Virus "please wait while..." après OTLPE
Résolu/Fermé
A voir également:
- Virus "please wait while..." après OTLPE
- Svchost.exe virus - Guide
- Youtu.be virus - Guide
- Faux message virus iphone ✓ - Forum iPhone
- Faux message virus ordinateur - Guide
- Tinyurl.com virus - Forum Virus
5 réponses
Utilisateur anonyme
Modifié par nanard4700 le 22/05/2012 à 16:17
Modifié par nanard4700 le 22/05/2012 à 16:17
Bonjour
Redemarre sur Reatogo , relançe OTLPE
sous Custom Scan box Image copie_colle le contenu du cadre ci dessous
[en commençant bien à :OTL jusqu'à [emptytemp] inclus et cette fois ci clic RUNFIX
:OTL
O4 - HKU\Flymen_ON_C..\Run: [frkUeoymDhvXXox] C:\Users\Flymen\AppData\Roaming\VboxServs.exe ()
O20 - HKU\Flymen_ON_C Winlogon: Shell - (C:\Users\Flymen\AppData\Roaming\VboxServs.exe) - C:\Users\Flymen\AppData\Roaming\VboxServs.exe ()
O20 - HKU\Flymen_ON_C Winlogon: UserInit - (C:\Users\Flymen\AppData\Roaming\VboxServs.exe) - C:\Users\Flymen\AppData\Roaming\VboxServs.exe ()
[2012/05/21 19:35:26 | 000,231,936 | -HS- | M] () -- C:\Users\Flymen\AppData\Roaming\VboxServs.exe
[2012/05/21 19:35:34 | 000,231,936 | -HS- | C] () -- C:\Users\Flymen\AppData\Roaming\VboxServs.exe
[2008/07/28 10:37:42 | 000,038,502 | ---- | C] () -- C:\Program Files\RESTORE.EXE
[2010/09/13 16:36:30 | 000,000,000 | ---D | M] -- C:\Users\Flymen\AppData\Roaming\PriceGong
IE - HKLM\..\URLSearchHook: {4daac69c-cba7-45e2-9bc8-1044483d3352} - C:\Program Files\Softonic_France\prxtbSof0.dll (Conduit Ltd.)
IE - HKU\Flymen_ON_C\..\URLSearchHook: {4daac69c-cba7-45e2-9bc8-1044483d3352} - C:\Program Files\Softonic_France\prxtbSof0.dll (Conduit Ltd.)
[2010/09/11 12:21:04 | 000,000,000 | ---D | M] (Softonic France Toolbar) -- C:\Users\Flymen\AppData\Roaming\Mozilla\Firefox\Profiles\y5qvtmvp.default\extensions\{364d4e0c-543f-4b85-abe3-19551139da4f}
O2 - BHO: (Conduit Engine ) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
O2 - BHO: (Softonic_France Toolbar) - {4daac69c-cba7-45e2-9bc8-1044483d3352} - C:\Program Files\Softonic_France\prxtbSof0.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Conduit Engine ) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Softonic_France Toolbar) - {4daac69c-cba7-45e2-9bc8-1044483d3352} - C:\Program Files\Softonic_France\prxtbSof0.dll (Conduit Ltd.)
O3 - HKU\Flymen_ON_C\..\Toolbar\WebBrowser: (Softonic_France Toolbar) - {4DAAC69C-CBA7-45E2-9BC8-1044483D3352} - C:\Program Files\Softonic_France\prxtbSof0.dll (Conduit Ltd.)
IE - HKU\Flymen_ON_C\Software\Microsoft\Internet Explorer\Main,Default Download Directory = D:\FILMS
IE - HKU\Flymen_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = fr
IE - HKU\Flymen_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 10 1E 78 07 22 4F CB 01 [binary data]
IE - HKU\Flymen_ON_C\Software\Microsoft\Internet Explorer\Main,StartPageCache = 1
O7 - HKU\Flymen_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktop = 1
O7 - HKU\Flymen_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 1
O7 - HKU\Flymen_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 1
:commands
[emptytemp]
Une fois terminé, le rapport de suppression est sauvegardé sur ton disque dur C:\_OTL\ sous la forme date_heure.txt. << poste le
Redemarre sur windows et fais moi un bref résumé.
********************************************
Le cerveau a des capacités tellement étonnantes qu'aujourd'hui pratiquement tout le monde en a un.
Redemarre sur Reatogo , relançe OTLPE
sous Custom Scan box Image copie_colle le contenu du cadre ci dessous
[en commençant bien à :OTL jusqu'à [emptytemp] inclus et cette fois ci clic RUNFIX
:OTL
O4 - HKU\Flymen_ON_C..\Run: [frkUeoymDhvXXox] C:\Users\Flymen\AppData\Roaming\VboxServs.exe ()
O20 - HKU\Flymen_ON_C Winlogon: Shell - (C:\Users\Flymen\AppData\Roaming\VboxServs.exe) - C:\Users\Flymen\AppData\Roaming\VboxServs.exe ()
O20 - HKU\Flymen_ON_C Winlogon: UserInit - (C:\Users\Flymen\AppData\Roaming\VboxServs.exe) - C:\Users\Flymen\AppData\Roaming\VboxServs.exe ()
[2012/05/21 19:35:26 | 000,231,936 | -HS- | M] () -- C:\Users\Flymen\AppData\Roaming\VboxServs.exe
[2012/05/21 19:35:34 | 000,231,936 | -HS- | C] () -- C:\Users\Flymen\AppData\Roaming\VboxServs.exe
[2008/07/28 10:37:42 | 000,038,502 | ---- | C] () -- C:\Program Files\RESTORE.EXE
[2010/09/13 16:36:30 | 000,000,000 | ---D | M] -- C:\Users\Flymen\AppData\Roaming\PriceGong
IE - HKLM\..\URLSearchHook: {4daac69c-cba7-45e2-9bc8-1044483d3352} - C:\Program Files\Softonic_France\prxtbSof0.dll (Conduit Ltd.)
IE - HKU\Flymen_ON_C\..\URLSearchHook: {4daac69c-cba7-45e2-9bc8-1044483d3352} - C:\Program Files\Softonic_France\prxtbSof0.dll (Conduit Ltd.)
[2010/09/11 12:21:04 | 000,000,000 | ---D | M] (Softonic France Toolbar) -- C:\Users\Flymen\AppData\Roaming\Mozilla\Firefox\Profiles\y5qvtmvp.default\extensions\{364d4e0c-543f-4b85-abe3-19551139da4f}
O2 - BHO: (Conduit Engine ) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
O2 - BHO: (Softonic_France Toolbar) - {4daac69c-cba7-45e2-9bc8-1044483d3352} - C:\Program Files\Softonic_France\prxtbSof0.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Conduit Engine ) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Softonic_France Toolbar) - {4daac69c-cba7-45e2-9bc8-1044483d3352} - C:\Program Files\Softonic_France\prxtbSof0.dll (Conduit Ltd.)
O3 - HKU\Flymen_ON_C\..\Toolbar\WebBrowser: (Softonic_France Toolbar) - {4DAAC69C-CBA7-45E2-9BC8-1044483D3352} - C:\Program Files\Softonic_France\prxtbSof0.dll (Conduit Ltd.)
IE - HKU\Flymen_ON_C\Software\Microsoft\Internet Explorer\Main,Default Download Directory = D:\FILMS
IE - HKU\Flymen_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = fr
IE - HKU\Flymen_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 10 1E 78 07 22 4F CB 01 [binary data]
IE - HKU\Flymen_ON_C\Software\Microsoft\Internet Explorer\Main,StartPageCache = 1
O7 - HKU\Flymen_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktop = 1
O7 - HKU\Flymen_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 1
O7 - HKU\Flymen_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 1
:commands
[emptytemp]
Une fois terminé, le rapport de suppression est sauvegardé sur ton disque dur C:\_OTL\ sous la forme date_heure.txt. << poste le
Redemarre sur windows et fais moi un bref résumé.
********************************************
Le cerveau a des capacités tellement étonnantes qu'aujourd'hui pratiquement tout le monde en a un.
Merci de ta réponse rapide.
Le rapport est ici:
http://pjjoint.malekal.com/files.php?id=20120522_v13w15r7f7q5
J'ai redémarré Windows normalement.
J'ai un message de restauration du système qui indique qu'il "a été restauré à l'état du 01/01/1601 à 02:00:00" ???
Puis-je lancer Malwarebytes? Que dois-je faire d'autre? Merci beaucoup
Le rapport est ici:
http://pjjoint.malekal.com/files.php?id=20120522_v13w15r7f7q5
J'ai redémarré Windows normalement.
J'ai un message de restauration du système qui indique qu'il "a été restauré à l'état du 01/01/1601 à 02:00:00" ???
Puis-je lancer Malwarebytes? Que dois-je faire d'autre? Merci beaucoup
Voici le rapport de Malwarebytes:
http://pjjoint.malekal.com/files.php?id=20120522_d13e11o5e6t5
Puis je supprimer les éléments infectés sans risque?
Merci
http://pjjoint.malekal.com/files.php?id=20120522_d13e11o5e6t5
Puis je supprimer les éléments infectés sans risque?
Merci
Oui tu peux supprimer les éléments cités dans le rapport Mbam.
ensuite:
On va faire une analyse de ton systéme.
* Télécharge ZHPDiag ( de Nicolas coolman ).
ou
ZHPDiag
ou
https://www.zebulon.fr/telechargements/securite/systeme/zhpdiag.html
Ou le lien FTP en secours :
ftp://zebulon.fr/ZHPDiag2.exe
***********************
/!\Utilisateurs de Vista et Windows 7 : Clique droit sur le logo de ZHPDiag.exe, (icône en forme de parchemin) exécuter en tant qu'Administrateur /!\
* Laisse toi guider lors de l'installation
* Il se lancera automatiquement à la fin de l'installation
* Clique sur l'icône représentant une loupe (« Lancer le diagnostic »)
* Enregistre le rapport sur ton Bureau à l'aide de l'icône représentant une disquette
* Héberge le rapport ZHPDiag.txt sur le site pjjoint.malekal.com ou cijoint.fr ou toofiles puis copie/colle le lien fournit dans ta prochaine réponse sur le forum
ensuite:
On va faire une analyse de ton systéme.
* Télécharge ZHPDiag ( de Nicolas coolman ).
ou
ZHPDiag
ou
https://www.zebulon.fr/telechargements/securite/systeme/zhpdiag.html
Ou le lien FTP en secours :
ftp://zebulon.fr/ZHPDiag2.exe
***********************
/!\Utilisateurs de Vista et Windows 7 : Clique droit sur le logo de ZHPDiag.exe, (icône en forme de parchemin) exécuter en tant qu'Administrateur /!\
* Laisse toi guider lors de l'installation
* Il se lancera automatiquement à la fin de l'installation
* Clique sur l'icône représentant une loupe (« Lancer le diagnostic »)
* Enregistre le rapport sur ton Bureau à l'aide de l'icône représentant une disquette
* Héberge le rapport ZHPDiag.txt sur le site pjjoint.malekal.com ou cijoint.fr ou toofiles puis copie/colle le lien fournit dans ta prochaine réponse sur le forum
Korson
Messages postés
10
Date d'inscription
mardi 22 mai 2012
Statut
Membre
Dernière intervention
24 mai 2012
22 mai 2012 à 22:25
22 mai 2012 à 22:25
Bonjour,
J'ai moi-même le même virus...j'ai obtenu le rapport de scan OTL.text ci-après.
Pouvez-vous m'aider ???
Par avance, merci.
OTL logfile created on: 22/05/2012 21:56:40 - Run
OTLPE by OldTimer - Version 3.1.48.0 Folder = D:\PROGRAMS\OTLPE
64bit-Windows 7 Professional (Version = 6.1.7601) - Type = System
Internet Explorer (Version = 9.0.8112.16421)
Locale: 0000040c | Country: France | Language: FRA | Date Format: dd/MM/yyyy
4,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 62,00% Memory free
8,00 Gb Paging File | 6,00 Gb Available in Paging File | 81,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 276,60 Gb Total Space | 197,26 Gb Free Space | 71,31% Space Free | Partition Type: NTFS
Drive D: | 284,12 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive E: | 980,05 Mb Total Space | 886,47 Mb Free Space | 90,45% Space Free | Partition Type: FAT32
Drive F: | 1,95 Mb Total Space | 1,95 Mb Free Space | 100,00% Space Free | Partition Type: FAT
Computer Name: BLANDINE-PC | User Name: blandine
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
Using ControlSet: ControlSet001
[color=#E56717]========== Win32 Services (SafeList) ==========[/color]
SRV:[b]64bit:[/b] - [2011/03/09 11:10:40 | 000,288,768 | ---- | M] (WDC) [Auto] -- C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe -- (WDDMService)
SRV:[b]64bit:[/b] - [2010/12/29 20:54:24 | 000,440,144 | ---- | M] (DigitalPersona, Inc.) [Auto] -- C:\Program Files\DigitalPersona\Bin\DpHostW.exe -- (DpHost)
SRV:[b]64bit:[/b] - [2010/12/17 21:41:32 | 001,515,792 | ---- | M] (Intel(R) Corporation) [Auto] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng) Intel(R)
SRV:[b]64bit:[/b] - [2010/12/17 21:28:46 | 000,340,240 | ---- | M] () [On_Demand] -- C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe -- (MyWiFiDHCPDNS)
SRV:[b]64bit:[/b] - [2010/12/17 21:26:50 | 000,836,880 | ---- | M] (Intel(R) Corporation) [Auto] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc) Intel(R)
SRV:[b]64bit:[/b] - [2010/11/29 22:00:56 | 000,149,504 | ---- | M] (Intel(R) Corporation) [On_Demand] -- C:\Program Files\Intel\TurboBoost\TurboBoost.exe -- (TurboBoost) Intel(R)
SRV:[b]64bit:[/b] - [2010/10/07 15:45:28 | 002,692,400 | ---- | M] (Validity Sensors, Inc.) [Auto] -- C:\Windows\System32\vcsFPService.exe -- (vcsFPService)
SRV:[b]64bit:[/b] - [2010/09/23 01:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:[b]64bit:[/b] - [2009/11/18 04:14:26 | 000,098,208 | ---- | M] (Andrea Electronics Corporation) [Auto] -- C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe -- (AERTFilters)
SRV:[b]64bit:[/b] - [2009/07/14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)
SRV:[b]64bit:[/b] - [2009/07/14 03:14:53 | 000,149,504 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\Windows\System32\appmgmts.dll -- (AppMgmt)
SRV - [2011/12/19 05:28:02 | 000,212,632 | ---- | M] (F-Secure Corporation) [On_Demand] -- C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Common\FSMA32.EXE -- (FSMA)
SRV - [2011/12/19 05:27:56 | 000,920,216 | ---- | M] (F-Secure Corporation) [On_Demand] -- C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\FWES\Program\fsdfwd.exe -- (FSDFWD)
SRV - [2011/12/14 13:25:00 | 000,160,424 | ---- | M] (F-Secure Corporation) [Auto] -- C:\Program Files (x86)\F-Secure\fshoster32.exe -- (fshoster)
SRV - [2011/12/12 12:27:54 | 000,061,120 | ---- | M] (F-Secure Corporation) [Auto] -- C:\Program Files (x86)\F-Secure\apps\CCF_Reputation\fsorsp.exe -- (FSORSPClient)
SRV - [2011/10/04 18:00:04 | 000,221,864 | ---- | M] (F-Secure Corporation) [Disabled] -- C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Anti-Virus\fsgk32st.exe -- (F-Secure Gatekeeper Handler Starter)
SRV - [2011/03/09 11:41:10 | 000,491,920 | ---- | M] () [Auto] -- C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSC.exe -- (WDSC)
SRV - [2011/03/09 11:41:08 | 001,066,896 | ---- | M] () [Auto] -- C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDFME\WDFME.exe -- (WDFME)
SRV - [2011/02/19 10:37:00 | 002,009,704 | ---- | M] (NVIDIA Corporation) [Auto] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService)
SRV - [2011/02/18 18:19:06 | 000,378,472 | ---- | M] (NVIDIA Corporation) [Auto] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2010/12/21 01:24:38 | 002,656,280 | ---- | M] (Intel Corporation) [Auto] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) Intel(R)
SRV - [2010/12/21 01:24:36 | 000,325,656 | ---- | M] (Intel Corporation) [Auto] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) Intel(R)
SRV - [2010/12/14 08:21:34 | 000,974,912 | ---- | M] (Intel Corporation) [Auto] -- C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe -- (Bluetooth OBEX Service)
SRV - [2010/12/14 08:21:30 | 001,298,496 | ---- | M] (Intel Corporation) [On_Demand] -- C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe -- (Bluetooth Media Service)
SRV - [2010/12/14 08:21:18 | 000,901,184 | ---- | M] (Intel Corporation) [Auto] -- C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe -- (Bluetooth Device Monitor)
SRV - [2010/11/25 12:34:18 | 000,219,632 | ---- | M] (Sonic Solutions) [Auto] -- C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe -- (RoxWatch12)
SRV - [2010/11/25 12:33:18 | 001,116,656 | ---- | M] (Sonic Solutions) [On_Demand] -- C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe -- (RoxMediaDB12OEM)
SRV - [2010/10/07 15:45:28 | 002,692,400 | ---- | M] (Validity Sensors, Inc.) [Auto] -- C:\Windows\SysWOW64\vcsFPService.exe -- (vcsFPService)
SRV - [2010/08/26 03:28:54 | 002,823,000 | ---- | M] (Dell, Inc.) [Auto] -- C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe -- (NOBU)
SRV - [2010/03/18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/06/10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
DRV:[b]64bit:[/b] - [2012/01/25 11:56:39 | 000,042,672 | ---- | M] () [Kernel | Boot] -- C:\Windows\System32\drivers\fsbts.sys -- (fsbts)
DRV - [2012/03/26 16:05:58 | 000,198,808 | ---- | M] () [Kernel | On_Demand] -- C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Anti-Virus\minifilter\fsgk.sys -- (F-Secure Gatekeeper)
DRV - [2012/03/12 12:13:59 | 000,061,976 | ---- | M] (F-Secure Corporation) [Kernel | System] -- C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\HIPS\drivers\fshs.sys -- (F-Secure HIPS)
DRV - [2012/01/25 11:56:39 | 000,042,672 | ---- | M] () [Kernel | Boot] -- C:\Windows\SysWOW64\drivers\fsbts.sys -- (fsbts)
DRV - [2011/12/19 05:27:48 | 000,013,976 | ---- | M] () [Kernel | System] -- C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Anti-Virus\minifilter\fsvista.sys -- (fsvista)
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
[color=#E56717]========== Internet Explorer ==========[/color]
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2589773313-3257203268-164393769-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.dell.com/fr-fr?c=fr&l=fr&s=gen&redirect=1
IE - HKU\S-1-5-21-2589773313-3257203268-164393769-1001\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
IE - HKU\S-1-5-21-2589773313-3257203268-164393769-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2589773313-3257203268-164393769-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: File not found
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=:
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE: File not found
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKEY_LOCAL_MACHINE\software\wow6432node\mozilla\Firefox\extensions\\{22C7F6C6-8D67-4534-92B5-529A0EC09405}: c:\Program Files (x86)\Trend Micro\Client Server Security Agent\bho\1009\FirefoxExtension
FF - HKEY_LOCAL_MACHINE\software\wow6432node\mozilla\Firefox\extensions\\otis@digitalpersona.com: C:\Program Files (x86)\DigitalPersona\Bin\FirefoxExt\ [2011/07/13 10:46:21 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\wow6432node\mozilla\Firefox\extensions\\litmus-ff@f-secure.com: C:\Program Files (x86)\F-Secure\apps\OnlineSafety\BPP\litmus-ff@f-secure.com\ [2012/04/25 22:39:26 | 000,000,000 | ---D | M]
O1 HOSTS File: ([2009/06/10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2:[b]64bit:[/b] - BHO: (TmIEPlugInBHO Class) - {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - File not found
O2:[b]64bit:[/b] - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2 - BHO: (TmIEPlugInBHO Class) - {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - File not found
O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Browsing Protection Class) - {C6867EB7-8350-4856-877F-93CF8AE3DC9C} - C:\Program Files (x86)\F-Secure\apps\OnlineSafety\BPP\iescript\BaseLitmus.dll (F-Secure Corporation)
O3:[b]64bit:[/b] - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:[b]64bit:[/b] - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Browsing Protection Toolbar) - {265EEE8E-3228-44D3-AEA5-F7FDF5860049} - C:\Program Files (x86)\F-Secure\apps\OnlineSafety\BPP\iescript\BaseLitmus.dll (F-Secure Corporation)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3:[b]64bit:[/b] - HKU\S-1-5-21-2589773313-3257203268-164393769-1001\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O4:[b]64bit:[/b] - HKLM..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe (Alps Electric Co., Ltd.)
O4:[b]64bit:[/b] - HKLM..\Run: [BTMTrayAgent] C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll (Intel Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [DBRMTray] C:\dell\DBRM\Reminder\DbrmTrayicon.exe (Dell Computer Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [FreeFallProtection] C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe ()
O4:[b]64bit:[/b] - HKLM..\Run: [HotKeysCmds] File not found
O4:[b]64bit:[/b] - HKLM..\Run: [IgfxTray] File not found
O4:[b]64bit:[/b] - HKLM..\Run: [IntelWireless] C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe (Intel(R) Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [NVHotkey] File not found
O4:[b]64bit:[/b] - HKLM..\Run: [Persistence] File not found
O4:[b]64bit:[/b] - HKLM..\Run: [QuickSet] C:\Program Files\Dell\QuickSet\QuickSet.exe (Dell Inc.)
O4:[b]64bit:[/b] - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [Dell DataSafe Online] C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe (Dell, Inc.)
O4 - HKLM..\Run: [Dell Webcam Central] C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [Desktop Disc Tool] C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe ()
O4 - HKLM..\Run: [F-Secure Hoster] C:\Program Files (x86)\F-Secure\fshoster32.exe (F-Secure Corporation)
O4 - HKLM..\Run: [F-Secure Manager] C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Common\FSM32.EXE (F-Secure Corporation)
O4 - HKLM..\Run: [PDVD9LanguageShortcut] C:\Program Files (x86)\CyberLink\PowerDVD9\Language\Language.exe (CyberLink Corp.)
O4 - HKLM..\Run: [RemoteControl9] C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [RoxWatchTray] C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe (Sonic Solutions)
O4 - HKLM..\Run: [TagMonitor] C:\Program Files (x86)\LeapFrog\LeapFrog Connect Tag\bin\TagMonitor.exe (LeapFrog Enterprises, Inc.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-2589773313-3257203268-164393769-1000..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-2589773313-3257203268-164393769-1001..\Run: [frkUeoymDhvXXox] C:\Users\blandine\AppData\Roaming\VboxServs.exe ()
O4:[b]64bit:[/b] - HKLM..\RunOnce: [DBRMTray] C:\dell\DBRM\Reminder\TrayApp.exe (Microsoft)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] File not found
O4 - HKU\S-1-5-21-2589773313-3257203268-164393769-1000..\RunOnce: [mctadmin] File not found
O4 - HKU\S-1-5-21-2589773313-3257203268-164393769-1001..\RunOnce: [FlashPlayerUpdate] C:\Windows\SysWOW64\Macromed\Flash\FlashUtil11e_ActiveX.exe (Adobe Systems, Inc.)
O4 - Startup: C:\Users\blandine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Moniteur de la technologie Intel® Turbo Boost 2.0.lnk = File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10:[b]64bit:[/b] - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13:[b]64bit:[/b] - gopher Prefix: missing
O13 - gopher Prefix: missing
O16:[b]64bit:[/b] - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16:[b]64bit:[/b] - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16:[b]64bit:[/b] - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O18:[b]64bit:[/b] - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:[b]64bit:[/b] - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:[b]64bit:[/b] - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:[b]64bit:[/b] - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18:[b]64bit:[/b] - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - Reg Error: Key error. File not found
O18:[b]64bit:[/b] - Protocol\Handler\tmpx {0E526CB5-7446-41D1-A403-19BFE95E8C23} - File not found
O18:[b]64bit:[/b] - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found
O18:[b]64bit:[/b] - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - Reg Error: Key error. File not found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Handler\tmpx {0E526CB5-7446-41D1-A403-19BFE95E8C23} - File not found
O18:[b]64bit:[/b] - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:[b]64bit:[/b] - AppInit_DLLs: (C:\Windows\system32\nvinitx.dll) - File not found
O20 - AppInit_DLLs: (C:\Windows\SysWOW64\nvinit.dll) - C:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\System32\explorer.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Program Files (x86)\DigitalPersona\Bin\DPAgent.exe) - C:\Program Files (x86)\DigitalPersona\Bin\DPAgent.exe (DigitalPersona, Inc.)
O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKU\S-1-5-21-2589773313-3257203268-164393769-1001 Winlogon: Shell - (C:\Users\blandine\AppData\Roaming\VboxServs.exe) - C:\Users\blandine\AppData\Roaming\VboxServs.exe ()
O20 - HKU\S-1-5-21-2589773313-3257203268-164393769-1001 Winlogon: UserInit - (C:\Users\blandine\AppData\Roaming\VboxServs.exe) - C:\Users\blandine\AppData\Roaming\VboxServs.exe ()
O20:[b]64bit:[/b] - Winlogon\Notify\igfxcui: DllName - Reg Error: Key error. - File not found
O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/03/24 13:06:41 | 000,000,053 | R--- | M] () - D:\AUTORUN.INF -- [ CDFS ]
O33 - MountPoints2\{27d04148-981b-11e1-a094-ac7289210f0b}\Shell - "" = AutoRun
O33 - MountPoints2\{27d04148-981b-11e1-a094-ac7289210f0b}\Shell\AutoRun\command - "" = E:\unlock.exe autoplay=true
O33 - MountPoints2\{99932634-985a-11e1-a094-ac7289210f0b}\Shell - "" = AutoRun
O33 - MountPoints2\{99932634-985a-11e1-a094-ac7289210f0b}\Shell\AutoRun\command - "" = E:\unlock.exe autoplay=true
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
[b]64bit:[/b] O35 - HKLM\..comfile [open] -- "%1" %* File not found
[b]64bit:[/b] O35 - HKLM\..exefile [open] -- "%1" %* File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
[2012/05/22 20:30:24 | 000,000,000 | ---D | C] -- C:\_OTL
[2012/05/14 08:22:08 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2012/05/11 10:59:25 | 001,077,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\DWrite.dll
[2012/05/11 10:59:25 | 001,077,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DWrite.dll
[2012/05/11 10:59:15 | 003,968,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2012/05/11 10:59:15 | 003,968,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2012/05/11 10:59:14 | 003,913,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2012/05/11 10:59:14 | 003,913,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2012/05/08 18:48:16 | 000,000,000 | ---D | C] -- C:\Users\blandine\AppData\Roaming\Apple Computer
[2012/05/08 18:48:16 | 000,000,000 | ---D | C] -- C:\Users\blandine\AppData\Local\Apple Computer
[2012/05/08 18:48:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2012/05/08 18:47:57 | 000,107,368 | ---- | C] (GEAR Software Inc.) -- C:\Windows\SysWow64\GEARAspi.dll
[2012/05/08 18:47:57 | 000,107,368 | ---- | C] (GEAR Software Inc.) -- C:\Windows\System32\GEARAspi.dll
[2012/05/08 18:47:19 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2012/05/08 18:47:18 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2012/05/08 18:47:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2012/05/08 18:47:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer
[2012/05/08 18:47:18 | 000,000,000 | ---D | C] -- C:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001}
[2012/05/08 18:45:38 | 000,000,000 | ---D | C] -- C:\Users\blandine\AppData\Local\Apple
[2012/05/08 18:45:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Apple Software Update
[2012/05/08 18:44:24 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2012/05/08 18:44:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bonjour
[2012/05/08 18:44:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple
[2012/05/08 18:44:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Apple
[2012/05/07 19:28:57 | 000,000,000 | ---D | C] -- C:\Users\blandine\Documents\Photos maison
[2012/05/07 19:10:36 | 000,000,000 | ---D | C] -- C:\Users\blandine\Documents\Documents de Laurent
[2012/05/07 19:10:36 | 000,000,000 | ---D | C] -- C:\Users\blandine\Documents\Documents de Blandine
[2012/05/07 19:10:34 | 000,000,000 | ---D | C] -- C:\Users\blandine\Documents\ACHAT TERRAIN CRETEIL HALAGE
[2012/05/07 17:29:51 | 000,000,000 | ---D | C] -- C:\Users\blandine\AppData\Local\{D2A6C633-5CAD-4F72-A0F7-19E608FD95AE}
[2012/05/07 17:19:10 | 000,000,000 | ---D | C] -- C:\Users\blandine\Documents\Retrieved Contents
[2012/05/07 16:40:52 | 000,000,000 | ---D | C] -- C:\Users\blandine\AppData\Local\Western_Digital
[2012/05/07 16:40:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Western Digital
[2012/05/07 16:39:15 | 000,000,000 | ---D | C] -- C:\Program Files\Western Digital
[2012/05/07 16:39:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Western Digital
[2012/05/07 16:39:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WD SmartWare
[2012/05/07 16:37:31 | 000,000,000 | ---D | C] -- C:\Users\blandine\AppData\Local\Western Digital
[2012/05/07 16:36:44 | 000,000,000 | ---D | C] -- C:\Users\blandine\AppData\Roaming\Roxio Burn
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
[2012/05/22 21:24:00 | 000,001,072 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/05/22 21:20:20 | 000,001,068 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/05/22 21:20:11 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/05/22 21:20:04 | 3153,727,488 | -HS- | M] () -- C:\hiberfil.sys
[2012/05/22 19:58:35 | 000,000,506 | ---- | M] () -- C:\Windows\tasks\SystemToolsDailyTest.job
[2012/05/22 11:26:09 | 000,231,936 | -HS- | M] () -- C:\Users\blandine\AppData\Roaming\VboxServs.exe
[2012/05/14 08:18:27 | 000,000,000 | ---D | M] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[2012/05/11 18:54:07 | 000,001,862 | ---- | M] () -- C:\Users\Public\Desktop\F-Secure Launch pad.lnk
[2012/05/08 18:48:11 | 000,001,785 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2012/05/08 18:48:11 | 000,000,000 | ---D | M] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2012/05/08 18:45:35 | 000,002,519 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
[2012/05/08 09:07:00 | 000,000,564 | ---- | M] () -- C:\Windows\tasks\PCDoctorBackgroundMonitorTask.job
[2012/05/07 16:40:00 | 000,001,320 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WDDMStatus.lnk
[2012/05/07 16:40:00 | 000,000,000 | R--D | M] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
[2012/05/07 16:40:00 | 000,000,000 | ---D | M] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WD SmartWare
[2012/05/07 09:45:50 | 000,011,272 | ---- | M] () -- C:\Users\blandine\Documents\justificatif.pdf
[2012/05/06 16:28:00 | 000,028,817 | ---- | M] () -- C:\Users\blandine\Desktop\DE0060 DEVIS HORTA.pdf
[color=#E56717]========== Files Created - No Company Name ==========[/color]
[2012/05/22 11:26:31 | 000,231,936 | -HS- | C] () -- C:\Users\blandine\AppData\Roaming\VboxServs.exe
[2012/05/08 18:48:11 | 000,001,785 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2012/05/08 18:45:35 | 000,002,519 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
[2012/05/07 16:40:00 | 000,001,320 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WDDMStatus.lnk
[2012/05/07 09:45:50 | 000,011,272 | ---- | C] () -- C:\Users\blandine\Documents\justificatif.pdf
[2012/05/06 16:28:00 | 000,028,817 | ---- | C] () -- C:\Users\blandine\Desktop\DE0060 DEVIS HORTA.pdf
[2012/03/03 12:54:24 | 000,000,500 | ---- | C] () -- C:\Windows\{687EAE16-F2E7-4B96-B58C-AC09F9119B8C}_WiseFW.ini
[2012/01/25 11:56:39 | 000,042,672 | ---- | C] () -- C:\Windows\SysWow64\drivers\fsbts.sys
[2012/01/25 00:22:22 | 000,019,615 | ---- | C] () -- C:\Windows\prodsett_copy.ini
[2011/10/30 18:35:30 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2011/07/13 11:05:11 | 000,963,116 | ---- | C] () -- C:\Windows\SysWow64\igkrng600.bin
[2011/07/13 11:05:09 | 000,216,876 | ---- | C] () -- C:\Windows\SysWow64\igfcg600m.bin
[2011/07/13 11:05:07 | 000,145,804 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng600.bin
[2011/07/13 10:06:43 | 000,017,776 | ---- | C] () -- C:\Windows\EvtMessage.dll
[2011/02/12 20:17:40 | 001,696,440 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2009/07/14 07:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009/07/14 04:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009/07/14 04:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009/07/14 02:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009/07/14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009/07/13 23:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009/06/10 23:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[color=#E56717]========== LOP Check ==========[/color]
[2011/09/29 13:56:41 | 000,000,000 | ---D | M] -- C:\Users\blandine\AppData\Roaming\DigitalPersona
[2012/02/04 22:57:11 | 000,000,000 | ---D | M] -- C:\Users\blandine\AppData\Roaming\F-Secure
[2011/11/28 12:50:45 | 000,000,000 | ---D | M] -- C:\Users\blandine\AppData\Roaming\PCDr
[2012/02/05 15:50:28 | 000,000,000 | ---D | M] -- C:\Users\blandine\AppData\Roaming\Windows Live Writer
[2009/07/14 07:08:56 | 000,000,000 | -HSD | M] -- C:\ProgramData\Application Data
[2011/09/29 13:56:01 | 000,000,000 | -HSD | M] -- C:\ProgramData\Bureau
[2009/07/14 07:08:56 | 000,000,000 | -HSD | M] -- C:\ProgramData\Desktop
[2009/07/14 07:08:56 | 000,000,000 | -HSD | M] -- C:\ProgramData\Documents
[2011/07/13 10:45:34 | 000,000,000 | ---D | M] -- C:\ProgramData\Downloaded Installations
[2012/01/25 00:22:56 | 000,000,000 | ---D | M] -- C:\ProgramData\F-Secure
[2011/09/29 13:56:01 | 000,000,000 | -HSD | M] -- C:\ProgramData\Favoris
[2009/07/14 07:08:56 | 000,000,000 | -HSD | M] -- C:\ProgramData\Favorites
[2012/01/25 00:21:09 | 000,000,000 | ---D | M] -- C:\ProgramData\fssg
[2012/03/03 12:53:36 | 000,000,000 | ---D | M] -- C:\ProgramData\Leapfrog
[2011/09/29 13:56:01 | 000,000,000 | -HSD | M] -- C:\ProgramData\Menu Démarrer
[2011/09/29 13:56:01 | 000,000,000 | -HSD | M] -- C:\ProgramData\Modèles
[2011/11/28 12:51:19 | 000,000,000 | ---D | M] -- C:\ProgramData\PCDr
[2011/07/13 10:33:00 | 000,000,000 | ---D | M] -- C:\ProgramData\PhotoShow Shared Assets
[2011/07/13 10:09:29 | 000,000,000 | ---D | M] -- C:\ProgramData\Roaming
[2009/07/14 07:08:56 | 000,000,000 | -HSD | M] -- C:\ProgramData\Start Menu
[2011/07/13 10:22:44 | 000,000,000 | ---D | M] -- C:\ProgramData\Temp
[2009/07/14 07:08:56 | 000,000,000 | -HSD | M] -- C:\ProgramData\Templates
[2011/07/13 10:34:31 | 000,000,000 | ---D | M] -- C:\ProgramData\Uninstall
[2011/07/13 10:07:18 | 000,000,000 | ---D | M] -- C:\ProgramData\Validity
[2012/05/07 16:40:20 | 000,000,000 | ---D | M] -- C:\ProgramData\Western Digital
[2012/05/08 18:47:55 | 000,000,000 | ---D | M] -- C:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001}
[2012/05/08 09:07:00 | 000,000,564 | ---- | M] () -- C:\Windows\Tasks\PCDoctorBackgroundMonitorTask.job
[2012/03/14 01:32:24 | 000,032,482 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2012/05/22 19:58:35 | 000,000,506 | ---- | M] () -- C:\Windows\Tasks\SystemToolsDailyTest.job
[color=#E56717]========== Purity Check ==========[/color]
< End of report >
J'ai moi-même le même virus...j'ai obtenu le rapport de scan OTL.text ci-après.
Pouvez-vous m'aider ???
Par avance, merci.
OTL logfile created on: 22/05/2012 21:56:40 - Run
OTLPE by OldTimer - Version 3.1.48.0 Folder = D:\PROGRAMS\OTLPE
64bit-Windows 7 Professional (Version = 6.1.7601) - Type = System
Internet Explorer (Version = 9.0.8112.16421)
Locale: 0000040c | Country: France | Language: FRA | Date Format: dd/MM/yyyy
4,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 62,00% Memory free
8,00 Gb Paging File | 6,00 Gb Available in Paging File | 81,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 276,60 Gb Total Space | 197,26 Gb Free Space | 71,31% Space Free | Partition Type: NTFS
Drive D: | 284,12 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive E: | 980,05 Mb Total Space | 886,47 Mb Free Space | 90,45% Space Free | Partition Type: FAT32
Drive F: | 1,95 Mb Total Space | 1,95 Mb Free Space | 100,00% Space Free | Partition Type: FAT
Computer Name: BLANDINE-PC | User Name: blandine
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
Using ControlSet: ControlSet001
[color=#E56717]========== Win32 Services (SafeList) ==========[/color]
SRV:[b]64bit:[/b] - [2011/03/09 11:10:40 | 000,288,768 | ---- | M] (WDC) [Auto] -- C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe -- (WDDMService)
SRV:[b]64bit:[/b] - [2010/12/29 20:54:24 | 000,440,144 | ---- | M] (DigitalPersona, Inc.) [Auto] -- C:\Program Files\DigitalPersona\Bin\DpHostW.exe -- (DpHost)
SRV:[b]64bit:[/b] - [2010/12/17 21:41:32 | 001,515,792 | ---- | M] (Intel(R) Corporation) [Auto] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng) Intel(R)
SRV:[b]64bit:[/b] - [2010/12/17 21:28:46 | 000,340,240 | ---- | M] () [On_Demand] -- C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe -- (MyWiFiDHCPDNS)
SRV:[b]64bit:[/b] - [2010/12/17 21:26:50 | 000,836,880 | ---- | M] (Intel(R) Corporation) [Auto] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc) Intel(R)
SRV:[b]64bit:[/b] - [2010/11/29 22:00:56 | 000,149,504 | ---- | M] (Intel(R) Corporation) [On_Demand] -- C:\Program Files\Intel\TurboBoost\TurboBoost.exe -- (TurboBoost) Intel(R)
SRV:[b]64bit:[/b] - [2010/10/07 15:45:28 | 002,692,400 | ---- | M] (Validity Sensors, Inc.) [Auto] -- C:\Windows\System32\vcsFPService.exe -- (vcsFPService)
SRV:[b]64bit:[/b] - [2010/09/23 01:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:[b]64bit:[/b] - [2009/11/18 04:14:26 | 000,098,208 | ---- | M] (Andrea Electronics Corporation) [Auto] -- C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe -- (AERTFilters)
SRV:[b]64bit:[/b] - [2009/07/14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)
SRV:[b]64bit:[/b] - [2009/07/14 03:14:53 | 000,149,504 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\Windows\System32\appmgmts.dll -- (AppMgmt)
SRV - [2011/12/19 05:28:02 | 000,212,632 | ---- | M] (F-Secure Corporation) [On_Demand] -- C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Common\FSMA32.EXE -- (FSMA)
SRV - [2011/12/19 05:27:56 | 000,920,216 | ---- | M] (F-Secure Corporation) [On_Demand] -- C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\FWES\Program\fsdfwd.exe -- (FSDFWD)
SRV - [2011/12/14 13:25:00 | 000,160,424 | ---- | M] (F-Secure Corporation) [Auto] -- C:\Program Files (x86)\F-Secure\fshoster32.exe -- (fshoster)
SRV - [2011/12/12 12:27:54 | 000,061,120 | ---- | M] (F-Secure Corporation) [Auto] -- C:\Program Files (x86)\F-Secure\apps\CCF_Reputation\fsorsp.exe -- (FSORSPClient)
SRV - [2011/10/04 18:00:04 | 000,221,864 | ---- | M] (F-Secure Corporation) [Disabled] -- C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Anti-Virus\fsgk32st.exe -- (F-Secure Gatekeeper Handler Starter)
SRV - [2011/03/09 11:41:10 | 000,491,920 | ---- | M] () [Auto] -- C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSC.exe -- (WDSC)
SRV - [2011/03/09 11:41:08 | 001,066,896 | ---- | M] () [Auto] -- C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDFME\WDFME.exe -- (WDFME)
SRV - [2011/02/19 10:37:00 | 002,009,704 | ---- | M] (NVIDIA Corporation) [Auto] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService)
SRV - [2011/02/18 18:19:06 | 000,378,472 | ---- | M] (NVIDIA Corporation) [Auto] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2010/12/21 01:24:38 | 002,656,280 | ---- | M] (Intel Corporation) [Auto] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) Intel(R)
SRV - [2010/12/21 01:24:36 | 000,325,656 | ---- | M] (Intel Corporation) [Auto] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) Intel(R)
SRV - [2010/12/14 08:21:34 | 000,974,912 | ---- | M] (Intel Corporation) [Auto] -- C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe -- (Bluetooth OBEX Service)
SRV - [2010/12/14 08:21:30 | 001,298,496 | ---- | M] (Intel Corporation) [On_Demand] -- C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe -- (Bluetooth Media Service)
SRV - [2010/12/14 08:21:18 | 000,901,184 | ---- | M] (Intel Corporation) [Auto] -- C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe -- (Bluetooth Device Monitor)
SRV - [2010/11/25 12:34:18 | 000,219,632 | ---- | M] (Sonic Solutions) [Auto] -- C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe -- (RoxWatch12)
SRV - [2010/11/25 12:33:18 | 001,116,656 | ---- | M] (Sonic Solutions) [On_Demand] -- C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe -- (RoxMediaDB12OEM)
SRV - [2010/10/07 15:45:28 | 002,692,400 | ---- | M] (Validity Sensors, Inc.) [Auto] -- C:\Windows\SysWOW64\vcsFPService.exe -- (vcsFPService)
SRV - [2010/08/26 03:28:54 | 002,823,000 | ---- | M] (Dell, Inc.) [Auto] -- C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe -- (NOBU)
SRV - [2010/03/18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/06/10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
DRV:[b]64bit:[/b] - [2012/01/25 11:56:39 | 000,042,672 | ---- | M] () [Kernel | Boot] -- C:\Windows\System32\drivers\fsbts.sys -- (fsbts)
DRV - [2012/03/26 16:05:58 | 000,198,808 | ---- | M] () [Kernel | On_Demand] -- C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Anti-Virus\minifilter\fsgk.sys -- (F-Secure Gatekeeper)
DRV - [2012/03/12 12:13:59 | 000,061,976 | ---- | M] (F-Secure Corporation) [Kernel | System] -- C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\HIPS\drivers\fshs.sys -- (F-Secure HIPS)
DRV - [2012/01/25 11:56:39 | 000,042,672 | ---- | M] () [Kernel | Boot] -- C:\Windows\SysWOW64\drivers\fsbts.sys -- (fsbts)
DRV - [2011/12/19 05:27:48 | 000,013,976 | ---- | M] () [Kernel | System] -- C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Anti-Virus\minifilter\fsvista.sys -- (fsvista)
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
[color=#E56717]========== Internet Explorer ==========[/color]
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2589773313-3257203268-164393769-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.dell.com/fr-fr?c=fr&l=fr&s=gen&redirect=1
IE - HKU\S-1-5-21-2589773313-3257203268-164393769-1001\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
IE - HKU\S-1-5-21-2589773313-3257203268-164393769-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2589773313-3257203268-164393769-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: File not found
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=:
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE: File not found
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKEY_LOCAL_MACHINE\software\wow6432node\mozilla\Firefox\extensions\\{22C7F6C6-8D67-4534-92B5-529A0EC09405}: c:\Program Files (x86)\Trend Micro\Client Server Security Agent\bho\1009\FirefoxExtension
FF - HKEY_LOCAL_MACHINE\software\wow6432node\mozilla\Firefox\extensions\\otis@digitalpersona.com: C:\Program Files (x86)\DigitalPersona\Bin\FirefoxExt\ [2011/07/13 10:46:21 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\wow6432node\mozilla\Firefox\extensions\\litmus-ff@f-secure.com: C:\Program Files (x86)\F-Secure\apps\OnlineSafety\BPP\litmus-ff@f-secure.com\ [2012/04/25 22:39:26 | 000,000,000 | ---D | M]
O1 HOSTS File: ([2009/06/10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2:[b]64bit:[/b] - BHO: (TmIEPlugInBHO Class) - {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - File not found
O2:[b]64bit:[/b] - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2 - BHO: (TmIEPlugInBHO Class) - {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - File not found
O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Browsing Protection Class) - {C6867EB7-8350-4856-877F-93CF8AE3DC9C} - C:\Program Files (x86)\F-Secure\apps\OnlineSafety\BPP\iescript\BaseLitmus.dll (F-Secure Corporation)
O3:[b]64bit:[/b] - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:[b]64bit:[/b] - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Browsing Protection Toolbar) - {265EEE8E-3228-44D3-AEA5-F7FDF5860049} - C:\Program Files (x86)\F-Secure\apps\OnlineSafety\BPP\iescript\BaseLitmus.dll (F-Secure Corporation)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3:[b]64bit:[/b] - HKU\S-1-5-21-2589773313-3257203268-164393769-1001\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O4:[b]64bit:[/b] - HKLM..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe (Alps Electric Co., Ltd.)
O4:[b]64bit:[/b] - HKLM..\Run: [BTMTrayAgent] C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll (Intel Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [DBRMTray] C:\dell\DBRM\Reminder\DbrmTrayicon.exe (Dell Computer Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [FreeFallProtection] C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe ()
O4:[b]64bit:[/b] - HKLM..\Run: [HotKeysCmds] File not found
O4:[b]64bit:[/b] - HKLM..\Run: [IgfxTray] File not found
O4:[b]64bit:[/b] - HKLM..\Run: [IntelWireless] C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe (Intel(R) Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [NVHotkey] File not found
O4:[b]64bit:[/b] - HKLM..\Run: [Persistence] File not found
O4:[b]64bit:[/b] - HKLM..\Run: [QuickSet] C:\Program Files\Dell\QuickSet\QuickSet.exe (Dell Inc.)
O4:[b]64bit:[/b] - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [Dell DataSafe Online] C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe (Dell, Inc.)
O4 - HKLM..\Run: [Dell Webcam Central] C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [Desktop Disc Tool] C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe ()
O4 - HKLM..\Run: [F-Secure Hoster] C:\Program Files (x86)\F-Secure\fshoster32.exe (F-Secure Corporation)
O4 - HKLM..\Run: [F-Secure Manager] C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Common\FSM32.EXE (F-Secure Corporation)
O4 - HKLM..\Run: [PDVD9LanguageShortcut] C:\Program Files (x86)\CyberLink\PowerDVD9\Language\Language.exe (CyberLink Corp.)
O4 - HKLM..\Run: [RemoteControl9] C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [RoxWatchTray] C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe (Sonic Solutions)
O4 - HKLM..\Run: [TagMonitor] C:\Program Files (x86)\LeapFrog\LeapFrog Connect Tag\bin\TagMonitor.exe (LeapFrog Enterprises, Inc.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-2589773313-3257203268-164393769-1000..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-2589773313-3257203268-164393769-1001..\Run: [frkUeoymDhvXXox] C:\Users\blandine\AppData\Roaming\VboxServs.exe ()
O4:[b]64bit:[/b] - HKLM..\RunOnce: [DBRMTray] C:\dell\DBRM\Reminder\TrayApp.exe (Microsoft)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] File not found
O4 - HKU\S-1-5-21-2589773313-3257203268-164393769-1000..\RunOnce: [mctadmin] File not found
O4 - HKU\S-1-5-21-2589773313-3257203268-164393769-1001..\RunOnce: [FlashPlayerUpdate] C:\Windows\SysWOW64\Macromed\Flash\FlashUtil11e_ActiveX.exe (Adobe Systems, Inc.)
O4 - Startup: C:\Users\blandine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Moniteur de la technologie Intel® Turbo Boost 2.0.lnk = File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10:[b]64bit:[/b] - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13:[b]64bit:[/b] - gopher Prefix: missing
O13 - gopher Prefix: missing
O16:[b]64bit:[/b] - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16:[b]64bit:[/b] - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16:[b]64bit:[/b] - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O18:[b]64bit:[/b] - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:[b]64bit:[/b] - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:[b]64bit:[/b] - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:[b]64bit:[/b] - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18:[b]64bit:[/b] - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - Reg Error: Key error. File not found
O18:[b]64bit:[/b] - Protocol\Handler\tmpx {0E526CB5-7446-41D1-A403-19BFE95E8C23} - File not found
O18:[b]64bit:[/b] - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found
O18:[b]64bit:[/b] - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - Reg Error: Key error. File not found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Handler\tmpx {0E526CB5-7446-41D1-A403-19BFE95E8C23} - File not found
O18:[b]64bit:[/b] - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:[b]64bit:[/b] - AppInit_DLLs: (C:\Windows\system32\nvinitx.dll) - File not found
O20 - AppInit_DLLs: (C:\Windows\SysWOW64\nvinit.dll) - C:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\System32\explorer.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Program Files (x86)\DigitalPersona\Bin\DPAgent.exe) - C:\Program Files (x86)\DigitalPersona\Bin\DPAgent.exe (DigitalPersona, Inc.)
O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKU\S-1-5-21-2589773313-3257203268-164393769-1001 Winlogon: Shell - (C:\Users\blandine\AppData\Roaming\VboxServs.exe) - C:\Users\blandine\AppData\Roaming\VboxServs.exe ()
O20 - HKU\S-1-5-21-2589773313-3257203268-164393769-1001 Winlogon: UserInit - (C:\Users\blandine\AppData\Roaming\VboxServs.exe) - C:\Users\blandine\AppData\Roaming\VboxServs.exe ()
O20:[b]64bit:[/b] - Winlogon\Notify\igfxcui: DllName - Reg Error: Key error. - File not found
O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/03/24 13:06:41 | 000,000,053 | R--- | M] () - D:\AUTORUN.INF -- [ CDFS ]
O33 - MountPoints2\{27d04148-981b-11e1-a094-ac7289210f0b}\Shell - "" = AutoRun
O33 - MountPoints2\{27d04148-981b-11e1-a094-ac7289210f0b}\Shell\AutoRun\command - "" = E:\unlock.exe autoplay=true
O33 - MountPoints2\{99932634-985a-11e1-a094-ac7289210f0b}\Shell - "" = AutoRun
O33 - MountPoints2\{99932634-985a-11e1-a094-ac7289210f0b}\Shell\AutoRun\command - "" = E:\unlock.exe autoplay=true
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
[b]64bit:[/b] O35 - HKLM\..comfile [open] -- "%1" %* File not found
[b]64bit:[/b] O35 - HKLM\..exefile [open] -- "%1" %* File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
[2012/05/22 20:30:24 | 000,000,000 | ---D | C] -- C:\_OTL
[2012/05/14 08:22:08 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2012/05/11 10:59:25 | 001,077,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\DWrite.dll
[2012/05/11 10:59:25 | 001,077,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DWrite.dll
[2012/05/11 10:59:15 | 003,968,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2012/05/11 10:59:15 | 003,968,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2012/05/11 10:59:14 | 003,913,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2012/05/11 10:59:14 | 003,913,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2012/05/08 18:48:16 | 000,000,000 | ---D | C] -- C:\Users\blandine\AppData\Roaming\Apple Computer
[2012/05/08 18:48:16 | 000,000,000 | ---D | C] -- C:\Users\blandine\AppData\Local\Apple Computer
[2012/05/08 18:48:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2012/05/08 18:47:57 | 000,107,368 | ---- | C] (GEAR Software Inc.) -- C:\Windows\SysWow64\GEARAspi.dll
[2012/05/08 18:47:57 | 000,107,368 | ---- | C] (GEAR Software Inc.) -- C:\Windows\System32\GEARAspi.dll
[2012/05/08 18:47:19 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2012/05/08 18:47:18 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2012/05/08 18:47:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2012/05/08 18:47:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer
[2012/05/08 18:47:18 | 000,000,000 | ---D | C] -- C:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001}
[2012/05/08 18:45:38 | 000,000,000 | ---D | C] -- C:\Users\blandine\AppData\Local\Apple
[2012/05/08 18:45:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Apple Software Update
[2012/05/08 18:44:24 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2012/05/08 18:44:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bonjour
[2012/05/08 18:44:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple
[2012/05/08 18:44:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Apple
[2012/05/07 19:28:57 | 000,000,000 | ---D | C] -- C:\Users\blandine\Documents\Photos maison
[2012/05/07 19:10:36 | 000,000,000 | ---D | C] -- C:\Users\blandine\Documents\Documents de Laurent
[2012/05/07 19:10:36 | 000,000,000 | ---D | C] -- C:\Users\blandine\Documents\Documents de Blandine
[2012/05/07 19:10:34 | 000,000,000 | ---D | C] -- C:\Users\blandine\Documents\ACHAT TERRAIN CRETEIL HALAGE
[2012/05/07 17:29:51 | 000,000,000 | ---D | C] -- C:\Users\blandine\AppData\Local\{D2A6C633-5CAD-4F72-A0F7-19E608FD95AE}
[2012/05/07 17:19:10 | 000,000,000 | ---D | C] -- C:\Users\blandine\Documents\Retrieved Contents
[2012/05/07 16:40:52 | 000,000,000 | ---D | C] -- C:\Users\blandine\AppData\Local\Western_Digital
[2012/05/07 16:40:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Western Digital
[2012/05/07 16:39:15 | 000,000,000 | ---D | C] -- C:\Program Files\Western Digital
[2012/05/07 16:39:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Western Digital
[2012/05/07 16:39:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WD SmartWare
[2012/05/07 16:37:31 | 000,000,000 | ---D | C] -- C:\Users\blandine\AppData\Local\Western Digital
[2012/05/07 16:36:44 | 000,000,000 | ---D | C] -- C:\Users\blandine\AppData\Roaming\Roxio Burn
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
[2012/05/22 21:24:00 | 000,001,072 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/05/22 21:20:20 | 000,001,068 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/05/22 21:20:11 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/05/22 21:20:04 | 3153,727,488 | -HS- | M] () -- C:\hiberfil.sys
[2012/05/22 19:58:35 | 000,000,506 | ---- | M] () -- C:\Windows\tasks\SystemToolsDailyTest.job
[2012/05/22 11:26:09 | 000,231,936 | -HS- | M] () -- C:\Users\blandine\AppData\Roaming\VboxServs.exe
[2012/05/14 08:18:27 | 000,000,000 | ---D | M] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[2012/05/11 18:54:07 | 000,001,862 | ---- | M] () -- C:\Users\Public\Desktop\F-Secure Launch pad.lnk
[2012/05/08 18:48:11 | 000,001,785 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2012/05/08 18:48:11 | 000,000,000 | ---D | M] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2012/05/08 18:45:35 | 000,002,519 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
[2012/05/08 09:07:00 | 000,000,564 | ---- | M] () -- C:\Windows\tasks\PCDoctorBackgroundMonitorTask.job
[2012/05/07 16:40:00 | 000,001,320 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WDDMStatus.lnk
[2012/05/07 16:40:00 | 000,000,000 | R--D | M] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
[2012/05/07 16:40:00 | 000,000,000 | ---D | M] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WD SmartWare
[2012/05/07 09:45:50 | 000,011,272 | ---- | M] () -- C:\Users\blandine\Documents\justificatif.pdf
[2012/05/06 16:28:00 | 000,028,817 | ---- | M] () -- C:\Users\blandine\Desktop\DE0060 DEVIS HORTA.pdf
[color=#E56717]========== Files Created - No Company Name ==========[/color]
[2012/05/22 11:26:31 | 000,231,936 | -HS- | C] () -- C:\Users\blandine\AppData\Roaming\VboxServs.exe
[2012/05/08 18:48:11 | 000,001,785 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2012/05/08 18:45:35 | 000,002,519 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
[2012/05/07 16:40:00 | 000,001,320 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WDDMStatus.lnk
[2012/05/07 09:45:50 | 000,011,272 | ---- | C] () -- C:\Users\blandine\Documents\justificatif.pdf
[2012/05/06 16:28:00 | 000,028,817 | ---- | C] () -- C:\Users\blandine\Desktop\DE0060 DEVIS HORTA.pdf
[2012/03/03 12:54:24 | 000,000,500 | ---- | C] () -- C:\Windows\{687EAE16-F2E7-4B96-B58C-AC09F9119B8C}_WiseFW.ini
[2012/01/25 11:56:39 | 000,042,672 | ---- | C] () -- C:\Windows\SysWow64\drivers\fsbts.sys
[2012/01/25 00:22:22 | 000,019,615 | ---- | C] () -- C:\Windows\prodsett_copy.ini
[2011/10/30 18:35:30 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2011/07/13 11:05:11 | 000,963,116 | ---- | C] () -- C:\Windows\SysWow64\igkrng600.bin
[2011/07/13 11:05:09 | 000,216,876 | ---- | C] () -- C:\Windows\SysWow64\igfcg600m.bin
[2011/07/13 11:05:07 | 000,145,804 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng600.bin
[2011/07/13 10:06:43 | 000,017,776 | ---- | C] () -- C:\Windows\EvtMessage.dll
[2011/02/12 20:17:40 | 001,696,440 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2009/07/14 07:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009/07/14 04:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009/07/14 04:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009/07/14 02:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009/07/14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009/07/13 23:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009/06/10 23:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[color=#E56717]========== LOP Check ==========[/color]
[2011/09/29 13:56:41 | 000,000,000 | ---D | M] -- C:\Users\blandine\AppData\Roaming\DigitalPersona
[2012/02/04 22:57:11 | 000,000,000 | ---D | M] -- C:\Users\blandine\AppData\Roaming\F-Secure
[2011/11/28 12:50:45 | 000,000,000 | ---D | M] -- C:\Users\blandine\AppData\Roaming\PCDr
[2012/02/05 15:50:28 | 000,000,000 | ---D | M] -- C:\Users\blandine\AppData\Roaming\Windows Live Writer
[2009/07/14 07:08:56 | 000,000,000 | -HSD | M] -- C:\ProgramData\Application Data
[2011/09/29 13:56:01 | 000,000,000 | -HSD | M] -- C:\ProgramData\Bureau
[2009/07/14 07:08:56 | 000,000,000 | -HSD | M] -- C:\ProgramData\Desktop
[2009/07/14 07:08:56 | 000,000,000 | -HSD | M] -- C:\ProgramData\Documents
[2011/07/13 10:45:34 | 000,000,000 | ---D | M] -- C:\ProgramData\Downloaded Installations
[2012/01/25 00:22:56 | 000,000,000 | ---D | M] -- C:\ProgramData\F-Secure
[2011/09/29 13:56:01 | 000,000,000 | -HSD | M] -- C:\ProgramData\Favoris
[2009/07/14 07:08:56 | 000,000,000 | -HSD | M] -- C:\ProgramData\Favorites
[2012/01/25 00:21:09 | 000,000,000 | ---D | M] -- C:\ProgramData\fssg
[2012/03/03 12:53:36 | 000,000,000 | ---D | M] -- C:\ProgramData\Leapfrog
[2011/09/29 13:56:01 | 000,000,000 | -HSD | M] -- C:\ProgramData\Menu Démarrer
[2011/09/29 13:56:01 | 000,000,000 | -HSD | M] -- C:\ProgramData\Modèles
[2011/11/28 12:51:19 | 000,000,000 | ---D | M] -- C:\ProgramData\PCDr
[2011/07/13 10:33:00 | 000,000,000 | ---D | M] -- C:\ProgramData\PhotoShow Shared Assets
[2011/07/13 10:09:29 | 000,000,000 | ---D | M] -- C:\ProgramData\Roaming
[2009/07/14 07:08:56 | 000,000,000 | -HSD | M] -- C:\ProgramData\Start Menu
[2011/07/13 10:22:44 | 000,000,000 | ---D | M] -- C:\ProgramData\Temp
[2009/07/14 07:08:56 | 000,000,000 | -HSD | M] -- C:\ProgramData\Templates
[2011/07/13 10:34:31 | 000,000,000 | ---D | M] -- C:\ProgramData\Uninstall
[2011/07/13 10:07:18 | 000,000,000 | ---D | M] -- C:\ProgramData\Validity
[2012/05/07 16:40:20 | 000,000,000 | ---D | M] -- C:\ProgramData\Western Digital
[2012/05/08 18:47:55 | 000,000,000 | ---D | M] -- C:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001}
[2012/05/08 09:07:00 | 000,000,564 | ---- | M] () -- C:\Windows\Tasks\PCDoctorBackgroundMonitorTask.job
[2012/03/14 01:32:24 | 000,032,482 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2012/05/22 19:58:35 | 000,000,506 | ---- | M] () -- C:\Windows\Tasks\SystemToolsDailyTest.job
[color=#E56717]========== Purity Check ==========[/color]
< End of report >
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
Utilisateur anonyme
22 mai 2012 à 22:39
22 mai 2012 à 22:39
@Korson
Tu dois créer ton propre sujet afin de suivre une désinfection correcte et efficace.
Un helpeur te prendra en charge.
bonne soirée.
Tu dois créer ton propre sujet afin de suivre une désinfection correcte et efficace.
Un helpeur te prendra en charge.
bonne soirée.
