Résolu Pages publicitaire qui s'ouvre tous seules

  • Auteur de la discussion flogil
  • Date de début
Statut
N'est pas ouverte pour d'autres réponses.

flogil

Habitué
{resolu} Bonjour,
depuis quel que temps, des pages publicitaires s'ouvrent toutes seules. Et je ne sais pas comment faire pour que celà n'arrive plus, s'il vous plait , es ce que quelqu'un pourrait m'aider??
Bisous
 

flogil

Habitué
voici le rapport


Fix Navipromo version 4.1.0 commencé le 16/05/2011 19:21:14,52

!!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!!
!!! Postez ce rapport sur le forum pour le faire analyser !!!

Outil exécuté depuis C:\navilog1

Mise à jour le 20.04.2011 à 09h00 par IL-MAFIOSO

Microsoft® Windows Vista™ Édition Familiale Basique ( v6.0.6001 ) Service Pack 1
X86-based PC ( Multiprocessor Free : Intel(R) Pentium(R) Dual CPU T3400 @ 2.16GHz )
BIOS : PhoenixBIOS 4.0 Release 6.1
USER : user ( Administrator )
BOOT : Normal boot




C:\ (Local Disk) - NTFS - Total:143 Go (Free:76 Go)
D:\ (Local Disk) - NTFS - Total:143 Go (Free:141 Go)
E:\ (CD or DVD)
F:\ (CD or DVD)
G:\ (CD or DVD)


Recherche executée en mode normal


Aucune Infection Navipromo/Egdaccess trouvée



*** Scan terminé 16/05/2011 19:21:31,21 ***
 

help-manformatique

Grand Maître
Bonjour, tu veux que je te prenne en charge ;) ?
 

thor37230

Grand Maître
tu utilise quel navigateur internet?
tu as installé un bloquer de publicités?
 

flogil

Habitué
j'utilise Google chrome mais avant j'utilisais internet explorer .
J'ai mis sur internet explorer de bloquer les pages publicitaire mais ça ne fonctionne pas meme quand je ne suis pas sur le web , elles s'ouvrent toutes seules!
Votre aide est la bienvenue! :)
 

help-manformatique

Grand Maître
Je peux te proposer une désinfection si je trouve un virus ;)
On commence si tu veux ;) :
■ Télécharge (de OldTimer[/#ff]) sur ton Bureau.

■ Si tu es sous XP, double-clique dessus pour le lancer, si tu es sous Vista/7, fais un clic droit dessus et fais Exécuter en tant qu'administrateur pour le lancer.

■ Une fenêtre apparaît.

■ Coche la case : Tous les utilisateurs

■ Coche les cases correspondant à la Recherche LOP et à la Recherche Purity (En bleu vers le bas de la fenêtre).

■ Enfin, clique sur le bouton Analyse. Pendant la durée du scanne, ne touche à rien. Le scan prendra quelques temps.

■ A la fin du scan, deux rapports s'ouvriront : OTL.Txt et Extras.Txt. Copie/colle ici l'ensemble des rapports.

Pour les rapports, qui ont tendance à être trop longs pour le forum, merci d'utiliser : dépose le fichier via "parcourir" et poste simplement le lien obtenu.
 

flogil

Habitué
Voila c'est lancé, je vous copie le rapport dès que je l'ai ! Merci déjà d'avance de votre aide! :) :)
 

help-manformatique

Grand Maître
Tu pourra me remercier quand j'aurai trouver la source de tes problèmes ;)
 

flogil

Habitué
le 1er

OTL Extras logfile created on: 16/05/2011 20:11:26 - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\user\Desktop
Windows Vista Home Basic Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

3,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 51,00% Memory free
6,00 Gb Paging File | 5,00 Gb Available in Paging File | 75,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 143,19 Gb Total Space | 76,19 Gb Free Space | 53,21% Space Free | Partition Type: NTFS
Drive D: | 143,18 Gb Total Space | 141,92 Gb Free Space | 99,13% Space Free | Partition Type: NTFS

Computer Name: PC-DE-USER | User Name: user | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l

[HKEY_USERS\S-1-5-21-650762868-1884999243-2415363551-1000\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~2\Office12\ONENOTE.EXE "%L"
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{3674DC1F-1251-4A02-B921-AAF69372A241}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{759FA507-7D03-4230-A731-3162E906B1C2}" = lport=5353 | protocol=6 | dir=in | name=adobe csi cs4 |
"{EE1217E7-E1F5-4CF8-98FE-B21737559FC1}" = lport=2869 | protocol=6 | dir=in | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{01114141-548C-4F94-9DDE-CBD23DE427B7}" = dir=in | app=c:\program files\cyberlink\powercinema\kernel\dms\clmsservice.exe |
"{0175DC77-8090-4144-8EA4-13B6F4EC4AA3}" = protocol=6 | dir=in | app=c:\program files\common files\adobe\cs4servicemanager\cs4servicemanager.exe |
"{0F12C14E-1600-4F50-BEE3-DBF646D54EEA}" = dir=in | app=c:\program files\cyberlink\playmovie\pmvservice.exe |
"{22A854BD-5CE9-46CD-B06B-D113BE8FBE2A}" = dir=in | app=c:\program files\cyberlink\powercinema\kernel\dmp\clbrowserengine.exe |
"{302225EC-1EE8-4335-8F92-E2805404C014}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{3030B6B9-6459-4FA0-B27C-FE8EB878F909}" = dir=in | app=c:\program files\cyberlink\powercinema\pcmservice.exe |
"{3DE15091-FB87-4E7C-A761-19F4C1B2FFB7}" = protocol=17 | dir=in | app=c:\program files\common files\adobe\cs4servicemanager\cs4servicemanager.exe |
"{47DB3107-6189-427F-AB29-CA56F17C9AAA}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{52F11D1D-9057-4920-9C3F-9FDDA902C1B6}" = dir=in | app=c:\program files\cyberlink\powercinema\powercinema.exe |
"{6FF32AEA-F70E-4D94-B7A9-365AD3889935}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{84E5D10A-BDC7-47CD-AFF9-CBC247EE171F}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{96AD960D-8C47-46A9-89A1-12498F82C45B}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{A9A0F81B-25A5-429F-B952-30D2E7FD9102}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe |
"{D962E134-4804-428B-927E-6AEA0AC77407}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{E3A4C305-E34C-4E99-883F-8B2AAD04F124}" = dir=in | app=c:\program files\itunes\itunes.exe |
"{F4621F15-FAA0-4312-8225-5D29772A6F28}" = dir=in | app=c:\program files\cyberlink\playmovie\playmovie.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{05308C4E-7285-4066-BAE3-6B50DA6ED755}" = Adobe Update Manager CS4
"{054EFA56-2AC1-48F4-A883-0AB89874B972}" = Adobe Extension Manager CS4
"{098727E1-775A-4450-B573-3F441F1CA243}" = kuler
"{098A2A49-7CF3-4F08-A38D-FB879117152A}" = Adobe Color NA Extra Settings CS4
"{0D6013AB-A0C7-41DC-973C-E93129C9A29F}" = Adobe Color JA Extra Settings CS4
"{0D67A4E4-5BE0-4C9A-8AD8-AB552B433F23}" = Adobe Setup
"{0DC0E85F-36E4-463B-B3EA-4CD8ED2222A1}" = Adobe Color EU Recommended Settings CS4
"{0F5B4A82-9DAF-3D13-8CB8-AEB25E4A614E}" = Microsoft .NET Framework 4 Client Profile FRA Language Pack
"{0F723FC1-7606-4867-866C-CE80AD292DAF}" = Adobe CSI CS4
"{133742BA-6F46-4D3E-85AF-78631D9AD8B8}" = Installation Windows Live
"{1618734A-3957-4ADD-8199-F973763109A8}" = Adobe Anchor Service CS4
"{16E16F01-2E2D-4248-A42F-76261C147B6C}" = Adobe Drive CS4
"{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}" = AdobeColorCommonSetRGB
"{197A3012-8C85-4FD3-AB66-9EC7E13DB92E}" = Adobe AIR
"{1EE04769-91C4-4A06-92B7-FCAFE6BABDD9}" = Galerie de photos Windows Live
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Outil de téléchargement Windows Live
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2637C347-9DAD-11D6-9EA2-00055D0CA761}" = CyberLink PowerCinema
"{28518520-F25C-48C3-A224-861F331602F4}" = Setup My PC
"{2A697B53-0DE3-42DA-B41D-C3F804B1C538}" = iTunes
"{2A981294-F14C-4F0F-9627-D793270922F8}" = Bonjour
"{2DC94AFD-A6E2-4AB4-9132-4A3F8E07B386}" = Apple Application Support
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{3559CDE0-11FC-4D7B-A65C-D646035B1036}" = Nero 8 Essentials
"{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}" = PDF Settings CS4
"{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}" = Adobe XMP Panels CS4
"{3B160861-7250-451E-B5EE-8B92BF30A710}" = Microsoft Works
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3D2C9DE6-9ADE-4252-A241-E43723B0CE02}" = Adobe Color - Photoshop Specific CS4
"{3DA8DF9A-044E-46C4-8531-DEDBB0EE37FF}" = Adobe WinSoft Linguistics Plugin
"{3E31821C-7917-367E-938E-E65FC413EA31}" = Microsoft .NET Framework 3.5 Language Pack SP1 - fra
"{445B183D-F4F1-45C8-B9DB-F11355CA657B}" = Windows Live Messenger
"{4634B21A-CC07-4396-890C-2B8168661FEA}" = Windows Live Writer
"{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}" = Adobe Service Manager Extension
"{5335DADB-34BA-4AE8-A519-648D78498846}" = Skype™ 5.3
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}" = Microsoft Office Live Add-in 1.3
"{5DD76286-9BE7-4894-A990-E905E91AC818}" = Windows Live Mail
"{61172A5D-60AA-43BE-958F-90451024E768}_is1" = Adobe Photoshop CS5 Portable
"{63C24A08-70F3-4C8E-B9FB-9F21A903801D}" = Adobe Color Video Profiles CS CS4
"{63E5CDBF-8214-4F03-84F8-CD3CE48639AD}" = Adobe Photoshop CS4 Support
"{67F0E67A-8E93-4C2C-B29D-47C48262738A}" = Adobe Device Central CS4
"{68243FF8-83CA-466B-B2B8-9F99DA5479C4}" = AdobeColorCommonSetCMYK
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{76810709-A7D3-468D-9167-A1780C1E766C}" = Windows Live FolderShare
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7F811A54-5A09-4579-90E1-C93498E230D9}" = Packard Bell Recovery Management
"{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}" = Adobe Type Support CS4
"{83877DB1-8B77-45BC-AB43-2BAC22E093E0}" = Adobe Bridge CS4
"{842B4B72-9E8F-4962-B3C1-1C422A5C4434}" = Suite Shared Configuration CS4
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8169 8168 8101E 8102E Ethernet Driver
"{8E5233E1-7495-44FB-8DEB-4BE906D59619}" = Junk Mail filter update
"{90120000-0016-040C-0000-0000000FF1CE}" = Microsoft Office Excel MUI (French) 2007
"{90120000-0016-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-040C-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (French) 2007
"{90120000-0018-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-040C-0000-0000000FF1CE}" = Microsoft Office Word MUI (French) 2007
"{90120000-001B-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0401-0000-0000000FF1CE}" = Microsoft Office Proof (Arabic) 2007
"{90120000-001F-0401-0000-0000000FF1CE}_HOMESTUDENTR_{14809F99-C601-4D4A-9391-F1E8FAA964C5}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0413-0000-0000000FF1CE}" = Microsoft Office Proof (Dutch) 2007
"{90120000-001F-0413-0000-0000000FF1CE}_HOMESTUDENTR_{D66D5A44-E480-4BA4-B4F2-C554F6B30EBB}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-0020-040C-0000-0000000FF1CE}" = Module de compatibilité pour Microsoft Office System 2007
"{90120000-002C-040C-0000-0000000FF1CE}" = Microsoft Office Proofing (French) 2007
"{90120000-006E-040C-0000-0000000FF1CE}" = Microsoft Office Shared MUI (French) 2007
"{90120000-006E-040C-0000-0000000FF1CE}_HOMESTUDENTR_{B165D3C2-40AE-4D39-86F7-E5C87C4264C0}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-040C-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (French) 2007
"{90120000-00A1-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{931AB7EA-3656-4BB7-864D-022B09E3DD67}" = Adobe Linguistics CS4
"{94D398EB-D2FD-4FD1-B8C4-592635E8A191}" = Adobe CMaps CS4
"{95120000-00AF-040C-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (French)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{a0fe116e-9a8a-466f-aee0-625cb7c207e3}" = Microsoft Visual C++ 2005 Redistributable - KB2467175
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1036-7B44-A90000000001}" = Adobe Reader 9 - Français
"{B29AD377-CC12-490A-A480-1452337C618D}" = Connect
"{B3B487E7-6171-4376-9074-B28082CEB504}" = Windows Live Call
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B65BA85C-0A27-4BC0-A22D-A66F0E5B9494}" = Adobe Photoshop CS4
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Toolbars
"{BB4E33EC-8181-4685-96F7-8554293DEC6A}" = Adobe Output Module
"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update
"{C52E3EC1-048C-45E1-8D53-10B0C6509683}" = Adobe Default Language CS4
"{CA786CFF-1D31-4804-B436-F3405B14357F}" = Packard Bell Updator
"{CACAEB5F-174D-4C7C-AC56-A33289A807CA}" = Apple Mobile Device Support
"{CC75AB5C-2110-4A7F-AF52-708680D22FE8}" = Photoshop Camera Raw
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{DC24971E-1946-445D-8A82-CE685433FA7D}" = Realtek USB 2.0 Card Reader
"{DCE8CD14-FBF5-4464-B9A4-E18E473546C7}" = Assistant de connexion Windows Live
"{E4848436-0345-47E2-B648-8B522FCDA623}" = Adobe Photoshop CS4
"{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F0E64E2E-3A60-40D8-A55D-92F6831875DA}" = Adobe Search for Help
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F4EA67C9-6748-4C1E-9AFF-04149AC75D95}" = Packard Bell ImageWriter
"{F54AC413-D2C6-4A24-B324-370C223C6250}" = Adobe Photoshop Elements 6.0
"{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}" = Adobe ExtendScript Toolkit CS4
"{F93C84A6-0DC6-42AF-89FA-776F7C377353}" = Adobe PDF Library Files CS4
"{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}" = Adobe Fonts All
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Photoshop Elements 6" = Adobe Photoshop Elements 6.0
"Adobe_faf656ef605427ee2f42989c3ad31b8" = Adobe Photoshop CS4
"DAEMON Tools Lite" = DAEMON Tools Lite
"DAEMON Tools Toolbar" = DAEMON Tools Toolbar
"EasyBits Magic Desktop" = EasyBits Magic Desktop
"EoRezo_is1" = EoRezo 12.0
"Google Chrome" = Google Chrome
"Google Desktop" = Google Desktop
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"InstallShield_{2637C347-9DAD-11D6-9EA2-00055D0CA761}" = CyberLink PowerCinema
"McAfee Security Scan" = McAfee Security Scan Plus
"Microsoft .NET Framework 3.5 Language Pack SP1 - fra" = Module linguistique Microsoft .NET Framework 3.5 SP1- fra
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile FRA Language Pack" = Module linguistique Microsoft .NET Framework 4 Client Profile FRA
"NIS" = Norton Internet Security
"NIS2009" = Norton Internet Security 2009
"Office2007" = Microsoft Office Home and Student
"pctuto_is1" = Tuto Photoshop1.0.0.0
"Picasa 3" = Picasa 3
"Songr" = Songr
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"UpdatePCTuto_is1" = UpdatePCTuto 1.0
"VLC media player" = VLC media player 1.1.9
"WinLiveSuite_Wave3" = Installation Windows Live
"WinRAR archiver" = WinRAR 4.00 (32-bit)
"Works9" = Microsoft Works 9.0

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-650762868-1884999243-2415363551-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 08/05/2011 09:55:40 | Computer Name = PC-de-user | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 11342

Error - 08/05/2011 09:55:41 | Computer Name = PC-de-user | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 08/05/2011 09:55:41 | Computer Name = PC-de-user | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 12356

Error - 08/05/2011 09:55:41 | Computer Name = PC-de-user | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 12356

Error - 08/05/2011 09:55:42 | Computer Name = PC-de-user | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 08/05/2011 09:55:42 | Computer Name = PC-de-user | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 13354

Error - 08/05/2011 09:55:42 | Computer Name = PC-de-user | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 13354

Error - 08/05/2011 10:40:06 | Computer Name = PC-de-user | Source = Application Error | ID = 1000
Description = Application défaillante wkswp.exe, version 9.7.613.0, horodatage 0x466fad27,
module défaillant unknown, version 0.0.0.0, horodatage 0x00000000, code d’exception
0xc0000005, décalage d’erreur 0x00000000, ID du processus 0x1794, heure de début
de l’application 0x01cc0d58db728972.

Error - 08/05/2011 11:44:04 | Computer Name = PC-de-user | Source = Application Error | ID = 1000
Description = Application défaillante eorezo.exe, version 1.0.0.1, horodatage 0x4cf6722d,
module défaillant eorezo.exe, version 1.0.0.1, horodatage 0x4cf6722d, code d’exception
0x40000015, décalage d’erreur 0x0006204b, ID du processus 0xdd0, heure de début
de l’application 0x01cc0d96a179504c.

Error - 08/05/2011 11:44:18 | Computer Name = PC-de-user | Source = WinMgmt | ID = 10
Description =

[ System Events ]
Error - 03/04/2011 05:18:43 | Computer Name = PC-de-user | Source = Service Control Manager | ID = 7022
Description =

Error - 03/04/2011 05:34:40 | Computer Name = PC-de-user | Source = Service Control Manager | ID = 7009
Description =

Error - 03/04/2011 05:34:40 | Computer Name = PC-de-user | Source = Service Control Manager | ID = 7000
Description =

Error - 03/04/2011 05:34:40 | Computer Name = PC-de-user | Source = DCOM | ID = 10005
Description =

Error - 03/04/2011 05:34:40 | Computer Name = PC-de-user | Source = Service Control Manager | ID = 7009
Description =

Error - 03/04/2011 05:34:40 | Computer Name = PC-de-user | Source = Service Control Manager | ID = 7000
Description =

Error - 03/04/2011 11:34:24 | Computer Name = PC-de-user | Source = Service Control Manager | ID = 7011
Description =

Error - 03/04/2011 13:57:34 | Computer Name = PC-de-user | Source = DCOM | ID = 10010
Description =

Error - 03/04/2011 14:00:09 | Computer Name = PC-de-user | Source = HTTP | ID = 15016
Description =

Error - 03/04/2011 14:01:12 | Computer Name = PC-de-user | Source = Service Control Manager | ID = 7000
Description =


< End of report >
 

flogil

Habitué
le otl


OTL logfile created on: 16/05/2011 20:11:26 - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\user\Desktop
Windows Vista Home Basic Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

3,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 51,00% Memory free
6,00 Gb Paging File | 5,00 Gb Available in Paging File | 75,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 143,19 Gb Total Space | 76,19 Gb Free Space | 53,21% Space Free | Partition Type: NTFS
Drive D: | 143,18 Gb Total Space | 141,92 Gb Free Space | 99,13% Space Free | Partition Type: NTFS

Computer Name: PC-DE-USER | User Name: user | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - File not found --
PRC - [2011/05/16 20:09:18 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\user\Desktop\OTL.exe
PRC - [2011/05/07 13:57:16 | 001,010,232 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
PRC - [2010/12/01 17:05:02 | 000,675,840 | ---- | M] (EoRezo) -- C:\Program Files\EoRezo\eorezo.exe
PRC - [2010/08/17 10:06:34 | 000,659,456 | ---- | M] (PCTuto) -- C:\Users\user\AppData\Roaming\PCtuto\UpdatePCTuto\autoupdater.exe
PRC - [2010/08/04 16:18:56 | 000,966,656 | ---- | M] (PCTUTO) -- C:\Program Files\PCTuto\pctuto.exe
PRC - [2010/01/20 23:03:39 | 000,117,640 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton Internet Security\Engine\16.8.0.41\ccSvcHst.exe
PRC - [2010/01/15 14:49:20 | 000,255,536 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe
PRC - [2009/01/26 15:31:16 | 002,144,088 | RHS- | M] (Safer Networking Limited) -- C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
PRC - [2009/01/26 15:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
PRC - [2008/10/29 08:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008/08/04 11:16:46 | 006,265,376 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe
PRC - [2008/07/16 15:00:00 | 000,024,576 | ---- | M] () -- C:\Program Files\Packard Bell\Packard Bell Recovery Management\Service\ETService.exe
PRC - [2008/07/07 17:26:28 | 001,038,136 | ---- | M] (Packard Bell BV) -- C:\Program Files\PACKARD BELL\SetUpMyPC\SmpSys.exe
PRC - [2008/04/12 00:22:06 | 000,196,608 | ---- | M] (CyberLink) -- C:\Program Files\CyberLink\PowerCinema\Kernel\CLML\CLMLSvc.exe
PRC - [2008/03/31 11:51:42 | 000,172,032 | ---- | M] (CyberLink Corp.) -- C:\Program Files\CyberLink\PlayMovie\PMVService.exe
PRC - [2008/03/21 21:56:56 | 000,143,360 | ---- | M] (CyberLink Corp.) -- C:\Program Files\CyberLink\PowerCinema\PCMAgent.exe
PRC - [2008/01/21 04:33:00 | 001,008,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MSASCui.exe
PRC - [2007/09/11 01:45:04 | 000,124,832 | ---- | M] () -- C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe


========== Modules (SafeList) ==========

MOD - [2011/05/16 20:09:18 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\user\Desktop\OTL.exe
MOD - [2010/08/31 17:39:57 | 001,684,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18523_none_5cdd65e20837faf2\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - [2011/03/27 14:26:05 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2010/01/20 23:03:39 | 000,117,640 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Norton Internet Security\Engine\16.8.0.41\ccSvcHst.exe -- (Norton Internet Security)
SRV - [2010/01/15 14:49:20 | 000,227,232 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe -- (McComponentHostService)
SRV - [2009/01/26 15:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) [Auto | Running] -- C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe -- (SBSDWSCService)
SRV - [2008/07/16 15:00:00 | 000,024,576 | ---- | M] () [Auto | Running] -- C:\Program Files\Packard Bell\Packard Bell Recovery Management\Service\ETService.exe -- (ETService)
SRV - [2008/02/03 13:00:00 | 000,129,992 | ---- | M] (EasyBits Sofware AS) [Auto | Running] -- C:\Windows\System32\ezsvc7.dll -- (ezSharedSvc)
SRV - [2008/01/21 04:33:00 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)
SRV - [2007/09/11 01:45:04 | 000,124,832 | ---- | M] () [Auto | Running] -- C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe -- (AdobeActiveFileMonitor6.0)


========== Driver Services (SafeList) ==========

DRV - [2011/05/09 10:00:00 | 000,374,392 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2011/05/09 10:00:00 | 000,105,592 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2011/03/31 10:00:00 | 001,393,144 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20110515.002\NAVEX15.SYS -- (NAVEX15)
DRV - [2011/03/31 10:00:00 | 000,086,136 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20110515.002\NAVENG.SYS -- (NAVENG)
DRV - [2011/03/22 21:25:24 | 000,218,688 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\System32\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV - [2011/03/16 21:38:22 | 000,124,976 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2011/03/16 21:37:52 | 000,482,432 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\Drivers\NIS\1008000.029\ccHPx86.sys -- (ccHP)
DRV - [2011/03/14 20:58:33 | 000,353,912 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20110513.001\IDSvix86.sys -- (IDSVix86)
DRV - [2010/01/20 23:03:40 | 000,217,136 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\Drivers\NIS\1008000.029\SYMTDI.SYS -- (SYMTDI)
DRV - [2010/01/20 23:03:40 | 000,089,904 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\NIS\1008000.029\SYMFW.SYS -- (SYMFW)
DRV - [2010/01/20 23:03:40 | 000,048,688 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\NIS\1008000.029\SYMNDISV.SYS -- (SYMNDISV)
DRV - [2010/01/20 23:03:39 | 000,310,320 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\system32\drivers\NIS\1008000.029\SYMEFA.SYS -- (SymEFA)
DRV - [2010/01/20 23:03:39 | 000,308,272 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\Drivers\NIS\1008000.029\SRTSP.SYS -- (SRTSP)
DRV - [2010/01/20 23:03:39 | 000,259,632 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\Drivers\NIS\1008000.029\BHDrvx86.sys -- (BHDrvx86)
DRV - [2010/01/20 23:03:39 | 000,043,696 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\system32\drivers\NIS\1008000.029\SRTSPX.SYS -- (SRTSPX) Symantec Real Time Storage Protection (PEL)
DRV - [2010/01/20 23:03:28 | 000,025,648 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\SymIMV.sys -- (SymIM)
DRV - [2008/08/06 10:26:08 | 000,124,928 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169)
DRV - [2008/07/16 14:56:06 | 000,015,392 | ---- | M] (Acer, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\int15.sys -- (int15)
DRV - [2008/04/28 00:29:26 | 003,658,752 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NETw5v32.sys -- (NETw5v32) Pilote de carte Intel(R)
DRV - [2008/03/31 11:52:10 | 000,041,456 | ---- | M] (Cyberlink Corp.) [Kernel | Auto | Running] -- C:\Program Files\CyberLink\PlayMovie\000.fcl -- ({49DE1C67-83F8-4102-99E0-C16DCC7EEC796})
DRV - [2007/11/08 07:10:00 | 000,288,768 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RTL8187B.sys -- (RTL8187B)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-650762868-1884999243-2415363551-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL =
IE - HKU\S-1-5-21-650762868-1884999243-2415363551-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
IE - HKU\S-1-5-21-650762868-1884999243-2415363551-1000\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-650762868-1884999243-2415363551-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.be/
IE - HKU\S-1-5-21-650762868-1884999243-2415363551-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-650762868-1884999243-2415363551-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-650762868-1884999243-2415363551-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

FF - HKLM\software\mozilla\Firefox\Extensions\\{7BA52691-1876-45ce-9EE6-54BCB3B04BBC}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\coFFPlgn\ [2011/03/20 22:16:25 | 000,000,000 | ---D | M]


O1 HOSTS File: ([2006/09/18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (PCTBHO Class) - {293A63F7-C3B6-423a-9845-901AC0A7EE6E} - C:\Program Files\PCTuto\pctutoBHO.dll (PCTUTO)
O2 - BHO: (CescrtHlpr Object) - {2EECD738-5844-4a99-B4B6-146BF802613B} - File not found
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Internet Security\Engine\16.8.0.41\coIEPlg.dll (Symantec Corporation)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Internet Security\Engine\16.8.0.41\IPSBHO.DLL (Symantec Corporation)
O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (EOBHO Class) - {C10DC1F4-CCDF-4224-A24D-B23AFC3573C8} - C:\Program Files\EoRezo\EoRezoBHO.dll (EoRezo)
O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\16.8.0.41\coIEPlg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (Babylon Toolbar) - {98889811-442D-49dd-99D7-DC866BE87DBC} - File not found
O3 - HKU\S-1-5-21-650762868-1884999243-2415363551-1000\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()
O3 - HKU\S-1-5-21-650762868-1884999243-2415363551-1000\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\16.8.0.41\coIEPlg.dll (Symantec Corporation)
O4 - HKLM..\Run: [AdobeCS4ServiceManager] C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [BabylonToolbar] File not found
O4 - HKLM..\Run: [CLMLServer] C:\Program Files\CyberLink\PowerCinema\Kernel\CLML\CLMLSvc.exe (CyberLink)
O4 - HKLM..\Run: [eorezo] C:\Program Files\EoRezo\eorezo.exe (EoRezo)
O4 - HKLM..\Run: [eRecoveryService] File not found
O4 - HKLM..\Run: [PCMAgent] C:\Program Files\CyberLink\PowerCinema\PCMAgent.exe (CyberLink Corp.)
O4 - HKLM..\Run: [PCTuto] C:\Program Files\PCTuto\pctuto.exe (PCTUTO)
O4 - HKLM..\Run: [PlayMovie] C:\Program Files\CyberLink\PlayMovie\PMVService.exe (CyberLink Corp.)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [SmpcSys] C:\Program Files\Packard Bell\SetupMyPC\SmpSys.exe (Packard Bell BV)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-650762868-1884999243-2415363551-1000..\Run: [AdobeBridge] File not found
O4 - HKU\S-1-5-21-650762868-1884999243-2415363551-1000..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-650762868-1884999243-2415363551-1000..\Run: [SmpcSys] C:\Program Files\PACKARD BELL\SetUpMyPC\SmpSys.exe (Packard Bell BV)
O4 - HKU\S-1-5-21-650762868-1884999243-2415363551-1000..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer Networking Limited)
O4 - HKLM..\RunOnce: [autoupdater] C:\Users\user\AppData\Roaming\PCtuto\UpdatePCTuto\autoupdater.exe (PCTuto)
O4 - HKU\S-1-5-21-650762868-1884999243-2415363551-1000..\RunOnce: [SpybotDeletingB3463] C:\Windows\System32\COMMAND.COM ()
O4 - HKU\S-1-5-21-650762868-1884999243-2415363551-1000..\RunOnce: [SpybotDeletingB5871] C:\Windows\System32\COMMAND.COM ()
O4 - HKU\S-1-5-21-650762868-1884999243-2415363551-1000..\RunOnce: [SpybotDeletingB9070] C:\Windows\System32\COMMAND.COM ()
O4 - HKU\S-1-5-21-650762868-1884999243-2415363551-1000..\RunOnce: [SpybotDeletingB9652] C:\Windows\System32\COMMAND.COM ()
O4 - HKU\S-1-5-21-650762868-1884999243-2415363551-1000..\RunOnce: [SpybotDeletingD2431] C:\Windows\System32\cmd.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-650762868-1884999243-2415363551-1000..\RunOnce: [SpybotDeletingD2570] C:\Windows\System32\cmd.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-650762868-1884999243-2415363551-1000..\RunOnce: [SpybotDeletingD3206] C:\Windows\System32\cmd.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-650762868-1884999243-2415363551-1000..\RunOnce: [SpybotDeletingD760] C:\Windows\System32\cmd.exe (Microsoft Corporation)
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)
O9 - Extra Button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-650762868-1884999243-2415363551-1000\..Trusted Domains: localhost ([]http in Local intranet)
O15 - HKU\S-1-5-21-650762868-1884999243-2415363551-1000\..Trusted Ranges: GD ([http] in Local intranet)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 109.88.203.3 212.68.193.196
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Handler\symres {AA1061FE-6C41-421f-9344-69640C9732AB} - C:\Program Files\Norton Internet Security\Engine\16.8.0.41\coIEPlg.dll (Symantec Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL) - C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL (Google)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\ezShellStart.exe) - C:\Windows\System32\ezShellStart.exe (EasyBits Software AS)
O24 - Desktop WallPaper: C:\Users\user\Desktop\019.jpg
O24 - Desktop BackupWallPaper: C:\Users\user\Desktop\019.jpg
O28 - HKLM ShellExecuteHooks: {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\System32\ezUPBHook.dll (EasyBits Software Corp.)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/05/16 20:09:17 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Users\user\Desktop\OTL.exe
[2011/05/16 17:08:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy
[2011/05/16 17:07:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2011/05/16 17:07:56 | 000,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy
[2011/05/16 16:56:08 | 000,000,000 | ---D | C] -- C:\Navilog1
[2011/05/16 16:56:07 | 000,000,000 | ---D | C] -- C:\Program Files\Navilog1
[2011/05/15 21:49:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype Extras
[2011/05/15 21:48:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2011/05/15 21:48:20 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[2011/05/13 20:08:24 | 000,000,000 | ---D | C] -- C:\Users\user\Documents\Facebook_files
[2011/05/11 20:16:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Picasa 3
[2011/04/28 17:57:38 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Apphlpdm.dll
[2011/04/28 17:57:37 | 004,240,384 | ---- | C] (Microsoft) -- C:\Windows\System32\GameUXLegacyGDFs.dll
[2011/04/25 15:33:55 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Roaming\Template
[2011/04/24 18:55:27 | 000,000,000 | ---D | C] -- C:\Users\user\Documents\Antho
[2011/04/24 18:53:47 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\Songr
[2011/04/24 18:53:11 | 000,000,000 | ---D | C] -- C:\Program Files\Songr
[2011/04/18 21:33:37 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Roaming\vlc
[2011/04/18 21:33:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
[2011/04/18 21:32:01 | 000,000,000 | ---D | C] -- C:\Program Files\VideoLAN
[2011/04/18 18:22:15 | 000,292,864 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll
[2011/04/18 18:22:15 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll
[2011/04/18 18:22:04 | 001,136,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc42.dll
[2011/04/18 18:22:03 | 001,161,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc42u.dll
[2011/04/18 18:21:49 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dnscacheugc.exe
[2011/04/18 18:21:33 | 000,380,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2011/04/18 18:21:30 | 000,671,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll
[2011/04/18 18:21:30 | 000,230,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll
[2011/04/18 18:21:29 | 000,389,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2011/04/18 18:21:29 | 000,389,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2011/04/18 18:21:29 | 000,193,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2011/04/18 18:21:28 | 001,383,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2011/04/18 18:21:28 | 000,467,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2011/04/18 18:21:28 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieencode.dll
[2011/04/18 18:21:28 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2011/04/18 18:21:21 | 002,040,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2011/04/18 18:21:16 | 000,512,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript.dll
[2011/04/18 18:21:16 | 000,430,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vbscript.dll

========== Files - Modified Within 30 Days ==========

[2011/05/16 20:09:18 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\user\Desktop\OTL.exe
[2011/05/16 19:35:57 | 000,001,052 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011/05/16 19:35:13 | 000,000,000 | ---- | M] () -- C:\Windows\System32\LogConfigTemp.xml
[2011/05/16 19:35:08 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011/05/16 19:35:08 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011/05/16 19:35:03 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/05/16 19:35:01 | 3146,670,080 | -HS- | M] () -- C:\hiberfil.sys
[2011/05/16 19:19:59 | 000,001,056 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011/05/16 18:38:14 | 000,000,069 | ---- | M] () -- C:\Windows\NeroDigital.ini
[2011/05/16 17:29:15 | 000,000,635 | ---- | M] () -- C:\Windows\wininit.ini
[2011/05/16 17:08:03 | 000,001,081 | ---- | M] () -- C:\Users\user\Application Data\Microsoft\Internet Explorer\Quick Launch\Spybot - Search & Destroy.lnk
[2011/05/15 21:48:21 | 000,001,878 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2011/05/15 17:21:39 | 000,001,973 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2011/05/15 13:34:06 | 000,679,042 | ---- | M] () -- C:\Windows\System32\perfh00C.dat
[2011/05/15 13:34:06 | 000,595,996 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011/05/15 13:34:06 | 000,126,626 | ---- | M] () -- C:\Windows\System32\perfc00C.dat
[2011/05/15 13:34:05 | 000,104,070 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011/05/15 13:33:59 | 000,054,784 | ---- | M] () -- C:\Users\user\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/05/15 13:04:37 | 000,000,626 | ---- | M] () -- C:\Users\user\AppData\Roaming\wklnhst.dat
[2011/05/13 20:08:24 | 000,407,161 | ---- | M] () -- C:\Users\user\Documents\Facebook.htm
[2011/05/13 00:37:19 | 000,495,104 | ---- | M] () -- C:\Users\user\Desktop\la radioactivité.wps
[2011/05/12 20:50:14 | 000,048,128 | ---- | M] () -- C:\Users\user\Documents\Document sans titre.wps
[2011/05/11 20:16:59 | 000,000,925 | ---- | M] () -- C:\Users\user\Application Data\Microsoft\Internet Explorer\Quick Launch\Picasa 3.lnk
[2011/05/11 20:16:59 | 000,000,901 | ---- | M] () -- C:\Users\Public\Desktop\Picasa 3.lnk
[2011/05/08 17:38:07 | 000,010,240 | ---- | M] () -- C:\Users\user\Documents\Travail d'histoire.wps
[2011/05/08 16:51:23 | 000,009,728 | ---- | M] () -- C:\Users\user\Documents\Travail de géographie.wps
[2011/05/08 12:24:03 | 000,009,216 | ---- | M] () -- C:\Users\user\FESTIVAL.wps
[2011/04/24 18:53:14 | 000,000,822 | ---- | M] () -- C:\Users\Public\Desktop\Songr.lnk
[2011/04/24 18:52:23 | 004,437,496 | ---- | M] () -- C:\Users\user\Desktop\Songr_1_9_17.zip
[2011/04/20 18:36:57 | 002,234,800 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2011/04/18 21:33:23 | 000,000,861 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk

========== Files Created - No Company Name ==========

[2011/05/16 17:29:05 | 000,000,635 | ---- | C] () -- C:\Windows\wininit.ini
[2011/05/16 17:08:03 | 000,001,081 | ---- | C] () -- C:\Users\user\Application Data\Microsoft\Internet Explorer\Quick Launch\Spybot - Search & Destroy.lnk
[2011/05/15 21:48:21 | 000,001,878 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk
[2011/05/13 20:08:16 | 000,407,161 | ---- | C] () -- C:\Users\user\Documents\Facebook.htm
[2011/05/12 20:50:30 | 000,495,104 | ---- | C] () -- C:\Users\user\Desktop\la radioactivité.wps
[2011/05/11 21:09:22 | 000,048,128 | ---- | C] () -- C:\Users\user\Documents\Document sans titre.wps
[2011/05/11 20:16:59 | 000,000,925 | ---- | C] () -- C:\Users\user\Application Data\Microsoft\Internet Explorer\Quick Launch\Picasa 3.lnk
[2011/05/11 20:16:59 | 000,000,901 | ---- | C] () -- C:\Users\Public\Desktop\Picasa 3.lnk
[2011/05/11 13:31:35 | 000,004,457 | ---- | C] () -- C:\Users\user\Desktop\4926_1154263291776_1083494544_30516642_1493036_s.jpg
[2011/05/11 13:31:17 | 001,708,143 | ---- | C] () -- C:\Users\user\Desktop\019.jpg
[2011/05/08 16:51:23 | 000,009,728 | ---- | C] () -- C:\Users\user\Documents\Travail de géographie.wps
[2011/05/08 16:30:06 | 000,010,240 | ---- | C] () -- C:\Users\user\Documents\Travail d'histoire.wps
[2011/05/08 12:24:03 | 000,009,216 | ---- | C] () -- C:\Users\user\FESTIVAL.wps
[2011/04/25 14:43:41 | 000,000,626 | ---- | C] () -- C:\Users\user\AppData\Roaming\wklnhst.dat
[2011/04/24 18:53:14 | 000,000,834 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Songr.lnk
[2011/04/24 18:53:14 | 000,000,822 | ---- | C] () -- C:\Users\Public\Desktop\Songr.lnk
[2011/04/24 18:52:19 | 004,437,496 | ---- | C] () -- C:\Users\user\Desktop\Songr_1_9_17.zip
[2011/04/18 21:33:23 | 000,000,861 | ---- | C] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2011/03/29 20:03:21 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2011/03/19 22:06:41 | 000,054,784 | ---- | C] () -- C:\Users\user\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/03/07 14:58:22 | 000,000,056 | -H-- | C] () -- C:\Windows\System32\ezsidmv.dat
[2011/03/07 14:58:07 | 000,008,164 | ---- | C] () -- C:\Windows\System32\ezdigsgn.dat
[2011/03/07 14:32:43 | 000,487,424 | ---- | C] () -- C:\Windows\System32\INT15.dll
[2009/01/11 22:59:46 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
[2009/01/11 22:59:33 | 002,192,024 | ---- | C] () -- C:\Windows\System32\igkrng500.bin
[2009/01/11 22:59:33 | 000,147,456 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1527.dll
[2009/01/11 22:59:32 | 000,147,172 | ---- | C] () -- C:\Windows\System32\igfcg550.bin
[2009/01/11 22:59:31 | 000,495,376 | ---- | C] () -- C:\Windows\System32\igcompkrng500.bin
[2009/01/11 15:39:40 | 000,000,209 | ---- | C] () -- C:\Windows\ODBCINST.INI
[2009/01/11 14:37:33 | 000,106,605 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2009/01/11 14:37:33 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2008/01/21 09:23:37 | 000,679,042 | ---- | C] () -- C:\Windows\System32\perfh00C.dat
[2008/01/21 09:23:37 | 000,340,236 | ---- | C] () -- C:\Windows\System32\perfi00C.dat
[2008/01/21 09:23:37 | 000,126,626 | ---- | C] () -- C:\Windows\System32\perfc00C.dat
[2008/01/21 09:23:37 | 000,037,390 | ---- | C] () -- C:\Windows\System32\perfd00C.dat
[2006/11/02 14:53:49 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006/11/02 14:44:53 | 002,234,800 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006/11/02 12:33:01 | 000,595,996 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006/11/02 12:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006/11/02 12:33:01 | 000,104,070 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006/11/02 12:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006/11/02 12:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006/11/02 10:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006/11/02 10:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006/11/02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/11/02 09:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat

========== LOP Check ==========

[2011/03/22 21:28:47 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\DAEMON Tools Lite
[2011/03/20 12:20:27 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\Packard Bell
[2011/03/30 20:49:28 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\PCtuto
[2011/04/25 15:33:55 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\Template
[2011/05/16 19:34:15 | 000,032,562 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



< End of report >
 

help-manformatique

Grand Maître
Ok j'ai trouver d'ou sa vient :

Télécharge (C_XX) sur ton Bureau.
/!\ Déconnecte-toi et ferme toutes applications en cours /!\
Double-cliquez sur AD-R présent sur ton bureau. (Clic droit -> "Exécuter en tant qu'administrateur" pour VISTA et SEVEN
Patiente jusqu'à l'apparition du menu principale. A partir de là, clique sur Scanner. Ont te demandera de confirmer, clique sur Oui et patiente jusqu'à la fin du scan.
!! Laisse Travailler l'outil !!
Une fenêtre contenant le rapport va s'ouvrir, poste moi le rapport dans ta prochaine réponse.
( CTRL+A Pour tout sélectionner , CTRL+C pour copier et CTRL+V pour coller )
Ensuite clique sur Quitter pour fermer Ad-Remover.

Note : Le rapport que Ad-Remover viens de générer se trouve ici : C:\Ad-Report-SCAN
 

flogil

Habitué
Voila


======= RAPPORT D'AD-REMOVER 2.0.0.2,G | UNIQUEMENT XP/VISTA/7 =======

Mis à jour par TeamXscript le 12/04/11
Contact: AdRemover[DOT]contact[AT]gmail[DOT]com
Site web:

C:\Program Files\Ad-Remover\main.exe (SCAN [1]) -> Lancé à 20:42:49 le 16/05/2011, Mode normal

Microsoft® Windows Vista™ Édition Familiale Basique Service Pack 1 (X86)
user@PC-DE-USER (PACKARD BELL BV EasyNote MH36)

============== RECHERCHE ==============


Dossier trouvé: C:\Users\user\AppData\Roaming\PCtuto
Dossier trouvé: C:\Users\user\AppData\Local\EoRezo
Dossier trouvé: C:\Program Files\EoRezo
Dossier trouvé: C:\Users\user\AppData\Local\PCTuto
Dossier trouvé: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PCTuto
Dossier trouvé: C:\Program Files\PCTuto

Clé trouvée: HKLM\Software\Classes\CLSID\{293A63F7-C3B6-423a-9845-901AC0A7EE6E}
Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{293A63F7-C3B6-423a-9845-901AC0A7EE6E}
Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{293A63F7-C3B6-423a-9845-901AC0A7EE6E}
Clé trouvée: HKLM\Software\Classes\CLSID\{C10DC1F4-CCDF-4224-A24D-B23AFC3573C8}
Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C10DC1F4-CCDF-4224-A24D-B23AFC3573C8}
Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C10DC1F4-CCDF-4224-A24D-B23AFC3573C8}
Clé trouvée: HKLM\Software\Classes\Interface\{BFE569F7-646C-4512-969B-9BE3E580D393}
Clé trouvée: HKLM\Software\Classes\Interface\{C8D424EF-CB21-49A0-8659-476FBAB0F8E8}
Clé trouvée: HKLM\Software\Classes\Interface\{DF76E9B7-35EC-46FC-AF56-5B79DED9D64F}
Clé trouvée: HKLM\Software\Classes\TypeLib\{0BF73E27-2734-4F7B-925A-4BBB1457F5FA}
Clé trouvée: HKLM\Software\Classes\TypeLib\{18AF7201-4F14-4BCF-93FE-45617CF259FF}
Clé trouvée: HKLM\Software\Classes\EoEngineBHO.EOBHO
Clé trouvée: HKLM\Software\Classes\EoEngineBHO.EOBHO.1
Clé trouvée: HKLM\Software\Classes\AppID\EoEngineBHO.DLL
Clé trouvée: HKLM\Software\Classes\AppID\{AFBB7970-789A-4264-BA70-E8127DECE400}
Clé trouvée: HKLM\Software\EoRezo
Clé trouvée: HKCU\Software\EoRezo
Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\EoRezo_is1
Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\EoRezo_is1

Valeur trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Run|PCTuto
Valeur trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Run|Eorezo


============== SCAN ADDITIONNEL ==============

**** Internet Explorer Version [7.0.6001.18000] ****

HKCU_Main|Default_Page_URL - hxxp://homepage.packardbell.com/rdr.aspx?b=ACPW&l=040c&s=2&o=vb32&d=0311&m=easynote_mh36
HKCU_Main|First Home Page - hxxp://y.lo.st
HKCU_Main|Search bar - hxxp://www.google.com/ie
HKCU_Main|Search Page - hxxp://www.google.com
HKCU_Main|Start Page - hxxp://y.lo.st
HKLM_Main|Default_Page_URL - hxxp://homepage.packardbell.com/rdr.aspx?b=ACPW&l=040c&s=2&o=vb32&d=0311&m=easynote_mh36
HKLM_Main|Default_Search_URL - hxxp://go.microsoft.com/fwlink/?LinkId=54896
HKLM_Main|Search Page - hxxp://go.microsoft.com/fwlink/?LinkId=54896
HKLM_Main|Start Page - hxxp://homepage.packardbell.com/rdr.aspx?b=ACPW&l=040c&s=2&o=vb32&d=0311&m=easynote_mh36
AboutUrls|Tabs - hxxp://search.babylon.com/?babsrc=NT_ss&mntrId=6cdc2d090000000000000017c4599c16&tlver=1.4.19.19&ss=1&affID=18027
HKCU_SearchScopes\{70D46D94-BF1E-45ED-B567-48701376298E} - "Google Desktop" (hxxp://127.0.0.1:4664/search&s=fCbKa-DjaUnxrvYroAqS9x1FT1M?q={searchTerms})
HKCU_Toolbar\WebBrowser|{32099AAC-C132-4136-9E9A-4E364A424E17} (C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll)
HKLM_Toolbar|{32099AAC-C132-4136-9E9A-4E364A424E17} (C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll)
HKLM_Toolbar|{98889811-442D-49dd-99D7-DC866BE87DBC} (C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbarTlbr.dll) (x)
HKLM_ElevationPolicy\${ELV_GUID} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbarsrv.exe (x)
HKLM_ElevationPolicy\{74351F14-5437-4d87-805B-04D409B09976} - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe (Google)
HKLM_Extensions\{DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - "?" (?)
BHO\{293A63F7-C3B6-423a-9845-901AC0A7EE6E} - "PCTBHO Class" (C:\Program Files\PCTuto\pctutoBHO.dll)
BHO\{2EECD738-5844-4a99-B4B6-146BF802613B} - "CescrtHlpr Object" (C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.19.19\bh\BabylonToolbar.dll) (x)
BHO\{5C255C8A-E604-49b4-9D64-90988571CECB} (?)
BHO\{C10DC1F4-CCDF-4224-A24D-B23AFC3573C8} - "EOBHO Class" (C:\Program Files\EoRezo\EoRezoBHO.dll)

========================================

C:\Program Files\Ad-Remover\Quarantine: 0 Fichier(s)
C:\Program Files\Ad-Remover\Backup: 2 Fichier(s)

C:\Ad-Report-SCAN[1].txt - 16/05/2011 20:42:58 (4819 Octet(s))

Fin à: 20:44:07, 16/05/2011

============== E.O.F ==============
 

help-manformatique

Grand Maître
Ok maintenant utilise la fonction " nettoyer " d'ad-remover
 

help-manformatique

Grand Maître
Tu as le rapport de AD-R après le nettoyage ?
 

flogil

Habitué
======= RAPPORT D'AD-REMOVER 2.0.0.2,G | UNIQUEMENT XP/VISTA/7 =======

Mis à jour par TeamXscript le 12/04/11
Contact: AdRemover[DOT]contact[AT]gmail[DOT]com
Site web:

C:\Program Files\Ad-Remover\main.exe (CLEAN [1]) -> Lancé à 20:49:51 le 16/05/2011, Mode normal

Microsoft® Windows Vista™ Édition Familiale Basique Service Pack 1 (X86)
user@PC-DE-USER (PACKARD BELL BV EasyNote MH36)

============== ACTION(S) ==============


Dossier supprimé: C:\Users\user\AppData\Roaming\PCtuto
Dossier supprimé: C:\Users\user\AppData\Local\EoRezo
Dossier supprimé: C:\Program Files\EoRezo
Dossier supprimé: C:\Users\user\AppData\Local\PCTuto
Dossier supprimé: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PCTuto
Dossier supprimé: C:\Program Files\PCTuto

(!) -- Fichiers temporaires supprimés.


Clé supprimée: HKLM\Software\Classes\CLSID\{293A63F7-C3B6-423a-9845-901AC0A7EE6E}
Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{293A63F7-C3B6-423a-9845-901AC0A7EE6E}
Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{293A63F7-C3B6-423a-9845-901AC0A7EE6E}
Clé supprimée: HKLM\Software\Classes\CLSID\{C10DC1F4-CCDF-4224-A24D-B23AFC3573C8}
Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C10DC1F4-CCDF-4224-A24D-B23AFC3573C8}
Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C10DC1F4-CCDF-4224-A24D-B23AFC3573C8}
Clé supprimée: HKLM\Software\Classes\Interface\{BFE569F7-646C-4512-969B-9BE3E580D393}
Clé supprimée: HKLM\Software\Classes\Interface\{C8D424EF-CB21-49A0-8659-476FBAB0F8E8}
Clé supprimée: HKLM\Software\Classes\Interface\{DF76E9B7-35EC-46FC-AF56-5B79DED9D64F}
Clé supprimée: HKLM\Software\Classes\TypeLib\{0BF73E27-2734-4F7B-925A-4BBB1457F5FA}
Clé supprimée: HKLM\Software\Classes\TypeLib\{18AF7201-4F14-4BCF-93FE-45617CF259FF}
Clé supprimée: HKLM\Software\Classes\EoEngineBHO.EOBHO
Clé supprimée: HKLM\Software\Classes\EoEngineBHO.EOBHO.1
Clé supprimée: HKLM\Software\Classes\AppID\EoEngineBHO.DLL
Clé supprimée: HKLM\Software\Classes\AppID\{AFBB7970-789A-4264-BA70-E8127DECE400}
Clé supprimée: HKLM\Software\EoRezo
Clé supprimée: HKCU\Software\EoRezo
Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\EoRezo_is1
Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\EoRezo_is1

Valeur supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Run|PCTuto
Valeur supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Run|Eorezo


============== SCAN ADDITIONNEL ==============

**** Internet Explorer Version [7.0.6001.18000] ****

HKCU_Main|Default_Page_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
HKCU_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU_Main|Search bar - hxxp://go.microsoft.com/fwlink/?linkid=54896
HKCU_Main|Start Page - hxxp://fr.msn.com/
HKLM_Main|Default_Page_URL - hxxp://go.microsoft.com/fwlink/?LinkId=54896
HKLM_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM_Main|Search bar - hxxp://search.msn.com/spbasic.htm
HKLM_Main|Search Page - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM_Main|Start Page - hxxp://fr.msn.com/
HKCU_SearchScopes\{70D46D94-BF1E-45ED-B567-48701376298E} - "Google Desktop" (hxxp://127.0.0.1:4664/search&s=fCbKa-DjaUnxrvYroAqS9x1FT1M?q={searchTerms})
HKCU_Toolbar\WebBrowser|{32099AAC-C132-4136-9E9A-4E364A424E17} (C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll)
HKLM_Toolbar|{32099AAC-C132-4136-9E9A-4E364A424E17} (C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll)
HKLM_Toolbar|{98889811-442D-49dd-99D7-DC866BE87DBC} (C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbarTlbr.dll) (x)
HKLM_ElevationPolicy\${ELV_GUID} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbarsrv.exe (x)
HKLM_ElevationPolicy\{74351F14-5437-4d87-805B-04D409B09976} - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe (Google)
HKLM_Extensions\{DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - "?" (?)
BHO\{2EECD738-5844-4a99-B4B6-146BF802613B} - "CescrtHlpr Object" (C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.19.19\bh\BabylonToolbar.dll) (x)
BHO\{5C255C8A-E604-49b4-9D64-90988571CECB} (?)

========================================

C:\Program Files\Ad-Remover\Quarantine: 32 Fichier(s)
C:\Program Files\Ad-Remover\Backup: 17 Fichier(s)

C:\Ad-Report-CLEAN[1].txt - 16/05/2011 20:49:55 (4564 Octet(s))
C:\Ad-Report-SCAN[1].txt - 16/05/2011 20:42:58 (4957 Octet(s))

Fin à: 20:51:18, 16/05/2011

============== E.O.F ==============
 

help-manformatique

Grand Maître
Ok donc une dernière procédure :

Télécharge :

■Installe le programme (aide )
■Lance-le et met à jour la base de définition.

■Choisi ensuite "Exécuter un examen complet" puis "Rechercher"
■Sélectionne les disques dur et clique sur "Lancer l'examen"
■Laisse l'analyse se faire (cela peut durer longtemps).
■A la fin, vérifie que les éléments trouvés soient coché (dans "Résultat de l'examen).
■Puis clique sur "Supprimer la sélection" en bas.
■Un redémarrage peut être nécessaire.

■Un rapport va s'afficher, enregistre-le sur ton bureau.
■ou sinon, après le démarrage, il se trouvera dans "Rapports/logs"
• Envoie moi le rapport

C'est presque fini voir meme fini si le rapport ne détecte rien d'autre de suspect ;)

[:_tom_:7]
 

help-manformatique

Grand Maître
Sa fait combien de minutes ?
Ne t'inquiète pas, la désinfection se déroule sans problème ;)
 
Statut
N'est pas ouverte pour d'autres réponses.
Derniers messages publiés
Statistiques globales
Discussions
730 098
Messages
6 717 108
Membres
1 586 287
Dernier membre
lucilleguffey
Partager cette page
Haut