Se connecter / S'enregistrer
Votre question
Fermé

(Résolu) Babylon start impossible à enlever

Tags :
  • Sécurité
Dernière réponse : dans Sécurité et virus
9 Juillet 2011 15:12:01

Bonjour,

J'ai téléchargé par erreur le logiciel Babylon, je l'ai enlevé grâce à la suppression de programmes mais je constate qu'il est toujours présent dans la barre des taches sur ma page internet. Comment le supprime-t-on définitivement s'il vous plaît, il ne part pas malgré ccleaner?
Merci d'avance!

Autres pages sur : resolu babylon start impossible enlever

a c 267 8 Sécurité
9 Juillet 2011 16:58:56

Bonjour,

Quel navigateur utilises-tu ?
9 Juillet 2011 18:43:46

L'idée aurait été de le déinstaller avec Revo Uninstaller.

Vérifie si il existe pas un module resté sur le PC.

Sinon, oui, quel navigateur ?

Comme ça, on te dit comment l'executer sans les modules.
Contenus similaires
9 Juillet 2011 21:53:28

j'utilise Mozilla firefox. Comment vérifier s'il reste un module?
Merci d'avance!
a c 267 8 Sécurité
9 Juillet 2011 21:55:16

Outils > Modules complémentaires

Mais bon, on peut faire un diagnostique de ton PC.

  • Télécharge OTL (par OldTimer) sur ton Bureau.
  • Double-clique sur OTL pour le lancer.
    (Sous Vista/Win7, il faut cliquer droit sur OTL et choisir Exécuter en tant qu'administrateur)
  • Une fenêtre apparaît. Dans la section Rapport en haut de cette fenêtre, coche Rapport minimal.
  • Coche également les cases à côté de Recherche Lop et Recherche Purity.
  • Enfin, clique sur le bouton Analyse. Le scan ne prend pas beaucoup de temps.
  • Une fois l'analyse terminée, deux fenêtres Bloc-notes vont s'ouvrir : OTL.txt et Extras.txt. Ils se trouvent au même endroit qu'OTL.

    Pour me transmettre les rapports :
  • Clique sur ce lien : http://www.cijoint.fr/
  • Clique sur Parcourir... et cherche le fichier du rapport que tu souhaites me transmettre.
  • Clique sur Ouvrir.
  • Clique sur Cliquez ici pour déposer le fichier.
  • Un lien de cette forme, hxxp://www.cijoint.fr/cjlink.php?file=cj200905/cijSKAP5fU.txt, est ajouté dans la page.
  • Copie-colle ce lien dans ta réponse.
    9 Juillet 2011 22:21:07

    J'ai enlevé babylon du module complémentaire (merci!) mais je n'arrive pas à trouver l'emplacement précis des fichiers malgré mes recherches. Veux-tu que je te copie-colle les rapports dans ma réponse suivante?
    a c 267 8 Sécurité
    9 Juillet 2011 22:28:52

    Utilise cijoint.fr pour me les transmettre car les rapports sont longs.
    9 Juillet 2011 22:40:16

    je viens de te le poster mais je ne suis pas sûre que ce soit le bon fichier...
    9 Juillet 2011 22:44:18

    Bon, je crains ne pas réussir à te poster les bons renseignements, je ne sais pas pourquoi ça ne marche pas.
    a c 267 8 Sécurité
    9 Juillet 2011 22:48:26

    Essaie de les poster directement alors.
    9 Juillet 2011 22:54:48

    OK et merci, les voici:

    1) Extras.txt - bloc notes:

    OTL Extras logfile created on: 09/07/2011 22:00:51 - Run 1
    OTL by OldTimer - Version 3.2.26.1 Folder = C:\Users\Anne Marie & Kazimir\Downloads
    Windows Vista Home Basic Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
    Internet Explorer (Version = 8.0.6001.19088)
    Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

    1,75 Gb Total Physical Memory | 0,91 Gb Available Physical Memory | 52,06% Memory free
    3,74 Gb Paging File | 2,85 Gb Available in Paging File | 76,18% Paging File free
    Paging file location(s): ?:\pagefile.sys [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
    Drive C: | 139,10 Gb Total Space | 16,80 Gb Free Space | 12,07% Space Free | Partition Type: NTFS
    Drive D: | 9,94 Gb Total Space | 1,72 Gb Free Space | 17,32% Space Free | Partition Type: NTFS

    Computer Name: PC_ANNI_KAZJOU | User Name: Anne Marie & Kazimir | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: Current user
    Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

    ========== Extra Registry (SafeList) ==========


    ========== File Associations ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
    .cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
    .hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

    [HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
    .html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

    ========== Shell Spawning ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
    batfile [open] -- "%1" %*
    cmdfile [open] -- "%1" %*
    comfile [open] -- "%1" %*
    cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
    exefile [open] -- "%1" %*
    helpfile [open] -- Reg Error: Key error.
    hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
    inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
    piffile [open] -- "%1" %*
    regfile [merge] -- Reg Error: Key error.
    scrfile [config] -- "%1"
    scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
    scrfile [open] -- "%1" /S
    txtfile [edit] -- Reg Error: Key error.
    Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
    Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
    Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
    Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
    Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

    ========== Security Center Settings ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
    "cval" = 1

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
    "AntiVirusOverride" = 0
    "AntiSpywareOverride" = 0
    "FirewallOverride" = 0
    "VistaSp1" = Reg Error: Unknown registry data type -- File not found
    "VistaSp2" = Reg Error: Unknown registry data type -- File not found

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

    ========== Firewall Settings ==========

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
    "EnableFirewall" = 1
    "DisableNotifications" = 0

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
    "EnableFirewall" = 1
    "DisableNotifications" = 0

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
    "EnableFirewall" = 1
    "DisableNotifications" = 0

    ========== Authorized Applications List ==========


    ========== Vista Active Open Ports Exception List ==========

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
    "{13FC61ED-79BD-4985-9807-F98C714CA1D5}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
    "{31138533-3361-4A74-A469-50225423712B}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
    "{3BFF6C30-6308-4F15-8041-F1EE25FCFC26}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
    "{6745EB2A-18B3-4CAC-8BD3-5EFD74CF45DE}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
    "{6953446C-1EF1-40BD-9EAA-26F55E8A7197}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
    "{8DE98BDF-5258-4AE0-BC68-7773444FA46B}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
    "{A964EE63-A7D5-402D-827B-09718912A405}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
    "{E7EB2750-8CED-4103-A535-3BB066A8FDBA}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |

    ========== Vista Active Application Exception List ==========

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
    "{07DE1E13-5DA2-48D3-AB9E-7148AC9700BC}" = dir=in | app=c:\program files\cyberlink\powerdirector\pdr.exe |
    "{477AD31A-9107-495D-B627-B8D344A7B349}" = dir=in | app=c:\program files\hp\quickplay\qpservice.exe |
    "{4CA44121-1D07-490C-9020-B21D16343004}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
    "{553C811E-FBCC-49EC-8CB5-A0AC32C30B99}" = protocol=17 | dir=in | app=e:\eskernel.exe |
    "{6F4AC9F9-014C-41DF-93BD-C2B1539F9085}" = dir=in | app=c:\program files\hp\quickplay\qp.exe |
    "{B538F501-660F-4A64-8698-2F803F514501}" = protocol=6 | dir=in | app=e:\eskernel.exe |

    ========== HKEY_LOCAL_MACHINE Uninstall List ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
    "{082702D5-5DD8-4600-BCE5-48B15174687F}" = HP Doc Viewer
    "{0E7DBD52-B097-4F2B-A7C7-F105B0D20FDB}" = LightScribe System Software 1.14.17.1
    "{0F5B4A82-9DAF-3D13-8CB8-AEB25E4A614E}" = Microsoft .NET Framework 4 Client Profile FRA Language Pack
    "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
    "{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite
    "{228C6B46-64E2-404E-898A-EF0830603EF4}" = HPNetworkAssistant
    "{254C37AA-6B72-4300-84F6-98A82419187E}" = ActiveCheck component for HP Active Support Library
    "{26A24AE4-039D-4CA4-87B4-2F83216017FF}" = Java(TM) 6 Update 17
    "{2BC21CD2-8053-406A-80F6-9AB61717B49D}" = ODF Add-in for Microsoft Office
    "{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java(TM) 6 Update 7
    "{34D2AB40-150D-475D-AE32-BD23FB5EE355}" = HP Quick Launch Buttons 6.40 H2
    "{3877C901-7B90-4727-A639-B6ED2DD59D43}" = ESU for Microsoft Vista
    "{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
    "{3D3E663D-4E7E-4577-A560-7ECDDD45548A}" = PVSonyDll
    "{3E31821C-7917-367E-938E-E65FC413EA31}" = Microsoft .NET Framework 3.5 Language Pack SP1 - fra
    "{3F92ABBB-6BBF-11D5-B229-002078017FBF}" = NetWaiting
    "{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
    "{415B2719-AD3A-4944-B404-C472DB6085B3}" = Cisco EAP-FAST Module
    "{4286E640-B5FB-11DF-AC4B-005056C00008}" = Google Earth
    "{45D707E9-F3C4-11D9-A373-0050BAE317E1}" = HP DVD Play 3.7
    "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
    "{57A5AEC1-97FC-474D-92C4-908FCC2253D4}" = HP Customer Experience Enhancements
    "{65883ddf-2152-4cb7-8e13-b99194b13498}" = Nero BackItUp
    "{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
    "{669C7BD8-DAA2-49B6-966C-F1E2AAE6B17E}" = Cisco PEAP Module
    "{669D4A35-146B-4314-89F1-1AC3D7B88367}" = HPAsset component for HP Active Support Library
    "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
    "{75c53f52-398b-4d66-b28a-f9ef170b3b34}" = Nero BackItUp
    "{79D5997E-BF79-48BB-8B41-9BE59C15C2D7}" = OmniPage SE 2.0
    "{83770D14-21B9-44B3-8689-F7B523F94560}" = Cisco LEAP Module
    "{846DDADA-0239-4B67-A6B1-33658863793B}" = HPTCSSetup
    "{85309D89-7BE9-4094-BB17-24999C6118FC}" = ArcSoft PhotoStudio 5.5
    "{9011040C-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
    "{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
    "{90120000-0020-040C-0000-0000000FF1CE}" = Module de compatibilité pour Microsoft Office System 2007
    "{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
    "{95120000-00AF-040C-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (French)
    "{9ADABDDE-9644-461B-9E73-83FA3EFCAB50}" = HP Wireless Assistant
    "{A654A805-41D9-40C7-AA46-4AF04F044D61}" = Adobe® Photoshop® Album Starter Edition 3.2
    "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
    "{AC76BA86-7AD7-1036-7B44-A90000000001}" = Adobe Reader 9 - Français
    "{AD72CFB4-C2BF-424E-9DF0-C7BAD1F30A11}" = Adobe Shockwave Player
    "{b2ec4a38-b545-4a00-8214-13fe0e915e6d}" = Advertising Center
    "{B6D0B141-B2BE-4DD0-B08F-B9186F3E36B3}" = HP User Guides 0118
    "{bd5ca0da-71ad-43da-b19e-6eee0c9adc9a}" = Nero ControlCenter
    "{c11779bc-b11e-4dfa-9e34-c2905300a5a7}" = Nero BackItUp 4 Essentials
    "{C3A32068-8AB1-4327-BB16-BED9C6219DC7}" = Atheros Driver Installation Program
    "{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
    "{C8FD5BC1-92EF-4C15-92A9-F9AC7F61985F}" = HP Update
    "{CA9A3609-3ECC-4574-8824-A8161A71A603}" = Canon MP150
    "{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
    "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
    "{DC24971E-1946-445D-8A82-CE685433FA7D}" = Realtek USB 2.0 Card Reader
    "{DD35C328-F115-BEDA-6EEE-E00C5AACCCBC}" = muvee Reveal
    "{E6358333-B89B-4243-8477-647C9360B5D9}_is1" = Batch PPTX to PPT Converter 2009
    "{e8a80433-302b-4ff1-815d-fcc8eac482ff}" = Nero Installer
    "{f4041dce-3fe1-4e18-8a9e-9de65231ee36}" = Nero ControlCenter
    "Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
    "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
    "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
    "Adobe® Photoshop® Album Starter Edition 3.2" = Adobe® Photoshop® Album Starter Edition 3.2
    "avast" = avast! Free Antivirus
    "CANONIJINBOXADDON100" = Canon Inkjet Printer Driver Add-On Module
    "CCleaner" = CCleaner
    "CNXT_AUDIO_HDA" = Conexant HD Audio
    "Easy-LayoutPrint" = Canon Utilities Easy-LayoutPrint
    "Easy-PhotoPrint" = Canon Utilities Easy-PhotoPrint
    "Easy-WebPrint" = Easy-WebPrint
    "Google Chrome" = Google Chrome
    "InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
    "InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite
    "InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
    "InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
    "InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
    "Microsoft .NET Framework 3.5 Language Pack SP1 - fra" = Module linguistique Microsoft .NET Framework 3.5 SP1- fra
    "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
    "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
    "Microsoft .NET Framework 4 Client Profile FRA Language Pack" = Module linguistique Microsoft .NET Framework 4 Client Profile FRA
    "Mozilla Firefox (3.6.18)" = Mozilla Firefox (3.6.18)
    "MP Navigator 2.0" = Canon MP Navigator 2.0
    "NVIDIA Drivers" = NVIDIA Drivers
    "SynTPDeinstKey" = Synaptics Pointing Device Driver
    "VisiPPT_is1" = VisiPPT
    "YTdetect" = Yahoo! Detect

    ========== HKEY_CURRENT_USER Uninstall List ==========

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "PhotoFiltre" = PhotoFiltre

    ========== Last 10 Event Log Errors ==========

    [ Application Events ]
    Error - 06/07/2011 05:10:51 | Computer Name = PC_Anni_Kazjou | Source = WinMgmt | ID = 10
    Description =

    Error - 06/07/2011 09:58:51 | Computer Name = PC_Anni_Kazjou | Source = WinMgmt | ID = 10
    Description =

    Error - 06/07/2011 10:07:04 | Computer Name = PC_Anni_Kazjou | Source = WinMgmt | ID = 10
    Description =

    Error - 07/07/2011 04:01:44 | Computer Name = PC_Anni_Kazjou | Source = WinMgmt | ID = 10
    Description =

    Error - 07/07/2011 08:25:49 | Computer Name = PC_Anni_Kazjou | Source = WinMgmt | ID = 10
    Description =

    Error - 07/07/2011 13:48:23 | Computer Name = PC_Anni_Kazjou | Source = WinMgmt | ID = 10
    Description =

    Error - 07/07/2011 15:05:27 | Computer Name = PC_Anni_Kazjou | Source = WinMgmt | ID = 10
    Description =

    Error - 08/07/2011 04:04:27 | Computer Name = PC_Anni_Kazjou | Source = WinMgmt | ID = 10
    Description =

    Error - 08/07/2011 04:14:55 | Computer Name = PC_Anni_Kazjou | Source = WinMgmt | ID = 10
    Description =

    Error - 08/07/2011 04:28:29 | Computer Name = PC_Anni_Kazjou | Source = WinMgmt | ID = 10
    Description =

    [ System Events ]
    Error - 09/07/2011 02:26:45 | Computer Name = PC_Anni_Kazjou | Source = Service Control Manager | ID = 7026
    Description =

    Error - 09/07/2011 08:35:04 | Computer Name = PC_Anni_Kazjou | Source = Service Control Manager | ID = 7000
    Description =

    Error - 09/07/2011 08:35:04 | Computer Name = PC_Anni_Kazjou | Source = Service Control Manager | ID = 7000
    Description =

    Error - 09/07/2011 08:35:04 | Computer Name = PC_Anni_Kazjou | Source = Service Control Manager | ID = 7026
    Description =

    Error - 09/07/2011 08:44:39 | Computer Name = PC_Anni_Kazjou | Source = Service Control Manager | ID = 7000
    Description =

    Error - 09/07/2011 08:44:39 | Computer Name = PC_Anni_Kazjou | Source = Service Control Manager | ID = 7000
    Description =

    Error - 09/07/2011 08:44:39 | Computer Name = PC_Anni_Kazjou | Source = Service Control Manager | ID = 7026
    Description =

    Error - 09/07/2011 14:05:38 | Computer Name = PC_Anni_Kazjou | Source = Service Control Manager | ID = 7000
    Description =

    Error - 09/07/2011 14:05:38 | Computer Name = PC_Anni_Kazjou | Source = Service Control Manager | ID = 7000
    Description =

    Error - 09/07/2011 14:05:38 | Computer Name = PC_Anni_Kazjou | Source = Service Control Manager | ID = 7026
    Description =


    < End of report >


    2) Otl.txt - bloc notes:

    OTL logfile created on: 09/07/2011 22:00:51 - Run 1
    OTL by OldTimer - Version 3.2.26.1 Folder = C:\Users\Anne Marie & Kazimir\Downloads
    Windows Vista Home Basic Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
    Internet Explorer (Version = 8.0.6001.19088)
    Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

    1,75 Gb Total Physical Memory | 0,91 Gb Available Physical Memory | 52,06% Memory free
    3,74 Gb Paging File | 2,85 Gb Available in Paging File | 76,18% Paging File free
    Paging file location(s): ?:\pagefile.sys [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
    Drive C: | 139,10 Gb Total Space | 16,80 Gb Free Space | 12,07% Space Free | Partition Type: NTFS
    Drive D: | 9,94 Gb Total Space | 1,72 Gb Free Space | 17,32% Space Free | Partition Type: NTFS

    Computer Name: PC_ANNI_KAZJOU | User Name: Anne Marie & Kazimir | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: Current user
    Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

    ========== Processes (SafeList) ==========

    PRC - C:\Users\Anne Marie & Kazimir\Downloads\OTL.exe (OldTimer Tools)
    PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
    PRC - C:\Program Files\Alwil Software\Avast5\AvastUI.exe (AVAST Software)
    PRC - C:\Windows\explorer.exe (Microsoft Corporation)
    PRC - C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
    PRC - C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe (Adobe Systems Incorporated)
    PRC - C:\Program Files\ScanSoft\OmniPageSE2.0\opwareSE2.exe (ScanSoft, Inc.)


    ========== Modules (SafeList) ==========

    MOD - C:\Users\Anne Marie & Kazimir\Downloads\OTL.exe (OldTimer Tools)
    MOD - C:\Program Files\Alwil Software\Avast5\snxhk.dll (AVAST Software)
    MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll (Microsoft Corporation)


    ========== Win32 Services (SafeList) ==========

    SRV - (Norton Internet Security) -- File not found
    SRV - (GameConsoleService) -- File not found
    SRV - (avast! Antivirus) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (AVAST Software)
    SRV - (Recovery Service for Windows) -- C:\Program Files\SMINST\BLService.exe ()
    SRV - (Nero BackItUp Scheduler 4.0) -- C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe (Nero AG)
    SRV - (PLFlash DeviceIoControl Service) -- C:\Program Files\Nero\Nero BackItUp 4\IoctlSvc.exe (Prolific Technology Inc.)
    SRV - (ezSharedSvc) -- C:\Windows\System32\ezsvc7.dll (EasyBits Sofware AS)
    SRV - (WinDefend) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)


    ========== Driver Services (SafeList) ==========

    DRV - (aswSnx) -- C:\Windows\System32\drivers\aswSnx.sys (AVAST Software)
    DRV - (aswSP) -- C:\Windows\System32\drivers\aswSP.sys (AVAST Software)
    DRV - (aswTdi) -- C:\Windows\System32\drivers\aswTdi.sys (AVAST Software)
    DRV - (aswRdr) -- C:\Windows\System32\drivers\aswRdr.sys (AVAST Software)
    DRV - (aswMonFlt) -- C:\Windows\System32\drivers\aswMonFlt.sys (AVAST Software)
    DRV - (aswFsBlk) -- C:\Windows\System32\drivers\aswFsBlk.sys (AVAST Software)
    DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)
    DRV - (CnxtHdAudService) -- C:\Windows\System32\drivers\CHDRT32.sys (Conexant Systems Inc.)
    DRV - (NVHDA) -- C:\Windows\System32\drivers\nvhda32v.sys (NVIDIA Corporation)
    DRV - (athr) -- C:\Windows\System32\drivers\athr.sys (Atheros Communications, Inc.)
    DRV - (nvsmu) -- C:\Windows\System32\drivers\nvsmu.sys (NVIDIA Corporation)
    DRV - (NVENETFD) -- C:\Windows\System32\drivers\nvmfdx32.sys (NVIDIA Corporation)
    DRV - (NETw3v32) Intel(R) -- C:\Windows\System32\drivers\NETw3v32.sys (Intel Corporation)
    DRV - (XAudio) -- C:\Windows\System32\drivers\XAudio.sys (Conexant Systems, Inc.)
    DRV - (HpqKbFiltr) -- C:\Windows\System32\drivers\HpqKbFiltr.sys (Hewlett-Packard Development Company, L.P.)


    ========== Standard Registry (SafeList) ==========


    ========== Internet Explorer ==========

    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&loca...
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&loca...

    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&loca...
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.babylon.com/home?AF=10588
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
    IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

    ========== FireFox ==========

    FF - prefs.js..browser.search.defaultenginename: "Search the web (Babylon)"
    FF - prefs.js..browser.search.order.1: "Search the web (Babylon)"
    FF - prefs.js..browser.search.selectedEngine: "Google"
    FF - prefs.js..browser.startup.homepage: "http://webmail1m.orange.fr/webmail/fr_FR/inbox.html?Fro..."
    FF - prefs.js..extensions.enabledItems: ffxtlbr@babylon.com:1.1.8
    FF - prefs.js..keyword.URL: "http://search.babylon.com/?babsrc=toolbar2&q="

    FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
    FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
    FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.57\npGoogleUpdate3.dll (Google Inc.)
    FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.57\npGoogleUpdate3.dll (Google Inc.)

    FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.18\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/07/08 10:57:02 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.18\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/07/08 10:57:01 | 000,000,000 | ---D | M]

    [2009/08/06 22:12:22 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Anne Marie & Kazimir\AppData\Roaming\mozilla\Extensions
    [2011/07/09 21:59:04 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Anne Marie & Kazimir\AppData\Roaming\mozilla\Firefox\Profiles\snymed6a.default\extensions
    [2011/02/03 19:07:35 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Anne Marie & Kazimir\AppData\Roaming\mozilla\Firefox\Profiles\snymed6a.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
    [2011/07/08 10:21:16 | 000,000,000 | ---D | M] (Babylon) -- C:\Users\Anne Marie & Kazimir\AppData\Roaming\mozilla\Firefox\Profiles\snymed6a.default\extensions\ffxtlbr@babylon.com
    [2011/07/08 10:30:12 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\mozilla firefox\extensions
    [2009/05/05 15:10:44 | 001,961,984 | ---- | M] (Myriad Software.) -- C:\Program Files\mozilla firefox\plugins\NPMyrMus.dll
    [2011/07/08 10:56:55 | 000,001,516 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazon-france.xml
    [2011/07/08 10:20:54 | 000,002,226 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\babylon.xml
    [2011/07/08 10:56:55 | 000,001,822 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\cnrtl-tlfi-fr.xml
    [2011/07/08 10:56:55 | 000,000,757 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-france.xml
    [2011/07/08 10:56:55 | 000,001,426 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-fr.xml
    [2011/07/08 10:56:55 | 000,000,956 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-france.xml

    O1 HOSTS File: ([2006/09/18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
    O1 - Hosts: 127.0.0.1 localhost
    O1 - Hosts: ::1 localhost
    O2 - BHO: (no name) - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - No CLSID value found.
    O3 - HKLM\..\Toolbar: (Easy-WebPrint) - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll ()
    O3 - HKLM\..\Toolbar: (no name) - {DE9C389F-3316-41A7-809B-AA305ED9D922} - No CLSID value found.
    O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {DE9C389F-3316-41A7-809B-AA305ED9D922} - No CLSID value found.
    O4 - HKLM..\Run: [Adobe Photo Downloader] C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe (Adobe Systems Incorporated)
    O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software)
    O4 - HKLM..\Run: [NBKeyScan] C:\Program Files\Nero\Nero BackItUp 4\NBKeyScan.exe (Nero AG)
    O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation)
    O4 - HKLM..\Run: [OPSE reminder] C:\Program Files\ScanSoft\OmniPageSE2.0\EregFre\Ereg.exe ()
    O4 - HKLM..\Run: [OpwareSE2] C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe (ScanSoft, Inc.)
    O4 - HKLM..\Run: [UpdateLBPShortCut] C:\Program Files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
    O4 - HKLM..\Run: [UpdateP2GoShortCut] C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
    O4 - HKLM..\Run: [UpdatePDIRShortCut] C:\Program Files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
    O4 - HKLM..\Run: [UpdatePSTShortCut] C:\Program Files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
    O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
    O8 - Extra context menu item: &Recherche AOL Toolbar - C:\ProgramData\AOL\ieToolbar\resources\fr-FR\local\search.html ()
    O8 - Extra context menu item: Easy-WebPrint Ajouter à la liste d'impressions - C:\Program Files\Canon\Easy-WebPrint\Resource.dll ()
    O8 - Extra context menu item: Easy-WebPrint Impression rapide - C:\Program Files\Canon\Easy-WebPrint\Resource.dll ()
    O8 - Extra context menu item: Easy-WebPrint Imprimer - C:\Program Files\Canon\Easy-WebPrint\Resource.dll ()
    O8 - Extra context menu item: Easy-WebPrint Prévisualiser - C:\Program Files\Canon\Easy-WebPrint\Resource.dll ()
    O12 - Plugin for: .mu3 - C:\Program Files\Internet Explorer\Plugins\NPMyrMus.dll (Myriad Software.)
    O12 - Plugin for: .mus - C:\Program Files\Internet Explorer\Plugins\NPMyrMus.dll (Myriad Software.)
    O12 - Plugin for: .mxl - C:\Program Files\Internet Explorer\Plugins\NPMyrMus.dll (Myriad Software.)
    O12 - Plugin for: .mya - C:\Program Files\Internet Explorer\Plugins\NPMyrMus.dll (Myriad Software.)
    O12 - Plugin for: .myr - C:\Program Files\Internet Explorer\Plugins\NPMyrMus.dll (Myriad Software.)
    O12 - Plugin for: .myt - C:\Program Files\Internet Explorer\Plugins\NPMyrMus.dll (Myriad Software.)
    O12 - Plugin for: .xmz - C:\Program Files\Internet Explorer\Plugins\NPMyrMus.dll (Myriad Software.)
    O13 - gopher Prefix: missing
    O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-wind... (Java Plug-in 1.6.0_07)
    O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-wind... (Java Plug-in 1.6.0_17)
    O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-wind... (Java Plug-in 1.6.0_17)
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
    O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\PROGRA~1\COMMON~1\MICROS~1\WEBCOM~1\11\OWC11.DLL (Microsoft Corporation)
    O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
    O24 - Desktop WallPaper: C:\Users\Anne Marie & Kazimir\Pictures\des-plages-etonnantes_1024x768.jpg
    O24 - Desktop BackupWallPaper: C:\Users\Anne Marie & Kazimir\Pictures\des-plages-etonnantes_1024x768.jpg
    O32 - HKLM CDRom: AutoRun - 1
    O32 - AutoRun File - [2006/09/18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
    O33 - MountPoints2\{431a272a-78c2-11df-917f-001f16729c32}\Shell\AutoRun\command - "" = i9bwjpqc.exe
    O33 - MountPoints2\{431a272a-78c2-11df-917f-001f16729c32}\Shell\open\Command - "" = i9bwjpqc.exe
    O33 - MountPoints2\{431a272f-78c2-11df-917f-001f16729c32}\Shell - "" = AutoRun
    O33 - MountPoints2\{431a272f-78c2-11df-917f-001f16729c32}\Shell\AutoRun\command - "" = G:\LaunchU3.exe -a
    O33 - MountPoints2\{9c7634a3-f24f-11de-a4a4-806e6f6e6963}\Shell\AutoRun\command - "" = F:\WDSetup.exe
    O33 - MountPoints2\{9fd107b1-8832-11de-8b76-001f16729c32}\Shell\AutoRun\command - "" = Toshiba\more4you.exe
    O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\WDSetup.exe
    O34 - HKLM BootExecute: (autocheck autochk *) - File not found
    O35 - HKLM\..comfile [open] -- "%1" %*
    O35 - HKLM\..exefile [open] -- "%1" %*
    O37 - HKLM\...com [@ = comfile] -- "%1" %*
    O37 - HKLM\...exe [@ = exefile] -- "%1" %*

    ========== Files/Folders - Created Within 30 Days ==========

    [2011/07/09 14:56:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
    [2011/07/09 14:49:05 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
    [2011/07/08 10:49:56 | 000,000,000 | ---D | C] -- C:\Program Files\OpenXML-ODF Translator
    [2011/07/08 10:49:56 | 000,000,000 | ---D | C] -- C:\Users\Anne Marie & Kazimir\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ODF Add-in for Microsoft Office
    [2011/07/08 10:21:56 | 000,000,000 | ---D | C] -- C:\Program Files\Babylon
    [2011/06/16 18:50:31 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
    [2011/06/16 18:50:28 | 000,602,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
    [2011/06/16 18:50:26 | 001,469,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
    [2011/06/16 18:50:26 | 000,611,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll
    [2011/06/16 18:50:25 | 000,387,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
    [2011/06/16 18:50:25 | 000,385,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
    [2011/06/16 18:50:25 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
    [2011/06/16 18:50:25 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
    [2011/06/16 18:50:25 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
    [2011/06/16 18:50:25 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
    [2011/06/16 18:50:25 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
    [2011/06/16 18:50:25 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
    [2011/06/16 18:50:25 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
    [2011/06/16 18:50:25 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
    [2011/06/16 18:50:22 | 001,638,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
    [2011/06/16 18:50:22 | 000,173,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
    [2011/06/16 18:50:22 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
    [2011/06/14 18:53:06 | 000,441,176 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswSnx.sys
    [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

    ========== Files - Modified Within 30 Days ==========

    [2011/07/09 22:04:46 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
    [2011/07/09 22:04:46 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
    [2011/07/09 21:57:00 | 000,001,084 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
    [2011/07/09 20:10:19 | 000,683,414 | ---- | M] () -- C:\Windows\System32\perfh00C.dat
    [2011/07/09 20:10:19 | 000,604,832 | ---- | M] () -- C:\Windows\System32\perfh009.dat
    [2011/07/09 20:10:19 | 000,128,706 | ---- | M] () -- C:\Windows\System32\perfc00C.dat
    [2011/07/09 20:10:19 | 000,110,516 | ---- | M] () -- C:\Windows\System32\perfc009.dat
    [2011/07/09 20:05:44 | 000,001,080 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
    [2011/07/09 20:05:30 | 000,000,248 | ---- | M] () -- C:\ProgramData\hpqp.ini
    [2011/07/09 20:04:54 | 000,080,696 | ---- | M] () -- C:\ProgramData\nvModes.dat
    [2011/07/09 20:04:49 | 000,080,696 | ---- | M] () -- C:\ProgramData\nvModes.001
    [2011/07/09 20:04:38 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
    [2011/07/09 14:56:58 | 000,000,804 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
    [2011/07/09 14:38:56 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt
    [2011/07/04 13:43:53 | 000,040,112 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr
    [2011/07/04 13:43:51 | 000,199,304 | ---- | M] (AVAST Software) -- C:\Windows\System32\aswBoot.exe
    [2011/07/04 13:36:43 | 000,441,176 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswSnx.sys
    [2011/07/04 13:36:32 | 000,309,848 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswSP.sys
    [2011/07/04 13:35:23 | 000,043,608 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswTdi.sys
    [2011/07/04 13:32:32 | 000,025,432 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswRdr.sys
    [2011/07/04 13:32:20 | 000,054,104 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswMonFlt.sys
    [2011/07/04 13:32:12 | 000,019,544 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswFsBlk.sys
    [2011/07/03 18:59:16 | 000,001,971 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
    [2011/06/30 14:37:04 | 000,361,104 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
    [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

    ========== Files Created - No Company Name ==========

    [2011/07/09 14:56:58 | 000,000,804 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
    [2010/12/22 18:52:18 | 000,000,680 | ---- | C] () -- C:\Users\Anne Marie & Kazimir\AppData\Local\d3d9caps.dat
    [2010/03/12 15:02:49 | 000,000,056 | -H-- | C] () -- C:\Windows\System32\ezsidmv.dat
    [2009/12/24 14:46:46 | 000,765,952 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
    [2009/12/24 14:46:46 | 000,180,224 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
    [2009/12/04 12:31:24 | 000,000,532 | ---- | C] () -- C:\Windows\MAXLINK.INI
    [2009/11/02 14:35:18 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
    [2009/11/02 14:35:18 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
    [2009/10/22 23:28:08 | 000,106,496 | ---- | C] () -- C:\Windows\System32\MMPlugHostCtrl.dll
    [2009/10/22 23:28:08 | 000,000,724 | ---- | C] () -- C:\Windows\wacam.ini
    [2009/08/15 16:55:54 | 000,080,696 | ---- | C] () -- C:\ProgramData\nvModes.001
    [2009/08/15 15:54:46 | 000,080,696 | ---- | C] () -- C:\ProgramData\nvModes.dat
    [2009/08/13 21:55:27 | 000,057,344 | ---- | C] () -- C:\Users\Anne Marie & Kazimir\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    [2009/08/13 19:37:55 | 000,000,382 | ---- | C] () -- C:\Windows\ODBC.INI
    [2009/03/15 13:32:58 | 000,000,248 | ---- | C] () -- C:\ProgramData\hpqp.ini
    [2009/03/15 12:54:03 | 000,003,948 | ---- | C] () -- C:\Windows\System32\drivers\nvphy.bin
    [2008/10/25 16:03:20 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
    [2008/10/25 15:59:09 | 000,683,414 | ---- | C] () -- C:\Windows\System32\perfh00C.dat
    [2008/10/25 15:59:09 | 000,340,236 | ---- | C] () -- C:\Windows\System32\perfi00C.dat
    [2008/10/25 15:59:09 | 000,128,706 | ---- | C] () -- C:\Windows\System32\perfc00C.dat
    [2008/10/25 15:59:09 | 000,037,390 | ---- | C] () -- C:\Windows\System32\perfd00C.dat
    [2008/10/25 08:24:29 | 000,000,428 | ---- | C] () -- C:\Windows\System32\ezdigsgn.dat
    [2006/11/02 14:53:49 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
    [2006/11/02 14:44:53 | 000,361,104 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
    [2006/11/02 12:33:01 | 000,604,832 | ---- | C] () -- C:\Windows\System32\perfh009.dat
    [2006/11/02 12:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
    [2006/11/02 12:33:01 | 000,110,516 | ---- | C] () -- C:\Windows\System32\perfc009.dat
    [2006/11/02 12:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
    [2006/11/02 12:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
    [2006/11/02 10:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
    [2006/11/02 10:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
    [2006/11/02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
    [2006/11/02 09:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
    [2006/03/09 11:58:00 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll

    ========== LOP Check ==========

    [2009/10/22 23:33:40 | 000,000,000 | ---D | M] -- C:\Users\Anne Marie & Kazimir\AppData\Roaming\ACAMPREF
    [2010/01/21 17:59:41 | 000,000,000 | ---D | M] -- C:\Users\Anne Marie & Kazimir\AppData\Roaming\Canon
    [2009/12/24 14:47:17 | 000,000,000 | ---D | M] -- C:\Users\Anne Marie & Kazimir\AppData\Roaming\GeoVid
    [2010/05/10 21:36:09 | 000,000,000 | ---D | M] -- C:\Users\Anne Marie & Kazimir\AppData\Roaming\Leadertech
    [2010/02/10 13:33:02 | 000,000,000 | ---D | M] -- C:\Users\Anne Marie & Kazimir\AppData\Roaming\PhotoFiltre
    [2009/12/04 12:31:27 | 000,000,000 | ---D | M] -- C:\Users\Anne Marie & Kazimir\AppData\Roaming\ScanSoft
    [2010/05/17 22:00:30 | 000,000,000 | ---D | M] -- C:\Users\Anne Marie & Kazimir\AppData\Roaming\uTorrent
    [2009/12/24 14:47:20 | 000,000,000 | ---D | M] -- C:\Users\Anne Marie & Kazimir\AppData\Roaming\VisiPPT
    [2011/07/09 15:40:34 | 000,032,562 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

    ========== Purity Check ==========



    < End of report >

    merci et désolée de la longueur...
    a c 267 8 Sécurité
    9 Juillet 2011 23:17:16

    /!\ Procédure pour sz83k uniquement. Si vous croyez avoir le même problème, crée un nouveau sujet /!\

  • Double-clique sur OTL pour le lancer.
    (Sous Vista/Win7, il faut cliquer droit sur OTL et choisir Exécuter en tant qu'administrateur)
  • Sous l'onglet Personnalisation en bas de la fenêtre, copie-colle le texte suivant (entre les deux espaces) :

    :OTL
    SRV - (Norton Internet Security) -- File not found
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.babylon.com/home?AF=10588
    FF - prefs.js..browser.search.defaultenginename: "Search the web (Babylon)"
    FF - prefs.js..browser.search.order.1: "Search the web (Babylon)"
    FF - prefs.js..extensions.enabledItems: ffxtlbr@babylon.com:1.1.8
    FF - prefs.js..keyword.URL: "http://search.babylon.com/?babsrc=toolbar2&q="
    [2011/07/08 10:21:16 | 000,000,000 | ---D | M] (Babylon) -- C:\Users\Anne Marie & Kazimir\AppData\Roaming\mozilla\Firefox\Profiles\snymed6a.default\extensions\ffxtlbr@babylon.com
    [2011/07/08 10:20:54 | 000,002,226 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\babylon.xml
    O33 - MountPoints2\{431a272a-78c2-11df-917f-001f16729c32}\Shell\AutoRun\command - "" = i9bwjpqc.exe
    O33 - MountPoints2\{431a272a-78c2-11df-917f-001f16729c32}\Shell\open\Command - "" = i9bwjpqc.exe
    [2011/07/08 10:21:56 | 000,000,000 | ---D | C] -- C:\Program Files\Babylon

    :commands
    [emptytemp]

  • Puis clique sur le bouton Correction en haut de la fenêtre.
  • Laisse le programme travailler, redémarre une fois le fix terminé.
  • Poste le rapport qui s'affichera après redémarrage.
    9 Juillet 2011 23:31:18

    J'ai bien mis le texte, l'application a fonctionné mais il n'y a pas eu de rapport. J'ai redémarré l'ordi, rien de nouveau: faut-il refaire l'analyse par Otl avec rapport comme dans la 1ère démarche?
    a c 267 8 Sécurité
    9 Juillet 2011 23:34:26

    Oui comme ça, je pourrais comparer.
    9 Juillet 2011 23:47:49

    Voici les rapports:

    1) Extras.txt - Bloc notes:

    OTL Extras logfile created on: 09/07/2011 23:35:43 - Run 1
    OTL by OldTimer - Version 3.2.26.1 Folder = c:\Users\Anne Marie & Kazimir\Downloads
    Windows Vista Home Basic Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
    Internet Explorer (Version = 8.0.6001.19088)
    Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

    1,75 Gb Total Physical Memory | 1,02 Gb Available Physical Memory | 58,36% Memory free
    3,74 Gb Paging File | 2,92 Gb Available in Paging File | 78,08% Paging File free
    Paging file location(s): ?:\pagefile.sys [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
    Drive C: | 139,10 Gb Total Space | 16,86 Gb Free Space | 12,12% Space Free | Partition Type: NTFS
    Drive D: | 9,94 Gb Total Space | 1,72 Gb Free Space | 17,32% Space Free | Partition Type: NTFS

    Computer Name: PC_ANNI_KAZJOU | User Name: Anne Marie & Kazimir | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: Current user
    Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

    ========== Extra Registry (SafeList) ==========


    ========== File Associations ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
    .cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
    .hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

    [HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
    .html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

    ========== Shell Spawning ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
    batfile [open] -- "%1" %*
    cmdfile [open] -- "%1" %*
    comfile [open] -- "%1" %*
    cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
    exefile [open] -- "%1" %*
    helpfile [open] -- Reg Error: Key error.
    hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
    inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
    piffile [open] -- "%1" %*
    regfile [merge] -- Reg Error: Key error.
    scrfile [config] -- "%1"
    scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
    scrfile [open] -- "%1" /S
    txtfile [edit] -- Reg Error: Key error.
    Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
    Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
    Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
    Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
    Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

    ========== Security Center Settings ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
    "cval" = 1

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
    "AntiVirusOverride" = 0
    "AntiSpywareOverride" = 0
    "FirewallOverride" = 0
    "VistaSp1" = Reg Error: Unknown registry data type -- File not found
    "VistaSp2" = Reg Error: Unknown registry data type -- File not found

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

    ========== Firewall Settings ==========

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
    "EnableFirewall" = 1
    "DisableNotifications" = 0

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
    "EnableFirewall" = 1
    "DisableNotifications" = 0

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
    "EnableFirewall" = 1
    "DisableNotifications" = 0

    ========== Authorized Applications List ==========


    ========== Vista Active Open Ports Exception List ==========

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
    "{13FC61ED-79BD-4985-9807-F98C714CA1D5}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
    "{31138533-3361-4A74-A469-50225423712B}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
    "{3BFF6C30-6308-4F15-8041-F1EE25FCFC26}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
    "{6745EB2A-18B3-4CAC-8BD3-5EFD74CF45DE}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
    "{6953446C-1EF1-40BD-9EAA-26F55E8A7197}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
    "{8DE98BDF-5258-4AE0-BC68-7773444FA46B}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
    "{A964EE63-A7D5-402D-827B-09718912A405}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
    "{E7EB2750-8CED-4103-A535-3BB066A8FDBA}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |

    ========== Vista Active Application Exception List ==========

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
    "{07DE1E13-5DA2-48D3-AB9E-7148AC9700BC}" = dir=in | app=c:\program files\cyberlink\powerdirector\pdr.exe |
    "{477AD31A-9107-495D-B627-B8D344A7B349}" = dir=in | app=c:\program files\hp\quickplay\qpservice.exe |
    "{4CA44121-1D07-490C-9020-B21D16343004}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
    "{553C811E-FBCC-49EC-8CB5-A0AC32C30B99}" = protocol=17 | dir=in | app=e:\eskernel.exe |
    "{6F4AC9F9-014C-41DF-93BD-C2B1539F9085}" = dir=in | app=c:\program files\hp\quickplay\qp.exe |
    "{B538F501-660F-4A64-8698-2F803F514501}" = protocol=6 | dir=in | app=e:\eskernel.exe |

    ========== HKEY_LOCAL_MACHINE Uninstall List ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
    "{082702D5-5DD8-4600-BCE5-48B15174687F}" = HP Doc Viewer
    "{0E7DBD52-B097-4F2B-A7C7-F105B0D20FDB}" = LightScribe System Software 1.14.17.1
    "{0F5B4A82-9DAF-3D13-8CB8-AEB25E4A614E}" = Microsoft .NET Framework 4 Client Profile FRA Language Pack
    "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
    "{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite
    "{228C6B46-64E2-404E-898A-EF0830603EF4}" = HPNetworkAssistant
    "{254C37AA-6B72-4300-84F6-98A82419187E}" = ActiveCheck component for HP Active Support Library
    "{26A24AE4-039D-4CA4-87B4-2F83216017FF}" = Java(TM) 6 Update 17
    "{2BC21CD2-8053-406A-80F6-9AB61717B49D}" = ODF Add-in for Microsoft Office
    "{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java(TM) 6 Update 7
    "{34D2AB40-150D-475D-AE32-BD23FB5EE355}" = HP Quick Launch Buttons 6.40 H2
    "{3877C901-7B90-4727-A639-B6ED2DD59D43}" = ESU for Microsoft Vista
    "{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
    "{3D3E663D-4E7E-4577-A560-7ECDDD45548A}" = PVSonyDll
    "{3E31821C-7917-367E-938E-E65FC413EA31}" = Microsoft .NET Framework 3.5 Language Pack SP1 - fra
    "{3F92ABBB-6BBF-11D5-B229-002078017FBF}" = NetWaiting
    "{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
    "{415B2719-AD3A-4944-B404-C472DB6085B3}" = Cisco EAP-FAST Module
    "{4286E640-B5FB-11DF-AC4B-005056C00008}" = Google Earth
    "{45D707E9-F3C4-11D9-A373-0050BAE317E1}" = HP DVD Play 3.7
    "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
    "{57A5AEC1-97FC-474D-92C4-908FCC2253D4}" = HP Customer Experience Enhancements
    "{65883ddf-2152-4cb7-8e13-b99194b13498}" = Nero BackItUp
    "{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
    "{669C7BD8-DAA2-49B6-966C-F1E2AAE6B17E}" = Cisco PEAP Module
    "{669D4A35-146B-4314-89F1-1AC3D7B88367}" = HPAsset component for HP Active Support Library
    "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
    "{75c53f52-398b-4d66-b28a-f9ef170b3b34}" = Nero BackItUp
    "{79D5997E-BF79-48BB-8B41-9BE59C15C2D7}" = OmniPage SE 2.0
    "{83770D14-21B9-44B3-8689-F7B523F94560}" = Cisco LEAP Module
    "{846DDADA-0239-4B67-A6B1-33658863793B}" = HPTCSSetup
    "{85309D89-7BE9-4094-BB17-24999C6118FC}" = ArcSoft PhotoStudio 5.5
    "{9011040C-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
    "{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
    "{90120000-0020-040C-0000-0000000FF1CE}" = Module de compatibilité pour Microsoft Office System 2007
    "{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
    "{95120000-00AF-040C-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (French)
    "{9ADABDDE-9644-461B-9E73-83FA3EFCAB50}" = HP Wireless Assistant
    "{A654A805-41D9-40C7-AA46-4AF04F044D61}" = Adobe® Photoshop® Album Starter Edition 3.2
    "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
    "{AC76BA86-7AD7-1036-7B44-A90000000001}" = Adobe Reader 9 - Français
    "{AD72CFB4-C2BF-424E-9DF0-C7BAD1F30A11}" = Adobe Shockwave Player
    "{b2ec4a38-b545-4a00-8214-13fe0e915e6d}" = Advertising Center
    "{B6D0B141-B2BE-4DD0-B08F-B9186F3E36B3}" = HP User Guides 0118
    "{bd5ca0da-71ad-43da-b19e-6eee0c9adc9a}" = Nero ControlCenter
    "{c11779bc-b11e-4dfa-9e34-c2905300a5a7}" = Nero BackItUp 4 Essentials
    "{C3A32068-8AB1-4327-BB16-BED9C6219DC7}" = Atheros Driver Installation Program
    "{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
    "{C8FD5BC1-92EF-4C15-92A9-F9AC7F61985F}" = HP Update
    "{CA9A3609-3ECC-4574-8824-A8161A71A603}" = Canon MP150
    "{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
    "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
    "{DC24971E-1946-445D-8A82-CE685433FA7D}" = Realtek USB 2.0 Card Reader
    "{DD35C328-F115-BEDA-6EEE-E00C5AACCCBC}" = muvee Reveal
    "{E6358333-B89B-4243-8477-647C9360B5D9}_is1" = Batch PPTX to PPT Converter 2009
    "{e8a80433-302b-4ff1-815d-fcc8eac482ff}" = Nero Installer
    "{f4041dce-3fe1-4e18-8a9e-9de65231ee36}" = Nero ControlCenter
    "Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
    "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
    "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
    "Adobe® Photoshop® Album Starter Edition 3.2" = Adobe® Photoshop® Album Starter Edition 3.2
    "avast" = avast! Free Antivirus
    "CANONIJINBOXADDON100" = Canon Inkjet Printer Driver Add-On Module
    "CCleaner" = CCleaner
    "CNXT_AUDIO_HDA" = Conexant HD Audio
    "Easy-LayoutPrint" = Canon Utilities Easy-LayoutPrint
    "Easy-PhotoPrint" = Canon Utilities Easy-PhotoPrint
    "Easy-WebPrint" = Easy-WebPrint
    "Google Chrome" = Google Chrome
    "InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
    "InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite
    "InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
    "InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
    "InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
    "Microsoft .NET Framework 3.5 Language Pack SP1 - fra" = Module linguistique Microsoft .NET Framework 3.5 SP1- fra
    "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
    "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
    "Microsoft .NET Framework 4 Client Profile FRA Language Pack" = Module linguistique Microsoft .NET Framework 4 Client Profile FRA
    "Mozilla Firefox (3.6.18)" = Mozilla Firefox (3.6.18)
    "MP Navigator 2.0" = Canon MP Navigator 2.0
    "NVIDIA Drivers" = NVIDIA Drivers
    "SynTPDeinstKey" = Synaptics Pointing Device Driver
    "VisiPPT_is1" = VisiPPT
    "YTdetect" = Yahoo! Detect

    ========== HKEY_CURRENT_USER Uninstall List ==========

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "PhotoFiltre" = PhotoFiltre

    ========== Last 10 Event Log Errors ==========

    [ Application Events ]
    Error - 06/07/2011 05:10:51 | Computer Name = PC_Anni_Kazjou | Source = WinMgmt | ID = 10
    Description =

    Error - 06/07/2011 09:58:51 | Computer Name = PC_Anni_Kazjou | Source = WinMgmt | ID = 10
    Description =

    Error - 06/07/2011 10:07:04 | Computer Name = PC_Anni_Kazjou | Source = WinMgmt | ID = 10
    Description =

    Error - 07/07/2011 04:01:44 | Computer Name = PC_Anni_Kazjou | Source = WinMgmt | ID = 10
    Description =

    Error - 07/07/2011 08:25:49 | Computer Name = PC_Anni_Kazjou | Source = WinMgmt | ID = 10
    Description =

    Error - 07/07/2011 13:48:23 | Computer Name = PC_Anni_Kazjou | Source = WinMgmt | ID = 10
    Description =

    Error - 07/07/2011 15:05:27 | Computer Name = PC_Anni_Kazjou | Source = WinMgmt | ID = 10
    Description =

    Error - 08/07/2011 04:04:27 | Computer Name = PC_Anni_Kazjou | Source = WinMgmt | ID = 10
    Description =

    Error - 08/07/2011 04:14:55 | Computer Name = PC_Anni_Kazjou | Source = WinMgmt | ID = 10
    Description =

    Error - 08/07/2011 04:28:29 | Computer Name = PC_Anni_Kazjou | Source = WinMgmt | ID = 10
    Description =

    [ System Events ]
    Error - 09/07/2011 08:35:04 | Computer Name = PC_Anni_Kazjou | Source = Service Control Manager | ID = 7026
    Description =

    Error - 09/07/2011 08:44:39 | Computer Name = PC_Anni_Kazjou | Source = Service Control Manager | ID = 7000
    Description =

    Error - 09/07/2011 08:44:39 | Computer Name = PC_Anni_Kazjou | Source = Service Control Manager | ID = 7000
    Description =

    Error - 09/07/2011 08:44:39 | Computer Name = PC_Anni_Kazjou | Source = Service Control Manager | ID = 7026
    Description =

    Error - 09/07/2011 14:05:38 | Computer Name = PC_Anni_Kazjou | Source = Service Control Manager | ID = 7000
    Description =

    Error - 09/07/2011 14:05:38 | Computer Name = PC_Anni_Kazjou | Source = Service Control Manager | ID = 7000
    Description =

    Error - 09/07/2011 14:05:38 | Computer Name = PC_Anni_Kazjou | Source = Service Control Manager | ID = 7026
    Description =

    Error - 09/07/2011 17:26:11 | Computer Name = PC_Anni_Kazjou | Source = Service Control Manager | ID = 7000
    Description =

    Error - 09/07/2011 17:26:11 | Computer Name = PC_Anni_Kazjou | Source = Service Control Manager | ID = 7000
    Description =

    Error - 09/07/2011 17:26:11 | Computer Name = PC_Anni_Kazjou | Source = Service Control Manager | ID = 7026
    Description =


    < End of report >


    2) Otl.txt - Bloc-notes:

    OTL logfile created on: 09/07/2011 23:35:43 - Run 1
    OTL by OldTimer - Version 3.2.26.1 Folder = c:\Users\Anne Marie & Kazimir\Downloads
    Windows Vista Home Basic Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
    Internet Explorer (Version = 8.0.6001.19088)
    Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

    1,75 Gb Total Physical Memory | 1,02 Gb Available Physical Memory | 58,36% Memory free
    3,74 Gb Paging File | 2,92 Gb Available in Paging File | 78,08% Paging File free
    Paging file location(s): ?:\pagefile.sys [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
    Drive C: | 139,10 Gb Total Space | 16,86 Gb Free Space | 12,12% Space Free | Partition Type: NTFS
    Drive D: | 9,94 Gb Total Space | 1,72 Gb Free Space | 17,32% Space Free | Partition Type: NTFS

    Computer Name: PC_ANNI_KAZJOU | User Name: Anne Marie & Kazimir | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: Current user
    Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

    ========== Processes (SafeList) ==========

    PRC - c:\Users\Anne Marie & Kazimir\Downloads\OTL.exe (OldTimer Tools)
    PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
    PRC - C:\Program Files\Alwil Software\Avast5\AvastUI.exe (AVAST Software)
    PRC - C:\Windows\explorer.exe (Microsoft Corporation)
    PRC - C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
    PRC - C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe (Adobe Systems Incorporated)
    PRC - C:\Program Files\ScanSoft\OmniPageSE2.0\opwareSE2.exe (ScanSoft, Inc.)


    ========== Modules (SafeList) ==========

    MOD - c:\Users\Anne Marie & Kazimir\Downloads\OTL.exe (OldTimer Tools)
    MOD - C:\Program Files\Alwil Software\Avast5\snxhk.dll (AVAST Software)
    MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll (Microsoft Corporation)


    ========== Win32 Services (SafeList) ==========

    SRV - (Norton Internet Security) -- File not found
    SRV - (GameConsoleService) -- File not found
    SRV - (avast! Antivirus) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (AVAST Software)
    SRV - (WinHttpAutoProxySvc) -- winhttp.dll (Microsoft Corporation)
    SRV - (Recovery Service for Windows) -- C:\Program Files\SMINST\BLService.exe ()
    SRV - (Nero BackItUp Scheduler 4.0) -- C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe (Nero AG)
    SRV - (PLFlash DeviceIoControl Service) -- C:\Program Files\Nero\Nero BackItUp 4\IoctlSvc.exe (Prolific Technology Inc.)
    SRV - (ezSharedSvc) -- C:\Windows\System32\ezsvc7.dll (EasyBits Sofware AS)
    SRV - (WinDefend) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)


    ========== Driver Services (SafeList) ==========

    DRV - (aswSnx) -- C:\Windows\System32\drivers\aswSnx.sys (AVAST Software)
    DRV - (aswSP) -- C:\Windows\System32\drivers\aswSP.sys (AVAST Software)
    DRV - (aswTdi) -- C:\Windows\System32\drivers\aswTdi.sys (AVAST Software)
    DRV - (aswRdr) -- C:\Windows\System32\drivers\aswRdr.sys (AVAST Software)
    DRV - (aswMonFlt) -- C:\Windows\System32\drivers\aswMonFlt.sys (AVAST Software)
    DRV - (aswFsBlk) -- C:\Windows\System32\drivers\aswFsBlk.sys (AVAST Software)
    DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)
    DRV - (CnxtHdAudService) -- C:\Windows\System32\drivers\CHDRT32.sys (Conexant Systems Inc.)
    DRV - (NVHDA) -- C:\Windows\System32\drivers\nvhda32v.sys (NVIDIA Corporation)
    DRV - (athr) -- C:\Windows\System32\drivers\athr.sys (Atheros Communications, Inc.)
    DRV - (nvsmu) -- C:\Windows\System32\drivers\nvsmu.sys (NVIDIA Corporation)
    DRV - (NVENETFD) -- C:\Windows\System32\drivers\nvmfdx32.sys (NVIDIA Corporation)
    DRV - (NETw3v32) Intel(R) -- C:\Windows\System32\drivers\NETw3v32.sys (Intel Corporation)
    DRV - (XAudio) -- C:\Windows\System32\drivers\XAudio.sys (Conexant Systems, Inc.)
    DRV - (HpqKbFiltr) -- C:\Windows\System32\drivers\HpqKbFiltr.sys (Hewlett-Packard Development Company, L.P.)


    ========== Standard Registry (SafeList) ==========


    ========== Internet Explorer ==========

    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&loca...
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&loca...

    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&loca...
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.babylon.com/home?AF=10588
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
    IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

    ========== FireFox ==========

    FF - prefs.js..browser.search.defaultenginename: "Search the web (Babylon)"
    FF - prefs.js..browser.search.order.1: "Search the web (Babylon)"
    FF - prefs.js..browser.search.selectedEngine: "Google"
    FF - prefs.js..browser.startup.homepage: "http://webmail1m.orange.fr/webmail/fr_FR/inbox.html?Fro..."
    FF - prefs.js..keyword.URL: "http://search.babylon.com/?babsrc=toolbar2&q="

    FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
    FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
    FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.57\npGoogleUpdate3.dll (Google Inc.)
    FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.57\npGoogleUpdate3.dll (Google Inc.)

    FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.18\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/07/08 10:57:02 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.18\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/07/08 10:57:01 | 000,000,000 | ---D | M]

    [2009/08/06 22:12:22 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Anne Marie & Kazimir\AppData\Roaming\mozilla\Extensions
    [2011/07/09 23:26:40 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Anne Marie & Kazimir\AppData\Roaming\mozilla\Firefox\Profiles\snymed6a.default\extensions
    [2011/02/03 19:07:35 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Anne Marie & Kazimir\AppData\Roaming\mozilla\Firefox\Profiles\snymed6a.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
    [2011/07/09 22:35:28 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Anne Marie & Kazimir\AppData\Roaming\mozilla\Firefox\Profiles\snymed6a.default\extensions\ffxtlbr@babylon.com
    [2011/07/09 23:26:40 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Anne Marie & Kazimir\AppData\Roaming\mozilla\Firefox\Profiles\snymed6a.default\extensions\ffxtlbr@babylon.com-trash
    [2011/07/08 10:30:12 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\mozilla firefox\extensions
    [2009/05/05 15:10:44 | 001,961,984 | ---- | M] (Myriad Software.) -- C:\Program Files\mozilla firefox\plugins\NPMyrMus.dll
    [2011/07/08 10:56:55 | 000,001,516 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazon-france.xml
    [2011/07/08 10:20:54 | 000,002,226 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\babylon.xml
    [2011/07/08 10:56:55 | 000,001,822 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\cnrtl-tlfi-fr.xml
    [2011/07/08 10:56:55 | 000,000,757 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-france.xml
    [2011/07/08 10:56:55 | 000,001,426 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-fr.xml
    [2011/07/08 10:56:55 | 000,000,956 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-france.xml

    O1 HOSTS File: ([2006/09/18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
    O1 - Hosts: 127.0.0.1 localhost
    O1 - Hosts: ::1 localhost
    O2 - BHO: (no name) - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - No CLSID value found.
    O3 - HKLM\..\Toolbar: (Easy-WebPrint) - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll ()
    O3 - HKLM\..\Toolbar: (no name) - {DE9C389F-3316-41A7-809B-AA305ED9D922} - No CLSID value found.
    O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {DE9C389F-3316-41A7-809B-AA305ED9D922} - No CLSID value found.
    O4 - HKLM..\Run: [Adobe Photo Downloader] C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe (Adobe Systems Incorporated)
    O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software)
    O4 - HKLM..\Run: [NBKeyScan] C:\Program Files\Nero\Nero BackItUp 4\NBKeyScan.exe (Nero AG)
    O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation)
    O4 - HKLM..\Run: [OPSE reminder] C:\Program Files\ScanSoft\OmniPageSE2.0\EregFre\Ereg.exe ()
    O4 - HKLM..\Run: [OpwareSE2] C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe (ScanSoft, Inc.)
    O4 - HKLM..\Run: [UpdateLBPShortCut] C:\Program Files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
    O4 - HKLM..\Run: [UpdateP2GoShortCut] C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
    O4 - HKLM..\Run: [UpdatePDIRShortCut] C:\Program Files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
    O4 - HKLM..\Run: [UpdatePSTShortCut] C:\Program Files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
    O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
    O8 - Extra context menu item: &Recherche AOL Toolbar - C:\ProgramData\AOL\ieToolbar\resources\fr-FR\local\search.html ()
    O8 - Extra context menu item: Easy-WebPrint Ajouter à la liste d'impressions - C:\Program Files\Canon\Easy-WebPrint\Resource.dll ()
    O8 - Extra context menu item: Easy-WebPrint Impression rapide - C:\Program Files\Canon\Easy-WebPrint\Resource.dll ()
    O8 - Extra context menu item: Easy-WebPrint Imprimer - C:\Program Files\Canon\Easy-WebPrint\Resource.dll ()
    O8 - Extra context menu item: Easy-WebPrint Prévisualiser - C:\Program Files\Canon\Easy-WebPrint\Resource.dll ()
    O12 - Plugin for: .mu3 - C:\Program Files\Internet Explorer\Plugins\NPMyrMus.dll (Myriad Software.)
    O12 - Plugin for: .mus - C:\Program Files\Internet Explorer\Plugins\NPMyrMus.dll (Myriad Software.)
    O12 - Plugin for: .mxl - C:\Program Files\Internet Explorer\Plugins\NPMyrMus.dll (Myriad Software.)
    O12 - Plugin for: .mya - C:\Program Files\Internet Explorer\Plugins\NPMyrMus.dll (Myriad Software.)
    O12 - Plugin for: .myr - C:\Program Files\Internet Explorer\Plugins\NPMyrMus.dll (Myriad Software.)
    O12 - Plugin for: .myt - C:\Program Files\Internet Explorer\Plugins\NPMyrMus.dll (Myriad Software.)
    O12 - Plugin for: .xmz - C:\Program Files\Internet Explorer\Plugins\NPMyrMus.dll (Myriad Software.)
    O13 - gopher Prefix: missing
    O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-wind... (Java Plug-in 1.6.0_07)
    O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-wind... (Java Plug-in 1.6.0_17)
    O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-wind... (Java Plug-in 1.6.0_17)
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
    O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\PROGRA~1\COMMON~1\MICROS~1\WEBCOM~1\11\OWC11.DLL (Microsoft Corporation)
    O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
    O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
    O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
    O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
    O24 - Desktop WallPaper: C:\Users\Anne Marie & Kazimir\Pictures\des-plages-etonnantes_1024x768.jpg
    O24 - Desktop BackupWallPaper: C:\Users\Anne Marie & Kazimir\Pictures\des-plages-etonnantes_1024x768.jpg
    O29 - HKLM SecurityProviders - (credssp.dll) - credssp.dll (Microsoft Corporation)
    O32 - HKLM CDRom: AutoRun - 1
    O32 - AutoRun File - [2006/09/18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
    O33 - MountPoints2\{431a272a-78c2-11df-917f-001f16729c32}\Shell\AutoRun\command - "" = i9bwjpqc.exe
    O33 - MountPoints2\{431a272a-78c2-11df-917f-001f16729c32}\Shell\open\Command - "" = i9bwjpqc.exe
    O33 - MountPoints2\{431a272f-78c2-11df-917f-001f16729c32}\Shell - "" = AutoRun
    O33 - MountPoints2\{431a272f-78c2-11df-917f-001f16729c32}\Shell\AutoRun\command - "" = G:\LaunchU3.exe -a
    O33 - MountPoints2\{9c7634a3-f24f-11de-a4a4-806e6f6e6963}\Shell\AutoRun\command - "" = F:\WDSetup.exe
    O33 - MountPoints2\{9fd107b1-8832-11de-8b76-001f16729c32}\Shell\AutoRun\command - "" = Toshiba\more4you.exe
    O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\WDSetup.exe
    O34 - HKLM BootExecute: (autocheck autochk *) - File not found
    O35 - HKLM\..comfile [open] -- "%1" %*
    O35 - HKLM\..exefile [open] -- "%1" %*
    O37 - HKLM\...com [@ = comfile] -- "%1" %*
    O37 - HKLM\...exe [@ = exefile] -- "%1" %*

    ========== Files/Folders - Created Within 30 Days ==========

    [2011/07/09 14:56:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
    [2011/07/09 14:49:05 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
    [2011/07/08 10:49:56 | 000,000,000 | ---D | C] -- C:\Program Files\OpenXML-ODF Translator
    [2011/07/08 10:49:56 | 000,000,000 | ---D | C] -- C:\Users\Anne Marie & Kazimir\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ODF Add-in for Microsoft Office
    [2011/07/08 10:21:56 | 000,000,000 | ---D | C] -- C:\Program Files\Babylon
    [2011/06/16 18:50:31 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
    [2011/06/16 18:50:28 | 000,602,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
    [2011/06/16 18:50:26 | 001,469,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
    [2011/06/16 18:50:26 | 000,611,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll
    [2011/06/16 18:50:25 | 000,387,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
    [2011/06/16 18:50:25 | 000,385,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
    [2011/06/16 18:50:25 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
    [2011/06/16 18:50:25 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
    [2011/06/16 18:50:25 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
    [2011/06/16 18:50:25 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
    [2011/06/16 18:50:25 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
    [2011/06/16 18:50:25 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
    [2011/06/16 18:50:25 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
    [2011/06/16 18:50:25 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
    [2011/06/16 18:50:22 | 001,638,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
    [2011/06/16 18:50:22 | 000,173,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
    [2011/06/16 18:50:22 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
    [2011/06/14 18:53:06 | 000,441,176 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswSnx.sys
    [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

    ========== Files - Modified Within 30 Days ==========

    [2011/07/09 23:32:36 | 000,683,414 | ---- | M] () -- C:\Windows\System32\perfh00C.dat
    [2011/07/09 23:32:36 | 000,604,832 | ---- | M] () -- C:\Windows\System32\perfh009.dat
    [2011/07/09 23:32:36 | 000,128,706 | ---- | M] () -- C:\Windows\System32\perfc00C.dat
    [2011/07/09 23:32:36 | 000,110,516 | ---- | M] () -- C:\Windows\System32\perfc009.dat
    [2011/07/09 23:26:21 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
    [2011/07/09 23:26:20 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
    [2011/07/09 23:26:08 | 000,001,080 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
    [2011/07/09 23:26:08 | 000,000,248 | ---- | M] () -- C:\ProgramData\hpqp.ini
    [2011/07/09 23:25:40 | 000,080,696 | ---- | M] () -- C:\ProgramData\nvModes.dat
    [2011/07/09 23:25:37 | 000,080,696 | ---- | M] () -- C:\ProgramData\nvModes.001
    [2011/07/09 23:25:26 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
    [2011/07/09 22:57:00 | 000,001,084 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
    [2011/07/09 14:56:58 | 000,000,804 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
    [2011/07/09 14:38:56 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt
    [2011/07/04 13:43:53 | 000,040,112 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr
    [2011/07/04 13:43:51 | 000,199,304 | ---- | M] (AVAST Software) -- C:\Windows\System32\aswBoot.exe
    [2011/07/04 13:36:43 | 000,441,176 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswSnx.sys
    [2011/07/04 13:36:32 | 000,309,848 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswSP.sys
    [2011/07/04 13:35:23 | 000,043,608 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswTdi.sys
    [2011/07/04 13:32:32 | 000,025,432 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswRdr.sys
    [2011/07/04 13:32:20 | 000,054,104 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswMonFlt.sys
    [2011/07/04 13:32:12 | 000,019,544 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswFsBlk.sys
    [2011/07/03 18:59:16 | 000,001,971 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
    [2011/06/30 14:37:04 | 000,361,104 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
    [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

    ========== Files Created - No Company Name ==========

    [2011/07/09 14:56:58 | 000,000,804 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
    [2010/12/22 18:52:18 | 000,000,680 | ---- | C] () -- C:\Users\Anne Marie & Kazimir\AppData\Local\d3d9caps.dat
    [2010/03/12 15:02:49 | 000,000,056 | -H-- | C] () -- C:\Windows\System32\ezsidmv.dat
    [2009/12/24 14:46:46 | 000,765,952 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
    [2009/12/24 14:46:46 | 000,180,224 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
    [2009/12/04 12:31:24 | 000,000,532 | ---- | C] () -- C:\Windows\MAXLINK.INI
    [2009/11/02 14:35:18 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
    [2009/11/02 14:35:18 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
    [2009/10/22 23:28:08 | 000,106,496 | ---- | C] () -- C:\Windows\System32\MMPlugHostCtrl.dll
    [2009/10/22 23:28:08 | 000,000,724 | ---- | C] () -- C:\Windows\wacam.ini
    [2009/08/15 16:55:54 | 000,080,696 | ---- | C] () -- C:\ProgramData\nvModes.001
    [2009/08/15 15:54:46 | 000,080,696 | ---- | C] () -- C:\ProgramData\nvModes.dat
    [2009/08/13 21:55:27 | 000,057,344 | ---- | C] () -- C:\Users\Anne Marie & Kazimir\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    [2009/08/13 19:37:55 | 000,000,382 | ---- | C] () -- C:\Windows\ODBC.INI
    [2009/03/15 13:32:58 | 000,000,248 | ---- | C] () -- C:\ProgramData\hpqp.ini
    [2009/03/15 12:54:03 | 000,003,948 | ---- | C] () -- C:\Windows\System32\drivers\nvphy.bin
    [2008/10/25 16:03:20 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
    [2008/10/25 15:59:09 | 000,683,414 | ---- | C] () -- C:\Windows\System32\perfh00C.dat
    [2008/10/25 15:59:09 | 000,340,236 | ---- | C] () -- C:\Windows\System32\perfi00C.dat
    [2008/10/25 15:59:09 | 000,128,706 | ---- | C] () -- C:\Windows\System32\perfc00C.dat
    [2008/10/25 15:59:09 | 000,037,390 | ---- | C] () -- C:\Windows\System32\perfd00C.dat
    [2008/10/25 08:24:29 | 000,000,428 | ---- | C] () -- C:\Windows\System32\ezdigsgn.dat
    [2006/11/02 14:53:49 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
    [2006/11/02 14:44:53 | 000,361,104 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
    [2006/11/02 12:33:01 | 000,604,832 | ---- | C] () -- C:\Windows\System32\perfh009.dat
    [2006/11/02 12:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
    [2006/11/02 12:33:01 | 000,110,516 | ---- | C] () -- C:\Windows\System32\perfc009.dat
    [2006/11/02 12:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
    [2006/11/02 12:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
    [2006/11/02 10:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
    [2006/11/02 10:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
    [2006/11/02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
    [2006/11/02 09:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
    [2006/03/09 11:58:00 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll

    ========== LOP Check ==========

    [2009/10/22 23:33:40 | 000,000,000 | ---D | M] -- C:\Users\Anne Marie & Kazimir\AppData\Roaming\ACAMPREF
    [2010/01/21 17:59:41 | 000,000,000 | ---D | M] -- C:\Users\Anne Marie & Kazimir\AppData\Roaming\Canon
    [2009/12/24 14:47:17 | 000,000,000 | ---D | M] -- C:\Users\Anne Marie & Kazimir\AppData\Roaming\GeoVid
    [2010/05/10 21:36:09 | 000,000,000 | ---D | M] -- C:\Users\Anne Marie & Kazimir\AppData\Roaming\Leadertech
    [2010/02/10 13:33:02 | 000,000,000 | ---D | M] -- C:\Users\Anne Marie & Kazimir\AppData\Roaming\PhotoFiltre
    [2009/12/04 12:31:27 | 000,000,000 | ---D | M] -- C:\Users\Anne Marie & Kazimir\AppData\Roaming\ScanSoft
    [2010/05/17 22:00:30 | 000,000,000 | ---D | M] -- C:\Users\Anne Marie & Kazimir\AppData\Roaming\uTorrent
    [2009/12/24 14:47:20 | 000,000,000 | ---D | M] -- C:\Users\Anne Marie & Kazimir\AppData\Roaming\VisiPPT
    [2011/07/09 23:24:36 | 000,032,562 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

    ========== Purity Check ==========



    < End of report >


    Voilà...
    a c 267 8 Sécurité
    9 Juillet 2011 23:52:11

    Pareil que tout à l'heure.

    On peut essayer avec ZHPDiag mais je suis moins à l'aise.

  • Télécharge ZHPDiag (de Nicolas Coolman).
  • Double-clique sur le fichier d'installation. Installe ZHPDiag avec les paramètres par défaut (N'oublie pas de cocher "Créer une icône sur le Bureau").
  • Lance ZHPDiag en double-cliquant sur le raccourci présent sur ton Bureau.
    (Sous Vista/Win7, il faut cliquer droit sur le raccourci de ZHPDiag et choisir Exécuter en tant qu'administrateur)
  • Clique sur la loupe (Lancer le diagnostic) puis laisse l'outil scanner.
  • Une fois le scan terminé, clique sur l'icône en forme de disquette et enregistre le fichier (le rapport de l'analyse) sur ton Bureau.
  • Pour me transmettre le rapport, utilise le site http://pjjoint.malekal.com/ car le rapport ZHPDiag est plutôt long.
    10 Juillet 2011 00:10:07

    Au risque de paraître je ne sais quoi, je n'ai pas vu la loupe dans les icônes, faut-il lancer le nettoyeur de tools ou autre chose?
    10 Juillet 2011 00:13:40

    Evidemment, quand on se trompe de logiciel, on ne trouve pas... J'ai vu mon erreur.
    10 Juillet 2011 00:27:35

    J'ai scanné grâce à ZHPDiag mais là je satûre, j'ai toujours un problème pour savoir où est enregistré le rapport du scan, je te recontacte demain soir.
    Merci pour ton aide!
    10 Juillet 2011 22:19:14

    Bonsoir,
    J'ai rescanné l'ordi avec ZHPDiag mais même si j'enregistre le rapport sur le bureau, il n'apparaît pas. peux-tu m'aider à ce sujet? Merci
    a c 267 8 Sécurité
    10 Juillet 2011 22:23:27

    Le rapport est au même endroit que ZHPDiag.
    10 Juillet 2011 22:28:48

    ok mais quel est le nom du fichier parmi tous? est-ce ZHPscan?
    10 Juillet 2011 22:34:51

    Sinon je te le poste en copier/coller...
    10 Juillet 2011 22:57:47

    Voici le rapport:

    Rapport de ZHPDiag v1.27.2405 par Nicolas Coolman, Update du 08/07/2011
    Run by Anne Marie & Kazimir at 10/07/2011 22:07:09
    Web site : http://www.premiumorange.com/zeb-help-process/zhpdiag.h...


    ---\\ Web Browser
    MSIE: Internet Explorer v8.0.6001.19088
    MFIE: Mozilla Firefox v (Defaut)
    GCIE: Google Chrome v12.0.742.112

    ---\\ System Information
    Windows Vista Home Basic Edition, 32-bit Service Pack 2 (Build 6002)
    Processor: x86 Family 17 Model 3 Stepping 1, AuthenticAMD
    Operating System: 32 Bits
    Boot mode: Normal (Normal boot)
    Total RAM: 1789 MB (57% free)
    System Restore: Activé (Enable)
    System drive C: has 17 GB (12%) free of 139 GB

    ---\\ Logged in mode
    Computer Name: PC_ANNI_KAZJOU
    User Name: Anne Marie & Kazimir
    All Users Names: Anne Marie & Kazimir, Administrateur,
    Unselected Option: O45,O61,O62,O65,O66,O82
    Logged in as Administrator

    ---\\ Environnement Variables
    ~ %AppData%=C:\Users\Anne Marie & Kazimir\AppData\Roaming\
    ~ %Desktop%=C:\Users\Anne Marie & Kazimir\Desktop\
    ~ %Favorites%=C:\Users\Anne Marie & Kazimir\Favorites\
    ~ %LocalAppData%=C:\Users\Anne Marie & Kazimir\AppData\Local\
    ~ %StartMenu%=C:\Users\Anne Marie & Kazimir\AppData\Roaming\Microsoft\Windows\Start Menu\

    ---\\ DOS/Devices
    C:\ Hard drive, Flash drive, Thumb drive (Free 17 Go of 139 Go)
    D:\ Hard drive, Flash drive, Thumb drive (Free 2 Go of 10 Go)
    E:\ CD-ROM drive (Not Inserted)



    ---\\ Security Center & Tools Informations
    [HKLM\SOFTWARE\Microsoft\Security Center] AntiSpywareOverride: OK
    [HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusOverride: OK
    [HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK
    [HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK
    [HKLM\SOFTWARE\Microsoft\Security Center] FirewallOverride: OK
    [HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK
    [HKLM\SOFTWARE\Microsoft\Security Center] UacDisableNotify: OK
    [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
    [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
    [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusDisableNotify: OK
    [HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallDisableNotify: OK
    [HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
    [HKLM\SOFTWARE\Microsoft\Security Center\Svc] UpdatesDisableNotify: OK
    [HKLM\SOFTWARE\Microsoft\Security Center\Svc] UacDisableNotify: OK
    [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] NoActiveDesktopChanges: OK
    [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: OK
    [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoDesktop: OK
    [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
    [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowSearch: OK
    [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings] WarnOnHTTPSToHTTPRedirect: Modified
    [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
    [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK
    [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
    [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK



    ---\\ Recherche particulière de fichiers génériques
    [MD5.D07D4C3038F3578FFCE1C0237F2A1253] - (.Microsoft Corporation - Explorateur Windows.) (.02/11/2009 - 07:27:36.) -- C:\Windows\Explorer.exe [2926592]
    [MD5.101BA3EA053480BB5D957EF37C06B5ED] - (.Microsoft Corporation - Application de démarrage de Windows.) (.21/01/2008 - 03:33:13.) -- C:\Windows\system32\Wininit.exe [96768]
    [MD5.DE4685DE5130039FA63DA66C0F72F787] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.16/06/2011 - 07:08:58.) -- C:\Windows\system32\wininet.dll [916480]
    [MD5.898E7C06A350D4A1A64A9EA264D55452] - (.Microsoft Corporation - Application d'ouverture de session Windows.) (.02/11/2009 - 07:28:13.) -- C:\Windows\system32\Winlogon.exe [314368]
    [MD5.1F05B78AB91C9075565A9D8A4B880BC4] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.02/11/2009 - 07:32:26.) -- C:\Windows\system32\drivers\atapi.sys [19944]
    [MD5.6A4A98CEE84CF9E99564510DDA4BAA47] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.02/11/2009 - 07:32:49.) -- C:\Windows\system32\drivers\ntfs.sys [1083880]



    ---\\ Etat des fichiers cachés (Caché/Total)
    ~ Mes images (My Pictures) : 36/28543
    ~ Mes musiques (My Musics) : 1/12
    ~ Mes Videos (My Videos) : 1/61
    ~ Mes Favoris (My Favorites) : 2/23
    ~ Mes Documents (My Documents) : 1/4137
    ~ Mon Bureau (My Desktop) : 1/74
    ~ Menu demarrer (Programs) : 7/31



    ---\\ Processus lancés
    [MD5.AE567D261D281B51BE55E53A786E8574] - (.Synaptics, Inc. - Synaptics TouchPad Enhancements.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1049896]
    [MD5.5E5208A733BBCC4571F384754A9A6746] - (.CyberLink Corp. - HP QuickPlay Resident Program.) -- C:\Program Files\HP\QuickPlay\QPService.exe [468264]
    [MD5.0D392EDE3B97E0B3131B2F63EF1DB94E] - (.Microsoft Corporation - Windows Defender User Interface.) -- C:\Program Files\Windows Defender\MSASCui.exe [1008184]
    [MD5.F7CF218E5CAA6FC0BB55791AD31E2B3F] - (. Hewlett-Packard Development Company, L.P. - Quick Launch Buttons.) -- C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe [202032]
    [MD5.52DB6CDAC5BC7A1FC884E97C41C91213] - (.Sun Microsystems, Inc. - Java(TM) Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe [248040]
    [MD5.21293443961A4E2597453EE7A9347F22] - (.Hewlett-Packard - hpwuSchd Application.) -- C:\Program Files\HP\HP Software Update\hpwuSchd2.exe [54840]
    [MD5.8CB896C573FD15AE8B13180DA53E93D2] - (.Hewlett-Packard Development Company, L.P. - HPWAMain Module.) -- C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [488752]
    [MD5.882539219B40107D5BC0557E0088DD79] - (.ScanSoft, Inc. - OCR Aware (32-bit).) -- C:\Program Files\ScanSoft\OmniPageSE2.0\opwareSE2.exe [49152]
    [MD5.FC9E59FE8BC4FE05382CFF5C8FC59DE1] - (.Adobe Systems Incorporated - Adobe Photoshop Album Starter Edition 3.2 c.) -- C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe [63712]
    [MD5.E7CF222185411C6A3E68273C452B3283] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe [3493720]
    [MD5.4A9295C9BE22739D030AB072E9A0B169] - (.Hewlett-Packard Company - Pas de description.) -- C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe [2363392]
    [MD5.055713CD9E0C6AAC46AFBB3A5B95EF75] - (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe [912344]
    [MD5.8D07F0687318214A3CEF62EA1048D101] - (.Hewlett-Packard Development Company, L.P. - Module to process WiFi messages..) -- C:\Program Files\Hewlett-Packard\HP wireless Assistant\WiFiMsg.EXE [316720]
    [MD5.55B35599E4B8C20904CF6BE6F50A1F8D] - (.Mozilla Corporation - Plugin Container for Firefox.) -- C:\Program Files\Mozilla Firefox\plugin-container.exe [16856]
    [MD5.1EDC4865C8003A0251956835273904B1] - (.Pas de propriétaire - HpqToaster Module.) -- C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe [685360]
    [MD5.A8AD97956A0F4408CB3AA03EDD2B8BC1] - (.Synaptics, Inc. - Synaptics Pointing Device Helper.) -- C:\Program Files\Synaptics\SynTP\SynTPHelper.exe [103720]
    [MD5.62BB79160F86CD962F312C68C6239BFD] - (.Microsoft Corporation - Windows Update.) -- C:\Windows\system32\wuauclt.exe [53472]
    [MD5.5FE2221EC55549B52427BF37E9173E47] - (.Nicolas Coolman - Diagnostic Tool.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [656384]



    ---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
    C:\Users\Anne Marie & Kazimir\AppData\Roaming\Mozilla\Firefox\Profiles\snymed6a.default\prefs.js
    M3 - MFPP: Plugins - [Anne Marie & Kazimir] -- C:\Program Files\Mozilla FireFox\searchplugins\amazon-france.xml
    M3 - MFPP: Plugins - [Anne Marie & Kazimir] -- C:\Program Files\Mozilla FireFox\searchplugins\babylon.xml
    M3 - MFPP: Plugins - [Anne Marie & Kazimir] -- C:\Program Files\Mozilla FireFox\searchplugins\cnrtl-tlfi-fr.xml
    M3 - MFPP: Plugins - [Anne Marie & Kazimir] -- C:\Program Files\Mozilla FireFox\searchplugins\eBay-france.xml
    M3 - MFPP: Plugins - [Anne Marie & Kazimir] -- C:\Program Files\Mozilla FireFox\searchplugins\google.xml
    M3 - MFPP: Plugins - [Anne Marie & Kazimir] -- C:\Program Files\Mozilla FireFox\searchplugins\wikipedia-fr.xml
    M3 - MFPP: Plugins - [Anne Marie & Kazimir] -- C:\Program Files\Mozilla FireFox\searchplugins\yahoo-france.xml
    P2 - FPN:Firefox Plugin Navigator . (.Sun Microsystems, Inc. - NPRuntime Script Plug-in Library for Java(TM) Deploy.) -- C:\Program Files\Mozilla Firefox\Plugins\npdeploytk.dll
    P2 - FPN:Firefox Plugin Navigator . (.Myriad Software. - Myriad music plug-in.) -- C:\Program Files\Mozilla Firefox\Plugins\NPMyrMus.dll
    P2 - FPN:Firefox Plugin Navigator . (.mozilla.org - Default Plug-in.) -- C:\Program Files\Mozilla Firefox\Plugins\npnul32.dll
    P2 - FPN:Firefox Plugin Navigator . (.Microsoft Corporation - Office Plugin for Netscape Navigator.) -- C:\Program Files\Mozilla Firefox\Plugins\NPOFFICE.DLL
    P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (...) -- C:\Windows\system32\Macromed\Flash\NPSWF32.dll
    P2 - FPN: [HKLM] [@adobe.com/ShockwavePlayer] - (.Adobe Systems, Inc. - Adobe Shockwave for Director Netscape plug-in, version 11.0.) -- C:\Windows\system32\Adobe\Director\np32dsw.dll
    P2 - FPN: [HKLM] [@Google.com/GoogleEarthPlugin] - (.Google - GEPlugin.) -- C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
    P2 - FPN: [HKLM] [@microsoft.com/WPF,version=3.5] - (.Microsoft Corporation - Windows Presentation Foundation (WPF) plug-in for Mozilla browsers.) -- c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
    P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=3] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.3.21.57\npGoogleUpdate3.dll
    P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=9] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.3.21.57\npGoogleUpdate3.dll
    M0 - MFSP: prefs.js [Anne Marie & Kazimir - snymed6a.default] http://webmail1m.orange.fr/webmail/fr_FR/inbox.html?Fro...
    M2 - MFEP: prefs.js [Anne Marie & Kazimir - snymed6a.default\{20a82645-c095-46ed-80e3-08825760534b}] [MicrosoftCG] Microsoft .NET Framework Assistant v1.2.1 (.Microsoft.)



    ---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
    C:\Users\Anne Marie & Kazimir\AppData\Local\Google\Chrome\User Data\Default\Preferences
    G1 - GCS: Preference [User Data\Default] None
    G0 - GCSP: Preference [User Data\Default][HomePage] http://www.google.com



    ---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.babylon.com
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com
    R0 - HKUS\S-1-5-21-3667748493-759345943-3375673806-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.babylon.com
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
    R1 - HKUS\S-1-5-21-3667748493-759345943-3375673806-1000\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com
    R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Internet Explorer.) (8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)) -- C:\Windows\system32\ieframe.dll



    ---\\ Internet Explorer, Proxy Management (R5)
    R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
    R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
    R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
    R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
    R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll



    ---\\ ---\\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2)
    F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe,
    F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"



    ---\\ Browser Helper Objects de navigateur (O2)
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: AOL Toolbar BHO - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} Clé orpheline
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre6\bin\jp2ssv.dll



    ---\\ Internet Explorer Toolbars (O3)
    O3 - Toolbar: (no name) - {DE9C389F-3316-41A7-809B-AA305ED9D922} . (...) -- (.not file.)
    O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} . (.Pas de propriétaire - Easy-WebPrint.) -- C:\Program Files\Canon\Easy-WebPrint\Toolband.dll



    ---\\ ---\\ Applications démarrées par registre & par dossier (O4)
    O4 - HKLM\..\Run: [SynTPEnh] . (.Synaptics, Inc. - Synaptics TouchPad Enhancements.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    O4 - HKLM\..\Run: [QPService] . (.CyberLink Corp. - HP QuickPlay Resident Program.) -- C:\Program Files\HP\QuickPlay\QPService.exe
    O4 - HKLM\..\Run: [UpdateLBPShortCut] . (.CyberLink Corp. - StartMen Application.) -- C:\Program Files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe
    O4 - HKLM\..\Run: [UpdatePSTShortCut] Clé orpheline
    O4 - HKLM\..\Run: [UCam_Menu] . (.CyberLink Corp. - StartMen Application.) -- C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe
    O4 - HKLM\..\Run: [Windows Defender] . (.Microsoft Corporation - Windows Defender User Interface.) -- C:\Program Files\Windows Defender\MSASCui.exe
    O4 - HKLM\..\Run: [QlbCtrl.exe] . (. Hewlett-Packard Development Company, L.P. - Quick Launch Buttons.) -- C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe
    O4 - HKLM\..\Run: [UpdateP2GoShortCut] . (.CyberLink Corp. - StartMen Application.) -- C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe
    O4 - HKLM\..\Run: [UpdatePDIRShortCut] . (.CyberLink Corp. - StartMen Application.) -- C:\Program Files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] . (.Sun Microsystems, Inc. - Java(TM) Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe
    O4 - HKLM\..\Run: [HP Software Update] . (.Hewlett-Packard - hpwuSchd Application.) -- C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
    O4 - HKLM\..\Run: [hpWirelessAssistant] . (.Hewlett-Packard Development Company, L.P. - HPWAMain Module.) -- C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
    O4 - HKLM\..\Run: [NBKeyScan] . (.Nero AG - Nero BackItUp.) -- C:\Program Files\Nero\Nero BackItUp 4\NBKeyScan.exe
    O4 - HKLM\..\Run: [OpwareSE2] . (.ScanSoft, Inc. - OCR Aware (32-bit).) -- C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe
    O4 - HKLM\..\Run: [OPSE reminder] . (...) -- C:\Program Files\ScanSoft\OmniPageSE2.0\EregFre\Ereg.exe
    O4 - HKLM\..\Run: [NvCplDaemon] . (.NVIDIA Corporation - NVIDIA Display Properties Extension.) -- C:\Windows\system32\NvCpl.dll
    O4 - HKLM\..\Run: [Adobe Photo Downloader] . (.Adobe Systems Incorporated - Adobe Photoshop Album Starter Edition 3.2 c.) -- C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe
    O4 - HKLM\..\Run: [avast5] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\Alwil Software\Avast5\avastUI.exe
    O4 - HKCU\..\Run: [LightScribe Control Panel] . (.Hewlett-Packard Company - Pas de description.) -- C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
    O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
    O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] oobefldr.dll
    O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
    O4 - HKUS\S-1-5-20\..\Run: [WindowsWelcomeCenter] oobefldr.dll
    O4 - HKUS\S-1-5-21-3667748493-759345943-3375673806-1000\..\Run: [LightScribe Control Panel] . (.Hewlett-Packard Company - Pas de description.) -- C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe



    ---\\ ---\\ Autres liens utilisateurs (O4)
    O4 - Global Startup: C:\Users\Anne Marie & Kazimir\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe
    O4 - Global Startup: C:\Users\Anne Marie & Kazimir\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Mail.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Mail\WinMail.exe
    O4 - Global Startup: C:\Users\Anne Marie & Kazimir\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Media Player\wmplayer.exe
    O4 - Global Startup: C:\Users\Anne Marie & Kazimir\Desktop\Explorateur.lnk . (.Microsoft Corporation.) -- C:\Windows\explorer.exe
    O4 - Global Startup: C:\Users\Anne Marie & Kazimir\Desktop\FILM.lnk . (...) -- C:\Users\Anne Marie & Kazimir\Videos
    O4 - Global Startup: C:\Users\Anne Marie & Kazimir\Desktop\Internet Explorer.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe
    O4 - Global Startup: C:\Users\Anne Marie & Kazimir\Desktop\MUSIC Vidéo.lnk . (...) -- C:\Users\Anne Marie & Kazimir\Music
    O4 - Global Startup: C:\Users\Anne Marie & Kazimir\Desktop\PhotoFiltre.lnk . (.Antonio Da Cruz.) -- C:\Program Files\PhotoFiltre\PhotoFiltre.exe
    O4 - Global Startup: C:\Users\Anne Marie & Kazimir\Desktop\Photos JOJO.lnk . (...) -- C:\Users\Anne Marie & Kazimir\Pictures\Photos JOJO
    O4 - Global Startup: C:\Users\Anne Marie & Kazimir\Desktop\PHOTOS.lnk . (...) -- C:\Users\Anne Marie & Kazimir\Pictures
    O4 - Global Startup: C:\Users\Anne Marie & Kazimir\Desktop\Téléchargement.lnk . (...) -- C:\Users\Anne Marie & Kazimir\Downloads
    O4 - Global Startup: C:\Users\Anne Marie & Kazimir\Desktop\Word.lnk . (...) -- C:\Windows\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\wordicon.exe
    O4 - Global Startup: C:\Users\Anne Marie & Kazimir\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\CCleaner.lnk . (.Piriform Ltd.) -- C:\Program Files\CCleaner\CCleaner.exe
    O4 - Global Startup: C:\Users\Anne Marie & Kazimir\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk . (.Google Inc..) -- C:\Program Files\Google\Chrome\Application\chrome.exe
    O4 - Global Startup: C:\Users\Anne Marie & Kazimir\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe
    O4 - Global Startup: C:\Users\Anne Marie & Kazimir\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox (2).lnk . (.Mozilla Corporation.) -- C:\Program Files\Mozilla Firefox\firefox.exe
    O4 - Global Startup: C:\Users\Anne Marie & Kazimir\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox (3).lnk . (.Mozilla Corporation.) -- C:\Program Files\Mozilla Firefox\firefox.exe
    O4 - Global Startup: C:\Users\Anne Marie & Kazimir\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk . (.Mozilla Corporation.) -- C:\Program Files\Mozilla Firefox\firefox.exe
    O4 - Global Startup: C:\Users\Anne Marie & Kazimir\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\vlc.lnk . (...) -- C:\Program Files\VideoLAN\VLC\vlc.exe
    O4 - Global Startup: C:\Users\Anne Marie & Kazimir\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Windows Explorer.lnk . (.Microsoft Corporation.) -- C:\Windows\explorer.exe
    O4 - Global Startup: C:\Users\Anne Marie & Kazimir\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Media Player\wmplayer.exe
    O4 - Global Startup: C:\Users\Anne Marie & Kazimir\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Word.lnk . (...) -- C:\Windows\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\wordicon.exe



    ---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8)
    O8 - Extra context menu item: &Recherche AOL Toolbar . (...) -- C:\ProgramData\AOL\ieToolbar\resources\fr-FR\local\search.html
    O8 - Extra context menu item: E&xporter vers Microsoft Excel . (.Microsoft Corporation - Microsoft Office Excel.) -- C:\PROGRA~1\MICROS~1\OFFICE11\EXCEL.exe
    O8 - Extra context menu item: Easy-WebPrint Ajouter à la liste d'impressions . (.Pas de propriétaire - Module de ressources Easy-WebPrint - Français.) -- C:\Program Files\Canon\Easy-WebPrint\Resource.dll
    O8 - Extra context menu item: Easy-WebPrint Impression rapide . (.Pas de propriétaire - Module de ressources Easy-WebPrint - Français.) -- C:\Program Files\Canon\Easy-WebPrint\Resource.dll
    O8 - Extra context menu item: Easy-WebPrint Imprimer . (.Pas de propriétaire - Module de ressources Easy-WebPrint - Français.) -- C:\Program Files\Canon\Easy-WebPrint\Resource.dll
    O8 - Extra context menu item: Easy-WebPrint Prévisualiser . (.Pas de propriétaire - Module de ressources Easy-WebPrint - Français.) -- C:\Program Files\Canon\Easy-WebPrint\Resource.dll



    ---\\ Winsock hijacker (Layered Service Provider) (O10)
    O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll
    O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d'affectation de noms de messagerie.) -- C:\Windows\system32\napinsp.dll
    O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
    O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
    O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\Windows\system32\mswsock.dll
    O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll



    ---\\ Internet Explorer Plugins (O12)
    O12 - Plugin for .mu3 - C:\Program Files\Internet Explorer\Plugins\NPMyrMus.dll
    O12 - Plugin for .mus - C:\Program Files\Internet Explorer\Plugins\NPMyrMus.dll
    O12 - Plugin for .mxl - C:\Program Files\Internet Explorer\Plugins\NPMyrMus.dll
    O12 - Plugin for .mya - C:\Program Files\Internet Explorer\Plugins\NPMyrMus.dll
    O12 - Plugin for .myr - C:\Program Files\Internet Explorer\Plugins\NPMyrMus.dll
    O12 - Plugin for .myt - C:\Program Files\Internet Explorer\Plugins\NPMyrMus.dll
    O12 - Plugin for .xmz - C:\Program Files\Internet Explorer\Plugins\NPMyrMus.dll



    ---\\ Modification Domaine/Adresses DNS (O17)
    O17 - HKLM\System\CCS\Services\Tcpip\..\{03FAD5A8-21C4-439A-B25E-C3B6EABBDD74}: DhcpNameServer = 192.168.1.1
    O17 - HKLM\System\CCS\Services\Tcpip\..\{2987034A-1064-4CAF-AE03-9FAAFC468351}: DhcpNameServer = 192.168.1.254
    O17 - HKLM\System\CS1\Services\Tcpip\..\{03FAD5A8-21C4-439A-B25E-C3B6EABBDD74}: DhcpNameServer = 192.168.1.1
    O17 - HKLM\System\CS1\Services\Tcpip\..\{2987034A-1064-4CAF-AE03-9FAAFC468351}: DhcpNameServer = 192.168.1.254
    O17 - HKLM\System\CS2\Services\Tcpip\..\{03FAD5A8-21C4-439A-B25E-C3B6EABBDD74}: DhcpNameServer = 192.168.1.1
    O17 - HKLM\System\CS2\Services\Tcpip\..\{2987034A-1064-4CAF-AE03-9FAAFC468351}: DhcpNameServer = 192.168.1.254
    O17 - HKLM\System\CS3\Services\Tcpip\..\{03FAD5A8-21C4-439A-B25E-C3B6EABBDD74}: DhcpNameServer = 192.168.1.1
    O17 - HKLM\System\CS3\Services\Tcpip\..\{2987034A-1064-4CAF-AE03-9FAAFC468351}: DhcpNameServer = 192.168.1.254
    O17 - HKLM\System\CCS\Services\Tcpip\..\{2987034A-1064-4CAF-AE03-9FAAFC468351}: DhcpDomain = lan
    O17 - HKLM\System\CS1\Services\Tcpip\..\{2987034A-1064-4CAF-AE03-9FAAFC468351}: DhcpDomain = lan
    O17 - HKLM\System\CS2\Services\Tcpip\..\{2987034A-1064-4CAF-AE03-9FAAFC468351}: DhcpDomain = lan
    O17 - HKLM\System\CS3\Services\Tcpip\..\{2987034A-1064-4CAF-AE03-9FAAFC468351}: DhcpDomain = lan
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1



    ---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
    O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} . (.Microsoft Corporation - Contrôleur de site Web.) -- C:\Windows\System32\webcheck.dll



    ---\\ Clé de Registre autorun SharedTaskScheduler (STS) (O22)
    O22 - SharedTaskScheduler: (no name) - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\Windows\system32\browseui.dll



    ---\\ Liste des services NT non Microsoft et non désactivés (O23)
    O23 - Service: avast! Antivirus (avast! Antivirus) . (.AVAST Software - avast! Service.) - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
    O23 - Service: Service Google Update (gupdate) (gupdate) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files\Google\Update\GoogleUpdate.exe
    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) . (.Hewlett-Packard Company - LightScribe Service.) - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
    O23 - Service: Nero BackItUp Scheduler 4.0 (Nero BackItUp Scheduler 4.0) . (.Nero AG - Nero BackItUp.) - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
    O23 - Service: Norton Internet Security (Norton Internet Security) . (...) - C:\Program Files\Norton Internet Security\Engine\16.0.0.125\ccSvcHst.exe (.not file.)
    O23 - Service: NVIDIA Display Driver Service (nvsvc) . (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 186.4.) - C:\Windows\system32\nvvsvc.exe
    O23 - Service: PLFlash DeviceIoControl Service (PLFlash DeviceIoControl Service) . (.Prolific Technology Inc. - PLFlash DeviceIoControl Service.) - C:\Program Files\Nero\Nero BackItUp 4\IoctlSvc.exe
    O23 - Service: Recovery Service for Windows (Recovery Service for Windows) . (.Pas de propriétaire - STServices.) - C:\Program Files\SMINST\BLService.exe
    O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) . (.Pas de propriétaire - RichVideo Module.) - C:\Program Files\CyberLink\Shared files\RichVideo.exe
    O23 - Service: XAudioService (XAudioService) . (.Conexant Systems, Inc. - Modem Audio Service.) - C:\Windows\system32\DRIVERS\xaudio.exe



    ---\\ Enumération Active Desktop & MHTML Editor (O24)
    O24 - Default MHTML Editor: Last - .(...) - C:\Program Files\Microsoft Office\Office12\WINWORD.exe (.not file.)



    ---\\ Tâches planifiées en automatique (O39)
    O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
    O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
    [MD5.8F0DE4FEF8201E306F9938B0905AC96A] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) -- C:\Program Files\Google\Update\GoogleUpdate.exe
    [MD5.8F0DE4FEF8201E306F9938B0905AC96A] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) -- C:\Program Files\Google\Update\GoogleUpdate.exe



    ---\\ Pilotes lancés au démarrage (O41)
    O41 - Driver: (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\Windows\system32\drivers\afd.sys
    O41 - Driver: (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\System32\DRIVERS\cdrom.sys
    O41 - Driver: C:\Windows\system32\drivers\dfsc.sys (DfsC) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\System32\Drivers\dfsc.sys
    O41 - Driver: (i8042prt) . (.Microsoft Corporation - Pilote de port i8042.) - C:\Windows\System32\DRIVERS\i8042prt.sys
    O41 - Driver: (kbdclass) . (.Microsoft Corporation - Pilote de la classe Clavier.) - C:\Windows\System32\DRIVERS\kbdclass.sys
    O41 - Driver: (kbdhid) . (.Microsoft Corporation - Pilote de filtre clavier HID.) - C:\Windows\System32\DRIVERS\kbdhid.sys
    O41 - Driver: (mouclass) . (.Microsoft Corporation - Pilote de la classe Souris.) - C:\Windows\System32\DRIVERS\mouclass.sys
    O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\System32\DRIVERS\netbios.sys
    O41 - Driver: (netbt) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\System32\DRIVERS\netbt.sys
    O41 - Driver: (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\System32\drivers\nsiproxy.sys
    O41 - Driver: C:\Windows\system32\drivers\pacer.sys (PSched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\Windows\System32\DRIVERS\pacer.sys
    O41 - Driver: (RasAcd) . (.Microsoft Corporation - RAS Automatic Connection Driver.) - C:\Windows\System32\DRIVERS\rasacd.sys
    O41 - Driver: (rdbss) . (.Microsoft Corporation - Redirected Drive Buffering SubSystem Driver.) - C:\Windows\System32\DRIVERS\rdbss.sys
    O41 - Driver: (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\DRIVERS\RDPCDD.sys
    O41 - Driver: (RDPENCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\drivers\rdpencdd.sys
    O41 - Driver: C:\Windows\system32\tcpipcfg.dll (Smb) . (.Microsoft Corporation - SMB Transport driver.) - C:\Windows\System32\DRIVERS\smb.sys
    O41 - Driver: (SRTSP) . (. - .) - C:\Windows\system32\drivers\NIS\1000000.07D\SRTSP.sys (.not file.)
    O41 - Driver: (SRTSPX) . (. - .) - C:\Windows\system32\drivers\NIS\1000000.07D\SRTSPX.sys (.not file.)
    O41 - Driver: C:\Windows\system32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\System32\DRIVERS\tdx.sys
    O41 - Driver: (TermDD) . (.Microsoft Corporation - Terminal Server Driver.) - C:\Windows\System32\DRIVERS\termdd.sys
    O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\Windows\system32\drivers\vga.sys
    O41 - Driver: (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\System32\DRIVERS\wanarp.sys



    ---\\ Logiciels installés (O42)
    O42 - Logiciel: Activation Assistant for the 2007 Microsoft Office suites - (.Microsoft Corporation.) [HKLM] -- Activation Assistant for the 2007 Microsoft Office suites
    O42 - Logiciel: ActiveCheck component for HP Active Support Library - (.Hewlett-Packard.) [HKLM] -- {254C37AA-6B72-4300-84F6-98A82419187E}
    O42 - Logiciel: Adobe Flash Player 10 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX
    O42 - Logiciel: Adobe Flash Player 10 Plugin - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player Plugin
    O42 - Logiciel: Adobe Reader 9 - Français - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-1036-7B44-A90000000001}
    O42 - Logiciel: Adobe Shockwave Player - (.Adobe Systems, Inc..) [HKLM] -- {AD72CFB4-C2BF-424E-9DF0-C7BAD1F30A11}
    O42 - Logiciel: Adobe® Photoshop® Album Starter Edition 3.2 - (.http://www.adobe.com.) [HKLM] -- Adobe® Photoshop® Album Starter Edition 3.2
    O42 - Logiciel: ArcSoft PhotoStudio 5.5 - (.ArcSoft.) [HKLM] -- {85309D89-7BE9-4094-BB17-24999C6118FC}
    O42 - Logiciel: Atheros Driver Installation Program - (.Atheros.) [HKLM] -- {C3A32068-8AB1-4327-BB16-BED9C6219DC7}
    O42 - Logiciel: Batch PPTX to PPT Converter 2009 - (.Batchwork Software.) [HKLM] -- {E6358333-B89B-4243-8477-647C9360B5D9}_is1
    O42 - Logiciel: CCleaner - (.Piriform.) [HKLM] -- CCleaner
    O42 - Logiciel: Canon Inkjet Printer Driver Add-On Module - (.Pas de propriétaire.) [HKLM] -- CANONIJINBOXADDON100
    O42 - Logiciel: Canon MP Navigator 2.0 - (.Pas de propriétaire.) [HKLM] -- MP Navigator 2.0
    O42 - Logiciel: Canon MP150 - (.Pas de propriétaire.) [HKLM] -- {CA9A3609-3ECC-4574-8824-A8161A71A603}
    O42 - Logiciel: Canon Utilities Easy-LayoutPrint - (.Pas de propriétaire.) [HKLM] -- Easy-LayoutPrint
    O42 - Logiciel: Canon Utilities Easy-PhotoPrint - (.Pas de propriétaire.) [HKLM] -- Easy-PhotoPrint
    O42 - Logiciel: Cisco EAP-FAST Module - (.Cisco Systems, Inc..) [HKLM] -- {415B2719-AD3A-4944-B404-C472DB6085B3}
    O42 - Logiciel: Cisco LEAP Module - (.Cisco Systems, Inc..) [HKLM] -- {83770D14-21B9-44B3-8689-F7B523F94560}
    O42 - Logiciel: Cisco PEAP Module - (.Cisco Systems, Inc..) [HKLM] -- {669C7BD8-DAA2-49B6-966C-F1E2AAE6B17E}
    O42 - Logiciel: Compatibility Pack for the 2007 Office system - (.Microsoft Corporation.) [HKLM] -- {90120000-0020-0409-0000-0000000FF1CE}
    O42 - Logiciel: Conexant HD Audio - (.Conexant.) [HKLM] -- CNXT_AUDIO_HDA
    O42 - Logiciel: CyberLink DVD Suite - (.CyberLink Corp..) [HKLM] -- InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}
    O42 - Logiciel: CyberLink DVD Suite - (.CyberLink Corp..) [HKLM] -- {1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}
    O42 - Logiciel: CyberLink YouCam - (.CyberLink Corp..) [HKLM] -- InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}
    O42 - Logiciel: CyberLink YouCam - (.CyberLink Corp..) [HKLM] -- {01FB4998-33C4-4431-85ED-079E3EEFE75D}
    O42 - Logiciel: ESU for Microsoft Vista - (.Hewlett-Packard.) [HKLM] -- {3877C901-7B90-4727-A639-B6ED2DD59D43}
    O42 - Logiciel: Easy-WebPrint - (.Pas de propriétaire.) [HKLM] -- Easy-WebPrint
    O42 - Logiciel: Google Chrome - (.Google Inc..) [HKLM] -- Google Chrome
    O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
    O42 - Logiciel: Google Earth - (.Google.) [HKLM] -- {4286E640-B5FB-11DF-AC4B-005056C00008}
    O42 - Logiciel: HP Customer Experience Enhancements - (.Hewlett-Packard.) [HKLM] -- {57A5AEC1-97FC-474D-92C4-908FCC2253D4}
    O42 - Logiciel: HP DVD Play 3.7 - (.Hewlett-Packard.) [HKLM] -- {45D707E9-F3C4-11D9-A373-0050BAE317E1}
    O42 - Logiciel: HP Doc Viewer - (.Hewlett-Packard.) [HKLM] -- {082702D5-5DD8-4600-BCE5-48B15174687F}
    O42 - Logiciel: HP Quick Launch Buttons 6.40 H2 - (.Hewlett-Packard.) [HKLM] -- {34D2AB40-150D-475D-AE32-BD23FB5EE355}
    O42 - Logiciel: HP Update - (.Hewlett-Packard.) [HKLM] -- {C8FD5BC1-92EF-4C15-92A9-F9AC7F61985F}
    O42 - Logiciel: HP User Guides 0118 - (.Hewlett-Packard.) [HKLM] -- {B6D0B141-B2BE-4DD0-B08F-B9186F3E36B3}
    O42 - Logiciel: HP Wireless Assistant - (.Hewlett-Packard.) [HKLM] -- {9ADABDDE-9644-461B-9E73-83FA3EFCAB50}
    O42 - Logiciel: HPAsset component for HP Active Support Library - (.Hewlett-Packard.) [HKLM] -- {669D4A35-146B-4314-89F1-1AC3D7B88367}
    O42 - Logiciel: HPNetworkAssistant - (.Hewlett-Packard..) [HKLM] -- {228C6B46-64E2-404E-898A-EF0830603EF4}
    O42 - Logiciel: HPTCSSetup - (.Hewlett-Packard Company.) [HKLM] -- {846DDADA-0239-4B67-A6B1-33658863793B}
    O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB953595
    O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB958484
    O42 - Logiciel: Java(TM) 6 Update 17 - (.Sun Microsystems, Inc..) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F83216017FF}
    O42 - Logiciel: Java(TM) 6 Update 7 - (.Sun Microsystems, Inc..) [HKLM] -- {3248F0A8-6813-11D6-A77B-00B0D0160070}
    O42 - Logiciel: LabelPrint - (.CyberLink Corp..) [HKLM] -- InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}
    O42 - Logiciel: LabelPrint - (.CyberLink Corp..) [HKLM] -- {C59C179C-668D-49A9-B6EA-0121CCFC1243}
    O42 - Logiciel: LightScribe System Software 1.14.17.1 - (.LightScribe.) [HKLM] -- {0E7DBD52-B097-4F2B-A7C7-F105B0D20FDB}
    O42 - Logiciel: MSXML 4.0 SP2 (KB954430) - (.Microsoft Corporation.) [HKLM] -- {86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
    O42 - Logiciel: MSXML 4.0 SP2 (KB973688) - (.Microsoft Corporation.) [HKLM] -- {F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
    O42 - Logiciel: Microsoft .NET Framework 3.5 Language Pack SP1 - fra - (.Microsoft Corporation.) [HKLM] -- {3E31821C-7917-367E-938E-E65FC413EA31}
    O42 - Logiciel: Microsoft .NET Framework 3.5 SP1 - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 3.5 SP1
    O42 - Logiciel: Microsoft .NET Framework 3.5 SP1 - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
    O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Client Profile
    O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}
    O42 - Logiciel: Microsoft .NET Framework 4 Client Profile FRA Language Pack - (.Microsoft Corporation.) [HKLM] -- {0F5B4A82-9DAF-3D13-8CB8-AEB25E4A614E}
    O42 - Logiciel: Microsoft Office PowerPoint Viewer 2007 (English) - (.Microsoft Corporation.) [HKLM] -- {95120000-00AF-0409-0000-0000000FF1CE}
    O42 - Logiciel: Microsoft Office PowerPoint Viewer 2007 (French) - (.Microsoft Corporation.) [HKLM] -- {95120000-00AF-040C-0000-0000000FF1CE}
    O42 - Logiciel: Microsoft Office Professional Edition 2003 - (.Microsoft Corporation.) [HKLM] -- {9011040C-6000-11D3-8CFE-0150048383C9}
    O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable - (.Microsoft Corporation.) [HKLM] -- {7299052b-02a4-4627-81f2-1818da5d550d}
    O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 - (.Microsoft Corporation.) [HKLM] -- {1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
    O42 - Logiciel: Module de compatibilité pour Microsoft Office System 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0020-040C-0000-0000000FF1CE}
    O42 - Logiciel: Module linguistique Microsoft .NET Framework 3.5 SP1- fra - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 3.5 Language Pack SP1 - fra
    O42 - Logiciel: Module linguistique Microsoft .NET Framework 4 Client Profile FRA - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Client Profile FRA Language Pack
    O42 - Logiciel: Mozilla Firefox (3.6.18) - (.Mozilla.) [HKLM] -- Mozilla Firefox (3.6.18)
    O42 - Logiciel: NVIDIA Drivers - (.NVIDIA Corporation.) [HKLM] -- NVIDIA Drivers
    O42 - Logiciel: Nero BackItUp 4 Essentials - (.Nero AG.) [HKLM] -- {c11779bc-b11e-4dfa-9e34-c2905300a5a7}
    O42 - Logiciel: NetWaiting - (.BVRP Software, Inc.) [HKLM] -- {3F92ABBB-6BBF-11D5-B229-002078017FBF}
    O42 - Logiciel: ODF Add-in for Microsoft Office - (.OpenXML/ODF Translator Team.) [HKLM] -- {2BC21CD2-8053-406A-80F6-9AB61717B49D}
    O42 - Logiciel: PVSonyDll - (.NVIDIA Corporation.) [HKLM] -- {3D3E663D-4E7E-4577-A560-7ECDDD45548A}
    O42 - Logiciel: PhotoFiltre - (.Pas de propriétaire.) [HKCU] -- PhotoFiltre
    O42 - Logiciel: Power2Go - (.CyberLink Corp..) [HKLM] -- InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}
    O42 - Logiciel: Power2Go - (.CyberLink Corp..) [HKLM] -- {40BF1E83-20EB-11D8-97C5-0009C5020658}
    O42 - Logiciel: PowerDirector - (.CyberLink Corp..) [HKLM] -- InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}
    O42 - Logiciel: PowerDirector - (.CyberLink Corp..) [HKLM] -- {CB099890-1D5F-11D5-9EA9-0050BAE317E1}
    O42 - Logiciel: Realtek USB 2.0 Card Reader - (.Realtek Semiconductor Corp..) [HKLM] -- {DC24971E-1946-445D-8A82-CE685433FA7D}
    O42 - Logiciel: Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB2416473
    O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2446708
    O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2478663
    O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2518870
    O42 - Logiciel: Security Update for Module linguistique Microsoft .NET Framework 4 Client Profile FRA (KB2478663) - (.Microsoft Corporation.) [HKLM] -- {0F5B4A82-9DAF-3D13-8CB8-AEB25E4A614E}.KB2478663
    O42 - Logiciel: Security Update for Module linguistique Microsoft .NET Framework 4 Client Profile FRA (KB2518870) - (.Microsoft Corporation.) [HKLM] -- {0F5B4A82-9DAF-3D13-8CB8-AEB25E4A614E}.KB2518870
    O42 - Logiciel: Shared Add-in Extensibility Update for Microsoft .NET Framework 2.0 (KB908002) - (.Microsoft.) [HKLM] -- {09959E11-AD5D-408E-96AF-E3346954D6B8}
    O42 - Logiciel: Shared Add-in Support Update for Microsoft .NET Framework 2.0 (KB908002) - (.Microsoft.) [HKLM] -- {64F3B15C-24C7-4B2B-9B72-65CCBBD7F06B}
    O42 - Logiciel: Synaptics Pointing Device Driver - (.Synaptics.) [HKLM] -- SynTPDeinstKey
    O42 - Logiciel: Update for Microsoft .NET Framework 3.5 SP1 (KB963707) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707
    O42 - Logiciel: VisiPPT - (.VisiFly.) [HKLM] -- VisiPPT_is1
    O42 - Logiciel: avast! Free Antivirus - (.AVAST Software.) [HKLM] -- avast
    O42 - Logiciel: muvee Reveal - (.muvee Technologies Pte Ltd.) [HKLM] -- {DD35C328-F115-BEDA-6EEE-E00C5AACCCBC}

    ---\\ HKCU & HKLM Software Keys
    [HKCU\Software\ALWIL Software]
    [HKCU\Software\AOL]
    [HKCU\Software\AVAST Software]
    [HKCU\Software\AXEL]
    [HKCU\Software\Adobe]
    [HKCU\Software\AppDataLow\Software\Microsoft]
    [HKCU\Software\AppDataLow\Software]
    [HKCU\Software\AppDataLow]
    [HKCU\Software\ArcSoft]
    [HKCU\Software\CanonBJ]
    [HKCU\Software\Canon]
    [HKCU\Software\Classes]
    [HKCU\Software\Clients]
    [HKCU\Software\Corel]
    [HKCU\Software\CyberLink]
    [HKCU\Software\GNU]
    [HKCU\Software\Google]
    [HKCU\Software\Hewlett-Packard]
    [HKCU\Software\JavaSoft]
    [HKCU\Software\Leadertech]
    [HKCU\Software\LightScribe]
    [HKCU\Software\Macromedia]
    [HKCU\Software\MainConcept (Muvee)]
    [HKCU\Software\MozillaPlugins]
    [HKCU\Software\Mozilla]
    [HKCU\Software\NVIDIA Corporation]
    [HKCU\Software\Nero]
    [HKCU\Software\Netscape]
    [HKCU\Software\ODBC]
    [HKCU\Software\OpenXML-ODF Translator]
    [HKCU\Software\Piriform]
    [HKCU\Software\Policies]
    [HKCU\Software\ScanSoft]
    [HKCU\Software\Sony Corporation]
    [HKCU\Software\Synaptics]
    [HKCU\Software\Trolltech]
    [HKCU\Software\VB and VBA Program Settings]
    [HKCU\Software\YahooPartnerToolbar]
    [HKCU\Software\keyhole.com]
    [HKLM\Software\ALWIL Software]
    [HKLM\Software\AVAST Software]
    [HKLM\Software\Adobe]
    [HKLM\Software\America Online]
    [HKLM\Software\ArcSoft]
    [HKLM\Software\Atheros]
    [HKLM\Software\BVRP Software, Inc]
    [HKLM\Software\CXT]
    [HKLM\Software\CanonBJ]
    [HKLM\Software\Canon]
    [HKLM\Software\Classes]
    [HKLM\Software\Clients]
    [HKLM\Software\Conexant Systems Inc ]
    [HKLM\Software\Conexant]
    [HKLM\Software\Cyberlink]
    [HKLM\Software\Debug]
    [HKLM\Software\Devicescape]
    [HKLM\Software\EasyBits]
    [HKLM\Software\Electronic Arts]
    [HKLM\Software\FRANCE TELECOM]
    [HKLM\Software\Google]
    [HKLM\Software\HPQ]
    [HKLM\Software\HP]
    [HKLM\Software\Hewlett-Packard Company]
    [HKLM\Software\Hewlett-Packard]
    [HKLM\Software\InstallShield]
    [HKLM\Software\InstalledOptions]
    [HKLM\Software\Intel]
    [HKLM\Software\JavaSoft]
    [HKLM\Software\JreMetrics]
    [HKLM\Software\LabelPrint_Upgrade]
    [HKLM\Software\LightScribe]
    [HKLM\Software\Macromedia]
    [HKLM\Software\MimarSinan]
    [HKLM\Software\MozillaPlugins]
    [HKLM\Software\Mozilla]
    [HKLM\Software\Myriad Software]
    [HKLM\Software\NVIDIA Corporation]
    [HKLM\Software\Nero]
    [HKLM\Software\ODBC]
    [HKLM\Software\P2G_Upgrade]
    [HKLM\Software\PDR_Upgrade]
    [HKLM\Software\Piriform]
    [HKLM\Software\Policies]
    [HKLM\Software\Product_Upgrade]
    [HKLM\Software\Realtek Semiconductor Corp.]
    [HKLM\Software\Realtek USB 2.0 Card Reader]
    [HKLM\Software\RegisteredApplications]
    [HKLM\Software\ScanSoft]
    [HKLM\Software\Sony Corporation]
    [HKLM\Software\Symantec]
    [HKLM\Software\Synaptics]
    [HKLM\Software\Techcity]
    [HKLM\Software\Volatile]
    [HKLM\Software\WildTangent]
    [HKLM\Software\Wow6432Node]
    [HKLM\Software\mozilla.org]



    ---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
    O43 - CFD: 10/07/2011 - 22:07:50 - [3928113] ----D- C:\Program Files\ZHPDiag
    O43 - CFD: 10/05/2010 - 19:45:42 - [252543776] ----D- C:\Program Files\Adobe
    O43 - CFD: 06/01/2011 - 20:15:48 - [153815753] ----D- C:\Program Files\Alwil Software
    O43 - CFD: 04/12/2009 - 12:29:26 - [25492761] ----D- C:\Program Files\ArcSoft
    O43 - CFD: 08/07/2011 - 10:21:58 - [0] ----D- C:\Program Files\Babylon
    O43 - CFD: 21/10/2009 - 17:59:50 - [868352] ----D- C:\Program Files\Bbox
    O43 - CFD: 05/12/2009 - 11:53:10 - [263211829] ----D- C:\Program Files\Canon
    O43 - CFD: 05/12/2009 - 11:59:16 - [15764602] --H-D- C:\Program Files\CanonBJ
    O43 - CFD: 09/07/2011 - 14:56:58 - [3753504] ----D- C:\Program Files\CCleaner
    O43 - CFD: 24/12/2009 - 14:46:46 - [453249227] ----D- C:\Program Files\Common Files
    O43 - CFD: 08/12/2009 - 15:57:56 - [1024000] ----D- C:\Program Files\CONEXANT
    O43 - CFD: 15/03/2009 - 13:37:44 - [1016271153] ----D- C:\Program Files\CyberLink
    O43 - CFD: 06/08/2009 - 21:46:48 - [0] -SH-D- C:\Program Files\Fichiers communs
    O43 - CFD: 07/10/2010 - 11:44:38 - [500702025] ----D- C:\Program Files\Google
    O43 - CFD: 15/08/2009 - 16:49:30 - [289589780] ----D- C:\Program Files\Hewlett-Packard
    O43 - CFD: 15/03/2009 - 13:32:00 - [94989043] ----D- C:\Program Files\HP
    O43 - CFD: 04/12/2009 - 12:29:24 - [164599832] --H-D- C:\Program Files\InstallShield Installation Information
    O43 - CFD: 17/06/2011 - 08:43:58 - [8928353] ----D- C:\Program Files\Internet Explorer
    O43 - CFD: 08/01/2011 - 13:13:58 - [171680807] ----D- C:\Program Files\Java
    O43 - CFD: 08/12/2009 - 16:02:48 - [4953600] ----D- C:\Program Files\Microsoft Games
    O43 - CFD: 24/12/2009 - 14:54:54 - [253993248] ----D- C:\Program Files\Microsoft Office
    O43 - CFD: 07/10/2010 - 11:30:22 - [146787] ----D- C:\Program Files\Microsoft.NET
    O43 - CFD: 12/08/2010 - 03:20:02 - [20470054] ----D- C:\Program Files\Movie Maker
    O43 - CFD: 08/07/2011 - 10:57:04 - [34704412] ----D- C:\Program Files\Mozilla Firefox
    O43 - CFD: 02/11/2006 - 14:35:52 - [25757] ----D- C:\Program Files\MSBuild
    O43 - CFD: 08/07/2011 - 10:45:36 - [67508057] ----D- C:\Program Files\MSECache
    O43 - CFD: 23/10/2009 - 16:12:34 - [0] ----D- C:\Program Files\MSXML 4.0
    O43 - CFD: 19/10/2009 - 13:34:06 - [92558985] ----D- C:\Program Files\Nero
    O43 - CFD: 13/08/2009 - 19:31:08 - [407115339] ----D- C:\Program Files\Office 2003
    O43 - CFD: 08/07/2011 - 10:50:00 - [19944795] ----D- C:\Program Files\OpenXML-ODF Translator
    O43 - CFD: 10/02/2010 - 13:32:58 - [3688680] ----D- C:\Program Files\PhotoFiltre
    O43 - CFD: 02/11/2006 - 14:35:52 - [38694657] ----D- C:\Program Files\Reference Assemblies
    O43 - CFD: 04/12/2009 - 12:30:42 - [93290210] ----D- C:\Program Files\ScanSoft
    O43 - CFD: 06/08/2009 - 21:55:18 - [28351763] ----D- C:\Program Files\SMINST
    O43 - CFD: 15/03/2009 - 12:56:06 - [14672316] ----D- C:\Program Files\Synaptics
    O43 - CFD: 21/10/2009 - 17:44:50 - [45279] ----D- C:\Program Files\Techcity
    O43 - CFD: 09/07/2011 - 14:49:06 - [405578] ----D- C:\Program Files\Trend Micro
    O43 - CFD: 02/11/2006 - 14:58:20 - [0] --H-D- C:\Program Files\Uninstall Information
    O43 - CFD: 13/08/2009 - 21:52:46 - [65033045] ----D- C:\Program Files\VideoLAN
    O43 - CFD: 24/12/2009 - 14:46:42 - [22030315] ----D- C:\Program Files\VisiFly
    O43 - CFD: 08/12/2009 - 16:03:24 - [1016832] ----D- C:\Program Files\Windows Calendar
    O43 - CFD: 08/12/2009 - 16:03:24 - [2737152] ----D- C:\Program Files\Windows Collaboration
    O43 - CFD: 08/12/2009 - 16:03:18 - [4490624] ----D- C:\Program Files\Windows Defender
    O43 - CFD: 17/06/2011 - 08:39:10 - [8935608] ----D- C:\Program Files\Windows Mail
    O43 - CFD: 14/10/2010 - 11:49:34 - [4498121] ----D- C:\Program Files\Windows Media Player
    O43 - CFD: 06/08/2009 - 21:46:48 - [7957544] ----D- C:\Program Files\Windows NT
    O43 - CFD: 08/12/2009 - 16:03:24 - [8228002] ----D- C:\Program Files\Windows Photo Gallery
    O43 - CFD: 12/12/2009 - 13:36:34 - [134144] ----D- C:\Program Files\Windows Portable Devices
    O43 - CFD: 08/12/2009 - 16:03:24 - [10556187] ----D- C:\Program Files\Windows Sidebar
    O43 - CFD: 10/05/2010 - 19:54:44 - [7048763] ----D- C:\Program Files\Common Files\Adobe
    O43 - CFD: 05/12/2009 - 11:48:46 - [498691] ----D- C:\Program Files\Common Files\Canon
    O43 - CFD: 25/10/2008 - 08:08:14 - [92976] ----D- C:\Program Files\Common Files\DESIGNER
    O43 - CFD: 24/12/2009 - 14:46:46 - [5819536] ----D- C:\Program Files\Common Files\GeoVid
    O43 - CFD: 15/03/2009 - 13:31:58 - [8448409] ----D- C:\Program Files\Common Files\InstallShield
    O43 - CFD: 10/05/2010 - 21:28:46 - [39105117] ----D- C:\Program Files\Common Files\Java
    O43 - CFD: 15/03/2009 - 13:31:46 - [29200078] ----D- C:\Program Files\Common Files\LightScribe
    O43 - CFD: 08/07/2011 - 10:46:18 - [123709480] ----D- C:\Program Files\Common Files\microsoft shared
    O43 - CFD: 15/03/2009 - 13:39:22 - [96751554] ----D- C:\Program Files\Common Files\muvee Technologies
    O43 - CFD: 19/10/2009 - 13:35:40 - [84156949] ----D- C:\Program Files\Common Files\Nero
    O43 - CFD: 04/12/2009 - 12:31:26 - [1243603] ----D- C:\Program Files\Common Files\ScanSoft Shared
    O43 - CFD: 02/11/2006 - 13:18:34 - [2702] ----D- C:\Program Files\Common Files\Services
    O43 - CFD: 02/11/2006 - 13:18:34 - [41101735] ----D- C:\Program Files\Common Files\SpeechEngines
    O43 - CFD: 08/12/2009 - 16:03:24 - [16069634] ----D- C:\Program Files\Common Files\System
    O43 - CFD: 10/05/2010 - 19:45:44 - [209136432] ----D- C:\ProgramData\Adobe
    O43 - CFD: 06/01/2011 - 21:10:18 - [2597016] ----D- C:\ProgramData\Alwil Software
    O43 - CFD: 25/10/2008 - 08:25:04 - [13624086] ----D- C:\ProgramData\AOL
    O43 - CFD: 02/11/2006 - 14:59:46 - [0] -SH-D- C:\ProgramData\Application Data
    O43 - CFD: 15/03/2009 - 12:52:06 - [10760] ----D- C:\ProgramData\Atheros
    O43 - CFD: 06/08/2009 - 21:46:48 - [0] -SH-D- C:\ProgramData\Bureau
    O43 - CFD: 03/12/2009 - 12:57:46 - [10183927] --H-D- C:\ProgramData\CanonBJ
    O43 - CFD: 15/03/2009 - 13:33:10 - [33223] ----D- C:\ProgramData\CyberLink
    O43 - CFD: 02/11/2006 - 14:59:46 - [0] -SH-D- C:\ProgramData\Desktop
    O43 - CFD: 02/11/2006 - 14:59:46 - [0] -SH-D- C:\ProgramData\Documents
    O43 - CFD: 06/08/2009 - 21:46:48 - [0] -SH-D- C:\ProgramData\Favoris
    O43 - CFD: 02/11/2006 - 14:59:46 - [0] -SH-D- C:\ProgramData\Favorites
    O43 - CFD: 24/12/2009 - 14:46:46 - [40590] ----D- C:\ProgramData\GeoVid
    O43 - CFD: 15/03/2009 - 13:39:42 - [36445664] ----D- C:\ProgramData\Hewlett-Packard
    O43 - CFD: 08/12/2009 - 15:29:34 - [710] ----D- C:\ProgramData\LightScribe
    O43 - CFD: 06/08/2009 - 21:46:48 - [0] -SH-D- C:\ProgramData\Menu Démarrer
    O43 - CFD: 22/10/2009 - 22:34:58 - [328404381] -S--D- C:\ProgramData\Microsoft
    O43 - CFD: 15/08/2009 - 16:53:42 - [57028] ----D- C:\ProgramData\Microsoft Help
    O43 - CFD: 06/08/2009 - 21:46:48 - [0] -SH-D- C:\ProgramData\Modèles
    O43 - CFD: 19/10/2009 - 13:33:40 - [3347146] ----D- C:\ProgramData\Nero
    O43 - CFD: 06/08/2009 - 21:57:30 - [155] ----D- C:\ProgramData\Norton
    O43 - CFD: 25/10/2008 - 07:06:20 - [3857166] ----D- C:\ProgramData\NortonInstaller
    O43 - CFD: 26/04/2010 - 10:58:00 - [234118] ----D- C:\ProgramData\NVIDIA
    O43 - CFD: 04/12/2009 - 12:31:26 - [0] ----D- C:\ProgramData\SSScanAppDataDir
    O43 - CFD: 04/12/2009 - 12:31:26 - [0] ----D- C:\ProgramData\SSScanWizard
    O43 - CFD: 02/11/2006 - 14:59:46 - [0] -SH-D- C:\ProgramData\Start Menu
    O43 - CFD: 10/05/2010 - 21:28:48 - [119] ----D- C:\ProgramData\Sun
    O43 - CFD: 15/03/2009 - 13:37:10 - [450915] ----D- C:\ProgramData\Temp
    O43 - CFD: 02/11/2006 - 14:59:46 - [0] -SH-D- C:\ProgramData\Templates
    O43 - CFD: 25/10/2008 - 08:12:02 - [2084513226] ----D- C:\ProgramData\WildTangent
    O43 - CFD: 25/10/2008 - 08:09:24 - [6904815] ----D- C:\ProgramData\{174892B1-CBE7-44F5-86FF-AB555EFD73A3}
    O43 - CFD: 22/10/2009 - 23:33:42 - [4648683] ----D- C:\Users\Anne Marie & Kazimir\AppData\Roaming\ACAMPREF
    O43 - CFD: 10/05/2010 - 19:46:12 - [1984293] ----D- C:\Users\Anne Marie & Kazimir\AppData\Roaming\Adobe
    O43 - CFD: 08/12/2009 - 16:37:26 - [1652] ----D- C:\Users\Anne Marie & Kazimir\AppData\Roaming\ArcSoft
    O43 - CFD: 21/01/2010 - 17:59:42 - [410553] ----D- C:\Users\Anne Marie & Kazimir\AppData\Roaming\Canon
    O43 - CFD: 01/01/2010 - 20:42:20 - [199] ----D- C:\Users\Anne Marie & Kazimir\AppData\Roaming\dvdcss
    O43 - CFD: 24/12/2009 - 14:47:18 - [2297] ----D- C:\Users\Anne Marie & Kazimir\AppData\Roaming\GeoVid
    O43 - CFD: 06/08/2009 - 21:56:02 - [303104] ----D- C:\Users\Anne Marie & Kazimir\AppData\Roaming\Hewlett-Packard
    O43 - CFD: 06/08/2009 - 21:49:48 - [42108] ----D- C:\Users\Anne Marie & Kazimir\AppData\Roaming\HP TCS
    O43 - CFD: 06/08/2009 - 21:55:16 - [0] ----D- C:\Users\Anne Marie & Kazimir\AppData\Roaming\Identities
    O43 - CFD: 10/05/2010 - 21:36:10 - [1112] ----D- C:\Users\Anne Marie & Kazimir\AppData\Roaming\Leadertech
    O43 - CFD: 06/08/2009 - 22:01:30 - [1710] ----D- C:\Users\Anne Marie & Kazimir\AppData\Roaming\Macromedia
    O43 - CFD: 08/07/2011 - 11:06:36 - [3362029] -S--D- C:\Users\Anne Marie & Kazimir\AppData\Roaming\Microsoft
    O43 - CFD: 06/08/2009 - 22:12:24 - [6562462] ----D- C:\Users\Anne Marie & Kazimir\AppData\Roaming\Mozilla
    O43 - CFD: 19/10/2009 - 13:36:34 - [5978] ----D- C:\Users\Anne Marie & Kazimir\AppData\Roaming\Nero
    O43 - CFD: 10/02/2010 - 13:33:04 - [497] ----D- C:\Users\Anne Marie & Kazimir\AppData\Roaming\PhotoFiltre
    O43 - CFD: 04/12/2009 - 12:31:28 - [0] ----D- C:\Users\Anne Marie & Kazimir\AppData\Roaming\ScanSoft
    O43 - CFD: 28/05/2010 - 19:08:42 - [118812224] ----D- C:\Users\Anne Marie & Kazimir\AppData\Roaming\Sony Corporation
    O43 - CFD: 08/08/2010 - 14:33:20 - [3604480] ----D- C:\Users\Anne Marie & Kazimir\AppData\Roaming\U3
    O43 - CFD: 17/05/2010 - 22:00:32 - [750709] ----D- C:\Users\Anne Marie & Kazimir\AppData\Roaming\uTorrent
    O43 - CFD: 24/12/2009 - 14:47:22 - [3154] ----D- C:\Users\Anne Marie & Kazimir\AppData\Roaming\VisiPPT
    O43 - CFD: 13/08/2009 - 21:52:14 - [450450] ----D- C:\Users\Anne Marie & Kazimir\AppData\Roaming\vlc
    O43 - CFD: 10/05/2010 - 20:40:36 - [3375106] ----D- C:\Users\Anne Marie & Kazimir\AppData\Local\Adobe
    O43 - CFD: 06/08/2009 - 22:00:40 - [14340] ----D- C:\Users\Anne Marie & Kazimir\AppData\Local\AOL
    O43 - CFD: 06/08/2009 - 21:47:06 - [0] -SH-D- C:\Users\Anne Marie & Kazimir\AppData\Local\Application Data
    O43 - CFD: 24/12/2009 - 14:59:54 - [3066237] ----D- C:\Users\Anne Marie & Kazimir\AppData\Local\Batchwork
    O43 - CFD: 20/01/2010 - 14:52:56 - [2712216] ----D- C:\Users\Anne Marie & Kazimir\AppData\Local\Google
    O43 - CFD: 06/08/2009 - 21:56:02 - [495] ----D- C:\Users\Anne Marie & Kazimir\AppData\Local\Hewlett-Packard
    O43 - CFD: 06/08/2009 - 21:47:06 - [0] -SH-D- C:\Users\Anne Marie & Kazimir\AppData\Local\Historique
    O43 - CFD: 03/12/2009 - 11:52:26 - [87259339] ----D- C:\Users\Anne Marie & Kazimir\AppData\Local\Microsoft
    O43 - CFD: 06/08/2009 - 22:12:14 - [113555755] ----D- C:\Users\Anne Marie & Kazimir\AppData\Local\Mozilla
    O43 - CFD: 10/07/2011 - 22:05:24 - [33219] ----D- C:\Users\Anne Marie & Kazimir\AppData\Local\Temp
    O43 - CFD: 06/08/2009 - 21:47:06 - [0] -SH-D- C:\Users\Anne Marie & Kazimir\AppData\Local\Temporary Internet Files
    O43 - CFD: 08/12/2009 - 16:37:32 - [452659] ----D- C:\Users\Anne Marie & Kazimir\AppData\Local\VirtualStore



    ---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
    O44 - LFC:[MD5.518F41B957D163DBAEB2E39F01E58409] - 10/07/2011 - 20:57:39 ---A- . (...) -- C:\Windows\System32\PerfStringBackup.INI [1518290]
    O44 - LFC:[MD5.68CA9380A62421C3669739396FE03ED1] - 10/07/2011 - 20:57:39 ---A- . (...) -- C:\Windows\System32\perfc009.dat [110516]
    O44 - LFC:[MD5.FBB624F871A9FFC1024DB6B9DA1A9EA7] - 10/07/2011 - 20:57:39 ---A- . (...) -- C:\Windows\System32\perfc00C.dat [128706]
    O44 - LFC:[MD5.0C8827C5B936AD4018BB89BDCAC99F9C] - 10/07/2011 - 20:57:39 ---A- . (...) -- C:\Windows\System32\perfh009.dat [604832]
    O44 - LFC:[MD5.977A6F961951D9EC4A4498B694B6FF2E] - 10/07/2011 - 20:57:39 ---A- . (...) -- C:\Windows\System32\perfh00C.dat [683414]
    O44 - LFC:[MD5.54EE1200FEFFFFFF57494E444F577E31] - 10/07/2011 - 20:56:35 ---A- . (...) -- C:\Windows\WindowsUpdate.log [1610133]
    O44 - LFC:[MD5.52A87BA88E5C81518C43252789683DE8] - 10/07/2011 - 20:51:09 -S-A- . (...) -- C:\Windows\bootstat.dat [67584]
    O44 - LFC:[MD5.01C47C2ECED034EF6F8C1552A97CFF00] - 09/07/2011 - 13:38:56 ---A- . (...) -- C:\Windows\System32\config.nt [2577]
    O44 - LFC:[MD5.2658AF3FBB06D7B5C731F9CC7CBFC1B3] - 04/07/2011 - 12:43:53 ---A- . (.AVAST Software - avast! Screen Saver stub.) -- C:\Windows\avastSS.scr [40112]
    O44 - LFC:[MD5.C2E576B23D3969989AF90EF76B2979EA] - 04/07/2011 - 12:43:51 ---A- . (.AVAST Software - avast! start-up scanner.) -- C:\Windows\System32\aswBoot.exe [199304]
    O44 - LFC:[MD5.17230708A2028CD995656DF455F2E303] - 04/07/2011 - 12:36:43 ---A- . (.AVAST Software - avast! Virtualization Driver.) -- C:\Windows\System32\drivers\aswSnx.sys [441176]
    O44 - LFC:[MD5.DBEDD9D43B00630966EF05D2D8D04CEE] - 04/07/2011 - 12:36:32 ---A- . (.AVAST Software - avast! self protection module.) -- C:\Windows\System32\drivers\aswSP.sys [309848]
    O44 - LFC:[MD5.984CFCE2168286C2511695C2F9621475] - 04/07/2011 - 12:35:23 ---A- . (.AVAST Software - avast! TDI Filter Driver.) -- C:\Windows\System32\drivers\aswTdi.sys [43608]
    O44 - LFC:[MD5.8DB043BF96BB6D334E5B4888E709E1C7] - 04/07/2011 - 12:32:32 ---A- . (.AVAST Software - avast! TDI RDR Driver.) -- C:\Windows\System32\drivers\aswRdr.sys [25432]
    O44 - LFC:[MD5.FF83C93AEEE8B0CF4B464CA667A67ACD] - 04/07/2011 - 12:32:20 ---A- . (.AVAST Software - avast! File System Minifilter for Windows 2.) -- C:\Windows\System32\drivers\aswMonFlt.sys [54104]
    O44 - LFC:[MD5.861CB512E4E850E87DD2316F88D69330] - 04/07/2011 - 12:32:12 ---A- . (.AVAST Software - avast! File System Access Blocking Driver.) -- C:\Windows\System32\drivers\aswFsBlk.sys [19544]
    O44 - LFC:[MD5.103DACA0A9914AA1390C6387687412FA] - 30/06/2011 - 13:37:04 ---A- . (...) -- C:\Windows\System32\FNTCACHE.DAT [361104]



    ---\\ Contrôle du Safe Boot (CSB) (O49)
    O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\System32\Drivers\sermouse.sys
    O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\System32\Drivers\vga.sys
    O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vgasave.sys . (...) -- C:\Windows\System32\Drivers\vgasave.sys (.not file.)
    O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys
    O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgrx.sys . (.Microsoft Corporation - Volume Manager Extension Driver.) -- C:\Windows\System32\Drivers\volmgrx.sys
    O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\Wdf01000.sys . (.Microsoft Corporation - WDF dynamique.) -- C:\Windows\System32\Drivers\Wdf01000.sys
    O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys . (.Microsoft Corporation - IP Network Address Translator.) -- C:\Windows\System32\Drivers\ipnat.sys
    O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\nsiproxy.sys . (.Microsoft Corporation - NSI Proxy.) -- C:\Windows\System32\Drivers\nsiproxy.sys
    O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpencdd.sys . (.Microsoft Corporation - RDP Miniport.) -- C:\Windows\System32\Drivers\rdpencdd.sys
    O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\System32\Drivers\sermouse.sys
    O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\System32\Drivers\vga.sys
    O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vgasave.sys . (...) -- C:\Windows\System32\Drivers\vgasave.sys (.not file.)
    O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys
    O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgrx.sys . (.Microsoft Corporation - Volume Manager Extension Driver.) -- C:\Windows\System32\Drivers\volmgrx.sys
    O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\Wdf01000.sys . (.Microsoft Corporation - WDF dynamique.) -- C:\Windows\System32\Drivers\Wdf01000.sys



    ---\\ MountPoints2 Shell Key (O51)
    O51 - MPSK:{431a272a-78c2-11df-917f-001f16729c32}\AutoRun\command - Clé orpheline
    O51 - MPSK:{431a272f-78c2-11df-917f-001f16729c32}\AutoRun\command. (...) -- G:\LaunchU3.exe (.not file.)
    O51 - MPSK:{9c7634a3-f24f-11de-a4a4-806e6f6e6963}\AutoRun\command. (...) -- F:\WDSetup.exe (.not file.)
    O51 - MPSK:{9fd107b1-8832-11de-8b76-001f16729c32}\AutoRun\command - Clé orpheline



    ---\\ Trojan Driver Search Data (HKLM) (O52)
    O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\Windows\System32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
    O52 - TDSD: \Drivers32\"vidc.cvid"="iccvid.dll" . (.Radius Inc. - Codec Cinepak®.) -- C:\Windows\System32\iccvid.dll
    O52 - TDSD: \Drivers32\"msacm.l3codecp"="l3codecp.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Audio Layer-3 Codec for MSACM.) -- C:\Windows\System32\l3codecp.acm
    O52 - TDSD: \Drivers32\"vidc.XVID"="xvidvfw.dll" . (...) -- C:\Windows\System32\xvidvfw.dll
    O52 - TDSD: \drivers.desc\"C:\Windows\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
    O52 - TDSD: \drivers.desc\"C:\PROGRA~1\CYBERL~1\Power2Go\CLMP3Enc.ACM"="CyberLink MP3 Encoder" . (...) -- (.not file.)
    O52 - TDSD: \drivers.desc\"xvidvfw.dll"="XviD MPEG-4 Video Codec" . (...) -- C:\Windows\System32\xvidvfw.dll



    ---\\ Microsoft Control Security Providers (O54)
    O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - TS Single Sign On Security Package.) -- C:\Windows\system32\credssp.dll
    O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - TS Single Sign On Security Package.) -- C:\Windows\system32\credssp.dll



    ---\\ Microsoft Windows Policies System (O55)
    O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=2
    O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=1
    O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1
    O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=1
    O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1
    O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1
    O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=1
    O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0
    O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0
    O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=
    O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=
    O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0
    O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1
    O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1
    O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
    O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0



    ---\\ Microsoft Windows Policies Explorer (O56)
    O56 - MWPE:[HKLM\...\policies\Explorer] - "BindDirectlyToPropertySetStorage"=0



    ---\\ Liste des Drivers Système (O58)
    O58 - SDL:[MD5.04F0FCAC69C7C71A3AC4EB97FAFC8303] - 21/01/2008 - 03:32:46 ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\system32\drivers\adp94xx.sys [422968]
    O58 - SDL:[MD5.60505E0041F7751BDBB80F88BF45C2CE] - 21/01/2008 - 03:32:51 ---A- . (.Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) -- C:\Windows\system32\drivers\adpahci.sys [300600]
    O58 - SDL:[MD5.8A42779B02AEC986EAB64ECFC98F8BD7] - 21/01/2008 - 03:32:52 ---A- . (.Adaptec, Inc. - Adaptec LH Ultra160 Driver (x86).) -- C:\Windows\system32\drivers\adpu160m.sys [101432]
    O58 - SDL:[MD5.241C9E37F8CE45EF51C3DE27515CA4E5] - 21/01/2008 - 03:32:53 ---A- . (.Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver.) --
    a c 267 8 Sécurité
    11 Juillet 2011 08:43:04

    C'est bien le rapport mais il me manque la fin.

    Au pire, envoie-le moi sur destrio5@free.fr
    11 Juillet 2011 22:56:31

    Salut,

    Je veux juste savoir si tu continues à m'aider ou non, s'il y a quelque chose à faire suite à mon dernier message.
    Merci pour la réponse
    a c 267 8 Sécurité
    12 Juillet 2011 00:01:10

    Citation :
    Salut,

    Je veux juste savoir si tu continues à m'aider ou non, s'il y a quelque chose à faire suite à mon dernier message.
    Merci pour la réponse

    --> Il fallait m'avertir que tu m'avais envoyé le rapport sur mon adresse mail, je m'en sers rarement. Pas grave.

    Par contre, toujours pas complet. Il devrait se finir par End of the scan (blablabla).

    Je vois une trace de Norton, supprime-la avec ceci :
    ftp://ftp.symantec.com/public/francais/removal_tools/No...
    12 Juillet 2011 15:54:36

    Bonjour,

    Je t'ai renvoyé une ultime fois le rapport à ton adresse sur free. Par contre j'ai bien vérifié mais ce rapport ainsi que le précédent étaient entiers, il y avait bien inscrit "end of the scan" à chaque épisode. Si tu ne l'as toujours pas en entier, fais-moi signe.

    Entretemps j'ai utilisé l'outil que tu m'avais donné concernant norton.
    Merci
    a c 267 8 Sécurité
    12 Juillet 2011 16:31:49

  • Copie tout le texte présent dans le cadre ci-dessous (Sélectionne-le, clique droit dessus et choisis "Copier").
    [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings] WarnOnHTTPSToHTTPRedirect: Modified
    M3 - MFPP: Plugins - [Anne Marie & Kazimir] -- C:\Program Files\Mozilla FireFox\searchplugins\babylon.xml
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.babylon.com
    R0 - HKUS\S-1-5-21-3667748493-759345943-3375673806-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.babylon.com
    O43 - CFD: 08/07/2011 - 10:21:58 - [0] ----D- C:\Program Files\Babylon
    O69 - SBI: SearchScopes [HKCU] {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} [DefaultScope] - (Search the web (Babylon)) - http://search.babylon.com
    [HKLM\Software\Classes\toolband.eb_explorerbar]
    [HKLM\Software\Classes\toolband.eb_explorerbar.1]
    [HKLM\Software\Classes\toolband.ipm_printlistitem]
    [HKLM\Software\Classes\toolband.ipm_printlistitem.1]
    [HKLM\Software\Classes\toolband.pm_launcher]
    [HKLM\Software\Classes\toolband.pm_launcher.1]
    [HKLM\Software\Classes\toolband.pm_printmanager]
    [HKLM\Software\Classes\toolband.pm_printmanager.1]
    [HKLM\Software\Classes\toolband.pr_bindstatuscallback]
    [HKLM\Software\Classes\toolband.pr_bindstatuscallback.1]
    [HKLM\Software\Classes\toolband.pr_cancelbuttoneventhandler]
    [HKLM\Software\Classes\toolband.pr_cancelbuttoneventhandler.1]
    [HKLM\Software\Classes\toolband.tbtoolband]
    [HKLM\Software\Classes\toolband.tbtoolband.1]
    [HKLM\Software\Classes\toolband.useroptions]
    [HKLM\Software\Classes\toolband.useroptions.1]
    [HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ecdf796-c2dc-4d79-a620-cce0c0a66cc9}]
    [HKLM\Software\Classes\CLSID\{2EECD738-5844-4a99-B4B6-146BF802613B}]
    [HKLM\Software\Classes\CLSID\{761f6a83-f007-49e4-8eac-cdb6808ef06f}]
    [HKLM\Software\Classes\CLSID\{97d69524-bb57-4185-9c7f-5f05593b771a}]
    C:\Users\Anne Marie & Kazimir\AppData\Roaming\Mozilla\Firefox\Profiles\snymed6a.default\Extensions\ffxtlbr@babylon.com

  • Puis lance ZHPFix depuis le raccourci situé sur ton Bureau.
  • Une fois ZHPFix ouvert, clique sur le bouton "H" (Coller les lignes Helper).
  • Dans l'encadré principal, tu verras donc les lignes que tu as copié précédemment apparaître. Vérifie que toutes les lignes que je t'ai demandé de copier (et seulement elles) sont dans la fenêtre.
  • Clique sur "OK", puis "Tous" et enfin "Nettoyer".
  • Copie-colle le rapport dans ton prochain message.
    Le rapport est enregistré sur ton Bureau. Il s'appelle ZHPFixReport.
    12 Juillet 2011 21:25:56

    Voici le rapport de ZHPfix (aucun rapport n'apparaît jamais sur le bureau, je ne sais pas d'où vient le problème):

    Rapport de ZHPFix 1.12.3337 par Nicolas Coolman, Update du 08/07/2011
    Fichier d'export Registre : C:\ZHPExportRegistry-12-07-2011-21-20-14.txt
    Run by Anne Marie & Kazimir at 12/07/2011 21:20:14
    Windows Vista Home Basic Edition, 32-bit Service Pack 2 (Build 6002)
    Web site : http://www.premiumorange.com/zeb-help-process/zhpfix.ht...

    ========== Clé(s) du Registre ==========
    SUPPRIME Key: SearchScopes :{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
    SUPPRIME Key: HKLM\Software\Classes\toolband.eb_explorerbar
    SUPPRIME Key: HKLM\Software\Classes\toolband.eb_explorerbar.1
    SUPPRIME Key: HKLM\Software\Classes\toolband.ipm_printlistitem
    SUPPRIME Key: HKLM\Software\Classes\toolband.ipm_printlistitem.1
    SUPPRIME Key: HKLM\Software\Classes\toolband.pm_launcher
    SUPPRIME Key: HKLM\Software\Classes\toolband.pm_launcher.1
    SUPPRIME Key: HKLM\Software\Classes\toolband.pm_printmanager
    SUPPRIME Key: HKLM\Software\Classes\toolband.pm_printmanager.1
    SUPPRIME Key: HKLM\Software\Classes\toolband.pr_bindstatuscallback
    SUPPRIME Key: HKLM\Software\Classes\toolband.pr_bindstatuscallback.1
    SUPPRIME Key: HKLM\Software\Classes\toolband.pr_cancelbuttoneventhandler
    SUPPRIME Key: HKLM\Software\Classes\toolband.pr_cancelbuttoneventhandler.1
    SUPPRIME Key: HKLM\Software\Classes\toolband.tbtoolband
    SUPPRIME Key: HKLM\Software\Classes\toolband.tbtoolband.1
    SUPPRIME Key: HKLM\Software\Classes\toolband.useroptions
    SUPPRIME Key: HKLM\Software\Classes\toolband.useroptions.1
    ABSENT Key: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ecdf796-c2dc-4d79-a620-cce0c0a66cc9}
    SUPPRIME Key: HKLM\Software\Classes\CLSID\{2EECD738-5844-4a99-B4B6-146BF802613B}
    SUPPRIME Key: HKLM\Software\Classes\CLSID\{761f6a83-f007-49e4-8eac-cdb6808ef06f}
    SUPPRIME Key: HKLM\Software\Classes\CLSID\{97d69524-bb57-4185-9c7f-5f05593b771a}

    ========== Elément(s) de donnée du Registre ==========
    REMPLACE Value WarnOnHTTPSToHTTPRedirect : Good (1) - Bad (0)
    SUPPRIME R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page
    SUPPRIME R0 - HKUS\S-1-5-21-3667748493-759345943-3375673806-1000\Software\Microsoft\Internet Explorer\Main,Start Page

    ========== Dossier(s) ==========
    SUPPRIME Folder*: C:\Program Files\Babylon
    SUPPRIME Folder*: c:\users\anne marie & kazimir\appdata\roaming\mozilla\firefox\profiles\snymed6a.default\extensions\ffxtlbr@babylon.com

    ========== Fichier(s) ==========
    SUPPRIME c:\program files\mozilla firefox\searchplugins\babylon.xml


    ========== Récapitulatif ==========
    21 : Clé(s) du Registre
    3 : Elément(s) de donnée du Registre
    2 : Dossier(s)
    1 : Fichier(s)


    ========== Chemin du fichier rapport ==========
    C:\Program Files\ZHPDiag\ZHPFixReport.txt



    End of the scan in 02mn 47s
    a c 267 8 Sécurité
    12 Juillet 2011 21:27:53

    Plus de souci ?
    12 Juillet 2011 22:14:39

    A priori non, sauf si tu vois quelque chose qui cloche dans les rapports transmis.
    Merci pour ton aide!!
    a c 267 8 Sécurité
    12 Juillet 2011 22:17:14

    Tu vois encore Babylon ?
    12 Juillet 2011 22:20:53

    Non, je l'avais enlevé des modules complémentaires de firefox comme tu me l'avais indiqué et il ne semble pas réapparaître autre part depuis toutes les manips faites.
    12 Juillet 2011 22:27:18

    Rectification, je l'ai trouvé dans un des fichiers de l'ordi, je pensais qu'il avait été supprimé totalement pourtant.
    a c 267 8 Sécurité
    12 Juillet 2011 22:27:51

    Où ça ?
    12 Juillet 2011 22:30:54

    En faisant une simple recherche par l'ordi avec le mot babylon, il apparaît dans une extension de fichier dont voici le nom: Kazimir\AppData\Roaming\Mozilla\Firefox\Profiles\snymed6a.default\extensions
    12 Juillet 2011 22:31:45

    le fichier n'est pas lourd, je suppose qu'il faut simplement le supprimer...
    a c 267 8 Sécurité
    12 Juillet 2011 22:39:47

    Je pense que tu peux le supprimer tout simplement.

    Pour finir :


    1/

  • Télécharge DelFix sur ton Bureau.
  • Clique droit sur DelFix et choisis Exécuter en tant qu'administrateur.
  • Clique sur le bouton Suppression.
  • Poste le rapport (C:\DelFixSuppr.txt).
  • Supprime DelFix.


    2/

  • Télécharge et installe CCleaner.
  • Lance-le. Va dans Options puis Avancé et décoche la case Effacer uniquement les fichiers etc....
  • Va dans Nettoyeur, choisis Analyse. Une fois terminé, lance le nettoyage.


    3/

  • Il est nécessaire de désactiver puis réactiver la restauration système pour la purger.


    ==Prévention==

    Java et Adobe Reader ne sont pas à jour :
    http://www.malekal.com/2010/11/15/maintenir-java-adobe-...

    Voici un dossier sur la prévention et sécurité sur Internet (A lire avec Adobe Reader ou Foxit Reader) : Lien


    ==Problème résolu ?==

    --> Si tu estimes que ton problème est résolu, ajoute [Résolu] au titre. Pour cela :
  • Clique, dans ton premier message, sur le bouton Editer .
  • Ajoute la mention [Résolu] devant le titre.
  • Clique ensuite sur Valider votre message.


    ;) 
    12 Juillet 2011 23:03:59

    Je t'envoie le 2ème scan de DelFix (le 1er a été perdu pour x raisons). J'avais déjà fait fonctionné CCleaner. Je vais désactiver et réactiver le système, si j'ai un problème, je te renvoie une réponse.



    # DelFix v8.1 - Rapport créé le 12/07/2011 à 22:51
    # Mis à jour le 20/06/11 à 19h par Xplode
    # Système d'exploitation : Windows Vista (TM) Home Basic (32 bits) [version 6.0.6002] Service Pack 2
    # Nom d'utilisateur : Anne Marie & Kazimir - PC_ANNI_KAZJOU (Administrateur)
    # Exécuté depuis : C:\Users\Anne Marie & Kazimir\Downloads\DelFix-8.1.exe
    # Option [Suppression]


    ~~~~~~ Dossier(s) ~~~~~~


    ~~~~~~ Fichier(s) ~~~~~~


    ~~~~~~ Registre ~~~~~~


    ~~~~~~ Autre ~~~~~~

    -> Prefetch vidé

    ########## EOF - "C:\DelFixSuppr.txt" - [620 octets] ##########
    12 Juillet 2011 23:30:57

    Je pense que c'est bon, je te reconfirme ça demain.
    13 Juillet 2011 15:30:17


    Bonjour et merci pour ton aide, tout est ok maintenant.

    Bonne continuation ;) 
    2 Avril 2012 14:02:12

    sz83k a dit :
    Bonjour,

    J'ai téléchargé par erreur le logiciel Babylon, je l'ai enlevé grâce à la suppression de programmes mais je constate qu'il est toujours présent dans la barre des taches sur ma page internet. Comment le supprime-t-on définitivement s'il vous plaît, il ne part pas malgré ccleaner?
    Merci d'avance!


    Tom's guide dans le monde
    • Allemagne
    • Italie
    • Irlande
    • Royaume Uni
    • Etats Unis
    Suivre Tom's Guide
    Inscrivez-vous à la Newsletter
    • ajouter à twitter
    • ajouter à facebook
    • ajouter un flux RSS