Mon rapport ZHP diag Fermé

Question

Bonjour, 

Mon pc a ralenti. Merci de m'aider :)


Rapport de ZHPDiag v1.27.1903 par Nicolas Coolman, Update du 17/04/2011
Run by UGUR at 18/04/2011 11:25:26
Web site :  http://www.premiumorange.com/zeb-help-process/zhpdiag.html


---\ Web Browser
MSIE: Internet Explorer v8.0.6001.19048
MFIE: Mozilla Firefox v3.6.16 (fr) (Defaut)

---\ System Information
Windows Vista Home Basic Edition, 32-bit Service Pack 2 (Build 6002)
Processor: x86 Family 15 Model 107 Stepping 2, AuthenticAMD
Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 2813 MB (62% free)
System Restore: Activé (Enable)
System drive C: has 89 GB (65%) free of 137 GB

---\ Logged in mode
Computer Name: PC-DE-UGUR
User Name: UGUR
All Users Names: UGUR, Administrateur, 
Unselected Option: O45,O61,O62,O65,O66,O82
Logged in as Administrator

---\ Environnement Variables
%AppData%=C:\Users\UGUR\AppData\Roaming
%LocalAppData%=C:\Users\UGUR\AppData\Local
%StartMenu%=C:\Users\UGUR\AppData\Roaming\Microsoft\Windows\Start Menu

---\ DOS/Devices
C:\ Hard drive, Flash drive, Thumb drive (Free 89 Go of 137 Go)
D:\ Hard drive, Flash drive, Thumb drive (Free 141 Go of 141 Go)
F:\ CD-ROM drive (Not Inserted)
G:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
H:\ Floppy drive, Flash card reader, USB Key (Not Inserted)



---\ Security Center & Tools Informations
[HKLM\SOFTWARE\Microsoft\Security Center] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] UacDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: Modified
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] UpdatesDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] UacDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] NoActiveDesktopChanges: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoFolderOptions: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] DisableTaskMgr: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] DisableRegistryTools: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] NoDispScrSavPage: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowSearch: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK



---\ Recherche particulière de fichiers génériques
[MD5.D07D4C3038F3578FFCE1C0237F2A1253] - (.Microsoft Corporation - Explorateur Windows.) (.11/04/2009 07:27:36.) -- C:\Windows\Explorer.exe [2926592]
[MD5.101BA3EA053480BB5D957EF37C06B5ED] - (.Microsoft Corporation - Application de démarrage de Windows.) (.21/01/2008 03:33:13.) -- C:\Windows\system32\Wininit.exe [96768]
[MD5.047CDEFF94B63F0A4791372B47427B60] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.22/02/2011 07:21:28.) -- C:\Windows\system32\wininet.dll [916480]
[MD5.898E7C06A350D4A1A64A9EA264D55452] - (.Microsoft Corporation - Application d'ouverture de session Windows.) (.11/04/2009 07:28:13.) -- C:\Windows\system32\Winlogon.exe [314368]
[MD5.1F05B78AB91C9075565A9D8A4B880BC4] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.11/04/2009 07:32:26.) -- C:\Windows\system32\drivers\atapi.sys [19944]
[MD5.6A4A98CEE84CF9E99564510DDA4BAA47] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.11/04/2009 07:32:49.) -- C:\Windows\system32\drivers
tfs.sys [1083880]



---\ Processus lancés
[MD5.7B878518590E826F1F3A5B1D61D405F8] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe   [3396624]
[MD5.0F3FA9FDB976C567EC0491685CF4FDF7] - (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe   [912344]
[MD5.3AFF6B10C34CB8EAA6D6D5AA55193571] - (.Mozilla Corporation - Plugin Container for Firefox.) -- C:\Program Files\Mozilla Firefox\plugin-container.exe   [16856]
[MD5.D6D0AD94EFC131772C3265F242D78FCB] - (.Nicolas Coolman - Diagnostic Tool.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe   [644096]



---\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions  (P2,M0,M1,M2,M3)
M3 - MFPP: Plugins - [UGUR] -- C:\Program Files\Mozilla FireFox\searchplugins\amazon-france.xml
M3 - MFPP: Plugins - [UGUR] -- C:\Program Files\Mozilla FireFox\searchplugins\cnrtl-tlfi-fr.xml
M3 - MFPP: Plugins - [UGUR] -- C:\Program Files\Mozilla FireFox\searchplugins\eBay-france.xml
M3 - MFPP: Plugins - [UGUR] -- C:\Program Files\Mozilla FireFox\searchplugins\google.xml
M3 - MFPP: Plugins - [UGUR] -- C:\Program Files\Mozilla FireFox\searchplugins\wikipedia-fr.xml
M3 - MFPP: Plugins - [UGUR] -- C:\Program Files\Mozilla FireFox\searchplugins\yahoo-france.xml
P2 - FPN:Firefox Plugin Navigator . (.Sun Microsystems, Inc. - NPRuntime Script Plug-in Library for Java(TM) Deploy.) -- C:\Program Files\Mozilla Firefox\Plugins
pdeployJava1.dll
P2 - FPN:Firefox Plugin Navigator . (.mozilla.org - Default Plug-in.) -- C:\Program Files\Mozilla Firefox\Plugins
pnul32.dll
P2 - FPN:Firefox Plugin Navigator . (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape "9.4.3".) -- C:\Program Files\Mozilla Firefox\Plugins
ppdf32.dll
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\Macromed\Flash\NPSWF32.dll
P2 - FPN: [HKLM] [@java.com/JavaPlugin] - (.Sun Microsystems, Inc. - Next Generation Java Plug-in 1.6.0_23 for Mozilla browsers.) -- C:\Program Files\Java\jre6\bin
ew_plugin
pjp2.dll
P2 - FPN: [HKLM] [@ma-config.com/HardwareDetection] - (.Cybelsoft - Plugin NPAPI Ma-Config.com.) -- C:\Program Files\ma-config.com
phardwaredetection.dll
P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (. Microsoft Corporation - 4.0.60129.0.) -- C:\Program Files\Microsoft Silverlight\4.0.60129.0
pctrl.dll
P2 - FPN: [HKLM] [@microsoft.com/OfficeLive,version=1.3] - (.Microsoft Corp. - Office Live Update v1.5.) -- C:\Program Files\Microsoft\Office Live
pOLW.dll
P2 - FPN: [HKLM] [@microsoft.com/OfficeLive,version=1.5] - (.Microsoft Corp. - Office Live Update v1.5.) -- C:\Program Files\Microsoft\Office Live
pOLW.dll
P2 - FPN: [HKLM] [@microsoft.com/WLPG,version=14.0.8117.0416] - (.Microsoft Corporation - NPWLPG.) -- C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
P2 - FPN: [HKLM] [@microsoft.com/WPF,version=3.5] - (.Microsoft Corporation - Windows Presentation Foundation (WPF) plug-in for Mozilla browsers.) -- C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
P2 - FPN: [HKCU] [@stonetrip.com/ShiVaWebPlayer,version=1.8.1.0] - (.Stonetrip - ShiVa3D Plugin 1,8,1,1 for 3D real-time applications made with ShiVa E.) -- C:\Users\UGUR\AppData\Roaming\..\LocalLow\StoneTrip\WebPlayer1.8.1
pShiVa3D_1.8.1.dll
M0 - MFSP: prefs.js [UGUR - axwd97il.default] https://www.google.fr/?gws_rd=ssl
M2 - MFEP: prefs.js [UGUR - axwd97il.default\{20a82645-c095-46ed-80e3-08825760534b}] [MicrosoftCG] Microsoft .NET Framework Assistant v1.2.1 (.Microsoft.)
M2 - MFEP: prefs.js [UGUR - axwd97il.default\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}] [WOT] WOT v20110323 (.WOT Services Oy.)



---\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://fr.ask.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.microsoft.com/fr-fr/
R0 - HKUS\S-1-5-21-956550983-257125596-2221039928-1000\Software\Microsoft\Internet Explorer\Main,Start Page = https://fr.ask.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.microsoft.com/fr-fr/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.microsoft.com/fr-fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.microsoft.com/fr-fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.microsoft.com/fr-fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.microsoft.com/fr-fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = https://www.bing.com/?toHttps=1&redig=17DBE7D168544FA98200E890A8051984
R1 - HKUS\S-1-5-21-956550983-257125596-2221039928-1000\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.microsoft.com/fr-fr/
R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Internet Explorer.) (8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)) -- C:\Windows\system32\ieframe.dll
R4 - HKCU\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,Enabled = 2



---\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll



---\ ---\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2)
F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"



---\ Browser Helper Objects de navigateur (O2)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} Clé orpheline
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} . (.Microsoft Corporation - Search Helper for Internet Explorer.) -- C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corporation - Microsoft® Windows Live ID Login Helper.) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLi
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} . (.Microsoft Corporation - Windows Live Toolbar Core.) -- C:\Program Files\Windows Live\Toolbar\wltcore.dll



---\ Internet Explorer Toolbars (O3)
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} . (.Microsoft Corporation - Windows Live Toolbar Core.) -- C:\Program Files\Windows Live\Toolbar\wltcore.dll



---\ ---\ Applications démarrées par registre & par dossier (O4)
O4 - HKLM\..\Run: [avast5] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\Alwil Software\Avast5\avastUI.exe 
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe 
O4 - HKLM\..\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe 
O4 - HKCU\..\Run: [msnmsgr] . (.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe 
O4 - HKUS\S-1-5-21-956550983-257125596-2221039928-1000\..\Run: [msnmsgr] . (.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe 



---\ ---\ Autres liens utilisateurs (O4)
O4 - Global Startup: C:\Users\UGUR\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk . (.Microsoft Corporation.)  -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\UGUR\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Install Clean Up.lnk . (...)  -- C:\Users\UGUR\AppData\Roaming\Microsoft\Installer\{121634B0-2F4B-11D3-ADA3-00C04F52DD52}\Icon386ED4E3.exe
O4 - Global Startup: C:\Users\UGUR\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Mail.lnk . (.Microsoft Corporation.)  -- C:\Program Files\Windows Mail\WinMail.exe
O4 - Global Startup: C:\Users\UGUR\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk . (.Microsoft Corporation.)  -- C:\Program Files\Windows Media Player\wmplayer.exe
O4 - Global Startup: C:\Users\UGUR\Desktop\HijackThis.lnk . (.Trend Micro Inc..)  -- C:\Program Files	rend micro\HijackThis\HijackThis.exe
O4 - Global Startup: C:\Users\UGUR\Desktop\java ra - Raccourci.lnk . (.Sun Microsystems, Inc..)  -- C:\Windows\System32\java.exe
O4 - Global Startup: C:\Users\UGUR\Desktop\OpenOffice.org 3.3.lnk . (.OpenOffice.org.)  -- C:\Program Files\OpenOffice.org 3\program\soffice.exe
O4 - Global Startup: C:\Users\UGUR\Desktop\RegCleaner.lnk . (...)  -- C:\Program Files\RegCleaner\RegCleanr.exe
O4 - Global Startup: C:\Users\UGUR\Desktop\Uninstall PC Camera.lnk . (.Macrovision Corporation.)  -- C:\Program Files\InstallShield Installation Information\{F0B2D11F-E4D9-4C17-A195-B8BADEAE9C40}\setup.exe
O4 - Global Startup: C:\Users\UGUR\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox (6).lnk . (.Mozilla Corporation.)  -- C:\Program Files\Mozilla Firefox\firefox.exe
O4 - Global Startup: C:\Users\UGUR\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Uninstall PC Camera.lnk . (.Macrovision Corporation.)  -- C:\Program Files\InstallShield Installation Information\{F0B2D11F-E4D9-4C17-A195-B8BADEAE9C40}\setup.exe
O4 - Global Startup: C:\Users\UGUR\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Windows Media Player (2).lnk . (.Microsoft Corporation.)  -- C:\Program Files\Windows Media Player\wmplayer.exe



---\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8)
O8 - Extra context menu item: E&xporter vers Microsoft Excel . (.Microsoft Corporation - Microsoft Office Excel.) -- C:\PROGRA~1\MICROS~2\Office12\EXCEL.exe



---\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} . (.Microsoft Corporation - Windows Live Writer Blog This Extension.) -- C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} . (.Microsoft Corporation - Microsoft Office OneNote Internet Explorer Add-in.) -- C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: &Envoyer à OneNote - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (...) -- C:\PROGRA~1\MICROS~2\Office12\REFBARH.ICO



---\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d'affectation de noms de messagerie.) -- C:\Windows\system32
apinsp.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur d'espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur d'espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\Windows\system32\mswsock.dll
O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll



---\ Objets ActiveX (Downloaded Program Files)(O16)
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} (OnlineScanner Control) - http://download.eset.com/special/eos/OnlineScanner.cab
O16 - DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} (WRC Class) - http://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework//microsoft/wrc32.ocx
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab



---\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{E38947E4-A2A7-40BA-B57C-9BC41B63B78D}: DhcpNameServer = 212.27.40.241 212.27.40.240
O17 - HKLM\System\CS1\Services\Tcpip\..\{E38947E4-A2A7-40BA-B57C-9BC41B63B78D}: DhcpNameServer = 212.27.40.241 212.27.40.240
O17 - HKLM\System\CS2\Services\Tcpip\..\{E38947E4-A2A7-40BA-B57C-9BC41B63B78D}: DhcpNameServer = 212.27.40.241 212.27.40.240
O17 - HKLM\System\CS3\Services\Tcpip\..\{E38947E4-A2A7-40BA-B57C-9BC41B63B78D}: DhcpNameServer = 212.27.40.241 212.27.40.240
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 212.27.40.241 212.27.40.240



---\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} . (.Microsoft Corporation - Contrôleur de site Web.) -- C:\Windows\System32\webcheck.dll



---\ Clé de Registre autorun SharedTaskScheduler (STS) (O22)
O22 - SharedTaskScheduler: (no name) - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\Windows\system32\browseui.dll



---\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service:  (avast! Antivirus) . (.AVAST Software - avast! Service.) - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service:  (ETService) . (.Pas de propriétaire - Acer Empowering Technology Framework Servic.) - C:\Program Files\EMACHINES\eMachines Recovery Management\Service\ETService.exe
O23 - Service:  (maconfservice) . (.CybelSoft - Service de détection matériel.) - C:\Program Files\ma-config.com\maconfservice.exe
O23 - Service:  (nvsvc) . (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 258.9.) - C:\Windows\system32
vvsvc.exe
O23 - Service:  (RichVideo) . (.Pas de propriétaire - RichVideo Module.) - C:\Program Files\CyberLink\Shared Files\RichVideo.exe



---\ Enumération Active Desktop & MHTML Editor (O24)
O24 - Default MHTML Editor: Last - .(.Microsoft Corporation - Microsoft Office Word.) - C:\Program Files\Microsoft Office\Office12\WINWORD.exe



---\ Tâches planifiées en automatique (O39)
O39 - APT:Automatic Planified Task  - C:\Windows\Tasks\User_Feed_Synchronization-{E959BDB3-855D-4294-B09C-655F17541F34}.job
[MD5.00000000000000000000000000000000] [APT] [Run RoboForm TaskBar Icon] (.Pas de propriétaire.) -- C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe (.not file.)



---\ Pilotes lancés au démarrage (O41)
O41 - Driver:  (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\Windows\system32\drivers\afd.sys
O41 - Driver:  (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\System32\DRIVERS\cdrom.sys
O41 - Driver: C:\Windows\system32\drivers\dfsc.sys (DfsC) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\System32\Drivers\dfsc.sys
O41 - Driver:  (i8042prt) . (.Microsoft Corporation - Pilote de port i8042.) - C:\Windows\System32\DRIVERS\i8042prt.sys
O41 - Driver:  (kbdclass) . (.Microsoft Corporation - Pilote de la classe Clavier.) - C:\Windows\System32\DRIVERS\kbdclass.sys
O41 - Driver:  (kbdhid) . (.Microsoft Corporation - Pilote de filtre clavier HID.) - C:\Windows\System32\DRIVERS\kbdhid.sys
O41 - Driver:  (mouclass) . (.Microsoft Corporation - Pilote de la classe Souris.) - C:\Windows\System32\DRIVERS\mouclass.sys
O41 - Driver:  (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\System32\DRIVERS
etbios.sys
O41 - Driver:  (netbt) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\System32\DRIVERS
etbt.sys
O41 - Driver:  (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\System32\drivers
siproxy.sys
O41 - Driver: C:\Windows\system32\drivers\pacer.sys (PSched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\Windows\System32\DRIVERS\pacer.sys
O41 - Driver:  (RasAcd) . (.Microsoft Corporation - RAS Automatic Connection Driver.) - C:\Windows\System32\DRIVERSasacd.sys
O41 - Driver:  (rdbss) . (.Microsoft Corporation - Redirected Drive Buffering SubSystem Driver.) - C:\Windows\System32\DRIVERSdbss.sys
O41 - Driver:  (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\DRIVERS\RDPCDD.sys
O41 - Driver:  (RDPENCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\driversdpencdd.sys
O41 - Driver: C:\Windows\system32	cpipcfg.dll (Smb) . (.Microsoft Corporation - SMB Transport driver.) - C:\Windows\System32\DRIVERS\smb.sys
O41 - Driver: C:\Windows\system32	cpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\System32\DRIVERS	dx.sys
O41 - Driver:  (TermDD) . (.Microsoft Corporation - Terminal Server Driver.) - C:\Windows\System32\DRIVERS	ermdd.sys
O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\Windows\system32\drivers\vga.sys
O41 - Driver:  (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\System32\DRIVERS\wanarp.sys



---\ Logiciels installés (O42)
O42 - Logiciel:  Update for Microsoft Office 2007 (KB2508958) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}
O42 - Logiciel: 15354 Webcam Live - (.Pas de propriétaire.) [HKLM] -- {3AC11667-B4DD-4984-AD0B-B2D4E40AB573}
O42 - Logiciel: Adobe Flash Player 10 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX
O42 - Logiciel: Adobe Flash Player 10 Plugin - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player Plugin
O42 - Logiciel: Adobe Reader 9.4.3 - Français - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-1036-7B44-A94000000001}
O42 - Logiciel: Agere Systems PCI-SV92EX Soft Modem - (.Agere Systems.) [HKLM] -- Agere Systems Soft Modem
O42 - Logiciel: Assistant de connexion Windows Live ID - (.Microsoft Corporation.) [HKLM] -- {0840B4D6-7DD1-4187-8523-E6FC0007EFB7}
O42 - Logiciel: CCleaner - (.Piriform.) [HKLM] -- CCleaner
O42 - Logiciel: Defraggler - (.Piriform.) [HKLM] -- Defraggler
O42 - Logiciel: Galerie de photos Windows Live - (.Microsoft Corporation.) [HKLM] -- {1EE04769-91C4-4A06-92B7-FCAFE6BABDD9}
O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB953595
O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB958484
O42 - Logiciel: Installation Windows Live - (.Microsoft Corporation.) [HKLM] -- WinLiveSuite_Wave3
O42 - Logiciel: Installation Windows Live - (.Microsoft Corporation.) [HKLM] -- {133742BA-6F46-4D3E-85AF-78631D9AD8B8}
O42 - Logiciel: Internet Explorer - (.Microsoft Corporation.) [HKLM] -- {B182F68A-6274-4B6B-998D-7D6AF0253547}
O42 - Logiciel: Java(TM) 6 Update 23 - (.Sun Microsystems, Inc..) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F83216020FF}
O42 - Logiciel: Junk Mail filter update - (.Microsoft Corporation.) [HKLM] -- {8E5233E1-7495-44FB-8DEB-4BE906D59619}
O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM] -- {22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
O42 - Logiciel: MSXML 4.0 SP2 (KB927978) - (.Microsoft Corporation.) [HKLM] -- {37477865-A3F1-4772-AD43-AAFC6BCFF99F}
O42 - Logiciel: MSXML 4.0 SP2 (KB954430) - (.Microsoft Corporation.) [HKLM] -- {86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
O42 - Logiciel: MSXML 4.0 SP2 (KB973688) - (.Microsoft Corporation.) [HKLM] -- {F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
O42 - Logiciel: Ma-Config.com - (.Cybelsoft.) [HKLM] -- {B9706D6B-754E-4D81-8EE9-393008D57EDB}
O42 - Logiciel: Malwarebytes' Anti-Malware - (.Malwarebytes Corporation.) [HKLM] -- Malwarebytes' Anti-Malware_is1
O42 - Logiciel: Microsoft .NET Framework 3.5 Language Pack SP1 - fra - (.Microsoft Corporation.) [HKLM] -- {3E31821C-7917-367E-938E-E65FC413EA31}
O42 - Logiciel: Microsoft .NET Framework 3.5 SP1 - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 3.5 SP1
O42 - Logiciel: Microsoft .NET Framework 3.5 SP1 - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Client Profile
O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}
O42 - Logiciel: Microsoft .NET Framework 4 Client Profile FRA Language Pack - (.Microsoft Corporation.) [HKLM] -- {0F5B4A82-9DAF-3D13-8CB8-AEB25E4A614E}
O42 - Logiciel: Microsoft Choice Guard - (.Microsoft Corporation.) [HKLM] -- {F0E12BBA-AD66-4022-A453-A1C8A0C4D570}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0016-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0018-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001B-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-006E-040C-0000-0000000FF1CE}_HOMESTUDENTR_{B165D3C2-40AE-4D39-86F7-E5C87C4264C0}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-00A1-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}
O42 - Logiciel: Microsoft Office Excel MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0016-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Home and Student 2007 - (.Microsoft Corporation.) [HKLM] -- HOMESTUDENTR
O42 - Logiciel: Microsoft Office Home and Student 2007 - (.Microsoft Corporation.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Live Add-in 1.5 - (.Microsoft Corporation.) [HKLM] -- {F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}
O42 - Logiciel: Microsoft Office OneNote MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-00A1-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office PowerPoint MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0018-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office PowerPoint Viewer 2007 (French) - (.Microsoft Corporation.) [HKLM] -- {95120000-00AF-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (Arabic) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0401-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (Dutch) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0413-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (English) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0409-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (German) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0407-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (Spanish) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0C0A-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proofing (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-002C-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0401-0000-0000000FF1CE}_HOMESTUDENTR_{14809F99-C601-4D4A-9391-F1E8FAA964C5}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A0516415-ED61-419A-981D-93596DA74165}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0413-0000-0000000FF1CE}_HOMESTUDENTR_{D66D5A44-E480-4BA4-B4F2-C554F6B30EBB}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}
O42 - Logiciel: Microsoft Office Shared MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-006E-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Suite Activation Assistant - (.Microsoft Corporation.) [HKLM] -- {E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}
O42 - Logiciel: Microsoft Office Word MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001B-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft SQL Server 2005 Compact Edition [ENU] - (.Microsoft Corporation.) [HKLM] -- {F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
O42 - Logiciel: Microsoft Search Enhancement Pack - (.Microsoft Corporation.) [HKLM] -- {06E6E30D-B498-442F-A943-07DE41D7F785}
O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
O42 - Logiciel: Microsoft Sync Framework Runtime Native v1.0 (x86) - (.Microsoft Corporation.) [HKLM] -- {8A74E887-8F0F-4017-AF53-CBA42211AAA5}
O42 - Logiciel: Microsoft Sync Framework Services Native v1.0 (x86) - (.Microsoft Corporation.) [HKLM] -- {BD64AF4A-8C80-4152-AD77-FCDDF05208AB}
O42 - Logiciel: Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 - (.Microsoft Corporation.) [HKLM] -- {770657D0-A123-3C07-8E44-1C83EC895118}
O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable - (.Microsoft Corporation.) [HKLM] -- {837b34e3-7c30-493c-8f6a-2b0f04e2912c}
O42 - Logiciel: Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 - (.Microsoft Corporation.) [HKLM] -- {002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 - (.Microsoft Corporation.) [HKLM] -- {9A25302D-30C0-39D9-BD6F-21E6EC160475}
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 - (.Microsoft Corporation.) [HKLM] -- {1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
O42 - Logiciel: Microsoft Works - (.Microsoft Corporation.) [HKLM] -- {3B160861-7250-451E-B5EE-8B92BF30A710}
O42 - Logiciel: Module de compatibilité pour Microsoft Office System 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0020-040C-0000-0000000FF1CE}
O42 - Logiciel: Module linguistique Microsoft .NET Framework 3.5 SP1- fra - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 3.5 Language Pack SP1 - fra
O42 - Logiciel: Module linguistique Microsoft .NET Framework 4 Client Profile FRA - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Client Profile FRA Language Pack
O42 - Logiciel: Mozilla Firefox (3.6.16) - (.Mozilla.) [HKLM] -- Mozilla Firefox (3.6.16)
O42 - Logiciel: NVIDIA Display Control Panel - (.NVIDIA Corporation.) [HKLM] -- NVIDIA Display Control Panel
O42 - Logiciel: NVIDIA Drivers - (.NVIDIA Corporation.) [HKLM] -- NVIDIA Drivers
O42 - Logiciel: OpenOffice.org 3.3 - (.OpenOffice.org.) [HKLM] -- {7E0610A2-E336-40B3-B685-C4905E97EC9A}
O42 - Logiciel: Outil de téléchargement Windows Live - (.Microsoft Corporation.) [HKLM] -- {205C6BDD-7B73-42DE-8505-9A093F35A238}
O42 - Logiciel: PVSonyDll - (.NVIDIA Corporation.) [HKLM] -- {3D3E663D-4E7E-4577-A560-7ECDDD45548A}
O42 - Logiciel: PowerDVD - (.CyberLink Corporation.) [HKLM] -- {6811CAA0-BF12-11D4-9EA1-0050BAE317E1}
O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}
O42 - Logiciel: S3D Web Player - (.Stonetrip.) [HKLM] -- S3D Web Player
O42 - Logiciel: SAMSUNG Mobile Modem Driver Set - (.Pas de propriétaire.) [HKLM] -- SAMSUNG Mobile Modem
O42 - Logiciel: SAMSUNG Mobile USB Modem 1.0 Software - (.Pas de propriétaire.) [HKLM] -- SAMSUNG Mobile USB Modem 1.0
O42 - Logiciel: SAMSUNG Mobile USB Modem Software - (.Pas de propriétaire.) [HKLM] -- SAMSUNG Mobile USB Modem
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2288621) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{5C497F0B-2061-4CC9-A61C-6B45B867354D}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2288931) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{CD769337-C8AC-46DB-A7DC-643E50089263}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2345043) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{536FB502-775F-4494-BACE-C02CC90B7A5B}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2466156) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{CEF209AB-F96D-404F-B5CC-44057C057CA3}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2509488) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{AD0DE453-0804-4495-9C91-33D0F9AA5463}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB969559) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{69F52148-9BF6-4CDC-BF76-103DEAF3DD08}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB976321) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{7F207DCA-3399-40CB-A968-6E5991B1421A}
O42 - Logiciel: Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB2416473
O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2446708
O42 - Logiciel: Security Update for Microsoft Office Excel 2007 (KB2464583) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{151E2FEA-C3A6-4CB6-BE6B-16651FDF04BE}
O42 - Logiciel: Security Update for Microsoft Office InfoPath 2007 (KB979441) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{8CCB781A-CF6B-4FCB-B6D8-59C64DF5C6DB}
O42 - Logiciel: Security Update for Microsoft Office PowerPoint 2007 (KB2464594) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{E6B7C11E-21E9-4BA0-9677-29AD603B953C}
O42 - Logiciel: Security Update for Microsoft Office PowerPoint Viewer 2007 (KB2464623) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{D75E6D0C-BADF-4F41-98B2-0C0F02C15062}
O42 - Logiciel: Security Update for Microsoft Office Visio Viewer 2007 (KB973709) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{71127777-8B2C-4F97-AF7A-6CF8CAC8224D}
O42 - Logiciel: Security Update for Microsoft Office Word 2007 (KB2344993) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{7A5B74FA-7A92-4FC9-821A-2DD5D4E73E48}
O42 - Logiciel: Security Update for Microsoft Office system 2007 (972581) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}
O42 - Logiciel: Security Update for Microsoft Office system 2007 (KB974234) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{FCD742B9-7A55-44BC-A776-F795F21FEDDC}
O42 - Logiciel: Update for 2007 Microsoft Office System (KB967642) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}
O42 - Logiciel: Update for Microsoft .NET Framework 3.5 SP1 (KB963707) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707
O42 - Logiciel: Update for Microsoft Office OneNote 2007 (KB980729) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{329050A9-EF80-40F9-B633-74508F54C1FF}
O42 - Logiciel: VGA USB Camera - (.Pas de propriétaire.) [HKLM] -- {F0B2D11F-E4D9-4C17-A195-B8BADEAE9C40}
O42 - Logiciel: Windows Installer Clean Up - (.Microsoft Corporation.) [HKLM] -- {121634B0-2F4B-11D3-ADA3-00C04F52DD52}
O42 - Logiciel: Windows Live Call - (.Microsoft Corporation.) [HKLM] -- {B3B487E7-6171-4376-9074-B28082CEB504}
O42 - Logiciel: Windows Live Communications Platform - (.Microsoft Corporation.) [HKLM] -- {3175E049-F9A9-4A3D-8F19-AC9FB04514D1}
O42 - Logiciel: Windows Live Contrôle parental - (.Microsoft Corporation.) [HKLM] -- {9FF9FDF7-F84A-4F99-B4BB-066B6F95F33D}
O42 - Logiciel: Windows Live FolderShare - (.Microsoft Corporation.) [HKLM] -- {76810709-A7D3-468D-9167-A1780C1E766C}
O42 - Logiciel: Windows Live Mail - (.Microsoft Corporation.) [HKLM] -- {5DD76286-9BE7-4894-A990-E905E91AC818}
O42 - Logiciel: Windows Live Messenger - (.Microsoft Corporation.) [HKLM] -- {445B183D-F4F1-45C8-B9DB-F11355CA657B}
O42 - Logiciel: Windows Live Movie Maker - (.Microsoft Corporation.) [HKLM] -- {230B83A5-7D88-4B95-B71E-F44C0C78B002}
O42 - Logiciel: Windows Live OneCare safety scanner - (.Microsoft Corporation.) [HKLM] -- Windows Live OneCare safety scanner
O42 - Logiciel: Windows Live OneCare safety scanner - (.Microsoft Corporation.) [HKLM] -- {FE0646A7-19D0-41B4-A2BB-2C35D644270D}
O42 - Logiciel: Windows Live Toolbar - (.Microsoft Corporation.) [HKLM] -- {9D6524E6-15CF-4852-BF70-04FE973A3DE1}
O42 - Logiciel: Windows Live Writer - (.Microsoft Corporation.) [HKLM] -- {4634B21A-CC07-4396-890C-2B8168661FEA}
O42 - Logiciel: avast! Free Antivirus - (.Alwil Software.) [HKLM] -- avast5
O42 - Logiciel: eMachines Recovery Management - (.Acer Incorporated.) [HKLM] -- {7F811A54-5A09-4579-90E1-C93498E230D9}
O42 - Logiciel: neroxml - (.Nero AG.) [HKLM] -- {56C049BE-79E9-4502-BEA7-9754A3E60F9B}

---\ HKCU & HKLM Software Keys
[HKCU\Software\ALWIL Software]
[HKCU\Software\AcerUtil]
[HKCU\Software\Adobe]
[HKCU\Software\AppDataLow\Aurigma]
[HKCU\Software\AppDataLow\Software\Google]
[HKCU\Software\AppDataLow\Software\Microsoft]
[HKCU\Software\AppDataLow\Software\Monitored]
[HKCU\Software\AppDataLow\Software\Stonetrip]
[HKCU\Software\AppDataLow\Software\Yahoo]
[HKCU\Software\AppDataLow\Software\settings]
[HKCU\Software\AppDataLow\Software]
[HKCU\Software\AppDataLow]
[HKCU\Software\AutocompletePro]
[HKCU\Software\BearShare]
[HKCU\Software\BigFix]
[HKCU\Software\Canneverbe Limited]
[HKCU\Software\Classes]
[HKCU\Software\Clients]
[HKCU\Software\CyberLink]
[HKCU\Software\ESET]
[HKCU\Software\Flowmix]
[HKCU\Software\Google]
[HKCU\Software\HookNetwork]
[HKCU\Software\IM Providers]
[HKCU\Software\JavaSoft]
[HKCU\Software\LOGItram]
[HKCU\Software\Lake]
[HKCU\Software\Local AppWizard-Generated Applications]
[HKCU\Software\Macromedia]
[HKCU\Software\Magnet]
[HKCU\Software\Malwarebytes' Anti-Malware]
[HKCU\Software\MozillaPlugins]
[HKCU\Software\Mozilla]
[HKCU\Software\NVIDIA Corporation]
[HKCU\Software\Nero]
[HKCU\Software\Netscape]
[HKCU\Software\Nosibay]
[HKCU\Software\ODBC]
[HKCU\Software\OpenOffice.org]
[HKCU\Software\Piriform]
[HKCU\Software\Policies]
[HKCU\Software\Realtek]
[HKCU\Software\RegZooka2008]
[HKCU\Software\RegZooka]
[HKCU\Software\RegisteredApplications]
[HKCU\Software\Siber Systems]
[HKCU\Software\Softonic]
[HKCU\Software\Sysinternals]
[HKCU\Software\Usbfix]
[HKCU\Software\VB and VBA Program Settings]
[HKCU\Software\WinRAR SFX]
[HKCU\Software\Windows Live Writer]
[HKCU\Software\YahooPartnerToolbar]
[HKCU\Software\Yahoo]
[HKCU\Software\cybelsoft]
[HKLM\Software\15354 Webcam Live]
[HKLM\Software\ALWIL Software]
[HKLM\Software\Acer Incorporated]
[HKLM\Software\Acer]
[HKLM\Software\Adobe]
[HKLM\Software\Agere]
[HKLM\Software\Ahead]
[HKLM\Software\America Online]
[HKLM\Software\Audible]
[HKLM\Software\BigFix]
[HKLM\Software\BrowserChoice]
[HKLM\Software\Classes]
[HKLM\Software\Clients]
[HKLM\Software\CyberLink]
[HKLM\Software\Digital River]
[HKLM\Software\DivXNetworks]
[HKLM\Software\Eset]
[HKLM\Software\Flowmix]
[HKLM\Software\Gateway]
[HKLM\Software\Google]
[HKLM\Software\Intel]
[HKLM\Software\JavaSoft]
[HKLM\Software\JreMetrics]
[HKLM\Software\Khronos]
[HKLM\Software\Lake]
[HKLM\Software\MCCI]
[HKLM\Software\Macromedia]
[HKLM\Software\Malwarebytes' Anti-Malware]
[HKLM\Software\McAfee.com]
[HKLM\Software\MimarSinan]
[HKLM\Software\MozillaPlugins]
[HKLM\Software\Mozilla]
[HKLM\Software\MusicNet]
[HKLM\Software\NVIDIA Corporation]
[HKLM\Software\Nero]
[HKLM\Software\ODBC]
[HKLM\Software\OemSetup]
[HKLM\Software\OldTimer Tools]
[HKLM\Software\Piriform]
[HKLM\Software\PixArt]
[HKLM\Software\Policies]
[HKLM\Software\Realtek Semiconductor Corp.]
[HKLM\Software\Realtek]
[HKLM\Software\RegisteredApplications]
[HKLM\Software\SONIX]
[HKLM\Software\SRS Labs]
[HKLM\Software\Siber Systems]
[HKLM\Software\Software]
[HKLM\Software\Swearware]
[HKLM\Software\Uniblue]
[HKLM\Software\VDownloader]
[HKLM\Software\VGA USB Camera]
[HKLM\Software\WOW6432Node]
[HKLM\Software\Waves Audio]
[HKLM\Software\Windows]
[HKLM\Software\Yahoo]
[HKLM\Software\cybelsoft]
[HKLM\Software\mozilla.org]



---\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 07/10/2010 - 07:16:14 - [162743158] ----D- C:\Program Files\Adobe
O43 - CFD: 01/01/2011 - 04:03:50 - [150426020] ----D- C:\Program Files\Alwil Software
O43 - CFD: 17/03/2010 - 08:18:50 - [0] ----D- C:\Program Files\BearShare Applications
O43 - CFD: 08/11/2009 - 09:17:34 - [394990] ----D- C:\Program Files\BigFix
O43 - CFD: 15/02/2010 - 08:52:42 - [2847944] ----D- C:\Program Files\CCleaner
O43 - CFD: 18/08/2009 - 12:13:50 - [0] ----D- C:\Program Files\CDBurnerXP
O43 - CFD: 01/01/2011 - 00:08:02 - [896820307] ----D- C:\Program Files\Common Files
O43 - CFD: 15/02/2010 - 08:57:18 - [82393500] ----D- C:\Program Files\CyberLink
O43 - CFD: 06/03/2010 - 15:05:30 - [3273016] ----D- C:\Program Files\Defraggler
O43 - CFD: 18/07/2009 - 19:25:52 - [49189404] ----D- C:\Program Files\EMACHINES
O43 - CFD: 14/08/2010 - 10:39:24 - [95621156] ----D- C:\Program Files\ESET
O43 - CFD: 18/07/2009 - 19:20:42 - [0] -SH-D- C:\Program Files\Fichiers communs
O43 - CFD: 12/11/2010 - 19:05:10 - [35872452] --H-D- C:\Program Files\InstallShield Installation Information
O43 - CFD: 15/04/2011 - 14:14:44 - [4567640] ----D- C:\Program Files\Internet Explorer
O43 - CFD: 18/12/2010 - 09:05:26 - [88538961] ----D- C:\Program Files\Java
O43 - CFD: 03/11/2010 - 19:13:34 - [0] ----D- C:\Program Files\LimeWire
O43 - CFD: 21/07/2010 - 10:12:10 - [3] ----D- C:\Program Files\List_Kill'em
O43 - CFD: 25/02/2010 - 09:14:28 - [5012838] ----D- C:\Program Files\ma-config.com
O43 - CFD: 01/02/2011 - 11:07:26 - [4978664] ----D- C:\Program Files\Malwarebytes' Anti-Malware
O43 - CFD: 26/05/2010 - 08:36:56 - [2250422] ----D- C:\Program Files\Microsoft
O43 - CFD: 02/11/2006 - 14:35:52 - [46946424] ----D- C:\Program Files\Microsoft Games
O43 - CFD: 15/12/2008 - 08:36:48 - [369765095] ----D- C:\Program Files\Microsoft Office
O43 - CFD: 15/12/2008 - 08:38:34 - [7791803] ----D- C:\Program Files\Microsoft Office Suite Activation Assistant
O43 - CFD: 17/03/2011 - 17:59:14 - [38371963] ----D- C:\Program Files\Microsoft Silverlight
O43 - CFD: 21/10/2010 - 08:32:08 - [1694056] ----D- C:\Program Files\Microsoft SQL Server Compact Edition
O43 - CFD: 21/10/2010 - 08:32:08 - [2188837] ----D- C:\Program Files\Microsoft Sync Framework
O43 - CFD: 16/12/2010 - 08:35:48 - [145421942] ----D- C:\Program Files\Microsoft Works
O43 - CFD: 24/06/2010 - 23:34:08 - [8167779] ----D- C:\Program Files\Microsoft.NET
O43 - CFD: 12/08/2010 - 09:39:22 - [20470054] ----D- C:\Program Files\Movie Maker
O43 - CFD: 23/03/2011 - 12:42:44 - [30543553] ----D- C:\Program Files\Mozilla Firefox
O43 - CFD: 02/11/2006 - 14:35:52 - [25757] ----D- C:\Program Files\MSBuild
O43 - CFD: 20/08/2010 - 13:50:54 - [869270] ----D- C:\Program Files\MSECACHE
O43 - CFD: 11/03/2010 - 13:15:32 - [0] ----D- C:\Program Files\MSXML 4.0
O43 - CFD: 10/11/2010 - 08:35:42 - [27729590] ----D- C:\Program Files\NVIDIA Corporation
O43 - CFD: 04/02/2011 - 20:57:26 - [352657673] ----D- C:\Program Files\OpenOffice.org 3
O43 - CFD: 15/12/2008 - 08:31:28 - [22827750] ----D- C:\Program Files\Realtek
O43 - CFD: 02/11/2006 - 14:35:52 - [38694657] ----D- C:\Program Files\Reference Assemblies
O43 - CFD: 04/07/2010 - 13:18:10 - [1142666] ----D- C:\Program Files\RegCleaner
O43 - CFD: 27/10/2009 - 23:16:48 - [0] ----D- C:\Program Files\RegZooka
O43 - CFD: 31/03/2011 - 19:47:40 - [1083618] ----D- C:\Program Files\Siber Systems
O43 - CFD: 15/08/2010 - 23:26:48 - [789607] ----D- C:\Program Files	rend micro
O43 - CFD: 12/11/2010 - 19:05:10 - [10649478] ----D- C:\Program Files\Trust
O43 - CFD: 02/11/2006 - 14:58:20 - [0] --H-D- C:\Program Files\Uninstall Information
O43 - CFD: 31/03/2011 - 19:52:28 - [188918] ----D- C:\Program Files\VDownloader
O43 - CFD: 20/07/2009 - 20:26:56 - [10835712] ----D- C:\Program Files\VGA USB Camera
O43 - CFD: 10/05/2010 - 14:26:10 - [0] ----D- C:\Program Files\VideoLAN
O43 - CFD: 09/05/2010 - 15:11:34 - [26724360] ----D- C:\Program Files\VLC Player
O43 - CFD: 10/05/2010 - 14:33:12 - [0] ----D- C:\Program Files\VS Revo Group
O43 - CFD: 19/11/2009 - 13:37:10 - [1016832] ----D- C:\Program Files\Windows Calendar
O43 - CFD: 19/11/2009 - 13:37:10 - [2737152] ----D- C:\Program Files\Windows Collaboration
O43 - CFD: 19/11/2009 - 13:37:06 - [4490624] ----D- C:\Program Files\Windows Defender
O43 - CFD: 20/08/2010 - 13:51:34 - [142742] ----D- C:\Program Files\Windows Installer Clean Up
O43 - CFD: 27/01/2011 - 08:50:36 - [156290888] ----D- C:\Program Files\Windows Live
O43 - CFD: 05/07/2010 - 08:24:54 - [66110213] ----D- C:\Program Files\Windows Live Safety Center
O43 - CFD: 21/10/2010 - 08:32:08 - [245112] ----D- C:\Program Files\Windows Live SkyDrive
O43 - CFD: 15/04/2011 - 14:14:44 - [8935608] ----D- C:\Program Files\Windows Mail
O43 - CFD: 13/10/2010 - 16:13:10 - [4498121] ----D- C:\Program Files\Windows Media Player
O43 - CFD: 18/07/2009 - 19:20:42 - [7957544] ----D- C:\Program Files\Windows NT
O43 - CFD: 19/11/2009 - 13:37:08 - [8228002] ----D- C:\Program Files\Windows Photo Gallery
O43 - CFD: 20/11/2009 - 18:42:12 - [134144] ----D- C:\Program Files\Windows Portable Devices
O43 - CFD: 19/11/2009 - 13:37:10 - [6527606] ----D- C:\Program Files\Windows Sidebar
O43 - CFD: 15/02/2010 - 08:56:18 - [0] ----D- C:\Program Files\Yahoo!
O43 - CFD: 18/04/2011 - 11:25:36 - [3836509] ----D- C:\Program Files\ZHPDiag
O43 - CFD: 07/10/2010 - 07:16:28 - [6365228] ----D- C:\Program Files\Common Files\Adobe
O43 - CFD: 15/12/2008 - 08:36:48 - [92976] ----D- C:\Program Files\Common Files\DESIGNER
O43 - CFD: 15/12/2008 - 08:48:56 - [5008435] ----D- C:\Program Files\Common Files\InstallShield
O43 - CFD: 21/07/2010 - 09:26:24 - [1243079] ----D- C:\Program Files\Common Files\Java
O43 - CFD: 21/10/2010 - 08:33:00 - [247541670] ----D- C:\Program Files\Common Files\microsoft shared
O43 - CFD: 10/03/2010 - 19:42:20 - [0] ----D- C:\Program Files\Common Files\Nero
O43 - CFD: 27/12/2009 - 15:13:02 - [0] ----D- C:\Program Files\Common Files\PX Storage Engine
O43 - CFD: 02/11/2006 - 13:18:34 - [2702] ----D- C:\Program Files\Common Files\Services
O43 - CFD: 02/11/2006 - 13:18:34 - [41101735] ----D- C:\Program Files\Common Files\SpeechEngines
O43 - CFD: 18/07/2009 - 20:00:02 - [498856] ----D- C:\Program Files\Common Files\Symantec Shared
O43 - CFD: 19/11/2009 - 13:37:08 - [42750094] ----D- C:\Program Files\Common Files\System
O43 - CFD: 18/07/2009 - 19:56:54 - [549270628] ----D- C:\Program Files\Common Files\Windows Live
O43 - CFD: 16/03/2010 - 18:42:38 - [2329] ----D- C:\ProgramData\24B0
O43 - CFD: 07/10/2010 - 07:16:28 - [763] ----D- C:\ProgramData\Adobe
O43 - CFD: 01/01/2011 - 04:03:50 - [30125624] ----D- C:\ProgramData\Alwil Software
O43 - CFD: 02/11/2006 - 14:59:46 - [0] -SH-D- C:\ProgramData\Application Data
O43 - CFD: 18/07/2009 - 19:20:42 - [0] -SH-D- C:\ProgramData\Bureau
O43 - CFD: 16/08/2009 - 08:51:06 - [0] ----D- C:\ProgramData\Canneverbe Limited
O43 - CFD: 20/07/2009 - 16:21:38 - [27942] ----D- C:\ProgramData\CyberLink
O43 - CFD: 02/11/2006 - 14:59:46 - [0] -SH-D- C:\ProgramData\Desktop
O43 - CFD: 02/11/2006 - 14:59:46 - [0] -SH-D- C:\ProgramData\Documents
O43 - CFD: 18/07/2009 - 19:20:42 - [0] -SH-D- C:\ProgramData\Favoris
O43 - CFD: 02/11/2006 - 14:59:46 - [0] -SH-D- C:\ProgramData\Favorites
O43 - CFD: 02/03/2010 - 22:58:48 - [471664] ----D- C:\ProgramData\Google
O43 - CFD: 25/02/2010 - 09:14:22 - [1094219] ----D- C:\ProgramData\ma-config.com
O43 - CFD: 23/01/2010 - 09:46:38 - [13861056] ----D- C:\ProgramData\Malwarebytes
O43 - CFD: 04/12/2009 - 08:02:28 - [11524] ----D- C:\ProgramData\McAfee
O43 - CFD: 01/12/2009 - 19:44:38 - [155] ----D- C:\ProgramData\McAfee Security Scan
O43 - CFD: 18/07/2009 - 19:20:42 - [0] -SH-D- C:\ProgramData\Menu Démarrer
O43 - CFD: 20/10/2010 - 23:10:04 - [161466338] -S--D- C:\ProgramData\Microsoft
O43 - CFD: 15/04/2011 - 12:42:26 - [57040] ----D- C:\ProgramData\Microsoft Help
O43 - CFD: 18/07/2009 - 19:20:42 - [0] -SH-D- C:\ProgramData\Modèles
O43 - CFD: 10/03/2010 - 19:41:44 - [5466] ----D- C:\ProgramData\Nero
O43 - CFD: 10/11/2010 - 18:59:30 - [274146] ----D- C:\ProgramData\NVIDIA
O43 - CFD: 10/11/2010 - 08:33:42 - [522537] ----D- C:\ProgramData\NVIDIA Corporation
O43 - CFD: 31/03/2011 - 19:48:12 - [96] ----D- C:\ProgramData\RoboForm
O43 - CFD: 02/11/2006 - 14:59:46 - [0] -SH-D- C:\ProgramData\Start Menu
O43 - CFD: 06/03/2010 - 12:37:38 - [224] ----D- C:\ProgramData\Sun
O43 - CFD: 02/11/2006 - 14:59:46 - [0] -SH-D- C:\ProgramData\Templates
O43 - CFD: 21/04/2010 - 14:59:54 - [0] ----D- C:\ProgramData\WindowsSearch
O43 - CFD: 18/07/2009 - 20:21:18 - [3800004] ----D- C:\Users\UGUR\AppData\Roaming\Adobe
O43 - CFD: 16/08/2009 - 08:51:06 - [4269] ----D- C:\Users\UGUR\AppData\Roaming\Canneverbe_Limited
O43 - CFD: 18/12/2009 - 17:56:02 - [3083] ----D- C:\Users\UGUR\AppData\Roaming\CyberLink
O43 - CFD: 18/07/2009 - 19:33:12 - [0] ----D- C:\Users\UGUR\AppData\Roaming\Google
O43 - CFD: 18/07/2009 - 19:26:56 - [0] ----D- C:\Users\UGUR\AppData\Roaming\Identities
O43 - CFD: 20/07/2009 - 20:26:36 - [0] ----D- C:\Users\UGUR\AppData\Roaming\InstallShield
O43 - CFD: 18/07/2009 - 19:37:34 - [9062] ----D- C:\Users\UGUR\AppData\Roaming\Macromedia
O43 - CFD: 23/01/2010 - 09:46:46 - [15719] ----D- C:\Users\UGUR\AppData\Roaming\Malwarebytes
O43 - CFD: 08/05/2010 - 09:46:30 - [0] ----D- C:\Users\UGUR\AppData\Roaming\Media Player Classic
O43 - CFD: 20/08/2010 - 13:51:34 - [12980767] -S--D- C:\Users\UGUR\AppData\Roaming\Microsoft
O43 - CFD: 06/03/2010 - 12:22:00 - [7599906] ----D- C:\Users\UGUR\AppData\Roaming\Mozilla
O43 - CFD: 10/03/2010 - 19:26:04 - [87488] ----D- C:\Users\UGUR\AppData\Roaming\Nero
O43 - CFD: 04/02/2011 - 21:07:18 - [1523082] ----D- C:\Users\UGUR\AppData\Roaming\OpenOffice.org
O43 - CFD: 18/12/2009 - 21:27:00 - [798] ----D- C:\Users\UGUR\AppData\Roaming\PhotoFiltre
O43 - CFD: 10/02/2011 - 16:12:52 - [22725408] ----D- C:\Users\UGUR\AppData\Roaming\StoneTrip
O43 - CFD: 18/07/2009 - 19:27:14 - [0] ----D- C:\Users\UGUR\AppData\Roaming\Symantec
O43 - CFD: 21/08/2009 - 13:01:04 - [13824] ----D- C:\Users\UGUR\AppData\Roaming\Template
O43 - CFD: 01/02/2011 - 12:47:52 - [146490] ----D- C:\Users\UGUR\AppData\Roaming\Uniblue
O43 - CFD: 10/05/2010 - 14:26:36 - [339777] ----D- C:\Users\UGUR\AppData\Roaming\vlc
O43 - CFD: 29/07/2009 - 17:42:56 - [0] ----D- C:\Users\UGUR\AppData\Roaming\Windows Live Writer
O43 - CFD: 23/01/2010 - 11:34:28 - [0] ----D- C:\Users\UGUR\AppData\Roaming\Yahoo!
O43 - CFD: 28/01/2011 - 22:41:26 - [103220] ----D- C:\Users\UGUR\Appdata\Local\Adobe
O43 - CFD: 18/07/2009 - 19:24:32 - [0] -SH-D- C:\Users\UGUR\Appdata\Local\Application Data
O43 - CFD: 02/03/2010 - 22:58:48 - [176534094] ----D- C:\Users\UGUR\Appdata\Local\Google
O43 - CFD: 18/07/2009 - 19:24:32 - [0] -SH-D- C:\Users\UGUR\Appdata\Local\Historique
O43 - CFD: 03/03/2011 - 16:54:12 - [1254478786] ----D- C:\Users\UGUR\Appdata\Local\Microsoft
O43 - CFD: 30/11/2010 - 12:47:44 - [1429644] ----D- C:\Users\UGUR\Appdata\Local\Microsoft Games
O43 - CFD: 06/03/2010 - 12:22:00 - [105357775] ----D- C:\Users\UGUR\Appdata\Local\Mozilla
O43 - CFD: 01/02/2011 - 12:47:20 - [0] ----D- C:\Users\UGUR\Appdata\Local\PackageAware
O43 - CFD: 18/04/2011 - 11:25:04 - [6476617] ----D- C:\Users\UGUR\Appdata\Local\Temp
O43 - CFD: 18/07/2009 - 19:24:32 - [0] -SH-D- C:\Users\UGUR\Appdata\Local\Temporary Internet Files
O43 - CFD: 18/07/2009 - 20:37:30 - [22218] ----D- C:\Users\UGUR\Appdata\Local\VirtualStore
O43 - CFD: 20/10/2010 - 22:50:38 - [0] ----D- C:\Users\UGUR\Appdata\Local\Windows Live
O43 - CFD: 29/07/2009 - 17:42:58 - [355982] ----D- C:\Users\UGUR\Appdata\Local\Windows Live Writer



---\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.24EF120054898C7600FCFD7FF8EF1200] - 18/04/2011 - 10:02:18 ---A- . (...) -- C:\Windows\WindowsUpdate.log   [1461399]
O44 - LFC:[MD5.663AAFBCE83799BE6FB4A63F94C04ED8] - 18/04/2011 - 09:51:34 -S-A- . (...) -- C:\Windows\bootstat.dat   [67584]
O44 - LFC:[MD5.4F41D7CD22135651A95BC7C1FCAE6DDB] - 18/04/2011 - 07:18:56 ---A- . (...) -- C:\Windows\System32\PerfStringBackup.INI   [1525202]
O44 - LFC:[MD5.82B18A4D60DFB1E95A2CDB1A50B93EC7] - 18/04/2011 - 07:18:56 ---A- . (...) -- C:\Windows\System32\perfc009.dat   [108176]
O44 - LFC:[MD5.75DB73F275711CD6D212975D17CD47BD] - 18/04/2011 - 07:18:56 ---A- . (...) -- C:\Windows\System32\perfc00C.dat   [131296]
O44 - LFC:[MD5.76D71D63D5A9E8FDE470308F0B41302B] - 18/04/2011 - 07:18:56 ---A- . (...) -- C:\Windows\System32\perfh009.dat   [600294]
O44 - LFC:[MD5.BDB2EF573E30F3DBF2D84C4BBCDAC409] - 18/04/2011 - 07:18:56 ---A- . (...) -- C:\Windows\System32\perfh00C.dat   [693646]
O44 - LFC:[MD5.24EF120054898C7600FCFD7FF8EF1200] - 18/04/2011 - 07:13:39 ---A- . (...) -- C:\Windows\System32\LogConfigTemp.xml   [0]
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 16/04/2011 - 21:16:55 ---A- . (...) -- C:\Windows\setupact.log   [0]
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 16/04/2011 - 21:16:55 ---A- . (...) -- C:\Windows\setuperr.log   [0]
O44 - LFC:[MD5.6481259378914F553B0564CA19D3E194] - 15/04/2011 - 13:16:42 ---A- . (...) -- C:\Windows\System32\FNTCACHE.DAT   [322032]
O44 - LFC:[MD5.B44A7AC9E801C38F54F7340351313E85] - 15/04/2011 - 07:37:16 ---A- . (.Adobe Systems Incorporated - Windows NT OpenType/Type 1 Font Driver.) -- C:\Windows\System32\atmfd.dll   [292864]
O44 - LFC:[MD5.54F73529D65E5EB41FFC28C4EDDF069F] - 15/04/2011 - 07:37:15 ---A- . (.Adobe Systems - Windows NT OpenType/Type 1 API Library..) -- C:\Windows\System32\atmlib.dll   [34304]
O44 - LFC:[MD5.AF95D8531DF908F2E6DE3626E0A3E06C] - 06/04/2011 - 21:03:38 ---A- . (...) -- C:\img2-001.raw   [460824]



---\ Trojan Driver Search Data (HKLM) (O52)
O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\Windows\System32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
O52 - TDSD: \Drivers32\"vidc.cvid"="iccvid.dll" . (.Radius Inc. - Codec Cinepak®.) -- C:\Windows\System32\iccvid.dll
O52 - TDSD: \drivers.desc\"C:\Windows\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm



---\ ShareTools MSconfig StartupReg (O53)
O53 - SMSR:HKLM\...\startupreg\Adobe ARM  [Key] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
O53 - SMSR:HKLM\...\startupreg\Adobe Reader Speed Launcher  [Key] . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe
O53 - SMSR:HKLM\...\startupreg\msnmsgr  [Key] . (.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe
O53 - SMSR:HKLM\...\startupreg\PAC7302_Monitor  [Key] . (.PixArt Imaging Incorporation - Registry Monitor.) -- C:\Windows\Pixart\PAC7302\Monitor.exe
O53 - SMSR:HKLM\...\startupreg\snpstd3  [Key] . (.Pas de propriétaire - CameraMonitor Application.) -- C:\Windows\vsnpstd3.exe
O53 - SMSR:HKLM\...\startupreg\SunJavaUpdateSched  [Key] . (.Sun Microsystems, Inc. - Java(TM) Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe
O53 - SMSR:HKLM\...\startupreg\WMPNSCFG  [Key] . (.Microsoft Corporation - Application de configuration du service Par.) -- C:\Program Files\Windows Media Player\WMPNSCFG.exe



---\ Microsoft Control Security Providers (O54)
O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - TS Single Sign On Security Package.) -- C:\Windows\system32\credssp.dll
O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - TS Single Sign On Security Package.) -- C:\Windows\system32\credssp.dll



---\ Microsoft Windows Policies System (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=2
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1
O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=1
O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0
O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=
O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0
O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1
O55 - M

Utilisateur anonyme · Answer

bonjour,

ton rapport est incomplet !

évite de poster de doublon, j'ai mis l'autre poste en résolu !


* Enregistre le rapport sur ton Bureau à l'aide de l'icône représentant une disquette 
* Héberge le rapport ZHPDiag.txt sur Cijoint, puis copie/colle le lien fourni dans ta prochaine réponse sur le forum :
http://dl.free.fr
ou :
http://www.cijoint.fr/
ou :
http://ww38.toofiles.com/fr/documents-upload.html
ou : 
https://www.terafiles.net/

akasya · Answer

http://www.cijoint.fr/cjlink.php?file=cj201104/cij4d3oKvl.txt

Utilisateur anonyme · Answer

je vois es traces d'Usbfix !

*	Télécharge de AD-Remover sur ton Bureau. (Merci à l'équipe TeamXscript)
http://www.teamxscript.org/adremoverTelechargement.html
 ( Lien officiel )

https://www.androidworld.fr/
 ( Miroir )
/!\ Ferme toutes applications en cours /!\ 

- Double-clique sur l'icône Ad-remover située sur ton Bureau. 
- Sur la page, clique sur le bouton « Nettoyer »
- Confirme lancement du scan
- Laisse travailler l'outil.
- Poste le rapport qui apparaît à la fin. 

(Le rapport est sauvegardé aussi sous C:\Ad-report(Scan/clean).Txt) 

(CTRL+A pour tout sélectionner, CTRL+C pour copier et CTRL+V pour coller)

akasya · Answer

======= RAPPORT D'AD-REMOVER 2.0.0.2,G | UNIQUEMENT XP/VISTA/7 =======

Mis à jour par TeamXscript le 12/04/11
Contact: AdRemover[DOT]contact[AT]gmail[DOT]com
Site web: http://www.teamxscript.org

C:\Program Files\Ad-Remover\main.exe (CLEAN [1]) -> Lancé à 19:57:15 le 19/04/2011, Mode normal

Microsoft® Windows Vista(TM) Édition Familiale Basique  Service Pack 2 (X86) 
UGUR@PC-DE-UGUR (eMachines EL1200) 
 
============== ACTION(S) ==============



(!) -- Fichiers temporaires supprimés.


-- Fichier ouvert: C:\Users\UGUR\AppData\Roaming\Mozilla\FireFox\Profiles\axwd97il.default\Prefs.js --
Ligne supprimée: user_pref("browser.search.defaultengine", "Ask.com"); 
Ligne supprimée: user_pref("browser.search.defaultenginename", "Ask.com"); 
Ligne supprimée: user_pref("browser.search.order.1", "Ask.com"); 
-- Fichier Fermé --
 

Clé supprimée: HKLM\Software\Classes\Toolbar.CT1460988
Clé supprimée: HKLM\Software\Classes\AppID\BHO.dll
Clé supprimée: HKLM\Software\Classes\AppID\{055069F3-F78B-4BD1-A277-FE66648D3300}
Clé supprimée: HKCU\Software\AutocompletePro
Clé supprimée: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}
Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\AutocompletePro3_is1
Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\SearchTheWeb
Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}

Valeur supprimée: HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser|{D4027C7F-154A-4066-A1AD-4243D8127440}


============== SCAN ADDITIONNEL ==============

**** Mozilla Firefox Version [3.6.16 (fr)] ****

HKCU_MozillaPlugins\@stonetrip.com/ShiVaWebPlayer,version=1.8.1.0 (x)

-- C:\Users\UGUR\AppData\Roaming\Mozilla\FireFox\Profiles\axwd97il.default --
Prefs.js - browser.download.lastDir, C:\Users\UGUR\Downloads
Prefs.js - browser.startup.homepage, hxxp://www.google.fr/
Prefs.js - browser.startup.homepage_override.mstone, rv:1.9.2.16

========================================

**** Internet Explorer Version [8.0.6001.19048] ****

HKCU_Main|Default_Page_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
HKCU_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU_Main|Search bar - hxxp://go.microsoft.com/fwlink/?linkid=54896
HKCU_Main|Start Page - hxxp://fr.msn.com/
HKLM_Main|Default_Page_URL - hxxp://go.microsoft.com/fwlink/?LinkId=54896
HKLM_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM_Main|Search bar - hxxp://search.msn.com/spbasic.htm
HKLM_Main|Search Page - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM_Main|Start Page - hxxp://fr.msn.com/
HKCU_SearchScopes\{B7D83E4B-046A-451C-A173-25FFEF51E4B3} - "Clubic" (hxxp://www.clubic.com/r/{searchTerms}/)
HKLM_ElevationPolicy\03a3a96f-2aab-4438-a52a-ecb1ac91912a - C:\Program Files\myBabylon_English\myBabylon_EnglishToolbarHelper.exe (x)
HKLM_ElevationPolicy\b8bea737-56cf-48b2-8db5-287cc1a60890 - C:\Program Files\Games_Bar_1\Games_Bar_1ToolbarHelper.exe (x)
HKLM_ElevationPolicy\e734ee4c-dbda-43eb-a059-a9ee83cdd0dd - C:\Program Files\Messenger_Plus_Live\Messenger_Plus_LiveToolbarHelper.exe (x)
HKLM_ElevationPolicy\{70f641fd-9ffc-4d5b-a4dc-962af4ed7999} - C:\Program Files\Internet Explorer\iedw.exe (x)
HKLM_ElevationPolicy\{74351F14-5437-4d87-805B-04D409B09976} - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe (x)
BHO\{5C255C8A-E604-49b4-9D64-90988571CECB} (?)
BHO\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - "Search Helper" (C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll)

========================================

C:\Program Files\Ad-Remover\Quarantine: 0 Fichier(s)
C:\Program Files\Ad-Remover\Backup: 16 Fichier(s)

C:\Ad-Report-CLEAN[1].txt - 19/04/2011 19:57:23 (4063 Octet(s)) 

Fin à: 19:58:55, 19/04/2011 
 
============== E.O.F ==============

Utilisateur anonyme · Answer

relance ADR, clique sur désinstaller,


relance zhpdiag, clique sur la flèche verte pour lancer sa mise à jour,

* Clique sur l'icône représentant une loupe (« Lancer le diagnostic ») 
* Enregistre le rapport sur ton Bureau à l'aide de l'icône représentant une disquette 
* Héberge le rapport ZHPDiag.txt sur Cijoint, puis copie/colle le lien fourni dans ta prochaine réponse sur le forum :
http://dl.free.fr
ou :
http://www.cijoint.fr/
ou :
http://ww38.toofiles.com/fr/documents-upload.html
ou : 
https://www.terafiles.net/

akasya · Answer

http://www.cijoint.fr/cjlink.php?file=cj201104/cij5wchRsW.txt

Utilisateur anonyme · Answer

télécharge et enregistre ce fichier sur ton bureau :

http://www.cijoint.fr/cjlink.php?file=cj201104/cijBU2srJS.txt


*	Lance ZHPFix (soit via le raccourci sur ton Bureau, soit via ZHPDiag en cliquant sur l'écusson vert) 


fais un Glisser/déposer du fichier dans la fenêtre de zhpfix,

- Clique sur le bouton « GO » pour lancer le nettoyage,
- Copie/colle la totalité du rapport dans ta prochaine réponse

akasya · Answer

Rapport de ZHPFix 1.12.3275 par Nicolas Coolman, Update du 11/04/2011
Fichier d'export Registre : C:\ZHPExportRegistry-24-04-2011-08-59-44.txt
Run by UGUR at 24/04/2011 08:59:44
Windows Vista Home Basic Edition, 32-bit Service Pack 2 (Build 6002)
Web site : http://www.premiumorange.com/zeb-help-process/zhpfix.html

========== Logiciel(s) ==========
O42 - Logiciel: Bubble Dock (remove only) - (.Nosibay.) [HKLM] -- Bubble Dock  => Logiciel déjà supprimé

========== Clé(s) du Registre ==========
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{eee6c35b-6118-11dc-9c72-001320c79847}  => Clé supprimée avec succès
HKCR\CLSID\{3c471948-f874-49f5-b338-4f214a2ee0b1}  => Clé absente
HKLM\Software\Classes\CLSID\{3c471948-f874-49f5-b338-4f214a2ee0b1}  => Clé absente

========== Valeur(s) du Registre ==========
{F6CD52DE-1480-4E15-B571-FBEE738D9945}  => Valeur supprimée avec succès
TCP Query User{39AE3FE8-9C14-4793-B9EA-5FEC8213FE53}C:\program files\limewire\limewire.exe  => Valeur supprimée avec succès
UDP Query User{AF36F17B-14E8-418D-94EE-5DAE7F7C99BE}C:\program files\limewire\limewire.exe  => Valeur supprimée avec succès
{9900E72C-BFCC-4E23-8CA7-86721C646FCC}  => Valeur supprimée avec succès

========== Dossier(s) ==========
Dossiers temporaires Windows supprimés: 92

========== Fichier(s) ==========
Fichiers temporaires Windows supprimés : 263

========== Tache planifiée ==========
Task : Ad-Aware Update (Weekly)  => Tache absente

========== Autre ==========
HKLM\Software\Visan]  => Format Non supporté


========== Récapitulatif ==========
3 : Clé(s) du Registre
4 : Valeur(s) du Registre
1 : Dossier(s)
1 : Fichier(s)
1 : Logiciel(s)
1 : Tache planifiée
1 : Autre


End of the scan

Utilisateur anonyme · Answer

bonjour,
redemarre ton pc, donne moi des nouvelle de son fonctionnement avant de lancer la suite et fin  ;-)

@ ++

Mon rapport ZHP diag

9 réponses

Discussions similaires