Se connecter / S'enregistrer
Votre question

Message erreur 1706 lors de l'ouverture du pc

Tags :
  • Sécurité
Dernière réponse : dans Sécurité et virus
8 Octobre 2010 17:16:31

bonjour,
j'ai depuis un moment un message qui apparait lorque j'allume mon ps et quand j'ouvre internet
"error 1706 no valid source could be found for product search setting 12"
pouvez vous m'aidez
voici le scan de monpc

merci d'avance,
======= RAPPORT D'AD-REMOVER 2.0.0.1,F | UNIQUEMENT XP/VISTA/7 =======

Mis à jour par C_XX le 16/09/10 à 13:30
Contact: AdRemover.contact[AT]gmail.com
Site web: http://www.teamxscript.org

C:\Program Files\Ad-Remover\main.exe (SCAN [1]) -> Lancé à 14:30:25 le 07/10/2010, Mode normal

Microsoft® Windows Vista™ Édition Familiale Premium Service Pack 1 (X86)
sylvie@PC-DE-SYLVIE (Packard Bell BV EasyNote SB87)

============== RECHERCHE ==============

Service: "ASKService" Présent
Service: "ASKUpgrade" Présent

0,Dossier trouvé: C:\Program Files\Mozilla FireFox\extensions\search@searchsettings.com
0,Dossier trouvé: C:\Program Files\Mozilla FireFox\extensions\toolbar@dealio.com
0,Fichier trouvé: C:\Users\Public\MyWebTattoo.exe
0,Dossier trouvé: C:\Users\sylvie\AppData\Roaming\Mozilla\FireFox\Profiles\0mh32bf3.default\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}
0,Fichier trouvé: C:\Users\sylvie\AppData\Roaming\Mozilla\FireFox\Profiles\0mh32bf3.default\searchplugins\fast-browser-search.xml
0,Dossier trouvé: C:\Program Files\AskBarDis
0,Dossier trouvé: C:\Users\sylvie\AppData\LocalLow\Dealio
0,Dossier trouvé: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dealio
0,Dossier trouvé: C:\Program Files\Dealio
0,Dossier trouvé: C:\Program Files\Fast Browser Search
0,Dossier trouvé: C:\Program Files\Search Guard PlusU
0,Dossier trouvé: C:\Users\sylvie\AppData\LocalLow\Search Settings
0,Dossier trouvé: C:\Program Files\SGPSA
3,Fichier trouvé: C:\Windows\Installer\db34c.msi
3,Fichier trouvé: C:\Windows\Installer\db352.msi
0,Fichier trouvé: C:\Users\sylvie\AppData\Local\cxfbpm_nav.dat
2,Fichier trouvé: C:\Users\sylvie\AppData\Local\cxfbpm.dat
2,Fichier trouvé: C:\Users\sylvie\AppData\Local\cxfbpm.exe
0,Fichier trouvé: C:\Users\sylvie\AppData\Local\cxfbpm_navps.dat
3,Fichier trouvé: C:\Users\sylvie\AppData\Local\fzsmxqk.bat

-- Fichier ouvert: C:\Users\sylvie\AppData\Roaming\Mozilla\FireFox\Profiles\0mh32bf3.default\Prefs.js --
Ligne trouvée: user_pref("browser.search.defaultenginename", "Fast Browser Search" );
Ligne trouvée: user_pref("browser.search.defaultthis.engineName", "Fast Browser Search" );
Ligne trouvée: user_pref("browser.search.defaulturl", "hxxp://www.fastbrowsersearch.com/results/results.aspx?s=DEF&...
Ligne trouvée: user_pref("browser.search.order.1", "Fast Browser Search" );
Ligne trouvée: user_pref("browser.search.selectedEngine", "Fast Browser Search" );
Ligne trouvée: user_pref("extensions.snipit.askTbInstalled", true);
Ligne trouvée: user_pref("keyword.URL", "hxxp://www.fastbrowsersearch.com/results/results.aspx?s=NAUS&v...{3BD...
-- Fichier Fermé --


1,Clé trouvée: HKLM\Software\Classes\CLSID\{0702a2b6-13aa-4090-9e01-bcdc85dd933f}
1,Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0702a2b6-13aa-4090-9e01-bcdc85dd933f}
1,Clé trouvée: HKLM\Software\Classes\CLSID\{08993A7C-E764-4172-9627-BFB5EA6897B2}
1,Clé trouvée: HKLM\Software\Classes\CLSID\{128A6C66-AC6A-4617-8268-AB7F47B7215E}
1,Clé trouvée: HKLM\Software\Classes\CLSID\{1BB22D38-A411-4B13-A746-C2A4F4EC7344}
1,Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1BB22D38-A411-4B13-A746-C2A4F4EC7344}
1,Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1BB22D38-A411-4B13-A746-C2A4F4EC7344}
1,Clé trouvée: HKLM\Software\Classes\CLSID\{201f27d4-3704-41d6-89c1-aa35e39143ed}
1,Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}
1,Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{201f27d4-3704-41d6-89c1-aa35e39143ed}
1,Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{201f27d4-3704-41d6-89c1-aa35e39143ed}
1,Clé trouvée: HKLM\Software\Classes\CLSID\{3041d03e-fd4b-44e0-b742-2d9b88305f98}
1,Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3041d03e-fd4b-44e0-b742-2d9b88305f98}
1,Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3041d03e-fd4b-44e0-b742-2d9b88305f98}
1,Clé trouvée: HKLM\Software\Classes\CLSID\{571715D7-3395-4DF0-B43C-784836209E60}
1,Clé trouvée: HKLM\Software\Classes\CLSID\{57CADC46-58FF-4105-B733-5A9F3FC9783C}
1,Clé trouvée: HKLM\Software\Classes\CLSID\{622fd888-4e91-4d68-84d4-7262fd0811bf}
1,Clé trouvée: HKLM\Software\Classes\CLSID\{6A87B991-A31F-4130-AE72-6D0C294BF082}
1,Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6A87B991-A31F-4130-AE72-6D0C294BF082}
1,Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{6A87B991-A31F-4130-AE72-6D0C294BF082}
1,Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6A87B991-A31F-4130-AE72-6D0C294BF082}
1,Clé trouvée: HKLM\Software\Classes\CLSID\{8A9D74F9-560B-4FE7-ABEB-3B2E638E5CD6}
1,Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8A9D74F9-560B-4FE7-ABEB-3B2E638E5CD6}
1,Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{8A9D74F9-560B-4FE7-ABEB-3B2E638E5CD6}
1,Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8A9D74F9-560B-4FE7-ABEB-3B2E638E5CD6}
1,Clé trouvée: HKLM\Software\Classes\CLSID\{b0de3308-5d5a-470d-81b9-634fc078393b}
1,Clé trouvée: HKLM\Software\Classes\CLSID\{CA3EB689-8F09-4026-AA10-B9534C691CE0}
1,Clé trouvée: HKLM\Software\Classes\CLSID\{E312764E-7706-43F1-8DAB-FCDD2B1E416D}
1,Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E312764E-7706-43F1-8DAB-FCDD2B1E416D}
1,Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{E312764E-7706-43F1-8DAB-FCDD2B1E416D}
1,Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E312764E-7706-43F1-8DAB-FCDD2B1E416D}
1,Clé trouvée: HKLM\Software\Classes\CLSID\{F0626A63-410B-45E2-99A1-3F2475B2D695}
1,Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F0626A63-410B-45E2-99A1-3F2475B2D695}
1,Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F0626A63-410B-45E2-99A1-3F2475B2D695}
1,Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F0626A63-410B-45E2-99A1-3F2475B2D695}
1,Clé trouvée: HKLM\Software\Classes\CLSID\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}
1,Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}
1,Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}
1,Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}
1,Clé trouvée: HKLM\Software\Classes\Interface\{03C390E8-B836-4B82-8D56-1BFDDC06AE8A}
1,Clé trouvée: HKLM\Software\Classes\Interface\{2C4470A2-E099-4B9E-ABFE-BBA56D046AFD}
1,Clé trouvée: HKLM\Software\Classes\Interface\{391769AE-D8EC-45EC-967D-F5120456E514}
1,Clé trouvée: HKLM\Software\Classes\Interface\{39AEF150-C270-4690-AE7D-955E51BC8960}
1,Clé trouvée: HKLM\Software\Classes\Interface\{4634804A-F0B0-4A74-A550-FC0EEF8A4362}
1,Clé trouvée: HKLM\Software\Classes\Interface\{4C07EA4F-5F52-4222-B170-4CD9ED33BAEA}
1,Clé trouvée: HKLM\Software\Classes\Interface\{7C7B253C-967B-4385-901B-06873371B3CF}
1,Clé trouvée: HKLM\Software\Classes\Interface\{9F598C4D-E2FB-455C-9486-6AD3405620F2}
1,Clé trouvée: HKLM\Software\Classes\Interface\{C44FEFF4-EF0C-4CF7-83D0-92B4266A32B9}
1,Clé trouvée: HKLM\Software\Classes\Interface\{CD73B1AB-3403-4E47-B196-517C57BE76A2}
1,Clé trouvée: HKLM\Software\Classes\Interface\{D5A1EF9A-7948-435D-8B87-D6A598317288}
1,Clé trouvée: HKLM\Software\Classes\Interface\{F131923C-381D-4E4C-A472-4A17118FD742}
1,Clé trouvée: HKLM\Software\Classes\TypeLib\{3088C799-9630-4719-A471-4544D7CABC2D}
1,Clé trouvée: HKLM\Software\Classes\TypeLib\{4509D3CC-B642-4745-B030-645B79522C6D}
1,Clé trouvée: HKLM\Software\Classes\TypeLib\{4B1C1E16-6B34-430E-B074-5928ECA4C150}
1,Clé trouvée: HKLM\Software\Classes\TypeLib\{77AA25E8-6083-4949-A831-9CB11861DC10}
1,Clé trouvée: HKLM\Software\Classes\TypeLib\{CD082CCA-086F-4FD8-8FD7-247A0DBBD1CC}
1,Clé trouvée: HKLM\Software\Classes\TypeLib\{D2E5FA06-DCC7-46F9-BEFF-BFD06F69B9B2}
0,Clé trouvée: HKLM\Software\Classes\AskIBar.PopSwatterBarButton
0,Clé trouvée: HKLM\Software\Classes\AskIBar.PopSwatterBarButton.1
0,Clé trouvée: HKLM\Software\Classes\AskIBar.PopSwatterSettingsControl
0,Clé trouvée: HKLM\Software\Classes\AskIBar.PopSwatterSettingsControl.1
0,Clé trouvée: HKLM\Software\Classes\AskToolBar.SettingsPlugin
0,Clé trouvée: HKLM\Software\Classes\AskToolBar.SettingsPlugin.1
0,Clé trouvée: HKLM\Software\Classes\BHO.PSHelper
0,Clé trouvée: HKLM\Software\Classes\BHO.PSHelper.1
0,Clé trouvée: HKLM\Software\Classes\Dealio.DealioBHO
0,Clé trouvée: HKLM\Software\Classes\Dealio.DealioBHO.1
0,Clé trouvée: HKLM\Software\Classes\Dealio.DealioSearch
0,Clé trouvée: HKLM\Software\Classes\Dealio.DealioSearch.1
0,Clé trouvée: HKLM\Software\Classes\Dealio.DealioToolbar
0,Clé trouvée: HKLM\Software\Classes\Dealio.DealioToolbar.1
0,Clé trouvée: HKLM\Software\Classes\Dealio.DealioToolbarHelper
0,Clé trouvée: HKLM\Software\Classes\Dealio.DealioToolbarHelper.1
0,Clé trouvée: HKLM\Software\Classes\SearchSettings.BHO
0,Clé trouvée: HKLM\Software\Classes\SearchSettings.BHO.1
0,Clé trouvée: HKLM\Software\Dealio
0,Clé trouvée: HKLM\Software\Search Settings
0,Clé trouvée: HKLM\Software\AppDataLow\AskBarDis
0,Clé trouvée: HKCU\Software\AskBarDis
0,Clé trouvée: HKCU\Software\fcn
0,Clé trouvée: HKCU\Software\AppDataLow\AskBarDis
3,Clé trouvée: HKLM\Software\Classes\Installer\Products\81337C0DA4B761D40A4CB3380F57AE88
3,Clé trouvée: HKLM\Software\Classes\Installer\Products\C8465016C3C0D184C811F194256DBF35
3,Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Products\81337C0DA4B761D40A4CB3380F57AE88
3,Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Products\C8465016C3C0D184C811F194256DBF35
3,Clé trouvée: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{DB46ADE7-5010-4F34-83DE-41A5A54338B1}
3,Clé trouvée: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{E7B4FB96-55E8-4DB4-A20F-0D9C07FFBAFC}
3,Clé trouvée: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{456D56A7-1E61-47e2-BFCF-4B00D122C21F}
0,Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{D0C73318-7B4A-4D16-A0C4-3B83F075EA88}
0,Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Ask Toolbar_is1
0,Clé trouvée: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\Dealio
0,Clé trouvée: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\Search Settings
0,Clé trouvée: HKCU\Software\Microsoft\SystemCertificates\TrustedPublisher\Certificates\62119EF862C6B3A0D853419B87EB3E2F6C78640A
0,Clé trouvée: HKCU\Software\Microsoft\SystemCertificates\TrustedPublisher\Certificates\E6A6A4A475FCE37F8B5AC2F1244DEB2BFCA5615A
0,Clé trouvée: HKCU\Software\Microsoft\SystemCertificates\TrustedPublisher\Certificates\7EE743314C844C7F445B8B1D7617612DF1FDD50F
0,Clé trouvée: HKLM\Software\Microsoft\Internet Explorer\Extensions\{E908B145-C847-4e85-B315-07E2E70DECF8}

2,Valeur trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Run|cxfbpm
0,Valeur trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\WinTrust\Trust Providers\Software Publishing\Trust Database\0|goicfboogidikkejccmclpieicihhlpo jimddp
0,Valeur trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\WinTrust\Trust Providers\Software Publishing\Trust Database\0|goicfboogidikkejccmclpieicihhlpo hpfanicgkffmccehnpkikogcffaepkfp
0,Valeur trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\WinTrust\Trust Providers\Software Publishing\Trust Database\0|goicfboogidikkejccmclpieicihhlpo dgnckdmmolaijpbbakmplfhlfpdhglgc
0,Valeur trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Run|au
0,Valeur trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Run|FBSSA
0,Valeur trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Run|SearchSettings
0,Valeur trouvée: HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks|{91C18ED5-5E1C-4AE5-A148-A861DE8C8E16}
0,Valeur trouvée: HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks|{E312764E-7706-43F1-8DAB-FCDD2B1E416D}
0,Valeur trouvée: HKLM\Software\Microsoft\Internet Explorer\Toolbar|{E67C74F4-A00A-4F2C-9FEC-FD9DC004A67F}
0,Valeur trouvée: HKLM\Software\Microsoft\Internet Explorer\Toolbar|{1BB22D38-A411-4B13-A746-C2A4F4EC7344}
0,Valeur trouvée: HKLM\Software\Microsoft\Internet Explorer\Toolbar|{3041D03E-FD4B-44E0-B742-2D9B88305F98}
0,Valeur trouvée: HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser|{E67C74F4-A00A-4F2C-9FEC-FD9DC004A67F}
0,Valeur trouvée: HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser|{1BB22D38-A411-4B13-A746-C2A4F4EC7344}
0,Valeur trouvée: HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser|{3041D03E-FD4B-44E0-B742-2D9B88305F98}


============== SCAN ADDITIONNEL ==============

** Mozilla Firefox Version [3.0.19 (fr)] **

-- C:\Users\sylvie\AppData\Roaming\Mozilla\FireFox\Profiles\0mh32bf3.default\Prefs.js --
browser.download.dir, C:\\Users\\sylvie\\Downloads
browser.download.lastDir, C:\\Users\\sylvie\\Downloads
browser.search.defaultenginename, Fast Browser Search
browser.search.defaulturl, hxxp://www.fastbrowsersearch.com/results/results.aspx?s=DEF&v=...
browser.search.selectedEngine, Fast Browser Search
browser.startup.homepage, hxxp://go.microsoft.com/fwlink/?LinkId=69157
browser.startup.homepage_override.mstone, rv:1.9.0.19
keyword.URL, hxxp://www.fastbrowsersearch.com/results/results.aspx?s=NAUS&v...{3BDA5868-15D7-B956-333D-A4FE85FD9BC5...

========================================

** Internet Explorer Version [8.0.6001.18943] **

[HKCU\Software\Microsoft\Internet Explorer\Main]
AutoHide: no
Default_Page_URL: hxxp://format.packardbell.com/cgi-bin/redirect/?country=FR&range=AD&phase=8&key=IESTART
Do404Search: 0x01000000
Enable Browser Extensions: yes
Local Page: C:\Windows\system32\blank.htm
Search bar: hxxp://www.google.com/ie
Search Page: hxxp://www.google.com
Show_ToolBar: yes
Start Page: hxxp://www.google.fr/
Use Search Asst: no

[HKLM\Software\Microsoft\Internet Explorer\Main]
AutoHide: yes
Default_Page_URL: hxxp://go.microsoft.com/fwlink/?LinkId=69157
Default_Search_URL: hxxp://go.microsoft.com/fwlink/?LinkId=54896
Delete_Temp_Files_On_Exit: yes
Local Page: C:\Windows\System32\blank.htm
Search Page: hxxp://go.microsoft.com/fwlink/?LinkId=54896
Start Page: hxxp://go.microsoft.com/fwlink/?LinkId=69157

[HKLM\Software\Microsoft\Internet Explorer\ABOUTURLS]
Tabs: hxxp://www.fastbrowsersearch.com/new-tab/?v=19&tid={01EAEC6F-B983-47d6-A4C0-05B58661DFB8}
Blank: res://mshtml.dll/blank.htm

========================================

C:\Program Files\Ad-Remover\Quarantine: 0 Fichier(s)
C:\Program Files\Ad-Remover\Backup: 1 Fichier(s)

C:\Ad-Report-SCAN[1].txt - 07/10/2010 (15105 Octet(s))

Fin à: 14:33:55, 07/10/2010

============== E.O.F ==============

Autres pages sur : message erreur 1706 ouverture

a c 612 8 Sécurité
8 Octobre 2010 17:21:42

[:arslan:13] Bonsoir,


Mouarf c'est la réunion des adwares sur ton pc ...

Faut arrêter d'installer n'importe quoi qui clignote en naviguant ... et le sponsor des jeux, etc ... et lire un pue les conditions d'utilisation des logiciels ...


Relance Ad-R (de El Desaparecido / C_XX) :

/!\ Désactive tes protections résidentes : antivirus, antispyware ... Déconnecte-toi et ferme toutes les applications en cours (notamment ton navigateur)/!\

  • Lance-le via le raccourci Ad-R situé sur ton Bureau.
    (Utilisateur de Vista/Windows 7, clique-droit sur le raccourci de Ad-R -> Exécuter en tant qu'administrateur)
  • Valide l'avertissement, puis, dans la fenêtre principal, choisis l'option Nettoyer, et valide avec "Oui"
  • A la fin, appuie sur une touche, un rapport apparaitra (sinon, il est situé ici C:\Ad-report(date).log). Poste-le dans ta prochaine réponse

    /!\ N'oublie pas de réactiver tes protections résidentes /!\


    Ps : Process est détecté par certains antivirus (Antivir, DrWeb, Kaspersky) comme étant un programme malveillant, ce n'est pas le cas. Si tu as une alerte concernant ce fichier, n'empêche pas process de s'exécuter.
    http://www.beyondlogic.org/consulting/processutil/proce...



    Ensuite :

    Télécharge MalwareByte's Anti-Malware :

  • Installe le programme (aide ici)
  • Lance-le et met à jour la base de définition.

  • Choisi ensuite "Exécuter un examen complet" puis "Rechercher"
  • Sélectionne les disques dur et clique sur "Lancer l'examen"
  • Laisse l'analyse se faire (cela peut durer longtemps).
  • A la fin, vérifie que les éléments trouvés soient coché (dans "Résultat de l'examen).
  • Puis clique sur "Supprimer la sélection" en bas.
  • Un redémarrage peut être nécessaire.

  • Un rapport va s'afficher, enregistre-le sur ton bureau.
  • ou sinon, après le démarrage, il se trouvera dans "Rapports/logs"

    [:_tom_:7]
    9 Octobre 2010 18:43:39

    bonsoir

    merci pour l'aide
    voici le rapport recu par Ad-R
    ======= RAPPORT D'AD-REMOVER 2.0.0.1,F | UNIQUEMENT XP/VISTA/7 =======

    Mis à jour par C_XX le 16/09/10 à 13:30
    Contact: AdRemover.contact[AT]gmail.com
    Site web: http://www.teamxscript.org

    C:\Program Files\Ad-Remover\main.exe (CLEAN [1]) -> Lancé à 16:43:31 le 09/10/2010, Mode normal

    Microsoft® Windows Vista™ Édition Familiale Premium Service Pack 1 (X86)
    sylvie@PC-DE-SYLVIE (Packard Bell BV EasyNote SB87)

    ============== ACTION(S) ==============

    Service: "ASKService" Stoppé et supprimé
    Service: "ASKUpgrade" Stoppé et supprimé

    0,Dossier supprimé: C:\Program Files\Mozilla FireFox\extensions\search@searchsettings.com
    0,Dossier supprimé: C:\Program Files\Mozilla FireFox\extensions\toolbar@dealio.com
    0,Fichier supprimé: C:\Users\Public\MyWebTattoo.exe
    0,Dossier supprimé: C:\Users\sylvie\AppData\Roaming\Mozilla\FireFox\Profiles\0mh32bf3.default\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}
    0,Fichier supprimé: C:\Users\sylvie\AppData\Roaming\Mozilla\FireFox\Profiles\0mh32bf3.default\searchplugins\fast-browser-search.xml
    0,Dossier supprimé: C:\Program Files\AskBarDis
    0,Dossier supprimé: C:\Users\sylvie\AppData\LocalLow\Dealio
    0,Dossier supprimé: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dealio
    0,Dossier supprimé: C:\Program Files\Dealio
    0,Dossier supprimé: C:\Program Files\Fast Browser Search
    0,Dossier supprimé: C:\Program Files\Search Guard PlusU
    0,Dossier supprimé: C:\Users\sylvie\AppData\LocalLow\Search Settings
    0,Dossier supprimé: C:\Program Files\SGPSA
    3,Fichier supprimé: C:\Windows\Installer\db34c.msi
    3,Fichier supprimé: C:\Windows\Installer\db352.msi
    0,Fichier supprimé: C:\Users\sylvie\AppData\Local\cxfbpm_nav.dat
    2,Fichier supprimé: C:\Users\sylvie\AppData\Local\cxfbpm.dat
    2,Fichier supprimé: C:\Users\sylvie\AppData\Local\cxfbpm.exe
    0,Fichier supprimé: C:\Users\sylvie\AppData\Local\cxfbpm_navps.dat
    3,Fichier supprimé: C:\Users\sylvie\AppData\Local\fzsmxqk.bat

    (!) -- Fichiers temporaires supprimés.


    -- Fichier ouvert: C:\Users\sylvie\AppData\Roaming\Mozilla\FireFox\Profiles\0mh32bf3.default\Prefs.js --
    Ligne supprimée: user_pref("browser.search.defaultenginename", "Fast Browser Search");
    Ligne supprimée: user_pref("browser.search.defaultthis.engineName", "Fast Browser Search");
    Ligne supprimée: user_pref("browser.search.defaulturl", "hxxp://www.fastbrowsersearch.com/results/results.aspx?s=DEF&...
    Ligne supprimée: user_pref("browser.search.order.1", "Fast Browser Search");
    Ligne supprimée: user_pref("browser.search.selectedEngine", "Fast Browser Search");
    Ligne supprimée: user_pref("extensions.snipit.askTbInstalled", true);
    Ligne supprimée: user_pref("keyword.URL", "hxxp://www.fastbrowsersearch.com/results/results.aspx?s=NAUS&v...{3BD...
    -- Fichier Fermé --


    1,Clé supprimée: HKLM\Software\Classes\CLSID\{0702a2b6-13aa-4090-9e01-bcdc85dd933f}
    1,Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0702a2b6-13aa-4090-9e01-bcdc85dd933f}
    1,Clé supprimée: HKLM\Software\Classes\CLSID\{08993A7C-E764-4172-9627-BFB5EA6897B2}
    1,Clé supprimée: HKLM\Software\Classes\CLSID\{128A6C66-AC6A-4617-8268-AB7F47B7215E}
    1,Clé supprimée: HKLM\Software\Classes\CLSID\{1BB22D38-A411-4B13-A746-C2A4F4EC7344}
    1,Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1BB22D38-A411-4B13-A746-C2A4F4EC7344}
    1,Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1BB22D38-A411-4B13-A746-C2A4F4EC7344}
    1,Clé supprimée: HKLM\Software\Classes\CLSID\{201f27d4-3704-41d6-89c1-aa35e39143ed}
    1,Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}
    1,Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{201f27d4-3704-41d6-89c1-aa35e39143ed}
    1,Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{201f27d4-3704-41d6-89c1-aa35e39143ed}
    1,Clé supprimée: HKLM\Software\Classes\CLSID\{3041d03e-fd4b-44e0-b742-2d9b88305f98}
    1,Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3041d03e-fd4b-44e0-b742-2d9b88305f98}
    1,Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3041d03e-fd4b-44e0-b742-2d9b88305f98}
    1,Clé supprimée: HKLM\Software\Classes\CLSID\{571715D7-3395-4DF0-B43C-784836209E60}
    1,Clé supprimée: HKLM\Software\Classes\CLSID\{57CADC46-58FF-4105-B733-5A9F3FC9783C}
    1,Clé supprimée: HKLM\Software\Classes\CLSID\{622fd888-4e91-4d68-84d4-7262fd0811bf}
    1,Clé supprimée: HKLM\Software\Classes\CLSID\{6A87B991-A31F-4130-AE72-6D0C294BF082}
    1,Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6A87B991-A31F-4130-AE72-6D0C294BF082}
    1,Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{6A87B991-A31F-4130-AE72-6D0C294BF082}
    1,Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6A87B991-A31F-4130-AE72-6D0C294BF082}
    1,Clé supprimée: HKLM\Software\Classes\CLSID\{8A9D74F9-560B-4FE7-ABEB-3B2E638E5CD6}
    1,Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8A9D74F9-560B-4FE7-ABEB-3B2E638E5CD6}
    1,Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{8A9D74F9-560B-4FE7-ABEB-3B2E638E5CD6}
    1,Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8A9D74F9-560B-4FE7-ABEB-3B2E638E5CD6}
    1,Clé supprimée: HKLM\Software\Classes\CLSID\{b0de3308-5d5a-470d-81b9-634fc078393b}
    1,Clé supprimée: HKLM\Software\Classes\CLSID\{CA3EB689-8F09-4026-AA10-B9534C691CE0}
    1,Clé supprimée: HKLM\Software\Classes\CLSID\{E312764E-7706-43F1-8DAB-FCDD2B1E416D}
    1,Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E312764E-7706-43F1-8DAB-FCDD2B1E416D}
    1,Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{E312764E-7706-43F1-8DAB-FCDD2B1E416D}
    1,Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E312764E-7706-43F1-8DAB-FCDD2B1E416D}
    1,Clé supprimée: HKLM\Software\Classes\CLSID\{F0626A63-410B-45E2-99A1-3F2475B2D695}
    1,Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F0626A63-410B-45E2-99A1-3F2475B2D695}
    1,Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F0626A63-410B-45E2-99A1-3F2475B2D695}
    1,Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F0626A63-410B-45E2-99A1-3F2475B2D695}
    1,Clé supprimée: HKLM\Software\Classes\CLSID\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}
    1,Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}
    1,Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}
    1,Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}
    1,Clé supprimée: HKLM\Software\Classes\Interface\{03C390E8-B836-4B82-8D56-1BFDDC06AE8A}
    1,Clé supprimée: HKLM\Software\Classes\Interface\{2C4470A2-E099-4B9E-ABFE-BBA56D046AFD}
    1,Clé supprimée: HKLM\Software\Classes\Interface\{391769AE-D8EC-45EC-967D-F5120456E514}
    1,Clé supprimée: HKLM\Software\Classes\Interface\{39AEF150-C270-4690-AE7D-955E51BC8960}
    1,Clé supprimée: HKLM\Software\Classes\Interface\{4634804A-F0B0-4A74-A550-FC0EEF8A4362}
    1,Clé supprimée: HKLM\Software\Classes\Interface\{4C07EA4F-5F52-4222-B170-4CD9ED33BAEA}
    1,Clé supprimée: HKLM\Software\Classes\Interface\{7C7B253C-967B-4385-901B-06873371B3CF}
    1,Clé supprimée: HKLM\Software\Classes\Interface\{9F598C4D-E2FB-455C-9486-6AD3405620F2}
    1,Clé supprimée: HKLM\Software\Classes\Interface\{C44FEFF4-EF0C-4CF7-83D0-92B4266A32B9}
    1,Clé supprimée: HKLM\Software\Classes\Interface\{CD73B1AB-3403-4E47-B196-517C57BE76A2}
    1,Clé supprimée: HKLM\Software\Classes\Interface\{D5A1EF9A-7948-435D-8B87-D6A598317288}
    1,Clé supprimée: HKLM\Software\Classes\Interface\{F131923C-381D-4E4C-A472-4A17118FD742}
    1,Clé supprimée: HKLM\Software\Classes\TypeLib\{3088C799-9630-4719-A471-4544D7CABC2D}
    1,Clé supprimée: HKLM\Software\Classes\TypeLib\{4509D3CC-B642-4745-B030-645B79522C6D}
    1,Clé supprimée: HKLM\Software\Classes\TypeLib\{4B1C1E16-6B34-430E-B074-5928ECA4C150}
    1,Clé supprimée: HKLM\Software\Classes\TypeLib\{77AA25E8-6083-4949-A831-9CB11861DC10}
    1,Clé supprimée: HKLM\Software\Classes\TypeLib\{CD082CCA-086F-4FD8-8FD7-247A0DBBD1CC}
    1,Clé supprimée: HKLM\Software\Classes\TypeLib\{D2E5FA06-DCC7-46F9-BEFF-BFD06F69B9B2}
    0,Clé supprimée: HKLM\Software\Classes\AskIBar.PopSwatterBarButton
    0,Clé supprimée: HKLM\Software\Classes\AskIBar.PopSwatterBarButton.1
    0,Clé supprimée: HKLM\Software\Classes\AskIBar.PopSwatterSettingsControl
    0,Clé supprimée: HKLM\Software\Classes\AskIBar.PopSwatterSettingsControl.1
    0,Clé supprimée: HKLM\Software\Classes\AskToolBar.SettingsPlugin
    0,Clé supprimée: HKLM\Software\Classes\AskToolBar.SettingsPlugin.1
    0,Clé supprimée: HKLM\Software\Classes\BHO.PSHelper
    0,Clé supprimée: HKLM\Software\Classes\BHO.PSHelper.1
    0,Clé supprimée: HKLM\Software\Classes\Dealio.DealioBHO
    0,Clé supprimée: HKLM\Software\Classes\Dealio.DealioBHO.1
    0,Clé supprimée: HKLM\Software\Classes\Dealio.DealioSearch
    0,Clé supprimée: HKLM\Software\Classes\Dealio.DealioSearch.1
    0,Clé supprimée: HKLM\Software\Classes\Dealio.DealioToolbar
    0,Clé supprimée: HKLM\Software\Classes\Dealio.DealioToolbar.1
    0,Clé supprimée: HKLM\Software\Classes\Dealio.DealioToolbarHelper
    0,Clé supprimée: HKLM\Software\Classes\Dealio.DealioToolbarHelper.1
    0,Clé supprimée: HKLM\Software\Classes\SearchSettings.BHO
    0,Clé supprimée: HKLM\Software\Classes\SearchSettings.BHO.1
    0,Clé supprimée: HKLM\Software\Dealio
    0,Clé supprimée: HKLM\Software\Search Settings
    0,Clé supprimée: HKLM\Software\AppDataLow\AskBarDis
    0,Clé supprimée: HKCU\Software\AskBarDis
    0,Clé supprimée: HKCU\Software\fcn
    0,Clé supprimée: HKCU\Software\AppDataLow\AskBarDis
    3,Clé supprimée: HKLM\Software\Classes\Installer\Products\81337C0DA4B761D40A4CB3380F57AE88
    3,Clé supprimée: HKLM\Software\Classes\Installer\Products\C8465016C3C0D184C811F194256DBF35
    3,Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Products\81337C0DA4B761D40A4CB3380F57AE88
    3,Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Products\C8465016C3C0D184C811F194256DBF35
    3,Clé supprimée: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{DB46ADE7-5010-4F34-83DE-41A5A54338B1}
    3,Clé supprimée: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{E7B4FB96-55E8-4DB4-A20F-0D9C07FFBAFC}
    3,Clé supprimée: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{456D56A7-1E61-47e2-BFCF-4B00D122C21F}
    0,Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{D0C73318-7B4A-4D16-A0C4-3B83F075EA88}
    0,Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Ask Toolbar_is1
    0,Clé supprimée: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\Dealio
    0,Clé supprimée: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\Search Settings
    0,Clé supprimée: HKCU\Software\Microsoft\SystemCertificates\TrustedPublisher\Certificates\62119EF862C6B3A0D853419B87EB3E2F6C78640A
    0,Clé supprimée: HKCU\Software\Microsoft\SystemCertificates\TrustedPublisher\Certificates\E6A6A4A475FCE37F8B5AC2F1244DEB2BFCA5615A
    0,Clé supprimée: HKCU\Software\Microsoft\SystemCertificates\TrustedPublisher\Certificates\7EE743314C844C7F445B8B1D7617612DF1FDD50F
    0,Clé supprimée: HKLM\Software\Microsoft\Internet Explorer\Extensions\{E908B145-C847-4e85-B315-07E2E70DECF8}

    2,Valeur supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Run|cxfbpm
    0,Valeur supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\WinTrust\Trust Providers\Software Publishing\Trust Database\0|goicfboogidikkejccmclpieicihhlpo jimddp
    0,Valeur supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\WinTrust\Trust Providers\Software Publishing\Trust Database\0|goicfboogidikkejccmclpieicihhlpo hpfanicgkffmccehnpkikogcffaepkfp
    0,Valeur supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\WinTrust\Trust Providers\Software Publishing\Trust Database\0|goicfboogidikkejccmclpieicihhlpo dgnckdmmolaijpbbakmplfhlfpdhglgc
    0,Valeur supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Run|au
    0,Valeur supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Run|FBSSA
    0,Valeur supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Run|SearchSettings
    0,Valeur supprimée: HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks|{91C18ED5-5E1C-4AE5-A148-A861DE8C8E16}
    0,Valeur supprimée: HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks|{E312764E-7706-43F1-8DAB-FCDD2B1E416D}
    0,Valeur supprimée: HKLM\Software\Microsoft\Internet Explorer\Toolbar|{E67C74F4-A00A-4F2C-9FEC-FD9DC004A67F}
    0,Valeur supprimée: HKLM\Software\Microsoft\Internet Explorer\Toolbar|{1BB22D38-A411-4B13-A746-C2A4F4EC7344}
    0,Valeur supprimée: HKLM\Software\Microsoft\Internet Explorer\Toolbar|{3041D03E-FD4B-44E0-B742-2D9B88305F98}
    0,Valeur supprimée: HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser|{E67C74F4-A00A-4F2C-9FEC-FD9DC004A67F}
    0,Valeur supprimée: HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser|{1BB22D38-A411-4B13-A746-C2A4F4EC7344}
    0,Valeur supprimée: HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser|{3041D03E-FD4B-44E0-B742-2D9B88305F98}


    ============== SCAN ADDITIONNEL ==============

    ** Mozilla Firefox Version [3.0.19 (fr)] **

    -- C:\Users\sylvie\AppData\Roaming\Mozilla\FireFox\Profiles\0mh32bf3.default\Prefs.js --
    browser.download.dir, C:\\Users\\sylvie\\Downloads
    browser.download.lastDir, C:\\Users\\sylvie\\Downloads
    browser.startup.homepage, hxxp://go.microsoft.com/fwlink/?LinkId=69157
    browser.startup.homepage_override.mstone, rv:1.9.0.19

    ========================================

    ** Internet Explorer Version [8.0.6001.18943] **

    [HKCU\Software\Microsoft\Internet Explorer\Main]
    AutoHide: no
    Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnh...
    Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    Do404Search: 0x01000000
    Enable Browser Extensions: yes
    Local Page: C:\Windows\system32\blank.htm
    Search bar: hxxp://go.microsoft.com/fwlink/?linkid=54896
    Show_ToolBar: yes
    Start Page: hxxp://fr.msn.com/
    Use Search Asst: no

    [HKLM\Software\Microsoft\Internet Explorer\Main]
    AutoHide: yes
    Default_Page_URL: hxxp://go.microsoft.com/fwlink/?LinkId=54896
    Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    Delete_Temp_Files_On_Exit: yes
    Local Page: C:\Windows\System32\blank.htm
    Search bar: hxxp://search.msn.com/spbasic.htm
    Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    Start Page: hxxp://fr.msn.com/

    [HKLM\Software\Microsoft\Internet Explorer\ABOUTURLS]
    Tabs: res://ieframe.dll/tabswelcome.htm
    Blank: res://mshtml.dll/blank.htm

    ========================================

    C:\Program Files\Ad-Remover\Quarantine: 754 Fichier(s)
    C:\Program Files\Ad-Remover\Backup: 17 Fichier(s)

    C:\Ad-Report-CLEAN[1].txt - 09/10/2010 (15158 Octet(s))
    C:\Ad-Report-SCAN[1].txt - 07/10/2010 (15235 Octet(s))

    Fin à: 16:47:21, 09/10/2010

    ============== E.O.F ==============

    Contenus similaires
    9 Octobre 2010 18:45:32

    et celui recu par MalwareByte's Anti-Malware :
    Malwarebytes' Anti-Malware 1.46
    www.malwarebytes.org

    Version de la base de données: 4785

    Windows 6.0.6001 Service Pack 1
    Internet Explorer 8.0.6001.18943

    09/10/2010 18:38:22
    mbam-log-2010-10-09 (18-38-22).txt

    Type d'examen: Examen complet (C:\|)
    Elément(s) analysé(s): 278199
    Temps écoulé: 1 heure(s), 17 minute(s), 49 seconde(s)

    Processus mémoire infecté(s): 0
    Module(s) mémoire infecté(s): 0
    Clé(s) du Registre infectée(s): 0
    Valeur(s) du Registre infectée(s): 0
    Elément(s) de données du Registre infecté(s): 0
    Dossier(s) infecté(s): 0
    Fichier(s) infecté(s): 0

    Processus mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Module(s) mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Clé(s) du Registre infectée(s):
    (Aucun élément nuisible détecté)

    Valeur(s) du Registre infectée(s):
    (Aucun élément nuisible détecté)

    Elément(s) de données du Registre infecté(s):
    (Aucun élément nuisible détecté)

    Dossier(s) infecté(s):
    (Aucun élément nuisible détecté)

    Fichier(s) infecté(s):
    (Aucun élément nuisible détecté)
    a c 612 8 Sécurité
    9 Octobre 2010 21:55:57

    Re,

    Ok, çà doit aller mieux non ?

    Pour vérifier :

    Télécharge OTL (de Old Timer) sur ton bureau.
  • Ferme toutes tes fenêtres, puis double clique sur OTL.exe pour le lancer.
    (Utilisateur de Vista/Windows 7 faites un clic droit -> "Exécuter en tant qu'administrateur")
  • Sous Personnalisation, copie-colle l'ensemble du texte ci-dessous, laisse les autres options par défaut.
    netsvcs
    msconfig
    drivers32
    %SYSTEMDRIVE%\*.exe
    %ALLUSERSPROFILE%\Application Data\*.
    %ALLUSERSPROFILE%\Application Data\*.exe /s
    %APPDATA%\*.
    %APPDATA%\*.exe /s
    %systemroot%\*. /mp /s
    %systemroot%\system32\*.dll /lockedfiles
    %systemroot%\Tasks\*.job /lockedfiles
    %systemroot%\system32\drivers\*.sys /lockedfiles
    CREATERESTOREPOINT

  • Clique sur le bouton Analyse en haut à gauche puis patiente quelques instants.
  • A la fin du scan, deux rapports s'ouvriront OTL.Txt et Extras.Txt. Copie/colle ici l'ensemble des rapports.
    PS : Les rapports sont aussi enregistrés sur le bureau

    Pour les rapports, merci d'utiliser ce service de rapport en ligne : dépose le fichier via "parcourir" et poste simplement le lien obtenu.
    10 Octobre 2010 22:46:31

    bonsoir,

    en effet, je n'est plus le message qui apparait depuis.
    merci beaucoup de ton aide

    j'ai lancé otl comme tu me l'as demandé et voici les rapports

    OTL.Txt
    OTL logfile created on: 10/10/2010 22:33:04 - Run 1
    OTL by OldTimer - Version 3.2.14.1 Folder = C:\Users\sylvie\Desktop
    Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
    Internet Explorer (Version = 8.0.6001.18943)
    Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

    3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 62,00% Memory free
    6,00 Gb Paging File | 5,00 Gb Available in Paging File | 82,00% Paging File free
    Paging file location(s): ?:\pagefile.sys [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
    Drive C: | 288,09 Gb Total Space | 4,32 Gb Free Space | 1,50% Space Free | Partition Type: NTFS
    D: Drive not present or media not loaded
    E: Drive not present or media not loaded
    F: Drive not present or media not loaded
    G: Drive not present or media not loaded
    H: Drive not present or media not loaded
    I: Drive not present or media not loaded

    Computer Name: PC-DE-SYLVIE
    Current User Name: sylvie
    Logged in as Administrator.

    Current Boot Mode: Normal
    Scan Mode: Current user
    Company Name Whitelist: Off
    Skip Microsoft Files: Off
    File Age = 30 Days
    Output = Standard

    ========== Processes (SafeList) ==========

    PRC - [2010/10/10 22:27:55 | 000,576,512 | ---- | M] (OldTimer Tools) -- C:\Users\sylvie\Desktop\OTL.exe
    PRC - [2010/08/13 12:58:56 | 000,144,672 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    PRC - [2009/11/25 01:51:40 | 000,081,000 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashDisp.exe
    PRC - [2009/11/25 01:51:35 | 000,138,680 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe
    PRC - [2009/11/25 01:51:21 | 000,254,040 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    PRC - [2009/11/25 01:48:48 | 000,352,920 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    PRC - [2009/11/25 01:43:56 | 000,018,752 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    PRC - [2009/05/19 11:36:18 | 000,240,512 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
    PRC - [2009/04/24 13:57:30 | 000,092,008 | ---- | M] (TomTom) -- C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
    PRC - [2009/04/24 13:57:28 | 000,251,240 | ---- | M] (TomTom) -- C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe
    PRC - [2009/02/06 17:07:48 | 000,027,512 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Contacts\wlcomm.exe
    PRC - [2008/10/29 08:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
    PRC - [2008/02/04 12:13:36 | 001,038,136 | ---- | M] (Packard Bell BV) -- C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe
    PRC - [2008/01/21 04:23:32 | 001,008,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MSASCui.exe
    PRC - [2008/01/14 14:12:30 | 001,688,872 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe
    PRC - [2007/03/21 13:00:04 | 000,355,096 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
    PRC - [2007/03/21 13:00:00 | 000,174,872 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe


    ========== Modules (SafeList) ==========

    MOD - [2010/10/10 22:27:55 | 000,576,512 | ---- | M] (OldTimer Tools) -- C:\Users\sylvie\Desktop\OTL.exe
    MOD - [2008/01/21 04:24:37 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msscript.ocx
    MOD - [2008/01/21 04:23:44 | 001,684,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll


    ========== Win32 Services (SafeList) ==========

    SRV - [2010/08/13 12:58:56 | 000,144,672 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
    SRV - [2010/03/18 13:16:28 | 000,753,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe -- (WPFFontCache_v0400)
    SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
    SRV - [2009/11/25 01:51:35 | 000,138,680 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast4\ashServ.exe -- (avast! Antivirus)
    SRV - [2009/11/25 01:51:21 | 000,254,040 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe -- (avast! Mail Scanner)
    SRV - [2009/11/25 01:48:48 | 000,352,920 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe -- (avast! Web Scanner)
    SRV - [2009/11/25 01:43:56 | 000,018,752 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe -- (aswUpdSv)
    SRV - [2009/08/05 23:48:42 | 000,704,864 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Live\Family Safety\fsssvc.exe -- (fsssvc)
    SRV - [2009/05/19 11:36:18 | 000,240,512 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe -- (SeaPort)
    SRV - [2009/04/24 13:57:30 | 000,092,008 | ---- | M] (TomTom) [Auto | Running] -- C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe -- (TomTomHOMEService)
    SRV - [2008/05/16 10:47:25 | 001,245,064 | ---- | M] () [On_Demand | Stopped] -- C:\PROGRA~1\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe -- (Symantec Core LC)
    SRV - [2008/05/16 10:38:54 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
    SRV - [2008/02/03 12:00:00 | 000,129,992 | ---- | M] (EasyBits Sofware AS) [Auto | Running] -- C:\Windows\System32\ezsvc7.dll -- (ezSharedSvc)
    SRV - [2008/01/21 04:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)
    SRV - [2007/03/21 13:00:04 | 000,355,096 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe -- (IAANTMON) Intel(R)


    ========== Driver Services (SafeList) ==========

    DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
    DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
    DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\ipinip.sys -- (IpInIp)
    DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
    DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\COH_Mon.sys -- (COH_Mon)
    DRV - [2009/11/25 01:50:12 | 000,114,768 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
    DRV - [2009/11/25 01:50:00 | 000,020,560 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
    DRV - [2009/11/25 01:49:48 | 000,053,328 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
    DRV - [2009/11/25 01:49:07 | 000,048,560 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi)
    DRV - [2009/11/25 01:48:57 | 000,023,120 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr.sys -- (aswRdr)
    DRV - [2009/08/05 23:48:42 | 000,054,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\fssfltr.sys -- (fssfltr)
    DRV - [2008/01/21 05:34:00 | 008,240,256 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
    DRV - [2008/01/21 04:23:27 | 000,386,616 | ---- | M] (LSI Corporation, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasr.sys -- (MegaSR)
    DRV - [2008/01/21 04:23:27 | 000,149,560 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320)
    DRV - [2008/01/21 04:23:27 | 000,031,288 | ---- | M] (LSI Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasas.sys -- (megasas)
    DRV - [2008/01/21 04:23:26 | 000,101,432 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m)
    DRV - [2008/01/21 04:23:26 | 000,074,808 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4)
    DRV - [2008/01/21 04:23:26 | 000,040,504 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs)
    DRV - [2008/01/21 04:23:25 | 000,300,600 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci)
    DRV - [2008/01/21 04:23:25 | 000,089,656 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS)
    DRV - [2008/01/21 04:23:24 | 001,122,360 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300)
    DRV - [2008/01/21 04:23:24 | 000,118,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60) Intel(R)
    DRV - [2008/01/21 04:23:24 | 000,079,928 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas)
    DRV - [2008/01/21 04:23:23 | 000,235,064 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV)
    DRV - [2008/01/21 04:23:23 | 000,130,616 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid)
    DRV - [2008/01/21 04:23:23 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2)
    DRV - [2008/01/21 04:23:23 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI)
    DRV - [2008/01/21 04:23:23 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC)
    DRV - [2008/01/21 04:23:23 | 000,079,416 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arc.sys -- (arc)
    DRV - [2008/01/21 04:23:22 | 000,342,584 | ---- | M] (Emulex) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor)
    DRV - [2008/01/21 04:23:21 | 000,422,968 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx)
    DRV - [2008/01/21 04:23:21 | 000,102,968 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid)
    DRV - [2008/01/21 04:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor)
    DRV - [2008/01/21 04:23:20 | 002,225,664 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NETw3v32.sys -- (NETw3v32) Pilote de carte Intel(R)
    DRV - [2008/01/21 04:23:20 | 000,238,648 | ---- | M] (ULi Electronics Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci)
    DRV - [2008/01/21 04:23:00 | 000,020,024 | ---- | M] (VIA Technologies, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\viaide.sys -- (viaide)
    DRV - [2008/01/21 04:23:00 | 000,019,000 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide)
    DRV - [2008/01/21 04:23:00 | 000,017,464 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\aliide.sys -- (aliide)
    DRV - [2007/11/26 05:16:50 | 000,072,704 | ---- | M] (JMicron Technology Corp.) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\jraid.sys -- (JRAID)
    DRV - [2007/10/31 04:36:32 | 002,252,800 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NETw4v32.sys -- (NETw4v32) Pilote de carte Intel(R)
    DRV - [2007/10/23 10:24:00 | 000,285,184 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\yk60x86.sys -- (yukonwlh)
    DRV - [2007/07/12 14:34:26 | 000,163,328 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CHDART.sys -- (HdAudAddService)
    DRV - [2007/06/08 04:53:56 | 000,187,448 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SynTP.sys -- (SynTP)
    DRV - [2007/03/21 12:58:56 | 000,304,920 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\iaStor.sys -- (iaStor)
    DRV - [2007/02/24 14:42:22 | 000,039,936 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimmptsk.sys -- (rimmptsk)
    DRV - [2007/01/23 16:40:20 | 000,042,496 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimsptsk.sys -- (rimsptsk)
    DRV - [2007/01/08 13:38:30 | 000,046,592 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\itecir.sys -- (itecir)
    DRV - [2006/11/02 11:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx)
    DRV - [2006/11/02 11:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata)
    DRV - [2006/11/02 11:50:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960)
    DRV - [2006/11/02 11:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp)
    DRV - [2006/11/02 11:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx)
    DRV - [2006/11/02 11:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid)
    DRV - [2006/11/02 11:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi)
    DRV - [2006/11/02 11:50:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx)
    DRV - [2006/11/02 11:50:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3)
    DRV - [2006/11/02 11:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x)
    DRV - [2006/11/02 11:49:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi)
    DRV - [2006/11/02 10:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
    DRV - [2006/11/02 10:24:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer)
    DRV - [2006/11/02 10:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp)
    DRV - [2006/11/02 10:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo)
    DRV - [2006/11/02 10:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm)
    DRV - [2006/11/02 10:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm)
    DRV - [2006/11/02 09:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi)


    ========== Standard Registry (SafeList) ==========


    ========== Internet Explorer ==========

    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/

    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://fr.msn.com/?ocid=iehp
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = fr
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 8F 54 43 91 8F F2 C9 01 [binary data]
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
    IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
    IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

    ========== FireFox ==========

    FF - prefs.js..browser.search.defaultenginename: "Fast Browser Search"
    FF - prefs.js..browser.search.defaultthis.engineName: "Fast Browser Search"
    FF - prefs.js..browser.search.defaulturl: "http://www.fastbrowsersearch.com/results/results.aspx?s..."
    FF - prefs.js..browser.search.order.1: "Fast Browser Search"
    FF - prefs.js..browser.search.selectedEngine: "Fast Browser Search"
    FF - prefs.js..browser.search.useDBForOrder: true
    FF - prefs.js..browser.startup.homepage: "http://go.microsoft.com/fwlink/?LinkId=69157"
    FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
    FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:1.6.6.20090220
    FF - prefs.js..keyword.URL: "http://www.fastbrowsersearch.com/results/results.aspx?s...{3BDA5868-15D7-B956-333D-A4FE85FD9BC5}&q="
    FF - prefs.js..network.proxy.no_proxies_on: "*.local"


    FF - HKLM\software\mozilla\Mozilla Firefox 3.0.19\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/09/03 19:54:14 | 000,000,000 | ---D | M]
    FF - HKLM\software\mozilla\Mozilla Firefox 3.0.19\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/09/07 15:42:30 | 000,000,000 | ---D | M]

    [2009/06/02 13:40:11 | 000,000,000 | ---D | M] -- C:\Users\sylvie\AppData\Roaming\mozilla\Extensions
    [2009/06/02 13:40:11 | 000,000,000 | ---D | M] -- C:\Users\sylvie\AppData\Roaming\mozilla\Extensions\home2@tomtom.com
    [2010/10/09 17:12:55 | 000,000,000 | ---D | M] -- C:\Users\sylvie\AppData\Roaming\mozilla\Firefox\Profiles\0mh32bf3.default\extensions
    [2010/07/23 21:35:31 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\sylvie\AppData\Roaming\mozilla\Firefox\Profiles\0mh32bf3.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
    [2010/07/23 19:07:07 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Users\sylvie\AppData\Roaming\mozilla\Firefox\Profiles\0mh32bf3.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
    [2010/04/14 21:28:51 | 000,000,000 | ---D | M] (No name found) -- C:\Users\sylvie\AppData\Roaming\mozilla\Firefox\Profiles\0mh32bf3.default\extensions\{C2DCA7EB-22D2-4FD2-86A9-F99FCC8122BB}
    [2010/10/09 17:02:57 | 000,005,407 | ---- | M] () -- C:\Users\sylvie\AppData\Roaming\Mozilla\FireFox\Profiles\0mh32bf3.default\searchplugins\fast-browser-search.xml
    [2009/05/26 20:28:27 | 000,001,632 | ---- | M] () -- C:\Users\sylvie\AppData\Roaming\Mozilla\FireFox\Profiles\0mh32bf3.default\searchplugins\live-search.xml
    [2010/10/09 16:47:04 | 000,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions
    [2010/07/22 17:50:25 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
    [2008/05/16 10:34:07 | 000,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\packardbell@partners.mozilla.com
    [2008/06/30 13:44:08 | 000,324,976 | ---- | M] (Symantec Corporation) -- C:\Program Files\mozilla firefox\components\coFFPlgn.dll
    [2008/06/19 11:16:24 | 000,118,784 | ---- | M] (CANON INC.) -- C:\Program Files\mozilla firefox\plugins\MyCamera.dll
    [2008/06/19 11:16:24 | 000,053,248 | ---- | M] (CANON INC.) -- C:\Program Files\mozilla firefox\plugins\NPCIG.dll
    [2010/04/12 17:29:19 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
    [2010/06/04 00:59:44 | 000,001,516 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazon-france.xml
    [2010/06/04 00:59:44 | 000,000,757 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-france.xml
    [2010/06/04 00:59:44 | 000,000,748 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\MediaDICO-fr.xml
    [2010/06/04 00:59:44 | 000,001,426 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-fr.xml
    [2010/06/04 00:59:44 | 000,000,652 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-france.xml

    O1 HOSTS File: ([2006/09/18 23:41:30 | 000,000,736 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
    O1 - Hosts: ::1 localhost
    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
    O2 - BHO: (no name) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - No CLSID value found.
    O2 - BHO: (no name) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - No CLSID value found.
    O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
    O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
    O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5612.1312\swg.dll (Google Inc.)
    O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Google\Google_BAE\BAE.dll (Packard Bell)
    O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
    O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
    O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
    O3 - HKLM\..\Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
    O3 - HKCU\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
    O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
    O4 - HKLM..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe (ALWIL Software)
    O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe (Intel Corporation)
    O4 - HKLM..\Run: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe ()
    O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.DLL (NVIDIA Corporation)
    O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.DLL (NVIDIA Corporation)
    O4 - HKLM..\Run: [NvSvc] C:\Windows\System32\nvsvc.DLL (NVIDIA Corporation)
    O4 - HKLM..\Run: [toolbar_eula_launcher] C:\Program Files\Packard Bell\GOOGLE_EULA\EULALauncher.exe ( )
    O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
    O4 - HKCU..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe (Nero AG)
    O4 - HKCU..\Run: [SmpcSys] C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe (Packard Bell BV)
    O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
    O4 - HKCU..\Run: [TomTomHOME.exe] C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe (TomTom)
    O4 - HKCU..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
    O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll (Google Inc.)
    O9 - Extra Button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
    O9 - Extra 'Tools' menuitem : &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
    O9 - Extra Button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll (Microsoft Corporation)
    O9 - Extra 'Tools' menuitem : &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll (Microsoft Corporation)
    O9 - Extra Button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
    O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
    O13 - gopher Prefix: missing
    O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macromedia.com/pub/shockwave/cabs/direc... (Shockwave ActiveX Control)
    O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-wind... (Java Plug-in 1.6.0_20)
    O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-wind... (Java Plug-in 1.6.0_20)
    O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-wind... (Java Plug-in 1.6.0_20)
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/fl... (Shockwave Flash Object)
    O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 212.27.40.241 212.27.40.240
    O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
    O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
    O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
    O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\PROGRA~1\COMMON~1\MICROS~1\WEBCOM~1\10\OWC10.DLL (Microsoft Corporation)
    O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\PROGRA~1\COMMON~1\MICROS~1\WEBCOM~1\11\OWC11.DLL (Microsoft Corporation)
    O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
    O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
    O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
    O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
    O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\ezShellStart.exe) - C:\Windows\System32\ezShellStart.exe (EasyBits Software AS)
    O24 - Desktop WallPaper: C:\Users\sylvie\Pictures\mariage 26 juin 2010\DSC_4243.JPG
    O24 - Desktop BackupWallPaper: C:\Users\sylvie\Pictures\mariage 26 juin 2010\DSC_4243.JPG
    O28 - HKLM ShellExecuteHooks: {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\System32\ezUPBHook.dll (EasyBits Software Corp.)
    O32 - HKLM CDRom: AutoRun - 1
    O32 - AutoRun File - [2006/09/18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
    O33 - MountPoints2\{2eac2d95-7c8e-11df-ae10-001e684ee05d}\Shell\Auto\command - "" = E:\launcher.exe -- File not found
    O33 - MountPoints2\{47a0ca99-4842-11dd-9af9-806e6f6e6963}\Shell - "" = AutoRun
    O33 - MountPoints2\{47a0ca99-4842-11dd-9af9-806e6f6e6963}\Shell\AutoRun\command - "" = D:\SETUP.EXE -- File not found
    O33 - MountPoints2\{7ae3dcfa-4f68-11de-b45d-001e684ee05d}\Shell\AutoRun\command - "" = E:\InstallTomTomHOME.exe -- File not found
    O33 - MountPoints2\{a2f10365-9c88-11dd-a4b2-001e684ee05d}\Shell - "" = AutoRun
    O33 - MountPoints2\{a2f10365-9c88-11dd-a4b2-001e684ee05d}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -- File not found
    O34 - HKLM BootExecute: (autocheck autochk *) - File not found
    O35 - HKLM\..comfile [open] -- "%1" %*
    O35 - HKLM\..exefile [open] -- "%1" %*
    O37 - HKLM\...com [@ = comfile] -- "%1" %*
    O37 - HKLM\...exe [@ = exefile] -- "%1" %*

    NetSvcs: FastUserSwitchingCompatibility - File not found
    NetSvcs: Ias - File not found
    NetSvcs: Nla - File not found
    NetSvcs: Ntmssvc - File not found
    NetSvcs: NWCWorkstation - File not found
    NetSvcs: Nwsapagent - File not found
    NetSvcs: SRService - File not found
    NetSvcs: Wmi - C:\Windows\System32\wmi.dll (Microsoft Corporation)
    NetSvcs: WmdmPmSp - File not found
    NetSvcs: LogonHours - File not found
    NetSvcs: PCAudit - File not found
    NetSvcs: helpsvc - File not found
    NetSvcs: uploadmgr - File not found
    NetSvcs: ezSharedSvc - C:\Windows\System32\ezsvc7.dll (EasyBits Sofware AS)


    Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
    Drivers32: msacm.siren - C:\Windows\System32\sirenacm.dll (Microsoft Corporation)
    Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
    Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)

    CREATERESTOREPOINT
    Restore point Set: OTL Restore Point

    ========== Files/Folders - Created Within 30 Days ==========

    [2010/10/10 22:27:50 | 000,576,512 | ---- | C] (OldTimer Tools) -- C:\Users\sylvie\Desktop\OTL.exe
    [2010/10/09 17:17:45 | 000,000,000 | ---D | C] -- C:\Users\sylvie\AppData\Roaming\Malwarebytes
    [2010/10/09 17:17:36 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
    [2010/10/09 17:17:35 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
    [2010/10/09 17:17:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
    [2010/10/09 17:17:34 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
    [2010/10/07 14:30:24 | 000,000,000 | ---D | C] -- C:\Program Files\Ad-Remover
    [2010/10/03 21:50:42 | 000,000,000 | ---D | C] -- C:\Users\sylvie\Nouveau dossier
    [2010/09/29 21:51:52 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
    [2010/09/15 14:09:14 | 000,317,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MP4SDECD.DLL

    ========== Files - Modified Within 30 Days ==========

    [2010/10/10 22:35:33 | 003,670,016 | -HS- | M] () -- C:\Users\sylvie\ntuser.dat
    [2010/10/10 22:31:06 | 001,495,948 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
    [2010/10/10 22:31:06 | 000,679,042 | ---- | M] () -- C:\Windows\System32\perfh00C.dat
    [2010/10/10 22:31:06 | 000,595,996 | ---- | M] () -- C:\Windows\System32\perfh009.dat
    [2010/10/10 22:31:06 | 000,126,626 | ---- | M] () -- C:\Windows\System32\perfc00C.dat
    [2010/10/10 22:31:06 | 000,104,070 | ---- | M] () -- C:\Windows\System32\perfc009.dat
    [2010/10/10 22:30:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\Recovery DVD Creator-sylvie.job
    [2010/10/10 22:30:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\Extension de garantie-sylvie.job
    [2010/10/10 22:27:55 | 000,576,512 | ---- | M] (OldTimer Tools) -- C:\Users\sylvie\Desktop\OTL.exe
    [2010/10/10 22:26:32 | 000,000,434 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{620881C1-5F32-488E-A1A2-F1D6EEC6B3EE}.job
    [2010/10/10 22:26:22 | 000,027,934 | ---- | M] () -- C:\Users\sylvie\AppData\Roaming\nvModes.001
    [2010/10/10 22:25:21 | 000,001,050 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
    [2010/10/10 22:25:12 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
    [2010/10/10 22:25:12 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
    [2010/10/10 22:25:12 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
    [2010/10/10 22:25:04 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
    [2010/10/10 01:46:24 | 000,524,288 | -HS- | M] () -- C:\Users\sylvie\ntuser.dat{13156954-5794-11de-b2a0-001e684ee05d}.TMContainer00000000000000000001.regtrans-ms
    [2010/10/10 01:46:24 | 000,065,536 | -HS- | M] () -- C:\Users\sylvie\ntuser.dat{13156954-5794-11de-b2a0-001e684ee05d}.TM.blf
    [2010/10/10 01:46:21 | 003,496,132 | -H-- | M] () -- C:\Users\sylvie\AppData\Local\IconCache.db
    [2010/10/10 01:00:00 | 000,001,054 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
    [2010/10/09 15:14:01 | 000,000,090 | ---- | M] () -- C:\Users\sylvie\AppData\Local\zhswcpbo.bat
    [2010/10/08 18:00:00 | 000,000,476 | ---- | M] () -- C:\Windows\tasks\Norton Security Scan for sylvie.job
    [2010/10/07 14:30:25 | 000,001,679 | ---- | M] () -- C:\Users\sylvie\Desktop\AD-R.lnk
    [2010/10/06 21:18:06 | 736,880,640 | ---- | M] () -- C:\Users\sylvie\Desktop\Dorian.Gray.2009.TRUEFRENCH.DVDRiP.XVID-SLiM.avi
    [2010/10/01 20:05:37 | 000,000,092 | ---- | M] () -- C:\Users\sylvie\AppData\Local\yepsw.bat
    [2010/09/28 17:18:21 | 000,134,656 | ---- | M] () -- C:\Users\sylvie\Desktop\ACTE DE NAISSANCE ANTHONY.doc
    [2010/09/27 01:27:09 | 244,043,962 | ---- | M] () -- C:\Users\sylvie\Desktop\[SSF] Bleach - 289 Vostfr HD (1280x720 x264 AAC).mp4
    [2010/09/26 20:13:27 | 000,002,076 | ---- | M] () -- C:\Users\Public\Desktop\Google Earth.lnk
    [2010/09/25 19:01:20 | 000,001,974 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
    [2010/09/16 03:03:50 | 000,000,240 | ---- | M] () -- C:\Windows\win.ini
    [2010/09/15 19:29:03 | 734,498,816 | ---- | M] () -- C:\Users\sylvie\Desktop\Lucky Luke French Dvdrip Repack 1Cd Xvid-PTN.avi
    [2010/09/13 20:00:00 | 000,000,584 | ---- | M] () -- C:\Windows\tasks\Norton Internet Security - Effectuer une analyse complète du système - sylvie.job

    ========== Files Created - No Company Name ==========

    [2010/10/09 16:43:39 | 000,015,346 | ---- | C] () -- \Ad-Report-CLEAN[1].txt
    [2010/10/07 14:30:28 | 000,015,235 | ---- | C] () -- \Ad-Report-SCAN[1].txt
    [2010/10/07 14:30:25 | 000,001,679 | ---- | C] () -- C:\Users\sylvie\Desktop\AD-R.lnk
    [2010/10/06 21:17:46 | 736,880,640 | ---- | C] () -- C:\Users\sylvie\Desktop\Dorian.Gray.2009.TRUEFRENCH.DVDRiP.XVID-SLiM.avi
    [2010/10/02 16:31:26 | 000,000,090 | ---- | C] () -- C:\Users\sylvie\AppData\Local\zhswcpbo.bat
    [2010/09/28 17:18:21 | 000,134,656 | ---- | C] () -- C:\Users\sylvie\Desktop\ACTE DE NAISSANCE ANTHONY.doc
    [2010/09/27 01:27:02 | 244,043,962 | ---- | C] () -- C:\Users\sylvie\Desktop\[SSF] Bleach - 289 Vostfr HD (1280x720 x264 AAC).mp4
    [2010/09/26 20:13:27 | 000,002,076 | ---- | C] () -- C:\Users\Public\Desktop\Google Earth.lnk
    [2010/09/15 19:28:46 | 734,498,816 | ---- | C] () -- C:\Users\sylvie\Desktop\Lucky Luke French Dvdrip Repack 1Cd Xvid-PTN.avi
    [2009/12/03 12:49:56 | 000,000,092 | ---- | C] () -- C:\Users\sylvie\AppData\Local\yepsw.bat
    [2009/08/02 23:54:43 | 000,000,091 | ---- | C] () -- C:\Users\sylvie\AppData\Local\ogoyaca.bat
    [2009/07/12 18:07:18 | 000,000,382 | ---- | C] () -- C:\Windows\ODBC.INI
    [2009/04/18 13:34:28 | 000,000,000 | ---- | C] () -- C:\Users\sylvie\AppData\Roaming\wklnhst.dat
    [2008/09/18 22:39:53 | 000,000,091 | ---- | C] () -- C:\Users\sylvie\AppData\Local\ojccx.bat
    [2008/09/13 10:55:01 | 000,237,568 | ---- | C] () -- C:\Windows\System32\lame_enc.dll
    [2008/07/18 20:18:46 | 000,000,680 | ---- | C] () -- C:\Users\sylvie\AppData\Local\d3d9caps.dat
    [2008/07/15 22:34:30 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini
    [2008/07/06 01:10:47 | 000,027,934 | ---- | C] () -- C:\Users\sylvie\AppData\Roaming\nvModes.001
    [2008/07/06 00:55:41 | 000,027,934 | ---- | C] () -- C:\Users\sylvie\AppData\Roaming\nvModes.dat
    [2008/07/02 22:34:30 | 000,138,240 | ---- | C] () -- C:\Users\sylvie\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    [2008/07/02 16:22:35 | 3524,796,416 | -HS- | C] () --
    [2008/05/16 19:27:39 | 000,008,192 | R-S- | C] () -- \BOOTSECT.BAK
    [2008/05/16 10:31:42 | 002,115,816 | ---- | C] () -- C:\Windows\System32\NPSWF32.dll
    [2008/05/16 10:06:37 | 000,000,086 | ---- | C] () -- \setup.log
    [2008/05/16 02:59:30 | 000,333,203 | RHS- | C] () -- \bootmgr
    [2008/03/11 11:41:04 | 000,000,403 | ---- | C] () -- \files.crc
    [2007/09/17 05:21:29 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
    [2006/11/02 14:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
    [2006/11/02 12:23:09 | 000,000,024 | ---- | C] () -- \autoexec.bat
    [2006/11/02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
    [2006/11/02 08:25:08 | 000,000,010 | ---- | C] () -- \config.sys
    [2004/02/29 17:44:34 | 000,052,576 | ---- | C] () -- \orange.bmp
    [2003/04/01 10:58:02 | 000,005,260 | ---- | C] () -- C:\Windows\System32\OUTLPERF.INI

    ========== Custom Scans ==========


    < %SYSTEMDRIVE%\*.exe >

    < %ALLUSERSPROFILE%\Application Data\*. >

    < %ALLUSERSPROFILE%\Application Data\*.exe /s >

    < %APPDATA%\*. >
    [2008/07/26 20:29:37 | 000,000,000 | ---D | M] -- C:\Users\sylvie\AppData\Roaming\Adobe
    [2010/03/13 21:52:14 | 000,000,000 | ---D | M] -- C:\Users\sylvie\AppData\Roaming\Apple Computer
    [2010/06/08 17:50:48 | 000,000,000 | ---D | M] -- C:\Users\sylvie\AppData\Roaming\Azureus
    [2010/09/07 15:47:08 | 000,000,000 | ---D | M] -- C:\Users\sylvie\AppData\Roaming\Canon
    [2009/01/02 22:22:36 | 000,000,000 | ---D | M] -- C:\Users\sylvie\AppData\Roaming\dvdcss
    [2010/10/06 22:19:24 | 000,000,000 | ---D | M] -- C:\Users\sylvie\AppData\Roaming\FileZilla
    [2008/07/02 17:59:50 | 000,000,000 | ---D | M] -- C:\Users\sylvie\AppData\Roaming\Google
    [2008/07/02 17:46:02 | 000,000,000 | ---D | M] -- C:\Users\sylvie\AppData\Roaming\Identities
    [2008/07/02 17:38:40 | 000,000,000 | ---D | M] -- C:\Users\sylvie\AppData\Roaming\InstallShield
    [2008/07/03 23:33:54 | 000,000,000 | ---D | M] -- C:\Users\sylvie\AppData\Roaming\Macromedia
    [2010/10/09 17:17:45 | 000,000,000 | ---D | M] -- C:\Users\sylvie\AppData\Roaming\Malwarebytes
    [2006/11/02 14:37:34 | 000,000,000 | ---D | M] -- C:\Users\sylvie\AppData\Roaming\Media Center Programs
    [2010/09/07 19:43:35 | 000,000,000 | --SD | M] -- C:\Users\sylvie\AppData\Roaming\Microsoft
    [2009/07/23 19:53:30 | 000,000,000 | ---D | M] -- C:\Users\sylvie\AppData\Roaming\Mozilla
    [2008/07/04 23:26:14 | 000,000,000 | ---D | M] -- C:\Users\sylvie\AppData\Roaming\Nero
    [2008/09/30 16:02:58 | 000,000,000 | ---D | M] -- C:\Users\sylvie\AppData\Roaming\Packard Bell
    [2008/07/02 17:46:53 | 000,000,000 | ---D | M] -- C:\Users\sylvie\AppData\Roaming\Symantec
    [2009/06/02 13:40:10 | 000,000,000 | ---D | M] -- C:\Users\sylvie\AppData\Roaming\TomTom
    [2008/09/09 19:33:09 | 000,000,000 | ---D | M] -- C:\Users\sylvie\AppData\Roaming\U3
    [2008/07/29 23:34:22 | 000,000,000 | ---D | M] -- C:\Users\sylvie\AppData\Roaming\vlc
    [2010/09/07 19:42:05 | 000,000,000 | ---D | M] -- C:\Users\sylvie\AppData\Roaming\ZoomBrowser EX

    < %APPDATA%\*.exe /s >
    [2010/06/08 17:48:23 | 008,463,808 | ---- | M] (Vuze Inc.) -- C:\Users\sylvie\AppData\Roaming\Azureus\tmp\AZU255657548942671170.tmp\Vuze_4.4.0.4_win32.exe
    [2010/06/07 18:48:25 | 008,463,808 | ---- | M] (Vuze Inc.) -- C:\Users\sylvie\AppData\Roaming\Azureus\tmp\AZU8114948275589192336.tmp\Vuze_4.4.0.4_win32.exe
    [2006/08/15 10:15:04 | 000,110,592 | ---- | M] () -- C:\Users\sylvie\AppData\Roaming\U3\temp\cleanup.exe

    < %systemroot%\*. /mp /s >

    < %systemroot%\system32\*.dll /lockedfiles >
    [2008/01/21 04:24:42 | 000,242,744 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\rsaenh.dll
    [2008/01/21 04:24:38 | 000,225,792 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\SLC.dll

    < %systemroot%\Tasks\*.job /lockedfiles >

    < %systemroot%\system32\drivers\*.sys /lockedfiles >
    < End of report >
    10 Octobre 2010 22:48:56

    et extras.txt
    OTL Extras logfile created on: 10/10/2010 22:33:04 - Run 1
    OTL by OldTimer - Version 3.2.14.1 Folder = C:\Users\sylvie\Desktop
    Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
    Internet Explorer (Version = 8.0.6001.18943)
    Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

    3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 62,00% Memory free
    6,00 Gb Paging File | 5,00 Gb Available in Paging File | 82,00% Paging File free
    Paging file location(s): ?:\pagefile.sys [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
    Drive C: | 288,09 Gb Total Space | 4,32 Gb Free Space | 1,50% Space Free | Partition Type: NTFS
    D: Drive not present or media not loaded
    E: Drive not present or media not loaded
    F: Drive not present or media not loaded
    G: Drive not present or media not loaded
    H: Drive not present or media not loaded
    I: Drive not present or media not loaded

    Computer Name: PC-DE-SYLVIE
    Current User Name: sylvie
    Logged in as Administrator.

    Current Boot Mode: Normal
    Scan Mode: Current user
    Company Name Whitelist: Off
    Skip Microsoft Files: Off
    File Age = 30 Days
    Output = Standard

    ========== Extra Registry (SafeList) ==========


    ========== File Associations ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
    .cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
    .hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

    [HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
    .html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

    ========== Shell Spawning ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
    batfile [open] -- "%1" %*
    cmdfile [open] -- "%1" %*
    comfile [open] -- "%1" %*
    cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
    exefile [open] -- "%1" %*
    helpfile [open] -- Reg Error: Key error.
    hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
    htmlfile [edit] -- "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation)
    htmlfile [print] -- "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" /p %1 (Microsoft Corporation)
    inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
    piffile [open] -- "%1" %*
    regfile [merge] -- Reg Error: Key error.
    scrfile [config] -- "%1"
    scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
    scrfile [open] -- "%1" /S
    txtfile [edit] -- Reg Error: Key error.
    Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
    Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
    Directory [Digital Photo Professional] -- C:\Program Files\Canon\Digital Photo Professional\DPPViewer.exe /path "%1" (CANON INC.)
    Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~2\Office12\ONENOTE.EXE "%L" File not found
    Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
    Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
    Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

    ========== Security Center Settings ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
    "cval" = 1
    "UacDisableNotify" = 0
    "InternetSettingsDisableNotify" = 0
    "AutoUpdateDisableNotify" = 0

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
    "DisableMonitoring" = 1

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
    "DisableMonitoring" = 1

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
    "DisableMonitoring" = 1

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
    "AntiVirusOverride" = 0
    "AntiSpywareOverride" = 0
    "FirewallOverride" = 0
    "VistaSp1" = Reg Error: Unknown registry data type -- File not found

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

    ========== Firewall Settings ==========

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
    "EnableFirewall" = 1
    "DisableNotifications" = 0

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
    "EnableFirewall" = 1
    "DisableNotifications" = 0

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
    "EnableFirewall" = 1
    "DisableNotifications" = 0

    ========== Authorized Applications List ==========


    ========== Vista Active Open Ports Exception List ==========

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
    "{11743225-F4CF-4AAC-9421-204419CF6A13}" = lport=445 | protocol=6 | dir=in | app=system |
    "{20FA131F-A604-499F-8D8A-C7DB3170A9A7}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
    "{4002864A-B255-4261-8A95-853AEEBB763C}" = rport=445 | protocol=6 | dir=out | app=system |
    "{446DA4D8-0005-46D7-82DC-7C244E1C1181}" = lport=138 | protocol=17 | dir=in | app=system |
    "{5663A90A-49E4-4861-A632-A149BB2032DD}" = lport=139 | protocol=6 | dir=in | app=system |
    "{7BEF3D1B-6AA5-452D-A7EE-4B7EA2714451}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
    "{8EADE6A5-8DCC-4B9C-B579-057AAF37D9EC}" = rport=138 | protocol=17 | dir=out | app=system |
    "{B1C44B01-0A60-4894-A2EE-D41958CD0A52}" = rport=139 | protocol=6 | dir=out | app=system |
    "{B430B4A5-B546-4C53-B369-DFA34062CE64}" = lport=137 | protocol=17 | dir=in | app=system |
    "{C15D584A-F4A9-4C34-B3F4-48047A3CA9F9}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
    "{C6CC887F-3512-4B34-B01F-57578ECEF8D0}" = lport=2869 | protocol=6 | dir=in | app=system |
    "{F149F395-4A19-4619-BF19-F7B2F30EBDDD}" = rport=137 | protocol=17 | dir=out | app=system |

    ========== Vista Active Application Exception List ==========

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
    "{1C097A75-8E17-4E18-9DF7-CCC6D2901908}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
    "{1EE823E6-AC54-4376-9D2D-49DCD1CA3698}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
    "{37762555-BAAA-48E4-B0BB-B372886703C0}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
    "{43D7607D-4153-4257-BF76-E5BA40CF18F2}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
    "{4C5A223C-73B8-4AC3-B876-60B2361DE4F6}" = protocol=17 | dir=in | app=c:\program files\itunes\itunes.exe |
    "{6002A47D-0252-4BFC-929B-E80965E4D6A2}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
    "{6C1219B3-8CBD-42B3-9CD4-31E711939B54}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
    "{761A6230-C0FF-4326-B13D-B1E66AF6EC4D}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
    "{821C1A95-263C-4B72-BB30-90A8763611C4}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
    "{95CD3614-B978-400B-9A5E-348F48A36E6A}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
    "{B1D2203E-89BF-43EF-98DF-A6E4352855A6}" = protocol=6 | dir=in | app=c:\program files\itunes\itunes.exe |
    "{BB264EDB-5010-4862-A00B-320906120A6C}" = dir=in | app=c:\program files\windows live\messenger\wlcsdk.exe |
    "{CFEB6ADF-AC46-4004-A024-47628EA954E4}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe |
    "TCP Query User{03078F8C-AAD2-4D61-B628-F604432A6B60}C:\program files\google\google earth\client\googleearth.exe" = protocol=6 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe |
    "TCP Query User{03386041-572E-4113-8AB4-51769926F8C1}C:\program files\packard bell\updator\pbupdator.exe" = protocol=6 | dir=in | app=c:\program files\packard bell\updator\pbupdator.exe |
    "TCP Query User{5BA9FC40-90B1-4521-AD60-1E60F2B9D774}C:\program files\emule\emule.exe" = protocol=6 | dir=in | app=c:\program files\emule\emule.exe |
    "TCP Query User{63A6ECF7-DA94-4135-B5FA-C31941057D20}C:\program files\emule\emule.exe" = protocol=6 | dir=in | app=c:\program files\emule\emule.exe |
    "TCP Query User{EB9454D1-8F76-4591-8E59-8CE79F97A106}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
    "TCP Query User{FE42DC94-BF88-4811-8A20-9E4EF4E69552}C:\program files\vuze\azureus.exe" = protocol=6 | dir=in | app=c:\program files\vuze\azureus.exe |
    "UDP Query User{212EAB5D-48B4-4721-A149-30E83D141AA1}C:\program files\emule\emule.exe" = protocol=17 | dir=in | app=c:\program files\emule\emule.exe |
    "UDP Query User{22D2228A-069C-4C3D-86E9-CEC2857DF890}C:\program files\google\google earth\client\googleearth.exe" = protocol=17 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe |
    "UDP Query User{5BF0E214-65E0-45F6-8853-FF73D26675F6}C:\program files\packard bell\updator\pbupdator.exe" = protocol=17 | dir=in | app=c:\program files\packard bell\updator\pbupdator.exe |
    "UDP Query User{71C890B5-BA75-4C0C-AF2E-1DE572A3A4F2}C:\program files\vuze\azureus.exe" = protocol=17 | dir=in | app=c:\program files\vuze\azureus.exe |
    "UDP Query User{A1120262-3141-47CD-A129-57D332591428}C:\program files\emule\emule.exe" = protocol=17 | dir=in | app=c:\program files\emule\emule.exe |
    "UDP Query User{C8A8FD1A-61AB-4689-8799-2FBFFD1400D3}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |

    ========== HKEY_LOCAL_MACHINE Uninstall List ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "{0ED40D2A-7131-4FE7-941E-5C329336F712}" = HDReg France
    "{0F5B4A82-9DAF-3D13-8CB8-AEB25E4A614E}" = Microsoft .NET Framework 4 Client Profile FRA Language Pack
    "{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
    "{1BDC9633-895B-4842-BCB6-8FA1EC2A3C5A}" = Adobe Shockwave Player
    "{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Outil de téléchargement Windows Live
    "{2075CB0A-D26F-4DAA-B424-5079296B43BA}" = Windows Live FolderShare
    "{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
    "{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
    "{24E7B19B-EA09-483F-8735-97DD371E861B}" = SA32xx Media Converter
    "{26A24AE4-039D-4CA4-87B4-2F83216014FF}" = Java(TM) 6 Update 20
    "{3350E9B0-DCE6-4AE1-B3AC-D0C11FBEEDA1}_is1" = SeaTools for Windows
    "{350FB27C-CF62-4EF3-AF9D-70FF313FE221}" = iTunes
    "{3921A67A-5AB1-4E48-9444-C71814CF3027}" = VCRedistSetup
    "{3A1B5D40-41E9-43FA-8C7B-A8667F5586EF}" = JMB36X Raid Configurer
    "{3B160861-7250-451E-B5EE-8B92BF30A710}" = Microsoft Works
    "{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
    "{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
    "{3E31821C-7917-367E-938E-E65FC413EA31}" = Microsoft .NET Framework 3.5 Language Pack SP1 - fra
    "{3EE33958-7381-4E7B-A4F3-6E43098E9E9C}" = Browser Address Error Redirector
    "{4286E640-B5FB-11DF-AC4B-005056C00008}" = Google Earth
    "{4634B21A-CC07-4396-890C-2B8168661FEA}" = Windows Live Writer
    "{46ABBC54-1872-4AA3-95E2-F2C063A63F31}" = Installation Windows Live
    "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
    "{4CBA3D4C-8F51-4D60-B27E-F6B641C571E7}" = Microsoft Search Enhancement Pack
    "{53B20C18-D8D4-4588-8737-9BBFE303C354}" = Windows Live Movie Maker
    "{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
    "{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}" = Microsoft Office Live Add-in 1.3
    "{59F6A514-9813-47A3-948C-8A155460CC2A}" = RICOH R5C83x/84x Flash Media Controller Driver Ver.3.51.01
    "{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}" = Skype™ 3.6
    "{5DD76286-9BE7-4894-A990-E905E91AC818}" = Windows Live Mail
    "{6105648C-0C3C-481D-8C11-1F4952D6FB53}" = Dealio Toolbar 3.4
    "{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
    "{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
    "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
    "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
    "{770F1BEC-2871-4E70-B837-FB8525FFA3B1}" = Windows Live Messenger
    "{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}" = Windows Live Call
    "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
    "{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
    "{8EDBA74D-0686-4C99-BFDD-F894678E5102}" = Adobe Common File Installer
    "{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}" = TomTom HOME Visual Studio Merge Modules
    "{9011040C-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
    "{90120000-0016-040C-0000-0000000FF1CE}" = Microsoft Office Excel MUI (French) 2007
    "{90120000-0016-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
    "{90120000-0018-040C-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (French) 2007
    "{90120000-0018-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
    "{90120000-001B-040C-0000-0000000FF1CE}" = Microsoft Office Word MUI (French) 2007
    "{90120000-001B-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
    "{90120000-001F-0401-0000-0000000FF1CE}" = Microsoft Office Proof (Arabic) 2007
    "{90120000-001F-0401-0000-0000000FF1CE}_HOMESTUDENTR_{14809F99-C601-4D4A-9391-F1E8FAA964C5}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
    "{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
    "{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
    "{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
    "{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
    "{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
    "{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
    "{90120000-001F-0413-0000-0000000FF1CE}" = Microsoft Office Proof (Dutch) 2007
    "{90120000-001F-0413-0000-0000000FF1CE}_HOMESTUDENTR_{D66D5A44-E480-4BA4-B4F2-C554F6B30EBB}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
    "{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
    "{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
    "{90120000-0020-040C-0000-0000000FF1CE}" = Module de compatibilité pour Microsoft Office System 2007
    "{90120000-002C-040C-0000-0000000FF1CE}" = Microsoft Office Proofing (French) 2007
    "{90120000-006E-040C-0000-0000000FF1CE}" = Microsoft Office Shared MUI (French) 2007
    "{90120000-006E-040C-0000-0000000FF1CE}_HOMESTUDENTR_{B165D3C2-40AE-4D39-86F7-E5C87C4264C0}" = Microsoft Office 2007 Service Pack 2 (SP2)
    "{90120000-00A1-040C-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (French) 2007
    "{90120000-00A1-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
    "{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel(R) Matrix Storage Manager
    "{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
    "{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
    "{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
    "{95120000-00AF-040C-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (French)
    "{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
    "{95120000-0122-040C-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
    "{980B9958-1239-4FC5-8C88-AC5650321036}" = Nero 8 Essentials
    "{98613C99-1399-416C-A07C-1EE1C585D872}" = SeaTools for Windows
    "{A67BB21E-D419-45BB-AB86-7D87D14BBCE2}" = Safari
    "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
    "{AC76BA86-7AD7-1036-7B44-A91000000001}" = Adobe Reader 9.1 - Français
    "{B131E59D-202C-43C6-84C9-68F0C37541F1}" = Galerie de photos Windows Live
    "{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
    "{C950420B-4182-49EA-850A-A6A2ABF06C6B}" = Marvell Miniport Driver
    "{CCA1EEA3-555E-4D05-AC46-4B49C6C5D887}" = Apple Mobile Device Support
    "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
    "{D3116CC7-24DC-4CA3-9CE1-23FED836E9F2}" = Assistant de connexion Windows Live
    "{D5D81435-B8DE-4CAF-867F-7998F2B92CFC}" = Windows Live Contrôle parental
    "{D642E38E-0D24-486C-9A2D-E316DD696F4B}" = Microsoft XML Parser
    "{DAEAFD68-BB4A-4507-A241-C8804D2EA66D}" = Apple Application Support
    "{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
    "{EB900AF8-CC61-4E15-871B-98D1EA3E8025}" = QuickTime
    "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
    "{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
    "{F54AC413-D2C6-4A24-B324-370C223C6250}" = Adobe Photoshop Elements 6.0
    "{F7D27C70-90F5-49B9-B188-0A133C0CE353}" = Windows Live Toolbar
    "{F85C7118-F3DC-4ED9-AB27-3E7931EA3D88}" = Adobe Premiere Elements 4.0 Templates
    "{FCED9B62-34FF-4C15-8A23-F65221F7874D}" = ITECIR Driver
    "{FF1C31AE-0CDC-40CE-AB85-406F8B70D643}" = Bonjour
    "2ADF4484850200A062B66ED19240994480D85943" = Package de pilotes Windows - ITE Tech.Inc. (itecir) HIDClass (01/05/2007 5.0.0003.2)
    "8461-7759-5462-8226" = Vuze
    "Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
    "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
    "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
    "Adobe Photoshop Elements 6" = Adobe Photoshop Elements 6.0
    "Adobe Shockwave Player" = Adobe Shockwave Player 11.5
    "AdobePE6" = Adobe Photoshop Elements 6
    "AdobeReader" = Adobe Reader 8
    "Ad-Remover" = Ad-Remover By C_XX
    "Audacity_is1" = Audacity 1.2.6
    "avast!" = avast! Antivirus
    "Bejeweled 2 Deluxe" = Bejeweled 2 Deluxe
    "CameraWindowDVC6" = Canon Utilities CameraWindow DC_DV 6 for ZoomBrowser EX
    "CameraWindowLauncher" = Canon Utilities CameraWindow
    "CANON iMAGE GATEWAY Task" = CANON iMAGE GATEWAY Task for ZoomBrowser EX
    "Canon Internet Library for ZoomBrowser EX" = Canon Internet Library for ZoomBrowser EX
    "Canon MOV Decoder" = Canon MOV Decoder
    "CCleaner" = CCleaner (remove only)
    "CNXT_HDAUDIO" = Conexant HD Audio
    "DPP" = Canon Utilities Digital Photo Professional 3.5
    "EasyBits Magic Desktop" = EasyBits Magic Desktop
    "EOS Utility" = Canon Utilities EOS Utility
    "FileZilla Client" = FileZilla Client 3.3.4.1
    "FirefoxFR" = Firefox2.0.0.11
    "Free Mp3 Wma Converter_is1" = Free Mp3 Wma Converter V 1.7.3
    "Google Chrome" = Google Chrome
    "GOOGLE_EARTH" = Google Earth
    "GoogleBAE" = Google BAE
    "GoogleToolbar" = GoogleToolbar
    "HDMI_AudioSwitch" = HDMI Audio Switch
    "Home Picture Service Light" = Home Picture Service Light
    "HOMESTUDENTR" = Microsoft Office Home and Student 2007
    "ImageWriter" = Packard Bell ImageWriter
    "Infocentre" = Infocentre Rev. 2.0.0.1
    "LCDTest" = Packard Bell LCD Test
    "Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
    "METABOLI" = Metaboli
    "Microsoft .NET Framework 3.5 Language Pack SP1 - fra" = Module linguistique Microsoft .NET Framework 3.5 SP1- fra
    "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
    "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
    "Microsoft .NET Framework 4 Client Profile FRA Language Pack" = Module linguistique Microsoft .NET Framework 4 Client Profile FRA
    "Mozilla Firefox (3.0.19)" = Mozilla Firefox (3.0.19)
    "MyCamera" = Canon Utilities MyCamera
    "Nero8" = Nero 8 Essentials
    "NEUF_FR" = ADSL Neuf
    "NVIDIA Drivers" = NVIDIA Drivers
    "Original Data Security Tools" = Canon Utilities Original Data Security Tools
    "PB_DEMO" = Packard Bell Demo
    "PKR" = PKR
    "premelem40templates" = Adobe Premiere Elements 4.0 Templates
    "PsuedoLiveUpdate" = LiveUpdate (Symantec Corporation)
    "RemoteCaptureTask" = Canon Utilities RemoteCapture Task for ZoomBrowser EX
    "SETUPMYPC_FR" = SetUp My PC
    "SKYPE" = Skype 3.6.2.248
    "Sweet Home 3D_is1" = Sweet Home 3D version 1.3
    "SynTPDeinstKey" = Synaptics Pointing Device Driver
    "TBSB07183.TBSB07183Toolbar" = Fast Browser Search (My Tattoons)
    "TomTom HOME" = TomTom HOME 2.6.3.1609
    "Updator" = Packard Bell Updator
    "VLC media player" = VideoLAN VLC media player 0.8.6i
    "WinLiveSuite_Wave3" = Installation Windows Live
    "WKS9" = Microsoft Works 9
    "ZoomBrowser EX" = Canon Utilities ZoomBrowser EX
    "ZoomBrowser EX Memory Card Utility" = Canon ZoomBrowser EX Memory Card Utility

    ========== Last 10 Event Log Errors ==========

    [ Antivirus Events ]
    Error - 15/12/2008 15:23:21 | Computer Name = PC-de-sylvie | Source = avast! | ID = 33554522
    Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
    C:\Users\sylvie\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat failed,
    00000005.

    Error - 19/02/2010 19:22:31 | Computer Name = PC-de-sylvie | Source = avast! | ID = 33554522
    Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
    C:\Users\sylvie\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat failed,
    00000005.

    [ Application Events ]
    Error - 14/06/2010 14:41:16 | Computer Name = PC-de-sylvie | Source = Application Hang | ID = 1002
    Description = Le programme Explorer.EXE version 6.0.6001.18164 a cessé d’interagir
    avec Windows et a été fermé. Pour déterminer si des informations supplémentaires
    sont disponibles, consultez l’historique du problème dans l’application Rapports
    et solutions aux problèmes du Panneau de configuration. ID de processus : 2d0 Heure
    de début : 01cb0bef7f30d2f4 Heure de fin : 0

    Error - 14/06/2010 14:49:04 | Computer Name = PC-de-sylvie | Source = Windows Search Service | ID = 3013
    Description =

    Error - 14/06/2010 14:49:06 | Computer Name = PC-de-sylvie | Source = Windows Search Service | ID = 3013
    Description =

    Error - 14/06/2010 14:49:07 | Computer Name = PC-de-sylvie | Source = Windows Search Service | ID = 3013
    Description =

    Error - 14/06/2010 16:20:10 | Computer Name = PC-de-sylvie | Source = Application Hang | ID = 1002
    Description = Le programme ojrlu.exe version 3.8.3.3 a cessé d’interagir avec Windows
    et a été fermé. Pour déterminer si des informations supplémentaires sont disponibles,
    consultez l’historique du problème dans l’application Rapports et solutions aux
    problèmes du Panneau de configuration. ID de processus : fb8 Heure de début : 01cb0bef8648cd94
    Heure
    de fin : 31

    Error - 15/06/2010 12:23:39 | Computer Name = PC-de-sylvie | Source = WinMgmt | ID = 10
    Description =

    Error - 15/06/2010 12:24:50 | Computer Name = PC-de-sylvie | Source = MsiInstaller | ID = 11706
    Description =

    Error - 16/06/2010 11:44:14 | Computer Name = PC-de-sylvie | Source = WinMgmt | ID = 10
    Description =

    Error - 17/06/2010 11:31:18 | Computer Name = PC-de-sylvie | Source = WinMgmt | ID = 10
    Description =

    Error - 17/06/2010 11:34:43 | Computer Name = PC-de-sylvie | Source = MsiInstaller | ID = 11706
    Description =

    [ System Events ]
    Error - 09/10/2010 10:43:51 | Computer Name = PC-de-sylvie | Source = Service Control Manager | ID = 7034
    Description =

    Error - 09/10/2010 10:43:51 | Computer Name = PC-de-sylvie | Source = Service Control Manager | ID = 7034
    Description =

    Error - 09/10/2010 10:43:51 | Computer Name = PC-de-sylvie | Source = Service Control Manager | ID = 7031
    Description =

    Error - 09/10/2010 10:44:21 | Computer Name = PC-de-sylvie | Source = Service Control Manager | ID = 7032
    Description =

    Error - 09/10/2010 10:57:59 | Computer Name = PC-de-sylvie | Source = HTTP | ID = 15016
    Description =

    Error - 09/10/2010 10:58:52 | Computer Name = PC-de-sylvie | Source = Service Control Manager | ID = 7000
    Description =

    Error - 09/10/2010 14:08:15 | Computer Name = PC-de-sylvie | Source = HTTP | ID = 15016
    Description =

    Error - 09/10/2010 14:09:39 | Computer Name = PC-de-sylvie | Source = Service Control Manager | ID = 7000
    Description =

    Error - 10/10/2010 16:25:12 | Computer Name = PC-de-sylvie | Source = HTTP | ID = 15016
    Description =

    Error - 10/10/2010 16:26:38 | Computer Name = PC-de-sylvie | Source = Service Control Manager | ID = 7000
    Description =


    < End of report >


    en espérant que tout ailles bien
    merci beaucoup

    a c 612 8 Sécurité
    11 Octobre 2010 16:29:27

    Re,

    Encore un peu de ménage :


    1) Désinstalle ces programmes normalement via "programme et fonctionnalités" (si présent) :

    - Fast Browser Search (My Tattoons)
    - LiveUpdate (Symantec Corporation)
    - Firefox2.0.0.11
    - Adobe Reader 8
    - Dealio Toolbar 3.4

    2) Lance cet utilitaire pour supprimer les restes de Norton :

    http://www.inforumatique.fr/logitheque.php?mode=cat&id=...


    3) Télécharge Navilog1 (de Il Mafioso) sur le bureau.

  • Double clique sur Navilog1.exe pour lancer l'installation.
  • Une fois l'installation terminée, le fix s'exécutera automatiquement.
    (Si ce n'est pas le cas, double-clique sur le raccourci Navilog1 présent sur le Bureau).

  • Laisse-toi guider. Au menu principal, choisis 1 et valide.
    (Ne fais pas le choix 2,3 ou 4 sans notre avis/accord)
  • Patiente jusqu'à l'apparition de ce message :
    *** Analyse Termine le ..... ***
  • Appuie sur une touche comme demandé. Le Bloc-notes va s'ouvrir. Poste le rapport ici.

    (S'il n'apparait pas, le rapport se trouve ici C:\fixnavi.txt)


    4) Relance OTL.exe
    (Utilisateur de Vista/Windows 7 faites un clic droit -> "Exécuter en tant qu'administrateur")

  • Copie/colle ce qui suit dans le cadre Personnalisation en bas à gauche.
    :OTL
    SRV - [2008/05/16 10:47:25 | 001,245,064 | ---- | M] () [On_Demand | Stopped] -- C:\PROGRA~1\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe -- (Symantec Core LC)
    DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
    DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\COH_Mon.sys -- (COH_Mon)
    FF - prefs.js..browser.search.defaultenginename: "Fast Browser Search"
    FF - prefs.js..browser.search.defaultthis.engineName: "Fast Browser Search"
    FF - prefs.js..browser.search.defaulturl: "http://www.fastbrowsersearch.com/results/results.aspx?s=DEF&v=19&q="
    FF - prefs.js..browser.search.order.1: "Fast Browser Search"
    FF - prefs.js..browser.search.selectedEngine: "Fast Browser Search"
    FF - prefs.js..keyword.URL: "http://www.fastbrowsersearch.com/results/results.aspx?s=NAUS&v=19&tid={3BDA5868-15D7-B956-333D-A4FE85FD9BC5}&q="
    [2010/04/14 21:28:51 | 000,000,000 | ---D | M] (No name found) -- C:\Users\sylvie\AppData\Roaming\mozilla\Firefox\Profiles\0mh32bf3.default\extensions\{C2DCA7EB-22D2-4FD2-86A9-F99FCC8122BB}
    [2010/10/09 17:02:57 | 000,005,407 | ---- | M] () -- C:\Users\sylvie\AppData\Roaming\Mozilla\FireFox\Profiles\0mh32bf3.default\searchplugins\fast-browser-search.xml
    [2008/06/30 13:44:08 | 000,324,976 | ---- | M] (Symantec Corporation) -- C:\Program Files\mozilla firefox\components\coFFPlgn.dll
    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
    O2 - BHO: (no name) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - No CLSID value found.
    O2 - BHO: (no name) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - No CLSID value found.
    O3 - HKLM\..\Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
    [2010/09/13 20:00:00 | 000,000,584 | ---- | M] () -- C:\Windows\tasks\Norton Internet Security - Effectuer une analyse complète du système - sylvie.job

    :Commands
    [purity]
    [emptytemp]


  • Puis clique sur le bouton Correction en haut à gauche
  • Si le pc demande à redémarrer accepte.
  • Poste le rapport de suppression.

    [:_tom_:7]
    11 Octobre 2010 23:50:35

    ----- bonsoir,

    j'ai voulu desinstaller les programmes que tu m'as demandé mais j'ai une des soucis:
    pour Adobe Reader 8 j'ai eu erreur 20
    - Firefox2.0.0.11 / erreur 21
    - quand je desinstalle Fast Browser Search (My Tattoons) rien ne se passe
    - et pour finir, je ne trouve pas LiveUpdate (Symantec Corporation) ni même Dealio Toolbar 3.4

    pas de chance

    je suis passeé a l'etape suivante
    desinstallation complete de norton
    voici les rapports

    navilog1

    Fix Navipromo version 4.0.9 commencé le 11/10/2010 23:45:29,48

    !!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!!
    !!! Postez ce rapport sur le forum pour le faire analyser !!!

    Outil exécuté depuis C:\navilog1

    Mise à jour le 17.09.2010 à 16h00 par IL-MAFIOSO

    Microsoft® Windows Vista™ Édition Familiale Premium ( v6.0.6001 ) Service Pack 1
    X86-based PC ( Multiprocessor Free : Intel(R) Core(TM)2 Duo CPU T5550 @ 1.83GHz )
    BIOS : Ver 1.00PARTTBL
    USER : sylvie ( Administrator )
    BOOT : Normal boot

    Antivirus : avast! antivirus 4.8.1229 [VPS 081204-0] 4.8.1229 (Activated)


    C:\ (Local Disk) - NTFS - Total:288 Go (Free:3 Go)
    D:\ (CD or DVD)


    Recherche executée en mode normal


    Aucune Infection Navipromo/Egdaccess trouvée



    *** Scan terminé 11/10/2010 23:46:03,03 ***
    11 Octobre 2010 23:58:07

    et pour otl

    All processes killed
    ========== OTL ==========
    Error: No service named Symantec Core LC was found to stop!
    Service\Driver key Symantec Core LC not found.
    C:\PROGRA~1\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe moved successfully.
    Error: No service named EraserUtilRebootDrv was found to stop!
    Service\Driver key EraserUtilRebootDrv not found.
    File C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys not found.
    Error: No service named COH_Mon was found to stop!
    Service\Driver key COH_Mon not found.
    File C:\Windows\System32\Drivers\COH_Mon.sys not found.
    Prefs.js: "Fast Browser Search" removed from browser.search.defaultenginename
    Prefs.js: "Fast Browser Search" removed from browser.search.defaultthis.engineName
    Prefs.js: "http://www.fastbrowsersearch.com/results/results.aspx?s..." removed from browser.search.defaulturl
    Prefs.js: "Fast Browser Search" removed from browser.search.order.1
    Prefs.js: "Fast Browser Search" removed from browser.search.selectedEngine
    Prefs.js: "http://www.fastbrowsersearch.com/results/results.aspx?s...{3BDA5868-15D7-B956-333D-A4FE85FD9BC5}&q=" removed from keyword.URL
    C:\Users\sylvie\AppData\Roaming\mozilla\Firefox\Profiles\0mh32bf3.default\extensions\{C2DCA7EB-22D2-4FD2-86A9-F99FCC8122BB} folder moved successfully.
    C:\Users\sylvie\AppData\Roaming\Mozilla\FireFox\Profiles\0mh32bf3.default\searchplugins\fast-browser-search.xml moved successfully.
    C:\Program Files\mozilla firefox\components\coFFPlgn.dll moved successfully.
    Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5C255C8A-E604-49b4-9D64-90988571CECB}\ not found.
    Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}\ not found.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}\ not found.
    Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6D53EC84-6AAE-4787-AEEE-F4628F01010C}\ not found.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6D53EC84-6AAE-4787-AEEE-F4628F01010C}\ not found.
    Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} not found.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}\ not found.
    C:\Windows\Tasks\Norton Internet Security - Effectuer une analyse complète du système - sylvie.job moved successfully.
    ========== COMMANDS ==========

    [EMPTYTEMP]

    User: All Users

    User: Default
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 33170 bytes

    User: Default User
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 0 bytes

    User: Public

    User: sylvie
    ->Temp folder emptied: 21746029 bytes
    ->Temporary Internet Files folder emptied: 743737109 bytes
    ->Java cache emptied: 48297009 bytes
    ->FireFox cache emptied: 42710341 bytes
    ->Google Chrome cache emptied: 6339733 bytes
    ->Apple Safari cache emptied: 0 bytes
    ->Flash cache emptied: 16784 bytes

    User: TEMP

    %systemdrive% .tmp files removed: 0 bytes
    %systemroot% .tmp files removed: 0 bytes
    %systemroot%\System32 .tmp files removed: 0 bytes
    %systemroot%\System32\drivers .tmp files removed: 0 bytes
    Windows Temp folder emptied: 94751317 bytes
    RecycleBin emptied: 0 bytes

    Total Files Cleaned = 913,00 mb


    OTL by OldTimer - Version 3.2.14.1 log created on 10112010_235141

    Files\Folders moved on Reboot...
    C:\Users\sylvie\AppData\Local\Temp\Low\Google Toolbar\GoogleToolbarWelcome.log moved successfully.
    File\Folder C:\Users\sylvie\AppData\Local\Temp\~DF2283.tmp not found!
    File\Folder C:\Users\sylvie\AppData\Local\Temp\~DF2292.tmp not found!
    File\Folder C:\Users\sylvie\AppData\Local\Temp\~DF22F3.tmp not found!
    File\Folder C:\Users\sylvie\AppData\Local\Temp\~DF2302.tmp not found!
    File\Folder C:\Users\sylvie\AppData\Local\Temp\~DF2342.tmp not found!
    File\Folder C:\Users\sylvie\AppData\Local\Temp\~DF2351.tmp not found!
    File\Folder C:\Users\sylvie\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\ZPH0NMKY\01[1].htm not found!
    File\Folder C:\Users\sylvie\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\ZPH0NMKY\afr[1].htm not found!
    File\Folder C:\Users\sylvie\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\1O5G5JVU\295499-11-message-erreur-1706-ouverture[1].htm not found!
    File\Folder C:\Users\sylvie\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\1O5G5JVU\like[1].htm not found!
    File move failed. C:\Windows\temp\_avast4_\Webshlock.txt scheduled to be moved on reboot.

    Registry entries deleted on Reboot...



    je te remercie beaucoup pour ton aide te ton temps
    a c 612 8 Sécurité
    12 Octobre 2010 16:43:20

    Re,

    Ok, je voudrais vérifier un truc ou deux :

    Affiche les fichiers et dossiers cachés :
    http://www.inforumatique.fr/afficher-les-fichiers-cache...

    Va sur ce site :
    http://www.virustotal.com/fr/

    Clique sur "Parcourir" puis recherche ce fichier (si présent) :

    - C:\Users\sylvie\AppData\Local\yepsw.bat

    Une fois sélectionné, clique sur "Send File", l'envoi va commencer.

    S'il te dit que ce fichier a déjà été analysé, redemande une analyse (bouton "Reanalysis"), et/ou laisse faire l'analyse jusqu'à avoir "terminée" en haut, après "current statut"

    Copie alors l'adresse dans la barre d'adresse de ton navigateur, puis donne-la moi dans ta prochaine réponse.

    Refais de même pour ces fichiers :
    C:\Users\sylvie\AppData\Local\zhswcpbo.bat
    C:\Users\sylvie\AppData\Local\ogoyaca.bat
    C:\Users\sylvie\AppData\Roaming\wklnhst.dat
    C:\Users\sylvie\AppData\Local\ojccx.bat

    [:_tom_:7]
    12 Octobre 2010 18:26:09

    bonjour,

    j'ai fait comme tu m'as demandé

    voici les adresses

    pour - C:\Users\sylvie\AppData\Local\yepsw.bat


    http://www.virustotal.com/file-scan/report.html?id=1ceb...

    - C:\Users\sylvie\AppData\Local\zhswcpbo.bat

    http://www.virustotal.com/file-scan/report.html?id=d51d...

    - C:\Users\sylvie\AppData\Local\ogoyaca.bat

    http://www.virustotal.com/file-scan/report.html?id=c65a...

    - C:\Users\sylvie\AppData\Local\ojccx.bat

    http://www.virustotal.com/file-scan/report.html?id=9da7...

    - et pour C:\Users\sylvie\AppData\Roaming\wklnhst.dat rien ne se passe.
    désolé.

    merci hyunkel30

    a c 612 8 Sécurité
    12 Octobre 2010 19:19:32

    Re,

    Ok, bizarre ces fichiers, mais ne semble pas infectieux ...

    Pour terminer :

    1) Relance OTL.exe
    (Utilisateur de Vista/Windows 7 faites un clic droit -> "Exécuter en tant qu'administrateur")

  • Clique sur "Purge d'outils"
  • Valide l'avertissement par "ok" et laisse le pc redémarrer.

    2) Purge ta restauration système :

    Elle comporte des reste de l'infection :
    http://www.inforumatique.fr/post82670.html#p82670


    3) Met à jour les programmes suivant :

    Un système ou des programme non à jour sont une source d'infection par faille de sécurité

    -> Java vers la version 6 update 21
    -> Adobe Reader vers la version 9.3.4
    -> Mozilla Firefox vers la version 3.6.10
    -> VLC media player vers le version 1.1.4

    Ensuite passe au Service Pack 2 de Vista, via la fonction Windows update, dans "tous les programmes"


    4) Il faut absolument faire de la place sur ton Disque Dur :


    Il te reste moins de 2% d'espace libre, c'est vraiment insuffisant et dangereux pour le bon fonctionnement de ton système !
    Supprime des programmes, archive tes données personnel sur un autre support, bref, fais le ménage !

    5) Pour terminer le nettoyage :

    Télécharge CCleaner Slim (sans toolbar) de Piriform :

  • Lance l'installation en double cliquant sur le fichier Ccleaner***_slim.exe. (aide ici)
  • Ceci terminé, lance le programme.
  • Choisis Options -> Avancé -> et décoche "Effacer uniquement les fichiers du dossier temp plus vieux que 48h"
  • Choisis "Nettoyeur" puis clique sur "Analyse"
  • Laisse faire puis clique sur "Lancer le nettoyage" et accepte l'avertissement avec "Oui"

  • Choisis ensuite "Registre" puis clique sur "Chercher les erreurs"
  • Laisse faire le scan puis clique sur "Réparer les erreurs sélectionnées"
  • Enregistre la sauvegarde en cliquant sur "Oui"
  • puis clique sur "Corriger toutes les erreurs sélectionnées"
  • Valide l'avertissement en cliquant sur "Oui"

  • Ferme le programme



    Pour aller plus loin dans ta protection et éviter de te faire réinfecter voici quelques conseils supplémentaires :


  • Maintenir ses logiciels et son système à jour :
    De nombreuses infections sont dû à des failles de windows, mais aussi de logiciel tiers, comme Sun Java, Adobe Acrobat Reader, etc
    Tu peux faire un scan de vulnérabilité pour connaitre tes logiciels présentant des failles non corrigées ou à mettre à jour.

  • Lire les conditions d'installations et d'utilisation des logiciels (CGU) :
    Il contiennent parfois des paragraphe indiquant que l'installation va s'accompagner d'un logiciel "sponsor" ou publicitaire, fuis ces logiciels, ou décoche l'installation des sponsors.


    Enfin, le plus important reste ton comportement sur ton PC, tu restes la plus importante protection : Évites les comportement à risque : P2P, cracks, téléchargements et installations douteux via des pubs, les messageries instantanées, ou des sites inconnu, sites pornographiques.
    A lire !
    17 Octobre 2010 20:39:15

    bonjour hyunkel30,

    desolé de ne pas t'avoir repondu plutot.

    je te remercie beaucoup pour ton aide, maintenant tout a l'air de bien fonctionner(il me reste 182Go de libre)

    j'ai pris note de tes conseils de vigilances pour les prochaine fois.

    merci, merci,

    sylp
    a c 612 8 Sécurité
    17 Octobre 2010 21:58:03

    Bonsoir,

    [:archi]

    Tu peux indiquer ton sujet "réglé" en cliquant sur le bouton "éditer" dans ton tout premier message.
    -> Ajoute ensuite "résolu" à coté de ton titre et valide.

    Tu peux aussi, si tu le souhaites, valider une "meilleure réponse", ton sujet sera alors automatiquement marqué comme "résolu"

    A bientôt sur les forums Tom's Guide
    Tom's guide dans le monde
    • Allemagne
    • Italie
    • Irlande
    • Royaume Uni
    • Etats Unis
    Suivre Tom's Guide
    Inscrivez-vous à la Newsletter
    • ajouter à twitter
    • ajouter à facebook
    • ajouter un flux RSS