Démarrage laborieux de Xp

Sécurité et insécurité. Virus, Trojans, Spywares, Failles etc. …

Modérateur: Modérateurs et Modératrices

Règles du forum
Assiste.com a suspendu l'assistance à la décontamination après presque 15 ans sur l'ancien forum puis celui-ci. Voir :

Procédure de décontamination 1 - Anti-malware
Décontamination anti-malwares

Procédure de décontamination 2 - Anti-malware et antivirus (La Manip)
La Manip - Procédure standard de décontamination

Entretien périodique d'un PC sous Windows
Entretien périodique d'un PC sous Windows

Protection des navigateurs, de la navigation et de la vie privée
Protéger le navigateur, la navigation et la vie privée

Démarrage laborieux de Xp

Messagede mortar » 29 Juin 2012, 14:21

Bonjour, quand je démarre le pc: l'écran se met en veille l'ordinateur donne l'impression de tourner normalement mais sans l'écran, je bouge alors la souris il ne se passe rien (l'écran affiche qu'il est en veille)finalement je reboot le système plusieurs fois finalement je débranche et rebranche le pc et au bout de quelque temps çà fonctionne...auparavant la souris se bloquait et je devait rebooter pour ouvrir cette :furious3: machine.

Système d'exploitation:
Windows XP Edition familliale (build 2600) Service Pack 3
Navigateur web par défaut: FIREFOX.EXE
Client e-mail par défaut: Microsoft Outlook
Client de groupes de discussion par défaut: Microsoft Outlook
Antivirus: AntiVir Desktop 10.0.1.59
Pare-feu:Outpost Firewall Pro 7.1

Carte mère: SMBios version 2.3
MICRO-STAR INTERNATIONAL CO., LTD MS-7125 1.0

Bios: Phoenix Technologies, LTD 6.00 PG 06/23/2005 taille: 512Kb

Chipset: Northbridge: NVIDIA nForce4
Southbridge: NVIDIA nForce4 MCP

Processeur: AMD Athlon 64 3200+ Venice Socket 939 (@90 nm) 2000 Mhz ( L1I: 64 Ko, L1D: 64 Ko, L2: 512 Ko )

Mémoire: Mémoire physique totale: 1024 Mo, Type: DDR, @MHz, 2.5-3-3-7-2T
DDR CEON5125340 512 Mo PC3200 (200 Mhz) (2.5-3-3-8)
DDR CEON5125340 512 Mo PC3200 (200 Mhz) (2.5-3-3-8)

Carte Graphique: NVIDIA GeForce 6600 (NV43,,128 Mo)

Périphériques ATA: Maxtor 6L200M0 BANC1G10 (SATA, 189.92 Go, Cache: 8 Mo)

Lecteurs CD/DVD: HL-DT-STDVDRAM GSA-4165BDL05 (DVD-RAM Recorder)
HL-DT-STDVD-ROM DH16NS100L04 (DVD-ROM)

Disque dur: Maxtor 6 L200M0 SCSI Disk Device

Cartes PCI/AGP:
Stockage
nVidia Corporation:CK804 IDE:
nVidia Corporation:CK804 Serial ATA Controller:
nVidia Corporation:CK804 Serial ATA Controller:

Affichage
nVidia Corporation:NV43 [GeForce 6600]:

Multimédia
nVidia Corporation: CK804 AC97 Audio Controller:

Mémoires: nVidia Corporation:CK804 Memory Controller:

Ponts
nVidia Corporation:CK804 ISA Bridge:
nVidia Corporation:CK804 PCI Bridge
nVidia Corporation:CK804 Ethernet Controller:
nVidia Corporation:CK804 PCIE Bridge
nVidia Corporation:CK804 PCIE Bridge
nVidia Corporation:CK804 PCIE Bridge
nVidia Corporation:CK804 PCIE Bridge
Advanced Micro Devices [AMD]:K8 [Athlon64/Opteron] HyperTransport Technology Configuration
Advanced Micro Devices [AMD]:K8 [Athlon64/Opteron] Address Map
Advanced Micro Devices [AMD]:K8 [Athlon64/Opteron] DRAM Controller
Advanced Micro Devices [AMD]:K8 [Athlon64/Opteron] Miscellaneous Control

Bus Séries
nVidia Corporation:CK804 SMBus:
nVidia Corporation:CK804 USB Controller:
nVidia Corporation:CK804 USB Controller:
Clavier Clavier standard 101/102 touches ou clavier Microsoft Natural Keyboard PS/2
Souris Souris compatible PS/2
Ecran(s) Écran Plug-and-Play(LG Electronics Inc. (GoldStar Technology, Inc.) L1730S)
____________________________________________________________________________________________________________________________
Malwarebytes Anti-Malware 1.61.0.1400
www.malwarebytes.org

Version de la base de données: v2012.06.29.04

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 7.0.5730.11
Armand :: MORTIER [administrateur]

29/06/12 10:18:54
mbam-log-2012-06-29 (10-18-54).txt

Type d'examen: Examen rapide
Options d'examen activées: Mémoire | Démarrage | Registre | Système de fichiers | Heuristique/Extra | Heuristique/Shuriken | PUP | PUM
Options d'examen désactivées: P2P
Elément(s) analysé(s): 259127
Temps écoulé: 5 minute(s), 54 seconde(s)

Processus mémoire détecté(s): 0
(Aucun élément nuisible détecté)

Module(s) mémoire détecté(s): 0
(Aucun élément nuisible détecté)

Clé(s) du Registre détectée(s): 0
(Aucun élément nuisible détecté)

Valeur(s) du Registre détectée(s): 0
(Aucun élément nuisible détecté)

Elément(s) de données du Registre détecté(s): 0
(Aucun élément nuisible détecté)

Dossier(s) détecté(s): 0
(Aucun élément nuisible détecté)

Fichier(s) détecté(s): 0
(Aucun élément nuisible détecté)

(fin)
mortar
 
Messages: 18
Inscription: 19 Mai 2011, 13:09

Re: Démarrage laborieux de Xp

Messagede mortar » 29 Juin 2012, 14:22

Bonjour suite
OTL logfile created on: 29/06/12 10:43:21 - Run 3
OTL by OldTimer - Version 3.2.53.0 Folder = C:\Documents and Settings\Armand\Bureau
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.11)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yy

1023,48 Mb Total Physical Memory | 546,30 Mb Available Physical Memory | 53,38% Memory free
3,90 Gb Paging File | 3,48 Gb Available in Paging File | 89,02% Paging File free
Paging file location(s): C:\pagefile.sys 3072 4096 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 189,91 Gb Total Space | 39,88 Gb Free Space | 21,00% Space Free | Partition Type: NTFS

Computer Name: MORTIER | User Name: Armand | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/06/29 09:12:48 | 000,596,992 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Armand\Bureau\OTL.exe
PRC - [2012/05/15 12:18:00 | 001,262,400 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
PRC - [2012/01/03 16:31:34 | 001,391,272 | ---- | M] (Ask) -- C:\Program Files\Ask.com\Updater\Updater.exe
PRC - [2011/08/30 19:01:34 | 000,269,480 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2011/07/11 23:47:06 | 000,074,752 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\Winamp\winampa.exe
PRC - [2011/05/26 09:11:12 | 000,136,360 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2011/02/04 12:08:48 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2010/03/24 19:50:00 | 002,516,296 | ---- | M] (CANON INC.) -- C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
PRC - [2010/01/14 21:11:14 | 000,076,968 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
PRC - [2008/04/14 04:34:03 | 001,037,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/04/16 16:28:22 | 000,577,536 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\soundman.exe
PRC - [2006/03/30 09:15:44 | 000,096,341 | ---- | M] (Canon Inc.) -- C:\Program Files\Canon\CAL\CALMAIN.exe
PRC - [2005/06/10 18:19:38 | 000,869,888 | ---- | M] (Nero AG) -- C:\Program Files\Ahead\InCD\InCDsrv.exe
PRC - [2005/06/10 16:20:06 | 001,397,760 | ---- | M] (Nero AG) -- C:\Program Files\Ahead\InCD\InCD.exe
PRC - [2004/07/20 15:15:20 | 000,090,112 | ---- | M] (ASUSTeK COMPUTER INC.) -- C:\WINDOWS\ATKKBService.exe
PRC - [2003/10/22 16:33:34 | 001,732,608 | ---- | M] (Adobe Sytems) -- C:\Program Files\Adobe\Adobe Version Cue\ControlPanel\VersionCueTray.exe


========== Modules (No Company Name) ==========

MOD - [2012/04/04 07:53:56 | 000,301,056 | ---- | M] () -- C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\PDFShell.FRA
MOD - [2010/06/17 14:28:02 | 000,355,688 | ---- | M] () -- C:\Program Files\Avira\AntiVir Desktop\sqlite3.dll
MOD - [2003/05/20 01:00:00 | 000,119,808 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ)
SRV - File not found [On_Demand | Stopped] -- -- (Asp4tubnra)
SRV - File not found [On_Demand | Stopped] -- %SystemRoot%\System32\appmgmts.dll -- (AppMgmt)
SRV - [2012/06/25 20:29:43 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/06/15 00:17:46 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/05/15 12:18:00 | 001,262,400 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2012/05/04 19:29:46 | 000,161,664 | ---- | M] (Oracle Corporation) [Auto | Stopped] -- C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2011/11/25 17:36:00 | 000,311,928 | ---- | M] (CybelSoft) [On_Demand | Stopped] -- C:\Program Files\ma-config.com\maconfservice.exe -- (maconfservice)
SRV - [2011/10/17 11:54:16 | 000,068,096 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe -- (Adobe LM Service)
SRV - [2011/08/30 19:01:34 | 000,269,480 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2011/05/26 09:11:12 | 000,136,360 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2011/02/04 17:30:04 | 002,040,144 | ---- | M] (Agnitum Ltd.) [Auto | Running] -- C:\Program Files\Agnitum\Outpost Firewall Pro\acs.exe -- (acssrv)
SRV - [2006/03/30 09:15:44 | 000,096,341 | ---- | M] (Canon Inc.) [Auto | Running] -- C:\Program Files\Canon\CAL\CALMAIN.exe -- (CCALib8)
SRV - [2005/06/10 18:19:38 | 000,869,888 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files\Ahead\InCD\InCDsrv.exe -- (InCDsrv)
SRV - [2004/07/20 15:15:20 | 000,090,112 | ---- | M] (ASUSTeK COMPUTER INC.) [Auto | Running] -- C:\WINDOWS\ATKKBService.exe -- (ATKKeyboardService)
SRV - [2003/10/22 16:33:34 | 000,061,440 | ---- | M] (Adobe Sytems) [On_Demand | Stopped] -- C:\Program Files\Adobe\Adobe Version Cue\service\VersionCue.exe -- (AdobeVersionCue)
SRV - [2003/07/28 20:28:22 | 000,089,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE -- (ose)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- D:\NTGLM7X.sys -- (SetupNTGLM7X)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | On_Demand | Stopped] -- D:\NTACCESS.sys -- (NTACCESS)
DRV - File not found [Kernel | On_Demand | Stopped] -- D:\install4\MSICPL.sys -- (MSICPL)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [File_System | Disabled | Stopped] -- system32\DRIVERS\Lbd.sys -- (Lbd)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | On_Demand | Stopped] -- D:\INSTALL\GMSIPCI.SYS -- (GMSIPCI)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\MediaCoder\SysInfo.sys -- (CrystalSysInfo)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - [2011/08/30 19:01:36 | 000,138,192 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb)
DRV - [2011/08/30 19:01:36 | 000,066,616 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2011/07/21 20:55:50 | 000,016,640 | ---- | M] (CybelSoft) [Kernel | On_Demand | Stopped] -- C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys -- (driverhardwarev2)
DRV - [2011/02/02 15:52:40 | 000,710,824 | ---- | M] (Agnitum Ltd.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\SandBox.sys -- (SandBox)
DRV - [2011/02/02 15:51:26 | 000,072,352 | ---- | M] (Agnitum Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\Filt\ASWFilt.dll -- (ASWFilt)
DRV - [2010/09/27 15:40:28 | 000,267,624 | ---- | M] (Agnitum Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\afwcore.sys -- (afwcore)
DRV - [2010/06/17 14:28:02 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2010/06/17 14:27:52 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Program Files\Avira\AntiVir Desktop\avgio.sys -- (avgio)
DRV - [2010/04/20 15:05:16 | 000,034,280 | ---- | M] (Agnitum Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\afw.sys -- (afw)
DRV - [2010/02/11 14:02:15 | 000,226,880 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\tcpip6.sys -- (Tcpip6)
DRV - [2008/11/12 18:58:38 | 000,145,952 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\nvgts.sys -- (nvgts)
DRV - [2008/09/24 11:40:22 | 004,122,368 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\alcxwdm.sys -- (ALCXWDM) Service for Realtek AC97 Audio (WDM)
DRV - [2008/08/01 12:36:26 | 000,022,016 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus)
DRV - [2008/08/01 12:36:20 | 000,054,784 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD)
DRV - [2008/04/13 20:56:49 | 000,012,800 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usb8023.sys -- (USB_RNDIS_51)
DRV - [2008/04/13 20:56:06 | 000,088,320 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkipx.sys -- (NwlnkIpx)
DRV - [2008/04/13 20:53:09 | 000,040,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmnt.sys -- (nm)
DRV - [2007/04/16 22:46:00 | 000,033,792 | ---- | M] (Advanced Micro Devices) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\AmdPPM.sys -- (AmdPPM)
DRV - [2006/07/01 23:42:58 | 000,043,520 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AmdK8.sys -- (AmdK8)
DRV - [2005/06/10 18:12:14 | 000,008,704 | ---- | M] (Nero AG) [Recognizer | System | Unknown] -- C:\WINDOWS\System32\drivers\InCDrec.sys -- (InCDrec)
DRV - [2005/06/10 18:12:12 | 000,099,584 | ---- | M] (Nero AG) [File_System | Disabled | Running] -- C:\WINDOWS\System32\drivers\InCDfs.sys -- (InCDfs)
DRV - [2005/06/10 18:11:50 | 000,029,696 | ---- | M] (Nero AG) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\InCDpass.sys -- (InCDPass)
DRV - [2005/06/10 16:11:44 | 000,028,160 | ---- | M] (Nero AG) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\InCDrm.sys -- (incdrm)
DRV - [2004/12/14 17:55:22 | 000,009,472 | R--- | M] (ASUSTeK Computer Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\EIO.sys -- (EIO)
DRV - [2004/12/07 10:15:54 | 000,087,936 | R--- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\nvatabus.sys -- (nvatabus)
DRV - [2004/08/05 14:00:00 | 000,063,232 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnknb.sys -- (NwlnkNb)
DRV - [2004/08/05 14:00:00 | 000,055,936 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkspx.sys -- (NwlnkSpx)
DRV - [2004/07/20 15:19:16 | 000,020,096 | ---- | M] (ASUSTeK COMPUTER INC.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\atkkbnt.sys -- (asuskbnt)
DRV - [2003/12/05 11:46:36 | 000,010,368 | ---- | M] (Padus, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\pfc.sys -- (pfc)
DRV - [2001/08/17 23:04:48 | 000,171,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\camdrv30.sys -- (Camdrv30)
DRV - [1999/09/10 12:06:00 | 000,025,244 | ---- | M] (Adaptec) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\Aspi32.sys -- (Aspi32)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr.yahoo.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKLM\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = http://dts.search-results.com/sr?src=ie ... 06&sr=0&q={searchTerms}


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-790525478-527237240-1801674531-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
IE - HKU\S-1-5-21-790525478-527237240-1801674531-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\S-1-5-21-790525478-527237240-1801674531-1004\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKU\S-1-5-21-790525478-527237240-1801674531-1004\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
IE - HKU\S-1-5-21-790525478-527237240-1801674531-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.searchnu.com/406
IE - HKU\S-1-5-21-790525478-527237240-1801674531-1004\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.aliceadsl.fr
IE - HKU\S-1-5-21-790525478-527237240-1801674531-1004\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
IE - HKU\S-1-5-21-790525478-527237240-1801674531-1004\..\SearchScopes,DefaultScope = {171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}
IE - HKU\S-1-5-21-790525478-527237240-1801674531-1004\..\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}: "URL" = http://websearch.ask.com/redirect?clien ... src=crm&q={searchTerms}&locale=fr_FR&apn_ptnrs=U3&apn_dtid=OSJ000YYFR&apn_uid=FCDF6DE9-110E-4E75-975C-5F168AFBA9BA&apn_sauid=2BD6B1AC-9DAB-4A07-A48A-E34E8A5FC738
IE - HKU\S-1-5-21-790525478-527237240-1801674531-1004\..\SearchScopes\{5AF79D61-D0EC-4EC6-BFAF-EFDD23171A8E}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7GGLG
IE - HKU\S-1-5-21-790525478-527237240-1801674531-1004\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7GGLG_fr
IE - HKU\S-1-5-21-790525478-527237240-1801674531-1004\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = http://dts.search-results.com/sr?src=ie ... 06&sr=0&q={searchTerms}
IE - HKU\S-1-5-21-790525478-527237240-1801674531-1004\..\SearchScopes\Yahoo: "URL" = http://search.yahoo.com/bin/search?p=%s
IE - HKU\S-1-5-21-790525478-527237240-1801674531-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


========== FireFox ==========

FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Ask.com"
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.selectedEngine: "Ask.com"
FF - prefs.js..browser.search.suggest.enabled: false
FF - prefs.js..browser.startup.homepage: "https://startpage.com/fra/"
FF - prefs.js..keyword.URL: "http://dts.search-results.com/sr?src=ffb&appid=101&systemid=406&sr=0&q="
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_3_300_262.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa2,version=2.0.0: C:\Program Files\Picasa2\npPicasa2.dll File not found
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_33: C:\WINDOWS\system32\npdeployJava1.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.1: C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@ma-config.com/HardwareDetection: C:\Program Files\ma-config.com\nphardwaredetection.dll (Cybelsoft)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.1: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\yaxmpb@yahoo.com/YahooActiveXPluginBridge;version=1.0.0.1: C:\Program Files\Yahoo!\Common\npyaxmpb.dll File not found

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/06/29 09:01:27 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/06/29 09:01:27 | 000,000,000 | ---D | M]

[2012/04/23 07:50:34 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Armand\Application Data\Mozilla\Extensions
[2012/06/17 19:35:02 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Armand\Application Data\Mozilla\Firefox\Profiles\p58awra9.default\extensions
[2012/04/17 22:21:38 | 000,000,000 | ---D | M] (TheBflix) -- C:\Documents and Settings\Armand\Application Data\Mozilla\Firefox\Profiles\p58awra9.default\extensions\4f8daae9ce7e7@4f8daae9ce7e9.info
[2012/02/14 15:22:34 | 000,000,000 | ---D | M] (Dictionnaire français «Classique») -- C:\Documents and Settings\Armand\Application Data\Mozilla\Firefox\Profiles\p58awra9.default\extensions\fr-classique@dictionaries.addons.mozilla.org
[2012/05/26 19:29:47 | 000,000,000 | ---D | M] (Dictionnaires français) -- C:\Documents and Settings\Armand\Application Data\Mozilla\Firefox\Profiles\p58awra9.default\extensions\fr-dicollecte@dictionaries.addons.mozilla.org
[2012/06/17 19:35:10 | 000,000,000 | ---D | M] (Ask Toolbar) -- C:\Documents and Settings\Armand\Application Data\Mozilla\Firefox\Profiles\p58awra9.default\extensions\toolbar@ask.com
[2012/01/03 16:27:44 | 000,002,333 | ---- | M] () -- C:\Documents and Settings\Armand\Application Data\Mozilla\Firefox\Profiles\p58awra9.default\searchplugins\askcom.xml
[2012/04/22 19:54:22 | 000,002,519 | ---- | M] () -- C:\Documents and Settings\Armand\Application Data\Mozilla\Firefox\Profiles\p58awra9.default\searchplugins\Search_Results.xml
[2012/06/29 08:50:26 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012/06/17 19:23:58 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
[2009/09/07 19:12:18 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION
[2012/06/15 00:19:07 | 000,085,472 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011/07/11 23:48:12 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\mozilla firefox\plugins\npwachk.dll
[2012/06/15 02:27:03 | 000,001,516 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazon-france.xml
[2012/06/15 02:27:03 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012/06/15 02:27:03 | 000,001,822 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\cnrtl-tlfi-fr.xml
[2012/06/15 02:27:03 | 000,001,154 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-france.xml
[2012/04/22 19:54:22 | 000,002,519 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\Search_Results.xml
[2012/06/15 02:27:03 | 000,001,426 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-fr.xml
[2012/06/15 02:27:03 | 000,000,956 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-france.xml

O1 HOSTS File: ([2007/07/14 09:01:06 | 000,050,834 | R--- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 0.0.0.0 123spywar.com
O1 - Hosts: 0.0.0.0 www.123spywar.com
O1 - Hosts: 0.0.0.0 1clickspyclean.com
O1 - Hosts: 0.0.0.0 www.1clickspyclean.com
O1 - Hosts: 0.0.0.0 1clicksuite.net
O1 - Hosts: 0.0.0.0 www.1clicksuite.net
O1 - Hosts: 0.0.0.0 1spyware-removal.com
O1 - Hosts: 0.0.0.0 www.1spyware-removal.com
O1 - Hosts: 0.0.0.0 1spywarekiller.com
O1 - Hosts: 0.0.0.0 www.1spywarekiller.com
O1 - Hosts: 0.0.0.0 1stantivirus.com
O1 - Hosts: 0.0.0.0 www.1stantivirus.com
O1 - Hosts: 0.0.0.0 1stspywar.com
O1 - Hosts: 0.0.0.0 www.1stspywar.com
O1 - Hosts: 0.0.0.0 2-antispyware.com
O1 - Hosts: 0.0.0.0 www.2-antispyware.com
O1 - Hosts: 0.0.0.0 3bsoftware.com
O1 - Hosts: 0.0.0.0 www.3bsoftware.com
O1 - Hosts: 0.0.0.0 actualresearch.com
O1 - Hosts: 0.0.0.0 www.actualresearch.com
O1 - Hosts: 0.0.0.0 abletostop.com
O1 - Hosts: 0.0.0.0 www.abletostop.com
O1 - Hosts: 0.0.0.0 aboutblankremover.com
O1 - Hosts: 0.0.0.0 www.aboutblankremover.com
O1 - Hosts: 1735 more lines...
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (Canon Easy-WebPrint EX BHO) - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~1\SEARCH~1\Datamngr\ToolBar\searchqudtx.dll File not found
O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O3 - HKLM\..\Toolbar: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~1\SEARCH~1\Datamngr\ToolBar\searchqudtx.dll File not found
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKU\S-1-5-21-790525478-527237240-1801674531-1004\..\Toolbar\ShellBrowser: (no name) - {C4069E3A-68F1-403E-B40E-20066696354B} - No CLSID value found.
O3 - HKU\S-1-5-21-790525478-527237240-1801674531-1004\..\Toolbar\WebBrowser: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O3 - HKU\S-1-5-21-790525478-527237240-1801674531-1004\..\Toolbar\WebBrowser: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Adobe ARM] C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeVersionCue] C:\Program Files\Adobe\Adobe Version Cue\ControlPanel\VersionCueTray.exe (Adobe Sytems)
O4 - HKLM..\Run: [ApnUpdater] C:\Program Files\Ask.com\Updater\Updater.exe (Ask)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Fichiers communs\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4 - HKLM..\Run: [CanonSolutionMenuEx] C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE (CANON INC.)
O4 - HKLM..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe (Nero AG)
O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\nvmctray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nview\nwiz.exe ()
O4 - HKLM..\Run: [OutpostFeedBack] C:\Program Files\Agnitum\Outpost Firewall Pro\feedback.exe (Agnitum Ltd.)
O4 - HKLM..\Run: [OutpostMonitor] C:\Program Files\Agnitum\Outpost Firewall Pro\op_mon.exe (Agnitum Ltd.)
O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\QuickTime Alternative\QTTask.exe (Apple Inc.)
O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\soundman.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe (Nullsoft, Inc.)
O4 - HKU\S-1-5-21-790525478-527237240-1801674531-1004..\Run: [NBJ] C:\Program Files\Ahead\Nero BackItUp\NBJ.exe (Ahead Software AG)
O4 - HKLM..\RunOnce: [Malwarebytes Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKU\S-1-5-21-790525478-527237240-1801674531-1004..\RunOnce: [Shockwave Updater] C:\WINDOWS\system32\Adobe\Shockwave 11\SwHelper_1150595.exe -Update -1150595 -"Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; GTB6.6; ZangoToolbar 4.8.3; .NET CLR 1.1.4322; .NET CLR 2.0.50727; .NET CLR 3.0.04506.30; .NET CLR 3.0.04506.648; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729)" -"http://www8.agame.com/games/shockwave/h/horse_eventing/horse_eventing_girlsgogames_fr/horse_eventing_girlsgogames_fr.html" File not found
O4 - Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
O4 - Startup: C:\Documents and Settings\Armand\Menu Démarrer\Programmes\Démarrage\ERUNT AutoBackup.lnk = C:\Program Files\ERUNT\AUTOBACK.EXE ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-790525478-527237240-1801674531-1004\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-790525478-527237240-1801674531-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O7 - HKU\S-1-5-21-790525478-527237240-1801674531-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = FF FF FF FF [binary data]
O7 - HKU\S-1-5-21-790525478-527237240-1801674531-1008\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-790525478-527237240-1801674531-1008\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_950DF09FAB501E03.dll/cmsidewiki.html File not found
O9 - Extra Button: Réglage rapide de Outpost Firewall Pro - {44627E97-789B-40d4-B5C2-58BD171129A1} - C:\Program Files\Agnitum\Outpost Firewall Pro\ie_bar.dll (Agnitum Ltd.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shoc ... tor/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/ ... ontrol.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macromedia.com/pub/shoc ... tor/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {41564D57-9980-0010-8000-00AA00389B71} http://download.microsoft.com/download/ ... mvadvd.cab (Reg Error: Key error.)
O16 - DPF: {7B297BFD-85E4-4092-B2AF-16A91B2EA103} http://www.ca.com/fr/securityadvisor/vi ... ebscan.cab (WScanCtl Class)
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} http://www.ma-config.com/plugins/MaConfig_5_1_0_5.cab ("Ma-Config.com control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_33)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/fl ... rashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_33)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_33)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 212.27.40.240 212.27.40.241
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5E04936A-2B4E-42E5-9D7C-80A582F31D36}: DhcpNameServer = 212.27.40.240 212.27.40.241
O18 - Protocol\Handler\cdo {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Program Files\Fichiers communs\Microsoft Shared\Web Folders\PKMCDO.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Program Files\Fichiers communs\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Filter\x-sdch - No CLSID value found
O20 - AppInit_DLLs: (c:\progra~1\agnitum\outpos~1\wl_hook.dll) - c:\Program Files\Agnitum\Outpost Firewall Pro\wl_hook.dll (Agnitum Ltd.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop Components:0 () - file:///C:/DOCUME~1/Armand/LOCALS~1/Temp/msohtml1/04/clip_image001.jpg
O24 - Desktop Components:1 () - file:///C:/DOCUME~1/Armand/LOCALS~1/Temp/msohtml1/10/clip_image002.jpg
O24 - Desktop Components:2 () - http://img111.imageshack.us/img111/764/ ... ansoa9.jpg
O24 - Desktop Components:3 (Ma page d'accueil) - About:Home
O32 - HKLM CDRom: AutoRun - 0
O32 - AutoRun File - [2005/11/02 01:23:28 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2007/07/22 15:28:29 | 000,000,000 | ---D | M] - C:\autorun.inf -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

NetSvcs: AppMgmt - %SystemRoot%\System32\appmgmts.dll File not found
NetSvcs: HidServ - %SystemRoot%\System32\hidserv.dll File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

CREATERESTOREPOINT
Restore point Set: OTL Restore Point
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 30 Days ==========

[2012/06/29 10:07:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\ERUNT
[2012/06/29 09:12:46 | 000,596,992 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Armand\Bureau\OTL.exe
[2012/06/29 09:01:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\QuickTime
[2012/06/29 08:52:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Armand\Local Settings\Application Data\Sun
[2012/06/29 08:42:31 | 000,000,000 | ---D | C] -- C:\Program Files\Fichiers communs\Java
[2012/06/29 08:41:27 | 000,000,000 | ---D | C] -- C:\Program Files\Oracle
[2012/06/29 08:41:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Armand\Application Data\Oracle
[2012/06/29 08:40:50 | 000,174,064 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javaw.exe
[2012/06/29 08:40:50 | 000,174,064 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\java.exe
[2012/06/28 00:20:47 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Armand\Recent
[2012/06/17 19:35:04 | 000,000,000 | ---D | C] -- C:\Program Files\Ask.com
[2012/06/17 19:35:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Armand\Local Settings\Application Data\AskToolbar
[2012/06/17 19:24:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Ask
[2012/06/17 19:23:55 | 000,476,936 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\npdeployJava1.dll
[2012/06/17 19:23:55 | 000,073,728 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl
[4 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/06/29 10:50:06 | 000,000,236 | ---- | M] () -- C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job
[2012/06/29 10:45:19 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2012/06/29 10:42:00 | 000,001,056 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2012/06/29 10:29:15 | 000,001,002 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2012/06/29 10:07:15 | 000,000,767 | ---- | M] () -- C:\Documents and Settings\Armand\Menu Démarrer\Programmes\Démarrage\ERUNT AutoBackup.lnk
[2012/06/29 10:07:11 | 000,000,611 | ---- | M] () -- C:\Documents and Settings\Armand\Bureau\NTREGOPT.lnk
[2012/06/29 10:07:11 | 000,000,592 | ---- | M] () -- C:\Documents and Settings\Armand\Bureau\ERUNT.lnk
[2012/06/29 09:28:06 | 000,005,024 | ---- | M] () -- C:\Documents and Settings\Armand\Bureau\erunt-loc_fr.zip
[2012/06/29 09:20:11 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Malwarebytes Anti-Malware.lnk
[2012/06/29 09:12:48 | 000,596,992 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Armand\Bureau\OTL.exe
[2012/06/29 09:01:13 | 000,001,664 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\QuickTime Player.lnk
[2012/06/29 08:50:30 | 000,000,742 | ---- | M] () -- C:\Documents and Settings\Armand\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2012/06/29 08:50:30 | 000,000,724 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Mozilla Firefox.lnk
[2012/06/29 08:40:14 | 000,174,064 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javaw.exe
[2012/06/29 08:40:14 | 000,174,064 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\java.exe
[2012/06/29 07:55:50 | 000,002,422 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012/06/29 07:54:33 | 000,001,052 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2012/06/29 07:54:25 | 000,000,280 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-790525478-527237240-1801674531-1004.job
[2012/06/29 07:53:54 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012/06/28 10:02:14 | 000,169,096 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012/06/25 20:29:27 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2012/06/25 20:29:27 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2012/06/18 20:20:32 | 000,000,682 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\CCleaner.lnk
[2012/06/18 13:32:10 | 000,168,960 | ---- | M] () -- C:\Documents and Settings\Armand\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/06/17 19:23:17 | 000,073,728 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl
[2012/06/17 19:23:16 | 000,476,936 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\npdeployJava1.dll
[2012/06/17 19:23:16 | 000,472,840 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deployJava1.dll
[2012/06/13 19:00:21 | 000,510,752 | ---- | M] () -- C:\WINDOWS\System32\perfh00C.dat
[2012/06/13 19:00:21 | 000,441,552 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012/06/13 19:00:21 | 000,084,954 | ---- | M] () -- C:\WINDOWS\System32\perfc00C.dat
[2012/06/13 19:00:21 | 000,071,488 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2012/06/02 15:19:48 | 000,016,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wuapi.dll.mui
[2012/06/02 15:19:38 | 000,329,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wucltui.dll
[2012/06/02 15:19:38 | 000,329,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wucltui.dll
[2012/06/02 15:19:38 | 000,219,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuaucpl.cpl
[2012/06/02 15:19:38 | 000,210,968 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuweb.dll
[2012/06/02 15:19:34 | 000,097,304 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cdm.dll
[2012/06/02 15:19:34 | 000,097,304 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\cdm.dll
[2012/06/02 15:19:34 | 000,053,784 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuauclt.exe
[2012/06/02 15:19:34 | 000,045,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wups2.dll
[2012/06/02 15:19:34 | 000,035,864 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wups.dll
[2012/06/02 15:19:34 | 000,035,864 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wups.dll
[2012/06/02 15:19:24 | 000,577,048 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wuapi.dll
[2012/06/02 15:19:24 | 000,577,048 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuapi.dll
[2012/06/02 15:19:18 | 001,933,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuaueng.dll
[2012/06/02 15:19:18 | 000,025,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wucltui.dll.mui
[2012/05/31 15:22:03 | 000,606,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\crypt32.dll
[4 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/06/29 10:07:15 | 000,000,767 | ---- | C] () -- C:\Documents and Settings\Armand\Menu Démarrer\Programmes\Démarrage\ERUNT AutoBackup.lnk
[2012/06/29 10:07:11 | 000,000,611 | ---- | C] () -- C:\Documents and Settings\Armand\Bureau\NTREGOPT.lnk
[2012/06/29 10:07:11 | 000,000,592 | ---- | C] () -- C:\Documents and Settings\Armand\Bureau\ERUNT.lnk
[2012/06/29 09:28:06 | 000,005,024 | ---- | C] () -- C:\Documents and Settings\Armand\Bureau\erunt-loc_fr.zip
[2012/06/29 09:01:13 | 000,001,664 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\QuickTime Player.lnk
[2012/06/28 10:02:14 | 000,169,096 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012/06/17 19:35:09 | 000,000,236 | ---- | C] () -- C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job
[2012/05/10 12:00:58 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Armand\.gtk-bookmarks
[2012/02/08 17:21:48 | 000,000,561 | ---- | C] () -- C:\WINDOWS\Archibald.ini
[2012/02/03 20:20:39 | 000,000,012 | ---- | C] () -- C:\WINDOWS\Xhome3df.ini
[2011/10/17 11:48:09 | 000,016,384 | ---- | C] () -- C:\WINDOWS\System32\FileOps.exe
[2011/08/01 10:23:45 | 000,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.ini
[2011/08/01 10:23:43 | 000,650,752 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2011/08/01 10:23:43 | 000,243,200 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2011/08/01 10:23:43 | 000,074,752 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2011/06/29 15:34:15 | 002,807,708 | ---- | C] () -- C:\WINDOWS\System32\nvdata.data
[2011/06/29 15:00:51 | 000,000,036 | ---- | C] () -- C:\Documents and Settings\Armand\Local Settings\Application Data\housecall.guid.cache
[2011/05/30 18:42:52 | 000,000,017 | ---- | C] () -- C:\Documents and Settings\Armand\.javafx_ping_sent
[2011/05/30 18:42:50 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Armand\.javafx_eula_accepted
[2011/05/19 13:24:39 | 000,004,613 | ---- | C] () -- C:\Program Files\ERUNT.LOC
[2011/05/19 13:24:39 | 000,003,491 | ---- | C] () -- C:\Program Files\ERDNTWIN.LOC
[2011/05/19 13:24:39 | 000,003,042 | ---- | C] () -- C:\Program Files\ERDNTDOS.LOC
[2011/05/19 13:24:39 | 000,002,035 | ---- | C] () -- C:\Program Files\NTREGOPT.LOC
[2011/04/30 14:38:07 | 000,000,028 | ---- | C] () -- C:\WINDOWS\v2d.INI
[2011/04/30 14:02:07 | 000,076,800 | ---- | C] () -- C:\WINDOWS\System32\Faac.exe
[2011/02/26 20:37:41 | 000,000,196 | ---- | C] () -- C:\WINDOWS\WININIT.INI
[2011/02/23 01:48:45 | 000,175,616 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2011/01/04 12:04:12 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011/01/04 03:38:14 | 000,004,984 | ---- | C] () -- C:\WINDOWS\System32\drivers\nvphy.bin
[2011/01/04 00:55:39 | 001,075,260 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb0.bin
[2011/01/04 00:55:30 | 001,075,260 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb1.bin
[2011/01/04 00:55:30 | 000,000,001 | ---- | C] () -- C:\WINDOWS\System32\nvdrssel.bin
[2010/12/01 23:17:24 | 016,252,928 | ---- | C] () -- C:\Documents and Settings\Armand\ntuser.bak
[2010/11/06 22:47:32 | 000,027,223 | ---- | C] () -- C:\Documents and Settings\Armand\Application Data\Carnet d'adresses personnel.ADR
[2007/07/17 22:17:24 | 000,000,129 | ---- | C] () -- C:\Documents and Settings\Armand\Local Settings\Application Data\fusioncache.dat
[2006/12/03 16:35:03 | 000,015,428 | ---- | C] () -- C:\Documents and Settings\Armand\RefEdit.exd
[2005/11/12 19:18:27 | 000,168,960 | ---- | C] () -- C:\Documents and Settings\Armand\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2005/11/02 01:55:57 | 000,040,960 | ---- | C] () -- C:\Program Files\Uninstall_CDS.exe

========== LOP Check ==========

[2009/01/26 20:32:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Agnitum
[2012/06/17 19:24:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ask
[2012/04/22 19:54:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\boost_interprocess
[2011/01/03 20:39:07 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonBJ
[2011/01/04 00:59:33 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonEPP
[2011/01/03 21:59:20 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonIJEGV
[2011/01/04 00:59:33 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonIJEPPEX2
[2011/01/03 20:42:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\CanonIJMSetup
[2011/01/04 12:03:59 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonIJMyPrinter
[2011/01/04 12:24:17 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonIJScan
[2011/01/03 20:53:06 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonIJSolutionMenuEX
[2011/01/03 20:42:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\CanonIJWSpt
[2011/01/04 10:47:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Driver Mender
[2011/01/04 01:51:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DriverBoost
[2007/07/15 21:27:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Grisoft
[2012/04/17 22:21:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\InstallMate
[2012/02/08 19:06:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ma-config.com
[2011/07/04 15:30:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NCH Swift Sound
[2011/04/30 14:01:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Pianosoft
[2012/04/17 22:21:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Premium
[2011/04/29 11:15:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Skyline
[2009/01/22 19:45:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2010/02/06 13:28:31 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{BC9FCCF7-E686-494B-8C9B-55C9A39A7CA9}
[2011/09/16 13:46:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Amis\Application Data\Canon
[2011/08/26 13:21:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Amis\Application Data\Canon Easy-WebPrint EX
[2012/04/22 12:25:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Amis\Application Data\foobar2000
[2011/07/04 16:26:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Armand\Application Data\Agence-Exclusive
[2011/07/04 16:35:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Armand\Application Data\Broad Intelligence
[2012/01/05 12:30:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Armand\Application Data\Canon
[2011/01/03 21:41:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Armand\Application Data\Canon Easy-WebPrint EX
[2011/02/24 17:16:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Armand\Application Data\CD-LabelPrint
[2008/02/24 21:24:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Armand\Application Data\dBpoweramp
[2011/01/04 00:10:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Armand\Application Data\ElevatedDiagnostics
[2012/05/26 19:29:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Armand\Application Data\EurekaLog
[2012/04/18 13:18:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Armand\Application Data\foobar2000
[2007/04/20 23:03:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Armand\Application Data\MSNInstaller
[2011/07/04 16:34:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Armand\Application Data\NCH Swift Sound
[2011/07/04 13:39:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Armand\Application Data\OpenCandy
[2012/03/11 19:15:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Armand\Application Data\Opera
[2012/06/29 08:41:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Armand\Application Data\Oracle
[2011/07/04 15:05:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Armand\Application Data\SystemRequirementsLab
[2012/02/14 15:13:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Armand\Application Data\Thunderbird
[2010/02/06 13:38:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Armand\Application Data\Uniblue
[2012/06/29 10:50:06 | 000,000,236 | ---- | M] () -- C:\WINDOWS\Tasks\Scheduled Update for Ask Toolbar.job

========== Purity Check ==========



========== Custom Scans ==========

< %SYSTEMDRIVE%\*.exe >

< MD5 for: AGP440.SYS >
[2004/08/05 14:00:00 | 018,779,217 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2008/10/03 12:39:35 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
[2008/10/03 12:39:35 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys
[2008/04/13 20:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008/04/13 20:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys

< MD5 for: ATAPI.SYS >
[2004/08/05 14:00:00 | 018,779,217 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2008/10/03 12:39:35 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2008/10/03 12:39:35 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008/04/13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008/04/13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2004/08/05 14:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys
[2004/08/05 14:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0004\DriverFiles\i386\atapi.sys

< MD5 for: CTFMON.EXE >
[2004/08/05 14:00:00 | 000,015,360 | ---- | M] (Microsoft Corporation) MD5=5584247B568C2E53934873F4B655FE6A -- C:\WINDOWS\$NtServicePackUninstall$\ctfmon.exe
[2008/04/14 04:33:59 | 000,015,360 | ---- | M] (Microsoft Corporation) MD5=59DC5BB82E4C8E0B3EADCFDBC44BA6E4 -- C:\WINDOWS\ServicePackFiles\i386\ctfmon.exe
[2008/04/14 04:33:59 | 000,015,360 | ---- | M] (Microsoft Corporation) MD5=59DC5BB82E4C8E0B3EADCFDBC44BA6E4 -- C:\WINDOWS\system32\ctfmon.exe

< MD5 for: EVENTLOG.DLL >
[2004/08/05 14:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=21E83876A6287F15538EF187D286FE11 -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll
[2008/04/14 04:33:24 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=4EC800BDF80521B0207BD2301DFC7D14 -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008/04/14 04:33:24 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=4EC800BDF80521B0207BD2301DFC7D14 -- C:\WINDOWS\system32\eventlog.dll

< MD5 for: EXPLORER.EXE >
[2007/06/13 15:10:53 | 001,037,312 | ---- | M] (Microsoft Corporation) MD5=B795475444D6D57A572C14B9E1A29839 -- C:\WINDOWS\$hf_mig$\KB938828\SP2QFE\explorer.exe
[2007/06/13 15:22:28 | 001,037,312 | ---- | M] (Microsoft Corporation) MD5=D0288319660EDCFED07C7E74C4EA38A5 -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe
[2008/04/14 04:34:03 | 001,037,824 | ---- | M] (Microsoft Corporation) MD5=F2317622D29F9FF0F88AEECD5F60F0DD -- C:\WINDOWS\explorer.exe
[2008/04/14 04:34:03 | 001,037,824 | ---- | M] (Microsoft Corporation) MD5=F2317622D29F9FF0F88AEECD5F60F0DD -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe

< MD5 for: NETLOGON.DLL >
[2008/04/14 04:33:34 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=04821179C3171554C1BD1F9888A113E2 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2008/04/14 04:33:34 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=04821179C3171554C1BD1F9888A113E2 -- C:\WINDOWS\system32\netlogon.dll
[2004/08/05 14:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=FAF07FDCDE76000621A28D19F8E2E8EB -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll

< MD5 for: NVATABUS.SYS >
[2004/12/07 10:15:54 | 000,087,936 | R--- | M] (NVIDIA Corporation) MD5=E4F1F95A6BBBFBBFF9A713C6063AA2CB -- C:\WINDOWS\system32\drivers\nvatabus.sys
[2004/12/07 10:15:54 | 000,087,936 | R--- | M] (NVIDIA Corporation) MD5=E4F1F95A6BBBFBBFF9A713C6063AA2CB -- C:\WINDOWS\system32\ReinstallBackups\0003\DriverFiles\nvatabus.sys
[2004/12/07 10:15:54 | 000,087,936 | R--- | M] (NVIDIA Corporation) MD5=E4F1F95A6BBBFBBFF9A713C6063AA2CB -- C:\WINDOWS\system32\ReinstallBackups\0010\DriverFiles\nvatabus.sys

< MD5 for: NVGTS.SYS >
[2008/11/12 18:58:38 | 000,145,952 | ---- | M] (NVIDIA Corporation) MD5=75E2E77C5497F34E60491D27BF03F1CB -- C:\NVIDIA\nForceWinXPInt\20.14\IDE\WinXP\sata_ide\nvgts.sys
[2008/11/12 18:58:38 | 000,145,952 | ---- | M] (NVIDIA Corporation) MD5=75E2E77C5497F34E60491D27BF03F1CB -- C:\WINDOWS\system32\drivers\nvgts.sys
[2008/11/12 18:59:06 | 000,145,952 | ---- | M] (NVIDIA Corporation) MD5=8EB82606FCD8C5D039ADA33BD46FE7F8 -- C:\NVIDIA\nForceWinXPInt\20.14\IDE\WinXP\sataraid\nvgts.sys

< MD5 for: NVRD32.SYS >
[2008/11/12 18:59:08 | 000,133,152 | ---- | M] (NVIDIA Corporation) MD5=6B1B4E25277A99A6B515CF124D6060E0 -- C:\NVIDIA\nForceWinXPInt\20.14\IDE\WinXP\sataraid\nvrd32.sys

< MD5 for: SCECLI.DLL >
[2008/04/14 04:33:40 | 000,187,392 | ---- | M] (Microsoft Corporation) MD5=973B36634C544948C663E8269AA1B3A3 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008/04/14 04:33:40 | 000,187,392 | ---- | M] (Microsoft Corporation) MD5=973B36634C544948C663E8269AA1B3A3 -- C:\WINDOWS\system32\scecli.dll
[2004/08/05 14:00:00 | 000,186,368 | ---- | M] (Microsoft Corporation) MD5=DEC0397F35D027874804EC72979D03CC -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll

< MD5 for: USERINIT.EXE >
[2004/08/05 14:00:00 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=D6D65EA32B190401B57EDB6706F29669 -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe
[2008/04/14 04:34:26 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=E74DDB12188C2FF57A78624DBF7332FC -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2008/04/14 04:34:26 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=E74DDB12188C2FF57A78624DBF7332FC -- C:\WINDOWS\system32\userinit.exe

< MD5 for: WINLOGON.EXE >
[2012/04/04 15:56:38 | 000,199,240 | ---- | M] () MD5=097D0E812D7A9A3101CE46CB2BE0474D -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2004/08/05 14:00:00 | 000,506,368 | ---- | M] (Microsoft Corporation) MD5=D2DE785AEAB0BB8CA4C14A8A199DBE4E -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2008/04/14 04:34:28 | 000,512,000 | ---- | M] (Microsoft Corporation) MD5=DD73D6B9F6B4CB630CF35B438B540174 -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008/04/14 04:34:28 | 000,512,000 | ---- | M] (Microsoft Corporation) MD5=DD73D6B9F6B4CB630CF35B438B540174 -- C:\WINDOWS\system32\winlogon.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[4 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %systemroot%\Tasks\*.job /lockedfiles >

========== Alternate Data Streams ==========

@Alternate Data Stream - 104 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2

< End of report >
mortar
 
Messages: 18
Inscription: 19 Mai 2011, 13:09

Re: Démarrage laborieux de Xp

Messagede mortar » 29 Juin 2012, 14:30

OTL Extras logfile created on: 29/06/12 10:43:21 - Run 3
OTL by OldTimer - Version 3.2.53.0 Folder = C:\Documents and Settings\Armand\Bureau
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.11)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yy

1023,48 Mb Total Physical Memory | 546,30 Mb Available Physical Memory | 53,38% Memory free
3,90 Gb Paging File | 3,48 Gb Available in Paging File | 89,02% Paging File free
Paging file location(s): C:\pagefile.sys 3072 4096 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 189,91 Gb Total Space | 39,88 Gb Free Space | 21,00% Space Free | Partition Type: NTFS

Computer Name: MORTIER | User Name: Armand | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.html [@ = Opera.HTML] -- C:\Program Files\Opera\Opera.exe (Opera Software)
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l

[HKEY_USERS\S-1-5-21-790525478-527237240-1801674531-1004\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
http [open] -- "C:\Program Files\Opera\Opera.exe" "%1" (Opera Software)
https [open] -- "C:\Program Files\Opera\Opera.exe" "%1" (Opera Software)
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"18775:TCP" = 18775:TCP:*:Disabled:BitComet 18775 TCP
"18775:UDP" = 18775:UDP:*:Disabled:BitComet 18775 UDP
"4662:TCP" = 4662:TCP:*:Disabled:127.0.0.1
"4672:UDP" = 4672:UDP:*:Disabled:127.0.0.1
"48113:TCP" = 48113:TCP:LocalSubNet:Enabled:maconfig_tcp
"48113:UDP" = 48113:UDP:LocalSubNet:Enabled:maconfig_udp

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\MSN Messenger\msnmsgr.exe" = C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:MSN Messenger 7.5

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Microsoft Games\Age of Empires II\EMPIRES2.EXE" = C:\Program Files\Microsoft Games\Age of Empires II\EMPIRES2.EXE:*:Disabled:Age of Empires II
"C:\Program Files\Microsoft Games\Age of Empires II\age2_x1\age2_x1.exe" = C:\Program Files\Microsoft Games\Age of Empires II\age2_x1\age2_x1.exe:*:Disabled:Age of Empires II Expansion
"C:\Program Files\BitComet\BitComet.exe" = C:\Program Files\BitComet\BitComet.exe:*:Disabled:BitComet - a BitTorrent Client
"C:\Program Files\Zapu\Zapu\wDivi.exe" = C:\Program Files\Zapu\Zapu\wDivi.exe:*:Disabled:Zapu Control -- (IPortent)
"C:\Program Files\Microsoft Games\Age of Empires\Empires.exe" = C:\Program Files\Microsoft Games\Age of Empires\Empires.exe:*:Disabled:Age of Empires
"C:\Program Files\eMule\emule.exe" = C:\Program Files\eMule\emule.exe:*:Disabled:eMule
"C:\WINDOWS\system32\LEXPPS.EXE" = C:\WINDOWS\system32\LEXPPS.EXE:*:Disabled:LEXPPS.EXE
"C:\Program Files\K-Lite Codec Pack\Media Player Classic\mplayerc.exe" = C:\Program Files\K-Lite Codec Pack\Media Player Classic\mplayerc.exe:*:Disabled:Media Player Classic
"C:\Program Files\MSN Messenger\msnmsgr.exe" = C:\Program Files\MSN Messenger\msnmsgr.exe:*:Disabled:MSN Messenger 7.5
"C:\Documents and Settings\Armand\Local Settings\Temp\WZSE0.TMP\SymNRT.exe" = C:\Documents and Settings\Armand\Local Settings\Temp\WZSE0.TMP\SymNRT.exe:*:Disabled:Norton Removal Tool
"C:\Program Files\Winamp Remote\bin\Orb.exe" = C:\Program Files\Winamp Remote\bin\Orb.exe:*:Disabled:Orb
"C:\Program Files\Winamp Remote\bin\OrbStreamerClient.exe" = C:\Program Files\Winamp Remote\bin\OrbStreamerClient.exe:*:Disabled:Orb Stream Client
"C:\Program Files\Winamp Remote\bin\OrbTray.exe" = C:\Program Files\Winamp Remote\bin\OrbTray.exe:*:Disabled:OrbTray
"C:\Documents and Settings\Armand\Mes documents\Downloads\MusicConverterSetup.exe" = C:\Documents and Settings\Armand\Mes documents\Downloads\MusicConverterSetup.exe:*:Enabled:InstallCore™
"C:\Program Files\ma-config.com\maconfservice.exe" = C:\Program Files\ma-config.com\maconfservice.exe:LocalSubNet:Enabled:maconfservice -- (CybelSoft)
"C:\Program Files\Opera\opera.exe" = C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser -- (Opera Software)
"C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe" = C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe:*:Enabled:Daemonu.exe -- (NVIDIA Corporation)
"C:\Program Files\Fichiers communs\Apple\Apple Application Support\WebKit2WebProcess.exe" = C:\Program Files\Fichiers communs\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit -- (Apple Inc.)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0BD83598-C2EF-3343-847B-7D2E84599128}" = Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - FRA
"{0E64B098-8018-4256-BA23-C316A43AD9B0}" = QuickTime
"{1111706F-666A-4037-7777-211328764D10}" = JavaFX 2.1.1
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5200_series" = Canon MG5200 series MP Drivers
"{121634B0-2F4B-11D3-ADA3-00C04F52DD52}" = Windows Installer Clean Up
"{1B19A54C-3692-4D12-BFD9-1362DD34CE78}" = Ma-Config.com
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{26A24AE4-039D-4CA4-87B4-2F83216033FF}" = Java(TM) 6 Update 33
"{26A24AE4-039D-4CA4-87B4-2F83217005FF}" = Java(TM) 7 Update 5
"{315ACD04-BCEB-478B-9B1D-5431D0E6CB11}" = ASUS Enhanced Display Driver
"{350C940c-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3E31821C-7917-367E-938E-E65FC413EA31}" = Microsoft .NET Framework 3.5 Language Pack SP1 - fra
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}" = Google Earth
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{63569CE9-FA00-469C-AF5C-E5D4D93ACF91}" = Windows Genuine Advantage v1.3.0254.0
"{6901DD22-527A-41EF-9059-E81FEDE9E494}" = Windows Presentation Foundation Language Pack (FRA)
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{72AD53CC-CCC0-3757-8480-9EE176866A7C}" = Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - FRA
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{9011040C-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Professional
"{90120000-0020-040C-0000-0000000FF1CE}" = Module de compatibilité pour Microsoft Office System 2007
"{9030040C-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Media Content
"{9085040C-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Word Viewer 2003
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9A394342-4A68-4EBA-85A6-55B559F4E700}" = Microsoft .NET Framework 1.1 French Language Pack
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1036-7B44-AA1000000001}" = Adobe Reader X (10.1.3) - Français
"{AC76BA86-7AD7-5464-3428-800000000003}" = Spelling Dictionaries Support For Adobe Reader 8
"{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Panneau de configuration NVIDIA 301.42
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Pilote graphique 301.42
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NView" = NVIDIA nView 136.27
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Mises à jour NVIDIA 1.8.15
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{BAF78226-3200-4DB4-BE33-4D922A799840}" = Windows Presentation Foundation
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C151CE54-E7EA-4804-854B-F515368B0798}" = AMD Processor Driver
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D52ECEBC-9B20-41A5-81C4-A62DE2367419}" = Adobe Creative Suite
"{E3C080B0-23F5-49AF-89F8-8E8DBC89E659}" = Microsoft .NET Framework 3.0 French Language Pack
"{EB879750-CCBD-4013-BFD5-0294D4DA5BD0}" = Apple Application Support
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"7-Zip" = 7-Zip 3.13
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"Adobe SVG Viewer" = Adobe SVG Viewer 3.0
"Agnitum Outpost Firewall Pro_is1" = Outpost Firewall Pro 7.1
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"CAL" = Canon Camera Access Library
"CameraWindowDVC5" = Canon Camera Window DC_DV 5 for ZoomBrowser EX
"CameraWindowDVC6" = Canon Camera Window DC_DV 6 for ZoomBrowser EX
"CameraWindowMC" = Canon Camera Window MC 6 for ZoomBrowser EX
"Canon G.726 WMP-Decoder" = Canon G.726 WMP-Decoder
"CANON iMAGE GATEWAY Task" = CANON iMAGE GATEWAY Task for ZoomBrowser EX
"Canon Internet Library for ZoomBrowser EX" = Canon Internet Library for ZoomBrowser EX
"CanonMyPrinter" = Canon My Printer
"CanonSolutionMenuEX" = Canon Solution Menu EX
"CCleaner" = CCleaner
"CDex" = CDex - Open Source Digital Audio CD Extractor
"CSCLIB" = Canon Camera Support Core Library
"Dicobat version 1.1" = Dicobat version 1.1
"Easy-PhotoPrint EX" = Canon Easy-PhotoPrint EX
"Easy-WebPrint EX" = Canon Easy-WebPrint EX
"Enregistrement utilisateur de Canon MG5200 series" = Enregistrement utilisateur de Canon MG5200 series
"EOS Utility" = Canon Utilities EOS Utility
"ERUNT_is1" = ERUNT 1.1j
"foobar2000" = foobar2000 v1.1.10
"Full Pack" = Full Pack Codecs
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"InCD!UninstallKey" = InCD
"KLiteCodecPack_is1" = K-Lite Codec Pack 7.5.0 (Full)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.61.0.1400
"MediaInfo" = MediaInfo 0.7.52
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.0 French Language Pack" = Module de prise en charge linguistique du français de Microsoft .NET Framework 3.0
"Microsoft .NET Framework 3.5 Language Pack SP1 - fra" = Module linguistique Microsoft .NET Framework 3.5 SP1- fra
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"MovieEditTask" = Canon MovieEdit Task for ZoomBrowser EX
"Mozilla Firefox 13.0.1 (x86 fr)" = Mozilla Firefox 13.0.1 (x86 fr)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MP Navigator EX 4.0" = Canon MP Navigator EX 4.0
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"Nero - Burning Rom!UninstallKey" = Nero OEM
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"NVIDIA Drivers" = NVIDIA Drivers
"NVIDIA nView Desktop Manager" = NVIDIA nView Desktop Manager
"Opera 11.61.1250" = Opera 11.61
"PhotoStitch" = Canon Utilities PhotoStitch
"Picasa 3" = Picasa 3
"QuicktimeAlt_is1" = QuickTime Alternative 2.7.0
"RAW Image Task" = Canon RAW Image Task for ZoomBrowser EX
"RealAlt_is1" = Real Alternative 1.9.0
"RemoteCaptureTask" = Canon RemoteCapture Task for ZoomBrowser EX
"Solitude for Windows" = Solitude for Windows
"Stellarium_is1" = Stellarium 0.8.2
"SystemRequirementsLab" = System Requirements Lab
"VLC media player" = VLC media player 2.0.1
"WIC" = Windows Imaging Component
"Winamp" = Winamp
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Lecteur Windows Media 11
"Windows XP Service" = Windows XP Service Pack 3
"WinRAR archiver" = Archiveur WinRAR
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0
"XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0
"ZoomBrowser EX" = Canon Utilities ZoomBrowser EX

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-790525478-527237240-1801674531-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{79A765E1-C399-405B-85AF-466F52E918B0}" = Ask Toolbar Updater
"Winamp Detect" = Détection de l'application Winamp

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 02/06/12 10:46:56 | Computer Name = MORTIER | Source = Ci | ID = 4126
Description = Nettoyage des méta-données endommagées de l'index de contenu sur c:\system
volume information\catalog.wci. L'index sera automatiquement restauré en refiltrant
tous les documents.

Error - 10/06/12 11:09:51 | Computer Name = MORTIER | Source = crypt32 | ID = 131080
Description = Échec de la récupération de la mise à jour automatique du numéro de
séquence de la liste racine tierce partie à partir de : <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>
avec l'erreur : Cette opération s'est terminée car le délai d'attente a expiré.


Error - 11/06/12 12:15:06 | Computer Name = MORTIER | Source = MsiInstaller | ID = 11706
Description = Produit : Microsoft Office XP Professional -- Erreur 1706. Le programme
d'installation ne peut pas trouver les fichiers requis. Vérifiez votre connexion
au réseau ou votre lecteur de CD-ROM. Pour des solutions éventuelles à ce problème,
consultez C:\Program Files\Microsoft Office\Office10\1036\SETUP.HLP.

Error - 11/06/12 12:15:12 | Computer Name = MORTIER | Source = MsiInstaller | ID = 11706
Description = Produit : Microsoft Office XP Professional -- Erreur 1706. Le programme
d'installation ne peut pas trouver les fichiers requis. Vérifiez votre connexion
au réseau ou votre lecteur de CD-ROM. Pour des solutions éventuelles à ce problème,
consultez C:\Program Files\Microsoft Office\Office10\1036\SETUP.HLP.

Error - 11/06/12 12:43:47 | Computer Name = MORTIER | Source = MsiInstaller | ID = 11706
Description = Produit : Microsoft Office XP Professional -- Erreur 1706. Le programme
d'installation ne peut pas trouver les fichiers requis. Vérifiez votre connexion
au réseau ou votre lecteur de CD-ROM. Pour des solutions éventuelles à ce problème,
consultez C:\Program Files\Microsoft Office\Office10\1036\SETUP.HLP.

Error - 11/06/12 12:43:53 | Computer Name = MORTIER | Source = MsiInstaller | ID = 11706
Description = Produit : Microsoft Office XP Professional -- Erreur 1706. Le programme
d'installation ne peut pas trouver les fichiers requis. Vérifiez votre connexion
au réseau ou votre lecteur de CD-ROM. Pour des solutions éventuelles à ce problème,
consultez C:\Program Files\Microsoft Office\Office10\1036\SETUP.HLP.

Error - 17/06/12 13:08:48 | Computer Name = MORTIER | Source = crypt32 | ID = 131080
Description = Échec de la récupération de la mise à jour automatique du numéro de
séquence de la liste racine tierce partie à partir de : <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>
avec l'erreur : Cette opération s'est terminée car le délai d'attente a expiré.


Error - 18/06/12 07:03:30 | Computer Name = MORTIER | Source = Application Error | ID = 1000
Description = Application défaillante iexplore.exe, version 7.0.6000.17110, module
défaillant mshtml.dll, version 7.0.6000.17110, adresse de défaillance 0x000b24cc.

Error - 25/06/12 13:42:52 | Computer Name = MORTIER | Source = crypt32 | ID = 131080
Description = Échec de la récupération de la mise à jour automatique du numéro de
séquence de la liste racine tierce partie à partir de : <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>
avec l'erreur : Cette opération s'est terminée car le délai d'attente a expiré.


Error - 27/06/12 17:33:22 | Computer Name = MORTIER | Source = Application Hang | ID = 1002
Description = Application bloquée ZoomBrowser.exe, version 5.7.0.74, module bloqué
hungapp, version 0.0.0.0, adresse de blocage 0x00000000.

[ System Events ]
Error - 11/06/12 14:34:04 | Computer Name = MORTIER | Source = Service Control Manager | ID = 7009
Description = Délai (30000 millisecondes) d'attente pour une connexion du service
Distributed Transaction Coordinator.

Error - 11/06/12 14:34:04 | Computer Name = MORTIER | Source = Service Control Manager | ID = 7000
Description = Le service Distributed Transaction Coordinator n'a pas pu démarrer
en raison de l'erreur : %%1053

Error - 12/06/12 13:16:48 | Computer Name = MORTIER | Source = Dhcp | ID = 1000
Description = Votre ordinateur a perdu le bail de son adresse IP 82.252.153.221
sur la carte réseau d'adresse réseau 0013D36520EB.

Error - 12/06/12 13:50:20 | Computer Name = MORTIER | Source = Dhcp | ID = 1002
Description = Le bail de l'adresse IP 82.252.153.221 pour la carte réseau dont l'adresse
réseau est 0013D36520EB a été refusé par le serveur DHCP 82.252.153.254 (celui-ci
a envoyé un message DHCPNACK).

Error - 14/06/12 13:50:49 | Computer Name = MORTIER | Source = Dhcp | ID = 1002
Description = Le bail de l'adresse IP 82.253.103.113 pour la carte réseau dont l'adresse
réseau est 0013D36520EB a été refusé par le serveur DHCP 82.253.103.254 (celui-ci
a envoyé un message DHCPNACK).

Error - 17/06/12 13:51:43 | Computer Name = MORTIER | Source = Dhcp | ID = 1002
Description = Le bail de l'adresse IP 83.159.72.224 pour la carte réseau dont l'adresse
réseau est 0013D36520EB a été refusé par le serveur DHCP 83.159.72.254 (celui-ci
a envoyé un message DHCPNACK).

Error - 18/06/12 13:51:10 | Computer Name = MORTIER | Source = Dhcp | ID = 1002
Description = Le bail de l'adresse IP 82.65.173.244 pour la carte réseau dont l'adresse
réseau est 0013D36520EB a été refusé par le serveur DHCP 82.65.173.254 (celui-ci
a envoyé un message DHCPNACK).

Error - 19/06/12 13:51:24 | Computer Name = MORTIER | Source = Dhcp | ID = 1002
Description = Le bail de l'adresse IP 82.252.254.51 pour la carte réseau dont l'adresse
réseau est 0013D36520EB a été refusé par le serveur DHCP 82.252.254.254 (celui-ci
a envoyé un message DHCPNACK).

Error - 21/06/12 13:52:10 | Computer Name = MORTIER | Source = Dhcp | ID = 1002
Description = Le bail de l'adresse IP 82.64.151.44 pour la carte réseau dont l'adresse
réseau est 0013D36520EB a été refusé par le serveur DHCP 82.64.151.254 (celui-ci
a envoyé un message DHCPNACK).

Error - 25/06/12 13:53:05 | Computer Name = MORTIER | Source = Dhcp | ID = 1002
Description = Le bail de l'adresse IP 82.64.48.172 pour la carte réseau dont l'adresse
réseau est 0013D36520EB a été refusé par le serveur DHCP 82.64.48.254 (celui-ci
a envoyé un message DHCPNACK).


< End of report >
Voilà Merci
mortar
 
Messages: 18
Inscription: 19 Mai 2011, 13:09

Re: Démarrage laborieux de Xp

Messagede mortar » 04 Juil 2012, 16:44

Bonjour je pense avoir un problème sur l'ordinateur est ce que quelqu'un pourrait m'aider?!!
Merci
mortar
 
Messages: 18
Inscription: 19 Mai 2011, 13:09


Retourner vers Sécurité (Contamination - Décontamination)

Qui est en ligne

Utilisateurs parcourant ce forum: Aucun utilisateur enregistré et 20 invités

cron