Votre question

Publicités pornographiques non sollicitées [Résolu]

Tags :
  • Firefox
  • publicitées
  • pornographiques
  • boxore
  • Sécurité
Dernière réponse : dans Sécurité et virus
8 Août 2012 16:23:05

avec Firefox 14.0.1, j'ai de façon aléatoire des ouvertures de session avec du contenu porno.

comment m'en débarrassé ?

j'ai téléchargé OTL

Autres pages sur : publicites pornographiques sollicitees resolu

a c 1038 8 Sécurité
a c 107 È Firefox
8 Août 2012 17:00:06

Bonjour non ????

Garde OTL sur ton bureau pour le moment.

Désinstalle, si présent, via Programmes et fonctionnalités (Ajout/Suppression de programmes) :
  • Boxore Client
  • Update Software


  • ---------------------------------------------------------------------------------------------

    AdwCleaner - Suppression :

    • Sur cette page, télécharge AdwCleaner de Xplode en cliquant sur le bouton Télécharger et enregistre le fichier sur ton Bureau
    • Ferme toutes les applications, y compris ton navigateur
    • Double-clique sur l'icône AdwCleaner0.exe pour lancer l'installation
      /!\ Sous Vista et Windows 7, il faut lancer le fichier par clic-droit -> Exécuter en tant qu'administrateur
      Sous IE9, le filtre SmartScreen déclenche une alerte. Cliquer sur Actions puis sur Exécuter quand même
    • Sur le menu principal, clique sur Suppression et patiente le temps de l'analyse
    • A la fin du scan, un rapport AdwCleaner(S).txt s'ouvre. Poste le contenu de ce rapport dans ta prochaine réponse
      Le rapport se trouve sous C:\AdwCleaner(S).txt


  • Tutoriel d'utilisation AdwCleaner en images

    ---------------------------------------------------------------------------------------------

    Malwarebyte's Anti-Malware :

    • Télécharge Malwarebytes Anti-Malware et enregistre le sur le Bureau
    • Double-clique sur le fichier mbam-setup.exe pour lancer l'installation
      /!\ Sous Vista et Windows 7, il faut lancer le fichier par clic-droit -> Exécuter en tant qu'administrateur
    • A la fin de l'installation, veille à ce que l'option Mettre à jour Malwarebytes' Anti-Malware soit cochée
    • Clique sur Terminer
    • Lance Malwarebyte's en double-cliquant sur l'icône sur le bureau
      /!\ Sous Vista et Windows 7, il faut lancer le fichier par clic-droit -> Exécuter en tant qu'administrateur
    • Les Mises à jour se téléchargent, puis ouvre Malwarebyte's
    • Dans l'onglet Paramètres, puis Paramètres d'examen, sélectionne Afficher dans les résultats, pré-coché pour suppression pour les 2 actions Programmes potentiellement indésirables (PUP) et Modifications potentiellement indésirables (PUM)
    • Dans l'onglet Recherche, coche Exécuter un examen complet puis clique sur Rechercher
    • Sélectionne ton disque dur, puis clique sur Lancer l'examen
    • A la fin du scan, clique sur Afficher les résultats
    • Pour supprimer les éléments détectés, clique sur Supprimer la sélection
    • Si un redémarrage est demandé, clique sur Yes
    • Le rapport mbam-log[date-heure].txt s'ouvre. Poste le contenu de ce rapport dans ta prochaine réponse


  • ----------------------------------------------------------------------------------------------

    Sont attendus les rapports :
    • AdwCleaner(S).txt
    • mbam-log[date-heure].txt


  • @+


    9 Août 2012 10:42:35

    Bonjour,

    merci pour votre aide.

    comment je poste les rapports ?

    cordialement
    Contenus similaires
    9 Août 2012 10:46:38

    premier rapport


    # AdwCleaner v1.800 - Rapport créé le 08/08/2012 à 17:33:39
    # Mis à jour le 01/08/2012 par Xplode
    # Système d'exploitation : Windows 7 Home Premium Service Pack 1 (64 bits)
    # Nom d'utilisateur : PhM - PHM-LAPTOP-W7
    # Exécuté depuis : C:\Users\PhM\Downloads\adwcleaner.exe
    # Option [Suppression]


    ***** [Services] *****


    ***** [Fichiers / Dossiers] *****

    Dossier Supprimé : C:\Users\PhM\AppData\Local\Google\Chrome\User Data\Default\Extensions\jeaihkehdlhkocphopopahkfjcfcphef
    Dossier Supprimé : C:\Program Files (x86)\Boxore

    ***** [Registre] *****

    Clé Supprimée : HKCU\Software\Softonic
    Clé Supprimée : HKLM\SOFTWARE\Boxore
    Clé Supprimée : HKLM\SOFTWARE\Classes\Installer\Features\64A6E60055D801F4BB8AC269354B72B8
    Clé Supprimée : HKLM\SOFTWARE\Classes\Installer\Products\64A6E60055D801F4BB8AC269354B72B8
    Clé Supprimée : HKLM\SOFTWARE\Classes\Installer\UpgradeCodes\BA086F2D38A8E1A47912955A68B3AD24
    Clé Supprimée : HKLM\SOFTWARE\Classes\MIME\Database\Content Type\application/x-vnd.software.oneclickctrl.8
    Clé Supprimée : HKLM\SOFTWARE\Classes\Software.OneClickCtrl.8
    Clé Supprimée : HKLM\SOFTWARE\Classes\SoftwareUpdate.CoreClass
    Clé Supprimée : HKLM\SOFTWARE\Classes\SoftwareUpdate.CoreClass.1
    Clé Supprimée : HKLM\SOFTWARE\Classes\SoftwareUpdate.OnDemandCOMClassMachine
    Clé Supprimée : HKLM\SOFTWARE\Classes\SoftwareUpdate.OnDemandCOMClassMachine.1.0
    Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{006E6A46-8D55-4F10-BBA8-2C9653B4278B}
    Clé Supprimée : HKLM\SOFTWARE\MozillaPlugins\@www.dlmanager.net/omaha/tools//Software Update;version=8
    Clé Supprimée : HKLM\SOFTWARE\Software
    Valeur Supprimée : HKLM\SOFTWARE\Mozilla\Firefox\extensions [{9CD2384C-143B-4790-A075-E7FEFE2A554B}]
    [x64] Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\BA086F2D38A8E1A47912955A68B3AD24

    ***** [Registre - GUID] *****

    Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{32451DFC-C23B-4E12-866C-FC7982238504}
    Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{32451DFC-C23B-4E12-866C-FC7982238504}
    Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{63435521-BE15-44D9-A4BE-A5A0000D9662}
    Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{AC5C4189-A8A0-4C9D-8910-C9CEF8360077}
    Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{736EF78E-5A04-46F9-893E-EDEC6EA5DF45}
    Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{7A1BCE27-099C-4628-B63A-AEC00C6376B3}
    Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{AF3AFF7C-B9E9-48DD-9002-212B6DEAAC02}
    Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
    Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{DBE82879-914A-422F-BAE9-2ECC80BE536F}
    Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{E12D7149-73EF-45E4-A1E9-99FD7DAE62D3}
    Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{F2B184F1-547C-4EE9-BFC4-AC489C7077D9}
    Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{63435521-BE15-44D9-A4BE-A5A0000D9662}
    Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7555B87D-D711-48B2-B97D-04DF700652BA}
    Clé Supprimée : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}
    Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}
    Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{63435521-BE15-44D9-A4BE-A5A0000D9662}
    Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7555B87D-D711-48B2-B97D-04DF700652BA}
    [x64] Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
    [x64] Clé Supprimée : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}

    ***** [Navigateurs] *****

    -\\ Internet Explorer v9.0.8112.16421

    [OK] Le registre ne contient aucune entrée illégitime.

    -\\ Mozilla Firefox v14.0.1 (fr)

    Nom du profil : default
    Fichier : C:\Users\PhM\AppData\Roaming\Mozilla\Firefox\Profiles\ge67bjnp.default\prefs.js

    C:\Users\PhM\AppData\Roaming\Mozilla\Firefox\Profiles\ge67bjnp.default\user.js ... Supprimé !

    [OK] Le fichier ne contient aucune entrée illégitime.

    -\\ Google Chrome v21.0.1180.60

    Fichier : C:\Users\PhM\AppData\Local\Google\Chrome\User Data\Default\Preferences

    [OK] Le fichier ne contient aucune entrée illégitime.

    *************************

    AdwCleaner[R1].txt - [5438 octets] - [08/08/2012 17:29:31]
    AdwCleaner[S1].txt - [4490 octets] - [08/08/2012 17:33:39]

    ########## EOF - C:\AdwCleaner[S1].txt - [4618 octets] ##########
    9 Août 2012 10:47:21

    deuxieme rapport

    OTL Extras logfile created on: 08/08/2012 14:45:32 - Run 1
    OTL by OldTimer - Version 3.2.56.0 Folder = C:\Users\PhM\Downloads
    64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
    Internet Explorer (Version = 9.0.8112.16421)
    Locale: 0000040c | Country: France | Language: FRA | Date Format: dd/MM/yyyy

    3,75 Gb Total Physical Memory | 1,72 Gb Available Physical Memory | 45,81% Memory free
    7,50 Gb Paging File | 5,36 Gb Available in Paging File | 71,56% Paging File free
    Paging file location(s): ?:\pagefile.sys [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
    Drive C: | 285,99 Gb Total Space | 199,82 Gb Free Space | 69,87% Space Free | Partition Type: NTFS

    Computer Name: PHM-LAPTOP-W7 | User Name: PhM | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
    Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

    ========== Extra Registry (SafeList) ==========


    ========== File Associations ==========

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
    .html[@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
    .url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
    .cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
    .html [@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)

    [HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
    .html [@ = FirefoxHTML] -- C:\Users\PhM\AppData\Local\Mozilla Firefox\firefox.exe (Mozilla Corporation)

    ========== Shell Spawning ==========

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
    batfile [open] -- "%1" %*
    cmdfile [open] -- "%1" %*
    comfile [open] -- "%1" %*
    exefile [open] -- "%1" %*
    helpfile [open] -- Reg Error: Key error.
    htmlfile [edit] -- Reg Error: Key error.
    htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
    http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
    https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
    inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
    InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
    InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
    piffile [open] -- "%1" %*
    regfile [merge] -- Reg Error: Key error.
    scrfile [config] -- "%1"
    scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
    scrfile [open] -- "%1" /S
    txtfile [edit] -- Reg Error: Key error.
    Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
    Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
    Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Folder [explore] -- Reg Error: Value error.
    Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
    batfile [open] -- "%1" %*
    cmdfile [open] -- "%1" %*
    comfile [open] -- "%1" %*
    cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
    exefile [open] -- "%1" %*
    helpfile [open] -- Reg Error: Key error.
    htmlfile [edit] -- Reg Error: Key error.
    htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
    http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
    https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
    inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
    piffile [open] -- "%1" %*
    regfile [merge] -- Reg Error: Key error.
    scrfile [config] -- "%1"
    scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
    scrfile [open] -- "%1" /S
    txtfile [edit] -- Reg Error: Key error.
    Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
    Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
    Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Folder [explore] -- Reg Error: Value error.
    Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

    ========== Security Center Settings ==========

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
    "cval" = 1

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
    "VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
    "AntiVirusOverride" = 0
    "AntiSpywareOverride" = 0
    "FirewallOverride" = 0

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

    ========== Firewall Settings ==========

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
    "DisableNotifications" = 0
    "EnableFirewall" = 1

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
    "DisableNotifications" = 0
    "EnableFirewall" = 1

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
    "DisableNotifications" = 0
    "EnableFirewall" = 1

    ========== Authorized Applications List ==========


    ========== Vista Active Open Ports Exception List ==========

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
    "{011861E4-EC4C-4F7B-BBDD-C453A3B28C98}" = lport=54925 | protocol=17 | dir=in | name=brothernetwork scanner |
    "{0722665C-0194-4D7F-A9EA-C69B165F633B}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
    "{0A9F5CFE-4EFA-46B1-96E6-68EE9C8FC9DF}" = lport=139 | protocol=6 | dir=in | app=system |
    "{0AF3CF11-CC43-4559-8C30-94228E2A1049}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
    "{0B5323BB-351E-4C6C-A9BF-6832BF4B16C9}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
    "{0C2FFF0F-57B2-4130-8D9E-D50AD147E8A8}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
    "{0D565481-9B1D-4B16-83D6-8E7B4E3CC2CC}" = lport=2869 | protocol=6 | dir=in | app=system |
    "{0E21C83F-4FFE-4898-8B70-B0913782733A}" = lport=9100 | protocol=6 | dir=in | name=port 9100 |
    "{10C068C7-D660-43B3-994F-025FE9234B32}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
    "{1C59CF82-89E1-4833-B314-FB5644DFAF42}" = lport=4482 | protocol=17 | dir=in | name=blackberry desktop software wireless music sync discovery |
    "{1E91A0C2-8D5C-4C34-B318-5A021A9B5ADE}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
    "{245AE7B6-CC28-4386-B314-4D552C10A6A7}" = lport=50001 | protocol=6 | dir=in | name=50001 |
    "{27EA54C4-58C9-4A1F-AA56-B54FB0979363}" = lport=4482 | protocol=6 | dir=in | name=blackberry desktop software wireless music sync data transfer |
    "{2F2E15CE-28AA-4E29-AE7A-DA6D6ED52A34}" = lport=4481 | protocol=6 | dir=in | name=blackberry desktop software wireless music sync data transfer |
    "{308BB4BF-5C90-4F7D-9C77-C0598D6D33A5}" = rport=445 | protocol=6 | dir=out | app=system |
    "{3B548D78-D35E-4DDF-9EBD-5FC36B19EC5A}" = lport=138 | protocol=17 | dir=in | app=system |
    "{4AC0FC9A-9C35-4001-85E4-A9B1F9E4C6FE}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
    "{4CDD6E16-DBA1-4F30-AC32-5FAC3DB4F3C4}" = lport=4482 | protocol=17 | dir=in | name=blackberry desktop software wireless music sync discovery |
    "{54FAC7E4-62F7-4DAD-84FB-CA2CD569B107}" = lport=2869 | protocol=6 | dir=in | app=system |
    "{562AAA6C-8411-4E54-A5EB-2A3C4D982E50}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
    "{58A6DABE-0D0E-471F-AB78-B1161CECBAD9}" = lport=445 | protocol=6 | dir=in | app=system |
    "{59071362-02B3-4A70-8D42-7F59C66F0F63}" = lport=4481 | protocol=6 | dir=in | name=blackberry desktop software wireless music sync data transfer |
    "{5BFD5891-1775-454A-AFD9-8A3851A2F026}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
    "{6C25D282-51D6-49DC-99EE-5F6DDAC7736B}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
    "{755FDF24-182E-40EE-98A5-B0E22D5C5BF8}" = rport=139 | protocol=6 | dir=out | app=system |
    "{99124290-4360-48C1-80B7-61ADC21965FF}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
    "{A0448234-35DC-413D-88F2-EBFF92F1427C}" = lport=4481 | protocol=17 | dir=in | name=blackberry desktop software wireless music sync discovery |
    "{A3E05C2F-CF89-4D22-A962-621F7B697777}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
    "{A8DE6B58-0B54-4F80-BF3C-A9D802786BDC}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
    "{B2EAD6C7-85E6-44F9-AEFA-FDCF8A5FF811}" = rport=138 | protocol=17 | dir=out | app=system |
    "{B53CCDF9-E767-4F55-B46B-E5150C03BA33}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
    "{BAF8F803-7FC9-44D3-BE09-841060412172}" = rport=10243 | protocol=6 | dir=out | app=system |
    "{BB8B6FEF-1ECA-4369-8A58-18F07C42A601}" = lport=137 | protocol=17 | dir=in | app=system |
    "{C069F102-C103-4AD6-9444-37F325762BD6}" = rport=137 | protocol=17 | dir=out | app=system |
    "{C4AB9B9B-84D5-4E0C-8CDB-D977961C522A}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
    "{D189168A-3C3A-4835-BC10-4CB2D5A43E7D}" = lport=10243 | protocol=6 | dir=in | app=system |
    "{D81DEEE8-4B59-46E7-9ACD-CB7F152F652B}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
    "{D930DE7B-7BFD-4A3E-AB8D-542785A07E8E}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
    "{DBC80D0E-A9FA-407F-9060-F04FCC842A41}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
    "{E396FB04-415C-46B9-98F8-116398BC25E7}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
    "{F79C4832-7D0C-4CA3-A7F0-EC682D28A1D4}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
    "{F8AD660F-F394-4B99-9333-9825DD36F7D4}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
    "{F9708A7D-FE50-4A4C-A3C3-873182C341B7}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
    "{FC5BA784-F03D-4379-8AA3-5B1B9C02FC77}" = lport=4482 | protocol=6 | dir=in | name=blackberry desktop software wireless music sync data transfer |
    "{FE0E128F-9CCB-4416-A1AA-F2FB212895CE}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
    "{FF78E89B-B567-4D01-87BC-7ADD56695350}" = lport=4481 | protocol=17 | dir=in | name=blackberry desktop software wireless music sync discovery |

    ========== Vista Active Application Exception List ==========

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
    "{0157FE0C-9D66-43E9-BE0F-298DFD7C37AA}" = protocol=17 | dir=in | app=c:\program files (x86)\brother\brmfl10e\faxrx.exe |
    "{05E5BAA0-9217-4D48-856D-E7474D9BBF25}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
    "{0D0DD8C2-F7B3-4DEB-8596-3147AF47A1C0}" = protocol=6 | dir=out | app=system |
    "{0DD4F297-BC6D-4947-AEC4-2747AB3C4C0D}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
    "{0E7E4A70-2627-4209-AD3C-1F6478726968}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
    "{0EB9CD24-94C9-4BBF-B2EF-03FAA6F079F4}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpoews01.exe |
    "{0F841F96-B70F-4CA2-805F-0A279AD1CE5F}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
    "{16A030F2-C0C1-45D4-B213-6F990BC88568}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpofxs08.exe |
    "{18D2B740-028D-46F3-AD09-AFA3143CD53D}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqpse.exe |
    "{1D879E1A-594A-414F-A341-5DE42CD5C1AF}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version6\teamviewer_service.exe |
    "{22CC74A3-487F-4978-81F1-34F6D4F2ECBD}" = dir=in | app=c:\program files (x86)\windows live\sync\windowslivesync.exe |
    "{26CBD2E2-3B05-4D7F-B958-6BA0D1C7CEAB}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
    "{2B9242D5-A966-488F-B3C5-B69846155D67}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version7\teamviewer_service.exe |
    "{2D1F2857-E0AD-4748-A08C-5AA40B27D7D3}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpfccopy.exe |
    "{2D736E7E-B8D9-46B6-96E0-AA84384B5BFA}" = protocol=17 | dir=in | app=c:\program files (x86)\ivt corporation\bluesoleil\bluesoleilcs.exe |
    "{3023B9CB-C5B3-4B07-807F-9FE54A5D5EB8}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
    "{38ED0421-0CD3-4AFC-A249-D4D18A79AFEA}" = protocol=6 | dir=in | app=c:\program files (x86)\brother\brmfl10e\faxrx.exe |
    "{39DCB8CC-87CC-4BBA-A950-0562A0925303}" = protocol=6 | dir=in | app=c:\program files (x86)\ivt corporation\bluesoleil\bluesoleilcs.exe |
    "{3C83C7FE-9A26-4D25-ADA9-402811FA9338}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
    "{433BF6C9-206B-4B92-90BB-59DC56596DFB}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqusgm.exe |
    "{46307616-EB76-423C-81A2-797FD3B935C3}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
    "{46ADAF3A-6172-43D2-A98F-26C8EE5111EC}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqpsapp.exe |
    "{4FB08A87-97A1-4311-BC6E-0D279BA0400A}" = protocol=6 | dir=in | name=9100-9200 |
    "{50492730-B488-463D-AD9F-B4D25F904859}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqkygrp.exe |
    "{570A8870-53CE-4AAD-A285-1D63E87BEC76}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpofxm08.exe |
    "{5BDCF598-5A91-4906-8D76-4A0251CD38C8}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
    "{5C0C4FCC-DA50-49E6-8738-AAF221ECC25D}" = protocol=17 | dir=in | app=c:\users\phm\appdata\roaming\dropbox\bin\dropbox.exe |
    "{651EA1F6-CB51-4C12-BB01-67DCBF1EA73B}" = protocol=6 | dir=in | app=c:\program files (x86)\research in motion\blackberry desktop\rim.desktop.exe |
    "{6D89697C-6705-4483-AB87-B85C57E16267}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqfxt08.exe |
    "{6E2F6B12-4A1B-4E1F-AB83-8EDDA4B1AEC4}" = protocol=6 | dir=in | app=c:\users\phm\appdata\roaming\dropbox\bin\dropbox.exe |
    "{74067048-E4D4-4740-8138-30585576C339}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
    "{7641370E-FF16-4FF6-B891-11C465472F0E}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hposfx08.exe |
    "{77D3A164-2D7D-42C7-8421-976FAB5EB5C0}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version7\teamviewer.exe |
    "{77F2799C-0F7E-43FA-9F13-4D7E98B802CC}" = protocol=6 | dir=in | app=c:\program files (x86)\research in motion\blackberry desktop\rim.desktop.exe |
    "{78D4AB4A-22D6-449E-AEF0-B20ECF682F0C}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqgpc01.exe |
    "{81919569-5D64-4F9E-8E7C-AA7A6B510AA3}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hposid01.exe |
    "{8358BBD7-68BE-4999-87CD-EFD131DC13F7}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpzwiz01.exe |
    "{84AD8292-BB4D-42FB-B4D9-01E08B00A1F4}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
    "{8652F9D8-8024-46BD-BFD8-194E2455046E}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version7\teamviewer_service.exe |
    "{8A814C21-367C-49C3-97CF-447825BEF508}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
    "{8BA8999E-24A7-4380-8ECB-5C89083244EA}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
    "{8E813207-DFE0-4C25-909F-CEE3EE6442E4}" = protocol=17 | dir=in | app=c:\program files (x86)\research in motion\blackberry desktop\rim.desktop.exe |
    "{91A36201-D0E4-408A-82DA-A406BE4E9C4C}" = dir=in | app=c:\program files (x86)\hp\hp software update\hpwucli.exe |
    "{92C1DA82-0A86-4169-A23D-C9F608BAD550}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe |
    "{92C31700-3B64-47FE-87C4-B71777CB433C}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqusgh.exe |
    "{93E4EB4E-ACE3-49EC-8EFC-C46469C81832}" = dir=in | app=c:\program files (x86)\hp\digital imaging\smart web printing\smartwebprintexe.exe |
    "{A54E436A-BEFE-452C-B87F-6213FE8D4B18}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
    "{A587E02F-2159-4317-ABD5-F73620D8AB36}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpiscnapp.exe |
    "{A6F97B0D-560C-48E7-A5D7-E41712930586}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
    "{A84705B6-26D4-401A-BAD7-32DA4F30016E}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqste08.exe |
    "{AB9AA95F-A956-4BB9-BAEB-5DBE4A310DDA}" = dir=in | app=c:\program files (x86)\common files\hp\digital imaging\bin\hpqphotocrm.exe |
    "{ADB0833D-84CA-4EE6-B525-9F5846B20DF3}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version7\teamviewer.exe |
    "{B5198B79-A03B-4F76-BC00-DA6E367820BE}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
    "{B664830F-6D80-43C5-B66D-5EEA0F9225B9}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
    "{BE23BDD0-690F-4D1D-ACB6-49FC58D64FD0}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
    "{BE890401-0D1E-4FDA-B2E8-D50E4E4B9C54}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
    "{C9CEEC1B-AED4-4698-96A3-CDF8310F9637}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
    "{CF63BC7F-B64F-4CE8-9E36-3CA46E438443}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
    "{D403EFB0-737B-493D-B18B-62165F6F576F}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
    "{D4FD2831-5B29-444D-92ED-1AF02DDA6DCA}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version6\teamviewer.exe |
    "{D7320B58-EC6B-4BFD-8488-1AA82C5184E6}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqgplgtupl.exe |
    "{D7D53AB0-1C1A-4E7F-A9A9-AE2AAA7BD5DE}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
    "{D8031E60-AB49-42E1-AE2D-7E694E60DC8C}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
    "{DDA83738-DE45-45E5-8059-B7F2D4E5FCE0}" = protocol=6 | dir=in | app=c:\program files (x86)\brother\bradmin light\bradmlight.exe |
    "{DF53B443-E013-4961-8AC7-F7CBD6EBCDB9}" = protocol=17 | dir=in | app=c:\program files (x86)\brother\bradmin light\bradmlight.exe |
    "{E0893BDB-1259-4C65-BA4F-AEAAEFE0DA61}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
    "{E120BAA2-B2CF-4BE0-B3DE-FA39EA4C81F5}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
    "{E349D8A7-BA43-40B0-BF80-057CB924DC2A}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version6\teamviewer.exe |
    "{E539F805-C4C2-434E-B2EB-C30E1AF3A8F8}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
    "{E6EC7FA0-F26E-458F-91BE-80A7F203518A}" = protocol=17 | dir=in | app=c:\program files (x86)\research in motion\blackberry desktop\rim.desktop.exe |
    "{E879A05D-60F4-4438-BC15-A742AEB1C986}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
    "{E910E7E9-E14B-4296-8D1A-142F353BB4B8}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqnrs08.exe |
    "{EE2680F5-9CCE-466D-A990-7B68CEAA4C17}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd8\powerdvd8.exe |
    "{F14C7895-248B-4F74-89B4-05322921D2A6}" = protocol=17 | dir=in | app=c:\program files (x86)\ivt corporation\bluesoleil\bluesoleilcs.exe |
    "{F4B594BD-B674-4842-A93E-6B0A362FB9AA}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqtra08.exe |
    "{F65EE352-6791-40A1-BC68-06A1850126E1}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
    "{F69AF859-60EF-4922-A7FF-D6192A374124}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqsudi.exe |
    "{FB30CA1E-E5D3-4E4C-AA8E-55DE7A3FF277}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqcopy2.exe |
    "{FB6D68E7-1D7E-45DF-8617-54BADDFB21E9}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version6\teamviewer_service.exe |
    "{FFD86D28-DC20-4EE3-B245-2F6E4CD926AD}" = protocol=6 | dir=in | app=c:\program files (x86)\ivt corporation\bluesoleil\bluesoleilcs.exe |
    "TCP Query User{20CF49FF-7341-42F8-9699-CFF3A4DE79F8}C:\program files (x86)\emule\emule.exe" = protocol=6 | dir=in | app=c:\program files (x86)\emule\emule.exe |
    "TCP Query User{34E8017E-4774-4E72-90F1-19A2EC987022}C:\program files (x86)\suivi_cp\suivi_cp.exe" = protocol=6 | dir=in | app=c:\program files (x86)\suivi_cp\suivi_cp.exe |
    "TCP Query User{527234CF-8250-4C44-9E8B-52542CE5728F}C:\program files (x86)\google\google earth\client\googleearth.exe" = protocol=6 | dir=in | app=c:\program files (x86)\google\google earth\client\googleearth.exe |
    "TCP Query User{7D68E98A-2BC0-44DE-BD2D-79C1B4062360}C:\users\phm\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=6 | dir=in | app=c:\users\phm\appdata\roaming\dropbox\bin\dropbox.exe |
    "TCP Query User{80727DA6-7FE4-43A7-9A99-0301DCF9699B}C:\ma_journee\ma_journee.exe" = protocol=6 | dir=in | app=c:\ma_journee\ma_journee.exe |
    "TCP Query User{DB098195-2A37-4A72-A83D-A28963D32D9C}C:\program files (x86)\google\google earth\client\googleearth.exe" = protocol=6 | dir=in | app=c:\program files (x86)\google\google earth\client\googleearth.exe |
    "UDP Query User{16D7A77B-2B79-4560-B88A-520798F0D390}C:\program files (x86)\suivi_cp\suivi_cp.exe" = protocol=17 | dir=in | app=c:\program files (x86)\suivi_cp\suivi_cp.exe |
    "UDP Query User{2851B702-9711-4A09-A0F9-9017DD635AB9}C:\users\phm\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=17 | dir=in | app=c:\users\phm\appdata\roaming\dropbox\bin\dropbox.exe |
    "UDP Query User{2B53E046-912C-4435-A7CC-FA9CE33748D6}C:\program files (x86)\google\google earth\client\googleearth.exe" = protocol=17 | dir=in | app=c:\program files (x86)\google\google earth\client\googleearth.exe |
    "UDP Query User{98746EE8-375D-4ED3-9D19-FEE9C055FB02}C:\program files (x86)\emule\emule.exe" = protocol=17 | dir=in | app=c:\program files (x86)\emule\emule.exe |
    "UDP Query User{D0A2E344-F5A2-4A53-BB2F-BE76DBC3B263}C:\program files (x86)\google\google earth\client\googleearth.exe" = protocol=17 | dir=in | app=c:\program files (x86)\google\google earth\client\googleearth.exe |
    "UDP Query User{E846B7C0-C293-45C0-AAD6-EB1DA9D827DF}C:\ma_journee\ma_journee.exe" = protocol=17 | dir=in | app=c:\ma_journee\ma_journee.exe |

    ========== HKEY_LOCAL_MACHINE Uninstall List ==========

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "{05EFBF37-0E52-4579-875C-7EEF0DFB4FCB}" = Network64
    "{17016DA1-F040-4032-BD36-34DD317BC9D5}" = HP Photosmart All-In-One Driver Software 13.0 Rel. A
    "{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant
    "{32E9C1A5-0FDA-4483-987D-DBABF9CC1DD8}" = Microsoft Antimalware Service FR-FR Language Pack
    "{350AA351-21FA-3270-8B7A-835434E766AD}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022
    "{366414E1-0DE3-8976-D113-210F5DD75729}" = ATI Catalyst Install Manager
    "{368F0B79-71B0-7675-D1A7-2504424DDF0E}" = ccc-utility64
    "{46A5FBE9-ADB3-4493-A1CC-B4CFFD24D26A}" = Windows Live Family Safety
    "{5E2CD4FB-4538-4831-8176-05D653C3E6D4}" = Windows Live Remote Service Resources
    "{5EB6F3CB-46F4-451F-A028-7F6D8D35D7D0}" = Windows Live Language Selector
    "{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
    "{6A76BEAF-6D1F-4273-A79B-DA8410A2E56B}" = Apple Mobile Device Support
    "{6BFAB6C1-6D46-46DB-A538-A269907C9F2F}" = Network64
    "{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64)
    "{6DD01FF3-63CE-436B-96DB-61363EAA4EB8}" = MobileMe Control Panel
    "{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
    "{715CAACC-579B-4831-A5F4-A83A8DE3EFE2}" = PaperPort Image Printer 64-bit
    "{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
    "{840A3BAA-4C68-4581-9C7A-6F8D6CF531B9}" = iTunes
    "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
    "{8B485965-8EFE-464A-842F-CF8F18C3DFD7}" = iCloud
    "{90120000-002A-040C-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (French) 2007
    "{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
    "{9D046B26-7978-47CD-91E6-AC3C1DFBC3D0}" = Microsoft Security Client
    "{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
    "{B750FA38-7AB0-42CB-ACBB-E7DBE9FF603F}" = Windows Live Remote Client Resources
    "{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
    "{DC911ADF-7B60-40F2-A112-FB1EB6402D07}" = Microsoft Security Client FR-FR Language Pack
    "{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
    "{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
    "{EE936C7A-EA40-31D5-9B65-8E3E089C3828}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148
    "{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
    "{FBBAB883-0BEE-4744-8062-281B213ADC1E}" = Bluesoleil 5.4.277.0
    "{FE4BE0BD-1EDB-4D24-9614-847B3C472887}" = Windows Live Family Safety
    "{FF21C3E6-97FD-474F-9518-8DCBE94C2854}" = 64 Bit HP CIO Components Installer
    "HP Imaging Device Functions" = HP Imaging Device Functions 13.0
    "HP Photosmart Essential" = HP Photosmart Essential 3.5
    "HP Smart Web Printing" = HP Smart Web Printing 4.51
    "HP Solution Center & Imaging Support Tools" = HP Solution Center 13.0
    "HPExtendedCapabilities" = HP Customer Participation Program 13.0
    "HPOCR" = OCR Software by I.R.I.S. 13.0
    "KONICA MINOLTA bizhub C352/C300 Installer" = KONICA MINOLTA bizhub C352/C300
    "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
    "Microsoft Security Client" = Microsoft Security Essentials
    "Shop for HP Supplies" = Shop for HP Supplies
    "SynTPDeinstKey" = Synaptics Pointing Device Driver
    "WalterShop" = WalterShop

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "{006E6A46-8D55-4F10-BBA8-2C9653B4278B}" = Software Update Helper
    "{0214A441-A4AB-43A8-8DEF-2F73C5364673}" = Microsoft Works
    "{068724F8-D8BE-4B43-8DDD-B9FE9E49FD76}" = Scansoft PDF Professional
    "{06A1D88C-E102-4527-AF70-29FFD7AF215A}" = Scan
    "{09F56A49-A7B1-4AAB-95B9-D13094254AD1}" = Windows Live UX Platform Language Pack
    "{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
    "{0DCF3CFB-0FB6-01DF-AA2B-3DBC40A5839F}" = Catalyst Control Center Graphics Full Existing
    "{0E64B098-8018-4256-BA23-C316A43AD9B0}" = QuickTime
    "{0EF5BEA9-B9D3-46d7-8958-FB69A0BAEACC}" = Status
    "{10035C61-374F-4E19-3DE6-FFAD64F20152}" = CCC Help Portuguese
    "{1107B37C-A748-A839-7B95-C22668E84446}" = CCC Help Chinese Standard
    "{122ADF8C-DDA1-480C-9936-C88F2825B265}" = Apple Application Support
    "{1292B4A7-C072-413A-B1D0-A1BE7FB516B9}" = Google SketchUp 8
    "{14D08502-FEE4-40E5-90D3-8A967A1D8BA2}" = Readiris Pro 10
    "{172BE173-7514-13D8-26A0-21BE6D02849A}" = CCC Help Finnish
    "{175F0111-2968-4935-8F70-33108C6A4DE3}" = MarketResearch
    "{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
    "{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser
    "{1BB4C660-E5E0-8C76-52CA-861A3F1C122C}" = CCC Help Dutch
    "{1CE06390-46D0-11D6-8578-006008CA5356}" = SmarThru
    "{1EC71BFB-01A3-4239-B6AF-B1AE656B15C0}" = TrayApp
    "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
    "{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
    "{1FA94A28-5D32-CDC3-4FC7-F8AB6842AB55}" = CCC Help Japanese
    "{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
    "{20400dbd-e6db-45b8-9b6b-1dd7033818ec}" = Nero InfoTool Help
    "{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
    "{2348b586-c9ae-46ce-936c-a68e9426e214}" = Nero StartSmart Help
    "{26A24AE4-039D-4CA4-87B4-2F83216022F0}" = Java(TM) 6 Update 22
    "{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java(TM) 6 Update 31
    "{26E5F8B6-CB96-D266-6631-C2E998138A48}" = CCC Help Thai
    "{28006915-2739-4EBE-B5E8-49B25D32EB33}" = Atheros Driver Installation Program
    "{28656860-4728-433C-8AD4-D1A930437BC8}" = Nuance PDF Viewer Plus
    "{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com
    "{2A7EF808-14F3-4E93-BE3A-1675EE5332A4}" = AIO_CDA_ProductContext
    "{2BF2E31F-B8BB-40A7-B650-98D28E0F7D47}" = CyberLink PowerDVD 8
    "{2C997A7A-B527-6250-B6FE-696E72290CCF}" = CCC Help German
    "{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}" = BufferChm
    "{2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}" = HP Update
    "{2F90A789-DD1E-41CE-BFCA-BD78213BABC7}" = OpenOffice.org 3.4
    "{2FF8C687-DB7D-4adc-A5DC-57983EC25046}" = DeviceDiscovery
    "{3143EA78-CF29-631E-DD1D-E567A0939D73}" = Catalyst Control Center Graphics Light
    "{32364CEA-7855-4A3C-B674-53D8E9B97936}" = TuneUp Utilities 2012
    "{3260D61B-DCA6-4ec6-8A41-DCCE01BC6EE4}" = c4100_Help
    "{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
    "{33cf58f5-48d8-4575-83d6-96f574e4d83a}" = Nero DriveSpeed
    "{34319F1F-7CF2-4CC9-B357-1AE7D2FF3AC5}" = Windows Live
    "{36A98148-A6B5-EBA5-6353-9833C7F5C06E}" = Catalyst Control Center Graphics Full New
    "{3A455515-140D-46D9-805A-E8D4760A38A7}" = CABLABEL LITE
    "{3B9A92DA-6374-4872-B646-253F18624D5F}" = Windows Live Writer
    "{3C92B2E6-380D-4fef-B4DF-4A3B4B669771}" = Copy
    "{3DB0448D-AD82-4923-B305-D001E521A964}" = Packard Bell Power Management
    "{3DBA8005-4659-C0C2-32FC-CCAEBA155AC6}" = CCC Help Russian
    "{43CDF946-F5D9-4292-B006-BA0D92013021}" = WebReg
    "{440B915A-0C85-45DB-92AE-75AE14704A64}" = Fax
    "{4518D543-6A80-4856-AFA7-10836B42113A}" = Samsung SCX-4x16 Series - TWAIN
    "{453DC0A2-6F09-FCEC-57A0-2B3540B363B4}" = CCC Help Korean
    "{46E6CCE4-99DA-F751-555A-A83D08727108}" = CCC Help Polish
    "{488F0347-C4A7-4374-91A7-30818BEDA710}" = Galerie de photos Windows Live
    "{48FD7162-300B-FBD6-BBF1-E787DCA61C02}" = CCC Help Swedish
    "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
    "{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}" = SolutionCenter
    "{4CBABDFD-49F8-47FD-BE7D-ECDE7270525A}" = Windows Live PIMT Platform
    "{4D43D635-6FDA-4fa5-AA9B-23CF73D058EA}" = Nero StartSmart OEM
    "{4E7C28C7-D5DA-4E9F-A1CA-60490B54AE35}" = UnloadSupport
    "{5239B19E-21EE-327A-7F8A-47ABC68BA306}" = CCC Help English
    "{5511C07D-A83C-45AD-92B6-42DF99729A3C}" = Adobe Photoshop Elements 7.0
    "{55D003F4-9599-44BF-BA9E-95D060730DD3}" = Contrôle ActiveX Windows Live Mesh pour connexions à distance
    "{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
    "{595a3116-40bb-4e0f-a2e8-d7951da56270}" = NeroExpress
    "{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}" = Google Earth
    "{5AD045DF-11AA-473D-B4AA-2A4F0E213047}" = Google SketchUp 7
    "{61fdf367-7c96-409a-89b0-4bafb33982be}" = Nero 9 Essentials
    "{62687B11-58B5-4A18-9BC3-9DF4CE03F194}" = Windows Live Writer Resources
    "{63FF21C9-A810-464F-B60A-3111747B1A6D}" = GPBaseService2
    "{6560081A-2245-41B9-CF3C-7EA6C9BEAE51}" = Catalyst Control Center Localization All
    "{681B698F-C997-42C3-B184-B489C6CA24C9}" = HPPhotoSmartDiscLabelContent1
    "{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
    "{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
    "{6B2FFB21-AC88-45C3-9A7D-4BB3E744EC91}" = HPSSupply
    "{6BBA26E9-AB03-4FE7-831A-3535584CA002}" = Toolbox
    "{6C0A559F-8583-4B5A-8B50-20BEE15D8E64}" = Nuance PaperPort 12
    "{6C810E30-FC8A-7059-5752-8800FCA6203C}" = CCC Help Chinese Traditional
    "{6D9021DC-CF1B-4148-8C80-6D8E8A8A33EB}" = Video Web Camera
    "{6DEC8BD5-7574-47FA-B080-492BBBE2FEA3}" = Windows Live Movie Maker
    "{6E5324C1-84FC-4F76-9A3A-C65E07F80EE6}" = Complément Messenger
    "{6F340107-F9AA-47C6-B54C-C3A19F11553F}" = Hewlett-Packard ACLM.NET v1.1.0.0
    "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
    "{72B776E5-4530-4C4B-9453-751DF87D9D93}" = Backup Manager Basic
    "{75157F34-02C6-4831-BD66-3BC49E7A8394}" = BlackBerry Desktop Software 6.1
    "{75EF9F92-76D4-F910-6A98-AE8F2EBF99BB}" = ccc-core-static
    "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
    "{7748ac8c-18e3-43bb-959b-088faea16fb2}" = Nero StartSmart
    "{77F8A71E-3515-4832-B8B2-2F1EDBD2E0F1}" = Bing Bar
    "{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core
    "{7BC46298-4325-EDF3-D3EA-C39390B315AF}" = CCC Help Turkish
    "{7F811A54-5A09-4579-90E1-C93498E230D9}" = Packard Bell Recovery Management
    "{82809116-D1EE-443C-AE31-F19E709DDF7A}" = AMD USB Filter Driver
    "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110209593}" = Chicken Invaders 2
    "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110551697}" = Granny In Paradise
    "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112662477}" = Merriam Websters Spell Jam
    "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11273477}" = Amazonia
    "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112920767}" = Alice Greenfingers
    "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113786380}" = Heroes of Hellas
    "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113832110}" = Dream Day First Home
    "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-114803710}" = Star Defender 4
    "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115053100}" = Dairy Dash
    "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11531173}" = Farm Frenzy 2
    "{83202942-84b3-4c50-8622-b8c0aa2d2885}" = Nero Express Help
    "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
    "{83ED1E80-A1B7-4256-BCF1-AC4A88151A6B}" = Microsoft MapPoint Europe 2006
    "{841F1FB4-FDF8-461C-A496-3E1CFD84C0B5}" = Windows Live Mesh
    "{846B5DED-DC8C-4E1A-B5B4-9F5B39A0CACE}" = HPDiagnosticAlert
    "{869200db-287a-4dc0-b02b-2b6787fbcd4c}" = Nero DiscSpeed
    "{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
    "{89601BB9-C8C0-493D-9912-AD7F51A918A3}" = Boxore Client
    "{8B999A44-8314-493B-877E-A1DA5B54D9B8}" = Catalyst Control Center - Branding
    "{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
    "{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
    "{90120000-0015-040C-0000-0000000FF1CE}" = Microsoft Office Access MUI (French) 2007
    "{90120000-0015-040C-0000-0000000FF1CE}_OMUI.fr-fr_{CF3C20A6-47B7-48DA-95C1-6FBB5A439AF8}" = Microsoft Office 2007 Service Pack 3 (SP3)
    "{90120000-0016-040C-0000-0000000FF1CE}" = Microsoft Office Excel MUI (French) 2007
    "{90120000-0016-040C-0000-0000000FF1CE}_OMUI.fr-fr_{CF3C20A6-47B7-48DA-95C1-6FBB5A439AF8}" = Microsoft Office 2007 Service Pack 3 (SP3)
    "{90120000-0017-040C-0000-0000000FF1CE}" = Microsoft Office SharePoint Designer MUI (French) 2007
    "{90120000-0017-040C-0000-0000000FF1CE}_OMUI.fr-fr_{879D8136-C3A7-4A13-A8F4-309467087372}" = Microsoft Office SharePoint Designer 2007 Service Pack 3 (SP3)
    "{90120000-0018-040C-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (French) 2007
    "{90120000-0018-040C-0000-0000000FF1CE}_OMUI.fr-fr_{CF3C20A6-47B7-48DA-95C1-6FBB5A439AF8}" = Microsoft Office 2007 Service Pack 3 (SP3)
    "{90120000-0019-040C-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (French) 2007
    "{90120000-0019-040C-0000-0000000FF1CE}_OMUI.fr-fr_{CF3C20A6-47B7-48DA-95C1-6FBB5A439AF8}" = Microsoft Office 2007 Service Pack 3 (SP3)
    "{90120000-001A-040C-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (French) 2007
    "{90120000-001A-040C-0000-0000000FF1CE}_OMUI.fr-fr_{CF3C20A6-47B7-48DA-95C1-6FBB5A439AF8}" = Microsoft Office 2007 Service Pack 3 (SP3)
    "{90120000-001B-040C-0000-0000000FF1CE}" = Microsoft Office Word MUI (French) 2007
    "{90120000-001B-040C-0000-0000000FF1CE}_OMUI.fr-fr_{CF3C20A6-47B7-48DA-95C1-6FBB5A439AF8}" = Microsoft Office 2007 Service Pack 3 (SP3)
    "{90120000-001F-0401-0000-0000000FF1CE}" = Microsoft Office Proof (Arabic) 2007
    "{90120000-001F-0401-0000-0000000FF1CE}_OMUI.fr-fr_{3E8EA473-ECCE-405F-A9CA-59446AEADD3A}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
    "{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
    "{90120000-001F-0407-0000-0000000FF1CE}_OMUI.fr-fr_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
    "{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
    "{90120000-001F-0409-0000-0000000FF1CE}_OMUI.fr-fr_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
    "{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
    "{90120000-001F-040C-0000-0000000FF1CE}_OMUI.fr-fr_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
    "{90120000-001F-0413-0000-0000000FF1CE}" = Microsoft Office Proof (Dutch) 2007
    "{90120000-001F-0413-0000-0000000FF1CE}_OMUI.fr-fr_{2C95E7EE-FEA7-4B3A-A6E5-DF90A88B816A}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
    "{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
    "{90120000-001F-0C0A-0000-0000000FF1CE}_OMUI.fr-fr_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
    "{90120000-0020-040C-0000-0000000FF1CE}" = Module de compatibilité pour Microsoft Office System 2007
    "{90120000-002A-040C-1000-0000000FF1CE}_OMUI.fr-fr_{8283FD64-6A3B-4104-9E12-7CA25EF29A1A}" = Microsoft Office 2007 Service Pack 3 (SP3)
    "{90120000-002C-040C-0000-0000000FF1CE}" = Microsoft Office Proofing (French) 2007
    "{90120000-0044-040C-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (French) 2007
    "{90120000-0044-040C-0000-0000000FF1CE}_OMUI.fr-fr_{CF3C20A6-47B7-48DA-95C1-6FBB5A439AF8}" = Microsoft Office 2007 Service Pack 3 (SP3)
    "{90120000-006E-040C-0000-0000000FF1CE}" = Microsoft Office Shared MUI (French) 2007
    "{90120000-006E-040C-0000-0000000FF1CE}_OMUI.fr-fr_{8283FD64-6A3B-4104-9E12-7CA25EF29A1A}" = Microsoft Office 2007 Service Pack 3 (SP3)
    "{90120000-00A1-040C-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (French) 2007
    "{90120000-00A1-040C-0000-0000000FF1CE}_OMUI.fr-fr_{CF3C20A6-47B7-48DA-95C1-6FBB5A439AF8}" = Microsoft Office 2007 Service Pack 3 (SP3)
    "{90120000-00BA-040C-0000-0000000FF1CE}" = Microsoft Office Groove MUI (French) 2007
    "{90120000-00BA-040C-0000-0000000FF1CE}_OMUI.fr-fr_{CF3C20A6-47B7-48DA-95C1-6FBB5A439AF8}" = Microsoft Office 2007 Service Pack 3 (SP3)
    "{90120000-0100-040C-0000-0000000FF1CE}" = Microsoft Office O MUI (French) 2007
    "{90120000-0100-040C-0000-0000000FF1CE}_OMUI.fr-fr_{CF3C20A6-47B7-48DA-95C1-6FBB5A439AF8}" = Microsoft Office 2007 Service Pack 3 (SP3)
    "{90120000-0101-040C-0000-0000000FF1CE}" = Microsoft Office X MUI (French) 2007
    "{90120000-0101-040C-0000-0000000FF1CE}_OMUI.fr-fr_{CF3C20A6-47B7-48DA-95C1-6FBB5A439AF8}" = Microsoft Office 2007 Service Pack 3 (SP3)
    "{90F1943D-EA4A-4460-B59F-30023F3BA69A}" = SmarThru 4
    "{9111040C-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Professional
    "{9242564e-02e9-4ea8-9d2d-351f6f728e1c}_is1" = Packard Bell GameZone Console
    "{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
    "{95120000-00AF-040C-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (French)
    "{9644C161-5CDA-47DC-B90F-86C23330C75B}" = TuneUp Utilities Language Pack (fr-FR)
    "{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader
    "{979742CC-2CBB-49D8-9BEE-C2F7875F5393}" = Brother MFL-Pro Suite MFC-9465CDN
    "{9B362566-EC1B-4700-BB9C-EC661BDE2175}" = DocProc
    "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
    "{9C5EB781-0D37-44B8-9A58-77B3E4BF5F5E}" = Windows Live Sync
    "{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
    "{9FAE6E8D-E686-49F5-A574-0A58DFD9580C}" = Windows Live Mail
    "{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
    "{A436F67F-687E-4736-BD2B-537121A804CF}" = HP Product Detection
    "{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
    "{A7AEE29F-839E-46B5-B347-6D430618129F}" = AIO_CDA_Software
    "{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress
    "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
    "{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
    "{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
    "{AAF89271-2594-468D-B578-96B2E30C41C4}" = eBay Worldwide
    "{AB39BF09-4A6D-4D5A-C18C-5FA93ACA7AEF}" = Catalyst Control Center InstallProxy
    "{AC76BA86-7AD7-1036-7B44-A95000000001}" = Adobe Reader 9.5.1 - Français
    "{B2717DE0-E633-F8A5-727A-30EE10F85932}" = CCC Help Norwegian
    "{b2ec4a38-b545-4a00-8214-13fe0e915e6d}" = Advertising Center
    "{B68D9CA9-23EF-D5C9-035F-61B5B2DE228B}" = Catalyst Control Center Core Implementation
    "{B6916E4B-FD07-47E7-B906-B3F734F08E29}" = C4100
    "{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Toolbars
    "{bd5ca0da-71ad-43da-b19e-6eee0c9adc9a}" = Nero ControlCenter
    "{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations
    "{C0AF9DFE-8B2A-4AC4-22B8-F0EF518C8443}" = CCC Help Greek
    "{C12F5BC8-AA4A-6046-2C5C-5822317733CD}" = CCC Help French
    "{C43326F5-F135-4551-8270-7F7ABA0462E1}" = HPProductAssistant
    "{C57BCDE1-7CB9-467D-B3BA-7E119916CDC1}" = Norton Online Backup
    "{C6579A65-9CAE-4B31-8B6B-3306E0630A66}" = Apple Software Update
    "{C6A037B6-C14B-D618-01F2-75F7C6DFF69E}" = CCC Help Danish
    "{C779648B-410E-4BBA-B75B-5815BCEFE71D}" = Safari
    "{C7C7ABDD-3787-A13B-1F47-27CA9C39DB96}" = CCC Help Spanish
    "{C893D8C0-1BA0-4517-B11C-E89B65E72F70}" = Windows Live Photo Common
    "{C8990E5C-EEEE-466E-8865-F39381DDD193}_is1" = Gérez votre téléphonie V1
    "{C9FD8F40-C7BB-A23E-4C87-57485D7501EF}" = CCC Help Czech
    "{CAE4213F-F797-439D-BD9E-79B71D115BE3}" = HPPhotoGadget
    "{CB6075D9-F912-40AE-BEA6-E590DA24F16B}" = Adobe Photoshop Elements 7.0
    "{cc019e3f-59d2-4486-8d4b-878105b62a71}" = Nero DiscSpeed Help
    "{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
    "{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
    "{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
    "{D6F879CC-59D6-4D4B-AE9B-D761E48D25ED}" = Skype™ 5.3
    "{D79113E7-274C-470B-BD46-01B10219DF6A}" = HPPhotosmartEssential
    "{D86B0E2E-DF9A-441C-AF77-8D1A0FF00FA6}" = AIO_Scan
    "{DB44C345-3CD6-0076-D710-47936E6B4BA6}" = CCC Help Hungarian
    "{DB75941E-30C4-4D97-B000-D17C764B998C}" = Brother BRAdmin Light 1.18.0001
    "{dba84796-8503-4ff0-af57-1747dd9a166d}" = Nero Online Upgrade
    "{DC635845-46D3-404B-BCB1-FC4A91091AFA}" = SmartWebPrinting
    "{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
    "{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
    "{E2DFCB25-A7CE-AEF9-99C2-2421F076C840}" = CCC Help Italian
    "{E503B4BF-F7BB-3D5F-8BC8-F694B1CFF942}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218
    "{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant
    "{e5c7d048-f9b4-4219-b323-8bdb01a2563d}" = Nero DriveSpeed Help
    "{e8a80433-302b-4ff1-815d-fcc8eac482ff}" = Nero Installer
    "{EC80A553-E1FC-7A48-AF5F-AC0FC683D201}" = DITEL
    "{EE171732-BEB4-4576-887D-CB62727F01CA}" = Packard Bell Updater
    "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
    "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
    "{f4041dce-3fe1-4e18-8a9e-9de65231ee36}" = Nero ControlCenter
    "{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
    "{fbcdfd61-7dcf-4e71-9226-873ba0053139}" = Nero InfoTool
    "{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
    "7-Zip" = 7-Zip 9.20
    "Adobe AIR" = Adobe AIR
    "Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
    "Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
    "Adobe Photoshop Elements 7" = Adobe Photoshop Elements 7.0
    "avast" = avast! Free Antivirus
    "BlackBerry_Desktop" = BlackBerry Desktop Software 6.1
    "DOMARCHIVISTE" = domarchiviste
    "eMule" = eMule
    "FileZilla Client" = FileZilla Client 3.5.3
    "Glary Utilities_is1" = Glary Utilities 2.30.0.1066
    "Google Chrome" = Google Chrome
    "GoToAssist" = GoToAssist 8.0.0.508
    "Identity Card" = Identity Card
    "InstallShield_{2BF2E31F-B8BB-40A7-B650-98D28E0F7D47}" = CyberLink PowerDVD 8
    "InstallShield_{72B776E5-4530-4C4B-9453-751DF87D9D93}" = Packard Bell MyBackup
    "Kit DartyBox ADSL v3.2_is1" = Kit DartyBox ADSL v3.2
    "LManager" = Launch Manager
    "MA_journee" = MA_journee
    "MailWasher Free_is1" = MailWasher Free 6.5.4
    "McAfee Security Scan" = McAfee Security Scan Plus
    "Metaboli" = Metaboli
    "minerve_cchfExécutable Windows 32 bits" = minerve_cchf
    "Money2005b" = Microsoft Money
    "Mozilla Firefox 14.0.1 (x86 fr)" = Mozilla Firefox 14.0.1 (x86 fr)
    "Mozilla Firefox 5.0 (x86 fr)" = Mozilla Firefox 5.0 (x86 fr)
    "Mozilla Thunderbird 9.0 (x86 fr)" = Mozilla Thunderbird 9.0 (x86 fr)
    "MozillaMaintenanceService" = Mozilla Maintenance Service
    "MyDUversion connectee demo" = MyDU
    "MYDUversion connectéeCLT" = MyDU_connect (Installation cliente)
    "OMUI.fr-fr" = Microsoft Office Language Pack 2007 - French/Français
    "Packard Bell InfoCentre" = Packard Bell InfoCentre
    "Packard Bell Registration" = Packard Bell Registration
    "Packard Bell Screensaver" = Packard Bell ScreenSaver
    "Packard Bell Welcome Center" = Welcome Center
    "Picasa 3" = Picasa 3
    "PlayerPlus" = PlayerPlus
    "Samsung SCX-4x16 Series" = Samsung SCX-4x16 Series
    "SmarThru PC Fax" = SmarThru PC Fax
    "suivi_cp" = suivi_cp
    "TeamViewer 6" = TeamViewer 6
    "TeamViewer 7" = TeamViewer 7
    "TuneUp Utilities 2012" = TuneUp Utilities 2012
    "WinLiveSuite" = Windows Live
    "WinRAR archiver" = WinRAR archiver

    ========== HKEY_CURRENT_USER Uninstall List ==========

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "Dropbox" = Dropbox

    ========== Last 20 Event Log Errors ==========

    [ Application Events ]
    Error - 06/08/2012 04:17:14 | Computer Name = PhM-Laptop-W7 | Source = Brother BrLog | ID = 1001
    Description = TWN BrtTWN: [2012/08/06 10:17:14.895]: [00004748]: Initialize TwdsMain
    Class failed!

    Error - 06/08/2012 04:19:39 | Computer Name = PhM-Laptop-W7 | Source = Brother BrLog | ID = 1001
    Description = TWN BrtTWN: [2012/08/06 10:19:39.542]: [00004748]: ##### Fatal ERROR!!
    Create STI-device failed! #####

    Error - 06/08/2012 04:19:39 | Computer Name = PhM-Laptop-W7 | Source = Brother BrLog | ID = 1001
    Description = TWN BrtTWN: [2012/08/06 10:19:39.542]: [00004748]: Initialize TwdsMain
    Class failed!

    Error - 06/08/2012 11:15:10 | Computer Name = PhM-Laptop-W7 | Source = SideBySide | ID = 16842815
    Description = La création du contexte d’activation a échoué pour « c:\Program Files
    (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll ». Erreur dans le fichier
    de manifeste ou de stratégie « c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe
    AIR.dll » à la ligne 3. La valeur « MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR »
    de l’attribut « version » de l’élément « assemblyIdentity » n’est pas valide.

    Error - 07/08/2012 11:44:10 | Computer Name = PhM-Laptop-W7 | Source = SideBySide | ID = 16842815
    Description = La création du contexte d’activation a échoué pour « c:\Program Files
    (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll ». Erreur dans le fichier
    de manifeste ou de stratégie « c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe
    AIR.dll » à la ligne 3. La valeur « MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR »
    de l’attribut « version » de l’élément « assemblyIdentity » n’est pas valide.

    Error - 08/08/2012 04:06:15 | Computer Name = PhM-Laptop-W7 | Source = Brother BrLog | ID = 1001
    Description = TWN BrtTWN: [2012/08/08 10:06:15.146]: [00004756]: ##### Fatal ERROR!!
    Create STI-device failed! #####

    Error - 08/08/2012 04:06:15 | Computer Name = PhM-Laptop-W7 | Source = Brother BrLog | ID = 1001
    Description = TWN BrtTWN: [2012/08/08 10:06:15.147]: [00004756]: Initialize TwdsMain
    Class failed!

    Error - 08/08/2012 04:11:02 | Computer Name = PhM-Laptop-W7 | Source = Brother BrLog | ID = 1001
    Description = TWN BrtTWN: [2012/08/08 10:11:02.010]: [00004756]: ##### Fatal ERROR!!
    Create STI-device failed! #####

    Error - 08/08/2012 04:11:02 | Computer Name = PhM-Laptop-W7 | Source = Brother BrLog | ID = 1001
    Description = TWN BrtTWN: [2012/08/08 10:11:02.011]: [00004756]: Initialize TwdsMain
    Class failed!

    Error - 08/08/2012 07:39:37 | Computer Name = PhM-Laptop-W7 | Source = SideBySide | ID = 16842815
    Description = La création du contexte d’activation a échoué pour « c:\Program Files
    (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll ». Erreur dans le fichier
    de manifeste ou de stratégie « c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe
    AIR.dll » à la ligne 3. La valeur « MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR »
    de l’attribut « version » de l’élément « assemblyIdentity » n’est pas valide.

    [ System Events ]
    Error - 08/08/2012 03:07:37 | Computer Name = PhM-Laptop-W7 | Source = atikmdag | ID = 52236
    Description = CPLIB :: General - Invalid Parameter

    Error - 08/08/2012 03:07:37 | Computer Name = PhM-Laptop-W7 | Source = atikmdag | ID = 43029
    Description = Display is not active

    Error - 08/08/2012 03:08:09 | Computer Name = PhM-Laptop-W7 | Source = Service Control Manager | ID = 7000
    Description = Le service DgiVecp n’a pas pu démarrer en raison de l’erreur : %%20

    Error - 08/08/2012 03:08:15 | Computer Name = PhM-Laptop-W7 | Source = Service Control Manager | ID = 7009
    Description = Le dépassement de délai (30000 millisecondes) a été atteint lors de
    l’attente de la connexion du service HsfXAudioService.

    Error - 08/08/2012 03:08:15 | Computer Name = PhM-Laptop-W7 | Source = Service Control Manager | ID = 7000
    Description = Le service HsfXAudioService n’a pas pu démarrer en raison de l’erreur :
    %%1053

    Error - 08/08/2012 06:55:17 | Computer Name = PhM-Laptop-W7 | Source = atikmdag | ID = 52236
    Description = CPLIB :: General - Invalid Parameter

    Error - 08/08/2012 06:55:17 | Computer Name = PhM-Laptop-W7 | Source = atikmdag | ID = 43029
    Description = Display is not active

    Error - 08/08/2012 06:55:48 | Computer Name = PhM-Laptop-W7 | Source = Service Control Manager | ID = 7000
    Description = Le service DgiVecp n’a pas pu démarrer en raison de l’erreur : %%20

    Error - 08/08/2012 06:55:50 | Computer Name = PhM-Laptop-W7 | Source = Service Control Manager | ID = 7009
    Description = Le dépassement de délai (30000 millisecondes) a été atteint lors de
    l’attente de la connexion du service HsfXAudioService.

    Error - 08/08/2012 06:55:50 | Computer Name = PhM-Laptop-W7 | Source = Service Control Manager | ID = 7000
    Description = Le service HsfXAudioService n’a pas pu démarrer en raison de l’erreur :
    %%1053

    [ TuneUp Events ]
    Error - 19/06/2012 05:50:44 | Computer Name = PhM-Laptop-W7 | Source = TuneUp.UtilitiesSvc | ID = 300
    Description =


    < End of report >
    9 Août 2012 10:48:12

    troisième rapport

    Malwarebytes Anti-Malware (Essai) 1.62.0.1300
    www.malwarebytes.org

    Version de la base de données: v2012.08.08.07

    Windows 7 Service Pack 1 x64 NTFS
    Internet Explorer 9.0.8112.16421
    PhM :: PHM-LAPTOP-W7 [administrateur]

    Protection: Activé

    08/08/2012 17:50:07
    mbam-log-2012-08-08 (17-50-07).txt

    Type d'examen: Examen complet (C:\|)
    Options d'examen activées: Mémoire | Démarrage | Registre | Système de fichiers | Heuristique/Extra | Heuristique/Shuriken | PUP | PUM
    Options d'examen désactivées: P2P
    Elément(s) analysé(s): 448138
    Temps écoulé: 1 heure(s), 43 minute(s), 43 seconde(s)

    Processus mémoire détecté(s): 0
    (Aucun élément nuisible détecté)

    Module(s) mémoire détecté(s): 0
    (Aucun élément nuisible détecté)

    Clé(s) du Registre détectée(s): 0
    (Aucun élément nuisible détecté)

    Valeur(s) du Registre détectée(s): 0
    (Aucun élément nuisible détecté)

    Elément(s) de données du Registre détecté(s): 0
    (Aucun élément nuisible détecté)

    Dossier(s) détecté(s): 0
    (Aucun élément nuisible détecté)

    Fichier(s) détecté(s): 54
    C:\Program Files (x86)\Software\Update\1.2.199.0\goopdateres_ar.dll (Adware.Boxore) -> Mis en quarantaine et supprimé avec succès.
    C:\Program Files (x86)\Software\Update\1.2.199.0\goopdateres_bg.dll (Adware.Boxore) -> Mis en quarantaine et supprimé avec succès.
    C:\Program Files (x86)\Software\Update\1.2.199.0\goopdateres_bn.dll (Adware.Boxore) -> Mis en quarantaine et supprimé avec succès.
    C:\Program Files (x86)\Software\Update\1.2.199.0\goopdateres_ca.dll (Adware.Boxore) -> Mis en quarantaine et supprimé avec succès.
    C:\Program Files (x86)\Software\Update\1.2.199.0\goopdateres_cs.dll (Adware.Boxore) -> Mis en quarantaine et supprimé avec succès.
    C:\Program Files (x86)\Software\Update\1.2.199.0\goopdateres_da.dll (Adware.Boxore) -> Mis en quarantaine et supprimé avec succès.
    C:\Program Files (x86)\Software\Update\1.2.199.0\goopdateres_de.dll (Adware.Boxore) -> Mis en quarantaine et supprimé avec succès.
    C:\Program Files (x86)\Software\Update\1.2.199.0\goopdateres_el.dll (Adware.Boxore) -> Mis en quarantaine et supprimé avec succès.
    C:\Program Files (x86)\Software\Update\1.2.199.0\goopdateres_en-GB.dll (Adware.Boxore) -> Mis en quarantaine et supprimé avec succès.
    C:\Program Files (x86)\Software\Update\1.2.199.0\goopdateres_en.dll (Adware.Boxore) -> Mis en quarantaine et supprimé avec succès.
    C:\Program Files (x86)\Software\Update\1.2.199.0\goopdateres_es-419.dll (Adware.Boxore) -> Mis en quarantaine et supprimé avec succès.
    C:\Program Files (x86)\Software\Update\1.2.199.0\goopdateres_es.dll (Adware.Boxore) -> Mis en quarantaine et supprimé avec succès.
    C:\Program Files (x86)\Software\Update\1.2.199.0\goopdateres_et.dll (Adware.Boxore) -> Mis en quarantaine et supprimé avec succès.
    C:\Program Files (x86)\Software\Update\1.2.199.0\goopdateres_fa.dll (Adware.Boxore) -> Mis en quarantaine et supprimé avec succès.
    C:\Program Files (x86)\Software\Update\1.2.199.0\goopdateres_fi.dll (Adware.Boxore) -> Mis en quarantaine et supprimé avec succès.
    C:\Program Files (x86)\Software\Update\1.2.199.0\goopdateres_fil.dll (Adware.Boxore) -> Mis en quarantaine et supprimé avec succès.
    C:\Program Files (x86)\Software\Update\1.2.199.0\goopdateres_fr.dll (Adware.Boxore) -> Mis en quarantaine et supprimé avec succès.
    C:\Program Files (x86)\Software\Update\1.2.199.0\goopdateres_gu.dll (Adware.Boxore) -> Mis en quarantaine et supprimé avec succès.
    C:\Program Files (x86)\Software\Update\1.2.199.0\goopdateres_hi.dll (Adware.Boxore) -> Mis en quarantaine et supprimé avec succès.
    C:\Program Files (x86)\Software\Update\1.2.199.0\goopdateres_hr.dll (Adware.Boxore) -> Mis en quarantaine et supprimé avec succès.
    C:\Program Files (x86)\Software\Update\1.2.199.0\goopdateres_hu.dll (Adware.Boxore) -> Mis en quarantaine et supprimé avec succès.
    C:\Program Files (x86)\Software\Update\1.2.199.0\goopdateres_id.dll (Adware.Boxore) -> Mis en quarantaine et supprimé avec succès.
    C:\Program Files (x86)\Software\Update\1.2.199.0\goopdateres_is.dll (Adware.Boxore) -> Mis en quarantaine et supprimé avec succès.
    C:\Program Files (x86)\Software\Update\1.2.199.0\goopdateres_it.dll (Adware.Boxore) -> Mis en quarantaine et supprimé avec succès.
    C:\Program Files (x86)\Software\Update\1.2.199.0\goopdateres_iw.dll (Adware.Boxore) -> Mis en quarantaine et supprimé avec succès.
    C:\Program Files (x86)\Software\Update\1.2.199.0\goopdateres_ja.dll (Adware.Boxore) -> Mis en quarantaine et supprimé avec succès.
    C:\Program Files (x86)\Software\Update\1.2.199.0\goopdateres_kn.dll (Adware.Boxore) -> Mis en quarantaine et supprimé avec succès.
    C:\Program Files (x86)\Software\Update\1.2.199.0\goopdateres_ko.dll (Adware.Boxore) -> Mis en quarantaine et supprimé avec succès.
    C:\Program Files (x86)\Software\Update\1.2.199.0\goopdateres_lv.dll (Adware.Boxore) -> Mis en quarantaine et supprimé avec succès.
    C:\Program Files (x86)\Software\Update\1.2.199.0\goopdateres_ml.dll (Adware.Boxore) -> Mis en quarantaine et supprimé avec succès.
    C:\Program Files (x86)\Software\Update\1.2.199.0\goopdateres_mr.dll (Adware.Boxore) -> Mis en quarantaine et supprimé avec succès.
    C:\Program Files (x86)\Software\Update\1.2.199.0\goopdateres_ms.dll (Adware.Boxore) -> Mis en quarantaine et supprimé avec succès.
    C:\Program Files (x86)\Software\Update\1.2.199.0\goopdateres_nl.dll (Adware.Boxore) -> Mis en quarantaine et supprimé avec succès.
    C:\Program Files (x86)\Software\Update\1.2.199.0\goopdateres_no.dll (Adware.Boxore) -> Mis en quarantaine et supprimé avec succès.
    C:\Program Files (x86)\Software\Update\1.2.199.0\goopdateres_or.dll (Adware.Boxore) -> Mis en quarantaine et supprimé avec succès.
    C:\Program Files (x86)\Software\Update\1.2.199.0\goopdateres_pl.dll (Adware.Boxore) -> Mis en quarantaine et supprimé avec succès.
    C:\Program Files (x86)\Software\Update\1.2.199.0\goopdateres_pt-BR.dll (Adware.Boxore) -> Mis en quarantaine et supprimé avec succès.
    C:\Program Files (x86)\Software\Update\1.2.199.0\goopdateres_pt-PT.dll (Adware.Boxore) -> Mis en quarantaine et supprimé avec succès.
    C:\Program Files (x86)\Software\Update\1.2.199.0\goopdateres_ro.dll (Adware.Boxore) -> Mis en quarantaine et supprimé avec succès.
    C:\Program Files (x86)\Software\Update\1.2.199.0\goopdateres_ru.dll (Adware.Boxore) -> Mis en quarantaine et supprimé avec succès.
    C:\Program Files (x86)\Software\Update\1.2.199.0\goopdateres_sk.dll (Adware.Boxore) -> Mis en quarantaine et supprimé avec succès.
    C:\Program Files (x86)\Software\Update\1.2.199.0\goopdateres_sl.dll (Adware.Boxore) -> Mis en quarantaine et supprimé avec succès.
    C:\Program Files (x86)\Software\Update\1.2.199.0\goopdateres_sr.dll (Adware.Boxore) -> Mis en quarantaine et supprimé avec succès.
    C:\Program Files (x86)\Software\Update\1.2.199.0\goopdateres_sv.dll (Adware.Boxore) -> Mis en quarantaine et supprimé avec succès.
    C:\Program Files (x86)\Software\Update\1.2.199.0\goopdateres_ta.dll (Adware.Boxore) -> Mis en quarantaine et supprimé avec succès.
    C:\Program Files (x86)\Software\Update\1.2.199.0\goopdateres_te.dll (Adware.Boxore) -> Mis en quarantaine et supprimé avec succès.
    C:\Program Files (x86)\Software\Update\1.2.199.0\goopdateres_th.dll (Adware.Boxore) -> Mis en quarantaine et supprimé avec succès.
    C:\Program Files (x86)\Software\Update\1.2.199.0\goopdateres_tr.dll (Adware.Boxore) -> Mis en quarantaine et supprimé avec succès.
    C:\Program Files (x86)\Software\Update\1.2.199.0\goopdateres_uk.dll (Adware.Boxore) -> Mis en quarantaine et supprimé avec succès.
    C:\Program Files (x86)\Software\Update\1.2.199.0\goopdateres_ur.dll (Adware.Boxore) -> Mis en quarantaine et supprimé avec succès.
    C:\Program Files (x86)\Software\Update\1.2.199.0\goopdateres_vi.dll (Adware.Boxore) -> Mis en quarantaine et supprimé avec succès.
    C:\Program Files (x86)\Software\Update\1.2.199.0\goopdateres_zh-CN.dll (Adware.Boxore) -> Mis en quarantaine et supprimé avec succès.
    C:\Program Files (x86)\Software\Update\1.2.199.0\goopdateres_zh-TW.dll (Adware.Boxore) -> Mis en quarantaine et supprimé avec succès.
    C:\Users\PhM\Downloads\SoftonicDownloader_pour_glary-utilities.exe (PUP.OfferBundler.ST) -> Mis en quarantaine et supprimé avec succès.

    (fin)
    a c 1038 8 Sécurité
    a c 107 È Firefox
    9 Août 2012 12:15:15

    Bonjour,

    Citation :
    C:\Users\PhM\Downloads\SoftonicDownloader_pour_glary-utilities.exe


    Il faut éviter de télécharger des applications sur Softonic et O1.net qui repacke les logiciels et les redistribue avec des indésirables, tout simplement pour gagner de l'argent, alors que l'auteur de l'application la distribue gratuitement.
    http://www.malekal.com/2012/04/02/softonic-repack-de-lo...
    http://www.malekal.com/2012/02/03/01net-bundle-bfm-tv-t...
    /!\ Toujours privilégier le téléchargement d'une application sur le site de l'éditeur.

    ----------------------------------------------------------------------------------------------

    Je ne t'avais pas demandé de lancer OTL pour le moment.
    L'analyse c'est pour maintenant :) 

    OTL :

    • Ferme toutes les autres fenêtres et double-clique sur OTL.exe
      /!\ Sous Vista et Windows 7, il faut lancer le fichier par clic-droit -> Exécuter en tant qu'administrateur
    • Vérifie que les cases Tous les utilisateurs, Recherche Lop et Recherche Purity soient cochées
    • Dans le cadre Personnalisation, copie-colle l'intégralité de ce qui suit
      netsvcs
      msconfig
      activex
      drivers32
      /md5start
      explorer.exe
      wininit.exe
      winlogon.exe
      userinit.exe
      svchost.exe
      services.exe
      /md5stop
      %SYSTEMDRIVE%\*.exe
      %ALLUSERSPROFILE%\Application Data\*.
      %ALLUSERSPROFILE%\Application Data\*.exe /s
      %APPDATA%\*.
      %APPDATA%\*.exe /s
      %systemroot%\*. /mp /s
      %systemroot%\Tasks\*.* /s
      %systemroot%\system32\*.dll /lockedfiles
      %systemroot%\Tasks\*.job /lockedfiles
      %systemroot%\system32\drivers\*.sys /lockedfiles
      hklm\software\clients\startmenuinternet|command /rs
      hklm\software\clients\startmenuinternet|command /64 /rs
      nslookup http://www.google.fr /c
      CREATERESTOREPOINT

    • Clique ensuite sur Analyse et patiente le temps du scan

    • A la fin de l'analyse, les rapports OTL.txt et Extras.txt s'affichent.
    • Les rapports étant trop longs pour le forum, héberge-les sur pjjoint.fr et indique les liens fournis dans ta réponse.
      Aide en images : Héberger son rapport d'analyse
      Les rapports sont sauvegardés sur le Bureau.


  • @+

    PS : dans ton cas ne sera généré qu'un rapport OTL puisque tu as déjà exécuté OTL et nous avons donc le rapport Extras.
    a c 1038 8 Sécurité
    a c 107 È Firefox
    9 Août 2012 15:18:12

    Re,

    ---------------------------------------------------------------------------------------------

    Désinstalle via Panneau de configuration -> Programmes et fonctionnalités (si présents) :

    • Google Toolbar for Internet Explorer (sauf si réelle utilité)
    • Software Update Helper (si toujours présent)
    • Boxore Client (si toujours présent)
    • McAfee Security Scan Plus (inutile, tu as avast!)
    • TeamViewer 6 (inutile, tu as la version 7)
    • WalterShop (toolbar inutile)


  • ---------------------------------------------------------------------------------------------

    OTL :

    • Ferme toutes les autres fenêtres et double-clique sur OTL.exe
      /!\ Sous Vista et Windows 7, il faut lancer le fichier par clic-droit -> Exécuter en tant qu'administrateur
    • Copie l'intégralité de ce script ci-dessous (y compris la 1ère ligne OTL)
      :OTL
      IE - HKLM\..\SearchScopes,DefaultScope = {67A2568C-7A0A-4EED-AECC-B5405DE63B64}
      IE - HKCU\..\SearchScopes,DefaultScope = {67A2568C-7A0A-4EED-AECC-B5405DE63B64}
      FF - prefs.js..extensions.enabledItems: toolbar@waltershop.com:1.0
      FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
      FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
      FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
      FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
      FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
      [2010/04/23 15:56:20 | 000,000,000 | ---D | M] (WalterShop) -- C:\Users\PhM\AppData\Roaming\mozilla\Firefox\Profiles\ge67bjnp.default\extensions\toolbar@waltershop.com
      [2010/06/14 10:11:07 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
      [2010/08/09 14:07:58 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
      [2010/11/16 10:10:15 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
      [2011/01/17 11:20:43 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
      [2011/03/02 11:50:00 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
      [2011/07/05 10:47:59 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
      O3:[b]64bit:[/b] - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
      O3 - HKLM\..\Toolbar: (WalterShop) - {9ec204df-0e48-4c32-816e-2e928a4fd9c2} - mscoree.dll (Microsoft Corporation)
      O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
      O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)

      :files
      ipconfig /flushdns /c

      :Commands
      [EMPTYTEMP]
      [CREATERESTOREPOINT]

    • Colle l'intégralité du script dans le cadre Personnalisation
    • Clique ensuite sur le bouton Correction

    • L'outil lance la suppression, ne pas l'interrompre
    • Si l'outil te demande de redémarrer le PC, tu acceptes
    • Poste le contenu du rapport situé dans C:\_OTL\MovedFiles\********_******.log dans ta prochaine réponse
      les *** sont des chiffres représentant la date [MoisJourAnnée] et l'heure


  • /!\ Ce script a été établi pour cet utilisateur, il ne doit, en aucun cas, être appliqué sur un autre système, au risque de provoquer de graves dysfonctionnement et endommager Windows /!\

    ----------------------------------------------------------------------------------------------

    Désinstalle Java(TM) 6 Update 22 et Java(TM) 6 Update 31 via Panneau de configuration -> Programmes et fonctionnalités.

    Installe la dernière version Java 7 Update 5
    http://www.java.com/fr/download/

    ---------------------------------------------------------------------------------------------

    Mets à jour Chrome :

    Télécharge et installe cette dernière version Chrome ou mets à jour directement via Chrome -> clé à molette -> Mettre à jour Google Chrome

    ---------------------------------------------------------------------------------------------

    SX Check&Update :

    • Télécharge SX Check&Update de igor51 et enregistre-le sur ton Bureau
    • Ferme toutes les applications, y compris ton navigateur
    • Double-clique sur SXC&U.exe pour lancer l'application
      /!\ Sous Vista et Windows 7, il faut lancer le fichier par clic-droit -> Exécuter en tant qu'administrateur
    • Au menu principal, clique sur le bouton Rapport

    • Copie-colle le contenu de ce rapport dans ta prochaine réponse.


  • Si ton antivirus émet une alerte ou bloque l'outil, il faut le désactiver temporairement (le fichier SXC&U.exe est sûr)

    ---------------------------------------------------------------------------------------------

    Sont attendus les rapports :
    • C:\_OTL\MovedFiles\********_******.log
    • SX Check&Update


  • @+
    9 Août 2012 19:07:22

    Bonjour,

    je n'arrive pas à lancer SXCU ???? il est bien télécharger dans Téléchargement et je click droit pour exécuter en administrateur et rien ne se passe !!

    voici le rapport OTL

    All processes killed
    Error: Unable to interpret </md5start> in the current context!
    Error: Unable to interpret <explorer.exe> in the current context!
    Error: Unable to interpret <wininit.exe> in the current context!
    Error: Unable to interpret <winlogon.exe> in the current context!
    Error: Unable to interpret <userinit.exe> in the current context!
    Error: Unable to interpret <svchost.exe> in the current context!
    Error: Unable to interpret <services.exe> in the current context!
    Error: Unable to interpret </md5stop> in the current context!
    Error: Unable to interpret <%SYSTEMDRIVE%\*.exe> in the current context!
    Error: Unable to interpret <%ALLUSERSPROFILE%\Application Data\*.> in the current context!
    Error: Unable to interpret <%ALLUSERSPROFILE%\Application Data\*.exe /s> in the current context!
    Error: Unable to interpret <%APPDATA%\*.> in the current context!
    Error: Unable to interpret <%APPDATA%\*.exe /s> in the current context!
    Error: Unable to interpret <%systemroot%\*. /mp /s> in the current context!
    Error: Unable to interpret <%systemroot%\Tasks\*.* /s> in the current context!
    Error: Unable to interpret <%systemroot%\system32\*.dll /lockedfiles> in the current context!
    ========== OTL ==========
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
    Prefs.js: toolbar@waltershop.com:1.0 removed from extensions.enabledItems
    Prefs.js: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20 removed from extensions.enabledItems
    Prefs.js: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21 removed from extensions.enabledItems
    Prefs.js: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22 removed from extensions.enabledItems
    Prefs.js: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23 removed from extensions.enabledItems
    Prefs.js: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24 removed from extensions.enabledItems
    C:\Users\PhM\AppData\Roaming\mozilla\Firefox\Profiles\ge67bjnp.default\extensions\toolbar@waltershop.com\skin folder moved successfully.
    C:\Users\PhM\AppData\Roaming\mozilla\Firefox\Profiles\ge67bjnp.default\extensions\toolbar@waltershop.com\locale\en-US folder moved successfully.
    C:\Users\PhM\AppData\Roaming\mozilla\Firefox\Profiles\ge67bjnp.default\extensions\toolbar@waltershop.com\locale folder moved successfully.
    C:\Users\PhM\AppData\Roaming\mozilla\Firefox\Profiles\ge67bjnp.default\extensions\toolbar@waltershop.com\defaults\preferences folder moved successfully.
    C:\Users\PhM\AppData\Roaming\mozilla\Firefox\Profiles\ge67bjnp.default\extensions\toolbar@waltershop.com\defaults folder moved successfully.
    C:\Users\PhM\AppData\Roaming\mozilla\Firefox\Profiles\ge67bjnp.default\extensions\toolbar@waltershop.com\chrome\content\style folder moved successfully.
    C:\Users\PhM\AppData\Roaming\mozilla\Firefox\Profiles\ge67bjnp.default\extensions\toolbar@waltershop.com\chrome\content folder moved successfully.
    Folder move failed. C:\Users\PhM\AppData\Roaming\mozilla\Firefox\Profiles\ge67bjnp.default\extensions\toolbar@waltershop.com\chrome scheduled to be moved on reboot.
    Folder move failed. C:\Users\PhM\AppData\Roaming\mozilla\Firefox\Profiles\ge67bjnp.default\extensions\toolbar@waltershop.com scheduled to be moved on reboot.
    C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\chrome\locale\zh-TW\ffjcext folder moved successfully.
    C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\chrome\locale\zh-TW folder moved successfully.
    C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\chrome\locale\zh-CN\ffjcext folder moved successfully.
    C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\chrome\locale\zh-CN folder moved successfully.
    C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\chrome\locale\sv-SE\ffjcext folder moved successfully.
    C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\chrome\locale\sv-SE folder moved successfully.
    C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\chrome\locale\ko-KR\ffjcext folder moved successfully.
    C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\chrome\locale\ko-KR folder moved successfully.
    C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\chrome\locale\ja-JP\ffjcext folder moved successfully.
    C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\chrome\locale\ja-JP folder moved successfully.
    C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\chrome\locale\it-IT\ffjcext folder moved successfully.
    C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\chrome\locale\it-IT folder moved successfully.
    C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\chrome\locale\fr-FR\ffjcext folder moved successfully.
    C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\chrome\locale\fr-FR folder moved successfully.
    C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\chrome\locale\es-ES\ffjcext folder moved successfully.
    C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\chrome\locale\es-ES folder moved successfully.
    C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\chrome\locale\en-US\ffjcext folder moved successfully.
    C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\chrome\locale\en-US folder moved successfully.
    C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\chrome\locale\de-DE\ffjcext folder moved successfully.
    C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\chrome\locale\de-DE folder moved successfully.
    Folder move failed. C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\chrome\locale scheduled to be moved on reboot.
    C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\chrome\content\ffjcext folder moved successfully.
    C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\chrome\content folder moved successfully.
    Folder move failed. C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\chrome scheduled to be moved on reboot.
    Folder move failed. C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} scheduled to be moved on reboot.
    C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome\locale\zh-TW\ffjcext folder moved successfully.
    C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome\locale\zh-TW folder moved successfully.
    C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome\locale\zh-CN\ffjcext folder moved successfully.
    C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome\locale\zh-CN folder moved successfully.
    C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome\locale\sv-SE\ffjcext folder moved successfully.
    C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome\locale\sv-SE folder moved successfully.
    C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome\locale\ko-KR\ffjcext folder moved successfully.
    C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome\locale\ko-KR folder moved successfully.
    C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome\locale\ja-JP\ffjcext folder moved successfully.
    C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome\locale\ja-JP folder moved successfully.
    C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome\locale\it-IT\ffjcext folder moved successfully.
    C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome\locale\it-IT folder moved successfully.
    C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome\locale\fr-FR\ffjcext folder moved successfully.
    C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome\locale\fr-FR folder moved successfully.
    C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome\locale\es-ES\ffjcext folder moved successfully.
    C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome\locale\es-ES folder moved successfully.
    C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome\locale\en-US\ffjcext folder moved successfully.
    C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome\locale\en-US folder moved successfully.
    C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome\locale\de-DE\ffjcext folder moved successfully.
    C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome\locale\de-DE folder moved successfully.
    Folder move failed. C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome\locale scheduled to be moved on reboot.
    C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome\content\ffjcext folder moved successfully.
    C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome\content folder moved successfully.
    Folder move failed. C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome scheduled to be moved on reboot.
    Folder move failed. C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} scheduled to be moved on reboot.
    C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale\zh-TW\ffjcext folder moved successfully.
    C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale\zh-TW folder moved successfully.
    C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale\zh-CN\ffjcext folder moved successfully.
    C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale\zh-CN folder moved successfully.
    C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale\sv-SE\ffjcext folder moved successfully.
    C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale\sv-SE folder moved successfully.
    C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale\ko-KR\ffjcext folder moved successfully.
    C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale\ko-KR folder moved successfully.
    C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale\ja-JP\ffjcext folder moved successfully.
    C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale\ja-JP folder moved successfully.
    C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale\it-IT\ffjcext folder moved successfully.
    C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale\it-IT folder moved successfully.
    C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale\fr-FR\ffjcext folder moved successfully.
    C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale\fr-FR folder moved successfully.
    C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale\es-ES\ffjcext folder moved successfully.
    C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale\es-ES folder moved successfully.
    C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale\en-US\ffjcext folder moved successfully.
    C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale\en-US folder moved successfully.
    C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale\de-DE\ffjcext folder moved successfully.
    C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale\de-DE folder moved successfully.
    Folder move failed. C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale scheduled to be moved on reboot.
    C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\content\ffjcext folder moved successfully.
    C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\content folder moved successfully.
    Folder move failed. C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome scheduled to be moved on reboot.
    Folder move failed. C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} scheduled to be moved on reboot.
    C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome\locale\zh-TW\ffjcext folder moved successfully.
    C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome\locale\zh-TW folder moved successfully.
    C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome\locale\zh-CN\ffjcext folder moved successfully.
    C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome\locale\zh-CN folder moved successfully.
    C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome\locale\sv-SE\ffjcext folder moved successfully.
    C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome\locale\sv-SE folder moved successfully.
    C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome\locale\ko-KR\ffjcext folder moved successfully.
    C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome\locale\ko-KR folder moved successfully.
    C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome\locale\ja-JP\ffjcext folder moved successfully.
    C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome\locale\ja-JP folder moved successfully.
    C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome\locale\it-IT\ffjcext folder moved successfully.
    C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome\locale\it-IT folder moved successfully.
    C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome\locale\fr-FR\ffjcext folder moved successfully.
    C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome\locale\fr-FR folder moved successfully.
    C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome\locale\es-ES\ffjcext folder moved successfully.
    C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome\locale\es-ES folder moved successfully.
    C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome\locale\en-US\ffjcext folder moved successfully.
    C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome\locale\en-US folder moved successfully.
    C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome\locale\de-DE\ffjcext folder moved successfully.
    C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome\locale\de-DE folder moved successfully.
    Folder move failed. C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome\locale scheduled to be moved on reboot.
    C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome\content\ffjcext folder moved successfully.
    C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome\content folder moved successfully.
    Folder move failed. C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome scheduled to be moved on reboot.
    Folder move failed. C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} scheduled to be moved on reboot.
    C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}\chrome\locale\zh-TW\ffjcext folder moved successfully.
    C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}\chrome\locale\zh-TW folder moved successfully.
    C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}\chrome\locale\zh-CN\ffjcext folder moved successfully.
    C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}\chrome\locale\zh-CN folder moved successfully.
    C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}\chrome\locale\sv-SE\ffjcext folder moved successfully.
    C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}\chrome\locale\sv-SE folder moved successfully.
    C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}\chrome\locale\ko-KR\ffjcext folder moved successfully.
    C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}\chrome\locale\ko-KR folder moved successfully.
    C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}\chrome\locale\ja-JP\ffjcext folder moved successfully.
    C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}\chrome\locale\ja-JP folder moved successfully.
    C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}\chrome\locale\it-IT\ffjcext folder moved successfully.
    C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}\chrome\locale\it-IT folder moved successfully.
    C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}\chrome\locale\fr-FR\ffjcext folder moved successfully.
    C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}\chrome\locale\fr-FR folder moved successfully.
    C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}\chrome\locale\es-ES\ffjcext folder moved successfully.
    C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}\chrome\locale\es-ES folder moved successfully.
    C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}\chrome\locale\en-US\ffjcext folder moved successfully.
    C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}\chrome\locale\en-US folder moved successfully.
    C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}\chrome\locale\de-DE\ffjcext folder moved successfully.
    C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}\chrome\locale\de-DE folder moved successfully.
    Folder move failed. C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}\chrome\locale scheduled to be moved on reboot.
    C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}\chrome\content\ffjcext folder moved successfully.
    C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}\chrome\content folder moved successfully.
    Folder move failed. C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}\chrome scheduled to be moved on reboot.
    Folder move failed. C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} scheduled to be moved on reboot.
    C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}\chrome\locale\zh-TW\ffjcext folder moved successfully.
    C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}\chrome\locale\zh-TW folder moved successfully.
    C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}\chrome\locale\zh-CN\ffjcext folder moved successfully.
    C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}\chrome\locale\zh-CN folder moved successfully.
    C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}\chrome\locale\sv-SE\ffjcext folder moved successfully.
    C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}\chrome\locale\sv-SE folder moved successfully.
    C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}\chrome\locale\ko-KR\ffjcext folder moved successfully.
    C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}\chrome\locale\ko-KR folder moved successfully.
    C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}\chrome\locale\ja-JP\ffjcext folder moved successfully.
    C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}\chrome\locale\ja-JP folder moved successfully.
    C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}\chrome\locale\it-IT\ffjcext folder moved successfully.
    C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}\chrome\locale\it-IT folder moved successfully.
    C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}\chrome\locale\fr-FR\ffjcext folder moved successfully.
    C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}\chrome\locale\fr-FR folder moved successfully.
    C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}\chrome\locale\es-ES\ffjcext folder moved successfully.
    C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}\chrome\locale\es-ES folder moved successfully.
    C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}\chrome\locale\en-US\ffjcext folder moved successfully.
    C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}\chrome\locale\en-US folder moved successfully.
    C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}\chrome\locale\de-DE\ffjcext folder moved successfully.
    C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}\chrome\locale\de-DE folder moved successfully.
    Folder move failed. C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}\chrome\locale scheduled to be moved on reboot.
    C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}\chrome\content\ffjcext folder moved successfully.
    C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}\chrome\content folder moved successfully.
    Folder move failed. C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}\chrome scheduled to be moved on reboot.
    Folder move failed. C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} scheduled to be moved on reboot.
    Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{9ec204df-0e48-4c32-816e-2e928a4fd9c2} not found.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9ec204df-0e48-4c32-816e-2e928a4fd9c2}\ not found.
    File move failed. mscoree.dll scheduled to be moved on reboot.
    Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
    Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktop deleted successfully.
    Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktopChanges deleted successfully.
    Starting removal of ActiveX control {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\ deleted successfully.
    Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\ not found.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\ not found.
    ========== FILES ==========
    < ipconfig /flushdns /c >
    Configuration IP de Windows
    Cache de r‚solution DNS vid‚.
    C:\Users\PhM\Downloads\cmd.bat deleted successfully.
    C:\Users\PhM\Downloads\cmd.txt deleted successfully.
    ========== COMMANDS ==========

    [EMPTYTEMP]

    User: Administrator

    User: All Users

    User: Default
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 33170 bytes

    User: Default User
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 0 bytes

    User: Invité
    ->Temp folder emptied: 2041457 bytes
    ->Temporary Internet Files folder emptied: 22008731 bytes
    ->Apple Safari cache emptied: 80896 bytes
    ->Flash cache emptied: 1680 bytes

    User: PhM
    ->Temp folder emptied: 6261516 bytes
    ->Temporary Internet Files folder emptied: 247011035 bytes
    ->Java cache emptied: 32523855 bytes
    ->FireFox cache emptied: 63420785 bytes
    ->Google Chrome cache emptied: 18430387 bytes
    ->Apple Safari cache emptied: 21840896 bytes
    ->Flash cache emptied: 59461 bytes

    User: Public

    %systemdrive% .tmp files removed: 0 bytes
    %systemroot% .tmp files removed: 0 bytes
    %systemroot%\System32 .tmp files removed: 0 bytes
    %systemroot%\System32 (64bit) .tmp files removed: 0 bytes
    %systemroot%\System32\drivers .tmp files removed: 0 bytes
    Windows Temp folder emptied: 8676468 bytes
    %systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 33652 bytes
    %systemroot%\system32\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment folder emptied: 753 bytes
    %systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 76794 bytes
    RecycleBin emptied: 1562337092 bytes

    Total Files Cleaned = 1 893,00 mb

    Restore point Set: OTL Restore Point

    OTL by OldTimer - Version 3.2.56.0 log created on 08092012_182230

    Files\Folders moved on Reboot...
    C:\Users\PhM\AppData\Roaming\mozilla\Firefox\Profiles\ge67bjnp.default\extensions\toolbar@waltershop.com\chrome folder moved successfully.
    C:\Users\PhM\AppData\Roaming\mozilla\Firefox\Profiles\ge67bjnp.default\extensions\toolbar@waltershop.com folder moved successfully.
    C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\chrome\locale folder moved successfully.
    C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\chrome folder moved successfully.
    C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} folder moved successfully.
    C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome\locale folder moved successfully.
    C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome folder moved successfully.
    C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} folder moved successfully.
    C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale folder moved successfully.
    C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome folder moved successfully.
    C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} folder moved successfully.
    C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome\locale folder moved successfully.
    C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome folder moved successfully.
    C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} folder moved successfully.
    C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}\chrome\locale folder moved successfully.
    C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}\chrome folder moved successfully.
    C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} folder moved successfully.
    C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}\chrome\locale folder moved successfully.
    C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}\chrome folder moved successfully.
    C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} folder moved successfully.
    File move failed. mscoree.dll scheduled to be moved on reboot.
    C:\Users\PhM\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
    File\Folder C:\Users\PhM\AppData\Local\Temp\PRECO.MARICOAT.2000.MARIPOX.PRIMER.SEL8.3.Entrepôt.STEF.pdf not found!
    File\Folder C:\Windows\temp\{722EA35A-6E0B-449D-A612-E1CCC85F94D4}\fpi.tmp not found!
    File move failed. C:\Windows\temp\_avast_\Webshlock.txt scheduled to be moved on reboot.
    File move failed. C:\Windows\temp\CR_9D861.tmp\SETUP_PATCH.PACKED.7Z scheduled to be moved on reboot.

    PendingFileRenameOperations files...
    File C:\Users\PhM\AppData\Roaming\mozilla\Firefox\Profiles\ge67bjnp.default\extensions\toolbar@waltershop.com\chrome not found!
    File C:\Users\PhM\AppData\Roaming\mozilla\Firefox\Profiles\ge67bjnp.default\extensions\toolbar@waltershop.com not found!
    File C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\chrome\locale not found!
    File C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\chrome not found!
    File C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} not found!
    File C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome\locale not found!
    File C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome not found!
    File C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} not found!
    File C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale not found!
    File C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome not found!
    File C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} not found!
    File C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome\locale not found!
    File C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome not found!
    File C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} not found!
    File C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}\chrome\locale not found!
    File C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}\chrome not found!
    File C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} not found!
    File C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}\chrome\locale not found!
    File C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}\chrome not found!
    File C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} not found!
    [2010/11/05 03:58:19 | 000,297,808 | ---- | M] (Microsoft Corporation) mscoree.dll : MD5=D83947A58613E9091B4C9CC0F1546A8D
    File C:\Users\PhM\AppData\Local\Temp\FXSAPIDebugLogFile.txt not found!
    File C:\Users\PhM\AppData\Local\Temp\PRECO.MARICOAT.2000.MARIPOX.PRIMER.SEL8.3.Entrepôt.STEF.pdf not found!
    File C:\Windows\temp\{722EA35A-6E0B-449D-A612-E1CCC85F94D4}\fpi.tmp not found!
    [2012/08/09 18:27:09 | 000,000,000 | ---- | M] () C:\Windows\temp\_avast_\Webshlock.txt : Unable to obtain MD5
    [2012/08/09 00:51:31 | 000,001,061 | ---- | M] () C:\Windows\temp\CR_9D861.tmp\SETUP_PATCH.PACKED.7Z : MD5=E48EED7C233C44025F0CA2AD80DCD404

    Registry entries deleted on Reboot...
    9 Août 2012 19:13:44

    bonjour,

    avec un peu de persévérance ...

    SX Check&Update
    Lien vers le tutoriel : http://forum.security-x.fr/tutoriels-317/tutoriel-sx-ch...
    ---
    Windows Version : Windows 7 64bits
    Service Pack : 1
    UserName : PhM
    09/08/2012
    19:12:41
    version = v0.2.4
    ---
    Windows Update Information :
    AUOptions : 4
    Automatically, no notification
    ---

    ---
    Name : FlashPlayer ActiveX
    Version : 11.3.300.270
    Flash Player ActiveX est à jour

    Name : FlashPlayer Plugin
    Version : 11.3.300.270
    Flash Player Plugin est à jour

    Nom : Mozilla Firefox 14.0.1 (x86 fr)
    Version : 14.0.1

    Nom : Mozilla Firefox 5.0 (x86 fr)
    Version : 5.0

    Nom : Mozilla Thunderbird 9.0 (x86 fr)
    Version : 9.0

    Nom : Mozilla Maintenance Service
    Version : 14.0.1

    Java Information :
    Nom : Java(TM) 7 Update 5
    Version : 7.0.50
    Java(TM) 7 Update 5 est à jour

    Name : Adobe Reader 9.5.1 - Français
    Version : 9.5.1
    Adobe Reader est à jour

    Nom : Internet Explorer
    Version : 9.0.8112.16421

    a c 1038 8 Sécurité
    a c 107 È Firefox
    9 Août 2012 21:11:07

    Re,

    Désinstalle Mozilla Firefox 5.0, version obsolète (si présent dans Programmes et fonctionnalités).

    Plus de souci de publicités porno qui s'affichent ?

    Si c'est bien le cas, nous allons pouvoir finaliser la procédure.

    ---------------------------------------------------------------------------------------------

    Purge points de restauration :

    • Ferme toutes les autres fenêtres et double-clique sur OTL.exe
      /!\ Sous Vista et Windows 7, il faut lancer le fichier par clic-droit -> Exécuter en tant qu'administrateur
    • Copie l'intégralité de ce script ci-dessous

      :Commands
      [CLEARALLRESTOREPOINTS]
      [EMPTYTEMP]

    • Colle l'intégralité du code dans le cadre Personnalisation
    • Clique ensuite sur le bouton Correction
    • Si l'outil te demande de redémarrer le PC, tu acceptes


  • ---------------------------------------------------------------------------------------------

    Désinstallation des outils utilisés :

    Tu peux garder Malwarebytes et scanner ton système régulièrement avec en complément des analyses de ton antivirus.
    Ne pas oublier toutefois, avant de lancer l'analyse, de faire une recherche de mises à jour de Malwarebytes, dans l'onglet Mise à jour

    • Ferme toutes les autres fenêtres et double-clique sur OTL.exe
      /!\ Sous Vista et Windows 7, il faut lancer le fichier par clic-droit -> Exécuter en tant qu'administrateur
    • Clique sur Purge d'outils

    • Valide l'avertissement par OK et laisse le pc redémarrer


    • Relance AdwCleaner et clique sur Désinstaller
    • Supprime SXCU de ton Bureau
    • Supprime tous les rapports générés restants


  • ---------------------------------------------------------------------------------------------

    Réactive l'UAC via lPanneau de configuration -> Comptes Utilisateurs

    L’UAC représente une mesure supplémentaire pour améliorer la sécurité du système, le laisser activé est fortement recommandé.
    UAC (Contrôle de Compte Utilisateur), une mesure de sécurité supplémentaire contre les Malwares

    ---------------------------------------------------------------------------------------------

    Quelques précisions et conseils :




  • N'hésite pas si tu as des questions.

    Pour en savoir plus, clique sur l'image pour télécharger ce PDF

    -------------------------------------------------------------------------------------------

    Tu peux passer ce sujet en Résolu en éditant ton 1er post et ajouter [Résolu] dans le titre.

    Tu peux aussi, si tu le souhaites, valider une meilleure réponse, ton sujet sera alors automatiquement marqué comme Résolu.

    9 Août 2012 21:21:10

    je n'avais pas tout de suite ces pub porno, je vais attendre un peu.
    Sinon c"est mon site pro commenplus.com qui s'est fait hacké et qui a infecté plusieurs micro en interne et certains de mes clients !!

    de plus à force de mettre des outils d'analyse je eprds le contrôle de mon pc pendant 2mn environ 1/4 après sa mise en route je ne sais pas si c'est des analyses automatiques internes ou si il est sur un bootnet !!

    Cordialement
    a c 1038 8 Sécurité
    a c 107 È Firefox
    9 Août 2012 21:59:28

    Re,

    Citation :
    je n'avais pas tout de suite ces pub porno, je vais attendre un peu.


    Oui, bien sûr, mais tu n'en pas eu depuis la fin de la matinée ?

    En tout cas, tiens-nous au courant.

    Bonne soirée :) 
    10 Août 2012 10:04:51

    effectivement je n'en ai pas encore eu, mais ce matin au démarrage plus de 6mn (ne réponds pas) !!

    cordialement
    a c 1038 8 Sécurité
    a c 107 È Firefox
    10 Août 2012 11:01:05

    Bonjour,

    Citation :
    effectivement je n'en ai pas encore eu, mais ce matin au démarrage plus de 6mn (ne réponds pas) !!


    Oui, mais qu'est-ce qui tourne en fond à ce moment-là ?
    Tu en demandes peut-être un peu trop à ton PC ?
    3,75 Gb Total Physical Memory | 1,77 Gb Available Physical Memory | 47,18% Memory free

    Il te faut aussi alléger ton démarrage, tu n'as pas besoin de toutes ces applications au démarrage de Windows ou ta session.

    @+
    13 Septembre 2012 10:12:45

    Bonjour,

    je n'ai effectivement plus d'affichages non désirés, et je vous en remercie.

    j'ai commencé la désinstallation, mais je pense que j'ai du louper quelquechose car mon dossier utilisateur PhM dont je suis utilisateur est verrouillé (cadenas) et je ne vois plus le sous-répertoire appdata.

    ce dossier appdata était stocké dans otl

    merci de m'éclairer

    sinon je ne sais mettre résolu dans le titre du premier post ...

    cordialement
    a c 1038 8 Sécurité
    a c 107 È Firefox
    13 Septembre 2012 12:05:42

    Bonjour,

    Si un cadenas apparaît à ton nom utilisateur dans l'explorateur, cela ne veut pas dire qu'il soit verrouillé.
    Cela signifie simplement que le dossier n'est pas partagé.
    (clic-droit sur le dossier -> Partager avec)

    Ton dossier AppData n'est absolument pas dans la quarantaine de OTL.
    Seuls quelques éléments néfastes que nous avons ciblés avec le script OTL ont été neutralisés et stockés dans la quarantaine OTL, en attendant qu'elle soit éliminée par la purge Outils.
    J'espère que tu ne les as pas restaurés !

    Pour que le dossier AppData soit visible, il faut afficher les dossiers/fichiers cachés dans Options des dossiers -> onglet Affichage.

    @+
    Tom's guide dans le monde
    • Allemagne
    • Italie
    • Irlande
    • Royaume Uni
    • Etats Unis
    Suivre Tom's Guide
    Inscrivez-vous à la Newsletter
    • ajouter à twitter
    • ajouter à facebook
    • ajouter un flux RSS