Se connecter / S'enregistrer
Votre question

Virus => live security platinium.

Tags :
  • Virus
  • Internet
  • msn
  • Sécurité
Dernière réponse : dans Sécurité et virus
2 Août 2012 13:32:29

Quelqu'un pourrait m'aider à me débarrasser de ce virus?
Mon pc est inutilisable, je n'arrive pas à ouvrir de page internet.

Autres pages sur : virus live security platinium

Contenus similaires
4 Août 2012 15:56:38

Bonjour,

Voilà le rapport,


RogueKiller V7.6.5 [03/08/2012] par Tigzy
mail: tigzyRK<at>gmail<dot>com
Remontees: http://www.sur-la-toile.com/discussion-193725-1-BRogueK...
Blog: http://tigzyrk.blogspot.com

Systeme d'exploitation: Windows XP (5.1.2600 Service Pack 3) 32 bits version
Demarrage : Mode sans echec
Utilisateur: sara [Droits d'admin]
Mode: Recherche -- Date: 04/08/2012 15:49:08

¤¤¤ Processus malicieux: 1 ¤¤¤
[ZeroAccess] n -- c:\windows\system32\n -> UNLOADED

¤¤¤ Entrees de registre: 15 ¤¤¤
[HJ NAME] HKLM\[...]\Run : conhost (C:\Documents and Settings\sara\Application Data\Microsoft\conhost.exe) -> FOUND
[SUSP PATH] HKCU\[...]\RunOnce : 036DFF42000CBF0716764DF77B07D329 (C:\Documents and Settings\All Users\Application Data\036DFF42000CBF0716764DF77B07D329\036DFF42000CBF0716764DF77B07D329.exe) -> FOUND
[SUSP PATH] HKUS\S-1-5-21-2188283067-1453689397-2529006832-1006[...]\RunOnce : 036DFF42000CBF0716764DF77B07D329 (C:\Documents and Settings\All Users\Application Data\036DFF42000CBF0716764DF77B07D329\036DFF42000CBF0716764DF77B07D329.exe) -> FOUND
[SUSP PATH] HKCU\[...]\Windows : load (C:\DOCUME~1\sara\LOCALS~1\Temp\csrss.exe) -> FOUND
[SUSP PATH] HKUS\S-1-5-21-2188283067-1453689397-2529006832-1006[...]\Windows : load (C:\DOCUME~1\sara\LOCALS~1\Temp\csrss.exe) -> FOUND
[DNS] HKLM\[...]\ControlSet001\Parameters\Interfaces\{069B0BAF-D538-4EFF-A729-6B0DEE4ABE52} : NameServer (178.33.41.181,88.191.223.122) -> FOUND
[DNS] HKLM\[...]\ControlSet001\Parameters\Interfaces\{8706544E-A2EE-4AE4-A88E-A909D3FD62A2} : NameServer (178.33.41.181,88.191.223.122) -> FOUND
[DNS] HKLM\[...]\ControlSet002\Parameters\Interfaces\{069B0BAF-D538-4EFF-A729-6B0DEE4ABE52} : NameServer (178.33.41.181,88.191.223.122) -> FOUND
[DNS] HKLM\[...]\ControlSet002\Parameters\Interfaces\{8706544E-A2EE-4AE4-A88E-A909D3FD62A2} : NameServer (178.33.41.181,88.191.223.122) -> FOUND
[HJPOL] HKCU\[...]\System : DisableRegistryTools (1) -> FOUND
[HJ] HKLM\[...]\SystemRestore : DisableSR (1) -> FOUND
[HJ] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0) -> FOUND
[ZeroAccess] HKCR\[...]\InprocServer32 : (\\.\globalroot\systemroot\Installer\{84539f58-c130-76a5-bc70-2429dc501664}\n.) -> FOUND
[ZeroAccess] HKCR\[...]\InprocServer32 : (C:\Documents and Settings\sara\Local Settings\Application Data\{84539f58-c130-76a5-bc70-2429dc501664}\n.) -> FOUND
[ZeroAccess] HKLM\[...]\InprocServer32 : (\\.\globalroot\systemroot\Installer\{84539f58-c130-76a5-bc70-2429dc501664}\n.) -> FOUND

¤¤¤ Fichiers / Dossiers particuliers: ¤¤¤
[ZeroAccess][FILE] n : c:\windows\installer\{84539f58-c130-76a5-bc70-2429dc501664}\n --> FOUND
[ZeroAccess][FILE] @ : c:\windows\installer\{84539f58-c130-76a5-bc70-2429dc501664}\@ --> FOUND
[ZeroAccess][FOLDER] U : c:\windows\installer\{84539f58-c130-76a5-bc70-2429dc501664}\U --> FOUND
[ZeroAccess][FOLDER] L : c:\windows\installer\{84539f58-c130-76a5-bc70-2429dc501664}\L --> FOUND
[ZeroAccess][FILE] n : c:\documents and settings\sara\local settings\application data\{84539f58-c130-76a5-bc70-2429dc501664}\n --> FOUND
a c 267 8 Sécurité
a b 2 Internet
4 Août 2012 18:19:05

  • Relance RogueKiller, choisis l'option "Suppression" et poste le rapport.
    4 Août 2012 19:38:39

    Voilà le rapport de suppression,

    RogueKiller V7.6.5 [03/08/2012] par Tigzy
    mail: tigzyRK<at>gmail<dot>com
    Remontees: http://www.sur-la-toile.com/discussion-193725-1-BRogueK...
    Blog: http://tigzyrk.blogspot.com

    Systeme d'exploitation: Windows XP (5.1.2600 Service Pack 3) 32 bits version
    Demarrage : Mode sans echec
    Utilisateur: sara [Droits d'admin]
    Mode: Suppression -- Date: 04/08/2012 19:36:41

    ¤¤¤ Processus malicieux: 1 ¤¤¤
    [ZeroAccess] n -- c:\windows\system32\n -> UNLOADED

    ¤¤¤ Entrees de registre: 12 ¤¤¤
    [HJ NAME] HKLM\[...]\Run : conhost (C:\Documents and Settings\sara\Application Data\Microsoft\conhost.exe) -> DELETED
    [SUSP PATH] HKCU\[...]\RunOnce : 036DFF42000CBF0716764DF77B07D329 (C:\Documents and Settings\All Users\Application Data\036DFF42000CBF0716764DF77B07D329\036DFF42000CBF0716764DF77B07D329.exe) -> DELETED
    [SUSP PATH] HKCU\[...]\Windows : load (C:\DOCUME~1\sara\LOCALS~1\Temp\csrss.exe) -> DELETED
    [DNS] HKLM\[...]\ControlSet001\Parameters\Interfaces\{069B0BAF-D538-4EFF-A729-6B0DEE4ABE52} : NameServer (178.33.41.181,88.191.223.122) -> NOT REMOVED, USE DNSFIX
    [DNS] HKLM\[...]\ControlSet001\Parameters\Interfaces\{8706544E-A2EE-4AE4-A88E-A909D3FD62A2} : NameServer (178.33.41.181,88.191.223.122) -> NOT REMOVED, USE DNSFIX
    [DNS] HKLM\[...]\ControlSet002\Parameters\Interfaces\{069B0BAF-D538-4EFF-A729-6B0DEE4ABE52} : NameServer (178.33.41.181,88.191.223.122) -> NOT REMOVED, USE DNSFIX
    [DNS] HKLM\[...]\ControlSet002\Parameters\Interfaces\{8706544E-A2EE-4AE4-A88E-A909D3FD62A2} : NameServer (178.33.41.181,88.191.223.122) -> NOT REMOVED, USE DNSFIX
    [HJPOL] HKCU\[...]\System : DisableRegistryTools (1) -> DELETED
    [HJ] HKLM\[...]\SystemRestore : DisableSR (1) -> REPLACED (0)
    [HJ] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0) -> REPLACED (2)
    [ZeroAccess] HKCR\[...]\InprocServer32 : (\\.\globalroot\systemroot\Installer\{84539f58-c130-76a5-bc70-2429dc501664}\n.) -> REPLACED (c:\windows\system32\wbem\wbemess.dll)
    [ZeroAccess] HKCR\[...]\InprocServer32 : (C:\Documents and Settings\sara\Local Settings\Application Data\{84539f58-c130-76a5-bc70-2429dc501664}\n.) -> REPLACED (c:\windows\system32\shell32.dll)

    ¤¤¤ Fichiers / Dossiers particuliers: ¤¤¤
    a c 267 8 Sécurité
    a b 2 Internet
    4 Août 2012 19:49:07

    Réessaie ComboFix maintenant.
    4 Août 2012 20:51:10

    ComboFix 12-07-31.06 - sara 04/08/2012 20:08:34.1.2 - x86 NETWORK
    Lancé depuis: c:\documents and settings\sara\Bureau\ComboFix.exe
    * Un nouveau point de restauration a été créé
    .
    .
    (((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    c:\documents and settings\All Users\Application Data\036DFF42000CBF0716764DF77B07D329
    c:\documents and settings\All Users\Application Data\036DFF42000CBF0716764DF77B07D329\036DFF42000CBF0716764DF77B07D329
    c:\documents and settings\All Users\Application Data\036DFF42000CBF0716764DF77B07D329\036DFF42000CBF0716764DF77B07D329.exe
    c:\documents and settings\All Users\Application Data\036DFF42000CBF0716764DF77B07D329\036DFF42000CBF0716764DF77B07D329.ico
    c:\documents and settings\All Users\Application Data\F4D55F0200009B49000A922DD151FC84
    c:\documents and settings\All Users\Application Data\F4D55F0200009B49000A922DD151FC84\F4D55F0200009B49000A922DD151FC84
    c:\documents and settings\All Users\Application Data\F4D55F0200009B49000A922DD151FC84\F4D55F0200009B49000A922DD151FC84.exe
    c:\documents and settings\All Users\Application Data\TEMP
    c:\documents and settings\sara\Application Data\1420.C3B
    c:\documents and settings\sara\Application Data\app
    c:\documents and settings\sara\Application Data\app\Jerakine_lang.dat
    c:\documents and settings\sara\Application Data\app\Jerakine_lang_vesrion.dat
    c:\documents and settings\sara\Application Data\OfferBox
    c:\documents and settings\sara\Application Data\OfferBox\config.xml
    c:\documents and settings\sara\Application Data\OfferBox\run.log
    c:\documents and settings\sara\Application Data\Toolbar4
    c:\documents and settings\sara\Application Data\Toolbar4\{977AE9CC-AF83-45E8-9E03-E2798216E2D5}\cache\078441d787a582adce0e7e2171812479
    c:\documents and settings\sara\Application Data\Toolbar4\{977AE9CC-AF83-45E8-9E03-E2798216E2D5}\cache\33f11277e5483b8207cde8ef71134210
    c:\documents and settings\sara\Application Data\Toolbar4\{977AE9CC-AF83-45E8-9E03-E2798216E2D5}\cache\4d2a15efb49fc02fe1ea1ba7cc36c7e8
    c:\documents and settings\sara\Application Data\Toolbar4\{977AE9CC-AF83-45E8-9E03-E2798216E2D5}\cache\4df398849b3c943ab608c417a877b12f
    c:\documents and settings\sara\Application Data\Toolbar4\{977AE9CC-AF83-45E8-9E03-E2798216E2D5}\cache\53399d9b1479c70296a4a7e0bc2ba9d1
    c:\documents and settings\sara\Application Data\Toolbar4\{977AE9CC-AF83-45E8-9E03-E2798216E2D5}\cache\60a0e7d31b853c75208a1d53ad68b3b1
    c:\documents and settings\sara\Application Data\Toolbar4\{977AE9CC-AF83-45E8-9E03-E2798216E2D5}\cache\7f10799b520eb75068523ed6bc9b4e3b
    c:\documents and settings\sara\Application Data\Toolbar4\{977AE9CC-AF83-45E8-9E03-E2798216E2D5}\cache\baf9ede953b14674fdac47589172031c
    c:\documents and settings\sara\Application Data\Toolbar4\{977AE9CC-AF83-45E8-9E03-E2798216E2D5}\cache\cf4a2d64dc04acfea07c1e0c7d381ff2
    c:\documents and settings\sara\Application Data\Toolbar4\{977AE9CC-AF83-45E8-9E03-E2798216E2D5}\include_files\10df9536f6a94fe378e20591f7829077
    c:\documents and settings\sara\Application Data\Toolbar4\{977AE9CC-AF83-45E8-9E03-E2798216E2D5}\include_files\2457f858f97e82eda65e432eac74be80
    c:\documents and settings\sara\Application Data\Toolbar4\{977AE9CC-AF83-45E8-9E03-E2798216E2D5}\include_files\f2d989530c2d8ae086261e590356fc71
    c:\documents and settings\sara\Application Data\Toolbar4\{977AE9CC-AF83-45E8-9E03-E2798216E2D5}\include_files\f82075d3aae23204b585939f84953196
    c:\documents and settings\sara\Local Settings\Application Data\{84539f58-c130-76a5-bc70-2429dc501664}
    c:\documents and settings\sara\Local Settings\Application Data\{84539f58-c130-76a5-bc70-2429dc501664}\@
    c:\documents and settings\sara\Local Settings\Application Data\{84539f58-c130-76a5-bc70-2429dc501664}\n
    c:\documents and settings\sara\Local Settings\Application Data\{84539f58-c130-76a5-bc70-2429dc501664}\U\00000001.@
    c:\documents and settings\sara\Local Settings\Application Data\{84539f58-c130-76a5-bc70-2429dc501664}\U\80000000.@
    c:\documents and settings\sara\Local Settings\Application Data\{84539f58-c130-76a5-bc70-2429dc501664}\U\800000cb.@
    c:\documents and settings\sara\viuoqu.scr
    c:\documents and settings\sara\yoayo.exe
    c:\windows\Installer\{84539f58-c130-76a5-bc70-2429dc501664}
    c:\windows\Installer\{84539f58-c130-76a5-bc70-2429dc501664}\@
    c:\windows\Installer\{84539f58-c130-76a5-bc70-2429dc501664}\n
    c:\windows\system32\28463
    c:\windows\system32\2aa237ba.exe
    c:\windows\system32\7813d272.dll
    c:\windows\system32\b658a6ef.dll
    c:\windows\system32\SET6B.tmp
    c:\windows\system32\SET77.tmp
    c:\windows\system32\SET80.tmp
    c:\windows\system32\SET81.tmp
    c:\windows\system32\SET83.tmp
    c:\windows\system32\SET85.tmp
    c:\windows\system32\SET92.tmp
    c:\windows\system32\SET9B.tmp
    c:\windows\system32\svchost .exe
    c:\windows\system32\URTTemp
    c:\windows\system32\URTTemp\fusion.dll
    c:\windows\system32\URTTemp\mscoree.dll
    c:\windows\system32\URTTemp\mscoree.dll.local
    c:\windows\system32\URTTemp\mscorsn.dll
    c:\windows\system32\URTTemp\mscorwks.dll
    c:\windows\system32\URTTemp\msvcr71.dll
    c:\windows\system32\URTTemp\regtlib.exe
    .
    .
    ((((((((((((((((((((((((((((( Fichiers créés du 2012-07-04 au 2012-08-04 ))))))))))))))))))))))))))))))))))))
    .
    .
    2012-08-04 13:48 . 2012-08-04 17:33 14080 ----a-w- c:\windows\system32\drivers\TrueSight.sys
    2012-08-02 11:50 . 2012-08-02 11:50 -------- d-----w- C:\_OTL
    2012-08-01 21:49 . 2012-08-01 21:49 56320 ---ha-w- c:\windows\system32\dplaolsv.dll
    .
    .
    .
    (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2012-07-28 15:03 . 2012-04-09 10:26 426184 ----a-w- c:\windows\system32\FlashPlayerApp.exe
    2012-07-28 15:03 . 2011-11-05 20:31 70344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
    2012-06-02 13:19 . 2009-08-06 17:24 16408 ----a-w- c:\windows\system32\wuapi.dll.mui
    2012-06-02 13:19 . 2009-04-04 06:55 329240 ----a-w- c:\windows\system32\wucltui.dll
    2012-06-02 13:19 . 2009-04-04 06:55 219160 ----a-w- c:\windows\system32\wuaucpl.cpl
    2012-06-02 13:19 . 2009-04-04 06:55 210968 ----a-w- c:\windows\system32\wuweb.dll
    2012-06-02 13:19 . 2009-08-06 17:24 45080 ----a-w- c:\windows\system32\wups2.dll
    2012-06-02 13:19 . 2009-04-04 15:37 97304 ----a-w- c:\windows\system32\cdm.dll
    2012-06-02 13:19 . 2009-04-04 06:55 53784 ----a-w- c:\windows\system32\wuauclt.exe
    2012-06-02 13:19 . 2009-04-04 06:55 35864 ----a-w- c:\windows\system32\wups.dll
    2012-06-02 13:19 . 2009-08-06 17:24 19480 ----a-w- c:\windows\system32\wuaueng.dll.mui
    2012-06-02 13:19 . 2009-08-06 17:24 16408 ----a-w- c:\windows\system32\wuaucpl.cpl.mui
    2012-06-02 13:19 . 2009-04-04 06:55 577048 ----a-w- c:\windows\system32\wuapi.dll
    2012-06-02 13:19 . 2009-08-06 17:23 25112 ----a-w- c:\windows\system32\wucltui.dll.mui
    2012-06-02 13:19 . 2009-04-04 06:55 1933848 ----a-w- c:\windows\system32\wuaueng.dll
    2012-06-02 13:18 . 2010-07-03 17:49 275696 ----a-w- c:\windows\system32\mucltui.dll
    2012-06-02 13:18 . 2010-07-03 17:49 214256 ----a-w- c:\windows\system32\muweb.dll
    2012-06-02 13:18 . 2010-07-03 17:49 18672 ----a-w- c:\windows\system32\mucltui.dll.mui
    2012-05-31 13:22 . 2009-04-04 15:37 606208 ----a-w- c:\windows\system32\crypt32.dll
    2012-05-16 15:06 . 2009-04-04 15:38 916992 ----a-w- c:\windows\system32\wininet.dll
    2012-05-15 13:55 . 2009-04-04 15:38 1863296 ----a-w- c:\windows\system32\win32k.sys
    2012-05-11 14:40 . 2009-04-04 15:37 43520 ----a-w- c:\windows\system32\licmgr10.dll
    2012-05-11 14:40 . 2009-04-04 15:37 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
    2012-05-11 11:38 . 2009-04-04 15:37 385024 ----a-w- c:\windows\system32\html.iec
    2012-07-29 21:59 . 2012-02-13 17:00 136672 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
    2008-04-12 19:46 617343 --sha-r- c:\windows\system32\regsvr.exe
    .
    .
    ------- Sigcheck -------
    Note: Unsigned files aren't necessarily malware.
    .
    [7] 2008-06-20 . AD978A1B783B5719720CFF204B666C8E . 361600 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB2509553\SP3QFE\tcpip.sys
    [7] 2008-06-20 . AD978A1B783B5719720CFF204B666C8E . 361600 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3QFE\tcpip.sys
    [7] 2008-06-20 . 9AEFA14BD6B182D61E3119FA5F436D3D . 361600 . . [5.1.2600.5625] . . c:\windows\system32\dllcache\tcpip.sys
    [-] 2008-06-20 . 4AFB3B0919649F95C1964AA1FAD27D73 . 361600 . . [5.1.2600.5625] . . c:\windows\system32\drivers\tcpip.sys
    [7] 2008-04-14 . 93EA8D04EC73A85DB02EB8805988F733 . 361344 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB951748$\tcpip.sys
    .
    ((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
    REGEDIT4
    .
    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
    2012-04-09 15:43 1519272 ----a-w- c:\program files\Ask.com\GenericAskToolbar.dll
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
    "{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2012-04-09 1519272]
    .
    [HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
    [HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
    [HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
    [HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
    .
    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "SmpcSys"="c:\program files\Packard Bell\SetupmyPC\SmpSys.exe" [2009-03-18 1160736]
    "ccleaner"="c:\program files\CCleaner\CCleaner.exe" [2011-01-24 2200376]
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "M3000Mnt"="M3000Rmv.dll " [X]
    "IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2008-04-15 178712]
    "IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-02-28 141848]
    "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-02-28 166424]
    "Persistence"="c:\windows\system32\igfxpers.exe" [2008-02-28 137752]
    "RTHDCPL"="RTHDCPL.EXE" [2009-02-24 17529856]
    "AzMixerSel"="c:\program files\Realtek\Audio\Drivers\AzMixerSel.exe" [2006-01-25 53248]
    "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-06-12 34672]
    "IMJPMIG8.1"="c:\windows\IME\imjp8_1\IMJPMIG.EXE" [2008-04-14 208952]
    "MSPY2002"="c:\windows\system32\IME\PINTLGNT\ImScInst.exe" [2008-04-14 59392]
    "PHIME2002ASync"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2008-04-14 455168]
    "PHIME2002A"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2008-04-14 455168]
    "SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2009-02-06 1430824]
    "LManager"="c:\progra~1\LAUNCH~1\LManager.exe" [2009-01-17 862728]
    "Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2009-07-26 24064]
    "TkBellExe"="c:\program files\real\realplayer\update\realsched.exe" [2011-05-01 273544]
    "PenWes"="c:\program files\PenWes\penwes.exe" [2011-05-31 1422848]
    "ApnUpdater"="c:\program files\Ask.com\Updater\Updater.exe" [2012-04-09 1557160]
    "SunJavaUpdateSched"="c:\program files\Fichiers communs\Java\Java Update\jusched.exe" [2012-01-18 254696]
    "Intel AppUp(SM) center"="c:\program files\Intel\IntelAppStore\bin\ismagent.lnk" [2012-02-20 1003]
    "Intel AppUp(SM) center_Nagware"="c:\program files\Intel\IntelAppStore\bin\AppUp.lnk" [2012-02-20 1880]
    .
    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
    .
    c:\documents and settings\sara\Menu Démarrer\Programmes\Démarrage\
    OpenOffice.org 3.2.lnk - c:\program files\OpenOffice.org 3\program\quickstart.exe [2010-5-20 1195008]
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
    "ConsentPromptBehaviorAdmin"= 0 (0x0)
    "PromptOnSecureDesktop"= 0 (0x0)
    .
    [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
    Domestic Security Version 4.87
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SymEFA.sys]
    @="FSFilter Activity Monitor"
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
    @="Driver"
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\security center]
    "AntiVirusOverride"=dword:00000001
    .
    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
    "%windir%\\system32\\sessmgr.exe"=
    .
    R0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\NIS\1008030.006\SymEFA.sys [11/10/2011 19:37 310320]
    R1 BHDrvx86;Symantec Heuristics Driver;c:\windows\system32\drivers\NIS\1008030.006\BHDrvx86.sys [11/10/2011 19:37 259632]
    R1 ccHP;Symantec Hash Provider;c:\windows\system32\drivers\NIS\1008030.006\cchpx86.sys [11/10/2011 19:36 467592]
    R2 Norton Internet Security;Norton Internet Security;c:\program files\Norton Internet Security\Engine\16.8.3.6\ccSvcHst.exe [11/10/2011 19:37 117648]
    R3 L1c;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller;c:\windows\system32\drivers\l1c51x86.sys [04/04/2009 17:38 38912]
    R3 M3000Srv;WebCam Driver;c:\windows\system32\drivers\M3000KNT.sys [26/07/2009 03:45 145152]
    S1 IDSxpx86;IDSxpx86;c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20100928.001\IDSXpx86.sys [29/09/2010 13:53 331640]
    S2 gupdate;Service Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [02/07/2010 23:43 135664]
    S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [09/04/2012 12:26 250056]
    S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [04/04/2009 10:21 1684736]
    S3 ewusbnet;HUAWEI USB-NDIS miniport;c:\windows\system32\DRIVERS\ewusbnet.sys --> c:\windows\system32\DRIVERS\ewusbnet.sys [?]
    S3 GoogleDesktopManager-080708-050100;Google Desktop Manager 5.7.808.7150;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [26/07/2009 03:46 24064]
    S3 gupdatem;Service Google Update (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [02/07/2010 23:43 135664]
    S3 hwusbdev;Huawei DataCard USB PNP Device;c:\windows\system32\DRIVERS\ewusbdev.sys --> c:\windows\system32\DRIVERS\ewusbdev.sys [?]
    S3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\Mozilla Maintenance Service\maintenanceservice.exe [05/05/2012 08:48 113120]
    S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\drivers\RtsUStor.sys [04/04/2009 10:19 162816]
    S3 Rts516xIR;Realtek IR Driver;c:\windows\system32\DRIVERS\Rts516xIR.sys --> c:\windows\system32\DRIVERS\Rts516xIR.sys [?]
    .
    --- Autres Services/Pilotes en mémoire ---
    .
    *NewlyCreated* - WUAUSERV
    .
    Contenu du dossier 'Tâches planifiées'
    .
    2012-08-01 c:\windows\Tasks\Adobe Flash Player Updater.job
    - c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-09 15:03]
    .
    2012-08-04 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
    - c:\program files\Google\Update\GoogleUpdate.exe [2010-07-02 21:43]
    .
    2012-08-01 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
    - c:\program files\Google\Update\GoogleUpdate.exe [2010-07-02 21:43]
    .
    2012-08-04 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-2188283067-1453689397-2529006832-1006.job
    - c:\program files\Real\RealUpgrade\realupgrade.exe [2011-03-29 08:47]
    .
    2012-07-10 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-2188283067-1453689397-2529006832-1006.job
    - c:\program files\Real\RealUpgrade\realupgrade.exe [2011-03-29 08:47]
    .
    2012-08-04 c:\windows\Tasks\Scheduled Update for Ask Toolbar.job
    - c:\program files\Ask.com\UpdateTask.exe [2012-04-09 15:43]
    .
    .
    ------- Examen supplémentaire -------
    .
    uStart Page = hxxp://www.google.com/
    uDefault_Search_URL = hxxp://search.certified-toolbar.com?si=38268&tid=77&bs=true&q=
    uInternet Connection Wizard,ShellNext = iexplore
    IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
    IE: Free YouTube to MP3 Converter - c:\documents and settings\sara\Application Data\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
    Trusted Zone: memberservice.net
    Trusted Zone: passport.com\login
    Trusted Zone: passport.com\loginnet
    TCP: DhcpNameServer = 194.158.122.10 194.158.122.15
    TCP: Interfaces\{069B0BAF-D538-4EFF-A729-6B0DEE4ABE52}: NameServer = 178.33.41.181,88.191.223.122
    TCP: Interfaces\{8706544E-A2EE-4AE4-A88E-A909D3FD62A2}: NameServer = 178.33.41.181,88.191.223.122
    FF - ProfilePath - c:\documents and settings\sara\Application Data\Mozilla\Firefox\Profiles\kj7hduq8.default\
    FF - prefs.js: browser.search.selectedEngine - Google
    FF - prefs.js: browser.startup.homepage - www.google.fr
    FF - prefs.js: keyword.URL - chrome://browser-region/locale/region.properties
    FF - prefs.js: network.proxy.http - 127.0.0.1
    FF - prefs.js: network.proxy.http_port - 53717
    FF - prefs.js: network.proxy.type - 4
    FF - user.js: yahoo.ytff.general.dontshowhpoffer - true);user_pref(extensions.BabylonToolbar_i.babTrack, affID=108988
    FF - user.js: extensions.BabylonToolbar_i.babExt -
    FF - user.js: extensions.BabylonToolbar_i.srcExt - ss
    FF - user.js: extensions.BabylonToolbar_i.id - 3e3857490000000000000026221486d5
    FF - user.js: extensions.BabylonToolbar_i.hardId - 3e3857490000000000000026221486d5
    FF - user.js: extensions.BabylonToolbar_i.instlDay - 15397
    FF - user.js: extensions.BabylonToolbar_i.vrsn - 1.5.3.17
    FF - user.js: extensions.BabylonToolbar_i.vrsni - 1.5.3.17
    FF - user.js: extensions.BabylonToolbar_i.vrsnTs - 1.5.3.1710:43
    FF - user.js: extensions.BabylonToolbar_i.prtnrId - babylon
    FF - user.js: extensions.BabylonToolbar_i.prdct - BabylonToolbar
    FF - user.js: extensions.BabylonToolbar_i.aflt - babsst
    FF - user.js: extensions.BabylonToolbar_i.smplGrp - none
    FF - user.js: extensions.BabylonToolbar_i.tlbrId - base
    FF - user.js: extensions.BabylonToolbar_i.instlRef - sst
    .
    - - - - ORPHELINS SUPPRIMES - - - -
    .
    BHO-{58124A0B-DC32-4180-9BFF-E0E21AE34026} - c:\program files\IMinent Toolbar\tbcore3.dll
    BHO-{7e9d38c6-fc7f-e13d-4b64-2b5a79627ec4} - c:\windows\system32\7813d272.dll
    BHO-{b90347be-8bea-0b0f-9505-436f35c861f8} - c:\windows\system32\b658a6ef.dll
    Toolbar-{977AE9CC-AF83-45E8-9E03-E2798216E2D5} - c:\program files\IMinent Toolbar\tbcore3.dll
    Toolbar-10 - (no file)
    WebBrowser-{977AE9CC-AF83-45E8-9E03-E2798216E2D5} - c:\program files\IMinent Toolbar\tbcore3.dll
    HKLM-Run-QuickTime Task - c:\program files\QuickTime\qttask.exe
    AddRemove-2aa237ba - c:\windows\system32\2aa237ba.exe
    .
    .
    .
    **************************************************************************
    .
    catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2012-08-04 20:31
    Windows 5.1.2600 Service Pack 3 NTFS
    .
    Recherche de processus cachés ...
    .
    Recherche d'éléments en démarrage automatique cachés ...
    .
    Recherche de fichiers cachés ...
    .
    Scan terminé avec succès
    Fichiers cachés: 0
    .
    **************************************************************************
    .
    [HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Norton Internet Security]
    "ImagePath"="\"c:\program files\Norton Internet Security\Engine\16.8.3.6\ccSvcHst.exe\" /s \"Norton Internet Security\" /m \"c:\program files\Norton Internet Security\Engine\16.8.3.6\diMaster.dll\" /prefetch:1"
    .
    --------------------- DLLs chargées dans les processus actifs ---------------------
    .
    - - - - - - - > 'explorer.exe'(3788)
    c:\windows\system32\eappprxy.dll
    c:\windows\system32\webcheck.dll
    c:\windows\system32\WPDShServiceObj.dll
    c:\windows\system32\PortableDeviceTypes.dll
    c:\windows\system32\PortableDeviceApi.dll
    c:\windows\system32\xpsp3res.dll
    .
    ------------------------ Autres processus actifs ------------------------
    .
    c:\program files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
    c:\program files\Java\jre6\bin\jqs.exe
    c:\windows\RTHDCPL.EXE
    c:\windows\system32\igfxsrvc.exe
    c:\windows\WebCam\M3000\M3000Mnt.exe
    c:\program files\Intel\IntelAppStore\bin\ismagent.exe
    c:\program files\Intel\IntelAppStore\bin\AppUp.exe
    c:\progra~1\SEARCH~1\Datamngr\DATAMN~1.EXE
    c:\windows\system32\igfxext.exe
    c:\program files\real\realplayer\RealPlay.exe
    c:\program files\OpenOffice.org 3\program\soffice.exe
    c:\program files\OpenOffice.org 3\program\soffice.bin
    .
    **************************************************************************
    .
    Heure de fin: 2012-08-04 20:38:03 - La machine a redémarré
    ComboFix-quarantined-files.txt 2012-08-04 18:37
    .
    Avant-CF: 114 568 384 512 octets libres
    Après-CF: 114 516 533 248 octets libres
    .
    - - End Of File - - 476F2793A1C30ABDC6695027FAB4286B


    Voilà
    4 Août 2012 21:13:07

    Et voilà:

    # AdwCleaner v1.800 - Rapport créé le 04/08/2012 à 21:07:38
    # Mis à jour le 01/08/2012 par Xplode
    # Système d'exploitation : Microsoft Windows XP Service Pack 3 (32 bits)
    # Nom d'utilisateur : sara - [Droits d'admin]
    # Exécuté depuis : C:\Documents and Settings\sara\Mes documents\Téléchargements\adwcleaner.exe
    # Option [Suppression]


    ***** [Services] *****


    ***** [Fichiers / Dossiers] *****

    Dossier Supprimé : C:\Documents and Settings\sara\Local Settings\Application Data\APN
    Dossier Supprimé : C:\Documents and Settings\sara\Local Settings\Application Data\AskToolbar
    Dossier Supprimé : C:\Documents and Settings\sara\Local Settings\Application Data\Conduit
    Dossier Supprimé : C:\Documents and Settings\sara\Local Settings\Application Data\Vuze_Remote
    Dossier Supprimé : C:\Documents and Settings\sara\Application Data\Babylon
    Dossier Supprimé : C:\Documents and Settings\sara\Application Data\Iminent
    Dossier Supprimé : C:\Documents and Settings\sara\Application Data\kujytuo
    Dossier Supprimé : C:\Documents and Settings\sara\Application Data\searchquband
    Dossier Supprimé : C:\Documents and Settings\sara\Application Data\Searchqutoolbar
    Dossier Supprimé : C:\Documents and Settings\sara\Application Data\Mozilla\Firefox\Profiles\kj7hduq8.default\Conduit
    Dossier Supprimé : C:\Documents and Settings\sara\Application Data\Mozilla\Firefox\Profiles\kj7hduq8.default\ConduitCommon
    Dossier Supprimé : C:\Documents and Settings\sara\Application Data\Mozilla\Firefox\Profiles\kj7hduq8.default\ConduitEngine
    Dossier Supprimé : C:\Documents and Settings\sara\Application Data\Mozilla\Firefox\Profiles\kj7hduq8.default\CT2851639
    Dossier Supprimé : C:\Documents and Settings\sara\Application Data\Mozilla\Firefox\Profiles\kj7hduq8.default\Searchqutoolbar
    Dossier Supprimé : C:\Documents and Settings\sara\Application Data\Mozilla\Firefox\Profiles\kj7hduq8.default\extensions\{05eeb91a-aef7-4f8a-978f-fb83e7b03f8e}
    Dossier Supprimé : C:\Documents and Settings\sara\Application Data\Mozilla\Firefox\Profiles\kj7hduq8.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}
    Dossier Supprimé : C:\Documents and Settings\sara\Application Data\Mozilla\Firefox\Profiles\kj7hduq8.default\extensions\{C9B68337-E93A-44EA-94DC-CB300EC06444}
    Dossier Supprimé : C:\Documents and Settings\sara\Application Data\Mozilla\Firefox\Profiles\kj7hduq8.default\extensions\engine@conduit.com
    Dossier Supprimé : C:\Documents and Settings\sara\Application Data\Mozilla\Firefox\Profiles\kj7hduq8.default\extensions\toolbar@ask.com
    Dossier Supprimé : C:\Documents and Settings\All Users\Application Data\Babylon
    Dossier Supprimé : C:\Documents and Settings\All Users\Application Data\boost_interprocess
    Dossier Supprimé : C:\Program Files\Ask.com
    Dossier Supprimé : C:\Program Files\Conduit
    Dossier Supprimé : C:\Program Files\Ilivid
    Dossier Supprimé : C:\Program Files\Iminent
    Dossier Supprimé : C:\Program Files\Searchqu Toolbar
    Dossier Supprimé : C:\WINDOWS\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
    Fichier Supprimé : C:\Documents and Settings\sara\Application Data\Mozilla\Firefox\Profiles\kj7hduq8.default\searchplugins\Search_Results.xml
    Fichier Supprimé : C:\Documents and Settings\sara\Application Data\Mozilla\Firefox\Profiles\kj7hduq8.default\searchplugins\SearchTheWeb.xml
    Fichier Supprimé : C:\Program Files\Mozilla Firefox\searchplugins\babylon.xml
    Fichier Supprimé : C:\Program Files\Mozilla FireFox\searchplugins\Search_Results.xml
    Fichier Supprimé : C:\WINDOWS\Tasks\Scheduled Update for Ask Toolbar.job

    ***** [Registre] *****

  • Clé Supprimée : HKCU\Software\TBSB01620
  • Clé Supprimée : HKLM\SOFTWARE\Classes\Toolbar.CT2504091
  • Clé Supprimée : HKLM\SOFTWARE\Classes\Toolbar.CT2851639
    Clé Supprimée : HKCU\Software\APN
    Clé Supprimée : HKCU\Software\Ask.com
    Clé Supprimée : HKCU\Software\AskToolbar
    Clé Supprimée : HKCU\Software\DataMngr_Toolbar
    Clé Supprimée : HKCU\Software\ilivid
    Clé Supprimée : HKCU\Software\Iminent
    Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-405B-85AF-466F52E918B0}
    Clé Supprimée : HKCU\Software\searchqutoolbar
    Clé Supprimée : HKCU\Software\Softonic
    Clé Supprimée : HKLM\SOFTWARE\APN
    Clé Supprimée : HKLM\SOFTWARE\AskToolbar
    Clé Supprimée : HKLM\SOFTWARE\Babylon
    Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\escort.DLL
    Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
    Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\TbCommonUtils.DLL
    Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\TbHelper.EXE
    Clé Supprimée : HKLM\SOFTWARE\Classes\Conduit.Engine
    Clé Supprimée : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd
    Clé Supprimée : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1
    Clé Supprimée : HKLM\SOFTWARE\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF
    Clé Supprimée : HKLM\SOFTWARE\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF
    Clé Supprimée : HKLM\SOFTWARE\Classes\SearchQUIEHelper.DNSGuard
    Clé Supprimée : HKLM\SOFTWARE\Classes\SearchQUIEHelper.DNSGuard.1
    Clé Supprimée : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils
    Clé Supprimée : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils.1
    Clé Supprimée : HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager
    Clé Supprimée : HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager.1
    Clé Supprimée : HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager
    Clé Supprimée : HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager.1
    Clé Supprimée : HKLM\SOFTWARE\Classes\TbHelper.TbRequest
    Clé Supprimée : HKLM\SOFTWARE\Classes\TbHelper.TbRequest.1
    Clé Supprimée : HKLM\SOFTWARE\Classes\TbHelper.TbTask
    Clé Supprimée : HKLM\SOFTWARE\Classes\TbHelper.TbTask.1
    Clé Supprimée : HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper
    Clé Supprimée : HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper.1
    Clé Supprimée : HKLM\SOFTWARE\Classes\Toolbar3.ContextMenuNotifier
    Clé Supprimée : HKLM\SOFTWARE\Classes\Toolbar3.ContextMenuNotifier.1
    Clé Supprimée : HKLM\SOFTWARE\Classes\Toolbar3.CustomInternetSecurityImpl
    Clé Supprimée : HKLM\SOFTWARE\Classes\Toolbar3.CustomInternetSecurityImpl.1
    Clé Supprimée : HKLM\SOFTWARE\Conduit
    Clé Supprimée : HKLM\SOFTWARE\Freeze.com
    Clé Supprimée : HKLM\SOFTWARE\Iminent
    Clé Supprimée : HKLM\SOFTWARE\Messenger Plus!\OpenCandy
    Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\conduitEngine
    Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
    Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
    Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Searchqu Toolbar
    Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchTheWebARP
    Clé Supprimée : HKLM\SOFTWARE\OpenCandy NSIS SDK
    Valeur Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnUpdater]
    Valeur Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [DataMngr]

    ***** [Registre - GUID] *****

    Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
    Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{4CE516A7-F7AC-4628-B411-8F886DC5733E}
    Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
    Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
    Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
    Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761}
    Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{1C950DE5-D31E-42FB-AFB9-91B0161633D8}
    Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{2EECD738-5844-4A99-B4B6-146BF802613B}
    Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{3BDF4CE9-E81D-432B-A55E-9F0570CE811F}
    Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{9F34B17E-FF0D-4FAB-97C4-9713FEE79052}
    Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{A9A56B8E-2DEB-4ED3-BC92-1FA450BCE1A5}
    Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{AE338F6D-5A7C-4D1D-86E3-C618532079B5}
    Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{C339D489-FABC-41DD-B39D-276101667C70}
    Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{CC1AC828-BB47-4361-AFB5-96EEE259DD87}
    Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}
    Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{D565B35E-B787-40FA-95E3-E3562F8FC1A0}
    Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{D89031C2-10DA-4C90-9A62-FCED012BC46B}
    Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{E46C8196-B634-44A1-AF6E-957C64278AB1}
    Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921}
    Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
    Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
    Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
    Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
    Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
    Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
    Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
    Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
    Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{2A42D13C-D427-4787-821B-CF6973855778}
    Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
    Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
    Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
    Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{3D8478AA-7B88-48A9-8BCB-B85D594411EC}
    Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{452AE416-9A97-44CA-93DA-D0F15C36254F}
    Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{45CDA4F7-594C-49A0-AAD1-8224517FE979}
    Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
    Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{4897BBA6-48D9-468C-8EFA-846275D7701B}
    Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
    Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{4D8ED2B3-DC62-43EC-ABA3-5B74F046B1BE}
    Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
    Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
    Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
    Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
    Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
    Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
    Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
    Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{81E852CC-1FD5-4004-8761-79A48B975E29}
    Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
    Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
    Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
    Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
    Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
    Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{95B6A271-FEB4-4160-B0FF-44394C21C8DC}
    Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
    Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
    Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
    Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
    Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
    Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
    Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{B2CA345D-ADB8-4F5D-AC64-4AB34322F659}
    Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{B9F43021-60D4-42A6-A065-9BA37F38AC47}
    Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{BF921DD3-732A-4A11-933B-A5EA49F2FD2C}
    Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
    Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
    Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
    Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
    Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
    Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
    Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{D83B296A-2FA6-425B-8AE8-A1F33D99FBD6}
    Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
    Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
    Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
    Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
    Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{E67D5BC7-7129-493E-9281-F47BDAFACE4F}
    Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
    Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
    Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
    Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
    Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
    Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
    Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{2BF2028E-3F3C-4C05-AB45-B2F1DCFE0759}
    Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{6A4BCABA-C437-4C76-A54E-AF31B8A76CB9}
    Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{B87F8B63-7274-43FD-87FA-09D3B7496148}
    Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{C4BAE205-5E02-4E32-876E-F34B4E2D000C}
    Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{DB538320-D3C5-433C-BCA9-C4081A054FCF}
    Clé Supprimée : HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
    Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
    Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68B81CCD-A80C-4060-8947-5AE69ED01199}
    Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
    Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
    Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48D2-9061-8BBD4899EB08}
    Clé Supprimée : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
    Clé Supprimée : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}
    Clé Supprimée : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
    Clé Supprimée : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
    Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}
    Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
    Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
    Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4A99-B4B6-146BF802613B}
    Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC}
    Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}
    Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
    Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B}
    Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4}
    Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{84FF7BD6-B47F-46F8-9130-01B2696B36CB}
    Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{98889811-442D-49DD-99D7-DC866BE87DBC}
    Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}
    Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
    Valeur Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{D4027C7F-154A-4066-A1AD-4243D8127440}]

    ***** [Navigateurs] *****

    -\\ Internet Explorer v8.0.6001.18702

    [OK] Le registre ne contient aucune entrée illégitime.

    -\\ Mozilla Firefox v14.0.1 (fr)

    Nom du profil : default
    Fichier : C:\Documents and Settings\sara\Application Data\Mozilla\Firefox\Profiles\kj7hduq8.default\prefs.js

    C:\Documents and Settings\sara\Application Data\Mozilla\Firefox\Profiles\kj7hduq8.default\user.js ... Supprimé !

    Supprimée : user_pref("CT2504091..clientLogIsEnabled", true);
    Supprimée : user_pref("CT2504091..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.as[...]
    Supprimée : user_pref("CT2504091..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Re[...]
    Supprimée : user_pref("CT2504091.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
    Supprimée : user_pref("CT2504091.CTID", "CT2504091");
    Supprimée : user_pref("CT2504091.CurrentServerDate", "26-6-2011");
    Supprimée : user_pref("CT2504091.DialogsAlignMode", "LTR");
    Supprimée : user_pref("CT2504091.DialogsGetterLastCheckTime", "Sat May 14 2011 14:59:32 GMT+0200");
    Supprimée : user_pref("CT2504091.DownloadReferralCookieData", "");
    Supprimée : user_pref("CT2504091.EMailNotifierPollDate", "Sun Jun 26 2011 21:09:10 GMT+0200");
    Supprimée : user_pref("CT2504091.FeedLastCount129079840422964131", 10);
    Supprimée : user_pref("CT2504091.FeedPollDate128891351169457140", "Sun Jun 26 2011 20:39:28 GMT+0200");
    Supprimée : user_pref("CT2504091.FeedPollDate129079840422964131", "Sun Jun 26 2011 20:39:28 GMT+0200");
    Supprimée : user_pref("CT2504091.FeedTTL128891351169457140", 40);
    Supprimée : user_pref("CT2504091.FirstServerDate", "26-2-2011");
    Supprimée : user_pref("CT2504091.FirstTime", true);
    Supprimée : user_pref("CT2504091.FirstTimeFF3", true);
    Supprimée : user_pref("CT2504091.FirstTimeSettingsDone", true);
    Supprimée : user_pref("CT2504091.FixPageNotFoundErrors", true);
    Supprimée : user_pref("CT2504091.GroupingServerCheckInterval", 1440);
    Supprimée : user_pref("CT2504091.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
    Supprimée : user_pref("CT2504091.HasUserGlobalKeys", true);
    Supprimée : user_pref("CT2504091.Initialize", true);
    Supprimée : user_pref("CT2504091.InitializeCommonPrefs", true);
    Supprimée : user_pref("CT2504091.InstallationAndCookieDataSentCount", 3);
    Supprimée : user_pref("CT2504091.InstallationType", "UnknownIntegration");
    Supprimée : user_pref("CT2504091.InstalledDate", "Fri Feb 25 2011 23:46:26 GMT+0100");
    Supprimée : user_pref("CT2504091.IsGrouping", false);
    Supprimée : user_pref("CT2504091.IsMulticommunity", false);
    Supprimée : user_pref("CT2504091.IsOpenThankYouPage", false);
    Supprimée : user_pref("CT2504091.IsOpenUninstallPage", false);
    Supprimée : user_pref("CT2504091.LanguagePackLastCheckTime", "Sun Jun 26 2011 14:15:11 GMT+0200");
    Supprimée : user_pref("CT2504091.LanguagePackReloadIntervalMM", 1440);
    Supprimée : user_pref("CT2504091.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...]
    Supprimée : user_pref("CT2504091.LastLogin_2.7.2.0", "Wed May 11 2011 17:23:04 GMT+0200");
    Supprimée : user_pref("CT2504091.LastLogin_3.3.3.2", "Sun Jun 26 2011 21:08:55 GMT+0200");
    Supprimée : user_pref("CT2504091.LatestVersion", "3.3.3.2");
    Supprimée : user_pref("CT2504091.Locale", "en-us");
    Supprimée : user_pref("CT2504091.LoginCache", 4);
    Supprimée : user_pref("CT2504091.MCDetectTooltipHeight", "83");
    Supprimée : user_pref("CT2504091.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
    Supprimée : user_pref("CT2504091.MCDetectTooltipWidth", "295");
    Supprimée : user_pref("CT2504091.SearchEngine", "Search||hxxp://search.conduit.com/Results.aspx?q=UCM_SEARCH_TER[...]
    Supprimée : user_pref("CT2504091.SearchFromAddressBarIsInit", true);
    Supprimée : user_pref("CT2504091.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT250[...]
    Supprimée : user_pref("CT2504091.SearchInNewTabEnabled", true);
    Supprimée : user_pref("CT2504091.SearchInNewTabIntervalMM", 1440);
    Supprimée : user_pref("CT2504091.SearchInNewTabLastCheckTime", "Sun Jun 26 2011 14:15:10 GMT+0200");
    Supprimée : user_pref("CT2504091.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...]
    Supprimée : user_pref("CT2504091.SearchInNewTabUsageUrl", "hxxp://Usage.Hosting.conduit-services.com/UsageServic[...]
    Supprimée : user_pref("CT2504091.ServiceMapLastCheckTime", "Sun Jun 26 2011 14:15:11 GMT+0200");
    Supprimée : user_pref("CT2504091.SettingsCheckIntervalMin", 120);
    Supprimée : user_pref("CT2504091.SettingsLastCheckTime", "Sun Jun 26 2011 17:44:00 GMT+0200");
    Supprimée : user_pref("CT2504091.SettingsLastUpdate", "1306530423");
    Supprimée : user_pref("CT2504091.ThirdPartyComponentsInterval", 504);
    Supprimée : user_pref("CT2504091.ThirdPartyComponentsLastCheck", "Tue Jun 07 2011 21:05:37 GMT+0200");
    Supprimée : user_pref("CT2504091.ThirdPartyComponentsLastUpdate", "1246790578");
    Supprimée : user_pref("CT2504091.TrusteLinkUrl", "hxxp://trust.conduit.com/CT2504091");
    Supprimée : user_pref("CT2504091.UserID", "UN51771854813578590");
    Supprimée : user_pref("CT2504091.ValidationData_Search", 2);
    Supprimée : user_pref("CT2504091.ValidationData_Toolbar", 2);
    Supprimée : user_pref("CT2504091.alertChannelId", "897164");
    Supprimée : user_pref("CT2504091.clientLogIsEnabled", false);
    Supprimée : user_pref("CT2504091.clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.asm[...]
    Supprimée : user_pref("CT2504091.generalConfigFromLogin", "{\"SocialDomains\":\"social.conduit.com;apps.conduit.[...]
    Supprimée : user_pref("CT2504091.globalFirstTimeInfoLastCheckTime", "Sun Jun 26 2011 20:39:36 GMT+0200");
    Supprimée : user_pref("CT2504091.isAppTrackingManagerOn", true);
    Supprimée : user_pref("CT2504091.myStuffEnabled", true);
    Supprimée : user_pref("CT2504091.myStuffPublihserMinWidth", 400);
    Supprimée : user_pref("CT2504091.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...]
    Supprimée : user_pref("CT2504091.myStuffServiceIntervalMM", 1440);
    Supprimée : user_pref("CT2504091.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...]
    Supprimée : user_pref("CT2504091.oldAppsList", "129079840421557838,129079840422026594,129079849636241789,1290798[...]
    Supprimée : user_pref("CT2504091.testingCtid", "");
    Supprimée : user_pref("CT2504091.toolbarAppMetaDataLastCheckTime", "Sun Jun 26 2011 14:15:11 GMT+0200");
    Supprimée : user_pref("CT2504091.toolbarContextMenuLastCheckTime", "Sat May 14 2011 14:59:32 GMT+0200");
    Supprimée : user_pref("CT2504091.undefined", "Thu May 19 2011 11:29:14 GMT+0200");
    Supprimée : user_pref("CT2504091.uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Reg[...]
    Supprimée : user_pref("CT2504091.usagesFlag", 2);
    Supprimée : user_pref("CT2851639..clientLogIsEnabled", false);
    Supprimée : user_pref("CT2851639..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.as[...]
    Supprimée : user_pref("CT2851639..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Re[...]
    Supprimée : user_pref("CT2851639.ALLOW_SHOWING_HIDDEN_TOOLBAR", false);
    Supprimée : user_pref("CT2851639.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
    Supprimée : user_pref("CT2851639.AppTrackingLastCheckTime", "Sun Jul 22 2012 21:54:04 GMT+0200");
    Supprimée : user_pref("CT2851639.CTID", "CT2851639");
    Supprimée : user_pref("CT2851639.CurrentServerDate", "4-8-2012");
    Supprimée : user_pref("CT2851639.DSInstall", false);
    Supprimée : user_pref("CT2851639.DialogsAlignMode", "LTR");
    Supprimée : user_pref("CT2851639.DialogsGetterLastCheckTime", "Sat Aug 04 2012 15:49:20 GMT+0200");
    Supprimée : user_pref("CT2851639.DownloadReferralCookieData", "");
    Supprimée : user_pref("CT2851639.EMailNotifierPollDate", "Sun Jun 17 2012 19:27:39 GMT+0200");
    Supprimée : user_pref("CT2851639.EnableClickToSearchBox", false);
    Supprimée : user_pref("CT2851639.EnableSearchHistory", false);
    Supprimée : user_pref("CT2851639.EnableSearchSuggest", false);
    Supprimée : user_pref("CT2851639.FeedLastCount2548968607390276962", 227);
    Supprimée : user_pref("CT2851639.FeedPollDate2429156812186649977", "Sun Jun 17 2012 18:52:16 GMT+0200");
    Supprimée : user_pref("CT2851639.FeedPollDate2429156813040823546", "Sun Jun 17 2012 18:52:16 GMT+0200");
    Supprimée : user_pref("CT2851639.FeedPollDate2429156813130095866", "Sun Jun 17 2012 18:52:15 GMT+0200");
    Supprimée : user_pref("CT2851639.FeedPollDate2429156813224203613", "Sun Jun 17 2012 18:52:16 GMT+0200");
    Supprimée : user_pref("CT2851639.FeedPollDate2429156813230837251", "Sun Jun 17 2012 18:52:16 GMT+0200");
    Supprimée : user_pref("CT2851639.FeedPollDate2429156813454291735", "Sun Jun 17 2012 18:52:16 GMT+0200");
    Supprimée : user_pref("CT2851639.FeedPollDate2429156813729834876", "Sun Jun 17 2012 18:52:16 GMT+0200");
    Supprimée : user_pref("CT2851639.FeedPollDate2429156813860870021", "Sun Jun 17 2012 18:52:16 GMT+0200");
    Supprimée : user_pref("CT2851639.FeedPollDate2429156814264681793", "Sun Jun 17 2012 18:52:16 GMT+0200");
    Supprimée : user_pref("CT2851639.FeedPollDate2429156814863075366", "Sun Jun 17 2012 18:52:16 GMT+0200");
    Supprimée : user_pref("CT2851639.FeedPollDate2429156815257761081", "Sun Jun 17 2012 18:52:16 GMT+0200");
    Supprimée : user_pref("CT2851639.FeedTTL2429156813040823546", 15);
    Supprimée : user_pref("CT2851639.FeedTTL2429156813130095866", 10);
    Supprimée : user_pref("CT2851639.FeedTTL2429156813454291735", 5);
    Supprimée : user_pref("CT2851639.FeedTTL2429156814264681793", 5);
    Supprimée : user_pref("CT2851639.FirstServerDate", "17-6-2012");
    Supprimée : user_pref("CT2851639.FirstTime", true);
    Supprimée : user_pref("CT2851639.FirstTimeFF3", true);
    Supprimée : user_pref("CT2851639.FirstTimeHiddenVer", true);
    Supprimée : user_pref("CT2851639.FixPageNotFoundErrors", true);
    Supprimée : user_pref("CT2851639.GroupingServerCheckInterval", 1440);
    Supprimée : user_pref("CT2851639.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
    Supprimée : user_pref("CT2851639.HPInstall", false);
    Supprimée : user_pref("CT2851639.HasUserGlobalKeys", true);
    Supprimée : user_pref("CT2851639.HomePageProtectorEnabled", false);
    Supprimée : user_pref("CT2851639.HomepageBeforeUnload", "hxxp://search.certified-toolbar.com?si=38268&home=true&[...]
    Supprimée : user_pref("CT2851639.Initialize", true);
    Supprimée : user_pref("CT2851639.InitializeCommonPrefs", true);
    Supprimée : user_pref("CT2851639.InstallationAndCookieDataSentCount", 3);
    Supprimée : user_pref("CT2851639.InstallationId", "fft5A4.tmp.exe");
    Supprimée : user_pref("CT2851639.InstallationType", "XPE");
    Supprimée : user_pref("CT2851639.InstalledDate", "Sun Jun 17 2012 18:52:15 GMT+0200");
    Supprimée : user_pref("CT2851639.IsAlertDBUpdated", true);
    Supprimée : user_pref("CT2851639.IsGrouping", false);
    Supprimée : user_pref("CT2851639.IsInitSetupIni", true);
    Supprimée : user_pref("CT2851639.IsMulticommunity", false);
    Supprimée : user_pref("CT2851639.IsOpenThankYouPage", true);
    Supprimée : user_pref("CT2851639.IsOpenUninstallPage", false);
    Supprimée : user_pref("CT2851639.LanguagePackLastCheckTime", "Sat Aug 04 2012 15:49:20 GMT+0200");
    Supprimée : user_pref("CT2851639.LanguagePackReloadIntervalMM", 1440);
    Supprimée : user_pref("CT2851639.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...]
    Supprimée : user_pref("CT2851639.LastLogin_3.13.0.6", "Tue Jul 17 2012 13:45:30 GMT+0200");
    Supprimée : user_pref("CT2851639.LastLogin_3.14.1.0", "Sat Aug 04 2012 21:06:46 GMT+0200");
    Supprimée : user_pref("CT2851639.LatestVersion", "3.14.1.0");
    Supprimée : user_pref("CT2851639.Locale", "fr");
    Supprimée : user_pref("CT2851639.MCDetectTooltipHeight", "83");
    Supprimée : user_pref("CT2851639.MCDetectTooltipShow", false);
    Supprimée : user_pref("CT2851639.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
    Supprimée : user_pref("CT2851639.MCDetectTooltipWidth", "295");
    Supprimée : user_pref("CT2851639.MyStuffEnabledAtInstallation", true);
    Supprimée : user_pref("CT2851639.OriginalFirstVersion", "3.13.0.6");
    Supprimée : user_pref("CT2851639.RadioShrinked", "shrinked");
    Supprimée : user_pref("CT2851639.RadioShrinkedFromSetup", true);
    Supprimée : user_pref("CT2851639.SHRINK_TOOLBAR", 0);
    Supprimée : user_pref("CT2851639.SearchBackToDefaultEngine", false);
    Supprimée : user_pref("CT2851639.SearchBoxWidth", 100);
    Supprimée : user_pref("CT2851639.SearchCaption", "uTorrentBar_FR Customized Web Search");
    Supprimée : user_pref("CT2851639.SearchEngineBeforeUnload", "Google");
    Supprimée : user_pref("CT2851639.SearchFromAddressBarIsInit", true);
    Supprimée : user_pref("CT2851639.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT285[...]
    Supprimée : user_pref("CT2851639.SearchInNewTabEnabled", true);
    Supprimée : user_pref("CT2851639.SearchInNewTabIntervalMM", 1440);
    Supprimée : user_pref("CT2851639.SearchInNewTabLastCheckTime", "Sat Aug 04 2012 15:49:19 GMT+0200");
    Supprimée : user_pref("CT2851639.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...]
    Supprimée : user_pref("CT2851639.SearchInNewTabUserEnabled", false);
    Supprimée : user_pref("CT2851639.SearchProtectorEnabled", false);
    Supprimée : user_pref("CT2851639.SearchProtectorToolbarDisabled", false);
    Supprimée : user_pref("CT2851639.SendProtectorDataViaLogin", true);
    Supprimée : user_pref("CT2851639.ServiceMapLastCheckTime", "Sat Aug 04 2012 15:49:19 GMT+0200");
    Supprimée : user_pref("CT2851639.SettingsLastCheckTime", "Sat Aug 04 2012 19:34:59 GMT+0200");
    Supprimée : user_pref("CT2851639.SettingsLastUpdate", "1340630740");
    Supprimée : user_pref("CT2851639.TBHomePageUrl", "hxxp://search.conduit.com/?ctid=CT2851639&SearchSource=13");
    Supprimée : user_pref("CT2851639.ThirdPartyComponentsInterval", 504);
    Supprimée : user_pref("CT2851639.ThirdPartyComponentsLastCheck", "Sat Aug 04 2012 15:49:19 GMT+0200");
    Supprimée : user_pref("CT2851639.ThirdPartyComponentsLastUpdate", "1331805999");
    Supprimée : user_pref("CT2851639.ToolbarShrinkedFromSetup", true);
    Supprimée : user_pref("CT2851639.TrusteLinkUrl", "hxxp://trust.conduit.com/CT2851639");
    Supprimée : user_pref("CT2851639.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,clien[...]
    Supprimée : user_pref("CT2851639.UserID", "UN12254266501877426");
    Supprimée : user_pref("CT2851639.ValidationData_Search", 2);
    Supprimée : user_pref("CT2851639.ValidationData_Toolbar", 0);
    Supprimée : user_pref("CT2851639.WeatherNetwork", "");
    Supprimée : user_pref("CT2851639.WeatherPollDate", "Sun Jun 17 2012 19:22:40 GMT+0200");
    Supprimée : user_pref("CT2851639.WeatherUnit", "C");
    Supprimée : user_pref("CT2851639.alertChannelId", "1243674");
    Supprimée : user_pref("CT2851639.approveUntrustedApps", true);
    Supprimée : user_pref("CT2851639.autoDisableScopes", -1);
    Supprimée : user_pref("CT2851639.backendstorage.cbcountry_001", "4652");
    Supprimée : user_pref("CT2851639.backendstorage.cbfirsttime", "53756E204A756E20313720323031322031383A35323A34322[...]
    Supprimée : user_pref("CT2851639.backendstorage.scriptsource", "687474703A2F2F3132372E302E302E313A31303030302F67[...]
    Supprimée : user_pref("CT2851639.backendstorage.url_history0001", "687474703A2F2F7777772E676F6F676C652E66722F757[...]
    Supprimée : user_pref("CT2851639.componentAlertEnabled", false);
    Supprimée : user_pref("CT2851639.components.1000034", false);
    Supprimée : user_pref("CT2851639.components.1000234", false);
    Supprimée : user_pref("CT2851639.components.129351529701212556", false);
    Supprimée : user_pref("CT2851639.components.129351529703087570", false);
    Supprimée : user_pref("CT2851639.components.129351529703087571", false);
    Supprimée : user_pref("CT2851639.components.129422840102831305", false);
    Supprimée : user_pref("CT2851639.components.129544678881551249", false);
    Supprimée : user_pref("CT2851639.components.129791404828153723", false);
    Supprimée : user_pref("CT2851639.components.2548968607390276962", false);
    Supprimée : user_pref("CT2851639.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.c[...]
    Supprimée : user_pref("CT2851639.globalFirstTimeInfoLastCheckTime", "Sun Jul 29 2012 10:56:16 GMT+0200");
    Supprimée : user_pref("CT2851639.homepageProtectorEnableByLogin", true);
    Supprimée : user_pref("CT2851639.initDone", true);
    Supprimée : user_pref("CT2851639.isAppTrackingManagerOn", true);
    Supprimée : user_pref("CT2851639.isFirstRadioInstallation", false);
    Supprimée : user_pref("CT2851639.isSearchProtectorNotifyChanges", false);
    Supprimée : user_pref("CT2851639.myStuffEnabled", true);
    Supprimée : user_pref("CT2851639.myStuffPublihserMinWidth", 400);
    Supprimée : user_pref("CT2851639.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...]
    Supprimée : user_pref("CT2851639.myStuffServiceIntervalMM", 1440);
    Supprimée : user_pref("CT2851639.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...]
    Supprimée : user_pref("CT2851639.navigateToUrlOnSearch", false);
    Supprimée : user_pref("CT2851639.oldAppsList", "129351529700431300,129351529700743801,1000234,129791404828153723[...]
    Supprimée : user_pref("CT2851639.revertSettingsEnabled", true);
    Supprimée : user_pref("CT2851639.searchProtectorDialogDelayInSec", 10);
    Supprimée : user_pref("CT2851639.searchProtectorEnableByLogin", true);
    Supprimée : user_pref("CT2851639.testingCtid", "");
    Supprimée : user_pref("CT2851639.toolbarAppMetaDataLastCheckTime", "Sat Aug 04 2012 15:49:20 GMT+0200");
    Supprimée : user_pref("CT2851639.toolbarContextMenuLastCheckTime", "Sun Jun 17 2012 18:52:04 GMT+0200");
    Supprimée : user_pref("CT2851639.usageEnabled", false);
    Supprimée : user_pref("CT2851639.usagesFlag", 2);
    Supprimée : user_pref("CommunityToolbar.ETag.hxxp://Settings.toolbar.search.conduit.com/root/CT2851639/CT2851639[...]
    Supprimée : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/1243674/1239347/FR", "\"0\"[...]
    Supprimée : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2504091", [...]
    Supprimée : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2851639", [...]
    Supprimée : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&lo[...]
    Supprimée : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&loc[...]
    Supprimée : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&lo[...]
    Supprimée : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&local[...]
    Supprimée : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\[...]
    Supprimée : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.engine.conduit-services.com/DLG.pkg?ver=3.3.3[...]
    Supprimée : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.13[...]
    Supprimée : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.14[...]
    Supprimée : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.3.[...]
    Supprimée : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT2504091",[...]
    Supprimée : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT2851639",[...]
    Supprimée : user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=3/13/20[...]
    Supprimée : user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.search.conduit.com/root/CT2504091/CT2504091[...]
    Supprimée : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=en-us", "\"[...]
    Supprimée : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=fr", "\"608[...]
    Supprimée : user_pref("CommunityToolbar.EngineOwner", "CT2504091");
    Supprimée : user_pref("CommunityToolbar.EngineOwnerGuid", "{ba14329e-9550-4989-b3f2-9732e92d17cc}");
    Supprimée : user_pref("CommunityToolbar.EngineOwnerToolbarId", "vuze_remote");
    Supprimée : user_pref("CommunityToolbar.IsEngineShown", false);
    Supprimée : user_pref("CommunityToolbar.IsMyStuffImportedToEngine", true);
    Supprimée : user_pref("CommunityToolbar.LatestLibsPath", "file:///C:\\Documents and Settings\\sara\\Application [...]
    Supprimée : user_pref("CommunityToolbar.LatestToolbarVersionInstalled", "3.14.1.0");
    Supprimée : user_pref("CommunityToolbar.OriginalEngineOwner", "CT2504091");
    Supprimée : user_pref("CommunityToolbar.OriginalEngineOwnerGuid", "{ba14329e-9550-4989-b3f2-9732e92d17cc}");
    Supprimée : user_pref("CommunityToolbar.OriginalEngineOwnerToolbarId", "vuze_remote");
    Supprimée : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "chrome://browser-region/locale/region.pr[...]
    Supprimée : user_pref("CommunityToolbar.ToolbarsList", "CT2504091,ConduitEngine,CT2851639");
    Supprimée : user_pref("CommunityToolbar.ToolbarsList2", "CT2504091,CT2851639");
    Supprimée : user_pref("CommunityToolbar.ToolbarsList4", "CT2851639");
    Supprimée : user_pref("CommunityToolbar.alert.alertDialogsGetterLastCheckTime", "Sat May 14 2011 14:59:32 GMT+02[...]
    Supprimée : user_pref("CommunityToolbar.alert.clientsServerUrl", "hxxp://alert.client.conduit.com");
    Supprimée : user_pref("CommunityToolbar.alert.locale", "en");
    Supprimée : user_pref("CommunityToolbar.alert.loginIntervalMin", 1440);
    Supprimée : user_pref("CommunityToolbar.alert.loginLastCheckTime", "Sun Jun 26 2011 14:15:09 GMT+0200");
    Supprimée : user_pref("CommunityToolbar.alert.loginLastUpdateTime", "1305622559");
    Supprimée : user_pref("CommunityToolbar.alert.messageShowTimeSec", 20);
    Supprimée : user_pref("CommunityToolbar.alert.servicesServerUrl", "hxxp://alert.services.conduit.com");
    Supprimée : user_pref("CommunityToolbar.alert.showTrayIcon", false);
    Supprimée : user_pref("CommunityToolbar.alert.userCloseIntervalMin", 300);
    Supprimée : user_pref("CommunityToolbar.alert.userId", "4b25e633-0182-4dd4-ad46-384d4328de28");
    Supprimée : user_pref("CommunityToolbar.globalUserId", "28c9bdb5-6882-49ba-a8bc-15c0acfae53f");
    Supprimée : user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true);
    Supprimée : user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);
    Supprimée : user_pref("CommunityToolbar.notifications.alertDialogsGetterLastCheckTime", "Mon Jul 30 2012 00:00:2[...]
    Supprimée : user_pref("CommunityToolbar.notifications.alertInfoInterval", 1440);
    Supprimée : user_pref("CommunityToolbar.notifications.alertInfoLastCheckTime", "Sat Aug 04 2012 21:06:55 GMT+020[...]
    Supprimée : user_pref("CommunityToolbar.notifications.clientsServerUrl", "hxxp://alert.client.conduit.com");
    Supprimée : user_pref("CommunityToolbar.notifications.locale", "en");
    Supprimée : user_pref("CommunityToolbar.notifications.loginIntervalMin", 1440);
    Supprimée : user_pref("CommunityToolbar.notifications.loginLastCheckTime", "Sat Aug 04 2012 21:06:47 GMT+0200");
    Supprimée : user_pref("CommunityToolbar.notifications.loginLastUpdateTime", "1313487611");
    Supprimée : user_pref("CommunityToolbar.notifications.messageShowTimeSec", 20);
    Supprimée : user_pref("CommunityToolbar.notifications.servicesServerUrl", "hxxp://alert.services.conduit.com");
    Supprimée : user_pref("CommunityToolbar.notifications.showTrayIcon", false);
    Supprimée : user_pref("CommunityToolbar.notifications.userCloseIntervalMin", 300);
    Supprimée : user_pref("CommunityToolbar.notifications.userId", "6974d98b-5405-46d0-b943-b97aa5295163");
    Supprimée : user_pref("CommunityToolbar.originalHomepage", "hxxp://search.certified-toolbar.com?si=38268&home=tr[...]
    Supprimée : user_pref("CommunityToolbar.originalSearchEngine", "Google");
    Supprimée : user_pref("ConduitEngine.AppTrackingLastCheckTime", "Mon Jun 13 2011 16:31:01 GMT+0200");
    Supprimée : user_pref("ConduitEngine.DialogsGetterLastCheckTime", "Sun Jun 26 2011 14:15:12 GMT+0200");
    Supprimée : user_pref("ConduitEngine.FirstServerDate", "05/14/2011 15");
    Supprimée : user_pref("ConduitEngine.FirstTime", true);
    Supprimée : user_pref("ConduitEngine.FirstTimeFF3", true);
    Supprimée : user_pref("ConduitEngine.HasUserGlobalKeys", true);
    Supprimée : user_pref("ConduitEngine.HideEngineAfterRestart", true);
    Supprimée : user_pref("ConduitEngine.Initialize", true);
    Supprimée : user_pref("ConduitEngine.InitializeCommonPrefs", true);
    Supprimée : user_pref("ConduitEngine.InstalledDate", "Sat May 14 2011 14:59:28 GMT+0200");
    Supprimée : user_pref("ConduitEngine.IsMulticommunity", false);
    Supprimée : user_pref("ConduitEngine.IsOpenThankYouPage", false);
    Supprimée : user_pref("ConduitEngine.IsOpenUninstallPage", true);
    Supprimée : user_pref("ConduitEngine.LanguagePackLastCheckTime", "Sun Jun 26 2011 14:15:12 GMT+0200");
    Supprimée : user_pref("ConduitEngine.LastLogin_3.3.3.2", "Sun Jun 26 2011 17:15:13 GMT+0200");
    Supprimée : user_pref("ConduitEngine.PublisherContainerWidth", 0);
    Supprimée : user_pref("ConduitEngine.SearchFromAddressBarIsInit", true);
    Supprimée : user_pref("ConduitEngine.SettingsLastCheckTime", "Sun Jun 26 2011 17:15:15 GMT+0200");
    Supprimée : user_pref("ConduitEngine.UserID", "UN18694111529870627");
    Supprimée : user_pref("ConduitEngine.engineLocale", "fr");
    Supprimée : user_pref("ConduitEngine.enngineContextMenuLastCheckTime", "Sun Jun 26 2011 14:15:12 GMT+0200");
    Supprimée : user_pref("ConduitEngine.globalFirstTimeInfoLastCheckTime", "Mon Jun 27 2011 13:11:36 GMT+0200");
    Supprimée : user_pref("ConduitEngine.initDone", true);
    Supprimée : user_pref("ConduitEngine.isAppTrackingManagerOn", true);
    Supprimée : user_pref("browser.search.defaultengine", "Web Search");
    Supprimée : user_pref("browser.search.defaultenginename", "Web Search");
    Supprimée : user_pref("browser.search.order.1", "Web Search");
    Supprimée : user_pref("extensions.BabylonToolbar_i.aflt", "babsst");
    Supprimée : user_pref("extensions.BabylonToolbar_i.babExt", "");
    Supprimée : user_pref("extensions.BabylonToolbar_i.babTrack", "affID=108988");
    Supprimée : user_pref("extensions.BabylonToolbar_i.hardId", "3e3857490000000000000026221486d5");
    Supprimée : user_pref("extensions.BabylonToolbar_i.id", "3e3857490000000000000026221486d5");
    Supprimée : user_pref("extensions.BabylonToolbar_i.instlDay", "15397");
    Supprimée : user_pref("extensions.BabylonToolbar_i.instlRef", "sst");
    Supprimée : user_pref("extensions.BabylonToolbar_i.prdct", "BabylonToolbar");
    Supprimée : user_pref("extensions.BabylonToolbar_i.prtnrId", "babylon");
    Supprimée : user_pref("extensions.BabylonToolbar_i.smplGrp", "none");
    Supprimée : user_pref("extensions.BabylonToolbar_i.srcExt", "ss");
    Supprimée : user_pref("extensions.BabylonToolbar_i.tlbrId", "base");
    Supprimée : user_pref("extensions.BabylonToolbar_i.vrsn", "1.5.3.17");
    Supprimée : user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.5.3.1710:43:39");
    Supprimée : user_pref("extensions.BabylonToolbar_i.vrsni", "1.5.3.17");

    -\\ Google Chrome v [Impossible d'obtenir la version]

    Fichier : C:\Documents and Settings\sara\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences

    [OK] Le fichier ne contient aucune entrée illégitime.

    *************************

    AdwCleaner[S1].txt - [44754 octets] - [04/08/2012 21:07:38]

    ########## EOF - C:\AdwCleaner[S1].txt - [44883 octets] ##########
    a c 267 8 Sécurité
    a b 2 Internet
    4 Août 2012 22:03:32

    • Relance AdwCleaner et choisis "Désinstallation".

    • Désinstalle PenWes.

    • Utilise l'option "DNS RAZ" de RogueKiller et poste le rapport.

    • Poste un nouveau rapport OTL.
    4 Août 2012 22:17:34

    Voiçi le premier rapport

    RogueKiller V7.6.5 [03/08/2012] par Tigzy
    mail: tigzyRK<at>gmail<dot>com
    Remontees: http://www.sur-la-toile.com/discussion-193725-1-BRogueK...
    Blog: http://tigzyrk.blogspot.com

    Systeme d'exploitation: Windows XP (5.1.2600 Service Pack 3) 32 bits version
    Demarrage : Mode normal
    Utilisateur: sara [Droits d'admin]
    Mode: DNS RAZ -- Date: 04/08/2012 22:15:41

    ¤¤¤ Processus malicieux: 0 ¤¤¤

    ¤¤¤ Driver: [CHARGE] ¤¤¤

    ¤¤¤ Entrees de registre: 4 ¤¤¤
    [DNS] HKLM\[...]\ControlSet001\Parameters\Interfaces\{069B0BAF-D538-4EFF-A729-6B0DEE4ABE52} : NameServer (178.33.41.181,88.191.223.122) -> REPLACED ()
    [DNS] HKLM\[...]\ControlSet001\Parameters\Interfaces\{8706544E-A2EE-4AE4-A88E-A909D3FD62A2} : NameServer (178.33.41.181,88.191.223.122) -> REPLACED ()
    [DNS] HKLM\[...]\ControlSet002\Parameters\Interfaces\{069B0BAF-D538-4EFF-A729-6B0DEE4ABE52} : NameServer (178.33.41.181,88.191.223.122) -> REPLACED ()
    [DNS] HKLM\[...]\ControlSet002\Parameters\Interfaces\{8706544E-A2EE-4AE4-A88E-A909D3FD62A2} : NameServer (178.33.41.181,88.191.223.122) -> REPLACED ()

    Termine : << RKreport[4].txt >>
    RKreport[1].txt ; RKreport[2].txt ; RKreport[3].txt ; RKreport[4].txt



    4 Août 2012 22:27:35

    OTL logfile created on: 04/08/2012 22:18:00 - Run 1
    OTL by OldTimer - Version 3.2.55.0 Folder = C:\Documents and Settings\sara\Bureau
    Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
    Internet Explorer (Version = 8.0.6001.18702)
    Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

    1013,88 Mb Total Physical Memory | 366,91 Mb Available Physical Memory | 36,19% Memory free
    2,38 Gb Paging File | 1,88 Gb Available in Paging File | 78,80% Paging File free
    Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
    Drive C: | 139,04 Gb Total Space | 106,71 Gb Free Space | 76,74% Space Free | Partition Type: NTFS

    Computer Name: ER-RAFAY | User Name: sara | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: All users
    Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

    ========== Processes (SafeList) ==========

    PRC - [2012/08/02 00:36:54 | 000,597,504 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\sara\Bureau\OTL.exe
    PRC - [2012/07/29 23:59:36 | 000,913,888 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
    PRC - [2012/01/18 15:02:04 | 000,254,696 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe
    PRC - [2011/10/12 01:33:24 | 000,462,576 | ---- | M] () -- C:\Program Files\Intel\IntelAppStore\bin\AppUp.exe
    PRC - [2011/10/12 00:58:31 | 000,622,344 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\IntelAppStore\bin\ismagent.exe
    PRC - [2011/09/22 02:35:57 | 000,117,648 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton Internet Security\Engine\16.8.3.6\ccSvcHst.exe
    PRC - [2011/05/01 14:48:22 | 000,273,544 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Real\RealPlayer\Update\realsched.exe
    PRC - [2010/05/21 01:58:48 | 011,312,128 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\program\soffice.bin
    PRC - [2010/05/21 01:58:46 | 011,318,784 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\program\soffice.exe
    PRC - [2009/03/18 10:46:30 | 001,160,736 | ---- | M] (Acer Incorporated) -- C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe
    PRC - [2009/03/16 16:46:56 | 000,036,864 | ---- | M] () -- C:\WINDOWS\WebCam\M3000\M3000Mnt.exe
    PRC - [2009/01/17 09:50:56 | 000,862,728 | ---- | M] (Dritek System Inc.) -- C:\Program Files\Launch Manager\LManager.exe
    PRC - [2008/04/15 18:54:42 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
    PRC - [2008/04/15 18:54:40 | 000,178,712 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
    PRC - [2008/04/14 14:00:00 | 001,037,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe


    ========== Modules (No Company Name) ==========

    MOD - [2012/07/29 23:59:35 | 002,003,424 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
    MOD - [2012/07/28 17:03:10 | 009,465,032 | ---- | M] () -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_3_300_268.dll
    MOD - [2011/10/12 01:33:29 | 000,832,752 | ---- | M] () -- C:\Program Files\Intel\IntelAppStore\bin\plugin\libpserverplugin.dll
    MOD - [2011/10/12 01:33:28 | 005,594,864 | ---- | M] () -- C:\Program Files\Intel\IntelAppStore\bin\plugin\libbizlplugin.dll
    MOD - [2011/10/12 01:33:24 | 000,462,576 | ---- | M] () -- C:\Program Files\Intel\IntelAppStore\bin\AppUp.exe
    MOD - [2011/10/12 00:58:28 | 000,195,584 | ---- | M] () -- C:\Program Files\Intel\IntelAppStore\bin\libgsoap.dll
    MOD - [2011/10/12 00:58:28 | 000,071,168 | ---- | M] () -- C:\Program Files\Intel\IntelAppStore\bin\ServiceManagerStarter.dll
    MOD - [2011/10/12 00:58:27 | 000,444,416 | ---- | M] () -- C:\Program Files\Intel\IntelAppStore\bin\DeviceProfile.dll
    MOD - [2011/10/12 00:58:24 | 000,400,384 | ---- | M] () -- C:\Program Files\Intel\IntelAppStore\bin\sqlite3.dll
    MOD - [2011/10/12 00:58:24 | 000,015,872 | ---- | M] () -- C:\Program Files\Intel\IntelAppStore\bin\featureController.dll
    MOD - [2011/10/12 00:58:23 | 000,322,048 | ---- | M] () -- C:\Program Files\Intel\IntelAppStore\bin\log4cplus.dll
    MOD - [2011/10/12 00:58:21 | 000,062,464 | ---- | M] () -- C:\Program Files\Intel\IntelAppStore\bin\zlib1.dll
    MOD - [2010/11/02 00:54:16 | 008,167,936 | ---- | M] () -- C:\Program Files\Intel\IntelAppStore\bin\QtGui4.dll
    MOD - [2010/11/02 00:54:16 | 002,281,984 | ---- | M] () -- C:\Program Files\Intel\IntelAppStore\bin\QtCore4.dll
    MOD - [2010/09/10 16:28:48 | 000,028,672 | ---- | M] () -- C:\Program Files\Intel\IntelAppStore\bin\imageformats\qico4.dll
    MOD - [2010/09/10 16:27:52 | 000,196,608 | ---- | M] () -- C:\Program Files\Intel\IntelAppStore\bin\imageformats\qjpeg4.dll
    MOD - [2010/09/10 16:20:24 | 010,836,992 | ---- | M] () -- C:\Program Files\Intel\IntelAppStore\bin\QtWebKit4.dll
    MOD - [2010/09/10 14:07:10 | 001,283,584 | ---- | M] () -- C:\Program Files\Intel\IntelAppStore\bin\QtScript4.dll
    MOD - [2010/09/10 13:41:54 | 000,266,752 | ---- | M] () -- C:\Program Files\Intel\IntelAppStore\bin\phonon4.dll
    MOD - [2010/09/10 13:11:38 | 000,911,872 | ---- | M] () -- C:\Program Files\Intel\IntelAppStore\bin\QtNetwork4.dll
    MOD - [2010/09/10 13:10:02 | 000,339,456 | ---- | M] () -- C:\Program Files\Intel\IntelAppStore\bin\QtXml4.dll
    MOD - [2010/05/04 16:36:28 | 000,970,752 | ---- | M] () -- C:\Program Files\OpenOffice.org 3\program\libxml2.dll
    MOD - [2009/11/05 09:39:40 | 000,087,552 | ---- | M] () -- C:\WINDOWS\system32\cpwmon2k.dll
    MOD - [2009/03/16 16:46:56 | 000,036,864 | ---- | M] () -- C:\WINDOWS\WebCam\M3000\M3000Mnt.exe
    MOD - [2008/04/14 14:00:00 | 000,355,112 | ---- | M] () -- C:\WINDOWS\system32\msjetoledb40.dll
    MOD - [2003/06/07 07:30:08 | 000,057,344 | ---- | M] () -- C:\Program Files\Launch Manager\PowerUtl.dll


    ========== Win32 Services (SafeList) ==========

    SRV - File not found [On_Demand | Stopped] -- %SystemRoot%\System32\appmgmts.dll -- (AppMgmt)
    SRV - [2012/08/04 22:02:41 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
    SRV - [2012/07/29 23:59:35 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
    SRV - [2011/09/22 02:35:57 | 000,117,648 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Norton Internet Security\Engine\16.8.3.6\ccSvcHst.exe -- (Norton Internet Security)
    SRV - [2009/04/04 10:37:41 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
    SRV - [2008/04/15 18:54:42 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON)
    SRV - [2003/07/28 21:28:22 | 000,089,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE -- (ose)


    ========== Driver Services (SafeList) ==========

    DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
    DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\Rts5161ccid.sys -- (USBCCID)
    DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\NIS\1000000.07D\SYMREDRV.SYS -- (SYMREDRV)
    DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\Drivers\NIS\1008000.029\SYMNDIS.SYS -- (SYMNDIS)
    DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\Drivers\NIS\1008000.029\SYMIDS.SYS -- (SYMIDS)
    DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\Drivers\NIS\1008000.029\SYMFW.SYS -- (SYMFW)
    DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\NIS\1000000.07D\SYMDNS.SYS -- (SYMDNS)
    DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\Rts516xIR.sys -- (Rts516xIR)
    DRV - File not found [Kernel | Boot | Stopped] -- System32\Drivers\PxHelp20.sys -- (PxHelp20)
    DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
    DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
    DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
    DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
    DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
    DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
    DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ewusbdev.sys -- (hwusbdev)
    DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ewusbmdm.sys -- (hwdatacard)
    DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ewusbnet.sys -- (ewusbnet)
    DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
    DRV - File not found [Kernel | On_Demand | Stopped] -- C:\ComboFix\catchme.sys -- (catchme)
    DRV - [2011/10/11 19:36:58 | 000,467,592 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\NIS\1008030.006\cchpx86.sys -- (ccHP)
    DRV - [2011/09/22 02:35:58 | 000,217,464 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\NIS\1008030.006\symtdi.sys -- (SYMTDI)
    DRV - [2010/09/28 10:00:00 | 001,371,184 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20100928.056\NAVEX15.SYS -- (NAVEX15)
    DRV - [2010/09/28 10:00:00 | 000,086,064 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20100928.056\NAVENG.SYS -- (NAVENG)
    DRV - [2010/07/03 23:35:56 | 000,124,976 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SYMEVENT.SYS -- (SymEvent)
    DRV - [2010/07/02 10:00:00 | 000,371,248 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Fichiers communs\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
    DRV - [2010/06/04 23:49:16 | 000,331,640 | ---- | M] (Symantec Corporation) [Kernel | System | Stopped] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20100928.001\IDSXpx86.sys -- (IDSxpx86)
    DRV - [2010/01/20 23:03:39 | 000,310,320 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\NIS\1008030.006\SymEFA.sys -- (SymEFA)
    DRV - [2010/01/20 23:03:39 | 000,308,272 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\NIS\1008030.006\srtsp.sys -- (SRTSP)
    DRV - [2010/01/20 23:03:39 | 000,259,632 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\NIS\1008030.006\BHDrvx86.sys -- (BHDrvx86)
    DRV - [2010/01/20 23:03:39 | 000,043,696 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\NIS\1008030.006\srtspx.sys -- (SRTSPX)
    DRV - [2010/01/20 23:03:28 | 000,036,400 | R--- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SymIM.sys -- (SymIMMP)
    DRV - [2010/01/20 23:03:28 | 000,036,400 | R--- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SymIM.sys -- (SymIM)
    DRV - [2009/06/22 06:59:26 | 001,574,112 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\athw.sys -- (AR5416)
    DRV - [2009/03/24 04:15:14 | 000,145,152 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\M3000KNT.sys -- (M3000Srv)
    DRV - [2009/03/02 07:03:48 | 000,038,912 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\l1c51x86.sys -- (L1c)
    DRV - [2009/02/24 10:49:44 | 005,032,448 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService)
    DRV - [2009/02/03 08:42:30 | 000,162,816 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RtsUStor.sys -- (RSUSBSTOR)
    DRV - [2008/08/05 14:10:12 | 001,684,736 | ---- | M] (Creative) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Ambfilt.sys -- (Ambfilt)
    DRV - [2006/11/02 15:27:34 | 000,020,112 | ---- | M] (Dritek System Inc.) [Kernel | System | Running] -- C:\Program Files\Launch Manager\DPortIO.sys -- (DritekPortIO)
    DRV - [2006/01/04 09:41:48 | 001,389,056 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Monfilt.sys -- (Monfilt)


    ========== Standard Registry (SafeList) ==========


    ========== Internet Explorer ==========

    IE - HKLM\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
    IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}


    IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

    IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



    IE - HKU\S-1-5-21-2188283067-1453689397-2529006832-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.certified-toolbar.com?si=38268&tid=77&bs=...
    IE - HKU\S-1-5-21-2188283067-1453689397-2529006832-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Start Default_Page_URL = http://search.certified-toolbar.com?si=38268&home=true&...
    IE - HKU\S-1-5-21-2188283067-1453689397-2529006832-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
    IE - HKU\S-1-5-21-2188283067-1453689397-2529006832-1006\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://search.certified-toolbar.com?si=38268&tid=77&bs=...
    IE - HKU\S-1-5-21-2188283067-1453689397-2529006832-1006\SOFTWARE\Microsoft\Internet Explorer\Search,Search Bar = http://search.certified-toolbar.com?si=38268&tid=77&bs=...
    IE - HKU\S-1-5-21-2188283067-1453689397-2529006832-1006\SOFTWARE\Microsoft\Internet Explorer\Search,Search Page = http://search.certified-toolbar.com?si=38268&tid=77&bs=...
    IE - HKU\S-1-5-21-2188283067-1453689397-2529006832-1006\SOFTWARE\Microsoft\Internet Explorer\Search,Start Default_Page_URL = http://search.certified-toolbar.com?si=38268&home=true&...
    IE - HKU\S-1-5-21-2188283067-1453689397-2529006832-1006\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = http://search.certified-toolbar.com?si=38268&home=true&...
    IE - HKU\S-1-5-21-2188283067-1453689397-2529006832-1006\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
    IE - HKU\S-1-5-21-2188283067-1453689397-2529006832-1006\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src=IE-SearchBox&Form=IE8SRC
    IE - HKU\S-1-5-21-2188283067-1453689397-2529006832-1006\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

    ========== FireFox ==========

    FF - prefs.js..browser.search.selectedEngine: "Google"
    FF - prefs.js..browser.search.useDBForOrder: false
    FF - prefs.js..browser.startup.homepage: "www.google.fr"
    FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
    FF - prefs.js..extensions.enabledItems: personas@christopher.beard:1.6.1
    FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
    FF - prefs.js..extensions.enabledItems: {ba14329e-9550-4989-b3f2-9732e92d17cc}:2.7.2.0
    FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:14.0.3
    FF - prefs.js..extensions.enabledItems: {00352F14-3F76-4e4d-ACFF-9972D7E4B3B9}:0.7.2
    FF - prefs.js..keyword.URL: "chrome://browser-region/locale/region.properties"
    FF - prefs.js..network.proxy.http: "127.0.0.1"
    FF - prefs.js..network.proxy.http_port: 53717
    FF - prefs.js..network.proxy.type: 4
    FF - user.js - File not found

    FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_3_300_270.dll ()
    FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
    FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=12.0.1.647: c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
    FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=12.0.1.647: c:\program files\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
    FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=12.0.1.647: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
    FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=12.0.1.647: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
    FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=12.0.1.647: c:\program files\real\realplayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
    FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
    FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
    FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
    FF - HKCU\Software\MozillaPlugins\intel.com/AppUp: C:\Program Files\Intel\IntelAppStore\bin\npAppUp.dll (Intel)

    FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{7BA52691-1876-45ce-9EE6-54BCB3B04BBC}: C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\coFFPlgn\ [2011/10/12 16:01:14 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2011/05/01 14:48:58 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/07/29 23:59:37 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/05/11 17:52:28 | 000,000,000 | ---D | M]

    [2012/05/21 18:51:36 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\sara\Application Data\Mozilla\Extensions
    [2010/11/14 16:01:17 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\sara\Application Data\Mozilla\Extensions\mozswing@mozswing.org
    [2012/08/04 21:10:22 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\sara\Application Data\Mozilla\Firefox\Profiles\kj7hduq8.default\extensions
    [2011/02/13 21:47:14 | 000,000,000 | ---D | M] (MacOSX Theme) -- C:\Documents and Settings\sara\Application Data\Mozilla\Firefox\Profiles\kj7hduq8.default\extensions\{00352F14-3F76-4e4d-ACFF-9972D7E4B3B9}
    [2012/05/21 17:20:31 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Documents and Settings\sara\Application Data\Mozilla\Firefox\Profiles\kj7hduq8.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
    [2012/05/24 21:29:04 | 000,000,000 | ---D | M] (Webplayer Toolbar) -- C:\Documents and Settings\sara\Application Data\Mozilla\Firefox\Profiles\kj7hduq8.default\extensions\{c850fe9c-684f-4875-9eb2-604eb1996d5c}
    [2012/05/24 21:28:43 | 000,003,265 | ---- | M] () -- C:\Documents and Settings\sara\Application Data\Mozilla\Firefox\Profiles\kj7hduq8.default\searchplugins\Web Search.xml
    [2012/08/04 21:10:21 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
    [2011/12/17 16:46:07 | 000,000,000 | ---D | M] (z) -- C:\Program Files\Mozilla Firefox\extensions\{536f1f09-d6a0-b296-80fa-65634b30bff1}
    [2011/12/17 13:19:14 | 000,000,000 | ---D | M] (z) -- C:\Program Files\Mozilla Firefox\extensions\{a52ffd49-7cf1-78b7-88f8-6f1764f4f422}
    [2011/05/13 18:50:38 | 000,330,316 | ---- | M] () (No name found) -- C:\DOCUMENTS AND SETTINGS\SARA\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\KJ7HDUQ8.DEFAULT\EXTENSIONS\PERSONAS@CHRISTOPHER.BEARD.XPI
    [2012/07/29 23:59:36 | 000,136,672 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
    [2012/02/20 14:22:51 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
    [2012/07/29 23:59:30 | 000,001,516 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazon-france.xml
    [2012/07/29 23:59:30 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
    [2012/07/29 23:59:30 | 000,001,822 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\cnrtl-tlfi-fr.xml
    [2012/07/29 23:59:30 | 000,001,154 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-france.xml
    [2012/05/24 21:28:43 | 000,003,265 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\Web Search.xml
    [2012/07/29 23:59:30 | 000,001,426 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-fr.xml
    [2012/07/29 23:59:30 | 000,000,956 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-france.xml

    ========== Chrome ==========

    CHR - homepage: http://search.certified-toolbar.com?si=38268&home=true&...
    CHR - Extension: RealPlayer HTML5Video Downloader Extension = C:\Documents and Settings\sara\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.4_0\

    O1 HOSTS File: ([2012/08/04 20:30:57 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
    O1 - Hosts: 127.0.0.1 localhost
    O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
    O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
    O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Internet Security\Engine\16.8.3.6\CoIEPlg.dll (Symantec Corporation)
    O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Internet Security\Engine\16.8.3.6\IPSBHO.dll (Symantec Corporation)
    O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
    O2 - BHO: (Programme d'aide de l'Assistant de connexion Windows Live) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
    O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\16.8.3.6\CoIEPlg.dll (Symantec Corporation)
    O3 - HKU\S-1-5-21-2188283067-1453689397-2529006832-1006\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
    O3 - HKU\S-1-5-21-2188283067-1453689397-2529006832-1006\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\16.8.3.6\CoIEPlg.dll (Symantec Corporation)
    O4 - HKLM..\Run: [AzMixerSel] C:\Program Files\Realtek\Audio\Drivers\AzMixerSel.exe (Realtek Semiconductor Corp.)
    O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
    O4 - HKLM..\Run: [IMJPMIG8.1] C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE (Microsoft Corporation)
    O4 - HKLM..\Run: [Intel AppUp(SM) center] C:\Program Files\Intel\IntelAppStore\bin\ismagent.lnk ()
    O4 - HKLM..\Run: [Intel AppUp(SM) center_Nagware] C:\Program Files\Intel\IntelAppStore\bin\AppUp.lnk ()
    O4 - HKLM..\Run: [LManager] C:\Program Files\Launch Manager\LManager.exe (Dritek System Inc.)
    O4 - HKLM..\Run: [M3000Mnt] Rundll32.exe M3000Rmv.dll ,WinMainRmv /StartStillMnt File not found
    O4 - HKLM..\Run: [MSPY2002] C:\WINDOWS\System32\IME\PINTLGNT\ImScInst.exe ()
    O4 - HKLM..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)
    O4 - HKLM..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)
    O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
    O4 - HKLM..\Run: [TkBellExe] C:\program files\real\realplayer\update\realsched.exe (RealNetworks, Inc.)
    O4 - HKU\S-1-5-21-2188283067-1453689397-2529006832-1006..\Run: [ccleaner] C:\Program Files\CCleaner\CCleaner.exe (Piriform Ltd)
    O4 - HKU\S-1-5-21-2188283067-1453689397-2529006832-1006..\Run: [SmpcSys] C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe (Acer Incorporated)
    O4 - Startup: C:\Documents and Settings\sara\Menu Démarrer\Programmes\Démarrage\OpenOffice.org 3.2.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
    O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
    O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
    O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
    O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
    O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
    O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
    O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktop = 0
    O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
    O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktop = 0
    O7 - HKU\S-1-5-21-2188283067-1453689397-2529006832-1006\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O7 - HKU\S-1-5-21-2188283067-1453689397-2529006832-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
    O7 - HKU\S-1-5-21-2188283067-1453689397-2529006832-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
    O7 - HKU\S-1-5-21-2188283067-1453689397-2529006832-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 File not found
    O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Documents and Settings\sara\Application Data\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
    O15 - HKU\S-1-5-21-2188283067-1453689397-2529006832-1006\..Trusted Domains: memberservice.net ([]* in Sites de confiance)
    O15 - HKU\S-1-5-21-2188283067-1453689397-2529006832-1006\..Trusted Domains: passport.com ([login] * in Sites de confiance)
    O15 - HKU\S-1-5-21-2188283067-1453689397-2529006832-1006\..Trusted Domains: passport.com ([loginnet] * in Sites de confiance)
    O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} http://appldnld.apple.com.edgesuite.net/content.info.ap... (QuickTime Plugin Control)
    O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} http://messenger.zone.msn.com/binary/msgrchkr.cab56986.... (Checkers Class)
    O16 - DPF: {33564D57-0000-0010-8000-00AA00389B71} http://download.microsoft.com/download/F/6/E/F6E491A6-7... (Reg Error: Key error.)
    O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-wind... (Java Plug-in 1.6.0_31)
    O16 - DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} http://trial.trymicrosoftoffice.com/trialoaa/buymsoffic... (WRC Class)
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zone.msn.com/binary/MessengerStatsPACl... (MessengerStatsClient Class)
    O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-wind... (Java Plug-in 1.6.0_31)
    O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-wind... (Java Plug-in 1.6.0_31)
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{069B0BAF-D538-4EFF-A729-6B0DEE4ABE52}: NameServer = 192.168.1.1
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8706544E-A2EE-4AE4-A88E-A909D3FD62A2}: DhcpNameServer = 192.168.1.1
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8706544E-A2EE-4AE4-A88E-A909D3FD62A2}: NameServer = 192.168.1.1
    O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
    O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
    O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
    O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - c:\Program Files\Fichiers communs\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
    O18 - Protocol\Handler\symres {AA1061FE-6C41-421f-9344-69640C9732AB} - C:\Program Files\Norton Internet Security\Engine\16.8.3.6\CoIEPlg.dll (Symantec Corporation)
    O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
    O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
    O24 - Desktop Components:0 (Ma page d'accueil) - About:Home
    O24 - Desktop WallPaper: C:\Documents and Settings\sara\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
    O24 - Desktop BackupWallPaper: C:\Documents and Settings\sara\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
    O32 - HKLM CDRom: AutoRun - 1
    O32 - AutoRun File - [2009/04/04 08:57:44 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
    O34 - HKLM BootExecute: (autocheck autochk *)
    O35 - HKLM\..comfile [open] -- "%1" %*
    O35 - HKLM\..exefile [open] -- "%1" %*
    O37 - HKLM\...com [@ = ComFile] -- "%1" %*
    O37 - HKLM\...exe [@ = exefile] -- "%1" %*
    O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
    O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

    ========== Files/Folders - Created Within 30 Days ==========

    [2012/08/04 21:10:08 | 000,000,000 | -HSD | C] -- C:\RECYCLER
    [2012/08/04 21:10:06 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\sara\Recent
    [2012/08/04 20:18:22 | 000,000,000 | ---D | C] -- C:\WINDOWS\temp
    [2012/08/04 20:01:32 | 000,000,000 | RHSD | C] -- C:\cmdcons
    [2012/08/04 19:54:16 | 000,518,144 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
    [2012/08/04 19:54:16 | 000,406,528 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
    [2012/08/04 19:54:16 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
    [2012/08/04 19:54:16 | 000,060,416 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
    [2012/08/04 19:53:07 | 004,729,092 | R--- | C] (Swearware) -- C:\Documents and Settings\sara\Bureau\ComboFix.exe
    [2012/08/04 15:48:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\sara\Bureau\RK_Quarantine
    [2012/08/03 22:33:01 | 000,000,000 | ---D | C] -- C:\Qoobox
    [2012/08/03 22:31:59 | 000,000,000 | R--D | C] -- C:\Documents and Settings\sara\Menu Démarrer\Programmes\Outils d'administration
    [2012/08/03 22:31:21 | 000,000,000 | ---D | C] -- C:\WINDOWS\erdnt
    [2012/08/02 13:50:47 | 000,000,000 | ---D | C] -- C:\_OTL
    [2012/08/02 13:49:20 | 000,597,504 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\sara\Bureau\OTL.exe
    [2012/08/01 23:49:37 | 000,056,320 | -H-- | C] (FRISK Software International) -- C:\WINDOWS\System32\dplaolsv.dll
    [2012/07/16 14:12:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Macromedia
    [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

    ========== Files - Modified Within 30 Days ==========

    [2012/08/04 22:02:42 | 000,001,002 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
    [2012/08/04 22:02:40 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
    [2012/08/04 22:02:40 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
    [2012/08/04 21:46:01 | 000,001,056 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
    [2012/08/04 21:09:51 | 000,001,052 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
    [2012/08/04 21:09:45 | 000,000,276 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-2188283067-1453689397-2529006832-1006.job
    [2012/08/04 21:09:23 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
    [2012/08/04 21:09:21 | 1063,198,720 | -HS- | M] () -- C:\hiberfil.sys
    [2012/08/04 20:32:45 | 000,654,058 | ---- | M] () -- C:\WINDOWS\System32\perfh00C.dat
    [2012/08/04 20:32:45 | 000,531,230 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
    [2012/08/04 20:32:45 | 000,139,862 | ---- | M] () -- C:\WINDOWS\System32\perfc00C.dat
    [2012/08/04 20:32:45 | 000,116,144 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
    [2012/08/04 20:30:57 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
    [2012/08/04 20:01:36 | 000,000,332 | RHS- | M] () -- C:\boot.ini
    [2012/08/04 15:38:54 | 001,552,896 | ---- | M] () -- C:\Documents and Settings\sara\Bureau\RogueKiller-7.6.5.exe
    [2012/08/03 22:29:07 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
    [2012/08/03 22:28:30 | 004,729,092 | R--- | M] (Swearware) -- C:\Documents and Settings\sara\Bureau\ComboFix.exe
    [2012/08/02 00:36:54 | 000,597,504 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\sara\Bureau\OTL.exe
    [2012/08/01 23:49:37 | 000,056,320 | -H-- | M] (FRISK Software International) -- C:\WINDOWS\System32\dplaolsv.dll
    [2012/07/28 16:28:04 | 000,009,057 | ---- | M] () -- C:\Documents and Settings\sara\Mes documents\Sans nom 1.odt
    [2012/07/10 18:56:04 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-2188283067-1453689397-2529006832-1006.job
    [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

    ========== Files Created - No Company Name ==========

    [2012/08/04 20:26:36 | 1063,198,720 | -HS- | C] () -- C:\hiberfil.sys
    [2012/08/04 20:01:36 | 000,000,216 | ---- | C] () -- C:\Boot.bak
    [2012/08/04 20:01:32 | 000,263,488 | RHS- | C] () -- C:\cmldr
    [2012/08/04 19:54:16 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
    [2012/08/04 19:54:16 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
    [2012/08/04 19:54:16 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
    [2012/08/04 19:54:16 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
    [2012/08/04 19:54:16 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
    [2012/08/04 15:48:25 | 001,552,896 | ---- | C] () -- C:\Documents and Settings\sara\Bureau\RogueKiller-7.6.5.exe
    [2012/07/11 17:43:50 | 000,001,500 | ---- | C] () -- C:\Documents and Settings\sara\Bureau\Calculatrice.lnk
    [2012/07/11 17:43:45 | 000,001,504 | ---- | C] () -- C:\Documents and Settings\sara\Bureau\Spider Solitaire.lnk
    [2012/07/02 19:03:17 | 000,000,000 | RHS- | C] () -- C:\WINDOWS\System32\setting.ini
    [2012/07/02 19:03:15 | 000,617,343 | RHS- | C] () -- C:\WINDOWS\System32\regsvr.exe
    [2012/07/02 19:03:15 | 000,617,343 | ---- | C] () -- C:\WINDOWS\regsvr.exe
    [2012/05/24 21:28:53 | 000,009,216 | ---- | C] () -- C:\WINDOWS\Launcher.exe
    [2012/05/16 23:03:49 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
    [2012/02/17 15:28:19 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
    [2012/02/05 14:18:07 | 000,027,648 | ---- | C] () -- C:\WINDOWS\System32\AVSredirect.dll
    [2012/01/08 11:35:40 | 000,000,096 | RHS- | C] () -- C:\WINDOWS\System32\setup.ini
    [2012/01/01 13:22:28 | 000,087,552 | ---- | C] () -- C:\WINDOWS\System32\cpwmon2k.dll
    [2011/12/17 13:19:15 | 000,075,554 | ---- | C] () -- C:\WINDOWS\System32\2cf695f.exe
    [2011/12/17 12:44:02 | 000,102,400 | ---- | C] () -- C:\WINDOWS\RegBootClean.exe
    [2011/12/17 12:44:02 | 000,022,032 | ---- | C] () -- C:\WINDOWS\DCEBoot.exe
    [2011/12/17 12:43:08 | 000,263,230 | ---- | C] () -- C:\Documents and Settings\sara\Local Settings\Application Data\census.cache
    [2011/12/17 12:42:43 | 000,191,743 | ---- | C] () -- C:\Documents and Settings\sara\Local Settings\Application Data\ars.cache
    [2011/12/17 12:13:31 | 000,000,036 | ---- | C] () -- C:\Documents and Settings\sara\Local Settings\Application Data\housecall.guid.cache
    [2011/06/16 22:13:20 | 000,000,148 | ---- | C] () -- C:\Documents and Settings\sara\Video.lnk
    [2011/06/16 22:13:20 | 000,000,148 | ---- | C] () -- C:\Documents and Settings\sara\Pictures.lnk
    [2011/06/16 22:13:20 | 000,000,148 | ---- | C] () -- C:\Documents and Settings\sara\Passwords.lnk
    [2011/06/16 22:13:20 | 000,000,148 | ---- | C] () -- C:\Documents and Settings\sara\New Folder.lnk
    [2011/06/16 22:13:20 | 000,000,148 | ---- | C] () -- C:\Documents and Settings\sara\Music.lnk
    [2011/06/16 22:13:20 | 000,000,148 | ---- | C] () -- C:\Documents and Settings\sara\Documents.lnk
    [2011/06/16 22:13:20 | 000,000,144 | RHS- | C] () -- C:\Documents and Settings\sara\autorun.inf
    [2011/02/16 13:21:52 | 000,000,674 | ---- | C] () -- C:\WINDOWS\hegames.ini
    [2011/02/10 23:28:19 | 000,000,016 | ---- | C] () -- C:\WINDOWS\System32\crt.dat
    [2011/02/10 23:28:18 | 000,298,661 | ---- | C] () -- C:\WINDOWS\System32\shimg.dll
    [2011/01/12 23:36:29 | 000,000,127 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI
    [2011/01/11 22:15:42 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
    [2010/12/21 17:11:45 | 000,000,008 | ---- | C] () -- C:\Documents and Settings\sara\Application Data\DofusAppId0_3
    [2010/12/21 15:32:22 | 000,000,008 | ---- | C] () -- C:\Documents and Settings\sara\Application Data\DofusAppId0_1
    [2010/12/21 03:02:11 | 000,000,197 | ---- | C] () -- C:\Documents and Settings\sara\Application Data\D2Info0
    [2010/12/21 03:02:11 | 000,000,008 | ---- | C] () -- C:\Documents and Settings\sara\Application Data\DofusAppId0_2
    [2010/07/16 19:23:29 | 000,050,688 | ---- | C] () -- C:\Documents and Settings\sara\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    [2010/07/03 16:02:53 | 000,003,646 | ---- | C] () -- C:\Documents and Settings\sara\Application Data\wklnhst.dat
    [2010/07/01 08:49:33 | 000,000,135 | ---- | C] () -- C:\Documents and Settings\sara\Local Settings\Application Data\fusioncache.dat

    < End of report >
    a c 267 8 Sécurité
    a b 2 Internet
    5 Août 2012 01:25:42

    Le PC fonctionne bien ?

    Je voudrais également le rapport Extras.
    5 Août 2012 02:40:16

    Tout fonctionne très bien, merci beaucoup pour votre aide ! :) 

    Voilà le rapport Extra :

    OTL Extras logfile created on: 04/08/2012 22:18:00 - Run 1
    OTL by OldTimer - Version 3.2.55.0 Folder = C:\Documents and Settings\sara\Bureau
    Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
    Internet Explorer (Version = 8.0.6001.18702)
    Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

    1013,88 Mb Total Physical Memory | 366,91 Mb Available Physical Memory | 36,19% Memory free
    2,38 Gb Paging File | 1,88 Gb Available in Paging File | 78,80% Paging File free
    Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
    Drive C: | 139,04 Gb Total Space | 106,71 Gb Free Space | 76,74% Space Free | Partition Type: NTFS

    Computer Name: | User Name: sara | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: All users
    Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

    ========== Extra Registry (SafeList) ==========


    ========== File Associations ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
    .cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
    .html [@ = ChromeHTML] -- Reg Error: Key error. File not found
    .url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l

    [HKEY_USERS\S-1-5-21-2188283067-1453689397-2529006832-1006\SOFTWARE\Classes\<extension>]
    .html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

    ========== Shell Spawning ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
    batfile [open] -- "%1" %*
    cmdfile [open] -- "%1" %*
    comfile [open] -- "%1" %*
    cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
    exefile [open] -- "%1" %*
    https [open] -- Reg Error: Key error.
    InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
    piffile [open] -- "%1" %*
    regfile [merge] -- Reg Error: Key error.
    scrfile [config] -- "%1"
    scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
    scrfile [open] -- "%1" /S
    txtfile [edit] -- Reg Error: Key error.
    Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
    Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Folder [open] -- C:\WINDOWS\explorer.exe (Microsoft Corporation)
    Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
    Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

    ========== Security Center Settings ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
    "FirstRunDisabled" = 1
    "AntiVirusDisableNotify" = 0
    "FirewallDisableNotify" = 0
    "UpdatesDisableNotify" = 0
    "AntiVirusOverride" = 1
    "FirewallOverride" = 0

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

    ========== System Restore Settings ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
    "DisableSR" = 0

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
    "Start" = 0

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
    "Start" = 2

    ========== Firewall Settings ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

    ========== Authorized Applications List ==========

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


    ========== HKEY_LOCAL_MACHINE Uninstall List ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "{0214A441-A4AB-43A8-8DEF-2F73C5364673}" = Microsoft Works
    "{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
    "{0F5B4A82-9DAF-3D13-8CB8-AEB25E4A614E}" = Microsoft .NET Framework 4 Client Profile FRA Language Pack
    "{133742BA-6F46-4D3E-85AF-78631D9AD8B8}" = Installation Windows Live
    "{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
    "{1EE04769-91C4-4A06-92B7-FCAFE6BABDD9}" = Galerie de photos Windows Live
    "{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Outil de téléchargement Windows Live
    "{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
    "{266517E6-D866-439D-919C-B8B1A52E6080}" = OpenOffice.org 3.2
    "{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java(TM) 6 Update 31
    "{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
    "{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver
    "{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
    "{350C940c-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
    "{35DF5855-7594-43C3-9119-0975FDFF6551}" = Fruit Ninja Lite 1.6.1
    "{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
    "{445B183D-F4F1-45C8-B9DB-F11355CA657B}" = Windows Live Messenger
    "{4634B21A-CC07-4396-890C-2B8168661FEA}" = Windows Live Writer
    "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
    "{4C8A61BD-C3B3-4BBA-8D67-03A2B1D6E016}_is1" = Classic Menu 4.x for Word 2010
    "{56A648C2-D185-46A9-BBFF-78AE7A503000}" = Webcam
    "{5DD76286-9BE7-4894-A990-E905E91AC818}" = Windows Live Mail
    "{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
    "{65163326-FA1A-4385-8668-83AFEEAE96AF}" = FreeUndelete 2.0.35248.1
    "{709817E4-5439-4206-8738-796B34B623BD}" = MetaBoli
    "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
    "{718BE06E-92C1-410F-ACAA-896FDE351850}" = MAGIX Speed burnR (MSI)
    "{76810709-A7D3-468D-9167-A1780C1E766C}" = Windows Live FolderShare
    "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
    "{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
    "{7F811A54-5A09-4579-90E1-C93498E230D9}" = Packard Bell Recovery Management
    "{8E5233E1-7495-44FB-8DEB-4BE906D59619}" = Junk Mail filter update
    "{90120000-0020-040C-0000-0000000FF1CE}" = Module de compatibilité pour Microsoft Office System 2007
    "{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel(R) Matrix Storage Manager
    "{9085040C-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Word Viewer 2003
    "{95120000-003F-040C-0000-0000000FF1CE}" = Microsoft Office Excel Viewer
    "{95120000-00AF-040C-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (French)
    "{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
    "{96AE7E41-E34E-47D0-AC07-1091A8127911}" = USB2.0 Card Reader Software
    "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
    "{9A394342-4A68-4EBA-85A6-55B559F4E700}" = Microsoft .NET Framework 1.1 French Language Pack
    "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
    "{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
    "{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
    "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
    "{AC76BA86-7AD7-1036-7B44-A90000000001}" = Adobe Reader 9 - Français
    "{B3B487E7-6171-4376-9074-B28082CEB504}" = Windows Live Call
    "{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
    "{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
    "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
    "{DCE8CD14-FBF5-4464-B9A4-E18E473546C7}" = Assistant de connexion Windows Live
    "{E2D128C3-2169-4C7D-A6FC-78A50A79A2E2}" = MAGIX Screenshare
    "{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant
    "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
    "{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
    "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
    "{F54AC413-D2C6-4A24-B324-370C223C6250}" = Adobe Photoshop Elements 6.0
    "{FE23D063-934D-4829-A0D8-00634CE79B4A}" = Adobe AIR
    "2cf695f" = Contextual Tool Adsflow
    "Adobe AIR" = Adobe AIR
    "Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
    "Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
    "Adobe Photoshop Elements 6" = Adobe Photoshop Elements 6.0
    "Adobe Shockwave Player" = Adobe Shockwave Player 11.6
    "Algobox" = Algobox
    "ALUpdate_is1" = ALTools Update
    "ALZip_is1" = ALZip
    "Bytescout XLS Viewer_is1" = $APPNAME> 2.31
    "CCleaner" = CCleaner
    "CutePDF Writer Installation" = CutePDF Writer 2.8
    "Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.11.22.508
    "Google Desktop" = Google Desktop
    "HDMI" = Intel(R) Graphics Media Accelerator Driver
    "Identity Card" = Identity Card
    "IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
    "ie7" = Windows Internet Explorer 7
    "ie8" = Windows Internet Explorer 8
    "iLivid" = iLivid
    "InfoCentre" = InfoCentre
    "Intel AppUp(SM) center 29342" = Intel AppUp(SM) center
    "LManager" = Launch Manager
    "Messenger Plus! Live" = Messenger Plus! Live
    "Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
    "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
    "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
    "Microsoft .NET Framework 4 Client Profile FRA Language Pack" = Module linguistique Microsoft .NET Framework 4 Client Profile FRA
    "Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
    "Mozilla Firefox 14.0.1 (x86 fr)" = Mozilla Firefox 14.0.1 (x86 fr)
    "MozillaMaintenanceService" = Mozilla Maintenance Service
    "MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
    "MSTTS" = Microsoft Text-to-Speech Engine 4.0 (English)
    "NIS" = Norton Internet Security
    "NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
    "Packard Bell Customer Registration" = Packard Bell Customer Registration
    "Packard Bell Screensaver" = Packard Bell ScreenSaver
    "PortraitProfessional9Trial_is1" = Portrait Professional 9.8 Trial
    "ReadPlease 2003_is1" = ReadPlease 2003/ReadPlease PLUS 2003
    "RealPlayer 12.0" = RealPlayer
    "SetUpMyPC" = SetUpMyPC
    "ST6UNST #1" = CARTEL EUROS 3000
    "SynTPDeinstKey" = Synaptics Pointing Device Driver
    "Updator" = Updator
    "Wdf01007" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
    "Windows Media Format Runtime" = Windows Media Format 11 runtime
    "Windows Media Player" = Lecteur Windows Media 11
    "WinDS PRODSi 2.0.4" = WinDS PRO
    "WinLiveSuite_Wave3" = Installation Windows Live
    "WMFDist11" = Windows Media Format 11 runtime
    "wmp11" = Windows Media Player 11
    "Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0

    ========== HKEY_USERS Uninstall List ==========

    [HKEY_USERS\S-1-5-21-2188283067-1453689397-2529006832-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

    ========== Last 20 Event Log Errors ==========

    [ Application Events ]
    Error - 04/08/2012 09:52:29 | Computer Name = | Source = WinMgmt | ID = 28
    Description = WinMgmt n'a pas pu initialiser les parties centrales. Ceci peut être
    dû à une version mal installée de WinMgmt, à une erreur de mise à niveau du référentiel
    WinMgmt, à un manque de place sur disque ou à un manque de mémoire.

    Error - 04/08/2012 10:06:36 | Computer Name = Source = WinMgmt | ID = 28
    Description = WinMgmt n'a pas pu initialiser les parties centrales. Ceci peut être
    dû à une version mal installée de WinMgmt, à une erreur de mise à niveau du référentiel
    WinMgmt, à un manque de place sur disque ou à un manque de mémoire.

    Error - 04/08/2012 10:08:01 | Computer Name = | Source = WmiAdapter | ID = 4099
    Description = Échec de l'ouverture de services.

    Error - 04/08/2012 10:08:02 | Computer Name = Source = WmiAdapter | ID = 4099
    Description = Échec de l'ouverture de services.

    Error - 04/08/2012 13:33:16 | Computer Name = | Source = WinMgmt | ID = 28
    Description = WinMgmt n'a pas pu initialiser les parties centrales. Ceci peut être
    dû à une version mal installée de WinMgmt, à une erreur de mise à niveau du référentiel
    WinMgmt, à un manque de place sur disque ou à un manque de mémoire.

    Error - 04/08/2012 13:33:37 | Computer Name = | Source = Application Error | ID = 1000
    Description = Application défaillante explorer.exe, version 6.0.2900.5512, module
    défaillant unknown, version 0.0.0.0, adresse de défaillance 0x45671b04.

    Error - 04/08/2012 13:47:20 | Computer Name = | Source = WinMgmt | ID = 28
    Description = WinMgmt n'a pas pu initialiser les parties centrales. Ceci peut être
    dû à une version mal installée de WinMgmt, à une erreur de mise à niveau du référentiel
    WinMgmt, à un manque de place sur disque ou à un manque de mémoire.

    Error - 04/08/2012 13:53:12 | Computer Name = | Source = WinMgmt | ID = 28
    Description = WinMgmt n'a pas pu initialiser les parties centrales. Ceci peut être
    dû à une version mal installée de WinMgmt, à une erreur de mise à niveau du référentiel
    WinMgmt, à un manque de place sur disque ou à un manque de mémoire.

    Error - 04/08/2012 13:57:09 | Computer Name = | Source = WinMgmt | ID = 28
    Description = WinMgmt n'a pas pu initialiser les parties centrales. Ceci peut être
    dû à une version mal installée de WinMgmt, à une erreur de mise à niveau du référentiel
    WinMgmt, à un manque de place sur disque ou à un manque de mémoire.

    Error - 04/08/2012 14:05:08 | Computer Name = | Source = WinMgmt | ID = 28
    Description = WinMgmt n'a pas pu initialiser les parties centrales. Ceci peut être
    dû à une version mal installée de WinMgmt, à une erreur de mise à niveau du référentiel
    WinMgmt, à un manque de place sur disque ou à un manque de mémoire.

    [ System Events ]
    Error - 04/08/2012 13:57:18 | Computer Name = | Source = DCOM | ID = 10005
    Description = DCOM a reçu l'erreur "%1084" lors de la mise en route du service EventSystem
    avec les arguments "" pour démarrer le serveur : {1BE1F766-5536-11D1-B726-00C04FB926AF}

    Error - 04/08/2012 14:04:58 | Computer Name = Source = Dhcp | ID = 1002
    Description = Le bail de l'adresse IP 192.168.1.49 pour la carte réseau dont l'adresse
    réseau est 00265E598E9B a été refusé par le serveur DHCP 194.158.102.99 (celui-ci
    a envoyé un message DHCPNACK).

    Error - 04/08/2012 14:05:17 | Computer Name = Source = DCOM | ID = 10005
    Description = DCOM a reçu l'erreur "%1084" lors de la mise en route du service EventSystem
    avec les arguments "" pour démarrer le serveur : {1BE1F766-5536-11D1-B726-00C04FB926AF}

    Error - 04/08/2012 14:25:51 | Computer Name = Source = DCOM | ID = 10005
    Description = DCOM a reçu l'erreur "%1084" lors de la mise en route du service EventSystem
    avec les arguments "" pour démarrer le serveur : {1BE1F766-5536-11D1-B726-00C04FB926AF}

    Error - 04/08/2012 14:26:46 | Computer Name = | Source = Service Control Manager | ID = 7000
    Description = Le service Filtre de bus AGP Intel n'a pas pu démarrer en raison de
    l'erreur : %%1058

    Error - 04/08/2012 14:26:47 | Computer Name = | Source = Service Control Manager | ID = 7026
    Description = Le pilote de démarrage système ou d'amorçage suivant n'a pas pu se
    charger : IDSxpx86

    Error - 04/08/2012 14:31:57 | Computer Name = Y | Source = Dhcp | ID = 1000
    Description = Votre ordinateur a perdu le bail de son adresse IP 94.238.93.36 sur
    la carte réseau d'adresse réseau 00265E598E9B.

    Error - 04/08/2012 14:37:15 | Computer Name = | Source = Dhcp | ID = 1000
    Description = Votre ordinateur a perdu le bail de son adresse IP 94.238.93.36 sur
    la carte réseau d'adresse réseau 00265E598E9B.

    Error - 04/08/2012 15:09:28 | Computer Name = | Source = Service Control Manager | ID = 7000
    Description = Le service Filtre de bus AGP Intel n'a pas pu démarrer en raison de
    l'erreur : %%1058

    Error - 04/08/2012 15:09:31 | Computer Name = | Source = Service Control Manager | ID = 7026
    Description = Le pilote de démarrage système ou d'amorçage suivant n'a pas pu se
    charger : IDSxpx86


    < End of report >
    a c 267 8 Sécurité
    a b 2 Internet
    5 Août 2012 03:14:07

    Bien.

    Il y a des fichiers que je ne connais pas, je regarderai plus tard.

    Bonne nuit ;) 
    5 Août 2012 22:48:23

    Merci beaucoup :) 
    a c 267 8 Sécurité
    a b 2 Internet
    6 Août 2012 15:22:15

    • Fais analyser ce fichier : C:\WINDOWS\System32\2cf695f.exe

    • Sur VirusTotal et poste le lien de l'analyse.
    Tom's guide dans le monde
    • Allemagne
    • Italie
    • Irlande
    • Royaume Uni
    • Etats Unis
    Suivre Tom's Guide
    Inscrivez-vous à la Newsletter
    • ajouter à twitter
    • ajouter à facebook
    • ajouter un flux RSS