Pages publicitaire qui s'ouvre tous seules

voici le rapport


Fix Navipromo version 4.1.0 commencé le 16/05/2011 19:21:14,52

!!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!!
!!! Postez ce rapport sur le forum pour le faire analyser !!!

Outil exécuté depuis C:\navilog1

Mise à jour le 20.04.2011 à 09h00 par IL-MAFIOSO

Microsoft® Windows Vista™ Édition Familiale Basique ( v6.0.6001 ) Service Pack 1
X86-based PC ( Multiprocessor Free : Intel(R) Pentium(R) Dual CPU T3400 @ 2.16GHz )
BIOS : PhoenixBIOS 4.0 Release 6.1
USER : user ( Administrator )
BOOT : Normal boot




C:\ (Local Disk) - NTFS - Total:143 Go (Free:76 Go)
D:\ (Local Disk) - NTFS - Total:143 Go (Free:141 Go)
E:\ (CD or DVD)
F:\ (CD or DVD)
G:\ (CD or DVD)


Recherche executée en mode normal


Aucune Infection Navipromo/Egdaccess trouvée



*** Scan terminé 16/05/2011 19:21:31,21 ***

Bonjour, tu veux que je te prenne en charge   ?

tu utilise quel navigateur internet?
tu as installé un bloquer de publicités?

j'utilise Google chrome mais avant j'utilisais internet explorer .
J'ai mis sur internet explorer de bloquer les pages publicitaire mais ça ne fonctionne pas meme quand je ne suis pas sur le web , elles s'ouvrent toutes seules!
Votre aide est la bienvenue!  

Je peux te proposer une désinfection si je trouve un virus  
On commence si tu veux   :

Télécharge OTL (de [#ff9000]OldTimer[/#ff]) sur ton Bureau.

Si tu es sous XP, double-clique dessus pour le lancer, si tu es sous Vista/7, fais un clic droit dessus et fais Exécuter en tant qu'administrateur pour le lancer.

Une fenêtre apparaît.

Coche la case : Tous les utilisateurs

Coche les cases correspondant à la Recherche LOP et à la Recherche Purity (En bleu vers le bas de la fenêtre).

Enfin, clique sur le bouton Analyse. Pendant la durée du scanne, ne touche à rien. Le scan prendra quelques temps.

A la fin du scan, deux rapports s'ouvriront : OTL.Txt et Extras.Txt. Copie/colle ici l'ensemble des rapports.

Pour les rapports, qui ont tendance à être trop longs pour le forum, merci d'utiliser ce service de rapport en ligne : dépose le fichier via "parcourir" et poste simplement le lien obtenu.

Voila c'est lancé, je vous copie le rapport dès que je l'ai ! Merci déjà d'avance de votre aide!    

Tu pourra me remercier quand j'aurai trouver la source de tes problèmes  

le 1er

OTL Extras logfile created on: 16/05/2011 20:11:26 - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\user\Desktop
Windows Vista Home Basic Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

3,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 51,00% Memory free
6,00 Gb Paging File | 5,00 Gb Available in Paging File | 75,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 143,19 Gb Total Space | 76,19 Gb Free Space | 53,21% Space Free | Partition Type: NTFS
Drive D: | 143,18 Gb Total Space | 141,92 Gb Free Space | 99,13% Space Free | Partition Type: NTFS

Computer Name: PC-DE-USER | User Name: user | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l

[HKEY_USERS\S-1-5-21-650762868-1884999243-2415363551-1000\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~2\Office12\ONENOTE.EXE "%L"
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{3674DC1F-1251-4A02-B921-AAF69372A241}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{759FA507-7D03-4230-A731-3162E906B1C2}" = lport=5353 | protocol=6 | dir=in | name=adobe csi cs4 |
"{EE1217E7-E1F5-4CF8-98FE-B21737559FC1}" = lport=2869 | protocol=6 | dir=in | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{01114141-548C-4F94-9DDE-CBD23DE427B7}" = dir=in | app=c:\program files\cyberlink\powercinema\kernel\dms\clmsservice.exe |
"{0175DC77-8090-4144-8EA4-13B6F4EC4AA3}" = protocol=6 | dir=in | app=c:\program files\common files\adobe\cs4servicemanager\cs4servicemanager.exe |
"{0F12C14E-1600-4F50-BEE3-DBF646D54EEA}" = dir=in | app=c:\program files\cyberlink\playmovie\pmvservice.exe |
"{22A854BD-5CE9-46CD-B06B-D113BE8FBE2A}" = dir=in | app=c:\program files\cyberlink\powercinema\kernel\dmp\clbrowserengine.exe |
"{302225EC-1EE8-4335-8F92-E2805404C014}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{3030B6B9-6459-4FA0-B27C-FE8EB878F909}" = dir=in | app=c:\program files\cyberlink\powercinema\pcmservice.exe |
"{3DE15091-FB87-4E7C-A761-19F4C1B2FFB7}" = protocol=17 | dir=in | app=c:\program files\common files\adobe\cs4servicemanager\cs4servicemanager.exe |
"{47DB3107-6189-427F-AB29-CA56F17C9AAA}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{52F11D1D-9057-4920-9C3F-9FDDA902C1B6}" = dir=in | app=c:\program files\cyberlink\powercinema\powercinema.exe |
"{6FF32AEA-F70E-4D94-B7A9-365AD3889935}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{84E5D10A-BDC7-47CD-AFF9-CBC247EE171F}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{96AD960D-8C47-46A9-89A1-12498F82C45B}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{A9A0F81B-25A5-429F-B952-30D2E7FD9102}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe |
"{D962E134-4804-428B-927E-6AEA0AC77407}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{E3A4C305-E34C-4E99-883F-8B2AAD04F124}" = dir=in | app=c:\program files\itunes\itunes.exe |
"{F4621F15-FAA0-4312-8225-5D29772A6F28}" = dir=in | app=c:\program files\cyberlink\playmovie\playmovie.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{05308C4E-7285-4066-BAE3-6B50DA6ED755}" = Adobe Update Manager CS4
"{054EFA56-2AC1-48F4-A883-0AB89874B972}" = Adobe Extension Manager CS4
"{098727E1-775A-4450-B573-3F441F1CA243}" = kuler
"{098A2A49-7CF3-4F08-A38D-FB879117152A}" = Adobe Color NA Extra Settings CS4
"{0D6013AB-A0C7-41DC-973C-E93129C9A29F}" = Adobe Color JA Extra Settings CS4
"{0D67A4E4-5BE0-4C9A-8AD8-AB552B433F23}" = Adobe Setup
"{0DC0E85F-36E4-463B-B3EA-4CD8ED2222A1}" = Adobe Color EU Recommended Settings CS4
"{0F5B4A82-9DAF-3D13-8CB8-AEB25E4A614E}" = Microsoft .NET Framework 4 Client Profile FRA Language Pack
"{0F723FC1-7606-4867-866C-CE80AD292DAF}" = Adobe CSI CS4
"{133742BA-6F46-4D3E-85AF-78631D9AD8B8}" = Installation Windows Live
"{1618734A-3957-4ADD-8199-F973763109A8}" = Adobe Anchor Service CS4
"{16E16F01-2E2D-4248-A42F-76261C147B6C}" = Adobe Drive CS4
"{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}" = AdobeColorCommonSetRGB
"{197A3012-8C85-4FD3-AB66-9EC7E13DB92E}" = Adobe AIR
"{1EE04769-91C4-4A06-92B7-FCAFE6BABDD9}" = Galerie de photos Windows Live
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Outil de téléchargement Windows Live
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2637C347-9DAD-11D6-9EA2-00055D0CA761}" = CyberLink PowerCinema
"{28518520-F25C-48C3-A224-861F331602F4}" = Setup My PC
"{2A697B53-0DE3-42DA-B41D-C3F804B1C538}" = iTunes
"{2A981294-F14C-4F0F-9627-D793270922F8}" = Bonjour
"{2DC94AFD-A6E2-4AB4-9132-4A3F8E07B386}" = Apple Application Support
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{3559CDE0-11FC-4D7B-A65C-D646035B1036}" = Nero 8 Essentials
"{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}" = PDF Settings CS4
"{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}" = Adobe XMP Panels CS4
"{3B160861-7250-451E-B5EE-8B92BF30A710}" = Microsoft Works
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3D2C9DE6-9ADE-4252-A241-E43723B0CE02}" = Adobe Color - Photoshop Specific CS4
"{3DA8DF9A-044E-46C4-8531-DEDBB0EE37FF}" = Adobe WinSoft Linguistics Plugin
"{3E31821C-7917-367E-938E-E65FC413EA31}" = Microsoft .NET Framework 3.5 Language Pack SP1 - fra
"{445B183D-F4F1-45C8-B9DB-F11355CA657B}" = Windows Live Messenger
"{4634B21A-CC07-4396-890C-2B8168661FEA}" = Windows Live Writer
"{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}" = Adobe Service Manager Extension
"{5335DADB-34BA-4AE8-A519-648D78498846}" = Skype™ 5.3
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}" = Microsoft Office Live Add-in 1.3
"{5DD76286-9BE7-4894-A990-E905E91AC818}" = Windows Live Mail
"{61172A5D-60AA-43BE-958F-90451024E768}_is1" = Adobe Photoshop CS5 Portable
"{63C24A08-70F3-4C8E-B9FB-9F21A903801D}" = Adobe Color Video Profiles CS CS4
"{63E5CDBF-8214-4F03-84F8-CD3CE48639AD}" = Adobe Photoshop CS4 Support
"{67F0E67A-8E93-4C2C-B29D-47C48262738A}" = Adobe Device Central CS4
"{68243FF8-83CA-466B-B2B8-9F99DA5479C4}" = AdobeColorCommonSetCMYK
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{76810709-A7D3-468D-9167-A1780C1E766C}" = Windows Live FolderShare
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7F811A54-5A09-4579-90E1-C93498E230D9}" = Packard Bell Recovery Management
"{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}" = Adobe Type Support CS4
"{83877DB1-8B77-45BC-AB43-2BAC22E093E0}" = Adobe Bridge CS4
"{842B4B72-9E8F-4962-B3C1-1C422A5C4434}" = Suite Shared Configuration CS4
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8169 8168 8101E 8102E Ethernet Driver
"{8E5233E1-7495-44FB-8DEB-4BE906D59619}" = Junk Mail filter update
"{90120000-0016-040C-0000-0000000FF1CE}" = Microsoft Office Excel MUI (French) 2007
"{90120000-0016-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-040C-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (French) 2007
"{90120000-0018-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-040C-0000-0000000FF1CE}" = Microsoft Office Word MUI (French) 2007
"{90120000-001B-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0401-0000-0000000FF1CE}" = Microsoft Office Proof (Arabic) 2007
"{90120000-001F-0401-0000-0000000FF1CE}_HOMESTUDENTR_{14809F99-C601-4D4A-9391-F1E8FAA964C5}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0413-0000-0000000FF1CE}" = Microsoft Office Proof (Dutch) 2007
"{90120000-001F-0413-0000-0000000FF1CE}_HOMESTUDENTR_{D66D5A44-E480-4BA4-B4F2-C554F6B30EBB}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-0020-040C-0000-0000000FF1CE}" = Module de compatibilité pour Microsoft Office System 2007
"{90120000-002C-040C-0000-0000000FF1CE}" = Microsoft Office Proofing (French) 2007
"{90120000-006E-040C-0000-0000000FF1CE}" = Microsoft Office Shared MUI (French) 2007
"{90120000-006E-040C-0000-0000000FF1CE}_HOMESTUDENTR_{B165D3C2-40AE-4D39-86F7-E5C87C4264C0}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-040C-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (French) 2007
"{90120000-00A1-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{931AB7EA-3656-4BB7-864D-022B09E3DD67}" = Adobe Linguistics CS4
"{94D398EB-D2FD-4FD1-B8C4-592635E8A191}" = Adobe CMaps CS4
"{95120000-00AF-040C-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (French)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{a0fe116e-9a8a-466f-aee0-625cb7c207e3}" = Microsoft Visual C++ 2005 Redistributable - KB2467175
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1036-7B44-A90000000001}" = Adobe Reader 9 - Français
"{B29AD377-CC12-490A-A480-1452337C618D}" = Connect
"{B3B487E7-6171-4376-9074-B28082CEB504}" = Windows Live Call
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B65BA85C-0A27-4BC0-A22D-A66F0E5B9494}" = Adobe Photoshop CS4
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Toolbars
"{BB4E33EC-8181-4685-96F7-8554293DEC6A}" = Adobe Output Module
"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update
"{C52E3EC1-048C-45E1-8D53-10B0C6509683}" = Adobe Default Language CS4
"{CA786CFF-1D31-4804-B436-F3405B14357F}" = Packard Bell Updator
"{CACAEB5F-174D-4C7C-AC56-A33289A807CA}" = Apple Mobile Device Support
"{CC75AB5C-2110-4A7F-AF52-708680D22FE8}" = Photoshop Camera Raw
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{DC24971E-1946-445D-8A82-CE685433FA7D}" = Realtek USB 2.0 Card Reader
"{DCE8CD14-FBF5-4464-B9A4-E18E473546C7}" = Assistant de connexion Windows Live
"{E4848436-0345-47E2-B648-8B522FCDA623}" = Adobe Photoshop CS4
"{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F0E64E2E-3A60-40D8-A55D-92F6831875DA}" = Adobe Search for Help
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F4EA67C9-6748-4C1E-9AFF-04149AC75D95}" = Packard Bell ImageWriter
"{F54AC413-D2C6-4A24-B324-370C223C6250}" = Adobe Photoshop Elements 6.0
"{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}" = Adobe ExtendScript Toolkit CS4
"{F93C84A6-0DC6-42AF-89FA-776F7C377353}" = Adobe PDF Library Files CS4
"{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}" = Adobe Fonts All
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Photoshop Elements 6" = Adobe Photoshop Elements 6.0
"Adobe_faf656ef605427ee2f42989c3ad31b8" = Adobe Photoshop CS4
"DAEMON Tools Lite" = DAEMON Tools Lite
"DAEMON Tools Toolbar" = DAEMON Tools Toolbar
"EasyBits Magic Desktop" = EasyBits Magic Desktop
"EoRezo_is1" = EoRezo 12.0
"Google Chrome" = Google Chrome
"Google Desktop" = Google Desktop
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"InstallShield_{2637C347-9DAD-11D6-9EA2-00055D0CA761}" = CyberLink PowerCinema
"McAfee Security Scan" = McAfee Security Scan Plus
"Microsoft .NET Framework 3.5 Language Pack SP1 - fra" = Module linguistique Microsoft .NET Framework 3.5 SP1- fra
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile FRA Language Pack" = Module linguistique Microsoft .NET Framework 4 Client Profile FRA
"NIS" = Norton Internet Security
"NIS2009" = Norton Internet Security 2009
"Office2007" = Microsoft Office Home and Student
"pctuto_is1" = Tuto Photoshop1.0.0.0
"Picasa 3" = Picasa 3
"Songr" = Songr
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"UpdatePCTuto_is1" = UpdatePCTuto 1.0
"VLC media player" = VLC media player 1.1.9
"WinLiveSuite_Wave3" = Installation Windows Live
"WinRAR archiver" = WinRAR 4.00 (32-bit)
"Works9" = Microsoft Works 9.0

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-650762868-1884999243-2415363551-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 08/05/2011 09:55:40 | Computer Name = PC-de-user | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 11342

Error - 08/05/2011 09:55:41 | Computer Name = PC-de-user | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 08/05/2011 09:55:41 | Computer Name = PC-de-user | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 12356

Error - 08/05/2011 09:55:41 | Computer Name = PC-de-user | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 12356

Error - 08/05/2011 09:55:42 | Computer Name = PC-de-user | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 08/05/2011 09:55:42 | Computer Name = PC-de-user | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 13354

Error - 08/05/2011 09:55:42 | Computer Name = PC-de-user | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 13354

Error - 08/05/2011 10:40:06 | Computer Name = PC-de-user | Source = Application Error | ID = 1000
Description = Application défaillante wkswp.exe, version 9.7.613.0, horodatage 0x466fad27,
module défaillant unknown, version 0.0.0.0, horodatage 0x00000000, code d’exception
0xc0000005, décalage d’erreur 0x00000000, ID du processus 0x1794, heure de début
de l’application 0x01cc0d58db728972.

Error - 08/05/2011 11:44:04 | Computer Name = PC-de-user | Source = Application Error | ID = 1000
Description = Application défaillante eorezo.exe, version 1.0.0.1, horodatage 0x4cf6722d,
module défaillant eorezo.exe, version 1.0.0.1, horodatage 0x4cf6722d, code d’exception
0x40000015, décalage d’erreur 0x0006204b, ID du processus 0xdd0, heure de début
de l’application 0x01cc0d96a179504c.

Error - 08/05/2011 11:44:18 | Computer Name = PC-de-user | Source = WinMgmt | ID = 10
Description =

[ System Events ]
Error - 03/04/2011 05:18:43 | Computer Name = PC-de-user | Source = Service Control Manager | ID = 7022
Description =

Error - 03/04/2011 05:34:40 | Computer Name = PC-de-user | Source = Service Control Manager | ID = 7009
Description =

Error - 03/04/2011 05:34:40 | Computer Name = PC-de-user | Source = Service Control Manager | ID = 7000
Description =

Error - 03/04/2011 05:34:40 | Computer Name = PC-de-user | Source = DCOM | ID = 10005
Description =

Error - 03/04/2011 05:34:40 | Computer Name = PC-de-user | Source = Service Control Manager | ID = 7009
Description =

Error - 03/04/2011 05:34:40 | Computer Name = PC-de-user | Source = Service Control Manager | ID = 7000
Description =

Error - 03/04/2011 11:34:24 | Computer Name = PC-de-user | Source = Service Control Manager | ID = 7011
Description =

Error - 03/04/2011 13:57:34 | Computer Name = PC-de-user | Source = DCOM | ID = 10010
Description =

Error - 03/04/2011 14:00:09 | Computer Name = PC-de-user | Source = HTTP | ID = 15016
Description =

Error - 03/04/2011 14:01:12 | Computer Name = PC-de-user | Source = Service Control Manager | ID = 7000
Description =


< End of report >

le otl


OTL logfile created on: 16/05/2011 20:11:26 - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\user\Desktop
Windows Vista Home Basic Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

3,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 51,00% Memory free
6,00 Gb Paging File | 5,00 Gb Available in Paging File | 75,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 143,19 Gb Total Space | 76,19 Gb Free Space | 53,21% Space Free | Partition Type: NTFS
Drive D: | 143,18 Gb Total Space | 141,92 Gb Free Space | 99,13% Space Free | Partition Type: NTFS

Computer Name: PC-DE-USER | User Name: user | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - File not found --
PRC - [2011/05/16 20:09:18 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\user\Desktop\OTL.exe
PRC - [2011/05/07 13:57:16 | 001,010,232 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
PRC - [2010/12/01 17:05:02 | 000,675,840 | ---- | M] (EoRezo) -- C:\Program Files\EoRezo\eorezo.exe
PRC - [2010/08/17 10:06:34 | 000,659,456 | ---- | M] (PCTuto) -- C:\Users\user\AppData\Roaming\PCtuto\UpdatePCTuto\autoupdater.exe
PRC - [2010/08/04 16:18:56 | 000,966,656 | ---- | M] (PCTUTO) -- C:\Program Files\PCTuto\pctuto.exe
PRC - [2010/01/20 23:03:39 | 000,117,640 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton Internet Security\Engine\16.8.0.41\ccSvcHst.exe
PRC - [2010/01/15 14:49:20 | 000,255,536 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe
PRC - [2009/01/26 15:31:16 | 002,144,088 | RHS- | M] (Safer Networking Limited) -- C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
PRC - [2009/01/26 15:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
PRC - [2008/10/29 08:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008/08/04 11:16:46 | 006,265,376 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe
PRC - [2008/07/16 15:00:00 | 000,024,576 | ---- | M] () -- C:\Program Files\Packard Bell\Packard Bell Recovery Management\Service\ETService.exe
PRC - [2008/07/07 17:26:28 | 001,038,136 | ---- | M] (Packard Bell BV) -- C:\Program Files\PACKARD BELL\SetUpMyPC\SmpSys.exe
PRC - [2008/04/12 00:22:06 | 000,196,608 | ---- | M] (CyberLink) -- C:\Program Files\CyberLink\PowerCinema\Kernel\CLML\CLMLSvc.exe
PRC - [2008/03/31 11:51:42 | 000,172,032 | ---- | M] (CyberLink Corp.) -- C:\Program Files\CyberLink\PlayMovie\PMVService.exe
PRC - [2008/03/21 21:56:56 | 000,143,360 | ---- | M] (CyberLink Corp.) -- C:\Program Files\CyberLink\PowerCinema\PCMAgent.exe
PRC - [2008/01/21 04:33:00 | 001,008,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MSASCui.exe
PRC - [2007/09/11 01:45:04 | 000,124,832 | ---- | M] () -- C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe


========== Modules (SafeList) ==========

MOD - [2011/05/16 20:09:18 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\user\Desktop\OTL.exe
MOD - [2010/08/31 17:39:57 | 001,684,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18523_none_5cdd65e20837faf2\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - [2011/03/27 14:26:05 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2010/01/20 23:03:39 | 000,117,640 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Norton Internet Security\Engine\16.8.0.41\ccSvcHst.exe -- (Norton Internet Security)
SRV - [2010/01/15 14:49:20 | 000,227,232 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe -- (McComponentHostService)
SRV - [2009/01/26 15:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) [Auto | Running] -- C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe -- (SBSDWSCService)
SRV - [2008/07/16 15:00:00 | 000,024,576 | ---- | M] () [Auto | Running] -- C:\Program Files\Packard Bell\Packard Bell Recovery Management\Service\ETService.exe -- (ETService)
SRV - [2008/02/03 13:00:00 | 000,129,992 | ---- | M] (EasyBits Sofware AS) [Auto | Running] -- C:\Windows\System32\ezsvc7.dll -- (ezSharedSvc)
SRV - [2008/01/21 04:33:00 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)
SRV - [2007/09/11 01:45:04 | 000,124,832 | ---- | M] () [Auto | Running] -- C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe -- (AdobeActiveFileMonitor6.0)


========== Driver Services (SafeList) ==========

DRV - [2011/05/09 10:00:00 | 000,374,392 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2011/05/09 10:00:00 | 000,105,592 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2011/03/31 10:00:00 | 001,393,144 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20110515.002\NAVEX15.SYS -- (NAVEX15)
DRV - [2011/03/31 10:00:00 | 000,086,136 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20110515.002\NAVENG.SYS -- (NAVENG)
DRV - [2011/03/22 21:25:24 | 000,218,688 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\System32\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV - [2011/03/16 21:38:22 | 000,124,976 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2011/03/16 21:37:52 | 000,482,432 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\Drivers\NIS\1008000.029\ccHPx86.sys -- (ccHP)
DRV - [2011/03/14 20:58:33 | 000,353,912 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20110513.001\IDSvix86.sys -- (IDSVix86)
DRV - [2010/01/20 23:03:40 | 000,217,136 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\Drivers\NIS\1008000.029\SYMTDI.SYS -- (SYMTDI)
DRV - [2010/01/20 23:03:40 | 000,089,904 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\NIS\1008000.029\SYMFW.SYS -- (SYMFW)
DRV - [2010/01/20 23:03:40 | 000,048,688 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\NIS\1008000.029\SYMNDISV.SYS -- (SYMNDISV)
DRV - [2010/01/20 23:03:39 | 000,310,320 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\system32\drivers\NIS\1008000.029\SYMEFA.SYS -- (SymEFA)
DRV - [2010/01/20 23:03:39 | 000,308,272 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\Drivers\NIS\1008000.029\SRTSP.SYS -- (SRTSP)
DRV - [2010/01/20 23:03:39 | 000,259,632 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\Drivers\NIS\1008000.029\BHDrvx86.sys -- (BHDrvx86)
DRV - [2010/01/20 23:03:39 | 000,043,696 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\system32\drivers\NIS\1008000.029\SRTSPX.SYS -- (SRTSPX) Symantec Real Time Storage Protection (PEL)
DRV - [2010/01/20 23:03:28 | 000,025,648 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\SymIMV.sys -- (SymIM)
DRV - [2008/08/06 10:26:08 | 000,124,928 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169)
DRV - [2008/07/16 14:56:06 | 000,015,392 | ---- | M] (Acer, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\int15.sys -- (int15)
DRV - [2008/04/28 00:29:26 | 003,658,752 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NETw5v32.sys -- (NETw5v32) Pilote de carte Intel(R)
DRV - [2008/03/31 11:52:10 | 000,041,456 | ---- | M] (Cyberlink Corp.) [Kernel | Auto | Running] -- C:\Program Files\CyberLink\PlayMovie\000.fcl -- ({49DE1C67-83F8-4102-99E0-C16DCC7EEC796})
DRV - [2007/11/08 07:10:00 | 000,288,768 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RTL8187B.sys -- (RTL8187B)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.packardbell.com/rdr.aspx?b=ACPW&l=040c&...
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://homepage.packardbell.com/rdr.aspx?b=ACPW&l=040c&...


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-650762868-1884999243-2415363551-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.packardbell.com/rdr.aspx?b=ACPW&l=040c&...
IE - HKU\S-1-5-21-650762868-1884999243-2415363551-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\S-1-5-21-650762868-1884999243-2415363551-1000\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-650762868-1884999243-2415363551-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.be/
IE - HKU\S-1-5-21-650762868-1884999243-2415363551-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-650762868-1884999243-2415363551-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-650762868-1884999243-2415363551-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

FF - HKLM\software\mozilla\Firefox\Extensions\\{7BA52691-1876-45ce-9EE6-54BCB3B04BBC}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\coFFPlgn\ [2011/03/20 22:16:25 | 000,000,000 | ---D | M]


O1 HOSTS File: ([2006/09/18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (PCTBHO Class) - {293A63F7-C3B6-423a-9845-901AC0A7EE6E} - C:\Program Files\PCTuto\pctutoBHO.dll (PCTUTO)
O2 - BHO: (CescrtHlpr Object) - {2EECD738-5844-4a99-B4B6-146BF802613B} - File not found
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Internet Security\Engine\16.8.0.41\coIEPlg.dll (Symantec Corporation)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Internet Security\Engine\16.8.0.41\IPSBHO.DLL (Symantec Corporation)
O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (EOBHO Class) - {C10DC1F4-CCDF-4224-A24D-B23AFC3573C8} - C:\Program Files\EoRezo\EoRezoBHO.dll (EoRezo)
O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\16.8.0.41\coIEPlg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (Babylon Toolbar) - {98889811-442D-49dd-99D7-DC866BE87DBC} - File not found
O3 - HKU\S-1-5-21-650762868-1884999243-2415363551-1000\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()
O3 - HKU\S-1-5-21-650762868-1884999243-2415363551-1000\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\16.8.0.41\coIEPlg.dll (Symantec Corporation)
O4 - HKLM..\Run: [AdobeCS4ServiceManager] C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [BabylonToolbar] File not found
O4 - HKLM..\Run: [CLMLServer] C:\Program Files\CyberLink\PowerCinema\Kernel\CLML\CLMLSvc.exe (CyberLink)
O4 - HKLM..\Run: [eorezo] C:\Program Files\EoRezo\eorezo.exe (EoRezo)
O4 - HKLM..\Run: [eRecoveryService] File not found
O4 - HKLM..\Run: [PCMAgent] C:\Program Files\CyberLink\PowerCinema\PCMAgent.exe (CyberLink Corp.)
O4 - HKLM..\Run: [PCTuto] C:\Program Files\PCTuto\pctuto.exe (PCTUTO)
O4 - HKLM..\Run: [PlayMovie] C:\Program Files\CyberLink\PlayMovie\PMVService.exe (CyberLink Corp.)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [SmpcSys] C:\Program Files\Packard Bell\SetupMyPC\SmpSys.exe (Packard Bell BV)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-650762868-1884999243-2415363551-1000..\Run: [AdobeBridge] File not found
O4 - HKU\S-1-5-21-650762868-1884999243-2415363551-1000..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-650762868-1884999243-2415363551-1000..\Run: [SmpcSys] C:\Program Files\PACKARD BELL\SetUpMyPC\SmpSys.exe (Packard Bell BV)
O4 - HKU\S-1-5-21-650762868-1884999243-2415363551-1000..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer Networking Limited)
O4 - HKLM..\RunOnce: [autoupdater] C:\Users\user\AppData\Roaming\PCtuto\UpdatePCTuto\autoupdater.exe (PCTuto)
O4 - HKU\S-1-5-21-650762868-1884999243-2415363551-1000..\RunOnce: [SpybotDeletingB3463] C:\Windows\System32\COMMAND.COM ()
O4 - HKU\S-1-5-21-650762868-1884999243-2415363551-1000..\RunOnce: [SpybotDeletingB5871] C:\Windows\System32\COMMAND.COM ()
O4 - HKU\S-1-5-21-650762868-1884999243-2415363551-1000..\RunOnce: [SpybotDeletingB9070] C:\Windows\System32\COMMAND.COM ()
O4 - HKU\S-1-5-21-650762868-1884999243-2415363551-1000..\RunOnce: [SpybotDeletingB9652] C:\Windows\System32\COMMAND.COM ()
O4 - HKU\S-1-5-21-650762868-1884999243-2415363551-1000..\RunOnce: [SpybotDeletingD2431] C:\Windows\System32\cmd.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-650762868-1884999243-2415363551-1000..\RunOnce: [SpybotDeletingD2570] C:\Windows\System32\cmd.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-650762868-1884999243-2415363551-1000..\RunOnce: [SpybotDeletingD3206] C:\Windows\System32\cmd.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-650762868-1884999243-2415363551-1000..\RunOnce: [SpybotDeletingD760] C:\Windows\System32\cmd.exe (Microsoft Corporation)
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)
O9 - Extra Button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-650762868-1884999243-2415363551-1000\..Trusted Domains: localhost ([]http in Local intranet)
O15 - HKU\S-1-5-21-650762868-1884999243-2415363551-1000\..Trusted Ranges: GD ([http] in Local intranet)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 109.88.203.3 212.68.193.196
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Handler\symres {AA1061FE-6C41-421f-9344-69640C9732AB} - C:\Program Files\Norton Internet Security\Engine\16.8.0.41\coIEPlg.dll (Symantec Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL) - C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL (Google)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\ezShellStart.exe) - C:\Windows\System32\ezShellStart.exe (EasyBits Software AS)
O24 - Desktop WallPaper: C:\Users\user\Desktop\019.jpg
O24 - Desktop BackupWallPaper: C:\Users\user\Desktop\019.jpg
O28 - HKLM ShellExecuteHooks: {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\System32\ezUPBHook.dll (EasyBits Software Corp.)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/05/16 20:09:17 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Users\user\Desktop\OTL.exe
[2011/05/16 17:08:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy
[2011/05/16 17:07:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2011/05/16 17:07:56 | 000,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy
[2011/05/16 16:56:08 | 000,000,000 | ---D | C] -- C:\Navilog1
[2011/05/16 16:56:07 | 000,000,000 | ---D | C] -- C:\Program Files\Navilog1
[2011/05/15 21:49:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype Extras
[2011/05/15 21:48:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2011/05/15 21:48:20 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[2011/05/13 20:08:24 | 000,000,000 | ---D | C] -- C:\Users\user\Documents\Facebook_files
[2011/05/11 20:16:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Picasa 3
[2011/04/28 17:57:38 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Apphlpdm.dll
[2011/04/28 17:57:37 | 004,240,384 | ---- | C] (Microsoft) -- C:\Windows\System32\GameUXLegacyGDFs.dll
[2011/04/25 15:33:55 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Roaming\Template
[2011/04/24 18:55:27 | 000,000,000 | ---D | C] -- C:\Users\user\Documents\Antho
[2011/04/24 18:53:47 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\Songr
[2011/04/24 18:53:11 | 000,000,000 | ---D | C] -- C:\Program Files\Songr
[2011/04/18 21:33:37 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Roaming\vlc
[2011/04/18 21:33:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
[2011/04/18 21:32:01 | 000,000,000 | ---D | C] -- C:\Program Files\VideoLAN
[2011/04/18 18:22:15 | 000,292,864 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll
[2011/04/18 18:22:15 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll
[2011/04/18 18:22:04 | 001,136,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc42.dll
[2011/04/18 18:22:03 | 001,161,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc42u.dll
[2011/04/18 18:21:49 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dnscacheugc.exe
[2011/04/18 18:21:33 | 000,380,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2011/04/18 18:21:30 | 000,671,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll
[2011/04/18 18:21:30 | 000,230,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll
[2011/04/18 18:21:29 | 000,389,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2011/04/18 18:21:29 | 000,389,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2011/04/18 18:21:29 | 000,193,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2011/04/18 18:21:28 | 001,383,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2011/04/18 18:21:28 | 000,467,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2011/04/18 18:21:28 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieencode.dll
[2011/04/18 18:21:28 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2011/04/18 18:21:21 | 002,040,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2011/04/18 18:21:16 | 000,512,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript.dll
[2011/04/18 18:21:16 | 000,430,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vbscript.dll

========== Files - Modified Within 30 Days ==========

[2011/05/16 20:09:18 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\user\Desktop\OTL.exe
[2011/05/16 19:35:57 | 000,001,052 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011/05/16 19:35:13 | 000,000,000 | ---- | M] () -- C:\Windows\System32\LogConfigTemp.xml
[2011/05/16 19:35:08 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011/05/16 19:35:08 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011/05/16 19:35:03 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/05/16 19:35:01 | 3146,670,080 | -HS- | M] () -- C:\hiberfil.sys
[2011/05/16 19:19:59 | 000,001,056 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011/05/16 18:38:14 | 000,000,069 | ---- | M] () -- C:\Windows\NeroDigital.ini
[2011/05/16 17:29:15 | 000,000,635 | ---- | M] () -- C:\Windows\wininit.ini
[2011/05/16 17:08:03 | 000,001,081 | ---- | M] () -- C:\Users\user\Application Data\Microsoft\Internet Explorer\Quick Launch\Spybot - Search & Destroy.lnk
[2011/05/15 21:48:21 | 000,001,878 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2011/05/15 17:21:39 | 000,001,973 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2011/05/15 13:34:06 | 000,679,042 | ---- | M] () -- C:\Windows\System32\perfh00C.dat
[2011/05/15 13:34:06 | 000,595,996 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011/05/15 13:34:06 | 000,126,626 | ---- | M] () -- C:\Windows\System32\perfc00C.dat
[2011/05/15 13:34:05 | 000,104,070 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011/05/15 13:33:59 | 000,054,784 | ---- | M] () -- C:\Users\user\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/05/15 13:04:37 | 000,000,626 | ---- | M] () -- C:\Users\user\AppData\Roaming\wklnhst.dat
[2011/05/13 20:08:24 | 000,407,161 | ---- | M] () -- C:\Users\user\Documents\Facebook.htm
[2011/05/13 00:37:19 | 000,495,104 | ---- | M] () -- C:\Users\user\Desktop\la radioactivité.wps
[2011/05/12 20:50:14 | 000,048,128 | ---- | M] () -- C:\Users\user\Documents\Document sans titre.wps
[2011/05/11 20:16:59 | 000,000,925 | ---- | M] () -- C:\Users\user\Application Data\Microsoft\Internet Explorer\Quick Launch\Picasa 3.lnk
[2011/05/11 20:16:59 | 000,000,901 | ---- | M] () -- C:\Users\Public\Desktop\Picasa 3.lnk
[2011/05/08 17:38:07 | 000,010,240 | ---- | M] () -- C:\Users\user\Documents\Travail d'histoire.wps
[2011/05/08 16:51:23 | 000,009,728 | ---- | M] () -- C:\Users\user\Documents\Travail de géographie.wps
[2011/05/08 12:24:03 | 000,009,216 | ---- | M] () -- C:\Users\user\FESTIVAL.wps
[2011/04/24 18:53:14 | 000,000,822 | ---- | M] () -- C:\Users\Public\Desktop\Songr.lnk
[2011/04/24 18:52:23 | 004,437,496 | ---- | M] () -- C:\Users\user\Desktop\Songr_1_9_17.zip
[2011/04/20 18:36:57 | 002,234,800 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2011/04/18 21:33:23 | 000,000,861 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk

========== Files Created - No Company Name ==========

[2011/05/16 17:29:05 | 000,000,635 | ---- | C] () -- C:\Windows\wininit.ini
[2011/05/16 17:08:03 | 000,001,081 | ---- | C] () -- C:\Users\user\Application Data\Microsoft\Internet Explorer\Quick Launch\Spybot - Search & Destroy.lnk
[2011/05/15 21:48:21 | 000,001,878 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk
[2011/05/13 20:08:16 | 000,407,161 | ---- | C] () -- C:\Users\user\Documents\Facebook.htm
[2011/05/12 20:50:30 | 000,495,104 | ---- | C] () -- C:\Users\user\Desktop\la radioactivité.wps
[2011/05/11 21:09:22 | 000,048,128 | ---- | C] () -- C:\Users\user\Documents\Document sans titre.wps
[2011/05/11 20:16:59 | 000,000,925 | ---- | C] () -- C:\Users\user\Application Data\Microsoft\Internet Explorer\Quick Launch\Picasa 3.lnk
[2011/05/11 20:16:59 | 000,000,901 | ---- | C] () -- C:\Users\Public\Desktop\Picasa 3.lnk
[2011/05/11 13:31:35 | 000,004,457 | ---- | C] () -- C:\Users\user\Desktop\4926_1154263291776_1083494544_30516642_1493036_s.jpg
[2011/05/11 13:31:17 | 001,708,143 | ---- | C] () -- C:\Users\user\Desktop\019.jpg
[2011/05/08 16:51:23 | 000,009,728 | ---- | C] () -- C:\Users\user\Documents\Travail de géographie.wps
[2011/05/08 16:30:06 | 000,010,240 | ---- | C] () -- C:\Users\user\Documents\Travail d'histoire.wps
[2011/05/08 12:24:03 | 000,009,216 | ---- | C] () -- C:\Users\user\FESTIVAL.wps
[2011/04/25 14:43:41 | 000,000,626 | ---- | C] () -- C:\Users\user\AppData\Roaming\wklnhst.dat
[2011/04/24 18:53:14 | 000,000,834 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Songr.lnk
[2011/04/24 18:53:14 | 000,000,822 | ---- | C] () -- C:\Users\Public\Desktop\Songr.lnk
[2011/04/24 18:52:19 | 004,437,496 | ---- | C] () -- C:\Users\user\Desktop\Songr_1_9_17.zip
[2011/04/18 21:33:23 | 000,000,861 | ---- | C] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2011/03/29 20:03:21 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2011/03/19 22:06:41 | 000,054,784 | ---- | C] () -- C:\Users\user\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/03/07 14:58:22 | 000,000,056 | -H-- | C] () -- C:\Windows\System32\ezsidmv.dat
[2011/03/07 14:58:07 | 000,008,164 | ---- | C] () -- C:\Windows\System32\ezdigsgn.dat
[2011/03/07 14:32:43 | 000,487,424 | ---- | C] () -- C:\Windows\System32\INT15.dll
[2009/01/11 22:59:46 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
[2009/01/11 22:59:33 | 002,192,024 | ---- | C] () -- C:\Windows\System32\igkrng500.bin
[2009/01/11 22:59:33 | 000,147,456 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1527.dll
[2009/01/11 22:59:32 | 000,147,172 | ---- | C] () -- C:\Windows\System32\igfcg550.bin
[2009/01/11 22:59:31 | 000,495,376 | ---- | C] () -- C:\Windows\System32\igcompkrng500.bin
[2009/01/11 15:39:40 | 000,000,209 | ---- | C] () -- C:\Windows\ODBCINST.INI
[2009/01/11 14:37:33 | 000,106,605 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2009/01/11 14:37:33 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2008/01/21 09:23:37 | 000,679,042 | ---- | C] () -- C:\Windows\System32\perfh00C.dat
[2008/01/21 09:23:37 | 000,340,236 | ---- | C] () -- C:\Windows\System32\perfi00C.dat
[2008/01/21 09:23:37 | 000,126,626 | ---- | C] () -- C:\Windows\System32\perfc00C.dat
[2008/01/21 09:23:37 | 000,037,390 | ---- | C] () -- C:\Windows\System32\perfd00C.dat
[2006/11/02 14:53:49 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006/11/02 14:44:53 | 002,234,800 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006/11/02 12:33:01 | 000,595,996 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006/11/02 12:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006/11/02 12:33:01 | 000,104,070 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006/11/02 12:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006/11/02 12:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006/11/02 10:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006/11/02 10:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006/11/02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/11/02 09:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat

========== LOP Check ==========

[2011/03/22 21:28:47 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\DAEMON Tools Lite
[2011/03/20 12:20:27 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\Packard Bell
[2011/03/30 20:49:28 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\PCtuto
[2011/04/25 15:33:55 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\Template
[2011/05/16 19:34:15 | 000,032,562 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



< End of report >

Ok j'ai trouver d'ou sa vient :

Télécharge Ad-Remover (C_XX) sur ton Bureau.
/!\ Déconnecte-toi et ferme toutes applications en cours /!\
Double-cliquez sur AD-R présent sur ton bureau. (Clic droit -> "Exécuter en tant qu'administrateur" pour VISTA et SEVEN
Patiente jusqu'à l'apparition du menu principale. A partir de là, clique sur Scanner. Ont te demandera de confirmer, clique sur Oui et patiente jusqu'à la fin du scan.
!! Laisse Travailler l'outil !!
Une fenêtre contenant le rapport va s'ouvrir, poste moi le rapport dans ta prochaine réponse.
( CTRL+A Pour tout sélectionner , CTRL+C pour copier et CTRL+V pour coller )
Ensuite clique sur Quitter pour fermer Ad-Remover.

Note : Le rapport que Ad-Remover viens de générer se trouve ici : C:\Ad-Report-SCAN

Voila


======= RAPPORT D'AD-REMOVER 2.0.0.2,G | UNIQUEMENT XP/VISTA/7 =======

Mis à jour par TeamXscript le 12/04/11
Contact: AdRemover[DOT]contact[AT]gmail[DOT]com
Site web: http://www.teamxscript.org

C:\Program Files\Ad-Remover\main.exe (SCAN [1]) -> Lancé à 20:42:49 le 16/05/2011, Mode normal

Microsoft® Windows Vista™ Édition Familiale Basique Service Pack 1 (X86)
user@PC-DE-USER (PACKARD BELL BV EasyNote MH36)

============== RECHERCHE ==============


Dossier trouvé: C:\Users\user\AppData\Roaming\PCtuto
Dossier trouvé: C:\Users\user\AppData\Local\EoRezo
Dossier trouvé: C:\Program Files\EoRezo
Dossier trouvé: C:\Users\user\AppData\Local\PCTuto
Dossier trouvé: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PCTuto
Dossier trouvé: C:\Program Files\PCTuto

Clé trouvée: HKLM\Software\Classes\CLSID\{293A63F7-C3B6-423a-9845-901AC0A7EE6E}
Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{293A63F7-C3B6-423a-9845-901AC0A7EE6E}
Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{293A63F7-C3B6-423a-9845-901AC0A7EE6E}
Clé trouvée: HKLM\Software\Classes\CLSID\{C10DC1F4-CCDF-4224-A24D-B23AFC3573C8}
Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C10DC1F4-CCDF-4224-A24D-B23AFC3573C8}
Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C10DC1F4-CCDF-4224-A24D-B23AFC3573C8}
Clé trouvée: HKLM\Software\Classes\Interface\{BFE569F7-646C-4512-969B-9BE3E580D393}
Clé trouvée: HKLM\Software\Classes\Interface\{C8D424EF-CB21-49A0-8659-476FBAB0F8E8}
Clé trouvée: HKLM\Software\Classes\Interface\{DF76E9B7-35EC-46FC-AF56-5B79DED9D64F}
Clé trouvée: HKLM\Software\Classes\TypeLib\{0BF73E27-2734-4F7B-925A-4BBB1457F5FA}
Clé trouvée: HKLM\Software\Classes\TypeLib\{18AF7201-4F14-4BCF-93FE-45617CF259FF}
Clé trouvée: HKLM\Software\Classes\EoEngineBHO.EOBHO
Clé trouvée: HKLM\Software\Classes\EoEngineBHO.EOBHO.1
Clé trouvée: HKLM\Software\Classes\AppID\EoEngineBHO.DLL
Clé trouvée: HKLM\Software\Classes\AppID\{AFBB7970-789A-4264-BA70-E8127DECE400}
Clé trouvée: HKLM\Software\EoRezo
Clé trouvée: HKCU\Software\EoRezo
Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\EoRezo_is1
Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\EoRezo_is1

Valeur trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Run|PCTuto
Valeur trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Run|Eorezo


============== SCAN ADDITIONNEL ==============

**** Internet Explorer Version [7.0.6001.18000] ****

HKCU_Main|Default_Page_URL - hxxp://homepage.packardbell.com/rdr.aspx?b=ACPW&l=040c&s=2&o=vb32&d=0311&m=easynote_mh36
HKCU_Main|First Home Page - hxxp://y.lo.st
HKCU_Main|Search bar - hxxp://www.google.com/ie
HKCU_Main|Search Page - hxxp://www.google.com
HKCU_Main|Start Page - hxxp://y.lo.st
HKLM_Main|Default_Page_URL - hxxp://homepage.packardbell.com/rdr.aspx?b=ACPW&l=040c&s=2&o=vb32&d=0311&m=easynote_mh36
HKLM_Main|Default_Search_URL - hxxp://go.microsoft.com/fwlink/?LinkId=54896
HKLM_Main|Search Page - hxxp://go.microsoft.com/fwlink/?LinkId=54896
HKLM_Main|Start Page - hxxp://homepage.packardbell.com/rdr.aspx?b=ACPW&l=040c&s=2&o=vb32&d=0311&m=easynote_mh36
AboutUrls|Tabs - hxxp://search.babylon.com/?babsrc=NT_ss&mntrId=6cdc2d090000000000000017c4599c16&tlver=1.4.19.19&ss=1&affID=18027
HKCU_SearchScopes\{70D46D94-BF1E-45ED-B567-48701376298E} - "Google Desktop" (hxxp://127.0.0.1:4664/search&s=fCbKa-DjaUnxrvYroAqS9x1FT1M?q={searchTerms})
HKCU_Toolbar\WebBrowser|{32099AAC-C132-4136-9E9A-4E364A424E17} (C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll)
HKLM_Toolbar|{32099AAC-C132-4136-9E9A-4E364A424E17} (C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll)
HKLM_Toolbar|{98889811-442D-49dd-99D7-DC866BE87DBC} (C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbarTlbr.dll) (x)
HKLM_ElevationPolicy\${ELV_GUID} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbarsrv.exe (x)
HKLM_ElevationPolicy\{74351F14-5437-4d87-805B-04D409B09976} - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe (Google)
HKLM_Extensions\{DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - "?" (?)
BHO\{293A63F7-C3B6-423a-9845-901AC0A7EE6E} - "PCTBHO Class" (C:\Program Files\PCTuto\pctutoBHO.dll)
BHO\{2EECD738-5844-4a99-B4B6-146BF802613B} - "CescrtHlpr Object" (C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.19.19\bh\BabylonToolbar.dll) (x)
BHO\{5C255C8A-E604-49b4-9D64-90988571CECB} (?)
BHO\{C10DC1F4-CCDF-4224-A24D-B23AFC3573C8} - "EOBHO Class" (C:\Program Files\EoRezo\EoRezoBHO.dll)

========================================

C:\Program Files\Ad-Remover\Quarantine: 0 Fichier(s)
C:\Program Files\Ad-Remover\Backup: 2 Fichier(s)

C:\Ad-Report-SCAN[1].txt - 16/05/2011 20:42:58 (4819 Octet(s))

Fin à: 20:44:07, 16/05/2011

============== E.O.F ==============

Ok maintenant utilise la fonction " nettoyer " d'ad-remover

Voila, c'est fait et j'ai redémarré mon pc, que fais quoi ensuite ?

Tu as le rapport de AD-R après le nettoyage ?

======= RAPPORT D'AD-REMOVER 2.0.0.2,G | UNIQUEMENT XP/VISTA/7 =======

Mis à jour par TeamXscript le 12/04/11
Contact: AdRemover[DOT]contact[AT]gmail[DOT]com
Site web: http://www.teamxscript.org

C:\Program Files\Ad-Remover\main.exe (CLEAN [1]) -> Lancé à 20:49:51 le 16/05/2011, Mode normal

Microsoft® Windows Vista™ Édition Familiale Basique Service Pack 1 (X86)
user@PC-DE-USER (PACKARD BELL BV EasyNote MH36)

============== ACTION(S) ==============


Dossier supprimé: C:\Users\user\AppData\Roaming\PCtuto
Dossier supprimé: C:\Users\user\AppData\Local\EoRezo
Dossier supprimé: C:\Program Files\EoRezo
Dossier supprimé: C:\Users\user\AppData\Local\PCTuto
Dossier supprimé: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PCTuto
Dossier supprimé: C:\Program Files\PCTuto

(!) -- Fichiers temporaires supprimés.


Clé supprimée: HKLM\Software\Classes\CLSID\{293A63F7-C3B6-423a-9845-901AC0A7EE6E}
Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{293A63F7-C3B6-423a-9845-901AC0A7EE6E}
Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{293A63F7-C3B6-423a-9845-901AC0A7EE6E}
Clé supprimée: HKLM\Software\Classes\CLSID\{C10DC1F4-CCDF-4224-A24D-B23AFC3573C8}
Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C10DC1F4-CCDF-4224-A24D-B23AFC3573C8}
Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C10DC1F4-CCDF-4224-A24D-B23AFC3573C8}
Clé supprimée: HKLM\Software\Classes\Interface\{BFE569F7-646C-4512-969B-9BE3E580D393}
Clé supprimée: HKLM\Software\Classes\Interface\{C8D424EF-CB21-49A0-8659-476FBAB0F8E8}
Clé supprimée: HKLM\Software\Classes\Interface\{DF76E9B7-35EC-46FC-AF56-5B79DED9D64F}
Clé supprimée: HKLM\Software\Classes\TypeLib\{0BF73E27-2734-4F7B-925A-4BBB1457F5FA}
Clé supprimée: HKLM\Software\Classes\TypeLib\{18AF7201-4F14-4BCF-93FE-45617CF259FF}
Clé supprimée: HKLM\Software\Classes\EoEngineBHO.EOBHO
Clé supprimée: HKLM\Software\Classes\EoEngineBHO.EOBHO.1
Clé supprimée: HKLM\Software\Classes\AppID\EoEngineBHO.DLL
Clé supprimée: HKLM\Software\Classes\AppID\{AFBB7970-789A-4264-BA70-E8127DECE400}
Clé supprimée: HKLM\Software\EoRezo
Clé supprimée: HKCU\Software\EoRezo
Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\EoRezo_is1
Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\EoRezo_is1

Valeur supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Run|PCTuto
Valeur supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Run|Eorezo


============== SCAN ADDITIONNEL ==============

**** Internet Explorer Version [7.0.6001.18000] ****

HKCU_Main|Default_Page_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnh...
HKCU_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU_Main|Search bar - hxxp://go.microsoft.com/fwlink/?linkid=54896
HKCU_Main|Start Page - hxxp://fr.msn.com/
HKLM_Main|Default_Page_URL - hxxp://go.microsoft.com/fwlink/?LinkId=54896
HKLM_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM_Main|Search bar - hxxp://search.msn.com/spbasic.htm
HKLM_Main|Search Page - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM_Main|Start Page - hxxp://fr.msn.com/
HKCU_SearchScopes\{70D46D94-BF1E-45ED-B567-48701376298E} - "Google Desktop" (hxxp://127.0.0.1:4664/search&s=fCbKa-DjaUnxrvYroAqS9x1FT1M?q={searchTerms})
HKCU_Toolbar\WebBrowser|{32099AAC-C132-4136-9E9A-4E364A424E17} (C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll)
HKLM_Toolbar|{32099AAC-C132-4136-9E9A-4E364A424E17} (C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll)
HKLM_Toolbar|{98889811-442D-49dd-99D7-DC866BE87DBC} (C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbarTlbr.dll) (x)
HKLM_ElevationPolicy\${ELV_GUID} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbarsrv.exe (x)
HKLM_ElevationPolicy\{74351F14-5437-4d87-805B-04D409B09976} - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe (Google)
HKLM_Extensions\{DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - "?" (?)
BHO\{2EECD738-5844-4a99-B4B6-146BF802613B} - "CescrtHlpr Object" (C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.19.19\bh\BabylonToolbar.dll) (x)
BHO\{5C255C8A-E604-49b4-9D64-90988571CECB} (?)

========================================

C:\Program Files\Ad-Remover\Quarantine: 32 Fichier(s)
C:\Program Files\Ad-Remover\Backup: 17 Fichier(s)

C:\Ad-Report-CLEAN[1].txt - 16/05/2011 20:49:55 (4564 Octet(s))
C:\Ad-Report-SCAN[1].txt - 16/05/2011 20:42:58 (4957 Octet(s))

Fin à: 20:51:18, 16/05/2011

============== E.O.F ==============

Ok donc une dernière procédure :

Télécharge MalwareByte's Anti-Malware :

Installe le programme (aide ici)

Lance-le et met à jour la base de définition.

Choisi ensuite "Exécuter un examen complet" puis "Rechercher"

Sélectionne les disques dur et clique sur "Lancer l'examen"

Laisse l'analyse se faire (cela peut durer longtemps).

A la fin, vérifie que les éléments trouvés soient coché (dans "Résultat de l'examen).

Puis clique sur "Supprimer la sélection" en bas.

Un redémarrage peut être nécessaire.

Un rapport va s'afficher, enregistre-le sur ton bureau.

ou sinon, après le démarrage, il se trouvera dans "Rapports/logs"
• Envoie moi le rapport

C'est presque fini voir meme fini si le rapport ne détecte rien d'autre de suspect  

effectivement ça met du temps!  

Sa fait combien de minutes ?
Ne t'inquiète pas, la désinfection se déroule sans problème  

20 min
Quand tout sera fini , je supprime tout les logitiels ?

Ne t'inquiète pas, c'est la dernière étape de ma désinfection   Mais ne supprime rien pour l'instant

Il a trouver quelques chose ?

D'accord. Par contre, avant de posté mon message d'appel à l'aide. j'ai installer spybot , il m'envoit bcp de demande d'accord, je le desinstalle ?

L'examen se fait toujours, mais il a trouvé 3 éléments infectés

Oui désinstalle le, il sert à rien.
Bon ok donc arrete le puis fait analyse rapide parce que analyse complete dure 1h30 donc laisse tomber. Analyse rapide dure environ 2 min

voici le rapport de la version courte


Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Version de la base de données: 6592

Windows 6.0.6001 Service Pack 1
Internet Explorer 7.0.6001.18000

16/05/2011 22:05:51
mbam-log-2011-05-16 (22-05-51).txt

Type d'examen: Examen rapide
Elément(s) analysé(s): 149221
Temps écoulé: 7 minute(s), 15 seconde(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 3

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
c:\Users\user\downloads\pctuto_353 (1).exe (Trojan.StartPage) -> Quarantined and deleted successfully.
c:\Users\user\downloads\pctuto_353 (2).exe (Trojan.StartPage) -> Quarantined and deleted successfully.
c:\Users\user\downloads\pctuto_353.exe (Trojan.StartPage) -> Quarantined and deleted successfully.

Ok c'est bon, comment se comporte ton PC ?

Et bien pendant tout le processus qui a durée quand même longtemps, je n'ai plus de reçu de pub!  
C'est vraiment hyper gentil de ta part de m'avoir aidé!   Et sauvé mon ordi!

Encore mille fois merci!
Je ferai cette dernière étape demain. Et promis, je le ferai sur tout les messages tellement, je suis contente et je vois remercie!  

De rien   Je suis content de t'avoir pu t'aider  

Il faut encore que tu fasse la dernière étape et tu sera tranquille, il faut suivre la procédure ci-dessus  

# DelFix v7.8 - Rapport créé le 17/05/2011 à 20:55
# Mis à jour le 02/05/11 à 18h par Xplode
# Système d'exploitation : Windows Vista (TM) Home Basic (32 bits) [version 6.0.6001] Service Pack 1
# Nom d'utilisateur : user - PC-DE-USER (Administrateur)
# Exécuté depuis : C:\Users\user\Desktop\DelFix.exe
# Option [Suppression]


~~~~~~ Dossier(s) ~~~~~~

Supprimé : C:\Navilog1
Supprimé : C:\Program Files\Ad-Remover
Supprimé : C:\Program Files\Navilog1

~~~~~~ Fichier(s) ~~~~~~

Supprimé : C:\Ad-Report-CLEAN[1].txt
Supprimé : C:\Ad-Report-SCAN[1].txt
Supprimé : C:\cleannavi.txt
Supprimé : C:\Users\user\Desktop\AD-R.lnk
Supprimé : C:\Users\user\Desktop\Extras.Txt
Supprimé : C:\Users\user\Desktop\OTL.exe
Supprimé : C:\Users\user\Desktop\OTL.Txt
Supprimé : C:\Users\user\Downloads\AD-R.exe.crdownload
Supprimé : C:\Users\user\Downloads\AD-R_2.0.0.2,G.exe.crdownload
Supprimé : C:\Users\user\Downloads\Navilog1.exe

~~~~~~ Registre ~~~~~~

Clé Supprimée : HKCU\SOFTWARE\Ad-Remover
Clé Supprimée : HKLM\Software\OldTimer Tools
Clé Supprimée : HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Ad-Remover

~~~~~~ Autre ~~~~~~

-> Prefetch vidé

########## EOF - "C:\DelFixSuppr.txt" - [1300 octets] ##########

Ok c'est bon, aucun problème. Tu as plus de soucis ?

Non, mais les logitiels sont toujours sur mon pc, comment je peux les déinstallé ?

Comment sa ?
Pour OTL, tu clique dessus puis tu fais purge d'outils et pour malware'bytes tu peux le garder. Delfix, tu clique dessus et tu fais désinstaller

Meilleure réponse sélectionnée par flogil.

Merci  

Encore une dernière question. Je n'arrive pas a désinstaller spybot, que faire ?

Il te dise quoi ? Tu fais ajout et suppression de programmes et sa fonctionne pas ?

Moi aussi j'ai plein de pages de Pub
Je scan avec OTL et après je copie le rapport
Merci de votre aide
Patricia

OTL logfile created on: 06/06/2011 15:02:17 - Run 1
OTL by OldTimer - Version 3.2.23.0 Folder = C:\Documents and Settings\utilisateur 1\Bureau
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

1,37 Gb Total Physical Memory | 0,59 Gb Available Physical Memory | 42,84% Memory free
2,60 Gb Paging File | 1,98 Gb Available in Paging File | 75,99% Paging File free
Paging file location(s): C:\pagefile.sys 0 0 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 68,36 Gb Total Space | 24,87 Gb Free Space | 36,38% Space Free | Partition Type: NTFS
Drive D: | 80,68 Gb Total Space | 52,68 Gb Free Space | 65,29% Space Free | Partition Type: NTFS

Computer Name: PATRICIA | User Name: utilisateur 1 | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/06/06 14:58:49 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\utilisateur 1\Bureau\OTL.exe
PRC - [2011/05/10 14:10:58 | 003,459,712 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2011/05/10 14:10:57 | 000,042,184 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2011/02/24 14:31:48 | 000,671,360 | ---- | M] (Agence-Exclusive) -- C:\Documents and Settings\utilisateur 1\Application Data\Agence-Exclusive\Agence-Exclusive\autoupdater.exe
PRC - [2011/02/24 14:17:32 | 001,035,904 | ---- | M] (PcTuto) -- C:\Program Files\Agence-Exclusive\pctuto.exe
PRC - [2011/02/18 16:37:16 | 000,037,664 | ---- | M] (Apple Inc.) -- C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe
PRC - [2010/10/29 15:49:28 | 000,249,064 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe
PRC - [2009/04/03 18:05:24 | 000,283,360 | ---- | M] () -- C:\Program Files\FunkyEmoticons\FunkyEmoticons.exe
PRC - [2009/03/30 17:28:36 | 001,533,808 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLIDSVC.EXE
PRC - [2009/03/30 17:28:36 | 000,183,152 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLIDSVCM.EXE
PRC - [2008/04/13 19:34:04 | 001,037,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/09/20 16:35:40 | 001,410,344 | ---- | M] (Nero AG) -- C:\Program Files\Fichiers communs\Nero\Lib\NMIndexStoreSvr.exe
PRC - [2007/09/20 16:35:38 | 000,382,248 | ---- | M] (Nero AG) -- C:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe
PRC - [2007/09/20 16:35:10 | 000,202,024 | ---- | M] (Nero AG) -- C:\Program Files\Fichiers communs\Nero\Lib\NMBgMonitor.exe
PRC - [2007/05/21 10:51:10 | 000,135,233 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
PRC - [2007/05/21 10:50:56 | 000,065,605 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
PRC - [2007/05/15 09:53:12 | 000,020,543 | ---- | M] (Apache Software Foundation) -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\Apache.exe
PRC - [2006/11/03 19:20:12 | 000,866,584 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MSASCui.exe
PRC - [2006/11/03 19:19:58 | 000,013,592 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MsMpEng.exe
PRC - [2005/07/21 02:16:28 | 000,192,512 | ---- | M] (Lexmark International, Inc.) -- C:\Program Files\Lexmark 3300 Series\LXCCmon.exe
PRC - [2005/07/06 16:04:20 | 000,466,944 | ---- | M] (Lexmark International, Inc.) -- C:\WINDOWS\system32\lxcccoms.exe


========== Modules (SafeList) ==========

MOD - [2011/06/06 14:58:49 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\utilisateur 1\Bureau\OTL.exe
MOD - [2011/05/10 14:10:55 | 000,199,792 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\snxhk.dll
MOD - [2010/08/23 18:12:39 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
MOD - [2009/04/03 18:05:24 | 000,398,048 | ---- | M] () -- C:\Program Files\FunkyEmoticons\FunkyEmoticonsDll.dll
MOD - [2008/04/13 19:33:40 | 000,124,928 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\oledlg.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- -- (HidServ)
SRV - [2011/05/10 14:10:57 | 000,042,184 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2011/02/18 16:37:16 | 000,037,664 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2011/01/09 14:52:48 | 000,310,640 | ---- | M] (CybelSoft) [On_Demand | Stopped] -- C:\Program Files\ma-config.com\maconfservice.exe -- (maconfservice)
SRV - [2009/03/30 17:28:36 | 001,533,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV - [2008/11/04 02:06:28 | 000,441,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv)
SRV - [2007/09/20 16:35:38 | 000,382,248 | ---- | M] (Nero AG) [On_Demand | Running] -- C:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe -- (NMIndexingService)
SRV - [2007/05/21 10:51:10 | 000,135,233 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe -- (nSvcIp)
SRV - [2007/05/21 10:50:56 | 000,065,605 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe -- (nSvcLog)
SRV - [2007/05/15 09:53:12 | 000,020,543 | ---- | M] (Apache Software Foundation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe -- (ForcewareWebInterface)
SRV - [2006/11/03 19:19:58 | 000,013,592 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV - [2006/10/26 15:03:08 | 000,145,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
SRV - [2005/07/06 16:04:20 | 000,466,944 | ---- | M] (Lexmark International, Inc.) [On_Demand | Running] -- C:\WINDOWS\System32\lxcccoms.exe -- (lxcc_device)
SRV - [2005/04/04 01:41:10 | 000,069,632 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe -- (IDriverT)


========== Driver Services (SafeList) ==========

DRV - [2011/05/10 14:03:54 | 000,441,176 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2011/05/10 14:03:44 | 000,307,928 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2011/05/10 14:02:37 | 000,049,240 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2011/05/10 14:02:25 | 000,102,616 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2011/05/10 13:59:56 | 000,025,432 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2011/05/10 13:59:37 | 000,030,808 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2011/05/10 13:59:35 | 000,019,544 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2010/08/30 12:19:54 | 000,014,336 | ---- | M] (CybelSoft) [Kernel | On_Demand | Stopped] -- C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys -- (driverhardwarev2)
DRV - [2007/10/02 10:32:14 | 004,613,120 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2007/05/21 04:43:12 | 000,019,968 | R--- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus)
DRV - [2007/05/21 04:43:08 | 000,046,080 | R--- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD)
DRV - [2006/10/18 02:31:38 | 000,105,472 | R--- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\nvata.sys -- (nvata)
DRV - [2006/07/01 22:42:58 | 000,043,520 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AmdK8.sys -- (AmdK8)
DRV - [2005/11/02 11:53:40 | 000,215,552 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sis163u.sys -- (SIS163u)
DRV - [2005/08/24 07:39:24 | 000,137,884 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sscdmdm.sys -- (sscdmdm)
DRV - [2005/08/24 07:39:24 | 000,080,272 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sscdbus.sys -- (sscdbus) SAMSUNG USB Composite Device driver (WDM)
DRV - [2005/08/24 07:39:24 | 000,010,864 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sscdmdfl.sys -- (sscdmdfl)
DRV - [2005/04/25 03:57:36 | 000,091,864 | R--- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\P0620Vid.sys -- (PD0620VID)
DRV - [2004/08/11 18:00:00 | 000,005,810 | R--- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ASACPI.sys -- (MTsensor)
DRV - [2001/12/12 21:31:24 | 000,004,608 | ---- | M] (Elaborate Bytes) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ElbyCDFL.sys -- (ElbyCDFL)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.duxet.com/


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-57989841-2025429265-1417001333-1003\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-57989841-2025429265-1417001333-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
IE - HKU\S-1-5-21-57989841-2025429265-1417001333-1003\..\URLSearchHook: {AEEC3B59-CA98-4EBA-A140-57B94E283583} - Reg Error: Key error. File not found
IE - HKU\S-1-5-21-57989841-2025429265-1417001333-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



O1 HOSTS File: ([2002/08/30 14:00:00 | 000,000,790 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (PCTBHO Class) - {293A63F7-C3B6-423a-9845-901AC0A7EE6E} - C:\Program Files\Agence-Exclusive\pctutoBHO.dll (PcTuto)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Programme d'aide de l'Assistant de connexion Windows Live ID) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (no name) - {D3028143-6145-4318-99D3-3EDCE54A95A9} - No CLSID value found.
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKU\S-1-5-21-57989841-2025429265-1417001333-1003\..\Toolbar\WebBrowser: (no name) - {D3028143-6145-4318-99D3-3EDCE54A95A9} - No CLSID value found.
O4 - HKLM..\Run: [Adobe ARM] C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [autoupdater] C:\Documents and Settings\utilisateur 1\Application Data\Agence-Exclusive\Agence-Exclusive\autoupdater.exe (Agence-Exclusive)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [ElbyCheckElbyCDFL] C:\Program Files\Elaborate Bytes\CloneCD\ElbyCheck.exe (Elaborate Bytes)
O4 - HKLM..\Run: [FaxCenterServer] C:\Program Files\Lexmark Fax Solutions\fm3032.exe ()
O4 - HKLM..\Run: [funkyemoticons] C:\Program Files\FunkyEmoticons\FunkyEmoticons.exe ()
O4 - HKLM..\Run: [LXCCCATS] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCCtime.DLL ()
O4 - HKLM..\Run: [lxccmon.exe] C:\Program Files\Lexmark 3300 Series\lxccmon.exe (Lexmark International, Inc.)
O4 - HKLM..\Run: [NBKeyScan] C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe (Nero AG)
O4 - HKLM..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Nero\Lib\NeroCheck.exe (Nero AG)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [pctuto] C:\Program Files\Agence-Exclusive\pctuto.exe (PcTuto)
O4 - HKLM..\Run: [PD0620 STISvc] C:\WINDOWS\System32\P0620Pin.dll (Creative Technology Ltd.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [UserFaultCheck] File not found
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-57989841-2025429265-1417001333-1003..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files\Fichiers communs\Nero\Lib\NMBgMonitor.exe (Nero AG)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-57989841-2025429265-1417001333-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O16 - DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} http://h20270.www2.hp.com/ediags/gmn2/install/HPProduct... (GMNRev Class)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebook.com/controls/2009.07.28_v5.5.8.1... (Facebook Photo Uploader 5 Control)
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} http://fichiers.touslesdrivers.com/maconfig/MaConfig_5_... ("Ma-Config.com control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-wind... (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-wind... (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-wind... (Java Plug-in 1.6.0_24)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/fl... (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} http://gfx1.hotmail.com/mail/w4/pr01/photouploadcontrol... (Windows Live Hotmail Photo Upload Tool)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Fichiers communs\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\khfFVMEX: DllName - khfFVMEX.dll - File not found
O24 - Desktop Components:0 (Ma page d'accueil) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\utilisateur 1\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\utilisateur 1\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {091EB208-39DD-417D-A5DD-7E2C2D8FB9CB} - C:\Program Files\Windows Defender\MpShHook.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008/07/12 11:53:15 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/06/06 14:58:37 | 000,580,096 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\utilisateur 1\Bureau\OTL.exe
[2011/06/06 13:23:13 | 000,222,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MpSigStub.exe
[2011/06/06 13:22:29 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Defender
[2011/06/06 07:41:00 | 000,000,000 | ---D | C] -- C:\WINDOWS\LastGood
[2011/06/05 18:09:52 | 000,404,640 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2011/05/23 09:04:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\iTunes
[2011/05/23 09:04:18 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2011/05/23 09:04:16 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2011/05/11 21:21:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Google
[2011/05/11 21:15:53 | 000,307,928 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2011/05/11 21:15:53 | 000,019,544 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2011/05/11 21:15:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\avast! Free Antivirus
[2011/05/11 21:15:52 | 000,441,176 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys
[2011/05/11 21:15:52 | 000,102,616 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2011/05/11 21:15:52 | 000,096,344 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2011/05/11 21:15:52 | 000,049,240 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2011/05/11 21:15:52 | 000,025,432 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2011/05/11 21:15:51 | 000,030,808 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2011/05/11 21:15:41 | 000,040,112 | ---- | C] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2011/05/11 21:15:40 | 000,199,304 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2011/05/11 21:15:27 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2011/05/11 21:15:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AVAST Software
[2011/05/11 20:46:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\utilisateur 1\Local Settings\Application Data\Agence-Exclusive
[2011/05/11 20:46:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\utilisateur 1\Application Data\Agence-Exclusive
[2011/05/11 20:46:21 | 000,000,000 | ---D | C] -- C:\Program Files\Agence-Exclusive
[4 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/06/06 14:58:49 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\utilisateur 1\Bureau\OTL.exe
[2011/06/06 14:49:41 | 000,000,448 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{40F007FA-834B-40F6-9D38-D6C129FFA9A7}.job
[2011/06/06 13:25:35 | 000,000,330 | -H-- | M] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
[2011/06/06 13:21:38 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/06/06 08:54:01 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2011/06/06 07:40:18 | 000,081,496 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2011/06/06 07:40:07 | 000,000,236 | ---- | M] () -- C:\WINDOWS\tasks\OGALogon.job
[2011/06/06 07:39:54 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/06/05 18:09:52 | 000,404,640 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2011/06/05 14:43:32 | 000,034,494 | ---- | M] () -- C:\Documents and Settings\utilisateur 1\Application Data\wklnhst.dat
[2011/06/02 17:35:38 | 000,000,372 | ---- | M] () -- C:\Documents and Settings\utilisateur 1\Mes documents\spider.sav
[2011/06/02 16:47:31 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2011/05/27 13:32:57 | 000,259,533 | ---- | M] () -- C:\Documents and Settings\utilisateur 1\Bureau\Charly Couleur1.jpg
[2011/05/26 17:35:57 | 000,142,336 | ---- | M] () -- C:\Documents and Settings\utilisateur 1\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/05/26 16:58:36 | 000,000,815 | ---- | M] () -- C:\Documents and Settings\utilisateur 1\Application Data\Microsoft\Internet Explorer\Quick Launch\Démarrer Internet Explorer.lnk
[2011/05/26 16:56:20 | 000,512,628 | ---- | M] () -- C:\WINDOWS\System32\perfh00C.dat
[2011/05/26 16:56:20 | 000,443,588 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011/05/26 16:56:20 | 000,085,834 | ---- | M] () -- C:\WINDOWS\System32\perfc00C.dat
[2011/05/26 16:56:20 | 000,071,846 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011/05/24 19:14:10 | 000,222,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\MpSigStub.exe
[2011/05/21 13:49:59 | 000,000,162 | ---- | M] () -- C:\Documents and Settings\utilisateur 1\default.pls
[2011/05/11 21:15:52 | 000,003,120 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2011/05/10 14:10:59 | 000,040,112 | ---- | M] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2011/05/10 14:10:55 | 000,199,304 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2011/05/10 14:03:54 | 000,441,176 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys
[2011/05/10 14:03:44 | 000,307,928 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2011/05/10 14:02:37 | 000,049,240 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2011/05/10 14:02:25 | 000,102,616 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2011/05/10 14:02:22 | 000,096,344 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2011/05/10 13:59:56 | 000,025,432 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2011/05/10 13:59:37 | 000,030,808 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2011/05/10 13:59:35 | 000,019,544 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[4 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/06/06 13:25:35 | 000,000,330 | -H-- | C] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
[2011/06/06 13:22:31 | 000,001,035 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Windows Defender.lnk
[2011/05/27 13:35:58 | 000,259,533 | ---- | C] () -- C:\Documents and Settings\utilisateur 1\Bureau\Charly Couleur1.jpg
[2011/05/26 16:54:20 | 000,000,815 | ---- | C] () -- C:\Documents and Settings\utilisateur 1\Application Data\Microsoft\Internet Explorer\Quick Launch\Démarrer Internet Explorer.lnk
[2011/02/22 18:15:22 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\LXPRMON.DLL
[2011/02/22 18:15:22 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\LXPMONUI.DLL
[2011/02/22 18:15:22 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\LXPMONRC.DLL
[2011/02/22 18:05:47 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\lxccvs.dll
[2011/02/22 18:05:40 | 000,135,168 | ---- | C] () -- C:\WINDOWS\System32\lxccjswr.dll
[2011/02/22 18:05:40 | 000,102,400 | ---- | C] () -- C:\WINDOWS\System32\lxccinsr.dll
[2011/02/22 18:05:39 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\lxcccur.dll
[2011/02/19 11:51:33 | 000,178,176 | ---- | C] () -- C:\WINDOWS\System32\StellarProfile.dll
[2011/02/19 11:51:33 | 000,000,070 | ---- | C] () -- C:\WINDOWS\spwdrhfa.INI
[2011/01/03 21:24:49 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2010/06/30 08:00:31 | 000,061,440 | ---- | C] () -- C:\WINDOWS\System32\lxcccnv4.dll
[2010/02/15 20:14:41 | 000,000,036 | ---- | C] () -- C:\Documents and Settings\utilisateur 1\Local Settings\Application Data\housecall.guid.cache
[2010/02/15 13:45:44 | 000,000,017 | ---- | C] () -- C:\WINDOWS\Missing.ini
[2009/07/24 12:36:59 | 000,431,555 | ---- | C] () -- C:\Documents and Settings\utilisateur 1\Local Settings\Application Data\bmhuhc_nav.dat
[2009/07/24 12:36:59 | 000,004,120 | ---- | C] () -- C:\Documents and Settings\utilisateur 1\Local Settings\Application Data\bmhuhc.dat
[2009/07/24 12:36:59 | 000,002,043 | ---- | C] () -- C:\Documents and Settings\utilisateur 1\Local Settings\Application Data\bmhuhc_navps.dat
[2009/07/01 19:11:53 | 000,057,424 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2009/06/05 05:43:43 | 000,000,136 | ---- | C] () -- C:\Documents and Settings\utilisateur 1\Local Settings\Application Data\fusioncache.dat
[2009/05/21 19:41:58 | 000,000,400 | ---- | C] () -- C:\WINDOWS\RPCD.ini
[2009/03/18 14:44:12 | 000,000,121 | ---- | C] () -- C:\WINDOWS\bdagent.INI
[2009/02/25 15:27:52 | 000,000,754 | ---- | C] () -- C:\WINDOWS\wordpad.INI
[2009/02/18 11:10:18 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\unWdWu.exe
[2009/02/18 11:10:03 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\unwlsdrv.exe
[2009/02/18 11:10:01 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\wunilog.ini
[2009/01/19 18:24:52 | 000,081,984 | ---- | C] () -- C:\WINDOWS\System32\bdod.bin
[2008/07/29 18:11:59 | 000,000,045 | -H-- | C] () -- C:\WINDOWS\dsez1198.dat
[2008/07/15 11:51:26 | 000,034,494 | ---- | C] () -- C:\Documents and Settings\utilisateur 1\Application Data\wklnhst.dat
[2008/07/15 11:35:56 | 000,000,385 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2008/07/15 10:20:39 | 000,142,336 | ---- | C] () -- C:\Documents and Settings\utilisateur 1\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/07/12 13:44:03 | 000,004,205 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2008/07/12 13:41:24 | 000,298,048 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2008/07/12 12:07:44 | 000,049,152 | R--- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2008/07/12 12:02:39 | 000,001,732 | R--- | C] () -- C:\WINDOWS\System32\drivers\nvphy.bin
[2008/07/12 12:01:21 | 000,017,493 | ---- | C] () -- C:\WINDOWS\Ascd_log.ini
[2008/07/12 12:01:11 | 000,005,810 | R--- | C] () -- C:\WINDOWS\System32\drivers\ASACPI.sys
[2008/07/12 12:01:10 | 000,017,241 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini
[2008/07/12 12:00:56 | 000,012,536 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASUSHWIO.SYS
[2008/07/12 11:55:33 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2008/07/12 11:50:24 | 000,021,892 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2008/04/13 19:50:22 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin
[2006/12/30 19:27:08 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2006/10/31 00:35:00 | 001,662,976 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2006/10/31 00:35:00 | 001,622,016 | ---- | C] () -- C:\WINDOWS\System32\nwiz.exe
[2006/10/31 00:35:00 | 001,470,464 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2006/10/31 00:35:00 | 001,339,392 | ---- | C] () -- C:\WINDOWS\System32\nvdspsch.exe
[2006/10/31 00:35:00 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2006/10/31 00:35:00 | 000,581,632 | ---- | C] () -- C:\WINDOWS\System32\nvhwvid.dll
[2006/10/31 00:35:00 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2006/10/31 00:35:00 | 000,442,368 | ---- | C] () -- C:\WINDOWS\System32\nvappbar.exe
[2006/10/31 00:35:00 | 000,425,984 | ---- | C] () -- C:\WINDOWS\System32\keystone.exe
[2006/10/31 00:35:00 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2006/10/31 00:35:00 | 000,196,608 | ---- | C] () -- C:\WINDOWS\System32\nvapi.dll
[2002/08/30 14:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2002/08/30 14:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2002/08/30 14:00:00 | 000,512,628 | ---- | C] () -- C:\WINDOWS\System32\perfh00C.dat
[2002/08/30 14:00:00 | 000,443,588 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2002/08/30 14:00:00 | 000,322,810 | ---- | C] () -- C:\WINDOWS\System32\perfi00C.dat
[2002/08/30 14:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2002/08/30 14:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2002/08/30 14:00:00 | 000,085,834 | ---- | C] () -- C:\WINDOWS\System32\perfc00C.dat
[2002/08/30 14:00:00 | 000,071,846 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2002/08/30 14:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2002/08/30 14:00:00 | 000,034,108 | ---- | C] () -- C:\WINDOWS\System32\perfd00C.dat
[2002/08/30 14:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2002/08/30 14:00:00 | 000,004,463 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2002/08/30 14:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat

========== LOP Check ==========

[2010/09/01 08:31:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Alwil Software
[2011/05/11 21:15:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVAST Software
[2011/01/23 17:24:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Driver Mender
[2009/01/12 06:44:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\IM
[2009/01/12 06:43:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\IncrediMail
[2011/01/23 17:31:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ma-config.com
[2008/10/31 20:04:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Samsung
[2011/02/19 17:08:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2008/07/20 11:13:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Zylom
[2010/07/26 09:06:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2010/02/01 17:49:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2011/05/11 20:46:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\utilisateur 1\Application Data\Agence-Exclusive
[2009/04/06 16:19:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\utilisateur 1\Application Data\FunkyEmoticons
[2008/10/31 10:22:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\utilisateur 1\Application Data\Template
[2009/02/21 14:11:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\utilisateur 1\Application Data\Windows Search
[2008/07/20 11:13:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\utilisateur 1\Application Data\Zylom
[2011/06/06 13:25:35 | 000,000,330 | -H-- | M] () -- C:\WINDOWS\Tasks\MP Scheduled Scan.job
[2011/06/06 07:40:07 | 000,000,236 | ---- | M] () -- C:\WINDOWS\Tasks\OGALogon.job
[2011/06/06 14:49:41 | 000,000,448 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{40F007FA-834B-40F6-9D38-D6C129FFA9A7}.job

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 304 bytes -> C:\Documents and Settings\utilisateur 1\Bureau\Charly Couleur1.jpg:Updt_SummaryInformation
@Alternate Data Stream - 116 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:3DA1C741

< End of report >

OTL Extras logfile created on: 06/06/2011 15:02:17 - Run 1
OTL by OldTimer - Version 3.2.23.0 Folder = C:\Documents and Settings\utilisateur 1\Bureau
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

1,37 Gb Total Physical Memory | 0,59 Gb Available Physical Memory | 42,84% Memory free
2,60 Gb Paging File | 1,98 Gb Available in Paging File | 75,99% Paging File free
Paging file location(s): C:\pagefile.sys 0 0 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 68,36 Gb Total Space | 24,87 Gb Free Space | 36,38% Space Free | Partition Type: NTFS
Drive D: | 80,68 Gb Total Space | 52,68 Gb Free Space | 65,29% Space Free | Partition Type: NTFS

Computer Name: PATRICIA | User Name: utilisateur 1 | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*

[HKEY_USERS\S-1-5-21-57989841-2025429265-1417001333-1003\SOFTWARE\Classes\<extension>]
.html [@ = htmlfile] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 1
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
"1900:UDP" = 1900:UDP:LocalSubNet isabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet isabled:@xpsp2res.dll,-22008
"3389:TCP" = 3389:TCP:*:Enabled:@xpsp2res.dll,-22009

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"135:TCP" = 135:TCP:*:Enabled:TCP Port 135
"5000:TCP" = 5000:TCP:*:Enabled:TCP Port 5000
"5001:TCP" = 5001:TCP:*:Enabled:TCP Port 5001
"5002:TCP" = 5002:TCP:*:Enabled:TCP Port 5002
"5003:TCP" = 5003:TCP:*:Enabled:TCP Port 5003
"5004:TCP" = 5004:TCP:*:Enabled:TCP Port 5004
"5005:TCP" = 5005:TCP:*:Enabled:TCP Port 5005
"5006:TCP" = 5006:TCP:*:Enabled:TCP Port 5006
"5007:TCP" = 5007:TCP:*:Enabled:TCP Port 5007
"5008:TCP" = 5008:TCP:*:Enabled:TCP Port 5008
"5009:TCP" = 5009:TCP:*:Enabled:TCP Port 5009
"5010:TCP" = 5010:TCP:*:Enabled:TCP Port 5010
"5011:TCP" = 5011:TCP:*:Enabled:TCP Port 5011
"5012:TCP" = 5012:TCP:*:Enabled:TCP Port 5012
"5013:TCP" = 5013:TCP:*:Enabled:TCP Port 5013
"5014:TCP" = 5014:TCP:*:Enabled:TCP Port 5014
"5015:TCP" = 5015:TCP:*:Enabled:TCP Port 5015
"5016:TCP" = 5016:TCP:*:Enabled:TCP Port 5016
"5017:TCP" = 5017:TCP:*:Enabled:TCP Port 5017
"5018:TCP" = 5018:TCP:*:Enabled:TCP Port 5018
"5019:TCP" = 5019:TCP:*:Enabled:TCP Port 5019
"5020:TCP" = 5020:TCP:*:Enabled:TCP Port 5020
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"3389:TCP" = 3389:TCP:*:Enabled:@xpsp2res.dll,-22009
"1958:TCP" = 1958:TCP:*:Enabled:charly
"11749:TCP" = 11749:TCP:LocalSubNet:Enabled:emule_tcp_pat
"11200:UDP" = 11200:UDP:LocalSubNet:Enabled:emule_udp_pat
"4662:TCP" = 4662:TCP:*:Enabled:TCP Port 4662
"4711:TCP" = 4711:TCP:*:Enabled:TCP Port 4711
"4672:UDP" = 4672:UDP:*:Enabled:UDP Port 4672
"48113:TCP" = 48113:TCP:LocalSubNet:Enabled:maconfig_tcp
"48113:UDP" = 48113:UDP:LocalSubNet:Enabled:maconfig_udp

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\Apache.exe" = C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\Apache.exe:*:Enabled:Apache HTTP Server -- (Apache Software Foundation)
"C:\Program Files\IncrediMail\bin\IncMail.exe" = C:\Program Files\IncrediMail\bin\IncMail.exe:* isabled:IncrediMail
"C:\Program Files\IncrediMail\bin\ImpCnt.exe" = C:\Program Files\IncrediMail\bin\ImpCnt.exe:* isabled:IncrediMail
"C:\Program Files\IncrediMail\bin\ImApp.exe" = C:\Program Files\IncrediMail\bin\ImApp.exe:* isabled:IncrediMail
"C:\Program Files\eMule\emule.exe" = C:\Program Files\eMule\emule.exe:*:Enabled:eMule -- (http://www.emule-project.net)
"C:\WINDOWS\system32\lxcccoms.exe" = C:\WINDOWS\system32\lxcccoms.exe:*:Enabled:3300 Series Server -- (Lexmark International, Inc.)
"C:\WINDOWS\system32\spool\drivers\w32x86\3\lxccpswx.exe" = C:\WINDOWS\system32\spool\drivers\w32x86\3\lxccpswx.exe:*:Enabled:3300 Series Printer Status -- ()
"C:\Program Files\Alwil Software\Avast4\ashAvast.exe" = C:\Program Files\Alwil Software\Avast4\ashAvast.exe:*:Enabled:avast! Antivirus
"C:\Program Files\ma-config.com\maconfservice.exe" = C:\Program Files\ma-config.com\maconfservice.exe:LocalSubNet:Enabled:maconfservice -- (CybelSoft)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{08783603-FFD0-479c-9160-E2FA46E62883}" = Mise à niveau de Works
"{0BD83598-C2EF-3343-847B-7D2E84599128}" = Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - FRA
"{10A44844-4465-456E-8C97-80BDD4F68845}" = Assistant de connexion Windows Live ID
"{133742BA-6F46-4D3E-85AF-78631D9AD8B8}" = Installation Windows Live
"{17E57E89-DDB3-4F76-9AF1-A8E01CC633E4}" = Complément Microsoft Word pour Microsoft Works Suite
"{1D14373E-7970-4F2F-A467-ACA4F0EA21E3}" = Google Earth
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6423DE-7959-4178-80E0-023C7EAA5347}" = NVIDIA ForceWare Network Access Manager
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Outil de téléchargement Windows Live
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{26A24AE4-039D-4CA4-87B4-2F83216010FF}" = Java(TM) 6 Update 24
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{350C940c-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3921A67A-5AB1-4E48-9444-C71814CF3027}" = VCRedistSetup
"{3E31821C-7917-367E-938E-E65FC413EA31}" = Microsoft .NET Framework 3.5 Language Pack SP1 - fra
"{3F262ADC-5AD2-48E5-A586-44315E04A9E2}" = Microsoft Picture It! Album 10
"{42756145-9997-4D28-809B-8756BFD00106}" = Microsoft Photo Premium 10
"{445B183D-F4F1-45C8-B9DB-F11355CA657B}" = Windows Live Messenger
"{4629338A-8B55-49BE-B175-CB7F377078C5}" = Mio Transfer
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{5DD76286-9BE7-4894-A990-E905E91AC818}" = Windows Live Mail
"{67E4EE98-59F4-4220-89A6-A20AF5BEC689}" = Microsoft AutoRoute 2005
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{72AD53CC-CCC0-3757-8480-9EE176866A7C}" = Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - FRA
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{77F09242-A107-4CB6-A295-D8656C2C3795}" = Samsung USB Driver (MCCI 4.24)
"{853A4763-6643-4604-8D64-28BDD8925F4C}" = Apple Application Support
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8E5233E1-7495-44FB-8DEB-4BE906D59619}" = Junk Mail filter update
"{90120000-0010-040C-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (French) 12
"{90120000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2007
"{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0015-040C-0000-0000000FF1CE}" = Microsoft Office Access MUI (French) 2007
"{90120000-0015-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-040C-0000-0000000FF1CE}" = Microsoft Office Excel MUI (French) 2007
"{90120000-0016-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-040C-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (French) 2007
"{90120000-0018-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-040C-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (French) 2007
"{90120000-0019-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-040C-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (French) 2007
"{90120000-001A-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-040C-0000-0000000FF1CE}" = Microsoft Office Word MUI (French) 2007
"{90120000-001B-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0401-0000-0000000FF1CE}" = Microsoft Office Proof (Arabic) 2007
"{90120000-001F-0401-0000-0000000FF1CE}_PROPLUS_{14809F99-C601-4D4A-9391-F1E8FAA964C5}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_PROPLUS_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_PROPLUS_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_PROPLUS_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0413-0000-0000000FF1CE}" = Microsoft Office Proof (Dutch) 2007
"{90120000-001F-0413-0000-0000000FF1CE}_PROPLUS_{D66D5A44-E480-4BA4-B4F2-C554F6B30EBB}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_PROPLUS_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-040C-0000-0000000FF1CE}" = Microsoft Office Proofing (French) 2007
"{90120000-0044-040C-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (French) 2007
"{90120000-0044-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-040C-0000-0000000FF1CE}" = Microsoft Office Shared MUI (French) 2007
"{90120000-006E-040C-0000-0000000FF1CE}_PROPLUS_{B165D3C2-40AE-4D39-86F7-E5C87C4264C0}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{901B040C-6000-11D3-8CFE-0050048383C9}" = Microsoft Word 2002
"{90AF040C-6000-11D3-8CFE-0150048383C9}" = Microsoft Office PowerPoint Viewer 2003
"{93665FB0-2A3D-47E1-AB9A-1925130924BB}" = Ma-Config.com
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9C5EB781-0D37-44B8-9A58-77B3E4BF5F5E}" = Windows Live Sync
"{9F7FC79B-3059-4264-9450-39EB368E3225}" = Microsoft Digital Image Library 9 - Blocker
"{A059DE09-1B49-4450-B340-7AE097EC3F04}" = Microsoft Works
"{A06275F4-324B-4E85-95E6-87B2CD729401}" = Windows Defender
"{a0fe116e-9a8a-466f-aee0-625cb7c207e3}" = Microsoft Visual C++ 2005 Redistributable - KB2467175
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A45F4518-0DC7-474A-BBE1-F04CC2D6FD93}" = EasyRecovery Professional Trial
"{AC76BA86-7AD7-1036-7B44-AA0000000001}" = Adobe Reader X (10.0.1) - Français
"{AE3CF174-872C-46C6-B9F6-C0593F3BC7B8}" = Microsoft Office Live Add-in 1.4
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B3B487E7-6171-4376-9074-B28082CEB504}" = Windows Live Call
"{B4649EFB-54CB-42AB-8536-8FED519E1036}" = Nero 8
"{BD3BD375-0E7A-48D0-9117-69A5C7DED63E}" = RollerCoaster Tycoon 2
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{CACAEB5F-174D-4C7C-AC56-A33289A807CA}" = Apple Mobile Device Support
"{CAE7D1D9-3794-4169-B4DD-964ADBC534EE}" = HP Product Detection
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D48C9BFC-FBCF-4F29-B97D-822ED6D497FE}" = SAMSUNG PC Studio 2.0.9
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F59A9E08-A6A4-4ACF-91F2-D0344956C30B}" = iTunes
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"3BEF1AFDE8303306594E2ADA27520E6E700820AE" = Package de pilotes Windows - Advanced Micro Devices (AmdK8) Processor (05/27/2006 1.3.2.0)
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Advanced Video FX Utility" = Utilitaire Effets vidéos avancés
"avast" = avast! Free Antivirus
"CCleaner" = CCleaner (remove only)
"CloneCD" = CloneCD
"Creative PD0620" = Creative WebCam Instant Driver (1.03.02.0425)
"Creative WebCam Center" = Creative WebCam Center
"Digital Image Recovery_is1" = Digital Image Recovery 1.47
"eMule" = eMule
"HijackThis" = HijackThis 2.0.2
"Hotel Mahjong Deluxe" = Hotel Mahjong Deluxe
"ie8" = Windows Internet Explorer 8
"InstallShield_{1F6423DE-7959-4178-80E0-023C7EAA5347}" = NVIDIA ForceWare Network Access Manager
"InstallShield_{77F09242-A107-4CB6-A295-D8656C2C3795}" = Samsung USB Driver (MCCI 4.24)
"InstallShield_{A45F4518-0DC7-474A-BBE1-F04CC2D6FD93}" = EasyRecovery Professional Essai
"InstallShield_{D48C9BFC-FBCF-4F29-B97D-822ED6D497FE}" = SAMSUNG PC Studio 2.0.9
"Lexmark 3300 Series" = Lexmark 3300 Series
"Lexmark Fax Solutions" = Solutions de télécopie Lexmark
"Manuel d'utilisation de Creative WebCam Instant French" = Manuel d'utilisation de Creative WebCam Instant (Français)
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 Language Pack SP1 - fra" = Module linguistique Microsoft .NET Framework 3.5 SP1- fra
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Money2005b" = Microsoft Money
"NVIDIA Drivers" = NVIDIA Drivers
"PcTuto_is1" = PcTuto 1.1
"PhotoFiltre Studio" = PhotoFiltre Studio
"Picasa 3" = Picasa 3
"PictureItPrem_v10" = Microsoft Photo Premium 10
"PROPLUS" = Microsoft Office Professional Plus 2007
"Room Arranger" = Room Arranger (remove only)
"SFR_Kit" = SFR - Kit de connexion
"Shockwave" = Shockwave
"sis163u" = 802.11 USB Wireless LAN Adapter
"Stellar Phoenix Windows Data Recovery-Home_is1" = Stellar Phoenix Windows Data Recovery-Home
"VLC media player" = VideoLAN VLC media player 0.8.6d
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Lecteur Windows Media 11
"WinLiveSuite_Wave3" = Installation Windows Live
"WinRAR archiver" = Archiveur WinRAR
"Wireless LAN Utility" = Wireless LAN Utility
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Works2005Setup" = Sélecteur d'installation de Microsoft Works 2005
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-57989841-2025429265-1417001333-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Notification de cadeaux MSN" = Notification de cadeaux MSN

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 23/04/2011 12:52:01 | Computer Name = PATRICIA | Source = Application Error | ID = 1000
Description = Application défaillante iexplore.exe, version 8.0.6001.18702, module
défaillant Flash10p.ocx, version 10.2.159.1, adresse de défaillance 0x001245b0.

Error - 25/04/2011 09:26:27 | Computer Name = PATRICIA | Source = Application Hang | ID = 1002
Description = Application bloquée QuickTimePlayer.exe, version 7.69.80.9, module
bloqué hungapp, version 0.0.0.0, adresse de blocage 0x00000000.

Error - 04/05/2011 11:50:33 | Computer Name = PATRICIA | Source = Microsoft Office 12 | ID = 1000
Description = Faulting application outlook.exe, version 12.0.6555.5000, stamp 4d66ba2c,
faulting module unknown, version 0.0.0.0, stamp 00000000, debug? 0, fault address
0x3bd138cd.

Error - 07/05/2011 15:36:54 | Computer Name = PATRICIA | Source = Application Hang | ID = 1002
Description = Application bloquée iexplore.exe, version 8.0.6001.18702, module bloqué
hungapp, version 0.0.0.0, adresse de blocage 0x00000000.

Error - 22/05/2011 13:16:01 | Computer Name = PATRICIA | Source = CardSpace 3.0.0.0 | ID = 327937
Description = Une erreur s’est produite lors de l’accès à la collection de cartes.
Détection de falsification sur le répertoire de stockage ou les ACL des fichiers
de stockage. Les paramètres par défaut des ACL sont désormais rétablis. Additional
Information: à System.Environment.GetStackTrace(Exception e, Boolean needFileInfo)

à System.Environment.get_StackTrace() à Microsoft.InfoCards.Diagnostics.InfoCardTrace.BuildMessage(InfoCardBaseException
ie) à Microsoft.InfoCards.Diagnostics.InfoCardTrace.TraceAndLogException(Exception
e) à Microsoft.InfoCards.FileDataSource.LogIfAclsTampered(FileSystemInfo fileSysInfo)

à Microsoft.InfoCards.FileDataSource.OpenOrCreateHelper(FileInfo theFile, FileStream&
fileStream) à Microsoft.InfoCards.FileDataSource.CreateDirAndFiles() à Microsoft.InfoCards.FileDataSource.OnLoad()

à Microsoft.InfoCards.StoreConnection.Load() à Microsoft.InfoCards.StoreConnection.GetConnection(WindowsIdentity
identity, Boolean allowCreate) à Microsoft.InfoCards.StoreConnection.CreateConnection()

à Microsoft.InfoCards.ClientUIRequest.OnInitializeAsUser() à Microsoft.InfoCards.Request.Initialize()

à Microsoft.InfoCards.RequestFactory.CreateClientRequestInstance(UIAgentMonitorHandle
monitorHandle, String reqName, IntPtr rpcHandle, Stream inStream, Stream outStream)

à Microsoft.InfoCards.RequestFactory.ProcessNewRequest(Int32 parentRequestHandle,
IntPtr rpcHandle, IntPtr inArgs, IntPtr& outArgs)

Error - 31/05/2011 02:25:33 | Computer Name = PATRICIA | Source = Application Error | ID = 1000
Description = Application défaillante iexplore.exe, version 8.0.6001.18702, module
défaillant msxml3.dll, version 8.100.1052.0, adresse de défaillance 0x000a1425.

Error - 31/05/2011 02:25:49 | Computer Name = PATRICIA | Source = Application Error | ID = 1001
Description = Détecteur d'erreurs 1993019161.

Error - 04/06/2011 07:28:58 | Computer Name = PATRICIA | Source = Application Error | ID = 1000
Description = Application défaillante iexplore.exe, version 8.0.6001.18702, module
défaillant msxml3.dll, version 8.100.1052.0, adresse de défaillance 0x000a1425.

Error - 05/06/2011 02:27:01 | Computer Name = PATRICIA | Source = Application Hang | ID = 1002
Description = Application bloquée iexplore.exe, version 8.0.6001.18702, module bloqué
hungapp, version 0.0.0.0, adresse de blocage 0x00000000.

Error - 05/06/2011 02:27:11 | Computer Name = PATRICIA | Source = Application Hang | ID = 1001
Description = Détecteur d'erreurs 1180947459.

[ OSession Events ]
Error - 16/07/2009 10:26:51 | Computer Name = PATRICIA | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6504.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 1432
seconds with 1260 seconds of active time. This session ended with a crash.

Error - 01/09/2009 02:46:49 | Computer Name = PATRICIA | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6504.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 12
seconds with 0 seconds of active time. This session ended with a crash.

Error - 01/09/2009 03:05:41 | Computer Name = PATRICIA | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6504.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 3
seconds with 0 seconds of active time. This session ended with a crash.

Error - 29/09/2009 08:03:10 | Computer Name = PATRICIA | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6504.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 4
seconds with 0 seconds of active time. This session ended with a crash.

Error - 06/10/2009 13:25:50 | Computer Name = PATRICIA | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6504.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 3
seconds with 0 seconds of active time. This session ended with a crash.

Error - 08/10/2009 12:54:12 | Computer Name = PATRICIA | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6504.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 11
seconds with 0 seconds of active time. This session ended with a crash.

Error - 13/12/2010 09:53:09 | Computer Name = PATRICIA | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 17
seconds with 0 seconds of active time. This session ended with a crash.

Error - 13/12/2010 09:53:30 | Computer Name = PATRICIA | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 9
seconds with 0 seconds of active time. This session ended with a crash.

Error - 29/03/2011 08:36:49 | Computer Name = PATRICIA | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6550.5003, Microsoft Office Version: 12.0.6425.1000. This session lasted 348
seconds with 0 seconds of active time. This session ended with a crash.

Error - 04/05/2011 11:50:25 | Computer Name = PATRICIA | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6555.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 28
seconds with 0 seconds of active time. This session ended with a crash.

[ System Events ]
Error - 01/06/2011 01:50:46 | Computer Name = PATRICIA | Source = Service Control Manager | ID = 7000
Description = Le service BDVEDISK n'a pas pu démarrer en raison de l'erreur : %%2

Error - 02/06/2011 03:28:29 | Computer Name = PATRICIA | Source = Service Control Manager | ID = 7000
Description = Le service BDVEDISK n'a pas pu démarrer en raison de l'erreur : %%2

Error - 02/06/2011 08:13:44 | Computer Name = PATRICIA | Source = Service Control Manager | ID = 7000
Description = Le service BDVEDISK n'a pas pu démarrer en raison de l'erreur : %%2

Error - 02/06/2011 13:50:16 | Computer Name = PATRICIA | Source = Service Control Manager | ID = 7000
Description = Le service BDVEDISK n'a pas pu démarrer en raison de l'erreur : %%2

Error - 03/06/2011 04:14:04 | Computer Name = PATRICIA | Source = Service Control Manager | ID = 7000
Description = Le service BDVEDISK n'a pas pu démarrer en raison de l'erreur : %%2

Error - 04/06/2011 04:06:40 | Computer Name = PATRICIA | Source = Service Control Manager | ID = 7000
Description = Le service BDVEDISK n'a pas pu démarrer en raison de l'erreur : %%2

Error - 04/06/2011 13:57:37 | Computer Name = PATRICIA | Source = Service Control Manager | ID = 7000
Description = Le service BDVEDISK n'a pas pu démarrer en raison de l'erreur : %%2

Error - 05/06/2011 02:25:35 | Computer Name = PATRICIA | Source = Service Control Manager | ID = 7000
Description = Le service BDVEDISK n'a pas pu démarrer en raison de l'erreur : %%2

Error - 05/06/2011 12:08:33 | Computer Name = PATRICIA | Source = Service Control Manager | ID = 7000
Description = Le service BDVEDISK n'a pas pu démarrer en raison de l'erreur : %%2

Error - 06/06/2011 01:40:14 | Computer Name = PATRICIA | Source = Service Control Manager | ID = 7000
Description = Le service BDVEDISK n'a pas pu démarrer en raison de l'erreur : %%2


< End of report >

Patbour, tu te créé ton propre topic et pas sur celui ci (toujours dans cette section du forum) et je viens tout de suite étudier ton cas