Il y a actuellement 452 visiteurs
Lundi 23 Décembre 2024
accueilactualitésdossierscomparer les prixtélécharger gratuitement vos logicielsoffres d'emploiforum informatique
Connexion
Créer un compte

desktop security 2010 et Security center alert

Un ordinateur qui ralentit, des écrans publicitaires qui apparaissent, des applications qui refusent de démarrer ou encore votre navigateur qui s'obstine à ouvrir une page douteuse sont autant d'éléments qui indiquent que l'intégrité de votre ordinateur est menacée par un virus. Vous trouverez dans ce forum quelques conseils et logiciels pour surfer tranquillement.
Règles du forum
Pour afficher un rapport d'analyse ou un rapport d'infection (HijackThis, OTL, AdwCleaner etc...)‎, veuillez utiliser le système de fichiers joints interne au forum. Seuls les formats les .txt et .log de moins de 1Mo sont acceptés. Pour obtenir de l'aide pour insérer vos fichiers joints, veuillez consulter ce tutoriel

desktop security 2010 et Security center alert

Message le 06 Mai 2010 14:24

Bonjour ,
j'ai chopé ces deux virus ou spyware, je comprends rien en informatique
j'ai téléchargé spyware doctor et cela ne m'a pas sauvé
pouvez-vous m'expliquer svp en pensant que vous parlez à un débutant comment les éradiquer!
merci d'avance

ps:si vous aviez des conseils en matière d'antivirus gratuits je prends!
matthieu77
Visiteur Confirmé
Visiteur Confirmé
 
Messages: 10
Inscription: 06 Mai 2010 14:16
 


Re: desktop security 2010 et Security center alert

Message le 06 Mai 2010 16:37

Salut,
en attendant que les spécialiste des virus interviennent plusieurs petites choses

1> Système utilisé sur le PC (version de windows)

2> Deux petites choses:

---> Scan ton PC avec Malwarebyte's antimalware >>ici<< (en mode sans échec si tu peux) supprime les malwares trouvés et poste son rapport (copier coller)

Important: met à jours la base de virus avant de passer en mode sans échec

Pour le mode sans échec: au démarrage du PC, tapote F8 et choisi mode sans échec dans le menu

---> Poste un rapport hijackThis >>ici avec mode d'emploi<< !!!! ne fait pas l'analyse en mode sans échec!!!


Sinon comme antivirus gratuit, le dernier Avast a bonne réputation
Avatar de l'utilisateur
EinsteinZero
Moderateur
Moderateur
 
Messages: 18430
Inscription: 27 Déc 2009 16:22
Localisation: Normandie
 

Re: desktop security 2010 et Security center alert

Message le 07 Mai 2010 00:23

merci de répondre,voici les 2 analyses: (pour info j'ai vista)

Code: Tout sélectionner
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 00:46:35, on 07/05/2010
Platform: Windows Vista  (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.17037)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Spyware Doctor\pctsTray.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\system32\taskeng.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Picasa2\PicasaMediaDetector.exe
C:\Program Files\Common Files\Logitech\LComMgr\Communications_Helper.exe
C:\Program Files\Logitech\QuickCam10\QuickCam10.exe
C:\Program Files\Common Files\Logitech\LComMgr\LVComSX.exe
C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
C:\Program Files\Sony\Content Transfer\ContentTransferWMDetector.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\HP\Digital Imaging\bin\HpqSRmon.exe
C:\Program Files\AxBx\VirusKeeper 2010 Pro Evaluation\VirusKeeper.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Windows\System32\wpcumi.exe
C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Veoh Networks\Veoh\VeohClient.exe
C:\Windows\ehome\ehtray.exe
C:\Windows\System32\spool\drivers\w32x86\3\E_FATIEGE.EXE
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Neuf\Kit\9props.exe
C:\Users\Matthieu\AppData\Local\Temp\m.2E041.tmp.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe
C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\AxBx\VirusKeeper 2010 Pro Evaluation\vk_scanfile.exe
C:\Program Files\AxBx\VirusKeeper 2010 Pro Evaluation\vk_scanprocess.exe
C:\Program Files\AxBx\VirusKeeper 2010 Pro Evaluation\vk_watchop.exe
C:\Users\Matthieu\Downloads\HiJackThis(2).exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://format.packardbell.com/cgi-bin/redirect/?country=FR&range=AD&phase=8&key=IESTART
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.fr/0SEFRFR/SAOS02
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://format.packardbell.com/cgi-bin/redirect/?country=FR&range=AD&phase=8&key=IESTART
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O1 - Hosts: ::1 localhost
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.5\NppBho.dll
O2 - BHO: Browser Defender BHO - {2A0F3D1B-0909-4FF4-B272-609CCE6054E7} - C:\Program Files\Spyware Doctor\BDT\PCTBrowserDefender.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: MegaIEMn - {bf00e119-21a3-4fd1-b178-3b8537e75c92} - C:\Program Files\Megaupload\Mega Manager\MegaIEMn.dll
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Google\Google_BAE\BAE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: Afficher Norton Toolbar - {90222687-F593-4738-B738-FBEE9C7B26DF} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.5\UIBHO.dll
O3 - Toolbar: Barre d'outils &Crawler - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O3 - Toolbar: PC Tools Browser Guard - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files\Spyware Doctor\BDT\PCTBrowserDefender.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [Skytel] Skytel.exe
O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe"
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe
O4 - HKLM\..\Run: [toolbar_eula_launcher] C:\Program Files\Packard Bell\GOOGLE_EULA\EULALauncher.exe
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\Logitech\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam10\QuickCam10.exe" /hide
O4 - HKLM\..\Run: [LVCOMSX] "C:\Program Files\Common Files\Logitech\LComMgr\LVComSX.exe"
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup
O4 - HKLM\..\Run: [ContentTransferWMDetector.exe] C:\Program Files\Sony\Content Transfer\ContentTransferWMDetector.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [VirusKeeper] C:\Program Files\AxBx\VirusKeeper 2010 Pro Evaluation\VirusKeeper.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [WPCUMI] C:\Windows\system32\WpcUmi.exe
O4 - HKLM\..\Run: [ISTray] "C:\Program Files\Spyware Doctor\pctsTray.exe"
O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
O4 - HKCU\..\Run: [SmpcSys] C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Veoh] "C:\Program Files\Veoh Networks\Veoh\VeohClient.exe" /VeohHide
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [EPSON Stylus SX400 Series] C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIEGE.EXE /FU "C:\Windows\TEMP\E_S7780.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [Connexion SFR 9props.exe] "C:\Program Files\Neuf\Kit\9props.exe" /trayicon
O4 - HKCU\..\Run: [2jplw3uwv8oj] C:\Users\Matthieu\AppData\Local\Temp\m.2E041.tmp.exe
O4 - HKCU\..\Run: [Studiodecorad3d] c:\users\matthieu\appdata\locallow\sun\java\deployment\cache\6.0\15\58fb3e0f-3010df84-n\studiodecorad3d.exe
O4 - HKCU\..\Run: [Desktop Security 2010] "C:\Users\Matthieu\AppData\Roaming\Desktop Security 2010\Desktop Security 2010.exe" /STARTUP
O4 - HKCU\..\Run: [SecurityCenter] C:\Users\Matthieu\AppData\Roaming\Desktop Security 2010\securitycenter.exe
O4 - HKCU\..\RunServices: [electrowwweMPe3net] c:\users\matthieu\music\nokia music manager\mondo\album inconnu\electroalive6219.exe
O4 - HKCU\..\RunServices: [SecurityDesktop] c:\users\matthieu\appdata\roaming\microsoft\internet explorer\quick launch\securitydesktop.exe
O4 - HKUS\S-1-5-18\..\Run: [Nokia.PCSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Nokia.PCSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog (User 'Default user')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: Crawler Search - tbr:iemenu
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: HP Smart Select - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O13 - Gopher Prefix:
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL
O23 - Service: ASLDR Service (ASLDRService) - Unknown owner - C:\Program Files\ATK Hotkey\ASLDRSrv.exe
O23 - Service: Browser Defender Update Service - Threat Expert Ltd. - C:\Program Files\Spyware Doctor\BDT\BDTUpdateService.exe
O23 - Service: ccEvtMgr - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: ccSetMgr - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
O23 - Service: Google Desktop Manager 5.9.911.3589 (GoogleDesktopManager-110309-193829) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\Logitech\SrvLnch\SrvLnch.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: SpyHunter 4 Service - Enigma Software Group USA, LLC. - C:\PROGRA~1\ENIGMA~1\SPYHUN~1\SH4SER~1.EXE
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: @%SystemRoot%\System32\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software - C:\Windows\System32\TuneUpDefragService.exe
O23 - Service: @%SystemRoot%\System32\TUProgSt.exe,-1 (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:\Windows\System32\TUProgSt.exe
O23 - Service: VirusKeeper antivirus/antispyware (vkservice) - AxBx - C:\Program Files\AxBx\VirusKeeper 2010 Pro Evaluation\vk_service.exe

--
End of file - 13853 bytes






et la 2ème:
Code: Tout sélectionner
Malwarebytes' Anti-Malware 1.46
http://www.malwarebytes.org

Version de la base de données: 4073

Windows 6.0.6000 (Safe Mode)
Internet Explorer 7.0.6000.17037

07/05/2010 01:11:30
mbam-log-2010-05-07 (01-11-30).txt

Type d'examen: Examen rapide
Elément(s) analysé(s): 124647
Temps écoulé: 10 minute(s), 24 seconde(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 176
Valeur(s) du Registre infectée(s): 2
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 4
Fichier(s) infecté(s): 23

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
HKEY_CLASSES_ROOT\CLSID\{70880ce6-308c-4204-a89e-b266c3f7b7fa} (Adware.Softomate) -> No action taken.
HKEY_CLASSES_ROOT\Typelib\{56acb669-4139-5611-cbba-f5acb0f4db09} (Trojan.FakeAlert) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{a078f691-9c07-4af2-bf43-35e79eecf8b7} (Adware.Softomate) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{a078f691-9c07-4af2-bf43-35e79eecf8b7} (Adware.Softomate) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{007474e7-1a02-46e1-af4c-fd819a1e8d15} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{01f36ce2-0907-4d8b-979d-f151be91c883} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{07167665-5011-11cf-bf33-00aa0055595a} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{080d0809-7456-4fbc-8493-0d2bf99ea48c} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{080d11fb-a303-4514-88fe-7dda4dfe9e4b} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{080d1473-5fea-4029-875c-53ee96549acc} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{080d588e-9756-455b-bbda-e8bcf9ec7769} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{080d5974-4b61-458b-921b-17628e423713} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{080deab4-60d9-4792-98a5-60a0f6a9acf7} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{080dfee8-4097-4bab-b7a7-1b11f4958213} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{08c72dd4-19ad-49f1-83da-8542b4d302c5} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{09bc59c2-70dd-45f9-a5b7-de9f2a5ca34b} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{0b391d89-8598-407d-8abb-4565e813eae4} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{0c0b97e3-88f4-4464-9f97-2a4e5ef4e514} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{0ca72dba-07e1-4f31-8aef-ed2fee7a5a26} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{0f230444-825c-4d1f-b5fd-f315186a4ac0} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{10662f1b-f76e-411b-a0c1-795d3e22876c} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{120ced89-3bf4-4173-a132-3cb406cf3231} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{12e89724-6940-4bdf-8129-fdb9e2a51e3e} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{15b681b2-1a09-40e3-b75a-e1afe8034137} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{1643e180-90f5-11ce-97d5-00aa0055595a} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{17cee153-8a43-410a-93dc-5e130b0af70d} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{187463a0-5bb7-11d3-acbe-0080c75e246e} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{1a56451b-1315-4012-861e-8587333dd631} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{1ad512c6-24af-4395-82b4-2d3cf21f44a2} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{1b544c20-fd0b-11ce-8c63-00aa0044b51e} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{1b75a8df-7462-46b7-b853-ac942a0e68f1} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{1da08500-9edc-11cf-bc10-00aa00ac74f6} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{1e76bae4-528d-4fb6-bcc1-b2df227d36c3} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{1ea1ea14-48f4-4054-ad1a-e8aee10ac805} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{1f1f4e1a-2252-4063-84bb-eee75f8856d5} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{212690fb-83e5-4526-8fd7-74478b7939cd} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{280a3020-86cf-11d1-abe6-00a0c905f375} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{2a11bae2-fe6e-4249-864b-9e9ed6e8dbc2} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{2b97dbb6-c5fe-4fad-8c01-3e37424a61de} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{2bc393ba-444c-4d23-83bc-26119b2a2172} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{2bca55d6-e4cf-4f1e-b1e8-fbf770ae46f1} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{2db47ae5-cf39-43c2-b4d6-0cd8d90946f4} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{2edf3db1-f88b-488a-b468-cf2bf82c2856} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{2eeb4adf-4578-4d10-bca7-bb955f56320a} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{2f7ee4b6-6ff5-4eb4-b24a-2bfc41117171} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{301056d0-6dff-11d2-9eeb-006008039e37} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{3025a43b-9f0e-4386-9b2b-c8169f120a2c} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{31c88ff0-2111-44bd-a121-61de9cd0412d} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{336475d0-942a-11ce-a870-00aa002feab5} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{33facfe0-a9be-11d0-a520-00a0d10129c0} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{370a1d5d-ddeb-418c-81cd-189e0d4fa443} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{3adc7d6a-7375-44ac-9d89-6a5bd2eeb652} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{3ae86b20-7be8-11d1-abe6-00a0c905f375} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{3b4d3176-a647-47f7-aae4-03a10c567eaf} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{3c635cf1-b684-4af8-9e1c-66cf71e0e352} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{42150cd9-ca9a-4ea5-9939-30ee037f6e74} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{442b574b-bae0-4bab-ad58-e9ff77cd5663} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{46189c67-70df-45d5-928e-93a05c69799f} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{4630cf3e-90f8-491d-8dc3-cfe207bcfdad} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{472c92f0-5438-423d-9b30-fd2932ea44ee} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{48025243-2d39-11ce-875d-00608cb78066} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{489fb618-5ea6-45bc-a3bd-b7a04ab10d8e} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{4a2286e0-7bef-11ce-9bd9-0000e202599c} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{4dda1941-77a0-4fb1-a518-e2185041d70c} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{51b4abf3-748f-4e3b-a276-c828330e926a} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{5210f8e4-b0bb-47c3-a8d9-7b2282cc79ed} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{52137e9f-f1f5-43a7-b38b-47130523be38} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{559c6bad-1ea8-4963-a087-8a6810f9218b} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{58ff69ed-8388-483b-b9ac-3eb04bbeb913} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{5f5aff4a-2f7f-4279-88c2-cd88eb39d144} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{5f7c60fa-b278-47cf-b02b-7d9bc041bcda} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{60389193-97e6-4432-8efc-14942b0e5abb} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{634ec7a8-eba6-4ba4-af6c-4a8291925575} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{665b7e99-b46a-4c0d-a29d-87fbc2c5279c} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{6a08cf80-0e18-11cf-a24d-0020afd79767} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{6bc1cffa-8fc1-4261-ac22-cfb4cc38db50} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{6cfad761-735d-4aa5-8afc-af91a7d61eba} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{6dd3897e-9025-4ef7-9d66-657c1871f5b1} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{6e8d4a20-310c-11d0-b79a-00aa003767a7} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{6f26a6cd-967b-47fd-874a-7aed2c9d25a2} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{70e102b0-5556-11ce-97c0-00aa0055595a} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{70f598e9-f4ab-495a-99e2-a7c4d3d89abf} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{731920a5-5605-4543-aeaa-b7843d6adb7e} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{745057c7-f353-4f2d-a7ee-58434477730e} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{74db402b-1125-4e9c-a154-22149402aa8f} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{75c0040b-893a-4f14-9fc1-7e532be8ceae} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{781c76f5-5f6b-4f84-a987-fe6063313925} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{78766964-0000-0010-8000-00aa00389b71} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{7912c3d0-b806-459a-907a-589894ad626e} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{798059f0-89ca-4160-b325-aeb48efe4f9a} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{7a3c02bf-ecba-42bc-82f6-ea974b27e286} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{7bafb3b1-d8f4-4279-9253-27da423108de} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{7c23220e-55bb-11d3-8b16-00c04fb6bd3d} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{7e320092-596a-41b2-bbeb-175d10504eb6} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{814b9800-1c88-11d1-bad9-00609744111a} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{82d353df-90bd-4382-8bc2-3f6192b76e34} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{852c760b-a858-43aa-a766-2caf0b32c9c7} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{8596e5f0-0da5-11d0-bd21-00a0c911ce86} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{874131cb-4ecc-443b-8948-746b89595d20} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{87fc0268-9a55-4360-95aa-004a1d9de26c} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{8ccea956-1fa5-4923-9e3d-d8017bb4f329} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{91175669-4b07-442f-aa6f-2726f11dde71} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{92eca823-d7ca-43a5-8772-c44ddf2ad70c} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{98230571-0087-4204-b020-3282538e57d3} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{9b8c4620-2c1a-11d0-8493-00a02438ad48} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{9b9e3789-99c5-4d00-958a-e36821a992d1} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{a0025e90-e45b-11d1-abe9-00a0c905f375} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{a1144a01-1e2e-450e-ab30-a3fc2b76c6e4} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{a753a1ec-973e-4718-af8e-a3f554d45c44} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{a7dd2151-a645-409a-9b39-df146d710e72} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{a888df60-1e90-11cf-ac98-00aa004c0fa9} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{ac5e8a54-357a-4e28-ad0e-6041faabd3d5} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{acd453bc-c58a-44d1-bbf5-bfb325be2d78} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{ad6c8934-f31b-4f43-b5e4-0541c1452f6f} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{afb6c280-2c41-11d3-8a60-0000f81e0e4a} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{aff289a6-abf1-4d68-9a51-634bf7077cfc} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{bbeea841-0a63-4f52-a7ab-a9b3a84ed38a} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{bc8ca1b3-b013-4866-9621-825957df23f3} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{be1e92cc-8024-4173-a7ab-393ad93539bd} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{c1f400a0-3f08-11d3-9f0b-006008039e37} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{c1f400a4-3f08-11d3-9f0b-006008039e37} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{c25ea2e7-d439-4690-a5db-87bdab0c8c52} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{c666e115-bb62-4027-a113-82d643fe2d99} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{c6b400e2-20a7-4e58-a2fe-24619682ce6c} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{c74edf04-69fe-442b-abf5-0d63d314a98d} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{c750a38d-af60-4cc7-ad65-b3c97b7c4e9b} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{c9f5fe02-f851-4eb5-99ee-ad602af1e619} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{cba9e78b-49a3-49ea-93d4-6bcba8c4de07} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{cc58e280-8aa1-11d1-b3f1-00aa003761c5} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{cc5f52b7-e5cb-4e89-8a46-ac1aab4cd42f} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{cd8743a1-3736-11d0-9e69-00c04fd7c15b} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{cf49d4e0-1115-11ce-b03a-0020af0ba770} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{cfdf0701-af0f-4ef5-93c3-f7afbc55ea65} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{d145bf00-4389-49e9-b3a0-4178719550cd} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{d23b90d0-144f-46bd-841d-59e4eb19dc59} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{d3588ab0-0781-11ce-b03a-0020af0ba770} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{d42d5fcc-ab16-4318-aa95-edfefc514aaf} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{d51bd5a1-7548-11cf-a520-0080c77ef58a} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{d51bd5a2-7548-11cf-a520-0080c77ef58a} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{d51bd5a3-7548-11cf-a520-0080c77ef58a} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{d51bd5a5-7548-11cf-a520-0080c77ef58a} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{d9dc3c81-a1b5-45bb-9cf2-939cb1339ae8} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{dafd8210-5711-4b91-9fe3-f75b7ae279bf} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{df14d9e3-c9e7-457f-b2ef-d9003e6ab914} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{e0adbfa5-ab0a-4389-b5e4-096654dcbd78} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{e1f1a0b8-beee-490d-ba7c-066c40b5e2b9} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{e2510970-f137-11ce-8b67-00aa00a3f1a6} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{e4206432-01a1-4bee-b3e1-3702c8edc574} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{e436ebb5-524f-11ce-9f53-0020af0ba770} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{e436ebb6-524f-11ce-9f53-0020af0ba770} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{e55a0b49-2f73-44d4-ad66-48966ded31ba} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{e6357b8f-2df3-4cd2-a6b4-896f7cabb3fd} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{e882f102-f626-49e9-bd68-ce2be7e59ea0} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{e882f102-f626-49e9-bd68-ce2be7e59eb0} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{e882f102-f626-49e9-bd68-ce2be7e59ec0} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{ec15a6d1-7898-4702-a161-c2c16b9c408e} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{ef011f79-4000-406d-87af-bffb3fc39d57} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{ef114c90-cd1d-484e-96e5-09cfaf912a21} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{ef3e932c-d40b-4f51-8ccf-3f98f1b29d5d} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{ef985e71-d5c7-42d4-ba4d-2d073e2e96f4} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{efca3d92-dfd8-4672-a603-7420894bad98} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{efe6629c-81f7-4281-bd91-c9d604a95af6} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{f371728a-6052-4d47-827c-d039335dfe0a} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{f447b69e-1884-4a7e-8055-346f74d6edb3} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{f7ffe0a0-a4f5-44b5-949e-15ed2bc66f9d} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{f8388a40-d5bb-11d0-be5a-0080c706568e} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{f84c5576-5e02-4621-b804-1fbde4d66d61} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{f892413f-8c51-4a84-9f39-91133e328e0a} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{fa10746c-9b63-4b6c-bc49-fc300ea5f256} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{fb2f2791-fa5d-46ac-9941-fdd00bb98c30} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{fbd1f53d-14a4-46ae-b08d-ff61c50dd8ba} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{fc772ab0-0c7f-11d3-8ff2-00a0c9224cf4} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{feb50740-7bef-11ce-9bd9-0000e202599c} (Trojan.FakeAlert) -> No action taken.
HKEY_CURRENT_USER\Software\Desktop Security 2010 (Rogue.DesktopSecurity2010) -> No action taken.
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\Desktop Security 2010 (Rogue.DesktopSecurity2010) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\fcn (Rogue.Residue) -> No action taken.

Valeur(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\studiodecorad3d (Rogue.DesktopSecurity2010) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\2jplw3uwv8oj (Trojan.FakeAlert) -> No action taken.

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
C:\Recycle\X-5-4-27-2345678318-4567890223-4234567884-2341 (Worm.AutoRun) -> No action taken.
C:\Users\Matthieu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Desktop Security 2010 (Rogue.DesktopSecurity2010) -> No action taken.
C:\Program Files\Winsudate (Adware.Gibmedia) -> No action taken.
C:\Users\Matthieu\AppData\Roaming\Desktop Security 2010 (Rogue.DesktopSecurity2010) -> No action taken.

Fichier(s) infecté(s):
C:\Users\Matthieu\Local Settings\Application Data\koyoqmy_navps.dat (Adware.Navipromo.H) -> No action taken.
C:\Users\Matthieu\Local Settings\Application Data\koyoqmy_nav.dat (Adware.Navipromo.H) -> No action taken.
C:\Users\Matthieu\Local Settings\Application Data\koyoqmy.dat (Adware.Navipromo.H) -> No action taken.
c:\Users\Matthieu\AppData\LocalLow\Sun\Java\deployment\cache\6.0\15\58fb3e0f-3010df84-n\studiodecorad3d.exe (Rogue.DesktopSecurity2010) -> No action taken.
C:\Users\Matthieu\AppData\Local\Temp\202B.tmp (Trojan.FakeAlert) -> No action taken.
C:\Users\Matthieu\AppData\Local\Temp\m.2145A.tmp.exe (Rogue.DesktopSecurity2010) -> No action taken.
C:\Users\Matthieu\downloads\Everest Poker.exe (PUP.Casino) -> No action taken.
C:\Recycle\X-5-4-27-2345678318-4567890223-4234567884-2341\Desktop.ini (Worm.AutoRun) -> No action taken.
C:\Users\Matthieu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Desktop Security 2010\Activate Desktop Security 2010.lnk (Rogue.DesktopSecurity2010) -> No action taken.
C:\Users\Matthieu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Desktop Security 2010\Desktop Security 2010.lnk (Rogue.DesktopSecurity2010) -> No action taken.
C:\Users\Matthieu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Desktop Security 2010\Help Desktop Security 2010.lnk (Rogue.DesktopSecurity2010) -> No action taken.
C:\Users\Matthieu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Desktop Security 2010\How to Activate Desktop Security 2010.lnk (Rogue.DesktopSecurity2010) -> No action taken.
C:\Users\Matthieu\AppData\Roaming\Desktop Security 2010\mfc71.dll (Rogue.DesktopSecurity2010) -> No action taken.
C:\Users\Matthieu\AppData\Roaming\Desktop Security 2010\MFC71ENU.DLL (Rogue.DesktopSecurity2010) -> No action taken.
C:\Users\Matthieu\AppData\Roaming\Desktop Security 2010\msvcp71.dll (Rogue.DesktopSecurity2010) -> No action taken.
C:\Users\Matthieu\AppData\Roaming\Desktop Security 2010\msvcr71.dll (Rogue.DesktopSecurity2010) -> No action taken.
C:\Users\Matthieu\AppData\Roaming\Desktop Security 2010\securityhelper.exe (Rogue.DesktopSecurity2010) -> No action taken.
C:\Users\Matthieu\AppData\Roaming\Desktop Security 2010\taskmgr.dll (Rogue.DesktopSecurity2010) -> No action taken.
C:\Users\Matthieu\AppData\Local\Temp\m.2E041.tmp.exe (Trojan.FakeAlert) -> No action taken.
C:\Users\Matthieu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Desktop Security 2010.LNK (Rogue.DesktopSecurity2010) -> No action taken.
C:\Users\Matthieu\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Desktop Security 2010.LNK (Rogue.DesktopSecurity2010) -> No action taken.
C:\Users\Matthieu\AppData\Local\Temp\wrfwe_di.exe (Trojan.Downloader) -> No action taken.
C:\Users\Matthieu\AppData\Local\Temp\test.exe (Trojan.Agent) -> No action taken.



voila pour moi cela ne signifie rien du tout...
merci de m'aider!
matthieu77
Visiteur Confirmé
Visiteur Confirmé
 
Messages: 10
Inscription: 06 Mai 2010 14:16
 

Re: desktop security 2010 et Security center alert

Message le 07 Mai 2010 17:31

Bonjour matthieu77

supprimes tout ce que as trouver MalwaresBytes puis fait ceci.

* Télécharge >> OTL <<sur ton bureau.

* Fait un double-clic sur l'icône d'OTL pour le lancer
/!\ pour Vista/Seven fais un clic-droit sur l'icône d'OTL et choisis "Exécuter en tant qu'administrateur"

* Assure-toi d'avoir fermé toutes les applications en court de fonctionnement.

* Quand la fenêtre d'OTL apparaît, assure toi que dans la section "Rapport" (en haut à droite) la case "Rapport minimal " soit cochée.

* Copies et colles le contenue de cette citation dans la partie inférieure d'OTL " Personnalisation"

netsvcs
%SYSTEMDRIVE%\*.exe
/md5start
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
sceclt.dll
ntelogon.dll
logevent.dll
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
vstor32.sys
ahcix86s.sys
nvrd32.sys
/md5stop
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles




* Cliques sur l'icône "Analyse" (en haut à gauche) .
* Laisse le scan aller à son terme sans te servir du PC
* A la fin du scan un ou deux rapports vont s'ouvrir "OTL.Txt" et ( ou ) "Extras.Txt"( dans certains cas).
* Copie et colle le ou les rapports dans ta réponse stp...
* Au cas où, tu peux les retrouver dans le dossier C:\OTL ou sur ton bureau en fonction des cas rencontrés
Avatar de l'utilisateur
bernard53
PC-Infopraticien
PC-Infopraticien
 
Messages: 12778
Inscription: 08 Déc 2009 19:51
 

Re: desktop security 2010 et Security center alert

Message le 07 Mai 2010 20:14

Salut, matthieu77

je vois que Malwarebyte's a fait "bonne pêche" et qu'il était temps d'intervenir

je te laisse en bonnes mains Image Salut bernard
Avatar de l'utilisateur
EinsteinZero
Moderateur
Moderateur
 
Messages: 18430
Inscription: 27 Déc 2009 16:22
Localisation: Normandie
 

Re: desktop security 2010 et Security center alert

Message le 07 Mai 2010 20:29

bonsoir EinsteinZero.

Malwarebyte's est toujours la quand il faut :lol:
Avatar de l'utilisateur
bernard53
PC-Infopraticien
PC-Infopraticien
 
Messages: 12778
Inscription: 08 Déc 2009 19:51
 

Re: desktop security 2010 et Security center alert

Message le 08 Mai 2010 11:35

bonjour,
merci de vous occuper de moi!

voila le scan efectué:

Code: Tout sélectionner
OTL logfile created on: 08/05/2010 11:47:03 - Run 1
OTL by OldTimer - Version 3.2.4.1     Folder = C:\Users\Matthieu\Desktop
Windows Vista Home Premium Edition  (Version = 6.0.6000) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6000.17037)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy
 
2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 45,00% Memory free
4,00 Gb Paging File | 2,00 Gb Available in Paging File | 60,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 103,78 Gb Total Space | 18,01 Gb Free Space | 17,35% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
 
Computer Name: PC-DE-MATTHIEU
Current User Name: Matthieu
Logged in as Administrator.
 
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
 
[color=#E56717]========== Processes (SafeList) ==========[/color]
 
PRC - C:\Users\Matthieu\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\Enigma Software Group\SpyHunter\Spyhunter4.exe (Enigma Software Group USA, LLC.)
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\PROGRA~1\ENIGMA~1\SPYHUN~1\SH4SER~1.EXE (Enigma Software Group USA, LLC.)
PRC - C:\Program Files\Spyware Doctor\pctsSvc.exe (PC Tools)
PRC - C:\Program Files\Spyware Doctor\pctsAuxs.exe (PC Tools)
PRC - C:\Program Files\Spyware Doctor\pctsTray.exe (PC Tools)
PRC - C:\Program Files\Spyware Doctor\BDT\BDTUpdateService.exe (Threat Expert Ltd.)
PRC - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe (Google)
PRC - C:\Program Files\AxBx\VirusKeeper 2010 Pro Evaluation\vk_service.exe (AxBx)
PRC - C:\Program Files\Neuf\Kit\9props.exe (SFR)
PRC - C:\Windows\System32\TUProgSt.exe (TuneUp Software)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\AxBx\VirusKeeper 2010 Pro Evaluation\vk_watchop.exe (AxBx)
PRC - C:\Program Files\Sony\Content Transfer\ContentTransferWMDetector.exe (Sony Corporation)
PRC - C:\Program Files\Veoh Networks\Veoh\VeohClient.exe (Veoh Networks)
PRC - C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
PRC - C:\Windows\System32\spool\drivers\w32x86\3\E_FATIEGE.EXE (SEIKO EPSON CORPORATION)
PRC - C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
PRC - C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe (Packard Bell BV)
PRC - C:\Program Files\ATK Hotkey\Hcontrol.exe ()
PRC - C:\Program Files\ATK Hotkey\WDC.exe ()
PRC - C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe (Nokia)
PRC - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe (Nokia.)
PRC - C:\Program Files\ATK Hotkey\ATKOSD.exe ()
PRC - C:\Program Files\Picasa2\PicasaMediaDetector.exe (Google Inc.)
PRC - C:\Program Files\ATK Hotkey\ASLDRSrv.exe ()
PRC - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe (Sonic Solutions)
PRC - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe (Sonic Solutions)
PRC - C:\Program Files\Common Files\Symantec Shared\ccApp.exe (Symantec Corporation)
PRC - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (Symantec Corporation)
PRC - c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe (Logitech Inc.)
PRC - C:\Program Files\Common Files\Logitech\LComMgr\LVComSX.exe (Logitech Inc.)
PRC - C:\Program Files\Logitech\QuickCam10\QuickCam10.exe ()
PRC - C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe (Logitech Inc.)
PRC - C:\Windows\System32\wpcumi.exe (Microsoft Corporation)
PRC - C:\Windows\System32\wercon.exe (Microsoft Corporation)
PRC - C:\Program Files\Common Files\Logitech\LComMgr\Communications_Helper.exe (Logitech Inc.)
 
 
[color=#E56717]========== Modules (SafeList) ==========[/color]
 
MOD - C:\Users\Matthieu\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\Program Files\Spyware Doctor\smum32.dll (PC Tools)
MOD - C:\Program Files\Spyware Doctor\pctgmhk.dll (PC Tools)
MOD - C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcInj.dll (Logitech Inc.)
MOD - C:\Windows\System32\msscript.ocx (Microsoft Corporation)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll (Microsoft Corporation)
 
 
[color=#E56717]========== Win32 Services (SafeList) ==========[/color]
 
SRV - (SpyHunter 4 Service) -- C:\PROGRA~1\ENIGMA~1\SPYHUN~1\SH4SER~1.EXE (Enigma Software Group USA, LLC.)
SRV - (sdCoreService) -- C:\Program Files\Spyware Doctor\pctsSvc.exe (PC Tools)
SRV - (sdAuxService) -- C:\Program Files\Spyware Doctor\pctsAuxs.exe (PC Tools)
SRV - (Browser Defender Update Service) -- C:\Program Files\Spyware Doctor\BDT\BDTUpdateService.exe (Threat Expert Ltd.)
SRV - (GoogleDesktopManager-110309-193829) -- C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe (Google)
SRV - (vkservice) -- C:\Program Files\AxBx\VirusKeeper 2010 Pro Evaluation\vk_service.exe (AxBx)
SRV - (TuneUp.ProgramStatisticsSvc) -- C:\Windows\System32\TUProgSt.exe (TuneUp Software)
SRV - (TuneUp.Defrag) -- C:\Windows\System32\TuneUpDefragService.exe (TuneUp Software)
SRV - (UxTuneUp) -- C:\Windows\System32\uxtuneup.dll (TuneUp Software)
SRV - (Symantec Core LC) -- C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe ()
SRV - (WinDefend) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SRV - (LiveUpdate Notice Service) -- C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe (Symantec Corporation)
SRV - (LiveUpdate) -- C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE (Symantec Corporation)
SRV - (ServiceLayer) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe (Nokia.)
SRV - (ASLDRService) -- C:\Program Files\ATK Hotkey\ASLDRSrv.exe ()
SRV - (comHost) -- C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe (Symantec Corporation)
SRV - (LiveUpdate Notice Ex) -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (Symantec Corporation)
SRV - (CLTNetCnService) -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (Symantec Corporation)
SRV - (ccSetMgr) -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (Symantec Corporation)
SRV - (ccEvtMgr) -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (Symantec Corporation)
SRV - (LVSrvLauncher) -- C:\Program Files\Common Files\Logitech\SrvLnch\SrvLnch.exe (Logitech Inc.)
SRV - (LVPrcSrv) -- c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe (Logitech Inc.)
 
 
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
 
DRV - (PCTCore) -- C:\Windows\system32\drivers\PCTCore.sys (PC Tools)
DRV - (NAVEX15) -- C:\ProgramData\Symantec\Definitions\VirusDefs\20080821.017\NAVEX15.SYS (Symantec Corporation)
DRV - (NAVENG) -- C:\ProgramData\Symantec\Definitions\VirusDefs\20080821.017\NAVENG.SYS (Symantec Corporation)
DRV - (eeCtrl) -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys (Symantec Corporation)
DRV - (SymEvent) -- C:\Windows\System32\drivers\SYMEVENT.SYS (Symantec Corporation)
DRV - (IDSvix86) -- C:\ProgramData\Symantec\Definitions\SymcData\idsdefs\20080813.002\IDSvix86.sys (Symantec Corporation)
DRV - (viaide) -- C:\Windows\system32\drivers\viaide.sys (VIA Technologies, Inc.)
DRV - (cmdide) -- C:\Windows\system32\drivers\cmdide.sys (CMD Technology, Inc.)
DRV - (aliide) -- C:\Windows\system32\drivers\aliide.sys (Acer Laboratories Inc.)
DRV - (SRTSPL) -- C:\Windows\System32\drivers\srtspl.sys (Symantec Corporation)
DRV - (SRTSP) -- C:\Windows\System32\drivers\srtsp.sys (Symantec Corporation)
DRV - (SRTSPX) -- C:\Windows\System32\drivers\srtspx.sys (Symantec Corporation)
DRV - (SiS6350) -- C:\Windows\System32\drivers\SISGRKMD.sys (Silicon Integrated Systems Corporation)
DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\Windows\System32\drivers\RTKVHDA.sys (Realtek Semiconductor Corp.)
DRV - (athr) -- C:\Windows\System32\drivers\athr.sys (Atheros Communications, Inc.)
DRV - (SiSGbeLH) -- C:\Windows\System32\drivers\SiSGB6.sys (Silicon Integrated Systems Corp.)
DRV - (SPBBCDrv) -- C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys (Symantec Corporation)
DRV - (SynTP) -- C:\Windows\System32\drivers\SynTP.sys (Synaptics, Inc.)
DRV - (nmwcd) -- C:\Windows\System32\drivers\nmwcd.sys (Nokia)
DRV - (nmwcdcm) -- C:\Windows\System32\drivers\nmwcdcm.sys (Nokia)
DRV - (nmwcdcj) -- C:\Windows\System32\drivers\nmwcdcj.sys (Nokia)
DRV - (nmwcdc) -- C:\Windows\System32\drivers\nmwcdc.sys (Nokia)
DRV - (SISAGP) -- C:\Windows\system32\DRIVERS\SISAGPX.sys (Silicon Integrated Systems Corporation)
DRV - (SYMTDI) -- C:\Windows\System32\Drivers\SYMTDI.SYS (Symantec Corporation)
DRV - (SYMFW) -- C:\Windows\System32\Drivers\SYMFW.SYS (Symantec Corporation)
DRV - (SYMIDS) -- C:\Windows\System32\Drivers\SYMIDS.SYS (Symantec Corporation)
DRV - (SYMNDISV) -- C:\Windows\System32\Drivers\SYMNDISV.SYS (Symantec Corporation)
DRV - (SYMREDRV) -- C:\Windows\System32\Drivers\SYMREDRV.SYS (Symantec Corporation)
DRV - (SYMDNS) -- C:\Windows\System32\Drivers\SYMDNS.SYS (Symantec Corporation)
DRV - (MTsensor) -- C:\Windows\System32\drivers\ATKACPI.sys (ATK0100)
DRV - (LVPr2Mon) -- C:\Windows\System32\drivers\LVPr2Mon.sys ()
DRV - (LVMVDrv) -- C:\Windows\System32\drivers\LVMVdrv.sys (Logitech Inc.)
DRV - (LVcKap) -- C:\Windows\System32\drivers\Lvckap.sys ()
DRV - (LVUSBSta) -- C:\Windows\System32\drivers\LVUSBSta.sys (Logitech Inc.)
DRV - (PID_PEPI) Logitech QuickCam IM(PID_PEPI) -- C:\Windows\System32\drivers\LV302V32.SYS (Logitech Inc.)
DRV - (pepifilter) -- C:\Windows\System32\drivers\lv302af.sys (Logitech Inc.)
DRV - (ql2300) -- C:\Windows\system32\drivers\ql2300.sys (QLogic Corporation)
DRV - (adp94xx) -- C:\Windows\system32\drivers\adp94xx.sys (Adaptec, Inc.)
DRV - (elxstor) -- C:\Windows\system32\drivers\elxstor.sys (Emulex)
DRV - (adpahci) -- C:\Windows\system32\drivers\adpahci.sys (Adaptec, Inc.)
DRV - (uliahci) -- C:\Windows\system32\drivers\uliahci.sys (ULi Electronics Inc.)
DRV - (iaStorV) -- C:\Windows\system32\drivers\iastorv.sys (Intel Corporation)
DRV - (adpu320) -- C:\Windows\system32\drivers\adpu320.sys (Adaptec, Inc.)
DRV - (ulsata2) -- C:\Windows\system32\drivers\ulsata2.sys (Promise Technology, Inc.)
DRV - (vsmraid) -- C:\Windows\system32\drivers\vsmraid.sys (VIA Technologies Inc.,Ltd)
DRV - (ql40xx) -- C:\Windows\system32\drivers\ql40xx.sys (QLogic Corporation)
DRV - (UlSata) -- C:\Windows\system32\drivers\ulsata.sys (Promise Technology, Inc.)
DRV - (adpu160m) -- C:\Windows\system32\drivers\adpu160m.sys (Adaptec, Inc.)
DRV - (nvraid) -- C:\Windows\system32\drivers\nvraid.sys (NVIDIA Corporation)
DRV - (nfrd960) -- C:\Windows\system32\drivers\nfrd960.sys (IBM Corporation)
DRV - (iirsp) -- C:\Windows\system32\drivers\iirsp.sys (Intel Corp./ICP vortex GmbH)
DRV - (SiSRaid4) -- C:\Windows\system32\drivers\sisraid4.sys (Silicon Integrated Systems)
DRV - (nvstor) -- C:\Windows\system32\drivers\nvstor.sys (NVIDIA Corporation)
DRV - (aic78xx) -- C:\Windows\system32\drivers\djsvs.sys (Adaptec, Inc.)
DRV - (arcsas) -- C:\Windows\system32\drivers\arcsas.sys (Adaptec, Inc.)
DRV - (LSI_SCSI) -- C:\Windows\system32\drivers\lsi_scsi.sys (LSI Logic)
DRV - (SiSRaid2) -- C:\Windows\system32\drivers\sisraid2.sys (Silicon Integrated Systems Corp.)
DRV - (HpCISSs) -- C:\Windows\system32\drivers\hpcisss.sys (Hewlett-Packard Company)
DRV - (arc) -- C:\Windows\system32\drivers\arc.sys (Adaptec, Inc.)
DRV - (iteraid) -- C:\Windows\system32\drivers\iteraid.sys (Integrated Technology Express, Inc.)
DRV - (iteatapi) -- C:\Windows\system32\drivers\iteatapi.sys (Integrated Technology Express, Inc.)
DRV - (LSI_SAS) -- C:\Windows\system32\drivers\lsi_sas.sys (LSI Logic)
DRV - (Symc8xx) -- C:\Windows\system32\drivers\symc8xx.sys (LSI Logic)
DRV - (LSI_FC) -- C:\Windows\system32\drivers\lsi_fc.sys (LSI Logic)
DRV - (Sym_u3) -- C:\Windows\system32\drivers\sym_u3.sys (LSI Logic)
DRV - (Mraid35x) -- C:\Windows\system32\drivers\mraid35x.sys (LSI Logic Corporation)
DRV - (Sym_hi) -- C:\Windows\system32\drivers\sym_hi.sys (LSI Logic)
DRV - (megasas) -- C:\Windows\system32\drivers\megasas.sys (LSI Logic Corporation)
DRV - (usbaudio) Pilote USB audio (WDM) -- C:\Windows\System32\drivers\USBAUDIO.sys (Microsoft Corporation)
DRV - (Brserid) Brother MFC Serial Port Interface Driver (WDM) -- C:\Windows\system32\drivers\brserid.sys (Brother Industries Ltd.)
DRV - (BrUsbSer) -- C:\Windows\system32\drivers\brusbser.sys (Brother Industries Ltd.)
DRV - (BrFiltUp) -- C:\Windows\system32\drivers\brfiltup.sys (Brother Industries, Ltd.)
DRV - (BrFiltLo) -- C:\Windows\system32\drivers\brfiltlo.sys (Brother Industries, Ltd.)
DRV - (BrSerWdm) -- C:\Windows\system32\drivers\brserwdm.sys (Brother Industries Ltd.)
DRV - (BrUsbMdm) -- C:\Windows\system32\drivers\brusbmdm.sys (Brother Industries Ltd.)
DRV - (ntrigdigi) -- C:\Windows\system32\drivers\ntrigdigi.sys (N-trig Innovative Technologies)
DRV - (E1G60) Intel(R) -- C:\Windows\System32\drivers\E1G60I32.sys (Intel Corporation)
 
 
[color=#E56717]========== Standard Registry (All) ==========[/color]
 
 
[color=#E56717]========== Internet Explorer ==========[/color]
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://format.packardbell.com/cgi-bin/redirect/?country=FR&range=AD&phase=8&key=IESTART
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL =  [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://format.packardbell.com/cgi-bin/redirect/?country=FR&range=AD&phase=8&key=IESTART
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://home.microsoft.com/access/allinone.asp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll (Crawler.com)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
[color=#E56717]========== FireFox ==========[/color]
 
FF - prefs.js..browser.startup.homepage: "http://www.wibeez.com/france"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}:6.0.13
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}:6.0.15
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}:6.0.17
FF - prefs.js..extensions.enabledItems: {20a82645-c095-46ed-80e3-08825760534b}:1.1
FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:2.1.3.20100310105313
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.3
FF - prefs.js..keyword.URL: "http://www.wibeez.com/france?search&q="
 
 
FF - HKLM\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2009/09/15 07:22:26 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/04/04 17:53:42 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/05/04 22:26:27 | 000,000,000 | ---D | M]
 
[2009/04/02 10:12:59 | 000,000,000 | ---D | M] -- C:\Users\Matthieu\AppData\Roaming\mozilla\Extensions
[2009/04/02 10:12:59 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Matthieu\AppData\Roaming\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2010/05/07 08:06:33 | 000,000,000 | ---D | M] -- C:\Users\Matthieu\AppData\Roaming\mozilla\Firefox\Profiles\fejt7etb.default\extensions
[2009/09/15 09:33:55 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Matthieu\AppData\Roaming\mozilla\Firefox\Profiles\fejt7etb.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/03/19 13:25:49 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Users\Matthieu\AppData\Roaming\mozilla\Firefox\Profiles\fejt7etb.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2009/11/20 16:51:29 | 000,003,709 | ---- | M] () -- C:\Users\Matthieu\AppData\Roaming\Mozilla\FireFox\Profiles\fejt7etb.default\searchplugins\Wibeez.xml
[2010/05/05 18:10:55 | 000,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions
[2008/03/14 11:23:58 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Program Files\mozilla firefox\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2010/04/04 17:53:42 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2009/05/18 14:19:22 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}
[2009/09/24 08:34:14 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}
[2009/12/13 22:12:38 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
[2010/04/04 17:53:38 | 000,023,000 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browserdirprovider.dll
[2010/04/04 17:53:38 | 000,138,712 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\brwsrcmp.dll
[2009/12/06 13:26:26 | 000,119,808 | ---- | M] (Google) -- C:\Program Files\mozilla firefox\components\GoogleDesktopMozilla.dll
[2007/04/10 17:21:08 | 000,163,256 | ---- | M] (Microsoft Corporation) -- C:\Program Files\mozilla firefox\plugins\np-mswmp.dll
[2009/10/11 05:17:27 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeploytk.dll
[2008/06/11 02:03:38 | 000,098,304 | ---- | M] (DivX, Inc) -- C:\Program Files\mozilla firefox\plugins\npDivxPlayerPlugin.dll
[2010/04/04 17:53:41 | 000,064,984 | ---- | M] (mozilla.org) -- C:\Program Files\mozilla firefox\plugins\npnul32.dll
[2006/10/26 21:12:16 | 000,016,192 | ---- | M] (Microsoft Corporation) -- C:\Program Files\mozilla firefox\plugins\NPOFF12.DLL
[2007/05/10 22:52:34 | 000,095,864 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\mozilla firefox\plugins\nppdf32.dll
[2010/03/19 23:50:59 | 000,001,516 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazon-france.xml
[2010/03/19 23:51:00 | 000,001,822 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\cnrtl-tlfi-fr.xml
[2010/03/19 23:51:00 | 000,000,757 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-france.xml
[2010/03/19 23:51:00 | 000,002,371 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\google.xml
[2009/12/06 13:26:32 | 000,002,020 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\googledesktop.xml
[2009/09/23 07:02:26 | 000,000,748 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\MediaDICO-fr.xml
[2010/03/19 23:51:00 | 000,001,426 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-fr.xml
[2010/03/24 15:18:45 | 000,000,956 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-france.xml
 
O1 HOSTS File: ([2010/05/08 11:24:02 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1             localhost
O2 - BHO: (Aide pour le lien d'Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: () - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll (Crawler.com)
O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.5\NppBho.dll (Symantec Corporation)
O2 - BHO: (PC Tools Browser Guard BHO) - {2A0F3D1B-0909-4FF4-B272-609CCE6054E7} - C:\Program Files\Spyware Doctor\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Programme d'aide de l'Assistant de connexion Windows Live) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (IeMonitorBho Class) - {bf00e119-21a3-4fd1-b178-3b8537e75c92} - C:\Program Files\Megaupload\Mega Manager\MegaIEMn.dll (Megaupload Limited)
O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Google\Google_BAE\BAE.dll (Packard Bell)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (HP Smart BHO Class) - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
O3 - HKLM\..\Toolbar: (PC Tools Browser Guard) - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files\Spyware Doctor\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
O3 - HKLM\..\Toolbar: (Barre d'outils &Crawler) - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll (Crawler.com)
O3 - HKLM\..\Toolbar: (Afficher Norton Toolbar) - {90222687-F593-4738-B738-FBEE9C7B26DF} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.5\UIBHO.dll (Symantec Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (PC Tools Browser Guard) - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files\Spyware Doctor\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (Barre d'outils &Crawler) - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll (Crawler.com)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [ccApp] C:\Program Files\Common Files\Symantec Shared\ccApp.exe (Symantec Corporation)
O4 - HKLM..\Run: [ContentTransferWMDetector.exe] C:\Program Files\Sony\Content Transfer\ContentTransferWMDetector.exe (Sony Corporation)
O4 - HKLM..\Run: [Google Desktop Search] C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe (Google)
O4 - HKLM..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe (Hewlett-Packard)
O4 - HKLM..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe (Hewlett-Packard)
O4 - HKLM..\Run: [ISTray] C:\Program Files\Spyware Doctor\pctsTray.exe (PC Tools)
O4 - HKLM..\Run: [LogitechCommunicationsManager] C:\Program Files\Common Files\Logitech\LComMgr\Communications_Helper.exe (Logitech Inc.)
O4 - HKLM..\Run: [LogitechQuickCamRibbon] C:\Program Files\Logitech\QuickCam10\QuickCam10.exe ()
O4 - HKLM..\Run: [LVCOMSX] C:\Program Files\Common Files\Logitech\LComMgr\LVComSX.exe (Logitech Inc.)
O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe (Nokia)
O4 - HKLM..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe (Google Inc.)
O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\QuickTime\QTTask.exe (Apple Inc.)
O4 - HKLM..\Run: [RoxWatchTray] C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe (Sonic Solutions)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [Skytel] C:\Windows\SkyTel.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [Symantec PIF AlertEng] C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe (Symantec Corporation)
O4 - HKLM..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics, Inc.)
O4 - HKLM..\Run: [toolbar_eula_launcher] C:\Program Files\Packard Bell\GOOGLE_EULA\EULALauncher.exe ( )
O4 - HKLM..\Run: [VirusKeeper] C:\Program Files\AxBx\VirusKeeper 2010 Pro Evaluation\VirusKeeper.exe (AxBx)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [WPCUMI] C:\Windows\System32\wpcumi.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Connexion SFR 9props.exe] C:\Program Files\Neuf\Kit\9props.exe (SFR)
O4 - HKCU..\Run: [ehTray.exe] C:\Windows\ehome\ehtray.exe (Microsoft Corporation)
O4 - HKCU..\Run: [EPSON Stylus SX400 Series] C:\Windows\System32\spool\DRIVERS\W32X86\3\E_FATIEGE.EXE (SEIKO EPSON CORPORATION)
O4 - HKCU..\Run: [MsnMsgr] C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe (Microsoft Corporation)
O4 - HKCU..\Run: [SmpcSys] C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe (Packard Bell BV)
O4 - HKCU..\Run: [Veoh] C:\Program Files\Veoh Networks\Veoh\VeohClient.exe (Veoh Networks)
O4 - HKCU..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
O9 - Extra Button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: HP Smart Select - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\System32\nlaapi.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\System32\winrnr.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\System32\NapiNSP.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\System32\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\System32\pnrpnsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000022 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000023 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000024 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000025 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000026 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000027 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: localhost ([]http in Local intranet)
O15 - HKCU\..Trusted Ranges: GD ([http] in Local intranet)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\System32\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\System32\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\PROGRA~1\COMMON~1\MICROS~1\WEBCOM~1\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\PROGRA~1\COMMON~1\MICROS~1\WEBCOM~1\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Handler\tbr {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll (Crawler.com)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\System32\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL) - C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL (Google)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\SYSTEM32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (rundll32 shell32) - C:\Windows\System32\shell32.dll (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") - C:\Windows\System32\sysdm.cpl (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\System32\webcheck.dll (Microsoft Corporation)
O22 - SharedTaskScheduler: {8C7461EF-2B13-11d2-BE35-3078302C2030} - Component Categories cache daemon - C:\Windows\System32\browseui.dll (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Matthieu\AppData\Roaming\Microsoft\Windows Photo Gallery\Papier peint de la Galerie de photos Windows.jpg
O24 - Desktop BackupWallPaper: C:\Users\Matthieu\AppData\Roaming\Microsoft\Windows Photo Gallery\Papier peint de la Galerie de photos Windows.jpg
O29 - HKLM SecurityProviders - (credssp.dll) - C:\Windows\System32\credssp.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\Windows\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\Windows\System32\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\Windows\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\Windows\System32\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\Windows\System32\wdigest.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (tspkg) - C:\Windows\System32\tspkg.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{129afd66-7ecd-11de-aac4-001fc61e492e}\Shell\Auto\command - "" = AdobeR.exe e
O33 - MountPoints2\{129afd66-7ecd-11de-aac4-001fc61e492e}\Shell\AutoRun\command - "" = C:\Windows\System32\shell32.dll -- [2008/11/06 14:57:06 | 011,315,712 | ---- | M] (Microsoft Corporation)
O33 - MountPoints2\{13737cee-e729-11de-9240-001fc61e492e}\Shell\Auto\command - "" = Start.exe
O33 - MountPoints2\{13737cee-e729-11de-9240-001fc61e492e}\Shell\AutoRun\command - "" = C:\Windows\System32\shell32.dll -- [2008/11/06 14:57:06 | 011,315,712 | ---- | M] (Microsoft Corporation)
O33 - MountPoints2\{9fad337e-8294-11de-9166-001fc61e492e}\Shell\AutoRun\command - "" = E:\EmDesk.exe -- File not found
O33 - MountPoints2\{9fad337e-8294-11de-9166-001fc61e492e}\Shell\EmDesk\command - "" = E:\EmDesk.exe -- File not found
O33 - MountPoints2\{ad8847ed-726e-11de-b943-001fc61e492e}\Shell\AutoRun\command - "" = E:\Recycle\X-5-4-27-2345678318-4567890223-4234567884-2341\Bcuzz.exe -- File not found
O33 - MountPoints2\{ad8847ed-726e-11de-b943-001fc61e492e}\Shell\open\command - "" = E:\Recycle\X-5-4-27-2345678318-4567890223-4234567884-2341\Bcuzz.exe -- File not found
O33 - MountPoints2\{d6f96dd3-cb9e-11dd-8188-001fc61e492e}\Shell\AutoRun\command - "" = WDSetup.exe
O33 - MountPoints2\{e35d9523-dbca-11dd-8430-001fc61e492e}\Shell\AutoRun\command - "" = C:\Windows\System32\shell32.dll -- [2008/11/06 14:57:06 | 011,315,712 | ---- | M] (Microsoft Corporation)
O33 - MountPoints2\{fafed668-fe73-11de-a6c4-001fc61e492e}\Shell\AutoRun\command - "" = C:\Windows\System32\shell32.dll -- [2008/11/06 14:57:06 | 011,315,712 | ---- | M] (Microsoft Corporation)
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
 
[2010/05/08 11:13:24 | 002,455,386 | -H-- | C] () -- C:\Users\Matthieu\AppData\Local\IconCache.db
[2010/05/08 10:46:31 | 000,570,880 | ---- | C] (OldTimer Tools) -- C:\Users\Matthieu\Desktop\OTL.exe
[2010/05/07 00:42:56 | 000,000,000 | ---D | C] -- C:\Users\Matthieu\AppData\Roaming\Malwarebytes
[2010/05/07 00:42:40 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010/05/07 00:42:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010/05/07 00:42:37 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2010/05/07 00:42:37 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010/05/04 22:05:30 | 000,149,456 | ---- | C] (PC Tools) -- C:\Windows\SGDetectionTool.dll
[2010/05/04 22:05:29 | 001,652,688 | ---- | C] (Threat Expert Ltd.) -- C:\Windows\PCTBDCore.dll
[2010/05/04 22:05:29 | 000,165,840 | ---- | C] (Threat Expert Ltd.) -- C:\Windows\PCTBDRes.dll
[2010/05/04 22:02:17 | 000,233,136 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\pctgntdi.sys
[2010/05/04 22:02:17 | 000,100,136 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\pctwfpfilter.sys
[2010/05/04 22:02:02 | 000,218,592 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\PCTCore.sys
[2010/05/04 22:02:02 | 000,088,040 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\PCTAppEvent.sys
[2010/05/04 22:01:54 | 000,063,360 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\pctplsg.sys
[2010/05/04 22:01:42 | 000,000,000 | ---D | C] -- C:\Program Files\Spyware Doctor
[2010/05/04 22:01:42 | 000,000,000 | ---D | C] -- C:\Users\Matthieu\AppData\Roaming\PC Tools
[2010/05/04 22:01:42 | 000,000,000 | ---D | C] -- C:\ProgramData\PC Tools
[2010/05/04 22:01:42 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\PC Tools
[2010/05/04 21:33:31 | 000,000,000 | ---D | C] -- C:\sh4ldr
[2010/05/04 21:33:31 | 000,000,000 | ---D | C] -- C:\Program Files\Enigma Software Group
[2010/05/04 21:32:25 | 000,000,000 | ---D | C] -- C:\Windows\61D3AAE1D5214CD7939B37813DE8F955.TMP
[2010/05/04 21:32:21 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Wise Installation Wizard
[2010/04/25 18:40:38 | 000,000,000 | ---D | C] -- C:\Users\Matthieu\AppData\Roaming\dvdcss
[2010/04/25 17:03:04 | 000,000,000 | ---D | C] -- C:\Users\Matthieu\AppData\Roaming\vlc
[2010/04/25 13:53:08 | 000,000,000 | ---D | C] -- C:\Users\Matthieu\Desktop\A voir
[2010/04/14 07:02:53 | 003,502,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2010/04/14 07:02:52 | 003,468,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2010/04/14 07:02:42 | 000,434,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vbscript.dll
[2010/04/14 07:02:31 | 000,220,672 | ---- | C] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\Windows\System32\l3codecp.acm
[2010/04/14 07:02:31 | 000,062,464 | ---- | C] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\Windows\System32\l3codeca.acm
[2010/04/14 07:02:23 | 000,167,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tcpipcfg.dll
[2010/04/14 07:02:23 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netiougc.exe
[2010/04/08 22:21:07 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\browserchoice.exe
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
 
[2010/05/08 11:57:55 | 002,621,440 | -HS- | M] () -- C:\Users\Matthieu\NTUSER.DAT
[2010/05/08 11:30:01 | 000,000,346 | ---- | M] () -- C:\Windows\tasks\Recovery DVD Creator.job
[2010/05/08 11:30:01 | 000,000,346 | ---- | M] () -- C:\Windows\tasks\Extension de garantie.job
[2010/05/08 11:18:55 | 000,000,514 | ---- | M] () -- C:\Windows\tasks\Maintenance en 1 clic.job
[2010/05/08 11:16:02 | 000,003,072 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010/05/08 11:16:02 | 000,003,072 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010/05/08 11:16:01 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010/05/08 11:15:44 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010/05/08 11:15:41 | 2012,504,064 | -HS- | M] () -- C:\hiberfil.sys
[2010/05/08 11:13:25 | 002,455,386 | -H-- | M] () -- C:\Users\Matthieu\AppData\Local\IconCache.db
[2010/05/08 10:46:43 | 000,570,880 | ---- | M] (OldTimer Tools) -- C:\Users\Matthieu\Desktop\OTL.exe
[2010/05/07 18:00:03 | 000,000,448 | ---- | M] () -- C:\Windows\tasks\ParetoLogic Registration.job
[2010/05/07 01:21:11 | 000,000,162 | -H-- | M] () -- C:\Users\Matthieu\Desktop\~$gfile of Trend Micro HijackThis v2.doc
[2010/05/07 01:03:43 | 000,001,356 | ---- | M] () -- C:\Users\Matthieu\AppData\Local\d3d9caps.dat
[2010/05/07 00:59:40 | 000,036,864 | ---- | M] () -- C:\Users\Matthieu\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/05/07 00:49:54 | 000,039,424 | ---- | M] () -- C:\Users\Matthieu\Desktop\Logfile of Trend Micro HijackThis v2.doc
[2010/05/07 00:42:43 | 000,000,821 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/05/06 14:42:18 | 195,497,044 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2010/05/06 09:59:34 | 000,000,386 | ---- | M] () -- C:\Windows\tasks\DriverCure.job
[2010/05/04 22:01:59 | 000,001,762 | ---- | M] () -- C:\Users\Public\Desktop\Spyware Doctor.lnk
[2010/05/04 21:33:32 | 000,002,086 | ---- | M] () -- C:\Users\Matthieu\Desktop\SpyHunter.lnk
[2010/05/04 06:45:19 | 000,383,928 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2010/05/03 23:55:26 | 001,538,854 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2010/05/03 23:55:26 | 000,700,222 | ---- | M] () -- C:\Windows\System32\perfh00C.dat
[2010/05/03 23:55:26 | 000,618,470 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010/05/03 23:55:26 | 000,122,020 | ---- | M] () -- C:\Windows\System32\perfc00C.dat
[2010/05/03 23:55:26 | 000,107,614 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010/05/03 19:31:31 | 000,100,824 | ---- | M] () -- C:\Users\Matthieu\AppData\Local\GDIPFONTCACHEV1.DAT
[2010/05/02 13:40:20 | 734,175,232 | ---- | M] () -- C:\Users\Matthieu\Desktop\Cendrillon UpBy LeoLeandro.avi
[2010/05/02 01:47:03 | 000,000,422 | ---- | M] () -- C:\Windows\tasks\ParetoLogic Update Version2.job
[2010/04/29 15:39:38 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010/04/29 15:39:26 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2010/04/25 17:01:15 | 000,000,862 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2010/04/18 23:22:33 | 000,019,968 | ---- | M] () -- C:\Users\Matthieu\Desktop\A voir.doc
[2010/04/08 14:29:32 | 000,063,360 | ---- | M] (PC Tools) -- C:\Windows\System32\drivers\pctplsg.sys
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
[color=#E56717]========== Files Created - No Company Name ==========[/color]
 
[2010/05/07 01:21:11 | 000,000,162 | -H-- | C] () -- C:\Users\Matthieu\Desktop\~$gfile of Trend Micro HijackThis v2.doc
[2010/05/07 01:12:46 | 2012,504,064 | -HS- | C] () -- C:\hiberfil.sys
[2010/05/07 00:49:53 | 000,039,424 | ---- | C] () -- C:\Users\Matthieu\Desktop\Logfile of Trend Micro HijackThis v2.doc
[2010/05/07 00:42:43 | 000,000,821 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/05/04 22:05:31 | 000,767,952 | ---- | C] () -- C:\Windows\BDTSupport.dll
[2010/05/04 22:05:30 | 000,000,882 | ---- | C] () -- C:\Windows\RegSDImport.xml
[2010/05/04 22:05:30 | 000,000,879 | ---- | C] () -- C:\Windows\RegISSImport.xml
[2010/05/04 22:05:30 | 000,000,131 | ---- | C] () -- C:\Windows\IDB.zip
[2010/05/04 22:05:29 | 001,152,444 | ---- | C] () -- C:\Windows\UDB.zip
[2010/05/04 22:02:17 | 000,007,387 | ---- | C] () -- C:\Windows\System32\drivers\pctgntdi.cat
[2010/05/04 22:02:02 | 000,007,412 | ---- | C] () -- C:\Windows\System32\drivers\PCTAppEvent.cat
[2010/05/04 22:02:02 | 000,007,383 | ---- | C] () -- C:\Windows\System32\drivers\pctcore.cat
[2010/05/04 22:01:59 | 000,001,762 | ---- | C] () -- C:\Users\Public\Desktop\Spyware Doctor.lnk
[2010/05/04 22:01:54 | 000,007,383 | ---- | C] () -- C:\Windows\System32\drivers\pctplsg.cat
[2010/05/04 21:33:32 | 000,002,086 | ---- | C] () -- C:\Users\Matthieu\Desktop\SpyHunter.lnk
[2010/05/02 12:56:07 | 734,175,232 | ---- | C] () -- C:\Users\Matthieu\Desktop\Cendrillon UpBy LeoLeandro.avi
[2010/04/25 17:01:15 | 000,000,862 | ---- | C] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2010/04/18 23:22:32 | 000,019,968 | ---- | C] () -- C:\Users\Matthieu\Desktop\A voir.doc
[2010/01/14 22:56:26 | 000,000,118 | ---- | C] () -- C:\Windows\System32\MRT.INI
[2009/09/05 16:29:46 | 000,000,097 | ---- | C] () -- C:\Windows\System32\PICSDK.ini
[2009/09/05 16:24:01 | 000,000,025 | ---- | C] () -- C:\Windows\CDE SX400DEFGIPS.ini
[2009/01/19 01:23:26 | 000,000,319 | ---- | C] () -- C:\Windows\game.ini
[2008/07/12 15:05:34 | 000,000,484 | ---- | C] () -- C:\Windows\ODBC.INI
[2008/07/09 21:28:47 | 000,042,594 | ---- | C] () -- C:\Windows\System32\lvcoinst.ini
[2008/06/11 02:07:20 | 003,596,288 | ---- | C] () -- C:\Windows\System32\qt-dx331.dll
[2008/06/11 02:03:26 | 000,000,416 | ---- | C] () -- C:\Windows\System32\dtu100.dll.manifest
[2008/06/11 02:03:26 | 000,000,416 | ---- | C] () -- C:\Windows\System32\dpl100.dll.manifest
[2008/05/23 00:18:54 | 000,012,288 | ---- | C] () -- C:\Windows\System32\DivXWMPExtType.dll
[2008/03/14 11:32:20 | 002,115,816 | ---- | C] () -- C:\Windows\System32\NPSWF32.dll
[2007/05/30 09:54:10 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
[2007/03/29 23:00:40 | 000,203,264 | R--- | C] () -- C:\Windows\System32\CddbCdda.dll
[2007/02/13 09:48:38 | 000,000,000 | ---- | C] () -- C:\Windows\System32\px.ini
[2006/11/15 22:03:12 | 000,024,736 | ---- | C] () -- C:\Windows\System32\drivers\LVPr2Mon.sys
[2006/11/15 22:00:56 | 001,678,368 | ---- | C] () -- C:\Windows\System32\drivers\Lvckap.sys
[2006/11/02 14:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2003/04/01 10:58:02 | 000,005,260 | ---- | C] () -- C:\Windows\System32\OUTLPERF.INI
 
[color=#E56717]========== Custom Scans ==========[/color]
 
 
[color=#A23BEC]< %SYSTEMDRIVE%\*.exe >[/color]
 
 
[color=#A23BEC]< MD5 for: AGP440.SYS  >[/color]
[2008/01/19 09:42:25 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\SoftwareDistribution\Download\a58fa8f1a78b89e6c2a670e288053b8b\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys
[2006/11/02 11:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\drivers\AGP440.sys
[2006/11/02 11:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys
 
[color=#A23BEC]< MD5 for: ATAPI.SYS  >[/color]
[2008/01/19 09:41:30 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\SoftwareDistribution\Download\a58fa8f1a78b89e6c2a670e288053b8b\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys
[2006/11/02 11:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys
[2008/03/14 19:49:20 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=B35CFCEF838382AB6490B321C87EDF17 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_7de13c21\atapi.sys
[2008/03/14 19:49:20 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=B35CFCEF838382AB6490B321C87EDF17 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.16632_none_db337a442479c42c\atapi.sys
[2008/03/14 19:34:20 | 000,021,688 | ---- | M] (Microsoft Corporation) MD5=DB44893AF257EBB912511B2042B2AD38 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_7e854ec8\atapi.sys
[2008/03/14 19:34:20 | 000,021,688 | ---- | M] (Microsoft Corporation) MD5=DB44893AF257EBB912511B2042B2AD38 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.20619_none_dbd9b7073d80e04e\atapi.sys
[2008/03/14 19:49:20 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=E03E8C99D15D0381E02743C36AFC7C6F -- C:\Windows\System32\drivers\atapi.sys
[2008/03/14 19:49:20 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=E03E8C99D15D0381E02743C36AFC7C6F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_64dfd8ea\atapi.sys
[2008/03/14 19:49:20 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=E03E8C99D15D0381E02743C36AFC7C6F -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.20757_none_dbac78a93da31a8b\atapi.sys
 
[color=#A23BEC]< MD5 for: CNGAUDIT.DLL  >[/color]
[2006/11/02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\System32\cngaudit.dll
[2006/11/02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll
 
[color=#A23BEC]< MD5 for: IASTORV.SYS  >[/color]
[2008/01/19 09:42:51 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\SoftwareDistribution\Download\a58fa8f1a78b89e6c2a670e288053b8b\x86_iastorv.inf_31bf3856ad364e35_6.0.6001.18000_none_af11527887c7fa8f\iaStorV.sys
[2006/11/02 11:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\drivers\iaStorV.sys
[2006/11/02 11:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_37cdafa4\iaStorV.sys
 
[color=#A23BEC]< MD5 for: NETLOGON.DLL  >[/color]
[2006/11/02 11:46:11 | 000,559,616 | ---- | M] (Microsoft Corporation) MD5=889A2C9F2AACCD8F64EF50AC0B3D553B -- C:\Windows\System32\netlogon.dll
[2006/11/02 11:46:11 | 000,559,616 | ---- | M] (Microsoft Corporation) MD5=889A2C9F2AACCD8F64EF50AC0B3D553B -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6000.16386_none_fb80f5473b0ed783\netlogon.dll
[2008/01/19 09:35:36 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\SoftwareDistribution\Download\a58fa8f1a78b89e6c2a670e288053b8b\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_fdb7b74337f9e857\netlogon.dll
 
[color=#A23BEC]< MD5 for: NVSTOR.SYS  >[/color]
[2006/11/02 11:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\drivers\nvstor.sys
[2006/11/02 11:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvstor.sys
[2008/01/19 09:42:09 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\SoftwareDistribution\Download\a58fa8f1a78b89e6c2a670e288053b8b\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvstor.sys
 
[color=#A23BEC]< MD5 for: SCECLI.DLL  >[/color]
[2008/01/19 09:36:19 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\SoftwareDistribution\Download\a58fa8f1a78b89e6c2a670e288053b8b\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_380de25bd91b6f12\scecli.dll
[2006/11/02 11:46:12 | 000,176,640 | ---- | M] (Microsoft Corporation) MD5=80E2839D05CA5970A86D7BE2A08BFF61 -- C:\Windows\System32\scecli.dll
[2006/11/02 11:46:12 | 000,176,640 | ---- | M] (Microsoft Corporation) MD5=80E2839D05CA5970A86D7BE2A08BFF61 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6000.16386_none_35d7205fdc305e3e\scecli.dll
 
[color=#A23BEC]< %systemroot%\*. /mp /s >[/color]
 
[color=#A23BEC]< %systemroot%\system32\*.dll /lockedfiles >[/color]
[2006/11/02 11:46:04 | 000,380,957 | ---- | M] (Microsoft Corporation)[b] Unable to obtain MD5[/b] -- C:\Windows\System32\expsrv.dll
[2006/11/02 11:47:18 | 000,228,968 | ---- | M] (Microsoft Corporation)[b] Unable to obtain MD5[/b] -- C:\Windows\System32\rsaenh.dll
[2008/03/14 19:24:09 | 000,223,232 | ---- | M] (Microsoft Corporation)[b] Unable to obtain MD5[/b] -- C:\Windows\System32\SLC.dll
 
[color=#A23BEC]< %systemroot%\Tasks\*.job /lockedfiles >[/color]
 
[color=#E56717]========== Alternate Data Streams ==========[/color]
 
@Alternate Data Stream - 76 bytes -> C:\Users\Matthieu\Documents\Updater5:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Matthieu\Documents\My Pando Packages:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Matthieu\Documents\My Games:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Matthieu\Documents\My Downloads:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Matthieu\Documents\Mes téléchargements:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Matthieu\Documents\Mes Google Gadgets:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Matthieu\Documents\Mes fichiers reçus:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Matthieu\Desktop\My Downloads:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Matthieu\Desktop\Matthieu:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Matthieu\Desktop\Cendrillon UpBy LeoLeandro.avi:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Matthieu\Desktop\A voir:Roxio EMC Stream
@Alternate Data Stream - 210 bytes -> C:\ProgramData\TEMP:DFC5A2B2
@Alternate Data Stream - 126 bytes -> C:\ProgramData\TEMP:A9662AE0
@Alternate Data Stream - 109 bytes -> C:\ProgramData\TEMP:A8ADE5D8
< End of report >


merci de continuer à m'aider!
matthieu77
Visiteur Confirmé
Visiteur Confirmé
 
Messages: 10
Inscription: 06 Mai 2010 14:16
 

Re: desktop security 2010 et Security center alert

Message le 08 Mai 2010 12:56

OK ceci a suivre s.t.p


* Fait un double-clic sur l'icône d'OTL pour le lancer
/!\ pour Vista/Seven fais un clic-droit sur l'icône d'OTL et choisis "Exécuter en tant qu'administrateur"

* Assure-toi d'avoir fermé toutes les applications en court de fonctionnement.

* Quand la fenêtre d'OTL apparaît, assure toi que dans la section "Rapport" (en haut à droite) la case " Rapport minimal" soit cochée.

* Copies et colles le contenue de cette citation dans la partie inférieure d'OTL "Personnalisation"

:OTL
IE - HKCU\..\URLSearchHook: {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll (Crawler.com)
O2 - BHO: () - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll (Crawler.com)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Barre d'outils &Crawler) - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll (Crawler.com)
O3 - HKCU\..\Toolbar\WebBrowser: (Barre d'outils &Crawler) - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll (Crawler.com)
O4 - HKLM\..\Run: [] File not found
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\tbr {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll (Crawler.com)
O33 - MountPoints2\{9fad337e-8294-11de-9166-001fc61e492e}\Shell\AutoRun\command - "" = E:\EmDesk.exe -- File not found
O33 - MountPoints2\{9fad337e-8294-11de-9166-001fc61e492e}\Shell\EmDesk\command - "" = E:\EmDesk.exe -- File not found
O33 - MountPoints2\{ad8847ed-726e-11de-b943-001fc61e492e}\Shell\AutoRun\command - "" = E:\Recycle\X-5-4-27-2345678318-4567890223-4234567884-2341\Bcuzz.exe -- File not found
O33 - MountPoints2\{ad8847ed-726e-11de-b943-001fc61e492e}\Shell\open\command - "" = E:\Recycle\X-5-4-27-2345678318-4567890223-4234567884-2341\Bcuzz.exe -- File not found





* Cliques sur l'icône Correction (en haut à gauche) .
* Laisse le scan aller à son terme sans te servir du PC
* A la fin du scan un ou deux rapports vont s'ouvrir "OTL.Txt" et ( ou ) "Extras.Txt"( dans certains cas).
* Copie et colle le ou les rapports dans ta réponse stp...
* Au cas où, tu peux les retrouver dans le dossier C:\OTL ou sur ton bureau en fonction des cas rencontrés


Après dis moi comment va ton pc.
Avatar de l'utilisateur
bernard53
PC-Infopraticien
PC-Infopraticien
 
Messages: 12778
Inscription: 08 Déc 2009 19:51
 

Re: desktop security 2010 et Security center alert

Message le 08 Mai 2010 13:04

Bernard53,

Merci de tes conseils et ton aide, voila le rapport avec la correction!!

Code: Tout sélectionner
========== OTL ==========
Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}\ deleted successfully.
C:\PROGRA~1\Crawler\Toolbar\ctbr.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}\ not found.
File C:\PROGRA~1\Crawler\Toolbar\ctbr.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5C255C8A-E604-49b4-9D64-90988571CECB}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{4B3803EA-5230-4DC3-A7FC-33638F3D3542} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4B3803EA-5230-4DC3-A7FC-33638F3D3542}\ deleted successfully.
File C:\PROGRA~1\Crawler\Toolbar\ctbr.dll not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{4B3803EA-5230-4DC3-A7FC-33638F3D3542} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4B3803EA-5230-4DC3-A7FC-33638F3D3542}\ not found.
File C:\PROGRA~1\Crawler\Toolbar\ctbr.dll not found.
Registry key HKEY_LOCAL_MACHINE\\Software\Microsoft\Windows\CurrentVersion\Run not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\msdaipp\ deleted successfully.
File Protocol\Handler\msdaipp - No CLSID value found not found.
File C:\PROGRA~1\Crawler\Toolbar\ctbr.dll not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\tbr\ deleted successfully.
Invalid CLSID key: C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
File C:\PROGRA~1\Crawler\Toolbar\ctbr.dll not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{9fad337e-8294-11de-9166-001fc61e492e}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9fad337e-8294-11de-9166-001fc61e492e}\ not found.
File E:\EmDesk.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{9fad337e-8294-11de-9166-001fc61e492e}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9fad337e-8294-11de-9166-001fc61e492e}\ not found.
File E:\EmDesk.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ad8847ed-726e-11de-b943-001fc61e492e}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ad8847ed-726e-11de-b943-001fc61e492e}\ not found.
File E:\Recycle\X-5-4-27-2345678318-4567890223-4234567884-2341\Bcuzz.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ad8847ed-726e-11de-b943-001fc61e492e}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ad8847ed-726e-11de-b943-001fc61e492e}\ not found.
File E:\Recycle\X-5-4-27-2345678318-4567890223-4234567884-2341\Bcuzz.exe not found.
 
OTL by OldTimer - Version 3.2.4.1 log created on 05082010_135931



Il me semble que mon ordinateur fonctionne mieux car déjà avec malwarebytes je n'ai plus desktop security 2010 qui vient m'importuner, ni security center alert, je suis tranquille pour l'instant!! ça semble être résolu!

Me conseilles-tu toi ausi avast comme anti virus gratuit?

Merci de ton aide!
matthieu77
Visiteur Confirmé
Visiteur Confirmé
 
Messages: 10
Inscription: 06 Mai 2010 14:16
 

Re: desktop security 2010 et Security center alert

Message le 08 Mai 2010 13:18

bon si tout va bien.

Fait ceci pour supprimer les logiciels qui ont servis à cette désinfection.
>> Télécharge ToolsCleaner (de A.Rothstein & dj QUIOU) http://pc-system.fr/TC/ToolsCleaner2.exe

>> Double-clique dessus pour lancer le programme

>> Clique sur Recherche et laisse le scan se terminer (il peut durer une dizaine de minutes au maximum).

>> Une fois la recherche lancée, ne clique pas dans la fenêtre, cela provoquerait un léger bug du programme.

>> Si toutes fois la mention (ne réponds pas) apparaissait dans le titre de la fenêtre ToolsCleaner, ne t'en occupes pas et laisse quand même le programme terminer son travail

** Clique sur Suppression pour finaliser.

• Tu peux, si tu le souhaites, te servir des Options facultatives.

**Poste-moi le rapport qui apparait


Ensuite::

Bon maintenant on va mettre la restauration du système propre.
Pour cela:

1- Valides les touches Windows et Pause en même temps.

Puis Protection du système

Sur cette fenêtre décoches la case concernant le DD ou est installé ton système normalement C:

Valide et acceptes les demandes suivantes.

***Pour Windows 7** il faut valider l'onglet Configurer puis valider la désactivation de la restauration.

**Toujours sur cette même fenêtre : Il te faut donc maintenant recrée un nouveau point de restauration.

Coche cette même case et valides cela par l’onglet APPLIQUER puis onglet « CREER »

Nommes ce point PC- Clean: Valides.

Vous pouvez maintenant fermer toutes les fenêtres.


Ensuite garde MalwaresBytes qui est très bien. tu t'en es rendu compte :wink:

Comme antivirus j'ai une préférence pour Antivir mais Avast est pas mal du tout aussi.

A toi de choisir.
Avatar de l'utilisateur
bernard53
PC-Infopraticien
PC-Infopraticien
 
Messages: 12778
Inscription: 08 Déc 2009 19:51
 

Re: desktop security 2010 et Security center alert

Message le 08 Mai 2010 13:39

voila le rapport de toolscleaner:


Code: Tout sélectionner
[ Rapport ToolsCleaner version 2.3.11 (par A.Rothstein & dj QUIOU) ]

--> Recherche:

C:\Program Files\Trend Micro\HijackThis: trouvé !
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe: trouvé !
C:\ProgramData\Microsoft\Windows\Start Menu\Programmes\HijackThis: trouvé !
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HijackThis: trouvé !
C:\Users\All Users\Microsoft\Windows\Start Menu\Programmes\HijackThis: trouvé !
C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\HijackThis: trouvé !
C:\Users\Matthieu\Desktop\Matthieu\Icones\HijackThis.lnk: trouvé !
C:\Users\Matthieu\Documents\hijackthis.log: trouvé !
C:\Users\Matthieu\Downloads\HijackThis.exe: trouvé !
C:\Users\Matthieu\Downloads\HJTInstall.exe: trouvé !
C:\Users\Matthieu\Downloads\hijackthis.log: trouvé !

---------------------------------
--> Suppression:

C:\Program Files\Trend Micro\HijackThis\HijackThis.exe: ERREUR DE SUPPRESSION !!
C:\Users\Matthieu\Desktop\Matthieu\Icones\HijackThis.lnk: supprimé !
C:\Users\Matthieu\Downloads\HijackThis.exe: supprimé !
C:\Users\Matthieu\Downloads\HJTInstall.exe: supprimé !
C:\Users\Matthieu\Documents\hijackthis.log: supprimé !
C:\Users\Matthieu\Downloads\hijackthis.log: supprimé !
C:\Program Files\Trend Micro\HijackThis: ERREUR DE SUPPRESSION !!
C:\ProgramData\Microsoft\Windows\Start Menu\Programmes\HijackThis: ERREUR DE SUPPRESSION !!
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HijackThis: ERREUR DE SUPPRESSION !!
C:\Users\All Users\Microsoft\Windows\Start Menu\Programmes\HijackThis: ERREUR DE SUPPRESSION !!
C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\HijackThis: ERREUR DE SUPPRESSION !!




je passe à la suite là!!
matthieu77
Visiteur Confirmé
Visiteur Confirmé
 
Messages: 10
Inscription: 06 Mai 2010 14:16
 

Re: desktop security 2010 et Security center alert

Message le 08 Mai 2010 13:44

Pour les erreurs de suppression tels
C:\Program Files\Trend Micro\HijackThis: ERREUR DE SUPPRESSION !!


Après un redémarrage tu pourras soit relancer "ToolsCleaner " soit faire la suppression manuellement soit garder "HijackThis"
Avatar de l'utilisateur
bernard53
PC-Infopraticien
PC-Infopraticien
 
Messages: 12778
Inscription: 08 Déc 2009 19:51
 



Sujets similaires

Message BUG OMEN CENTER
Bonjour,J'ai eu un beug en lançant un jeux vidéo je voudrais savoir pourquoi sa ma mis saMerci de vos explication
Réponses: 10

Message PROBLEME CONVERSATION DOC WORD 2010 TO PDF
Amis,mon probleme c'est qu'on j'essaie de convertir un document word 2010 en PDF , mon document word 2010 se déforme ,alors lorsque j'entre dans office boutton et je choisis enregister sous pdf ou partager ( puis créer en pdf /XPS document ) je reçois un document déformé !! le meme probleme persiste ...
Réponses: 3

Message format sous exel 2010
Bonjour, j'aimerai savoir comment je peux savoir, lorsque je fais une feuille de calcul sous Exel 2010, si elle sortira en un seul morceau à l'impression (imprimante standard A4) ? Merci d'avance.
Réponses: 7

Message reprogrammer télécommande Media Center
Bonjour,Déjà, j'espère me trouver dans la bonne section du forum.Je viens chercher des avis et conseils éclairés :J'ai retrouvé une télécommande infrarouge type "Packard Bell Media Center" ftp://ftp.packardbell.com/pub/itemnr_ol ... 032.FR.pdf page 8.J'aimerais la reconfigurer pour contrôl ...
Réponses: 2

Message office 2010
Bonjour est il possible de trouver office 2010 ("d'occassion") à l'achat aujourd'hui ? Et si oui où. Merci.
Réponses: 4

Message Alternative à Microsoft Security Essential ou Defender
Bonjour,Est-ce que MSE ou Defender sur W10 sont des antivirus efficaces ?Sinon quelle alternative à ces produits ? Merci
Réponses: 3

Message Récupération de données Outlook 2010
Mon ordi de bureau ne fonctionnant plus j'ai récupéré mes données en branchant mon DD sur mon portable par connection USB. Pour mes données Outlook je n'ai pas trouvé comment faire pour récupérer mes données du DD dans Outlook du portable. Comment faut-il faire ? Merci de me dépanner.
Réponses: 1


Qui est en ligne

Utilisateurs parcourant ce forum: Aucun utilisateur enregistré et 6 invités


.: Nous contacter :: Flux RSS :: Données personnelles :.