[Résolu] « Rundll » introuvable au démarrage

JGG · le 9 août 2011

Bonjour, j'ai, il y a quasiment une semaine, supprimé via mon antivirus (BitDefender) 2 Trojan (Gen:varant.downloader.127 et Java.Trojan.downloader.openconnection.AT) cachés il semblerait, dans iloadz67.dll et scanad~1.dll.

Depuis, j'ai deux fenêtres intitulés RUNDLL qui s'affichent à chaque démarrage, me disant chacune que le module est introuvable.

(J'ai aussi vider les cache de Java.)

Comment faire pour supprimer cet appel au démarrage de Widows 7?

Je vous joint le rapport HJT datant d'aujourd'hui:

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 00:58:32, on 10/08/2011

Platform: Unknown Windows (WinNT 6.01.3504)

MSIE: Internet Explorer v9.00 (9.00.8112.16421)

Boot mode: Normal

Running processes:

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Program Files\BitDefender\BitDefender 2010\bdagent.exe

C:\Program Files\Common Files\Java\Java Update\jusched.exe

C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe

C:\Program Files\Logitech\SetPointP\SetPoint.exe

C:\Program Files\DAEMON Tools Lite\DTLite.exe

C:\Program Files\Windows Sidebar\sidebar.exe

C:\Program Files\BitDefender\BitDefender 2010\seccenter.exe

C:\Windows\system32\taskhost.exe

C:\Program Files\Steam\steam.exe

C:\Program Files\Philips\Philips Songbird\extensions\philips-autoplay@philips.com\application\PhilipsSongbirdLauncher.exe

C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Program Files\Mozilla Firefox\plugin-container.exe

C:\Windows\system32\taskeng.exe

C:\Users\Jean-Guy\Downloads\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = Facemoods Search

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

R3 - URLSearchHook: (no name) - {4daac69c-cba7-45e2-9bc8-1044483d3352} - (no file)

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~3\Office14\URLREDIR.DLL

O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2010\IEToolbar.dll

O3 - Toolbar: (no name) - {4daac69c-cba7-45e2-9bc8-1044483d3352} - (no file)

O4 - HKLM\..\Run: [bDAgent] "C:\Program Files\BitDefender\BitDefender 2010\bdagent.exe"

O4 - HKLM\..\Run: [bitDefender Antiphishing Helper] "C:\Program Files\BitDefender\BitDefender 2010\IEShow.exe"

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM\..\Run: [iAStorIcon] C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe

O4 - HKLM\..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe /launchGaming

O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun

O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

O4 - HKCU\..\Run: [steam] "C:\Program Files\Steam\Steam.exe" -silent

O4 - HKCU\..\Run: [Google Update] "C:\Users\Jean-Guy\AppData\Local\Google\Update\GoogleUpdate.exe" /c

O4 - HKCU\..\Run: [NvCplDaemonTool] rundll32.exe C:\Users\Jean-Guy\iloadz67.dll,_IWMPEvents

O4 - HKCU\..\Run: [PhilipsSongbirdLauncher] C:\Program Files\Philips\Philips Songbird\extensions\philips-autoplay@philips.com\application\PhilipsSongbirdLauncher.exe

O4 - Startup: scandisk.lnk = ?

O8 - Extra context menu item: &Envoyer à OneNote - res://C:\PROGRA~1\MICROS~3\Office14\ONBttnIE.dll/105

O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office14\EXCEL.EXE/3000

O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html

O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll

O9 - Extra button: Notes &liées OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

O9 - Extra 'Tools' menuitem: Notes &liées OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O9 - Extra 'Tools' menuitem: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O13 - Gopher Prefix:

O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL

O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL

O23 - Service: BitDefender Serveur Arrakis (Arrakis3) - BitDefender S.R.L. Antivirus Software, Virus Protection, Internet Security - Bitdefender - C:\Program Files\Common Files\BitDefender\BitDefender Arrakis Server\bin\arrakis3.exe

O23 - Service: Service Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Service Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: Intel® PROSet Monitoring Service - Intel Corporation - C:\Windows\system32\IProsetMonitor.exe

O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe

O23 - Service: BitDefender Desktop Update Service (LIVESRV) - BitDefender S.R.L. - C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe

O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe

O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe

O23 - Service: Realtek11nSU - Realtek - C:\Program Files\Realtek\11n USB Wireless LAN Utility\RtlService.exe

O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies, Inc. - C:\Program Files\WinPcap\rpcapd.exe

O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe

O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S.R.L. - C:\Program Files\BitDefender\BitDefender 2010\vsserv.exe

--

End of file - 7987 bytes

Merci d'avance d'éclairer ma lanterne de débutant en informatique.

Cordialement

JG

Modifié le 11 août 2011 par JGG

lance_yien · le 10 août 2011

Bonjour JGG,

Très Important!

>>> A faire immédiatement:

- En haut de ce message cliquer sur le bouton "Suivre ce sujet", en choisissant "Notification immédiate" => "Soumettre" tu seras avisé en temps réel pour les réponses apportées à ton sujet et de ce fait, ta machine sera nettoyée dans les meilleurs délais.

Si à la place du bouton "Suivre ce sujet" tu as "Arrêter de suivre ce sujet", c'est que les réglages ont déjà été faits.

- Sauvegarder (en copiant) tous les documents personnels sur un support autre que la partition système: Clé USB, CD/DVD, Disque Dur externe etc.

>>> Que faire durant ce nettoyage: Merci de NE PAS utiliser, installer et/ou désinstaller aucun programme à part ceux qui sont proposés à chaque étape ce qui a pour but d'éviter tout problème d'incompatibilité entre les outils.

>>> Que faire à la réception de nouvelles instructions:

Lire la totalité du message.
Certains programmes peuvent créer des problèmes s'ils ne sont pas lancés depuis le Bureau. Aussi, il est demandé de les télécharger et enregistrer DIRECTEMENT sur le Bureau (ou les déplacer avant utilisation par un clic-droit dessus => "Couper" puis clic-droit sur le Bureau => "Coller").
Procéder toujours dans l'ordre donné et demander des clarifications si nécessaire AVANT de commencer.
NE PAS hésiter à commenter et signaler tout changement (en bien ou en mal) dans le comportement de la machine ou par rapport au problème initial.

>>> Comment répondre:

- Cliquer sur le bouton (et non sur car je n'ai pas besoin de relire mes messages précédents).

- Coller le contenu des rapports SANS y ajouter AUCUN formatage de texte (en citation, code, couleur etc...).

>>> Ne pas abandonner son sujet avant d'avoir été informé(e) que tout est OK.

Imprimer ces instructions ou les enregistrer dans un fichier texte sur le Bureau pour les consulter facilement à tout moment.

>>> Lancer hijackthis avec son icône sur le bureau ou depuis "démarrer" => "tous les prog" => Hijackthis (pour Vista clic-droit => "Exécuter en tant qu'Admin") et cliquer sur "do a scan and save a log".

Cliquer sur "do only a scan" et attendre la fin de l'analyse. Puis dans l'ordre:

Cocher les cases devant les lignes suivantes:

R3 - URLSearchHook: (no name) - {4daac69c-cba7-45e2-9bc8-1044483d3352} - (no file)
O3 - Toolbar: (no name) - {4daac69c-cba7-45e2-9bc8-1044483d3352} - (no file)
O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [NvCplDaemonTool] rundll32.exe C:\Users\Jean-Guy\iloadz67.dll,_IWMPEvents
Fermer toutes les autres fenêtres et applications y compris Internet et cliquer sur "Fix checked" puis sur OK (pour confirmer).
Supprimer ce fichier (en gras), C:\Users\Jean-Guy\iloadz67.dll,_IWMPEvents
Redémarrer le PC.

>>> ESET Online Scanner: Brancher et allumer tous les médias amovibles disponibles (DD externe, clés USB etc) et désactiver antivirus/ parefeu et antispyware.

Utiliser Internet Explorer pour aller ICI.

Cliquer sur le bouton vert ESET Online Scanner, cocher la case "YES, I accept the Terms of Use" et cliquer sur Start.
Accepter l'installation de l'ActiveX.
Cocher "Scan archives", DEcocher "Remove found threats" et cliquer Start.
Eset téléchargera la base de données et commencera le scan. Le laisser finir son scan.
Ensuite, cliquer sur "List of found threats"
Cliquer sur "Export to text file..." et sauvegarder les résultats sur le Bureau en le nommant "scan-results" pour les copier/coller ici.
Cliquer sur et cocher la case Uninstall application on close pour supprimer ESET Online Scanner de la machine.

Cliquer sur et poster le rapport.

>>> Utiliser OTL: Télécharger, sur le BureauOTL (par OldTimer) depuis ici ou ici.

Brancher et allumer tous les médias amovibles disponibles (DD externe, clés USB etc) et désactiver antivirus/ parefeu et antispyware.

Fermer toutes les applications et fenêtres ouvertes et double-cliquer sur OTL.exe (Vista/ Windows7, cliquer-droit dessus => Exécuter en tant qu'Admin).

Copiez/ Collez ces lignes (commençant par netsvcs) dans l'espace sous "Personnalisation":

netsvcs
drivers32

%SYSTEMDRIVE%\*.*

%systemroot%\*. /mp /s

%systemroot%\system32\*.dll /lockedfiles

%systemroot%\Tasks\*.job /lockedfiles

%systemroot%\System32\config\*.sav

%systemroot%\system32\drivers\*.sys /90

CREATERESTOREPOINT

HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs

SAVEMBR:0

Sans rien changer, cliquer sur le bouton bleu Analyse et laisser faire.

A la fin du scan, 2 rapports seront créés: OTL.txt (qui s'ouvre dans le bloc-note) et Extras.txt (qui sera minimisé dans la Barre des tâches).

Copier/ Coller le contenu de chaque rapport, un seul par message parce qu'ils sont souvent très longs et dépassent la limite autorisée par le forum.

Rapports demandés:

scan-results.txt
OTL.txt
Extras.txt

Un changement quelconque?

JGG · le 10 août 2011

Bonsoir, le premier changement: la fenêtre RUNDLL (de iload67z.dll) n'apparaît plus, reste la deuxième fenêtre SCANAD~1.dll ( image là ===> http://img199.imageshack.us/img199/2320/rundll.jpg )

Je vous envoie les trois rapports sous trois messages.

voici le scan-results.txt:

C:\Users\Jean-Guy\AppData\Local\Temp\jar_cache4236817759840452018.tmp a variant of Win32/Kryptik.QOY trojan

C:\Users\Jean-Guy\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\16\62bf5890-68e232e0 multiple threats

C:\Users\Jean-Guy\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\44\9274bec-593cc4a2 multiple threats

C:\Users\Jean-Guy\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\45\5a09506d-27367a9d multiple threats

C:\Users\Jean-Guy\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\48\70163df0-31b44bfe multiple threats

C:\Users\Jean-Guy\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\59\5ee2d53b-6bae3f65 multiple threats

K:\PHOTOS\Téléchargé\Set up\Setup_FreeConverter.exe Win32/Adware.Toolbar.Dealio application

K:\PHOTOS\Téléchargé\Set up\Hack Pack par CJ v8\Multi-Hack Selector\resourcesPDE.exe probably a variant of Win32/Agent.FJNHXAC trojan

K:\PHOTOS\Téléchargé\Set up\Hack Pack par CJ v8\Multi-Hack Selector\resourcesPIT.exe probably a variant of Win32/Agent.EPTLWUY trojan

K:\$RECYCLE.BIN\$RCRMILX\VirtuallyJenna Oxin's Style!.exe a variant of Win32/Inject.NDT trojan

le reste dans les deux messages suivants.

cordialement

JGG

le OTL.txt:

OTL logfile created on: 10/08/2011 21:46:09 - Run 1

OTL by OldTimer - Version 3.2.26.1 Folder = C:\Users\Jean-Guy\Downloads

Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation

Internet Explorer (Version = 9.0.8112.16421)

Locale: 0000040c | Country: France | Language: FRA | Date Format: dd/MM/yyyy

3,49 Gb Total Physical Memory | 1,95 Gb Available Physical Memory | 55,90% Memory free

6,98 Gb Paging File | 5,54 Gb Available in Paging File | 79,39% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files

Drive C: | 297,99 Gb Total Space | 187,75 Gb Free Space | 63,01% Space Free | Partition Type: NTFS

Drive K: | 152,63 Gb Total Space | 18,45 Gb Free Space | 12,09% Space Free | Partition Type: FAT32

Computer Name: JEAN-GUY-PC | User Name: Jean-Guy | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/08/10 21:44:06 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Users\Jean-Guy\Downloads\OTL.exe

PRC - [2011/08/06 20:09:44 | 000,346,624 | ---- | M] () -- C:\Program Files\Philips\Philips Songbird\extensions\philips-autoplay@philips.com\application\PhilipsSongbirdLauncher.exe

PRC - [2011/08/03 09:43:21 | 000,411,432 | ---- | M] (Valve Corporation) -- C:\Program Files\Common Files\Steam\SteamService.exe

PRC - [2011/08/02 07:53:27 | 001,242,448 | ---- | M] (Valve Corporation) -- C:\Program Files\Steam\steam.exe

PRC - [2011/05/14 09:42:48 | 001,118,232 | ---- | M] (BitDefender S.R.L.) -- C:\Program Files\BitDefender\BitDefender 2010\seccenter.exe

PRC - [2011/05/14 09:42:46 | 001,198,048 | ---- | M] (BitDefender S.R.L.) -- C:\Program Files\BitDefender\BitDefender 2010\bdagent.exe

PRC - [2011/03/08 10:30:03 | 000,310,856 | ---- | M] (BitDefender S.R.L.) -- C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe

PRC - [2011/02/26 07:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe

PRC - [2011/02/23 01:39:24 | 000,803,432 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe

PRC - [2011/02/23 01:17:26 | 000,378,984 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

PRC - [2011/01/17 16:00:48 | 000,109,728 | ---- | M] (Intel Corporation) -- C:\Windows\System32\IPROSetMonitor.exe

PRC - [2010/11/09 22:08:58 | 000,146,000 | ---- | M] (Logitech, Inc.) -- C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE

PRC - [2010/11/06 00:54:22 | 000,013,336 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe

PRC - [2010/11/06 00:54:20 | 000,283,160 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe

PRC - [2010/10/29 15:43:54 | 001,167,360 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Program Files\Realtek\11n USB Wireless LAN Utility\RtWlan.exe

PRC - [2010/10/29 01:32:48 | 001,352,272 | ---- | M] (Logitech, Inc.) -- C:\Program Files\Logitech\SetPointP\SetPoint.exe

PRC - [2010/04/26 15:01:54 | 001,615,688 | ---- | M] (BitDefender S.R.L.) -- C:\Program Files\BitDefender\BitDefender 2010\vsserv.exe

PRC - [2010/04/16 16:10:58 | 000,036,864 | ---- | M] (Realtek) -- C:\Program Files\Realtek\11n USB Wireless LAN Utility\RtlService.exe

PRC - [2010/04/01 11:16:20 | 000,357,696 | ---- | M] (DT Soft Ltd) -- C:\Program Files\DAEMON Tools Lite\DTLite.exe

PRC - [2009/07/14 03:14:42 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe

========== Modules (SafeList) ==========

MOD - [2011/08/10 21:44:06 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Users\Jean-Guy\Downloads\OTL.exe

MOD - [2010/08/21 07:21:32 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll

========== Win32 Services (SafeList) ==========

SRV - [2011/08/03 09:43:21 | 000,411,432 | ---- | M] (Valve Corporation) [On_Demand | Running] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)

SRV - [2011/03/08 10:30:03 | 000,310,856 | ---- | M] (BitDefender S.R.L.) [Auto | Running] -- C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe -- (LIVESRV)

SRV - [2011/02/23 01:17:26 | 000,378,984 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)

SRV - [2011/01/17 16:00:48 | 000,109,728 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Windows\System32\IPROSetMonitor.exe -- (Intel® PROSet Monitoring Service) Intel®

SRV - [2010/11/06 00:54:22 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc) Intel®

SRV - [2010/10/28 12:13:30 | 000,293,456 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe -- (LBTServ)

SRV - [2010/06/12 16:08:59 | 001,343,400 | ---- | M] (Microsoft Corporation) [unknown | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)

SRV - [2010/04/26 15:01:54 | 001,615,688 | ---- | M] (BitDefender S.R.L.) [Auto | Running] -- C:\Program Files\BitDefender\BitDefender 2010\vsserv.exe -- (VSSERV)

SRV - [2010/04/16 16:10:58 | 000,036,864 | ---- | M] (Realtek) [Auto | Running] -- C:\Program Files\Realtek\11n USB Wireless LAN Utility\RtlService.exe -- (Realtek11nSU)

SRV - [2010/03/12 16:40:10 | 000,315,392 | ---- | M] (S.C. BitDefender S.R.L) [On_Demand | Stopped] -- C:\Program Files\Common Files\BitDefender\BitDefender Threat Scanner\scan.dll -- (scan)

SRV - [2009/10/20 20:19:48 | 000,117,264 | ---- | M] (CACE Technologies, Inc.) [On_Demand | Stopped] -- C:\Program Files\WinPcap\rpcapd.exe -- (rpcapd) Remote Packet Capture Protocol v.0 (experimental)

SRV - [2009/10/19 17:06:10 | 000,183,880 | ---- | M] (BitDefender S.R.L. http://www.bitdefender.com) [On_Demand | Stopped] -- C:\Program Files\Common Files\BitDefender\BitDefender Arrakis Server\bin\arrakis3.exe -- (Arrakis3)

SRV - [2009/07/14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)

SRV - [2009/07/14 03:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)

========== Driver Services (SafeList) ==========

DRV - [2011/02/23 10:27:00 | 010,468,360 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)

DRV - [2011/02/10 12:31:34 | 000,261,800 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\e1k6232.sys -- (e1kexpress) Intel®

DRV - [2010/11/25 14:59:16 | 000,603,240 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\rtl8192su.sys -- (RTL8192su)

DRV - [2010/11/12 01:10:50 | 000,122,984 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvhda32v.sys -- (NVHDA)

DRV - [2010/08/24 19:31:02 | 000,037,328 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LMouFilt.Sys -- (LMouFilt)

DRV - [2010/08/24 19:30:52 | 000,038,864 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LHidFilt.Sys -- (LHidFilt)

DRV - [2010/06/14 10:32:54 | 000,036,608 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\FsUsbExDisk.Sys -- (FsUsbExDisk)

DRV - [2010/06/12 16:26:14 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\sptd.sys -- (sptd)

DRV - [2010/06/12 11:38:59 | 000,079,952 | ---- | M] (BitDefender LLC) [Kernel | System | Running] -- C:\Program Files\Common Files\BitDefender\BitDefender Firewall\bdfwfpf.sys -- (bdfwfpf)

DRV - [2010/06/12 11:38:59 | 000,072,784 | ---- | M] (BitDefender LLC) [Kernel | System | Running] -- C:\Windows\System32\drivers\BdfNdisf6.sys -- (BdfNdisf)

DRV - [2010/06/12 11:38:59 | 000,039,808 | ---- | M] (BitDefender S.R.L.) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\BitDefender\BitDefender Threat Scanner\trufos.sys -- (Trufos)

DRV - [2010/06/12 11:38:59 | 000,014,720 | ---- | M] (BitDefender S.R.L.) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\BitDefender\BitDefender Threat Scanner\profos.sys -- (Profos)

DRV - [2010/02/22 14:58:40 | 000,291,352 | ---- | M] (BitDefender) [File_System | Boot | Running] -- C:\Windows\system32\DRIVERS\bdfsfltr.sys -- (bdfsfltr)

DRV - [2010/02/03 13:57:36 | 000,153,448 | ---- | M] (BitDefender S.R.L. Bucharest, ROMANIA) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\bdfm.sys -- (BDFM)

DRV - [2010/01/19 19:32:40 | 000,085,128 | ---- | M] (BitDefender) [Kernel | Auto | Running] -- C:\Program Files\BitDefender\BitDefender 2010\bdvedisk.sys -- (BDVEDISK)

DRV - [2009/10/20 20:19:44 | 000,050,704 | ---- | M] (CACE Technologies, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\npf.sys -- (NPF)

DRV - [2009/07/14 01:51:11 | 000,034,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)

DRV - [2009/03/18 17:35:40 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\hamachi.sys -- (hamachi)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = Facemoods Search

IE - HKLM\..\URLSearchHook: {4daac69c-cba7-45e2-9bc8-1044483d3352} - Reg Error: Key error. File not found

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = MSN : Hotmail, Messenger, Bing, Actualité et Sport

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = fr

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = BE 9E FE 5E 10 0A CB 01 [binary data]

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Facemoods Search"

FF - prefs.js..browser.search.selectedEngine: "Facemoods Search"

FF - prefs.js..browser.startup.homepage: "http://www.google.fr"

FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20

FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21

FF - prefs.js..extensions.enabledItems: FFToolbar@bitdefender.com:2.0

FF - prefs.js..extensions.enabledItems: support@predictad.com:1.11

FF - prefs.js..extensions.enabledItems: {23fcfd51-4958-4f00-80a3-ae97e717ed8b}:2.1.0.900

FF - prefs.js..extensions.enabledItems: {6904342A-8307-11DF-A508-4AE2DFD72085}:2.1.0.900

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()

FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: File not found

FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)

FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)

FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.)

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.)

FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Jean-Guy\AppData\Local\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.)

FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Jean-Guy\AppData\Local\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.)

FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\FFToolbar@bitdefender.com: C:\Program Files\BitDefender\BitDefender 2010\bdaphffext\ [2011/05/14 09:51:58 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\support@predictad.com: C:\Program Files\AutocompletePro\support@predictad.com [2010/07/06 10:54:01 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/06/25 14:10:24 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/06/18 07:51:23 | 000,000,000 | ---D | M]

[2011/08/06 20:10:12 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jean-Guy\AppData\Roaming\mozilla\Extensions

[2011/08/06 20:10:12 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jean-Guy\AppData\Roaming\mozilla\Extensions\songbird@songbirdnest.com

[2011/07/25 21:43:09 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jean-Guy\AppData\Roaming\mozilla\Firefox\Profiles\xkcig88k.default\extensions

[2011/03/31 07:39:48 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\mozilla firefox\extensions

[2011/02/21 22:22:18 | 000,000,000 | ---D | M] (Skype extension) -- C:\Program Files\mozilla firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}

[2010/07/12 00:21:23 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}

[2010/08/17 19:45:47 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}

[2011/03/31 07:39:48 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\mozilla firefox\distribution\extensions

[2011/03/31 07:39:48 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Program Files\mozilla firefox\distribution\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}

File not found (No name found) --

[2011/06/25 14:10:24 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll

[2010/07/17 05:00:04 | 000,423,656 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll

[2011/06/25 14:10:22 | 000,001,516 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazon-france.xml

[2011/06/25 14:10:22 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml

[2011/06/25 14:10:22 | 000,001,822 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\cnrtl-tlfi-fr.xml

[2011/06/25 14:10:22 | 000,001,154 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-france.xml

[2011/04/25 14:27:10 | 000,002,047 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fcmdSrchw7th.xml

[2011/06/25 14:10:22 | 000,001,426 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-fr.xml

[2011/06/25 14:10:22 | 000,000,956 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-france.xml

O1 HOSTS File: ([2009/06/10 23:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts

O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~3\Office14\URLREDIR.DLL (Microsoft Corporation)

O3 - HKLM\..\Toolbar: (BitDefender Toolbar) - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2010\IEToolbar.dll (BitDefender S.R.L.)

O3 - HKLM\..\Toolbar: (no name) - {4daac69c-cba7-45e2-9bc8-1044483d3352} - No CLSID value found.

O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {4DAAC69C-CBA7-45E2-9BC8-1044483D3352} - No CLSID value found.

O4 - HKLM..\Run: [bDAgent] C:\Program Files\BitDefender\BitDefender 2010\bdagent.exe (BitDefender S.R.L.)

O4 - HKLM..\Run: [bitDefender Antiphishing Helper] C:\Program Files\BitDefender\BitDefender 2010\IEShow.exe (BitDefender S.R.L.)

O4 - HKLM..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe (Logitech, Inc.)

O4 - HKLM..\Run: [iAStorIcon] C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)

O4 - HKLM..\Run: [NPSStartup] File not found

O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)

O4 - HKCU..\Run: [PhilipsSongbirdLauncher] C:\Program Files\Philips\Philips Songbird\extensions\philips-autoplay@philips.com\application\PhilipsSongbirdLauncher.exe ()

O4 - HKCU..\Run: [steam] C:\Program Files\Steam\Steam.exe (Valve Corporation)

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3

O9 - Extra Button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)

O9 - Extra 'Tools' menuitem : &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)

O9 - Extra Button: Notes &liées OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)

O9 - Extra 'Tools' menuitem : Notes &liées OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)

O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

O13 - gopher Prefix: missing

O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (OnlineScanner Control)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 212.27.40.240 212.27.40.241

O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)

O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)

O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2009/06/10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]

O33 - MountPoints2\{1ec913f2-22ce-11e0-8b8b-001cc0fac4fa}\Shell - "" = AutoRun

O33 - MountPoints2\{1ec913f2-22ce-11e0-8b8b-001cc0fac4fa}\Shell\AutoRun\command - "" = "J:\WD SmartWare.exe" autoplay=true

O33 - MountPoints2\{9db7a6ee-762e-11df-9bc8-001cc0fac4fa}\Shell - "" = AutoRun

O33 - MountPoints2\{9db7a6ee-762e-11df-9bc8-001cc0fac4fa}\Shell\AutoRun\command - "" = I:\Autorun.exe

O34 - HKLM BootExecute: (autocheck autochk *) - File not found

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: FastUserSwitchingCompatibility - File not found

NetSvcs: Ias - File not found

NetSvcs: Nla - File not found

NetSvcs: Ntmssvc - File not found

NetSvcs: NWCWorkstation - File not found

NetSvcs: Nwsapagent - File not found

NetSvcs: SRService - File not found

NetSvcs: WmdmPmSp - File not found

NetSvcs: LogonHours - File not found

NetSvcs: PCAudit - File not found

NetSvcs: helpsvc - File not found

NetSvcs: uploadmgr - File not found

Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)

Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)

Drivers32: VIDC.FPS1 - C:\Windows\System32\frapsvid.dll (Beepa P/L)

CREATERESTOREPOINT

Restore point Set: OTL Restore Point

PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 30 Days ==========

[2011/08/10 10:11:47 | 000,000,000 | ---D | C] -- C:\Program Files\ESET

[2011/08/10 00:36:31 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb

[2011/08/10 00:36:30 | 001,797,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll

[2011/08/10 00:36:30 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript.dll

[2011/08/10 00:36:30 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll

[2011/08/10 00:36:30 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll

[2011/08/10 00:36:29 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll

[2011/08/10 00:31:59 | 003,957,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe

[2011/08/10 00:31:59 | 003,902,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe

[2011/08/10 00:31:58 | 000,319,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbcjt32.dll

[2011/08/10 00:31:58 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbctrac.dll

[2011/08/10 00:31:58 | 000,122,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbccp32.dll

[2011/08/10 00:31:58 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbccu32.dll

[2011/08/10 00:31:58 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbccr32.dll

[2011/08/10 00:31:52 | 000,271,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe

[2011/08/10 00:31:52 | 000,169,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winsrv.dll

[2011/08/10 00:31:52 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-sysinfo-l1-1-0.dll

[2011/08/10 00:31:52 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-synch-l1-1-0.dll

[2011/08/10 00:31:52 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-heap-l1-1-0.dll

[2011/08/10 00:31:52 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-string-l1-1-0.dll

[2011/08/10 00:31:52 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-rtlsupport-l1-1-0.dll

[2011/08/10 00:31:52 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-profile-l1-1-0.dll

[2011/08/10 00:31:51 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-security-base-l1-1-0.dll

[2011/08/10 00:31:51 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-file-l1-1-0.dll

[2011/08/10 00:31:51 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-threadpool-l1-1-0.dll

[2011/08/10 00:31:51 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-processthreads-l1-1-0.dll

[2011/08/10 00:31:51 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-misc-l1-1-0.dll

[2011/08/10 00:31:51 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-localregistry-l1-1-0.dll

[2011/08/10 00:31:51 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-localization-l1-1-0.dll

[2011/08/10 00:31:51 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-xstate-l1-1-0.dll

[2011/08/10 00:31:51 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-processenvironment-l1-1-0.dll

[2011/08/10 00:31:51 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-namedpipe-l1-1-0.dll

[2011/08/10 00:31:51 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-memory-l1-1-0.dll

[2011/08/10 00:31:51 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll

[2011/08/10 00:31:51 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-interlocked-l1-1-0.dll

[2011/08/10 00:31:51 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-util-l1-1-0.dll

[2011/08/10 00:31:51 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-io-l1-1-0.dll

[2011/08/10 00:31:51 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-handle-l1-1-0.dll

[2011/08/10 00:31:51 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-fibers-l1-1-0.dll

[2011/08/10 00:31:51 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-errorhandling-l1-1-0.dll

[2011/08/10 00:31:51 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-delayload-l1-1-0.dll

[2011/08/10 00:31:51 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-debug-l1-1-0.dll

[2011/08/10 00:31:51 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-datetime-l1-1-0.dll

[2011/08/10 00:31:51 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-console-l1-1-0.dll

[2011/08/06 20:27:06 | 000,000,000 | ---D | C] -- C:\Users\Jean-Guy\AppData\Roaming\Philips

[2011/08/06 20:10:11 | 000,000,000 | ---D | C] -- C:\Users\Jean-Guy\AppData\Roaming\Philips-Songbird

[2011/08/06 20:10:11 | 000,000,000 | ---D | C] -- C:\Users\Jean-Guy\AppData\Local\Philips-Songbird

[2011/08/06 20:09:45 | 000,000,000 | ---D | C] -- C:\Users\Jean-Guy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Philips

[2011/08/06 20:09:43 | 000,109,360 | ---- | C] (GEAR Software Inc.) -- C:\Windows\System32\GEARAspi.dll

[2011/08/06 20:09:39 | 000,000,000 | ---D | C] -- C:\Program Files\Philips

[2011/07/13 08:09:23 | 002,332,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys

[2011/06/21 20:38:58 | 000,047,360 | ---- | C] (VSO Software) -- C:\Users\Jean-Guy\AppData\Roaming\pcouffin.sys

========== Files - Modified Within 30 Days ==========

[2011/08/10 21:46:50 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin

[2011/08/10 10:11:47 | 000,014,816 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

[2011/08/10 10:11:47 | 000,014,816 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

[2011/08/10 10:08:00 | 000,001,056 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job

[2011/08/10 10:04:24 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat

[2011/08/10 10:04:19 | 2810,859,520 | -HS- | M] () -- C:\hiberfil.sys

[2011/08/10 10:03:49 | 000,000,052 | ---- | M] () -- C:\Windows\System32\ashttpstats.csv

[2011/08/10 00:48:22 | 000,000,022 | ---- | M] () -- C:\Windows\tpcsd

[2011/08/10 00:33:54 | 000,716,850 | ---- | M] () -- C:\Windows\System32\perfh00C.dat

[2011/08/10 00:33:54 | 000,627,482 | ---- | M] () -- C:\Windows\System32\perfh009.dat

[2011/08/10 00:33:54 | 000,136,288 | ---- | M] () -- C:\Windows\System32\perfc00C.dat

[2011/08/10 00:33:54 | 000,111,060 | ---- | M] () -- C:\Windows\System32\perfc009.dat

[2011/08/09 10:09:01 | 000,001,090 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4242666773-1970633847-3519447004-1000UA.job

[2011/08/09 10:08:08 | 000,001,060 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

[2011/08/09 10:08:08 | 000,001,038 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4242666773-1970633847-3519447004-1000Core.job

[2011/08/08 00:11:50 | 000,138,536 | ---- | M] () -- C:\Windows\System32\drivers\PnkBstrK.sys

[2011/08/08 00:11:46 | 000,270,408 | ---- | M] () -- C:\Windows\System32\PnkBstrB.xtr

[2011/08/07 15:20:14 | 000,270,408 | ---- | M] () -- C:\Windows\System32\PnkBstrB.ex0

[2011/08/06 20:09:45 | 000,001,211 | ---- | M] () -- C:\Users\Jean-Guy\Application Data\Microsoft\Internet Explorer\Quick Launch\Philips Songbird.lnk

[2011/08/06 20:09:45 | 000,001,187 | ---- | M] () -- C:\Users\Public\Desktop\Philips Songbird.lnk

[2011/08/04 20:32:02 | 001,157,272 | ---- | M] () -- C:\Users\Jean-Guy\Desktop\crépis.jpeg

[2011/07/27 09:00:29 | 000,002,562 | ---- | M] () -- C:\Windows\diagwrn.xml

[2011/07/27 09:00:29 | 000,001,908 | ---- | M] () -- C:\Windows\diagerr.xml

[2011/07/26 01:26:23 | 000,001,070 | ---- | M] () -- C:\Users\Jean-Guy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\scandisk.lnk

[2011/07/22 04:54:43 | 001,797,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll

[2011/07/22 04:47:24 | 000,231,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\url.dll

[2011/07/22 04:46:48 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll

[2011/07/22 04:45:41 | 000,716,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jscript.dll

[2011/07/22 04:44:36 | 002,382,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb

[2011/07/22 04:43:07 | 000,176,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll

[2011/07/16 06:37:32 | 000,169,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winsrv.dll

[2011/07/16 06:31:12 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe

[2011/07/16 06:19:58 | 000,005,120 | -H-- | M] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-file-l1-1-0.dll

[2011/07/16 06:19:58 | 000,004,608 | -H-- | M] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-processthreads-l1-1-0.dll

[2011/07/16 06:19:58 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-sysinfo-l1-1-0.dll

[2011/07/16 06:19:58 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-synch-l1-1-0.dll

[2011/07/16 06:19:58 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-misc-l1-1-0.dll

[2011/07/16 06:19:58 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-localregistry-l1-1-0.dll

[2011/07/16 06:19:58 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-localization-l1-1-0.dll

[2011/07/16 06:19:58 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-processenvironment-l1-1-0.dll

[2011/07/16 06:19:58 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-namedpipe-l1-1-0.dll

[2011/07/16 06:19:58 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-memory-l1-1-0.dll

[2011/07/16 06:19:58 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll

[2011/07/16 06:19:58 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-interlocked-l1-1-0.dll

[2011/07/16 06:19:58 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-heap-l1-1-0.dll

[2011/07/16 06:19:58 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-string-l1-1-0.dll

[2011/07/16 06:19:58 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-rtlsupport-l1-1-0.dll

[2011/07/16 06:19:58 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-profile-l1-1-0.dll

[2011/07/16 06:19:58 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-io-l1-1-0.dll

[2011/07/16 06:19:58 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-handle-l1-1-0.dll

[2011/07/16 06:19:58 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-fibers-l1-1-0.dll

[2011/07/16 06:19:58 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-errorhandling-l1-1-0.dll

[2011/07/16 06:19:58 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-delayload-l1-1-0.dll

[2011/07/16 06:19:58 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-debug-l1-1-0.dll

[2011/07/16 06:19:58 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-datetime-l1-1-0.dll

[2011/07/16 06:19:58 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-console-l1-1-0.dll

[2011/07/16 04:21:47 | 000,006,144 | -H-- | M] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-security-base-l1-1-0.dll

[2011/07/16 04:21:47 | 000,004,608 | -H-- | M] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-threadpool-l1-1-0.dll

[2011/07/16 04:21:47 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-xstate-l1-1-0.dll

[2011/07/16 04:21:47 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-util-l1-1-0.dll

[2011/07/13 19:08:54 | 000,408,672 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT

========== Files Created - No Company Name ==========

[2011/08/10 21:46:50 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin

[2011/08/10 00:48:22 | 000,000,022 | ---- | C] () -- C:\Windows\tpcsd

[2011/08/06 20:09:45 | 000,001,211 | ---- | C] () -- C:\Users\Jean-Guy\Application Data\Microsoft\Internet Explorer\Quick Launch\Philips Songbird.lnk

[2011/08/06 20:09:45 | 000,001,187 | ---- | C] () -- C:\Users\Public\Desktop\Philips Songbird.lnk

[2011/08/04 20:32:24 | 001,157,272 | ---- | C] () -- C:\Users\Jean-Guy\Desktop\crépis.jpeg

[2011/07/27 08:58:42 | 000,002,562 | ---- | C] () -- C:\Windows\diagwrn.xml

[2011/07/27 08:58:42 | 000,001,908 | ---- | C] () -- C:\Windows\diagerr.xml

[2011/07/20 00:05:05 | 000,001,070 | ---- | C] () -- C:\Users\Jean-Guy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\scandisk.lnk

[2011/06/21 20:38:58 | 000,087,608 | ---- | C] () -- C:\Users\Jean-Guy\AppData\Roaming\inst.exe

[2011/06/21 20:38:58 | 000,007,887 | ---- | C] () -- C:\Users\Jean-Guy\AppData\Roaming\pcouffin.cat

[2011/06/21 20:38:58 | 000,001,144 | ---- | C] () -- C:\Users\Jean-Guy\AppData\Roaming\pcouffin.inf

[2011/04/09 18:55:28 | 000,179,261 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat

[2011/03/13 16:35:54 | 000,002,560 | ---- | C] () -- C:\Windows\_MSRSTRT.EXE

[2011/01/13 01:07:50 | 000,012,800 | ---- | C] () -- C:\Users\Jean-Guy\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2011/01/08 00:19:29 | 000,451,072 | ---- | C] () -- C:\Windows\System32\ISSRemoveSP.exe

[2010/11/11 14:48:58 | 000,000,096 | ---- | C] () -- C:\Users\Jean-Guy\AppData\Local\fusioncache.dat

[2010/11/09 20:53:30 | 000,000,001 | ---- | C] () -- C:\Windows\System32\SI.bin

[2010/08/12 23:49:13 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat

[2010/07/12 20:24:06 | 000,110,592 | ---- | C] () -- C:\Windows\System32\FsUsbExDevice.Dll

[2010/07/12 20:24:06 | 000,036,608 | ---- | C] () -- C:\Windows\System32\FsUsbExDisk.Sys

[2010/06/25 20:39:41 | 000,075,136 | ---- | C] () -- C:\Windows\System32\PnkBstrA.exe

[2010/06/25 20:39:30 | 000,138,536 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys

[2010/06/25 20:39:23 | 000,270,408 | ---- | C] () -- C:\Windows\System32\PnkBstrB.exe

[2010/06/12 15:37:40 | 000,000,000 | ---- | C] () -- C:\Windows\System32\wsbl.dat

[2010/06/12 15:37:40 | 000,000,000 | ---- | C] () -- C:\Windows\System32\phar_unmip.dat

[2010/06/12 15:37:40 | 000,000,000 | ---- | C] () -- C:\Windows\System32\phar_histprot.dat

[2010/06/12 15:37:40 | 000,000,000 | ---- | C] () -- C:\Windows\System32\ph_white.dat

[2010/06/12 15:37:40 | 000,000,000 | ---- | C] () -- C:\Windows\System32\ph_summ.dat

[2010/06/12 15:37:40 | 000,000,000 | ---- | C] () -- C:\Windows\System32\ph_black.dat

[2010/06/12 15:37:40 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pcwords2.dat

[2010/06/12 15:37:40 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pcwords.dat

[2010/06/12 15:37:40 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_webproxy.dat

[2010/06/12 15:37:40 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_video.dat

[2010/06/12 15:37:40 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_tabloids.dat

[2010/06/12 15:37:40 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_socialnetworks.dat

[2010/06/12 15:37:40 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_searchengines.dat

[2010/06/12 15:37:40 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_regionaltlds.dat

[2010/06/12 15:37:40 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_pornography.dat

[2010/06/12 15:37:40 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_onlineshop.dat

[2010/06/12 15:37:40 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_onlinepay.dat

[2010/06/12 15:37:40 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_onlinedating.dat

[2010/06/12 15:37:40 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_news.dat

[2010/06/12 15:37:40 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_im.dat

[2010/06/12 15:37:40 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_illegal.dat

[2010/06/12 15:37:40 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_hate.dat

[2010/06/12 15:37:40 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_games.dat

[2010/06/12 15:37:40 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_gambling.dat

[2010/06/12 15:37:40 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_drugs.dat

[2010/06/12 14:38:49 | 000,000,025 | ---- | C] () -- C:\Users\Jean-Guy\AppData\Roaming\bdfvconp.ini

[2010/06/12 11:36:14 | 000,000,016 | ---- | C] () -- C:\Windows\System32\asdict.dat

[2010/06/12 11:36:14 | 000,000,004 | ---- | C] () -- C:\Windows\System32\aspdict-en.dat

[2009/10/20 20:19:30 | 000,053,299 | ---- | C] () -- C:\Windows\System32\pthreadVC.dll

[2009/07/14 10:39:49 | 000,716,850 | ---- | C] () -- C:\Windows\System32\perfh00C.dat

[2009/07/14 10:39:49 | 000,344,522 | ---- | C] () -- C:\Windows\System32\perfi00C.dat

[2009/07/14 10:39:49 | 000,136,288 | ---- | C] () -- C:\Windows\System32\perfc00C.dat

[2009/07/14 10:39:49 | 000,038,160 | ---- | C] () -- C:\Windows\System32\perfd00C.dat

[2009/07/14 06:57:37 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat

[2009/07/14 06:33:53 | 000,408,672 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT

[2009/07/14 04:05:48 | 000,627,482 | ---- | C] () -- C:\Windows\System32\perfh009.dat

[2009/07/14 04:05:48 | 000,291,294 | ---- | C] () -- C:\Windows\System32\perfi009.dat

[2009/07/14 04:05:48 | 000,111,060 | ---- | C] () -- C:\Windows\System32\perfc009.dat

[2009/07/14 04:05:48 | 000,031,548 | ---- | C] () -- C:\Windows\System32\perfd009.dat

[2009/07/14 04:05:05 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT

[2009/07/14 04:04:11 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat

[2009/07/14 01:55:01 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin

[2009/07/14 01:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll

[2009/07/14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll

[2009/06/10 23:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat

[2009/01/15 13:45:34 | 000,181,248 | ---- | C] () -- C:\Windows\System32\txmlutil.dll

[2007/10/25 17:26:10 | 000,005,632 | ---- | C] () -- C:\Windows\System32\drivers\StarOpen.sys

[2007/01/31 14:50:32 | 000,913,408 | ---- | C] () -- C:\Windows\System32\xreglib.dll

========== Custom Scans ==========

< %SYSTEMDRIVE%\*.* >

[2009/06/10 23:42:20 | 000,000,024 | ---- | M] () -- C:\autoexec.bat

[2011/06/09 11:58:42 | 000,043,619 | ---- | M] () -- C:\bdlog.txt

[2009/06/10 23:42:20 | 000,000,010 | ---- | M] () -- C:\config.sys

[2011/08/10 10:04:19 | 2810,859,520 | -HS- | M] () -- C:\hiberfil.sys

[2010/10/03 19:32:38 | 000,000,000 | RHS- | M] () -- C:\IO.SYS

[2010/10/03 19:32:38 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS

[2011/08/10 10:04:22 | 3747,815,424 | -HS- | M] () -- C:\pagefile.sys

[2011/08/10 21:46:50 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin

[2010/06/12 11:16:08 | 000,002,125 | ---- | M] () -- C:\RHDSetup.log

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

[2009/07/14 03:15:36 | 000,226,816 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\LocationApi.dll

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\System32\config\*.sav >

< %systemroot%\system32\drivers\*.sys /90 >

[2011/07/09 04:26:10 | 000,222,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\mrxsmb10.sys

[2011/06/21 20:38:58 | 000,047,360 | ---- | M] (VSO Software) -- C:\Windows\system32\drivers\pcouffin.sys

[2011/08/08 00:11:50 | 000,138,536 | ---- | M] () -- C:\Windows\system32\drivers\PnkBstrK.sys

[2011/06/21 07:39:53 | 001,286,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\tcpip.sys

< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2011-08-09 22:36:53

========== Alternate Data Streams ==========

@Alternate Data Stream - 168 bytes -> C:\Users\Jean-Guy\Desktop\crépis.jpeg:3or4kl4x13tuuug3Byamue2s4b

@Alternate Data Stream - 168 bytes -> C:\Users\Jean-Guy\changement d'adresse Jg GABET.jpeg:3or4kl4x13tuuug3Byamue2s4b

@Alternate Data Stream - 168 bytes -> C:\Users\Jean-Guy\AGIPI-gabet.jpeg:3or4kl4x13tuuug3Byamue2s4b

< End of report >

Modifié le 10 août 2011 par JGG

JGG · le 10 août 2011

et le extras.txt:

OTL Extras logfile created on: 10/08/2011 21:46:09 - Run 1

OTL by OldTimer - Version 3.2.26.1 Folder = C:\Users\Jean-Guy\Downloads

Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation

Internet Explorer (Version = 9.0.8112.16421)

Locale: 0000040c | Country: France | Language: FRA | Date Format: dd/MM/yyyy

3,49 Gb Total Physical Memory | 1,95 Gb Available Physical Memory | 55,90% Memory free

6,98 Gb Paging File | 5,54 Gb Available in Paging File | 79,39% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files

Drive C: | 297,99 Gb Total Space | 187,75 Gb Free Space | 63,01% Space Free | Partition Type: NTFS

Drive K: | 152,63 Gb Total Space | 18,45 Gb Free Space | 12,09% Space Free | Partition Type: FAT32

Computer Name: JEAN-GUY-PC | User Name: Jean-Guy | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)

.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]

.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)

exefile [open] -- "%1" %*

helpfile [open] -- Reg Error: Key error.

hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)

htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" %1 (Microsoft Corporation)

htmlfile [print] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" /p %1 (Microsoft Corporation)

inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()

Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()

Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [explore] -- Reg Error: Value error.

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

"cval" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

"VistaSp1" = Reg Error: Unknown registry data type -- File not found

"AntiVirusOverride" = 0

"AntiSpywareOverride" = 0

"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

"DisableNotifications" = 0

"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

"DisableNotifications" = 0

"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]

"DisableNotifications" = 0

"EnableFirewall" = 0

========== Authorized Applications List ==========

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148

"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam

"{09F56A49-A7B1-4AAB-95B9-D13094254AD1}" = Windows Live UX Platform Language Pack

"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer

"{0DFF6117-CBBC-4F5C-9C57-6936644F10D4}" = BitDefender Internet Security 2010

"{0F5B4A82-9DAF-3D13-8CB8-AEB25E4A614E}" = Microsoft .NET Framework 4 Client Profile FRA Language Pack

"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update

"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions

"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java 6 Update 21

"{26B5AD79-EE99-4E17-93A6-AF215E3A81E9}" = VC90_CRT_x86

"{34319F1F-7CF2-4CC9-B357-1AE7D2FF3AC5}" = Windows Live

"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile

"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel® Rapid Storage Technology

"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = eReg

"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater

"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace

"{4CBABDFD-49F8-47FD-BE7D-ECDE7270525A}" = Windows Live PIMT Platform

"{51C7AD07-C3F6-4635-8E8A-231306D810FE}" = Cisco LEAP Module

"{6057E21C-ABE9-4059-AE3E-3BEB9925E660}" = Windows Live Messenger

"{61AD15B2-50DB-4686-A739-14FE180D4429}" = Windows Live ID Sign-in Assistant

"{62687B11-58B5-4A18-9BC3-9DF4CE03F194}" = Windows Live Writer Resources

"{645AE9CF-AF1B-4FBB-9B9D-17A23D03AF10}" = Intel® Network Connections 16.1.53.0

"{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}" = Cisco EAP-FAST Module

"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE

"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin

"{6D8DDB4A-C263-40DE-BA16-AFDAD159D59A}" = Tom Clancy's Splinter Cell Conviction

"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable

"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570

"{870F1750-BA89-11DA-A94D-0800200C9A66}_is1" = VSO CopyToDVD 4

"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher

"{89661B04-C646-4412-B6D3-5E19F02F1F37}" = EAX4 Unified Redist

"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight

"{8CFA9151-6404-409A-AF22-4632D04582FD}" = Assassin's Creed

"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT

"{90140000-0015-040C-0000-0000000FF1CE}" = Microsoft Office Access MUI (French) 2010

"{90140000-0015-040C-0000-0000000FF1CE}_Office14.SingleImage_{C3AE9E57-4CD3-44FB-802F-9B461B26E3EB}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-0016-040C-0000-0000000FF1CE}" = Microsoft Office Excel MUI (French) 2010

"{90140000-0016-040C-0000-0000000FF1CE}_Office14.SingleImage_{C3AE9E57-4CD3-44FB-802F-9B461B26E3EB}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-0018-040C-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (French) 2010

"{90140000-0018-040C-0000-0000000FF1CE}_Office14.SingleImage_{C3AE9E57-4CD3-44FB-802F-9B461B26E3EB}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-0019-040C-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (French) 2010

"{90140000-0019-040C-0000-0000000FF1CE}_Office14.SingleImage_{C3AE9E57-4CD3-44FB-802F-9B461B26E3EB}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-001A-040C-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (French) 2010

"{90140000-001A-040C-0000-0000000FF1CE}_Office14.SingleImage_{C3AE9E57-4CD3-44FB-802F-9B461B26E3EB}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-001B-040C-0000-0000000FF1CE}" = Microsoft Office Word MUI (French) 2010

"{90140000-001B-040C-0000-0000000FF1CE}_Office14.SingleImage_{C3AE9E57-4CD3-44FB-802F-9B461B26E3EB}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-001F-0401-0000-0000000FF1CE}" = Microsoft Office Proof (Arabic) 2010

"{90140000-001F-0401-0000-0000000FF1CE}_Office14.SingleImage_{1A43C155-3DDA-43C9-92C5-0E7D0B2B156D}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010

"{90140000-001F-0407-0000-0000000FF1CE}_Office14.SingleImage_{65A2328E-FDFB-4CA3-8582-357EA6825FEA}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010

"{90140000-001F-0409-0000-0000000FF1CE}_Office14.SingleImage_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010

"{90140000-001F-040C-0000-0000000FF1CE}_Office14.SingleImage_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-001F-0413-0000-0000000FF1CE}" = Microsoft Office Proof (Dutch) 2010

"{90140000-001F-0413-0000-0000000FF1CE}_Office14.SingleImage_{5072FEA2-862C-4BF0-9654-CB0DCBE2BE28}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010

"{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.SingleImage_{DEA87BE2-FFCC-4F33-9946-FCBE55A1E998}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-002C-040C-0000-0000000FF1CE}" = Microsoft Office Proofing (French) 2010

"{90140000-002C-040C-0000-0000000FF1CE}_Office14.SingleImage_{C8E4AA87-3E5A-4C70-8CB7-43FE25C99B74}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-003D-0000-0000-0000000FF1CE}" = Microsoft Office Single Image 2010

"{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-006E-040C-0000-0000000FF1CE}" = Microsoft Office Shared MUI (French) 2010

"{90140000-006E-040C-0000-0000000FF1CE}_Office14.SingleImage_{7C5C7E8C-F6D2-43AC-93A4-89E4FF7367E6}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-00A1-040C-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (French) 2010

"{90140000-00A1-040C-0000-0000000FF1CE}_Office14.SingleImage_{C3AE9E57-4CD3-44FB-802F-9B461B26E3EB}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{92482FB3-C05B-41C6-89E7-75D985602A6E}" = System Requirements Lab

"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting

"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster

"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

"{9C049499-055C-4a0c-A916-1D8CA1FF45EB}" = REALTEK Wireless LAN Driver and Utility

"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail

"{9FAE6E8D-E686-49F5-A574-0A58DFD9580C}" = Windows Live Mail

"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper

"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common

"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer

"{AC76BA86-7AD7-1036-7B44-A94000000001}" = Adobe Reader 9.4.5 - Français

"{AF844339-2F8A-4593-81B3-9F4C54038C4E}" = Windows Live MIME IFilter

"{B194272D-1F92-46DF-99EB-8D5CE91CB4EC}" = Adobe AIR

"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA Pilote 3D Vision 267.24

"{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Panneau de configuration NVIDIA 267.24

"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Pilote graphique 267.24

"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA Logiciel système PhysX 9.10.0514

"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA Pilote audio HD : 1.1.13.1

"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application

"{B3DAF54F-DB25-4586-9EF1-96D24BB14088}" = Windows Movie Maker 2.6

"{B9DB4C76-01A4-46D5-8910-F7AA6376DBAF}" = NVIDIA PhysX

"{BE4BA698-8533-4F77-9559-C7F3F78C0B05}" = Assassin's Creed Brotherhood

"{C893D8C0-1BA0-4517-B11C-E89B65E72F70}" = Windows Live Photo Common

"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1

"{CD95D125-2992-4858-B3EF-5F6FB52FBAD6}" = Skype Toolbars

"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform

"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform

"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10

"{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.1

"{E6D22FE1-AB5F-42CA-9480-6F70B96DDD88}" = Need for Speed™ Undercover

"{EAEAAF8C-8E86-4CAC-AC08-1A33EDCA34AC}" = Prince of Persia® Les Sables Oubliés

"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger

"{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}" = Cisco PEAP Module

"{F2508213-9989-4E85-A078-72BE483917EF}" = Microsoft Games for Windows - LIVE Redistributable

"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel® Control Center

"Adobe AIR" = Adobe AIR

"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX

"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin

"AutocompletePro3_is1" = AutocompletePro

"Call of Duty Modern Warfare 2_is1" = Call of Duty Modern Warfare 2

"ESET Online Scanner" = ESET Online Scanner v3

"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1

"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile

"Microsoft .NET Framework 4 Client Profile FRA Language Pack" = Module linguistique Microsoft .NET Framework 4 Client Profile FRA

"Mozilla Firefox 5.0 (x86 fr)" = Mozilla Firefox 5.0 (x86 fr)

"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver

"Office14.SingleImage" = Microsoft Office Famille et Étudiant 2010

"Philips Songbird" = Philips Songbird

"PROSetDX" = Intel® Network Connections 16.1.53.0

"PunkBusterSvc" = PunkBuster Services

"Softonic_France Toolbar" = Softonic_France Toolbar

"SP6" = Logitech SetPoint 6.20

"Steam App 42700" = Call of Duty: Black Ops

"Steam App 42710" = Call of Duty: Black Ops - Multiplayer

"SystemRequirementsLab" = System Requirements Lab

"VLC media player" = VLC media player 1.0.5

"VSO DivxToDVD_is1" = DivxToDVD 0.5.2

"WinLiveSuite" = Windows Live

"WinPcapInst" = WinPcap 4.1.1

"WinRAR archiver" = Logiciel d'archivage WinRAR

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"Google Chrome" = Google Chrome

========== Last 10 Event Log Errors ==========

Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!

< End of report >

Cordialement,

et encore merci d'avance

JGG

lance_yien · le 11 août 2011

Bonjour,

Tu as utilisé OTL depuis ce dossier "OTL by OldTimer - Version 3.2.26.1 Folder = C:\Users\Jean-Guy\Downloads".

Merci de relire la note "Très Important!" dans mon 1er message et déplacer OTL sur le Bureau (ne pas créer un raccourci). Pour éviter tout problème à ton système, prends ton temps pour relire et appliquer les recommandations de cette note.

--

Imprimer ces instructions ou les enregistrer dans un fichier texte sur le Bureau pour les consulter facilement à tout moment.

Aller à Ajout/suppression de programmes et désinstaller:

"AutocompletePro" parce que connu pour récupérer des infos personnelles pour t'afficher des pubs ciblées.
"ESET" car inutile de le garder.

>>> Correction OTL: S'assurer que OTL est sur le Bureau.

(Re)brancher (et allumer) tous les médias amovibles disponibles et fermer toutes les applications et fenêtres en cours.

Désactiver les programmes de protection (antivirus etc...) et cliquer-droit sur OTL.exe => "Exécuter en tant qu'administrateur".

Copier la liste suivante (commençant par :OTL) et la coller dans l'espace sous "Personnalisation" (les : au début et le ] à la fin sont très important, merci de vérifier).

:OTL

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = Facemoods Search

IE - HKLM\..\URLSearchHook: {4daac69c-cba7-45e2-9bc8-1044483d3352} - Reg Error: Key error. File not found

FF - prefs.js..browser.search.defaultenginename: "Facemoods Search"

FF - prefs.js..browser.search.selectedEngine: "Facemoods Search"

FF - prefs.js..extensions.enabledItems: support@predictad.com:1.11

FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: File not found

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\support@predictad.com: C:\Program Files\AutocompletePro\support@predictad.com [2010/07/06 10:54:01 | 000,000,000 | ---D | M]

O3 - HKLM\..\Toolbar: (BitDefender Toolbar) - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2010\IEToolbar.dll (BitDefender S.R.L.)

O3 - HKLM\..\Toolbar: (no name) - {4daac69c-cba7-45e2-9bc8-1044483d3352} - No CLSID value found.

O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {4DAAC69C-CBA7-45E2-9BC8-1044483D3352} - No CLSID value found.

O4 - HKLM..\Run: [NPSStartup] File not found

O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)

O33 - MountPoints2\{1ec913f2-22ce-11e0-8b8b-001cc0fac4fa}\Shell - "" = AutoRun

O33 - MountPoints2\{1ec913f2-22ce-11e0-8b8b-001cc0fac4fa}\Shell\AutoRun\command - "" = "J:\WD SmartWare.exe" autoplay=true

O33 - MountPoints2\{9db7a6ee-762e-11df-9bc8-001cc0fac4fa}\Shell - "" = AutoRun

O33 - MountPoints2\{9db7a6ee-762e-11df-9bc8-001cc0fac4fa}\Shell\AutoRun\command - "" = I:\Autorun.exe

[2011/08/10 10:11:47 | 000,000,000 | ---D | C] -- C:\Program Files\ESET

[2011/07/26 01:26:23 | 000,001,070 | ---- | M] () -- C:\Users\Jean-Guy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\scandisk.lnk

[2011/07/20 00:05:05 | 000,001,070 | ---- | C] () -- C:\Users\Jean-Guy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\scandisk.lnk

@Alternate Data Stream - 168 bytes -> C:\Users\Jean-Guy\Desktop\crépis.jpeg:3or4kl4x13tuuug3Byamue2s4b

@Alternate Data Stream - 168 bytes -> C:\Users\Jean-Guy\changement d'adresse Jg GABET.jpeg:3or4kl4x13tuuug3Byamue2s4b

@Alternate Data Stream - 168 bytes -> C:\Users\Jean-Guy\AGIPI-gabet.jpeg:3or4kl4x13tuuug3Byamue2s4b

:Services

:Reg

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"Softonic_France Toolbar" = -

"AutocompletePro3_is1" = -

:Files

ipconfig /flushdns /c

C:\WINDOWS\tasks\*.job

C:\*.sqm

C:\WINDOWS\System32\*.tmp

C:\WINDOWS\*.tmp

C:\Users\Jean-Guy\AppData\Local\Temp\jar_cache4236817759840452018.tmp

C:\Users\Jean-Guy\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\16\62bf5890-68e232e0

C:\Users\Jean-Guy\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\44\9274bec-593cc4a2

C:\Users\Jean-Guy\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\45\5a09506d-27367a9d

C:\Users\Jean-Guy\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\48\70163df0-31b44bfe

C:\Users\Jean-Guy\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\59\5ee2d53b-6bae3f65

K:\PHOTOS\Téléchargé\Set up\Setup_FreeConverter.exe

K:\PHOTOS\Téléchargé\Set up\Hack Pack par CJ v8\Multi-Hack Selector\resourcesPDE.exe

K:\PHOTOS\Téléchargé\Set up\Hack Pack par CJ v8\Multi-Hack Selector\resourcesPIT.exe

K:\$RECYCLE.BIN\$RCRMILX\VirtuallyJenna Oxin's Style!.exe

C:\Users\Jean-Guy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\scandisk.lnk

:Commands

[EMPTYTEMP]

[EMPTYFLASH]

[RESETHOSTS]

Si c'est toi ou ton administrateur qui avait installer "Facemoods Search" (page de recherche), supprimer les lignes en bleu dans la correction après avoir tout coller.

Cliquer sur le bouton rouge Correction et laisser faire.

Si un ou plusieurs fichiers ne peuvent pas être supprimés normalement, le programme demandera de redémarrer la machine pour finir le processus, cliquer sur Oui.

A la fin un rapport s'ouvre dans le bloc-note. Copier son contenu et le coller dans une nouvelle réponse. Fermer le rapport et OTL.

>>> Utiliser SecurityCheck: Télécharger, sur le Bureau Security Check (par screen317) depuis ici ou ici.

Fermer toutes les fenêtres et applications ouvertes et cliquer-droit dessus => "Exécuter en tant qu'administrateur") pour lancer le programme.

Appuyer sur une touche comme demandé et suivre les indications.

- Si un des programmes de sécurité demande la permission d'accéder à Internet depuis dig.exe, acceptez.

Le Rapport checkup.txt s'ouvre à la fin. Poster son contenu.

Ce rapport ne sera pas enregistré automatiquement. Si vous voulez en garder une copie, cliquez sur "Fichier" => "Enregistrer sous", choisissez un endroit (Bureau par exemple) et cliquez sur "Enregistrer" en bas à droite.

Poster son contenu.

Rapports demandés:

OTL.txt
checkup.txt

Autres symptôme à vérifier?

JGG · le 11 août 2011

bonjour, la deuxième fenêtre de RUNDLL, ne s'ouvre plus au démarrage. (scanadi~1.dll)

je vous post les Deux rapports:

le OTL.txt :

All processes killed

========== OTL ==========

HKLM\SOFTWARE\Microsoft\Internet Explorer\Search\\SearchAssistant| /E : value set successfully!

Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{4daac69c-cba7-45e2-9bc8-1044483d3352} deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4daac69c-cba7-45e2-9bc8-1044483d3352}\ not found.

Prefs.js: "Facemoods Search" removed from browser.search.defaultenginename

Prefs.js: "Facemoods Search" removed from browser.search.selectedEngine

Prefs.js: support@predictad.com:1.11 removed from extensions.enabledItems

Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@microsoft.com/GENUINE\ deleted successfully.

File HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\support@predictad.com: C:\Program Files\AutocompletePro\support@predictad.com not found.

Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{381FFDE8-2394-4f90-B10D-FC6124A40F8C} deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{381FFDE8-2394-4f90-B10D-FC6124A40F8C}\ deleted successfully.

File move failed. C:\Program Files\BitDefender\BitDefender 2010\IEToolbar.dll scheduled to be moved on reboot.

Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{4daac69c-cba7-45e2-9bc8-1044483d3352} deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4daac69c-cba7-45e2-9bc8-1044483d3352}\ not found.

Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{4DAAC69C-CBA7-45E2-9BC8-1044483D3352} deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4DAAC69C-CBA7-45E2-9BC8-1044483D3352}\ not found.

Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\NPSStartup deleted successfully.

Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\DAEMON Tools Lite deleted successfully.

C:\Program Files\DAEMON Tools Lite\DTLite.exe moved successfully.

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1ec913f2-22ce-11e0-8b8b-001cc0fac4fa}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1ec913f2-22ce-11e0-8b8b-001cc0fac4fa}\ not found.

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1ec913f2-22ce-11e0-8b8b-001cc0fac4fa}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1ec913f2-22ce-11e0-8b8b-001cc0fac4fa}\ not found.

File "J:\WD SmartWare.exe" autoplay=true not found.

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{9db7a6ee-762e-11df-9bc8-001cc0fac4fa}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9db7a6ee-762e-11df-9bc8-001cc0fac4fa}\ not found.

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{9db7a6ee-762e-11df-9bc8-001cc0fac4fa}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9db7a6ee-762e-11df-9bc8-001cc0fac4fa}\ not found.

File I:\Autorun.exe not found.

C:\Program Files\ESET\ESET Online Scanner folder moved successfully.

C:\Program Files\ESET folder moved successfully.

C:\Users\Jean-Guy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\scandisk.lnk moved successfully.

File C:\Users\Jean-Guy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\scandisk.lnk not found.

ADS C:\Users\Jean-Guy\Desktop\crépis.jpeg:3or4kl4x13tuuug3Byamue2s4b deleted successfully.

ADS C:\Users\Jean-Guy\changement d'adresse Jg GABET.jpeg:3or4kl4x13tuuug3Byamue2s4b deleted successfully.

ADS C:\Users\Jean-Guy\AGIPI-gabet.jpeg:3or4kl4x13tuuug3Byamue2s4b deleted successfully.

========== SERVICES/DRIVERS ==========

========== REGISTRY ==========

Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\\Softonic_France Toolbar not found.

Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\\AutocompletePro3_is1 not found.

========== FILES ==========

< ipconfig /flushdns /c >

Configuration IP de Windows

Cache de r‚solution DNS vid‚.

C:\Users\Jean-Guy\Desktop\cmd.bat deleted successfully.

C:\Users\Jean-Guy\Desktop\cmd.txt deleted successfully.

C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job moved successfully.

C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job moved successfully.

C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-4242666773-1970633847-3519447004-1000Core.job moved successfully.

C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-4242666773-1970633847-3519447004-1000UA.job moved successfully.

File\Folder C:\*.sqm not found.

File\Folder C:\WINDOWS\System32\*.tmp not found.

File\Folder C:\WINDOWS\*.tmp not found.

C:\Users\Jean-Guy\AppData\Local\Temp\jar_cache4236817759840452018.tmp moved successfully.

C:\Users\Jean-Guy\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\16\62bf5890-68e232e0 moved successfully.

C:\Users\Jean-Guy\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\44\9274bec-593cc4a2 moved successfully.

C:\Users\Jean-Guy\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\45\5a09506d-27367a9d moved successfully.

C:\Users\Jean-Guy\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\48\70163df0-31b44bfe moved successfully.

C:\Users\Jean-Guy\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\59\5ee2d53b-6bae3f65 moved successfully.

K:\PHOTOS\Téléchargé\Set up\Setup_FreeConverter.exe moved successfully.

K:\PHOTOS\Téléchargé\Set up\Hack Pack par CJ v8\Multi-Hack Selector\resourcesPDE.exe moved successfully.

K:\PHOTOS\Téléchargé\Set up\Hack Pack par CJ v8\Multi-Hack Selector\resourcesPIT.exe moved successfully.

K:\$RECYCLE.BIN\$RCRMILX\VirtuallyJenna Oxin's Style!.exe moved successfully.

File\Folder C:\Users\Jean-Guy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\scandisk.lnk not found.

========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 33170 bytes

->Flash cache emptied: 56504 bytes

User: Default User

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 0 bytes

->Flash cache emptied: 0 bytes

User: Jean-Guy

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 41639725 bytes

->Java cache emptied: 24216288 bytes

->FireFox cache emptied: 54004592 bytes

->Google Chrome cache emptied: 107875242 bytes

->Flash cache emptied: 492 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes

%systemroot% .tmp files removed: 0 bytes

%systemroot%\System32 .tmp files removed: 0 bytes

%systemroot%\System32\drivers .tmp files removed: 0 bytes

Windows Temp folder emptied: 42147225 bytes

RecycleBin emptied: 4734319198 bytes

Total Files Cleaned = 4 772,00 mb

[EMPTYFLASH]

User: All Users

User: Default

->Flash cache emptied: 0 bytes

User: Default User

->Flash cache emptied: 0 bytes

User: Jean-Guy

->Flash cache emptied: 0 bytes

User: Public

Total Flash Files Cleaned = 0,00 mb

C:\Windows\System32\drivers\etc\Hosts moved successfully.

HOSTS file reset successfully

OTL by OldTimer - Version 3.2.26.1 log created on 08112011_091209

Files\Folders moved on Reboot...

File move failed. C:\Program Files\BitDefender\BitDefender 2010\IEToolbar.dll scheduled to be moved on reboot.

Registry entries deleted on Reboot...

et le checkup.txt :

Results of screen317's Security Check version 0.99.18

Windows 7 (UAC is enabled)

Internet Explorer 8

``````````````````````````````

Antivirus/Firewall Check:

BitDefender Internet Security 2010

WMI entry may not exist for antivirus; attempting automatic update.

```````````````````````````````

Anti-malware/Other Utilities Check:

Java 6 Update 21

Out of date Java installed!

Adobe Flash Player 10.3.181.26

````````````````````````````````

Process Check:

objlist.exe by Laurent

Common Files BitDefender BitDefender Update Service livesrv.exe

BitDefender BitDefender 2010 vsserv.exe

BitDefender BitDefender 2010 bdagent.exe

BitDefender BitDefender 2010 seccenter.exe

``````````End of Log````````````

Cordialement, et merci d'avoir résolu mes petits problèmes,

j’attends votre réponse, pour savoir si tout est bon, et si je peux lock le sujet.

JGG

lance_yien · le 11 août 2011

C'est OK pour moi aussi :super:

Certains points de ce qui suit ont été traités et d'autres peuvent ne pas s'appliquer à ton système, il faut juste les ignorer),

>>> Mises à jour: Toute ancienne version d'un programme quel qu'il soit peut comporter des vulnérabilités susceptibles d'être exploitées pour infecter un PC:

Java: Utiliser, IMPÉRATIVEMENT, Internet Explorer pour téléchargez (sur le Bureau) la dernière version qui correspond à votre Système d'exploitation (32 ou 64 bits): Téléchargements Java pour tous les systèmes d'exploitation.

Avant l'installation il est important de commencer par supprimer TOUTES les anciennes versions dans votre machine parce qu'elles peuvent contenir des vulnérabilités de sécurité:

Cliquer sur "Démarrer" => "Panneau de Configuration" => "Ajout/ Suppr des Programmes".

Chercher, dans la liste les lignes concernant "Java" (J2SE Runtime Environment... ) et repérables avec cette icône .

Sélectionner une ligne à la fois et cliquer sur Modifier/ Supprimer.

Quand il n'y en a plus fermez tout et installez la nouvelle version en cliquant sur le fichier que vous avez téléchargé.

>>> Supprimer les utilitaires:

- Lancer OTL et cliquer sur Purge outils. Laisser faire et redémarrer le PC.

- Pour supprimer les autres utilitaires et leur rapports (sur le Bureau et/ou à la racine de la partition système), cliquer-droit dessus => "Supprimer".

>>> Ré-initialiser les Points de Restauration parce qu'elles peuvent contenir des traces d'infection:

Cliquer-droit sur "Ordinateur" => "Propriétés" => "Protection Système". Cliquer sur le nom de la partition système (généralement C:) puis sur "Configurer" => "Supprimer" => "Continuer" (pour confirmer).

Cliquer sur "Fermer" puis "OK" => "OK" et attendre un moment.

Retourner dans "Protection système" et cliquer sur la partition => "Configurer" et sélectionner "Restaurer les paramètres système et les versions précédentes des fichiers"

Cliquer sur "OK" => "OK" et fermer la fenêtre.

Un nouveau point de restauration sera créé.

>>> StartUpLite Il y a toujours des programmes qui se lancent INUTILEMENT en même temps que Windows.

Télécharger, sur le Bureau, MBAM' StartUpLite depuis ici.

Fermer toutes les applications en cours et autres fenêtres ouvertes et cliquer-droit sur StartUpLite.exe => "Exécuter en tant qu'administrateur" pour lancer le programme.

Il affichera toutes les entrées inutiles en démarrage automatique

Sélectionner TOUTES les entrées affichées et cliquer sur Continue.

S'il affiche "No unnecessary startups found!", c'est qu'il n'y a rien à faire.

>>> Protéger/ Sécuriser:

Vérifier le Pare-feu: Un pare-feu est le 1er rempart contre les intrusions.
- Ceux de Vista/ Windows 7 peuvent suffire, juste contrôler et activer si nécessaire depuis le "Centre de sécurité".
- Celui inclus dans Windows XP ne contrôle pas le flux sortant d'Internet d'où l'importance d'en installer un autre.
Vérifier et choisir, si nécessaire, un parmi ceux-ci (gratuits): Online Armor Firewall, Sunbelt Personal Firewall, Outpost Firewall FREE.
Contrôler et configurer les mises à jour Windows:
- Cliquer ICI et installer toutes les Mises à jour critiques après avoir accepté l'installation de l'activex (si proposé).
- OU, cliquer sur "Démarrer" => "Tous les programmes" => "Windows update".
- ET, optez (si ce n'est pas encore fait) pour une MAJ Automatique à une heure où vous êtes sûr que votre PC n'est pas éteint.
Installer PSI de Secunia pour des MAJ logiciels
Installer Mes drivers pour des MAJ pilotes (cliquer sur Lancer la détection
auvegarder le Registre avec Erunt
Pour des raisons évidentes, garder les copies de sauvegarde sur un support autre que le disque système.
Immunisez votre machine avec Spyware Blaster, compatible avec Toutes les versions de Windows 32bit et 64bit. Tuto.
Vaccinez votre machine et vos médias amovibles (clés USB...) avec MKV contre les "vers" (Autorun worms). Juste brancher tous les médias amovibles, lancer le programme et cliquer sur le bouton Vaccination (l'action est réversible en cliquant sur "Supprimer la vaccination".
Opter pour Firefox ou Opera pour la navigation de tous les jours et réserver Internet Explorer pour les Mises à jour et les cas bien spécifiques.
Nettoyer et dé-fragmenter, régulièrement, les Partitions/ Disques.

>>> Ce qu'il faut ÉVITER ABSOLUMENT: Parce qu'il existe toujours un programme/logiciel gratuit et légal pour pratiquement tout ce qu'on veut, supprimer de votre machine et rester à l'écart de tout ce qui est,

Warez , Crack , keygen etc. Arrêter de croire que ces programmes sont là juste pour faire plaisir ou rendre service. Il n'y a qu'à parcourir les Forums pour voir le nombre de PC victimes de ces programmes.
P2P , *.Torrent etc: Lire attentivement Le danger des P2P.

>>> Ajouter Résolu: Merci d'éditer ton 1er post pour ajouter [Résolu] à la fin du titre après avoir cliqué sur le bouton "Modifier".

Bonne chance!

JGG · le 11 août 2011

mille merci a vous tous/toutes.

bonne continuation, et bonne soirée/journée.

cordialement

JGG

Connexion

Pas encore inscrit ?

[Résolu] « Rundll » introuvable au démarrage

Messages recommandés

JGG

lance_yien

JGG

JGG

lance_yien

JGG

lance_yien

JGG

Rejoindre la conversation

En ligne récemment 0 membre est en ligne

Zebulon

Outils en ligne

Naviguer