desktop security 2010 et Security center alert

[matthieu77]

Bonjour ,
j'ai chopé ces deux virus ou spyware, je comprends rien en informatique
j'ai téléchargé spyware doctor et cela ne m'a pas sauvé
pouvez-vous m'expliquer svp en pensant que vous parlez à un débutant comment les éradiquer!
merci d'avance

ps:si vous aviez des conseils en matière d'antivirus gratuits je prends!

[EinsteinZero]

Salut,
en attendant que les spécialiste des virus interviennent plusieurs petites choses

1> Système utilisé sur le PC (version de windows)

2> Deux petites choses:

---> Scan ton PC avec Malwarebyte's antimalware >>ici<< (en mode sans échec si tu peux) supprime les malwares trouvés et poste son rapport (copier coller)

Important: met à jours la base de virus avant de passer en mode sans échec

Pour le mode sans échec: au démarrage du PC, tapote F8 et choisi mode sans échec dans le menu

---> Poste un rapport hijackThis >>ici avec mode d'emploi<< !!!! ne fait pas l'analyse en mode sans échec!!!


Sinon comme antivirus gratuit, le dernier Avast a bonne réputation

[matthieu77]

merci de répondre,voici les 2 analyses: (pour info j'ai vista)

Code: Tout sélectionner

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 00:46:35, on 07/05/2010
Platform: Windows Vista  (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.17037)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Spyware Doctor\pctsTray.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\system32\taskeng.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Picasa2\PicasaMediaDetector.exe
C:\Program Files\Common Files\Logitech\LComMgr\Communications_Helper.exe
C:\Program Files\Logitech\QuickCam10\QuickCam10.exe
C:\Program Files\Common Files\Logitech\LComMgr\LVComSX.exe
C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
C:\Program Files\Sony\Content Transfer\ContentTransferWMDetector.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\HP\Digital Imaging\bin\HpqSRmon.exe
C:\Program Files\AxBx\VirusKeeper 2010 Pro Evaluation\VirusKeeper.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Windows\System32\wpcumi.exe
C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Veoh Networks\Veoh\VeohClient.exe
C:\Windows\ehome\ehtray.exe
C:\Windows\System32\spool\drivers\w32x86\3\E_FATIEGE.EXE
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Neuf\Kit\9props.exe
C:\Users\Matthieu\AppData\Local\Temp\m.2E041.tmp.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe
C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\AxBx\VirusKeeper 2010 Pro Evaluation\vk_scanfile.exe
C:\Program Files\AxBx\VirusKeeper 2010 Pro Evaluation\vk_scanprocess.exe
C:\Program Files\AxBx\VirusKeeper 2010 Pro Evaluation\vk_watchop.exe
C:\Users\Matthieu\Downloads\HiJackThis(2).exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://format.packardbell.com/cgi-bin/redirect/?country=FR&range=AD&phase=8&key=IESTART
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.fr/0SEFRFR/SAOS02
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://format.packardbell.com/cgi-bin/redirect/?country=FR&range=AD&phase=8&key=IESTART
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O1 - Hosts: ::1 localhost
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.5\NppBho.dll
O2 - BHO: Browser Defender BHO - {2A0F3D1B-0909-4FF4-B272-609CCE6054E7} - C:\Program Files\Spyware Doctor\BDT\PCTBrowserDefender.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: MegaIEMn - {bf00e119-21a3-4fd1-b178-3b8537e75c92} - C:\Program Files\Megaupload\Mega Manager\MegaIEMn.dll
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Google\Google_BAE\BAE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: Afficher Norton Toolbar - {90222687-F593-4738-B738-FBEE9C7B26DF} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.5\UIBHO.dll
O3 - Toolbar: Barre d'outils &Crawler - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O3 - Toolbar: PC Tools Browser Guard - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files\Spyware Doctor\BDT\PCTBrowserDefender.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [Skytel] Skytel.exe
O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe"
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe
O4 - HKLM\..\Run: [toolbar_eula_launcher] C:\Program Files\Packard Bell\GOOGLE_EULA\EULALauncher.exe
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\Logitech\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam10\QuickCam10.exe" /hide
O4 - HKLM\..\Run: [LVCOMSX] "C:\Program Files\Common Files\Logitech\LComMgr\LVComSX.exe"
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup
O4 - HKLM\..\Run: [ContentTransferWMDetector.exe] C:\Program Files\Sony\Content Transfer\ContentTransferWMDetector.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [VirusKeeper] C:\Program Files\AxBx\VirusKeeper 2010 Pro Evaluation\VirusKeeper.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [WPCUMI] C:\Windows\system32\WpcUmi.exe
O4 - HKLM\..\Run: [ISTray] "C:\Program Files\Spyware Doctor\pctsTray.exe"
O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
O4 - HKCU\..\Run: [SmpcSys] C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Veoh] "C:\Program Files\Veoh Networks\Veoh\VeohClient.exe" /VeohHide
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [EPSON Stylus SX400 Series] C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIEGE.EXE /FU "C:\Windows\TEMP\E_S7780.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [Connexion SFR 9props.exe] "C:\Program Files\Neuf\Kit\9props.exe" /trayicon
O4 - HKCU\..\Run: [2jplw3uwv8oj] C:\Users\Matthieu\AppData\Local\Temp\m.2E041.tmp.exe
O4 - HKCU\..\Run: [Studiodecorad3d] c:\users\matthieu\appdata\locallow\sun\java\deployment\cache\6.0\15\58fb3e0f-3010df84-n\studiodecorad3d.exe
O4 - HKCU\..\Run: [Desktop Security 2010] "C:\Users\Matthieu\AppData\Roaming\Desktop Security 2010\Desktop Security 2010.exe" /STARTUP
O4 - HKCU\..\Run: [SecurityCenter] C:\Users\Matthieu\AppData\Roaming\Desktop Security 2010\securitycenter.exe
O4 - HKCU\..\RunServices: [electrowwweMPe3net] c:\users\matthieu\music\nokia music manager\mondo\album inconnu\electroalive6219.exe
O4 - HKCU\..\RunServices: [SecurityDesktop] c:\users\matthieu\appdata\roaming\microsoft\internet explorer\quick launch\securitydesktop.exe
O4 - HKUS\S-1-5-18\..\Run: [Nokia.PCSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Nokia.PCSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog (User 'Default user')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: Crawler Search - tbr:iemenu
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: HP Smart Select - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O13 - Gopher Prefix:
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL
O23 - Service: ASLDR Service (ASLDRService) - Unknown owner - C:\Program Files\ATK Hotkey\ASLDRSrv.exe
O23 - Service: Browser Defender Update Service - Threat Expert Ltd. - C:\Program Files\Spyware Doctor\BDT\BDTUpdateService.exe
O23 - Service: ccEvtMgr - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: ccSetMgr - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
O23 - Service: Google Desktop Manager 5.9.911.3589 (GoogleDesktopManager-110309-193829) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\Logitech\SrvLnch\SrvLnch.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: SpyHunter 4 Service - Enigma Software Group USA, LLC. - C:\PROGRA~1\ENIGMA~1\SPYHUN~1\SH4SER~1.EXE
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: @%SystemRoot%\System32\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software - C:\Windows\System32\TuneUpDefragService.exe
O23 - Service: @%SystemRoot%\System32\TUProgSt.exe,-1 (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:\Windows\System32\TUProgSt.exe
O23 - Service: VirusKeeper antivirus/antispyware (vkservice) - AxBx - C:\Program Files\AxBx\VirusKeeper 2010 Pro Evaluation\vk_service.exe

--
End of file - 13853 bytes

et la 2ème:

Code: Tout sélectionner

Malwarebytes' Anti-Malware 1.46
http://www.malwarebytes.org

Version de la base de données: 4073

Windows 6.0.6000 (Safe Mode)
Internet Explorer 7.0.6000.17037

07/05/2010 01:11:30
mbam-log-2010-05-07 (01-11-30).txt

Type d'examen: Examen rapide
Elément(s) analysé(s): 124647
Temps écoulé: 10 minute(s), 24 seconde(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 176
Valeur(s) du Registre infectée(s): 2
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 4
Fichier(s) infecté(s): 23

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
HKEY_CLASSES_ROOT\CLSID\{70880ce6-308c-4204-a89e-b266c3f7b7fa} (Adware.Softomate) -> No action taken.
HKEY_CLASSES_ROOT\Typelib\{56acb669-4139-5611-cbba-f5acb0f4db09} (Trojan.FakeAlert) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{a078f691-9c07-4af2-bf43-35e79eecf8b7} (Adware.Softomate) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{a078f691-9c07-4af2-bf43-35e79eecf8b7} (Adware.Softomate) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{007474e7-1a02-46e1-af4c-fd819a1e8d15} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{01f36ce2-0907-4d8b-979d-f151be91c883} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{07167665-5011-11cf-bf33-00aa0055595a} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{080d0809-7456-4fbc-8493-0d2bf99ea48c} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{080d11fb-a303-4514-88fe-7dda4dfe9e4b} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{080d1473-5fea-4029-875c-53ee96549acc} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{080d588e-9756-455b-bbda-e8bcf9ec7769} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{080d5974-4b61-458b-921b-17628e423713} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{080deab4-60d9-4792-98a5-60a0f6a9acf7} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{080dfee8-4097-4bab-b7a7-1b11f4958213} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{08c72dd4-19ad-49f1-83da-8542b4d302c5} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{09bc59c2-70dd-45f9-a5b7-de9f2a5ca34b} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{0b391d89-8598-407d-8abb-4565e813eae4} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{0c0b97e3-88f4-4464-9f97-2a4e5ef4e514} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{0ca72dba-07e1-4f31-8aef-ed2fee7a5a26} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{0f230444-825c-4d1f-b5fd-f315186a4ac0} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{10662f1b-f76e-411b-a0c1-795d3e22876c} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{120ced89-3bf4-4173-a132-3cb406cf3231} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{12e89724-6940-4bdf-8129-fdb9e2a51e3e} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{15b681b2-1a09-40e3-b75a-e1afe8034137} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{1643e180-90f5-11ce-97d5-00aa0055595a} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{17cee153-8a43-410a-93dc-5e130b0af70d} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{187463a0-5bb7-11d3-acbe-0080c75e246e} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{1a56451b-1315-4012-861e-8587333dd631} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{1ad512c6-24af-4395-82b4-2d3cf21f44a2} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{1b544c20-fd0b-11ce-8c63-00aa0044b51e} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{1b75a8df-7462-46b7-b853-ac942a0e68f1} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{1da08500-9edc-11cf-bc10-00aa00ac74f6} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{1e76bae4-528d-4fb6-bcc1-b2df227d36c3} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{1ea1ea14-48f4-4054-ad1a-e8aee10ac805} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{1f1f4e1a-2252-4063-84bb-eee75f8856d5} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{212690fb-83e5-4526-8fd7-74478b7939cd} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{280a3020-86cf-11d1-abe6-00a0c905f375} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{2a11bae2-fe6e-4249-864b-9e9ed6e8dbc2} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{2b97dbb6-c5fe-4fad-8c01-3e37424a61de} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{2bc393ba-444c-4d23-83bc-26119b2a2172} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{2bca55d6-e4cf-4f1e-b1e8-fbf770ae46f1} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{2db47ae5-cf39-43c2-b4d6-0cd8d90946f4} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{2edf3db1-f88b-488a-b468-cf2bf82c2856} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{2eeb4adf-4578-4d10-bca7-bb955f56320a} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{2f7ee4b6-6ff5-4eb4-b24a-2bfc41117171} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{301056d0-6dff-11d2-9eeb-006008039e37} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{3025a43b-9f0e-4386-9b2b-c8169f120a2c} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{31c88ff0-2111-44bd-a121-61de9cd0412d} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{336475d0-942a-11ce-a870-00aa002feab5} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{33facfe0-a9be-11d0-a520-00a0d10129c0} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{370a1d5d-ddeb-418c-81cd-189e0d4fa443} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{3adc7d6a-7375-44ac-9d89-6a5bd2eeb652} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{3ae86b20-7be8-11d1-abe6-00a0c905f375} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{3b4d3176-a647-47f7-aae4-03a10c567eaf} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{3c635cf1-b684-4af8-9e1c-66cf71e0e352} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{42150cd9-ca9a-4ea5-9939-30ee037f6e74} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{442b574b-bae0-4bab-ad58-e9ff77cd5663} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{46189c67-70df-45d5-928e-93a05c69799f} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{4630cf3e-90f8-491d-8dc3-cfe207bcfdad} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{472c92f0-5438-423d-9b30-fd2932ea44ee} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{48025243-2d39-11ce-875d-00608cb78066} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{489fb618-5ea6-45bc-a3bd-b7a04ab10d8e} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{4a2286e0-7bef-11ce-9bd9-0000e202599c} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{4dda1941-77a0-4fb1-a518-e2185041d70c} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{51b4abf3-748f-4e3b-a276-c828330e926a} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{5210f8e4-b0bb-47c3-a8d9-7b2282cc79ed} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{52137e9f-f1f5-43a7-b38b-47130523be38} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{559c6bad-1ea8-4963-a087-8a6810f9218b} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{58ff69ed-8388-483b-b9ac-3eb04bbeb913} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{5f5aff4a-2f7f-4279-88c2-cd88eb39d144} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{5f7c60fa-b278-47cf-b02b-7d9bc041bcda} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{60389193-97e6-4432-8efc-14942b0e5abb} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{634ec7a8-eba6-4ba4-af6c-4a8291925575} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{665b7e99-b46a-4c0d-a29d-87fbc2c5279c} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{6a08cf80-0e18-11cf-a24d-0020afd79767} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{6bc1cffa-8fc1-4261-ac22-cfb4cc38db50} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{6cfad761-735d-4aa5-8afc-af91a7d61eba} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{6dd3897e-9025-4ef7-9d66-657c1871f5b1} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{6e8d4a20-310c-11d0-b79a-00aa003767a7} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{6f26a6cd-967b-47fd-874a-7aed2c9d25a2} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{70e102b0-5556-11ce-97c0-00aa0055595a} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{70f598e9-f4ab-495a-99e2-a7c4d3d89abf} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{731920a5-5605-4543-aeaa-b7843d6adb7e} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{745057c7-f353-4f2d-a7ee-58434477730e} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{74db402b-1125-4e9c-a154-22149402aa8f} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{75c0040b-893a-4f14-9fc1-7e532be8ceae} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{781c76f5-5f6b-4f84-a987-fe6063313925} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{78766964-0000-0010-8000-00aa00389b71} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{7912c3d0-b806-459a-907a-589894ad626e} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{798059f0-89ca-4160-b325-aeb48efe4f9a} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{7a3c02bf-ecba-42bc-82f6-ea974b27e286} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{7bafb3b1-d8f4-4279-9253-27da423108de} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{7c23220e-55bb-11d3-8b16-00c04fb6bd3d} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{7e320092-596a-41b2-bbeb-175d10504eb6} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{814b9800-1c88-11d1-bad9-00609744111a} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{82d353df-90bd-4382-8bc2-3f6192b76e34} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{852c760b-a858-43aa-a766-2caf0b32c9c7} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{8596e5f0-0da5-11d0-bd21-00a0c911ce86} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{874131cb-4ecc-443b-8948-746b89595d20} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{87fc0268-9a55-4360-95aa-004a1d9de26c} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{8ccea956-1fa5-4923-9e3d-d8017bb4f329} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{91175669-4b07-442f-aa6f-2726f11dde71} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{92eca823-d7ca-43a5-8772-c44ddf2ad70c} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{98230571-0087-4204-b020-3282538e57d3} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{9b8c4620-2c1a-11d0-8493-00a02438ad48} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{9b9e3789-99c5-4d00-958a-e36821a992d1} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{a0025e90-e45b-11d1-abe9-00a0c905f375} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{a1144a01-1e2e-450e-ab30-a3fc2b76c6e4} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{a753a1ec-973e-4718-af8e-a3f554d45c44} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{a7dd2151-a645-409a-9b39-df146d710e72} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{a888df60-1e90-11cf-ac98-00aa004c0fa9} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{ac5e8a54-357a-4e28-ad0e-6041faabd3d5} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{acd453bc-c58a-44d1-bbf5-bfb325be2d78} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{ad6c8934-f31b-4f43-b5e4-0541c1452f6f} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{afb6c280-2c41-11d3-8a60-0000f81e0e4a} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{aff289a6-abf1-4d68-9a51-634bf7077cfc} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{bbeea841-0a63-4f52-a7ab-a9b3a84ed38a} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{bc8ca1b3-b013-4866-9621-825957df23f3} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{be1e92cc-8024-4173-a7ab-393ad93539bd} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{c1f400a0-3f08-11d3-9f0b-006008039e37} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{c1f400a4-3f08-11d3-9f0b-006008039e37} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{c25ea2e7-d439-4690-a5db-87bdab0c8c52} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{c666e115-bb62-4027-a113-82d643fe2d99} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{c6b400e2-20a7-4e58-a2fe-24619682ce6c} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{c74edf04-69fe-442b-abf5-0d63d314a98d} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{c750a38d-af60-4cc7-ad65-b3c97b7c4e9b} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{c9f5fe02-f851-4eb5-99ee-ad602af1e619} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{cba9e78b-49a3-49ea-93d4-6bcba8c4de07} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{cc58e280-8aa1-11d1-b3f1-00aa003761c5} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{cc5f52b7-e5cb-4e89-8a46-ac1aab4cd42f} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{cd8743a1-3736-11d0-9e69-00c04fd7c15b} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{cf49d4e0-1115-11ce-b03a-0020af0ba770} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{cfdf0701-af0f-4ef5-93c3-f7afbc55ea65} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{d145bf00-4389-49e9-b3a0-4178719550cd} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{d23b90d0-144f-46bd-841d-59e4eb19dc59} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{d3588ab0-0781-11ce-b03a-0020af0ba770} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{d42d5fcc-ab16-4318-aa95-edfefc514aaf} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{d51bd5a1-7548-11cf-a520-0080c77ef58a} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{d51bd5a2-7548-11cf-a520-0080c77ef58a} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{d51bd5a3-7548-11cf-a520-0080c77ef58a} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{d51bd5a5-7548-11cf-a520-0080c77ef58a} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{d9dc3c81-a1b5-45bb-9cf2-939cb1339ae8} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{dafd8210-5711-4b91-9fe3-f75b7ae279bf} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{df14d9e3-c9e7-457f-b2ef-d9003e6ab914} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{e0adbfa5-ab0a-4389-b5e4-096654dcbd78} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{e1f1a0b8-beee-490d-ba7c-066c40b5e2b9} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{e2510970-f137-11ce-8b67-00aa00a3f1a6} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{e4206432-01a1-4bee-b3e1-3702c8edc574} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{e436ebb5-524f-11ce-9f53-0020af0ba770} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{e436ebb6-524f-11ce-9f53-0020af0ba770} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{e55a0b49-2f73-44d4-ad66-48966ded31ba} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{e6357b8f-2df3-4cd2-a6b4-896f7cabb3fd} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{e882f102-f626-49e9-bd68-ce2be7e59ea0} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{e882f102-f626-49e9-bd68-ce2be7e59eb0} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{e882f102-f626-49e9-bd68-ce2be7e59ec0} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{ec15a6d1-7898-4702-a161-c2c16b9c408e} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{ef011f79-4000-406d-87af-bffb3fc39d57} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{ef114c90-cd1d-484e-96e5-09cfaf912a21} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{ef3e932c-d40b-4f51-8ccf-3f98f1b29d5d} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{ef985e71-d5c7-42d4-ba4d-2d073e2e96f4} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{efca3d92-dfd8-4672-a603-7420894bad98} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{efe6629c-81f7-4281-bd91-c9d604a95af6} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{f371728a-6052-4d47-827c-d039335dfe0a} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{f447b69e-1884-4a7e-8055-346f74d6edb3} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{f7ffe0a0-a4f5-44b5-949e-15ed2bc66f9d} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{f8388a40-d5bb-11d0-be5a-0080c706568e} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{f84c5576-5e02-4621-b804-1fbde4d66d61} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{f892413f-8c51-4a84-9f39-91133e328e0a} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{fa10746c-9b63-4b6c-bc49-fc300ea5f256} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{fb2f2791-fa5d-46ac-9941-fdd00bb98c30} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{fbd1f53d-14a4-46ae-b08d-ff61c50dd8ba} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{fc772ab0-0c7f-11d3-8ff2-00a0c9224cf4} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{feb50740-7bef-11ce-9bd9-0000e202599c} (Trojan.FakeAlert) -> No action taken.
HKEY_CURRENT_USER\Software\Desktop Security 2010 (Rogue.DesktopSecurity2010) -> No action taken.
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\Desktop Security 2010 (Rogue.DesktopSecurity2010) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\fcn (Rogue.Residue) -> No action taken.

Valeur(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\studiodecorad3d (Rogue.DesktopSecurity2010) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\2jplw3uwv8oj (Trojan.FakeAlert) -> No action taken.

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
C:\Recycle\X-5-4-27-2345678318-4567890223-4234567884-2341 (Worm.AutoRun) -> No action taken.
C:\Users\Matthieu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Desktop Security 2010 (Rogue.DesktopSecurity2010) -> No action taken.
C:\Program Files\Winsudate (Adware.Gibmedia) -> No action taken.
C:\Users\Matthieu\AppData\Roaming\Desktop Security 2010 (Rogue.DesktopSecurity2010) -> No action taken.

Fichier(s) infecté(s):
C:\Users\Matthieu\Local Settings\Application Data\koyoqmy_navps.dat (Adware.Navipromo.H) -> No action taken.
C:\Users\Matthieu\Local Settings\Application Data\koyoqmy_nav.dat (Adware.Navipromo.H) -> No action taken.
C:\Users\Matthieu\Local Settings\Application Data\koyoqmy.dat (Adware.Navipromo.H) -> No action taken.
c:\Users\Matthieu\AppData\LocalLow\Sun\Java\deployment\cache\6.0\15\58fb3e0f-3010df84-n\studiodecorad3d.exe (Rogue.DesktopSecurity2010) -> No action taken.
C:\Users\Matthieu\AppData\Local\Temp\202B.tmp (Trojan.FakeAlert) -> No action taken.
C:\Users\Matthieu\AppData\Local\Temp\m.2145A.tmp.exe (Rogue.DesktopSecurity2010) -> No action taken.
C:\Users\Matthieu\downloads\Everest Poker.exe (PUP.Casino) -> No action taken.
C:\Recycle\X-5-4-27-2345678318-4567890223-4234567884-2341\Desktop.ini (Worm.AutoRun) -> No action taken.
C:\Users\Matthieu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Desktop Security 2010\Activate Desktop Security 2010.lnk (Rogue.DesktopSecurity2010) -> No action taken.
C:\Users\Matthieu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Desktop Security 2010\Desktop Security 2010.lnk (Rogue.DesktopSecurity2010) -> No action taken.
C:\Users\Matthieu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Desktop Security 2010\Help Desktop Security 2010.lnk (Rogue.DesktopSecurity2010) -> No action taken.
C:\Users\Matthieu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Desktop Security 2010\How to Activate Desktop Security 2010.lnk (Rogue.DesktopSecurity2010) -> No action taken.
C:\Users\Matthieu\AppData\Roaming\Desktop Security 2010\mfc71.dll (Rogue.DesktopSecurity2010) -> No action taken.
C:\Users\Matthieu\AppData\Roaming\Desktop Security 2010\MFC71ENU.DLL (Rogue.DesktopSecurity2010) -> No action taken.
C:\Users\Matthieu\AppData\Roaming\Desktop Security 2010\msvcp71.dll (Rogue.DesktopSecurity2010) -> No action taken.
C:\Users\Matthieu\AppData\Roaming\Desktop Security 2010\msvcr71.dll (Rogue.DesktopSecurity2010) -> No action taken.
C:\Users\Matthieu\AppData\Roaming\Desktop Security 2010\securityhelper.exe (Rogue.DesktopSecurity2010) -> No action taken.
C:\Users\Matthieu\AppData\Roaming\Desktop Security 2010\taskmgr.dll (Rogue.DesktopSecurity2010) -> No action taken.
C:\Users\Matthieu\AppData\Local\Temp\m.2E041.tmp.exe (Trojan.FakeAlert) -> No action taken.
C:\Users\Matthieu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Desktop Security 2010.LNK (Rogue.DesktopSecurity2010) -> No action taken.
C:\Users\Matthieu\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Desktop Security 2010.LNK (Rogue.DesktopSecurity2010) -> No action taken.
C:\Users\Matthieu\AppData\Local\Temp\wrfwe_di.exe (Trojan.Downloader) -> No action taken.
C:\Users\Matthieu\AppData\Local\Temp\test.exe (Trojan.Agent) -> No action taken.


voila pour moi cela ne signifie rien du tout...
merci de m'aider!

[bernard53]

Bonjour matthieu77

supprimes tout ce que as trouver MalwaresBytes puis fait ceci.

* Télécharge >> OTL <<sur ton bureau.

* Fait un double-clic sur l'icône d'OTL pour le lancer
/!\ pour Vista/Seven fais un clic-droit sur l'icône d'OTL et choisis "Exécuter en tant qu'administrateur"

* Assure-toi d'avoir fermé toutes les applications en court de fonctionnement.

* Quand la fenêtre d'OTL apparaît, assure toi que dans la section "Rapport" (en haut à droite) la case "Rapport minimal " soit cochée.

* Copies et colles le contenue de cette citation dans la partie inférieure d'OTL " Personnalisation"

netsvcs
%SYSTEMDRIVE%\*.exe
/md5start
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
sceclt.dll
ntelogon.dll
logevent.dll
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
vstor32.sys
ahcix86s.sys
nvrd32.sys
/md5stop
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles

* Cliques sur l'icône "Analyse" (en haut à gauche) .
* Laisse le scan aller à son terme sans te servir du PC
* A la fin du scan un ou deux rapports vont s'ouvrir "OTL.Txt" et ( ou ) "Extras.Txt"( dans certains cas).
* Copie et colle le ou les rapports dans ta réponse stp...
* Au cas où, tu peux les retrouver dans le dossier C:\OTL ou sur ton bureau en fonction des cas rencontrés

[EinsteinZero]

Salut, matthieu77

je vois que Malwarebyte's a fait "bonne pêche" et qu'il était temps d'intervenir

je te laisse en bonnes mains Salut bernard

[bernard53]

bonsoir EinsteinZero.

Malwarebyte's est toujours la quand il faut

[matthieu77]

bonjour,
merci de vous occuper de moi!

voila le scan efectué:

Code: Tout sélectionner

OTL logfile created on: 08/05/2010 11:47:03 - Run 1
OTL by OldTimer - Version 3.2.4.1     Folder = C:\Users\Matthieu\Desktop
Windows Vista Home Premium Edition  (Version = 6.0.6000) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6000.17037)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy
 
2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 45,00% Memory free
4,00 Gb Paging File | 2,00 Gb Available in Paging File | 60,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 103,78 Gb Total Space | 18,01 Gb Free Space | 17,35% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
 
Computer Name: PC-DE-MATTHIEU
Current User Name: Matthieu
Logged in as Administrator.
 
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
 
[color=#E56717]========== Processes (SafeList) ==========[/color]
 
PRC - C:\Users\Matthieu\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\Enigma Software Group\SpyHunter\Spyhunter4.exe (Enigma Software Group USA, LLC.)
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\PROGRA~1\ENIGMA~1\SPYHUN~1\SH4SER~1.EXE (Enigma Software Group USA, LLC.)
PRC - C:\Program Files\Spyware Doctor\pctsSvc.exe (PC Tools)
PRC - C:\Program Files\Spyware Doctor\pctsAuxs.exe (PC Tools)
PRC - C:\Program Files\Spyware Doctor\pctsTray.exe (PC Tools)
PRC - C:\Program Files\Spyware Doctor\BDT\BDTUpdateService.exe (Threat Expert Ltd.)
PRC - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe (Google)
PRC - C:\Program Files\AxBx\VirusKeeper 2010 Pro Evaluation\vk_service.exe (AxBx)
PRC - C:\Program Files\Neuf\Kit\9props.exe (SFR)
PRC - C:\Windows\System32\TUProgSt.exe (TuneUp Software)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\AxBx\VirusKeeper 2010 Pro Evaluation\vk_watchop.exe (AxBx)
PRC - C:\Program Files\Sony\Content Transfer\ContentTransferWMDetector.exe (Sony Corporation)
PRC - C:\Program Files\Veoh Networks\Veoh\VeohClient.exe (Veoh Networks)
PRC - C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
PRC - C:\Windows\System32\spool\drivers\w32x86\3\E_FATIEGE.EXE (SEIKO EPSON CORPORATION)
PRC - C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
PRC - C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe (Packard Bell BV)
PRC - C:\Program Files\ATK Hotkey\Hcontrol.exe ()
PRC - C:\Program Files\ATK Hotkey\WDC.exe ()
PRC - C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe (Nokia)
PRC - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe (Nokia.)
PRC - C:\Program Files\ATK Hotkey\ATKOSD.exe ()
PRC - C:\Program Files\Picasa2\PicasaMediaDetector.exe (Google Inc.)
PRC - C:\Program Files\ATK Hotkey\ASLDRSrv.exe ()
PRC - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe (Sonic Solutions)
PRC - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe (Sonic Solutions)
PRC - C:\Program Files\Common Files\Symantec Shared\ccApp.exe (Symantec Corporation)
PRC - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (Symantec Corporation)
PRC - c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe (Logitech Inc.)
PRC - C:\Program Files\Common Files\Logitech\LComMgr\LVComSX.exe (Logitech Inc.)
PRC - C:\Program Files\Logitech\QuickCam10\QuickCam10.exe ()
PRC - C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe (Logitech Inc.)
PRC - C:\Windows\System32\wpcumi.exe (Microsoft Corporation)
PRC - C:\Windows\System32\wercon.exe (Microsoft Corporation)
PRC - C:\Program Files\Common Files\Logitech\LComMgr\Communications_Helper.exe (Logitech Inc.)
 
 
[color=#E56717]========== Modules (SafeList) ==========[/color]
 
MOD - C:\Users\Matthieu\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\Program Files\Spyware Doctor\smum32.dll (PC Tools)
MOD - C:\Program Files\Spyware Doctor\pctgmhk.dll (PC Tools)
MOD - C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcInj.dll (Logitech Inc.)
MOD - C:\Windows\System32\msscript.ocx (Microsoft Corporation)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll (Microsoft Corporation)
 
 
[color=#E56717]========== Win32 Services (SafeList) ==========[/color]
 
SRV - (SpyHunter 4 Service) -- C:\PROGRA~1\ENIGMA~1\SPYHUN~1\SH4SER~1.EXE (Enigma Software Group USA, LLC.)
SRV - (sdCoreService) -- C:\Program Files\Spyware Doctor\pctsSvc.exe (PC Tools)
SRV - (sdAuxService) -- C:\Program Files\Spyware Doctor\pctsAuxs.exe (PC Tools)
SRV - (Browser Defender Update Service) -- C:\Program Files\Spyware Doctor\BDT\BDTUpdateService.exe (Threat Expert Ltd.)
SRV - (GoogleDesktopManager-110309-193829) -- C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe (Google)
SRV - (vkservice) -- C:\Program Files\AxBx\VirusKeeper 2010 Pro Evaluation\vk_service.exe (AxBx)
SRV - (TuneUp.ProgramStatisticsSvc) -- C:\Windows\System32\TUProgSt.exe (TuneUp Software)
SRV - (TuneUp.Defrag) -- C:\Windows\System32\TuneUpDefragService.exe (TuneUp Software)
SRV - (UxTuneUp) -- C:\Windows\System32\uxtuneup.dll (TuneUp Software)
SRV - (Symantec Core LC) -- C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe ()
SRV - (WinDefend) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SRV - (LiveUpdate Notice Service) -- C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe (Symantec Corporation)
SRV - (LiveUpdate) -- C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE (Symantec Corporation)
SRV - (ServiceLayer) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe (Nokia.)
SRV - (ASLDRService) -- C:\Program Files\ATK Hotkey\ASLDRSrv.exe ()
SRV - (comHost) -- C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe (Symantec Corporation)
SRV - (LiveUpdate Notice Ex) -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (Symantec Corporation)
SRV - (CLTNetCnService) -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (Symantec Corporation)
SRV - (ccSetMgr) -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (Symantec Corporation)
SRV - (ccEvtMgr) -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (Symantec Corporation)
SRV - (LVSrvLauncher) -- C:\Program Files\Common Files\Logitech\SrvLnch\SrvLnch.exe (Logitech Inc.)
SRV - (LVPrcSrv) -- c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe (Logitech Inc.)
 
 
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
 
DRV - (PCTCore) -- C:\Windows\system32\drivers\PCTCore.sys (PC Tools)
DRV - (NAVEX15) -- C:\ProgramData\Symantec\Definitions\VirusDefs\20080821.017\NAVEX15.SYS (Symantec Corporation)
DRV - (NAVENG) -- C:\ProgramData\Symantec\Definitions\VirusDefs\20080821.017\NAVENG.SYS (Symantec Corporation)
DRV - (eeCtrl) -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys (Symantec Corporation)
DRV - (SymEvent) -- C:\Windows\System32\drivers\SYMEVENT.SYS (Symantec Corporation)
DRV - (IDSvix86) -- C:\ProgramData\Symantec\Definitions\SymcData\idsdefs\20080813.002\IDSvix86.sys (Symantec Corporation)
DRV - (viaide) -- C:\Windows\system32\drivers\viaide.sys (VIA Technologies, Inc.)
DRV - (cmdide) -- C:\Windows\system32\drivers\cmdide.sys (CMD Technology, Inc.)
DRV - (aliide) -- C:\Windows\system32\drivers\aliide.sys (Acer Laboratories Inc.)
DRV - (SRTSPL) -- C:\Windows\System32\drivers\srtspl.sys (Symantec Corporation)
DRV - (SRTSP) -- C:\Windows\System32\drivers\srtsp.sys (Symantec Corporation)
DRV - (SRTSPX) -- C:\Windows\System32\drivers\srtspx.sys (Symantec Corporation)
DRV - (SiS6350) -- C:\Windows\System32\drivers\SISGRKMD.sys (Silicon Integrated Systems Corporation)
DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\Windows\System32\drivers\RTKVHDA.sys (Realtek Semiconductor Corp.)
DRV - (athr) -- C:\Windows\System32\drivers\athr.sys (Atheros Communications, Inc.)
DRV - (SiSGbeLH) -- C:\Windows\System32\drivers\SiSGB6.sys (Silicon Integrated Systems Corp.)
DRV - (SPBBCDrv) -- C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys (Symantec Corporation)
DRV - (SynTP) -- C:\Windows\System32\drivers\SynTP.sys (Synaptics, Inc.)
DRV - (nmwcd) -- C:\Windows\System32\drivers\nmwcd.sys (Nokia)
DRV - (nmwcdcm) -- C:\Windows\System32\drivers\nmwcdcm.sys (Nokia)
DRV - (nmwcdcj) -- C:\Windows\System32\drivers\nmwcdcj.sys (Nokia)
DRV - (nmwcdc) -- C:\Windows\System32\drivers\nmwcdc.sys (Nokia)
DRV - (SISAGP) -- C:\Windows\system32\DRIVERS\SISAGPX.sys (Silicon Integrated Systems Corporation)
DRV - (SYMTDI) -- C:\Windows\System32\Drivers\SYMTDI.SYS (Symantec Corporation)
DRV - (SYMFW) -- C:\Windows\System32\Drivers\SYMFW.SYS (Symantec Corporation)
DRV - (SYMIDS) -- C:\Windows\System32\Drivers\SYMIDS.SYS (Symantec Corporation)
DRV - (SYMNDISV) -- C:\Windows\System32\Drivers\SYMNDISV.SYS (Symantec Corporation)
DRV - (SYMREDRV) -- C:\Windows\System32\Drivers\SYMREDRV.SYS (Symantec Corporation)
DRV - (SYMDNS) -- C:\Windows\System32\Drivers\SYMDNS.SYS (Symantec Corporation)
DRV - (MTsensor) -- C:\Windows\System32\drivers\ATKACPI.sys (ATK0100)
DRV - (LVPr2Mon) -- C:\Windows\System32\drivers\LVPr2Mon.sys ()
DRV - (LVMVDrv) -- C:\Windows\System32\drivers\LVMVdrv.sys (Logitech Inc.)
DRV - (LVcKap) -- C:\Windows\System32\drivers\Lvckap.sys ()
DRV - (LVUSBSta) -- C:\Windows\System32\drivers\LVUSBSta.sys (Logitech Inc.)
DRV - (PID_PEPI) Logitech QuickCam IM(PID_PEPI) -- C:\Windows\System32\drivers\LV302V32.SYS (Logitech Inc.)
DRV - (pepifilter) -- C:\Windows\System32\drivers\lv302af.sys (Logitech Inc.)
DRV - (ql2300) -- C:\Windows\system32\drivers\ql2300.sys (QLogic Corporation)
DRV - (adp94xx) -- C:\Windows\system32\drivers\adp94xx.sys (Adaptec, Inc.)
DRV - (elxstor) -- C:\Windows\system32\drivers\elxstor.sys (Emulex)
DRV - (adpahci) -- C:\Windows\system32\drivers\adpahci.sys (Adaptec, Inc.)
DRV - (uliahci) -- C:\Windows\system32\drivers\uliahci.sys (ULi Electronics Inc.)
DRV - (iaStorV) -- C:\Windows\system32\drivers\iastorv.sys (Intel Corporation)
DRV - (adpu320) -- C:\Windows\system32\drivers\adpu320.sys (Adaptec, Inc.)
DRV - (ulsata2) -- C:\Windows\system32\drivers\ulsata2.sys (Promise Technology, Inc.)
DRV - (vsmraid) -- C:\Windows\system32\drivers\vsmraid.sys (VIA Technologies Inc.,Ltd)
DRV - (ql40xx) -- C:\Windows\system32\drivers\ql40xx.sys (QLogic Corporation)
DRV - (UlSata) -- C:\Windows\system32\drivers\ulsata.sys (Promise Technology, Inc.)
DRV - (adpu160m) -- C:\Windows\system32\drivers\adpu160m.sys (Adaptec, Inc.)
DRV - (nvraid) -- C:\Windows\system32\drivers\nvraid.sys (NVIDIA Corporation)
DRV - (nfrd960) -- C:\Windows\system32\drivers\nfrd960.sys (IBM Corporation)
DRV - (iirsp) -- C:\Windows\system32\drivers\iirsp.sys (Intel Corp./ICP vortex GmbH)
DRV - (SiSRaid4) -- C:\Windows\system32\drivers\sisraid4.sys (Silicon Integrated Systems)
DRV - (nvstor) -- C:\Windows\system32\drivers\nvstor.sys (NVIDIA Corporation)
DRV - (aic78xx) -- C:\Windows\system32\drivers\djsvs.sys (Adaptec, Inc.)
DRV - (arcsas) -- C:\Windows\system32\drivers\arcsas.sys (Adaptec, Inc.)
DRV - (LSI_SCSI) -- C:\Windows\system32\drivers\lsi_scsi.sys (LSI Logic)
DRV - (SiSRaid2) -- C:\Windows\system32\drivers\sisraid2.sys (Silicon Integrated Systems Corp.)
DRV - (HpCISSs) -- C:\Windows\system32\drivers\hpcisss.sys (Hewlett-Packard Company)
DRV - (arc) -- C:\Windows\system32\drivers\arc.sys (Adaptec, Inc.)
DRV - (iteraid) -- C:\Windows\system32\drivers\iteraid.sys (Integrated Technology Express, Inc.)
DRV - (iteatapi) -- C:\Windows\system32\drivers\iteatapi.sys (Integrated Technology Express, Inc.)
DRV - (LSI_SAS) -- C:\Windows\system32\drivers\lsi_sas.sys (LSI Logic)
DRV - (Symc8xx) -- C:\Windows\system32\drivers\symc8xx.sys (LSI Logic)
DRV - (LSI_FC) -- C:\Windows\system32\drivers\lsi_fc.sys (LSI Logic)
DRV - (Sym_u3) -- C:\Windows\system32\drivers\sym_u3.sys (LSI Logic)
DRV - (Mraid35x) -- C:\Windows\system32\drivers\mraid35x.sys (LSI Logic Corporation)
DRV - (Sym_hi) -- C:\Windows\system32\drivers\sym_hi.sys (LSI Logic)
DRV - (megasas) -- C:\Windows\system32\drivers\megasas.sys (LSI Logic Corporation)
DRV - (usbaudio) Pilote USB audio (WDM) -- C:\Windows\System32\drivers\USBAUDIO.sys (Microsoft Corporation)
DRV - (Brserid) Brother MFC Serial Port Interface Driver (WDM) -- C:\Windows\system32\drivers\brserid.sys (Brother Industries Ltd.)
DRV - (BrUsbSer) -- C:\Windows\system32\drivers\brusbser.sys (Brother Industries Ltd.)
DRV - (BrFiltUp) -- C:\Windows\system32\drivers\brfiltup.sys (Brother Industries, Ltd.)
DRV - (BrFiltLo) -- C:\Windows\system32\drivers\brfiltlo.sys (Brother Industries, Ltd.)
DRV - (BrSerWdm) -- C:\Windows\system32\drivers\brserwdm.sys (Brother Industries Ltd.)
DRV - (BrUsbMdm) -- C:\Windows\system32\drivers\brusbmdm.sys (Brother Industries Ltd.)
DRV - (ntrigdigi) -- C:\Windows\system32\drivers\ntrigdigi.sys (N-trig Innovative Technologies)
DRV - (E1G60) Intel(R) -- C:\Windows\System32\drivers\E1G60I32.sys (Intel Corporation)
 
 
[color=#E56717]========== Standard Registry (All) ==========[/color]
 
 
[color=#E56717]========== Internet Explorer ==========[/color]
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://format.packardbell.com/cgi-bin/redirect/?country=FR&range=AD&phase=8&key=IESTART
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL =  [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://format.packardbell.com/cgi-bin/redirect/?country=FR&range=AD&phase=8&key=IESTART
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://home.microsoft.com/access/allinone.asp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll (Crawler.com)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
[color=#E56717]========== FireFox ==========[/color]
 
FF - prefs.js..browser.startup.homepage: "http://www.wibeez.com/france"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}:6.0.13
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}:6.0.15
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}:6.0.17
FF - prefs.js..extensions.enabledItems: {20a82645-c095-46ed-80e3-08825760534b}:1.1
FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:2.1.3.20100310105313
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.3
FF - prefs.js..keyword.URL: "http://www.wibeez.com/france?search&q="
 
 
FF - HKLM\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2009/09/15 07:22:26 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/04/04 17:53:42 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/05/04 22:26:27 | 000,000,000 | ---D | M]
 
[2009/04/02 10:12:59 | 000,000,000 | ---D | M] -- C:\Users\Matthieu\AppData\Roaming\mozilla\Extensions
[2009/04/02 10:12:59 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Matthieu\AppData\Roaming\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2010/05/07 08:06:33 | 000,000,000 | ---D | M] -- C:\Users\Matthieu\AppData\Roaming\mozilla\Firefox\Profiles\fejt7etb.default\extensions
[2009/09/15 09:33:55 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Matthieu\AppData\Roaming\mozilla\Firefox\Profiles\fejt7etb.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/03/19 13:25:49 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Users\Matthieu\AppData\Roaming\mozilla\Firefox\Profiles\fejt7etb.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2009/11/20 16:51:29 | 000,003,709 | ---- | M] () -- C:\Users\Matthieu\AppData\Roaming\Mozilla\FireFox\Profiles\fejt7etb.default\searchplugins\Wibeez.xml
[2010/05/05 18:10:55 | 000,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions
[2008/03/14 11:23:58 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Program Files\mozilla firefox\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2010/04/04 17:53:42 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2009/05/18 14:19:22 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}
[2009/09/24 08:34:14 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}
[2009/12/13 22:12:38 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
[2010/04/04 17:53:38 | 000,023,000 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browserdirprovider.dll
[2010/04/04 17:53:38 | 000,138,712 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\brwsrcmp.dll
[2009/12/06 13:26:26 | 000,119,808 | ---- | M] (Google) -- C:\Program Files\mozilla firefox\components\GoogleDesktopMozilla.dll
[2007/04/10 17:21:08 | 000,163,256 | ---- | M] (Microsoft Corporation) -- C:\Program Files\mozilla firefox\plugins\np-mswmp.dll
[2009/10/11 05:17:27 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeploytk.dll
[2008/06/11 02:03:38 | 000,098,304 | ---- | M] (DivX, Inc) -- C:\Program Files\mozilla firefox\plugins\npDivxPlayerPlugin.dll
[2010/04/04 17:53:41 | 000,064,984 | ---- | M] (mozilla.org) -- C:\Program Files\mozilla firefox\plugins\npnul32.dll
[2006/10/26 21:12:16 | 000,016,192 | ---- | M] (Microsoft Corporation) -- C:\Program Files\mozilla firefox\plugins\NPOFF12.DLL
[2007/05/10 22:52:34 | 000,095,864 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\mozilla firefox\plugins\nppdf32.dll
[2010/03/19 23:50:59 | 000,001,516 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazon-france.xml
[2010/03/19 23:51:00 | 000,001,822 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\cnrtl-tlfi-fr.xml
[2010/03/19 23:51:00 | 000,000,757 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-france.xml
[2010/03/19 23:51:00 | 000,002,371 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\google.xml
[2009/12/06 13:26:32 | 000,002,020 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\googledesktop.xml
[2009/09/23 07:02:26 | 000,000,748 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\MediaDICO-fr.xml
[2010/03/19 23:51:00 | 000,001,426 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-fr.xml
[2010/03/24 15:18:45 | 000,000,956 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-france.xml
 
O1 HOSTS File: ([2010/05/08 11:24:02 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1             localhost
O2 - BHO: (Aide pour le lien d'Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: () - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll (Crawler.com)
O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.5\NppBho.dll (Symantec Corporation)
O2 - BHO: (PC Tools Browser Guard BHO) - {2A0F3D1B-0909-4FF4-B272-609CCE6054E7} - C:\Program Files\Spyware Doctor\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Programme d'aide de l'Assistant de connexion Windows Live) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (IeMonitorBho Class) - {bf00e119-21a3-4fd1-b178-3b8537e75c92} - C:\Program Files\Megaupload\Mega Manager\MegaIEMn.dll (Megaupload Limited)
O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Google\Google_BAE\BAE.dll (Packard Bell)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (HP Smart BHO Class) - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
O3 - HKLM\..\Toolbar: (PC Tools Browser Guard) - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files\Spyware Doctor\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
O3 - HKLM\..\Toolbar: (Barre d'outils &Crawler) - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll (Crawler.com)
O3 - HKLM\..\Toolbar: (Afficher Norton Toolbar) - {90222687-F593-4738-B738-FBEE9C7B26DF} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.5\UIBHO.dll (Symantec Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (PC Tools Browser Guard) - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files\Spyware Doctor\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (Barre d'outils &Crawler) - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll (Crawler.com)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [ccApp] C:\Program Files\Common Files\Symantec Shared\ccApp.exe (Symantec Corporation)
O4 - HKLM..\Run: [ContentTransferWMDetector.exe] C:\Program Files\Sony\Content Transfer\ContentTransferWMDetector.exe (Sony Corporation)
O4 - HKLM..\Run: [Google Desktop Search] C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe (Google)
O4 - HKLM..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe (Hewlett-Packard)
O4 - HKLM..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe (Hewlett-Packard)
O4 - HKLM..\Run: [ISTray] C:\Program Files\Spyware Doctor\pctsTray.exe (PC Tools)
O4 - HKLM..\Run: [LogitechCommunicationsManager] C:\Program Files\Common Files\Logitech\LComMgr\Communications_Helper.exe (Logitech Inc.)
O4 - HKLM..\Run: [LogitechQuickCamRibbon] C:\Program Files\Logitech\QuickCam10\QuickCam10.exe ()
O4 - HKLM..\Run: [LVCOMSX] C:\Program Files\Common Files\Logitech\LComMgr\LVComSX.exe (Logitech Inc.)
O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe (Nokia)
O4 - HKLM..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe (Google Inc.)
O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\QuickTime\QTTask.exe (Apple Inc.)
O4 - HKLM..\Run: [RoxWatchTray] C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe (Sonic Solutions)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [Skytel] C:\Windows\SkyTel.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [Symantec PIF AlertEng] C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe (Symantec Corporation)
O4 - HKLM..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics, Inc.)
O4 - HKLM..\Run: [toolbar_eula_launcher] C:\Program Files\Packard Bell\GOOGLE_EULA\EULALauncher.exe ( )
O4 - HKLM..\Run: [VirusKeeper] C:\Program Files\AxBx\VirusKeeper 2010 Pro Evaluation\VirusKeeper.exe (AxBx)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [WPCUMI] C:\Windows\System32\wpcumi.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Connexion SFR 9props.exe] C:\Program Files\Neuf\Kit\9props.exe (SFR)
O4 - HKCU..\Run: [ehTray.exe] C:\Windows\ehome\ehtray.exe (Microsoft Corporation)
O4 - HKCU..\Run: [EPSON Stylus SX400 Series] C:\Windows\System32\spool\DRIVERS\W32X86\3\E_FATIEGE.EXE (SEIKO EPSON CORPORATION)
O4 - HKCU..\Run: [MsnMsgr] C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe (Microsoft Corporation)
O4 - HKCU..\Run: [SmpcSys] C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe (Packard Bell BV)
O4 - HKCU..\Run: [Veoh] C:\Program Files\Veoh Networks\Veoh\VeohClient.exe (Veoh Networks)
O4 - HKCU..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
O9 - Extra Button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: HP Smart Select - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\System32\nlaapi.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\System32\winrnr.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\System32\NapiNSP.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\System32\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\System32\pnrpnsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000022 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000023 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000024 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000025 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000026 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000027 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: localhost ([]http in Local intranet)
O15 - HKCU\..Trusted Ranges: GD ([http] in Local intranet)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\System32\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\System32\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\PROGRA~1\COMMON~1\MICROS~1\WEBCOM~1\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\PROGRA~1\COMMON~1\MICROS~1\WEBCOM~1\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Handler\tbr {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll (Crawler.com)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\System32\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL) - C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL (Google)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\SYSTEM32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (rundll32 shell32) - C:\Windows\System32\shell32.dll (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") - C:\Windows\System32\sysdm.cpl (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\System32\webcheck.dll (Microsoft Corporation)
O22 - SharedTaskScheduler: {8C7461EF-2B13-11d2-BE35-3078302C2030} - Component Categories cache daemon - C:\Windows\System32\browseui.dll (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Matthieu\AppData\Roaming\Microsoft\Windows Photo Gallery\Papier peint de la Galerie de photos Windows.jpg
O24 - Desktop BackupWallPaper: C:\Users\Matthieu\AppData\Roaming\Microsoft\Windows Photo Gallery\Papier peint de la Galerie de photos Windows.jpg
O29 - HKLM SecurityProviders - (credssp.dll) - C:\Windows\System32\credssp.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\Windows\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\Windows\System32\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\Windows\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\Windows\System32\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\Windows\System32\wdigest.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (tspkg) - C:\Windows\System32\tspkg.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{129afd66-7ecd-11de-aac4-001fc61e492e}\Shell\Auto\command - "" = AdobeR.exe e
O33 - MountPoints2\{129afd66-7ecd-11de-aac4-001fc61e492e}\Shell\AutoRun\command - "" = C:\Windows\System32\shell32.dll -- [2008/11/06 14:57:06 | 011,315,712 | ---- | M] (Microsoft Corporation)
O33 - MountPoints2\{13737cee-e729-11de-9240-001fc61e492e}\Shell\Auto\command - "" = Start.exe
O33 - MountPoints2\{13737cee-e729-11de-9240-001fc61e492e}\Shell\AutoRun\command - "" = C:\Windows\System32\shell32.dll -- [2008/11/06 14:57:06 | 011,315,712 | ---- | M] (Microsoft Corporation)
O33 - MountPoints2\{9fad337e-8294-11de-9166-001fc61e492e}\Shell\AutoRun\command - "" = E:\EmDesk.exe -- File not found
O33 - MountPoints2\{9fad337e-8294-11de-9166-001fc61e492e}\Shell\EmDesk\command - "" = E:\EmDesk.exe -- File not found
O33 - MountPoints2\{ad8847ed-726e-11de-b943-001fc61e492e}\Shell\AutoRun\command - "" = E:\Recycle\X-5-4-27-2345678318-4567890223-4234567884-2341\Bcuzz.exe -- File not found
O33 - MountPoints2\{ad8847ed-726e-11de-b943-001fc61e492e}\Shell\open\command - "" = E:\Recycle\X-5-4-27-2345678318-4567890223-4234567884-2341\Bcuzz.exe -- File not found
O33 - MountPoints2\{d6f96dd3-cb9e-11dd-8188-001fc61e492e}\Shell\AutoRun\command - "" = WDSetup.exe
O33 - MountPoints2\{e35d9523-dbca-11dd-8430-001fc61e492e}\Shell\AutoRun\command - "" = C:\Windows\System32\shell32.dll -- [2008/11/06 14:57:06 | 011,315,712 | ---- | M] (Microsoft Corporation)
O33 - MountPoints2\{fafed668-fe73-11de-a6c4-001fc61e492e}\Shell\AutoRun\command - "" = C:\Windows\System32\shell32.dll -- [2008/11/06 14:57:06 | 011,315,712 | ---- | M] (Microsoft Corporation)
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
 
[2010/05/08 11:13:24 | 002,455,386 | -H-- | C] () -- C:\Users\Matthieu\AppData\Local\IconCache.db
[2010/05/08 10:46:31 | 000,570,880 | ---- | C] (OldTimer Tools) -- C:\Users\Matthieu\Desktop\OTL.exe
[2010/05/07 00:42:56 | 000,000,000 | ---D | C] -- C:\Users\Matthieu\AppData\Roaming\Malwarebytes
[2010/05/07 00:42:40 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010/05/07 00:42:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010/05/07 00:42:37 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2010/05/07 00:42:37 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010/05/04 22:05:30 | 000,149,456 | ---- | C] (PC Tools) -- C:\Windows\SGDetectionTool.dll
[2010/05/04 22:05:29 | 001,652,688 | ---- | C] (Threat Expert Ltd.) -- C:\Windows\PCTBDCore.dll
[2010/05/04 22:05:29 | 000,165,840 | ---- | C] (Threat Expert Ltd.) -- C:\Windows\PCTBDRes.dll
[2010/05/04 22:02:17 | 000,233,136 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\pctgntdi.sys
[2010/05/04 22:02:17 | 000,100,136 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\pctwfpfilter.sys
[2010/05/04 22:02:02 | 000,218,592 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\PCTCore.sys
[2010/05/04 22:02:02 | 000,088,040 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\PCTAppEvent.sys
[2010/05/04 22:01:54 | 000,063,360 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\pctplsg.sys
[2010/05/04 22:01:42 | 000,000,000 | ---D | C] -- C:\Program Files\Spyware Doctor
[2010/05/04 22:01:42 | 000,000,000 | ---D | C] -- C:\Users\Matthieu\AppData\Roaming\PC Tools
[2010/05/04 22:01:42 | 000,000,000 | ---D | C] -- C:\ProgramData\PC Tools
[2010/05/04 22:01:42 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\PC Tools
[2010/05/04 21:33:31 | 000,000,000 | ---D | C] -- C:\sh4ldr
[2010/05/04 21:33:31 | 000,000,000 | ---D | C] -- C:\Program Files\Enigma Software Group
[2010/05/04 21:32:25 | 000,000,000 | ---D | C] -- C:\Windows\61D3AAE1D5214CD7939B37813DE8F955.TMP
[2010/05/04 21:32:21 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Wise Installation Wizard
[2010/04/25 18:40:38 | 000,000,000 | ---D | C] -- C:\Users\Matthieu\AppData\Roaming\dvdcss
[2010/04/25 17:03:04 | 000,000,000 | ---D | C] -- C:\Users\Matthieu\AppData\Roaming\vlc
[2010/04/25 13:53:08 | 000,000,000 | ---D | C] -- C:\Users\Matthieu\Desktop\A voir
[2010/04/14 07:02:53 | 003,502,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2010/04/14 07:02:52 | 003,468,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2010/04/14 07:02:42 | 000,434,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vbscript.dll
[2010/04/14 07:02:31 | 000,220,672 | ---- | C] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\Windows\System32\l3codecp.acm
[2010/04/14 07:02:31 | 000,062,464 | ---- | C] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\Windows\System32\l3codeca.acm
[2010/04/14 07:02:23 | 000,167,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tcpipcfg.dll
[2010/04/14 07:02:23 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netiougc.exe
[2010/04/08 22:21:07 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\browserchoice.exe
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
 
[2010/05/08 11:57:55 | 002,621,440 | -HS- | M] () -- C:\Users\Matthieu\NTUSER.DAT
[2010/05/08 11:30:01 | 000,000,346 | ---- | M] () -- C:\Windows\tasks\Recovery DVD Creator.job
[2010/05/08 11:30:01 | 000,000,346 | ---- | M] () -- C:\Windows\tasks\Extension de garantie.job
[2010/05/08 11:18:55 | 000,000,514 | ---- | M] () -- C:\Windows\tasks\Maintenance en 1 clic.job
[2010/05/08 11:16:02 | 000,003,072 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010/05/08 11:16:02 | 000,003,072 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010/05/08 11:16:01 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010/05/08 11:15:44 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010/05/08 11:15:41 | 2012,504,064 | -HS- | M] () -- C:\hiberfil.sys
[2010/05/08 11:13:25 | 002,455,386 | -H-- | M] () -- C:\Users\Matthieu\AppData\Local\IconCache.db
[2010/05/08 10:46:43 | 000,570,880 | ---- | M] (OldTimer Tools) -- C:\Users\Matthieu\Desktop\OTL.exe
[2010/05/07 18:00:03 | 000,000,448 | ---- | M] () -- C:\Windows\tasks\ParetoLogic Registration.job
[2010/05/07 01:21:11 | 000,000,162 | -H-- | M] () -- C:\Users\Matthieu\Desktop\~$gfile of Trend Micro HijackThis v2.doc
[2010/05/07 01:03:43 | 000,001,356 | ---- | M] () -- C:\Users\Matthieu\AppData\Local\d3d9caps.dat
[2010/05/07 00:59:40 | 000,036,864 | ---- | M] () -- C:\Users\Matthieu\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/05/07 00:49:54 | 000,039,424 | ---- | M] () -- C:\Users\Matthieu\Desktop\Logfile of Trend Micro HijackThis v2.doc
[2010/05/07 00:42:43 | 000,000,821 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/05/06 14:42:18 | 195,497,044 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2010/05/06 09:59:34 | 000,000,386 | ---- | M] () -- C:\Windows\tasks\DriverCure.job
[2010/05/04 22:01:59 | 000,001,762 | ---- | M] () -- C:\Users\Public\Desktop\Spyware Doctor.lnk
[2010/05/04 21:33:32 | 000,002,086 | ---- | M] () -- C:\Users\Matthieu\Desktop\SpyHunter.lnk
[2010/05/04 06:45:19 | 000,383,928 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2010/05/03 23:55:26 | 001,538,854 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2010/05/03 23:55:26 | 000,700,222 | ---- | M] () -- C:\Windows\System32\perfh00C.dat
[2010/05/03 23:55:26 | 000,618,470 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010/05/03 23:55:26 | 000,122,020 | ---- | M] () -- C:\Windows\System32\perfc00C.dat
[2010/05/03 23:55:26 | 000,107,614 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010/05/03 19:31:31 | 000,100,824 | ---- | M] () -- C:\Users\Matthieu\AppData\Local\GDIPFONTCACHEV1.DAT
[2010/05/02 13:40:20 | 734,175,232 | ---- | M] () -- C:\Users\Matthieu\Desktop\Cendrillon UpBy LeoLeandro.avi
[2010/05/02 01:47:03 | 000,000,422 | ---- | M] () -- C:\Windows\tasks\ParetoLogic Update Version2.job
[2010/04/29 15:39:38 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010/04/29 15:39:26 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2010/04/25 17:01:15 | 000,000,862 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2010/04/18 23:22:33 | 000,019,968 | ---- | M] () -- C:\Users\Matthieu\Desktop\A voir.doc
[2010/04/08 14:29:32 | 000,063,360 | ---- | M] (PC Tools) -- C:\Windows\System32\drivers\pctplsg.sys
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
[color=#E56717]========== Files Created - No Company Name ==========[/color]
 
[2010/05/07 01:21:11 | 000,000,162 | -H-- | C] () -- C:\Users\Matthieu\Desktop\~$gfile of Trend Micro HijackThis v2.doc
[2010/05/07 01:12:46 | 2012,504,064 | -HS- | C] () -- C:\hiberfil.sys
[2010/05/07 00:49:53 | 000,039,424 | ---- | C] () -- C:\Users\Matthieu\Desktop\Logfile of Trend Micro HijackThis v2.doc
[2010/05/07 00:42:43 | 000,000,821 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/05/04 22:05:31 | 000,767,952 | ---- | C] () -- C:\Windows\BDTSupport.dll
[2010/05/04 22:05:30 | 000,000,882 | ---- | C] () -- C:\Windows\RegSDImport.xml
[2010/05/04 22:05:30 | 000,000,879 | ---- | C] () -- C:\Windows\RegISSImport.xml
[2010/05/04 22:05:30 | 000,000,131 | ---- | C] () -- C:\Windows\IDB.zip
[2010/05/04 22:05:29 | 001,152,444 | ---- | C] () -- C:\Windows\UDB.zip
[2010/05/04 22:02:17 | 000,007,387 | ---- | C] () -- C:\Windows\System32\drivers\pctgntdi.cat
[2010/05/04 22:02:02 | 000,007,412 | ---- | C] () -- C:\Windows\System32\drivers\PCTAppEvent.cat
[2010/05/04 22:02:02 | 000,007,383 | ---- | C] () -- C:\Windows\System32\drivers\pctcore.cat
[2010/05/04 22:01:59 | 000,001,762 | ---- | C] () -- C:\Users\Public\Desktop\Spyware Doctor.lnk
[2010/05/04 22:01:54 | 000,007,383 | ---- | C] () -- C:\Windows\System32\drivers\pctplsg.cat
[2010/05/04 21:33:32 | 000,002,086 | ---- | C] () -- C:\Users\Matthieu\Desktop\SpyHunter.lnk
[2010/05/02 12:56:07 | 734,175,232 | ---- | C] () -- C:\Users\Matthieu\Desktop\Cendrillon UpBy LeoLeandro.avi
[2010/04/25 17:01:15 | 000,000,862 | ---- | C] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2010/04/18 23:22:32 | 000,019,968 | ---- | C] () -- C:\Users\Matthieu\Desktop\A voir.doc
[2010/01/14 22:56:26 | 000,000,118 | ---- | C] () -- C:\Windows\System32\MRT.INI
[2009/09/05 16:29:46 | 000,000,097 | ---- | C] () -- C:\Windows\System32\PICSDK.ini
[2009/09/05 16:24:01 | 000,000,025 | ---- | C] () -- C:\Windows\CDE SX400DEFGIPS.ini
[2009/01/19 01:23:26 | 000,000,319 | ---- | C] () -- C:\Windows\game.ini
[2008/07/12 15:05:34 | 000,000,484 | ---- | C] () -- C:\Windows\ODBC.INI
[2008/07/09 21:28:47 | 000,042,594 | ---- | C] () -- C:\Windows\System32\lvcoinst.ini
[2008/06/11 02:07:20 | 003,596,288 | ---- | C] () -- C:\Windows\System32\qt-dx331.dll
[2008/06/11 02:03:26 | 000,000,416 | ---- | C] () -- C:\Windows\System32\dtu100.dll.manifest
[2008/06/11 02:03:26 | 000,000,416 | ---- | C] () -- C:\Windows\System32\dpl100.dll.manifest
[2008/05/23 00:18:54 | 000,012,288 | ---- | C] () -- C:\Windows\System32\DivXWMPExtType.dll
[2008/03/14 11:32:20 | 002,115,816 | ---- | C] () -- C:\Windows\System32\NPSWF32.dll
[2007/05/30 09:54:10 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
[2007/03/29 23:00:40 | 000,203,264 | R--- | C] () -- C:\Windows\System32\CddbCdda.dll
[2007/02/13 09:48:38 | 000,000,000 | ---- | C] () -- C:\Windows\System32\px.ini
[2006/11/15 22:03:12 | 000,024,736 | ---- | C] () -- C:\Windows\System32\drivers\LVPr2Mon.sys
[2006/11/15 22:00:56 | 001,678,368 | ---- | C] () -- C:\Windows\System32\drivers\Lvckap.sys
[2006/11/02 14:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2003/04/01 10:58:02 | 000,005,260 | ---- | C] () -- C:\Windows\System32\OUTLPERF.INI
 
[color=#E56717]========== Custom Scans ==========[/color]
 
 
[color=#A23BEC]< %SYSTEMDRIVE%\*.exe >[/color]
 
 
[color=#A23BEC]< MD5 for: AGP440.SYS  >[/color]
[2008/01/19 09:42:25 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\SoftwareDistribution\Download\a58fa8f1a78b89e6c2a670e288053b8b\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys
[2006/11/02 11:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\drivers\AGP440.sys
[2006/11/02 11:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys
 
[color=#A23BEC]< MD5 for: ATAPI.SYS  >[/color]
[2008/01/19 09:41:30 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\SoftwareDistribution\Download\a58fa8f1a78b89e6c2a670e288053b8b\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys
[2006/11/02 11:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys
[2008/03/14 19:49:20 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=B35CFCEF838382AB6490B321C87EDF17 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_7de13c21\atapi.sys
[2008/03/14 19:49:20 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=B35CFCEF838382AB6490B321C87EDF17 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.16632_none_db337a442479c42c\atapi.sys
[2008/03/14 19:34:20 | 000,021,688 | ---- | M] (Microsoft Corporation) MD5=DB44893AF257EBB912511B2042B2AD38 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_7e854ec8\atapi.sys
[2008/03/14 19:34:20 | 000,021,688 | ---- | M] (Microsoft Corporation) MD5=DB44893AF257EBB912511B2042B2AD38 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.20619_none_dbd9b7073d80e04e\atapi.sys
[2008/03/14 19:49:20 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=E03E8C99D15D0381E02743C36AFC7C6F -- C:\Windows\System32\drivers\atapi.sys
[2008/03/14 19:49:20 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=E03E8C99D15D0381E02743C36AFC7C6F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_64dfd8ea\atapi.sys
[2008/03/14 19:49:20 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=E03E8C99D15D0381E02743C36AFC7C6F -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.20757_none_dbac78a93da31a8b\atapi.sys
 
[color=#A23BEC]< MD5 for: CNGAUDIT.DLL  >[/color]
[2006/11/02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\System32\cngaudit.dll
[2006/11/02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll
 
[color=#A23BEC]< MD5 for: IASTORV.SYS  >[/color]
[2008/01/19 09:42:51 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\SoftwareDistribution\Download\a58fa8f1a78b89e6c2a670e288053b8b\x86_iastorv.inf_31bf3856ad364e35_6.0.6001.18000_none_af11527887c7fa8f\iaStorV.sys
[2006/11/02 11:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\drivers\iaStorV.sys
[2006/11/02 11:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_37cdafa4\iaStorV.sys
 
[color=#A23BEC]< MD5 for: NETLOGON.DLL  >[/color]
[2006/11/02 11:46:11 | 000,559,616 | ---- | M] (Microsoft Corporation) MD5=889A2C9F2AACCD8F64EF50AC0B3D553B -- C:\Windows\System32\netlogon.dll
[2006/11/02 11:46:11 | 000,559,616 | ---- | M] (Microsoft Corporation) MD5=889A2C9F2AACCD8F64EF50AC0B3D553B -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6000.16386_none_fb80f5473b0ed783\netlogon.dll
[2008/01/19 09:35:36 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\SoftwareDistribution\Download\a58fa8f1a78b89e6c2a670e288053b8b\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_fdb7b74337f9e857\netlogon.dll
 
[color=#A23BEC]< MD5 for: NVSTOR.SYS  >[/color]
[2006/11/02 11:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\drivers\nvstor.sys
[2006/11/02 11:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvstor.sys
[2008/01/19 09:42:09 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\SoftwareDistribution\Download\a58fa8f1a78b89e6c2a670e288053b8b\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvstor.sys
 
[color=#A23BEC]< MD5 for: SCECLI.DLL  >[/color]
[2008/01/19 09:36:19 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\SoftwareDistribution\Download\a58fa8f1a78b89e6c2a670e288053b8b\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_380de25bd91b6f12\scecli.dll
[2006/11/02 11:46:12 | 000,176,640 | ---- | M] (Microsoft Corporation) MD5=80E2839D05CA5970A86D7BE2A08BFF61 -- C:\Windows\System32\scecli.dll
[2006/11/02 11:46:12 | 000,176,640 | ---- | M] (Microsoft Corporation) MD5=80E2839D05CA5970A86D7BE2A08BFF61 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6000.16386_none_35d7205fdc305e3e\scecli.dll
 
[color=#A23BEC]< %systemroot%\*. /mp /s >[/color]
 
[color=#A23BEC]< %systemroot%\system32\*.dll /lockedfiles >[/color]
[2006/11/02 11:46:04 | 000,380,957 | ---- | M] (Microsoft Corporation)[b] Unable to obtain MD5[/b] -- C:\Windows\System32\expsrv.dll
[2006/11/02 11:47:18 | 000,228,968 | ---- | M] (Microsoft Corporation)[b] Unable to obtain MD5[/b] -- C:\Windows\System32\rsaenh.dll
[2008/03/14 19:24:09 | 000,223,232 | ---- | M] (Microsoft Corporation)[b] Unable to obtain MD5[/b] -- C:\Windows\System32\SLC.dll
 
[color=#A23BEC]< %systemroot%\Tasks\*.job /lockedfiles >[/color]
 
[color=#E56717]========== Alternate Data Streams ==========[/color]
 
@Alternate Data Stream - 76 bytes -> C:\Users\Matthieu\Documents\Updater5:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Matthieu\Documents\My Pando Packages:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Matthieu\Documents\My Games:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Matthieu\Documents\My Downloads:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Matthieu\Documents\Mes téléchargements:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Matthieu\Documents\Mes Google Gadgets:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Matthieu\Documents\Mes fichiers reçus:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Matthieu\Desktop\My Downloads:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Matthieu\Desktop\Matthieu:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Matthieu\Desktop\Cendrillon UpBy LeoLeandro.avi:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Matthieu\Desktop\A voir:Roxio EMC Stream
@Alternate Data Stream - 210 bytes -> C:\ProgramData\TEMP:DFC5A2B2
@Alternate Data Stream - 126 bytes -> C:\ProgramData\TEMP:A9662AE0
@Alternate Data Stream - 109 bytes -> C:\ProgramData\TEMP:A8ADE5D8
< End of report >

merci de continuer à m'aider!

[bernard53]

OK ceci a suivre s.t.p


* Fait un double-clic sur l'icône d'OTL pour le lancer
/!\ pour Vista/Seven fais un clic-droit sur l'icône d'OTL et choisis "Exécuter en tant qu'administrateur"

* Assure-toi d'avoir fermé toutes les applications en court de fonctionnement.

* Quand la fenêtre d'OTL apparaît, assure toi que dans la section "Rapport" (en haut à droite) la case " Rapport minimal" soit cochée.

* Copies et colles le contenue de cette citation dans la partie inférieure d'OTL "Personnalisation"

:OTL
IE - HKCU\..\URLSearchHook: {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll (Crawler.com)
O2 - BHO: () - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll (Crawler.com)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Barre d'outils &Crawler) - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll (Crawler.com)
O3 - HKCU\..\Toolbar\WebBrowser: (Barre d'outils &Crawler) - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll (Crawler.com)
O4 - HKLM\..\Run: [] File not found
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\tbr {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll (Crawler.com)
O33 - MountPoints2\{9fad337e-8294-11de-9166-001fc61e492e}\Shell\AutoRun\command - "" = E:\EmDesk.exe -- File not found
O33 - MountPoints2\{9fad337e-8294-11de-9166-001fc61e492e}\Shell\EmDesk\command - "" = E:\EmDesk.exe -- File not found
O33 - MountPoints2\{ad8847ed-726e-11de-b943-001fc61e492e}\Shell\AutoRun\command - "" = E:\Recycle\X-5-4-27-2345678318-4567890223-4234567884-2341\Bcuzz.exe -- File not found
O33 - MountPoints2\{ad8847ed-726e-11de-b943-001fc61e492e}\Shell\open\command - "" = E:\Recycle\X-5-4-27-2345678318-4567890223-4234567884-2341\Bcuzz.exe -- File not found

* Cliques sur l'icône Correction (en haut à gauche) .
* Laisse le scan aller à son terme sans te servir du PC
* A la fin du scan un ou deux rapports vont s'ouvrir "OTL.Txt" et ( ou ) "Extras.Txt"( dans certains cas).
* Copie et colle le ou les rapports dans ta réponse stp...
* Au cas où, tu peux les retrouver dans le dossier C:\OTL ou sur ton bureau en fonction des cas rencontrés


Après dis moi comment va ton pc.

[matthieu77]

Bernard53,

Merci de tes conseils et ton aide, voila le rapport avec la correction!!

Code: Tout sélectionner

========== OTL ==========
Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}\ deleted successfully.
C:\PROGRA~1\Crawler\Toolbar\ctbr.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}\ not found.
File C:\PROGRA~1\Crawler\Toolbar\ctbr.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5C255C8A-E604-49b4-9D64-90988571CECB}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{4B3803EA-5230-4DC3-A7FC-33638F3D3542} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4B3803EA-5230-4DC3-A7FC-33638F3D3542}\ deleted successfully.
File C:\PROGRA~1\Crawler\Toolbar\ctbr.dll not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{4B3803EA-5230-4DC3-A7FC-33638F3D3542} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4B3803EA-5230-4DC3-A7FC-33638F3D3542}\ not found.
File C:\PROGRA~1\Crawler\Toolbar\ctbr.dll not found.
Registry key HKEY_LOCAL_MACHINE\\Software\Microsoft\Windows\CurrentVersion\Run not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\msdaipp\ deleted successfully.
File Protocol\Handler\msdaipp - No CLSID value found not found.
File C:\PROGRA~1\Crawler\Toolbar\ctbr.dll not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\tbr\ deleted successfully.
Invalid CLSID key: C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
File C:\PROGRA~1\Crawler\Toolbar\ctbr.dll not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{9fad337e-8294-11de-9166-001fc61e492e}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9fad337e-8294-11de-9166-001fc61e492e}\ not found.
File E:\EmDesk.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{9fad337e-8294-11de-9166-001fc61e492e}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9fad337e-8294-11de-9166-001fc61e492e}\ not found.
File E:\EmDesk.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ad8847ed-726e-11de-b943-001fc61e492e}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ad8847ed-726e-11de-b943-001fc61e492e}\ not found.
File E:\Recycle\X-5-4-27-2345678318-4567890223-4234567884-2341\Bcuzz.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ad8847ed-726e-11de-b943-001fc61e492e}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ad8847ed-726e-11de-b943-001fc61e492e}\ not found.
File E:\Recycle\X-5-4-27-2345678318-4567890223-4234567884-2341\Bcuzz.exe not found.
 
OTL by OldTimer - Version 3.2.4.1 log created on 05082010_135931

Il me semble que mon ordinateur fonctionne mieux car déjà avec malwarebytes je n'ai plus desktop security 2010 qui vient m'importuner, ni security center alert, je suis tranquille pour l'instant!! ça semble être résolu!

Me conseilles-tu toi ausi avast comme anti virus gratuit?

Merci de ton aide!

[bernard53]

bon si tout va bien.

Fait ceci pour supprimer les logiciels qui ont servis à cette désinfection.

>> Télécharge ToolsCleaner (de A.Rothstein & dj QUIOU) http://pc-system.fr/TC/ToolsCleaner2.exe

>> Double-clique dessus pour lancer le programme

>> Clique sur Recherche et laisse le scan se terminer (il peut durer une dizaine de minutes au maximum).

>> Une fois la recherche lancée, ne clique pas dans la fenêtre, cela provoquerait un léger bug du programme.

>> Si toutes fois la mention (ne réponds pas) apparaissait dans le titre de la fenêtre ToolsCleaner, ne t'en occupes pas et laisse quand même le programme terminer son travail

** Clique sur Suppression pour finaliser.

• Tu peux, si tu le souhaites, te servir des Options facultatives.

**Poste-moi le rapport qui apparait

Ensuite::

Bon maintenant on va mettre la restauration du système propre.
Pour cela:

1- Valides les touches Windows et Pause en même temps.

Puis Protection du système

Sur cette fenêtre décoches la case concernant le DD ou est installé ton système normalement C:

Valide et acceptes les demandes suivantes.

***Pour Windows 7** il faut valider l'onglet Configurer puis valider la désactivation de la restauration.

**Toujours sur cette même fenêtre : Il te faut donc maintenant recrée un nouveau point de restauration.

Coche cette même case et valides cela par l’onglet APPLIQUER puis onglet « CREER »

Nommes ce point PC- Clean: Valides.

Vous pouvez maintenant fermer toutes les fenêtres.


Ensuite garde MalwaresBytes qui est très bien. tu t'en es rendu compte

Comme antivirus j'ai une préférence pour Antivir mais Avast est pas mal du tout aussi.

A toi de choisir.

[matthieu77]

voila le rapport de toolscleaner:

Code: Tout sélectionner

[ Rapport ToolsCleaner version 2.3.11 (par A.Rothstein & dj QUIOU) ]

--> Recherche:

C:\Program Files\Trend Micro\HijackThis: trouvé !
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe: trouvé !
C:\ProgramData\Microsoft\Windows\Start Menu\Programmes\HijackThis: trouvé !
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HijackThis: trouvé !
C:\Users\All Users\Microsoft\Windows\Start Menu\Programmes\HijackThis: trouvé !
C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\HijackThis: trouvé !
C:\Users\Matthieu\Desktop\Matthieu\Icones\HijackThis.lnk: trouvé !
C:\Users\Matthieu\Documents\hijackthis.log: trouvé !
C:\Users\Matthieu\Downloads\HijackThis.exe: trouvé !
C:\Users\Matthieu\Downloads\HJTInstall.exe: trouvé !
C:\Users\Matthieu\Downloads\hijackthis.log: trouvé !

---------------------------------
--> Suppression:

C:\Program Files\Trend Micro\HijackThis\HijackThis.exe: ERREUR DE SUPPRESSION !!
C:\Users\Matthieu\Desktop\Matthieu\Icones\HijackThis.lnk: supprimé !
C:\Users\Matthieu\Downloads\HijackThis.exe: supprimé !
C:\Users\Matthieu\Downloads\HJTInstall.exe: supprimé !
C:\Users\Matthieu\Documents\hijackthis.log: supprimé !
C:\Users\Matthieu\Downloads\hijackthis.log: supprimé !
C:\Program Files\Trend Micro\HijackThis: ERREUR DE SUPPRESSION !!
C:\ProgramData\Microsoft\Windows\Start Menu\Programmes\HijackThis: ERREUR DE SUPPRESSION !!
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HijackThis: ERREUR DE SUPPRESSION !!
C:\Users\All Users\Microsoft\Windows\Start Menu\Programmes\HijackThis: ERREUR DE SUPPRESSION !!
C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\HijackThis: ERREUR DE SUPPRESSION !!

je passe à la suite là!!

[bernard53]

Pour les erreurs de suppression tels

C:\Program Files\Trend Micro\HijackThis: ERREUR DE SUPPRESSION !!

Après un redémarrage tu pourras soit relancer "ToolsCleaner " soit faire la suppression manuellement soit garder "HijackThis"