Malekal's forum

par **lios15** » 10 Fév 2012 14:35

salut , depuis quelques jours mon navigateur mozilla firefox bug, et reste bloqué ,je dois forcer l'extinction de l'ordi .avant j'avais passé plusieurs outils pour nettoyer mon ordi : jv16 powertools, cleanup ,ccleaner,jkdefrag,un anti rookit, supprimé quelques prog avec revouninstaller etc...
j'ai scanné gratuitement avec registry booster 2012 et reparé quelques erreurs mais toujours simplement avec la version gratuite , le scan indique 177 erreurs et un niveau de dommage élevé ! que puis je faire pour reparer ça ?
sachant qu'internet explorer fonctionne lui tres bien , je soupçonne zone alarm(free parefeu) de mettre la pagaille, j'ai aussi avira ,peerguardian. aucun scan (y compris en ligne avec panda)ne donne d'infection .
j'avais aussi utilisé aashampoo (je sais plus exactement )que j'ai eu du mal a desinstaller.
merci de votre aide .

par **SkyTech** » 10 Fév 2012 18:40

Salut,

lios15 a écrit:jv16 powertools, cleanup ,ccleaner,jkdefrag,un anti rookit, supprimé quelques prog avec revouninstaller etc...
j'ai scanné gratuitement avec registry booster 2012 et reparé quelques erreurs mais toujours simplement avec la version gratuite , le scan indique 177 erreurs et un niveau de dommage élevé ! que puis je faire pour reparer ça ?

Oulala mauvais réflexes lol

nettoyeur-defragmenteur-sert-rien-t26069.html
http://sebsauvage.net/rhaa/index.php?20 ... -du-flamby

Registry Booster est une arnaque...

Pas besoin d'antirootkit, de jv16...

sachant qu'internet explorer fonctionne lui tres bien , je soupçonne zone alarm(free parefeu) de mettre la pagaille, j'ai aussi avira ,peerguardian. aucun scan (y compris en ligne avec panda)ne donne d'infection .
j'avais aussi utilisé aashampoo (je sais plus exactement )que j'ai eu du mal a desinstaller.

Arrête d'installer tout et n'importe quoi sur ta machine, chaque installation laisse des restes qui encrassent le registre.

C'est l'utilisateur qui fait la différence, pas le nombre de logiciels de "sécurité" installés.

par **lios15** » 10 Fév 2012 20:47

de plus ,je ne peux plus acceder a certains services comme avant , de courses en lignes par exemple, lorsque je saisi les identifiants, ça ne les reconnait plus ????

par **SkyTech** » 10 Fév 2012 20:54

Sacles a écrit:As-tu le même problème avec un nouveau profil?

Créer un nouveau profil
Fermer FireFox (en plus, assure-toi avec CTRL+ALT+DELETE qu'il n'y a plus aucun processus de Firefox actif).
Démarrer >>> Exécuter >>> Taper firefox -p (remarque l'espace entre Firefox et -p) et valider par OK.
Dans la fenêtre de gestion des profils qui vient de s'ouvrir, on peut en créer un nouveau et lancer FF avec celui-ci.
Si les problèmes sont résolus, il suffira de recopier les fichiers importants de l'ancien vers le nouveau profil. Nous verrons cela dans un 2e temps.

/!\ N'efface pas ton ancien profil pour l'instant. /!\

par **lios15** » 10 Fév 2012 21:45

oui meme soucis avec le nouveau profil , en plus 1 fois sur 2 mozilla reste bloqué faut tout reeteindre !
j'avais desinstallé et reinstallé mozilla et mis no script ,mais de toute facon meme probleme avec IE et les reglages par defaut !
(j'avais passé jv16 avant avec l'optimiseur inclus et j'avais tout coché et reparé toutes les erreurs )
IE ne bloque pas et est plus rapide ?

par **SkyTech** » 10 Fév 2012 21:58

* Télécharge >> OTL <<sur ton bureau.

* Fait un double-clic sur l'icône d'OTL pour le lancer
/!\ pour Vista/Seven fais un clic-droit sur l'icône d'OTL et choisis "Exécuter en tant qu'administrateur"

* Assure toi d'avoir fermé toutes les applications en court de fonctionnement.

* Quand la fenêtre d'OTL apparaît, assure toi que dans la section "Rapport" (en haut à droite) la case "Rapport minimal" soit cochée.

* Copies et colles le contenue de cette citation dans la partie inférieure d'OTL "Personnalisation"

netsvcs
msconfig
safebootminimal
safebootnetwork
activex
drivers32
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%temp%\*.exe /s
%SYSTEMDRIVE%\*.exe
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
/md5start
explorer.exe
winlogon.exe
wininit.exe
/md5stop
HKEY_LOCAL_MACHINE\SYSTEM\SYSTEM\CurrentControlSet\Services\lanmanserver\parameters /s
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems /s
CREATERESTOREPOINT
nslookup http://www.google.fr /c
SAVEMBR:0
hklm\software\clients\startmenuinternet|command /rs
hklm\software\clients\startmenuinternet|command /64 /rs

* Cliques sur l'icône "Analyse" (en haut à gauche) .
* Laisse le scan aller à son terme sans te servir du PC
* A la fin du scan un ou deux rapports vont s'ouvrir "OTL.Txt" et ( ou ) "Extras.Txt"( dans certains cas).
* Copie et colle le ou les rapports dans ta réponse stp...
* Au cas où, tu peux les retrouver dans le dossier C:\OTL ou sur ton bureau en fonction des cas rencontrés

par **lios15** » 10 Fév 2012 23:07

voila le rapport en 2 parties , je pourrais continuer que demain debut d'aprem merci :

OTL Extras logfile created on: 10/02/2012 21:31:22 - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Documents and Settings\lionel.senaud\Bureau
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

1023,48 Mb Total Physical Memory | 613,45 Mb Available Physical Memory | 59,94% Memory free
2,40 Gb Paging File | 1,95 Gb Available in Paging File | 81,26% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 127,99 Gb Total Space | 52,50 Gb Free Space | 41,02% Space Free | Partition Type: NTFS

Computer Name: SENAUD | User Name: lionel.senaud | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
https [open] -- Reg Error: Key error.
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- C:\Program Files\VideoLAN\VLC\vlc.exe --one-instance-when-started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Ma Galerie Photo] -- "C:\Program Files\Photocite Collection 4.6\Photocite Collection 4.6\Ma Galerie Photo.exe" -d "%1" ()
Directory [Photocite Collection 4] -- Reg Error: Value error.
Directory [Photocite Collection 4.6] -- "C:\Program Files\Photocite Collection 4.6\Photocite Collection 4.6\Photocite Collection 4.6.exe" "%1"
Directory [PlayWithVLC] -- C:\Program Files\VideoLAN\VLC\vlc.exe --one-instance-when-started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
"DisableMonitoring" = 1

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"6346:TCP" = 6346:TCP:*:Enabled:shareaza.exe
"6346:UDP" = 6346:UDP:*:Enabled:Shareaza
"139:TCP" = 139:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22002
"17504:TCP" = 17504:TCP:*:Enabled:BitComet 17504 TCP
"17504:UDP" = 17504:UDP:*:Enabled:BitComet 17504 UDP
"23937:TCP" = 23937:TCP:*:Enabled:BitComet 23937 TCP
"23937:UDP" = 23937:UDP:*:Enabled:BitComet 23937 UDP
"48113:TCP" = 48113:TCP:LocalSubNet:Enabled:maconfig_tcp
"48113:UDP" = 48113:UDP:LocalSubNet:Enabled:maconfig_udp

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe" = C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe:*:Enabled:hpofxm08.exe -- (Hewlett-Packard Development Company, L.P.)
"C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe" = C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe:*:Enabled:hposfx08.exe -- (Hewlett-Packard Development Company, L.P.)
"C:\Program Files\HP\Digital Imaging\bin\hposid01.exe" = C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe -- (Hewlett-Packard Development Company, L.P.)
"C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe:*:Enabled:hpqcopy.exe -- (Hewlett-Packard Development Company, L.P.)
"C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe" = C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe:*:Enabled:hpfccopy.exe -- (Hewlett-Packard)
"C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe" = C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe:*:Enabled:hpzwiz01.exe -- (Hewlett-Packard Development Company, L.P.)
"C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe" = C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe:*:Enabled:hpqphunl.exe -- (Hewlett-Packard)
"C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe" = C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe:*:Enabled:hpqdia.exe -- ( )
"C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe" = C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe -- (Hewlett-Packard Development Company, L.P.)
"C:\Program Files\ma-config.com\maconfservice.exe" = C:\Program Files\ma-config.com\maconfservice.exe:LocalSubNet:Enabled:maconfservice

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{02E89EFC-7B07-4D5A-AA03-9EC0902914EE}" = VC 9.0 Runtime
"{04460044-9149-45C6-A806-F2BF9CFCE762}" = Encyclopédie Microsoft Encarta 2004
"{06180081-3E21-46D6-9A91-D927BA08F41D}" = Collection Microsoft Encarta 2006 DVD
"{0A65A3BD-54B5-4d0d-B084-7688507813F5}" = SlideShow
"{121634B0-2F4B-11D3-ADA3-00C04F52DD52}" = Windows Installer Clean Up
"{15C0AF59-4877-49B6-B8C6-A61CE54515F5}" = cp_OnlineProjectsConfig
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{1D643CD2-4DD6-11D7-A4E0-000874180BB3}" = Microsoft Money
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{2376813B-2E5A-4641-B7B3-A0D5ADB55229}" = HPPhotoSmartExpress
"{26A24AE4-039D-4CA4-87B4-2F83216011FF}" = Java(TM) 6 Update 29
"{2B120B1D-1908-4FB3-8C9D-72128A74E80A}" = ZoneAlarm Security
"{2E132061-C78A-48D4-A899-1D13B9D189FA}" = Memories Disc Creator 2.0
"{2F58D60D-2BFD-4467-9B4D-64E7355C329D}" = Sonic_PrimoSDK
"{3248F0A8-6813-11D6-A77B-00B0D0150110}" = J2SE Runtime Environment 5.0 Update 11
"{3248F0A8-6813-11D6-A77B-00B0D0160010}" = Java(TM) SE Runtime Environment 6 Update 1
"{3248F0A8-6813-11D6-A77B-00B0D0160020}" = Java(TM) 6 Update 2
"{3248F0A8-6813-11D6-A77B-00B0D0160030}" = Java(TM) 6 Update 3
"{3248F0A8-6813-11D6-A77B-00B0D0160050}" = Java(TM) 6 Update 5
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java(TM) 6 Update 7
"{33BF0960-DBA3-4187-B6CC-C969FCFA2D25}" = SkinsHP1
"{350C97B8-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{363790D2-DA98-41DD-9C9F-69FA36B169DE}" = PanoStandAlone
"{36FDBE6E-6684-462B-AE98-9A39A1B200CC}" = HP Product Assistant
"{3F7924B9-D148-3141-87B1-68F36043A940}" = Microsoft .NET Framework 2.0 Service Pack 1 Language Pack - FRA
"{41E776A5-9B12-416D-9A12-B4F7B044EBED}" = CP_Package_Basic1
"{45B8A76B-57EC-4242-B019-066400CD8428}" = BufferChm
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4EA684E9-5C81-4033-A696-3019EC57AC3A}" = HPProductAssistant
"{511DF669-2930-30C0-8EB6-552887E29EC8}" = Microsoft .NET Framework 3.0 Service Pack 1 Language Pack - FRA
"{53EE9E42-CECB-4C92-BF76-9CA65DAF8F1C}" = FullDPAppQFolder
"{5421155F-B033-49DB-9B33-8F80F233D4D5}" = GdiplusUpgrade
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{57B2281D-A34A-4a48-8C68-169B8873659D}" = c4100_Help
"{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}" = Google Earth
"{5B48A8D9-D1AD-4424-BD4D-E462737099DF}" = SportTracks 3.0
"{5B76AEA2-D4E5-3B55-B965-ACC36AE0EAFC}" = Microsoft .NET Framework 3.5 Language Pack - fra
"{647B6F8B-645C-4992-99D8-49202C689C05}" = Microsoft Text To Speech Engine
"{65F9E1F3-A2C1-4AA9-9F33-A3AEB0255F0E}" = Garmin USB Drivers
"{66910000-8B30-4973-A159-6371345AFFA5}" = WebReg
"{6696D9A4-28A8-4F5A-8E9A-2E8974C8C39C}" = RandMap
"{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder
"{6860B340-530D-46B3-91F8-1AE1F70F7C33}" = OpenOffice.org 3.0
"{68763C27-235D-4165-A961-FDEA228CE504}" = AiOSoftwareNPI
"{6909F917-5499-482e-9AA1-FAD06A99F231}" = Toolbox
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder
"{7054ED85-498D-4D20-906F-14646AEC5581}" = Complément Microsoft Word pour Microsoft Works Suite
"{7059BDA7-E1DB-442C-B7A1-6144596720A4}" = HP Update
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{736C803C-DD3B-4015-BC51-AFB9E67B9076}" = Readme
"{7E7B7865-6C80-4373-8BC1-C2EB9431F9DE}" = ProductContextNPI
"{8331C3EA-0C91-43AA-A4D4-27221C631139}" = Status
"{8527C3D5-BA1D-46E9-88D2-AF25544311A3}" = JPEG Camera v0.97
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{8777AC6D-89F9-4793-8266-DE406F343E89}" = QFolder
"{87E2B986-07E8-477a-93DC-AF0B6758B192}" = DocProcQFolder
"{8A4CE7FD-9657-4B06-9943-E1819F3D5D67}" = DocProc
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{8C64E149-54BA-11D6-91B1-00500462BE80}" = Extension Système de Microsoft Money
"{8CE4E6E9-9D55-43FB-9DDB-688C976BFC05}" = Unload
"{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}" = TomTom HOME Visual Studio Merge Modules
"{9011040C-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90120000-0020-040C-0000-0000000FF1CE}" = Module de compatibilité pour Microsoft Office System 2007
"{90850409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Word Viewer 2003
"{9085040C-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Word Viewer 2003
"{996512CF-F35B-48DE-9291-557FA5316967}" = ScannerCopy
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9A394342-4A68-4EBA-85A6-55B559F4E700}" = Microsoft .NET Framework 1.1 French Language Pack
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A040AC77-C1AA-4CC9-8931-9F648AF178F6}" = VC 9.0 Runtime
"{A29800BA-0BF1-4E63-9F31-DF05A87F4104}" = InstantShareDevices
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A386CC19-1E79-4D4C-A54B-C8747871E4AD}" = ZoneAlarm Firewall
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{AC76BA86-7AD7-1036-7B44-AA1000000001}" = Adobe Reader X (10.1.2) - Français
"{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B1EE1CC5-6CED-4801-BFFF-8454F21A245A}" = Garmin Communicator Plugin
"{B2157760-AA3C-4E2E-BFE6-D20BC52495D9}" = cp_PosterPrintConfig
"{B6286A44-7505-471A-A72B-04EC2DB2F442}" = CueTour
"{B69CFE29-FD03-4E0A-87A7-6ED97F98E5B3}" = CP_Panorama1Config
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{BAF78226-3200-4DB4-BE33-4D922A799840}" = Windows Presentation Foundation
"{BDBE2F3E-42DB-4d4a-8CB1-19BA765DBC6C}" = HP Photosmart, Officejet and Deskjet 7.0.A
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C151CE54-E7EA-4804-854B-F515368B0798}" = AMD Processor Driver
"{C7F54CF8-D6FB-4E0A-93A3-E68AE0D6C476}" = SolutionCenter
"{C871525F-7116-4d26-BA6D-215F59B6F88B}" = C4100
"{C8753E28-2680-49BF-BD48-DD38FD086EFE}" = AiO_Scan_CDA
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1

par **lios15** » 10 Fév 2012 23:08

"{CF097717-F174-4144-954A-FBC4BF301036}" = Nero 7 Ultra Edition
"{DBA8B9E1-C6FF-4624-9598-73D3B41A0903}" = Microsoft Picture It! Photo Premium 9
"{DBC20735-34E6-4E97-A9E5-2066B66B243D}" = TrayApp
"{E1B80DEE-A795-4258-8445-074C06AE3AB8}" = MarketResearch
"{E2883E8F-472F-4fb0-9522-AC9BF37916A7}" = Adobe Download Manager
"{E6BAE954-487E-488B-BC4E-2E69E54E8117}" = Microsoft Works
"{EBDEC232-FFE3-42BC-8C92-6137ED5FB7A9}" = ArcSoft Panorama Maker 3.5
"{ED2C557E-9C18-41FF-B58E-A05EEF0B3B5F}" = CP_CalendarTemplates1
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F157460F-720E-482f-8625-AD7843891E5F}" = InstantShareDevicesMFC
"{F3760724-B29D-465B-BC53-E5D72095BCC4}" = Scan
"{F6076EF9-08E1-442F-B6A2-BFB61B295A14}" = Fax_CDA
"{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio
"{FB15E224-67C3-491F-9F5C-F257BC418412}" = Destinations
"{FBB980B0-63F8-4B48-8D65-90F1D9F81D9F}" = NewCopy_CDA
"{FF102450-55AA-4AE1-ACE4-E271E2470C83}" = hpmdtab
"49CF605F02C7954F4E139D18828DE298CD59217C" = Windows Driver Package - Garmin (grmnusb) GARMIN Devices (06/03/2009 2.3.0.0)
"ActiveScan 2.0" = Panda ActiveScan 2.0
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Avira AntiVir Desktop" = Avira Free Antivirus
"BankPerfect" = BankPerfect 7.3
"Browser MOUSE" = Browser MOUSE
"CCleaner" = CCleaner
"DVD Shrink_is1" = DVD Shrink 3.2
"HP Document Viewer" = HP Document Viewer 7.0
"HP Imaging Device Functions" = HP Imaging Device Functions 7.0
"HP Photo & Imaging" = HP Photosmart Premier Software 6.5
"HP Solution Center & Imaging Support Tools" = HP Solution Center 7.0
"HPExtendedCapabilities" = HP Customer Participation Program 7.0
"HPOCR" = OCR Software by I.R.I.S 7.0
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"ie8" = Windows Internet Explorer 8
"jv16 PowerTools 2011" = jv16 PowerTools 2011
"KLiteCodecPack_is1" = K-Lite Codec Pack 5.8.0 (Full)
"Kplan_is1" = Kplan 2.4.8.0
"LHTTSFRF" = L&H TTS3000 Français
"Macromedia Shockwave Player" = Macromedia Shockwave Player
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.60.1.1000
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 Language Pack - fra" = Module linguistique Microsoft .NET Framework 3.5 - fra
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox 10.0 (x86 fr)" = Mozilla Firefox 10.0 (x86 fr)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"Muiltmedia keyboard utility 1.3" = Muiltmedia keyboard utility 1.3
"MyDefrag v4.3.1_is1" = MyDefrag v4.3.1
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"NVIDIA Drivers" = NVIDIA Drivers
"PeerGuardian_is1" = PeerGuardian 2.0
"Photocite Collection 4.6" = Photocite Collection 4.6
"Picasa 3" = Picasa 3
"PictureIt_v9" = Microsoft Picture It! Photo Premium 9
"Revo Uninstaller" = Revo Uninstaller 1.93
"Shockwave" = Shockwave
"SiS163u" = 802.11 USB Wireless LAN Adapter
"TomTom HOME" = TomTom HOME 2.8.1.2218
"Vdesk 2 & BTEWin Public edition_is1" = Vdesk 2 & BTEWin Public edition
"VLC media player" = VideoLAN VLC media player 0.8.5
"WIC" = Windows Imaging Component
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Lecteur Windows Media 11
"Windows XP Service" = Windows XP Service Pack 3
"WinRAR archiver" = Archiveur WinRAR
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Works2004Setup" = Sélecteur d'installation de Microsoft Works 2004
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0
"XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0
"Yahoo! Toolbar" = Yahoo! Toolbar
"ZoneAlarm Free" = ZoneAlarm Free
"ZoneAlarm Toolbar" = ZoneAlarm Toolbar

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{79A765E1-C399-405B-85AF-466F52E918B0}" = Avira SearchFree Toolbar plus Web Protection Updater
"ANDREANE" = Andreane

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 20/12/2011 05:33:13 | Computer Name = SENAUD | Source = Application Error | ID = 1000
Description = Application défaillante nerovision.exe, version 4.9.7.2, module défaillant
expressui.dll, version 4.9.7.2, adresse de défaillance 0x00013eb9.

Error - 30/12/2011 07:07:54 | Computer Name = SENAUD | Source = MsiInstaller | ID = 11706
Description = Product: Scan -- Error 1706.No valid source could be found for product
Scan. The Windows Installer cannot continue.

Error - 30/12/2011 07:08:00 | Computer Name = SENAUD | Source = MsiInstaller | ID = 11706
Description = Product: Scan -- Error 1706.No valid source could be found for product
Scan. The Windows Installer cannot continue.

Error - 30/12/2011 07:08:12 | Computer Name = SENAUD | Source = MsiInstaller | ID = 11706
Description = Product: Scan -- Error 1706.No valid source could be found for product
Scan. The Windows Installer cannot continue.

Error - 07/01/2012 13:42:31 | Computer Name = SENAUD | Source = WmiAdapter | ID = 4099
Description = Échec de l'ouverture de services.

Error - 22/01/2012 11:27:08 | Computer Name = SENAUD | Source = WmiAdapter | ID = 4099
Description = Échec de l'ouverture de services.

Error - 30/01/2012 16:43:16 | Computer Name = SENAUD | Source = WmiAdapter | ID = 4099
Description = Échec de l'ouverture de services.

Error - 03/02/2012 08:32:11 | Computer Name = SENAUD | Source = MsiInstaller | ID = 11706
Description = Product: Scan -- Error 1706.No valid source could be found for product
Scan. The Windows Installer cannot continue.

Error - 08/02/2012 12:40:01 | Computer Name = SENAUD | Source = Application Error | ID = 1000
Description = Application défaillante , version 0.0.0.0, module défaillant unknown,
version 0.0.0.0, adresse de défaillance 0x00000000.

Error - 08/02/2012 12:40:12 | Computer Name = SENAUD | Source = Application Error | ID = 1001
Description = Détecteur d'erreurs 00000008.

[ System Events ]
Error - 26/01/2012 08:48:44 | Computer Name = SENAUD | Source = ipnathlp | ID = 32003
Description = Le traducteur d'adresses réseau (NAT) n'a pas pu demander une opération
du
module de traduction en mode noyau. Ceci peut indiquer une configuration incorrecte,
des ressources insuffisantes ou une erreur interne. La donnée est le code de l'erreur.

Error - 26/01/2012 12:35:57 | Computer Name = SENAUD | Source = Server | ID = 2505
Description = Le serveur n'a pas pu se lier au transport \Device\NetBT_Tcpip_{13478957-0B9C-4F44-9538-08E180AA2E72}
car un autre ordinateur du réseau porte le même nom. Le serveur n'a pas pu démarrer.

Error - 27/01/2012 15:53:38 | Computer Name = SENAUD | Source = Server | ID = 2505
Description = Le serveur n'a pas pu se lier au transport \Device\NetBT_Tcpip_{13478957-0B9C-4F44-9538-08E180AA2E72}
car un autre ordinateur du réseau porte le même nom. Le serveur n'a pas pu démarrer.

Error - 30/01/2012 16:43:11 | Computer Name = SENAUD | Source = Service Control Manager | ID = 7009
Description = Délai (30000 millisecondes) d'attente pour une connexion du service
Carte de performance WMI.

Error - 30/01/2012 16:43:11 | Computer Name = SENAUD | Source = Service Control Manager | ID = 7000
Description = Le service Carte de performance WMI n'a pas pu démarrer en raison
de l'erreur : %%1053

Error - 06/02/2012 16:06:09 | Computer Name = SENAUD | Source = Service Control Manager | ID = 7011
Description = Délai (30000 millisecondes) d'attente pour une réponse du service
AntiVirSchedulerService à une transaction.

Error - 07/02/2012 12:04:35 | Computer Name = SENAUD | Source = ipnathlp | ID = 32003
Description = Le traducteur d'adresses réseau (NAT) n'a pas pu demander une opération
du
module de traduction en mode noyau. Ceci peut indiquer une configuration incorrecte,
des ressources insuffisantes ou une erreur interne. La donnée est le code de l'erreur.

Error - 08/02/2012 12:35:01 | Computer Name = SENAUD | Source = Server | ID = 2505
Description = Le serveur n'a pas pu se lier au transport \Device\NetBT_Tcpip_{13478957-0B9C-4F44-9538-08E180AA2E72}
car un autre ordinateur du réseau porte le même nom. Le serveur n'a pas pu démarrer.

Error - 09/02/2012 08:55:37 | Computer Name = SENAUD | Source = Service Control Manager | ID = 7023
Description = Le service Automatic Updates s'est arrêté avec l'erreur : %%2147942405

Error - 10/02/2012 13:22:42 | Computer Name = SENAUD | Source = DCOM | ID = 10010
Description = Le serveur {4EB61BAC-A3B6-4760-9581-655041EF4D69} ne s'est pas enregistré
sur DCOM avant la fin du temps imparti.

< End of report >

par **SkyTech** » 11 Fév 2012 00:28

et l'autre rapport ?

SkyTech a écrit:* A la fin du scan un ou deux rapports vont s'ouvrir "OTL.Txt" et ( ou ) "Extras.Txt"( dans certains cas).

par **lios15** » 11 Fév 2012 14:35

voila je pense l'autre rapport:en 2 fois

OTL logfile created on: 10/02/2012 21:31:22 - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Documents and Settings\lionel.senaud\Bureau
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

1023,48 Mb Total Physical Memory | 613,45 Mb Available Physical Memory | 59,94% Memory free
2,40 Gb Paging File | 1,95 Gb Available in Paging File | 81,26% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 127,99 Gb Total Space | 52,50 Gb Free Space | 41,02% Space Free | Partition Type: NTFS

Computer Name: SENAUD | User Name: lionel.senaud | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Documents and Settings\lionel.senaud\Bureau\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\Ask.com\Updater\Updater.exe (Ask)
PRC - C:\Program Files\Avira\AntiVir Desktop\avshadow.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files\Avira\AntiVir Desktop\avwebgrd.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files\CheckPoint\ZoneAlarm\vsmon.exe (Check Point Software Technologies LTD)
PRC - C:\Program Files\CheckPoint\ZoneAlarm\zatray.exe (Check Point Software Technologies LTD)
PRC - C:\Program Files\CheckPoint\ZAForceField\ISWSVC.exe (Check Point Software Technologies)
PRC - C:\Program Files\CheckPoint\ZAForceField\ForceField.exe (Check Point Software Technologies)
PRC - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe (TomTom)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Inventel\Gateway\WLANCFG.EXE (Inventel)
PRC - C:\Program Files\PeerGuardian2\pg2.exe (Methlabs)

========== Modules (No Company Name) ==========

MOD - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\PDFShell.FRA ()
MOD - C:\Program Files\Avira\AntiVir Desktop\sqlite3.dll ()

========== Win32 Services (SafeList) ==========

SRV - (HidServ) -- File not found
SRV - (AntiVirSchedulerService) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
SRV - (AntiVirWebService) -- C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE (Avira Operations GmbH & Co. KG)
SRV - (AntiVirService) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
SRV - (vsmon) -- C:\Program Files\CheckPoint\ZoneAlarm\vsmon.exe (Check Point Software Technologies LTD)
SRV - (IswSvc) -- C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe (Check Point Software Technologies)
SRV - (TomTomHOMEService) -- C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe (TomTom)
SRV - (nosGetPlusHelper) getPlus(R) -- C:\Program Files\NOS\bin\getPlus_Helper_3004.dll (NOS Microsystems Ltd.)
SRV - (Pml Driver HPZ12) -- C:\WINDOWS\system32\HPZipm12.exe (HP)
SRV - (NMIndexingService) -- C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe (Nero AG)
SRV - (Wlancfg) -- C:\Program Files\Inventel\Gateway\wlancfg.exe (Inventel)
SRV - (ose) -- C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation)

========== Driver Services (SafeList) ==========

DRV - (avipbb) -- C:\WINDOWS\system32\drivers\avipbb.sys (Avira GmbH)
DRV - (avkmgr) -- C:\WINDOWS\system32\drivers\avkmgr.sys (Avira GmbH)
DRV - (avgntflt) -- C:\WINDOWS\system32\drivers\avgntflt.sys (Avira GmbH)
DRV - (Vsdatant) -- C:\WINDOWS\system32\vsdatant.sys (Check Point Software Technologies LTD)
DRV - (ISWKL) -- C:\Program Files\CheckPoint\ZAForceField\ISWKL.sys (Check Point Software Technologies)
DRV - (ssmdrv) -- C:\WINDOWS\system32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (pavboot) -- C:\WINDOWS\system32\drivers\pavboot.sys (Panda Security, S.L.)
DRV - (RMCAST) -- C:\WINDOWS\system32\drivers\rmcast.sys (Microsoft Corporation)
DRV - (MQAC) -- C:\WINDOWS\system32\drivers\mqac.sys (Microsoft Corporation)
DRV - (PCANDIS5) -- C:\WINDOWS\system32\pcandis5.sys (Printing Communications Assoc., Inc. (PCAUSA))
DRV - (ALCXWDM) Service for Realtek AC97 Audio (WDM) -- C:\WINDOWS\system32\drivers\alcxwdm.sys (Realtek Semiconductor Corp.)
DRV - (CAM1690) -- C:\WINDOWS\system32\drivers\cam1690.sys ()
DRV - (AmdK8) -- C:\WINDOWS\system32\drivers\AmdK8.sys (Advanced Micro Devices)
DRV - (AFS2K) -- C:\WINDOWS\System32\drivers\AFS2K.SYS (Oak Technology Inc.)
DRV - (SIS163u) -- C:\WINDOWS\system32\drivers\sis163u.sys (Silicon Integrated Systems Corp.)
DRV - (sdcplh) -- C:\WINDOWS\system32\drivers\sdcplh.sys (Macrovision Europe Ltd)
DRV - (nvatabus) -- C:\WINDOWS\System32\DRIVERS\nvatabus.sys (NVIDIA Corporation)
DRV - (pgfilter) -- C:\Program Files\PeerGuardian2\pgfilter.sys ()
DRV - (nvnetbus) -- C:\WINDOWS\system32\drivers\nvnetbus.sys (NVIDIA Corporation)
DRV - (NVENETFD) -- C:\WINDOWS\system32\drivers\NVENETFD.sys (NVIDIA Corporation)
DRV - (PCAMPR5) -- C:\WINDOWS\system32\pcampr5.sys (Printing Communications Assoc., Inc. (PCAUSA))
DRV - (irsir) -- C:\WINDOWS\system32\drivers\irsir.sys (Microsoft Corporation)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\..\URLSearchHook: {CE000994-A58C-4441-8938-744CD72AB27F} - No CLSID value found

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.orange.fr/portail
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@checkpoint.com/FFApi: C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\npFFApi.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll (DivX, Inc)
FF - HKLM\Software\MozillaPlugins\@garmin.com/GpsControl: C:\Program Files\Garmin GPS Plugin\npGarmin.dll (GARMIN Corp.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa2,version=2.0.0: C:\Program Files\Picasa2\npPicasa2.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Picasa2\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nosltd.com/getPlus+(R),version=1.6.2.91: C:\Program Files\NOS\bin\np_gp.dll (NOS Microsystems Ltd.)
FF - HKLM\Software\MozillaPlugins\@pack.google.com/Google Updater;version=13: File not found
FF - HKLM\Software\MozillaPlugins\@pandasecurity.com/activescan: C:\Program Files\Panda Security\ActiveScan 2.0\npwrapper.dll (Panda Security, S.L.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}: C:\Program Files\CheckPoint\ZAForceField\TrustChecker [2012/02/08 18:08:12 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/02/10 12:37:19 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/02/10 09:56:52 | 000,000,000 | ---D | M]

[2012/02/10 18:33:13 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\lionel.senaud\Application Data\Mozilla\Extensions
[2012/02/07 14:47:06 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\lionel.senaud\Application Data\Mozilla\Firefox\Profiles\rondzn6u.Utilisateur par dÃ©faut\extensions
[2012/02/07 14:47:07 | 000,000,000 | ---D | M] (Ashampoo FR Community Toolbar) -- C:\Documents and Settings\lionel.senaud\Application Data\Mozilla\Firefox\Profiles\rondzn6u.Utilisateur par dÃ©faut\extensions\{ba679afc-8ba0-48f4-b8bf-c144e8699fbc}
[2012/02/07 16:03:02 | 000,000,000 | ---D | M] (Avira SearchFree Toolbar plus Web Protection) -- C:\Documents and Settings\lionel.senaud\Application Data\Mozilla\Firefox\Profiles\rondzn6u.Utilisateur par dÃ©faut\extensions\toolbar@ask.com
[2012/02/10 13:07:44 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\lionel.senaud\Application Data\Mozilla\Firefox\Profiles\rondzn6u.Utilisateur par défaut\extensions
[2011/08/26 10:24:09 | 000,000,000 | ---D | M] (Garmin Communicator) -- C:\Documents and Settings\lionel.senaud\Application Data\Mozilla\Firefox\Profiles\rondzn6u.Utilisateur par défaut\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}
[2010/06/29 18:31:42 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\lionel.senaud\Application Data\Mozilla\Firefox\Profiles\rondzn6u.Utilisateur par défaut\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011/05/06 20:37:21 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\lionel.senaud\Application Data\Mozilla\Firefox\Profiles\rondzn6u.Utilisateur par défaut\extensions\nostmp
[2012/02/10 12:37:19 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012/01/29 17:20:05 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011/10/03 04:06:04 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2012/01/29 15:07:26 | 000,001,516 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazon-france.xml
[2012/01/29 14:55:12 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012/01/29 15:07:26 | 000,001,822 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\cnrtl-tlfi-fr.xml
[2012/01/29 15:07:26 | 000,001,154 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-france.xml
[2012/01/29 15:07:26 | 000,001,426 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-fr.xml
[2012/01/29 15:07:26 | 000,000,956 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-france.xml

O1 HOSTS File: ([2011/12/22 20:02:25 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (ZoneAlarm Security Engine Registrar) - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Program Files\CheckPoint\ZAForceField\Trustchecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O2 - BHO: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (ZoneAlarm Security Engine) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\Trustchecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O3 - HKCU\..\Toolbar\WebBrowser: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKCU\..\Toolbar\WebBrowser: (ZoneAlarm Security Engine) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\Trustchecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Adobe ARM] C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [ApnUpdater] C:\Program Files\Ask.com\Updater\Updater.exe (Ask)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [ISW] C:\Program Files\CheckPoint\ZAForceField\ForceField.exe (Check Point Software Technologies)
O4 - HKLM..\Run: [MsmqIntCert] C:\WINDOWS\System32\mqrt.dll (Microsoft Corporation)
O4 - HKLM..\Run: [ZoneAlarm] C:\Program Files\CheckPoint\ZoneAlarm\zatray.exe (Check Point Software Technologies LTD)
O4 - HKCU..\Run: [PeerGuardian] C:\Program Files\PeerGuardian2\pg2.exe (Methlabs)
O4 - Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Gestionnaire de liaison sans fil.lnk = C:\Program Files\Inventel\Gateway\WLANCFG.EXE (Inventel)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000029 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} http://download.microsoft.com/download/ ... ontrol.cab (Office Genuine Advantage Validation Tool)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/ ... ontrol.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.microsoft.com/microso ... 8720812437 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/fl ... rashim.cab (Reg Error: Key error.)
O16 - DPF: {9191F686-7F0A-441D-8A98-2FE3AC1BD913} http://acs.pandasoftware.com/activescan ... stubie.cab (ActiveScan 2.0 Installer Class)
O16 - DPF: {CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinsta ... s-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_29)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{13478957-0B9C-4F44-9538-08E180AA2E72}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C0D135DD-2529-43FC-879F-AA5471827215}: NameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C7611173-FD6C-4586-A99D-2F64587FD2F4}: NameServer = 80.10.246.1,80.10.246.139
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Fichiers communs\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Program Files\Fichiers communs\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files\Fichiers communs\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Ma page d'accueil) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\lionel.senaud\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\lionel.senaud\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/01/21 16:17:36 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: HidServ - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

MsConfig - StartUpReg: RegistryBooster - hkey= - key= - Reg Error: Value error. File not found
MsConfig - State: "system.ini" - 0
MsConfig - State: "win.ini" - 0
MsConfig - State: "bootini" - 0
MsConfig - State: "services" - 0
MsConfig - State: "startup" - 0

SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: sermouse.sys - Driver
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vds - Service
SafeBootMin: vga.sys - Driver
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: sermouse.sys - Driver
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vga.sys - Driver
SafeBootNet: vsmon - C:\Program Files\CheckPoint\ZoneAlarm\vsmon.exe (Check Point Software Technologies LTD)
SafeBootNet: {1a3e09be-1e45-494b-9174-d7385b45bbf5} - Reg Error: Value error.
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

ActiveX: {0213C6AF-5562-4D09-884C-2ADCFC8C2F35} - Microsoft .NET Framework 1.1 Security Update (KB2656353)
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Rendu VML (Vector Graphics Rendering)
ActiveX: {166B1BCA-3F9C-11CF-8075-444553540000} - Macromedia Shockwave Director 8.5.1
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 6.4
ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation
ActiveX: {2A202491-F00D-11cf-87CC-0020AFEECF20} - Macromedia Shockwave Director 8.5.1
ActiveX: {2A3320D6-C805-4280-B423-B665BDE33D8F} - Microsoft .NET Framework 1.1 Security Update (KB979906)
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Liaison de données Dynamic HTML pour Java
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe
ActiveX: {3F7924B9-D148-3141-87B1-68F36043A940} - .NET Framework
ActiveX: {411EDCF7-755D-414E-A74B-3DCD6583F589} - Microsoft .NET Framework 1.1 Service Pack 1 (KB867460)
ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Création avancée
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install
ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015C} - Microsoft DirectX
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - Classes Java DirectAnimation
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.8
ActiveX: {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser
ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7131646D-CD3C-40F4-97B9-CD9E4E6262EF} - .NET Framework
ActiveX: {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - Dossiers Web
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\WINDOWS\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - c:\WINDOWS\system32\Rundll32.exe c:\WINDOWS\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {9A394342-4A68-4EBA-85A6-55B559F4E700} - .NET Framework
ActiveX: {B508B3F1-A24A-32C0-B310-85786919EF28} - .NET Framework
ActiveX: {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} - .NET Framework
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework
ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Planificateur de tâches
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Macromedia Flash Player 8
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {ECD292A0-0347-4244-8C24-5DBCE990FB40} - Hotfix for Microsoft .NET Framework 3.0 (KB932471)
ActiveX: {EF289A85-8E57-408d-BE47-73B55609861A} - RootsUpdate
ActiveX: {F196AC50-7C95-42E1-9947-BDAB18BF3C8C} - .NET Framework
ActiveX: <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\WINDOWS\system32\ieudinit.exe
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\WINDOWS\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE
ActiveX: Microsoft Base Smart Card Crypto Provider Package -

Drivers32: msacm.ac3acm - C:\WINDOWS\System32\ac3acm.acm (fccHandler)
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.lameacm - C:\WINDOWS\System32\lameACM.acm (http://www.mp3dev.org/)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FFDS - C:\WINDOWS\System32\ff_vfw.dll ()
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: vidc.LEAD - C:\WINDOWS\System32\LCodcCMP.dll (LEAD Technologies, Inc.)
Drivers32: VIDC.XVID - C:\WINDOWS\System32\xvidvfw.dll ()
Drivers32: VIDC.YV12 - C:\WINDOWS\System32\yv12vfw.dll (www.helixcommunity.org)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 30 Days ==========

[2012/02/10 21:29:02 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\lionel.senaud\Bureau\OTL.exe
[2012/02/10 20:33:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\lionel.senaud\Mes documents\ForceField Shared Files
[2012/02/10 17:48:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\lionel.senaud\Menu Démarrer\Programmes\jv16 PowerTools 2011
[2012/02/10 17:48:05 | 000,000,000 | ---D | C] -- C:\Program Files\jv16 PowerTools 2011
[2012/02/10 10:04:47 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft CAPICOM 2.1.0.2
[2012/02/09 13:55:36 | 000,274,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mucltui.dll
[2012/02/09 13:55:36 | 000,018,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mucltui.dll.mui
[2012/02/08 18:51:19 | 000,028,552 | ---- | C] (Panda Security, S.L.) -- C:\WINDOWS\System32\drivers\pavboot.sys
[2012/02/08 18:51:08 | 000,000,000 | ---D | C] -- C:\Program Files\Panda Security

par **lios15** » 11 Fév 2012 14:38

[2012/02/08 14:13:57 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\lionel.senaud\Recent
[2012/02/07 14:46:58 | 000,000,000 | ---D | C] -- C:\Program Files\Conduit
[2012/02/07 12:40:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\lionel.senaud\Bureau\RK_Quarantine
[2012/02/03 13:28:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\lionel.senaud\Mes documents\releve actes
[2012/01/25 18:39:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Google Earth
[2012/01/14 17:49:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\lionel.senaud\Mes documents\Downloads
[2012/01/12 21:32:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\lionel.senaud\Mes documents\site trails
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\dllcache\*.tmp files -> C:\WINDOWS\System32\dllcache\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/02/10 21:32:55 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2012/02/10 21:32:00 | 000,000,250 | ---- | M] () -- C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job
[2012/02/10 21:29:03 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\lionel.senaud\Bureau\OTL.exe
[2012/02/10 21:22:00 | 000,001,070 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2012/02/10 20:34:20 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012/02/10 20:33:46 | 000,001,066 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2012/02/10 20:33:37 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012/02/10 19:37:56 | 000,414,368 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2012/02/10 17:48:12 | 000,000,022 | -HS- | M] () -- C:\WINDOWS\System5537 Data.Repository
[2012/02/10 17:48:12 | 000,000,022 | -HS- | M] () -- C:\Documents and Settings\lionel.senaud\Application Data\Sys2662.Config.Repository.bin
[2012/02/10 17:48:07 | 000,001,582 | ---- | M] () -- C:\Documents and Settings\lionel.senaud\Application Data\Microsoft\Internet Explorer\Quick Launch\jv16 PowerTools 2011.lnk
[2012/02/10 17:48:07 | 000,001,564 | ---- | M] () -- C:\Documents and Settings\lionel.senaud\Bureau\jv16 PowerTools 2011.lnk
[2012/02/10 12:37:22 | 000,000,742 | ---- | M] () -- C:\Documents and Settings\lionel.senaud\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2012/02/10 12:37:21 | 000,000,724 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Mozilla Firefox.lnk
[2012/02/10 10:23:08 | 000,320,336 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012/02/09 17:58:12 | 000,019,363 | ---- | M] () -- C:\Documents and Settings\lionel.senaud\Mes documents\lio Crédit Agricole PRO.bp
[2012/02/07 20:40:30 | 000,012,428 | ---- | M] () -- C:\Documents and Settings\lionel.senaud\Application Data\wklnhst.dat
[2012/02/03 13:31:01 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Malwarebytes Anti-Malware.lnk
[2012/01/25 18:39:15 | 000,001,915 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Google Earth.lnk
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\dllcache\*.tmp files -> C:\WINDOWS\System32\dllcache\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/02/10 21:32:55 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2012/02/10 17:48:12 | 000,000,022 | -HS- | C] () -- C:\WINDOWS\System5537 Data.Repository
[2012/02/10 17:48:12 | 000,000,022 | -HS- | C] () -- C:\Documents and Settings\lionel.senaud\Application Data\Sys2662.Config.Repository.bin
[2012/02/10 17:48:07 | 000,001,582 | ---- | C] () -- C:\Documents and Settings\lionel.senaud\Application Data\Microsoft\Internet Explorer\Quick Launch\jv16 PowerTools 2011.lnk
[2012/02/10 17:48:07 | 000,001,564 | ---- | C] () -- C:\Documents and Settings\lionel.senaud\Bureau\jv16 PowerTools 2011.lnk
[2012/02/10 12:37:22 | 000,000,742 | ---- | C] () -- C:\Documents and Settings\lionel.senaud\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2012/02/10 12:37:21 | 000,000,730 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Mozilla Firefox.lnk
[2012/02/10 12:37:21 | 000,000,724 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Mozilla Firefox.lnk
[2012/02/08 17:19:28 | 000,320,336 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012/01/25 18:39:15 | 000,001,915 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Google Earth.lnk
[2011/01/08 21:13:43 | 000,176,592 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2010/03/15 09:11:57 | 000,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.ini
[2010/03/15 09:11:55 | 000,881,664 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2010/03/15 09:11:55 | 000,205,824 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2010/03/15 09:11:53 | 000,085,504 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2010/02/02 19:25:19 | 000,000,057 | ---- | C] () -- C:\WINDOWS\DcmLtbox-WS.ini
[2009/10/21 13:14:32 | 000,000,470 | ---- | C] () -- C:\WINDOWS\galss.ini
[2009/04/20 15:43:42 | 000,000,565 | ---- | C] () -- C:\WINDOWS\sesam.ini
[2009/02/10 20:43:17 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\unWdWu.exe
[2009/02/10 20:42:58 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\wunilog.ini
[2009/02/01 18:53:58 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2008/12/28 20:13:58 | 000,006,144 | ---- | C] () -- C:\Documents and Settings\lionel.senaud\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/12/28 20:11:11 | 000,000,136 | ---- | C] () -- C:\Documents and Settings\lionel.senaud\Local Settings\Application Data\fusioncache.dat
[2008/12/21 09:05:26 | 000,012,428 | ---- | C] () -- C:\Documents and Settings\lionel.senaud\Application Data\wklnhst.dat
[2008/12/16 15:14:51 | 000,001,324 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2008/11/21 22:44:16 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\DivXWMPExtType.dll
[2008/02/04 18:23:10 | 000,693,792 | ---- | C] () -- C:\WINDOWS\System32\OGACheckControl.DLL
[2008/01/02 17:55:06 | 000,128,577 | ---- | C] () -- C:\WINDOWS\hpoins11.dat
[2007/12/23 19:48:05 | 000,077,824 | R--- | C] () -- C:\WINDOWS\System32\HPZIDS01.dll
[2007/12/23 19:45:05 | 000,128,038 | ---- | C] () -- C:\WINDOWS\hpoins11.dat.temp
[2007/12/23 19:45:05 | 000,011,634 | ---- | C] () -- C:\WINDOWS\hpomdl11.dat.temp
[2007/12/22 12:23:44 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2007/12/22 12:16:53 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2007/12/22 12:16:25 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll
[2007/11/11 19:44:59 | 000,000,335 | ---- | C] () -- C:\WINDOWS\mozregistry.dat
[2007/10/29 17:11:46 | 000,000,179 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2007/04/20 08:15:11 | 000,011,634 | ---- | C] () -- C:\WINDOWS\hpomdl11.dat
[2007/03/29 16:33:54 | 000,134,912 | ---- | C] () -- C:\WINDOWS\System32\drivers\cam1690.sys
[2007/03/29 16:14:10 | 000,010,997 | ---- | C] () -- C:\WINDOWS\cam1690.ini
[2007/03/28 19:26:10 | 000,015,872 | ---- | C] () -- C:\WINDOWS\System32\cam1690.dll
[2007/03/23 16:34:42 | 001,597,440 | ---- | C] () -- C:\WINDOWS\StiCap1690.exe
[2007/03/09 19:17:16 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\cam1690m.dll
[2007/03/04 19:25:34 | 000,000,214 | ---- | C] () -- C:\WINDOWS\HP_48BitScanUpdatePatch.ini
[2006/05/27 09:46:46 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2006/05/27 09:46:17 | 000,003,457 | ---- | C] () -- C:\WINDOWS\mozver.dat
[2006/05/22 13:09:51 | 000,000,206 | ---- | C] () -- C:\WINDOWS\HPGdiPlus.ini
[2006/05/14 19:09:43 | 000,000,151 | ---- | C] () -- C:\WINDOWS\PhotoSnapViewer.INI
[2006/05/08 16:45:21 | 008,282,187 | ---- | C] () -- C:\Program Files\vlc-0.8.5-win32.exe
[2006/03/11 23:27:08 | 001,104,734 | ---- | C] () -- C:\Program Files\dvdshrink_3.2.0.16_fr.zip
[2006/03/11 22:07:51 | 000,000,042 | ---- | C] () -- C:\Program Files\default.pls
[2006/02/22 23:18:25 | 000,000,016 | ---- | C] () -- C:\WINDOWS\popcinfo.dat
[2006/02/17 17:03:50 | 000,278,528 | ---- | C] () -- C:\Program Files\Fichiers communs\FDEUnInstaller.exe
[2006/02/06 21:20:36 | 000,016,221 | ---- | C] () -- C:\WINDOWS\hpiins01.dat
[2006/01/23 17:49:57 | 000,000,385 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2006/01/23 17:40:49 | 000,069,632 | R--- | C] () -- C:\WINDOWS\System32\xmltok.dll
[2006/01/23 17:40:49 | 000,036,864 | R--- | C] () -- C:\WINDOWS\System32\xmlparse.dll
[2006/01/21 21:48:17 | 000,000,169 | ---- | C] () -- C:\WINDOWS\RtlRack.ini
[2006/01/21 17:24:30 | 000,014,848 | ---- | C] () -- C:\WINDOWS\System32\BASSMOD.dll
[2006/01/21 17:19:07 | 000,165,376 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2006/01/21 17:19:03 | 000,019,968 | ---- | C] () -- C:\WINDOWS\System32\cpuinf32.dll
[2006/01/21 16:40:22 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2006/01/21 16:32:46 | 000,249,344 | R--- | C] () -- C:\WINDOWS\System32\NvRaidMan.exe
[2006/01/21 16:32:46 | 000,223,232 | R--- | C] () -- C:\WINDOWS\System32\nvsataconnection.exe
[2006/01/21 16:18:56 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2006/01/21 16:15:46 | 000,021,892 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2006/01/21 16:12:36 | 000,004,207 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2005/06/16 02:20:00 | 001,724,416 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2005/06/16 02:20:00 | 001,657,376 | ---- | C] () -- C:\WINDOWS\System32\nwiz.exe
[2005/06/16 02:20:00 | 001,507,328 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2005/06/16 02:20:00 | 001,346,080 | ---- | C] () -- C:\WINDOWS\System32\nvdspsch.exe
[2005/06/16 02:20:00 | 001,101,824 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2005/06/16 02:20:00 | 000,540,672 | ---- | C] () -- C:\WINDOWS\System32\nvhwvid.dll
[2005/06/16 02:20:00 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2005/06/16 02:20:00 | 000,449,056 | ---- | C] () -- C:\WINDOWS\System32\nvappbar.exe
[2005/06/16 02:20:00 | 000,436,768 | ---- | C] () -- C:\WINDOWS\System32\keystone.exe
[2005/06/16 02:20:00 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2005/01/06 15:04:00 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\unwlsdrv.exe
[2004/08/02 14:20:40 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2003/11/06 12:46:04 | 000,368,640 | ---- | C] () -- C:\WINDOWS\sjsw32.dll
[2003/04/01 10:58:02 | 000,005,260 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[2002/01/10 17:27:22 | 000,045,056 | ---- | C] () -- C:\WINDOWS\atlw32.dll
[2001/09/28 13:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2001/09/28 13:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2001/09/28 13:00:00 | 000,525,814 | ---- | C] () -- C:\WINDOWS\System32\perfh00C.dat
[2001/09/28 13:00:00 | 000,455,480 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2001/09/28 13:00:00 | 000,322,810 | ---- | C] () -- C:\WINDOWS\System32\perfi00C.dat
[2001/09/28 13:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2001/09/28 13:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2001/09/28 13:00:00 | 000,089,714 | ---- | C] () -- C:\WINDOWS\System32\perfc00C.dat
[2001/09/28 13:00:00 | 000,075,596 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2001/09/28 13:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2001/09/28 13:00:00 | 000,034,108 | ---- | C] () -- C:\WINDOWS\System32\perfd00C.dat
[2001/09/28 13:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2001/09/28 13:00:00 | 000,004,463 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2001/09/28 13:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2001/09/28 13:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2001/07/07 03:00:00 | 000,003,279 | ---- | C] () -- C:\WINDOWS\System32\HPTCPMON.INI

========== Custom Scans ==========

< %ALLUSERSPROFILE%\Application Data\*. >
[2011/08/15 12:26:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Adobe
[2011/02/14 18:40:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ahead
[2011/12/06 19:31:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Andreane
[2011/12/15 20:41:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Avira
[2011/02/13 21:08:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVS4YOU
[2011/11/14 09:19:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\CheckPoint
[2008/12/17 14:16:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DVD Shrink
[2008/09/08 18:40:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Google
[2009/02/22 11:44:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Google Updater
[2007/12/23 19:35:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\HP
[2008/11/12 08:22:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\HP Product Assistant
[2009/05/03 08:03:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\hps
[2012/02/08 18:12:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ma-config.com
[2008/01/02 18:44:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MailFrontier
[2009/02/22 14:23:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2010/10/09 08:38:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\McAfee
[2009/02/22 11:41:43 | 000,000,000 | --SD | M] -- C:\Documents and Settings\All Users\Application Data\Microsoft
[2006/02/18 22:57:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MSN6
[2007/11/25 22:20:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Nero
[2010/10/09 09:22:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NOS
[2006/01/21 17:39:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\nView_Profiles
[2008/12/05 16:51:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Office Genuine Advantage
[2010/03/15 08:57:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ReviverSoft
[2009/02/05 18:42:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Skyline
[2012/02/07 17:26:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Skype
[2007/12/23 09:48:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sonic
[2009/02/22 14:12:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
[2010/03/30 17:19:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sun
[2011/01/11 15:49:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\tmp
[2010/10/03 18:59:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TomTom
[2006/09/09 17:23:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
[2006/03/04 22:30:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Yahoo! Companion
[2009/01/19 19:17:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ZoneFiveSoftware

< %ALLUSERSPROFILE%\Application Data\*.exe /s >
[2011/06/06 21:52:43 | 001,560,520 | ---- | M] (Adobe Systems Incorporated) -- C:\Documents and Settings\All Users\Application Data\Adobe\Setup\{AC76BA86-7AD7-1036-7B44-AA1000000001}\setup.exe
[2010/06/28 15:01:45 | 001,403,736 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\hps\7884\setup_Photocite_Collection_45.exe
[2012/02/03 13:30:33 | 009,502,424 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\mbam-setup.exe

< %APPDATA%\*. >
[2012/02/10 17:59:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\lionel.senaud\Application Data\Adobe
[2011/12/19 11:24:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\lionel.senaud\Application Data\Ahead
[2011/09/17 14:34:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\lionel.senaud\Application Data\AskToolbar
[2011/12/15 20:44:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\lionel.senaud\Application Data\Avira
[2011/02/13 21:08:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\lionel.senaud\Application Data\AVS4YOU
[2011/01/15 16:55:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\lionel.senaud\Application Data\BankPerfect
[2010/11/04 12:32:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\lionel.senaud\Application Data\CheckPoint
[2008/12/16 19:00:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\lionel.senaud\Application Data\Common Files
[2012/02/10 17:59:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\lionel.senaud\Application Data\DivX
[2012/02/10 17:59:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\lionel.senaud\Application Data\dvdcss
[2009/01/14 13:35:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\lionel.senaud\Application Data\Google
[2008/12/16 19:00:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\lionel.senaud\Application Data\HP
[2010/09/20 13:50:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\lionel.senaud\Application Data\Macromedia
[2009/02/22 14:24:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\lionel.senaud\Application Data\Malwarebytes
[2012/02/10 21:12:27 | 000,000,000 | --SD | M] -- C:\Documents and Settings\lionel.senaud\Application Data\Microsoft
[2012/02/10 18:33:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\lionel.senaud\Application Data\Mozilla
[2008/12/18 17:09:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\lionel.senaud\Application Data\OpenOffice.org
[2011/02/21 20:28:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\lionel.senaud\Application Data\skypePM
[2008/12/28 20:25:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\lionel.senaud\Application Data\Sun
[2009/12/06 12:05:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\lionel.senaud\Application Data\TeamViewer
[2011/12/04 19:13:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\lionel.senaud\Application Data\Thunderbird
[2010/10/03 18:58:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\lionel.senaud\Application Data\TomTom
[2010/11/01 13:57:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\lionel.senaud\Application Data\vlc
[2009/01/20 10:11:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\lionel.senaud\Application Data\VSRevoGroup

< %APPDATA%\*.exe /s >
[2009/02/09 20:24:52 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\lionel.senaud\Application Data\Microsoft\Installer\{8527C3D5-BA1D-46E9-88D2-AF25544311A3}\ARPPRODUCTICON.exe
[2009/02/09 20:24:52 | 000,040,960 | R--- | M] (Macrovision Corporation) -- C:\Documents and Settings\lionel.senaud\Application Data\Microsoft\Installer\{8527C3D5-BA1D-46E9-88D2-AF25544311A3}\NewShortcut1_8527C3D5BA1D46E988D2AF25544311A3.exe
[2009/02/09 20:24:52 | 000,040,960 | R--- | M] (Macrovision Corporation) -- C:\Documents and Settings\lionel.senaud\Application Data\Microsoft\Installer\{8527C3D5-BA1D-46E9-88D2-AF25544311A3}\NewShortcut2_8527C3D5BA1D46E988D2AF25544311A3.exe
[2010/09/01 14:52:56 | 000,032,032 | ---- | M] (NOS Microsystems Ltd.) -- C:\Documents and Settings\lionel.senaud\Application Data\Mozilla\Firefox\Profiles\rondzn6u.Utilisateur par défaut\extensions\nostmp\content\getPlusPlus_Adobe_reg.exe

< %temp%\*.exe /s >
[2012/02/07 15:06:46 | 003,904,680 | ---- | M] (Ask) -- C:\DOCUME~1\LIONEL~1.SEN\LOCALS~1\Temp\setup.exe
[15 C:\DOCUME~1\LIONEL~1.SEN\LOCALS~1\Temp\*.tmp files -> C:\DOCUME~1\LIONEL~1.SEN\LOCALS~1\Temp\*.tmp -> ]
[2011/10/17 19:25:35 | 001,207,296 | ---- | M] (Google) -- C:\DOCUME~1\LIONEL~1.SEN\LOCALS~1\Temp\._msige61\GoogleEarth.exe
[2011/10/17 19:03:23 | 000,050,688 | ---- | M] () -- C:\DOCUME~1\LIONEL~1.SEN\LOCALS~1\Temp\._msige61\program files\Google\Google Earth\client\earthflashsol.exe
[2011/10/17 19:03:16 | 000,071,680 | ---- | M] (Google) -- C:\DOCUME~1\LIONEL~1.SEN\LOCALS~1\Temp\._msige61\program files\Google\Google Earth\client\googleearth.exe
[2011/10/17 19:03:41 | 000,293,888 | ---- | M] () -- C:\DOCUME~1\LIONEL~1.SEN\LOCALS~1\Temp\._msige61\program files\Google\Google Earth\client\gpsbabel.exe
[2011/10/17 19:03:16 | 000,071,680 | ---- | M] (Google) -- C:\DOCUME~1\LIONEL~1.SEN\LOCALS~1\Temp\._msige61\program files\Google\Google Earth\plugin\geplugin.exe
[2011/10/17 19:31:16 | 001,207,296 | ---- | M] (Google) -- C:\DOCUME~1\LIONEL~1.SEN\LOCALS~1\Temp\._msigeplugin61\GoogleEarth.exe
[2011/10/17 19:03:16 | 000,071,680 | ---- | M] (Google) -- C:\DOCUME~1\LIONEL~1.SEN\LOCALS~1\Temp\._msigeplugin61\program files\Google\Google Earth\plugin\geplugin.exe
[2011/11/15 11:29:50 | 003,283,352 | ---- | M] (Uniblue Systems Ltd ) -- C:\DOCUME~1\LIONEL~1.SEN\LOCALS~1\Temp\mia4C.tmp\bm_installer.exe
[2011/11/07 09:26:14 | 000,067,456 | ---- | M] (Uniblue Systems Limited) -- C:\DOCUME~1\LIONEL~1.SEN\LOCALS~1\Temp\mia4C.tmp\data\OFFLINE\89292046\B152136D\Launcher.exe
[2011/11/07 09:26:14 | 000,025,472 | ---- | M] (Uniblue Systems Limited) -- C:\DOCUME~1\LIONEL~1.SEN\LOCALS~1\Temp\mia4C.tmp\data\OFFLINE\89292046\B152136D\rbmonitor.exe
[2011/11/07 09:26:14 | 000,025,472 | ---- | M] (Uniblue Systems Limited) -- C:\DOCUME~1\LIONEL~1.SEN\LOCALS~1\Temp\mia4C.tmp\data\OFFLINE\89292046\B152136D\rbnotifier.exe
[2011/11/07 09:26:14 | 000,025,992 | ---- | M] (Uniblue Systems Limited) -- C:\DOCUME~1\LIONEL~1.SEN\LOCALS~1\Temp\mia4C.tmp\data\OFFLINE\89292046\B152136D\rb_move_serial.exe
[2011/11/07 09:26:14 | 000,025,464 | ---- | M] (Uniblue Systems Limited) -- C:\DOCUME~1\LIONEL~1.SEN\LOCALS~1\Temp\mia4C.tmp\data\OFFLINE\89292046\B152136D\rb_ubm.exe
[2011/11/07 09:26:14 | 000,053,104 | ---- | M] (Uniblue Systems Limited) -- C:\DOCUME~1\LIONEL~1.SEN\LOCALS~1\Temp\mia4C.tmp\data\OFFLINE\89292046\B152136D\registrybooster.exe

< %SYSTEMDRIVE%\*.exe >

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >
[2006/01/21 17:11:00 | 000,094,208 | ---- | M] () -- C:\WINDOWS\System32\config\default.sav
[2006/01/21 17:11:00 | 000,634,880 | ---- | M] () -- C:\WINDOWS\System32\config\software.sav
[2006/01/21 17:11:00 | 000,409,600 | ---- | M] () -- C:\WINDOWS\System32\config\system.sav

< MD5 for: EXPLORER.EXE >
[2004/08/19 16:09:54 | 001,036,288 | ---- | M] (Microsoft Corporation) MD5=2A7BD330924252A2FD80344FC949BB72 -- C:\WINDOWS\$NtUninstallKB938828$\explorer.exe
[2007/06/13 14:10:53 | 001,037,312 | ---- | M] (Microsoft Corporation) MD5=B795475444D6D57A572C14B9E1A29839 -- C:\WINDOWS\$hf_mig$\KB938828\SP2QFE\explorer.exe
[2007/06/13 14:22:28 | 001,037,312 | ---- | M] (Microsoft Corporation) MD5=D0288319660EDCFED07C7E74C4EA38A5 -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe
[2008/04/14 03:34:03 | 001,037,824 | ---- | M] (Microsoft Corporation) MD5=F2317622D29F9FF0F88AEECD5F60F0DD -- C:\WINDOWS\ERDNT\cache\explorer.exe
[2008/04/14 03:34:03 | 001,037,824 | ---- | M] (Microsoft Corporation) MD5=F2317622D29F9FF0F88AEECD5F60F0DD -- C:\WINDOWS\explorer.exe
[2008/04/14 03:34:03 | 001,037,824 | ---- | M] (Microsoft Corporation) MD5=F2317622D29F9FF0F88AEECD5F60F0DD -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe

< MD5 for: WINLOGON.EXE >
[2004/08/19 16:10:06 | 000,506,368 | ---- | M] (Microsoft Corporation) MD5=123EEA158F74D0F67A51DCDF065D1091 -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2012/01/13 14:53:20 | 000,182,856 | ---- | M] () MD5=63EEC8A8B221AB79045E776E5F592868 -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2008/04/14 03:34:28 | 000,512,000 | ---- | M] (Microsoft Corporation) MD5=DD73D6B9F6B4CB630CF35B438B540174 -- C:\WINDOWS\ERDNT\cache\winlogon.exe
[2008/04/14 03:34:28 | 000,512,000 | ---- | M] (Microsoft Corporation) MD5=DD73D6B9F6B4CB630CF35B438B540174 -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008/04/14 03:34:28 | 000,512,000 | ---- | M] (Microsoft Corporation) MD5=DD73D6B9F6B4CB630CF35B438B540174 -- C:\WINDOWS\system32\winlogon.exe

< HKEY_LOCAL_MACHINE\SYSTEM\SYSTEM\CurrentControlSet\Services\lanmanserver\parameters /s >

< HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems /s >
"Debug" =
"Kmode" = %SystemRoot%\system32\win32k.sys -- [2011/11/23 15:40:17 | 001,859,712 | ---- | M] (Microsoft Corporation)
"Optional" = Posix [binary data]
"Posix" = %SystemRoot%\system32\psxss.exe
"Required" = DebugWindows [binary data]
"Windows" = %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,3072,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\CSRSS]
"CsrSrvSharedSectionBase" = 2137980928

< nslookup http://www.google.fr /c >
Serveur : openrg.home
Address: 192.168.1.1

< hklm\software\clients\startmenuinternet|command /rs >
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\HideIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /HideShortcuts [2012/01/29 17:20:06 | 000,836,928 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ShowIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /ShowShortcuts [2012/01/29 17:20:06 | 000,836,928 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ReinstallCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [2012/01/29 17:20:06 | 000,836,928 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\open\command\\: C:\Program Files\Mozilla Firefox\firefox.exe [2012/01/29 17:20:04 | 000,924,632 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\properties\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -preferences [2012/01/29 17:20:04 | 000,924,632 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\safemode\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -safe-mode [2012/01/29 17:20:04 | 000,924,632 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\WINDOWS\system32\ie4uinit.exe" -reinstall [2011/11/04 12:24:17 | 000,174,080 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\WINDOWS\system32\ie4uinit.exe" -hide [2011/11/04 12:24:17 | 000,174,080 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\WINDOWS\system32\ie4uinit.exe" -show [2011/11/04 12:24:17 | 000,174,080 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" -extoff [2009/03/08 13:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: "C:\Program Files\Internet Explorer\IEXPLORE.EXE" [2009/03/08 13:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation)

< hklm\software\clients\startmenuinternet|command /64 /rs >
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\HideIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /HideShortcuts [2012/01/29 17:20:06 | 000,836,928 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ShowIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /ShowShortcuts [2012/01/29 17:20:06 | 000,836,928 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ReinstallCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [2012/01/29 17:20:06 | 000,836,928 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\open\command\\: C:\Program Files\Mozilla Firefox\firefox.exe [2012/01/29 17:20:04 | 000,924,632 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\properties\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -preferences [2012/01/29 17:20:04 | 000,924,632 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\safemode\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -safe-mode [2012/01/29 17:20:04 | 000,924,632 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\WINDOWS\system32\ie4uinit.exe" -reinstall [2011/11/04 12:24:17 | 000,174,080 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\WINDOWS\system32\ie4uinit.exe" -hide [2011/11/04 12:24:17 | 000,174,080 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\WINDOWS\system32\ie4uinit.exe" -show [2011/11/04 12:24:17 | 000,174,080 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" -extoff [2009/03/08 13:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: "C:\Program Files\Internet Explorer\IEXPLORE.EXE" [2009/03/08 13:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation)

< >

< >

< End of report >

par **SkyTech** » 11 Fév 2012 21:06

Salut,

Tu as installé la toolbar de AntiVir : http://www.malekal.com/2011/08/30/antiv ... -webguard/

Pareil tu as celle de ZoneAlarm...

Désinstalle via Programmes & fonctionnalités :

Adobe Download Manager
Panda ActiveScan 2.0
Yahoo! Toolbar
ZoneAlarm Toolbar

Dans Firefox : Outils, Modules complémentaires, Extensions et tu peux virer :

[2012/02/07 14:47:07 | 000,000,000 | ---D | M] (Ashampoo FR Community Toolbar) -- C:\Documents and Settings\lionel.senaud\Application Data\Mozilla\Firefox\Profiles\rondzn6u.Utilisateur par dÃ©faut\extensions\{ba679afc-8ba0-48f4-b8bf-c144e8699fbc}
[2012/02/07 16:03:02 | 000,000,000 | ---D | M] (Avira SearchFree Toolbar plus Web Protection) -- C:\Documents and Settings\lionel.senaud\Application Data\Mozilla\Firefox\Profiles\rondzn6u.Utilisateur par dÃ©faut\extensions\toolbar@ask.com

---

/!\ Désactive temporairement ton antivirus /!\

Télécharge AD-Remover (de Cyrildu17 / C_XX) sur ton Bureau.

/!\ Déconnecte-toi et ferme toutes applications en cours /!\

Double-clique sur le raccourci Ad-Remover sur ton Bureau.
Prends Nettoyer

/!\ Laisse travailler l'outil /!\
Poste le rapport qui apparaît à la fin.

(Le rapport est sauvegardé aussi sous C:\Ad-report(date).log)

(CTRL+A pour tout sélectionner, CTRL+C pour copier et CTRL+V pour coller)

Note :"Process.exe", une composante de l'outil, est détectée par certains antivirus (AntiVir, Dr.Web, Kaspersky Anti-Virus) comme étant un RiskTool.
Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus.
Mis entre de mauvaises mains, cet utilitaire pourrait arrêter des logiciels de sécurité (Antivirus, Firewall...) d'où l'alerte émise par ces antivirus.

par **lios15** » 12 Fév 2012 11:37

impossible ou presque d'acceder a malekal ce matin ! il faut des plombes ! bizarre ?

yahoo toolbar et zone alarm toolbar je ne les ai pas trouvés dans la desinstal de programmes ?

dans les extensions de firefox pas trouvés les 2 fichiers , il y a juste microsoft net framework (desactivé ) et zone alarm security engine (safe browser toolbar?) desactivé aussi et incompatible avec firefox 10.

j 'envoi le rapport AD-remover des que je l'ai .

par **SkyTech** » 12 Fév 2012 11:55

Re,

lios15 a écrit:impossible ou presque d'acceder a malekal ce matin ! il faut des plombes ! bizarre ?

Oui quelques problèmes de lenteur.

lios15 a écrit:yahoo toolbar et zone alarm toolbar je ne les ai pas trouvés dans la desinstal de programmes ?

Regarde avec Revo : revo-uninstaller-t28537.html

par **lios15** » 12 Fév 2012 12:22

voila le rapport:

======= RAPPORT D'AD-REMOVER 2.0.0.2,G | UNIQUEMENT XP/VISTA/7 =======

Mis à jour par TeamXscript le 12/04/11
Contact: AdRemover[DOT]contact[AT]gmail[DOT]com
Site web: http://www.teamxscript.org

C:\Program Files\Ad-Remover\main.exe (CLEAN [2]) -> Lancé à 11:03:01 le 12/02/2012, Mode normal

Microsoft Windows XP Professionnel Service Pack 3 (X86)
lionel.senaud@SENAUD ( )

============== ACTION(S) ==============

(!) -- Fichiers temporaires supprimés.

============== SCAN ADDITIONNEL ==============

**** Mozilla Firefox Version [10.0 (fr)] ****

Plugins\npdivx32.dll (DivX,Inc.)
Plugins\npDivxPlayerPlugin.dll (DivX, Inc)
HKLM_MozillaPlugins\@checkpoint.com/FFApi (x)
HKLM_MozillaPlugins\@garmin.com/GpsControl (x)
HKLM_MozillaPlugins\Adobe Reader (x)
Searchplugins\bing.xml ( hxxp://www.bing.com/search)
Components\browsercomps.dll (Mozilla Foundation)

-- C:\Documents and Settings\Administrateur\Application Data\Mozilla\FireFox\Profiles\kdgovksp.default --
Extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34} (FlashGot)
Extensions\{3112ca9c-de6d-4884-a869-9855de68056c} (Google Toolbar for Firefox)
Prefs.js - browser.download.dir, C:\\Documents and Settings\\Administrateur\\Mes documents\\Downloads
Prefs.js - browser.search.defaultenginename, Google
Prefs.js - browser.search.defaulturl, hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
Prefs.js - browser.search.selectedEngine, Google
Prefs.js - browser.startup.homepage_override.mstone, rv:1.8.1.12

========================================

**** Internet Explorer Version [8.0.6001.18702] ****

Plugins\NPWMin32.dll (SYNERSOFT)
HKCU_Main|Default_Page_URL - hxxp://www.microsoft.com/isapi/redir.dl ... ar=msnhome
HKCU_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKCU_Main|Search bar - hxxp://go.microsoft.com/fwlink/?linkid=54896
HKCU_Main|Start Page - hxxp://fr.msn.com/
HKLM_Main|Default_Page_URL - hxxp://go.microsoft.com/fwlink/?LinkId=54896
HKLM_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKLM_Main|Search bar - hxxp://search.msn.com/spbasic.htm
HKLM_Main|Search Page - hxxp://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKLM_Main|Start Page - hxxp://fr.msn.com/
HKLM_URLSearchHooks|{CE000994-A58C-4441-8938-744CD72AB27F} (x)
HKCU_Toolbar|{710EB7A1-45ED-11D0-924A-0020AFC7AC4D} (x)

========================================

C:\Program Files\Ad-Remover\Quarantine: 61 Fichier(s)
C:\Program Files\Ad-Remover\Backup: 14 Fichier(s)

C:\Ad-Report-CLEAN[1].txt - 12/02/2012 10:37:28 (5567 Octet(s))
C:\Ad-Report-CLEAN[2].txt - 12/02/2012 11:03:05 (479 Octet(s))

Fin à: 11:03:48, 12/02/2012

============== E.O.F ==============

Malekal's forum

[Résolu] erreurs de registre ?

[Résolu] erreurs de registre ?

Re: erreurs de registre ?

Re: erreurs de registre ?

Re: erreurs de registre ?

Re: erreurs de registre ?

Re: erreurs de registre ?

Re: erreurs de registre ?

Re: erreurs de registre ?

Re: erreurs de registre ?

Re: erreurs de registre ?

Re: erreurs de registre ?

Re: erreurs de registre ?

Re: erreurs de registre ?

Re: erreurs de registre ?

Re: erreurs de registre ?

Qui est en ligne