FORUM D’ENTRAIDE INFORMATIQUE (FEI)
Site d’assistance et de sécurité informatique

Aide à la désinfection (pages publicitaires, moteur de recherche remplacé, redirections, virus...).
Règles du forum : Entraide concernant la désinfection et la sécurité informatique : en cas de publicités intempestives, pop-up, redirections, logiciels indésirables, ralentissements suspects, virus, etc.
Une désinfection complète vous sera assurée : désinfection, sécurisation, puis prévention.
Seuls les helpers (personnes qualifiées et formées à la désinfection) ainsi que le staff sont autorisés à apporter leur aide dans cette section.
Merci également de prendre connaissance de la charte générale du forum.
  • Avatar du membre
  • Avatar du membre
  • Avatar du membre
#40230
Bonjour,
Je voudrais savoir comment fait-on pour desinstaller le logiciel anti-porn.
Il me demande d'entrer un mot de passe pour le desinstalle or je n'ai jamais creer de mot de passe.
Comment faire pour le desinstaller?
Merci d'avance.
#40236
Bonsoir Amelie72...

Je pense que tu devrais faire désinfecter ton PC.

Je fais tout de suite un rapport a un Helper pour savoir si c'est nécessaire, mais si ton ordinateur ne réagit plus comme tu le souhaites il y a de grande chance que tu soit infecté.
#40245
Salut Amelie72


On va vérifier le PC :

Télécharge OTL (de OldTimer) et enregistre-le sur ton Bureau.

- Quitte les applications en cours afin de ne pas interrompre le scan.
- Faire double clique sur OTL.exe présent sur le bureau pour lancer le programme
Vista/Seven -- Faire un clique droit sur OTL.exe présent sur le bureau et choisir exécuter en tant qu'administrateur pour lancer le programme
- Une fenêtre apparaît. Dans la section Rapport en haut de cette fenêtre, coche "Rapport standard". Fais de même avec "Tous les utilisateurs" à coté.
- Coche également les cases à côté de "Recherche LOP" et "Recherche Purity".

Ne modifie pas les autres paramètres !

Copie la liste qui se trouve en gras ci-dessous, et colle-la dans la zone sous " Personnalisation "

netsvcs
msconfig
safebootminimal
safebootnetwork
activex
drivers32
%SYSTEMDRIVE%\*.*
%SYSTEMDRIVE%\*.exe
%PROGRAMFILES%\*.*
%PROGRAMFILES%\*.
/md5start
consrv.dll
volsnap.sys
hidserv.dll
appmgmts.dll
eventlog.dll
winlogon.exe
scecli.dll
netlogon.dll
cngaudit.dll
sceclt.dll
ntelogon.dll
logevent.dll
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
wininet.dll
wininit.exe
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
explorer.exe
svchost.exe
userinit.exe
qmgr.dll
ws2_32.dll
proquota.exe
imm32.dll
kernel32.dll
ndis.sys
autochk.exe
spoolsv.exe
xmlprov.dll
ntmssvc.dll
mswsock.dll
Beep.SYS
ntfs.sys
termsrv.dll
sfcfiles.dll
st3shark.sys
winlogon.exe
wininit.ini
/md5stop
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems /s
SAVEMBR:0
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
c:\$recycle.bin\*.* /s


- Clique sur le bouton Analyse.
- Une fois l'analyse terminée, deux fenêtres vont s'ouvrir dans le Bloc-notes : OTL.txt et Extras.txt. Ils se trouvent au même endroit que OTListIT2 (donc par défaut sur le Bureau).

Utilise cjoint.com pour poster en lien tes rapports :
http://cjoint.com/

- Clique sur Parcourir pour aller chercher le rapport OTL.txt sur le bureau
- Clique sur Ouvrir ensuite sur Créer le lien Cjoint

- Fais un copier/coller du lien qui est devant Le lien a été créé: dans ta prochaine réponse.

Après fais de même avec l'autre rapport Extras.txt


@++
#40260
Salut Amelie72


Merci, j'ai bien tout fait mais il n'efface pas mon logiciel...J'espère qu'il n'a rien supprimer, on n'a fais simplement un diagnostique de ton PC et tu es beaucoup infecté, aller on commence a faire le ménage :


Télécharge AdwCleaner ( d'Xplode ) sur ton bureau.
http://general-changelog-team.fr/telech ... adwcleaner

Lance le, clique sur [Suppression] puis patiente le temps du scan.
Une fois le scan fini, un rapport s'ouvrira, poste le contenu de ce rapport.
Note : Le rapport est également sauvegardé sous C:\AdwCleaner[S1].txt


-----


Télécharge SystemLook sur ton Bureau :
http://jpshortstuff.247fixes.com/SystemLook.exe

- Double-clique sur SystemLook.exe pour le lancer.

- Copie le contenu du cadre ci-dessous et colle-le dans la zone texte de SystemLook :
:filefind
Retafte.bmp
nfchs.exe
Eleathe.bmp
:regfind
A5BE62CA-DE0F-4764-A0CB-4044816DB174
TUEAGLES
EGLDRV
EPOCH
- Clique sur le bouton Look pour démarrer l'examen.
- A la fin, le Bloc-notes s'ouvre avec le résultat de l'analyse. Copie-colle le rapport dans ta prochaine réponse.


@++
#40261
Rapport de adw cleaner
***** [Fichiers / Dossiers] *****

Fichier Supprimé : C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\a8rjdauw.default\searchplugins\bProtect.xml
Supprimé au redémarrage : C:\Documents and Settings\All Users\Application Data\bProtectorForWindows

***** [Registre] *****

Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0FB6A909-6086-458F-BD92-1F8EE10042A0}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{11111111-1111-1111-1111-110011221158}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{11111111-1111-1111-1111-110011441179}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1631550F-191D-4826-B069-D9439253D926}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{28387537-E3F9-4ED7-860C-11E69AF4A8A0}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{293A63F7-C3B6-423A-9845-901AC0A7EE6E}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4A99-B4B6-146BF802613B}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{336D0C35-8A85-403A-B9D2-65C292C39087}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{58124A0B-DC32-4180-9BFF-E0E21AE34026}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{78F3A323-798E-4AEA-9A57-88F4B05FD5DD}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{977AE9CC-AF83-45E8-9E03-E2798216E2D5}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{9CFACCB6-2F3F-4177-94EA-0D2B72D384C1}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{BE7A24F5-69CB-4708-B77B-B1EDA6043B95}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{E38FA08E-F56A-4169-ABF5-5C71E3C153A1}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35B-6118-11DC-9C72-001320C79847}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35C-6118-11DC-9C72-001320C79847}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F9639E4A-801B-4843-AEE3-03D9DA199E77}
Valeur Supprimée : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [bProtectorDefaultScope]

***** [Navigateurs] *****

-\\ Internet Explorer v8.0.6001.18702

[OK] Le registre ne contient aucune entrée illégitime.

-\\ Mozilla Firefox v [Impossible d'obtenir la version]

Fichier : C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\a8rjdauw.default\prefs.js

[OK] Le fichier ne contient aucune entrée illégitime.

-\\ Google Chrome v [Impossible d'obtenir la version]

Fichier : C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences

[OK] Le fichier ne contient aucune entrée illégitime.

*************************

AdwCleaner[R1].txt - [43768 octets] - [29/07/2012 16:18:33]
AdwCleaner[S1].txt - [3958 octets] - [29/07/2012 16:19:04]
AdwCleaner[S2].txt - [45641 octets] - [27/01/2013 21:39:37]
AdwCleaner[S3].txt - [4272 octets] - [27/01/2013 21:46:17]

########## EOF - C:\AdwCleaner[S3].txt - [4332 octets] ##########
#40263
Rapport du system look

SystemLook 30.07.11 by jpshortstuff
Log created at 21:56 on 27/01/2013 by Administrateur
Administrator - Elevation successful

========== filefind ==========

Searching for "Retafte.bmp"
C:\WINDOWS\Retafte.bmp --a---- 9522 bytes [15:51 29/07/2012] [15:51 29/07/2012] 56ABE075ED5F3F8DF99EA43A0CDA6F81

Searching for "nfchs.exe"
C:\WINDOWS\NFCHS.exe --a---- 122760 bytes [15:51 29/07/2012] [15:51 29/07/2012] D25B80BF992CC6E38CBC69E533B2E7D1

Searching for "Eleathe.bmp"
C:\WINDOWS\Eleathe.bmp --a---- 9522 bytes [15:51 29/07/2012] [15:51 29/07/2012] FB4034786E8840327A27E903C52326DE

========== regfind ==========

Searching for "A5BE62CA-DE0F-4764-A0CB-4044816DB174"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A5BE62CA-DE0F-4764-A0CB-4044816DB174}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{A5BE62CA-DE0F-4764-A0CB-4044816DB174}"=""

Searching for "TUEAGLES"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\ShellNoRoam\MUICache]
"C:\Program Files\tuEagles\EglAbout.exe"="EglAbout"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\ShellNoRoam\MUICache]
"C:\Program Files\tuEagles\control.exe"="control"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\ShellNoRoam\MUICache]
"C:\Program Files\tuEagles\uninst.exe"="uninst"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\ShellNoRoam\MUICache]
"C:\Program Files\tuEagles\EglR.exe"="EglR"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\ShellNoRoam\MUICache]
"C:\Program Files\tuEagles\eglsetu1.exe"="eglsetu1"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\ShellNoRoam\MUICache]
"C:\Program Files\tuEagles\logview.exe"="logview"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A5BE62CA-DE0F-4764-A0CB-4044816DB174}\InprocServer32]
@="C:\PROGRA~1\tuEagles\EagleObj.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\tueagles]
[HKEY_LOCAL_MACHINE\SOFTWARE\tueagles]
@="C:\Program Files\tuEagles\"
[HKEY_LOCAL_MACHINE\SOFTWARE\tueagles]
"Anti-Porn"="C:\Program Files\tuEagles\"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SafeBoot\Minimal\tuEaglesService]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SafeBoot\Network\tuEaglesService]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_TUEAGLESSERVICE]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_TUEAGLESSERVICE\0000]
"Service"="tuEaglesService"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_TUEAGLESSERVICE\0000]
"DeviceDesc"="tuEagles Service"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_TUEAGLESSERVICE\0000\Control]
"ActiveService"="tuEaglesService"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\egldrv]
"ImagePath"="\??\C:\Program Files\tuEagles\egldrv.sys"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\tuEaglesService]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\tuEaglesService]
"ImagePath"="C:\Program Files\tuEagles\eglsrv.exe"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\tuEaglesService]
"DisplayName"="tuEagles Service"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\tuEaglesService\Enum]
"0"="Root\LEGACY_TUEAGLESSERVICE\0000"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\SafeBoot\Minimal\tuEaglesService]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\SafeBoot\Network\tuEaglesService]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_TUEAGLESSERVICE]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_TUEAGLESSERVICE\0000]
"Service"="tuEaglesService"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_TUEAGLESSERVICE\0000]
"DeviceDesc"="tuEagles Service"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\egldrv]
"ImagePath"="\??\C:\Program Files\tuEagles\egldrv.sys"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\tuEaglesService]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\tuEaglesService]
"ImagePath"="C:\Program Files\tuEagles\eglsrv.exe"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\tuEaglesService]
"DisplayName"="tuEagles Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\tuEaglesService]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\tuEaglesService]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_TUEAGLESSERVICE]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_TUEAGLESSERVICE\0000]
"Service"="tuEaglesService"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_TUEAGLESSERVICE\0000]
"DeviceDesc"="tuEagles Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_TUEAGLESSERVICE\0000\Control]
"ActiveService"="tuEaglesService"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\egldrv]
"ImagePath"="\??\C:\Program Files\tuEagles\egldrv.sys"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\tuEaglesService]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\tuEaglesService]
"ImagePath"="C:\Program Files\tuEagles\eglsrv.exe"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\tuEaglesService]
"DisplayName"="tuEagles Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\tuEaglesService\Enum]
"0"="Root\LEGACY_TUEAGLESSERVICE\0000"
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\ShellNoRoam\MUICache]
"C:\Program Files\tuEagles\EglAgent.exe"="EglAgent"
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\ShellNoRoam\MUICache]
"C:\Program Files\tuEagles\EglR.exe"="EglR"
[HKEY_USERS\S-1-5-21-117609710-651377827-1177238915-500\Software\Microsoft\Windows\ShellNoRoam\MUICache]
"C:\Program Files\tuEagles\EglAbout.exe"="EglAbout"
[HKEY_USERS\S-1-5-21-117609710-651377827-1177238915-500\Software\Microsoft\Windows\ShellNoRoam\MUICache]
"C:\Program Files\tuEagles\control.exe"="control"
[HKEY_USERS\S-1-5-21-117609710-651377827-1177238915-500\Software\Microsoft\Windows\ShellNoRoam\MUICache]
"C:\Program Files\tuEagles\uninst.exe"="uninst"
[HKEY_USERS\S-1-5-21-117609710-651377827-1177238915-500\Software\Microsoft\Windows\ShellNoRoam\MUICache]
"C:\Program Files\tuEagles\EglR.exe"="EglR"
[HKEY_USERS\S-1-5-21-117609710-651377827-1177238915-500\Software\Microsoft\Windows\ShellNoRoam\MUICache]
"C:\Program Files\tuEagles\eglsetu1.exe"="eglsetu1"
[HKEY_USERS\S-1-5-21-117609710-651377827-1177238915-500\Software\Microsoft\Windows\ShellNoRoam\MUICache]
"C:\Program Files\tuEagles\logview.exe"="logview"
[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\ShellNoRoam\MUICache]
"C:\Program Files\tuEagles\EglAgent.exe"="EglAgent"
[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\ShellNoRoam\MUICache]
"C:\Program Files\tuEagles\EglR.exe"="EglR"

Searching for "EGLDRV"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_EGLDRV]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_EGLDRV\0000]
"Service"="egldrv"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_EGLDRV\0000]
"DeviceDesc"="egldrv"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_EGLDRV\0000\Control]
"ActiveService"="egldrv"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\egldrv]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\egldrv]
"ImagePath"="\??\C:\Program Files\tuEagles\egldrv.sys"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\egldrv]
"DisplayName"="egldrv"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\egldrv\Enum]
"0"="Root\LEGACY_EGLDRV\0000"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_EGLDRV]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_EGLDRV\0000]
"Service"="egldrv"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_EGLDRV\0000]
"DeviceDesc"="egldrv"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\egldrv]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\egldrv]
"ImagePath"="\??\C:\Program Files\tuEagles\egldrv.sys"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\egldrv]
"DisplayName"="egldrv"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_EGLDRV]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_EGLDRV\0000]
"Service"="egldrv"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_EGLDRV\0000]
"DeviceDesc"="egldrv"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_EGLDRV\0000\Control]
"ActiveService"="egldrv"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\egldrv]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\egldrv]
"ImagePath"="\??\C:\Program Files\tuEagles\egldrv.sys"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\egldrv]
"DisplayName"="egldrv"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\egldrv\Enum]
"0"="Root\LEGACY_EGLDRV\0000"

Searching for "EPOCH"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SharedAccess\Epoch]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\SharedAccess\Epoch]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Epoch]

-= EOF =-
#40266
Salut Amelie72


Le rapport d'AdwCleaner, poste le de nouveau...

Après refais un scan avec OTL comme la première fois(mode Analyse) avec les mêmes paramètres et la même liste sous personnalisation, tu auras seulement un rapport(OTL.txt) a me poster, voir a utilisé cjoint pour poster le rapport.


@++
#40267
Rapport d'AdwCleaner

# AdwCleaner v2.109 - Rapport créé le 27/01/2013 à 22:44:35
# Mis à jour le 26/01/2013 par Xplode
# Système d'exploitation : Microsoft Windows XP Service Pack 3 (32 bits)
# Nom d'utilisateur : Administrateur - SWEET-F23630C41
# Mode de démarrage : Normal
# Exécuté depuis : C:\Documents and Settings\Administrateur\Bureau\adwcleaner.exe
# Option [Suppression]


***** [Services] *****


***** [Fichiers / Dossiers] *****

Fichier Supprimé : C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\a8rjdauw.default\searchplugins\bProtect.xml
Supprimé au redémarrage : C:\Documents and Settings\All Users\Application Data\bProtectorForWindows

***** [Registre] *****

Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0FB6A909-6086-458F-BD92-1F8EE10042A0}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{11111111-1111-1111-1111-110011221158}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{11111111-1111-1111-1111-110011441179}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1631550F-191D-4826-B069-D9439253D926}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{28387537-E3F9-4ED7-860C-11E69AF4A8A0}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{293A63F7-C3B6-423A-9845-901AC0A7EE6E}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4A99-B4B6-146BF802613B}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{336D0C35-8A85-403A-B9D2-65C292C39087}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{58124A0B-DC32-4180-9BFF-E0E21AE34026}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{78F3A323-798E-4AEA-9A57-88F4B05FD5DD}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{977AE9CC-AF83-45E8-9E03-E2798216E2D5}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{9CFACCB6-2F3F-4177-94EA-0D2B72D384C1}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{BE7A24F5-69CB-4708-B77B-B1EDA6043B95}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{E38FA08E-F56A-4169-ABF5-5C71E3C153A1}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35B-6118-11DC-9C72-001320C79847}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35C-6118-11DC-9C72-001320C79847}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F9639E4A-801B-4843-AEE3-03D9DA199E77}
Valeur Supprimée : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [bProtectorDefaultScope]

***** [Navigateurs] *****

-\\ Internet Explorer v8.0.6001.18702

[OK] Le registre ne contient aucune entrée illégitime.

-\\ Mozilla Firefox v [Impossible d'obtenir la version]

Fichier : C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\a8rjdauw.default\prefs.js

[OK] Le fichier ne contient aucune entrée illégitime.

-\\ Google Chrome v [Impossible d'obtenir la version]

Fichier : C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences

[OK] Le fichier ne contient aucune entrée illégitime.

*************************

AdwCleaner[R1].txt - [43768 octets] - [29/07/2012 16:18:33]
AdwCleaner[S1].txt - [3958 octets] - [29/07/2012 16:19:04]
AdwCleaner[S2].txt - [45641 octets] - [27/01/2013 21:39:37]
AdwCleaner[S3].txt - [4401 octets] - [27/01/2013 21:46:17]
AdwCleaner[S4].txt - [4332 octets] - [27/01/2013 22:44:35]

########## EOF - C:\AdwCleaner[S4].txt - [4392 octets] ##########
#40268
Rapport de OTL.txt

OTL logfile created on: 27/01/2013 22:53:12 - Run 3
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Administrateur\Bureau
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

222,23 Mb Total Physical Memory | 30,34 Mb Available Physical Memory | 13,65% Memory free
543,27 Mb Paging File | 137,16 Mb Available in Paging File | 25,25% Paging File free
Paging file location(s): C:\pagefile.sys 336 672 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 55,89 Gb Total Space | 41,19 Gb Free Space | 73,70% Space Free | Partition Type: NTFS

Computer Name: SWEET-F23630C41 | User Name: Administrateur | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/01/27 19:59:23 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrateur\Bureau\OTL.exe
PRC - [2012/10/22 13:05:08 | 000,196,664 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgwdsvc.exe
PRC - [2010/07/19 17:31:56 | 000,976,192 | ---- | M] (SFR) -- C:\Program Files\SFR\Kit\9props.exe
PRC - [2008/09/27 11:24:52 | 001,573,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe


========== Modules (No Company Name) ==========

MOD - [2012/07/29 16:50:52 | 000,086,408 | RHS- | M] () -- C:\Program Files\tuEagles\EagleObj.dll
MOD - [2012/07/29 16:50:43 | 000,466,872 | RHS- | M] () -- C:\Program Files\tuEagles\Flt.dll
MOD - [2012/07/12 22:39:30 | 002,008,096 | ---- | M] () -- c:\Documents and Settings\All Users\Application Data\bProtectorForWindows\2.2.463.83\protector.dll
MOD - [2010/07/19 17:32:06 | 000,079,168 | ---- | M] () -- C:\Program Files\SFR\Kit\9unelevate.dll


========== Services (SafeList) ==========

SRV - File not found [On_Demand | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe -- (WPFFontCache_v0400)
SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ)
SRV - File not found [On_Demand | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe -- (aspnet_state)
SRV - [2012/11/06 19:00:04 | 005,814,392 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Stopped] -- C:\Program Files\AVG\AVG2013\avgidsagent.exe -- (AVGIDSAgent)
SRV - [2012/10/22 13:05:08 | 000,196,664 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2013\avgwdsvc.exe -- (avgwd)
SRV - [2012/07/29 16:50:43 | 000,339,336 | ---- | M] () [Auto | Running] -- C:\Program Files\tuEagles\EglSrv.exe -- (tuEaglesService)
SRV - [2012/07/06 15:28:53 | 000,257,224 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - [2012/10/22 13:02:46 | 000,179,936 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgidsdriverx.sys -- (AVGIDSDriver)
DRV - [2012/10/15 03:48:52 | 000,055,776 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\avgidshx.sys -- (AVGIDSHX)
DRV - [2012/10/05 03:32:50 | 000,093,536 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\avgmfx86.sys -- (Avgmfx86)
DRV - [2012/10/02 03:30:38 | 000,159,712 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgldx86.sys -- (Avgldx86)
DRV - [2012/09/21 03:46:06 | 000,164,832 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgtdix.sys -- (Avgtdix)
DRV - [2012/09/21 03:46:00 | 000,177,376 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\avglogx.sys -- (Avglogx)
DRV - [2012/09/21 03:45:54 | 000,019,936 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgidsshimx.sys -- (AVGIDSShim)
DRV - [2012/09/14 03:05:20 | 000,035,552 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\avgrkx86.sys -- (Avgrkx86)
DRV - [2012/07/29 16:50:52 | 000,067,480 | ---- | M] () [Kernel | Auto | Running] -- C:\Program Files\tuEagles\egldrv.sys -- (egldrv)
DRV - [2012/03/07 15:25:34 | 000,352,000 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\camc6hal.sys -- (CAMCHALA)
DRV - [2012/03/07 15:25:34 | 000,038,144 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\camc6aud.sys -- (CAMCAUD)
DRV - [2008/09/28 00:41:43 | 000,009,096 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\AMDIDE.sys -- (AMDIDE)
DRV - [2008/09/27 01:58:26 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139)
DRV - [2008/09/24 10:40:22 | 004,122,368 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS -- (ALCXWDM)
DRV - [2008/02/26 06:51:43 | 002,863,616 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2007/12/13 11:21:56 | 000,547,904 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ar5211.sys -- (AR5211)
DRV - [2007/11/21 00:09:22 | 000,104,320 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Rtnicxp.sys -- (RTL8023xp)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,customizesearch = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,searchassistant =
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={ ... rer:source?}
IE - HKLM\..\SearchScopes\{06B469CF-CDC2-47F4-81A9-8EA6E8506E45}: "URL" = http://www.google.com/search?q={searchT ... urceid=ie7


IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Search,customizesearch = http://www.google.com/ie
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Search,searchassistant = http://www.google.com/ie
IE - HKU\.DEFAULT\Software\Microsoft\Internet Explorer\SearchURL\g, = http://www.google.com/search?q=%s
IE - HKU\.DEFAULT\..\SearchScopes,bProtectorDefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={ ... orm=IE8SRC
IE - HKU\.DEFAULT\..\SearchScopes\{06B469CF-CDC2-47F4-81A9-8EA6E8506E45}: "URL" = http://www.google.fr/search?hl=frq={searchTerms}+meta=
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Search,customizesearch = http://www.google.com/ie
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Search,searchassistant = http://www.google.com/ie
IE - HKU\S-1-5-18\Software\Microsoft\Internet Explorer\SearchURL\g, = http://www.google.com/search?q=%s
IE - HKU\S-1-5-18\..\SearchScopes,bProtectorDefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={ ... orm=IE8SRC
IE - HKU\S-1-5-18\..\SearchScopes\{06B469CF-CDC2-47F4-81A9-8EA6E8506E45}: "URL" = http://www.google.fr/search?hl=frq={searchTerms}+meta=
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/
IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/
IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Search,customizesearch = http://www.google.com/ie
IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Search,searchassistant = http://www.google.com/ie
IE - HKU\S-1-5-20\Software\Microsoft\Internet Explorer\SearchURL\g, = http://www.google.com/search?q=%s
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-20\..\SearchScopes\{06B469CF-CDC2-47F4-81A9-8EA6E8506E45}: "URL" = http://www.google.fr/search?hl=frq={searchTerms}+meta=
IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-117609710-651377827-1177238915-500\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar =
IE - HKU\S-1-5-21-117609710-651377827-1177238915-500\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
IE - HKU\S-1-5-21-117609710-651377827-1177238915-500\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKU\S-1-5-21-117609710-651377827-1177238915-500\SOFTWARE\Microsoft\Internet Explorer\Search,customizesearch = http://www.google.com/ie
IE - HKU\S-1-5-21-117609710-651377827-1177238915-500\SOFTWARE\Microsoft\Internet Explorer\Search,searchassistant = http://www.google.com/ie
IE - HKU\S-1-5-21-117609710-651377827-1177238915-500\..\URLSearchHook: - No CLSID value found
IE - HKU\S-1-5-21-117609710-651377827-1177238915-500\..\SearchScopes,bProtectorDefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-117609710-651377827-1177238915-500\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-117609710-651377827-1177238915-500\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}FORM=IE8SRC
IE - HKU\S-1-5-21-117609710-651377827-1177238915-500\..\SearchScopes\{06B469CF-CDC2-47F4-81A9-8EA6E8506E45}: "URL" = http://www.google.com/search?q={searchT ... FA_frFR471
IE - HKU\S-1-5-21-117609710-651377827-1177238915-500\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.bing.com/search?q={searchTerms}FORM=IE8SRC
IE - HKU\S-1-5-21-117609710-651377827-1177238915-500\..\SearchScopes\{8403330E-97E4-4892-94AD-D30E4B164FD0}: "URL" = http://fr.search.yahoo.com/search?p={se ... 6972,0,8,0
IE - HKU\S-1-5-21-117609710-651377827-1177238915-500\..\SearchScopes\{89B57B07-4924-4AF8-93E3-A913FCAE0E61}: "URL" = http://isearch.avg.com/search?cid={336C ... 2012-02-02 20:20:10v=10.0.0.7sap=dspq={searchTerms}
IE - HKU\S-1-5-21-117609710-651377827-1177238915-500\..\SearchScopes\{A531D99C-5A22-449b-83DA-872725C6D0ED}: "URL" = http://search.alot.com/web?q={searchTer ... .1000.1(B)
IE - HKU\S-1-5-21-117609710-651377827-1177238915-500\..\SearchScopes\{E88E0043-C9D4-4e33-8555-FEE4F5B63060}: "URL" = http://go.mail.ru/search?q={searchTerms}utf8in=1fr=ietb
IE - HKU\S-1-5-21-117609710-651377827-1177238915-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-117609710-651377827-1177238915-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" =

========== FireFox ==========

FF - prefs.js..browser.search.defaulturl: ""
FF - prefs.js..extensions.enabledAddons: {cdf97ee2-ded0-4369-835e-99dd08225fa5}:3.14.1.0
FF - prefs.js..extensions.enabledAddons: {b64982b1-d112-42b5-b1e4-d3867c4533f8}:2.2.463.83
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\npctrl.1.0.30716.0.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.1: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)


[2012/07/09 20:34:09 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Extensions
[2012/03/31 17:21:48 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\extensions
[2012/03/31 17:21:49 | 000,000,000 | ---D | M] (uTorrentBar_FR Community Toolbar) -- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\extensions\{05eeb91a-aef7-4f8a-978f-fb83e7b03f8e}
[2013/01/27 21:40:01 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\a8rjdauw.default\Extensions
[2012/07/08 12:55:38 | 000,000,921 | ---- | M] () -- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\a8rjdauw.default\searchplugins\bProtect.xml
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\ADMINISTRATEUR\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\A8RJDAUW.DEFAULT\EXTENSIONS\{CDF97EE2-DED0-4369-835E-99DD08225FA5}
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\BPROTECTORFORWINDOWS\2.2.463.83\FIREFOXEXTENSION
File not found (No name found) -- C:\PROGRAM FILES\SEARCH RESULTS TOOLBAR\DATAMNGR\FIREFOXEXTENSION

========== Chrome ==========


O1 HOSTS File: ([2008/04/14 13:00:00 | 000,000,790 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Objet d'aide à la navigation SFR) - {0F6E720A-1A6B-40E1-A294-1D4D19F156C8} - C:\Program Files\SFR\Kit\SFRNavErrorHelper.dll (SFR)
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (no name) - {8984B388-A5BB-4DF7-B274-77B879E179DB} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {D0F4A166-B8D4-48b8-9D63-80849FE137CB} - No CLSID value found.
O3 - HKU\S-1-5-21-117609710-651377827-1177238915-500\..\Toolbar\WebBrowser: (no name) - {09900DE8-1DCA-443F-9243-26FF581438AF} - No CLSID value found.
O3 - HKU\S-1-5-21-117609710-651377827-1177238915-500\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O4 - HKU\S-1-5-21-117609710-651377827-1177238915-500..\Run: [Connexion SFR 9props.exe] C:\Program Files\SFR\Kit\9props.exe (SFR)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: CDRAutoRun = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HideRunAsVerb = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktopCleanupWizard = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoNetConnectDisconnect = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRemoteRecursiveEvents = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoInternetOpenWith = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktopCleanupWizard = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMBalloonTip = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMConfigurePrograms = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoStrCmpLogical = 0
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoWelcomeScreen = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 1
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 1
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktopCleanupWizard = 1
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMBalloonTip = 1
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMConfigurePrograms = 1
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 1
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoStrCmpLogical = 0
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoWelcomeScreen = 1
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 1
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 1
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktopCleanupWizard = 1
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMBalloonTip = 1
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMConfigurePrograms = 1
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 1
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoStrCmpLogical = 0
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoWelcomeScreen = 1
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 1
O7 - HKU\S-1-5-21-117609710-651377827-1177238915-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O7 - HKU\S-1-5-21-117609710-651377827-1177238915-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 1
O7 - HKU\S-1-5-21-117609710-651377827-1177238915-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktopCleanupWizard = 1
O7 - HKU\S-1-5-21-117609710-651377827-1177238915-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
O7 - HKU\S-1-5-21-117609710-651377827-1177238915-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O7 - HKU\S-1-5-21-117609710-651377827-1177238915-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1
O7 - HKU\S-1-5-21-117609710-651377827-1177238915-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMBalloonTip = 1
O7 - HKU\S-1-5-21-117609710-651377827-1177238915-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMConfigurePrograms = 1
O7 - HKU\S-1-5-21-117609710-651377827-1177238915-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 1
O7 - HKU\S-1-5-21-117609710-651377827-1177238915-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoStrCmpLogical = 0
O7 - HKU\S-1-5-21-117609710-651377827-1177238915-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoWelcomeScreen = 1
O7 - HKU\S-1-5-21-117609710-651377827-1177238915-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 1
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} http://fichiers.touslesdrivers.com/maco ... _2_1_0.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9B4F949A-3122-4EA2-BC75-16626BF37109}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (c:\docume~1\alluse~1\applic~1\bprote~1\22463~1.83\protec~1.dll) - c:\Documents and Settings\All Users\Application Data\bProtectorForWindows\2.2.463.83\protector.dll ()
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop Components:0 (Ma page d'accueil) - AboutHome
O24 - Desktop WallPaper: C:\Documents and Settings\Administrateur\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Administrateur\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {A5BE62CA-DE0F-4764-A0CB-4044816DB174} - C:\Program Files\tuEagles\EagleObj.dll ()
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2012/02/02 14:43:34 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG2013\avgrsx.exe /sync /restart)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

NetSvcs: 6to4 - File not found
NetSvcs: HidServ - %SystemRoot%\System32\hidserv.dll File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found


SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: sermouse.sys - Driver
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: tuEaglesService - C:\Program Files\tuEagles\EglSrv.exe ()
SafeBootMin: vga.sys - Driver
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: sermouse.sys - Driver
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: tuEaglesService - C:\Program Files\tuEagles\EglSrv.exe ()
SafeBootNet: vga.sys - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

ActiveX {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Rendu VML (Vector Graphics Rendering)
ActiveX {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow
ActiveX {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 6.4
ActiveX {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation
ActiveX {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Liaison de données Dynamic HTML pour Java
ActiveX {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe
ActiveX {4278c270-a269-11d1-b5bf-0000f8051515} - Création avancée
ActiveX {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install
ActiveX {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
ActiveX {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow
ActiveX {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX {4f216970-c90c-11d1-b5c7-0000f8051515} - Classes Java DirectAnimation
ActiveX {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.7
ActiveX {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW
ActiveX {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - rundll32 advpack.dll,LaunchINFSection C:\WINDOWS\INF\ie.inf,IE7Stub
ActiveX {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX {7131646D-CD3C-40F4-97B9-CD9E4E6262EF} - .NET Framework
ActiveX {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install
ActiveX {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\WINDOWS\system32\ie4uinit.exe -BaseSettings
ActiveX {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX {ACC563BC-4266-43f0-B6ED-9D38C4202C7E} -
ActiveX {C3C986D6-06B1-43BF-90DD-BE30756C00DE} - RevokedRootsUpdate
ActiveX {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX {CC2A9BA0-3BDD-11D0-821E-444553540000} - Planificateur de tâches
ActiveX {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player 9 ActiveX
ActiveX {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX {EF289A85-8E57-408d-BE47-73B55609861A} - RootsUpdate
ActiveX ActiveX {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP
ActiveX {26923b43-4d38-484f-9b9e-de460746276c} - C:\WINDOWS\system32\ie4uinit.exe -UserIconConfig
ActiveX {60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
ActiveX {881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE

Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 30 Days ==========

[2013/01/27 19:59:11 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Administrateur\Bureau\OTL.exe
[2013/01/26 23:54:17 | 000,000,000 | ---D | C] -- C:\Program Files\VS Revo Group
[2013/01/26 23:54:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\Revo Uninstaller
[2013/01/10 22:01:02 | 000,000,000 | ---D | C] -- C:\531373dc53cb3c31ba4b9427
[3 C:\WINDOWS\*.tmp files - C:\WINDOWS\*.tmp - ]
[1 C:\WINDOWS\System32\*.tmp files - C:\WINDOWS\System32\*.tmp - ]

========== Files - Modified Within 30 Days ==========

[2013/01/27 22:56:00 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2013/01/27 22:47:50 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2013/01/27 22:47:01 | 000,001,070 | ---- | M] () -- C:\WINDOWS\tasks\SoftwareUpdateTaskMachineCore1cd49ad9f409b96.job
[2013/01/27 22:46:45 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013/01/27 22:26:00 | 000,001,002 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2013/01/27 21:53:49 | 000,139,264 | ---- | M] () -- C:\Documents and Settings\Administrateur\Bureau\SystemLook.exe
[2013/01/27 21:38:58 | 000,580,235 | ---- | M] () -- C:\Documents and Settings\Administrateur\Bureau\adwcleaner.exe
[2013/01/27 19:59:23 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrateur\Bureau\OTL.exe
[2013/01/26 23:54:19 | 000,000,917 | ---- | M] () -- C:\Documents and Settings\Administrateur\Bureau\Revo Uninstaller.lnk
[2013/01/10 22:06:26 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2013/01/06 06:34:34 | 006,009,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshtml.dll
[3 C:\WINDOWS\*.tmp files - C:\WINDOWS\*.tmp - ]
[1 C:\WINDOWS\System32\*.tmp files - C:\WINDOWS\System32\*.tmp - ]

========== Files Created - No Company Name ==========

[2013/01/27 21:53:07 | 000,139,264 | ---- | C] () -- C:\Documents and Settings\Administrateur\Bureau\SystemLook.exe
[2013/01/27 21:38:52 | 000,580,235 | ---- | C] () -- C:\Documents and Settings\Administrateur\Bureau\adwcleaner.exe
[2013/01/27 20:08:37 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2013/01/26 23:54:19 | 000,000,917 | ---- | C] () -- C:\Documents and Settings\Administrateur\Bureau\Revo Uninstaller.lnk
[2012/08/31 08:29:08 | 000,027,520 | ---- | C] () -- C:\Documents and Settings\Administrateur\Local Settings\Application Data\dt.dat
[2012/08/28 00:28:00 | 000,007,680 | ---- | C] () -- C:\Documents and Settings\Administrateur\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/07/29 16:51:03 | 000,122,760 | ---- | C] () -- C:\WINDOWS\NFCHS.exe
[2012/07/24 23:55:48 | 000,000,010 | ---- | C] () -- C:\WINDOWS\WININIT.INI
[2012/07/09 21:50:15 | 000,090,494 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-System.dat
[2012/04/02 17:25:30 | 000,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI
[2012/02/28 02:21:55 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2012/02/27 14:51:45 | 000,195,552 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2012/02/21 23:42:37 | 000,000,168 | ---- | C] () -- C:\Documents and Settings\Administrateur\hwmonitorw.ini
[2012/02/17 23:01:38 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2012/02/17 22:59:25 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\RTLCPAPI.dll
[2012/02/07 19:47:22 | 000,000,037 | ---- | C] () -- C:\Documents and Settings\Administrateur\.mjsync_fr_FR
[2012/02/02 15:31:48 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ativpsrm.bin
[2012/02/02 15:27:58 | 000,004,205 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2012/02/02 15:14:52 | 003,107,788 | ---- | C] () -- C:\WINDOWS\System32\ativvaxx.dat
[2012/02/02 15:14:52 | 000,887,724 | ---- | C] () -- C:\WINDOWS\System32\ativva6x.dat
[2012/02/02 15:14:51 | 003,107,788 | ---- | C] () -- C:\WINDOWS\System32\ativva5x.dat
[2012/02/02 15:14:51 | 000,166,450 | ---- | C] () -- C:\WINDOWS\System32\atiicdxx.dat
[2012/02/02 15:11:31 | 000,101,440 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012/02/02 14:44:27 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2012/02/02 14:37:42 | 000,021,892 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2012/02/02 14:36:00 | 000,462,336 | ---- | C] () -- C:\WINDOWS\System32\SwtLoad.exe

========== ZeroAccess Check ==========

[2012/02/18 23:25:52 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2008/09/27 11:26:19 | 003,369,984 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009/02/09 11:53:55 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008/04/14 13:00:00 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2012/02/02 20:24:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrateur\Application Data\AVG2012
[2012/11/27 00:10:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrateur\Application Data\AVG2013
[2012/10/24 12:47:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrateur\Application Data\BitTorrent
[2012/05/10 21:20:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrateur\Application Data\com.adobe.downloadassistant.AdobeDownloadAssistant
[2012/03/07 15:41:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrateur\Application Data\DRPSu
[2012/12/16 21:18:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrateur\Application Data\searchresultstb
[2012/11/27 00:02:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrateur\Application Data\TuneUp Software
[2012/02/06 21:21:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrateur\Application Data\wincoreimband
[2012/11/26 22:51:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG2012
[2012/11/27 00:04:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG2013
[2012/07/12 22:39:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\bProtectorForWindows
[2012/02/02 20:10:23 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Common Files
[2012/02/18 23:36:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Driver Manager
[2012/03/08 20:28:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Driver Mender
[2013/01/27 14:07:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MFAData
[2012/07/09 19:42:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MGTEK
[2012/12/09 17:15:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Default User\Application Data\TuneUp Software
[2012/03/07 15:31:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Application Data\{DCD48218-E972-4d0c-9E5F-43462BC13E3B}

========== Purity Check ==========



========== Custom Scans ==========


[2012/07/29 16:18:44 | 000,043,768 | ---- | M] () -- C:\AdwCleaner[R1].txt
[2012/07/29 16:19:30 | 000,003,958 | ---- | M] () -- C:\AdwCleaner[S1].txt
[2013/01/27 21:40:13 | 000,045,641 | ---- | M] () -- C:\AdwCleaner[S2].txt
[2013/01/27 21:46:33 | 000,004,401 | ---- | M] () -- C:\AdwCleaner[S3].txt
[2013/01/27 22:44:53 | 000,004,461 | ---- | M] () -- C:\AdwCleaner[S4].txt
[2012/06/12 22:15:21 | 000,069,339 | ---- | M] () -- C:\alotserviceruntime.log
[2012/02/02 14:43:34 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2012/02/02 14:33:08 | 000,000,212 | -HS- | M] () -- C:\boot.ini
[2008/04/14 13:00:00 | 000,004,952 | RHS- | M] () -- C:\Bootfont.bin
[2008/09/23 05:01:14 | 000,001,364 | ---- | M] () -- C:\changelog_MassStorage.txt
[2012/02/02 14:43:34 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2008/04/08 11:46:45 | 000,055,808 | ---- | M] (Microsoft Corporation) -- C:\devcon.exe
[2008/05/02 10:11:10 | 000,364,721 | ---- | M] () -- C:\DPsFnshr.exe
[2008/09/27 17:25:49 | 000,000,630 | ---- | M] () -- C:\DPSFNSHR.INI
[2007/04/07 19:52:09 | 000,000,420 | ---- | M] () -- C:\DriverPack_CPU_wnt5_x86-32.ini
[2008/04/11 20:33:25 | 000,001,279 | ---- | M] () -- C:\DriverPack_Graphics_A_wnt5_x86-32.ini
[2007/12/29 20:38:08 | 000,001,653 | ---- | M] () -- C:\DriverPack_Graphics_B_wnt5_x86-32.ini
[2007/12/23 11:04:03 | 000,001,822 | ---- | M] () -- C:\DriverPack_Graphics_C_wnt5_x86-32.ini
[2008/05/14 06:02:31 | 000,000,770 | ---- | M] () -- C:\DriverPack_LAN_wnt5_x86-32.ini
[2008/09/23 05:01:08 | 000,084,942 | ---- | M] () -- C:\DriverPack_MassStorage_wnt5_x86-32.ini
[2008/04/01 16:37:53 | 000,004,214 | ---- | M] () -- C:\DriverPack_Sound_A_wnt5_x86-32.ini
[2008/04/12 10:47:12 | 000,003,525 | ---- | M] () -- C:\DriverPack_Sound_B_wnt5_x86-32.ini
[2008/05/02 10:11:14 | 000,282,725 | ---- | M] () -- C:\DSPdsblr.exe
[2008/01/16 12:48:06 | 000,012,246 | ---- | M] () -- C:\eula.1036.txt
[2008/01/16 12:48:06 | 000,001,110 | ---- | M] () -- C:\globdata.ini
[2008/01/16 12:48:06 | 000,562,688 | ---- | M] (Microsoft Corporation) -- C:\install.exe
[2008/01/16 12:48:14 | 000,000,843 | ---- | M] () -- C:\install.ini
[2008/01/16 12:52:54 | 000,097,296 | ---- | M] (Microsoft Corporation) -- C:\install.res.1036.dll
[2012/06/12 22:15:22 | 000,020,255 | ---- | M] () -- C:\INSTALLHELPER.LOG
[2012/02/02 14:43:34 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2008/04/08 11:46:45 | 000,020,992 | ---- | M] () -- C:\makePNF.exe
[2012/02/02 14:43:34 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2008/04/08 11:46:45 | 000,137,728 | ---- | M] () -- C:\mute.exe
[2008/04/14 13:00:00 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2008/04/14 13:00:00 | 000,252,240 | RHS- | M] () -- C:\ntldr
[2013/01/27 22:46:29 | 352,321,536 | -HS- | M] () -- C:\pagefile.sys
[2013/01/27 22:56:00 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2008/05/02 10:11:17 | 000,235,131 | ---- | M] () -- C:\pmtimer.exe
[2008/01/16 12:48:06 | 000,005,686 | ---- | M] () -- C:\vcredist.bmp
[2008/01/16 12:58:54 | 001,442,522 | ---- | M] () -- C:\VC_RED.cab
[2008/01/16 13:00:56 | 000,233,984 | ---- | M] () -- C:\VC_RED.MSI


[2008/04/08 11:46:45 | 000,055,808 | ---- | M] (Microsoft Corporation) -- C:\devcon.exe
[2008/05/02 10:11:10 | 000,364,721 | ---- | M] () -- C:\DPsFnshr.exe
[2008/05/02 10:11:14 | 000,282,725 | ---- | M] () -- C:\DSPdsblr.exe
[2008/01/16 12:48:06 | 000,562,688 | ---- | M] (Microsoft Corporation) -- C:\install.exe
[2008/04/08 11:46:45 | 000,020,992 | ---- | M] () -- C:\makePNF.exe
[2008/04/08 11:46:45 | 000,137,728 | ---- | M] () -- C:\mute.exe
[2008/05/02 10:11:17 | 000,235,131 | ---- | M] () -- C:\pmtimer.exe




[2012/05/10 21:26:50 | 000,000,000 | ---D | M] -- C:\Program Files\Adobe
[2012/11/27 00:00:58 | 000,000,000 | ---D | M] -- C:\Program Files\AVG
[2012/02/02 14:37:30 | 000,000,000 | ---D | M] -- C:\Program Files\ComPlus Applications
[2012/03/07 15:25:56 | 000,000,000 | ---D | M] -- C:\Program Files\CONEXANT
[2012/03/07 15:31:24 | 000,000,000 | ---D | M] -- C:\Program Files\DIFX
[2012/03/17 19:06:49 | 000,000,000 | ---D | M] -- C:\Program Files\DivX
[2012/07/29 16:19:29 | 000,000,000 | ---D | M] -- C:\Program Files\Fichiers communs
[2012/03/21 00:03:34 | 000,000,000 | ---D | M] -- C:\Program Files\Google
[2012/03/03 19:36:33 | 000,000,000 | ---D | M] -- C:\Program Files\iMesh Applications
[2012/02/17 22:59:18 | 000,000,000 | -H-D | M] -- C:\Program Files\InstallShield Installation Information
[2012/12/14 12:26:11 | 000,000,000 | ---D | M] -- C:\Program Files\Internet Explorer
[2012/03/07 15:41:56 | 000,000,000 | ---D | M] -- C:\Program Files\Mail.Ru
[2012/02/02 14:36:00 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Silverlight
[2012/02/28 02:36:28 | 000,000,000 | ---D | M] -- C:\Program Files\Movie Maker
[2012/07/25 00:04:52 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox
[2012/02/02 14:35:52 | 000,000,000 | ---D | M] -- C:\Program Files\MSN Gaming Zone
[2012/02/02 20:13:29 | 000,000,000 | ---D | M] -- C:\Program Files\MSXML 4.0
[2012/02/02 14:39:57 | 000,000,000 | ---D | M] -- C:\Program Files\NetMeeting
[2012/02/28 02:36:51 | 000,000,000 | ---D | M] -- C:\Program Files\Outlook Express
[2012/02/17 22:59:43 | 000,000,000 | ---D | M] -- C:\Program Files\Realtek AC97
[2012/02/02 14:40:55 | 000,000,000 | ---D | M] -- C:\Program Files\Services en ligne
[2012/09/17 13:39:01 | 000,000,000 | ---D | M] -- C:\Program Files\SFR
[2012/07/29 16:54:52 | 000,000,000 | RHSD | M] -- C:\Program Files\tuEagles
[2012/03/17 18:33:07 | 000,000,000 | ---D | M] -- C:\Program Files\UMPlayer
[2012/07/12 22:45:14 | 000,000,000 | -H-D | M] -- C:\Program Files\Uninstall Information
[2012/02/02 14:36:21 | 000,000,000 | ---D | M] -- C:\Program Files\Utilitaires
[2012/03/30 13:48:08 | 000,000,000 | ---D | M] -- C:\Program Files\VideoLAN
[2013/01/26 23:54:17 | 000,000,000 | ---D | M] -- C:\Program Files\VS Revo Group
[2012/02/02 14:40:41 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Media Connect 2
[2012/02/02 14:43:27 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Media Player
[2012/02/02 14:35:43 | 000,000,000 | ---D | M] -- C:\Program Files\Windows NT
[2012/02/02 14:41:01 | 000,000,000 | -H-D | M] -- C:\Program Files\WindowsUpdate
[2012/02/11 23:29:05 | 000,000,000 | ---D | M] -- C:\Program Files\Yahoo!
[2012/07/25 00:06:47 | 000,000,000 | ---D | M] -- C:\Program Files\Zero Popup


[2008/04/14 13:00:00 | 000,176,640 | ---- | M] (Microsoft Corporation) MD5=F36C9F78FC902C8DCE4D3B576BB0435A -- C:\WINDOWS\system32\appmgmts.dll


[2008/04/14 13:00:00 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys


[2008/04/14 13:00:00 | 000,625,152 | ---- | M] (Microsoft Corporation) MD5=B16CCBF66BF41F994D2810CC2299D9D6 -- C:\WINDOWS\system32\autochk.exe


[2008/04/14 13:00:00 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\system32\drivers\beep.sys


[2008/04/14 13:00:00 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=4EC800BDF80521B0207BD2301DFC7D14 -- C:\WINDOWS\system32\eventlog.dll


[2008/09/27 11:24:52 | 001,573,888 | ---- | M] (Microsoft Corporation) MD5=BFBBBFE0913E6C9706F97598A6588B8F -- C:\WINDOWS\explorer.exe


[2008/07/20 22:44:44 | 000,324,120 | ---- | M] (Intel Corporation) MD5=707C1692214B1C290271067197F075F6 -- C:\D\M\I4\IaStor.sys
[2007/09/29 22:03:12 | 000,308,248 | ---- | M] (Intel Corporation) MD5=E5A0034847537EAEE3C00349D5C34C5F -- C:\D\M\I3\IASTOR.SYS


[2008/04/14 13:00:00 | 000,110,080 | ---- | M] (Microsoft Corporation) MD5=0469B73DB32E5520F342C5E163AA3CCA -- C:\WINDOWS\system32\imm32.dll


[2008/04/14 13:00:00 | 001,054,720 | ---- | M] (Microsoft Corporation) MD5=3AC8886DFA5AB641417DF4D3B7F5512E -- C:\WINDOWS\$NtUninstallKB959426$\kernel32.dll
[2009/03/21 15:07:58 | 001,054,720 | ---- | M] (Microsoft Corporation) MD5=98F08549604D090B6B2514AF845F329F -- C:\WINDOWS\$NtUninstallKB2758857$\kernel32.dll
[2012/10/03 05:58:11 | 001,055,232 | ---- | M] (Microsoft Corporation) MD5=9BF964752FEBC8E0265B62EEF034D465 -- C:\WINDOWS\system32\dllcache\kernel32.dll
[2012/10/03 05:58:11 | 001,055,232 | ---- | M] (Microsoft Corporation) MD5=9BF964752FEBC8E0265B62EEF034D465 -- C:\WINDOWS\system32\kernel32.dll
[2009/03/21 19:30:18 | 001,056,768 | ---- | M] (Microsoft Corporation) MD5=C3AF0EEE26B59484E674673E3016AAB7 -- C:\WINDOWS\$hf_mig$\KB959426\SP3QFE\kernel32.dll
[2012/10/03 05:57:29 | 001,056,768 | ---- | M] (Microsoft Corporation) MD5=CB4292C6D077188C726B2EE073E5D3BE -- C:\WINDOWS\$hf_mig$\KB2758857\SP3QFE\kernel32.dll


[2008/06/20 18:44:02 | 000,247,808 | ---- | M] (Microsoft Corporation) MD5=C759B3790D3BA760C52E218EF4886DAC -- C:\WINDOWS\system32\dllcache\mswsock.dll
[2008/07/28 14:42:08 | 000,247,808 | ---- | M] (Microsoft Corporation) MD5=D019B43E41859B6720401F4197B37C01 -- C:\WINDOWS\system32\mswsock.dll


[2008/04/14 13:00:00 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys


[2008/04/17 05:52:14 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=DD541857A2C579BCE5FBD52D8D2119F6 -- C:\WINDOWS\system32\netlogon.dll


[2008/04/22 14:45:52 | 000,576,384 | ---- | M] (Microsoft Corporation) MD5=A0857C97770034FD2AF17DC4014B5ABD -- C:\WINDOWS\system32\drivers\ntfs.sys


[2008/04/14 13:00:00 | 000,438,272 | ---- | M] (Microsoft Corporation) MD5=037D92B3A7853A183FCAB77FB1D13D6C -- C:\WINDOWS\system32\ntmssvc.dll


[2006/02/26 16:21:18 | 000,089,856 | ---- | M] (NVIDIA Corporation) MD5=83F0275A21D9772B51CEF57E35AFAE61 -- C:\D\M\N\123\NVATABUS.sys
[2006/04/24 16:52:28 | 000,100,736 | ---- | M] (NVIDIA Corporation) MD5=C03E15101F6D9E82CD9B0E7D715F5DE3 -- C:\D\M\N\TM\NVATABUS.sys


[2007/07/27 21:16:02 | 000,105,984 | ---- | M] (NVIDIA Corporation) MD5=4BC4BAAED05161E0D331627E90A10745 -- C:\D\M\N\6\nvgts.sys


[2008/09/27 11:26:10 | 000,110,592 | ---- | M] (Microsoft Corporation) MD5=4390DB2F43B872479D098CD5A8A4A12D -- C:\WINDOWS\system32\proquota.exe


[2008/04/14 13:00:00 | 000,409,088 | ---- | M] (Microsoft Corporation) MD5=BAA0B6E647C1AD593E9BAE5CC31BCFFB -- C:\WINDOWS\system32\qmgr.dll


[2008/04/14 13:00:00 | 000,187,392 | ---- | M] (Microsoft Corporation) MD5=973B36634C544948C663E8269AA1B3A3 -- C:\WINDOWS\system32\scecli.dll


[2008/04/14 13:00:00 | 001,571,840 | ---- | M] (Microsoft Corporation) MD5=E17C85D5B5CF477638433B851A98499E -- C:\WINDOWS\system32\sfcfiles.dll


[2010/08/17 14:19:36 | 000,058,880 | ---- | M] (Microsoft Corporation) MD5=258DD5D4283FD9F9A7166BE9AE45CE73 -- C:\WINDOWS\$hf_mig$\KB2347290\SP3QFE\spoolsv.exe
[2008/04/14 13:00:00 | 000,057,856 | ---- | M] (Microsoft Corporation) MD5=460E4CE148BD07218DA0B6A3D31885A9 -- C:\WINDOWS\$NtUninstallKB2347290$\spoolsv.exe
[2010/08/17 14:17:06 | 000,058,880 | ---- | M] (Microsoft Corporation) MD5=60784F891563FB1B767F70117FC2428F -- C:\WINDOWS\system32\dllcache\spoolsv.exe
[2010/08/17 14:17:06 | 000,058,880 | ---- | M] (Microsoft Corporation) MD5=60784F891563FB1B767F70117FC2428F -- C:\WINDOWS\system32\spoolsv.exe


[2008/04/14 13:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=E4BDF223CD75478BF44567B4D5C2634D -- C:\WINDOWS\system32\svchost.exe


[2008/04/14 13:00:00 | 000,297,984 | ---- | M] (Microsoft Corporation) MD5=710BC85A8C22626EE094439E3EA0D38C -- C:\WINDOWS\system32\termsrv.dll


[2008/04/14 13:00:00 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=E74DDB12188C2FF57A78624DBF7332FC -- C:\WINDOWS\system32\userinit.exe


[2008/07/10 16:19:02 | 000,117,248 | ---- | M] (VIA Technologies inc,.ltd) MD5=00046AA2E396EDC2238556E740A8E5AF -- C:\D\M\V\viamraid.sys


[2008/04/03 14:42:34 | 000,053,248 | ---- | M] (VIA Technologies, Inc.) MD5=682D704CA5B1FEDE6C4BEF0E2188745C -- C:\D\M\V4\VIPRT.SYS


[2008/04/14 13:00:00 | 000,053,376 | ---- | M] (Microsoft Corporation) MD5=46DE1126684369BACE4849E4FC8C43CA -- C:\WINDOWS\system32\drivers\volsnap.sys


[2012/05/16 16:06:36 | 000,916,992 | ---- | M] (Microsoft Corporation) MD5=1A5B88015B3823D31C5842DE0DBFE842 -- C:\WINDOWS\ie8updates\KB2722913-IE8\wininet.dll
[2012/07/02 18:38:43 | 000,920,064 | ---- | M] (Microsoft Corporation) MD5=29FEC860C77934244D28213C24A6E110 -- C:\WINDOWS\$hf_mig$\KB2722913-IE8\SP3QFE\wininet.dll
[2012/07/02 18:39:50 | 000,916,992 | ---- | M] (Microsoft Corporation) MD5=3702C4555CE284742F80364D7904BA73 -- C:\WINDOWS\ie8updates\KB2744842-IE8\wininet.dll
[2011/11/01 00:37:15 | 000,832,512 | ---- | M] (Microsoft Corporation) MD5=3EBA4EF5F70FA6693708D0502165BCA5 -- C:\WINDOWS\SoftwareDistribution\Download\90696359ed965edfdab19eafa82e4db4\SP3GDR\wininet.dll
[2012/11/01 13:15:37 | 000,920,064 | ---- | M] (Microsoft Corporation) MD5=51A9018D2872998747A12DE8F1897D38 -- C:\WINDOWS\$hf_mig$\KB2761465-IE8\SP3QFE\wininet.dll
[2012/05/16 16:05:31 | 000,920,064 | ---- | M] (Microsoft Corporation) MD5=55DEA0699C49199F80D41B8177708169 -- C:\WINDOWS\$hf_mig$\KB2699988-IE8\SP3QFE\wininet.dll
[2011/12/17 20:43:31 | 000,916,992 | ---- | M] (Microsoft Corporation) MD5=5C72F65D2F038E0BF481326423F9D266 -- C:\WINDOWS\ie8updates\KB2675157-IE8\wininet.dll
[2009/03/08 04:34:58 | 000,914,944 | ---- | M] (Microsoft Corporation) MD5=6CE32F7778061CCC5814D5E0F282D369 -- C:\0d56cf0561c06e071ce02cf6e984\wininet.dll
[2009/03/08 04:34:58 | 000,914,944 | ---- | M] (Microsoft Corporation) MD5=6CE32F7778061CCC5814D5E0F282D369 -- C:\WINDOWS\ie8updates\KB982381-IE8\wininet.dll
[2012/03/01 11:58:11 | 000,919,552 | ---- | M] (Microsoft Corporation) MD5=7960ADFC62197E5262A8A72A9FE99C43 -- C:\WINDOWS\$hf_mig$\KB2675157-IE8\SP3QFE\wininet.dll
[2008/09/27 11:27:20 | 000,879,616 | ---- | M] (Microsoft Corporation) MD5=90B16FF3ACEC94B95BA95AA686442A47 -- C:\WINDOWS\ie8\wininet.dll
[2011/11/04 20:13:29 | 000,916,992 | ---- | M] (Microsoft Corporation) MD5=B0DF02C2326381D64149F3EEFAE5E09D -- C:\WINDOWS\ie8updates\KB2647516-IE8\wininet.dll
[2011/11/04 20:13:29 | 000,916,992 | ---- | M] (Microsoft Corporation) MD5=B0DF02C2326381D64149F3EEFAE5E09D -- C:\WINDOWS\SoftwareDistribution\Download\aa8b09a9c37910a11a380ea798b1aa32\SP3GDR\wininet.dll
[2010/05/06 11:33:44 | 000,916,480 | ---- | M] (Microsoft Corporation) MD5=B98E84E2CD3EE25D6D41936352E93112 -- C:\WINDOWS\ie8updates\KB2618444-IE8\wininet.dll
[2010/05/06 11:33:44 | 000,916,480 | ---- | M] (Microsoft Corporation) MD5=B98E84E2CD3EE25D6D41936352E93112 -- C:\WINDOWS\SoftwareDistribution\Download\20e9dcb0bb08e135c6a58fb5643a8e2d\SP3GDR\wininet.dll
[2011/11/01 00:34:41 | 000,841,216 | ---- | M] (Microsoft Corporation) MD5=BA5698088105D6A85E5EA65099D87A7B -- C:\WINDOWS\$hf_mig$\KB2618444-IE7\SP3QFE\wininet.dll
[2011/11/01 00:34:41 | 000,841,216 | ---- | M] (Microsoft Corporation) MD5=BA5698088105D6A85E5EA65099D87A7B -- C:\WINDOWS\SoftwareDistribution\Download\90696359ed965edfdab19eafa82e4db4\SP3QFE\wininet.dll
[2010/05/06 11:27:42 | 000,919,040 | ---- | M] (Microsoft Corporation) MD5=C906F4EA76E7BEC9255776E626086B95 -- C:\WINDOWS\$hf_mig$\KB982381-IE8\SP3QFE\wininet.dll
[2010/05/06 11:27:42 | 000,919,040 | ---- | M] (Microsoft Corporation) MD5=C906F4EA76E7BEC9255776E626086B95 -- C:\WINDOWS\SoftwareDistribution\Download\20e9dcb0bb08e135c6a58fb5643a8e2d\SP3QFE\wininet.dll
[2011/11/04 20:12:19 | 000,919,552 | ---- | M] (Microsoft Corporation) MD5=CC5816AA2B0EB20BA52D5622A7C1DED3 -- C:\WINDOWS\$hf_mig$\KB2618444-IE8\SP3QFE\wininet.dll
[2011/11/04 20:12:19 | 000,919,552 | ---- | M] (Microsoft Corporation) MD5=CC5816AA2B0EB20BA52D5622A7C1DED3 -- C:\WINDOWS\SoftwareDistribution\Download\aa8b09a9c37910a11a380ea798b1aa32\SP3QFE\wininet.dll
[2012/08/28 16:04:59 | 000,916,992 | ---- | M] (Microsoft Corporation) MD5=D0E5BB7F1F2B2A86CE809CC8EA9CB5B5 -- C:\WINDOWS\ie8updates\KB2761465-IE8\wininet.dll
[2012/03/01 12:00:23 | 000,916,992 | ---- | M] (Microsoft Corporation) MD5=D44608FCA100A5C48053588517517028 -- C:\WINDOWS\ie8updates\KB2699988-IE8\wininet.dll
[2012/11/01 13:17:51 | 000,916,992 | ---- | M] (Microsoft Corporation) MD5=E9C2CF196F769DE332181121B37518E7 -- C:\WINDOWS\system32\dllcache\wininet.dll
[2012/11/01 13:17:51 | 000,916,992 | ---- | M] (Microsoft Corporation) MD5=E9C2CF196F769DE332181121B37518E7 -- C:\WINDOWS\system32\wininet.dll
[2012/08/28 16:03:48 | 000,920,064 | ---- | M] (Microsoft Corporation) MD5=ECB2FC839288380533043CF2E91E51E6 -- C:\WINDOWS\$hf_mig$\KB2744842-IE8\SP3QFE\wininet.dll
[2011/12/17 20:42:36 | 000,919,552 | ---- | M] (Microsoft Corporation) MD5=FBF4D9A8AE222337063B7DF8881F5AE5 -- C:\WINDOWS\$hf_mig$\KB2647516-IE8\SP3QFE\wininet.dll


[2012/07/24 23:55:49 | 000,000,010 | ---- | M] () MD5=F787DF948662D0BE682D0662404CB604 -- C:\WINDOWS\WININIT.INI


[2008/09/27 11:27:21 | 000,593,408 | ---- | M] (Microsoft Corporation) MD5=4BB6301D634C857A5089E8B24C5555E4 -- C:\WINDOWS\system32\winlogon.exe
[2008/09/27 11:27:21 | 000,593,408 | ---- | M] (Microsoft Corporation) MD5=4BB6301D634C857A5089E8B24C5555E4 -- C:\WINDOWS\system32\winlogon.exe


[2008/04/14 13:00:00 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=FB836F9E62D82904C983AD21296A5D9C -- C:\WINDOWS\system32\ws2_32.dll


[2008/04/14 13:00:00 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=F92A87FDDA0C11C8604FBC2B864FA726 -- C:\WINDOWS\system32\xmlprov.dll


"Debug" =
"Kmode" = %SystemRoot%\system32\win32k.sys -- [2012/11/13 12:55:44 | 001,866,496 | ---- | M] (Microsoft Corporation)
"Optional" = [binary data]
"Posix" =
"Required" = DebugWindows [binary data]
"Windows" = %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,3072,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\CSRSS]
"CsrSrvSharedSectionBase" = 2137980928




[1 C:\WINDOWS\system32\*.tmp files - C:\WINDOWS\system32\*.tmp - ]






[2012/02/02 15:10:53 | 000,094,208 | ---- | M] () -- C:\WINDOWS\System32\config\default.sav
[2012/02/02 15:10:53 | 001,093,632 | ---- | M] () -- C:\WINDOWS\System32\config\software.sav
[2012/02/02 15:10:52 | 000,434,176 | ---- | M] () -- C:\WINDOWS\System32\config\system.sav


[2012/02/02 14:39:53 | 000,000,065 | RH-- | C] () -- C:\WINDOWS\Tasks\desktop.ini
[2012/02/02 14:45:38 | 000,000,006 | -H-- | C] () -- C:\WINDOWS\Tasks\SA.DAT
[2012/05/11 10:14:11 | 000,001,002 | ---- | C] () -- C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
[2012/06/13 22:43:51 | 000,001,070 | ---- | C] () -- C:\WINDOWS\Tasks\SoftwareUpdateTaskMachineCore1cd49ad9f409b96.job
#40270
Salut Amelie72


Double clic sur OTL.exe pour le lancer.
(Vista/Seven -- Faire un clique droit sur OTL.exe pour lancer le programme et choisi "Exécuter en tant qu'administrateur".

* Copie la liste qui se trouve en citation ci-dessous, et colle-la dans la zone sous " Personnalisation "

:Reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A5BE62CA-DE0F-4764-A0CB-4044816DB174}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{A5BE62CA-DE0F-4764-A0CB-4044816DB174}"=-
[HKEY_CURRENT_USER\Software\Microsoft\Windows\ShellNoRoam\MUICache]
"C:\Program Files\tuEagles\EglAbout.exe"=-
[HKEY_CURRENT_USER\Software\Microsoft\Windows\ShellNoRoam\MUICache]
"C:\Program Files\tuEagles\control.exe"=-
[HKEY_CURRENT_USER\Software\Microsoft\Windows\ShellNoRoam\MUICache]
"C:\Program Files\tuEagles\uninst.exe"=-
[HKEY_CURRENT_USER\Software\Microsoft\Windows\ShellNoRoam\MUICache]
"C:\Program Files\tuEagles\EglR.exe"=-
[HKEY_CURRENT_USER\Software\Microsoft\Windows\ShellNoRoam\MUICache]
"C:\Program Files\tuEagles\eglsetu1.exe"=-
[HKEY_CURRENT_USER\Software\Microsoft\Windows\ShellNoRoam\MUICache]
"C:\Program Files\tuEagles\logview.exe"=-
[-HKEY_LOCAL_MACHINE\SOFTWARE\tueagles]
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SafeBoot\Minimal\tuEaglesService]
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SafeBoot\Network\tuEaglesService]
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_TUEAGLESSERVICE]
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\egldrv]
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\tuEaglesService]
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\SafeBoot\Minimal\tuEaglesService]
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_TUEAGLESSERVICE]
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\egldrv]
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\tuEaglesService]
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\tuEaglesService]
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\tuEaglesService]
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_TUEAGLESSERVICE]
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\egldrv]
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\tuEaglesService]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\ShellNoRoam\MUICache]
"C:\Program Files\tuEagles\EglAgent.exe"=-
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\ShellNoRoam\MUICache]
"C:\Program Files\tuEagles\EglR.exe"=-
[HKEY_USERS\S-1-5-21-117609710-651377827-1177238915-500\Software\Microsoft\Windows\ShellNoRoam\MUICache]
"C:\Program Files\tuEagles\EglAbout.exe"=-
[HKEY_USERS\S-1-5-21-117609710-651377827-1177238915-500\Software\Microsoft\Windows\ShellNoRoam\MUICache]
"C:\Program Files\tuEagles\control.exe"=-
[HKEY_USERS\S-1-5-21-117609710-651377827-1177238915-500\Software\Microsoft\Windows\ShellNoRoam\MUICache]
"C:\Program Files\tuEagles\uninst.exe"=-
[HKEY_USERS\S-1-5-21-117609710-651377827-1177238915-500\Software\Microsoft\Windows\ShellNoRoam\MUICache]
"C:\Program Files\tuEagles\EglR.exe"=-
[HKEY_USERS\S-1-5-21-117609710-651377827-1177238915-500\Software\Microsoft\Windows\ShellNoRoam\MUICache]
"C:\Program Files\tuEagles\eglsetu1.exe"=-
[HKEY_USERS\S-1-5-21-117609710-651377827-1177238915-500\Software\Microsoft\Windows\ShellNoRoam\MUICache]
"C:\Program Files\tuEagles\logview.exe"=-
[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\ShellNoRoam\MUICache]
"C:\Program Files\tuEagles\EglAgent.exe"=-
[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\ShellNoRoam\MUICache]
"C:\Program Files\tuEagles\EglR.exe"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SharedAccess\Epoch]
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\SharedAccess\Epoch]
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Epoch]

:OTL
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
IE - HKU\.DEFAULT\..\SearchScopes,bProtectorDefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
IE - HKU\S-1-5-18\..\SearchScopes,bProtectorDefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
IE - HKU\S-1-5-21-117609710-651377827-1177238915-500\..\SearchScopes\{A531D99C-5A22-449b-83DA-872725C6D0ED}: "URL" = http://search.alot.com/web?q={searchTer ... .1000.1(B)
FF - prefs.js..extensions.enabledAddons: {b64982b1-d112-42b5-b1e4-d3867c4533f8}:2.2.463.83
O3 - HKU\S-1-5-21-117609710-651377827-1177238915-500\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O20 - AppInit_DLLs: (c:\docume~1\alluse~1\applic~1\bprote~1\22463~1.83\protec~1.dll) - c:\Documents and Settings\All Users\Application Data\bProtectorForWindows\2.2.463.83\protector.dll ()
[3 C:\WINDOWS\*.tmp files - C:\WINDOWS\*.tmp - ]
[1 C:\WINDOWS\System32\*.tmp files - C:\WINDOWS\System32\*.tmp - ]
[2013/01/27 22:47:01 | 000,001,070 | ---- | M] () -- C:\WINDOWS\tasks\SoftwareUpdateTaskMachineCore1cd49ad9f409b96.job
[2012/12/16 21:18:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrateur\Application Data\searchresultstb
[2012/06/12 22:15:21 | 000,069,339 | ---- | M] () -- C:\alotserviceruntime.log
[2008/05/02 10:11:14 | 000,282,725 | ---- | M] () -- C:\DSPdsblr.exe
[2008/04/08 11:46:45 | 000,137,728 | ---- | M] () -- C:\mute.exe
[2008/05/02 10:11:17 | 000,235,131 | ---- | M] () -- C:\pmtimer.exe
[2012/03/03 19:36:33 | 000,000,000 | ---D | M] -- C:\Program Files\iMesh Applications

:Files
C:\WINDOWS\Retafte.bmp
C:\WINDOWS\NFCHS.exe
C:\WINDOWS\Eleathe.bmp
C:\Program Files\tuEagles
c:\Documents and Settings\All Users\Application Data\bProtectorForWindows

:Commands
[Emptytemp]

* Clique sur " Correction " pour lancer la suppression.

* Si un fichier ou dossier ne peut pas être supprimé immédiatement, le logiciel te demandera de redémarrer. Accepte en cliquant sur Oui.

* Au redémarrage , autorise OTL a s'exécuter.

* Poste le rapport généré par OTL.


@++
#40271
Rapport OTL

All processes killed
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A5BE62CA-DE0F-4764-A0CB-4044816DB174}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A5BE62CA-DE0F-4764-A0CB-4044816DB174}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\\{A5BE62CA-DE0F-4764-A0CB-4044816DB174} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A5BE62CA-DE0F-4764-A0CB-4044816DB174}\ not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\ShellNoRoam\MUICache\\C:\Program Files\tuEagles\EglAbout.exe deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\ShellNoRoam\MUICache\\C:\Program Files\tuEagles\control.exe deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\ShellNoRoam\MUICache\\C:\Program Files\tuEagles\uninst.exe deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\ShellNoRoam\MUICache\\C:\Program Files\tuEagles\EglR.exe deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\ShellNoRoam\MUICache\\C:\Program Files\tuEagles\eglsetu1.exe deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\ShellNoRoam\MUICache\\C:\Program Files\tuEagles\logview.exe deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\tueagles\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SafeBoot\Minimal\tuEaglesService\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SafeBoot\Network\tuEaglesService\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_TUEAGLESSERVICE\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\egldrv\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\tuEaglesService\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\SafeBoot\Minimal\tuEaglesService\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_TUEAGLESSERVICE\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\egldrv\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\tuEaglesService\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\tuEaglesService\ not found.
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\tuEaglesService\ not found.
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_TUEAGLESSERVICE\ not found.
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\egldrv\ not found.
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\tuEaglesService\ not found.
Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\ShellNoRoam\MUICache\\C:\Program Files\tuEagles\EglAgent.exe deleted successfully.
Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\ShellNoRoam\MUICache\\C:\Program Files\tuEagles\EglR.exe deleted successfully.
Registry value HKEY_USERS\S-1-5-21-117609710-651377827-1177238915-500\Software\Microsoft\Windows\ShellNoRoam\MUICache\\C:\Program Files\tuEagles\EglAbout.exe not found.
Registry value HKEY_USERS\S-1-5-21-117609710-651377827-1177238915-500\Software\Microsoft\Windows\ShellNoRoam\MUICache\\C:\Program Files\tuEagles\control.exe not found.
Registry value HKEY_USERS\S-1-5-21-117609710-651377827-1177238915-500\Software\Microsoft\Windows\ShellNoRoam\MUICache\\C:\Program Files\tuEagles\uninst.exe not found.
Registry value HKEY_USERS\S-1-5-21-117609710-651377827-1177238915-500\Software\Microsoft\Windows\ShellNoRoam\MUICache\\C:\Program Files\tuEagles\EglR.exe not found.
Registry value HKEY_USERS\S-1-5-21-117609710-651377827-1177238915-500\Software\Microsoft\Windows\ShellNoRoam\MUICache\\C:\Program Files\tuEagles\eglsetu1.exe not found.
Registry value HKEY_USERS\S-1-5-21-117609710-651377827-1177238915-500\Software\Microsoft\Windows\ShellNoRoam\MUICache\\C:\Program Files\tuEagles\logview.exe not found.
Registry value HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\ShellNoRoam\MUICache\\C:\Program Files\tuEagles\EglAgent.exe not found.
Registry value HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\ShellNoRoam\MUICache\\C:\Program Files\tuEagles\EglR.exe not found.
Registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SharedAccess\Epoch\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\SharedAccess\Epoch\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Epoch\ not found.
========== OTL ==========
Service lbrtfdc stopped successfully!
Service lbrtfdc deleted successfully!
Service i2omgmt stopped successfully!
Service i2omgmt deleted successfully!
Service Changer stopped successfully!
Service Changer deleted successfully!
HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_USERS\S-1-5-21-117609710-651377827-1177238915-500\Software\Microsoft\Internet Explorer\SearchScopes\{A531D99C-5A22-449b-83DA-872725C6D0ED}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A531D99C-5A22-449b-83DA-872725C6D0ED}\ not found.
Prefs.js: {b64982b1-d112-42b5-b1e4-d3867c4533f8}:2.2.463.83 removed from extensions.enabledAddons
Registry value HKEY_USERS\S-1-5-21-117609710-651377827-1177238915-500\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_Dlls:c:\docume~1\alluse~1\applic~1\bprote~1\22463~1.83\protec~1.dll deleted successfully.
File move failed. c:\Documents and Settings\All Users\Application Data\bProtectorForWindows\2.2.463.83\protector.dll scheduled to be moved on reboot.
C:\WINDOWS\SET3.tmp deleted successfully.
C:\WINDOWS\SET4.tmp deleted successfully.
C:\WINDOWS\SET8.tmp deleted successfully.
C:\WINDOWS\System32\CONFIG.TMP deleted successfully.
C:\WINDOWS\tasks\SoftwareUpdateTaskMachineCore1cd49ad9f409b96.job moved successfully.
C:\Documents and Settings\Administrateur\Application Data\searchresultstb folder moved successfully.
C:\alotserviceruntime.log moved successfully.
C:\DSPdsblr.exe moved successfully.
C:\mute.exe moved successfully.
C:\pmtimer.exe moved successfully.
C:\Program Files\iMesh Applications folder moved successfully.
========== FILES ==========
File move failed. C:\WINDOWS\Retafte.bmp scheduled to be moved on reboot.
C:\WINDOWS\NFCHS.exe moved successfully.
File move failed. C:\WINDOWS\Eleathe.bmp scheduled to be moved on reboot.
C:\Program Files\tuEagles\scrnsav\2013-01-28 folder moved successfully.
C:\Program Files\tuEagles\scrnsav\2013-01-27 folder moved successfully.
C:\Program Files\tuEagles\scrnsav\2013-01-26 folder moved successfully.
C:\Program Files\tuEagles\scrnsav folder moved successfully.
C:\Program Files\tuEagles folder moved successfully.
Folder move failed. c:\Documents and Settings\All Users\Application Data\bProtectorForWindows\2.2.463.83 scheduled to be moved on reboot.
Folder move failed. c:\Documents and Settings\All Users\Application Data\bProtectorForWindows scheduled to be moved on reboot.
========== COMMANDS ==========

[EMPTYTEMP]

User: Administrateur
-Temp folder emptied: 36599668 bytes
-Temporary Internet Files folder emptied: 672571957 bytes
-FireFox cache emptied: 14010545 bytes
-Flash cache emptied: 8394517 bytes

User: All Users

User: Default User
-Temp folder emptied: 0 bytes
-Temporary Internet Files folder emptied: 33170 bytes

User: LocalService
-Temp folder emptied: 0 bytes
-Temporary Internet Files folder emptied: 33170 bytes

User: NetworkService
-Temp folder emptied: 11988 bytes
-Temporary Internet Files folder emptied: 33177 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 136594080 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 155111486 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 12709199 bytes
RecycleBin emptied: 139264 bytes

Total Files Cleaned = 988,00 mb


OTL by OldTimer - Version 3.2.69.0 log created on 01282013_000751

Files\Folders moved on Reboot...
File move failed. c:\Documents and Settings\All Users\Application Data\bProtectorForWindows\2.2.463.83\protector.dll scheduled to be moved on reboot.
C:\WINDOWS\Retafte.bmp moved successfully.
C:\WINDOWS\Eleathe.bmp moved successfully.
Folder move failed. c:\Documents and Settings\All Users\Application Data\bProtectorForWindows\2.2.463.83 scheduled to be moved on reboot.
Folder move failed. c:\Documents and Settings\All Users\Application Data\bProtectorForWindows\2.2.463.83 scheduled to be moved on reboot.
Folder move failed. c:\Documents and Settings\All Users\Application Data\bProtectorForWindows scheduled to be moved on reboot.
File\Folder C:\Documents and Settings\Administrateur\Local Settings\Temp\~DF6D40.tmp not found!
File\Folder C:\Documents and Settings\Administrateur\Local Settings\Temp\~DF6D55.tmp not found!
File\Folder C:\Documents and Settings\Administrateur\Local Settings\Temp\~DF6EC6.tmp not found!
File\Folder C:\Documents and Settings\Administrateur\Local Settings\Temp\~DF6EDC.tmp not found!
File\Folder C:\Documents and Settings\Administrateur\Local Settings\Temp\~DF6FC9.tmp not found!
File\Folder C:\Documents and Settings\Administrateur\Local Settings\Temp\~DF701C.tmp not found!
C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\S46NOV3A\chatbox[2].htm moved successfully.
C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\S46NOV3A\index[2].htm moved successfully.
C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\S46NOV3A\t6275-comment-supprimer-logiciel-anti-porn[4].htm moved successfully.
C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\S46NOV3A\xd_arbiter[2].htm moved successfully.
C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\1N2MIQ2I\like[2].htm moved successfully.
C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\1N2MIQ2I\xd_arbiter[1].htm moved successfully.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...
#40272
Salut Amelie72


Double clic sur OTL.exe pour le lancer.
(Vista/Seven -- Faire un clique droit sur OTL.exe pour lancer le programme et choisi "Exécuter en tant qu'administrateur".

* Copie la liste qui se trouve en citation ci-dessous, et colle-la dans la zone sous " Personnalisation "

:Files
c:\Documents and Settings\All Users\Application Data\bProtectorForWindows

:Commands
[Emptytemp]

* Clique sur " Correction " pour lancer la suppression.

* Si un fichier ou dossier ne peut pas être supprimé immédiatement, le logiciel te demandera de redémarrer. Accepte en cliquant sur Oui.

* Au redémarrage , autorise OTL a s'exécuter.

* Poste le rapport généré par OTL.


@++
#40273
Rapport OTL

All processes killed
========== FILES ==========
Folder move failed. c:\Documents and Settings\All Users\Application Data\bProtectorForWindows\2.2.463.83 scheduled to be moved on reboot.
Folder move failed. c:\Documents and Settings\All Users\Application Data\bProtectorForWindows scheduled to be moved on reboot.
========== COMMANDS ==========

[EMPTYTEMP]

User: Administrateur
-Temp folder emptied: 83456 bytes
-Temporary Internet Files folder emptied: 32589819 bytes
-FireFox cache emptied: 0 bytes
-Flash cache emptied: 877 bytes

User: All Users

User: Default User
-Temp folder emptied: 0 bytes
-Temporary Internet Files folder emptied: 0 bytes

User: LocalService
-Temp folder emptied: 0 bytes
-Temporary Internet Files folder emptied: 0 bytes

User: NetworkService
-Temp folder emptied: 0 bytes
-Temporary Internet Files folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 483 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 1805 bytes

Total Files Cleaned = 31,00 mb


OTL by OldTimer - Version 3.2.69.0 log created on 01282013_003931

Files\Folders moved on Reboot...
c:\Documents and Settings\All Users\Application Data\bProtectorForWindows\2.2.463.83 folder moved successfully.
c:\Documents and Settings\All Users\Application Data\bProtectorForWindows folder moved successfully.
File\Folder C:\Documents and Settings\Administrateur\Local Settings\Temp\~DF774A.tmp not found!
File\Folder C:\Documents and Settings\Administrateur\Local Settings\Temp\~DF7785.tmp not found!
File\Folder C:\Documents and Settings\Administrateur\Local Settings\Temp\~DF781B.tmp not found!
File\Folder C:\Documents and Settings\Administrateur\Local Settings\Temp\~DF782E.tmp not found!
File\Folder C:\Documents and Settings\Administrateur\Local Settings\Temp\~DF7956.tmp not found!
File\Folder C:\Documents and Settings\Administrateur\Local Settings\Temp\~DF796F.tmp not found!
C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\H4FBUA7U\chatbox[1].htm moved successfully.
C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\H4FBUA7U\index[1].htm moved successfully.
C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\H4FBUA7U\like[1].htm moved successfully.
C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\H4FBUA7U\t6275-comment-supprimer-logiciel-anti-porn[1].htm moved successfully.
C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\H4FBUA7U\xd_arbiter[1].htm moved successfully.
C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\H4FBUA7U\xd_arbiter[2].htm moved successfully.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...
#40276
Salut Amelie72


Bien de rien

On va faire un ménage des outils téléchargés pour la désinfection, télécharge Del Fix (de Xplode), sur ton bureau :

http://www.general-changelog-team.fr/fr ... /26-delfix

Lance-le, coche l'option "Supprimer les outils de désinfection".
Clique sur [Exécuter]
Patiente durant l'opération..


-----


Je te donne quelques consignes de sécurité :

Image Windows Update parfaitement à jour http://www.windowsupdate.com/
Image Pare-feu bien paramétré pour XP, je te conseil :
ZoneAlarm, Vista/Seven -- le pare de WINDOWS est suffisant.
Image Antivirus bien paramétré et mis à jour régulièrement (quotidiennement s'il le faut) avec un scan complet régulier (journalier s'il le faut).
Image Une attitude prudente vis à vis de la navigation (pas de sites douteux : cracks, warez, sexe...) et vis à vis de la messagerie (fichiers joints aux messages doivent être scannés avant d'être ouverts)
Image Pas de téléchargement illégal, qui est le principal facteur d’infection (µTorrent, BitTorrent, eMule, Limewire, etc..)
Le danger des cracks !
Les risques sécuritaires du peer-to-peer
Image Une attitude vigilante (être à l'affût d'un fonctionnement inhabituel de son système)
Image Nettoyage hebdomadaire du système (suppression des fichiers inutiles, nettoyage de la base de registre, scandisk)
Image Scan hebdomadaire antispyware ( je conseil MalwareByte's Anti-Malware)
Image Un contrôle régulier de la console JAVA pour s'assurer qu'elle est à jour http://www.java.com/en/download/help/testvm.xml
Image Faire régulièrement un scan de vulnérabilités afin de vérifier que tes logiciels soit à jour sans failles de sécurités :
http://www.malekal.com/scan_vulnerabilite.php

Si tu considère ton problème comme résolu, procédure pour le mettre :
http://www.forum-entraide-informatique. ... -en-resolu

Bonne journée/soirée et bon surf


@++

Configurez la redirection de port sur votre Freebo[…]

Willy

Hi there! I’ve always been passionate about […]

Merci pour la réponse ;) Pour verifier […]

Hello Ça me semble complexe, avez vous e[…]