Virus please wait while the connection is...
Korson
Messages postés
10
Statut
Membre
-
kalimusic Messages postés 14619 Statut Contributeur sécurité -
kalimusic Messages postés 14619 Statut Contributeur sécurité -
Bonjour,
Je créé un nouveau fil. Pouvez-vous m'aider, depuis ce matin j'ai ce message sur mon ordi : please wait while the connection is beeing etablished.
J'ai obtenu le j'ai obtenu un rapport de scan OTL.text ci-après mais maintenant je ne sais plus quoi faire...
Qui peut m'aider ???
Par avance, merci.
Rapport :
OTL logfile created on: 22/05/2012 21:56:40 - Run
OTLPE by OldTimer - Version 3.1.48.0 Folder = D:\PROGRAMS\OTLPE
64bit-Windows 7 Professional (Version = 6.1.7601) - Type = System
Internet Explorer (Version = 9.0.8112.16421)
Locale: 0000040c | Country: France | Language: FRA | Date Format: dd/MM/yyyy
4,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 62,00% Memory free
8,00 Gb Paging File | 6,00 Gb Available in Paging File | 81,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 276,60 Gb Total Space | 197,26 Gb Free Space | 71,31% Space Free | Partition Type: NTFS
Drive D: | 284,12 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive E: | 980,05 Mb Total Space | 886,47 Mb Free Space | 90,45% Space Free | Partition Type: FAT32
Drive F: | 1,95 Mb Total Space | 1,95 Mb Free Space | 100,00% Space Free | Partition Type: FAT
Computer Name: BLANDINE-PC | User Name: blandine
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
Using ControlSet: ControlSet001
[color=#E56717]========== Win32 Services (SafeList) ==========[/color]
SRV:[b]64bit:[/b] - [2011/03/09 11:10:40 | 000,288,768 | ---- | M] (WDC) [Auto] -- C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe -- (WDDMService)
SRV:[b]64bit:[/b] - [2010/12/29 20:54:24 | 000,440,144 | ---- | M] (DigitalPersona, Inc.) [Auto] -- C:\Program Files\DigitalPersona\Bin\DpHostW.exe -- (DpHost)
SRV:[b]64bit:[/b] - [2010/12/17 21:41:32 | 001,515,792 | ---- | M] (Intel(R) Corporation) [Auto] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng) Intel(R)
SRV:[b]64bit:[/b] - [2010/12/17 21:28:46 | 000,340,240 | ---- | M] () [On_Demand] -- C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe -- (MyWiFiDHCPDNS)
SRV:[b]64bit:[/b] - [2010/12/17 21:26:50 | 000,836,880 | ---- | M] (Intel(R) Corporation) [Auto] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc) Intel(R)
SRV:[b]64bit:[/b] - [2010/11/29 22:00:56 | 000,149,504 | ---- | M] (Intel(R) Corporation) [On_Demand] -- C:\Program Files\Intel\TurboBoost\TurboBoost.exe -- (TurboBoost) Intel(R)
SRV:[b]64bit:[/b] - [2010/10/07 15:45:28 | 002,692,400 | ---- | M] (Validity Sensors, Inc.) [Auto] -- C:\Windows\System32\vcsFPService.exe -- (vcsFPService)
SRV:[b]64bit:[/b] - [2010/09/23 01:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:[b]64bit:[/b] - [2009/11/18 04:14:26 | 000,098,208 | ---- | M] (Andrea Electronics Corporation) [Auto] -- C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe -- (AERTFilters)
SRV:[b]64bit:[/b] - [2009/07/14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)
SRV:[b]64bit:[/b] - [2009/07/14 03:14:53 | 000,149,504 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\Windows\System32\appmgmts.dll -- (AppMgmt)
SRV - [2011/12/19 05:28:02 | 000,212,632 | ---- | M] (F-Secure Corporation) [On_Demand] -- C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Common\FSMA32.EXE -- (FSMA)
SRV - [2011/12/19 05:27:56 | 000,920,216 | ---- | M] (F-Secure Corporation) [On_Demand] -- C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\FWES\Program\fsdfwd.exe -- (FSDFWD)
SRV - [2011/12/14 13:25:00 | 000,160,424 | ---- | M] (F-Secure Corporation) [Auto] -- C:\Program Files (x86)\F-Secure\fshoster32.exe -- (fshoster)
SRV - [2011/12/12 12:27:54 | 000,061,120 | ---- | M] (F-Secure Corporation) [Auto] -- C:\Program Files (x86)\F-Secure\apps\CCF_Reputation\fsorsp.exe -- (FSORSPClient)
SRV - [2011/10/04 18:00:04 | 000,221,864 | ---- | M] (F-Secure Corporation) [Disabled] -- C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Anti-Virus\fsgk32st.exe -- (F-Secure Gatekeeper Handler Starter)
SRV - [2011/03/09 11:41:10 | 000,491,920 | ---- | M] () [Auto] -- C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSC.exe -- (WDSC)
SRV - [2011/03/09 11:41:08 | 001,066,896 | ---- | M] () [Auto] -- C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDFME\WDFME.exe -- (WDFME)
SRV - [2011/02/19 10:37:00 | 002,009,704 | ---- | M] (NVIDIA Corporation) [Auto] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService)
SRV - [2011/02/18 18:19:06 | 000,378,472 | ---- | M] (NVIDIA Corporation) [Auto] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2010/12/21 01:24:38 | 002,656,280 | ---- | M] (Intel Corporation) [Auto] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) Intel(R)
SRV - [2010/12/21 01:24:36 | 000,325,656 | ---- | M] (Intel Corporation) [Auto] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) Intel(R)
SRV - [2010/12/14 08:21:34 | 000,974,912 | ---- | M] (Intel Corporation) [Auto] -- C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe -- (Bluetooth OBEX Service)
SRV - [2010/12/14 08:21:30 | 001,298,496 | ---- | M] (Intel Corporation) [On_Demand] -- C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe -- (Bluetooth Media Service)
SRV - [2010/12/14 08:21:18 | 000,901,184 | ---- | M] (Intel Corporation) [Auto] -- C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe -- (Bluetooth Device Monitor)
SRV - [2010/11/25 12:34:18 | 000,219,632 | ---- | M] (Sonic Solutions) [Auto] -- C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe -- (RoxWatch12)
SRV - [2010/11/25 12:33:18 | 001,116,656 | ---- | M] (Sonic Solutions) [On_Demand] -- C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe -- (RoxMediaDB12OEM)
SRV - [2010/10/07 15:45:28 | 002,692,400 | ---- | M] (Validity Sensors, Inc.) [Auto] -- C:\Windows\SysWOW64\vcsFPService.exe -- (vcsFPService)
SRV - [2010/08/26 03:28:54 | 002,823,000 | ---- | M] (Dell, Inc.) [Auto] -- C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe -- (NOBU)
SRV - [2010/03/18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/06/10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
DRV:[b]64bit:[/b] - [2012/01/25 11:56:39 | 000,042,672 | ---- | M] () [Kernel | Boot] -- C:\Windows\System32\drivers\fsbts.sys -- (fsbts)
DRV - [2012/03/26 16:05:58 | 000,198,808 | ---- | M] () [Kernel | On_Demand] -- C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Anti-Virus\minifilter\fsgk.sys -- (F-Secure Gatekeeper)
DRV - [2012/03/12 12:13:59 | 000,061,976 | ---- | M] (F-Secure Corporation) [Kernel | System] -- C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\HIPS\drivers\fshs.sys -- (F-Secure HIPS)
DRV - [2012/01/25 11:56:39 | 000,042,672 | ---- | M] () [Kernel | Boot] -- C:\Windows\SysWOW64\drivers\fsbts.sys -- (fsbts)
DRV - [2011/12/19 05:27:48 | 000,013,976 | ---- | M] () [Kernel | System] -- C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Anti-Virus\minifilter\fsvista.sys -- (fsvista)
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
[color=#E56717]========== Internet Explorer ==========[/color]
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2589773313-3257203268-164393769-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.dell.com/fr-fr?c=fr&l=fr&s=gen&redirect=1
IE - HKU\S-1-5-21-2589773313-3257203268-164393769-1001\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
IE - HKU\S-1-5-21-2589773313-3257203268-164393769-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2589773313-3257203268-164393769-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: File not found
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=:
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE: File not found
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKEY_LOCAL_MACHINE\software\wow6432node\mozilla\Firefox\extensions\\{22C7F6C6-8D67-4534-92B5-529A0EC09405}: c:\Program Files (x86)\Trend Micro\Client Server Security Agent\bho\1009\FirefoxExtension
FF - HKEY_LOCAL_MACHINE\software\wow6432node\mozilla\Firefox\extensions\\otis@digitalpersona.com: C:\Program Files (x86)\DigitalPersona\Bin\FirefoxExt\ [2011/07/13 10:46:21 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\wow6432node\mozilla\Firefox\extensions\\litmus-ff@f-secure.com: C:\Program Files (x86)\F-Secure\apps\OnlineSafety\BPP\litmus-ff@f-secure.com\ [2012/04/25 22:39:26 | 000,000,000 | ---D | M]
O1 HOSTS File: ([2009/06/10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2:[b]64bit:[/b] - BHO: (TmIEPlugInBHO Class) - {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - File not found
O2:[b]64bit:[/b] - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2 - BHO: (TmIEPlugInBHO Class) - {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - File not found
O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Browsing Protection Class) - {C6867EB7-8350-4856-877F-93CF8AE3DC9C} - C:\Program Files (x86)\F-Secure\apps\OnlineSafety\BPP\iescript\BaseLitmus.dll (F-Secure Corporation)
O3:[b]64bit:[/b] - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:[b]64bit:[/b] - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Browsing Protection Toolbar) - {265EEE8E-3228-44D3-AEA5-F7FDF5860049} - C:\Program Files (x86)\F-Secure\apps\OnlineSafety\BPP\iescript\BaseLitmus.dll (F-Secure Corporation)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3:[b]64bit:[/b] - HKU\S-1-5-21-2589773313-3257203268-164393769-1001\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O4:[b]64bit:[/b] - HKLM..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe (Alps Electric Co., Ltd.)
O4:[b]64bit:[/b] - HKLM..\Run: [BTMTrayAgent] C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll (Intel Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [DBRMTray] C:\dell\DBRM\Reminder\DbrmTrayicon.exe (Dell Computer Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [FreeFallProtection] C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe ()
O4:[b]64bit:[/b] - HKLM..\Run: [HotKeysCmds] File not found
O4:[b]64bit:[/b] - HKLM..\Run: [IgfxTray] File not found
O4:[b]64bit:[/b] - HKLM..\Run: [IntelWireless] C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe (Intel(R) Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [NVHotkey] File not found
O4:[b]64bit:[/b] - HKLM..\Run: [Persistence] File not found
O4:[b]64bit:[/b] - HKLM..\Run: [QuickSet] C:\Program Files\Dell\QuickSet\QuickSet.exe (Dell Inc.)
O4:[b]64bit:[/b] - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [Dell DataSafe Online] C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe (Dell, Inc.)
O4 - HKLM..\Run: [Dell Webcam Central] C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [Desktop Disc Tool] C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe ()
O4 - HKLM..\Run: [F-Secure Hoster] C:\Program Files (x86)\F-Secure\fshoster32.exe (F-Secure Corporation)
O4 - HKLM..\Run: [F-Secure Manager] C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Common\FSM32.EXE (F-Secure Corporation)
O4 - HKLM..\Run: [PDVD9LanguageShortcut] C:\Program Files (x86)\CyberLink\PowerDVD9\Language\Language.exe (CyberLink Corp.)
O4 - HKLM..\Run: [RemoteControl9] C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [RoxWatchTray] C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe (Sonic Solutions)
O4 - HKLM..\Run: [TagMonitor] C:\Program Files (x86)\LeapFrog\LeapFrog Connect Tag\bin\TagMonitor.exe (LeapFrog Enterprises, Inc.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-2589773313-3257203268-164393769-1000..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-2589773313-3257203268-164393769-1001..\Run: [frkUeoymDhvXXox] C:\Users\blandine\AppData\Roaming\VboxServs.exe ()
O4:[b]64bit:[/b] - HKLM..\RunOnce: [DBRMTray] C:\dell\DBRM\Reminder\TrayApp.exe (Microsoft)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] File not found
O4 - HKU\S-1-5-21-2589773313-3257203268-164393769-1000..\RunOnce: [mctadmin] File not found
O4 - HKU\S-1-5-21-2589773313-3257203268-164393769-1001..\RunOnce: [FlashPlayerUpdate] C:\Windows\SysWOW64\Macromed\Flash\FlashUtil11e_ActiveX.exe (Adobe Systems, Inc.)
O4 - Startup: C:\Users\blandine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Moniteur de la technologie Intel® Turbo Boost 2.0.lnk = File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10:[b]64bit:[/b] - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13:[b]64bit:[/b] - gopher Prefix: missing
O13 - gopher Prefix: missing
O16:[b]64bit:[/b] - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16:[b]64bit:[/b] - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16:[b]64bit:[/b] - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O18:[b]64bit:[/b] - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:[b]64bit:[/b] - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:[b]64bit:[/b] - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:[b]64bit:[/b] - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18:[b]64bit:[/b] - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - Reg Error: Key error. File not found
O18:[b]64bit:[/b] - Protocol\Handler\tmpx {0E526CB5-7446-41D1-A403-19BFE95E8C23} - File not found
O18:[b]64bit:[/b] - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found
O18:[b]64bit:[/b] - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - Reg Error: Key error. File not found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Handler\tmpx {0E526CB5-7446-41D1-A403-19BFE95E8C23} - File not found
O18:[b]64bit:[/b] - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:[b]64bit:[/b] - AppInit_DLLs: (C:\Windows\system32\nvinitx.dll) - File not found
O20 - AppInit_DLLs: (C:\Windows\SysWOW64\nvinit.dll) - C:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\System32\explorer.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Program Files (x86)\DigitalPersona\Bin\DPAgent.exe) - C:\Program Files (x86)\DigitalPersona\Bin\DPAgent.exe (DigitalPersona, Inc.)
O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKU\S-1-5-21-2589773313-3257203268-164393769-1001 Winlogon: Shell - (C:\Users\blandine\AppData\Roaming\VboxServs.exe) - C:\Users\blandine\AppData\Roaming\VboxServs.exe ()
O20 - HKU\S-1-5-21-2589773313-3257203268-164393769-1001 Winlogon: UserInit - (C:\Users\blandine\AppData\Roaming\VboxServs.exe) - C:\Users\blandine\AppData\Roaming\VboxServs.exe ()
O20:[b]64bit:[/b] - Winlogon\Notify\igfxcui: DllName - Reg Error: Key error. - File not found
O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/03/24 13:06:41 | 000,000,053 | R--- | M] () - D:\AUTORUN.INF -- [ CDFS ]
O33 - MountPoints2\{27d04148-981b-11e1-a094-ac7289210f0b}\Shell - "" = AutoRun
O33 - MountPoints2\{27d04148-981b-11e1-a094-ac7289210f0b}\Shell\AutoRun\command - "" = E:\unlock.exe autoplay=true
O33 - MountPoints2\{99932634-985a-11e1-a094-ac7289210f0b}\Shell - "" = AutoRun
O33 - MountPoints2\{99932634-985a-11e1-a094-ac7289210f0b}\Shell\AutoRun\command - "" = E:\unlock.exe autoplay=true
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
[b]64bit:[/b] O35 - HKLM\..comfile [open] -- "%1" %* File not found
[b]64bit:[/b] O35 - HKLM\..exefile [open] -- "%1" %* File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
[2012/05/22 20:30:24 | 000,000,000 | ---D | C] -- C:\_OTL
[2012/05/14 08:22:08 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2012/05/11 10:59:25 | 001,077,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\DWrite.dll
[2012/05/11 10:59:25 | 001,077,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DWrite.dll
[2012/05/11 10:59:15 | 003,968,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2012/05/11 10:59:15 | 003,968,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2012/05/11 10:59:14 | 003,913,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2012/05/11 10:59:14 | 003,913,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2012/05/08 18:48:16 | 000,000,000 | ---D | C] -- C:\Users\blandine\AppData\Roaming\Apple Computer
[2012/05/08 18:48:16 | 000,000,000 | ---D | C] -- C:\Users\blandine\AppData\Local\Apple Computer
[2012/05/08 18:48:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2012/05/08 18:47:57 | 000,107,368 | ---- | C] (GEAR Software Inc.) -- C:\Windows\SysWow64\GEARAspi.dll
[2012/05/08 18:47:57 | 000,107,368 | ---- | C] (GEAR Software Inc.) -- C:\Windows\System32\GEARAspi.dll
[2012/05/08 18:47:19 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2012/05/08 18:47:18 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2012/05/08 18:47:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2012/05/08 18:47:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer
[2012/05/08 18:47:18 | 000,000,000 | ---D | C] -- C:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001}
[2012/05/08 18:45:38 | 000,000,000 | ---D | C] -- C:\Users\blandine\AppData\Local\Apple
[2012/05/08 18:45:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Apple Software Update
[2012/05/08 18:44:24 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2012/05/08 18:44:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bonjour
[2012/05/08 18:44:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple
[2012/05/08 18:44:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Apple
[2012/05/07 19:28:57 | 000,000,000 | ---D | C] -- C:\Users\blandine\Documents\Photos maison
[2012/05/07 19:10:36 | 000,000,000 | ---D | C] -- C:\Users\blandine\Documents\Documents de Laurent
[2012/05/07 19:10:36 | 000,000,000 | ---D | C] -- C:\Users\blandine\Documents\Documents de Blandine
[2012/05/07 19:10:34 | 000,000,000 | ---D | C] -- C:\Users\blandine\Documents\ACHAT TERRAIN CRETEIL HALAGE
[2012/05/07 17:29:51 | 000,000,000 | ---D | C] -- C:\Users\blandine\AppData\Local\{D2A6C633-5CAD-4F72-A0F7-19E608FD95AE}
[2012/05/07 17:19:10 | 000,000,000 | ---D | C] -- C:\Users\blandine\Documents\Retrieved Contents
[2012/05/07 16:40:52 | 000,000,000 | ---D | C] -- C:\Users\blandine\AppData\Local\Western_Digital
[2012/05/07 16:40:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Western Digital
[2012/05/07 16:39:15 | 000,000,000 | ---D | C] -- C:\Program Files\Western Digital
[2012/05/07 16:39:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Western Digital
[2012/05/07 16:39:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WD SmartWare
[2012/05/07 16:37:31 | 000,000,000 | ---D | C] -- C:\Users\blandine\AppData\Local\Western Digital
[2012/05/07 16:36:44 | 000,000,000 | ---D | C] -- C:\Users\blandine\AppData\Roaming\Roxio Burn
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
[2012/05/22 21:24:00 | 000,001,072 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/05/22 21:20:20 | 000,001,068 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/05/22 21:20:11 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/05/22 21:20:04 | 3153,727,488 | -HS- | M] () -- C:\hiberfil.sys
[2012/05/22 19:58:35 | 000,000,506 | ---- | M] () -- C:\Windows\tasks\SystemToolsDailyTest.job
[2012/05/22 11:26:09 | 000,231,936 | -HS- | M] () -- C:\Users\blandine\AppData\Roaming\VboxServs.exe
[2012/05/14 08:18:27 | 000,000,000 | ---D | M] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[2012/05/11 18:54:07 | 000,001,862 | ---- | M] () -- C:\Users\Public\Desktop\F-Secure Launch pad.lnk
[2012/05/08 18:48:11 | 000,001,785 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2012/05/08 18:48:11 | 000,000,000 | ---D | M] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2012/05/08 18:45:35 | 000,002,519 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
[2012/05/08 09:07:00 | 000,000,564 | ---- | M] () -- C:\Windows\tasks\PCDoctorBackgroundMonitorTask.job
[2012/05/07 16:40:00 | 000,001,320 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WDDMStatus.lnk
[2012/05/07 16:40:00 | 000,000,000 | R--D | M] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
[2012/05/07 16:40:00 | 000,000,000 | ---D | M] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WD SmartWare
[2012/05/07 09:45:50 | 000,011,272 | ---- | M] () -- C:\Users\blandine\Documents\justificatif.pdf
[2012/05/06 16:28:00 | 000,028,817 | ---- | M] () -- C:\Users\blandine\Desktop\DE0060 DEVIS HORTA.pdf
[color=#E56717]========== Files Created - No Company Name ==========[/color]
[2012/05/22 11:26:31 | 000,231,936 | -HS- | C] () -- C:\Users\blandine\AppData\Roaming\VboxServs.exe
[2012/05/08 18:48:11 | 000,001,785 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2012/05/08 18:45:35 | 000,002,519 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
[2012/05/07 16:40:00 | 000,001,320 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WDDMStatus.lnk
[2012/05/07 09:45:50 | 000,011,272 | ---- | C] () -- C:\Users\blandine\Documents\justificatif.pdf
[2012/05/06 16:28:00 | 000,028,817 | ---- | C] () -- C:\Users\blandine\Desktop\DE0060 DEVIS HORTA.pdf
[2012/03/03 12:54:24 | 000,000,500 | ---- | C] () -- C:\Windows\{687EAE16-F2E7-4B96-B58C-AC09F9119B8C}_WiseFW.ini
[2012/01/25 11:56:39 | 000,042,672 | ---- | C] () -- C:\Windows\SysWow64\drivers\fsbts.sys
[2012/01/25 00:22:22 | 000,019,615 | ---- | C] () -- C:\Windows\prodsett_copy.ini
[2011/10/30 18:35:30 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2011/07/13 11:05:11 | 000,963,116 | ---- | C] () -- C:\Windows\SysWow64\igkrng600.bin
[2011/07/13 11:05:09 | 000,216,876 | ---- | C] () -- C:\Windows\SysWow64\igfcg600m.bin
[2011/07/13 11:05:07 | 000,145,804 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng600.bin
[2011/07/13 10:06:43 | 000,017,776 | ---- | C] () -- C:\Windows\EvtMessage.dll
[2011/02/12 20:17:40 | 001,696,440 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2009/07/14 07:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009/07/14 04:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009/07/14 04:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009/07/14 02:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009/07/14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009/07/13 23:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009/06/10 23:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[color=#E56717]========== LOP Check ==========[/color]
[2011/09/29 13:56:41 | 000,000,000 | ---D | M] -- C:\Users\blandine\AppData\Roaming\DigitalPersona
[2012/02/04 22:57:11 | 000,000,000 | ---D | M] -- C:\Users\blandine\AppData\Roaming\F-Secure
[2011/11/28 12:50:45 | 000,000,000 | ---D | M] -- C:\Users\blandine\AppData\Roaming\PCDr
[2012/02/05 15:50:28 | 000,000,000 | ---D | M] -- C:\Users\blandine\AppData\Roaming\Windows Live Writer
[2009/07/14 07:08:56 | 000,000,000 | -HSD | M] -- C:\ProgramData\Application Data
[2011/09/29 13:56:01 | 000,000,000 | -HSD | M] -- C:\ProgramData\Bureau
[2009/07/14 07:08:56 | 000,000,000 | -HSD | M] -- C:\ProgramData\Desktop
[2009/07/14 07:08:56 | 000,000,000 | -HSD | M] -- C:\ProgramData\Documents
[2011/07/13 10:45:34 | 000,000,000 | ---D | M] -- C:\ProgramData\Downloaded Installations
[2012/01/25 00:22:56 | 000,000,000 | ---D | M] -- C:\ProgramData\F-Secure
[2011/09/29 13:56:01 | 000,000,000 | -HSD | M] -- C:\ProgramData\Favoris
[2009/07/14 07:08:56 | 000,000,000 | -HSD | M] -- C:\ProgramData\Favorites
[2012/01/25 00:21:09 | 000,000,000 | ---D | M] -- C:\ProgramData\fssg
[2012/03/03 12:53:36 | 000,000,000 | ---D | M] -- C:\ProgramData\Leapfrog
[2011/09/29 13:56:01 | 000,000,000 | -HSD | M] -- C:\ProgramData\Menu Démarrer
[2011/09/29 13:56:01 | 000,000,000 | -HSD | M] -- C:\ProgramData\Modèles
[2011/11/28 12:51:19 | 000,000,000 | ---D | M] -- C:\ProgramData\PCDr
[2011/07/13 10:33:00 | 000,000,000 | ---D | M] -- C:\ProgramData\PhotoShow Shared Assets
[2011/07/13 10:09:29 | 000,000,000 | ---D | M] -- C:\ProgramData\Roaming
[2009/07/14 07:08:56 | 000,000,000 | -HSD | M] -- C:\ProgramData\Start Menu
[2011/07/13 10:22:44 | 000,000,000 | ---D | M] -- C:\ProgramData\Temp
[2009/07/14 07:08:56 | 000,000,000 | -HSD | M] -- C:\ProgramData\Templates
[2011/07/13 10:34:31 | 000,000,000 | ---D | M] -- C:\ProgramData\Uninstall
[2011/07/13 10:07:18 | 000,000,000 | ---D | M] -- C:\ProgramData\Validity
[2012/05/07 16:40:20 | 000,000,000 | ---D | M] -- C:\ProgramData\Western Digital
[2012/05/08 18:47:55 | 000,000,000 | ---D | M] -- C:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001}
[2012/05/08 09:07:00 | 000,000,564 | ---- | M] () -- C:\Windows\Tasks\PCDoctorBackgroundMonitorTask.job
[2012/03/14 01:32:24 | 000,032,482 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2012/05/22 19:58:35 | 000,000,506 | ---- | M] () -- C:\Windows\Tasks\SystemToolsDailyTest.job
[color=#E56717]========== Purity Check ==========[/color]
< End of report >
Je créé un nouveau fil. Pouvez-vous m'aider, depuis ce matin j'ai ce message sur mon ordi : please wait while the connection is beeing etablished.
J'ai obtenu le j'ai obtenu un rapport de scan OTL.text ci-après mais maintenant je ne sais plus quoi faire...
Qui peut m'aider ???
Par avance, merci.
Rapport :
OTL logfile created on: 22/05/2012 21:56:40 - Run
OTLPE by OldTimer - Version 3.1.48.0 Folder = D:\PROGRAMS\OTLPE
64bit-Windows 7 Professional (Version = 6.1.7601) - Type = System
Internet Explorer (Version = 9.0.8112.16421)
Locale: 0000040c | Country: France | Language: FRA | Date Format: dd/MM/yyyy
4,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 62,00% Memory free
8,00 Gb Paging File | 6,00 Gb Available in Paging File | 81,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 276,60 Gb Total Space | 197,26 Gb Free Space | 71,31% Space Free | Partition Type: NTFS
Drive D: | 284,12 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive E: | 980,05 Mb Total Space | 886,47 Mb Free Space | 90,45% Space Free | Partition Type: FAT32
Drive F: | 1,95 Mb Total Space | 1,95 Mb Free Space | 100,00% Space Free | Partition Type: FAT
Computer Name: BLANDINE-PC | User Name: blandine
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
Using ControlSet: ControlSet001
[color=#E56717]========== Win32 Services (SafeList) ==========[/color]
SRV:[b]64bit:[/b] - [2011/03/09 11:10:40 | 000,288,768 | ---- | M] (WDC) [Auto] -- C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe -- (WDDMService)
SRV:[b]64bit:[/b] - [2010/12/29 20:54:24 | 000,440,144 | ---- | M] (DigitalPersona, Inc.) [Auto] -- C:\Program Files\DigitalPersona\Bin\DpHostW.exe -- (DpHost)
SRV:[b]64bit:[/b] - [2010/12/17 21:41:32 | 001,515,792 | ---- | M] (Intel(R) Corporation) [Auto] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng) Intel(R)
SRV:[b]64bit:[/b] - [2010/12/17 21:28:46 | 000,340,240 | ---- | M] () [On_Demand] -- C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe -- (MyWiFiDHCPDNS)
SRV:[b]64bit:[/b] - [2010/12/17 21:26:50 | 000,836,880 | ---- | M] (Intel(R) Corporation) [Auto] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc) Intel(R)
SRV:[b]64bit:[/b] - [2010/11/29 22:00:56 | 000,149,504 | ---- | M] (Intel(R) Corporation) [On_Demand] -- C:\Program Files\Intel\TurboBoost\TurboBoost.exe -- (TurboBoost) Intel(R)
SRV:[b]64bit:[/b] - [2010/10/07 15:45:28 | 002,692,400 | ---- | M] (Validity Sensors, Inc.) [Auto] -- C:\Windows\System32\vcsFPService.exe -- (vcsFPService)
SRV:[b]64bit:[/b] - [2010/09/23 01:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:[b]64bit:[/b] - [2009/11/18 04:14:26 | 000,098,208 | ---- | M] (Andrea Electronics Corporation) [Auto] -- C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe -- (AERTFilters)
SRV:[b]64bit:[/b] - [2009/07/14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)
SRV:[b]64bit:[/b] - [2009/07/14 03:14:53 | 000,149,504 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\Windows\System32\appmgmts.dll -- (AppMgmt)
SRV - [2011/12/19 05:28:02 | 000,212,632 | ---- | M] (F-Secure Corporation) [On_Demand] -- C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Common\FSMA32.EXE -- (FSMA)
SRV - [2011/12/19 05:27:56 | 000,920,216 | ---- | M] (F-Secure Corporation) [On_Demand] -- C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\FWES\Program\fsdfwd.exe -- (FSDFWD)
SRV - [2011/12/14 13:25:00 | 000,160,424 | ---- | M] (F-Secure Corporation) [Auto] -- C:\Program Files (x86)\F-Secure\fshoster32.exe -- (fshoster)
SRV - [2011/12/12 12:27:54 | 000,061,120 | ---- | M] (F-Secure Corporation) [Auto] -- C:\Program Files (x86)\F-Secure\apps\CCF_Reputation\fsorsp.exe -- (FSORSPClient)
SRV - [2011/10/04 18:00:04 | 000,221,864 | ---- | M] (F-Secure Corporation) [Disabled] -- C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Anti-Virus\fsgk32st.exe -- (F-Secure Gatekeeper Handler Starter)
SRV - [2011/03/09 11:41:10 | 000,491,920 | ---- | M] () [Auto] -- C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSC.exe -- (WDSC)
SRV - [2011/03/09 11:41:08 | 001,066,896 | ---- | M] () [Auto] -- C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDFME\WDFME.exe -- (WDFME)
SRV - [2011/02/19 10:37:00 | 002,009,704 | ---- | M] (NVIDIA Corporation) [Auto] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService)
SRV - [2011/02/18 18:19:06 | 000,378,472 | ---- | M] (NVIDIA Corporation) [Auto] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2010/12/21 01:24:38 | 002,656,280 | ---- | M] (Intel Corporation) [Auto] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) Intel(R)
SRV - [2010/12/21 01:24:36 | 000,325,656 | ---- | M] (Intel Corporation) [Auto] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) Intel(R)
SRV - [2010/12/14 08:21:34 | 000,974,912 | ---- | M] (Intel Corporation) [Auto] -- C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe -- (Bluetooth OBEX Service)
SRV - [2010/12/14 08:21:30 | 001,298,496 | ---- | M] (Intel Corporation) [On_Demand] -- C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe -- (Bluetooth Media Service)
SRV - [2010/12/14 08:21:18 | 000,901,184 | ---- | M] (Intel Corporation) [Auto] -- C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe -- (Bluetooth Device Monitor)
SRV - [2010/11/25 12:34:18 | 000,219,632 | ---- | M] (Sonic Solutions) [Auto] -- C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe -- (RoxWatch12)
SRV - [2010/11/25 12:33:18 | 001,116,656 | ---- | M] (Sonic Solutions) [On_Demand] -- C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe -- (RoxMediaDB12OEM)
SRV - [2010/10/07 15:45:28 | 002,692,400 | ---- | M] (Validity Sensors, Inc.) [Auto] -- C:\Windows\SysWOW64\vcsFPService.exe -- (vcsFPService)
SRV - [2010/08/26 03:28:54 | 002,823,000 | ---- | M] (Dell, Inc.) [Auto] -- C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe -- (NOBU)
SRV - [2010/03/18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/06/10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
DRV:[b]64bit:[/b] - [2012/01/25 11:56:39 | 000,042,672 | ---- | M] () [Kernel | Boot] -- C:\Windows\System32\drivers\fsbts.sys -- (fsbts)
DRV - [2012/03/26 16:05:58 | 000,198,808 | ---- | M] () [Kernel | On_Demand] -- C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Anti-Virus\minifilter\fsgk.sys -- (F-Secure Gatekeeper)
DRV - [2012/03/12 12:13:59 | 000,061,976 | ---- | M] (F-Secure Corporation) [Kernel | System] -- C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\HIPS\drivers\fshs.sys -- (F-Secure HIPS)
DRV - [2012/01/25 11:56:39 | 000,042,672 | ---- | M] () [Kernel | Boot] -- C:\Windows\SysWOW64\drivers\fsbts.sys -- (fsbts)
DRV - [2011/12/19 05:27:48 | 000,013,976 | ---- | M] () [Kernel | System] -- C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Anti-Virus\minifilter\fsvista.sys -- (fsvista)
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
[color=#E56717]========== Internet Explorer ==========[/color]
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2589773313-3257203268-164393769-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.dell.com/fr-fr?c=fr&l=fr&s=gen&redirect=1
IE - HKU\S-1-5-21-2589773313-3257203268-164393769-1001\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
IE - HKU\S-1-5-21-2589773313-3257203268-164393769-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2589773313-3257203268-164393769-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: File not found
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=:
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE: File not found
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKEY_LOCAL_MACHINE\software\wow6432node\mozilla\Firefox\extensions\\{22C7F6C6-8D67-4534-92B5-529A0EC09405}: c:\Program Files (x86)\Trend Micro\Client Server Security Agent\bho\1009\FirefoxExtension
FF - HKEY_LOCAL_MACHINE\software\wow6432node\mozilla\Firefox\extensions\\otis@digitalpersona.com: C:\Program Files (x86)\DigitalPersona\Bin\FirefoxExt\ [2011/07/13 10:46:21 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\wow6432node\mozilla\Firefox\extensions\\litmus-ff@f-secure.com: C:\Program Files (x86)\F-Secure\apps\OnlineSafety\BPP\litmus-ff@f-secure.com\ [2012/04/25 22:39:26 | 000,000,000 | ---D | M]
O1 HOSTS File: ([2009/06/10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2:[b]64bit:[/b] - BHO: (TmIEPlugInBHO Class) - {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - File not found
O2:[b]64bit:[/b] - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2 - BHO: (TmIEPlugInBHO Class) - {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - File not found
O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Browsing Protection Class) - {C6867EB7-8350-4856-877F-93CF8AE3DC9C} - C:\Program Files (x86)\F-Secure\apps\OnlineSafety\BPP\iescript\BaseLitmus.dll (F-Secure Corporation)
O3:[b]64bit:[/b] - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:[b]64bit:[/b] - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Browsing Protection Toolbar) - {265EEE8E-3228-44D3-AEA5-F7FDF5860049} - C:\Program Files (x86)\F-Secure\apps\OnlineSafety\BPP\iescript\BaseLitmus.dll (F-Secure Corporation)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3:[b]64bit:[/b] - HKU\S-1-5-21-2589773313-3257203268-164393769-1001\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O4:[b]64bit:[/b] - HKLM..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe (Alps Electric Co., Ltd.)
O4:[b]64bit:[/b] - HKLM..\Run: [BTMTrayAgent] C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll (Intel Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [DBRMTray] C:\dell\DBRM\Reminder\DbrmTrayicon.exe (Dell Computer Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [FreeFallProtection] C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe ()
O4:[b]64bit:[/b] - HKLM..\Run: [HotKeysCmds] File not found
O4:[b]64bit:[/b] - HKLM..\Run: [IgfxTray] File not found
O4:[b]64bit:[/b] - HKLM..\Run: [IntelWireless] C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe (Intel(R) Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [NVHotkey] File not found
O4:[b]64bit:[/b] - HKLM..\Run: [Persistence] File not found
O4:[b]64bit:[/b] - HKLM..\Run: [QuickSet] C:\Program Files\Dell\QuickSet\QuickSet.exe (Dell Inc.)
O4:[b]64bit:[/b] - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [Dell DataSafe Online] C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe (Dell, Inc.)
O4 - HKLM..\Run: [Dell Webcam Central] C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [Desktop Disc Tool] C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe ()
O4 - HKLM..\Run: [F-Secure Hoster] C:\Program Files (x86)\F-Secure\fshoster32.exe (F-Secure Corporation)
O4 - HKLM..\Run: [F-Secure Manager] C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Common\FSM32.EXE (F-Secure Corporation)
O4 - HKLM..\Run: [PDVD9LanguageShortcut] C:\Program Files (x86)\CyberLink\PowerDVD9\Language\Language.exe (CyberLink Corp.)
O4 - HKLM..\Run: [RemoteControl9] C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [RoxWatchTray] C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe (Sonic Solutions)
O4 - HKLM..\Run: [TagMonitor] C:\Program Files (x86)\LeapFrog\LeapFrog Connect Tag\bin\TagMonitor.exe (LeapFrog Enterprises, Inc.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-2589773313-3257203268-164393769-1000..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-2589773313-3257203268-164393769-1001..\Run: [frkUeoymDhvXXox] C:\Users\blandine\AppData\Roaming\VboxServs.exe ()
O4:[b]64bit:[/b] - HKLM..\RunOnce: [DBRMTray] C:\dell\DBRM\Reminder\TrayApp.exe (Microsoft)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] File not found
O4 - HKU\S-1-5-21-2589773313-3257203268-164393769-1000..\RunOnce: [mctadmin] File not found
O4 - HKU\S-1-5-21-2589773313-3257203268-164393769-1001..\RunOnce: [FlashPlayerUpdate] C:\Windows\SysWOW64\Macromed\Flash\FlashUtil11e_ActiveX.exe (Adobe Systems, Inc.)
O4 - Startup: C:\Users\blandine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Moniteur de la technologie Intel® Turbo Boost 2.0.lnk = File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10:[b]64bit:[/b] - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13:[b]64bit:[/b] - gopher Prefix: missing
O13 - gopher Prefix: missing
O16:[b]64bit:[/b] - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16:[b]64bit:[/b] - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16:[b]64bit:[/b] - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O18:[b]64bit:[/b] - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:[b]64bit:[/b] - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:[b]64bit:[/b] - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:[b]64bit:[/b] - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18:[b]64bit:[/b] - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - Reg Error: Key error. File not found
O18:[b]64bit:[/b] - Protocol\Handler\tmpx {0E526CB5-7446-41D1-A403-19BFE95E8C23} - File not found
O18:[b]64bit:[/b] - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found
O18:[b]64bit:[/b] - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - Reg Error: Key error. File not found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Handler\tmpx {0E526CB5-7446-41D1-A403-19BFE95E8C23} - File not found
O18:[b]64bit:[/b] - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:[b]64bit:[/b] - AppInit_DLLs: (C:\Windows\system32\nvinitx.dll) - File not found
O20 - AppInit_DLLs: (C:\Windows\SysWOW64\nvinit.dll) - C:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\System32\explorer.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Program Files (x86)\DigitalPersona\Bin\DPAgent.exe) - C:\Program Files (x86)\DigitalPersona\Bin\DPAgent.exe (DigitalPersona, Inc.)
O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKU\S-1-5-21-2589773313-3257203268-164393769-1001 Winlogon: Shell - (C:\Users\blandine\AppData\Roaming\VboxServs.exe) - C:\Users\blandine\AppData\Roaming\VboxServs.exe ()
O20 - HKU\S-1-5-21-2589773313-3257203268-164393769-1001 Winlogon: UserInit - (C:\Users\blandine\AppData\Roaming\VboxServs.exe) - C:\Users\blandine\AppData\Roaming\VboxServs.exe ()
O20:[b]64bit:[/b] - Winlogon\Notify\igfxcui: DllName - Reg Error: Key error. - File not found
O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/03/24 13:06:41 | 000,000,053 | R--- | M] () - D:\AUTORUN.INF -- [ CDFS ]
O33 - MountPoints2\{27d04148-981b-11e1-a094-ac7289210f0b}\Shell - "" = AutoRun
O33 - MountPoints2\{27d04148-981b-11e1-a094-ac7289210f0b}\Shell\AutoRun\command - "" = E:\unlock.exe autoplay=true
O33 - MountPoints2\{99932634-985a-11e1-a094-ac7289210f0b}\Shell - "" = AutoRun
O33 - MountPoints2\{99932634-985a-11e1-a094-ac7289210f0b}\Shell\AutoRun\command - "" = E:\unlock.exe autoplay=true
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
[b]64bit:[/b] O35 - HKLM\..comfile [open] -- "%1" %* File not found
[b]64bit:[/b] O35 - HKLM\..exefile [open] -- "%1" %* File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
[2012/05/22 20:30:24 | 000,000,000 | ---D | C] -- C:\_OTL
[2012/05/14 08:22:08 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2012/05/11 10:59:25 | 001,077,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\DWrite.dll
[2012/05/11 10:59:25 | 001,077,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DWrite.dll
[2012/05/11 10:59:15 | 003,968,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2012/05/11 10:59:15 | 003,968,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2012/05/11 10:59:14 | 003,913,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2012/05/11 10:59:14 | 003,913,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2012/05/08 18:48:16 | 000,000,000 | ---D | C] -- C:\Users\blandine\AppData\Roaming\Apple Computer
[2012/05/08 18:48:16 | 000,000,000 | ---D | C] -- C:\Users\blandine\AppData\Local\Apple Computer
[2012/05/08 18:48:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2012/05/08 18:47:57 | 000,107,368 | ---- | C] (GEAR Software Inc.) -- C:\Windows\SysWow64\GEARAspi.dll
[2012/05/08 18:47:57 | 000,107,368 | ---- | C] (GEAR Software Inc.) -- C:\Windows\System32\GEARAspi.dll
[2012/05/08 18:47:19 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2012/05/08 18:47:18 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2012/05/08 18:47:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2012/05/08 18:47:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer
[2012/05/08 18:47:18 | 000,000,000 | ---D | C] -- C:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001}
[2012/05/08 18:45:38 | 000,000,000 | ---D | C] -- C:\Users\blandine\AppData\Local\Apple
[2012/05/08 18:45:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Apple Software Update
[2012/05/08 18:44:24 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2012/05/08 18:44:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bonjour
[2012/05/08 18:44:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple
[2012/05/08 18:44:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Apple
[2012/05/07 19:28:57 | 000,000,000 | ---D | C] -- C:\Users\blandine\Documents\Photos maison
[2012/05/07 19:10:36 | 000,000,000 | ---D | C] -- C:\Users\blandine\Documents\Documents de Laurent
[2012/05/07 19:10:36 | 000,000,000 | ---D | C] -- C:\Users\blandine\Documents\Documents de Blandine
[2012/05/07 19:10:34 | 000,000,000 | ---D | C] -- C:\Users\blandine\Documents\ACHAT TERRAIN CRETEIL HALAGE
[2012/05/07 17:29:51 | 000,000,000 | ---D | C] -- C:\Users\blandine\AppData\Local\{D2A6C633-5CAD-4F72-A0F7-19E608FD95AE}
[2012/05/07 17:19:10 | 000,000,000 | ---D | C] -- C:\Users\blandine\Documents\Retrieved Contents
[2012/05/07 16:40:52 | 000,000,000 | ---D | C] -- C:\Users\blandine\AppData\Local\Western_Digital
[2012/05/07 16:40:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Western Digital
[2012/05/07 16:39:15 | 000,000,000 | ---D | C] -- C:\Program Files\Western Digital
[2012/05/07 16:39:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Western Digital
[2012/05/07 16:39:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WD SmartWare
[2012/05/07 16:37:31 | 000,000,000 | ---D | C] -- C:\Users\blandine\AppData\Local\Western Digital
[2012/05/07 16:36:44 | 000,000,000 | ---D | C] -- C:\Users\blandine\AppData\Roaming\Roxio Burn
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
[2012/05/22 21:24:00 | 000,001,072 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/05/22 21:20:20 | 000,001,068 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/05/22 21:20:11 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/05/22 21:20:04 | 3153,727,488 | -HS- | M] () -- C:\hiberfil.sys
[2012/05/22 19:58:35 | 000,000,506 | ---- | M] () -- C:\Windows\tasks\SystemToolsDailyTest.job
[2012/05/22 11:26:09 | 000,231,936 | -HS- | M] () -- C:\Users\blandine\AppData\Roaming\VboxServs.exe
[2012/05/14 08:18:27 | 000,000,000 | ---D | M] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[2012/05/11 18:54:07 | 000,001,862 | ---- | M] () -- C:\Users\Public\Desktop\F-Secure Launch pad.lnk
[2012/05/08 18:48:11 | 000,001,785 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2012/05/08 18:48:11 | 000,000,000 | ---D | M] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2012/05/08 18:45:35 | 000,002,519 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
[2012/05/08 09:07:00 | 000,000,564 | ---- | M] () -- C:\Windows\tasks\PCDoctorBackgroundMonitorTask.job
[2012/05/07 16:40:00 | 000,001,320 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WDDMStatus.lnk
[2012/05/07 16:40:00 | 000,000,000 | R--D | M] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
[2012/05/07 16:40:00 | 000,000,000 | ---D | M] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WD SmartWare
[2012/05/07 09:45:50 | 000,011,272 | ---- | M] () -- C:\Users\blandine\Documents\justificatif.pdf
[2012/05/06 16:28:00 | 000,028,817 | ---- | M] () -- C:\Users\blandine\Desktop\DE0060 DEVIS HORTA.pdf
[color=#E56717]========== Files Created - No Company Name ==========[/color]
[2012/05/22 11:26:31 | 000,231,936 | -HS- | C] () -- C:\Users\blandine\AppData\Roaming\VboxServs.exe
[2012/05/08 18:48:11 | 000,001,785 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2012/05/08 18:45:35 | 000,002,519 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
[2012/05/07 16:40:00 | 000,001,320 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WDDMStatus.lnk
[2012/05/07 09:45:50 | 000,011,272 | ---- | C] () -- C:\Users\blandine\Documents\justificatif.pdf
[2012/05/06 16:28:00 | 000,028,817 | ---- | C] () -- C:\Users\blandine\Desktop\DE0060 DEVIS HORTA.pdf
[2012/03/03 12:54:24 | 000,000,500 | ---- | C] () -- C:\Windows\{687EAE16-F2E7-4B96-B58C-AC09F9119B8C}_WiseFW.ini
[2012/01/25 11:56:39 | 000,042,672 | ---- | C] () -- C:\Windows\SysWow64\drivers\fsbts.sys
[2012/01/25 00:22:22 | 000,019,615 | ---- | C] () -- C:\Windows\prodsett_copy.ini
[2011/10/30 18:35:30 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2011/07/13 11:05:11 | 000,963,116 | ---- | C] () -- C:\Windows\SysWow64\igkrng600.bin
[2011/07/13 11:05:09 | 000,216,876 | ---- | C] () -- C:\Windows\SysWow64\igfcg600m.bin
[2011/07/13 11:05:07 | 000,145,804 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng600.bin
[2011/07/13 10:06:43 | 000,017,776 | ---- | C] () -- C:\Windows\EvtMessage.dll
[2011/02/12 20:17:40 | 001,696,440 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2009/07/14 07:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009/07/14 04:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009/07/14 04:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009/07/14 02:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009/07/14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009/07/13 23:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009/06/10 23:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[color=#E56717]========== LOP Check ==========[/color]
[2011/09/29 13:56:41 | 000,000,000 | ---D | M] -- C:\Users\blandine\AppData\Roaming\DigitalPersona
[2012/02/04 22:57:11 | 000,000,000 | ---D | M] -- C:\Users\blandine\AppData\Roaming\F-Secure
[2011/11/28 12:50:45 | 000,000,000 | ---D | M] -- C:\Users\blandine\AppData\Roaming\PCDr
[2012/02/05 15:50:28 | 000,000,000 | ---D | M] -- C:\Users\blandine\AppData\Roaming\Windows Live Writer
[2009/07/14 07:08:56 | 000,000,000 | -HSD | M] -- C:\ProgramData\Application Data
[2011/09/29 13:56:01 | 000,000,000 | -HSD | M] -- C:\ProgramData\Bureau
[2009/07/14 07:08:56 | 000,000,000 | -HSD | M] -- C:\ProgramData\Desktop
[2009/07/14 07:08:56 | 000,000,000 | -HSD | M] -- C:\ProgramData\Documents
[2011/07/13 10:45:34 | 000,000,000 | ---D | M] -- C:\ProgramData\Downloaded Installations
[2012/01/25 00:22:56 | 000,000,000 | ---D | M] -- C:\ProgramData\F-Secure
[2011/09/29 13:56:01 | 000,000,000 | -HSD | M] -- C:\ProgramData\Favoris
[2009/07/14 07:08:56 | 000,000,000 | -HSD | M] -- C:\ProgramData\Favorites
[2012/01/25 00:21:09 | 000,000,000 | ---D | M] -- C:\ProgramData\fssg
[2012/03/03 12:53:36 | 000,000,000 | ---D | M] -- C:\ProgramData\Leapfrog
[2011/09/29 13:56:01 | 000,000,000 | -HSD | M] -- C:\ProgramData\Menu Démarrer
[2011/09/29 13:56:01 | 000,000,000 | -HSD | M] -- C:\ProgramData\Modèles
[2011/11/28 12:51:19 | 000,000,000 | ---D | M] -- C:\ProgramData\PCDr
[2011/07/13 10:33:00 | 000,000,000 | ---D | M] -- C:\ProgramData\PhotoShow Shared Assets
[2011/07/13 10:09:29 | 000,000,000 | ---D | M] -- C:\ProgramData\Roaming
[2009/07/14 07:08:56 | 000,000,000 | -HSD | M] -- C:\ProgramData\Start Menu
[2011/07/13 10:22:44 | 000,000,000 | ---D | M] -- C:\ProgramData\Temp
[2009/07/14 07:08:56 | 000,000,000 | -HSD | M] -- C:\ProgramData\Templates
[2011/07/13 10:34:31 | 000,000,000 | ---D | M] -- C:\ProgramData\Uninstall
[2011/07/13 10:07:18 | 000,000,000 | ---D | M] -- C:\ProgramData\Validity
[2012/05/07 16:40:20 | 000,000,000 | ---D | M] -- C:\ProgramData\Western Digital
[2012/05/08 18:47:55 | 000,000,000 | ---D | M] -- C:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001}
[2012/05/08 09:07:00 | 000,000,564 | ---- | M] () -- C:\Windows\Tasks\PCDoctorBackgroundMonitorTask.job
[2012/03/14 01:32:24 | 000,032,482 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2012/05/22 19:58:35 | 000,000,506 | ---- | M] () -- C:\Windows\Tasks\SystemToolsDailyTest.job
[color=#E56717]========== Purity Check ==========[/color]
< End of report >
A voir également:
- Virus please wait while the connection is...
- What is my movie français - Télécharger - Divers TV & Vidéo
- Gmail connection - Guide
- Virus mcafee - Accueil - Piratage
- Who is on my wifi - Télécharger - Outils Internet
- Softonic virus ✓ - Forum Virus
16 réponses
Bonsoir,
Sous l'environnement REATOGO
Double-clique sur l'icône jaune OTLPE.
Sous "Custom Scans/Fixes", copie/colle les instructions hébergées ici
● Clique sur le bouton Run Fix, patiente pendant le travail de l'outil.
● Un rapport va s'ouvrir au format bloc-note.
Poste le rapport, A +
Sous l'environnement REATOGO
Double-clique sur l'icône jaune OTLPE.
Sous "Custom Scans/Fixes", copie/colle les instructions hébergées ici
● Clique sur le bouton Run Fix, patiente pendant le travail de l'outil.
● Un rapport va s'ouvrir au format bloc-note.
Poste le rapport, A +
Merci beaucoup, je peux de nouveau accéder à mon ordi mais je n'ai plus d'icones sur mon bureau...
Voici d'ailleurs le rapport que j'ai eu ci-dessous.
Autre question, pourquoi j'ai eu ce virus et que dois-je faire pour m'en protéger, j'ai installé F-Secure qui visiblement n'a pas marché, est-ce normal ?
Encore merci !
========== OTL ==========
Registry value HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{2318C2B1-4965-11d4-9B18-009027A5CD4F} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2318C2B1-4965-11d4-9B18-009027A5CD4F}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
Registry key HKEY_USERS\S-1-5-21-2589773313-3257203268-164393769-1001\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Run not found.
File C:\Users\blandine\AppData\Roaming\VboxServs.exe not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktop deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktopChanges deleted successfully.
Registry value HKEY_USERS\S-1-5-21-2589773313-3257203268-164393769-1001\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell:C:\Users\blandine\AppData\Roaming\VboxServs.exe deleted successfully.
File C:\Users\blandine\AppData\Roaming\VboxServs.exe not found.
Registry value HKEY_USERS\S-1-5-21-2589773313-3257203268-164393769-1001\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\UserInit:C:\Users\blandine\AppData\Roaming\VboxServs.exe deleted successfully.
File C:\Users\blandine\AppData\Roaming\VboxServs.exe not found.
OTLPE by OldTimer - Version 3.1.48.0 log created on 05232012_193934
Voici d'ailleurs le rapport que j'ai eu ci-dessous.
Autre question, pourquoi j'ai eu ce virus et que dois-je faire pour m'en protéger, j'ai installé F-Secure qui visiblement n'a pas marché, est-ce normal ?
Encore merci !
========== OTL ==========
Registry value HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{2318C2B1-4965-11d4-9B18-009027A5CD4F} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2318C2B1-4965-11d4-9B18-009027A5CD4F}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
Registry key HKEY_USERS\S-1-5-21-2589773313-3257203268-164393769-1001\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Run not found.
File C:\Users\blandine\AppData\Roaming\VboxServs.exe not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktop deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktopChanges deleted successfully.
Registry value HKEY_USERS\S-1-5-21-2589773313-3257203268-164393769-1001\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell:C:\Users\blandine\AppData\Roaming\VboxServs.exe deleted successfully.
File C:\Users\blandine\AppData\Roaming\VboxServs.exe not found.
Registry value HKEY_USERS\S-1-5-21-2589773313-3257203268-164393769-1001\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\UserInit:C:\Users\blandine\AppData\Roaming\VboxServs.exe deleted successfully.
File C:\Users\blandine\AppData\Roaming\VboxServs.exe not found.
OTLPE by OldTimer - Version 3.1.48.0 log created on 05232012_193934
Bonsoir,
Cette infection exploite les vulnérabilités de logiciels non tenus à jour.
Clique droit sur le Bureau > Affichage > clique sur Afficher les éléments du Bureau
Ton premier rapport étant incomplet, on va regarder ton système avec cet outil de diagnostic.
Télécharge OTL (de OldTimer) sur ton Bureau.
Ferme toutes tes applications en cours
● Lance OTL.exe, l'interface principale s'ouvre.
● Dans la section Rapport en haut à droite de la fenêtre, coche Rapport minimal
● Coche la case Tous les utilisateurs
● Laisse tous les autres paramètres par défaut
● Dans la partie du bas "Personnalisation", copie/colle la liste en citation :
● Clique sur le bouton Analyse rapide, patiente pendant le balayage du système.
● 2 rapports vont s'ouvrir au format bloc-note :
▸ ▸ OTL.txt (qui sera affiché) ainsi que Extras.txt (réduit dans la barre des tâches)
● Ne les poste pas sur le forum, ils seraient trop long
● Héberge les sur un des sites suivants :
https://www.cjoint.com/
http://pjjoint.malekal.com/
http://threat-rc.com/
https://textup.fr/
● Tu obtiendras 2 liens que tu me donneras dans ton prochain message.
Aide : Tutorial OTL (par Malekal)
A +
Cette infection exploite les vulnérabilités de logiciels non tenus à jour.
Clique droit sur le Bureau > Affichage > clique sur Afficher les éléments du Bureau
Ton premier rapport étant incomplet, on va regarder ton système avec cet outil de diagnostic.
Télécharge OTL (de OldTimer) sur ton Bureau.
Ferme toutes tes applications en cours
● Lance OTL.exe, l'interface principale s'ouvre.
● Dans la section Rapport en haut à droite de la fenêtre, coche Rapport minimal
● Coche la case Tous les utilisateurs
● Laisse tous les autres paramètres par défaut
● Dans la partie du bas "Personnalisation", copie/colle la liste en citation :
msconfig safebootminimal safebootnetwork /md5start volsnap.* explorer.exe winlogon.exe userinit.exe svchost.exe consrv.dll /md5stop %temp%\*.exe /s %ALLUSERSPROFILE%\Application Data\*.exe /s %ALLUSERSPROFILE%\Application Data\*. %APPDATA%\*.exe /s %APPDATA%\*. %SYSTEMDRIVE%\*.exe %systemroot%\Tasks\*.* /s hklm\software\clients\startmenuinternet|command /rs hklm\software\clients\startmenuinternet|command /64 /rs CREATERESTOREPOINT
● Clique sur le bouton Analyse rapide, patiente pendant le balayage du système.
● 2 rapports vont s'ouvrir au format bloc-note :
▸ ▸ OTL.txt (qui sera affiché) ainsi que Extras.txt (réduit dans la barre des tâches)
● Ne les poste pas sur le forum, ils seraient trop long
● Héberge les sur un des sites suivants :
https://www.cjoint.com/
http://pjjoint.malekal.com/
http://threat-rc.com/
https://textup.fr/
● Tu obtiendras 2 liens que tu me donneras dans ton prochain message.
Aide : Tutorial OTL (par Malekal)
A +
Merci, j'ai retrouvé mon bureau.
Voici les rapports https://www.cjoint.com/?3ExvTxOdflK et https://www.cjoint.com/?BExvUPtReCo
Voici les rapports https://www.cjoint.com/?3ExvTxOdflK et https://www.cjoint.com/?BExvUPtReCo
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
Tu as conservé l'outil OTLPE, de ce fait certaines instructions n'ont pas été prises en compte. On va faire avec :)
1. Télécharge OTL (de OldTimer) sur ton Bureau.
Lance OTL
● Dans la partie "Personnalisation", copie/colle les instructions hébergées ici
● Clique sur le bouton Correction.
● Patiente pendant le travail de l'outil, il doit ensuite redémarrer le PC.
● Accepte en cliquant sur OK.
● Le rapport indiquant les actions réalisées par OTL doit s'ouvrir spontanément.
Tu peux le retrouver le fichier à la racine du disque dans ce dossier : C:\_OTL\MovedFiles
2. Télécharge MBAM et installe le selon l'emplacement par défaut.
(l'essai de la version pro est facultative)
● Effectue la mise à jour et lance Malwarebytes' Anti-Malware
● Clique dans l'onglet du haut "Recherche"
● Coche l'option "Exécuter un examen complet" puis sur le bouton "Rechercher"
● Choisis de scanner tous tes disques durs, puis clique sur 'Lancer l'examen"
▸ A la fin de l'analyse, si MBAM n'a rien trouvé :
● Clique sur OK, le rapport s'ouvre spontanément
▸ Si des menaces ont été détectées :
● Clique sur OK puis "Afficher les résultats"
● Choisis l'option "Supprimer la sélection"
● Si MBAM demande le redémarrage de Windows : Clique sur "Oui"
● Une fois le PC redémarré, le rapport se trouve dans l'onglet "Rapports/Logs"
● Sinon le rapport s'ouvre automatiquement après la suppression.
3. Héberge les rapports et poste les liens.
A +
1. Télécharge OTL (de OldTimer) sur ton Bureau.
Lance OTL
● Dans la partie "Personnalisation", copie/colle les instructions hébergées ici
● Clique sur le bouton Correction.
● Patiente pendant le travail de l'outil, il doit ensuite redémarrer le PC.
● Accepte en cliquant sur OK.
● Le rapport indiquant les actions réalisées par OTL doit s'ouvrir spontanément.
Tu peux le retrouver le fichier à la racine du disque dans ce dossier : C:\_OTL\MovedFiles
2. Télécharge MBAM et installe le selon l'emplacement par défaut.
(l'essai de la version pro est facultative)
● Effectue la mise à jour et lance Malwarebytes' Anti-Malware
● Clique dans l'onglet du haut "Recherche"
● Coche l'option "Exécuter un examen complet" puis sur le bouton "Rechercher"
● Choisis de scanner tous tes disques durs, puis clique sur 'Lancer l'examen"
▸ A la fin de l'analyse, si MBAM n'a rien trouvé :
● Clique sur OK, le rapport s'ouvre spontanément
▸ Si des menaces ont été détectées :
● Clique sur OK puis "Afficher les résultats"
● Choisis l'option "Supprimer la sélection"
● Si MBAM demande le redémarrage de Windows : Clique sur "Oui"
● Une fois le PC redémarré, le rapport se trouve dans l'onglet "Rapports/Logs"
● Sinon le rapport s'ouvre automatiquement après la suppression.
3. Héberge les rapports et poste les liens.
A +
le pb c'est quand je clique sur le lien OTL, il m'st dit que Le site Web a refusé d'afficher cette page Web...
Je vais y arriver...;-)
Le scan Malwarebytes' Anti-Malware est en cours. Voici le 1er rapport https://www.cjoint.com/?BExxovRPeIG
Le scan Malwarebytes' Anti-Malware est en cours. Voici le 1er rapport https://www.cjoint.com/?BExxovRPeIG
Bonjour,
C'est parfait, après le scan de routine avec Malwarebytes, on finalisera avec les mises à jour nécessaires.
A +
C'est parfait, après le scan de routine avec Malwarebytes, on finalisera avec les mises à jour nécessaires.
A +
Bonjour,
Voici le rapport MBAM : https://www.cjoint.com/?BEyh5iqlw21
A ce soir pour les MAJ, merci encore pour ton aide !
Voici le rapport MBAM : https://www.cjoint.com/?BEyh5iqlw21
A ce soir pour les MAJ, merci encore pour ton aide !
korson,
== == == == == == DÉSINSTALLATION DES OUTILS == == == == == ==
1. Lance OTL
● Dans la partie "Personnalisation", copie/colle :
● Clique sur le bouton Correction.
2. Relance OTL
● Clique sur le bouton Purge outils
● Puis sur OK dans la boite de dialogue qui t'invite à redémarrer le système.
● Supprime les outils et les rapports restants éventuellement sur ton Bureau
3. Tu peux garder Malwarebytes Anti-Malware comme logiciel complémentaire à ton antivirus et t'en servir contrôler ton PC avec un scan rapide de temps en temps sans oublier de le mettre à jour avant
== == == == == == == == MISES A JOUR == == == == == == == ==
Vérifie que les logiciels pouvant présenter des failles de sécurité sont à jour, c'est par ce biais que les infections arrivent et que tu as été infecté dans le cas présent :
https://www.malekal.com/maintenir-java-adobe-reader-et-le-player-flash-a-jour/ ou bien tu peux utiliser cet outil : Vérifier et mettre à jour facilement les logiciels à risque avec SX Check&Update
!! Décoche les cases proposant des logiciels partenaires pendant les installations !!
Désinstalle les anciennes versions de Java si tu en as encore installées.
https://www.java.com/fr/download/help/remove_olderversions.html
== == == == == == == == == == == == == == == == == == == == == ==
La sécurité de son PC, c'est quoi ? (par Malekal)
== == == == == == == == == == == == == == == == == == == == == ==
Bonne continuation
== == == == == == DÉSINSTALLATION DES OUTILS == == == == == ==
1. Lance OTL
● Dans la partie "Personnalisation", copie/colle :
:commands [clearallrestorepoints]
● Clique sur le bouton Correction.
2. Relance OTL
● Clique sur le bouton Purge outils
● Puis sur OK dans la boite de dialogue qui t'invite à redémarrer le système.
● Supprime les outils et les rapports restants éventuellement sur ton Bureau
3. Tu peux garder Malwarebytes Anti-Malware comme logiciel complémentaire à ton antivirus et t'en servir contrôler ton PC avec un scan rapide de temps en temps sans oublier de le mettre à jour avant
== == == == == == == == MISES A JOUR == == == == == == == ==
Vérifie que les logiciels pouvant présenter des failles de sécurité sont à jour, c'est par ce biais que les infections arrivent et que tu as été infecté dans le cas présent :
https://www.malekal.com/maintenir-java-adobe-reader-et-le-player-flash-a-jour/ ou bien tu peux utiliser cet outil : Vérifier et mettre à jour facilement les logiciels à risque avec SX Check&Update
!! Décoche les cases proposant des logiciels partenaires pendant les installations !!
Désinstalle les anciennes versions de Java si tu en as encore installées.
https://www.java.com/fr/download/help/remove_olderversions.html
== == == == == == == == == == == == == == == == == == == == == ==
La sécurité de son PC, c'est quoi ? (par Malekal)
== == == == == == == == == == == == == == == == == == == == == ==
Bonne continuation
