Assiste.Forums

[marigado]

Bonjour ,

Mon PC a des lenteurs et des occupations totale de l'UC pendant de longs moments.
Ci-joint le rapport malwarebytes

Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Version de la base de données: 5382

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

23/12/2010 11:55:21
mbam-log-2010-12-23 (11-55-21).txt

Type d'examen: Examen rapide
Elément(s) analysé(s): 138328
Temps écoulé: 7 minute(s), 43 seconde(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 0

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
(Aucun élément nuisible détecté)

[marigado]

Suite :

OTL logfile created on: 23/12/2010 12:02:07 - Run 1
OTL by OldTimer - Version 3.2.18.0 Folder = C:\Documents and Settings\paul\Bureau
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

1 023,00 Mb Total Physical Memory | 665,00 Mb Available Physical Memory | 65,00% Memory free
2,00 Gb Paging File | 2,00 Gb Available in Paging File | 88,00% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 114,49 Gb Total Space | 67,41 Gb Free Space | 58,88% Space Free | Partition Type: NTFS

Computer Name: GADONNA | User Name: paul | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2010/12/23 10:30:17 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\paul\Bureau\OTL.exe
PRC - [2010/12/14 19:09:29 | 000,267,944 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2010/08/17 13:39:03 | 000,135,336 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2010/08/17 13:38:55 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2010/01/14 22:11:14 | 000,076,968 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
PRC - [2009/03/31 08:39:36 | 000,233,472 | ---- | M] (Teruten) -- C:\WINDOWS\system32\FsUsbExService.Exe
PRC - [2008/04/14 03:34:03 | 001,037,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2005/07/19 17:32:18 | 000,221,184 | ---- | M] (Logitech Inc.) -- C:\WINDOWS\system32\LVCOMSX.EXE
PRC - [2004/08/23 13:49:56 | 000,040,960 | ---- | M] (France Telecom) -- C:\WINDOWS\system32\FTRTSVC.exe
PRC - [2004/06/15 01:12:00 | 000,127,031 | ---- | M] (Network Associates, Inc.) -- C:\Program Files\Network Associates\Common Framework\naPrdMgr.exe
PRC - [2004/06/15 01:12:00 | 000,102,463 | ---- | M] (Network Associates, Inc.) -- C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
PRC - [2004/05/10 20:44:24 | 000,151,597 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe


========== Modules (SafeList) ==========

MOD - [2010/12/23 10:30:17 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\paul\Bureau\OTL.exe
MOD - [2010/08/23 17:12:39 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
MOD - [2006/05/03 22:53:54 | 000,174,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\framedyn.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- C:\WINDOWS\System32\hidserv.dll -- (HidServ)
SRV - File not found [Auto | Stopped] -- C:\Program Files\Creative\Shared Files\CTDevSrv.exe -- (CTDevice_Srv)
SRV - File not found [On_Demand | Stopped] -- C:\WINDOWS\System32\appmgmts.dll -- (AppMgmt)
SRV - [2010/12/14 19:09:29 | 000,267,944 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2010/09/01 14:51:28 | 000,066,112 | ---- | M] (NOS Microsystems Ltd.) [On_Demand | Stopped] -- C:\Program Files\NOS\bin\getPlus_Helper_3004.dll -- (nosGetPlusHelper) getPlus(R)
SRV - [2010/08/17 13:39:03 | 000,135,336 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2010/06/23 12:52:56 | 002,435,592 | ---- | M] (Check Point Software Technologies LTD) [Auto | Stopped] -- C:\WINDOWS\System32\ZoneLabs\vsmon.exe -- (vsmon)
SRV - [2009/12/17 16:36:24 | 000,067,360 | ---- | M] (NOS Microsystems Ltd.) [On_Demand | Stopped] -- C:\Program Files\NOS\bin\getPlus_Helper.dll -- (getPlusHelper) getPlus(R)
SRV - [2009/03/31 08:39:36 | 000,233,472 | ---- | M] (Teruten) [Auto | Running] -- C:\WINDOWS\system32\FsUsbExService.Exe -- (FsUsbExService)
SRV - [2008/04/07 08:17:30 | 000,430,592 | ---- | M] (Nokia.) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2004/08/23 13:49:56 | 000,040,960 | ---- | M] (France Telecom) [Auto | Running] -- C:\WINDOWS\system32\FTRTSVC.exe -- (FTRTSVC)
SRV - [2004/06/15 01:12:00 | 000,102,463 | ---- | M] (Network Associates, Inc.) [Auto | Running] -- C:\Program Files\Network Associates\Common Framework\FrameworkService.exe -- (McAfeeFramework)
SRV - [2003/07/28 11:28:22 | 000,089,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE -- (ose)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | Boot | Stopped] -- C:\WINDOWS\System32\DRIVERS\viaagp1.sys -- (viaagp1)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\PCAMPR5.SYS -- (PCAMPR5)
DRV - [2010/12/14 19:09:40 | 000,135,096 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb)
DRV - [2010/12/14 19:09:38 | 000,061,960 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2010/05/13 09:02:32 | 000,532,224 | ---- | M] (Check Point Software Technologies LTD) [Kernel | System | Running] -- C:\WINDOWS\system32\vsdatant.sys -- (vsdatant)
DRV - [2009/03/31 08:39:36 | 000,036,608 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\FsUsbExDisk.Sys -- (FsUsbExDisk)
DRV - [2009/03/20 09:01:26 | 000,121,856 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_bmdm.sys -- (ss_bmdm)
DRV - [2009/03/20 09:01:26 | 000,090,112 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_bbus.sys -- (ss_bbus) SAMSUNG USB Mobile Device (WDM)
DRV - [2009/03/20 09:01:26 | 000,014,976 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_bmdfl.sys -- (ss_bmdfl) SAMSUNG USB Mobile Modem (Filter)
DRV - [2008/09/24 10:40:22 | 004,122,368 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\alcxwdm.sys -- (ALCXWDM) Service for Realtek AC97 Audio (WDM)
DRV - [2008/04/13 19:45:29 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum)
DRV - [2008/04/13 19:45:12 | 000,060,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\usbaudio.sys -- (usbaudio) Pilote USB audio (WDM)
DRV - [2007/09/17 14:53:26 | 000,021,632 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2006/10/22 12:22:00 | 003,994,624 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2006/07/24 16:05:00 | 000,005,632 | ---- | M] () [File_System | System | Running] -- C:\WINDOWS\System32\drivers\StarOpen.sys -- (StarOpen)
DRV - [2006/05/04 17:50:20 | 000,114,616 | ---- | M] (Analog Devices Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\e4usbaw.sys -- (e4usbaw)
DRV - [2006/03/02 18:25:04 | 000,063,555 | ---- | M] (Analog Deivces) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\e4ldr.sys -- (IKANLOADER2) General Purpose USB Driver (e4ldr.sys)
DRV - [2005/05/27 09:32:52 | 001,317,152 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\lvcm.sys -- (QCMerced)
DRV - [2005/05/27 09:31:28 | 000,022,016 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LVUSBSta.sys -- (LVUSBSta)
DRV - [2003/08/04 15:22:44 | 000,016,128 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\PCANDIS5.SYS -- (PCANDIS5)
DRV - [2002/09/06 14:02:38 | 000,743,136 | R--- | M] (THOMSON multimedia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\alcaudsl.sys -- (alcaudsl)
DRV - [2002/06/06 11:14:32 | 000,053,168 | ---- | M] (THOMSON multimedia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\alcan5wn.sys -- (alcan5wn) Alcatel SpeedTouch USB ADSL PPP Networking Driver (NDISWAN)
DRV - [2001/08/17 22:00:04 | 000,002,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\msmpu401.sys -- (ms_mpu401)
DRV - [2001/08/17 21:57:16 | 000,045,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\cirrus.sys -- (cirrus)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========



IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-1123561945-1343024091-482737459-1004\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKU\S-1-5-21-1123561945-1343024091-482737459-1004\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
IE - HKU\S-1-5-21-1123561945-1343024091-482737459-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr
IE - HKU\S-1-5-21-1123561945-1343024091-482737459-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://fr.msn.com/?ocid=iehp
IE - HKU\S-1-5-21-1123561945-1343024091-482737459-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = fr
IE - HKU\S-1-5-21-1123561945-1343024091-482737459-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = F0 6F D7 87 C6 48 CA 01 [binary data]
IE - HKU\S-1-5-21-1123561945-1343024091-482737459-1004\..\URLSearchHook: {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\Wanadoo\SearchPageURL.dll ()
IE - HKU\S-1-5-21-1123561945-1343024091-482737459-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1123561945-1343024091-482737459-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" =
IE - HKU\S-1-5-21-1123561945-1343024091-482737459-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" =



O1 HOSTS File: ([2008/12/08 22:35:12 | 000,293,750 | R--- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 babe.the-killer.bz
O1 - Hosts: 127.0.0.1 babe.k-lined.com
O1 - Hosts: 127.0.0.1 did.i-used.cc
O1 - Hosts: 127.0.0.1 coolwwwsearch.com
O1 - Hosts: 127.0.0.1 coolwebsearch.com
O1 - Hosts: 127.0.0.1 hi.studioaperto.net
O1 - Hosts: 127.0.0.1 www.webbrowser.tv
O1 - Hosts: 127.0.0.1 www.wazzupnet.com
O1 - Hosts: 127.0.0.1 gueb.com
O1 - Hosts: 127.0.0.1 kabex.com
O1 - Hosts: 127.0.0.1 www.hityou.com
O1 - Hosts: 127.0.0.1 miosearch.com
O1 - Hosts: 127.0.0.1 wazzupnet.com
O1 - Hosts: 127.0.0.1 213.131.225.2
O1 - Hosts: 127.0.0.1 www.blue-elefant.com
O1 - Hosts: 127.0.0.1 babeweb.de
O1 - Hosts: 127.0.0.1 start-seite.com
O1 - Hosts: 127.0.0.1 sexolymp.com
O1 - Hosts: 127.0.0.1 toriii.cc
O1 - Hosts: 127.0.0.1 www.xtipp.de
O1 - Hosts: 127.0.0.1 urawa.cool.ne.jp
O1 - Hosts: 127.0.0.1 777search.com
O1 - Hosts: 127.0.0.1 ace-webmaster.com
O1 - Hosts: 127.0.0.1 aifind.info
O1 - Hosts: 10159 more lines...
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Programme d'aide de l'Assistant de connexion Windows Live) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\4.1.805.4472\swg.dll (Google Inc.)
O3 - HKU\S-1-5-21-1123561945-1343024091-482737459-1004\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [Cmaudio] File not found
O4 - HKLM..\Run: [Ghost Relay] C:\WINDOWS\system32\)))W,,),,),),.exe (keir.net)
O4 - HKLM..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE (Logitech Inc.)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [ZoneAlarm Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe (Check Point Software Technologies LTD)
O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideLegacyLogonScripts = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideLogoffScripts = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: RunLogonScriptSync = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: RunStartupScriptSync = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideStartupScripts = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1123561945-1343024091-482737459-1004\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1123561945-1343024091-482737459-1004\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\S-1-5-21-1123561945-1343024091-482737459-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 95 00 00 00 [binary data]
O7 - HKU\S-1-5-21-1123561945-1343024091-482737459-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideLegacyLogonScripts = 0
O7 - HKU\S-1-5-21-1123561945-1343024091-482737459-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideLogoffScripts = 0
O7 - HKU\S-1-5-21-1123561945-1343024091-482737459-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: RunLogonScriptSync = 1
O7 - HKU\S-1-5-21-1123561945-1343024091-482737459-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: RunStartupScriptSync = 1
O7 - HKU\S-1-5-21-1123561945-1343024091-482737459-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideStartupScripts = 0
O9 - Extra 'Tools' menuitem : Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\npjpi160_22.dll (Sun Microsystems, Inc.)
O15 - HKU\S-1-5-21-1123561945-1343024091-482737459-1004\..Trusted Domains: ([]msn in My Computer)
O15 - HKU\S-1-5-21-1123561945-1343024091-482737459-1004\..Trusted Domains: D: ([]file in Trusted sites)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shoc ... tor/sw.cab (Reg Error: Key error.)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/ ... ontrol.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} http://catalog.update.microsoft.com/v7/ ... 5765668356 (MUCatalogWebControl Class)
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} http://download.divx.com/player/DivXBrowserPlugin.cab (DivXBrowserPlugin Object)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.microsoft.com/microso ... 3256217674 (MUWebControl Class)
O16 - DPF: {745395C8-D0E1-4227-8586-624CA9A10A8D} http://217.128.151.33/activex/AMC.cab (Reg Error: Key error.)
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} http://fichiers.touslesdrivers.com/maco ... _0_1_3.cab (Reg Error: Key error.)
O16 - DPF: {88764F69-3831-4EC1-B40B-FF21D8381345} https://static.impots.gouv.fr/tdir/stat ... DP-1.1.cab (AdVerifierADPCtrl Class)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/fl ... rashim.cab (Reg Error: Key error.)
O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} http://198.165.92.244/activex/AxisCamControl.cab (CamImage Class)
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} http://game05.zylom.com/activex/zylomgamesplayer.cab (Zylom Games Player)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} http://wwwimages.adobe.com/www.adobe.co ... nos/gp.cab (get_atlcom Class)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab (Shockwave Flash Object)
O16 - DPF: {DE625294-70E6-45ED-B895-CFFA13AEB044} http://camera1.mairie-brest.fr/activex/AMC.cab (AxisMediaControlEmb Class)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (get_atlcom Class)
O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} http://gfx1.hotmail.com/mail/w4/m3/phot ... NPUpld.cab (Windows Live Hotmail Photo Upload Tool)
O16 - DPF: {E8F628B5-259A-4734-97EE-BA914D7BE941} http://driveragent.com/files/driveragent.cab (Driver Agent ActiveX Control)
O16 - DPF: DirectAnimation Java Classes file://C:\WINDOWS\Java\classes\dajava.cab (Reg Error: Key error.)
O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - CLSID or File not found.
O24 - Desktop Components:0 (Ma page d'accueil) - About:Home
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2003/12/18 19:19:43 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{21c10f85-ce21-11de-a3c9-4d6564696130}\Shell\AutoRun\command - "" = F:\EmDesk.exe -- File not found
O33 - MountPoints2\{21c10f85-ce21-11de-a3c9-4d6564696130}\Shell\EmDesk\command - "" = F:\EmDesk.exe -- File not found
O33 - MountPoints2\{cdd7d315-8fb9-11dd-9f89-4d6564696130}\Shell - "" = AutoRun
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: AppMgmt - C:\WINDOWS\System32\appmgmts.dll File not found
NetSvcs: HidServ - C:\WINDOWS\System32\hidserv.dll File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

CREATERESTOREPOINT
Restore point Set: OTL Restore Point (16902109354000384)

========== Files/Folders - Created Within 30 Days ==========

[2010/12/23 11:32:56 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010/12/23 11:32:51 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010/12/23 10:55:32 | 000,000,000 | ---D | C] -- C:\Program Files\ERUNT
[2010/12/23 10:49:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\paul\Bureau\erunt-loc_fr
[2010/12/23 10:47:11 | 000,791,393 | ---- | C] (Lars Hederer ) -- C:\Documents and Settings\paul\Bureau\erunt-setup.exe
[2010/12/23 10:35:13 | 006,153,352 | ---- | C] (Malwarebytes Corporation ) -- C:\Documents and Settings\paul\Bureau\mbam-setup.exe
[2010/12/23 10:30:06 | 000,602,624 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\paul\Bureau\OTL.exe
[2010/12/15 10:15:22 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ndproxy.sys
[2010/12/15 10:12:13 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wab.exe
[2010/12/02 21:41:59 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\paul\Recent
[2010/11/30 11:04:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\paul\Application Data\Avira
[2010/11/30 11:04:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Avira
[2010/11/30 11:04:38 | 000,000,000 | ---D | C] -- C:\Program Files\Avira
[2010/11/30 10:59:49 | 000,000,000 | ---D | C] -- C:\Program Files\Zone Labs
[2010/11/30 10:59:46 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ZoneLabs
[2010/11/30 10:59:46 | 000,000,000 | ---D | C] -- C:\WINDOWS\Internet Logs
[2010/11/30 10:40:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ZoneLabs(2)
[2010/11/30 10:39:47 | 000,000,000 | ---D | C] -- C:\Program Files\Zone Labs(2)
[2010/11/30 10:35:19 | 000,000,000 | ---D | C] -- C:\WINDOWS\Internet Logs(2)
[2010/11/29 16:07:45 | 000,000,000 | ---D | C] -- C:\Program Files\Avira(2)
[2010/11/29 16:07:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Avira(2)
[2005/09/09 22:04:41 | 002,149,327 | ---- | C] (MimarSinan International) -- C:\Program Files\SudokuSetup.exe
[1998/12/04 06:00:00 | 001,005,568 | ---- | C] (Nico Mak Computing, Inc.) -- C:\Program Files\WINZIP32.EXE
[1998/12/04 06:00:00 | 000,265,216 | ---- | C] (Nico Mak Computing, Inc.) -- C:\Program Files\WZ32.DLL
[1998/12/04 06:00:00 | 000,212,480 | ---- | C] (Nico Mak Computing, Inc.) -- C:\Program Files\WZSEPE32.EXE
[1998/12/04 06:00:00 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\Program Files\WZCAB.DLL
[1998/12/04 06:00:00 | 000,020,992 | ---- | C] (Nico Mak Computing, Inc.) -- C:\Program Files\WZCAB2.DLL
[6 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010/12/23 11:38:00 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010/12/23 11:32:59 | 000,000,696 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Malwarebytes' Anti-Malware.lnk
[2010/12/23 11:32:00 | 006,153,352 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\paul\Bureau\mbam-setup.exe
[2010/12/23 11:22:01 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/12/23 11:21:54 | 000,088,566 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2010/12/23 11:21:17 | 000,000,310 | ---- | M] () -- C:\WINDOWS\tasks\GlaryInitialize.job
[2010/12/23 11:21:14 | 000,000,878 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010/12/23 11:20:50 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/12/23 11:20:47 | 1073,270,784 | -HS- | M] () -- C:\hiberfil.sys
[2010/12/23 10:48:08 | 000,005,024 | ---- | M] () -- C:\Documents and Settings\paul\Bureau\erunt-loc_fr.zip
[2010/12/23 10:47:22 | 000,791,393 | ---- | M] (Lars Hederer ) -- C:\Documents and Settings\paul\Bureau\erunt-setup.exe
[2010/12/23 10:39:39 | 000,002,531 | ---- | M] () -- C:\Documents and Settings\paul\Bureau\Microsoft Excel.lnk
[2010/12/23 10:30:47 | 000,000,383 | ---- | M] () -- C:\Documents and Settings\paul\Bureau\scan.zip
[2010/12/23 10:30:17 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\paul\Bureau\OTL.exe
[2010/12/22 14:48:00 | 000,000,492 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Daily 4).job
[2010/12/22 11:42:48 | 000,092,043 | ---- | M] () -- C:\Documents and Settings\paul\Mes documents\IMG_0492pic_epeiche1[1].jpg
[2010/12/20 18:09:00 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010/12/20 18:08:40 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010/12/19 21:33:14 | 000,000,216 | RHS- | M] () -- C:\boot.ini
[2010/12/19 20:48:00 | 000,000,492 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Daily 1).job
[2010/12/18 10:36:29 | 000,002,551 | ---- | M] () -- C:\Documents and Settings\paul\Bureau\Microsoft Word.lnk
[2010/12/15 21:55:30 | 000,152,384 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/12/15 11:39:36 | 000,001,393 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010/12/14 19:09:40 | 000,135,096 | ---- | M] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avipbb.sys
[2010/12/14 19:09:38 | 000,061,960 | ---- | M] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntflt.sys
[2010/12/08 12:14:57 | 000,177,664 | ---- | M] () -- C:\Documents and Settings\paul\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/12/02 21:41:04 | 000,000,682 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\CCleaner.lnk
[2010/12/02 20:48:00 | 000,000,492 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2010/11/30 11:51:44 | 000,426,780 | ---- | M] () -- C:\WINDOWS\System32\vsconfig.xml
[2010/11/30 10:41:18 | 000,004,212 | -H-- | M] () -- C:\WINDOWS\System32\zllictbl.dat
[6 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/12/23 11:32:59 | 000,000,696 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Malwarebytes' Anti-Malware.lnk
[2010/12/23 10:48:08 | 000,005,024 | ---- | C] () -- C:\Documents and Settings\paul\Bureau\erunt-loc_fr.zip
[2010/12/23 10:30:36 | 000,000,383 | ---- | C] () -- C:\Documents and Settings\paul\Bureau\scan.zip
[2010/12/22 11:43:15 | 000,092,043 | ---- | C] () -- C:\Documents and Settings\paul\Mes documents\IMG_0492pic_epeiche1[1].jpg
[2010/12/15 11:35:19 | 000,001,393 | ---- | C] () -- C:\WINDOWS\imsins.BAK
[2010/12/02 21:41:04 | 000,000,682 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\CCleaner.lnk
[2010/11/30 11:51:20 | 1073,270,784 | -HS- | C] () -- C:\hiberfil.sys
[2010/11/30 10:40:47 | 000,426,780 | ---- | C] () -- C:\WINDOWS\System32\vsconfig.xml
[2010/09/07 09:25:45 | 000,000,168 | ---- | C] () -- C:\WINDOWS\adidsl.ini
[2010/09/07 09:25:45 | 000,000,021 | ---- | C] () -- C:\WINDOWS\Fast800.ini
[2010/09/07 09:25:35 | 000,126,976 | ---- | C] () -- C:\WINDOWS\System32\coclassfast.dll
[2010/09/07 09:25:34 | 000,046,892 | ---- | C] () -- C:\WINDOWS\System32\ADADIX16.DLL
[2010/06/02 15:24:01 | 000,000,762 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\hpzinstall.log
[2010/05/06 09:15:13 | 000,002,528 | ---- | C] () -- C:\Documents and Settings\paul\Application Data\$_hpcst$.hpc
[2010/05/06 09:12:39 | 000,111,104 | ---- | C] () -- C:\Program Files\1036.MST
[2010/05/06 09:12:39 | 000,016,046 | ---- | C] () -- C:\Program Files\0x040c.ini
[2010/05/06 09:12:36 | 097,979,392 | ---- | C] () -- C:\Program Files\Samsung New PC Studio.msi
[2010/01/04 12:22:44 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll
[2009/11/02 23:58:40 | 000,000,256 | ---- | C] () -- C:\WINDOWS\_delis32.ini
[2009/02/26 14:38:29 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\LauncherAccess.dt
[2008/12/15 14:38:54 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\FsUsbExDevice.Dll
[2008/12/15 14:38:54 | 000,036,608 | ---- | C] () -- C:\WINDOWS\System32\FsUsbExDisk.Sys
[2008/12/09 14:24:29 | 000,000,082 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2008/11/21 22:47:52 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2008/11/21 22:44:16 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\DivXWMPExtType.dll
[2008/04/06 16:56:30 | 000,005,632 | ---- | C] () -- C:\WINDOWS\System32\CNMVS45.DLL
[2007/10/25 17:26:10 | 000,005,632 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys
[2007/04/05 20:33:20 | 000,021,904 | ---- | C] () -- C:\WINDOWS\System32\imsinstall_loc040c.dll
[2007/04/05 20:33:20 | 000,017,808 | ---- | C] () -- C:\WINDOWS\System32\imslsp_install_loc040c.dll
[2006/10/22 12:22:00 | 001,662,976 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2006/10/22 12:22:00 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2006/10/22 12:22:00 | 000,581,632 | ---- | C] () -- C:\WINDOWS\System32\nvhwvid.dll
[2006/10/22 12:22:00 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2006/10/22 12:22:00 | 000,212,992 | ---- | C] () -- C:\WINDOWS\System32\nvapi.dll
[2006/07/02 09:12:29 | 000,796,584 | ---- | C] () -- C:\WINDOWS\System32\libeay32_0.9.6l.dll
[2006/06/22 22:01:12 | 000,240,640 | ---- | C] () -- C:\WINDOWS\System32\NMOCOD.DLL
[2006/01/17 21:29:17 | 000,000,287 | ---- | C] () -- C:\WINDOWS\System32\ML.DLL
[2005/09/26 20:41:05 | 000,058,904 | ---- | C] () -- C:\WINDOWS\System32\is4tray.dll
[2005/09/21 20:19:12 | 000,000,146 | ---- | C] () -- C:\WINDOWS\HandySnap.INI
[2005/09/19 06:00:34 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\sirenacm(2).dll
[2005/06/21 20:56:20 | 011,009,848 | ---- | C] () -- C:\Program Files\Livecom.exe
[2005/01/29 10:02:26 | 000,000,040 | ---- | C] () -- C:\WINDOWS\R3Toy.ini
[2005/01/04 16:04:53 | 000,000,112 | ---- | C] () -- C:\WINDOWS\ActiveSkin.INI
[2004/10/30 17:39:15 | 000,009,255 | ---- | C] () -- C:\WINDOWS\System32\lvcoinst.ini
[2004/10/30 17:39:12 | 001,317,152 | ---- | C] () -- C:\WINDOWS\System32\drivers\lvcm.sys
[2004/09/27 20:54:27 | 012,326,056 | ---- | C] () -- C:\Program Files\QuickTimeFullInstaller.exe
[2004/09/13 21:08:47 | 000,016,947 | ---- | C] () -- C:\WINDOWS\System32\lsrc.dll
[2004/06/26 14:32:23 | 000,001,246 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2004/05/22 13:20:50 | 000,000,113 | ---- | C] () -- C:\WINDOWS\photoimpression.ini
[2004/05/22 13:20:50 | 000,000,029 | ---- | C] () -- C:\WINDOWS\videoimp.ini
[2004/05/22 13:20:42 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\vidx16.dll
[2004/05/22 13:16:03 | 000,000,000 | ---- | C] () -- C:\WINDOWS\OPPRIN~1.INI
[2004/01/01 11:29:38 | 000,177,664 | ---- | C] () -- C:\Documents and Settings\paul\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2003/12/23 22:07:15 | 000,000,064 | ---- | C] () -- C:\Documents and Settings\paul\Application Data\dm.ini
[2003/12/23 20:14:55 | 000,000,379 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2003/12/23 19:47:56 | 000,006,414 | ---- | C] () -- C:\WINDOWS\Messager Wanadoo.ini
[2003/12/23 19:40:04 | 000,005,607 | R--- | C] () -- C:\WINDOWS\System32\stci.dll
[2003/12/19 15:41:25 | 000,000,169 | ---- | C] () -- C:\WINDOWS\RtlRack.ini
[2003/12/19 09:46:00 | 000,114,688 | R--- | C] () -- C:\WINDOWS\System32\ABITGfx.dll
[2003/12/19 09:45:59 | 001,470,464 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2003/12/19 09:45:59 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2003/12/18 19:08:31 | 000,004,207 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2003/02/18 17:26:28 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\cmirmdrv.dll
[2002/08/30 13:00:00 | 000,014,336 | ---- | C] () -- C:\WINDOWS\System32\msdmo(2).dll
[2002/08/25 18:02:10 | 000,282,112 | ---- | C] () -- C:\WINDOWS\System32\Cncs232.dll
[1999/01/27 12:39:06 | 000,065,024 | ---- | C] () -- C:\WINDOWS\System32\indounin.dll
[1999/01/22 19:46:58 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\MSRTEDIT.DLL
[1998/12/04 06:00:00 | 000,033,792 | ---- | C] () -- C:\Program Files\WZSHLEXT.DLL
[1998/12/04 06:00:00 | 000,014,848 | ---- | C] () -- C:\Program Files\WZFM32.DLL
[1998/12/04 06:00:00 | 000,011,478 | ---- | C] () -- C:\Program Files\WINZIPFM.DLL
[1998/12/04 06:00:00 | 000,004,781 | ---- | C] () -- C:\Program Files\WHATSNEW.TXT
[1998/12/04 06:00:00 | 000,002,633 | ---- | C] () -- C:\Program Files\LICENSE.TXT
[1998/12/04 06:00:00 | 000,002,339 | ---- | C] () -- C:\Program Files\WZ.COM
[1998/12/04 06:00:00 | 000,002,002 | ---- | C] () -- C:\Program Files\WINZIP.TXT
[1998/12/04 06:00:00 | 000,001,157 | ---- | C] () -- C:\Program Files\WZ.PIF
[1998/12/04 06:00:00 | 000,001,104 | ---- | C] () -- C:\Program Files\EXEMPLE.ZIP
[1998/12/04 06:00:00 | 000,000,543 | ---- | C] () -- C:\Program Files\README.TXT
[1998/12/04 06:00:00 | 000,000,370 | ---- | C] () -- C:\Program Files\VENDOR.TXT
[1998/12/04 06:00:00 | 000,000,311 | ---- | C] () -- C:\Program Files\ORDER.TXT
[1998/12/04 06:00:00 | 000,000,039 | ---- | C] () -- C:\Program Files\FILE_ID.DIZ
[1997/06/13 06:56:08 | 000,056,832 | ---- | C] () -- C:\WINDOWS\System32\Iyvu9_32.dll

========== LOP Check ==========

[2009/11/14 15:38:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\iolo
[2010/12/02 21:26:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ma-config.com
[2008/07/11 09:58:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MailFrontier
[2008/11/30 22:20:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Network Associates
[2010/05/06 10:14:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Suite
[2009/11/02 19:15:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WindowsLiveInstaller
[2007/06/28 21:23:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Zylom
[2010/12/02 21:21:59 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{26009715-9383-403E-996E-D70BE8109C3D}
[2008/11/07 23:06:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\paul\Application Data\Ariane Software
[2004/11/01 18:34:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\paul\Application Data\eConf
[2009/11/03 00:00:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\paul\Application Data\FotoWire
[2005/12/31 14:15:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\paul\Application Data\FUJIFILM
[2009/11/15 23:01:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\paul\Application Data\GlarySoft
[2003/12/23 22:24:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\paul\Application Data\InterTrust
[2007/05/27 17:07:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\paul\Application Data\InterVideo
[2009/11/14 15:38:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\paul\Application Data\iolo
[2003/12/26 10:34:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\paul\Application Data\Kazaa Lite
[2010/05/06 10:14:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\paul\Application Data\PC Suite
[2010/05/06 09:15:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\paul\Application Data\Samsung
[2004/11/01 18:23:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\paul\Application Data\Wanadoo visio
[2005/03/31 14:37:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\paul\Application Data\XnView
[2010/12/19 20:48:00 | 000,000,492 | ---- | M] () -- C:\WINDOWS\Tasks\Ad-Aware Update (Daily 1).job
[2010/04/04 13:03:07 | 000,000,492 | ---- | M] () -- C:\WINDOWS\Tasks\Ad-Aware Update (Daily 2).job
[2010/10/06 07:48:00 | 000,000,492 | ---- | M] () -- C:\WINDOWS\Tasks\Ad-Aware Update (Daily 3).job
[2010/12/22 14:48:00 | 000,000,492 | ---- | M] () -- C:\WINDOWS\Tasks\Ad-Aware Update (Daily 4).job
[2010/12/02 20:48:00 | 000,000,492 | ---- | M] () -- C:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job
[2010/12/23 11:21:17 | 000,000,310 | ---- | M] () -- C:\WINDOWS\Tasks\GlaryInitialize.job

========== Purity Check ==========



========== Custom Scans ==========


<SYSTEMDRIVE>


<MD5>
[2007/10/24 21:31:47 | 022,282,803 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2008/10/28 11:49:40 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
[2007/10/24 21:31:47 | 022,282,803 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:AGP440.sys
[2008/10/28 11:49:40 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys
[2008/04/13 19:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008/04/13 19:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys

<MD5>
[2002/08/30 13:00:00 | 010,179,564 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp1.cab:atapi.sys
[2007/10/24 21:31:47 | 022,282,803 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2008/10/28 11:49:40 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2007/10/24 21:31:47 | 022,282,803 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:atapi.sys
[2008/10/28 11:49:40 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008/04/13 19:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008/04/13 19:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys

<MD5>
[2008/04/14 03:33:24 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=4EC800BDF80521B0207BD2301DFC7D14 -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008/04/14 03:33:24 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=4EC800BDF80521B0207BD2301DFC7D14 -- C:\WINDOWS\system32\eventlog.dll

<MD5>
[2008/04/14 03:33:34 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=04821179C3171554C1BD1F9888A113E2 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2008/04/14 03:33:34 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=04821179C3171554C1BD1F9888A113E2 -- C:\WINDOWS\system32\netlogon.dll

<MD5>
[2008/04/14 03:33:40 | 000,187,392 | ---- | M] (Microsoft Corporation) MD5=973B36634C544948C663E8269AA1B3A3 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008/04/14 03:33:40 | 000,187,392 | ---- | M] (Microsoft Corporation) MD5=973B36634C544948C663E8269AA1B3A3 -- C:\WINDOWS\system32\scecli.dll

<systemroot>

<systemroot>
[6 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

<systemroot>

<End>

[marigado]

Suite :

OTL Extras logfile created on: 23/12/2010 12:02:07 - Run 1
OTL by OldTimer - Version 3.2.18.0 Folder = C:\Documents and Settings\paul\Bureau
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

1 023,00 Mb Total Physical Memory | 665,00 Mb Available Physical Memory | 65,00% Memory free
2,00 Gb Paging File | 2,00 Gb Available in Paging File | 88,00% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 114,49 Gb Total Space | 67,41 Gb Free Space | 58,88% Space Free | Partition Type: NTFS

Computer Name: GADONNA | User Name: paul | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html [@ = htmlfile] -- C:\Program Files\Wanadoo\WOOBrowser\WOOBrowser.exe ()

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [open] -- "C:\PROGRA~1\Wanadoo\WOOBrowser\WOOBrowser.exe" %1 ()
htmlfile [opennew] -- Reg Error: Key error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" %*
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
"DisableMonitoring" = 1

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008
"48113:TCP" = 48113:TCP:LocalSubNet:Enabled:maconfig_tcp
"48113:UDP" = 48113:UDP:LocalSubNet:Enabled:maconfig_udp

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\PROGRA~1\Livecom\APPLIC~1\Exe\Livecom.exe" = C:\PROGRA~1\Livecom\APPLIC~1\Exe\Livecom.exe:*:Enabled:Livecom -- File not found
"C:\PROGRA~1\Livecom\APPLIC~1\Exe\..\EconfV4\ftplayer.exe" = C:\PROGRA~1\Livecom\APPLIC~1\Exe\..\EconfV4\ftplayer.exe:*:Enabled:Livecom Media -- File not found
"C:\PROGRA~1\ORANGE~1\APPLIC~1\Exe\ORANGE~1.EXE" = C:\PROGRA~1\ORANGE~1\APPLIC~1\Exe\ORANGE~1.EXE:*:Enabled:Orange Link -- File not found
"C:\PROGRA~1\ORANGE~1\APPLIC~1\Exe\..\EconfV4\olinkp.exe" = C:\PROGRA~1\ORANGE~1\APPLIC~1\Exe\..\EconfV4\olinkp.exe:*:Enabled:Livecom Media -- File not found

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\WINDOWS\system32\)))W,,),,),),.exe" = C:\WINDOWS\system32\)))W,,),,),),.exe:*:Enabled:Ghost Relay -- (keir.net)
"C:\Program Files\ma-config.com\maconfservice.exe" = C:\Program Files\ma-config.com\maconfservice.exe:LocalSubNet:Enabled:maconfservice -- File not found
"C:\Program Files\Samsung\Samsung New PC Studio\npsasvr.exe" = C:\Program Files\Samsung\Samsung New PC Studio\npsasvr.exe:*:Enabled:KTF MUSIC AoD Server -- (PeeringPortal)
"C:\Program Files\Samsung\Samsung New PC Studio\npsvsvr.exe" = C:\Program Files\Samsung\Samsung New PC Studio\npsvsvr.exe:*:Enabled:KTF MUSIC VoD Server -- (PeeringPortal)
"C:\WINDOWS\system32\ZoneLabs\vsmon.exe" = C:\WINDOWS\system32\ZoneLabs\vsmon.exe:*:Enabled:vsmon -- (Check Point Software Technologies LTD)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0000040C-78E1-11D2-B60F-006097C998E7}" = Microsoft Office 2000 Premium
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{02E89EFC-7B07-4D5A-AA03-9EC0902914EE}" = VC 9.0 Runtime
"{10E1E87C-656C-4D08-86D6-5443D28583BE}" = TrayApp
"{13F00518-807A-4B3A-83B0-A7CD90F3A398}" = MarketResearch
"{1753255A-0AEB-4220-8C75-607B73F0C133}" = Copy
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{1CB92574-96F2-467B-B793-5CEB35C40C29}" = Image Resizer Powertoy for Windows XP
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Outil de téléchargement Windows Live
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{26A24AE4-039D-4CA4-87B4-2F83216022FF}" = Java(TM) 6 Update 22
"{29FA38B4-0AE4-4D0D-8A51-6165BB990BB0}" = WebReg
"{2F28B3C9-2C89-4206-8B33-8ADC9577C49B}" = Scan
"{350C940c-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{46ABBC54-1872-4AA3-95E2-F2C063A63F31}" = Installation Windows Live
"{487B0B9B-DCD4-440D-89A0-A6EDE1A545A3}" = HPSSupply
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4AE3A0CB-87B0-4F51-BECD-3D1F8DFDD62F}" = SAGEM F@st 800-840
"{543E938C-BDC4-4933-A612-01293996845F}" = UnloadSupport
"{5DD76286-9BE7-4894-A990-E905E91AC818}" = Windows Live Mail
"{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder
"{706BB40A-4102-4c89-8107-DC68C4EBD19B}" = HP Deskjet All-In-One Software 9.0
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{770F1BEC-2871-4E70-B837-FB8525FFA3B1}" = Windows Live Messenger
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{7E84FAC8-C518-40F9-9807-7455301D6D25}" = SamsungConnectivityCableDriver
"{824D3839-DAA1-4315-A822-7AE3E620E528}" = VideoToolkit01
"{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}" = Windows Live Call
"{8389382B-53BA-4A87-8854-91E3D80A5AC7}" = HP Photosmart Essential2.01
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{8C6027FD-53DC-446D-BB75-CACD7028A134}" = HP Update
"{900B1197-53F5-4F46-A882-2CFFFE2EEDCB}" = Logitech Desktop Messenger
"{90120000-0020-040C-0000-0000000FF1CE}" = Module de compatibilité pour Microsoft Office System 2007
"{90510409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Visio Professional 2003
"{9074AFC0-CFDA-11DE-B484-005056806466}" = Google Earth
"{93F54611-2701-454e-94AB-623F458D9E6B}" = DeviceDiscovery
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{98E8A2EF-4EAE-43B8-A172-74842B764777}" = ABIT SiluroDVD 4
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A4D7B764-4140-11D4-88EB-0050DA3579C0}" = Nero
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9C365A3-06C0-43b4-A2DB-EDF0A6079AA9}" = DJ_AIO_Software
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{AC599724-5755-48C1-ABE7-ABB857652930}" = PC Connectivity Solution
"{AC76BA86-7AD7-1036-7B44-A94000000001}" = Adobe Reader 9.4.1 - Français
"{AEA07F97-9088-497c-8821-0F36BD5DC251}" = HPProductAssistant
"{AF7E85DC-317C-47F5-810E-B82EE093A612}" = Samsung New PC Studio USB Driver Installer
"{AF7FC1CA-79DF-43c3-90A3-33EFEB9294CE}" = AIO_Scan
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B4B1F18B-5CED-4f8f-8A8F-1BD0503C222E}" = DJ_AIO_ProductContext
"{B6B69D92-6CD8-4086-8D1D-7945BDA4AE5A}" = F4100_Help
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{B8BFB69F-BBBA-48A9-A788-851222571C77}" = MapSource Product Install
"{BCD6CD1A-0DBE-412E-9F25-3B500D1E6BA1}" = SolutionCenter
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C43048A9-742C-4DAD-90D2-E3B53C9DB825}" = Logiciel QuickCam de Logitech
"{C9D88AF8-7B0A-4200-BFBC-7827A7535096}" = F4100_doccd
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CF40ACC5-E1BB-4aff-AC72-04C2F616BCA7}" = getPlus(R) for Adobe
"{D0E39A1D-0CEE-4D85-B4A2-E3BE990D075E}" = Destination Component
"{D680C913-5955-469D-9D88-C1940F7506D6}" = RAW FILE CONVERTER LE
"{DAEAFD68-BB4A-4507-A241-C8804D2EA66D}" = Apple Application Support
"{DCE8CD14-FBF5-4464-B9A4-E18E473546C7}" = Assistant de connexion Windows Live
"{DCFCED91-AAB0-4654-B223-372D3C8EE781}" = IGN Rando
"{E2662C24-B31E-4349-A084-32EB76E8B760}" = BufferChm
"{E2883E8F-472F-4fb0-9522-AC9BF37916A7}" = Adobe Download Manager
"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
"{E7004147-2CCA-431C-AA05-2AB166B9785D}" = QuickTime
"{E9C18EBD-85BE-47D0-AA73-3FEDCC976B04}" = Toolbox
"{ED00D08A-3C5F-488D-93A0-A04F21F23956}" = Windows Live Communications Platform
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F193FC0E-9E18-40FC-A974-509A1BDD240A}" = Samsung New PC Studio
"{F196AC50-7C95-42E1-9947-BDAB18BF3C8C}" = Microsoft .NET Framework 2.0 Language Pack - FRA
"{F1E63043-54FC-429B-AB2C-31AF9FBA4BC7}" = 32 Bit HP CIO Components Installer
"{F56D6F46-1D62-4734-BF12-6457A1ED17BD}" = DJ_AIO_Software_min
"{F72E2DDC-3DB8-4190-A21D-63883D955FE7}" = PSSWCORE
"{F8FED11D-3584-4a72-8B26-E0951B655797}" = F4100
"{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio
"{FD8D8B04-BEAD-4A55-AA1D-62D2373E7DEA}" = Status
"3A5DEFA413DDE699DBA6EBE0A63534ACA524D30F" = Package de pilotes Windows - Nokia pccsmcfd (10/12/2007 6.85.4.0)
"6194C28A8F62DD817EA1B918E6E46E806A21B452" = Package de pilotes Windows - MobileTop (sshpmdm) Modem (02/23/2007 2.5.0.0)
"65B6FE5418CE28F4D72543FB2D964C3CEC83F161" = Package de pilotes Windows - MobileTop (sshpusb) USB (02/23/2007 2.5.0.0)
"Adobe Acrobat 5.0" = Adobe Acrobat 5.0
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Photoshop 7.0" = Adobe Photoshop 7.0
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"AXIS Media Control Embedded" = AXIS Media Control Embedded
"CCleaner" = CCleaner
"C-Media Audio Driver" = C-Media WDM Audio Driver
"ERUNT_is1" = ERUNT 1.1j
"EVEREST Home Edition_is1" = EVEREST Home Edition v2.20
"FranceTelecomUninstall_FTBrowser" = Navigateur Orange
"GestionnaireInternet.exe" = Gestionnaire Internet
"Glary Utilities_is1" = Glary Utilities 2.17.0.776
"Google Updater" = Outil de mise à jour Google
"HP Imaging Device Functions" = HP Imaging Device Functions 9.0
"HP Photosmart Essential" = HP Photosmart Essential 2.01
"HP Solution Center & Imaging Support Tools" = HP Solution Center 9.0
"HPExtendedCapabilities" = HP Customer Participation Program 9.0
"ie7" = Windows Internet Explorer 7
"ie8" = Windows Internet Explorer 8
"InstallShield_{AF7E85DC-317C-47F5-810E-B82EE093A612}" = Samsung New PC Studio USB Driver Installer
"InstallShield_{F193FC0E-9E18-40FC-A974-509A1BDD240A}" = Samsung New PC Studio
"Jardinage, passion & pratique" = Jardinage, passion & pratique
"Logitech Print Service" = Logitech Print Service
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 2.0 Language Pack - FRA" = Module de prise en charge linguistique de Microsoft .NET Framework 2.0 - FRA
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"MSMONEYV60" = Microsoft Money 98
"NVIDIA Drivers" = NVIDIA Drivers
"QcDrv" = Programme de gestion Camera de Logitech®
"RealPlayer 6.0" = RealOne Player
"SAMSUNG Mobile Composite Device" = SAMSUNG Mobile Composite Device Software
"SAMSUNG Mobile Modem" = SAMSUNG Mobile Modem Driver Set
"Samsung Mobile Modem Device" = Samsung Mobile Modem Device Software
"Samsung Mobile phone USB driver" = Samsung Mobile phone USB driver Software
"SAMSUNG Mobile USB Modem" = SAMSUNG Mobile USB Modem Software
"SAMSUNG Mobile USB Modem 1.0" = SAMSUNG Mobile USB Modem 1.0 Software
"SAMSUNG USB Mobile Device" = SAMSUNG USB Mobile Device Software
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Lecteur Windows Media 11
"WinLiveSuite_Wave3" = Installation Windows Live
"XnView_is1" = XnView 1.74
"ZoneAlarm" = ZoneAlarm

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 13/12/2010 15:59:47 | Computer Name = GADONNA | Source = crypt32 | ID = 131080
Description = Échec de la récupération de la mise à jour automatique du numéro de
séquence de la liste racine tierce partie à partir de : <http>
avec l'erreur : The server name or address could not be resolved

Error - 14/12/2010 05:01:04 | Computer Name = GADONNA | Source = crypt32 | ID = 131080
Description = Échec de la récupération de la mise à jour automatique du numéro de
séquence de la liste racine tierce partie à partir de : <http>
avec l'erreur : The server name or address could not be resolved

Error - 14/12/2010 13:08:58 | Computer Name = GADONNA | Source = crypt32 | ID = 131080
Description = Échec de la récupération de la mise à jour automatique du numéro de
séquence de la liste racine tierce partie à partir de : <http>
avec l'erreur : The server name or address could not be resolved

Error - 21/12/2010 17:10:36 | Computer Name = GADONNA | Source = crypt32 | ID = 131080
Description = Échec de la récupération de la mise à jour automatique du numéro de
séquence de la liste racine tierce partie à partir de : <http>
avec l'erreur : The server name or address could not be resolved

Error - 21/12/2010 17:19:06 | Computer Name = GADONNA | Source = crypt32 | ID = 131080
Description = Échec de la récupération de la mise à jour automatique du numéro de
séquence de la liste racine tierce partie à partir de : <http>
avec l'erreur : The server name or address could not be resolved

Error - 22/12/2010 04:32:58 | Computer Name = GADONNA | Source = crypt32 | ID = 131080
Description = Échec de la récupération de la mise à jour automatique du numéro de
séquence de la liste racine tierce partie à partir de : <http>
avec l'erreur : The server name or address could not be resolved

Error - 22/12/2010 09:18:49 | Computer Name = GADONNA | Source = crypt32 | ID = 131080
Description = Échec de la récupération de la mise à jour automatique du numéro de
séquence de la liste racine tierce partie à partir de : <http>
avec l'erreur : The server name or address could not be resolved

Error - 23/12/2010 04:48:42 | Computer Name = GADONNA | Source = crypt32 | ID = 131080
Description = Échec de la récupération de la mise à jour automatique du numéro de
séquence de la liste racine tierce partie à partir de : <http>
avec l'erreur : The server name or address could not be resolved

Error - 23/12/2010 05:07:19 | Computer Name = GADONNA | Source = Application Hang | ID = 1002
Description = Application bloquée iexplore.exe, version 8.0.6001.18702, module bloqué
hungapp, version 0.0.0.0, adresse de blocage 0x00000000.

Error - 23/12/2010 06:21:12 | Computer Name = GADONNA | Source = crypt32 | ID = 131080
Description = Échec de la récupération de la mise à jour automatique du numéro de
séquence de la liste racine tierce partie à partir de : <http>
avec l'erreur : The server name or address could not be resolved

[ Canal+ Events ]
Error - 17/12/2008 07:21:03 | Computer Name = GADONNA | Source = VideoOnDemand | ID = 0
Description = ContentsManager.Update : Impossible d’effectuer l’action demandée
car un problème s’est produit au niveau des composants de gestion des droits numériques
Windows Media (DRM) sur votre ordinateur.

Error - 17/12/2008 07:23:56 | Computer Name = GADONNA | Source = VideoOnDemand | ID = 0
Description = ContentsManager.Update : Impossible d’effectuer l’action demandée
car un problème s’est produit au niveau des composants de gestion des droits numériques
Windows Media (DRM) sur votre ordinateur.

Error - 17/12/2008 07:26:05 | Computer Name = GADONNA | Source = VideoOnDemand | ID = 0
Description = ContentsManager.Update : Impossible d’effectuer l’action demandée
car un problème s’est produit au niveau des composants de gestion des droits numériques
Windows Media (DRM) sur votre ordinateur.

[ System Events ]
Error - 23/12/2010 04:48:45 | Computer Name = GADONNA | Source = DCOM | ID = 10021
Description = Le descripteur de sécurité d'exécution et d'activation défini pour
l'application serveur COM avec le CLSID {2A6D72F1-6E7E-4702-B99C-E40D3DED33C3}
n'est pas valide. Il contient des entrées de contrôle d'accès (ACE) avec des autorisations
qui ne sont pas valides. Par conséquent, l'action demandée n'a pas été effectuée.
Cette autorisation de sécurité peut être corrigée à l'aide de l'outil d'administration
Services de composants.

Error - 23/12/2010 04:48:48 | Computer Name = GADONNA | Source = Service Control Manager | ID = 7000
Description = Le service General Purpose USB Driver (e4ldr.sys) n'a pas pu démarrer
en raison de l'erreur : %%1058

Error - 23/12/2010 04:48:48 | Computer Name = GADONNA | Source = Service Control Manager | ID = 7000
Description = Le service CT Device Query service n'a pas pu démarrer en raison de
l'erreur : %%2

Error - 23/12/2010 04:48:59 | Computer Name = GADONNA | Source = Service Control Manager | ID = 7026
Description = Le pilote de démarrage système ou d'amorçage suivant n'a pas pu se
charger : viaagp1

Error - 23/12/2010 06:21:13 | Computer Name = GADONNA | Source = DCOM | ID = 10021
Description = Le descripteur de sécurité d'exécution et d'activation défini pour
l'application serveur COM avec le CLSID {2A6D72F1-6E7E-4702-B99C-E40D3DED33C3}
n'est pas valide. Il contient des entrées de contrôle d'accès (ACE) avec des autorisations
qui ne sont pas valides. Par conséquent, l'action demandée n'a pas été effectuée.
Cette autorisation de sécurité peut être corrigée à l'aide de l'outil d'administration
Services de composants.

Error - 23/12/2010 06:21:13 | Computer Name = GADONNA | Source = DCOM | ID = 10021
Description = Le descripteur de sécurité d'exécution et d'activation défini pour
l'application serveur COM avec le CLSID {2A6D72F1-6E7E-4702-B99C-E40D3DED33C3}
n'est pas valide. Il contient des entrées de contrôle d'accès (ACE) avec des autorisations
qui ne sont pas valides. Par conséquent, l'action demandée n'a pas été effectuée.
Cette autorisation de sécurité peut être corrigée à l'aide de l'outil d'administration
Services de composants.

Error - 23/12/2010 06:21:13 | Computer Name = GADONNA | Source = DCOM | ID = 10021
Description = Le descripteur de sécurité d'exécution et d'activation défini pour
l'application serveur COM avec le CLSID {2A6D72F1-6E7E-4702-B99C-E40D3DED33C3}
n'est pas valide. Il contient des entrées de contrôle d'accès (ACE) avec des autorisations
qui ne sont pas valides. Par conséquent, l'action demandée n'a pas été effectuée.
Cette autorisation de sécurité peut être corrigée à l'aide de l'outil d'administration
Services de composants.

Error - 23/12/2010 06:21:15 | Computer Name = GADONNA | Source = Service Control Manager | ID = 7000
Description = Le service General Purpose USB Driver (e4ldr.sys) n'a pas pu démarrer
en raison de l'erreur : %%1058

Error - 23/12/2010 06:21:15 | Computer Name = GADONNA | Source = Service Control Manager | ID = 7000
Description = Le service CT Device Query service n'a pas pu démarrer en raison de
l'erreur : %%2

Error - 23/12/2010 06:21:27 | Computer Name = GADONNA | Source = Service Control Manager | ID = 7026
Description = Le pilote de démarrage système ou d'amorçage suivant n'a pas pu se
charger : viaagp1


<End>

[nickW]

Bonsoir,

Aurais-tu par hasard essayé de désinstaller un logiciel McAfee?

Aurais-tu par hasard essayé de désinstaller Ad-Aware?

A suivre,

[marigado]

Bonjour NickW,
Merci de t'intéresser à mon sort. Effectivement , j'ai désinstallé un antivirus Mcafee ainsi que Ad-Aware. J'utilise actuellement Avira antivir comme antivirus et Zonealarm comme pare-feu.
A+

[nickW]

Bonsoir,

Premiers nettoyages:


Étape 1: OTL (de OldTimer), préparation de la correction
Ouvrir une fenêtre du Bloc-notes, via Démarrer---->Exécuter, taper notepad puis cliquer sur OK

Sélectionner toutes les lignes de la zone blanche située sous "Code:" ci-dessous, puis appuyer simultanément sur les touches Ctrl et C

Code: Tout sélectionner

rien

:Reg
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\WINDOWS\system32\)))W,,),,),),.exe"=-

:otl
SRV - [2004/06/15 01:12:00 | 000,102,463 | ---- | M] (Network Associates, Inc.) [Auto | Running] -- C:\Program Files\Network Associates\Common Framework\FrameworkService.exe -- (McAfeeFramework)
O4 - HKLM..\Run: [Ghost Relay] C:\WINDOWS\system32\)))W,,),,),),.exe (keir.net)

:Files
C:\Program Files\Network Associates\Common Framework
C:\WINDOWS\Tasks\Ad-Aware Update (Daily 1).job
C:\WINDOWS\Tasks\Ad-Aware Update (Daily 2).job
C:\WINDOWS\Tasks\Ad-Aware Update (Daily 3).job
C:\WINDOWS\Tasks\Ad-Aware Update (Daily 4).job
C:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job

:Commands
[emptytemp]




Retourner dans la fenêtre du Bloc-notes, faire un clic droit dans la fenêtre et choisir Coller
Vérifier dans le menu Format (en haut) que "Retour automatique à ligne" n'est pas actif (pas coché).
Enregistrer le fichier sous le nom fix.txt <---- ne pas modifier le nom du fichier
Fermer le Bloc-notes.

Note: Les lignes de la zone Code ci-dessus ont été créées exclusivement pour CET utilisateur: marigado.
Si vous n'êtes pas CET utilisateur, il ne faut pas les utiliser: elles pourraient endommager votre système.


Étape 2: Pas de processus de contrôle en temps réel
Désactiver le module résident de l'antivirus et celui de l'antispyware.
Avira Antivir: clic droit sur l'icône dans la SysBarre (à coté de l'horloge), décocher "Activer Antivir Guard/AntiVir Guard enable"


Étape 3: OTL (de OldTimer), correction

Faire un double clic sur OTL.exe pour lancer l'outil.

L'écran principal de OTL s'affiche:


Cliquer sur le bouton Correction:

Il y a ouverture d'une petite fenêtre "OTL":

Cliquer sur le bouton Ok.

A partir de la nouvelle fenêtre "Ouvrir", naviguer jusqu'au dossier de sauvegarde du fichier fix.txt puis cliquer sur le bouton Ouvrir.

Le contenu du fichier fix.txt est ainsi inséré dans le panneau "Personnalisation"

Fermer toutes les fenêtres de programme ouvertes autres que OTL (navigateur, traitement de texte, etc...): un redémarrage du PC va se produire.

Cliquer de nouveau sur le bouton Correction:

Note: Lorsque le redémarrage est demandé, cliquer sur Ok

Lorsque l'outil a terminé son travail, il y a affichage dans une petite fenêtre du message "Correction terminée! Cliquez sur Ok pour afficher le rapport.". Cliquer sur Ok puis fermer OTL.


Étape 4: Processus de contrôle en temps réel
Important: Réactiver le module résident de l'antivirus.


Étape 5: OTL (de OldTimer), analyse rapide
Fermer toutes les fenêtres de programme ouvertes.

Faire un double clic sur OTL.exe pour lancer l'outil.

L'écran principal de OTL s'affiche:


Cliquer sur le bouton Analyse rapide:



Laisser l'outil travailler sans l'interrompre.
Lorsque l'outil a terminé, il y a ouverture d'une fenêtre du Bloc-notes contenant un rapport (log).
Fermer le Bloc-notes.
Fermer la fenêtre de OTL.



Étape 6: Résultats
Envoyer en réponse:
*- le rapport de correction de OTL (contenu du fichier %SystemDrive%\_OTL\MovedFiles\********_******.log - les *** sont des chiffres représentant la date [moisjourannée] et l'heure)
[%SystemDrive% représente la partition sur laquelle est installé le système, généralement C:]

Envoyer ensuite en réponse dans un message distinct (à cause de la longueur du fichier):
*- le rapport principal de OTL (contenu du fichier OTL.txt situé sur le Bureau).
Le rapport envoyé sur le forum doit se terminer par une ligne contenant <End>. Si ce n'est pas le cas, il est incomplet, et doit alors être découpé en plusieurs messages.

Note importante: Pour l'envoi de ta(tes) réponse(s), il ne faut pas créer un nouveau sujet, mais cliquer sur le bouton "Répondre"
pour continuer dans ce fil de discussion.

A suivre,

[marigado]

Bonjour NickW,
ci-joint le premier log

All processes killed
Error: Unable to interpret <rien> in the current context!
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\WINDOWS\system32\)))W,,),,),),.exe not found.
========== OTL ==========
Error: No service named McAfeeFramework was found to stop!
Service\Driver key McAfeeFramework not found.
C:\Program Files\Network Associates\Common Framework\FrameworkService.exe moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Ghost Relay deleted successfully.
C:\WINDOWS\system32\)))W,,),,),),.exe moved successfully.
========== FILES ==========
C:\Program Files\Network Associates\Common Framework\0409 folder moved successfully.
C:\Program Files\Network Associates\Common Framework folder moved successfully.
C:\WINDOWS\Tasks\Ad-Aware Update (Daily 1).job moved successfully.
C:\WINDOWS\Tasks\Ad-Aware Update (Daily 2).job moved successfully.
C:\WINDOWS\Tasks\Ad-Aware Update (Daily 3).job moved successfully.
C:\WINDOWS\Tasks\Ad-Aware Update (Daily 4).job moved successfully.
C:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job moved successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: LocalService
->Temp folder emptied: 66016 bytes
->Temporary Internet Files folder emptied: 112883 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 1859236 bytes

User: paul
->Temp folder emptied: 85112545 bytes
->Temporary Internet Files folder emptied: 19911113 bytes
->Java cache emptied: 0 bytes
->Flash cache emptied: 22003 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 1158771 bytes
%systemroot%\System32 .tmp files removed: 3241472 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 38541739 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 77578124 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 305961011 bytes

Total Files Cleaned = 509,00 mb


OTL by OldTimer - Version 3.2.18.0 log created on 12252010_170941

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...

[marigado]

ci-joint le deuxième log

OTL logfile created on: 25/12/2010 17:20:07 - Run 2
OTL by OldTimer - Version 3.2.18.0 Folder = C:\Documents and Settings\paul\Bureau
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

1 023,00 Mb Total Physical Memory | 590,00 Mb Available Physical Memory | 58,00% Memory free
2,00 Gb Paging File | 2,00 Gb Available in Paging File | 86,00% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 114,49 Gb Total Space | 67,57 Gb Free Space | 59,02% Space Free | Partition Type: NTFS

Computer Name: GADONNA | User Name: paul | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2010/12/23 10:30:17 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\paul\Bureau\OTL.exe
PRC - [2010/12/14 19:09:29 | 000,267,944 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2010/08/17 13:39:03 | 000,135,336 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2010/08/17 13:38:55 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2010/01/14 22:11:14 | 000,076,968 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
PRC - [2009/03/31 08:39:36 | 000,233,472 | ---- | M] (Teruten) -- C:\WINDOWS\system32\FsUsbExService.Exe
PRC - [2008/04/14 03:34:03 | 001,037,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2005/07/19 17:32:18 | 000,221,184 | ---- | M] (Logitech Inc.) -- C:\WINDOWS\system32\LVCOMSX.EXE
PRC - [2004/08/23 13:49:56 | 000,040,960 | ---- | M] (France Telecom) -- C:\WINDOWS\system32\FTRTSVC.exe
PRC - [2004/05/10 20:44:24 | 000,151,597 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe


========== Modules (SafeList) ==========

MOD - [2010/12/23 10:30:17 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\paul\Bureau\OTL.exe
MOD - [2010/08/23 17:12:39 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
MOD - [2006/05/03 22:53:54 | 000,174,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\framedyn.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- C:\WINDOWS\System32\hidserv.dll -- (HidServ)
SRV - File not found [Auto | Stopped] -- C:\Program Files\Creative\Shared Files\CTDevSrv.exe -- (CTDevice_Srv)
SRV - File not found [On_Demand | Stopped] -- C:\WINDOWS\System32\appmgmts.dll -- (AppMgmt)
SRV - [2010/12/14 19:09:29 | 000,267,944 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2010/09/01 14:51:28 | 000,066,112 | ---- | M] (NOS Microsystems Ltd.) [On_Demand | Stopped] -- C:\Program Files\NOS\bin\getPlus_Helper_3004.dll -- (nosGetPlusHelper) getPlus(R)
SRV - [2010/08/17 13:39:03 | 000,135,336 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2010/06/23 12:52:56 | 002,435,592 | ---- | M] (Check Point Software Technologies LTD) [Auto | Stopped] -- C:\WINDOWS\System32\ZoneLabs\vsmon.exe -- (vsmon)
SRV - [2009/12/17 16:36:24 | 000,067,360 | ---- | M] (NOS Microsystems Ltd.) [On_Demand | Stopped] -- C:\Program Files\NOS\bin\getPlus_Helper.dll -- (getPlusHelper) getPlus(R)
SRV - [2009/03/31 08:39:36 | 000,233,472 | ---- | M] (Teruten) [Auto | Running] -- C:\WINDOWS\system32\FsUsbExService.Exe -- (FsUsbExService)
SRV - [2008/04/07 08:17:30 | 000,430,592 | ---- | M] (Nokia.) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2004/08/23 13:49:56 | 000,040,960 | ---- | M] (France Telecom) [Auto | Running] -- C:\WINDOWS\system32\FTRTSVC.exe -- (FTRTSVC)
SRV - [2003/07/28 11:28:22 | 000,089,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE -- (ose)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | Boot | Stopped] -- C:\WINDOWS\System32\DRIVERS\viaagp1.sys -- (viaagp1)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\PCAMPR5.SYS -- (PCAMPR5)
DRV - [2010/12/14 19:09:40 | 000,135,096 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb)
DRV - [2010/12/14 19:09:38 | 000,061,960 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2010/05/13 09:02:32 | 000,532,224 | ---- | M] (Check Point Software Technologies LTD) [Kernel | System | Running] -- C:\WINDOWS\system32\vsdatant.sys -- (vsdatant)
DRV - [2009/03/31 08:39:36 | 000,036,608 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\FsUsbExDisk.Sys -- (FsUsbExDisk)
DRV - [2009/03/20 09:01:26 | 000,121,856 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_bmdm.sys -- (ss_bmdm)
DRV - [2009/03/20 09:01:26 | 000,090,112 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_bbus.sys -- (ss_bbus) SAMSUNG USB Mobile Device (WDM)
DRV - [2009/03/20 09:01:26 | 000,014,976 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_bmdfl.sys -- (ss_bmdfl) SAMSUNG USB Mobile Modem (Filter)
DRV - [2008/09/24 10:40:22 | 004,122,368 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\alcxwdm.sys -- (ALCXWDM) Service for Realtek AC97 Audio (WDM)
DRV - [2008/04/13 19:45:29 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum)
DRV - [2008/04/13 19:45:12 | 000,060,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\usbaudio.sys -- (usbaudio) Pilote USB audio (WDM)
DRV - [2007/09/17 14:53:26 | 000,021,632 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2006/10/22 12:22:00 | 003,994,624 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2006/07/24 16:05:00 | 000,005,632 | ---- | M] () [File_System | System | Running] -- C:\WINDOWS\System32\drivers\StarOpen.sys -- (StarOpen)
DRV - [2006/05/04 17:50:20 | 000,114,616 | ---- | M] (Analog Devices Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\e4usbaw.sys -- (e4usbaw)
DRV - [2006/03/02 18:25:04 | 000,063,555 | ---- | M] (Analog Deivces) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\e4ldr.sys -- (IKANLOADER2) General Purpose USB Driver (e4ldr.sys)
DRV - [2005/05/27 09:32:52 | 001,317,152 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\lvcm.sys -- (QCMerced)
DRV - [2005/05/27 09:31:28 | 000,022,016 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LVUSBSta.sys -- (LVUSBSta)
DRV - [2003/08/04 15:22:44 | 000,016,128 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\PCANDIS5.SYS -- (PCANDIS5)
DRV - [2002/09/06 14:02:38 | 000,743,136 | R--- | M] (THOMSON multimedia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\alcaudsl.sys -- (alcaudsl)
DRV - [2002/06/06 11:14:32 | 000,053,168 | ---- | M] (THOMSON multimedia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\alcan5wn.sys -- (alcan5wn) Alcatel SpeedTouch USB ADSL PPP Networking Driver (NDISWAN)
DRV - [2001/08/17 22:00:04 | 000,002,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\msmpu401.sys -- (ms_mpu401)
DRV - [2001/08/17 21:57:16 | 000,045,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\cirrus.sys -- (cirrus)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========


IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://fr.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = fr
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = F0 6F D7 87 C6 48 CA 01 [binary data]
IE - HKCU\..\URLSearchHook: {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\Wanadoo\SearchPageURL.dll ()
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" =
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" =



O1 HOSTS File: ([2008/12/08 22:35:12 | 000,293,750 | R--- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 babe.the-killer.bz
O1 - Hosts: 127.0.0.1 babe.k-lined.com
O1 - Hosts: 127.0.0.1 did.i-used.cc
O1 - Hosts: 127.0.0.1 coolwwwsearch.com
O1 - Hosts: 127.0.0.1 coolwebsearch.com
O1 - Hosts: 127.0.0.1 hi.studioaperto.net
O1 - Hosts: 127.0.0.1 www.webbrowser.tv
O1 - Hosts: 127.0.0.1 www.wazzupnet.com
O1 - Hosts: 127.0.0.1 gueb.com
O1 - Hosts: 127.0.0.1 kabex.com
O1 - Hosts: 127.0.0.1 www.hityou.com
O1 - Hosts: 127.0.0.1 miosearch.com
O1 - Hosts: 127.0.0.1 wazzupnet.com
O1 - Hosts: 127.0.0.1 213.131.225.2
O1 - Hosts: 127.0.0.1 www.blue-elefant.com
O1 - Hosts: 127.0.0.1 babeweb.de
O1 - Hosts: 127.0.0.1 start-seite.com
O1 - Hosts: 127.0.0.1 sexolymp.com
O1 - Hosts: 127.0.0.1 toriii.cc
O1 - Hosts: 127.0.0.1 www.xtipp.de
O1 - Hosts: 127.0.0.1 urawa.cool.ne.jp
O1 - Hosts: 127.0.0.1 777search.com
O1 - Hosts: 127.0.0.1 ace-webmaster.com
O1 - Hosts: 127.0.0.1 aifind.info
O1 - Hosts: 10159 more lines...
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Programme d'aide de l'Assistant de connexion Windows Live) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\4.1.805.4472\swg.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [Cmaudio] File not found
O4 - HKLM..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE (Logitech Inc.)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [ZoneAlarm Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe (Check Point Software Technologies LTD)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideLegacyLogonScripts = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideLogoffScripts = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: RunLogonScriptSync = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: RunStartupScriptSync = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideStartupScripts = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 95 00 00 00 [binary data]
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideLegacyLogonScripts = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideLogoffScripts = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: RunLogonScriptSync = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: RunStartupScriptSync = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideStartupScripts = 0
O9 - Extra 'Tools' menuitem : Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\npjpi160_22.dll (Sun Microsystems, Inc.)
O15 - HKCU\..Trusted Domains: ([]msn in My Computer)
O15 - HKCU\..Trusted Domains: D: ([]file in Trusted sites)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shoc ... tor/sw.cab (Reg Error: Key error.)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/ ... ontrol.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} http://catalog.update.microsoft.com/v7/ ... 5765668356 (MUCatalogWebControl Class)
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} http://download.divx.com/player/DivXBrowserPlugin.cab (DivXBrowserPlugin Object)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.microsoft.com/microso ... 3256217674 (MUWebControl Class)
O16 - DPF: {745395C8-D0E1-4227-8586-624CA9A10A8D} http://217.128.151.33/activex/AMC.cab (Reg Error: Key error.)
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} http://fichiers.touslesdrivers.com/maco ... _0_1_3.cab (Reg Error: Key error.)
O16 - DPF: {88764F69-3831-4EC1-B40B-FF21D8381345} https://static.impots.gouv.fr/tdir/stat ... DP-1.1.cab (AdVerifierADPCtrl Class)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/fl ... rashim.cab (Reg Error: Key error.)
O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} http://198.165.92.244/activex/AxisCamControl.cab (CamImage Class)
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} http://game05.zylom.com/activex/zylomgamesplayer.cab (Zylom Games Player)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} http://wwwimages.adobe.com/www.adobe.co ... nos/gp.cab (get_atlcom Class)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab (Shockwave Flash Object)
O16 - DPF: {DE625294-70E6-45ED-B895-CFFA13AEB044} http://camera1.mairie-brest.fr/activex/AMC.cab (AxisMediaControlEmb Class)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (get_atlcom Class)
O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} http://gfx1.hotmail.com/mail/w4/m3/phot ... NPUpld.cab (Windows Live Hotmail Photo Upload Tool)
O16 - DPF: {E8F628B5-259A-4734-97EE-BA914D7BE941} http://driveragent.com/files/driveragent.cab (Driver Agent ActiveX Control)
O16 - DPF: DirectAnimation Java Classes file://C:\WINDOWS\Java\classes\dajava.cab (Reg Error: Key error.)
O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - CLSID or File not found.
O24 - Desktop Components:0 (Ma page d'accueil) - About:Home
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2003/12/18 19:19:43 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{21c10f85-ce21-11de-a3c9-4d6564696130}\Shell\AutoRun\command - "" = F:\EmDesk.exe -- File not found
O33 - MountPoints2\{21c10f85-ce21-11de-a3c9-4d6564696130}\Shell\EmDesk\command - "" = F:\EmDesk.exe -- File not found
O33 - MountPoints2\{cdd7d315-8fb9-11dd-9f89-4d6564696130}\Shell - "" = AutoRun
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010/12/25 16:51:48 | 000,000,000 | ---D | C] -- C:\_OTL
[2010/12/23 11:32:56 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010/12/23 11:32:51 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010/12/23 10:55:32 | 000,000,000 | ---D | C] -- C:\Program Files\ERUNT
[2010/12/23 10:49:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\paul\Bureau\erunt-loc_fr
[2010/12/23 10:47:11 | 000,791,393 | ---- | C] (Lars Hederer ) -- C:\Documents and Settings\paul\Bureau\erunt-setup.exe
[2010/12/23 10:35:13 | 006,153,352 | ---- | C] (Malwarebytes Corporation ) -- C:\Documents and Settings\paul\Bureau\mbam-setup.exe
[2010/12/23 10:30:06 | 000,602,624 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\paul\Bureau\OTL.exe
[2010/12/02 21:41:59 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\paul\Recent
[2010/11/30 11:04:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\paul\Application Data\Avira
[2010/11/30 11:04:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Avira
[2010/11/30 11:04:38 | 000,000,000 | ---D | C] -- C:\Program Files\Avira
[2010/11/30 10:59:49 | 000,000,000 | ---D | C] -- C:\Program Files\Zone Labs
[2010/11/30 10:59:46 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ZoneLabs
[2010/11/30 10:59:46 | 000,000,000 | ---D | C] -- C:\WINDOWS\Internet Logs
[2010/11/30 10:40:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ZoneLabs(2)
[2010/11/30 10:39:47 | 000,000,000 | ---D | C] -- C:\Program Files\Zone Labs(2)
[2010/11/30 10:35:19 | 000,000,000 | ---D | C] -- C:\WINDOWS\Internet Logs(2)
[2010/11/29 16:07:45 | 000,000,000 | ---D | C] -- C:\Program Files\Avira(2)
[2010/11/29 16:07:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Avira(2)
[2005/09/09 22:04:41 | 002,149,327 | ---- | C] (MimarSinan International) -- C:\Program Files\SudokuSetup.exe
[1998/12/04 06:00:00 | 001,005,568 | ---- | C] (Nico Mak Computing, Inc.) -- C:\Program Files\WINZIP32.EXE
[1998/12/04 06:00:00 | 000,265,216 | ---- | C] (Nico Mak Computing, Inc.) -- C:\Program Files\WZ32.DLL
[1998/12/04 06:00:00 | 000,212,480 | ---- | C] (Nico Mak Computing, Inc.) -- C:\Program Files\WZSEPE32.EXE
[1998/12/04 06:00:00 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\Program Files\WZCAB.DLL
[1998/12/04 06:00:00 | 000,020,992 | ---- | C] (Nico Mak Computing, Inc.) -- C:\Program Files\WZCAB2.DLL

========== Files - Modified Within 30 Days ==========

[2010/12/25 17:13:35 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/12/25 17:13:26 | 000,088,566 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2010/12/25 17:12:56 | 000,000,310 | ---- | M] () -- C:\WINDOWS\tasks\GlaryInitialize.job
[2010/12/25 17:12:52 | 000,000,878 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010/12/25 17:12:24 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/12/25 17:12:20 | 1073,270,784 | -HS- | M] () -- C:\hiberfil.sys
[2010/12/25 16:38:09 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010/12/24 17:58:49 | 000,000,746 | ---- | M] () -- C:\Documents and Settings\paul\Bureau\Windows Live Call.lnk
[2010/12/23 12:39:03 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2010/12/23 11:32:59 | 000,000,696 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Malwarebytes' Anti-Malware.lnk
[2010/12/23 11:32:00 | 006,153,352 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\paul\Bureau\mbam-setup.exe
[2010/12/23 10:48:08 | 000,005,024 | ---- | M] () -- C:\Documents and Settings\paul\Bureau\erunt-loc_fr.zip
[2010/12/23 10:47:22 | 000,791,393 | ---- | M] (Lars Hederer ) -- C:\Documents and Settings\paul\Bureau\erunt-setup.exe
[2010/12/23 10:39:39 | 000,002,531 | ---- | M] () -- C:\Documents and Settings\paul\Bureau\Microsoft Excel.lnk
[2010/12/23 10:30:47 | 000,000,383 | ---- | M] () -- C:\Documents and Settings\paul\Bureau\scan.zip
[2010/12/23 10:30:17 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\paul\Bureau\OTL.exe
[2010/12/22 11:42:48 | 000,092,043 | ---- | M] () -- C:\Documents and Settings\paul\Mes documents\IMG_0492pic_epeiche1[1].jpg
[2010/12/20 18:09:00 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010/12/20 18:08:40 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010/12/19 21:33:14 | 000,000,216 | RHS- | M] () -- C:\boot.ini
[2010/12/18 10:36:29 | 000,002,551 | ---- | M] () -- C:\Documents and Settings\paul\Bureau\Microsoft Word.lnk
[2010/12/15 21:55:30 | 000,152,384 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/12/15 11:39:36 | 000,001,393 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010/12/14 19:09:40 | 000,135,096 | ---- | M] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avipbb.sys
[2010/12/14 19:09:38 | 000,061,960 | ---- | M] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntflt.sys
[2010/12/08 12:14:57 | 000,177,664 | ---- | M] () -- C:\Documents and Settings\paul\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/12/02 21:41:04 | 000,000,682 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\CCleaner.lnk
[2010/11/30 11:51:44 | 000,426,780 | ---- | M] () -- C:\WINDOWS\System32\vsconfig.xml
[2010/11/30 10:41:18 | 000,004,212 | -H-- | M] () -- C:\WINDOWS\System32\zllictbl.dat

========== Files Created - No Company Name ==========

[2010/12/24 17:58:49 | 000,000,746 | ---- | C] () -- C:\Documents and Settings\paul\Bureau\Windows Live Call.lnk
[2010/12/23 11:32:59 | 000,000,696 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Malwarebytes' Anti-Malware.lnk
[2010/12/23 10:48:08 | 000,005,024 | ---- | C] () -- C:\Documents and Settings\paul\Bureau\erunt-loc_fr.zip
[2010/12/23 10:30:36 | 000,000,383 | ---- | C] () -- C:\Documents and Settings\paul\Bureau\scan.zip
[2010/12/22 11:43:15 | 000,092,043 | ---- | C] () -- C:\Documents and Settings\paul\Mes documents\IMG_0492pic_epeiche1[1].jpg
[2010/12/15 11:35:19 | 000,001,393 | ---- | C] () -- C:\WINDOWS\imsins.BAK
[2010/12/02 21:41:04 | 000,000,682 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\CCleaner.lnk
[2010/11/30 11:51:20 | 1073,270,784 | -HS- | C] () -- C:\hiberfil.sys
[2010/11/30 10:40:47 | 000,426,780 | ---- | C] () -- C:\WINDOWS\System32\vsconfig.xml
[2010/09/07 09:25:45 | 000,000,168 | ---- | C] () -- C:\WINDOWS\adidsl.ini
[2010/09/07 09:25:45 | 000,000,021 | ---- | C] () -- C:\WINDOWS\Fast800.ini
[2010/09/07 09:25:35 | 000,126,976 | ---- | C] () -- C:\WINDOWS\System32\coclassfast.dll
[2010/09/07 09:25:34 | 000,046,892 | ---- | C] () -- C:\WINDOWS\System32\ADADIX16.DLL
[2010/06/02 15:24:01 | 000,000,762 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\hpzinstall.log
[2010/05/06 09:15:13 | 000,002,528 | ---- | C] () -- C:\Documents and Settings\paul\Application Data\$_hpcst$.hpc
[2010/05/06 09:12:39 | 000,111,104 | ---- | C] () -- C:\Program Files\1036.MST
[2010/05/06 09:12:39 | 000,016,046 | ---- | C] () -- C:\Program Files\0x040c.ini
[2010/05/06 09:12:36 | 097,979,392 | ---- | C] () -- C:\Program Files\Samsung New PC Studio.msi
[2010/01/04 12:22:44 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll
[2009/11/02 23:58:40 | 000,000,256 | ---- | C] () -- C:\WINDOWS\_delis32.ini
[2009/02/26 14:38:29 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\LauncherAccess.dt
[2008/12/15 14:38:54 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\FsUsbExDevice.Dll
[2008/12/15 14:38:54 | 000,036,608 | ---- | C] () -- C:\WINDOWS\System32\FsUsbExDisk.Sys
[2008/12/09 14:24:29 | 000,000,082 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2008/11/21 22:47:52 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2008/11/21 22:44:16 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\DivXWMPExtType.dll
[2008/04/06 16:56:30 | 000,005,632 | ---- | C] () -- C:\WINDOWS\System32\CNMVS45.DLL
[2007/10/25 17:26:10 | 000,005,632 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys
[2007/04/05 20:33:20 | 000,021,904 | ---- | C] () -- C:\WINDOWS\System32\imsinstall_loc040c.dll
[2007/04/05 20:33:20 | 000,017,808 | ---- | C] () -- C:\WINDOWS\System32\imslsp_install_loc040c.dll
[2006/10/22 12:22:00 | 001,662,976 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2006/10/22 12:22:00 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2006/10/22 12:22:00 | 000,581,632 | ---- | C] () -- C:\WINDOWS\System32\nvhwvid.dll
[2006/10/22 12:22:00 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2006/10/22 12:22:00 | 000,212,992 | ---- | C] () -- C:\WINDOWS\System32\nvapi.dll
[2006/07/02 09:12:29 | 000,796,584 | ---- | C] () -- C:\WINDOWS\System32\libeay32_0.9.6l.dll
[2006/06/22 22:01:12 | 000,240,640 | ---- | C] () -- C:\WINDOWS\System32\NMOCOD.DLL
[2006/01/17 21:29:17 | 000,000,287 | ---- | C] () -- C:\WINDOWS\System32\ML.DLL
[2005/09/26 20:41:05 | 000,058,904 | ---- | C] () -- C:\WINDOWS\System32\is4tray.dll
[2005/09/21 20:19:12 | 000,000,146 | ---- | C] () -- C:\WINDOWS\HandySnap.INI
[2005/09/19 06:00:34 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\sirenacm(2).dll
[2005/06/21 20:56:20 | 011,009,848 | ---- | C] () -- C:\Program Files\Livecom.exe
[2005/01/29 10:02:26 | 000,000,040 | ---- | C] () -- C:\WINDOWS\R3Toy.ini
[2005/01/04 16:04:53 | 000,000,112 | ---- | C] () -- C:\WINDOWS\ActiveSkin.INI
[2004/10/30 17:39:15 | 000,009,255 | ---- | C] () -- C:\WINDOWS\System32\lvcoinst.ini
[2004/10/30 17:39:12 | 001,317,152 | ---- | C] () -- C:\WINDOWS\System32\drivers\lvcm.sys
[2004/09/27 20:54:27 | 012,326,056 | ---- | C] () -- C:\Program Files\QuickTimeFullInstaller.exe
[2004/09/13 21:08:47 | 000,016,947 | ---- | C] () -- C:\WINDOWS\System32\lsrc.dll
[2004/06/26 14:32:23 | 000,001,246 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2004/05/22 13:20:50 | 000,000,113 | ---- | C] () -- C:\WINDOWS\photoimpression.ini
[2004/05/22 13:20:50 | 000,000,029 | ---- | C] () -- C:\WINDOWS\videoimp.ini
[2004/05/22 13:20:42 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\vidx16.dll
[2004/05/22 13:16:03 | 000,000,000 | ---- | C] () -- C:\WINDOWS\OPPRIN~1.INI
[2004/01/01 11:29:38 | 000,177,664 | ---- | C] () -- C:\Documents and Settings\paul\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2003/12/23 22:07:15 | 000,000,064 | ---- | C] () -- C:\Documents and Settings\paul\Application Data\dm.ini
[2003/12/23 20:14:55 | 000,000,379 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2003/12/23 19:47:56 | 000,006,414 | ---- | C] () -- C:\WINDOWS\Messager Wanadoo.ini
[2003/12/23 19:40:04 | 000,005,607 | R--- | C] () -- C:\WINDOWS\System32\stci.dll
[2003/12/19 15:41:25 | 000,000,169 | ---- | C] () -- C:\WINDOWS\RtlRack.ini
[2003/12/19 09:46:00 | 000,114,688 | R--- | C] () -- C:\WINDOWS\System32\ABITGfx.dll
[2003/12/19 09:45:59 | 001,470,464 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2003/12/19 09:45:59 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2003/12/18 19:08:31 | 000,004,207 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2003/02/18 17:26:28 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\cmirmdrv.dll
[2002/08/30 13:00:00 | 000,014,336 | ---- | C] () -- C:\WINDOWS\System32\msdmo(2).dll
[2002/08/25 18:02:10 | 000,282,112 | ---- | C] () -- C:\WINDOWS\System32\Cncs232.dll
[1999/01/27 12:39:06 | 000,065,024 | ---- | C] () -- C:\WINDOWS\System32\indounin.dll
[1999/01/22 19:46:58 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\MSRTEDIT.DLL
[1998/12/04 06:00:00 | 000,033,792 | ---- | C] () -- C:\Program Files\WZSHLEXT.DLL
[1998/12/04 06:00:00 | 000,014,848 | ---- | C] () -- C:\Program Files\WZFM32.DLL
[1998/12/04 06:00:00 | 000,011,478 | ---- | C] () -- C:\Program Files\WINZIPFM.DLL
[1998/12/04 06:00:00 | 000,004,781 | ---- | C] () -- C:\Program Files\WHATSNEW.TXT
[1998/12/04 06:00:00 | 000,002,633 | ---- | C] () -- C:\Program Files\LICENSE.TXT
[1998/12/04 06:00:00 | 000,002,339 | ---- | C] () -- C:\Program Files\WZ.COM
[1998/12/04 06:00:00 | 000,002,002 | ---- | C] () -- C:\Program Files\WINZIP.TXT
[1998/12/04 06:00:00 | 000,001,157 | ---- | C] () -- C:\Program Files\WZ.PIF
[1998/12/04 06:00:00 | 000,001,104 | ---- | C] () -- C:\Program Files\EXEMPLE.ZIP
[1998/12/04 06:00:00 | 000,000,543 | ---- | C] () -- C:\Program Files\README.TXT
[1998/12/04 06:00:00 | 000,000,370 | ---- | C] () -- C:\Program Files\VENDOR.TXT
[1998/12/04 06:00:00 | 000,000,311 | ---- | C] () -- C:\Program Files\ORDER.TXT
[1998/12/04 06:00:00 | 000,000,039 | ---- | C] () -- C:\Program Files\FILE_ID.DIZ
[1997/06/13 06:56:08 | 000,056,832 | ---- | C] () -- C:\WINDOWS\System32\Iyvu9_32.dll

========== LOP Check ==========

[2009/11/14 15:38:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\iolo
[2010/12/02 21:26:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ma-config.com
[2008/07/11 09:58:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MailFrontier
[2008/11/30 22:20:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Network Associates
[2010/05/06 10:14:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Suite
[2009/11/02 19:15:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WindowsLiveInstaller
[2007/06/28 21:23:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Zylom
[2010/12/02 21:21:59 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{26009715-9383-403E-996E-D70BE8109C3D}
[2008/11/07 23:06:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\paul\Application Data\Ariane Software
[2004/11/01 18:34:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\paul\Application Data\eConf
[2009/11/03 00:00:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\paul\Application Data\FotoWire
[2005/12/31 14:15:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\paul\Application Data\FUJIFILM
[2009/11/15 23:01:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\paul\Application Data\GlarySoft
[2003/12/23 22:24:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\paul\Application Data\InterTrust
[2007/05/27 17:07:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\paul\Application Data\InterVideo
[2009/11/14 15:38:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\paul\Application Data\iolo
[2003/12/26 10:34:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\paul\Application Data\Kazaa Lite
[2010/05/06 10:14:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\paul\Application Data\PC Suite
[2010/05/06 09:15:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\paul\Application Data\Samsung
[2004/11/01 18:23:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\paul\Application Data\Wanadoo visio
[2005/03/31 14:37:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\paul\Application Data\XnView
[2010/12/25 17:12:56 | 000,000,310 | ---- | M] () -- C:\WINDOWS\Tasks\GlaryInitialize.job

========== Purity Check ==========



<End>

[nickW]

Bonsoir,

Le petit papa Noël, qui est descendu du ciel aujourd'hui, a oublié de mettre quelque chose dans mes petits souliers: le don de divination qui m'aurait permis de savoir comment se comportait ton PC après ces premières manips.


Nouvelles manips à propos des services:

Ouvrir la console de gestion des services:
Démarrer--->Exécuter
Taper services.msc puis cliquer sur OK

Descendre jusqu'à France Telecom Routing Table Service
Faire un clic droit dessus et choisir Propriétés
Vérifier que dans la case "Chemin d'accès des fichiers exécutables" il y a bien C:\WINDOWS\system32\FTRTSVC.exe
Dans Statut du service, cliquer sur Arrêter (s'il n'est pas déjà arrêté)
Cliquer sur Appliquer,
Dans Type de démarrage, choisir Désactivé
Cliquer sur Appliquer, puis sur OK


Faire de même avec Client DNS, avec comme fichier exécutable C:\WINDOWS\System32\svchost.exe -k NetworkService


Dans ta réponse, n'oublie pas de donner le plus d'informations possible sur l'état du PC.

A suivre,

[marigado]

Bonjour nickW,
J'espère que le Papa Noël ne t'a pas oublié ,lui !
Après la première manip, je n'ai pas senti d'améliorations. Par contre, après la modification des services ,
mon PC s'est senti plus léger et je t'en remercie !
Ainsi , lors de lecture vidéo, les périodes de chargement de la vidéo sont plus espacées mais il en reste encore.
Le démarrage du PC semble également plus rapide.
Il y a également quelquechose qui m'énerve . Lorsque j'ouvre une page Internet ou un deuxième onglet, celui-ci ne s'ouvre pas sur tout l'écran. Il faut à chaque fois cliquer sur agrandir ou tirer sur les bords.
A+