Se connecter / S'enregistrer
Votre question

Erreur Rundll32 et IE s'ouvre plus [Résolu]

Tags :
  • Sécurité
Dernière réponse : dans Sécurité et virus
6 Mars 2010 16:15:44

Bonjour, voilà j'ai un souci qui devient gênant sur mon pc > dès que j'ouvre un dossier, n'importe lequel, ou pire, que j'ouvre Internet Explorer, voici le message qui apparait : "Processus hôte Windows (Rundll32) a cessé de fonctionner... Un problème a fait que le programme a cessé de fonctionner correctement. Windows va fermer ce programme et vous indiquer si une solution est disponible." > Fermer le programme. Ce qui fait que je peux plus me servir d'IE, et que j'ai quelques bug quand j'ouvre des dossiers etc... Ca me l'avait jamais fait avant, c'est arrivé brutalement. Merci de m'indiquer quoi faire, car je serais pas étonné si cela vient d'une infection, ca m'aiderait beaucoup ! Merci d'avance.

Autres pages sur : erreur rundll32 ouvre resolu

a c 267 8 Sécurité
7 Mars 2010 15:53:45

Bonjour,

  • Télécharge OTL (de OldTimer) sur ton Bureau.
  • Double-clique sur OTL pour le lancer.
    (Sous Vista/Win7, il faut cliquer droit sur OTL et choisir Exécuter en tant qu'administrateur)
  • Une fenêtre apparaît. Dans la section Output en haut de cette fenêtre, coche Minimal Output.
  • Coche également les cases à côté de LOP Check et Purity Check.
  • Enfin, clique sur le bouton Run Scan. Le scan ne prendra pas beaucoup de temps.
  • Une fois l'analyse terminée, deux fenêtres vont s'ouvrir dans le Bloc-notes : OTL.txt et Extras.txt. Ils se trouvent au même endroit que OTL (donc par défaut sur le Bureau).

    Pour me transmettre les rapports :
  • Clique sur ce lien : http://www.cijoint.fr/
  • Clique sur Parcourir... et cherche le fichier du rapport que tu souhaites me transmettre.
  • Clique sur Ouvrir.
  • Clique sur Cliquez ici pour déposer le fichier.
  • Un lien de cette forme, hxxp://www.cijoint.fr/cjlink.php?file=cj200905/cijSKAP5fU.txt, est ajouté dans la page.
  • Copie-colle ce lien dans ta réponse.
    Contenus similaires
    a c 267 8 Sécurité
    7 Mars 2010 17:23:51

    Tu as une jolie collection de virus.

  • Désinstalle Ask Toolbar, Hotbar et ShopperReports.

  • Désactive l'UAC le temps de la désinfection.

  • Télécharge Ad-Remover (de C_XX) sur ton Bureau.

    /!\ Déconnecte-toi et ferme toutes applications en cours /!\

  • Double-clique sur AD-R situé sur ton Bureau pour le lancer.
    (Sous Vista/Win7, il faut cliquer droit sur AD-R et choisir Exécuter en tant qu'administrateur)
  • Choisis la langue F pour Français.
  • Au menu principal, choisis l'option L.

    /!\ Laisse travailler l'outil /!\

  • Poste le rapport qui apparaît à la fin (C:\Ad-Report-CLEAN.log).

    (CTRL+A pour tout sélectionner, CTRL+C pour copier et CTRL+V pour coller)

    Note : "Process.exe", une composante de l'outil, est détectée par certains antivirus (AntiVir, Kaspersky, etc.) comme étant un RiskTool. Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus. Mis entre de mauvaises mains, cet utilitaire pourrait arrêter des logiciels de sécurité (Antivirus, Firewall...) d'où l'alerte émise par ces antivirus.
    7 Mars 2010 18:12:21

    Voici le rapport :

    .
    ======= RAPPORT D'AD-REMOVER 1.1.4.6_J | UNIQUEMENT XP/VISTA/7 =======
    .
    Mis à jour par C_XX le 05.02.2010 à 17:34
    Contact: AdRemover.contact@gmail.com
    Site web: http://pagesperso-orange.fr/NosTools/ad_remover.html
    .
    Lancé à: 17:52:44, 07/03/2010 | Mode Normal | Option: CLEAN
    Exécuté de: C:\Ad-Remover\
    Système d'exploitation: Microsoft® Windows Vista™ HomePremium Service Pack 2 v6.0.6002
    Nom du PC: PC-HUGO | Utilisateur actuel: Hugo
    .
    ============== ÉLÉMENT(S) NEUTRALISÉ(S) ==============
    .

    C:\Users\Hugo\AppData\Roaming\Mozilla\FireFox\Profiles\ydez76sg.default\searchplugins\cherche.xml
    C:\Users\Hugo\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\21Nova Casino
    C:\Program Files\AGI
    C:\ProgramData\AGI

    (!) -- Fichiers temporaires supprimés.

    .
    HKCU\software\AskBarDis
    HKCU\software\EoRezo
    HKLM\software\appdatalow\AskBarDis
    HKLM\software\classes\AskIBar.PopSwatterBarButton
    HKLM\software\classes\AskIBar.PopSwatterBarButton.1
    HKLM\software\classes\AskIBar.PopSwatterSettingsControl
    HKLM\software\classes\AskIBar.PopSwatterSettingsControl.1
    HKLM\software\classes\AskToolBar.SettingsPlugin
    HKLM\software\classes\AskToolBar.SettingsPlugin.1
    HKLM\Software\Classes\CLSID\{08993A7C-E764-4172-9627-BFB5EA6897B2}
    HKLM\Software\Classes\CLSID\{128A6C66-AC6A-4617-8268-AB7F47B7215E}
    HKLM\Software\Classes\CLSID\{4260e0cc-0f75-462e-88a3-1e05c248bf4c}
    HKLM\Software\Classes\CLSID\{571715D7-3395-4DF0-B43C-784836209E60}
    HKLM\Software\Classes\Interface\{4634804A-F0B0-4A74-A550-FC0EEF8A4362}
    HKLM\Software\Classes\Interface\{4C07EA4F-5F52-4222-B170-4CD9ED33BAEA}
    HKLM\Software\Classes\Interface\{819DB72D-1C28-4387-9778-E2FF3DC86F74}
    HKLM\Software\Classes\Interface\{C44FEFF4-EF0C-4CF7-83D0-92B4266A32B9}
    HKLM\Software\Classes\Interface\{F131923C-381D-4E4C-A472-4A17118FD742}
    HKLM\Software\Classes\TypeLib\{D2E5FA06-DCC7-46F9-BEFF-BFD06F69B9B2}
    HKLM\Software\Microsoft\Code Store Database\Distribution Units\CabBuilder
    .
    ============== Scan additionnel ==============
    .
    .
    * Mozilla FireFox Version 3.5.8 [fr] *
    .
    Nom du profil: ydez76sg.default (Hugo)
    .
    (Hugo, Invalidprefs.js) Browser.search.defaultenginename, Google
    (Hugo, Invalidprefs.js) Browser.search.defaulturl, hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
    (Hugo, Invalidprefs.js) Browser.search.selectedEngine, Google
    (Hugo, Invalidprefs.js) Extensions.enabledItems, {E9A1DEE0-C623-4439-8932-001E7D17607D}:2.1.0.7,{B7082FAA-CB62-4872-9106-E42DD88EDE45}:2.9,{20a82645-c095-46ed-80e3-08825760534b}:1.1,{972ce4c6-7e08-4474-a285-3208198ce6fd}:3.5.3
    (Hugo, Invalidprefs.js) Keyword.URL, hxxp://google.cherche.us/Result.php?client=pub-0420647136319153&cof=GIMP%3A009900%3BT%3A000000%3BALC%3A551a8b%3BGFNT%3AB7B7B7%3BLC%3A2200cc%3BBGC%3AFFFFFF%3BVLC%3A551a8b%3BGALT%3A008B45%3BFORID%3A11%3BDIV%3A%23FFFFF0%3B&ie=ISO-8859-1&q=
    (Hugo, Invalidprefs.js) Keyword.URL, hxxp://google.cherche.us/Result.php?client=pub-0420647136319153&cof=GIMP%3A009900%3BT%3A000000%3BALC%3A551a8b%3BGFNT%3AB7B7B7%3BLC%3A2200cc%3BBGC%3AFFFFFF%3BVLC%3A551a8b%3BGALT%3A008B45%3BFORID%3A11%3BDIV%3A%23FFFFF0%3B&ie=ISO-8859-1&q=
    (Hugo, Invalidprefs.js) Keyword.URL, hxxp://google.cherche.us/Result.php?client=pub-0420647136319153&cof=GIMP%3A009900%3BT%3A000000%3BALC%3A551a8b%3BGFNT%3AB7B7B7%3BLC%3A2200cc%3BBGC%3AFFFFFF%3BVLC%3A551a8b%3BGALT%3A008B45%3BFORID%3A11%3BDIV%3A%23FFFFF0%3B&ie=ISO-8859-1&q=
    .
    (Hugo, prefs.js) Browser.download.lastDir, C:\Users\Hugo\Desktop
    (Hugo, prefs.js) Browser.search.defaultenginename, Google
    (Hugo, prefs.js) Browser.search.defaulturl, hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
    (Hugo, prefs.js) Browser.search.selectedEngine, Google
    (Hugo, prefs.js) Browser.startup.homepage, hxxp://www.google.fr/
    (Hugo, prefs.js) Extensions.enabledItems, {3FC26A8E-3EDC-4626-82F6-2EC5F56CB638}:1.0,{b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.7.1,{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}:6.0.16,{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}:6.0.17,{20a82645-c095-46ed-80e3-08825760534b}:1.1,{972ce4c6-7e08-4474-a285-3208198ce6fd}:3.5.8
    .
    .
    * Internet Explorer Version 8.0.6001.18882 *
    .
    [HKEY_CURRENT_USER\..\Internet Explorer\Main]
    .
    Start Page: hxxp://fr.msn.com/
    Do404Search: 01000000
    Local Page: C:\Windows\system32\blank.htm
    Show_ToolBar: yes
    Enable Browser Extensions: yes
    Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnh...
    Search Bar: hxxp://go.microsoft.com/fwlink/?linkid=54896
    Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    .
    [HKEY_LOCAL_MACHINE\..\Internet Explorer\Main]
    .
    Start Page: hxxp://fr.msn.com/
    Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnh...
    Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    Delete_Temp_Files_On_Exit: yes
    Local Page: C:\Windows\System32\blank.htm
    Search bar: hxxp://search.msn.com/spbasic.htm
    .
    [HKEY_LOCAL_MACHINE\..\Internet Explorer\ABOUTURLS]
    .
    Tabs: res://ieframe.dll/tabswelcome.htm
    .
    ============== Suspect (Cracks, Serials, ...) ==============
    .
    C:\Users\Hugo\Desktop\Chocho\Installations\Age2XPatch.exe
    C:\Users\Hugo\Documents\LimeWire\Incomplete\FKOGOJEOTU4PGOCBC6CPIKPCWPMVNSSG\.dat[Crack] age of empires 2 the conquerors-nocd-1_0c-ENG Crack [www.playgametorrents.blogspot.com].rar
    C:\Users\Hugo\Documents\LimeWire\Incomplete\FKOGOJEOTU4PGOCBC6CPIKPCWPMVNSSG\[Crack] age of empires 2 the conquerors-nocd-1_0c-ENG Crack [www.playgametorrents.blogspot.com].rar
    .
    ===================================
    .
    6250 Octet(s) - C:\Ad-Report-CLEAN[1].log
    5661 Octet(s) - C:\Ad-Report-CLEAN[2].log
    .
    1197 Fichier(s) - C:\Users\Hugo\AppData\Local\Temp
    1083 Fichier(s) - C:\Windows\Temp
    0 Fichier(s) - C:\Windows\Prefetch
    .
    22 Fichier(s) - C:\Ad-Remover\BACKUP
    586 Fichier(s) - C:\Ad-Remover\QUARANTINE
    .
    Fin à: 18:09:24 | 07/03/2010 - CLEAN[2]
    .
    ============== E.O.F ==============
    .
    a c 267 8 Sécurité
    7 Mars 2010 18:17:28

  • Désinstalle Ad-Remover.

  • Télécharge Malwarebytes' Anti-Malware (MBAM) sur ton Bureau.
  • Double-clique sur le fichier téléchargé pour lancer le processus d'installation.
  • Dans l'onglet Mise à jour, clique sur le bouton Recherche de mise à jour : si le pare-feu demande l'autorisation à MBAM de se connecter à Internet, accepte.
  • Une fois la mise à jour terminée, rends-toi dans l'onglet Recherche.
  • Sélectionne Exécuter un examen rapide.
  • Clique sur Rechercher. L'analyse démarre.
  • A la fin de l'analyse, un message s'affiche :
    Citation :
    L'examen s'est terminé normalement. Cliquez sur 'Afficher les résultats' pour afficher tous les objets trouvés.

  • Clique sur OK pour poursuivre. Si MBAM n'a rien trouvé, il te le dira aussi.
  • Ferme tes navigateurs.
  • Si des malwares ont été détectés, clique sur Afficher les résultats.
  • Sélectionne tout (ou laisse coché) et clique sur Supprimer la sélection, MBAM va détruire les fichiers et clés de registre infectés et en mettre une copie dans la quarantaine.
  • MBAM va ouvrir le Bloc-notes et y copier le rapport d'analyse. Copie-colle ce rapport dans ta prochaine réponse.
    7 Mars 2010 18:55:45

    Voici le rapport :

    Malwarebytes' Anti-Malware 1.44
    Version de la base de données: 3833
    Windows 6.0.6002 Service Pack 2
    Internet Explorer 8.0.6001.18882

    07/03/2010 18:46:04
    mbam-log-2010-03-07 (18-46-04).txt

    Type de recherche: Examen rapide
    Eléments examinés: 109851
    Temps écoulé: 13 minute(s), 2 second(s)

    Processus mémoire infecté(s): 0
    Module(s) mémoire infecté(s): 0
    Clé(s) du Registre infectée(s): 7
    Valeur(s) du Registre infectée(s): 0
    Elément(s) de données du Registre infecté(s): 1
    Dossier(s) infecté(s): 0
    Fichier(s) infecté(s): 6

    Processus mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Module(s) mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Clé(s) du Registre infectée(s):
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2fda72dd-603d-4ecf-8114-6a22be7d571a} (Trojan.Vundo.H) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\vyvwaakv (Trojan.Vundo.H) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{2fda72dd-603d-4ecf-8114-6a22be7d571a} (Trojan.Vundo.H) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{a7cddcdc-beeb-4685-a062-978f5e07ceee} (Adware.ShopperReports) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{100eb1fd-d03e-47fd-81f3-ee91287f9465} (Adware.ShopperReports) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\jhxwduzq (Trojan.Vundo.H) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{2fda72dd-603d-4ecf-8114-6a22be7d571a} (Trojan.Vundo.H) -> Quarantined and deleted successfully.

    Valeur(s) du Registre infectée(s):
    (Aucun élément nuisible détecté)

    Elément(s) de données du Registre infecté(s):
    HKEY_CLASSES_ROOT\regfile\shell\open\command\(default) (Broken.OpenCommand) -> Bad: ("regedit.exe" "%1") Good: (regedit.exe "%1") -> Quarantined and deleted successfully.

    Dossier(s) infecté(s):
    (Aucun élément nuisible détecté)

    Fichier(s) infecté(s):
    c:\Windows\System32\ljlquyr.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
    C:\Users\Hugo\AppData\Local\Temp\8E7D.exe (Rootkit.TDSS) -> Quarantined and deleted successfully.
    C:\Users\Hugo\AppData\Local\Temp\nsi3775.tmp\browserquest.exe (Adware.Agent) -> Quarantined and deleted successfully.
    C:\Users\Hugo\AppData\Local\Temp\nsi3775.tmp\uninstall.exe (Adware.Agent) -> Quarantined and deleted successfully.
    C:\Users\Hugo\AppData\Local\Temp\nso87F5.tmp\browserquest.exe (Adware.Agent) -> Quarantined and deleted successfully.
    C:\Users\Hugo\AppData\Local\Temp\nso87F5.tmp\uninstall.exe (Adware.Agent) -> Quarantined and deleted successfully.
    a c 267 8 Sécurité
    7 Mars 2010 18:58:33

  • Relance MBAM, va dans Quarantaine et supprime tout.

  • Refais un scan OTL et poste le rapport OTL.
    7 Mars 2010 19:13:06

    Le rapport OTL :

    OTL logfile created on: 07/03/2010 19:08:17 - Run 2
    OTL by OldTimer - Version 3.1.34.0 Folder = C:\Users\Hugo\Desktop
    Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
    Internet Explorer (Version = 8.0.6001.18882)
    Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

    2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 52,00% Memory free
    4,00 Gb Paging File | 3,00 Gb Available in Paging File | 72,00% Paging File free
    Paging file location(s): ?:\pagefile.sys [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
    Drive C: | 110,69 Gb Total Space | 14,79 Gb Free Space | 13,36% Space Free | Partition Type: NTFS
    Drive D: | 110,48 Gb Total Space | 110,39 Gb Free Space | 99,92% Space Free | Partition Type: NTFS
    E: Drive not present or media not loaded
    F: Drive not present or media not loaded
    G: Drive not present or media not loaded
    H: Drive not present or media not loaded
    I: Drive not present or media not loaded

    Computer Name: PC-HUGO
    Current User Name: Hugo
    Logged in as Administrator.

    Current Boot Mode: Normal
    Scan Mode: Current user
    Company Name Whitelist: Off
    Skip Microsoft Files: Off
    File Age = 30 Days
    Output = Minimal

    ========== Processes (SafeList) ==========

    PRC - C:\Users\Hugo\Desktop\OTL.exe (OldTimer Tools)
    PRC - C:\ProgramData\BrowserQuest\browserquest121.exe ()
    PRC - C:\Program Files\BrowserQuest\browserquest.exe ()
    PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
    PRC - C:\Program Files\McAfee\SiteAdvisor\McSACore.exe (McAfee, Inc.)
    PRC - C:\Users\Hugo\AppData\Local\Temp\RtkBtMnt.exe (Realtek Semiconductor Corp.)
    PRC - C:\Windows\explorer.exe (Microsoft Corporation)
    PRC - C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
    PRC - C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe (Egis Incorporated)
    PRC - c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe (McAfee, Inc.)
    PRC - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe (McAfee, Inc.)
    PRC - C:\Acer\Empowering Technology\eNet\eNet Service.exe (Acer Inc.)
    PRC - C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe ()
    PRC - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe (McAfee, Inc.)
    PRC - C:\Acer\Mobility Center\MobilityService.exe ()
    PRC - C:\Program Files\McAfee\MSK\MskSrver.exe (McAfee, Inc.)
    PRC - c:\PROGRA~1\mcafee\msc\mcuimgr.exe (McAfee, Inc.)
    PRC - C:\Acer\Empowering Technology\eAudio\eAudio.exe (CyberLink)
    PRC - C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe (Acer Inc.)
    PRC - C:\Acer\Empowering Technology\ePower\ePowerSvc.exe (acer)
    PRC - C:\Acer\ALaunch\ALaunchSvc.exe ()
    PRC - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe (Acer Inc.)
    PRC - C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
    PRC - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe (McAfee, Inc.)
    PRC - c:\PROGRA~1\mcafee.com\agent\mcagent.exe (McAfee, Inc.)
    PRC - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe (McAfee, Inc.)
    PRC - C:\Program Files\McAfee\MPF\MPFSrv.exe (McAfee, Inc.)
    PRC - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe (Intel Corporation)


    ========== Modules (SafeList) ==========

    MOD - C:\Users\Hugo\Desktop\OTL.exe (OldTimer Tools)
    MOD - C:\Program Files\BrowserQuest\browserquest.dll ()
    MOD - c:\PROGRA~1\mcafee\SITEAD~1\saHook.dll (McAfee, Inc.)
    MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0\comctl32.dll (Microsoft Corporation)


    ========== Win32 Services (SafeList) ==========

    SRV - (BrowserQuest Service) -- C:\ProgramData\BrowserQuest\browserquest121.exe ()
    SRV - (McAfee SiteAdvisor Service) -- C:\Program Files\McAfee\SiteAdvisor\McSACore.exe (McAfee, Inc.)
    SRV - (FontCache) -- C:\Windows\System32\FntCache.dll (Microsoft Corporation)
    SRV - (eDataSecurity Service) -- C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe (Egis Incorporated)
    SRV - (McNASvc) -- c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe (McAfee, Inc.)
    SRV - (WinDefend) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
    SRV - (mcmscsvc) -- C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe (McAfee, Inc.)
    SRV - (eNet Service) -- C:\Acer\Empowering Technology\eNet\eNet Service.exe (Acer Inc.)
    SRV - (eSettingsService) -- C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe ()
    SRV - (McSysmon) -- C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe (McAfee, Inc.)
    SRV - (MobilityService) -- C:\Acer\Mobility Center\MobilityService.exe ()
    SRV - (MSK80Service) -- C:\Program Files\McAfee\MSK\MskSrver.exe (McAfee, Inc.)
    SRV - (McODS) -- C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe (McAfee, Inc.)
    SRV - (eLockService) -- C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe (Acer Inc.)
    SRV - (WMIService) -- C:\Acer\Empowering Technology\ePower\ePowerSvc.exe (acer)
    SRV - (ALaunchService) -- C:\Acer\ALaunch\ALaunchSvc.exe ()
    SRV - (eRecoveryService) -- C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe (Acer Inc.)
    SRV - (McProxy) -- c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe (McAfee, Inc.)
    SRV - (McShield) -- C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe (McAfee, Inc.)
    SRV - (MpfService) -- C:\Program Files\McAfee\MPF\MPFSrv.exe (McAfee, Inc.)
    SRV - (IAANTMON) Intel(R) -- C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe (Intel Corporation)


    ========== Driver Services (SafeList) ==========

    DRV - (NTIDrvr) -- C:\Windows\System32\drivers\NTIDrvr.sys (NewTech Infosystems, Inc.)
    DRV - (igfx) -- C:\Windows\System32\drivers\igdkmd32.sys (Intel Corporation)
    DRV - (MegaSR) -- C:\Windows\system32\drivers\megasr.sys (LSI Corporation, Inc.)
    DRV - (adpu320) -- C:\Windows\system32\drivers\adpu320.sys (Adaptec, Inc.)
    DRV - (megasas) -- C:\Windows\system32\drivers\megasas.sys (LSI Corporation)
    DRV - (adpu160m) -- C:\Windows\system32\drivers\adpu160m.sys (Adaptec, Inc.)
    DRV - (SiSRaid4) -- C:\Windows\system32\drivers\sisraid4.sys (Silicon Integrated Systems)
    DRV - (HpCISSs) -- C:\Windows\system32\drivers\hpcisss.sys (Hewlett-Packard Company)
    DRV - (adpahci) -- C:\Windows\system32\drivers\adpahci.sys (Adaptec, Inc.)
    DRV - (LSI_SAS) -- C:\Windows\system32\drivers\lsi_sas.sys (LSI Logic)
    DRV - (ql2300) -- C:\Windows\system32\drivers\ql2300.sys (QLogic Corporation)
    DRV - (E1G60) Intel(R) -- C:\Windows\System32\drivers\E1G60I32.sys (Intel Corporation)
    DRV - (arcsas) -- C:\Windows\system32\drivers\arcsas.sys (Adaptec, Inc.)
    DRV - (iaStorV) -- C:\Windows\system32\drivers\iastorv.sys (Intel Corporation)
    DRV - (vsmraid) -- C:\Windows\system32\drivers\vsmraid.sys (VIA Technologies Inc.,Ltd)
    DRV - (ulsata2) -- C:\Windows\system32\drivers\ulsata2.sys (Promise Technology, Inc.)
    DRV - (LSI_SCSI) -- C:\Windows\system32\drivers\lsi_scsi.sys (LSI Logic)
    DRV - (LSI_FC) -- C:\Windows\system32\drivers\lsi_fc.sys (LSI Logic)
    DRV - (arc) -- C:\Windows\system32\drivers\arc.sys (Adaptec, Inc.)
    DRV - (elxstor) -- C:\Windows\system32\drivers\elxstor.sys (Emulex)
    DRV - (HSFHWAZL) -- C:\Windows\System32\drivers\VSTAZL3.SYS (Conexant Systems, Inc.)
    DRV - (adp94xx) -- C:\Windows\system32\drivers\adp94xx.sys (Adaptec, Inc.)
    DRV - (nvraid) -- C:\Windows\system32\drivers\nvraid.sys (NVIDIA Corporation)
    DRV - (nvstor) -- C:\Windows\system32\drivers\nvstor.sys (NVIDIA Corporation)
    DRV - (NETw3v32) Pilote de carte Intel(R) -- C:\Windows\System32\drivers\NETw3v32.sys (Intel Corporation)
    DRV - (uliahci) -- C:\Windows\system32\drivers\uliahci.sys (ULi Electronics Inc.)
    DRV - (viaide) -- C:\Windows\system32\drivers\viaide.sys (VIA Technologies, Inc.)
    DRV - (cmdide) -- C:\Windows\system32\drivers\cmdide.sys (CMD Technology, Inc.)
    DRV - (aliide) -- C:\Windows\system32\drivers\aliide.sys (Acer Laboratories Inc.)
    DRV - ({49DE1C67-83F8-4102-99E0-C16DCC7EEC796}) -- C:\Program Files\Acer Arcade Deluxe\Play Movie\000.fcl (Cyberlink Corp.)
    DRV - (psdvdisk) -- C:\Windows\System32\drivers\PSDVdisk.sys (Egis Incorporated)
    DRV - (PSDFilter) -- C:\Windows\system32\DRIVERS\psdfilter.sys (Egis Incorporated)
    DRV - (PSDNServ) -- C:\Windows\System32\drivers\PSDNServ.sys (Egis Incorporated)
    DRV - (NETw4v32) Pilote de carte Intel(R) -- C:\Windows\System32\drivers\NETw4v32.sys (Intel Corporation)
    DRV - (ApfiltrService) -- C:\Windows\System32\drivers\Apfiltr.sys (Alps Electric Co., Ltd.)
    DRV - (mfesmfk) -- C:\Windows\System32\drivers\mfesmfk.sys (McAfee, Inc.)
    DRV - (mfehidk) -- C:\Windows\System32\drivers\mfehidk.sys (McAfee, Inc.)
    DRV - (mfeavfk) -- C:\Windows\System32\drivers\mfeavfk.sys (McAfee, Inc.)
    DRV - (mfebopk) -- C:\Windows\System32\drivers\mfebopk.sys (McAfee, Inc.)
    DRV - (mferkdk) -- C:\Windows\System32\drivers\mferkdk.sys (McAfee, Inc.)
    DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\Windows\System32\drivers\RTKVHDA.sys (Realtek Semiconductor Corp.)
    DRV - (SNP2UVC) USB2.0 PC Camera (SNP2UVC) -- C:\Windows\System32\drivers\snp2uvc.sys ()
    DRV - (rimmptsk) -- C:\Windows\System32\drivers\rimmptsk.sys (REDC)
    DRV - (athr) -- C:\Windows\System32\drivers\athr.sys (Atheros Communications, Inc.)
    DRV - (rismxdp) -- C:\Windows\System32\drivers\rixdptsk.sys (REDC)
    DRV - (rimsptsk) -- C:\Windows\System32\drivers\rimsptsk.sys (REDC)
    DRV - (b57nd60x) -- C:\Windows\System32\drivers\b57nd60x.sys (Broadcom Corporation)
    DRV - (MPFP) -- C:\Windows\System32\drivers\Mpfp.sys (McAfee, Inc.)
    DRV - (iaStor) -- C:\Windows\system32\DRIVERS\iaStor.sys ()
    DRV - (int15) -- C:\Acer\Empowering Technology\eRecovery\int15.sys (Acer, Inc.)
    DRV - (HSF_DPV) -- C:\Windows\System32\drivers\HSX_DPV.sys (Conexant Systems, Inc.)
    DRV - (HSXHWAZL) -- C:\Windows\System32\drivers\HSXHWAZL.sys (Conexant Systems, Inc.)
    DRV - (winachsf) -- C:\Windows\System32\drivers\HSX_CNXT.sys (Conexant Systems, Inc.)
    DRV - (enecir) -- C:\Windows\System32\drivers\enecir.sys (ENE TECHNOLOGY INC.)
    DRV - (XAudio) -- C:\Windows\System32\drivers\XAudio.sys (Conexant Systems, Inc.)
    DRV - (DKbFltr) -- C:\Windows\System32\drivers\DKbFltr.sys (Dritek System Inc.)
    DRV - (DritekPortIO) -- C:\PROGRA~1\LAUNCH~1\DPortIO.sys (Dritek System Inc.)
    DRV - (ql40xx) -- C:\Windows\system32\drivers\ql40xx.sys (QLogic Corporation)
    DRV - (UlSata) -- C:\Windows\system32\drivers\ulsata.sys (Promise Technology, Inc.)
    DRV - (nfrd960) -- C:\Windows\system32\drivers\nfrd960.sys (IBM Corporation)
    DRV - (iirsp) -- C:\Windows\system32\drivers\iirsp.sys (Intel Corp./ICP vortex GmbH)
    DRV - (aic78xx) -- C:\Windows\system32\drivers\djsvs.sys (Adaptec, Inc.)
    DRV - (iteraid) -- C:\Windows\system32\drivers\iteraid.sys (Integrated Technology Express, Inc.)
    DRV - (iteatapi) -- C:\Windows\system32\drivers\iteatapi.sys (Integrated Technology Express, Inc.)
    DRV - (Symc8xx) -- C:\Windows\system32\drivers\symc8xx.sys (LSI Logic)
    DRV - (Sym_u3) -- C:\Windows\system32\drivers\sym_u3.sys (LSI Logic)
    DRV - (Mraid35x) -- C:\Windows\system32\drivers\mraid35x.sys (LSI Logic Corporation)
    DRV - (Sym_hi) -- C:\Windows\system32\drivers\sym_hi.sys (LSI Logic)
    DRV - (Brserid) Brother MFC Serial Port Interface Driver (WDM) -- C:\Windows\system32\drivers\brserid.sys (Brother Industries Ltd.)
    DRV - (BrUsbSer) -- C:\Windows\system32\drivers\brusbser.sys (Brother Industries Ltd.)
    DRV - (BrFiltUp) -- C:\Windows\system32\drivers\brfiltup.sys (Brother Industries, Ltd.)
    DRV - (BrFiltLo) -- C:\Windows\system32\drivers\brfiltlo.sys (Brother Industries, Ltd.)
    DRV - (BrSerWdm) -- C:\Windows\system32\drivers\brserwdm.sys (Brother Industries Ltd.)
    DRV - (BrUsbMdm) -- C:\Windows\system32\drivers\brusbmdm.sys (Brother Industries Ltd.)
    DRV - (ntrigdigi) -- C:\Windows\system32\drivers\ntrigdigi.sys (N-trig Innovative Technologies)


    ========== Standard Registry (SafeList) ==========


    ========== Internet Explorer ==========

    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/

    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = cherche.us
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://google.cherche.us/Result.php?client=pub-04206471...{searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
    IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
    IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

    ========== FireFox ==========

    FF - prefs.js..browser.search.defaultenginename: "Google"
    FF - prefs.js..browser.search.defaulturl: "http://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q="
    FF - prefs.js..browser.search.selectedEngine: "Google"
    FF - prefs.js..browser.startup.homepage: "http://www.google.fr/"
    FF - prefs.js..extensions.enabledItems: {3FC26A8E-3EDC-4626-82F6-2EC5F56CB638}:1.0
    FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.7.1

    FF - HKLM\software\mozilla\Mozilla Firefox 3.5.8\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/03/07 17:36:14 | 000,000,000 | ---D | M]
    FF - HKLM\software\mozilla\Mozilla Firefox 3.5.8\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/02/24 14:37:34 | 000,000,000 | ---D | M]

    [2009/09/25 17:03:48 | 000,000,000 | ---D | M] -- C:\Users\Hugo\AppData\Roaming\mozilla\Extensions
    [2010/03/07 15:49:02 | 000,000,000 | ---D | M] -- C:\Users\Hugo\AppData\Roaming\mozilla\Firefox\Profiles\ydez76sg.default\extensions
    [2009/09/28 18:52:56 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Hugo\AppData\Roaming\mozilla\Firefox\Profiles\ydez76sg.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
    [2010/03/07 15:48:48 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Hugo\AppData\Roaming\mozilla\Firefox\Profiles\ydez76sg.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
    [2010/02/24 02:46:08 | 000,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions
    [2010/02/24 02:46:08 | 000,000,000 | ---D | M] (BrowserQuest) -- C:\Program Files\mozilla firefox\extensions\{3FC26A8E-3EDC-4626-82F6-2EC5F56CB638}
    [2009/08/24 20:21:51 | 000,001,516 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazon-france.xml
    [2010/02/24 02:46:08 | 000,002,405 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\browserquest118.xml
    [2010/02/24 04:16:16 | 000,002,405 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\browserquest119.xml
    [2010/03/03 05:05:23 | 000,002,405 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\browserquest121.xml
    [2009/08/24 20:21:51 | 000,001,822 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\cnrtl-tlfi-fr.xml
    [2009/08/24 20:21:51 | 000,000,757 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-france.xml
    [2009/08/24 20:21:51 | 000,001,426 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-fr.xml
    [2009/08/24 20:21:51 | 000,000,652 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-france.xml

    O1 HOSTS File: ([2006/09/18 22:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
    O1 - Hosts: 127.0.0.1 localhost
    O1 - Hosts: ::1 localhost
    O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
    O2 - BHO: (McAfee Phishing Filter) - {377C180E-6F0E-4D4C-980F-F45BD3D40CF4} - c:\PROGRA~1\mcafee\msk\mcapbho.dll ()
    O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll (McAfee, Inc.)
    O2 - BHO: (ShowBarObj Class) - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Acer\Empowering Technology\eDataSecurity\x86\ActiveToolBand.dll (HiTRUST)
    O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
    O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll (Google Inc.)
    O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
    O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
    O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
    O3 - HKLM\..\Toolbar: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll (Egis Incorporated.)
    O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
    O3 - HKCU\..\Toolbar\ShellBrowser: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477E-A7DD-396DB0476E29} - C:\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll (Egis Incorporated.)
    O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
    O4 - HKLM..\Run: [eAudio] C:\Acer\Empowering Technology\eAudio\eAudio.exe (CyberLink)
    O4 - HKLM..\Run: [eRecoveryService] File not found
    O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
    O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
    O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
    O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll (Google Inc.)
    O9 - Extra Button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll (Microsoft Corporation)
    O9 - Extra 'Tools' menuitem : &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll (Microsoft Corporation)
    O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL (Microsoft Corporation)
    O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
    O13 - gopher Prefix: missing
    O15 - HKCU\..Trusted Domains: chat-land.org ([]* in Trusted sites)
    O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} http://messenger.zone.msn.com/MessengerGamesContent/Gam... (UnoCtrl Class)
    O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-wind... (Java Plug-in 1.6.0_17)
    O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/curren... (Reg Error: Key error.)
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zone.msn.com/binary/MessengerStatsPACl... (MessengerStatsClient Class)
    O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-wind... (Java Plug-in 1.6.0_17)
    O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-wind... (Java Plug-in 1.6.0_17)
    O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
    O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} http://gfx1.hotmail.com/mail/w4/pr01/photouploadcontrol... (Windows Live Hotmail Photo Upload Tool)
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
    O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
    O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
    O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
    O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
    O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
    O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
    O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
    O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\Windows\System32\igfxdev.dll (Intel Corporation)
    O24 - Desktop WallPaper: C:\Users\Hugo\AppData\Roaming\Microsoft\Windows Photo Gallery\Papier peint de la Galerie de photos Windows.jpg
    O24 - Desktop BackupWallPaper: C:\Users\Hugo\AppData\Roaming\Microsoft\Windows Photo Gallery\Papier peint de la Galerie de photos Windows.jpg
    O32 - HKLM CDRom: AutoRun - 1
    O32 - AutoRun File - [2006/09/18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
    O33 - MountPoints2\{0544a3c7-5a98-11dd-a94b-ac9cfe64f974}\Shell\AutoRun\command - "" = F:\EmDesk.exe -- File not found
    O33 - MountPoints2\{0544a3c7-5a98-11dd-a94b-ac9cfe64f974}\Shell\EmDesk\command - "" = F:\EmDesk.exe -- File not found
    O33 - MountPoints2\{6c36b532-fd68-11de-a842-001b38d65371}\Shell - "" = AutoRun
    O33 - MountPoints2\{6c36b532-fd68-11de-a842-001b38d65371}\Shell\AutoRun\command - "" = G:\LaunchU3.exe -- File not found
    O34 - HKLM BootExecute: (autocheck autochk *) - File not found
    O35 - comfile [open] -- "%1" %*
    O35 - exefile [open] -- "%1" %*

    ========== Files/Folders - Created Within 30 Days ==========

    [2010/03/07 18:23:05 | 005,115,824 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\Hugo\Desktop\mbam-setup.exe
    [2010/03/07 17:48:35 | 000,000,000 | ---D | C] -- C:\Ad-Remover
    [2010/03/07 16:38:21 | 000,553,984 | ---- | C] (OldTimer Tools) -- C:\Users\Hugo\Desktop\OTL.exe
    [2010/03/04 03:00:46 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\browserchoice.exe
    [2010/02/26 14:26:37 | 001,696,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gameux.dll
    [2010/02/26 14:26:33 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Apphlpdm.dll
    [2010/02/26 14:26:32 | 004,240,384 | ---- | C] (Microsoft) -- C:\Windows\System32\GameUXLegacyGDFs.dll
    [2010/02/26 14:26:20 | 000,471,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_isv.dll
    [2010/02/26 14:26:19 | 000,471,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc.dll
    [2010/02/26 14:26:17 | 000,526,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_isv.exe
    [2010/02/26 14:26:15 | 000,518,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate.exe
    [2010/02/26 14:26:15 | 000,347,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_ssp.exe
    [2010/02/26 14:26:15 | 000,346,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_ssp_isv.exe
    [2010/02/26 14:26:14 | 000,332,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdrm.dll
    [2010/02/26 14:26:14 | 000,152,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_ssp_isv.dll
    [2010/02/26 14:26:14 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_ssp.dll
    [2010/02/26 14:26:03 | 000,726,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript.dll
    [2010/02/26 14:25:49 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
    [2010/02/24 02:46:06 | 000,000,000 | ---D | C] -- C:\ProgramData\BrowserQuest
    [2010/02/24 02:46:06 | 000,000,000 | ---D | C] -- C:\Program Files\BrowserQuest
    [2010/02/18 15:04:20 | 000,000,000 | ---D | C] -- C:\Windows\Sun
    [2010/02/10 22:03:28 | 003,600,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
    [2010/02/10 22:03:28 | 003,548,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
    [2010/02/10 21:59:11 | 001,314,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\quartz.dll
    [2010/02/10 21:59:06 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mciavi32.dll
    [2010/02/10 21:59:05 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msvfw32.dll
    [2010/02/10 21:59:04 | 000,091,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\avifil32.dll
    [2010/02/06 00:40:42 | 000,000,000 | ---D | C] -- C:\Users\Hugo\Documents\Remote Assistance Logs
    [2010/02/05 23:05:44 | 000,000,000 | ---D | C] -- C:\Users\Hugo\dwhelper
    [2008/04/10 22:11:51 | 000,172,032 | ---- | C] ( ) -- C:\Windows\System32\rsnp2uvc.dll
    [2008/04/10 22:11:51 | 000,053,248 | ---- | C] ( ) -- C:\Windows\System32\csnp2uvc.dll
    [1 C:\Users\Hugo\*.tmp files -> C:\Users\Hugo\*.tmp -> ]

    ========== Files - Modified Within 30 Days ==========

    [2010/03/07 19:08:04 | 002,359,296 | -HS- | M] () -- C:\Users\Hugo\NTUSER.DAT
    [2010/03/07 18:52:23 | 001,470,810 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
    [2010/03/07 18:52:23 | 000,669,566 | ---- | M] () -- C:\Windows\System32\perfh00C.dat
    [2010/03/07 18:52:23 | 000,587,178 | ---- | M] () -- C:\Windows\System32\perfh009.dat
    [2010/03/07 18:52:23 | 000,123,556 | ---- | M] () -- C:\Windows\System32\perfc00C.dat
    [2010/03/07 18:52:23 | 000,101,250 | ---- | M] () -- C:\Windows\System32\perfc009.dat
    [2010/03/07 18:50:00 | 000,001,054 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
    [2010/03/07 18:49:13 | 000,034,645 | ---- | M] () -- C:\Windows\System32\Config.MPF
    [2010/03/07 18:48:02 | 000,001,050 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
    [2010/03/07 18:48:00 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
    [2010/03/07 18:48:00 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
    [2010/03/07 18:47:59 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
    [2010/03/07 18:47:47 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
    [2010/03/07 18:46:39 | 000,524,288 | -HS- | M] () -- C:\Users\Hugo\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regtrans-ms
    [2010/03/07 18:46:39 | 000,065,536 | -HS- | M] () -- C:\Users\Hugo\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TM.blf
    [2010/03/07 18:46:36 | 003,580,896 | -H-- | M] () -- C:\Users\Hugo\AppData\Local\IconCache.db
    [2010/03/07 18:26:20 | 000,069,509 | ---- | M] () -- C:\Users\Hugo\Desktop\Rep2.jpg
    [2010/03/07 18:25:20 | 000,000,822 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
    [2010/03/07 18:23:08 | 005,115,824 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\Hugo\Desktop\mbam-setup.exe
    [2010/03/07 18:20:34 | 000,006,796 | -HS- | M] () -- C:\Users\Hugo\Desktop\Folder.jpg
    [2010/03/07 18:20:34 | 000,001,765 | -HS- | M] () -- C:\Users\Hugo\Desktop\AlbumArtSmall.jpg
    [2010/03/07 17:43:02 | 000,063,269 | ---- | M] () -- C:\Users\Hugo\Desktop\Rep.jpg
    [2010/03/07 17:23:41 | 013,114,616 | ---- | M] () -- C:\Users\Hugo\Desktop\Jack Holiday Feat. Roby Rob - Raise Your Hands.mp3
    [2010/03/07 16:38:22 | 000,553,984 | ---- | M] (OldTimer Tools) -- C:\Users\Hugo\Desktop\OTL.exe
    [2010/03/07 15:48:54 | 000,000,430 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{F7143D17-454F-47F3-9F21-61FE21530FD3}.job
    [2010/03/05 18:00:28 | 013,160,576 | ---- | M] () -- C:\Users\Hugo\Desktop\Herve - Cheap Thrills (Laidback Luke Bootleg).mp3
    [2010/03/05 01:56:22 | 008,303,889 | ---- | M] () -- C:\Users\Hugo\Desktop\Stromae - Alors On Danse.mp3
    [2010/03/05 01:21:51 | 015,448,815 | ---- | M] () -- C:\Users\Hugo\Desktop\Sunloverz - Now That We Found Love (Big Room Mix).mp3
    [2010/03/01 01:22:23 | 013,811,712 | ---- | M] () -- C:\Users\Hugo\Desktop\Mathieu Bouthier - TIED.mp3
    [2010/03/01 01:00:00 | 000,000,348 | ---- | M] () -- C:\Windows\tasks\McQcTask.job
    [2010/03/01 00:38:01 | 016,515,200 | ---- | M] () -- C:\Users\Hugo\Desktop\Patrice_Strike_1day_Jay_Style_Extended_Remix.mp3
    [2010/02/28 17:27:52 | 019,658,819 | ---- | M] () -- C:\Users\Hugo\Desktop\Dinka - Elements (Remix).mp3
    [2010/02/28 16:07:20 | 025,332,797 | ---- | M] () -- C:\Users\Hugo\Desktop\Deadmau5 - Strobe.mp3
    [2010/02/27 17:17:31 | 020,151,898 | ---- | M] () -- C:\Users\Hugo\Desktop\The Rudenko Project ft. Nicco - Destination.mp3
    [2010/02/26 19:48:08 | 017,612,810 | ---- | M] () -- C:\Users\Hugo\Desktop\Alex Kenji & Manuel De La Mare - Here Comes The Sun.mp3
    [2010/02/26 19:26:51 | 000,143,766 | ---- | M] () -- C:\Users\Hugo\Desktop\Projet.flp
    [2010/02/26 07:24:39 | 000,073,576 | ---- | M] () -- C:\Users\Hugo\AppData\Local\GDIPFONTCACHEV1.DAT
    [2010/02/26 07:16:10 | 000,303,344 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
    [2010/02/26 06:03:06 | 020,478,697 | ---- | M] () -- C:\Users\Hugo\Desktop\Moguai - Lyve.mp3
    [2010/02/26 05:29:57 | 017,153,958 | ---- | M] () -- C:\Users\Hugo\Desktop\Tocadisco - Better Run (Remix).mp3
    [2010/02/26 05:24:07 | 017,666,048 | ---- | M] () -- C:\Users\Hugo\Desktop\Example - Watch The Sun Come Up (Remix2).mp3
    [2010/02/26 05:14:37 | 022,958,475 | ---- | M] () -- C:\Users\Hugo\Desktop\Alex Gaudino & Nari Milani - The Drums (Remix).mp3
    [2010/02/26 05:08:12 | 016,807,314 | ---- | M] () -- C:\Users\Hugo\Desktop\Nicky Romero - Woods Of Idaho.mp3
    [2010/02/26 05:04:59 | 017,017,920 | ---- | M] () -- C:\Users\Hugo\Desktop\Bingo Players - Devotion (Remix).mp3
    [2010/02/17 21:42:38 | 000,004,096 | ---- | M] () -- C:\Windows\System32\Run32.dll
    [2010/02/16 03:35:01 | 001,622,802 | ---- | M] () -- C:\Users\Hugo\Desktop\Drop The Pressure (Acapella).mp3
    [2010/02/16 03:33:50 | 003,776,640 | ---- | M] () -- C:\Users\Hugo\Desktop\Ce Ce Peniston - Finally (CCP) (Acapella).mp3
    [2010/02/15 19:37:23 | 000,048,640 | ---- | M] () -- C:\Users\Hugo\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    [2010/02/15 01:00:00 | 000,000,368 | ---- | M] () -- C:\Windows\tasks\McDefragTask.job
    [2010/02/13 16:32:15 | 065,261,612 | ---- | M] () -- C:\Users\Hugo\Desktop\MB7.wav
    [2010/02/12 11:32:56 | 000,293,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\browserchoice.exe
    [2010/02/11 05:14:50 | 006,398,622 | ---- | M] () -- C:\Users\Hugo\Desktop\Laurent Wolf - No Stress (Studio Acapella).mp3
    [2010/02/09 18:55:41 | 017,406,998 | ---- | M] () -- C:\Users\Hugo\Desktop\East & Young - Reveal.mp3
    [2010/02/09 18:02:50 | 017,133,354 | ---- | M] () -- C:\Users\Hugo\Desktop\Passenger - Mikado (DJ Tatana Progressive Remix).mp3
    [1 C:\Users\Hugo\*.tmp files -> C:\Users\Hugo\*.tmp -> ]

    ========== Files Created - No Company Name ==========

    [2010/03/07 18:26:20 | 000,069,509 | ---- | C] () -- C:\Users\Hugo\Desktop\Rep2.jpg
    [2010/03/07 17:43:02 | 000,063,269 | ---- | C] () -- C:\Users\Hugo\Desktop\Rep.jpg
    [2010/03/07 17:23:23 | 013,114,616 | ---- | C] () -- C:\Users\Hugo\Desktop\Jack Holiday Feat. Roby Rob - Raise Your Hands.mp3
    [2010/03/05 01:21:39 | 015,448,815 | ---- | C] () -- C:\Users\Hugo\Desktop\Sunloverz - Now That We Found Love (Big Room Mix).mp3
    [2010/03/05 00:59:13 | 008,303,889 | ---- | C] () -- C:\Users\Hugo\Desktop\Stromae - Alors On Danse.mp3
    [2010/03/04 17:41:43 | 013,160,576 | ---- | C] () -- C:\Users\Hugo\Desktop\Herve - Cheap Thrills (Laidback Luke Bootleg).mp3
    [2010/03/01 01:19:21 | 013,811,712 | ---- | C] () -- C:\Users\Hugo\Desktop\Mathieu Bouthier - TIED.mp3
    [2010/02/28 22:47:39 | 016,515,200 | ---- | C] () -- C:\Users\Hugo\Desktop\Patrice_Strike_1day_Jay_Style_Extended_Remix.mp3
    [2010/02/27 17:15:50 | 020,151,898 | ---- | C] () -- C:\Users\Hugo\Desktop\The Rudenko Project ft. Nicco - Destination.mp3
    [2010/02/26 04:10:26 | 000,143,766 | ---- | C] () -- C:\Users\Hugo\Desktop\Projet.flp
    [2010/02/24 03:14:32 | 017,017,920 | ---- | C] () -- C:\Users\Hugo\Desktop\Bingo Players - Devotion (Remix).mp3
    [2010/02/24 03:05:02 | 025,332,797 | ---- | C] () -- C:\Users\Hugo\Desktop\Deadmau5 - Strobe.mp3
    [2010/02/24 03:04:22 | 020,478,697 | ---- | C] () -- C:\Users\Hugo\Desktop\Moguai - Lyve.mp3
    [2010/02/24 03:03:39 | 017,612,810 | ---- | C] () -- C:\Users\Hugo\Desktop\Alex Kenji & Manuel De La Mare - Here Comes The Sun.mp3
    [2010/02/24 03:02:29 | 022,958,475 | ---- | C] () -- C:\Users\Hugo\Desktop\Alex Gaudino & Nari Milani - The Drums (Remix).mp3
    [2010/02/24 03:01:36 | 017,666,048 | ---- | C] () -- C:\Users\Hugo\Desktop\Example - Watch The Sun Come Up (Remix2).mp3
    [2010/02/24 03:00:49 | 017,153,958 | ---- | C] () -- C:\Users\Hugo\Desktop\Tocadisco - Better Run (Remix).mp3
    [2010/02/24 02:55:33 | 019,658,819 | ---- | C] () -- C:\Users\Hugo\Desktop\Dinka - Elements (Remix).mp3
    [2010/02/24 02:51:50 | 016,807,314 | ---- | C] () -- C:\Users\Hugo\Desktop\Nicky Romero - Woods Of Idaho.mp3
    [2010/02/17 21:42:37 | 000,004,096 | ---- | C] () -- C:\Windows\System32\Run32.dll
    [2010/02/13 16:26:02 | 065,261,612 | ---- | C] () -- C:\Users\Hugo\Desktop\MB7.wav
    [2010/02/09 04:42:13 | 017,133,354 | ---- | C] () -- C:\Users\Hugo\Desktop\Passenger - Mikado (DJ Tatana Progressive Remix).mp3
    [2009/09/17 01:13:41 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
    [2009/08/29 18:45:52 | 000,339,968 | ---- | C] () -- C:\Windows\System32\pythoncom25.dll
    [2009/08/29 18:45:52 | 000,114,688 | ---- | C] () -- C:\Windows\System32\pywintypes25.dll
    [2008/07/26 15:55:02 | 000,048,640 | ---- | C] () -- C:\Users\Hugo\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    [2008/04/11 06:52:39 | 000,000,030 | ---- | C] () -- C:\Windows\SETPANEL.INI
    [2008/04/11 06:52:34 | 000,000,092 | ---- | C] () -- C:\Windows\CLEANUP.INI
    [2008/04/10 22:11:55 | 000,305,176 | ---- | C] () -- C:\Windows\System32\drivers\iaStor.sys
    [2008/04/10 22:11:51 | 001,749,376 | ---- | C] () -- C:\Windows\System32\snp2uvc.sys
    [2008/04/10 22:11:51 | 000,028,032 | ---- | C] () -- C:\Windows\System32\sncduvc.sys
    [2008/04/10 22:11:51 | 000,000,131 | ---- | C] () -- C:\Windows\System32\PidList.ini
    [2008/03/19 15:29:25 | 000,001,024 | RH-- | C] () -- C:\Windows\System32\NTIBUN4.dll
    [2008/03/18 19:55:45 | 001,749,376 | ---- | C] () -- C:\Windows\System32\drivers\snp2uvc.sys
    [2008/03/18 19:55:45 | 000,028,032 | ---- | C] () -- C:\Windows\System32\drivers\sncduvc.sys
    [2008/03/18 19:55:44 | 000,000,131 | ---- | C] () -- C:\Windows\PidList.ini
    [2008/03/18 19:55:09 | 000,147,456 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1409.dll
    [2008/03/18 19:55:09 | 000,104,636 | ---- | C] () -- C:\Windows\System32\igmedcompkrn.dll
    [2008/03/18 19:55:08 | 001,953,696 | ---- | C] () -- C:\Windows\System32\igklg400.dll
    [2008/03/18 19:55:08 | 001,533,360 | ---- | C] () -- C:\Windows\System32\igklg450.dll
    [2008/03/18 12:56:03 | 000,065,536 | ---- | C] () -- C:\Windows\System32\NATTraversal.dll
    [2008/03/18 12:49:36 | 000,015,656 | ---- | C] () -- C:\Windows\System32\drivers\int15_64.sys
    [2008/03/18 12:27:24 | 000,000,775 | ---- | C] () -- C:\Windows\RtDefLvl.ini
    [2006/11/02 13:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
    [2006/11/02 08:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
    [2001/12/26 15:12:30 | 000,065,536 | ---- | C] () -- C:\Windows\System32\multiplex_vcd.dll
    [2001/09/03 22:46:38 | 000,110,592 | ---- | C] () -- C:\Windows\System32\Hmpg12.dll
    [2001/07/30 15:33:56 | 000,118,784 | ---- | C] () -- C:\Windows\System32\HMPV2_ENC.dll
    [2001/07/23 21:04:36 | 000,118,784 | ---- | C] () -- C:\Windows\System32\HMPV2_ENC_MMX.dll
    [1997/06/14 09:56:08 | 000,056,832 | ---- | C] () -- C:\Windows\System32\iyvu9_32.dll

    ========== LOP Check ==========

    [2008/07/25 14:58:19 | 000,000,000 | -HSD | M] -- C:\Users\Hugo\AppData\Roaming\.#
    [2008/03/18 13:20:58 | 000,000,000 | ---D | M] -- C:\Users\Hugo\AppData\Roaming\Acer GameZone Console
    [2010/03/01 21:58:25 | 000,000,000 | ---D | M] -- C:\Users\Hugo\AppData\Roaming\Audacity
    [2009/06/01 18:01:32 | 000,000,000 | ---D | M] -- C:\Users\Hugo\AppData\Roaming\Free Sound Recorder
    [2009/06/22 15:47:34 | 000,000,000 | ---D | M] -- C:\Users\Hugo\AppData\Roaming\LimeWire
    [2010/03/06 23:38:14 | 000,000,000 | ---D | M] -- C:\Users\Hugo\AppData\Roaming\uTorrent
    [2010/02/15 01:00:00 | 000,000,368 | ---- | M] () -- C:\Windows\Tasks\McDefragTask.job
    [2010/03/01 01:00:00 | 000,000,348 | ---- | M] () -- C:\Windows\Tasks\McQcTask.job
    [2010/03/07 18:46:47 | 000,032,578 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
    [2010/03/07 15:48:54 | 000,000,430 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{F7143D17-454F-47F3-9F21-61FE21530FD3}.job

    ========== Purity Check ==========


    < End of report >
    a c 267 8 Sécurité
    7 Mars 2010 19:30:58

  • Double-clique sur OTL pour le lancer.
    (Sous Vista/Win7, il faut cliquer droit sur OTL et choisir Exécuter en tant qu'administrateur)
  • Sous l'onglet Custom Scans/Fixes en bas de la fenêtre, copie-colle le texte suivant (entre les deux espaces) :

    :OTL
    PRC - C:\ProgramData\BrowserQuest\browserquest121.exe ()
    PRC - C:\Program Files\BrowserQuest\browserquest.exe ()
    SRV - (BrowserQuest Service) -- C:\ProgramData\BrowserQuest\browserquest121.exe ()
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = cherche.us
    FF - prefs.js..extensions.enabledItems: {3FC26A8E-3EDC-4626-82F6-2EC5F56CB638}:1.0
    [2010/02/24 02:46:08 | 000,000,000 | ---D | M] (BrowserQuest) -- C:\Program Files\mozilla firefox\extensions\{3FC26A8E-3EDC-4626-82F6-2EC5F56CB638}
    [2010/02/24 02:46:08 | 000,002,405 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\browserquest118.xml
    [2010/02/24 04:16:16 | 000,002,405 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\browserquest119.xml
    [2010/03/03 05:05:23 | 000,002,405 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\browserquest121.xml
    [2010/02/24 02:46:06 | 000,000,000 | ---D | C] -- C:\ProgramData\BrowserQuest
    [2010/02/24 02:46:06 | 000,000,000 | ---D | C] -- C:\Program Files\BrowserQuest

    :commands
    [emptytemp]
    [reboot]

  • Puis clique sur le bouton Run Fix en haut de la fenêtre.
  • Laisse le programme travailler, redémarre une fois le fix terminé.
  • Poste le rapport qui s'affichera après redémarrage.
    7 Mars 2010 19:43:17

    Voila :

    All processes killed
    ========== OTL ==========
    No active process named browserquest121.exe was found!
    No active process named browserquest.exe was found!
    Error: No service named BrowserQuest Service was found to stop!
    Service\Driver key BrowserQuest Service not found.
    File C:\ProgramData\BrowserQuest\browserquest121.exe not found.
    HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\SearchMigratedDefaultName| /E : value set successfully!
    Prefs.js: {3FC26A8E-3EDC-4626-82F6-2EC5F56CB638}:1.0 removed from extensions.enabledItems
    Folder C:\Program Files\mozilla firefox\extensions\{3FC26A8E-3EDC-4626-82F6-2EC5F56CB638}\ not found.
    File C:\Program Files\mozilla firefox\searchplugins\browserquest118.xml not found.
    File C:\Program Files\mozilla firefox\searchplugins\browserquest119.xml not found.
    File C:\Program Files\mozilla firefox\searchplugins\browserquest121.xml not found.
    Folder C:\ProgramData\BrowserQuest\ not found.
    Folder C:\Program Files\BrowserQuest\ not found.
    ========== COMMANDS ==========

    [EMPTYTEMP]

    User: All Users

    User: Default
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 0 bytes

    User: Default User
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 0 bytes

    User: Hugo
    ->Temp folder emptied: 240728 bytes
    ->Temporary Internet Files folder emptied: 33170 bytes
    ->Java cache emptied: 0 bytes
    ->FireFox cache emptied: 4690022 bytes
    ->Flash cache emptied: 434 bytes

    User: Public

    %systemdrive% .tmp files removed: 0 bytes
    %systemroot% .tmp files removed: 0 bytes
    %systemroot%\System32 .tmp files removed: 0 bytes
    %systemroot%\System32\drivers .tmp files removed: 0 bytes
    Windows Temp folder emptied: 56655365 bytes
    RecycleBin emptied: 0 bytes

    Total Files Cleaned = 59,00 mb


    OTL by OldTimer - Version 3.1.34.0 log created on 03072010_193923

    Files\Folders moved on Reboot...
    File\Folder C:\Windows\temp\mcafee_LDHkwH0VsPYVeqR not found!
    File\Folder C:\Windows\temp\mcmsc_K0cv6reSRu6VVD3 not found!
    C:\Windows\temp\sqlite_0QbCU20wY0h8jT6 moved successfully.
    C:\Windows\temp\sqlite_PPTmDIDv67bq7sl moved successfully.
    File\Folder C:\Windows\temp\WFVD029.tmp not found!

    Registry entries deleted on Reboot...
    a c 267 8 Sécurité
    7 Mars 2010 20:49:58

    Plus de souci ?

  • Mets à jour Java.

  • Refais un scan OTL et poste le rapport OTL.
    7 Mars 2010 21:10:23

    Ya plus de souci, mon pc réagit mieu, c'est parfait. Merci à toi d'avoir consacré du temps pour moi. Merci beaucoup ! Je laisse le rapport :

    OTL logfile created on: 07/03/2010 21:04:28 - Run 3
    OTL by OldTimer - Version 3.1.34.0 Folder = C:\Users\Hugo\Desktop
    Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
    Internet Explorer (Version = 8.0.6001.18882)
    Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

    2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 46,00% Memory free
    4,00 Gb Paging File | 3,00 Gb Available in Paging File | 67,00% Paging File free
    Paging file location(s): ?:\pagefile.sys [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
    Drive C: | 110,69 Gb Total Space | 14,90 Gb Free Space | 13,46% Space Free | Partition Type: NTFS
    Drive D: | 110,48 Gb Total Space | 110,39 Gb Free Space | 99,92% Space Free | Partition Type: NTFS
    E: Drive not present or media not loaded
    F: Drive not present or media not loaded
    G: Drive not present or media not loaded
    H: Drive not present or media not loaded
    I: Drive not present or media not loaded

    Computer Name: PC-HUGO
    Current User Name: Hugo
    Logged in as Administrator.

    Current Boot Mode: Normal
    Scan Mode: Current user
    Company Name Whitelist: Off
    Skip Microsoft Files: Off
    File Age = 30 Days
    Output = Minimal

    ========== Processes (SafeList) ==========

    PRC - C:\Users\Hugo\AppData\Local\Temp\RtkBtMnt.exe (Realtek Semiconductor Corp.)
    PRC - C:\Users\Hugo\Desktop\OTL.exe (OldTimer Tools)
    PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
    PRC - C:\Program Files\McAfee\SiteAdvisor\McSACore.exe (McAfee, Inc.)
    PRC - C:\Windows\explorer.exe (Microsoft Corporation)
    PRC - C:\Program Files\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation)
    PRC - C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
    PRC - C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe (Egis Incorporated)
    PRC - c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe (McAfee, Inc.)
    PRC - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe (McAfee, Inc.)
    PRC - C:\Acer\Empowering Technology\eNet\eNet Service.exe (Acer Inc.)
    PRC - C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe ()
    PRC - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe (McAfee, Inc.)
    PRC - C:\Acer\Mobility Center\MobilityService.exe ()
    PRC - C:\Program Files\McAfee\MSK\MskSrver.exe (McAfee, Inc.)
    PRC - c:\PROGRA~1\mcafee\msc\mcuimgr.exe (McAfee, Inc.)
    PRC - C:\Acer\Empowering Technology\eAudio\eAudio.exe (CyberLink)
    PRC - C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe (Acer Inc.)
    PRC - C:\Acer\Empowering Technology\ePower\ePowerSvc.exe (acer)
    PRC - C:\Acer\ALaunch\ALaunchSvc.exe ()
    PRC - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe (Acer Inc.)
    PRC - C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
    PRC - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe (McAfee, Inc.)
    PRC - c:\PROGRA~1\mcafee.com\agent\mcagent.exe (McAfee, Inc.)
    PRC - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe (McAfee, Inc.)
    PRC - C:\Program Files\McAfee\MPF\MPFSrv.exe (McAfee, Inc.)
    PRC - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe (Intel Corporation)


    ========== Modules (SafeList) ==========

    MOD - C:\Users\Hugo\Desktop\OTL.exe (OldTimer Tools)
    MOD - c:\PROGRA~1\mcafee\SITEAD~1\saHook.dll (McAfee, Inc.)
    MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0\comctl32.dll (Microsoft Corporation)


    ========== Win32 Services (SafeList) ==========

    SRV - (McAfee SiteAdvisor Service) -- C:\Program Files\McAfee\SiteAdvisor\McSACore.exe (McAfee, Inc.)
    SRV - (FontCache) -- C:\Windows\System32\FntCache.dll (Microsoft Corporation)
    SRV - (eDataSecurity Service) -- C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe (Egis Incorporated)
    SRV - (McNASvc) -- c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe (McAfee, Inc.)
    SRV - (WinDefend) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
    SRV - (mcmscsvc) -- C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe (McAfee, Inc.)
    SRV - (eNet Service) -- C:\Acer\Empowering Technology\eNet\eNet Service.exe (Acer Inc.)
    SRV - (eSettingsService) -- C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe ()
    SRV - (McSysmon) -- C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe (McAfee, Inc.)
    SRV - (MobilityService) -- C:\Acer\Mobility Center\MobilityService.exe ()
    SRV - (MSK80Service) -- C:\Program Files\McAfee\MSK\MskSrver.exe (McAfee, Inc.)
    SRV - (McODS) -- C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe (McAfee, Inc.)
    SRV - (eLockService) -- C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe (Acer Inc.)
    SRV - (WMIService) -- C:\Acer\Empowering Technology\ePower\ePowerSvc.exe (acer)
    SRV - (ALaunchService) -- C:\Acer\ALaunch\ALaunchSvc.exe ()
    SRV - (eRecoveryService) -- C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe (Acer Inc.)
    SRV - (McProxy) -- c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe (McAfee, Inc.)
    SRV - (McShield) -- C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe (McAfee, Inc.)
    SRV - (MpfService) -- C:\Program Files\McAfee\MPF\MPFSrv.exe (McAfee, Inc.)
    SRV - (IAANTMON) Intel(R) -- C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe (Intel Corporation)


    ========== Driver Services (SafeList) ==========

    DRV - (NTIDrvr) -- C:\Windows\System32\drivers\NTIDrvr.sys (NewTech Infosystems, Inc.)
    DRV - (igfx) -- C:\Windows\System32\drivers\igdkmd32.sys (Intel Corporation)
    DRV - (MegaSR) -- C:\Windows\system32\drivers\megasr.sys (LSI Corporation, Inc.)
    DRV - (adpu320) -- C:\Windows\system32\drivers\adpu320.sys (Adaptec, Inc.)
    DRV - (megasas) -- C:\Windows\system32\drivers\megasas.sys (LSI Corporation)
    DRV - (adpu160m) -- C:\Windows\system32\drivers\adpu160m.sys (Adaptec, Inc.)
    DRV - (SiSRaid4) -- C:\Windows\system32\drivers\sisraid4.sys (Silicon Integrated Systems)
    DRV - (HpCISSs) -- C:\Windows\system32\drivers\hpcisss.sys (Hewlett-Packard Company)
    DRV - (adpahci) -- C:\Windows\system32\drivers\adpahci.sys (Adaptec, Inc.)
    DRV - (LSI_SAS) -- C:\Windows\system32\drivers\lsi_sas.sys (LSI Logic)
    DRV - (ql2300) -- C:\Windows\system32\drivers\ql2300.sys (QLogic Corporation)
    DRV - (E1G60) Intel(R) -- C:\Windows\System32\drivers\E1G60I32.sys (Intel Corporation)
    DRV - (arcsas) -- C:\Windows\system32\drivers\arcsas.sys (Adaptec, Inc.)
    DRV - (iaStorV) -- C:\Windows\system32\drivers\iastorv.sys (Intel Corporation)
    DRV - (vsmraid) -- C:\Windows\system32\drivers\vsmraid.sys (VIA Technologies Inc.,Ltd)
    DRV - (ulsata2) -- C:\Windows\system32\drivers\ulsata2.sys (Promise Technology, Inc.)
    DRV - (LSI_SCSI) -- C:\Windows\system32\drivers\lsi_scsi.sys (LSI Logic)
    DRV - (LSI_FC) -- C:\Windows\system32\drivers\lsi_fc.sys (LSI Logic)
    DRV - (arc) -- C:\Windows\system32\drivers\arc.sys (Adaptec, Inc.)
    DRV - (elxstor) -- C:\Windows\system32\drivers\elxstor.sys (Emulex)
    DRV - (HSFHWAZL) -- C:\Windows\System32\drivers\VSTAZL3.SYS (Conexant Systems, Inc.)
    DRV - (adp94xx) -- C:\Windows\system32\drivers\adp94xx.sys (Adaptec, Inc.)
    DRV - (nvraid) -- C:\Windows\system32\drivers\nvraid.sys (NVIDIA Corporation)
    DRV - (nvstor) -- C:\Windows\system32\drivers\nvstor.sys (NVIDIA Corporation)
    DRV - (NETw3v32) Pilote de carte Intel(R) -- C:\Windows\System32\drivers\NETw3v32.sys (Intel Corporation)
    DRV - (uliahci) -- C:\Windows\system32\drivers\uliahci.sys (ULi Electronics Inc.)
    DRV - (viaide) -- C:\Windows\system32\drivers\viaide.sys (VIA Technologies, Inc.)
    DRV - (cmdide) -- C:\Windows\system32\drivers\cmdide.sys (CMD Technology, Inc.)
    DRV - (aliide) -- C:\Windows\system32\drivers\aliide.sys (Acer Laboratories Inc.)
    DRV - ({49DE1C67-83F8-4102-99E0-C16DCC7EEC796}) -- C:\Program Files\Acer Arcade Deluxe\Play Movie\000.fcl (Cyberlink Corp.)
    DRV - (psdvdisk) -- C:\Windows\System32\drivers\PSDVdisk.sys (Egis Incorporated)
    DRV - (PSDFilter) -- C:\Windows\system32\DRIVERS\psdfilter.sys (Egis Incorporated)
    DRV - (PSDNServ) -- C:\Windows\System32\drivers\PSDNServ.sys (Egis Incorporated)
    DRV - (NETw4v32) Pilote de carte Intel(R) -- C:\Windows\System32\drivers\NETw4v32.sys (Intel Corporation)
    DRV - (ApfiltrService) -- C:\Windows\System32\drivers\Apfiltr.sys (Alps Electric Co., Ltd.)
    DRV - (mfesmfk) -- C:\Windows\System32\drivers\mfesmfk.sys (McAfee, Inc.)
    DRV - (mfehidk) -- C:\Windows\System32\drivers\mfehidk.sys (McAfee, Inc.)
    DRV - (mfeavfk) -- C:\Windows\System32\drivers\mfeavfk.sys (McAfee, Inc.)
    DRV - (mfebopk) -- C:\Windows\System32\drivers\mfebopk.sys (McAfee, Inc.)
    DRV - (mferkdk) -- C:\Windows\System32\drivers\mferkdk.sys (McAfee, Inc.)
    DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\Windows\System32\drivers\RTKVHDA.sys (Realtek Semiconductor Corp.)
    DRV - (SNP2UVC) USB2.0 PC Camera (SNP2UVC) -- C:\Windows\System32\drivers\snp2uvc.sys ()
    DRV - (rimmptsk) -- C:\Windows\System32\drivers\rimmptsk.sys (REDC)
    DRV - (athr) -- C:\Windows\System32\drivers\athr.sys (Atheros Communications, Inc.)
    DRV - (rismxdp) -- C:\Windows\System32\drivers\rixdptsk.sys (REDC)
    DRV - (rimsptsk) -- C:\Windows\System32\drivers\rimsptsk.sys (REDC)
    DRV - (b57nd60x) -- C:\Windows\System32\drivers\b57nd60x.sys (Broadcom Corporation)
    DRV - (MPFP) -- C:\Windows\System32\drivers\Mpfp.sys (McAfee, Inc.)
    DRV - (iaStor) -- C:\Windows\system32\DRIVERS\iaStor.sys ()
    DRV - (int15) -- C:\Acer\Empowering Technology\eRecovery\int15.sys (Acer, Inc.)
    DRV - (HSF_DPV) -- C:\Windows\System32\drivers\HSX_DPV.sys (Conexant Systems, Inc.)
    DRV - (HSXHWAZL) -- C:\Windows\System32\drivers\HSXHWAZL.sys (Conexant Systems, Inc.)
    DRV - (winachsf) -- C:\Windows\System32\drivers\HSX_CNXT.sys (Conexant Systems, Inc.)
    DRV - (enecir) -- C:\Windows\System32\drivers\enecir.sys (ENE TECHNOLOGY INC.)
    DRV - (XAudio) -- C:\Windows\System32\drivers\XAudio.sys (Conexant Systems, Inc.)
    DRV - (DKbFltr) -- C:\Windows\System32\drivers\DKbFltr.sys (Dritek System Inc.)
    DRV - (DritekPortIO) -- C:\PROGRA~1\LAUNCH~1\DPortIO.sys (Dritek System Inc.)
    DRV - (ql40xx) -- C:\Windows\system32\drivers\ql40xx.sys (QLogic Corporation)
    DRV - (UlSata) -- C:\Windows\system32\drivers\ulsata.sys (Promise Technology, Inc.)
    DRV - (nfrd960) -- C:\Windows\system32\drivers\nfrd960.sys (IBM Corporation)
    DRV - (iirsp) -- C:\Windows\system32\drivers\iirsp.sys (Intel Corp./ICP vortex GmbH)
    DRV - (aic78xx) -- C:\Windows\system32\drivers\djsvs.sys (Adaptec, Inc.)
    DRV - (iteraid) -- C:\Windows\system32\drivers\iteraid.sys (Integrated Technology Express, Inc.)
    DRV - (iteatapi) -- C:\Windows\system32\drivers\iteatapi.sys (Integrated Technology Express, Inc.)
    DRV - (Symc8xx) -- C:\Windows\system32\drivers\symc8xx.sys (LSI Logic)
    DRV - (Sym_u3) -- C:\Windows\system32\drivers\sym_u3.sys (LSI Logic)
    DRV - (Mraid35x) -- C:\Windows\system32\drivers\mraid35x.sys (LSI Logic Corporation)
    DRV - (Sym_hi) -- C:\Windows\system32\drivers\sym_hi.sys (LSI Logic)
    DRV - (Brserid) Brother MFC Serial Port Interface Driver (WDM) -- C:\Windows\system32\drivers\brserid.sys (Brother Industries Ltd.)
    DRV - (BrUsbSer) -- C:\Windows\system32\drivers\brusbser.sys (Brother Industries Ltd.)
    DRV - (BrFiltUp) -- C:\Windows\system32\drivers\brfiltup.sys (Brother Industries, Ltd.)
    DRV - (BrFiltLo) -- C:\Windows\system32\drivers\brfiltlo.sys (Brother Industries, Ltd.)
    DRV - (BrSerWdm) -- C:\Windows\system32\drivers\brserwdm.sys (Brother Industries Ltd.)
    DRV - (BrUsbMdm) -- C:\Windows\system32\drivers\brusbmdm.sys (Brother Industries Ltd.)
    DRV - (ntrigdigi) -- C:\Windows\system32\drivers\ntrigdigi.sys (N-trig Innovative Technologies)


    ========== Standard Registry (SafeList) ==========


    ========== Internet Explorer ==========

    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/

    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName =
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://google.cherche.us/Result.php?client=pub-04206471...{searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
    IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
    IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

    ========== FireFox ==========

    FF - prefs.js..browser.search.defaultenginename: "Google"
    FF - prefs.js..browser.search.defaulturl: "http://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q="
    FF - prefs.js..browser.search.selectedEngine: "Google"
    FF - prefs.js..browser.startup.homepage: "http://www.google.fr/"
    FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.7.1

    FF - HKLM\software\mozilla\Mozilla Firefox 3.5.8\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/03/07 17:36:14 | 000,000,000 | ---D | M]
    FF - HKLM\software\mozilla\Mozilla Firefox 3.5.8\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/03/07 20:55:30 | 000,000,000 | ---D | M]

    [2009/09/25 17:03:48 | 000,000,000 | ---D | M] -- C:\Users\Hugo\AppData\Roaming\mozilla\Extensions
    [2010/03/07 15:49:02 | 000,000,000 | ---D | M] -- C:\Users\Hugo\AppData\Roaming\mozilla\Firefox\Profiles\ydez76sg.default\extensions
    [2009/09/28 18:52:56 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Hugo\AppData\Roaming\mozilla\Firefox\Profiles\ydez76sg.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
    [2010/03/07 15:48:48 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Hugo\AppData\Roaming\mozilla\Firefox\Profiles\ydez76sg.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
    [2010/03/07 20:55:32 | 000,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions
    [2009/08/24 20:21:51 | 000,001,516 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazon-france.xml
    [2009/08/24 20:21:51 | 000,001,822 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\cnrtl-tlfi-fr.xml
    [2009/08/24 20:21:51 | 000,000,757 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-france.xml
    [2009/08/24 20:21:51 | 000,001,426 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-fr.xml
    [2009/08/24 20:21:51 | 000,000,652 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-france.xml

    O1 HOSTS File: ([2006/09/18 22:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
    O1 - Hosts: 127.0.0.1 localhost
    O1 - Hosts: ::1 localhost
    O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
    O2 - BHO: (McAfee Phishing Filter) - {377C180E-6F0E-4D4C-980F-F45BD3D40CF4} - c:\PROGRA~1\mcafee\msk\mcapbho.dll ()
    O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll (McAfee, Inc.)
    O2 - BHO: (ShowBarObj Class) - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Acer\Empowering Technology\eDataSecurity\x86\ActiveToolBand.dll (HiTRUST)
    O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
    O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll (Google Inc.)
    O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
    O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
    O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
    O3 - HKLM\..\Toolbar: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll (Egis Incorporated.)
    O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
    O3 - HKCU\..\Toolbar\ShellBrowser: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477E-A7DD-396DB0476E29} - C:\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll (Egis Incorporated.)
    O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
    O4 - HKLM..\Run: [eAudio] C:\Acer\Empowering Technology\eAudio\eAudio.exe (CyberLink)
    O4 - HKLM..\Run: [eRecoveryService] File not found
    O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
    O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
    O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
    O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll (Google Inc.)
    O9 - Extra Button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll (Microsoft Corporation)
    O9 - Extra 'Tools' menuitem : &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll (Microsoft Corporation)
    O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL (Microsoft Corporation)
    O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
    O13 - gopher Prefix: missing
    O15 - HKCU\..Trusted Domains: chat-land.org ([]* in Trusted sites)
    O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} http://messenger.zone.msn.com/MessengerGamesContent/Gam... (UnoCtrl Class)
    O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-wind... (Java Plug-in 1.6.0_18)
    O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/curren... (Reg Error: Key error.)
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zone.msn.com/binary/MessengerStatsPACl... (MessengerStatsClient Class)
    O16 - DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-wind... (Java Plug-in 1.6.0_18)
    O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-wind... (Java Plug-in 1.6.0_18)
    O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
    O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} http://gfx1.hotmail.com/mail/w4/pr01/photouploadcontrol... (Windows Live Hotmail Photo Upload Tool)
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
    O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
    O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
    O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
    O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
    O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
    O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
    O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
    O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\Windows\System32\igfxdev.dll (Intel Corporation)
    O24 - Desktop WallPaper: C:\Users\Hugo\AppData\Roaming\Microsoft\Windows Photo Gallery\Papier peint de la Galerie de photos Windows.jpg
    O24 - Desktop BackupWallPaper: C:\Users\Hugo\AppData\Roaming\Microsoft\Windows Photo Gallery\Papier peint de la Galerie de photos Windows.jpg
    O32 - HKLM CDRom: AutoRun - 1
    O32 - AutoRun File - [2006/09/18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
    O33 - MountPoints2\{0544a3c7-5a98-11dd-a94b-ac9cfe64f974}\Shell\AutoRun\command - "" = F:\EmDesk.exe -- File not found
    O33 - MountPoints2\{0544a3c7-5a98-11dd-a94b-ac9cfe64f974}\Shell\EmDesk\command - "" = F:\EmDesk.exe -- File not found
    O33 - MountPoints2\{6c36b532-fd68-11de-a842-001b38d65371}\Shell - "" = AutoRun
    O33 - MountPoints2\{6c36b532-fd68-11de-a842-001b38d65371}\Shell\AutoRun\command - "" = G:\LaunchU3.exe -- File not found
    O34 - HKLM BootExecute: (autocheck autochk *) - File not found
    O35 - comfile [open] -- "%1" %*
    O35 - exefile [open] -- "%1" %*

    ========== Files/Folders - Created Within 30 Days ==========

    [2010/03/07 20:55:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
    [2010/03/07 20:55:45 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
    [2010/03/07 20:55:30 | 000,153,376 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe
    [2010/03/07 20:55:30 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe
    [2010/03/07 20:55:30 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe
    [2010/03/07 19:33:49 | 000,000,000 | ---D | C] -- C:\_OTL
    [2010/03/07 18:23:05 | 005,115,824 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\Hugo\Desktop\mbam-setup.exe
    [2010/03/07 17:48:35 | 000,000,000 | ---D | C] -- C:\Ad-Remover
    [2010/03/07 16:38:21 | 000,553,984 | ---- | C] (OldTimer Tools) -- C:\Users\Hugo\Desktop\OTL.exe
    [2010/03/04 03:00:46 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\browserchoice.exe
    [2010/02/26 14:26:37 | 001,696,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gameux.dll
    [2010/02/26 14:26:33 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Apphlpdm.dll
    [2010/02/26 14:26:32 | 004,240,384 | ---- | C] (Microsoft) -- C:\Windows\System32\GameUXLegacyGDFs.dll
    [2010/02/26 14:26:20 | 000,471,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_isv.dll
    [2010/02/26 14:26:19 | 000,471,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc.dll
    [2010/02/26 14:26:17 | 000,526,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_isv.exe
    [2010/02/26 14:26:15 | 000,518,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate.exe
    [2010/02/26 14:26:15 | 000,347,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_ssp.exe
    [2010/02/26 14:26:15 | 000,346,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_ssp_isv.exe
    [2010/02/26 14:26:14 | 000,332,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdrm.dll
    [2010/02/26 14:26:14 | 000,152,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_ssp_isv.dll
    [2010/02/26 14:26:14 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_ssp.dll
    [2010/02/26 14:26:03 | 000,726,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript.dll
    [2010/02/26 14:25:49 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
    [2010/02/18 15:04:20 | 000,000,000 | ---D | C] -- C:\Windows\Sun
    [2010/02/10 22:03:28 | 003,600,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
    [2010/02/10 22:03:28 | 003,548,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
    [2010/02/10 21:59:11 | 001,314,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\quartz.dll
    [2010/02/10 21:59:06 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mciavi32.dll
    [2010/02/10 21:59:05 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msvfw32.dll
    [2010/02/10 21:59:04 | 000,091,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\avifil32.dll
    [2010/02/06 00:40:42 | 000,000,000 | ---D | C] -- C:\Users\Hugo\Documents\Remote Assistance Logs
    [2010/02/05 23:05:44 | 000,000,000 | ---D | C] -- C:\Users\Hugo\dwhelper
    [2008/04/10 22:11:51 | 000,172,032 | ---- | C] ( ) -- C:\Windows\System32\rsnp2uvc.dll
    [2008/04/10 22:11:51 | 000,053,248 | ---- | C] ( ) -- C:\Windows\System32\csnp2uvc.dll
    [1 C:\Users\Hugo\*.tmp files -> C:\Users\Hugo\*.tmp -> ]

    ========== Files - Modified Within 30 Days ==========

    [2010/03/07 21:04:34 | 002,359,296 | -HS- | M] () -- C:\Users\Hugo\NTUSER.DAT
    [2010/03/07 20:50:00 | 000,001,054 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
    [2010/03/07 20:12:33 | 000,034,645 | ---- | M] () -- C:\Windows\System32\Config.MPF
    [2010/03/07 19:54:49 | 000,048,640 | ---- | M] () -- C:\Users\Hugo\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    [2010/03/07 19:46:15 | 001,470,810 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
    [2010/03/07 19:46:15 | 000,669,566 | ---- | M] () -- C:\Windows\System32\perfh00C.dat
    [2010/03/07 19:46:15 | 000,587,178 | ---- | M] () -- C:\Windows\System32\perfh009.dat
    [2010/03/07 19:46:15 | 000,123,556 | ---- | M] () -- C:\Windows\System32\perfc00C.dat
    [2010/03/07 19:46:15 | 000,101,250 | ---- | M] () -- C:\Windows\System32\perfc009.dat
    [2010/03/07 19:41:52 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
    [2010/03/07 19:41:52 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
    [2010/03/07 19:41:52 | 000,001,050 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
    [2010/03/07 19:41:50 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
    [2010/03/07 19:41:38 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
    [2010/03/07 19:40:21 | 000,524,288 | -HS- | M] () -- C:\Users\Hugo\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regtrans-ms
    [2010/03/07 19:40:21 | 000,065,536 | -HS- | M] () -- C:\Users\Hugo\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TM.blf
    [2010/03/07 18:46:36 | 003,580,896 | -H-- | M] () -- C:\Users\Hugo\AppData\Local\IconCache.db
    [2010/03/07 18:26:20 | 000,069,509 | ---- | M] () -- C:\Users\Hugo\Desktop\Rep2.jpg
    [2010/03/07 18:25:20 | 000,000,822 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
    [2010/03/07 18:23:08 | 005,115,824 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\Hugo\Desktop\mbam-setup.exe
    [2010/03/07 18:20:34 | 000,006,796 | -HS- | M] () -- C:\Users\Hugo\Desktop\Folder.jpg
    [2010/03/07 18:20:34 | 000,001,765 | -HS- | M] () -- C:\Users\Hugo\Desktop\AlbumArtSmall.jpg
    [2010/03/07 17:43:02 | 000,063,269 | ---- | M] () -- C:\Users\Hugo\Desktop\Rep.jpg
    [2010/03/07 17:23:41 | 013,114,616 | ---- | M] () -- C:\Users\Hugo\Desktop\Jack Holiday Feat. Roby Rob - Raise Your Hands.mp3
    [2010/03/07 16:38:22 | 000,553,984 | ---- | M] (OldTimer Tools) -- C:\Users\Hugo\Desktop\OTL.exe
    [2010/03/07 15:48:54 | 000,000,430 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{F7143D17-454F-47F3-9F21-61FE21530FD3}.job
    [2010/03/05 18:00:28 | 013,160,576 | ---- | M] () -- C:\Users\Hugo\Desktop\Herve - Cheap Thrills (Laidback Luke Bootleg).mp3
    [2010/03/05 01:56:22 | 008,303,889 | ---- | M] () -- C:\Users\Hugo\Desktop\Stromae - Alors On Danse.mp3
    [2010/03/05 01:21:51 | 015,448,815 | ---- | M] () -- C:\Users\Hugo\Desktop\Sunloverz - Now That We Found Love (Big Room Mix).mp3
    [2010/03/01 01:22:23 | 013,811,712 | ---- | M] () -- C:\Users\Hugo\Desktop\Mathieu Bouthier - TIED.mp3
    [2010/03/01 01:00:00 | 000,000,348 | ---- | M] () -- C:\Windows\tasks\McQcTask.job
    [2010/03/01 00:38:01 | 016,515,200 | ---- | M] () -- C:\Users\Hugo\Desktop\Patrice_Strike_1day_Jay_Style_Extended_Remix.mp3
    [2010/02/28 17:27:52 | 019,658,819 | ---- | M] () -- C:\Users\Hugo\Desktop\Dinka - Elements (Remix).mp3
    [2010/02/28 16:07:20 | 025,332,797 | ---- | M] () -- C:\Users\Hugo\Desktop\Deadmau5 - Strobe.mp3
    [2010/02/27 17:17:31 | 020,151,898 | ---- | M] () -- C:\Users\Hugo\Desktop\The Rudenko Project ft. Nicco - Destination.mp3
    [2010/02/26 19:48:08 | 017,612,810 | ---- | M] () -- C:\Users\Hugo\Desktop\Alex Kenji & Manuel De La Mare - Here Comes The Sun.mp3
    [2010/02/26 19:26:51 | 000,143,766 | ---- | M] () -- C:\Users\Hugo\Desktop\Projet.flp
    [2010/02/26 07:24:39 | 000,073,576 | ---- | M] () -- C:\Users\Hugo\AppData\Local\GDIPFONTCACHEV1.DAT
    [2010/02/26 07:16:10 | 000,303,344 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
    [2010/02/26 06:03:06 | 020,478,697 | ---- | M] () -- C:\Users\Hugo\Desktop\Moguai - Lyve.mp3
    [2010/02/26 05:29:57 | 017,153,958 | ---- | M] () -- C:\Users\Hugo\Desktop\Tocadisco - Better Run (Remix).mp3
    [2010/02/26 05:24:07 | 017,666,048 | ---- | M] () -- C:\Users\Hugo\Desktop\Example - Watch The Sun Come Up (Remix2).mp3
    [2010/02/26 05:14:37 | 022,958,475 | ---- | M] () -- C:\Users\Hugo\Desktop\Alex Gaudino & Nari Milani - The Drums (Remix).mp3
    [2010/02/26 05:08:12 | 016,807,314 | ---- | M] () -- C:\Users\Hugo\Desktop\Nicky Romero - Woods Of Idaho.mp3
    [2010/02/26 05:04:59 | 017,017,920 | ---- | M] () -- C:\Users\Hugo\Desktop\Bingo Players - Devotion (Remix).mp3
    [2010/02/17 21:42:38 | 000,004,096 | ---- | M] () -- C:\Windows\System32\Run32.dll
    [2010/02/16 03:35:01 | 001,622,802 | ---- | M] () -- C:\Users\Hugo\Desktop\Drop The Pressure (Acapella).mp3
    [2010/02/16 03:33:50 | 003,776,640 | ---- | M] () -- C:\Users\Hugo\Desktop\Ce Ce Peniston - Finally (CCP) (Acapella).mp3
    [2010/02/15 01:00:00 | 000,000,368 | ---- | M] () -- C:\Windows\tasks\McDefragTask.job
    [2010/02/13 16:32:15 | 065,261,612 | ---- | M] () -- C:\Users\Hugo\Desktop\MB7.wav
    [2010/02/12 11:32:56 | 000,293,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\browserchoice.exe
    [2010/02/11 05:14:50 | 006,398,622 | ---- | M] () -- C:\Users\Hugo\Desktop\Laurent Wolf - No Stress (Studio Acapella).mp3
    [2010/02/09 18:55:41 | 017,406,998 | ---- | M] () -- C:\Users\Hugo\Desktop\East & Young - Reveal.mp3
    [2010/02/09 18:02:50 | 017,133,354 | ---- | M] () -- C:\Users\Hugo\Desktop\Passenger - Mikado (DJ Tatana Progressive Remix).mp3
    [1 C:\Users\Hugo\*.tmp files -> C:\Users\Hugo\*.tmp -> ]

    ========== Files Created - No Company Name ==========

    [2010/03/07 18:26:20 | 000,069,509 | ---- | C] () -- C:\Users\Hugo\Desktop\Rep2.jpg
    [2010/03/07 17:43:02 | 000,063,269 | ---- | C] () -- C:\Users\Hugo\Desktop\Rep.jpg
    [2010/03/07 17:23:23 | 013,114,616 | ---- | C] () -- C:\Users\Hugo\Desktop\Jack Holiday Feat. Roby Rob - Raise Your Hands.mp3
    [2010/03/05 01:21:39 | 015,448,815 | ---- | C] () -- C:\Users\Hugo\Desktop\Sunloverz - Now That We Found Love (Big Room Mix).mp3
    [2010/03/05 00:59:13 | 008,303,889 | ---- | C] () -- C:\Users\Hugo\Desktop\Stromae - Alors On Danse.mp3
    [2010/03/04 17:41:43 | 013,160,576 | ---- | C] () -- C:\Users\Hugo\Desktop\Herve - Cheap Thrills (Laidback Luke Bootleg).mp3
    [2010/03/01 01:19:21 | 013,811,712 | ---- | C] () -- C:\Users\Hugo\Desktop\Mathieu Bouthier - TIED.mp3
    [2010/02/28 22:47:39 | 016,515,200 | ---- | C] () -- C:\Users\Hugo\Desktop\Patrice_Strike_1day_Jay_Style_Extended_Remix.mp3
    [2010/02/27 17:15:50 | 020,151,898 | ---- | C] () -- C:\Users\Hugo\Desktop\The Rudenko Project ft. Nicco - Destination.mp3
    [2010/02/26 04:10:26 | 000,143,766 | ---- | C] () -- C:\Users\Hugo\Desktop\Projet.flp
    [2010/02/24 03:14:32 | 017,017,920 | ---- | C] () -- C:\Users\Hugo\Desktop\Bingo Players - Devotion (Remix).mp3
    [2010/02/24 03:05:02 | 025,332,797 | ---- | C] () -- C:\Users\Hugo\Desktop\Deadmau5 - Strobe.mp3
    [2010/02/24 03:04:22 | 020,478,697 | ---- | C] () -- C:\Users\Hugo\Desktop\Moguai - Lyve.mp3
    [2010/02/24 03:03:39 | 017,612,810 | ---- | C] () -- C:\Users\Hugo\Desktop\Alex Kenji & Manuel De La Mare - Here Comes The Sun.mp3
    [2010/02/24 03:02:29 | 022,958,475 | ---- | C] () -- C:\Users\Hugo\Desktop\Alex Gaudino & Nari Milani - The Drums (Remix).mp3
    [2010/02/24 03:01:36 | 017,666,048 | ---- | C] () -- C:\Users\Hugo\Desktop\Example - Watch The Sun Come Up (Remix2).mp3
    [2010/02/24 03:00:49 | 017,153,958 | ---- | C] () -- C:\Users\Hugo\Desktop\Tocadisco - Better Run (Remix).mp3
    [2010/02/24 02:55:33 | 019,658,819 | ---- | C] () -- C:\Users\Hugo\Desktop\Dinka - Elements (Remix).mp3
    [2010/02/24 02:51:50 | 016,807,314 | ---- | C] () -- C:\Users\Hugo\Desktop\Nicky Romero - Woods Of Idaho.mp3
    [2010/02/17 21:42:37 | 000,004,096 | ---- | C] () -- C:\Windows\System32\Run32.dll
    [2010/02/13 16:26:02 | 065,261,612 | ---- | C] () -- C:\Users\Hugo\Desktop\MB7.wav
    [2010/02/09 04:42:13 | 017,133,354 | ---- | C] () -- C:\Users\Hugo\Desktop\Passenger - Mikado (DJ Tatana Progressive Remix).mp3
    [2009/09/17 01:13:41 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
    [2009/08/29 18:45:52 | 000,339,968 | ---- | C] () -- C:\Windows\System32\pythoncom25.dll
    [2009/08/29 18:45:52 | 000,114,688 | ---- | C] () -- C:\Windows\System32\pywintypes25.dll
    [2008/07/26 15:55:02 | 000,048,640 | ---- | C] () -- C:\Users\Hugo\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    [2008/04/11 06:52:39 | 000,000,030 | ---- | C] () -- C:\Windows\SETPANEL.INI
    [2008/04/11 06:52:34 | 000,000,092 | ---- | C] () -- C:\Windows\CLEANUP.INI
    [2008/04/10 22:11:55 | 000,305,176 | ---- | C] () -- C:\Windows\System32\drivers\iaStor.sys
    [2008/04/10 22:11:51 | 001,749,376 | ---- | C] () -- C:\Windows\System32\snp2uvc.sys
    [2008/04/10 22:11:51 | 000,028,032 | ---- | C] () -- C:\Windows\System32\sncduvc.sys
    [2008/04/10 22:11:51 | 000,000,131 | ---- | C] () -- C:\Windows\System32\PidList.ini
    [2008/03/19 15:29:25 | 000,001,024 | RH-- | C] () -- C:\Windows\System32\NTIBUN4.dll
    [2008/03/18 19:55:45 | 001,749,376 | ---- | C] () -- C:\Windows\System32\drivers\snp2uvc.sys
    [2008/03/18 19:55:45 | 000,028,032 | ---- | C] () -- C:\Windows\System32\drivers\sncduvc.sys
    [2008/03/18 19:55:44 | 000,000,131 | ---- | C] () -- C:\Windows\PidList.ini
    [2008/03/18 19:55:09 | 000,147,456 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1409.dll
    [2008/03/18 19:55:09 | 000,104,636 | ---- | C] () -- C:\Windows\System32\igmedcompkrn.dll
    [2008/03/18 19:55:08 | 001,953,696 | ---- | C] () -- C:\Windows\System32\igklg400.dll
    [2008/03/18 19:55:08 | 001,533,360 | ---- | C] () -- C:\Windows\System32\igklg450.dll
    [2008/03/18 12:56:03 | 000,065,536 | ---- | C] () -- C:\Windows\System32\NATTraversal.dll
    [2008/03/18 12:49:36 | 000,015,656 | ---- | C] () -- C:\Windows\System32\drivers\int15_64.sys
    [2008/03/18 12:27:24 | 000,000,775 | ---- | C] () -- C:\Windows\RtDefLvl.ini
    [2006/11/02 13:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
    [2006/11/02 08:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
    [2001/12/26 15:12:30 | 000,065,536 | ---- | C] () -- C:\Windows\System32\multiplex_vcd.dll
    [2001/09/03 22:46:38 | 000,110,592 | ---- | C] () -- C:\Windows\System32\Hmpg12.dll
    [2001/07/30 15:33:56 | 000,118,784 | ---- | C] () -- C:\Windows\System32\HMPV2_ENC.dll
    [2001/07/23 21:04:36 | 000,118,784 | ---- | C] () -- C:\Windows\System32\HMPV2_ENC_MMX.dll
    [1997/06/14 09:56:08 | 000,056,832 | ---- | C] () -- C:\Windows\System32\iyvu9_32.dll

    ========== LOP Check ==========

    [2008/07/25 14:58:19 | 000,000,000 | -HSD | M] -- C:\Users\Hugo\AppData\Roaming\.#
    [2008/03/18 13:20:58 | 000,000,000 | ---D | M] -- C:\Users\Hugo\AppData\Roaming\Acer GameZone Console
    [2010/03/01 21:58:25 | 000,000,000 | ---D | M] -- C:\Users\Hugo\AppData\Roaming\Audacity
    [2009/06/01 18:01:32 | 000,000,000 | ---D | M] -- C:\Users\Hugo\AppData\Roaming\Free Sound Recorder
    [2009/06/22 15:47:34 | 000,000,000 | ---D | M] -- C:\Users\Hugo\AppData\Roaming\LimeWire
    [2010/03/06 23:38:14 | 000,000,000 | ---D | M] -- C:\Users\Hugo\AppData\Roaming\uTorrent
    [2010/02/15 01:00:00 | 000,000,368 | ---- | M] () -- C:\Windows\Tasks\McDefragTask.job
    [2010/03/01 01:00:00 | 000,000,348 | ---- | M] () -- C:\Windows\Tasks\McQcTask.job
    [2010/03/07 19:40:51 | 000,032,578 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
    [2010/03/07 15:48:54 | 000,000,430 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{F7143D17-454F-47F3-9F21-61FE21530FD3}.job

    ========== Purity Check ==========


    < End of report >
    a c 267 8 Sécurité
    7 Mars 2010 21:27:44

    1/

  • Désinstalle HijackThis.

  • Télécharge ToolsCleaner2 sur ton Bureau.
  • Clique droit sur ToolsCleaner2.exe et choisis Exécuter en tant qu'administrateur.
  • Clique sur Recherche et laisse le scan agir.
  • Clique sur Suppression pour finaliser.
  • Tu peux, si tu le souhaites, te servir des Options Facultatives.
  • Clique sur Quitter pour obtenir le rapport.
  • Poste le rapport (TCleaner.txt) qui se trouve à la racine de ton disque dur (C:\).


    2/

  • Télécharge et installe CCleaner (N'installe pas la Yahoo! Toolbar).
  • Lance-le. Va dans Options puis Avancé et décoche la case Effacer uniquement les fichiers etc....
  • Va dans Nettoyeur, choisis Analyse. Une fois terminé, lance le nettoyage.


    3/

  • Il est nécessaire de désactiver puis réactiver la restauration système pour la purger.


    ==Prévention==

    Conserve MBAM. Il te servira à scanner les fichiers douteux en complément de l'antivirus et scanne le disque dur régulièrement.

    Par rapport au P2P : Lien

    Voici un dossier complet (A lire avec Adobe Reader ou Foxit Reader) : Lien


    ==Problème résolu ?==

    --> Si tu estimes que ton problème est résolu, ajoute [Résolu] au titre. Pour cela :
  • Clique, dans ton premier message, sur le bouton Editer .
  • Ajoute la mention [Résolu] devant le titre.
  • Clique ensuite sur Valider votre message.


    Sois plus vigilant(e) sur Internet ;) 
    7 Mars 2010 22:31:34

    J'ai toujours un souci avec Toolscleaner, ca plante au niveau de la recherche, mais sinon j'ai tout fais. Nickel merci bien !
    a c 267 8 Sécurité
    8 Mars 2010 09:09:39

    Même s'il a l'air de planter, laisse-le tourner.
    Tom's guide dans le monde
    • Allemagne
    • Italie
    • Irlande
    • Royaume Uni
    • Etats Unis
    Suivre Tom's Guide
    Inscrivez-vous à la Newsletter
    • ajouter à twitter
    • ajouter à facebook
    • ajouter un flux RSS