsb1&utm_campaign=eXQ&utm_content=hp&from=nsb1&uid=SAMSUNGXHM160HI_S1WWJD0S273744&ts=1378590072
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = https://www.google.com/webhp?gws_rd=ssl
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = https://www.google.com/webhp?gws_rd=ssl
IE - HKLM\..\SearchScopes,DefaultScope = {33BB0A4E-99AF-4226-BDF6-49120163DE86}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = https://www.bing.com/?scope=web&mkt=fr-FR{searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}: "URL" = https://www.google.com/webhp?gws_rd=ssl


IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-615890714-1377053193-3904064583-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.qvo6.com/?utm_source=b&utm_medium=nsb1&utm_campaign=eXQ&utm_content=hp&from=nsb1&uid=SAMSUNGXHM160HI_S1WWJD0S273744&ts=1378590072
IE - HKU\S-1-5-21-615890714-1377053193-3904064583-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://search.duxot.com/ [binary data]
IE - HKU\S-1-5-21-615890714-1377053193-3904064583-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = https://www.google.com/?gws_rd=ssl
IE - HKU\S-1-5-21-615890714-1377053193-3904064583-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/?gws_rd=ssl
IE - HKU\S-1-5-21-615890714-1377053193-3904064583-1005\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-615890714-1377053193-3904064583-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =

2 réponses

Réponse 1 / 2
Utilisateur anonyme
8 sept. 2013 à 11:49
bonjour,

est ce que tu peux m'indiquer ou tu as choppé Qvo6 s'il te plait ?


0
Réponse 2 / 2
Malekal_morte- Messages postés 180304 Date d'inscription mercredi 17 mai 2006 Statut Modérateur, Contributeur sécurité Dernière intervention 15 décembre 2020 24 628
8 sept. 2013 à 11:49
Salut,


Relance OTL.
o sous Personnalisation (Custom Scan), copie_colle le contenu du cadre ci dessous (bien prendre :OTL en début).
Clic Correction (Fix), un rapport apparraitra, copie/colle le contenu ici:

:OTL
SRV - File not found [Auto | Stopped] -- C:\Documents and Settings\hhhhhhhhhhhh\Local Settings\Application Data\Torch\Update\TorchCrashHandler.exe -- (TorchCrashHandler)
SRV - File not found [On_Demand | Stopped] -- %SystemRoot%\System32\appmgmts.dll -- (AppMgmt)
SRV - [2013/09/06 21:55:25 | 000,342,592 | ---- | M] (Woodtale Technology Inc) [Auto | Running] -- C:\Documents and Settings\hhhhhhhhhhhh\Local Settings\Application Data\DProtect\DProtectSvc.exe -- (DPService)
MOD - [2013/09/06 21:55:25 | 000,506,944 | ---- | M] () -- C:\Documents and Settings\hhhhhhhhhhhh\Local Settings\Application Data\DProtect\eBP.dll
MOD - [2013/09/06 21:55:25 | 000,062,016 | ---- | M] () -- C:\Documents and Settings\hhhhhhhhhhhh\Local Settings\Application Data\DProtect\eBPSD.dll
SRV - [2013/09/06 21:55:25 | 000,342,592 | ---- | M] (Woodtale Technology Inc) [Auto | Running] -- C:\Documents and Settings\hhhhhhhhhhhh\Local Settings\Application Data\DProtect\DProtectSvc.exe -- (DPService)
O20 - AppInit_DLLs: (C:\DOCUME~1\HHHHHH~1\LOCALS~1\APPLIC~1\DProtect\eBP.dll) - C:\Documents and Settings\hhhhhhhhhhhh\Local Settings\Application Data\DProtect\eBP.dll ()
O20 - AppInit_DLLs: (C:\DOCUME~1\HHHHHH~1\LOCALS~1\APPLIC~1\DProtect\eBPSD.dll) - C:\Documents and Settings\hhhhhhhhhhhh\Local Settings\Application Data\DProtect\eBPSD.dll ()
[2013/09/06 21:55:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\hhhhhhhhhhhh\Local Settings\Application Data\DProtect
[2013/09/06 21:44:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\hhhhhhhhhhhh\Mes documents\Freemake
[2013/09/06 21:43:56 | 000,000,000 | ---D | C] -- C:\Program Files\Freemake


* redemarre le pc sous windows et poste le rapport ici

0
haddocks Messages postés 77 Date d'inscription lundi 7 novembre 2005 Statut Membre Dernière intervention 28 décembre 2018
8 sept. 2013 à 12:11
voilà: c'est tjrs pareil


========== OTL ==========
Service TorchCrashHandler stopped successfully!
Service TorchCrashHandler deleted successfully!
File C:\Documents and Settings\hhhhhhhhhhhh\Local Settings\Application Data\Torch\Update\TorchCrashHandler.exe not found.
Service AppMgmt stopped successfully!
Service AppMgmt deleted successfully!
File %SystemRoot%\System32\appmgmts.dll not found.
Service DPService stopped successfully!
Service DPService deleted successfully!
File move failed. C:\Documents and Settings\hhhhhhhhhhhh\Local Settings\Application Data\DProtect\DProtectSvc.exe scheduled to be moved on reboot.
Releasing module C:\Documents and Settings\hhhhhhhhhhhh\Local Settings\Application Data\DProtect\eBP.dll
File move failed. C:\Documents and Settings\hhhhhhhhhhhh\Local Settings\Application Data\DProtect\eBP.dll scheduled to be moved on reboot.
Releasing module C:\Documents and Settings\hhhhhhhhhhhh\Local Settings\Application Data\DProtect\eBP.dll
File move failed. C:\Documents and Settings\hhhhhhhhhhhh\Local Settings\Application Data\DProtect\eBP.dll scheduled to be moved on reboot.
Releasing module C:\Documents and Settings\hhhhhhhhhhhh\Local Settings\Application Data\DProtect\eBP.dll
File move failed. C:\Documents and Settings\hhhhhhhhhhhh\Local Settings\Application Data\DProtect\eBP.dll scheduled to be moved on reboot.
Releasing module C:\Documents and Settings\hhhhhhhhhhhh\Local Settings\Application Data\DProtect\eBP.dll
File move failed. C:\Documents and Settings\hhhhhhhhhhhh\Local Settings\Application Data\DProtect\eBP.dll scheduled to be moved on reboot.
Releasing module C:\Documents and Settings\hhhhhhhhhhhh\Local Settings\Application Data\DProtect\eBP.dll
File move failed. C:\Documents and Settings\hhhhhhhhhhhh\Local Settings\Application Data\DProtect\eBP.dll scheduled to be moved on reboot.
Releasing module C:\Documents and Settings\hhhhhhhhhhhh\Local Settings\Application Data\DProtect\eBP.dll
File move failed. C:\Documents and Settings\hhhhhhhhhhhh\Local Settings\Application Data\DProtect\eBP.dll scheduled to be moved on reboot.
Releasing module C:\Documents and Settings\hhhhhhhhhhhh\Local Settings\Application Data\DProtect\eBP.dll
File move failed. C:\Documents and Settings\hhhhhhhhhhhh\Local Settings\Application Data\DProtect\eBP.dll scheduled to be moved on reboot.
Releasing module C:\Documents and Settings\hhhhhhhhhhhh\Local Settings\Application Data\DProtect\eBP.dll
File move failed. C:\Documents and Settings\hhhhhhhhhhhh\Local Settings\Application Data\DProtect\eBP.dll scheduled to be moved on reboot.
Releasing module C:\Documents and Settings\hhhhhhhhhhhh\Local Settings\Application Data\DProtect\eBP.dll
File move failed. C:\Documents and Settings\hhhhhhhhhhhh\Local Settings\Application Data\DProtect\eBP.dll scheduled to be moved on reboot.
Releasing module C:\Documents and Settings\hhhhhhhhhhhh\Local Settings\Application Data\DProtect\eBP.dll
File move failed. C:\Documents and Settings\hhhhhhhhhhhh\Local Settings\Application Data\DProtect\eBP.dll scheduled to be moved on reboot.
Releasing module C:\Documents and Settings\hhhhhhhhhhhh\Local Settings\Application Data\DProtect\eBP.dll
File move failed. C:\Documents and Settings\hhhhhhhhhhhh\Local Settings\Application Data\DProtect\eBP.dll scheduled to be moved on reboot.
Releasing module C:\Documents and Settings\hhhhhhhhhhhh\Local Settings\Application Data\DProtect\eBP.dll
File move failed. C:\Documents and Settings\hhhhhhhhhhhh\Local Settings\Application Data\DProtect\eBP.dll scheduled to be moved on reboot.
Releasing module C:\Documents and Settings\hhhhhhhhhhhh\Local Settings\Application Data\DProtect\eBP.dll
File move failed. C:\Documents and Settings\hhhhhhhhhhhh\Local Settings\Application Data\DProtect\eBP.dll scheduled to be moved on reboot.
Releasing module C:\Documents and Settings\hhhhhhhhhhhh\Local Settings\Application Data\DProtect\eBP.dll
File move failed. C:\Documents and Settings\hhhhhhhhhhhh\Local Settings\Application Data\DProtect\eBP.dll scheduled to be moved on reboot.
Releasing module C:\Documents and Settings\hhhhhhhhhhhh\Local Settings\Application Data\DProtect\eBP.dll
File move failed. C:\Documents and Settings\hhhhhhhhhhhh\Local Settings\Application Data\DProtect\eBP.dll scheduled to be moved on reboot.
Releasing module C:\Documents and Settings\hhhhhhhhhhhh\Local Settings\Application Data\DProtect\eBP.dll
File move failed. C:\Documents and Settings\hhhhhhhhhhhh\Local Settings\Application Data\DProtect\eBP.dll scheduled to be moved on reboot.
Releasing module C:\Documents and Settings\hhhhhhhhhhhh\Local Settings\Application Data\DProtect\eBP.dll
File move failed. C:\Documents and Settings\hhhhhhhhhhhh\Local Settings\Application Data\DProtect\eBP.dll scheduled to be moved on reboot.
Releasing module C:\Documents and Settings\hhhhhhhhhhhh\Local Settings\Application Data\DProtect\eBP.dll
File move failed. C:\Documents and Settings\hhhhhhhhhhhh\Local Settings\Application Data\DProtect\eBP.dll scheduled to be moved on reboot.
Releasing module C:\Documents and Settings\hhhhhhhhhhhh\Local Settings\Application Data\DProtect\eBP.dll
File move failed. C:\Documents and Settings\hhhhhhhhhhhh\Local Settings\Application Data\DProtect\eBP.dll scheduled to be moved on reboot.
Releasing module C:\Documents and Settings\hhhhhhhhhhhh\Local Settings\Application Data\DProtect\eBP.dll
File move failed. C:\Documents and Settings\hhhhhhhhhhhh\Local Settings\Application Data\DProtect\eBP.dll scheduled to be moved on reboot.
Releasing module C:\Documents and Settings\hhhhhhhhhhhh\Local Settings\Application Data\DProtect\eBP.dll
File move failed. C:\Documents and Settings\hhhhhhhhhhhh\Local Settings\Application Data\DProtect\eBP.dll scheduled to be moved on reboot.
Releasing module C:\Documents and Settings\hhhhhhhhhhhh\Local Settings\Application Data\DProtect\eBP.dll
File move failed. C:\Documents and Settings\hhhhhhhhhhhh\Local Settings\Application Data\DProtect\eBP.dll scheduled to be moved on reboot.
Releasing module C:\Documents and Settings\hhhhhhhhhhhh\Local Settings\Application Data\DProtect\eBP.dll
File move failed. C:\Documents and Settings\hhhhhhhhhhhh\Local Settings\Application Data\DProtect\eBP.dll scheduled to be moved on reboot.
Releasing module C:\Documents and Settings\hhhhhhhhhhhh\Local Settings\Application Data\DProtect\eBP.dll
File move failed. C:\Documents and Settings\hhhhhhhhhhhh\Local Settings\Application Data\DProtect\eBP.dll scheduled to be moved on reboot.
Releasing module C:\Documents and Settings\hhhhhhhhhhhh\Local Settings\Application Data\DProtect\eBP.dll
File move failed. C:\Documents and Settings\hhhhhhhhhhhh\Local Settings\Application Data\DProtect\eBP.dll scheduled to be moved on reboot.
Releasing module C:\Documents and Settings\hhhhhhhhhhhh\Local Settings\Application Data\DProtect\eBP.dll
File move failed. C:\Documents and Settings\hhhhhhhhhhhh\Local Settings\Application Data\DProtect\eBP.dll scheduled to be moved on reboot.
Releasing module C:\Documents and Settings\hhhhhhhhhhhh\Local Settings\Application Data\DProtect\eBP.dll
File move failed. C:\Documents and Settings\hhhhhhhhhhhh\Local Settings\Application Data\DProtect\eBP.dll scheduled to be moved on reboot.
Releasing module C:\Documents and Settings\hhhhhhhhhhhh\Local Settings\Application Data\DProtect\eBPSD.dll
File move failed. C:\Documents and Settings\hhhhhhhhhhhh\Local Settings\Application Data\DProtect\eBPSD.dll scheduled to be moved on reboot.
Releasing module C:\Documents and Settings\hhhhhhhhhhhh\Local Settings\Application Data\DProtect\eBPSD.dll
File move failed. C:\Documents and Settings\hhhhhhhhhhhh\Local Settings\Application Data\DProtect\eBPSD.dll scheduled to be moved on reboot.
Releasing module C:\Documents and Settings\hhhhhhhhhhhh\Local Settings\Application Data\DProtect\eBPSD.dll
File move failed. C:\Documents and Settings\hhhhhhhhhhhh\Local Settings\Application Data\DProtect\eBPSD.dll scheduled to be moved on reboot.
Releasing module C:\Documents and Settings\hhhhhhhhhhhh\Local Settings\Application Data\DProtect\eBPSD.dll
File move failed. C:\Documents and Settings\hhhhhhhhhhhh\Local Settings\Application Data\DProtect\eBPSD.dll scheduled to be moved on reboot.
Releasing module C:\Documents and Settings\hhhhhhhhhhhh\Local Settings\Application Data\DProtect\eBPSD.dll
File move failed. C:\Documents and Settings\hhhhhhhhhhhh\Local Settings\Application Data\DProtect\eBPSD.dll scheduled to be moved on reboot.
Releasing module C:\Documents and Settings\hhhhhhhhhhhh\Local Settings\Application Data\DProtect\eBPSD.dll
File move failed. C:\Documents and Settings\hhhhhhhhhhhh\Local Settings\Application Data\DProtect\eBPSD.dll scheduled to be moved on reboot.
Releasing module C:\Documents and Settings\hhhhhhhhhhhh\Local Settings\Application Data\DProtect\eBPSD.dll
File move failed. C:\Documents and Settings\hhhhhhhhhhhh\Local Settings\Application Data\DProtect\eBPSD.dll scheduled to be moved on reboot.
Releasing module C:\Documents and Settings\hhhhhhhhhhhh\Local Settings\Application Data\DProtect\eBPSD.dll
File move failed. C:\Documents and Settings\hhhhhhhhhhhh\Local Settings\Application Data\DProtect\eBPSD.dll scheduled to be moved on reboot.
Releasing module C:\Documents and Settings\hhhhhhhhhhhh\Local Settings\Application Data\DProtect\eBPSD.dll
File move failed. C:\Documents and Settings\hhhhhhhhhhhh\Local Settings\Application Data\DProtect\eBPSD.dll scheduled to be moved on reboot.
Releasing module C:\Documents and Settings\hhhhhhhhhhhh\Local Settings\Application Data\DProtect\eBPSD.dll
File move failed. C:\Documents and Settings\hhhhhhhhhhhh\Local Settings\Application Data\DProtect\eBPSD.dll scheduled to be moved on reboot.
Releasing module C:\Documents and Settings\hhhhhhhhhhhh\Local Settings\Application Data\DProtect\eBPSD.dll
File move failed. C:\Documents and Settings\hhhhhhhhhhhh\Local Settings\Application Data\DProtect\eBPSD.dll scheduled to be moved on reboot.
Releasing module C:\Documents and Settings\hhhhhhhhhhhh\Local Settings\Application Data\DProtect\eBPSD.dll
File move failed. C:\Documents and Settings\hhhhhhhhhhhh\Local Settings\Application Data\DProtect\eBPSD.dll scheduled to be moved on reboot.
Releasing module C:\Documents and Settings\hhhhhhhhhhhh\Local Settings\Application Data\DProtect\eBPSD.dll
File move failed. C:\Documents and Settings\hhhhhhhhhhhh\Local Settings\Application Data\DProtect\eBPSD.dll scheduled to be moved on reboot.
Releasing module C:\Documents and Settings\hhhhhhhhhhhh\Local Settings\Application Data\DProtect\eBPSD.dll
File move failed. C:\Documents and Settings\hhhhhhhhhhhh\Local Settings\Application Data\DProtect\eBPSD.dll scheduled to be moved on reboot.
Releasing module C:\Documents and Settings\hhhhhhhhhhhh\Local Settings\Application Data\DProtect\eBPSD.dll
File move failed. C:\Documents and Settings\hhhhhhhhhhhh\Local Settings\Application Data\DProtect\eBPSD.dll scheduled to be moved on reboot.
Releasing module C:\Documents and Settings\hhhhhhhhhhhh\Local Settings\Application Data\DProtect\eBPSD.dll
File move failed. C:\Documents and Settings\hhhhhhhhhhhh\Local Settings\Application Data\DProtect\eBPSD.dll scheduled to be moved on reboot.
Releasing module C:\Documents and Settings\hhhhhhhhhhhh\Local Settings\Application Data\DProtect\eBPSD.dll
File move failed. C:\Documents and Settings\hhhhhhhhhhhh\Local Settings\Application Data\DProtect\eBPSD.dll scheduled to be moved on reboot.
Releasing module C:\Documents and Settings\hhhhhhhhhhhh\Local Settings\Application Data\DProtect\eBPSD.dll
File move failed. C:\Documents and Settings\hhhhhhhhhhhh\Local Settings\Application Data\DProtect\eBPSD.dll scheduled to be moved on reboot.
Releasing module C:\Documents and Settings\hhhhhhhhhhhh\Local Settings\Application Data\DProtect\eBPSD.dll
File move failed. C:\Documents and Settings\hhhhhhhhhhhh\Local Settings\Application Data\DProtect\eBPSD.dll scheduled to be moved on reboot.
Releasing module C:\Documents and Settings\hhhhhhhhhhhh\Local Settings\Application Data\DProtect\eBPSD.dll
File move failed. C:\Documents and Settings\hhhhhhhhhhhh\Local Settings\Application Data\DProtect\eBPSD.dll scheduled to be moved on reboot.
Releasing module C:\Documents and Settings\hhhhhhhhhhhh\Local Settings\Application Data\DProtect\eBPSD.dll
File move failed. C:\Documents and Settings\hhhhhhhhhhhh\Local Settings\Application Data\DProtect\eBPSD.dll scheduled to be moved on reboot.
Releasing module C:\Documents and Settings\hhhhhhhhhhhh\Local Settings\Application Data\DProtect\eBPSD.dll
File move failed. C:\Documents and Settings\hhhhhhhhhhhh\Local Settings\Application Data\DProtect\eBPSD.dll scheduled to be moved on reboot.
Releasing module C:\Documents and Settings\hhhhhhhhhhhh\Local Settings\Application Data\DProtect\eBPSD.dll
File move failed. C:\Documents and Settings\hhhhhhhhhhhh\Local Settings\Application Data\DProtect\eBPSD.dll scheduled to be moved on reboot.
Error: No service named DPService was found to stop!
Service\Driver key DPService not found.
File move failed. C:\Documents and Settings\hhhhhhhhhhhh\Local Settings\Application Data\DProtect\DProtectSvc.exe scheduled to be moved on reboot.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_Dlls:C:\DOCUME~1\HHHHHH~1\LOCALS~1\APPLIC~1\DProtect\eBP.dll deleted successfully.
File move failed. C:\Documents and Settings\hhhhhhhhhhhh\Local Settings\Application Data\DProtect\eBP.dll scheduled to be moved on reboot.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_Dlls:C:\DOCUME~1\HHHHHH~1\LOCALS~1\APPLIC~1\DProtect\eBPSD.dll deleted successfully.
File move failed. C:\Documents and Settings\hhhhhhhhhhhh\Local Settings\Application Data\DProtect\eBPSD.dll scheduled to be moved on reboot.
C:\Documents and Settings\hhhhhhhhhhhh\Local Settings\Application Data\DProtect\log folder moved successfully.
Folder move failed. C:\Documents and Settings\hhhhhhhhhhhh\Local Settings\Application Data\DProtect scheduled to be moved on reboot.
C:\Documents and Settings\hhhhhhhhhhhh\Mes documents\Freemake folder moved successfully.
C:\Program Files\Freemake folder moved successfully.

OTL by OldTimer - Version 3.2.69.0 log created on 09082013_120234

Files\Folders moved on Reboot...
C:\Documents and Settings\hhhhhhhhhhhh\Local Settings\Application Data\DProtect\DProtectSvc.exe moved successfully.
C:\Documents and Settings\hhhhhhhhhhhh\Local Settings\Application Data\DProtect\eBP.dll moved successfully.
C:\Documents and Settings\hhhhhhhhhhhh\Local Settings\Application Data\DProtect\eBPSD.dll moved successfully.
C:\Documents and Settings\hhhhhhhhhhhh\Local Settings\Application Data\DProtect folder moved successfully.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...
0
Malekal_morte- Messages postés 180304 Date d'inscription mercredi 17 mai 2006 Statut Modérateur, Contributeur sécurité Dernière intervention 15 décembre 2020 24 628
8 sept. 2013 à 12:12
Télécharge https://www.malekal.com/adwcleaner-supprimer-virus-adwares-pup/?t=33839&start= AdwCleaner ( d'Xplode ) sur ton bureau.
Sur la page d'AdwCleaner, à droite, clic sur la disquette grise avec la flèche verte pour lancer le téléchargement.
Lance AdwCleaner, clique sur [Scanner] puis patiente (PAS besoin de copier/coller le rapport ici).
Quand cela est terminé, clic sur [Nettoyage].
!!! je répète faire [Nettoyage] !!!
Clic sur Rapport puis copie/colle le contenu du rapport dans ta prochaine réponse par un copier/coller.
Si cela ne fonctionne pas, utilise le site http://pjjoint.malekal.com pour héberger le rapport, donne le lien du rapport dans un nouveau message.

Note : Le rapport est également sauvegardé sous C:\AdwCleaner[S1].txt
0
haddocks Messages postés 77 Date d'inscription lundi 7 novembre 2005 Statut Membre Dernière intervention 28 décembre 2018
8 sept. 2013 à 12:17
bonjour electricien

en installant "video converter" sur comment ca marche ou clubic, je sais plus.
a un moment on te demande d'installer un fichier "...network..." pour povoir enregistrer ta license gratuite et c'est la je pense le piège.
0
haddocks Messages postés 77 Date d'inscription lundi 7 novembre 2005 Statut Membre Dernière intervention 28 décembre 2018
8 sept. 2013 à 12:34
youupiiii, je pense que çà a fonctionné...enfin pour l'instant. plus cette page de demarrage.
voici le rapport. Merci de confirmer.

# AdwCleaner v3.003 - Rapport créé le 08/09/2013 à 12:27:58
# Mis à jour le 07/09/2013 par Xplode
# Système d'exploitation : Microsoft Windows XP Service Pack 3 (32 bits)
# Nom d'utilisateur : hhhhhhhhhhhh - MON-A54F424C63
# Exécuté depuis : C:\Documents and Settings\hhhhhhhhhhhh\Bureau\adwcleaner.exe
# Option : Nettoyer

***** [ Services ] *****


***** [ Fichiers / Dossiers ] *****


***** [ Raccourcis ] *****

Raccourci Désinfecté : C:\Documents and Settings\hhhhhhhhhhhh\Menu Démarrer\Programmes\Accessoires\Outils système\Internet Explorer (Aucun module complémentaire).lnk
Raccourci Désinfecté : C:\Documents and Settings\hhhhhhhhhhhh\Menu Démarrer\Programmes\Accessoires\Outils système\Internet Explorer (sans module complémentaire).lnk

***** [ Registre ] *****

Clé Supprimée : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Donnée Restaurée : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command

***** [ Navigateurs ] *****

-\\ Internet Explorer v8.0.6001.18702

Paramètre Restauré : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
Paramètre Restauré : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
Paramètre Restauré : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Paramètre Restauré : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Paramètre Restauré : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [SearchAssistant]
Paramètre Restauré : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [CustomizeSearch]

*************************

AdwCleaner[R0].txt - [12077 octets] - [07/09/2013 19:09:24]
AdwCleaner[R1].txt - [2449 octets] - [07/09/2013 20:56:27]
AdwCleaner[R2].txt - [3477 octets] - [08/09/2013 12:26:07]
AdwCleaner[S0].txt - [10326 octets] - [07/09/2013 19:12:58]
AdwCleaner[S1].txt - [1744 octets] - [07/09/2013 21:03:47]
AdwCleaner[S2].txt - [2048 octets] - [08/09/2013 12:27:58]

########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [2108 octets] ##########
0
haddocks Messages postés 77 Date d'inscription lundi 7 novembre 2005 Statut Membre Dernière intervention 28 décembre 2018
8 sept. 2013 à 12:37
pour eviter que je fasse la même erreur, quelqu'un connait un logiciel sans virus qui converti les fichiers .mkv en avi ou autres??
0

Discussions similaires

Pokémon X et Y : comment effacer une partie ?
PokéFan -
yoshiedu13 -

49 réponses
Comment on fait pour supprimer les conversations sur Snap ?
Eva6240 -
Charlito598 -

46 réponses
touche suppr du clavier ne fonctionne plus
djef1 -
Yzey -

13 réponses
comment effacer l'historique de google
gen-gen -
twinplatinerouge -

25 réponses
Supprimer les suggestions de recherches sur Instagram
Hip93 -
J -

8 réponses