Se connecter / S'enregistrer
Votre question

Apparition de fenêtres Pop-up Résolu

Tags :
  • Sécurité
Dernière réponse : dans Sécurité et virus
16 Octobre 2010 20:28:36

Bonjour,

Quand j'ouvre des sites internet, une fenêtre pop-up apparaît à la place du site que je souhaitais ouvrir, ou même quand mon moteur de recherche est éteint, une fenêtre pop-up apparaît inopinément. Si vous pourriez m'aider à trouver une explication et/ou solution, je vous en serais reconnaissant.


Merci.

Autres pages sur : apparition fenetres pop resolu

a c 548 8 Sécurité
17 Octobre 2010 15:22:15

Bonjour,

Des pubs pour quel genre de truc ?


A faire :

Télécharge OTL (de Old Timer) sur ton bureau.
  • Ferme toutes tes fenêtres, puis double clique sur OTL.exe pour le lancer.
    (Utilisateur de Vista/Windows 7 faites un clic droit -> "Exécuter en tant qu'administrateur")
  • Sous Personnalisation, copie-colle l'ensemble du texte ci-dessous, laisse les autres options par défaut.
    netsvcs
    msconfig
    drivers32
    %SYSTEMDRIVE%\*.exe
    %ALLUSERSPROFILE%\Application Data\*.
    %ALLUSERSPROFILE%\Application Data\*.exe /s
    %APPDATA%\*.
    %APPDATA%\*.exe /s
    %systemroot%\*. /mp /s
    %systemroot%\system32\*.dll /lockedfiles
    %systemroot%\Tasks\*.job /lockedfiles
    %systemroot%\system32\drivers\*.sys /lockedfiles
    CREATERESTOREPOINT

  • Clique sur le bouton Analyse en haut à gauche puis patiente quelques instants.
  • A la fin du scan, deux rapports s'ouvriront OTL.Txt et Extras.Txt. Copie/colle ici l'ensemble des rapports.
    PS : Les rapports sont aussi enregistrés sur le bureau

    Pour les rapports, merci d'utiliser ce service de rapport en ligne : dépose le fichier via "parcourir" et poste simplement le lien obtenu.
    17 Octobre 2010 17:20:54

    Bonsoir,


    Merci, pour les consignes, je le fais et j'envoie les résultats. Pour les pubs, ce sont généralement des pubs de sonneries, ou des jeux.
    Contenus similaires
    17 Octobre 2010 17:34:19

    Voilà, j'ai fais les scans, pour Extras : OTL Extras logfile created on: 17/10/2010 17:25:20 - Run 1
    OTL by OldTimer - Version 3.2.15.2 Folder = C:\Users\Sébastien\Downloads
    Windows Vista Home Basic Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
    Internet Explorer (Version = 8.0.6001.18702)
    Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

    3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 66,00% Memory free
    6,00 Gb Paging File | 5,00 Gb Available in Paging File | 82,00% Paging File free
    Paging file location(s): ?:\pagefile.sys [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
    Drive C: | 220,88 Gb Total Space | 88,60 Gb Free Space | 40,11% Space Free | Partition Type: NTFS

    Computer Name: PC-DE-THIERRY | User Name: Sébastien | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: Current user
    Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

    ========== Extra Registry (SafeList) ==========


    ========== File Associations ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
    .cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
    .hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

    [HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
    .html [@ = ChromeHTML.Sébastien] -- Reg Error: Key error. File not found

    ========== Shell Spawning ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
    batfile [open] -- "%1" %*
    cmdfile [open] -- "%1" %*
    comfile [open] -- "%1" %*
    cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
    exefile [open] -- "%1" %*
    helpfile [open] -- Reg Error: Key error.
    hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
    inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
    piffile [open] -- "%1" %*
    regfile [merge] -- Reg Error: Key error.
    scrfile [config] -- "%1"
    scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
    scrfile [open] -- "%1" /S
    txtfile [edit] -- Reg Error: Key error.
    Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
    Directory [AddToPlaylistVLC] -- C:\Program Files\VideoLAN\VLC\vlc.exe --started-from-file --playlist-enqueue "%1" ()
    Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
    Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~3\Office12\ONENOTE.EXE "%L" File not found
    Directory [PlayWithVLC] -- C:\Program Files\VideoLAN\VLC\vlc.exe --started-from-file --no-playlist-enqueue "%1" ()
    Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
    Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
    Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

    ========== Security Center Settings ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
    "cval" = 1
    "UacDisableNotify" = 0
    "InternetSettingsDisableNotify" = 0
    "AutoUpdateDisableNotify" = 0

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
    "DisableMonitoring" = 1

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
    "DisableMonitoring" = 1

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
    "DisableMonitoring" = 1

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
    "AntiVirusOverride" = 0
    "AntiSpywareOverride" = 0
    "FirewallOverride" = 0
    "VistaSp1" = Reg Error: Unknown registry data type -- File not found

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

    ========== System Restore Settings ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore]
    "DisableSR" = 0
    "DisableConfig" = 0

    ========== Firewall Settings ==========

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
    "EnableFirewall" = 1
    "DisableNotifications" = 0
    "DisableUnicastResponsesToMulticastBroadcast" = 0

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
    "EnableFirewall" = 1
    "DisableNotifications" = 0

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
    "EnableFirewall" = 1
    "DisableNotifications" = 0

    ========== Authorized Applications List ==========

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
    "C:\Program Files\OrangeHSS\Connectivity\ConnectivityManager.exe" = C:\Program Files\OrangeHSS\Connectivity\ConnectivityManager.exe:*:enabled:CSS -- (France Telecom SA)


    ========== Vista Active Open Ports Exception List ==========

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
    "{06CC71EB-F9B9-4E92-AD62-6CCECF9C9DD5}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
    "{11F90DBA-F4A7-489C-93F2-419DDC32DD9B}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
    "{1487DDD3-3676-4D62-A46A-066C83962052}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
    "{15537F0A-3B9F-42D3-9207-8F4E29913061}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
    "{1F521274-4D88-4C41-8758-E8FD3426B884}" = rport=445 | protocol=6 | dir=out | app=system |
    "{292FE6A1-DC3D-430F-861F-0E567CDD6978}" = lport=139 | protocol=6 | dir=in | app=system |
    "{39715AB6-100B-4C86-ACE9-D2683DC6DAFC}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
    "{4027D65A-E535-4DB1-BF73-86B9D8234D68}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
    "{4181447F-7C61-40ED-9592-D6505122D537}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
    "{49B044BE-E5F3-486B-BD8C-6E0679D29F93}" = lport=2869 | protocol=6 | dir=in | app=system |
    "{49F56796-E5F8-44DB-87FD-8CC3821E3F72}" = rport=10243 | protocol=6 | dir=out | app=system |
    "{4C6BE59D-B81C-44A3-A5CB-F3F3CEB8A35C}" = lport=2869 | protocol=6 | dir=in | app=system |
    "{4D5582D8-1744-44A0-AE31-5A7745B3A2CB}" = rport=139 | protocol=6 | dir=out | app=system |
    "{79B7BDC6-9B7B-43AD-B8F5-AD8470CDBE65}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
    "{7FBD4C4E-0AD6-4518-9D58-5A405F61EE63}" = lport=138 | protocol=17 | dir=in | app=system |
    "{81292CBE-D2DA-43D1-88F7-A7279F1E667C}" = rport=138 | protocol=17 | dir=out | app=system |
    "{8482CED5-8BFF-4B33-814D-C9B7379DDCE5}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
    "{8D9B2CA7-6A7E-4CDC-9780-7956C8DC248B}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
    "{9C5C4984-DEC2-47A1-94A8-0033F172AED5}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
    "{9DADEFC2-E8CE-460C-A703-7CEEB422B360}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
    "{A001FBE1-D3F7-4FF1-8059-3181C4B0D408}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
    "{A6D4E1F6-FC5E-4911-931E-E4BE0EB15A64}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
    "{AC6E8573-1023-461A-A22C-F5258370DCF8}" = lport=445 | protocol=6 | dir=in | app=system |
    "{CC04CEC0-4DBC-4A46-A903-CB22D35652C0}" = rport=137 | protocol=17 | dir=out | app=system |
    "{CD9D579C-A538-457B-87B1-CC79038F007B}" = lport=137 | protocol=17 | dir=in | app=system |
    "{CFB3EB37-7987-4371-BA41-A6EC32745BB8}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
    "{EBA636A8-222E-44F8-8D68-E366E195978C}" = lport=10243 | protocol=6 | dir=in | app=system |
    "{F29AF43A-234B-4DF8-B942-5EE5A4BB8880}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
    "{FF6EACA6-D793-4F89-B82F-77DBC1B625D2}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |

    ========== Vista Active Application Exception List ==========

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
    "{0090916C-DEA0-4FD4-B61E-C1447565D162}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
    "{0463D2EF-1546-4F34-8E7F-D638E7277F10}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
    "{04BAB969-0D81-40A2-A1BA-B93EDE48B8FD}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
    "{15A8364E-9ABE-4BB6-AB48-A1C12583D6E7}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
    "{16B93259-5213-4901-858D-16791CA2DA5F}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
    "{2454BCDC-EAED-425E-834F-E4CC71251662}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
    "{2FDBBEF5-0114-466A-916F-01FC34514178}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
    "{376DCAE0-D563-43DF-A1D5-F46677A07F0E}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
    "{5009C9CA-AEF3-4A80-92BC-E6F4B039EE23}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
    "{58C87381-5176-4557-A8EB-254FFD27DEFF}" = protocol=17 | dir=in | app=c:\program files\utorrent\utorrent.exe |
    "{64F25C40-9E02-4F40-9DA7-C108E09C8CAC}" = protocol=17 | dir=in | app=c:\program files\teamviewer\version5\teamviewer.exe |
    "{704789B4-A823-4EEC-9B27-CF7CD685EA95}" = protocol=6 | dir=in | app=c:\program files\utorrent\utorrent.exe |
    "{70FD93F7-6BDC-4C22-90B2-1BC1978776C4}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
    "{71C8C0AE-B518-4F09-8369-8323211D48CD}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
    "{7BD960A6-866C-4C4D-B193-070BB09CE9EE}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
    "{7E2C1482-0721-45A0-B426-C56E2AEA84F4}" = dir=in | app=c:\program files\cyberlink\powercinema\kernel\dmp\clbrowserengine.exe |
    "{8A7D5BA0-0A7F-4152-A8C2-1D7F61DBFFB3}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
    "{9E4911BD-F3CE-450B-AF73-E99C2A8EFAB3}" = dir=in | app=c:\program files\cyberlink\powercinema\kernel\dms\clmsservice.exe |
    "{A4F2582B-CE6A-4BE3-AB22-E5425146558C}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
    "{B46A7561-9065-49EC-94E2-FB46E510896E}" = dir=in | app=c:\program files\cyberlink\playmovie\playmovie.exe |
    "{C15E34EE-85AE-4B3B-950E-B6A1D12CA58F}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
    "{C1B71731-04E0-4A17-BCD8-029197A0A5EE}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
    "{C221D5DC-59F6-4DBF-9F4C-F04ADF1E9F3E}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
    "{C38BE55C-98CE-4562-B168-1752299F98B8}" = protocol=6 | dir=out | app=system |
    "{CB000AEF-01E4-4DA6-80D7-75D0ACF2AAD6}" = dir=in | app=c:\program files\cyberlink\playmovie\pmvservice.exe |
    "{CCF3795B-38C0-47D0-84C1-7FDDFB767B24}" = dir=in | app=c:\program files\cyberlink\powercinema\pcmservice.exe |
    "{D41FEA7B-0A88-4D51-9115-FD46A000CF1E}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
    "{D8A3CEA2-9840-418C-B1B8-3BFC769CAEC2}" = dir=in | app=c:\program files\itunes\itunes.exe |
    "{DB8A88AD-EC37-4842-9470-E2D4C5619136}" = protocol=6 | dir=in | app=c:\program files\teamviewer\version5\teamviewer_service.exe |
    "{DD08E880-F8DB-4AA9-A4B0-9D0BB3DEE84E}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
    "{E1DC78F3-2F84-4277-866A-14DC2C879EB8}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
    "{E2670965-7EFA-4AE5-B1DE-9236D6968AB0}" = dir=in | app=c:\program files\cyberlink\powercinema\powercinema.exe |
    "{E7F8C145-81CF-422B-A297-3C2AFEA363A1}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
    "{F04ABF46-6380-482F-91BC-1FF04D791CD0}" = protocol=17 | dir=in | app=c:\program files\teamviewer\version5\teamviewer_service.exe |
    "{FA4D0FC8-AB48-46BC-B839-0C69EB5FA392}" = protocol=6 | dir=in | app=c:\program files\teamviewer\version5\teamviewer.exe |
    "TCP Query User{BB178EA4-345D-48A3-AC64-1833542E9A6C}C:\program files\google\google earth\client\googleearth.exe" = protocol=6 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe |
    "TCP Query User{D38E9ABF-A5CC-428C-A56D-1838A65A28A2}C:\program files\limewire\limewire.exe" = protocol=6 | dir=in | app=c:\program files\limewire\limewire.exe |
    "UDP Query User{47DC6F9A-0796-47A4-8F22-0C046F0F167C}C:\program files\google\google earth\client\googleearth.exe" = protocol=17 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe |
    "UDP Query User{4AA21F47-294A-4904-97D2-1F3E74712CF5}C:\program files\limewire\limewire.exe" = protocol=17 | dir=in | app=c:\program files\limewire\limewire.exe |

    ========== HKEY_LOCAL_MACHINE Uninstall List ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "{0214A441-A4AB-43A8-8DEF-2F73C5364673}" = Microsoft Works
    "{0C43186B-CB49-4095-B2F0-90B35E17096B}" = MP Manager
    "{0ED40D2A-7131-4FE7-941E-5C329336F712}" = HDReg France
    "{0FA44E79-CD7D-4E8D-A2EE-26FE05F509B6}" = OpenOffice.org 3.1
    "{10E1E87C-656C-4D08-86D6-5443D28583BE}" = TrayApp
    "{13F00518-807A-4B3A-83B0-A7CD90F3A398}" = MarketResearch
    "{1753255A-0AEB-4220-8C75-607B73F0C133}" = Copy
    "{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
    "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
    "{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Outil de téléchargement Windows Live
    "{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
    "{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
    "{2637C347-9DAD-11D6-9EA2-00055D0CA761}" = CyberLink PowerCinema
    "{26A24AE4-039D-4CA4-87B4-2F83216016FF}" = Java(TM) 6 Update 20
    "{29FA38B4-0AE4-4D0D-8A51-6165BB990BB0}" = WebReg
    "{2CE5A2E7-3437-4CE7-BCF4-85ED6EEFF9E4}" = iTunes
    "{2F28B3C9-2C89-4206-8B33-8ADC9577C49B}" = Scan
    "{381D847E-7E56-4E82-B261-F799E0F40EB4}" = PHOTOfunSTUDIO 4.0 HD Edition
    "{3921A67A-5AB1-4E48-9444-C71814CF3027}" = VCRedistSetup
    "{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
    "{3EE33958-7381-4E7B-A4F3-6E43098E9E9C}" = Browser Address Error Redirector
    "{402ED4A1-8F5B-387A-8688-997ABF58B8F2}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
    "{4286E640-B5FB-11DF-AC4B-005056C00008}" = Google Earth
    "{46ABBC54-1872-4AA3-95E2-F2C063A63F31}" = Installation Windows Live
    "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
    "{543E938C-BDC4-4933-A612-01293996845F}" = UnloadSupport
    "{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
    "{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}" = Microsoft Office Live Add-in 1.3
    "{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}" = Skype™ 3.6
    "{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder
    "{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder
    "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
    "{770F1BEC-2871-4E70-B837-FB8525FFA3B1}" = Windows Live Messenger
    "{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}" = Windows Live Call
    "{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
    "{87E2B986-07E8-477a-93DC-AF0B6758B192}" = DocProcQFolder
    "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
    "{90120000-0016-040C-0000-0000000FF1CE}" = Microsoft Office Excel MUI (French) 2007
    "{90120000-0016-040C-0000-0000000FF1CE}_HOMESTUDENTR_{A0353900-21A2-42CF-B973-883500A027F7}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
    "{90120000-0018-040C-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (French) 2007
    "{90120000-0018-040C-0000-0000000FF1CE}_HOMESTUDENTR_{A0353900-21A2-42CF-B973-883500A027F7}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
    "{90120000-001B-040C-0000-0000000FF1CE}" = Microsoft Office Word MUI (French) 2007
    "{90120000-001B-040C-0000-0000000FF1CE}_HOMESTUDENTR_{A0353900-21A2-42CF-B973-883500A027F7}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
    "{90120000-001F-0401-0000-0000000FF1CE}" = Microsoft Office Proof (Arabic) 2007
    "{90120000-001F-0401-0000-0000000FF1CE}_HOMESTUDENTR_{5A2F65A4-808F-4A1E-973E-92E17824982D}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
    "{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
    "{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{2AB528A5-BB1B-4EBE-8E51-AD0C4CD33CA9}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
    "{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
    "{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{3EC77D26-799B-4CD8-914F-C1565E796173}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
    "{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
    "{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{430971B1-C31E-45DA-81E0-72C095BAB72C}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
    "{90120000-001F-0413-0000-0000000FF1CE}" = Microsoft Office Proof (Dutch) 2007
    "{90120000-001F-0413-0000-0000000FF1CE}_HOMESTUDENTR_{B3F4DC34-7F60-4B7C-A79F-1C13012D99D4}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
    "{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
    "{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{F7A31780-33C4-4E39-951A-5EC9B91D7BF1}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
    "{90120000-0020-040C-0000-0000000FF1CE}" = Module de compatibilité pour Microsoft Office System 2007
    "{90120000-002C-040C-0000-0000000FF1CE}" = Microsoft Office Proofing (French) 2007
    "{90120000-006E-040C-0000-0000000FF1CE}" = Microsoft Office Shared MUI (French) 2007
    "{90120000-006E-040C-0000-0000000FF1CE}_HOMESTUDENTR_{EC50B538-CBE1-42E6-B7FE-87AA540AADFB}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
    "{90120000-00A1-040C-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (French) 2007
    "{90120000-00A1-040C-0000-0000000FF1CE}_HOMESTUDENTR_{A0353900-21A2-42CF-B973-883500A027F7}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
    "{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
    "{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{BEE75E01-DD3F-4D5F-B96C-609E6538D419}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
    "{93F54611-2701-454e-94AB-623F458D9E6B}" = DeviceDiscovery
    "{95120000-00AF-040C-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (French)
    "{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
    "{980B9958-1239-4FC5-8C88-AC5650321036}" = Nero 8 Essentials
    "{98613C99-1399-416C-A07C-1EE1C585D872}" = SeaTools for Windows
    "{A036E231-5A03-4d63-94F6-7864CC77EC48}" = PS_AIO_ProductContext
    "{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
    "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
    "{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
    "{AC76BA86-7AD7-1036-7B44-A94000000001}" = Adobe Reader 9.4.0 - Français
    "{AEA07F97-9088-497c-8821-0F36BD5DC251}" = HPProductAssistant
    "{AF7FC1CA-79DF-43c3-90A3-33EFEB9294CE}" = AIO_Scan
    "{B22C19AE-6A67-4f28-B541-5AE72FB17A25}" = HP Photosmart All-In-One Software 9.0
    "{B311B6E0-480B-4628-A77E-92D73CE71F3D}" = Notification Mail
    "{BCD6CD1A-0DBE-412E-9F25-3B500D1E6BA1}" = SolutionCenter
    "{C1CD3A53-1EA2-4993-7749-C75B878B42E5}" = Deezer Desktop
    "{C1ED9991-185D-4DFC-984C-F1FC84F35969}" = Badoo Desktop
    "{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update
    "{CCA1EEA3-555E-4D05-AC46-4B49C6C5D887}" = Apple Mobile Device Support
    "{D0E39A1D-0CEE-4D85-B4A2-E3BE990D075E}" = Destination Component
    "{D13FE823-C575-4451-AC37-E645A67AA581}_1.0.0.0" = Orange Installeur version 1.0.0.0
    "{D642E38E-0D24-486C-9A2D-E316DD696F4B}" = Microsoft XML Parser
    "{DAEAFD68-BB4A-4507-A241-C8804D2EA66D}" = Apple Application Support
    "{DC24971E-1946-445D-8A82-CE685433FA7D}" = Realtek USB 2.0 Card Reader
    "{DCE8CD14-FBF5-4464-B9A4-E18E473546C7}" = Assistant de connexion Windows Live
    "{E2662C24-B31E-4349-A084-32EB76E8B760}" = BufferChm
    "{E39A3770-3DDE-404c-B91F-3522947874A3}" = PS_AIO_Software_min
    "{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant
    "{E59113EB-0285-4BFD-A37A-B79EAC6B8F4B}" = Microsoft SQL Server Compact 3.5 SP1 English
    "{E7004147-2CCA-431C-AA05-2AB166B9785D}" = QuickTime
    "{E9C18EBD-85BE-47D0-AA73-3FEDCC976B04}" = Toolbox
    "{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
    "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
    "{F1E63043-54FC-429B-AB2C-31AF9FBA4BC7}" = 32 Bit HP CIO Components Installer
    "{F54AC413-D2C6-4A24-B324-370C223C6250}" = Adobe Photoshop Elements 6.0
    "{FA4FA322-5C90-4d2b-A019-9E588273DED5}" = PS_AIO_Software
    "{FD8D8B04-BEAD-4A55-AA1D-62D2373E7DEA}" = Status
    "{FF1C31AE-0CDC-40CE-AB85-406F8B70D643}" = Bonjour
    "{ORAHSS}.UninstallSuite" = Orange - Logiciels Internet
    "Adobe AIR" = Adobe AIR
    "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
    "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
    "Adobe Photoshop Elements 6" = Adobe Photoshop Elements 6.0
    "Adobe Shockwave Player" = Adobe Shockwave Player 11.5
    "AdobePE6" = Adobe Photoshop Elements 6
    "AdobeReader" = Adobe Reader 8
    "Ask.com Search Assistant" = Ask.com Search Assistant 1.0.2
    "AssaultCube_v1.0" = AssaultCube v1.0
    "Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
    "AxCrypt" = AxCrypt (Désinstaller uniquement)
    "CamStudio 2.0 Fr_is1" = CamStudio 2.0 Fr
    "CCleaner" = CCleaner
    "DDD Pool" = DDD Pool 1.2
    "DeezerDesktop.003CB2DDEA6AC0BFA0D6CFCD9422B800DAC858A3.1" = Deezer Desktop
    "Dofus 1.28.0" = Dofus 1.28.0
    "ENJOY Plus!" = ENJOY Plus!
    "EoRezo_is1" = EoRezo 10.3
    "Google Desktop" = Google Desktop
    "GoogleBAE" = Google BAE
    "GoogleDesktop_XX" = GoogleDesktop
    "GoogleToolbar" = Google Toolbar
    "GOPlayer" = GOPlayer
    "HDMI" = Intel(R) Graphics Media Accelerator Driver
    "HOMESTUDENTR" = Microsoft Office Home and Student 2007
    "HP Imaging Device Functions" = HP Imaging Device Functions 9.0
    "HP Solution Center & Imaging Support Tools" = HP Solution Center 9.0
    "HPExtendedCapabilities" = HP Customer Participation Program 9.0
    "ImageWriter" = Packard Bell ImageWriter
    "Infocentre" = Infocentre Rev. 2.0.0.1
    "InstallShield_{2637C347-9DAD-11D6-9EA2-00055D0CA761}" = CyberLink PowerCinema
    "LCDTest" = Packard Bell LCD Test
    "McAfee Security Scan" = McAfee Security Scan Plus
    "Messenger Plus! Live" = Messenger Plus! Live
    "METABOLI" = Metaboli
    "Nero8" = Nero 8 Essentials
    "OFF2k7_FR" = Microsoft® Office Trial 2007
    "OpenAL" = OpenAL
    "OrangeToolbarFR" = barre d'outils Orange
    "PhotoFiltre" = PhotoFiltre
    "PhotoScape" = PhotoScape
    "Picasa 3" = Picasa 3
    "PowerCinema6" = Power Cinema 6
    "radiodofus Toolbar" = radiodofus Toolbar
    "SETUPMYPC_FR" = SetUp My PC
    "ShockwaveFlash" = Adobe Flash Player 9 ActiveX
    "SKYPE" = Skype 3.6.2.248
    "SoftwareUpdate_is1" = SoftwareUpdate 1.0
    "SpiderMessenger_is1" = SpiderMessenger 1.0
    "SynTPDeinstKey" = Synaptics Pointing Device Driver
    "TeamViewer 5" = TeamViewer 5
    "Updator" = Packard Bell Updator
    "uTorrent" = µTorrent
    "Virtual DJ - Atomix Productions" = Virtual DJ - Atomix Productions
    "VLC media player" = VLC media player 0.9.8a
    "WinLiveSuite_Wave3" = Installation Windows Live
    "WinRAR archiver" = Archiveur WinRAR
    "works9se" = Microsoft Works 9 SE
    "X10Hardware" = X10 Hardware(TM)
    "XileROPatch v4 4" = XileROPatch v4 4

    ========== HKEY_CURRENT_USER Uninstall List ==========

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "Google Chrome" = Google Chrome

    ========== Last 10 Event Log Errors ==========

    [ Application Events ]
    Error - 17/10/2010 10:59:36 | Computer Name = PC-de-thierry | Source = Microsoft-Windows-CAPI2 | ID = 131083
    Description =

    Error - 17/10/2010 10:59:36 | Computer Name = PC-de-thierry | Source = Microsoft-Windows-CAPI2 | ID = 131083
    Description =

    Error - 17/10/2010 10:59:41 | Computer Name = PC-de-thierry | Source = WinMgmt | ID = 10
    Description =

    Error - 17/10/2010 11:00:04 | Computer Name = PC-de-thierry | Source = Microsoft-Windows-CAPI2 | ID = 131083
    Description =

    Error - 17/10/2010 11:02:58 | Computer Name = PC-de-thierry | Source = Microsoft-Windows-CAPI2 | ID = 131083
    Description =

    Error - 17/10/2010 11:05:00 | Computer Name = PC-de-thierry | Source = Microsoft-Windows-CAPI2 | ID = 131083
    Description =

    Error - 17/10/2010 11:10:21 | Computer Name = PC-de-thierry | Source = Microsoft-Windows-CAPI2 | ID = 131083
    Description =

    Error - 17/10/2010 11:10:32 | Computer Name = PC-de-thierry | Source = Microsoft-Windows-CAPI2 | ID = 131083
    Description =

    Error - 17/10/2010 11:11:37 | Computer Name = PC-de-thierry | Source = Microsoft-Windows-CAPI2 | ID = 131083
    Description =

    Error - 17/10/2010 11:24:45 | Computer Name = PC-de-thierry | Source = Microsoft-Windows-CAPI2 | ID = 131083
    Description =

    [ OSession Events ]
    Error - 11/11/2009 04:37:04 | Computer Name = PC-de-thierry | Source = Microsoft Office 12 Sessions | ID = 7001
    Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application
    Version: 12.0.6300.5000, Microsoft Office Version: 12.0.6215.1000. This session
    lasted 23 seconds with 0 seconds of active time. This session ended with a crash.

    Error - 16/01/2010 04:47:57 | Computer Name = PC-de-thierry | Source = Microsoft Office 12 Sessions | ID = 7001
    Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application
    Version: 12.0.6300.5000, Microsoft Office Version: 12.0.6215.1000. This session
    lasted 113 seconds with 60 seconds of active time. This session ended with a crash.

    Error - 15/04/2010 11:54:07 | Computer Name = PC-de-thierry | Source = Microsoft Office 12 Sessions | ID = 7001
    Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application
    Version: 12.0.6300.5000, Microsoft Office Version: 12.0.6215.1000. This session
    lasted 38 seconds with 0 seconds of active time. This session ended with a crash.

    Error - 06/07/2010 16:34:03 | Computer Name = PC-de-thierry | Source = Microsoft Office 12 Sessions | ID = 7001
    Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application
    Version: 12.0.6300.5000, Microsoft Office Version: 12.0.6215.1000. This session
    lasted 37 seconds with 0 seconds of active time. This session ended with a crash.

    Error - 13/07/2010 16:24:49 | Computer Name = PC-de-thierry | Source = Microsoft Office 12 Sessions | ID = 7001
    Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application
    Version: 12.0.6300.5000, Microsoft Office Version: 12.0.6215.1000. This session
    lasted 135 seconds with 120 seconds of active time. This session ended with a crash.

    [ System Events ]
    Error - 16/10/2010 03:21:08 | Computer Name = PC-de-thierry | Source = Service Control Manager | ID = 7006
    Description =

    Error - 16/10/2010 04:06:12 | Computer Name = PC-de-thierry | Source = HTTP | ID = 15016
    Description =

    Error - 16/10/2010 04:06:54 | Computer Name = PC-de-thierry | Source = Service Control Manager | ID = 7000
    Description =

    Error - 16/10/2010 04:13:36 | Computer Name = PC-de-thierry | Source = Service Control Manager | ID = 7006
    Description =

    Error - 16/10/2010 10:52:24 | Computer Name = PC-de-thierry | Source = HTTP | ID = 15016
    Description =

    Error - 16/10/2010 10:53:05 | Computer Name = PC-de-thierry | Source = Service Control Manager | ID = 7000
    Description =

    Error - 17/10/2010 03:11:55 | Computer Name = PC-de-thierry | Source = HTTP | ID = 15016
    Description =

    Error - 17/10/2010 03:12:30 | Computer Name = PC-de-thierry | Source = Service Control Manager | ID = 7000
    Description =

    Error - 17/10/2010 10:59:06 | Computer Name = PC-de-thierry | Source = HTTP | ID = 15016
    Description =

    Error - 17/10/2010 10:59:41 | Computer Name = PC-de-thierry | Source = Service Control Manager | ID = 7000
    Description =


    < End of report >


    OTL :


    OTL logfile created on: 17/10/2010 17:25:20 - Run 1
    OTL by OldTimer - Version 3.2.15.2 Folder = C:\Users\Sébastien\Downloads
    Windows Vista Home Basic Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
    Internet Explorer (Version = 8.0.6001.18702)
    Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

    3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 66,00% Memory free
    6,00 Gb Paging File | 5,00 Gb Available in Paging File | 82,00% Paging File free
    Paging file location(s): ?:\pagefile.sys [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
    Drive C: | 220,88 Gb Total Space | 88,60 Gb Free Space | 40,11% Space Free | Partition Type: NTFS

    Computer Name: PC-DE-THIERRY | User Name: Sébastien | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: Current user
    Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

    ========== Processes (SafeList) ==========

    PRC - [2010/10/17 17:22:19 | 000,574,464 | ---- | M] (OldTimer Tools) -- C:\Users\Sébastien\Downloads\OTL.exe
    PRC - [2010/09/24 15:36:59 | 001,960,744 | ---- | M] (TeamViewer GmbH) -- C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe
    PRC - [2010/08/17 13:39:03 | 000,135,336 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
    PRC - [2010/08/17 13:38:55 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
    PRC - [2010/08/17 13:38:55 | 000,267,944 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
    PRC - [2010/08/13 12:58:56 | 000,144,672 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    PRC - [2010/06/22 17:15:58 | 002,506,424 | ---- | M] (Agence Exclusive) -- C:\Program Files\SpiderMessenger\SpiderMessenger.exe
    PRC - [2010/06/19 11:14:59 | 000,030,192 | ---- | M] (Google) -- C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
    PRC - [2010/01/15 14:49:20 | 000,255,536 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe
    PRC - [2010/01/14 22:11:14 | 000,076,968 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
    PRC - [2009/02/06 18:07:48 | 000,027,512 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Contacts\wlcomm.exe
    PRC - [2008/12/09 11:13:14 | 000,368,224 | ---- | M] (EoRezo) -- C:\Users\Sébastien\AppData\Roaming\eoRezo\SoftwareUpdate\SoftwareUpdateHP.exe
    PRC - [2008/10/29 08:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
    PRC - [2008/08/04 11:16:46 | 006,265,376 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe
    PRC - [2008/05/22 17:08:51 | 000,068,856 | ---- | M] (Google Inc.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    PRC - [2008/04/11 23:22:06 | 000,196,608 | ---- | M] (CyberLink) -- C:\Program Files\CyberLink\PowerCinema\Kernel\CLML\CLMLSvc.exe
    PRC - [2008/03/31 10:51:42 | 000,172,032 | ---- | M] (CyberLink Corp.) -- C:\Program Files\CyberLink\PlayMovie\PMVService.exe
    PRC - [2008/03/21 20:56:56 | 000,143,360 | ---- | M] (CyberLink Corp.) -- C:\Program Files\CyberLink\PowerCinema\PCMAgent.exe
    PRC - [2008/02/04 12:13:36 | 001,038,136 | ---- | M] (Packard Bell BV) -- C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe
    PRC - [2008/01/21 04:33:00 | 001,008,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MSASCui.exe
    PRC - [2008/01/14 14:12:30 | 001,688,872 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe
    PRC - [2007/12/11 21:19:58 | 000,065,536 | ---- | M] (France Telecom SA) -- C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTCOMModule\0\FTCOMModule.exe
    PRC - [2007/12/11 21:19:44 | 000,065,536 | ---- | M] (France Telecom SA) -- C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
    PRC - [2007/12/11 21:17:42 | 000,090,112 | ---- | M] (France Telecom SA) -- C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\AlertModule\0\AlertModule.exe
    PRC - [2007/12/11 20:46:12 | 000,094,208 | ---- | M] (France Telecom SA) -- C:\Program Files\OrangeHSS\systray\systrayapp.exe
    PRC - [2007/12/11 20:39:22 | 000,598,016 | ---- | M] (France Telecom SA) -- C:\Program Files\OrangeHSS\Launcher\Launcher.exe
    PRC - [2007/12/11 20:23:38 | 000,716,800 | ---- | M] (France Telecom SA) -- C:\Program Files\OrangeHSS\connectivity\connectivitymanager.exe
    PRC - [2007/12/11 20:22:38 | 000,028,672 | ---- | M] (France Telecom SA) -- C:\Program Files\OrangeHSS\connectivity\CoreCom\OraConfigRecover.exe
    PRC - [2007/12/11 20:22:32 | 000,364,544 | ---- | M] (France Telecom SA) -- C:\Program Files\OrangeHSS\connectivity\CoreCom\CoreCom.exe
    PRC - [2007/09/11 00:45:04 | 000,124,832 | ---- | M] () -- C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe
    PRC - [2007/06/15 12:57:42 | 000,145,504 | ---- | M] (B.H.A Corporation) -- C:\Windows\System32\bgsvcgen.exe
    PRC - [2001/11/12 13:31:48 | 000,020,480 | ---- | M] (X10) -- C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe


    ========== Modules (SafeList) ==========

    MOD - [2010/10/17 17:22:19 | 000,574,464 | ---- | M] (OldTimer Tools) -- C:\Users\Sébastien\Downloads\OTL.exe
    MOD - [2008/01/21 04:34:21 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msscript.ocx
    MOD - [2008/01/21 04:33:14 | 001,684,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll


    ========== Win32 Services (SafeList) ==========

    SRV - [2010/09/24 15:36:59 | 001,960,744 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe -- (TeamViewer5)
    SRV - [2010/08/17 13:39:03 | 000,135,336 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
    SRV - [2010/08/17 13:38:55 | 000,267,944 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
    SRV - [2010/08/13 12:58:56 | 000,144,672 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
    SRV - [2010/06/19 11:14:59 | 000,030,192 | ---- | M] (Google) [On_Demand | Stopped] -- C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe -- (GoogleDesktopManager-051210-111108)
    SRV - [2010/02/24 23:52:00 | 003,411,964 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\Windows\System32\GameMon.des -- (npggsvc)
    SRV - [2010/01/15 14:49:20 | 000,227,232 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe -- (McComponentHostService)
    SRV - [2008/05/22 16:32:50 | 000,647,680 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
    SRV - [2008/01/21 04:33:00 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)
    SRV - [2007/12/11 21:19:44 | 000,065,536 | ---- | M] (France Telecom SA) [Auto | Running] -- C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe -- (FTRTSVC)
    SRV - [2007/09/11 00:45:04 | 000,124,832 | ---- | M] () [Auto | Running] -- C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe -- (AdobeActiveFileMonitor6.0)
    SRV - [2007/06/15 12:57:42 | 000,145,504 | ---- | M] (B.H.A Corporation) [Auto | Running] -- C:\Windows\System32\bgsvcgen.exe -- (bgsvcgen)
    SRV - [2001/11/12 13:31:48 | 000,020,480 | ---- | M] (X10) [Auto | Running] -- C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe -- (x10nets)


    ========== Driver Services (SafeList) ==========

    DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
    DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
    DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\ipinip.sys -- (IpInIp)
    DRV - [2010/08/17 13:39:11 | 000,126,856 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)
    DRV - [2010/08/17 13:39:11 | 000,060,936 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
    DRV - [2010/06/17 15:28:02 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
    DRV - [2008/08/06 10:26:08 | 000,124,928 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169)
    DRV - [2008/08/04 11:02:46 | 002,161,496 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RTKVHDA.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
    DRV - [2008/07/11 04:20:10 | 002,381,312 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\igdkmd32.sys -- (igfx)
    DRV - [2008/03/31 10:52:10 | 000,041,456 | ---- | M] (Cyberlink Corp.) [Kernel | Auto | Running] -- C:\Program Files\CyberLink\PlayMovie\000.fcl -- ({49DE1C67-83F8-4102-99E0-C16DCC7EEC796})
    DRV - [2008/02/20 22:01:08 | 000,060,416 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RTSTOR.sys -- (RTSTOR)
    DRV - [2008/01/21 04:32:53 | 000,149,560 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320)
    DRV - [2008/01/21 04:32:53 | 000,031,288 | ---- | M] (LSI Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasas.sys -- (megasas)
    DRV - [2008/01/21 04:32:52 | 000,386,616 | ---- | M] (LSI Corporation, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasr.sys -- (MegaSR)
    DRV - [2008/01/21 04:32:52 | 000,101,432 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m)
    DRV - [2008/01/21 04:32:52 | 000,074,808 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4)
    DRV - [2008/01/21 04:32:52 | 000,040,504 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs)
    DRV - [2008/01/21 04:32:51 | 000,300,600 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci)
    DRV - [2008/01/21 04:32:51 | 000,089,656 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS)
    DRV - [2008/01/21 04:32:50 | 001,122,360 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300)
    DRV - [2008/01/21 04:32:50 | 000,118,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60) Intel(R)
    DRV - [2008/01/21 04:32:50 | 000,079,928 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas)
    DRV - [2008/01/21 04:32:49 | 000,235,064 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV)
    DRV - [2008/01/21 04:32:49 | 000,130,616 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid)
    DRV - [2008/01/21 04:32:49 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2)
    DRV - [2008/01/21 04:32:49 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC)
    DRV - [2008/01/21 04:32:49 | 000,079,416 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arc.sys -- (arc)
    DRV - [2008/01/21 04:32:48 | 000,342,584 | ---- | M] (Emulex) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor)
    DRV - [2008/01/21 04:32:48 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI)
    DRV - [2008/01/21 04:32:47 | 000,102,968 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid)
    DRV - [2008/01/21 04:32:47 | 000,045,112 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor)
    DRV - [2008/01/21 04:32:46 | 000,422,968 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx)
    DRV - [2008/01/21 04:32:45 | 000,238,648 | ---- | M] (ULi Electronics Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci)
    DRV - [2008/01/21 04:32:21 | 000,020,024 | ---- | M] (VIA Technologies, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\viaide.sys -- (viaide)
    DRV - [2008/01/21 04:32:21 | 000,019,000 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide)
    DRV - [2008/01/21 04:32:21 | 000,017,464 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\aliide.sys -- (aliide)
    DRV - [2007/11/08 07:10:00 | 000,288,768 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RTL8187B.sys -- (RTL8187B)
    DRV - [2007/06/08 04:53:56 | 000,187,448 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SynTP.sys -- (SynTP)
    DRV - [2006/11/28 21:46:22 | 000,028,224 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\PCAMp50.sys -- (PCAMp50)
    DRV - [2006/11/28 21:46:20 | 000,027,072 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\PCASp50.sys -- (PCASp50)
    DRV - [2006/11/17 10:31:04 | 000,013,976 | ---- | M] (X10 Wireless Technology, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\x10hid.sys -- (X10Hid)
    DRV - [2006/11/02 11:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx)
    DRV - [2006/11/02 11:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata)
    DRV - [2006/11/02 11:50:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960)
    DRV - [2006/11/02 11:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp)
    DRV - [2006/11/02 11:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx)
    DRV - [2006/11/02 11:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid)
    DRV - [2006/11/02 11:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi)
    DRV - [2006/11/02 11:50:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx)
    DRV - [2006/11/02 11:50:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3)
    DRV - [2006/11/02 11:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x)
    DRV - [2006/11/02 11:49:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi)
    DRV - [2006/11/02 10:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
    DRV - [2006/11/02 10:24:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer)
    DRV - [2006/11/02 10:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp)
    DRV - [2006/11/02 10:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo)
    DRV - [2006/11/02 10:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm)
    DRV - [2006/11/02 10:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm)
    DRV - [2006/11/02 09:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi)
    DRV - [2006/02/20 19:17:40 | 000,033,408 | ---- | M] (B.H.A Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\cdrbsdrv.sys -- (cdrbsdrv)
    DRV - [2005/01/04 11:43:08 | 000,004,682 | ---- | M] (INCA Internet Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\npptNT2.sys -- (NPPTNT2)


    ========== Standard Registry (SafeList) ==========


    ========== Internet Explorer ==========

    IE - HKLM\..\URLSearchHook: {b905bc9d-6059-4517-a6b4-950d26299a2b} - C:\Program Files\radiodofus\tbradi.dll (Conduit Ltd.)

    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.packardbell.com/?id=9136
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,First Home Page = http://y.lo.st
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://y.lo.st
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
    IE - HKCU\..\URLSearchHook: {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\OrangeHSS\SearchURLHook\SearchPageURL.dll ()
    IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

    FF - HKLM\software\mozilla\Firefox\Extensions\\SpiderMessengerHelper@spidermessenger.com: C:\Program Files\SpiderMessenger [2010/07/16 12:23:08 | 000,000,000 | ---D | M]


    O1 HOSTS File: ([2006/09/18 23:41:30 | 000,000,736 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
    O1 - Hosts: ::1 localhost
    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
    O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
    O2 - BHO: (SpiderMessenger_BHO Class) - {ADE49752-DBBC-43A3-9498-379A82F574BF} - C:\Program Files\SpiderMessenger\SpiderMessenger.BHO.dll (Soft2PC)
    O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5612.1312\swg.dll (Google Inc.)
    O2 - BHO: (radiodofus Toolbar) - {b905bc9d-6059-4517-a6b4-950d26299a2b} - C:\Program Files\radiodofus\tbradi.dll (Conduit Ltd.)
    O2 - BHO: (EOBHO Class) - {C10DC1F4-CCDF-4224-A24D-B23AFC3573C8} - C:\Program Files\EoRezo\EoRezoBHO.dll (EoRezo)
    O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Google\Google_BAE\BAE.dll (Packard Bell)
    O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
    O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
    O3 - HKLM\..\Toolbar: (radiodofus Toolbar) - {b905bc9d-6059-4517-a6b4-950d26299a2b} - C:\Program Files\radiodofus\tbradi.dll (Conduit Ltd.)
    O3 - HKLM\..\Toolbar: (barre d'outils Orange) - {D3028143-6145-4318-99D3-3EDCE54A95A9} - C:\Program Files\Orange\ToolbarFR\ToolbarContainer101000317.dll (Orange)
    O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
    O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
    O3 - HKCU\..\Toolbar\WebBrowser: (radiodofus Toolbar) - {B905BC9D-6059-4517-A6B4-950D26299A2B} - C:\Program Files\radiodofus\tbradi.dll (Conduit Ltd.)
    O3 - HKCU\..\Toolbar\WebBrowser: (barre d'outils Orange) - {D3028143-6145-4318-99D3-3EDCE54A95A9} - C:\Program Files\Orange\ToolbarFR\ToolbarContainer101000317.dll (Orange)
    O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
    O4 - HKLM..\Run: [CLMLServer] C:\Program Files\CyberLink\PowerCinema\Kernel\CLML\CLMLSvc.exe (CyberLink)
    O4 - HKLM..\Run: [EoEngine] File not found
    O4 - HKLM..\Run: [EoWeather] File not found
    O4 - HKLM..\Run: [Google Desktop Search] C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe (Google)
    O4 - HKLM..\Run: [Google Quick Search Box] C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe (Google Inc.)
    O4 - HKLM..\Run: [MailNotifierSessionManager] C:\Program Files\Orange\Notification Mail\SessionManager\SessionManager.exe (France Telecom SA)
    O4 - HKLM..\Run: [ORAHSSSessionManager] C:\Program Files\OrangeHSS\SessionManager\SessionManager.exe (France Telecom SA)
    O4 - HKLM..\Run: [PCMAgent] C:\Program Files\CyberLink\PowerCinema\PCMAgent.exe (CyberLink Corp.)
    O4 - HKLM..\Run: [PlayMovie] C:\Program Files\CyberLink\PlayMovie\PMVService.exe (CyberLink Corp.)
    O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
    O4 - HKLM..\Run: [SpiderMessenger] File not found
    O4 - HKLM..\Run: [toolbar_eula_launcher] C:\Program Files\Packard Bell\GOOGLE_EULA\EULALauncher.exe ( )
    O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
    O4 - HKCU..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe (Nero AG)
    O4 - HKCU..\Run: [SmpcSys] C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe (Packard Bell BV)
    O4 - HKCU..\Run: [SpiderMessenger] C:\Program Files\SpiderMessenger\SpiderMessenger.exe (Agence Exclusive)
    O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
    O4 - HKLM..\RunOnce: [SoftwareHelper] C:\Users\Sébastien\AppData\Roaming\eoRezo\SoftwareUpdate\SoftwareUpdateHP.exe (EoRezo)
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableStatusMessages = 0
    O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 149
    O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)
    O9 - Extra Button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll (Microsoft Corporation)
    O9 - Extra 'Tools' menuitem : &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll (Microsoft Corporation)
    O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL (Microsoft Corporation)
    O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
    O13 - gopher Prefix: missing
    O15 - HKCU\..Trusted Domains: localhost ([]http in Local intranet)
    O15 - HKCU\..Trusted Domains: m6vod.fr ([]http in Local intranet)
    O15 - HKCU\..Trusted Domains: m6vod.fr ([]https in Trusted sites)
    O15 - HKCU\..Trusted Domains: mappy.com ([]http in Trusted sites)
    O15 - HKCU\..Trusted Domains: orange.fr ([]http in Trusted sites)
    O15 - HKCU\..Trusted Domains: voila.fr ([rw.search.ke] http in Trusted sites)
    O15 - HKCU\..Trusted Domains: weborama.fr ([orange] http in Trusted sites)
    O15 - HKCU\..Trusted Ranges: GD ([http] in Local intranet)
    O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-wind... (Java Plug-in 1.6.0_20)
    O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-wind... (Java Plug-in 1.6.0_20)
    O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-wind... (Java Plug-in 1.6.0_20)
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/fl... (Shockwave Flash Object)
    O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
    O16 - DPF: CabBuilder http://kiw.imgag.com/imgag/kiw/toolbar/download/Install... (Reg Error: Key error.)
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 192.168.1.1
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.112.10,85.255.112.133
    O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~1\COMMON~1\System\OLEDB~1\MSDAIPP.DLL (Microsoft Corporation)
    O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~1\COMMON~1\System\OLEDB~1\MSDAIPP.DLL (Microsoft Corporation)
    O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~1\COMMON~1\System\OLEDB~1\MSDAIPP.DLL (Microsoft Corporation)
    O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~1\COMMON~1\System\OLEDB~1\MSDAIPP.DLL (Microsoft Corporation)
    O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~1\COMMON~1\System\OLEDB~1\MSDAIPP.DLL (Microsoft Corporation)
    O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
    O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~1\COMMON~1\System\OLEDB~1\MSDAIPP.DLL (Microsoft Corporation)
    O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~1\COMMON~1\System\OLEDB~1\MSDAIPP.DLL (Microsoft Corporation)
    O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
    O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
    O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
    O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL) - C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL (Google)
    O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
    O20 - HKCU Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
    O20 - HKCU Winlogon: Shell - (C:\RECYCLER\S-1-5-21-0324232222-888888379-781133308-1995\recyclebin.exe) - C:\RECYCLER\S-1-5-21-0324232222-888888379-781133308-1995\recyclebin.exe File not found
    O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\Windows\System32\igfxdev.dll (Intel Corporation)
    O24 - Desktop WallPaper: C:\Users\Sébastien\Images\Chanteur\The National\TheNational-HighViolet.jpg
    O24 - Desktop BackupWallPaper: C:\Users\Sébastien\Images\Chanteur\The National\TheNational-HighViolet.jpg
    O32 - HKLM CDRom: AutoRun - 1
    O32 - AutoRun File - [2006/09/18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
    O33 - MountPoints2\{24d43b83-07f3-11df-b749-00238b32f317}\Shell\AutoRun\command - "" = E:\cobn8w3.exe -- File not found
    O33 - MountPoints2\{24d43b83-07f3-11df-b749-00238b32f317}\Shell\open\Command - "" = E:\cobn8w3.exe -- File not found
    O33 - MountPoints2\{804abd7c-fac0-11de-aaec-00238b32f317}\Shell\Auto\command - "" = F:\launcher.exe -- File not found
    O33 - MountPoints2\{f1ee38f3-f0c8-11de-b6a4-00238b32f317}\Shell\Auto\command - "" = E:\launcher.exe -- File not found
    O34 - HKLM BootExecute: (autocheck autochk *) - File not found
    O35 - HKLM\..comfile [open] -- "%1" %*
    O35 - HKLM\..exefile [open] -- "%1" %*
    O37 - HKLM\...com [@ = comfile] -- "%1" %*
    O37 - HKLM\...exe [@ = exefile] -- "%1" %*

    NetSvcs: FastUserSwitchingCompatibility - File not found
    NetSvcs: Ias - File not found
    NetSvcs: Nla - File not found
    NetSvcs: Ntmssvc - File not found
    NetSvcs: NWCWorkstation - File not found
    NetSvcs: Nwsapagent - File not found
    NetSvcs: SRService - File not found
    NetSvcs: Wmi - C:\Windows\System32\wmi.dll (Microsoft Corporation)
    NetSvcs: WmdmPmSp - File not found
    NetSvcs: LogonHours - File not found
    NetSvcs: PCAudit - File not found
    NetSvcs: helpsvc - File not found
    NetSvcs: uploadmgr - File not found

    MsConfig - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^PHOTOfunSTUDIO 4.0 HD Edition.lnk - C:\PROGRA~1\PANASO~1\PHOTOF~1.0HD\AUTOST~1.EXE - (Panasonic Corporation)
    MsConfig - StartUpFolder: C:^Users^thierry^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^ENJOY Plus!.lnk - C:\PROGRA~1\ENJOYP~1\ENJOYP~1.EXE - ()
    MsConfig - StartUpReg: HP Software Update - hkey= - key= - C:\Program Files\HP\HP Software Update\HPWuSchd2.exe (Hewlett-Packard Co.)
    MsConfig - StartUpReg: testloud - hkey= - key= - C:\ProgramData\Dash find find.iq0 File not found
    MsConfig - StartUpReg: uTorrent - hkey= - key= - C:\Program Files\uTorrent\uTorrent.exe (BitTorrent, Inc.)

    Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
    Drivers32: msacm.siren - C:\Windows\System32\sirenacm.dll (Microsoft Corporation)
    Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
    Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)

    CREATERESTOREPOINT
    Restore point Set: OTL Restore Point

    ========== Files/Folders - Created Within 30 Days ==========

    [2010/10/17 11:31:38 | 000,000,000 | ---D | C] -- C:\Users\Sébastien\AppData\Roaming\Avira
    [2010/10/17 09:17:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Badoo
    [2010/10/16 10:13:11 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\ssmdrv.sys
    [2010/10/16 10:13:10 | 000,126,856 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avipbb.sys
    [2010/10/16 10:13:10 | 000,060,936 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avgntflt.sys
    [2010/10/16 10:13:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira
    [2010/10/16 10:13:09 | 000,000,000 | ---D | C] -- C:\Program Files\Avira
    [2010/10/10 19:23:06 | 000,000,000 | ---D | C] -- C:\Users\Sébastien\Documents\VirtualDJ
    [2010/10/10 19:23:06 | 000,000,000 | ---D | C] -- C:\Program Files\VirtualDJ
    [2010/10/08 20:14:21 | 000,107,368 | ---- | C] (GEAR Software Inc.) -- C:\Windows\System32\GEARAspi.dll
    [2010/10/08 20:13:10 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
    [2010/10/08 20:13:08 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
    [2010/10/08 20:13:08 | 000,000,000 | ---D | C] -- C:\ProgramData\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
    [2010/10/08 20:11:29 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime
    [2010/10/08 20:11:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer
    [2010/10/08 20:11:11 | 000,000,000 | ---D | C] -- C:\Program Files\Apple Software Update
    [2010/10/08 20:07:36 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
    [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

    ========== Files - Modified Within 30 Days ==========

    [2010/10/17 17:19:00 | 000,001,084 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3635036346-1563874838-1227906768-1000UA.job
    [2010/10/17 17:18:00 | 000,001,056 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
    [2010/10/17 17:16:00 | 000,001,092 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3635036346-1563874838-1227906768-1001UA.job
    [2010/10/17 17:16:00 | 000,001,040 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3635036346-1563874838-1227906768-1001Core.job
    [2010/10/17 17:15:01 | 000,000,410 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{616A193B-B64D-48D3-B22C-4B47CFB99E9C}.job
    [2010/10/17 17:00:00 | 000,000,344 | ---- | M] () -- C:\Windows\tasks\Extension de garantie-thierry.job
    [2010/10/17 16:59:59 | 000,000,344 | ---- | M] () -- C:\Windows\tasks\Recovery DVD Creator-thierry.job
    [2010/10/17 16:59:22 | 000,001,052 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
    [2010/10/17 16:59:08 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
    [2010/10/17 16:59:08 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
    [2010/10/17 16:59:02 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
    [2010/10/17 16:58:56 | 3146,670,080 | -HS- | M] () -- C:\hiberfil.sys
    [2010/10/16 19:19:00 | 000,001,032 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3635036346-1563874838-1227906768-1000Core.job
    [2010/10/16 18:20:31 | 000,000,406 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{A90F5B45-4F13-4AE2-9F05-E941D72E9CB4}.job
    [2010/10/16 10:13:24 | 000,001,850 | ---- | M] () -- C:\Users\Public\Desktop\Avira AntiVir Control Center.lnk
    [2010/10/15 21:08:11 | 000,669,566 | ---- | M] () -- C:\Windows\System32\perfh00C.dat
    [2010/10/15 21:08:11 | 000,587,178 | ---- | M] () -- C:\Windows\System32\perfh009.dat
    [2010/10/15 21:08:11 | 000,123,556 | ---- | M] () -- C:\Windows\System32\perfc00C.dat
    [2010/10/15 21:08:11 | 000,101,250 | ---- | M] () -- C:\Windows\System32\perfc009.dat
    [2010/10/11 18:39:50 | 000,001,890 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
    [2010/10/11 06:54:23 | 000,321,792 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
    [2010/10/10 20:46:30 | 000,101,376 | ---- | M] () -- C:\Users\Sébastien\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    [2010/10/10 20:07:07 | 000,000,849 | ---- | M] () -- C:\Users\Sébastien\Desktop\Virtual DJ Trial.lnk
    [2010/10/08 20:14:34 | 000,001,804 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
    [2010/10/01 20:21:26 | 000,002,109 | ---- | M] () -- C:\Users\Sébastien\Desktop\Google Chrome.lnk
    [2010/09/29 19:54:47 | 000,000,958 | ---- | M] () -- C:\Users\Public\Desktop\TeamViewer 5.lnk
    [2010/09/29 19:33:10 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt
    [2010/09/27 17:16:46 | 000,002,076 | ---- | M] () -- C:\Users\Public\Desktop\Google Earth.lnk
    [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

    ========== Files Created - No Company Name ==========

    [2010/10/16 10:13:24 | 000,001,850 | ---- | C] () -- C:\Users\Public\Desktop\Avira AntiVir Control Center.lnk
    [2010/10/11 18:39:50 | 000,001,890 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
    [2010/10/10 19:23:13 | 000,000,849 | ---- | C] () -- C:\Users\Sébastien\Desktop\Virtual DJ Trial.lnk
    [2010/10/08 20:14:3
    17 Octobre 2010 17:36:36

    Voilà, j'ai fais les scans, pour Extras :
    Spoiler
    OTL Extras logfile created on: 17/10/2010 17:25:20 - Run 1
    OTL by OldTimer - Version 3.2.15.2 Folder = C:\Users\Sébastien\Downloads
    Windows Vista Home Basic Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
    Internet Explorer (Version = 8.0.6001.18702)
    Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

    3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 66,00% Memory free
    6,00 Gb Paging File | 5,00 Gb Available in Paging File | 82,00% Paging File free
    Paging file location(s): ?:\pagefile.sys [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
    Drive C: | 220,88 Gb Total Space | 88,60 Gb Free Space | 40,11% Space Free | Partition Type: NTFS

    Computer Name: PC-DE-THIERRY | User Name: Sébastien | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: Current user
    Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

    ========== Extra Registry (SafeList) ==========


    ========== File Associations ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
    .cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
    .hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

    [HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
    .html [@ = ChromeHTML.Sébastien] -- Reg Error: Key error. File not found

    ========== Shell Spawning ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
    batfile [open] -- "%1" %*
    cmdfile [open] -- "%1" %*
    comfile [open] -- "%1" %*
    cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
    exefile [open] -- "%1" %*
    helpfile [open] -- Reg Error: Key error.
    hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
    inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
    piffile [open] -- "%1" %*
    regfile [merge] -- Reg Error: Key error.
    scrfile [config] -- "%1"
    scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
    scrfile [open] -- "%1" /S
    txtfile [edit] -- Reg Error: Key error.
    Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
    Directory [AddToPlaylistVLC] -- C:\Program Files\VideoLAN\VLC\vlc.exe --started-from-file --playlist-enqueue "%1" ()
    Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
    Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~3\Office12\ONENOTE.EXE "%L" File not found
    Directory [PlayWithVLC] -- C:\Program Files\VideoLAN\VLC\vlc.exe --started-from-file --no-playlist-enqueue "%1" ()
    Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
    Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
    Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

    ========== Security Center Settings ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
    "cval" = 1
    "UacDisableNotify" = 0
    "InternetSettingsDisableNotify" = 0
    "AutoUpdateDisableNotify" = 0

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
    "DisableMonitoring" = 1

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
    "DisableMonitoring" = 1

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
    "DisableMonitoring" = 1

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
    "AntiVirusOverride" = 0
    "AntiSpywareOverride" = 0
    "FirewallOverride" = 0
    "VistaSp1" = Reg Error: Unknown registry data type -- File not found

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

    ========== System Restore Settings ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore]
    "DisableSR" = 0
    "DisableConfig" = 0

    ========== Firewall Settings ==========

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
    "EnableFirewall" = 1
    "DisableNotifications" = 0
    "DisableUnicastResponsesToMulticastBroadcast" = 0

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
    "EnableFirewall" = 1
    "DisableNotifications" = 0

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
    "EnableFirewall" = 1
    "DisableNotifications" = 0

    ========== Authorized Applications List ==========

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
    "C:\Program Files\OrangeHSS\Connectivity\ConnectivityManager.exe" = C:\Program Files\OrangeHSS\Connectivity\ConnectivityManager.exe:*:enabled:CSS -- (France Telecom SA)


    ========== Vista Active Open Ports Exception List ==========

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
    "{06CC71EB-F9B9-4E92-AD62-6CCECF9C9DD5}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
    "{11F90DBA-F4A7-489C-93F2-419DDC32DD9B}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
    "{1487DDD3-3676-4D62-A46A-066C83962052}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
    "{15537F0A-3B9F-42D3-9207-8F4E29913061}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
    "{1F521274-4D88-4C41-8758-E8FD3426B884}" = rport=445 | protocol=6 | dir=out | app=system |
    "{292FE6A1-DC3D-430F-861F-0E567CDD6978}" = lport=139 | protocol=6 | dir=in | app=system |
    "{39715AB6-100B-4C86-ACE9-D2683DC6DAFC}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
    "{4027D65A-E535-4DB1-BF73-86B9D8234D68}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
    "{4181447F-7C61-40ED-9592-D6505122D537}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
    "{49B044BE-E5F3-486B-BD8C-6E0679D29F93}" = lport=2869 | protocol=6 | dir=in | app=system |
    "{49F56796-E5F8-44DB-87FD-8CC3821E3F72}" = rport=10243 | protocol=6 | dir=out | app=system |
    "{4C6BE59D-B81C-44A3-A5CB-F3F3CEB8A35C}" = lport=2869 | protocol=6 | dir=in | app=system |
    "{4D5582D8-1744-44A0-AE31-5A7745B3A2CB}" = rport=139 | protocol=6 | dir=out | app=system |
    "{79B7BDC6-9B7B-43AD-B8F5-AD8470CDBE65}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
    "{7FBD4C4E-0AD6-4518-9D58-5A405F61EE63}" = lport=138 | protocol=17 | dir=in | app=system |
    "{81292CBE-D2DA-43D1-88F7-A7279F1E667C}" = rport=138 | protocol=17 | dir=out | app=system |
    "{8482CED5-8BFF-4B33-814D-C9B7379DDCE5}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
    "{8D9B2CA7-6A7E-4CDC-9780-7956C8DC248B}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
    "{9C5C4984-DEC2-47A1-94A8-0033F172AED5}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
    "{9DADEFC2-E8CE-460C-A703-7CEEB422B360}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
    "{A001FBE1-D3F7-4FF1-8059-3181C4B0D408}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
    "{A6D4E1F6-FC5E-4911-931E-E4BE0EB15A64}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
    "{AC6E8573-1023-461A-A22C-F5258370DCF8}" = lport=445 | protocol=6 | dir=in | app=system |
    "{CC04CEC0-4DBC-4A46-A903-CB22D35652C0}" = rport=137 | protocol=17 | dir=out | app=system |
    "{CD9D579C-A538-457B-87B1-CC79038F007B}" = lport=137 | protocol=17 | dir=in | app=system |
    "{CFB3EB37-7987-4371-BA41-A6EC32745BB8}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
    "{EBA636A8-222E-44F8-8D68-E366E195978C}" = lport=10243 | protocol=6 | dir=in | app=system |
    "{F29AF43A-234B-4DF8-B942-5EE5A4BB8880}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
    "{FF6EACA6-D793-4F89-B82F-77DBC1B625D2}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |

    ========== Vista Active Application Exception List ==========

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
    "{0090916C-DEA0-4FD4-B61E-C1447565D162}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
    "{0463D2EF-1546-4F34-8E7F-D638E7277F10}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
    "{04BAB969-0D81-40A2-A1BA-B93EDE48B8FD}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
    "{15A8364E-9ABE-4BB6-AB48-A1C12583D6E7}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
    "{16B93259-5213-4901-858D-16791CA2DA5F}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
    "{2454BCDC-EAED-425E-834F-E4CC71251662}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
    "{2FDBBEF5-0114-466A-916F-01FC34514178}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
    "{376DCAE0-D563-43DF-A1D5-F46677A07F0E}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
    "{5009C9CA-AEF3-4A80-92BC-E6F4B039EE23}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
    "{58C87381-5176-4557-A8EB-254FFD27DEFF}" = protocol=17 | dir=in | app=c:\program files\utorrent\utorrent.exe |
    "{64F25C40-9E02-4F40-9DA7-C108E09C8CAC}" = protocol=17 | dir=in | app=c:\program files\teamviewer\version5\teamviewer.exe |
    "{704789B4-A823-4EEC-9B27-CF7CD685EA95}" = protocol=6 | dir=in | app=c:\program files\utorrent\utorrent.exe |
    "{70FD93F7-6BDC-4C22-90B2-1BC1978776C4}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
    "{71C8C0AE-B518-4F09-8369-8323211D48CD}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
    "{7BD960A6-866C-4C4D-B193-070BB09CE9EE}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
    "{7E2C1482-0721-45A0-B426-C56E2AEA84F4}" = dir=in | app=c:\program files\cyberlink\powercinema\kernel\dmp\clbrowserengine.exe |
    "{8A7D5BA0-0A7F-4152-A8C2-1D7F61DBFFB3}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
    "{9E4911BD-F3CE-450B-AF73-E99C2A8EFAB3}" = dir=in | app=c:\program files\cyberlink\powercinema\kernel\dms\clmsservice.exe |
    "{A4F2582B-CE6A-4BE3-AB22-E5425146558C}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
    "{B46A7561-9065-49EC-94E2-FB46E510896E}" = dir=in | app=c:\program files\cyberlink\playmovie\playmovie.exe |
    "{C15E34EE-85AE-4B3B-950E-B6A1D12CA58F}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
    "{C1B71731-04E0-4A17-BCD8-029197A0A5EE}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
    "{C221D5DC-59F6-4DBF-9F4C-F04ADF1E9F3E}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
    "{C38BE55C-98CE-4562-B168-1752299F98B8}" = protocol=6 | dir=out | app=system |
    "{CB000AEF-01E4-4DA6-80D7-75D0ACF2AAD6}" = dir=in | app=c:\program files\cyberlink\playmovie\pmvservice.exe |
    "{CCF3795B-38C0-47D0-84C1-7FDDFB767B24}" = dir=in | app=c:\program files\cyberlink\powercinema\pcmservice.exe |
    "{D41FEA7B-0A88-4D51-9115-FD46A000CF1E}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
    "{D8A3CEA2-9840-418C-B1B8-3BFC769CAEC2}" = dir=in | app=c:\program files\itunes\itunes.exe |
    "{DB8A88AD-EC37-4842-9470-E2D4C5619136}" = protocol=6 | dir=in | app=c:\program files\teamviewer\version5\teamviewer_service.exe |
    "{DD08E880-F8DB-4AA9-A4B0-9D0BB3DEE84E}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
    "{E1DC78F3-2F84-4277-866A-14DC2C879EB8}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
    "{E2670965-7EFA-4AE5-B1DE-9236D6968AB0}" = dir=in | app=c:\program files\cyberlink\powercinema\powercinema.exe |
    "{E7F8C145-81CF-422B-A297-3C2AFEA363A1}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
    "{F04ABF46-6380-482F-91BC-1FF04D791CD0}" = protocol=17 | dir=in | app=c:\program files\teamviewer\version5\teamviewer_service.exe |
    "{FA4D0FC8-AB48-46BC-B839-0C69EB5FA392}" = protocol=6 | dir=in | app=c:\program files\teamviewer\version5\teamviewer.exe |
    "TCP Query User{BB178EA4-345D-48A3-AC64-1833542E9A6C}C:\program files\google\google earth\client\googleearth.exe" = protocol=6 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe |
    "TCP Query User{D38E9ABF-A5CC-428C-A56D-1838A65A28A2}C:\program files\limewire\limewire.exe" = protocol=6 | dir=in | app=c:\program files\limewire\limewire.exe |
    "UDP Query User{47DC6F9A-0796-47A4-8F22-0C046F0F167C}C:\program files\google\google earth\client\googleearth.exe" = protocol=17 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe |
    "UDP Query User{4AA21F47-294A-4904-97D2-1F3E74712CF5}C:\program files\limewire\limewire.exe" = protocol=17 | dir=in | app=c:\program files\limewire\limewire.exe |

    ========== HKEY_LOCAL_MACHINE Uninstall List ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "{0214A441-A4AB-43A8-8DEF-2F73C5364673}" = Microsoft Works
    "{0C43186B-CB49-4095-B2F0-90B35E17096B}" = MP Manager
    "{0ED40D2A-7131-4FE7-941E-5C329336F712}" = HDReg France
    "{0FA44E79-CD7D-4E8D-A2EE-26FE05F509B6}" = OpenOffice.org 3.1
    "{10E1E87C-656C-4D08-86D6-5443D28583BE}" = TrayApp
    "{13F00518-807A-4B3A-83B0-A7CD90F3A398}" = MarketResearch
    "{1753255A-0AEB-4220-8C75-607B73F0C133}" = Copy
    "{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
    "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
    "{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Outil de téléchargement Windows Live
    "{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
    "{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
    "{2637C347-9DAD-11D6-9EA2-00055D0CA761}" = CyberLink PowerCinema
    "{26A24AE4-039D-4CA4-87B4-2F83216016FF}" = Java(TM) 6 Update 20
    "{29FA38B4-0AE4-4D0D-8A51-6165BB990BB0}" = WebReg
    "{2CE5A2E7-3437-4CE7-BCF4-85ED6EEFF9E4}" = iTunes
    "{2F28B3C9-2C89-4206-8B33-8ADC9577C49B}" = Scan
    "{381D847E-7E56-4E82-B261-F799E0F40EB4}" = PHOTOfunSTUDIO 4.0 HD Edition
    "{3921A67A-5AB1-4E48-9444-C71814CF3027}" = VCRedistSetup
    "{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
    "{3EE33958-7381-4E7B-A4F3-6E43098E9E9C}" = Browser Address Error Redirector
    "{402ED4A1-8F5B-387A-8688-997ABF58B8F2}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
    "{4286E640-B5FB-11DF-AC4B-005056C00008}" = Google Earth
    "{46ABBC54-1872-4AA3-95E2-F2C063A63F31}" = Installation Windows Live
    "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
    "{543E938C-BDC4-4933-A612-01293996845F}" = UnloadSupport
    "{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
    "{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}" = Microsoft Office Live Add-in 1.3
    "{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}" = Skype™ 3.6
    "{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder
    "{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder
    "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
    "{770F1BEC-2871-4E70-B837-FB8525FFA3B1}" = Windows Live Messenger
    "{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}" = Windows Live Call
    "{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
    "{87E2B986-07E8-477a-93DC-AF0B6758B192}" = DocProcQFolder
    "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
    "{90120000-0016-040C-0000-0000000FF1CE}" = Microsoft Office Excel MUI (French) 2007
    "{90120000-0016-040C-0000-0000000FF1CE}_HOMESTUDENTR_{A0353900-21A2-42CF-B973-883500A027F7}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
    "{90120000-0018-040C-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (French) 2007
    "{90120000-0018-040C-0000-0000000FF1CE}_HOMESTUDENTR_{A0353900-21A2-42CF-B973-883500A027F7}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
    "{90120000-001B-040C-0000-0000000FF1CE}" = Microsoft Office Word MUI (French) 2007
    "{90120000-001B-040C-0000-0000000FF1CE}_HOMESTUDENTR_{A0353900-21A2-42CF-B973-883500A027F7}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
    "{90120000-001F-0401-0000-0000000FF1CE}" = Microsoft Office Proof (Arabic) 2007
    "{90120000-001F-0401-0000-0000000FF1CE}_HOMESTUDENTR_{5A2F65A4-808F-4A1E-973E-92E17824982D}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
    "{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
    "{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{2AB528A5-BB1B-4EBE-8E51-AD0C4CD33CA9}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
    "{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
    "{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{3EC77D26-799B-4CD8-914F-C1565E796173}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
    "{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
    "{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{430971B1-C31E-45DA-81E0-72C095BAB72C}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
    "{90120000-001F-0413-0000-0000000FF1CE}" = Microsoft Office Proof (Dutch) 2007
    "{90120000-001F-0413-0000-0000000FF1CE}_HOMESTUDENTR_{B3F4DC34-7F60-4B7C-A79F-1C13012D99D4}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
    "{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
    "{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{F7A31780-33C4-4E39-951A-5EC9B91D7BF1}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
    "{90120000-0020-040C-0000-0000000FF1CE}" = Module de compatibilité pour Microsoft Office System 2007
    "{90120000-002C-040C-0000-0000000FF1CE}" = Microsoft Office Proofing (French) 2007
    "{90120000-006E-040C-0000-0000000FF1CE}" = Microsoft Office Shared MUI (French) 2007
    "{90120000-006E-040C-0000-0000000FF1CE}_HOMESTUDENTR_{EC50B538-CBE1-42E6-B7FE-87AA540AADFB}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
    "{90120000-00A1-040C-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (French) 2007
    "{90120000-00A1-040C-0000-0000000FF1CE}_HOMESTUDENTR_{A0353900-21A2-42CF-B973-883500A027F7}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
    "{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
    "{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{BEE75E01-DD3F-4D5F-B96C-609E6538D419}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
    "{93F54611-2701-454e-94AB-623F458D9E6B}" = DeviceDiscovery
    "{95120000-00AF-040C-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (French)
    "{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
    "{980B9958-1239-4FC5-8C88-AC5650321036}" = Nero 8 Essentials
    "{98613C99-1399-416C-A07C-1EE1C585D872}" = SeaTools for Windows
    "{A036E231-5A03-4d63-94F6-7864CC77EC48}" = PS_AIO_ProductContext
    "{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
    "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
    "{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
    "{AC76BA86-7AD7-1036-7B44-A94000000001}" = Adobe Reader 9.4.0 - Français
    "{AEA07F97-9088-497c-8821-0F36BD5DC251}" = HPProductAssistant
    "{AF7FC1CA-79DF-43c3-90A3-33EFEB9294CE}" = AIO_Scan
    "{B22C19AE-6A67-4f28-B541-5AE72FB17A25}" = HP Photosmart All-In-One Software 9.0
    "{B311B6E0-480B-4628-A77E-92D73CE71F3D}" = Notification Mail
    "{BCD6CD1A-0DBE-412E-9F25-3B500D1E6BA1}" = SolutionCenter
    "{C1CD3A53-1EA2-4993-7749-C75B878B42E5}" = Deezer Desktop
    "{C1ED9991-185D-4DFC-984C-F1FC84F35969}" = Badoo Desktop
    "{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update
    "{CCA1EEA3-555E-4D05-AC46-4B49C6C5D887}" = Apple Mobile Device Support
    "{D0E39A1D-0CEE-4D85-B4A2-E3BE990D075E}" = Destination Component
    "{D13FE823-C575-4451-AC37-E645A67AA581}_1.0.0.0" = Orange Installeur version 1.0.0.0
    "{D642E38E-0D24-486C-9A2D-E316DD696F4B}" = Microsoft XML Parser
    "{DAEAFD68-BB4A-4507-A241-C8804D2EA66D}" = Apple Application Support
    "{DC24971E-1946-445D-8A82-CE685433FA7D}" = Realtek USB 2.0 Card Reader
    "{DCE8CD14-FBF5-4464-B9A4-E18E473546C7}" = Assistant de connexion Windows Live
    "{E2662C24-B31E-4349-A084-32EB76E8B760}" = BufferChm
    "{E39A3770-3DDE-404c-B91F-3522947874A3}" = PS_AIO_Software_min
    "{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant
    "{E59113EB-0285-4BFD-A37A-B79EAC6B8F4B}" = Microsoft SQL Server Compact 3.5 SP1 English
    "{E7004147-2CCA-431C-AA05-2AB166B9785D}" = QuickTime
    "{E9C18EBD-85BE-47D0-AA73-3FEDCC976B04}" = Toolbox
    "{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
    "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
    "{F1E63043-54FC-429B-AB2C-31AF9FBA4BC7}" = 32 Bit HP CIO Components Installer
    "{F54AC413-D2C6-4A24-B324-370C223C6250}" = Adobe Photoshop Elements 6.0
    "{FA4FA322-5C90-4d2b-A019-9E588273DED5}" = PS_AIO_Software
    "{FD8D8B04-BEAD-4A55-AA1D-62D2373E7DEA}" = Status
    "{FF1C31AE-0CDC-40CE-AB85-406F8B70D643}" = Bonjour
    "{ORAHSS}.UninstallSuite" = Orange - Logiciels Internet
    "Adobe AIR" = Adobe AIR
    "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
    "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
    "Adobe Photoshop Elements 6" = Adobe Photoshop Elements 6.0
    "Adobe Shockwave Player" = Adobe Shockwave Player 11.5
    "AdobePE6" = Adobe Photoshop Elements 6
    "AdobeReader" = Adobe Reader 8
    "Ask.com Search Assistant" = Ask.com Search Assistant 1.0.2
    "AssaultCube_v1.0" = AssaultCube v1.0
    "Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
    "AxCrypt" = AxCrypt (Désinstaller uniquement)
    "CamStudio 2.0 Fr_is1" = CamStudio 2.0 Fr
    "CCleaner" = CCleaner
    "DDD Pool" = DDD Pool 1.2
    "DeezerDesktop.003CB2DDEA6AC0BFA0D6CFCD9422B800DAC858A3.1" = Deezer Desktop
    "Dofus 1.28.0" = Dofus 1.28.0
    "ENJOY Plus!" = ENJOY Plus!
    "EoRezo_is1" = EoRezo 10.3
    "Google Desktop" = Google Desktop
    "GoogleBAE" = Google BAE
    "GoogleDesktop_XX" = GoogleDesktop
    "GoogleToolbar" = Google Toolbar
    "GOPlayer" = GOPlayer
    "HDMI" = Intel(R) Graphics Media Accelerator Driver
    "HOMESTUDENTR" = Microsoft Office Home and Student 2007
    "HP Imaging Device Functions" = HP Imaging Device Functions 9.0
    "HP Solution Center & Imaging Support Tools" = HP Solution Center 9.0
    "HPExtendedCapabilities" = HP Customer Participation Program 9.0
    "ImageWriter" = Packard Bell ImageWriter
    "Infocentre" = Infocentre Rev. 2.0.0.1
    "InstallShield_{2637C347-9DAD-11D6-9EA2-00055D0CA761}" = CyberLink PowerCinema
    "LCDTest" = Packard Bell LCD Test
    "McAfee Security Scan" = McAfee Security Scan Plus
    "Messenger Plus! Live" = Messenger Plus! Live
    "METABOLI" = Metaboli
    "Nero8" = Nero 8 Essentials
    "OFF2k7_FR" = Microsoft® Office Trial 2007
    "OpenAL" = OpenAL
    "OrangeToolbarFR" = barre d'outils Orange
    "PhotoFiltre" = PhotoFiltre
    "PhotoScape" = PhotoScape
    "Picasa 3" = Picasa 3
    "PowerCinema6" = Power Cinema 6
    "radiodofus Toolbar" = radiodofus Toolbar
    "SETUPMYPC_FR" = SetUp My PC
    "ShockwaveFlash" = Adobe Flash Player 9 ActiveX
    "SKYPE" = Skype 3.6.2.248
    "SoftwareUpdate_is1" = SoftwareUpdate 1.0
    "SpiderMessenger_is1" = SpiderMessenger 1.0
    "SynTPDeinstKey" = Synaptics Pointing Device Driver
    "TeamViewer 5" = TeamViewer 5
    "Updator" = Packard Bell Updator
    "uTorrent" = µTorrent
    "Virtual DJ - Atomix Productions" = Virtual DJ - Atomix Productions
    "VLC media player" = VLC media player 0.9.8a
    "WinLiveSuite_Wave3" = Installation Windows Live
    "WinRAR archiver" = Archiveur WinRAR
    "works9se" = Microsoft Works 9 SE
    "X10Hardware" = X10 Hardware(TM)
    "XileROPatch v4 4" = XileROPatch v4 4

    ========== HKEY_CURRENT_USER Uninstall List ==========

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "Google Chrome" = Google Chrome

    ========== Last 10 Event Log Errors ==========

    [ Application Events ]
    Error - 17/10/2010 10:59:36 | Computer Name = PC-de-thierry | Source = Microsoft-Windows-CAPI2 | ID = 131083
    Description =

    Error - 17/10/2010 10:59:36 | Computer Name = PC-de-thierry | Source = Microsoft-Windows-CAPI2 | ID = 131083
    Description =

    Error - 17/10/2010 10:59:41 | Computer Name = PC-de-thierry | Source = WinMgmt | ID = 10
    Description =

    Error - 17/10/2010 11:00:04 | Computer Name = PC-de-thierry | Source = Microsoft-Windows-CAPI2 | ID = 131083
    Description =

    Error - 17/10/2010 11:02:58 | Computer Name = PC-de-thierry | Source = Microsoft-Windows-CAPI2 | ID = 131083
    Description =

    Error - 17/10/2010 11:05:00 | Computer Name = PC-de-thierry | Source = Microsoft-Windows-CAPI2 | ID = 131083
    Description =

    Error - 17/10/2010 11:10:21 | Computer Name = PC-de-thierry | Source = Microsoft-Windows-CAPI2 | ID = 131083
    Description =

    Error - 17/10/2010 11:10:32 | Computer Name = PC-de-thierry | Source = Microsoft-Windows-CAPI2 | ID = 131083
    Description =

    Error - 17/10/2010 11:11:37 | Computer Name = PC-de-thierry | Source = Microsoft-Windows-CAPI2 | ID = 131083
    Description =

    Error - 17/10/2010 11:24:45 | Computer Name = PC-de-thierry | Source = Microsoft-Windows-CAPI2 | ID = 131083
    Description =

    [ OSession Events ]
    Error - 11/11/2009 04:37:04 | Computer Name = PC-de-thierry | Source = Microsoft Office 12 Sessions | ID = 7001
    Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application
    Version: 12.0.6300.5000, Microsoft Office Version: 12.0.6215.1000. This session
    lasted 23 seconds with 0 seconds of active time. This session ended with a crash.

    Error - 16/01/2010 04:47:57 | Computer Name = PC-de-thierry | Source = Microsoft Office 12 Sessions | ID = 7001
    Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application
    Version: 12.0.6300.5000, Microsoft Office Version: 12.0.6215.1000. This session
    lasted 113 seconds with 60 seconds of active time. This session ended with a crash.

    Error - 15/04/2010 11:54:07 | Computer Name = PC-de-thierry | Source = Microsoft Office 12 Sessions | ID = 7001
    Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application
    Version: 12.0.6300.5000, Microsoft Office Version: 12.0.6215.1000. This session
    lasted 38 seconds with 0 seconds of active time. This session ended with a crash.

    Error - 06/07/2010 16:34:03 | Computer Name = PC-de-thierry | Source = Microsoft Office 12 Sessions | ID = 7001
    Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application
    Version: 12.0.6300.5000, Microsoft Office Version: 12.0.6215.1000. This session
    lasted 37 seconds with 0 seconds of active time. This session ended with a crash.

    Error - 13/07/2010 16:24:49 | Computer Name = PC-de-thierry | Source = Microsoft Office 12 Sessions | ID = 7001
    Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application
    Version: 12.0.6300.5000, Microsoft Office Version: 12.0.6215.1000. This session
    lasted 135 seconds with 120 seconds of active time. This session ended with a crash.

    [ System Events ]
    Error - 16/10/2010 03:21:08 | Computer Name = PC-de-thierry | Source = Service Control Manager | ID = 7006
    Description =

    Error - 16/10/2010 04:06:12 | Computer Name = PC-de-thierry | Source = HTTP | ID = 15016
    Description =

    Error - 16/10/2010 04:06:54 | Computer Name = PC-de-thierry | Source = Service Control Manager | ID = 7000
    Description =

    Error - 16/10/2010 04:13:36 | Computer Name = PC-de-thierry | Source = Service Control Manager | ID = 7006
    Description =

    Error - 16/10/2010 10:52:24 | Computer Name = PC-de-thierry | Source = HTTP | ID = 15016
    Description =

    Error - 16/10/2010 10:53:05 | Computer Name = PC-de-thierry | Source = Service Control Manager | ID = 7000
    Description =

    Error - 17/10/2010 03:11:55 | Computer Name = PC-de-thierry | Source = HTTP | ID = 15016
    Description =

    Error - 17/10/2010 03:12:30 | Computer Name = PC-de-thierry | Source = Service Control Manager | ID = 7000
    Description =

    Error - 17/10/2010 10:59:06 | Computer Name = PC-de-thierry | Source = HTTP | ID = 15016
    Description =

    Error - 17/10/2010 10:59:41 | Computer Name = PC-de-thierry | Source = Service Control Manager | ID = 7000
    Description =


    < End of report >



    OTL :
    Spoiler
    OTL logfile created on: 17/10/2010 17:25:20 - Run 1
    OTL by OldTimer - Version 3.2.15.2 Folder = C:\Users\Sébastien\Downloads
    Windows Vista Home Basic Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
    Internet Explorer (Version = 8.0.6001.18702)
    Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

    3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 66,00% Memory free
    6,00 Gb Paging File | 5,00 Gb Available in Paging File | 82,00% Paging File free
    Paging file location(s): ?:\pagefile.sys [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
    Drive C: | 220,88 Gb Total Space | 88,60 Gb Free Space | 40,11% Space Free | Partition Type: NTFS

    Computer Name: PC-DE-THIERRY | User Name: Sébastien | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: Current user
    Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

    ========== Processes (SafeList) ==========

    PRC - [2010/10/17 17:22:19 | 000,574,464 | ---- | M] (OldTimer Tools) -- C:\Users\Sébastien\Downloads\OTL.exe
    PRC - [2010/09/24 15:36:59 | 001,960,744 | ---- | M] (TeamViewer GmbH) -- C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe
    PRC - [2010/08/17 13:39:03 | 000,135,336 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
    PRC - [2010/08/17 13:38:55 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
    PRC - [2010/08/17 13:38:55 | 000,267,944 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
    PRC - [2010/08/13 12:58:56 | 000,144,672 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    PRC - [2010/06/22 17:15:58 | 002,506,424 | ---- | M] (Agence Exclusive) -- C:\Program Files\SpiderMessenger\SpiderMessenger.exe
    PRC - [2010/06/19 11:14:59 | 000,030,192 | ---- | M] (Google) -- C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
    PRC - [2010/01/15 14:49:20 | 000,255,536 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe
    PRC - [2010/01/14 22:11:14 | 000,076,968 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
    PRC - [2009/02/06 18:07:48 | 000,027,512 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Contacts\wlcomm.exe
    PRC - [2008/12/09 11:13:14 | 000,368,224 | ---- | M] (EoRezo) -- C:\Users\Sébastien\AppData\Roaming\eoRezo\SoftwareUpdate\SoftwareUpdateHP.exe
    PRC - [2008/10/29 08:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
    PRC - [2008/08/04 11:16:46 | 006,265,376 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe
    PRC - [2008/05/22 17:08:51 | 000,068,856 | ---- | M] (Google Inc.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    PRC - [2008/04/11 23:22:06 | 000,196,608 | ---- | M] (CyberLink) -- C:\Program Files\CyberLink\PowerCinema\Kernel\CLML\CLMLSvc.exe
    PRC - [2008/03/31 10:51:42 | 000,172,032 | ---- | M] (CyberLink Corp.) -- C:\Program Files\CyberLink\PlayMovie\PMVService.exe
    PRC - [2008/03/21 20:56:56 | 000,143,360 | ---- | M] (CyberLink Corp.) -- C:\Program Files\CyberLink\PowerCinema\PCMAgent.exe
    PRC - [2008/02/04 12:13:36 | 001,038,136 | ---- | M] (Packard Bell BV) -- C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe
    PRC - [2008/01/21 04:33:00 | 001,008,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MSASCui.exe
    PRC - [2008/01/14 14:12:30 | 001,688,872 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe
    PRC - [2007/12/11 21:19:58 | 000,065,536 | ---- | M] (France Telecom SA) -- C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTCOMModule\0\FTCOMModule.exe
    PRC - [2007/12/11 21:19:44 | 000,065,536 | ---- | M] (France Telecom SA) -- C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
    PRC - [2007/12/11 21:17:42 | 000,090,112 | ---- | M] (France Telecom SA) -- C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\AlertModule\0\AlertModule.exe
    PRC - [2007/12/11 20:46:12 | 000,094,208 | ---- | M] (France Telecom SA) -- C:\Program Files\OrangeHSS\systray\systrayapp.exe
    PRC - [2007/12/11 20:39:22 | 000,598,016 | ---- | M] (France Telecom SA) -- C:\Program Files\OrangeHSS\Launcher\Launcher.exe
    PRC - [2007/12/11 20:23:38 | 000,716,800 | ---- | M] (France Telecom SA) -- C:\Program Files\OrangeHSS\connectivity\connectivitymanager.exe
    PRC - [2007/12/11 20:22:38 | 000,028,672 | ---- | M] (France Telecom SA) -- C:\Program Files\OrangeHSS\connectivity\CoreCom\OraConfigRecover.exe
    PRC - [2007/12/11 20:22:32 | 000,364,544 | ---- | M] (France Telecom SA) -- C:\Program Files\OrangeHSS\connectivity\CoreCom\CoreCom.exe
    PRC - [2007/09/11 00:45:04 | 000,124,832 | ---- | M] () -- C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe
    PRC - [2007/06/15 12:57:42 | 000,145,504 | ---- | M] (B.H.A Corporation) -- C:\Windows\System32\bgsvcgen.exe
    PRC - [2001/11/12 13:31:48 | 000,020,480 | ---- | M] (X10) -- C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe


    ========== Modules (SafeList) ==========

    MOD - [2010/10/17 17:22:19 | 000,574,464 | ---- | M] (OldTimer Tools) -- C:\Users\Sébastien\Downloads\OTL.exe
    MOD - [2008/01/21 04:34:21 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msscript.ocx
    MOD - [2008/01/21 04:33:14 | 001,684,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll


    ========== Win32 Services (SafeList) ==========

    SRV - [2010/09/24 15:36:59 | 001,960,744 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe -- (TeamViewer5)
    SRV - [2010/08/17 13:39:03 | 000,135,336 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
    SRV - [2010/08/17 13:38:55 | 000,267,944 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
    SRV - [2010/08/13 12:58:56 | 000,144,672 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
    SRV - [2010/06/19 11:14:59 | 000,030,192 | ---- | M] (Google) [On_Demand | Stopped] -- C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe -- (GoogleDesktopManager-051210-111108)
    SRV - [2010/02/24 23:52:00 | 003,411,964 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\Windows\System32\GameMon.des -- (npggsvc)
    SRV - [2010/01/15 14:49:20 | 000,227,232 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe -- (McComponentHostService)
    SRV - [2008/05/22 16:32:50 | 000,647,680 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
    SRV - [2008/01/21 04:33:00 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)
    SRV - [2007/12/11 21:19:44 | 000,065,536 | ---- | M] (France Telecom SA) [Auto | Running] -- C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe -- (FTRTSVC)
    SRV - [2007/09/11 00:45:04 | 000,124,832 | ---- | M] () [Auto | Running] -- C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe -- (AdobeActiveFileMonitor6.0)
    SRV - [2007/06/15 12:57:42 | 000,145,504 | ---- | M] (B.H.A Corporation) [Auto | Running] -- C:\Windows\System32\bgsvcgen.exe -- (bgsvcgen)
    SRV - [2001/11/12 13:31:48 | 000,020,480 | ---- | M] (X10) [Auto | Running] -- C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe -- (x10nets)


    ========== Driver Services (SafeList) ==========

    DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
    DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
    DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\ipinip.sys -- (IpInIp)
    DRV - [2010/08/17 13:39:11 | 000,126,856 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)
    DRV - [2010/08/17 13:39:11 | 000,060,936 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
    DRV - [2010/06/17 15:28:02 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
    DRV - [2008/08/06 10:26:08 | 000,124,928 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169)
    DRV - [2008/08/04 11:02:46 | 002,161,496 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RTKVHDA.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
    DRV - [2008/07/11 04:20:10 | 002,381,312 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\igdkmd32.sys -- (igfx)
    DRV - [2008/03/31 10:52:10 | 000,041,456 | ---- | M] (Cyberlink Corp.) [Kernel | Auto | Running] -- C:\Program Files\CyberLink\PlayMovie\000.fcl -- ({49DE1C67-83F8-4102-99E0-C16DCC7EEC796})
    DRV - [2008/02/20 22:01:08 | 000,060,416 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RTSTOR.sys -- (RTSTOR)
    DRV - [2008/01/21 04:32:53 | 000,149,560 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320)
    DRV - [2008/01/21 04:32:53 | 000,031,288 | ---- | M] (LSI Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasas.sys -- (megasas)
    DRV - [2008/01/21 04:32:52 | 000,386,616 | ---- | M] (LSI Corporation, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasr.sys -- (MegaSR)
    DRV - [2008/01/21 04:32:52 | 000,101,432 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m)
    DRV - [2008/01/21 04:32:52 | 000,074,808 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4)
    DRV - [2008/01/21 04:32:52 | 000,040,504 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs)
    DRV - [2008/01/21 04:32:51 | 000,300,600 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci)
    DRV - [2008/01/21 04:32:51 | 000,089,656 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS)
    DRV - [2008/01/21 04:32:50 | 001,122,360 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300)
    DRV - [2008/01/21 04:32:50 | 000,118,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60) Intel(R)
    DRV - [2008/01/21 04:32:50 | 000,079,928 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas)
    DRV - [2008/01/21 04:32:49 | 000,235,064 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV)
    DRV - [2008/01/21 04:32:49 | 000,130,616 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid)
    DRV - [2008/01/21 04:32:49 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2)
    DRV - [2008/01/21 04:32:49 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC)
    DRV - [2008/01/21 04:32:49 | 000,079,416 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arc.sys -- (arc)
    DRV - [2008/01/21 04:32:48 | 000,342,584 | ---- | M] (Emulex) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor)
    DRV - [2008/01/21 04:32:48 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI)
    DRV - [2008/01/21 04:32:47 | 000,102,968 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid)
    DRV - [2008/01/21 04:32:47 | 000,045,112 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor)
    DRV - [2008/01/21 04:32:46 | 000,422,968 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx)
    DRV - [2008/01/21 04:32:45 | 000,238,648 | ---- | M] (ULi Electronics Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci)
    DRV - [2008/01/21 04:32:21 | 000,020,024 | ---- | M] (VIA Technologies, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\viaide.sys -- (viaide)
    DRV - [2008/01/21 04:32:21 | 000,019,000 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide)
    DRV - [2008/01/21 04:32:21 | 000,017,464 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\aliide.sys -- (aliide)
    DRV - [2007/11/08 07:10:00 | 000,288,768 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RTL8187B.sys -- (RTL8187B)
    DRV - [2007/06/08 04:53:56 | 000,187,448 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SynTP.sys -- (SynTP)
    DRV - [2006/11/28 21:46:22 | 000,028,224 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\PCAMp50.sys -- (PCAMp50)
    DRV - [2006/11/28 21:46:20 | 000,027,072 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\PCASp50.sys -- (PCASp50)
    DRV - [2006/11/17 10:31:04 | 000,013,976 | ---- | M] (X10 Wireless Technology, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\x10hid.sys -- (X10Hid)
    DRV - [2006/11/02 11:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx)
    DRV - [2006/11/02 11:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata)
    DRV - [2006/11/02 11:50:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960)
    DRV - [2006/11/02 11:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp)
    DRV - [2006/11/02 11:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx)
    DRV - [2006/11/02 11:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid)
    DRV - [2006/11/02 11:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi)
    DRV - [2006/11/02 11:50:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx)
    DRV - [2006/11/02 11:50:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3)
    DRV - [2006/11/02 11:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x)
    DRV - [2006/11/02 11:49:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi)
    DRV - [2006/11/02 10:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
    DRV - [2006/11/02 10:24:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer)
    DRV - [2006/11/02 10:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp)
    DRV - [2006/11/02 10:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo)
    DRV - [2006/11/02 10:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm)
    DRV - [2006/11/02 10:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm)
    DRV - [2006/11/02 09:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi)
    DRV - [2006/02/20 19:17:40 | 000,033,408 | ---- | M] (B.H.A Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\cdrbsdrv.sys -- (cdrbsdrv)
    DRV - [2005/01/04 11:43:08 | 000,004,682 | ---- | M] (INCA Internet Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\npptNT2.sys -- (NPPTNT2)


    ========== Standard Registry (SafeList) ==========


    ========== Internet Explorer ==========

    IE - HKLM\..\URLSearchHook: {b905bc9d-6059-4517-a6b4-950d26299a2b} - C:\Program Files\radiodofus\tbradi.dll (Conduit Ltd.)

    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.packardbell.com/?id=9136
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,First Home Page = http://y.lo.st
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://y.lo.st
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
    IE - HKCU\..\URLSearchHook: {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\OrangeHSS\SearchURLHook\SearchPageURL.dll ()
    IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

    FF - HKLM\software\mozilla\Firefox\Extensions\\SpiderMessengerHelper@spidermessenger.com: C:\Program Files\SpiderMessenger [2010/07/16 12:23:08 | 000,000,000 | ---D | M]


    O1 HOSTS File: ([2006/09/18 23:41:30 | 000,000,736 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
    O1 - Hosts: ::1 localhost
    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
    O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
    O2 - BHO: (SpiderMessenger_BHO Class) - {ADE49752-DBBC-43A3-9498-379A82F574BF} - C:\Program Files\SpiderMessenger\SpiderMessenger.BHO.dll (Soft2PC)
    O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5612.1312\swg.dll (Google Inc.)
    O2 - BHO: (radiodofus Toolbar) - {b905bc9d-6059-4517-a6b4-950d26299a2b} - C:\Program Files\radiodofus\tbradi.dll (Conduit Ltd.)
    O2 - BHO: (EOBHO Class) - {C10DC1F4-CCDF-4224-A24D-B23AFC3573C8} - C:\Program Files\EoRezo\EoRezoBHO.dll (EoRezo)
    O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Google\Google_BAE\BAE.dll (Packard Bell)
    O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
    O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
    O3 - HKLM\..\Toolbar: (radiodofus Toolbar) - {b905bc9d-6059-4517-a6b4-950d26299a2b} - C:\Program Files\radiodofus\tbradi.dll (Conduit Ltd.)
    O3 - HKLM\..\Toolbar: (barre d'outils Orange) - {D3028143-6145-4318-99D3-3EDCE54A95A9} - C:\Program Files\Orange\ToolbarFR\ToolbarContainer101000317.dll (Orange)
    O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
    O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
    O3 - HKCU\..\Toolbar\WebBrowser: (radiodofus Toolbar) - {B905BC9D-6059-4517-A6B4-950D26299A2B} - C:\Program Files\radiodofus\tbradi.dll (Conduit Ltd.)
    O3 - HKCU\..\Toolbar\WebBrowser: (barre d'outils Orange) - {D3028143-6145-4318-99D3-3EDCE54A95A9} - C:\Program Files\Orange\ToolbarFR\ToolbarContainer101000317.dll (Orange)
    O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
    O4 - HKLM..\Run: [CLMLServer] C:\Program Files\CyberLink\PowerCinema\Kernel\CLML\CLMLSvc.exe (CyberLink)
    O4 - HKLM..\Run: [EoEngine] File not found
    O4 - HKLM..\Run: [EoWeather] File not found
    O4 - HKLM..\Run: [Google Desktop Search] C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe (Google)
    O4 - HKLM..\Run: [Google Quick Search Box] C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe (Google Inc.)
    O4 - HKLM..\Run: [MailNotifierSessionManager] C:\Program Files\Orange\Notification Mail\SessionManager\SessionManager.exe (France Telecom SA)
    O4 - HKLM..\Run: [ORAHSSSessionManager] C:\Program Files\OrangeHSS\SessionManager\SessionManager.exe (France Telecom SA)
    O4 - HKLM..\Run: [PCMAgent] C:\Program Files\CyberLink\PowerCinema\PCMAgent.exe (CyberLink Corp.)
    O4 - HKLM..\Run: [PlayMovie] C:\Program Files\CyberLink\PlayMovie\PMVService.exe (CyberLink Corp.)
    O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
    O4 - HKLM..\Run: [SpiderMessenger] File not found
    O4 - HKLM..\Run: [toolbar_eula_launcher] C:\Program Files\Packard Bell\GOOGLE_EULA\EULALauncher.exe ( )
    O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
    O4 - HKCU..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe (Nero AG)
    O4 - HKCU..\Run: [SmpcSys] C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe (Packard Bell BV)
    O4 - HKCU..\Run: [SpiderMessenger] C:\Program Files\SpiderMessenger\SpiderMessenger.exe (Agence Exclusive)
    O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
    O4 - HKLM..\RunOnce: [SoftwareHelper] C:\Users\Sébastien\AppData\Roaming\eoRezo\SoftwareUpdate\SoftwareUpdateHP.exe (EoRezo)
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableStatusMessages = 0
    O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 149
    O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)
    O9 - Extra Button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll (Microsoft Corporation)
    O9 - Extra 'Tools' menuitem : &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll (Microsoft Corporation)
    O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL (Microsoft Corporation)
    O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
    O13 - gopher Prefix: missing
    O15 - HKCU\..Trusted Domains: localhost ([]http in Local intranet)
    O15 - HKCU\..Trusted Domains: m6vod.fr ([]http in Local intranet)
    O15 - HKCU\..Trusted Domains: m6vod.fr ([]https in Trusted sites)
    O15 - HKCU\..Trusted Domains: mappy.com ([]http in Trusted sites)
    O15 - HKCU\..Trusted Domains: orange.fr ([]http in Trusted sites)
    O15 - HKCU\..Trusted Domains: voila.fr ([rw.search.ke] http in Trusted sites)
    O15 - HKCU\..Trusted Domains: weborama.fr ([orange] http in Trusted sites)
    O15 - HKCU\..Trusted Ranges: GD ([http] in Local intranet)
    O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-wind... (Java Plug-in 1.6.0_20)
    O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-wind... (Java Plug-in 1.6.0_20)
    O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-wind... (Java Plug-in 1.6.0_20)
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/fl... (Shockwave Flash Object)
    O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
    O16 - DPF: CabBuilder http://kiw.imgag.com/imgag/kiw/toolbar/download/Install... (Reg Error: Key error.)
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 192.168.1.1
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.112.10,85.255.112.133
    O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~1\COMMON~1\System\OLEDB~1\MSDAIPP.DLL (Microsoft Corporation)
    O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~1\COMMON~1\System\OLEDB~1\MSDAIPP.DLL (Microsoft Corporation)
    O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~1\COMMON~1\System\OLEDB~1\MSDAIPP.DLL (Microsoft Corporation)
    O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~1\COMMON~1\System\OLEDB~1\MSDAIPP.DLL (Microsoft Corporation)
    O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~1\COMMON~1\System\OLEDB~1\MSDAIPP.DLL (Microsoft Corporation)
    O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
    O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~1\COMMON~1\System\OLEDB~1\MSDAIPP.DLL (Microsoft Corporation)
    O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~1\COMMON~1\System\OLEDB~1\MSDAIPP.DLL (Microsoft Corporation)
    O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
    O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
    O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
    O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL) - C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL (Google)
    O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
    O20 - HKCU Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
    O20 - HKCU Winlogon: Shell - (C:\RECYCLER\S-1-5-21-0324232222-888888379-781133308-1995\recyclebin.exe) - C:\RECYCLER\S-1-5-21-0324232222-888888379-781133308-1995\recyclebin.exe File not found
    O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\Windows\System32\igfxdev.dll (Intel Corporation)
    O24 - Desktop WallPaper: C:\Users\Sébastien\Images\Chanteur\The National\TheNational-HighViolet.jpg
    O24 - Desktop BackupWallPaper: C:\Users\Sébastien\Images\Chanteur\The National\TheNational-HighViolet.jpg
    O32 - HKLM CDRom: AutoRun - 1
    O32 - AutoRun File - [2006/09/18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
    O33 - MountPoints2\{24d43b83-07f3-11df-b749-00238b32f317}\Shell\AutoRun\command - "" = E:\cobn8w3.exe -- File not found
    O33 - MountPoints2\{24d43b83-07f3-11df-b749-00238b32f317}\Shell\open\Command - "" = E:\cobn8w3.exe -- File not found
    O33 - MountPoints2\{804abd7c-fac0-11de-aaec-00238b32f317}\Shell\Auto\command - "" = F:\launcher.exe -- File not found
    O33 - MountPoints2\{f1ee38f3-f0c8-11de-b6a4-00238b32f317}\Shell\Auto\command - "" = E:\launcher.exe -- File not found
    O34 - HKLM BootExecute: (autocheck autochk *) - File not found
    O35 - HKLM\..comfile [open] -- "%1" %*
    O35 - HKLM\..exefile [open] -- "%1" %*
    O37 - HKLM\...com [@ = comfile] -- "%1" %*
    O37 - HKLM\...exe [@ = exefile] -- "%1" %*

    NetSvcs: FastUserSwitchingCompatibility - File not found
    NetSvcs: Ias - File not found
    NetSvcs: Nla - File not found
    NetSvcs: Ntmssvc - File not found
    NetSvcs: NWCWorkstation - File not found
    NetSvcs: Nwsapagent - File not found
    NetSvcs: SRService - File not found
    NetSvcs: Wmi - C:\Windows\System32\wmi.dll (Microsoft Corporation)
    NetSvcs: WmdmPmSp - File not found
    NetSvcs: LogonHours - File not found
    NetSvcs: PCAudit - File not found
    NetSvcs: helpsvc - File not found
    NetSvcs: uploadmgr - File not found

    MsConfig - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^PHOTOfunSTUDIO 4.0 HD Edition.lnk - C:\PROGRA~1\PANASO~1\PHOTOF~1.0HD\AUTOST~1.EXE - (Panasonic Corporation)
    MsConfig - StartUpFolder: C:^Users^thierry^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^ENJOY Plus!.lnk - C:\PROGRA~1\ENJOYP~1\ENJOYP~1.EXE - ()
    MsConfig - StartUpReg: HP Software Update - hkey= - key= - C:\Program Files\HP\HP Software Update\HPWuSchd2.exe (Hewlett-Packard Co.)
    MsConfig - StartUpReg: testloud - hkey= - key= - C:\ProgramData\Dash find find.iq0 File not found
    MsConfig - StartUpReg: uTorrent - hkey= - key= - C:\Program Files\uTorrent\uTorrent.exe (BitTorrent, Inc.)

    Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
    Drivers32: msacm.siren - C:\Windows\System32\sirenacm.dll (Microsoft Corporation)
    Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
    Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)

    CREATERESTOREPOINT
    Restore point Set: OTL Restore Point

    ========== Files/Folders - Created Within 30 Days ==========

    [2010/10/17 11:31:38 | 000,000,000 | ---D | C] -- C:\Users\Sébastien\AppData\Roaming\Avira
    [2010/10/17 09:17:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Badoo
    [2010/10/16 10:13:11 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\ssmdrv.sys
    [2010/10/16 10:13:10 | 000,126,856 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avipbb.sys
    [2010/10/16 10:13:10 | 000,060,936 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avgntflt.sys
    [2010/10/16 10:13:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira
    [2010/10/16 10:13:09 | 000,000,000 | ---D | C] -- C:\Program Files\Avira
    [2010/10/10 19:23:06 | 000,000,000 | ---D | C] -- C:\Users\Sébastien\Documents\VirtualDJ
    [2010/10/10 19:23:06 | 000,000,000 | ---D | C] -- C:\Program Files\VirtualDJ
    [2010/10/08 20:14:21 | 000,107,368 | ---- | C] (GEAR Software Inc.) -- C:\Windows\System32\GEARAspi.dll
    [2010/10/08 20:13:10 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
    [2010/10/08 20:13:08 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
    [2010/10/08 20:13:08 | 000,000,000 | ---D | C] -- C:\ProgramData\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
    [2010/10/08 20:11:29 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime
    [2010/10/08 20:11:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer
    [2010/10/08 20:11:11 | 000,000,000 | ---D | C] -- C:\Program Files\Apple Software Update
    [2010/10/08 20:07:36 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
    [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

    ========== Files - Modified Within 30 Days ==========

    [2010/10/17 17:19:00 | 000,001,084 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3635036346-1563874838-1227906768-1000UA.job
    [2010/10/17 17:18:00 | 000,001,056 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
    [2010/10/17 17:16:00 | 000,001,092 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3635036346-1563874838-1227906768-1001UA.job
    [2010/10/17 17:16:00 | 000,001,040 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3635036346-1563874838-1227906768-1001Core.job
    [2010/10/17 17:15:01 | 000,000,410 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{616A193B-B64D-48D3-B22C-4B47CFB99E9C}.job
    [2010/10/17 17:00:00 | 000,000,344 | ---- | M] () -- C:\Windows\tasks\Extension de garantie-thierry.job
    [2010/10/17 16:59:59 | 000,000,344 | ---- | M] () -- C:\Windows\tasks\Recovery DVD Creator-thierry.job
    [2010/10/17 16:59:22 | 000,001,052 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
    [2010/10/17 16:59:08 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
    [2010/10/17 16:59:08 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
    [2010/10/17 16:59:02 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
    [2010/10/17 16:58:56 | 3146,670,080 | -HS- | M] () -- C:\hiberfil.sys
    [2010/10/16 19:19:00 | 000,001,032 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3635036346-1563874838-1227906768-1000Core.job
    [2010/10/16 18:20:31 | 000,000,406 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{A90F5B45-4F13-4AE2-9F05-E941D72E9CB4}.job
    [2010/10/16 10:13:24 | 000,001,850 | ---- | M] () -- C:\Users\Public\Desktop\Avira AntiVir Control Center.lnk
    [2010/10/15 21:08:11 | 000,669,566 | ---- | M] () -- C:\Windows\System32\perfh00C.dat
    [2010/10/15 21:08:11 | 000,587,178 | ---- | M] () -- C:\Windows\System32\perfh009.dat
    [2010/10/15 21:08:11 | 000,123,556 | ---- | M] () -- C:\Windows\System32\perfc00C.dat
    [2010/10/15 21:08:11 | 000,101,250 | ---- | M] () -- C:\Windows\System32\perfc009.dat
    [2010/10/11 18:39:50 | 000,001,890 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
    [2010/10/11 06:54:23 | 000,321,792 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
    [2010/10/10 20:46:30 | 000,101,376 | ---- | M] () -- C:\Users\Sébastien\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    [2010/10/10 20:07:07 | 000,000,849 | ---- | M] () -- C:\Users\Sébastien\Desktop\Virtual DJ Trial.lnk
    [2010/10/08 20:14:34 | 000,001,804 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
    [2010/10/01 20:21:26 | 000,002,109 | ---- | M] () -- C:\Users\Sébastien\Desktop\Google Chrome.lnk
    [2010/09/29 19:54:47 | 000,000,958 | ---- | M] () -- C:\Users\Public\Desktop\TeamViewer 5.lnk
    [2010/09/29 19:33:10 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt
    [2010/09/27 17:16:46 | 000,002,076 | ---- | M] () -- C:\Users\Public\Desktop\Google Earth.lnk
    [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

    ========== Files Created - No Company Name ==========

    [2010/10/16 10:13:24 | 000,001,850 | ---- | C] () -- C:\Users\Public\Desktop\Avira AntiVir Control Center.lnk
    [2010/10/11 18:39:50 | 000,001,890 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
    [2010/10/10 19:23:13 | 000,000,849 | ---- | C] () -- C:\Users\Sébastien\Desktop\Virtual DJ Trial
    a c 548 8 Sécurité
    17 Octobre 2010 17:50:55

    Re,

    Une seule fois les rapports me suffisent ... et cela aurait été mieux de passer pr le service cijoint comme je demandais, bref ...


    Faudrait voir à arrêter d'installer n'importe quoi aussi ... toolbar, programme pourri, publicitaires, jeux ...
    Lire les conditions d'utilisation (CGU) de ces "softs" ... et tu verras pourquoi tu as des pubs ...


    1) A désinstaller via "programmes et fonctionnalités" :

    - MarketResearch
    - Ask Toolbar
    - Badoo Desktop
    - Ask.com Search Assistant 1.0.2
    - EoRezo 10.3
    - McAfee Security Scan Plus
    - radiodofus Toolbar
    - SoftwareUpdate 1.0
    - SpiderMessenger 1.0


    2) Télécharge Ad-R (de El Desaparecido / C_XX) sur ton Bureau.

    /!\ Désactive tes protections résidentes : antivirus, antispyware, déconnecte-toi et ferme toutes les applications en cours /!\

  • Installe le programme (avec les paramètres par défaut).
  • Le programme se lance automatiquement à la fin de l'installation, sinon, lance-le via le raccourci Ad-R situé sur ton Bureau.
    (Utilisateur de Vista/Windows 7, clique-droit sur le raccourci de Ad-R -> Exécuter en tant qu'administrateur)
  • Valide l'avertissement, puis, dans la fenêtre principal, choisis l'option Scanner, et valide avec "Oui"
  • A la fin, appuie sur une touche, un rapport apparaitra (sinon, il est situé ici C:\Ad-report(date).log). Poste-le dans ta prochaine réponse

    /!\ N'oublie pas de réactiver tes protections résidentes /!\
    17 Octobre 2010 18:22:25

    Je suis sous Windows Vista, je suis aller dans 'Panneau Configuration', 'Programmes', 'Désinstaller un programme' mais je n'ai pas trouvé ' MarketResearch ', ni 'Badoo Desktop'. Es normal ?
    a c 548 8 Sécurité
    17 Octobre 2010 19:39:40

    Re,

    Oui, c'est possible.

    Désinstalle ceux que tu trouves, ensuite passe à AD-R.
    17 Octobre 2010 19:50:03

    Re, ok d'accord je le fais tout de suite.
    17 Octobre 2010 19:58:46

    Voilà, c'est fait :


    ======= RAPPORT D'AD-REMOVER 2.0.0.1,F | UNIQUEMENT XP/VISTA/7 =======

    Mis à jour par C_XX le 16/09/10 à 13:30
    Contact: AdRemover.contact[AT]gmail.com
    Site web: http://www.teamxscript.org

    C:\Program Files\Ad-Remover\main.exe (SCAN [1]) -> Lancé à 19:53:25 le 17/10/2010, Mode normal

    Microsoft® Windows Vista™ Édition Familiale Basique Service Pack 1 (X86)
    Sébastien@PC-DE-THIERRY (PACKARD BELL BV EasyNote MH36)

    ============== RECHERCHE ==============


    0,Dossier trouvé: C:\Program Files\AGI
    0,Dossier trouvé: C:\Users\Sébastien\AppData\LocalLow\Conduit
    0,Dossier trouvé: C:\Program Files\Conduit
    0,Dossier trouvé: C:\Users\Sébastien\AppData\Roaming\EoRezo
    0,Dossier trouvé: C:\Users\thierry\AppData\Roaming\EoRezo
    0,Dossier trouvé: C:\Users\Sébastien\AppData\Local\EoRezo
    0,Dossier trouvé: C:\Users\Sébastien\AppData\Roaming\ItsLabel
    0,Dossier trouvé: C:\Users\thierry\AppData\Roaming\ItsLabel
    0,Dossier trouvé: C:\Program Files\SpiderMessenger

    1,Clé trouvée: HKLM\Software\Classes\CLSID\{4260e0cc-0f75-462e-88a3-1e05c248bf4c}
    3,Clé trouvée: HKLM\Software\Classes\AppID\{E142D053-7023-4B33-AF22-91F14202142D}
    1,Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4260e0cc-0f75-462e-88a3-1e05c248bf4c}
    0,Clé trouvée: HKLM\Software\Classes\Toolbar.CT2187070
    0,Clé trouvée: HKLM\Software\Conduit
    0,Clé trouvée: HKLM\Software\EoRezo
    0,Clé trouvée: HKCU\Software\Binary Noise\mPlayer\kiwee_toolbar_installer.exe
    0,Clé trouvée: HKCU\Software\EoRezo
    0,Clé trouvée: HKCU\Software\AppDataLow\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}
    0,Clé trouvée: HKCU\Software\AppDataLow\Software\Conduit
    3,Clé trouvée: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}
    0,Clé trouvée: HKCU\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}
    0,Clé trouvée: HKLM\Software\Microsoft\Code Store Database\Distribution Units\CabBuilder

    0,Valeur trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Run|Eoengine
    0,Valeur trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Run|Eoweather
    0,Valeur trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Run|Eorezo
    0,Valeur trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Run|spidermessenger
    0,Valeur trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Run|spidermessenger


    ============== SCAN ADDITIONNEL ==============

    ** Internet Explorer Version [8.0.6001.18702] **

    [HKCU\Software\Microsoft\Internet Explorer\Main]
    AutoHide: yes
    Default_Page_URL: hxxp://go.packardbell.com/?id=9136
    Default_Search_URL: hxxp://www.google.com/ie
    Do404Search: 0x01000000
    Enable Browser Extensions: yes
    First Home Page: hxxp://y.lo.st
    Local Page: C:\Windows\system32\blank.htm
    Search Page: hxxp://www.google.com
    Show_ToolBar: yes
    Start Page: hxxp://y.lo.st
    Use Search Asst: no

    [HKLM\Software\Microsoft\Internet Explorer\Main]
    AutoHide: yes
    Default_Page_URL: hxxp://go.microsoft.com/fwlink/?LinkId=69157
    Default_Search_URL: hxxp://go.microsoft.com/fwlink/?LinkId=54896
    Delete_Temp_Files_On_Exit: yes
    Local Page: C:\Windows\System32\blank.htm
    Search Page: hxxp://go.microsoft.com/fwlink/?LinkId=54896
    Start Page: hxxp://go.microsoft.com/fwlink/?LinkId=69157

    [HKLM\Software\Microsoft\Internet Explorer\ABOUTURLS]
    Tabs: hxxp://y.lo.st
    Blank: res://mshtml.dll/blank.htm

    ========================================

    C:\Program Files\Ad-Remover\Quarantine: 0 Fichier(s)
    C:\Program Files\Ad-Remover\Backup: 1 Fichier(s)

    C:\Ad-Report-SCAN[1].txt - 17/10/2010 (3479 Octet(s))

    Fin à: 19:56:07, 17/10/2010

    ============== E.O.F ==============
    a c 548 8 Sécurité
    17 Octobre 2010 20:15:00

    Re,

    Ok, passe au nettoyage :

    Relance AD-R :

    /!\ Désactive tes protections résidentes : antivirus, antispyware ... Déconnecte-toi et ferme toutes les applications en cours (notamment ton navigateur)/!\

  • Lance-le via le raccourci Ad-R situé sur ton Bureau.
    (Utilisateur de Vista/Windows 7, clique-droit sur le raccourci de Ad-R -> Exécuter en tant qu'administrateur)
  • Valide l'avertissement, puis, dans la fenêtre principal, choisis l'option Nettoyer, et valide avec "Oui"
  • A la fin, appuie sur une touche, un rapport apparaitra (sinon, il est situé ici C:\Ad-report(date).log). Poste-le dans ta prochaine réponse

    /!\ N'oublie pas de réactiver tes protections résidentes /!\


    Ps : Process est détecté par certains antivirus (Antivir, DrWeb, Kaspersky) comme étant un programme malveillant, ce n'est pas le cas. Si tu as une alerte concernant ce fichier, n'empêche pas process de s'exécuter.
    http://www.beyondlogic.org/consulting/processutil/proce...


    Puis refais ceci :

    Relance OTL :

  • Ferme toutes tes fenêtres, puis double clique sur OTL.exe pour le lancer.
    (Utilisateur de Vista/Windows 7 faites un clic droit -> "Exécuter en tant qu'administrateur")
  • Sous Personnalisation, copie-colle l'ensemble du texte ci-dessous, laisse les autres options par défaut.
    netsvcs
    msconfig
    drivers32
    %SYSTEMDRIVE%\*.exe
    %ALLUSERSPROFILE%\Application Data\*.
    %ALLUSERSPROFILE%\Application Data\*.exe /s
    %APPDATA%\*.
    %APPDATA%\*.exe /s
    %systemroot%\*. /mp /s
    %systemroot%\system32\*.dll /lockedfiles
    %systemroot%\Tasks\*.job /lockedfiles
    %systemroot%\system32\drivers\*.sys /lockedfiles
    CREATERESTOREPOINT

  • Coche l'option "Avec liste blanche" sous "Registre : approfondi"
  • Clique sur le bouton Analyse en haut à gauche puis patiente quelques instants.
  • A la fin du scan, deux rapports s'ouvriront OTL.Txt et Extras.Txt. Copie/colle ici l'ensemble des rapports.
    PS : Les rapports sont aussi enregistrés sur le bureau

    Pour les rapports, merci d'utiliser ce service de rapport en ligne : dépose le fichier via "parcourir" et poste simplement le lien obtenu.
    17 Octobre 2010 20:29:43

    Le rapport de AD-R :


    ======= RAPPORT D'AD-REMOVER 2.0.0.1,F | UNIQUEMENT XP/VISTA/7 =======

    Mis à jour par C_XX le 16/09/10 à 13:30
    Contact: AdRemover.contact[AT]gmail.com
    Site web: http://www.teamxscript.org

    C:\Program Files\Ad-Remover\main.exe (CLEAN [1]) -> Lancé à 20:20:56 le 17/10/2010, Mode normal

    Microsoft® Windows Vista™ Édition Familiale Basique Service Pack 1 (X86)
    Sébastien@PC-DE-THIERRY (PACKARD BELL BV EasyNote MH36)

    ============== ACTION(S) ==============


    0,Dossier supprimé: C:\Program Files\AGI
    0,Dossier supprimé: C:\Users\Sébastien\AppData\LocalLow\Conduit
    0,Dossier supprimé: C:\Program Files\Conduit
    0,Dossier supprimé: C:\Users\Sébastien\AppData\Roaming\EoRezo
    0,Dossier supprimé: C:\Users\thierry\AppData\Roaming\EoRezo
    0,Dossier supprimé: C:\Users\Sébastien\AppData\Local\EoRezo
    0,Dossier supprimé: C:\Users\Sébastien\AppData\Roaming\ItsLabel
    0,Dossier supprimé: C:\Users\thierry\AppData\Roaming\ItsLabel
    0,Dossier supprimé: C:\Program Files\SpiderMessenger

    (!) -- Fichiers temporaires supprimés.


    1,Clé supprimée: HKLM\Software\Classes\CLSID\{4260e0cc-0f75-462e-88a3-1e05c248bf4c}
    3,Clé supprimée: HKLM\Software\Classes\AppID\{E142D053-7023-4B33-AF22-91F14202142D}
    1,Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4260e0cc-0f75-462e-88a3-1e05c248bf4c}
    0,Clé supprimée: HKLM\Software\Classes\Toolbar.CT2187070
    0,Clé supprimée: HKLM\Software\Conduit
    0,Clé supprimée: HKLM\Software\EoRezo
    0,Clé supprimée: HKCU\Software\Binary Noise\mPlayer\kiwee_toolbar_installer.exe
    0,Clé supprimée: HKCU\Software\EoRezo
    0,Clé supprimée: HKCU\Software\AppDataLow\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}
    0,Clé supprimée: HKCU\Software\AppDataLow\Software\Conduit
    3,Clé supprimée: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}
    0,Clé supprimée: HKCU\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}
    0,Clé supprimée: HKLM\Software\Microsoft\Code Store Database\Distribution Units\CabBuilder

    0,Valeur supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Run|Eoengine
    0,Valeur supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Run|Eoweather
    0,Valeur supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Run|Eorezo
    0,Valeur supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Run|spidermessenger
    0,Valeur supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Run|spidermessenger


    ============== SCAN ADDITIONNEL ==============

    ** Internet Explorer Version [8.0.6001.18702] **

    [HKCU\Software\Microsoft\Internet Explorer\Main]
    AutoHide: yes
    Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnh...
    Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    Do404Search: 0x01000000
    Enable Browser Extensions: yes
    Local Page: C:\Windows\system32\blank.htm
    Search bar: hxxp://go.microsoft.com/fwlink/?linkid=54896
    Show_ToolBar: yes
    Start Page: hxxp://fr.msn.com/
    Use Search Asst: no

    [HKLM\Software\Microsoft\Internet Explorer\Main]
    AutoHide: yes
    Default_Page_URL: hxxp://go.microsoft.com/fwlink/?LinkId=54896
    Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    Delete_Temp_Files_On_Exit: yes
    Local Page: C:\Windows\System32\blank.htm
    Search bar: hxxp://search.msn.com/spbasic.htm
    Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    Start Page: hxxp://fr.msn.com/

    [HKLM\Software\Microsoft\Internet Explorer\ABOUTURLS]
    Tabs: res://ieframe.dll/tabswelcome.htm
    Blank: res://mshtml.dll/blank.htm

    ========================================

    C:\Program Files\Ad-Remover\Quarantine: 720 Fichier(s)
    C:\Program Files\Ad-Remover\Backup: 16 Fichier(s)

    C:\Ad-Report-CLEAN[1].txt - 17/10/2010 (3710 Octet(s))
    C:\Ad-Report-SCAN[1].txt - 17/10/2010 (3608 Octet(s))

    Fin à: 20:24:00, 17/10/2010

    ============== E.O.F ==============
    a c 548 8 Sécurité
    18 Octobre 2010 17:39:27

    Re,

    Relance OTL.exe
    (Utilisateur de Vista/Windows 7 faites un clic droit -> "Exécuter en tant qu'administrateur")

  • Copie/colle ce qui suit dans le cadre Personnalisation en bas à gauche.
    :OTL
    FF - HKLM\software\mozilla\Firefox\Extensions\\SpiderMessengerHelper@spidermessenger.com:
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.112.10,85.255.112.133
    O20 - HKCU Winlogon: Shell - (C:\RECYCLER\S-1-5-21-0324232222-888888379-781133308-1995\recyclebin.exe) - C:\RECYCLER\S-1-5-21-0324232222-888888379-781133308-1995\recyclebin.exe File not found
    O33 - MountPoints2\{24d43b83-07f3-11df-b749-00238b32f317}\Shell\AutoRun\command - "" = E:\cobn8w3.exe -- File not found
    O33 - MountPoints2\{24d43b83-07f3-11df-b749-00238b32f317}\Shell\open\Command - "" = E:\cobn8w3.exe -- File not found
    O33 - MountPoints2\{804abd7c-fac0-11de-aaec-00238b32f317}\Shell\Auto\command - "" = F:\launcher.exe -- File not found
    O33 - MountPoints2\{f1ee38f3-f0c8-11de-b6a4-00238b32f317}\Shell\Auto\command - "" = E:\launcher.exe -- File not found
    MsConfig - StartUpReg: testloud - hkey= - key= - C:\ProgramData\Dash find find.iq0 File not found
    [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
    [2009/07/11 17:41:54 | 000,376,848 | ---- | C] () -- C:\ProgramData\Dash find find.iq0uqn
    [2009/07/11 17:20:04 | 000,008,208 | ---- | C] () -- C:\ProgramData\Dash find find.s4mdo5
    [2009/07/11 16:58:13 | 000,053,264 | ---- | C] () -- C:\ProgramData\Dash find find.l1nubu
    [2009/07/11 16:36:22 | 000,090,128 | ---- | C] () -- C:\ProgramData\Dash find find.y9bokrt
    [2009/07/11 16:14:32 | 000,368,656 | ---- | C] () -- C:\ProgramData\Dash find find.8er6wo2
    [2009/07/11 15:52:42 | 000,008,208 | ---- | C] () -- C:\ProgramData\Dash find find.w09ud
    [2009/07/11 15:30:51 | 000,004,112 | ---- | C] () -- C:\ProgramData\Dash find find.tselh
    [2009/07/11 15:09:01 | 000,294,928 | ---- | C] () -- C:\ProgramData\Dash find find.jb7enjb
    [2009/07/11 14:47:10 | 000,319,504 | ---- | C] () -- C:\ProgramData\Dash find find.r0yws0
    [2009/07/11 14:21:46 | 000,315,408 | ---- | C] () -- C:\ProgramData\Dash find find.hjqvx09
    [2009/07/11 13:59:55 | 000,053,264 | ---- | C] () -- C:\ProgramData\Dash find find.kyvv9
    [2009/07/11 13:38:05 | 000,000,016 | ---- | C] () -- C:\ProgramData\Dash find find.68kc0h9
    [2009/07/11 13:16:14 | 000,073,744 | ---- | C] () -- C:\ProgramData\Dash find find.qszr7
    [2009/07/11 12:54:24 | 000,204,816 | ---- | C] () -- C:\ProgramData\Dash find find.ot1pq4m
    [2009/07/11 12:32:33 | 000,401,424 | ---- | C] () -- C:\ProgramData\Dash find find.tjr21d
    [2009/07/11 12:10:42 | 000,098,320 | ---- | C] () -- C:\ProgramData\Dash find find.sndo2
    [2009/07/11 11:48:52 | 000,102,416 | ---- | C] () -- C:\ProgramData\Dash find find.5fa09f
    [2009/07/11 11:27:01 | 000,114,704 | ---- | C] () -- C:\ProgramData\Dash find find.8akip
    [2009/07/11 11:05:10 | 000,229,392 | ---- | C] () -- C:\ProgramData\Dash find find.u9f9cr6
    [2009/07/11 10:43:20 | 000,225,296 | ---- | C] () -- C:\ProgramData\Dash find find.0ul0o
    [2009/07/11 10:21:29 | 000,299,024 | ---- | C] () -- C:\ProgramData\Dash find find.0fi7uis
    [2009/07/11 09:59:13 | 000,393,232 | ---- | C] () -- C:\ProgramData\Dash find find.g1tgh
    [2009/07/11 09:59:13 | 000,032,784 | ---- | C] () -- C:\ProgramData\Dash find find.njespzg
    [2009/01/16 22:34:13 | 000,000,000 | -H-D | M] -- C:\Users\Sébastien\AppData\Roaming\Symantec
    @Alternate Data Stream - 140 bytes -> C:\ProgramData\TEMP:289D66F1
    @Alternate Data Stream - 140 bytes -> C:\ProgramData\TEMP:1C322B97
    @Alternate Data Stream - 120 bytes -> C:\ProgramData\TEMP:6F58EB8B
    @Alternate Data Stream - 118 bytes -> C:\ProgramData\TEMP:03412444

    :Commands
    [purity]
    [emptytemp]


  • Puis clique sur le bouton Correction en haut à gauche
  • Si le pc demande à redémarrer accepte.
  • Poste le rapport de suppression.


    Télécharge MalwareByte's Anti-Malware :

  • Installe le programme (aide ici)
  • Lance-le et met à jour la base de définition.

  • Choisi ensuite "Exécuter un examen complet" puis "Rechercher"
  • Sélectionne les disques dur et clique sur "Lancer l'examen"
  • Laisse l'analyse se faire (cela peut durer longtemps).
  • A la fin, vérifie que les éléments trouvés soient coché (dans "Résultat de l'examen).
  • Puis clique sur "Supprimer la sélection" en bas.
  • Un redémarrage peut être nécessaire.

  • Un rapport va s'afficher, enregistre-le sur ton bureau.
  • ou sinon, après le démarrage, il se trouvera dans "Rapports/logs"

    [:_tom_:7]
    18 Octobre 2010 20:03:20

    Bonsoir,


    Je lance la Correction comme tu m'as indiqué mais OTL ne répond plus ( OTL(ne répond pas))...
    a c 548 8 Sécurité
    18 Octobre 2010 21:31:41

    Re,

    Tu as copié entièrement mon script et correctement (sans oublier de caractères) ?

    Tu as réessayé ? çà le fait à chaque fois ?


    Si oui, passe à l'étape avec MBAM, (malwarebyte's), on reviendra sur OTL ensuite ;) 
    19 Octobre 2010 09:14:34

    Bonjour,


    Oui j'ai recommencer 3-4 fois en attendant 5 à 10 minutes à chaque fois et rien ne bouge. Je copie/colle dans Personnalisation, et je clique sur Correction. Tout en bas à gauche un texte s'affiche, mais après il ne bouge plus.
    Je réessaye se matin, et si ça marche pas je passe à MBAM.

    Merci.
    19 Octobre 2010 09:48:40

    Re,


    J'ai recommencé plusieurs fois avec OTL, donc je passe à MBAM. Merci de m'aider.
    19 Octobre 2010 09:59:09

    Tout va mal se matin.. ! J'ouvre le site de Malwarebytes Anti-Malwer, je clique sur Télécharger en bas de la page (le bouton qui clignote en rouge) et ça m’envoie vers le site, sauf "Petit problème... Google Chrome n'est pas parvenu à trouver la page www.malwarebytes.org."... J'essaye en tapant le lien de Malwarebytes Anti-Malwer sur Google, pas de réponse non plus, non plus dans la barre url.

    Merci de m'aider malgré tant de problèmes..
    19 Octobre 2010 18:33:23

    Re,


    Voilà l'examen est terminé, que fais-je ?
    a c 548 8 Sécurité
    19 Octobre 2010 19:34:07

    :D 

    Tu me le poste, qu'on regarde ...

    Ouvre MBAM, puis onglet "rapports/logs"
    Tu double-cliques sur le rapport, il va s'ouvrir en fichier texte, tu copie-colles son contenu ici dans ta prochaine réponse.
    19 Octobre 2010 21:08:02

    Re,



    Malwarebytes' Anti-Malware 1.46
    www.malwarebytes.org

    Version de la base de données: 4881

    Windows 6.0.6001 Service Pack 1
    Internet Explorer 8.0.6001.18702

    19/10/2010 18:32:16
    mbam-log-2010-10-19 (18-32-16).txt

    Type d'examen: Examen complet (C:\|D:\|)
    Elément(s) analysé(s): 321996
    Temps écoulé: 1 heure(s), 15 minute(s), 15 seconde(s)

    Processus mémoire infecté(s): 0
    Module(s) mémoire infecté(s): 0
    Clé(s) du Registre infectée(s): 0
    Valeur(s) du Registre infectée(s): 1
    Elément(s) de données du Registre infecté(s): 4
    Dossier(s) infecté(s): 5
    Fichier(s) infecté(s): 15

    Processus mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Module(s) mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Clé(s) du Registre infectée(s):
    (Aucun élément nuisible détecté)

    Valeur(s) du Registre infectée(s):
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\shell (Trojan.Agent.M) -> Quarantined and deleted successfully.

    Elément(s) de données du Registre infecté(s):
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell (Hijack.Shell) -> Bad: (explorer.exe,C:\RECYCLER\S-1-5-21-0324232222-888888379-781133308-1995\recyclebin.exe) Good: (Explorer.exe) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\NameServer (Trojan.DNSChanger) -> Data: 85.255.112.10,85.255.112.133 -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{5fc50d3b-7226-4bd5-b7d5-d3c3ad8b3e20}\NameServer (Trojan.DNSChanger) -> Data: 85.255.112.133 -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{7254fcfa-db9d-4896-a6d7-a686e5fee2b9}\NameServer (Trojan.DNSChanger) -> Data: 85.255.112.10,85.255.112.133 -> Quarantined and deleted successfully.

    Dossier(s) infecté(s):
    C:\Users\thierry\AppData\Roaming\PCenter (Rogue.PCenter) -> Quarantined and deleted successfully.
    C:\Users\thierry\AppData\Roaming\PCenter\dbases (Rogue.PCenter) -> Quarantined and deleted successfully.
    C:\Users\thierry\AppData\Roaming\PCenter\keys (Rogue.PCenter) -> Quarantined and deleted successfully.
    C:\Users\thierry\AppData\Roaming\PCenter\temp (Rogue.PCenter) -> Quarantined and deleted successfully.
    C:\RECYCLER\S-1-5-21-0324232222-888888379-781133308-1995 (Trojan.Agent.M) -> Quarantined and deleted successfully.

    Fichier(s) infecté(s):
    C:\Program Files\Ad-Remover\Quarantine\C\Program Files\SpiderMessenger\SpiderMessenger.exe.vir (Spyware.AgenceExclusive) -> Quarantined and deleted successfully.
    C:\Program Files\GOPlayer\Uninstall.exe (Rogue.Installer) -> Quarantined and deleted successfully.
    C:\Users\thierry\AppData\Roaming\PCenter\dbases\cg.dat (Rogue.PCenter) -> Quarantined and deleted successfully.
    C:\Users\thierry\AppData\Roaming\PCenter\dbases\mw.dat (Rogue.PCenter) -> Quarantined and deleted successfully.
    C:\Users\thierry\AppData\Roaming\PCenter\dbases\rd.dat (Rogue.PCenter) -> Quarantined and deleted successfully.
    C:\Users\thierry\AppData\Roaming\PCenter\dbases\sc.dat (Rogue.PCenter) -> Quarantined and deleted successfully.
    C:\Users\thierry\AppData\Roaming\PCenter\dbases\sm.dat (Rogue.PCenter) -> Quarantined and deleted successfully.
    C:\Users\thierry\AppData\Roaming\PCenter\dbases\sp.dat (Rogue.PCenter) -> Quarantined and deleted successfully.
    C:\Users\thierry\AppData\Roaming\PCenter\keys\cg.key (Rogue.PCenter) -> Quarantined and deleted successfully.
    C:\Users\thierry\AppData\Roaming\PCenter\keys\rd.key (Rogue.PCenter) -> Quarantined and deleted successfully.
    C:\Users\thierry\AppData\Roaming\PCenter\keys\sc.key (Rogue.PCenter) -> Quarantined and deleted successfully.
    C:\Users\thierry\AppData\Roaming\PCenter\keys\sp.key (Rogue.PCenter) -> Quarantined and deleted successfully.
    C:\Users\thierry\AppData\Roaming\PCenter\temp\spfilter (Rogue.PCenter) -> Quarantined and deleted successfully.
    C:\RECYCLER\S-1-5-21-0324232222-888888379-781133308-1995\Desktop.ini (Trojan.Agent.M) -> Quarantined and deleted successfully.
    C:\Windows\System32\gaopdxcounter (Trojan.Agent) -> Quarantined and deleted successfully.
    a c 548 8 Sécurité
    20 Octobre 2010 16:45:16

    Re,

    Bon, c'est bien MBAM à fait le boulot que devait faire mon script OTL.

    Pour vérifier qu'il ne reste rien :

    Relance OTL :

  • Ferme toutes tes fenêtres, puis double clique sur OTL.exe pour le lancer.
    (Utilisateur de Vista/Windows 7 faites un clic droit -> "Exécuter en tant qu'administrateur")
  • Sous Personnalisation, copie-colle l'ensemble du texte ci-dessous, laisse les autres options par défaut.
    netsvcs
    msconfig
    drivers32
    %SYSTEMDRIVE%\*.exe
    %ALLUSERSPROFILE%\Application Data\*.
    %ALLUSERSPROFILE%\Application Data\*.exe /s
    %APPDATA%\*.
    %APPDATA%\*.exe /s
    %systemroot%\*. /mp /s
    %systemroot%\system32\*.dll /lockedfiles
    %systemroot%\Tasks\*.job /lockedfiles
    %systemroot%\system32\drivers\*.sys /lockedfiles
    CREATERESTOREPOINT

  • Clique sur le bouton Analyse en haut à gauche puis patiente quelques instants.
  • A la fin du scan, le rapport OTL.Txt va s'ouvrir. Copie/colle ici sont contenu.
    PS : Les rapports sont aussi enregistrés sur le bureau

    Pour les rapports, merci d'utiliser ce service de rapport en ligne : dépose le fichier via "parcourir" et poste simplement le lien obtenu.
    a c 548 8 Sécurité
    20 Octobre 2010 19:07:49

    Re,

    Ok, voyons si OTL fonctionne mieux maintenant :

    Relance OTL.exe
    (Utilisateur de Vista/Windows 7 faites un clic droit -> "Exécuter en tant qu'administrateur")

  • Copie/colle ce qui suit dans le cadre Personnalisation en bas à gauche.
    :OTL
    FF - HKLM\software\mozilla\Firefox\Extensions\\SpiderMessengerHelper@spidermessenger.com:
    O33 - MountPoints2\{24d43b83-07f3-11df-b749-00238b32f317}\Shell\AutoRun\command - "" = E:\cobn8w3.exe -- File not found
    O33 - MountPoints2\{24d43b83-07f3-11df-b749-00238b32f317}\Shell\open\Command - "" = E:\cobn8w3.exe -- File not found
    O33 - MountPoints2\{804abd7c-fac0-11de-aaec-00238b32f317}\Shell\Auto\command - "" = F:\launcher.exe -- File not found
    O33 - MountPoints2\{f1ee38f3-f0c8-11de-b6a4-00238b32f317}\Shell\Auto\command - "" = E:\launcher.exe -- File not found
    MsConfig - StartUpReg: testloud - hkey= - key= - C:\ProgramData\Dash find find.iq0 File not found
    [2009/07/11 17:41:54 | 000,376,848 | ---- | C] () -- C:\ProgramData\Dash find find.iq0uqn
    [2009/07/11 17:20:04 | 000,008,208 | ---- | C] () -- C:\ProgramData\Dash find find.s4mdo5
    [2009/07/11 16:58:13 | 000,053,264 | ---- | C] () -- C:\ProgramData\Dash find find.l1nubu
    [2009/07/11 16:36:22 | 000,090,128 | ---- | C] () -- C:\ProgramData\Dash find find.y9bokrt
    [2009/07/11 16:14:32 | 000,368,656 | ---- | C] () -- C:\ProgramData\Dash find find.8er6wo2
    [2009/07/11 15:52:42 | 000,008,208 | ---- | C] () -- C:\ProgramData\Dash find find.w09ud
    [2009/07/11 15:30:51 | 000,004,112 | ---- | C] () -- C:\ProgramData\Dash find find.tselh
    [2009/07/11 15:09:01 | 000,294,928 | ---- | C] () -- C:\ProgramData\Dash find find.jb7enjb
    [2009/07/11 14:47:10 | 000,319,504 | ---- | C] () -- C:\ProgramData\Dash find find.r0yws0
    [2009/07/11 14:21:46 | 000,315,408 | ---- | C] () -- C:\ProgramData\Dash find find.hjqvx09
    [2009/07/11 13:59:55 | 000,053,264 | ---- | C] () -- C:\ProgramData\Dash find find.kyvv9
    [2009/07/11 13:38:05 | 000,000,016 | ---- | C] () -- C:\ProgramData\Dash find find.68kc0h9
    [2009/07/11 13:16:14 | 000,073,744 | ---- | C] () -- C:\ProgramData\Dash find find.qszr7
    [2009/07/11 12:54:24 | 000,204,816 | ---- | C] () -- C:\ProgramData\Dash find find.ot1pq4m
    [2009/07/11 12:32:33 | 000,401,424 | ---- | C] () -- C:\ProgramData\Dash find find.tjr21d
    [2009/07/11 12:10:42 | 000,098,320 | ---- | C] () -- C:\ProgramData\Dash find find.sndo2
    [2009/07/11 11:48:52 | 000,102,416 | ---- | C] () -- C:\ProgramData\Dash find find.5fa09f
    [2009/07/11 11:27:01 | 000,114,704 | ---- | C] () -- C:\ProgramData\Dash find find.8akip
    [2009/07/11 11:05:10 | 000,229,392 | ---- | C] () -- C:\ProgramData\Dash find find.u9f9cr6
    [2009/07/11 10:43:20 | 000,225,296 | ---- | C] () -- C:\ProgramData\Dash find find.0ul0o
    [2009/07/11 10:21:29 | 000,299,024 | ---- | C] () -- C:\ProgramData\Dash find find.0fi7uis
    [2009/07/11 09:59:13 | 000,393,232 | ---- | C] () -- C:\ProgramData\Dash find find.g1tgh
    [2009/07/11 09:59:13 | 000,032,784 | ---- | C] () -- C:\ProgramData\Dash find find.njespzg
    [2009/01/16 22:34:13 | 000,000,000 | -H-D | M] -- C:\Users\Sébastien\AppData\Roaming\Symantec
    @Alternate Data Stream - 140 bytes -> C:\ProgramData\TEMP:289D66F1
    @Alternate Data Stream - 140 bytes -> C:\ProgramData\TEMP:1C322B97
    @Alternate Data Stream - 120 bytes -> C:\ProgramData\TEMP:6F58EB8B
    @Alternate Data Stream - 118 bytes -> C:\ProgramData\TEMP:03412444

    :Commands
    [purity]
    [emptytemp]


  • Puis clique sur le bouton Correction en haut à gauche
  • Si le pc demande à redémarrer accepte.
  • Poste le rapport de suppression.
    20 Octobre 2010 22:26:00

    Bonsoir,


    ça ne marche toujours pas. Demain je pars en Tunisie, et je reviens que dans une semaine, donc je ne pourrais pas me connecter à Internet. Merci de votre compréhension, et pour l'aide fournit jusqu'à présent !
    a c 548 8 Sécurité
    22 Octobre 2010 17:09:12

    Re,

    Ok, pas de souci, moi j'ai le temps :lol:  Bon voyage ...

    Au retour, faudrait essayer ceci :

    Télécharge OTM (de OldTimer) sur le bureau.

  • Double-clique sur OTM pour le lancer. (si vous êtes sous Vista, faire un clic droit dessus et sélectionner Exécuter en tant qu'administrateur)
  • Copie/colle le contenu du cadre ci dessous dans le cadre de gauche de OTM nommé Paste Instructions for Items to be Moved.

    :Reg
    [-HKLM\software\mozilla\Firefox\Extensions\SpiderMessengerHelper@spidermessenger.com]
    [-HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{24d43b83-07f3-11df-b749-00238b32f317}]
    [-HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{804abd7c-fac0-11de-aaec-00238b32f317}]
    [-HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f1ee38f3-f0c8-11de-b6a4-00238b32f317}]

    :Files
    C:\ProgramData\Dash find find.iq0uqn
    C:\ProgramData\Dash find find.s4mdo5
    C:\ProgramData\Dash find find.l1nubu
    C:\ProgramData\Dash find find.y9bokrt
    C:\ProgramData\Dash find find.8er6wo2
    C:\ProgramData\Dash find find.w09ud
    C:\ProgramData\Dash find find.tselh
    C:\ProgramData\Dash find find.jb7enjb
    C:\ProgramData\Dash find find.r0yws0
    C:\ProgramData\Dash find find.hjqvx09
    C:\ProgramData\Dash find find.kyvv9
    C:\ProgramData\Dash find find.68kc0h9
    C:\ProgramData\Dash find find.qszr7
    C:\ProgramData\Dash find find.ot1pq4m
    C:\ProgramData\Dash find find.tjr21d
    C:\ProgramData\Dash find find.sndo2
    C:\ProgramData\Dash find find.5fa09f
    C:\ProgramData\Dash find find.8akip
    C:\ProgramData\Dash find find.u9f9cr6
    C:\ProgramData\Dash find find.0ul0o
    C:\ProgramData\Dash find find.0fi7uis
    C:\ProgramData\Dash find find.g1tgh
    C:\ProgramData\Dash find find.njespzg
    C:\Users\Sébastien\AppData\Roaming\Symantec
    @C:\ProgramData\TEMP:289D66F1
    @C:\ProgramData\TEMP:1C322B97
    @C:\ProgramData\TEMP:6F58EB8B
    @C:\ProgramData\TEMP:03412444

    :Commands
    [emptytemp]


  • Clique sur MoveIt! pour lancer la suppression.
  • Copie le contenu de la fenêtre de résultat et poste le sur le forum.
  • Quitte OTM

    Note : Si un fichier ou dossier ne peut être supprimé immédiatement, le pc demandera à redémarrer, accepte en cliquant sur OK. Dans ce cas, après redémarrage, ouvre le fichier .log le plus récent dans le dossier C:\_OTM\MovedFiles et poste son contenu.
    29 Octobre 2010 09:23:38

    Bonjour,

    Alors j'ai dl OTM, comme tu me l'as dis, je rentre le contenu ci-dessus, et je clique sur MoveIt! Tout va pas pour mieux, jusqu'au moment ou OTM cesse de fonctionner ( OTM a cessé de fonctionner à cause d'un autre programme.. ) Je rallume mon PC et cette fenêtre s'allume :


    Files moved on Reboot...

    Registry entries deleted on Reboot...


    Que fais-je maintenant ?
    Merci de ton aide depuis le début !
    a c 548 8 Sécurité
    29 Octobre 2010 17:42:48

    Re,

    Et y'a rien sous
    Citation :
    Files moved on Reboot...

    Registry entries deleted on Reboot...
    ?

    Pour voir ;


    Relance OTL :

  • Ferme toutes tes fenêtres, puis double clique sur OTL.exe pour le lancer.
    (Utilisateur de Vista/Windows 7 faites un clic droit -> "Exécuter en tant qu'administrateur")
  • Sous Personnalisation, copie-colle l'ensemble du texte ci-dessous, laisse les autres options par défaut.
    netsvcs
    msconfig
    drivers32
    %SYSTEMDRIVE%\*.exe
    %ALLUSERSPROFILE%\Application Data\*.
    %ALLUSERSPROFILE%\Application Data\*.exe /s
    %APPDATA%\*.
    %APPDATA%\*.exe /s
    %systemroot%\*. /mp /s
    %systemroot%\system32\*.dll /lockedfiles
    %systemroot%\Tasks\*.job /lockedfiles
    %systemroot%\system32\drivers\*.sys /lockedfiles
    CREATERESTOREPOINT

  • Clique sur le bouton Analyse en haut à gauche puis patiente quelques instants.
  • A la fin du scan, le rapport OTL.Txt s'ouvrira. Copie/colle ici son contenu.
    PS : Les rapports sont aussi enregistrés sur le bureau

    Pour les rapports, merci d'utiliser ce service de rapport en ligne : dépose le fichier via "parcourir" et poste simplement le lien obtenu.
    29 Octobre 2010 18:08:05

    Non, cela m'étonnais aussi, mais non il n'y a rien.
    a c 548 8 Sécurité
    31 Octobre 2010 14:53:43

    Re,

    Bah, le fix à fonctionné malgré tout, ce que je voulais supprimer à disparu.


    Encore des symptômes ? Des soucis ?

    Sinon, on fini le ménage et on boucle.
    1 Novembre 2010 17:56:23

    Bonjour,

    Moi depuis qu'on a commencer à faire ce que tu m'as dis, rien n'a apparu. Donc on peut finir =)
    a c 548 8 Sécurité
    1 Novembre 2010 18:52:12

    Re,

    Ok, finissons.


    1) Relance OTL.exe
    (Utilisateur de Vista/Windows 7 faites un clic droit -> "Exécuter en tant qu'administrateur")

  • Clique sur "Purge d'outils"
  • Valide l'avertissement par "ok" et laisse le pc redémarrer.

    Si AD-R est encore présent, ouvre-le puis clique sur "désinstaller"


    2) Purge ta restauration système :

    Elle contient des restes des infections.
    Suis ce tuto pour la purger :
    http://www.inforumatique.fr/post82670.html#p82670


    3) Met à jour ton système est les programmes

    Met à jour Java vers la version 6 update 22 :
    http://www.java.com/fr/download/



    Pour aller plus loin dans ta protection et éviter de te faire réinfecter voici quelques conseils supplémentaires :

  • Utiliser un navigateur alternatif pour surfer de manière plus sécurisée :
    Firefox offre une meilleure sécurité par rapport à Internet Explorer, surtout si on le complète de quelques plugins très intéressant : Noscript et WOT par exemple.

  • Maintenir ses logiciels et son système à jour :
    De nombreuses infections sont dû à des failles de windows, mais aussi de logiciel tiers, comme Sun Java, Adobe Acrobat Reader, etc
    Tu peux faire un scan de vulnérabilité pour connaitre tes logiciels présentant des failles non corrigées ou à mettre à jour.

    Enfin, le plus important reste ton comportement sur ton PC, tu restes la plus importante protection : Évites les comportement à risque : P2P, cracks, téléchargements et installations douteux via des pubs, les messageries instantanées, ou des sites inconnu, sites pornographiques.
    A lire !
    1 Novembre 2010 19:43:51

    Re,

    Alors j'ai fais Purge d'outils avec OTL, et désinstaller AD-R. J'ai lancer le tuto et au moment ou je dois décocher le disque, je ne peux pas, je clique sur la case, mais rien ne se passe.
    PS : J'ai un disque nommé mp, je le coche ou pas ?
    1 Novembre 2010 19:49:12

    Re,

    Au stade ou je dois décocher le(s) disque(s), il n'y a pas non plus marqué :

    "Vous pouvez également utiliser des points de restauration pour restaurer des versions précédentes des fichiers, appelés clichés instantanés"
    Et je ne peux pas non plus créer un point de restauration.

    Merci de ton aide !
    a c 548 8 Sécurité
    1 Novembre 2010 21:31:27

    Re,

    La purge de la restauration système, il ne faut le faire que sur le disque ou Windows est installé (donc généralement C:) 

    Ne le fais pas sur les autres.


    Si tu l'as fait sur C:, laisse comme çà.
    Si tu ne peux pas décocher sur C:, dis-le moi.

    [:_tom_:7]
    1 Novembre 2010 22:36:41

    Re,

    J'ai deux disques trouvés, C: et mp. C: est cocher naturellement et je ne peux le décocher, et mp n'est pas coché.
    a c 548 8 Sécurité
    2 Novembre 2010 16:06:31

    Re,

    Ok, OTL est encore présent ? si oui, fait ceci :

    (sinon retélécharge-le : http://oldtimer.geekstogo.com/OTL.exe )

    Relance OTL.exe
    (Utilisateur de Vista/Windows 7 faites un clic droit -> "Exécuter en tant qu'administrateur")

  • Copie/colle ce qui suit dans le cadre Personnalisation en bas à gauche.

    :Commands
    [CLEARALLRESTOREPOINTS]
    [CREATERESTOREPOINT]


  • Puis clique sur le bouton Correction en haut à gauche
  • Si le pc demande à redémarrer accepte.
  • Poste le rapport.

    çà devrait suffire
    2 Novembre 2010 19:15:07

    Bonsoir,

    Voilà le rapport : ========== COMMANDS ==========



    OTL by OldTimer - Version 3.2.17.1 log created on 11022010_191412
    a c 548 8 Sécurité
    2 Novembre 2010 19:40:02

    Re,

    Arf :lol:  je verrais pas si çà a marché ...

    Regarde s'il te plait si tu ne possèdes plus qu'un seul point de restauration, nommé "OTL"

    Démarrer ->Tous les programmes -> accessoires -> outils système -> restauration système

    Dis-moi si c'est bon.
    2 Novembre 2010 20:18:27

    Re,

    J'ouvre restauration système, je coche la case "choisir un autre point de restauration" et je clique sur "suivant" et après je n'ai qu'un seul point de restauration nommé " Installer : OTL Restore Point ". Donc c'est bon =)
    Que fais-je maintenant ?
    a c 548 8 Sécurité
    2 Novembre 2010 21:52:04

    Re,

    Ok, nickel.

    Bah si tu as fini tout ce que je t'ai indiqué dans mon post final, et lu un peu les conseil, maintenant, c'est tout :lol: 


    Tu peux indiquer ton sujet "réglé" en cliquant sur le bouton "éditer" dans ton tout premier message.
    -> Ajoute ensuite "résolu" à coté de ton titre et valide.


    A bientôt sur les forums Tom's Guide
    5 Novembre 2010 20:20:14

    Bonsoir,

    Il me reste l'avant dernier point, que je ne peux pas faire et le dernier aussi que je n'ai pas essayer. Dois-je le faire ou c'est bon ?
    Merci pour tout !
    a c 548 8 Sécurité
    6 Novembre 2010 09:01:39

    Re,

    Tu parles dans les conseils ?

    Indique-moi les points. Les principaux, ce sont ceux en orange, après, ce sont des conseils, qu'il est bon de respecter, mais pas indispensable, sauf le maintient à jour de son système et des programmes !
    6 Novembre 2010 10:51:00

    Bonjour,

    Alors celle-ci n'est pas faite car ça ne marche pas :
    "2) Purge ta restauration système :

    Elle contient des restes des infections.
    Suis ce tuto pour la purger :
    http://www.inforumatique.fr/post82670.html#p82670"

    Et celle-ci je n'ai pas essayer :
    "3) Met à jour ton système est les programmes

    Met à jour Java vers la version 6 update 22 :
    http://www.java.com/fr/download/ "
    Dois-je la faire ?
    a c 548 8 Sécurité
    6 Novembre 2010 14:20:31

    Re,

    Pour la purge, non, c'est ce qu'on a fait auparavant.

    Pour mettre à jour Java, oui, absolument, tout comme tu dois toujours tenir à jour tous tes programmes ! (failles de sécurité)

    [:_tom_:7]
    6 Novembre 2010 18:41:39

    Re, ok je met à jour Java. Pour les programme je les mets à jour maintenant que ça marche ^^
    6 Novembre 2010 18:45:59

    Re,

    Voilà j'ai fais tout ce que tu m'as dis et lu tes conseils, par contre je suis avec Internet Explorer et j'utilise google chrome ;)  Je ne sais pas si ça sert à quelque chose de te le dire mais tant pis.

    Merci beaucoup pour ton aide !
        • 1 / 2
        • 2
        • Dernier
    Tom's guide dans le monde
    • Allemagne
    • Italie
    • Irlande
    • Royaume Uni
    • Etats Unis
    Suivre Tom's Guide
    Inscrivez-vous à la Newsletter
    • ajouter à twitter
    • ajouter à facebook
    • ajouter un flux RSS