Virus face book

Résolu/Fermé

annelise - 11 sept. 2010 à 09:00
moment de grace Messages postés 29042 Date d'inscription samedi 6 décembre 2008 Statut Contributeur sécurité Dernière intervention 18 juillet 2013 - 12 sept. 2010 à 09:32

Bonjour,

j'ai recement attraper le virus facebook je ne sais pas comment l'enlever j'ai lancer un rapport et voilà ce que ca donne :

Logfile of random's system information tool 1.08 (written by random/random)
Run by anne lise at 2010-09-11 08:53:50
Microsoft® Windows Vista(TM) Édition Familiale Premium Service Pack 2
System drive C: has 84 GB (60%) free of 140 GB
Total RAM: 2814 MB (61% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 08:54:03, on 11/09/2010
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18943)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Acer\Empowering Technology\SysMonitor.exe
C:\Program Files\Acer\Empowering Technology\Framework.Launcher.exe
C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe
C:\Program Files\McAfee.com\Agent\mcagent.exe
C:\Program Files\Common Files\PC Tools\sMonitor\SSDMonitor.exe
C:\Program Files\Acer\WR_PopUp\ProductReg.exe
C:\Program Files\Acer\WR_PopUp\AcerRegTool.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Windows\System32\spool\drivers\w32x86\3\E_FATIEDE.EXE
C:\Windows\ehome\ehtray.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe
C:\Users\anne lise\AppData\Roaming\Microsoft\Notification de cadeaux MSN\lsnfier.exe
C:\Users\Public\msnl.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe
C:\Program Files\OfferBox\OfferBox.exe
C:\Windows\system32\Macromed\Flash\FlashUtil10e.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\anne lise\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\OPFFM987\RSIT[1].exe
C:\Program Files\trend micro\anne lise.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACAW&l=040c&s=1&o=vp32&d=0110&m=aspire_x3200
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACAW&l=040c&s=1&o=vp32&d=0110&m=aspire_x3200
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
R3 - URLSearchHook: Zynga Toolbar - {7b13ec3e-999a-4b70-b9cb-2617b8323822} - C:\Program Files\Zynga\tbZyng.dll
R3 - URLSearchHook: SweetIM ToolbarURLSearchHook Class - {EEE6C35D-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgHelper.dll
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: McAfee Phishing Filter - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\progra~1\mcafee\msk\mskapbho.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Zynga Toolbar - {7b13ec3e-999a-4b70-b9cb-2617b8323822} - C:\Program Files\Zynga\tbZyng.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20100819215615.dll
O2 - BHO: ShowBarObj Class - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\ActiveToolBand.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.5126.1836\swg.dll
O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O2 - BHO: SWEETIE - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O2 - BHO: OfferBox - {FC0D62C2-9640-4AEB-A5D5-CF25DF11FA8C} - C:\Program Files\OfferBox\OfferBoxBHO.dll
O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll
O3 - Toolbar: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll
O3 - Toolbar: Zynga Toolbar - {7b13ec3e-999a-4b70-b9cb-2617b8323822} - C:\Program Files\Zynga\tbZyng.dll
O3 - Toolbar: SweetIM Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [Acer Empowering Technology Monitor] C:\Program Files\Acer\Empowering Technology\SysMonitor.exe
O4 - HKLM\..\Run: [EmpoweringTechnology] C:\Program Files\Acer\Empowering Technology\Framework.Launcher.exe boot
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe
O4 - HKLM\..\Run: [PCMMediaSharing] C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exe
O4 - HKLM\..\Run: [Setresolution] C:\ACER\config\1440X900.cmd
O4 - HKLM\..\Run: [MontiorGeo] c:\Acer\MonitorGeo.cmd
O4 - HKLM\..\Run: [Skytel] Skytel.exe
O4 - HKLM\..\Run: [P0620Cfg.exe] P0620Cfg.exe /d:1
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [SweetIM] C:\Program Files\SweetIM\Messenger\SweetIM.exe
O4 - HKLM\..\Run: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
O4 - HKLM\..\Run: [SSDMonitor] C:\Program Files\Common Files\PC Tools\sMonitor\SSDMonitor.exe
O4 - HKCU\..\Run: [ProductReg] "C:\Program Files\Acer\WR_PopUp\ProductReg.exe"
O4 - HKCU\..\Run: [msnmsgr] ~"C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [EPSON SX100 Series] C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIEDE.EXE /FU "C:\Windows\TEMP\E_S5F31.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [Windows System Guard] C:\Users\Public\msnl.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Startup: Notification de cadeaux MSN.lnk = C:\Users\anne lise\AppData\Roaming\Microsoft\Notification de cadeaux MSN\lsnfier.exe
O4 - Global Startup: McAfee Security Scan Plus.lnk = ?
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvlsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvlsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvlsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvlsp.dll
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} (Windows Live Hotmail Photo Upload Tool) - http://gfx2.hotmail.com/mail/w4/pr01/photouploadcontrol/VistaMSNPUpldfr-fr.cab
O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Acer HomeMedia Connect Service - CyberLink - C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe
O23 - Service: @%SystemRoot%\system32\aelupsvc.dll,-1 (AeLookupSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe
O23 - Service: @%systemroot%\system32\appinfo.dll,-100 (Appinfo) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-204 (AudioEndpointBuilder) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-200 (Audiosrv) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\bfe.dll,-1001 (BFE) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\qmgr.dll,-1000 (BITS) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\browser.dll,-100 (Browser) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\certprop.dll,-11 (CertPropSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\cryptsvc.dll,-1001 (CryptSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @oleres.dll,-5012 (DcomLaunch) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe
O23 - Service: @%SystemRoot%\system32\dhcpcsvc.dll,-100 (Dhcp) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\dnsapi.dll,-101 (Dnscache) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\dot3svc.dll,-1102 (dot3svc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\dps.dll,-500 (DPS) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\eapsvc.dll,-1 (EapHost) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: eDataSecurity Service - Egis Incorporated - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
O23 - Service: @%SystemRoot%\ehome\ehrecvr.exe,-101 (ehRecvr) - Unknown owner - C:\Windows\ehome\ehRecvr.exe
O23 - Service: @%SystemRoot%\ehome\ehsched.exe,-101 (ehSched) - Unknown owner - C:\Windows\ehome\ehsched.exe
O23 - Service: @%SystemRoot%\ehome\ehstart.dll,-101 (ehstart) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\emdmgmt.dll,-1000 (EMDMgmt) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: Empowering Technology Service (ETService) - Unknown owner - C:\Program Files\Acer\Empowering Technology\Service\ETService.exe
O23 - Service: @%SystemRoot%\system32\wevtsvc.dll,-200 (Eventlog) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @comres.dll,-2450 (EventSystem) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\fdPHost.dll,-100 (fdPHost) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\fdrespub.dll,-100 (FDResPub) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\FntCache.dll,-100 (FontCache) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: ForceWare Intelligent Application Manager (IAM) - Unknown owner - C:\Program Files\bin32\nSvcAppFlt.exe
O23 - Service: Google Desktop Manager 5.9.1005.12335 (GoogleDesktopManager-051210-111108) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: @gpapi.dll,-112 (gpsvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: Service Google Update (gupdate) (gupdate) - Unknown owner - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: @%SystemRoot%\System32\hidserv.dll,-101 (hidserv) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\kmsvc.dll,-6 (hkmsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\ikeext.dll,-501 (IKEEXT) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\IPBusEnum.dll,-102 (IPBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\iphlpsvc.dll,-200 (iphlpsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe
O23 - Service: @comres.dll,-2946 (KtmRm) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\srvsvc.dll,-100 (LanmanServer) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\wkssvc.dll,-100 (LanmanWorkstation) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\lltdres.dll,-1 (lltdsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\lmhsvc.dll,-101 (lmhosts) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: McAfee SiteAdvisor Service - McAfee, Inc. - C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe
O23 - Service: Service McAfee Personal Firewall (McMPFSvc) - McAfee, Inc. - C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
O23 - Service: McAfee VirusScan Announcer (McNaiAnn) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
O23 - Service: McShield - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe
O23 - Service: McAfee Firewall Core Service (mfefire) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe
O23 - Service: @%systemroot%\system32\mmcss.dll,-100 (MMCSS) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\FirewallAPI.dll,-23090 (MpsSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe
O23 - Service: @%SystemRoot%\system32\iscsidsc.dll,-5000 (MSiSCSI) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\msimsg.dll,-27 (msiserver) - Unknown owner - C:\Windows\system32\msiexec.exe
O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
O23 - Service: @%SystemRoot%\system32\qagentrt.dll,-6 (napagent) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe
O23 - Service: @%SystemRoot%\system32\netman.dll,-109 (Netman) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\netprof.dll,-246 (netprofm) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\nlasvc.dll,-1 (NlaSvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: @%SystemRoot%\system32\nsisvc.dll,-200 (nsi) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: ForceWare IP service (nSvcIp) - Unknown owner - C:\Program Files\bin32\nSvcIp.exe
O23 - Service: NTI Backup Now 5 Backup Service (NTIBackupSvc) - NewTech InfoSystems, Inc. - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
O23 - Service: NTI Backup Now 5 Scheduler Service (NTISchedulerSvc) - NewTech Infosystems, Inc. - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8004 (p2pimsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8006 (p2psvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\pcasvc.dll,-1 (PcaSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: PC Tools Startup and Shutdown Monitor service (PCToolsSSDMonitorSvc) - Unknown owner - C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe
O23 - Service: @%systemroot%\system32\pla.dll,-500 (pla) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\umpnpmgr.dll,-100 (PlugPlay) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8002 (PNRPAutoReg) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8000 (PNRPsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\polstore.dll,-5010 (PolicyAgent) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\profsvc.dll,-300 (ProfSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe
O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\rasauto.dll,-200 (RasAuto) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\rasmans.dll,-200 (RasMan) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @regsvc.dll,-1 (RemoteRegistry) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe
O23 - Service: @oleres.dll,-5010 (RpcSs) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: @%SystemRoot%\System32\SCardSvr.dll,-1 (SCardSvr) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\schedsvc.dll,-100 (Schedule) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\certprop.dll,-13 (SCPolicySvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\sdrsvc.dll,-107 (SDRSVC) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\Sens.dll,-200 (SENS) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\SessEnv.dll,-1026 (SessionEnv) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\shsvcs.dll,-12288 (ShellHWDetection) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe
O23 - Service: @%SystemRoot%\system32\SLUINotify.dll,-103 (SLUINotify) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe
O23 - Service: @%systemroot%\system32\ssdpsrv.dll,-100 (SSDPSRV) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\sstpsvc.dll,-200 (SstpSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wiaservc.dll,-9 (stisvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\swprv.dll,-103 (swprv) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\sysmain.dll,-1000 (SysMain) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\TabSvc.dll,-100 (TabletInputService) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\tapisrv.dll,-10100 (TapiSrv) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\tbssvc.dll,-100 (TBS) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\termsrv.dll,-268 (TermService) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\shsvcs.dll,-8192 (Themes) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\mmcss.dll,-102 (THREADORDER) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\trkwks.dll,-1 (TrkWks) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\servicing\TrustedInstaller.exe,-100 (TrustedInstaller) - Unknown owner - C:\Windows\servicing\TrustedInstaller.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe
O23 - Service: @%systemroot%\system32\upnphost.dll,-213 (upnphost) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\dwm.exe,-2000 (UxSms) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe
O23 - Service: @%SystemRoot%\system32\w32time.dll,-200 (W32Time) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wcncsvc.dll,-3 (wcncsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\WcsPlugInService.dll,-200 (WcsPlugInService) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\wdi.dll,-502 (WdiServiceHost) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\wdi.dll,-500 (WdiSystemHost) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\webclnt.dll,-100 (WebClient) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wecsvc.dll,-200 (Wecsvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wercplsupport.dll,-101 (wercplsupport) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wersvc.dll,-100 (WerSvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%ProgramFiles%\Windows Defender\MsMpRes.dll,-103 (WinDefend) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\winhttp.dll,-100 (WinHttpAutoProxySvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\wbem\wmisvc.dll,-205 (Winmgmt) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\wsmsvc.dll,-101 (WinRM) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wlansvc.dll,-257 (Wlansvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe
O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files\Windows Media Player\wmpnetwk.exe
O23 - Service: @%SystemRoot%\system32\wpcsvc.dll,-100 (WPCSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wpdbusenum.dll,-100 (WPDBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wscsvc.dll,-200 (wscsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\SearchIndexer.exe,-103 (WSearch) - Unknown owner - C:\Windows\system32\SearchIndexer.exe
O23 - Service: @%systemroot%\system32\wuaueng.dll,-105 (wuauserv) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wudfsvc.dll,-1000 (wudfsvc) - Unknown owner - C:\Windows\system32\svchost.exe

A voir également:

Virus face book
Face book conection - Guide
Road book gratuit - Télécharger - Sport
Svchost.exe virus - Guide
Face time - Guide
Number book en ligne - Forum Téléchargement

21 réponses

Réponse 1 / 21

moment de grace Messages postés 29042 Date d'inscription samedi 6 décembre 2008 Statut Contributeur sécurité Dernière intervention 18 juillet 2013 2 272
11 sept. 2010 à 09:08

bonjour

fais ceci stp

1)

Téléchargez USBFIX de El Desaparecido, C_xx

http://pagesperso-orange.fr/NosTools/Chiquitine29/UsbFix.exe
ou
https://www.ionos.fr/?affiliate_id=77097

/!\ Utilisateur de vista et windows 7 :
ne pas oublier de désactiver Le contrôle des comptes utilisateurs
https://www.commentcamarche.net/faq/8343-vista-desactiver-l-uac

/!\ Branche tes sources de données externes à ton PC, (clé USB, disque dur externe, etc...) susceptible d'avoir été infectées sans les ouvrir

* Double clic sur le raccourci UsbFix présent sur le bureau .

* Choisir l'option suppression
(d'autres options disponibles, voir le tutoriel).
* Laissez travailler l'outil.
Le menu démarrer et les icônes vont disparaître.. c'est normal.

Si un message te demande de redémarrer l'ordinateur fais le ...

? Au redémarrage, le fix se relance... laisses l'opération s'effectuer.

? Le bloc note s'ouvre avec un rapport, envoies le dans la prochaine réponse

* Note : Le rapport UsbFix.txt est sauvegardé a la racine du disque. ( C:\UsbFix.txt )

( CTRL+A Pour tout sélectionner , CTRL+C pour copier et CTRL+V pour coller )

* Note : "Process.exe", une composante de l'outil, est détecté par certains antivirus (AntiVir, Dr.Web, Kaspersky Anti-Virus) comme étant un RiskTool.
Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus.
Mis entre de mauvaises mains, cet utilitaire pourrait arrêter des logiciels de sécurité (Antivirus, Firewall...) d'où l'alerte émise par ces antivirus.

* Tuto : http://pagesperso-orange.fr/NosTools/usbfix.html

UsbFix peut te demander d'uploader un dossier compressé à cette adresse : https://www.ionos.fr/?affiliate_id=77097

Il est enregistré sur ton bureau.

Merci de l'envoyer à l'adresse indiquée afin d'aider l'auteur de UsbFix dans ses recherches.

................................

2)

Télécharge ZHPDiag ( de Nicolas coolman ).
ftp://zebulon.fr/ZHPDiag.exe

(outil de diagnostic)

Double clique sur le fichier d'installation, puis installe le avec les paramètres par défaut ( N'oublie pas de cocher " Créer une icône sur le bureau " )

Lance ZHPDiag en double cliquant sur l'icône présente sur ton bureau (Clique droit -> Executer en tant qu'admin pour vista )

Clique sur la loupe en haut à gauche, puis laisse l'outil scanner.

Une fois le scan terminé, clique sur l'icône en forme de disquette et enregistre le fichier sur ton bureau.

Rend toi sur Cjoint : http://www.cijoint.fr/

Clique sur "Parcourir " dans la partie " Joindre un fichier[...] "

Sélectionne le rapport ZHPdiag.txt qui se trouve sur ton bureau

Clique ensuite sur "Cliquez ici pour déposer le fichier " et copie/colle le lien dans ton prochain message

si soucis avec ci joint. fr

=> utiliser https://www.cjoint.com/
=> utiliser http://ww38.toofiles.com/fr/oip/documents/txt/av.html

Réponse 2 / 21

annelise
11 sept. 2010 à 09:26

voici le rapport :
############################## | UsbFix 7.024 | [Suppression]

Utilisateur: anne lise (Administrateur) # PC-DE-ANNELISE [Acer Aspire X3200]
Mis à jour le 09/09/10 par El Desaparecido / C_XX
Lancé à 09:19:17 | 11/09/2010
Site Web: http://www.teamxscript.org
Contact: FindyKill.Contact@gmail.com

CPU: AMD Athlon(tm) 7450 Dual-Core Processor
CPU 2: AMD Athlon(tm) 7450 Dual-Core Processor
Microsoft® Windows Vista(TM) Édition Familiale Premium (6.0.6002 32-Bit) # Service Pack 2
Internet Explorer 8.0.6001.18943

Pare-feu Windows: Désactivé /!\
RAM -> 2814 Mo
C:\ (%systemdrive%) -> Disque fixe # 137 Go (82 Go libre(s) - 60%) [ACER] # NTFS
D:\ -> Disque fixe # 141 Go (131 Go libre(s) - 93%) [DATA] # NTFS
E:\ -> CD-ROM

################## | Éléments infectieux |

Supprimé! C:\Windows\system32\winsvncs.txt

################## | Registre |

Supprimé! HKCU\Software\Microsoft\Windows\CurrentVersion\Run|Windows System Guard

################## | Mountpoints2 |

################## | Listing |

[11/09/2010 - 09:22:40 | SHD ] C:\$RECYCLE.BIN
[20/08/2010 - 18:58:52 | D ] C:\6121f39eb65c1b6b7d97
[08/02/2010 - 14:44:01 | D ] C:\ACER
[18/09/2006 - 23:43:36 | A | 24] C:\autoexec.bat
[13/01/2009 - 10:58:25 | AD ] C:\Book
[14/02/2010 - 09:19:54 | SHD ] C:\Boot
[11/04/2009 - 08:36:36 | RASH | 333257] C:\bootmgr
[13/01/2009 - 17:30:37 | RAS | 8192] C:\BOOTSECT.BAK
[18/09/2006 - 23:43:37 | A | 10] C:\config.sys
[02/11/2006 - 15:02:03 | SHD ] C:\Documents and Settings
[29/06/2010 - 17:36:44 | D ] C:\EGIS_Drive
[11/09/2010 - 09:12:15 | ASH | 2951233536] C:\hiberfil.sys
[13/01/2009 - 10:12:46 | RHD ] C:\MSOCache
[11/09/2010 - 09:12:14 | ASH | 3264864256] C:\pagefile.sys
[21/01/2008 - 04:32:31 | D ] C:\PerfLogs
[11/09/2010 - 09:15:50 | RD ] C:\Program Files
[11/09/2010 - 08:16:05 | HD ] C:\ProgramData
[13/01/2009 - 09:57:46 | A | 426] C:\RHDSetup.log
[11/09/2010 - 08:54:09 | D ] C:\rsit
[10/09/2010 - 19:44:40 | SHD ] C:\System Volume Information
[11/09/2010 - 09:22:40 | D ] C:\UsbFix
[11/09/2010 - 09:19:17 | A | 2063] C:\UsbFix.txt
[21/01/2010 - 13:39:41 | RD ] C:\Users
[27/01/2010 - 12:37:28 | D ] C:\WCamInst
[10/09/2010 - 19:45:37 | D ] C:\Windows
[11/09/2010 - 09:22:40 | SHD ] D:\$RECYCLE.BIN
[06/08/2009 - 22:06:18 | HD ] D:\erData
[29/05/2008 - 01:05:31 | SHD ] D:\System Volume Information

################## | Vaccin |

C:\Autorun.inf -> Dossier créé par UsbFix (El Desaparecido & C_XX)
D:\Autorun.inf -> Dossier créé par UsbFix (El Desaparecido & C_XX)

################## | Upload |

Veuillez envoyer le fichier: C:\UsbFix_Upload_Me_PC-DE-ANNELISE.zip
https://www.ionos.fr/?affiliate_id=77097
Merci de votre contribution.

################## | E.O.F |

Réponse 3 / 21

moment de grace Messages postés 29042 Date d'inscription samedi 6 décembre 2008 Statut Contributeur sécurité Dernière intervention 18 juillet 2013 2 272
11 sept. 2010 à 09:29

vu

=> ZHPdiag

Réponse 4 / 21

annelise
11 sept. 2010 à 09:42

voici le 2e rapport avec ZHP diag :
Rapport de ZHPDiag v1.26.611 par Nicolas Coolman, Update du 10/09/2010
Run by anne lise at 11/09/2010 09:28:08
Web site : http://www.premiumorange.com/zeb-help-process/zhpdiag.html
Contact : nicolascoolman@yahoo.fr

---\\ Web Browser
MSIE: Internet Explorer v8.0.6001.18943

---\\ System Information
Platform : Windows Vista (TM) Home Premium (6.0.6002) Service Pack 2
Processor: x86 Family 16 Model 2 Stepping 3, AuthenticAMD
Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 2813 MB (64% free)
System drive C: has 82 GB (59%) free of 137 GB

---\\ Logged in mode
Computer Name: PC-DE-ANNELISE
User Name: anne lise
All Users Names: anne lise, Administrateur,
Unselected Option: O1,O45,O61,O65,O82
Logged in as Administrator

---\\ DOS/Devices
C:\ Hard drive, Flash drive, Thumb drive (Free 82 Go of 137 Go)
D:\ Hard drive, Flash drive, Thumb drive (Free 131 Go of 141 Go)
E:\ CD-ROM drive (Not Inserted)
F:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
G:\ Floppy drive, Flash card reader, USB Key (Not Inserted)

---\\ Security Center & Tools Informations
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] DisableTaskMgr: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] DisableRegistryTools: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] NoDispScrSavPage: OK

---\\ Processus lancés
[MD5.1A4FEE255228AB6EFCAA81BC6BE2D591] - (.McAfee, Inc. - McAfee Security Center.) -- c:\PROGRA~1\mcafee.com\agent\mcagent.exe [1193848]
[MD5.DAF60E13E96ECB67F0EDAA89C6B01B8D] - (.Microsoft Corporation - Bloc-notes.) -- C:\Windows\system32\NOTEPAD.EXE [151040]
[MD5.E616A6A6E91B0A86F2F6217CDE835FFE] - (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [68856]
[MD5.7420BE0E7D3D1320054F7ACA0594953D] - (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe [638232]
[MD5.F94066F5CC9791D6887A4C31505663D1] - (.Secure Digital Services Limited - OfferBox.) -- C:\Program Files\OfferBox\OfferBox.exe [1957720]
[MD5.652917E46875E3AF8189AFA3FAAA98AC] - (.Nicolas Coolman - Diagnostic Tool.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [549376]

---\\ Plugins de navigateurs Opera/Firefox(P1/P2)
P2 - FPN: [HKLM] [@adobe.com/ShockwavePlayer] - (.Adobe Systems, Inc. - Adobe Shockwave for Director Netscape plug-in, version 11.5.) -- C:\Windows\system32\Adobe\Director\np32dsw.dll
P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (. Microsoft Corporation - 4.0.50826.0.) -- C:\Program Files\Microsoft Silverlight\4.0.50826.0\npctrl.dll
P2 - FPN: [HKLM] [@microsoft.com/OfficeLive,version=1.4] - (.Microsoft Corp. - Office Live Update v1.4.) -- C:\Program Files\Microsoft\Office Live\npOLW.dll
P2 - FPN: [HKLM] [@microsoft.com/WLPG,version=14.0.8081.0709] - (.Microsoft Corporation - NPWLPG.) -- C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
P2 - FPN: [HKLM] [@microsoft.com/WPF,version=3.5] - (.Microsoft Corporation - Windows Presentation Foundation (WPF) plug-in for Mozilla browsers.) -- C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=8] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.2.183.23\npGoogleOneClick8.dll

---\\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2)
F2 - REG:system.ini: UserInit=C:\Windows\system32\Userinit.exe,
F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"

---\\ Pages de démarrage d'Internet Explorer (R0)
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr

---\\ Pages de recherche d'Internet Explorer (R1)
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/?gws_rd=ssl
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk

---\\ Internet Explorer URLSearchHook (R3)
R3 - URLSearchHook: Zynga Toolbar - {7b13ec3e-999a-4b70-b9cb-2617b8323822} . (.Conduit Ltd. - Conduit Toolbar.) (5, 3, 5, 4) -- C:\Program Files\Zynga\tbZyng.dll
R3 - URLSearchHook: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} . (.McAfee, Inc. - SiteAdvisor.) (3,1,1,118) -- c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
R3 - URLSearchHook: McAfee SiteAdvisor Toolbar - {7b13ec3e-999a-4b70-b9cb-2617b8323822} . (.Conduit Ltd. - Conduit Toolbar.) (5, 3, 5, 4) -- C:\Program Files\Zynga\tbZyng.dll
R3 - URLSearchHook: McAfee SiteAdvisor Toolbar - {EEE6C35D-6118-11DC-9C72-001320C79847} . (.SweetIM Technologies Ltd. - SweetIM Toolbar Helper Module.) (3, 9, 0, 4) -- C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgHelper.dll

---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: McAfee Phishing Filter - {27B4851A-3207-45A2-B947-BE8AFE6163AB} . (.Pas de propriétaire - Pas de description.) -- c:\progra~1\mcafee\msk\mskapbho.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} . (.Pas de propriétaire - Pas de description.) -- (.not file.)
O2 - BHO: Zynga Toolbar - {7b13ec3e-999a-4b70-b9cb-2617b8323822} . (.Conduit Ltd. - Conduit Toolbar.) -- C:\Program Files\Zynga\tbZyng.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} . (.McAfee, Inc. - VSCore Script Scanner.) -- C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20100819215615.dll
O2 - BHO: ShowBarObj Class - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} . (.Egis - ActiveToolBand Module.) -- C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\ActiveToolBand.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corporation - Microsoft® Windows Live ID Login Helper.) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} . (.SEIKO EPSON CORPORATION / CyCom Technology - Epson Easy Photo Print (TBL).) -- C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} . (.Google Inc. - Google Toolbar.) -- C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\5.5.5126.1836\swg.dll
O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} . (.McAfee, Inc. - SiteAdvisor.) -- c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O2 - BHO: SWEETIE - {EEE6C35C-6118-11DC-9C72-001320C79847} . (.SweetIM Technologies Ltd. - SweetIM Toolbar for Internet Explorer.) -- C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O2 - BHO: OfferBox - {FC0D62C2-9640-4AEB-A5D5-CF25DF11FA8C} . (.Secure Digital Services Limited - OfferBox.) -- C:\Program Files\OfferBox\OfferBoxBHO.dll

---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} . (.McAfee, Inc. - SiteAdvisor.) -- c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} . (.Egis Incorporated. - Acer eDataSecurity Management Explorer Tool.) -- C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll
O3 - Toolbar: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} . (.SEIKO EPSON CORPORATION / CyCom Technology - Epson Easy Photo Print (TBL).) -- C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll
O3 - Toolbar: Zynga Toolbar - {7b13ec3e-999a-4b70-b9cb-2617b8323822} . (.Conduit Ltd. - Conduit Toolbar.) -- C:\Program Files\Zynga\tbZyng.dll
O3 - Toolbar: SweetIM Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} . (.SweetIM Technologies Ltd. - SweetIM Toolbar for Internet Explorer.) -- C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} . (.Google Inc. - Google Toolbar.) -- C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

---\\ Applications démarrées par registre & par dossier (O4)
O4 - HKLM\..\Run: [Windows Defender] . (.Microsoft Corporation - Windows Defender User Interface.) -- C:\Program Files\Windows Defender\MSASCui.exe
O4 - HKLM\..\Run: [RtHDVCpl] . (.Realtek Semiconductor - HD Audio Control Panel.) -- C:\Windows\RtHDVCpl.exe
O4 - HKLM\..\Run: [Google Desktop Search] . (.Google - Google Desktop.) -- C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O4 - HKLM\..\Run: [Acer Empowering Technology Monitor] . (.Pas de propriétaire - Pas de description.) -- C:\Program Files\Acer\Empowering Technology\SysMonitor.exe
O4 - HKLM\..\Run: [EmpoweringTechnology] . (.Pas de propriétaire - Acer Empowering Technology Framework Launch.) -- C:\Program Files\Acer\Empowering Technology\Framework.Launcher.exe
O4 - HKLM\..\Run: [eDataSecurity Loader] . (.Egis Incorporated - Acer eDataSecurity Management Loader.) -- C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe
O4 - HKLM\..\Run: [PCMMediaSharing] . (.Pas de propriétaire - Pas de description.) -- C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exe
O4 - HKLM\..\Run: [Setresolution] C:\ACER\config\1440X900.cmd (.not file.)
O4 - HKLM\..\Run: [MontiorGeo] c:\Acer\MonitorGeo.cmd (.not file.)
O4 - HKLM\..\Run: [eRecoveryService] Clé orpheline
O4 - HKLM\..\Run: [Skytel] . (.Realtek Semiconductor Corp. - Realtek Voice Manager.) -- C:\Windows\Skytel.exe
O4 - HKLM\..\Run: [P0620Cfg.exe] P0620Cfg.exe /d:1
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe
O4 - HKLM\..\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
O4 - HKLM\..\Run: [NeroFilterCheck] . (.Nero AG - NeroCheck.) -- C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [SweetIM] . (.SweetIM Technologies Ltd. - SweetIM Instant Messenger Enhancer.) -- C:\Program Files\SweetIM\Messenger\SweetIM.exe
O4 - HKLM\..\Run: [mcui_exe] . (.McAfee, Inc. - McAfee Security Center.) -- C:\Program Files\McAfee.com\Agent\mcagent.exe
O4 - HKCU\..\Run: [ProductReg] . (.Acer - ProductR Application.) -- C:\Program Files\Acer\WR_PopUp\ProductReg.exe
O4 - HKCU\..\Run: [msnmsgr] . (.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe
O4 - HKCU\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [EPSON SX100 Series] . (.SEIKO EPSON CORPORATION - EPSON Status Monitor 3.) -- C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIEDE.exe
O4 - HKCU\..\Run: [ehTray.exe] . (.Microsoft Corporation - Media Center Tray Applet.) -- C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] . (.Nero AG - Nero Home.) -- C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
O4 - HKCU\..\Run: [WMPNSCFG] . (.Microsoft Corporation - Application de configuration du service Par.) -- C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] . (.Safer Networking Limited - System settings protector.) -- C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-20\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
O4 - HKUS\S-1-5-21-2331048494-3691586261-404424970-1000\..\Run: [ProductReg] . (.Acer - ProductR Application.) -- C:\Program Files\Acer\WR_PopUp\ProductReg.exe
O4 - HKUS\S-1-5-21-2331048494-3691586261-404424970-1000\..\Run: [msnmsgr] . (.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe
O4 - HKUS\S-1-5-21-2331048494-3691586261-404424970-1000\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-21-2331048494-3691586261-404424970-1000\..\Run: [EPSON SX100 Series] . (.SEIKO EPSON CORPORATION - EPSON Status Monitor 3.) -- C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIEDE.exe
O4 - HKUS\S-1-5-21-2331048494-3691586261-404424970-1000\..\Run: [ehTray.exe] . (.Microsoft Corporation - Media Center Tray Applet.) -- C:\Windows\ehome\ehTray.exe
O4 - HKUS\S-1-5-21-2331048494-3691586261-404424970-1000\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] . (.Nero AG - Nero Home.) -- C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
O4 - HKUS\S-1-5-21-2331048494-3691586261-404424970-1000\..\Run: [WMPNSCFG] . (.Microsoft Corporation - Application de configuration du service Par.) -- C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-21-2331048494-3691586261-404424970-1000\..\Run: [SpybotSD TeaTimer] . (.Safer Networking Limited - System settings protector.) -- C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - Global Startup: McAfee Security Scan Plus.lnk . (.McAfee, Inc. - McAfee Security Scanner Scheduler.) -- C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe
O4 - Global Startup: Notification de cadeaux MSN.lnk . (.Microsoft Corporation - Notification de cadeaux MSN.) -- C:\Users\anne lise\AppData\Roaming\Microsoft\Notification de cadeaux MSN\lsnfier.exe

---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8)
O8 - Extra context menu item: E&xporter vers Microsoft Excel . (.Microsoft Corporation - Microsoft Office Excel.) -- C:\PROGRA~1\MICROS~2\Office12\EXCEL.exe
O8 - Extra context menu item: Google Sidewiki... . (.Google Inc. - Google Toolbar for Internet Explorer.) -- C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll

---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} . (.Microsoft Corporation - Windows Live Writer Blog This Extension.) -- C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} . (.Microsoft Corporation - Microsoft Office OneNote Internet Explorer Add-in.) -- C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (.Pas de propriétaire - Pas de description.) -- C:\PROGRA~1\MICROS~2\Office12\REFBARH.ICO

---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d'affectation de noms de messagerie.) -- C:\Windows\system32\napinsp.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur d'espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur d'espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\Windows\system32\mswsock.dll
O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll

---\\ Objets ActiveX (Downloaded Program Files)(O16)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} () - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} (Windows Live Hotmail Photo Upload Tool) - http://gfx2.hotmail.com/mail/w4/pr01/photouploadcontrol/VistaMSNPUpldfr-fr.cab

---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{A6FC4066-460B-4373-9E14-78E0326203BE}: DhcpNameServer = 89.2.0.1 89.2.0.2
O17 - HKLM\System\CS1\Services\Tcpip\..\{A6FC4066-460B-4373-9E14-78E0326203BE}: DhcpNameServer = 89.2.0.1 89.2.0.2
O17 - HKLM\System\CS3\Services\Tcpip\..\{A6FC4066-460B-4373-9E14-78E0326203BE}: DhcpNameServer = 89.2.0.1 89.2.0.2
O17 - HKLM\System\CCS\Services\Tcpip\..\{A6FC4066-460B-4373-9E14-78E0326203BE}: DhcpDomain = numericable.fr
O17 - HKLM\System\CS1\Services\Tcpip\..\{A6FC4066-460B-4373-9E14-78E0326203BE}: DhcpDomain = numericable.fr
O17 - HKLM\System\CS3\Services\Tcpip\..\{A6FC4066-460B-4373-9E14-78E0326203BE}: DhcpDomain = numericable.fr
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 89.2.0.1 89.2.0.2

---\\ Protocole additionnel et piratage de protocole (O18)
O18 - Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} . (.McAfee, Inc. - SiteAdvisor.) -- c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O18 - Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} . (.McAfee, Inc. - SiteAdvisor.) -- c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O18 - Handler: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} . (.Pas de propriétaire - Pas de description.) -- C:\Program Files\Windows Live\Mail\mailcomm.dll

---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - AppInit_DLLs: . (.Google - Google Desktop.) - C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.dll

---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} . (.Microsoft Corporation - Contrôleur de site Web.) -- C:\Windows\System32\webcheck.dll

---\\ Clé de Registre autorun SharedTaskScheduler (STS) (O22)
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\Windows\system32\browseui.dll

---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: Acer HomeMedia Connect Service (Acer HomeMedia Connect Service) . (.CyberLink - CLMSServer.) - C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe
O23 - Service: eDataSecurity Service (eDataSecurity Service) . (.Egis Incorporated - Acer eDataSecurity Management Service.) - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
O23 - Service: Empowering Technology Service (ETService) . (.Pas de propriétaire - Acer Empowering Technology Framework Servic.) - C:\Program Files\Acer\Empowering Technology\Service\ETService.exe
O23 - Service: ForceWare Intelligent Application Manager (IAM) (ForceWare Intelligent Application Manager (IAM)) . (.Pas de propriétaire - app_filter Module.) - C:\Program Files\bin32\nSvcAppFlt.exe
O23 - Service: Service Google Update (gupdate) (gupdate) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: McAfee SiteAdvisor Service (McAfee SiteAdvisor Service) . (.McAfee, Inc. - SiteAdvisor.) - C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
O23 - Service: Service McAfee Personal Firewall (McMPFSvc) . (.McAfee, Inc. - McAfee Service Host.) - C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
O23 - Service: McAfee Services (mcmscsvc) . (.McAfee, Inc. - McAfee Service Host.) - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
O23 - Service: McAfee VirusScan Announcer (McNaiAnn) . (.McAfee, Inc. - McAfee Service Host.) - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
O23 - Service: McAfee Network Agent (McNASvc) . (.McAfee, Inc. - McAfee Service Host.) - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
O23 - Service: McAfee Proxy Service (McProxy) . (.McAfee, Inc. - McAfee Service Host.) - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
O23 - Service: McShield (McShield) . (.McAfee, Inc. - McAfee On-Access Scanner service.) - C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
O23 - Service: McAfee Firewall Core Service (mfefire) . (.McAfee, Inc. - McAfee Core Firewall Service.) - C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
O23 - Service: McAfee Validation Trust Protection Service (mfevtp) . (.McAfee, Inc. - McAfee Process Validation Service.) - C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe
O23 - Service: McAfee Anti-Spam Service (MSK80Service) . (.McAfee, Inc. - McAfee Service Host.) - C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
O23 - Service: ForceWare IP service (nSvcIp) . (.Pas de propriétaire - NVIDIA Corporation.) - C:\Program Files\bin32\nSvcIp.exe
O23 - Service: NTI Backup Now 5 Scheduler Service (NTISchedulerSvc) . (.NewTech Infosystems, Inc. - NTI Backup Now 5 SchedulerSvc NT Service.) - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) . (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 196.2.) - C:\Windows\system32\nvvsvc.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) . (.Pas de propriétaire - RichVideo Module.) - C:\Program Files\CyberLink\Shared Files\RichVideo.exe

---\\ Enumération Active Desktop & MHTML Editor (O24)
O24 - Default MHTML Editor: Last - .(.Microsoft Corporation - Microsoft Office Word.) - C:\Program Files\Microsoft Office\Office12\WINWORD.exe

---\\ Tâches planifiées en automatique (O39)
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\User_Feed_Synchronization-{3971B895-E2D2-4FA0-931B-DA00D5270BBE}.job

---\\ Composants installés (ActiveSetup Installed Components) (O40)
O40 - ASIC: Adobe Flash Player - {D27CDB6E-AE6D-11CF-96B8-444553540000} . (.Adobe Systems, Inc. - Adobe Flash Player 10.0 r45.) -- C:\Windows\system32\Macromed\Flash\Flash10e.ocx

---\\ Pilotes lancés au démarrage (O41)
O41 - Driver: McAfee NDIS Light Filter (mfenlfk) . (.McAfee, Inc. - McAfee NDIS Light Filter Driver.) - C:\Windows\system32\DRIVERS\mfenlfk.sys
O41 - Driver: McAfee Inc. mfewfpk (mfewfpk) . (.McAfee, Inc. - Anti-Virus Mini-Firewall Driver.) - C:\Windows\system32\drivers\mfewfpk.sys

---\\ Logiciels installés (O42)
O42 - Logiciel: ABBYY FineReader 6.0 Sprint - (.ABBYY Software House.) [HKLM] -- {ACF60000-22B9-4CE9-98D6-2CCF359BAC07}
O42 - Logiciel: AV Input Selection - (.YUAN.) [HKLM] -- {F429ED71-4A8B-457A-85E4-F6398CE73E58}
O42 - Logiciel: Acer Arcade Live Main Page - (.Acer Inc..) [HKLM] -- {EFBDC2B0-FAA8-4B78-8DE1-AEBE7958FA37}
O42 - Logiciel: Acer DV Magician - (.Acer Inc..) [HKLM] -- {F6EFFB76-4A07-11DA-9D78-000129760D75}
O42 - Logiciel: Acer DVDivine - (.Acer Inc..) [HKLM] -- {B145EC69-66F5-11D8-9D75-000129760D75}
O42 - Logiciel: Acer Empowering Technology - (.Acer Incorporated.) [HKLM] -- {8F1B6239-FEA0-450A-A950-B05276CE177C}
O42 - Logiciel: Acer HomeMedia - (.Acer Inc..) [HKLM] -- {AA4BF92B-2AAF-11DA-9D78-000129760D75}
O42 - Logiciel: Acer HomeMedia Connect - (.Acer Inc..) [HKLM] -- {132888AE-EF67-41C5-BCA2-7D5D2488AB63}
O42 - Logiciel: Acer HomeMedia Trial Creator - (.Acer Inc..) [HKLM] -- {B580C409-E16F-44FF-904D-3AE94E113BE0}
O42 - Logiciel: Acer Product Registration - (.Acer Incorporated.) [HKLM] -- {DA20E1A8-07CB-4EE7-9B72-A7E28C953F0E}
O42 - Logiciel: Acer ScreenSaver - (.Acer Incorporated.) [HKLM] -- {79DD56FC-DB8B-47F5-9C80-78B62E05F9BC}
O42 - Logiciel: Acer SlideShow DVD - (.Acer Inc..) [HKLM] -- {41581EF5-45A7-11DA-9D78-000129760D75}
O42 - Logiciel: Acer VideoMagician - (.Acer Inc..) [HKLM] -- {F79A208D-D929-11D9-9D77-000129760D75}
O42 - Logiciel: Acer eDataSecurity Management - (.Egis Inc..) [HKLM] -- {A5633652-3795-4829-BB0B-644F0279E279}
O42 - Logiciel: Acer eRecovery Management - (.Acer Incorporated.) [HKLM] -- {7F811A54-5A09-4579-90E1-C93498E230D9}
O42 - Logiciel: Adobe Flash Player 10 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX
O42 - Logiciel: Adobe Reader 9.3.4 - Français - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-1036-7B44-A93000000001}
O42 - Logiciel: Adobe Shockwave Player 11.5 - (.Adobe Systems, Inc..) [HKLM] -- Adobe Shockwave Player
O42 - Logiciel: Alice Greenfingers - (.Oberon Media.) [HKLM] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112920767}
O42 - Logiciel: Alien Shooter - (.Oberon Media.) [HKLM] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110082360}
O42 - Logiciel: Assistant de connexion Windows Live ID - (.Microsoft Corporation.) [HKLM] -- {10A44844-4465-456E-8C97-80BDD4F68845}
O42 - Logiciel: Beetle Junior - (.Oberon Media.) [HKLM] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110052107}
O42 - Logiciel: C:\Program Files\Acer GameZone\GameConsole - (.Oberon Media, Inc..) [HKLM] -- {71C2828F-2678-4675-BDEC-895424861262}_is1
O42 - Logiciel: Chicken Invaders 2 - (.Oberon Media.) [HKLM] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110209593}
O42 - Logiciel: Creative WebCam Instant Driver (1.01.02.0729) - (.Pas de propriétaire.) [HKLM] -- Creative PD0620
O42 - Logiciel: Dream Day First Home - (.Oberon Media.) [HKLM] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113832110}
O42 - Logiciel: Désinstaller l"imprimante EPSON SX100 Series - (.SEIKO EPSON Corporation.) [HKLM] -- EPSON SX100 Series
O42 - Logiciel: EPSON Scan - (.Pas de propriétaire.) [HKLM] -- EPSON Scanner
O42 - Logiciel: EPSON Stylus SX100_TX100 Manuel - (.Pas de propriétaire.) [HKLM] -- EPSON Stylus SX100_TX100 Guide d'utilisation
O42 - Logiciel: Epson Easy Photo Print 2 - (.SEIKO EPSON CORPORATION.) [HKLM] -- {DEDB47A3-C988-4A43-A645-E2CEA571E680}
O42 - Logiciel: Galapago - (.Oberon Media.) [HKLM] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111307457}
O42 - Logiciel: Galerie de photos Windows Live - (.Microsoft Corporation.) [HKLM] -- {B131E59D-202C-43C6-84C9-68F0C37541F1}
O42 - Logiciel: Go-Go Gourmet - (.Oberon Media.) [HKLM] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-114072167}
O42 - Logiciel: Google Desktop - (.Google.) [HKLM] -- Google Desktop
O42 - Logiciel: Google Toolbar for Internet Explorer - (.Google Inc..) [HKLM] -- {18455581-E099-4BA8-BC6B-F34B2F06600C}
O42 - Logiciel: Google Toolbar for Internet Explorer - (.Google Inc..) [HKLM] -- {2318C2B1-4965-11d4-9B18-009027A5CD4F}
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
O42 - Logiciel: Heroes of Hellas - (.Oberon Media.) [HKLM] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113786380}
O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB953595
O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB958484
O42 - Logiciel: Installation Windows Live - (.Microsoft Corporation.) [HKLM] -- WinLiveSuite_Wave3
O42 - Logiciel: Installation Windows Live - (.Microsoft Corporation.) [HKLM] -- {46ABBC54-1872-4AA3-95E2-F2C063A63F31}
O42 - Logiciel: Junk Mail filter update - (.Microsoft Corporation.) [HKLM] -- {E2DFE069-083E-4631-9B6C-43C48E991DE5}
O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM] -- {22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
O42 - Logiciel: MSXML 4.0 SP2 (KB954430) - (.Microsoft Corporation.) [HKLM] -- {86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
O42 - Logiciel: MSXML 4.0 SP2 (KB973688) - (.Microsoft Corporation.) [HKLM] -- {F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
O42 - Logiciel: Magic Farm - (.Oberon Media.) [HKLM] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-114717227}
O42 - Logiciel: Magic Match Adventures - (.Oberon Media.) [HKLM] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11408540}
O42 - Logiciel: McAfee Internet Security Suite - (.McAfee, Inc..) [HKLM] -- MSC
O42 - Logiciel: McAfee Security Scan Plus - (.McAfee, Inc..) [HKLM] -- McAfee Security Scan
O42 - Logiciel: Microsoft .NET Framework 3.5 Language Pack SP1 - fra - (.Microsoft Corporation.) [HKLM] -- {3E31821C-7917-367E-938E-E65FC413EA31}
O42 - Logiciel: Microsoft .NET Framework 3.5 SP1 - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 3.5 SP1
O42 - Logiciel: Microsoft .NET Framework 3.5 SP1 - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
O42 - Logiciel: Microsoft Choice Guard - (.Microsoft Corporation.) [HKLM] -- {F0E12BBA-AD66-4022-A453-A1C8A0C4D570}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0016-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0018-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001B-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-006E-040C-0000-0000000FF1CE}_HOMESTUDENTR_{B165D3C2-40AE-4D39-86F7-E5C87C4264C0}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-00A1-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}
O42 - Logiciel: Microsoft Office Excel MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0016-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Home and Student 2007 - (.Microsoft Corporation.) [HKLM] -- HOMESTUDENTR
O42 - Logiciel: Microsoft Office Home and Student 2007 - (.Microsoft Corporation.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Live Add-in 1.4 - (.Microsoft Corporation.) [HKLM] -- {AE3CF174-872C-46C6-B9F6-C0593F3BC7B8}
O42 - Logiciel: Microsoft Office OneNote MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-00A1-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office PowerPoint MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0018-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (Arabic) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0401-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (Dutch) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0413-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (English) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0409-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (German) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0407-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (Spanish) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0C0A-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proofing (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-002C-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0401-0000-0000000FF1CE}_HOMESTUDENTR_{14809F99-C601-4D4A-9391-F1E8FAA964C5}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A0516415-ED61-419A-981D-93596DA74165}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0413-0000-0000000FF1CE}_HOMESTUDENTR_{D66D5A44-E480-4BA4-B4F2-C554F6B30EBB}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}
O42 - Logiciel: Microsoft Office Shared MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-006E-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Suite Activation Assistant - (.Microsoft Corporation.) [HKLM] -- {E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}
O42 - Logiciel: Microsoft Office Word MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001B-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft SQL Server 2005 Compact Edition [ENU] - (.Microsoft Corporation.) [HKLM] -- {F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
O42 - Logiciel: Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 - (.Microsoft Corporation.) [HKLM] -- {770657D0-A123-3C07-8E44-1C83EC895118}
O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable - (.Microsoft Corporation.) [HKLM] -- {837b34e3-7c30-493c-8f6a-2b0f04e2912c}
O42 - Logiciel: Microsoft Works - (.Microsoft Corporation.) [HKLM] -- {6B1CB38D-E2E4-4a30-933D-EFDEBA76AD9C}
O42 - Logiciel: Module linguistique Microsoft .NET Framework 3.5 SP1- fra - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 3.5 Language Pack SP1 - fra
O42 - Logiciel: Mystery Solitaire - Secret Island - (.Oberon Media.) [HKLM] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111796363}
O42 - Logiciel: NTI Backup Now 5 - (.NewTech Infosystems.) [HKLM] -- InstallShield_{12EFA1A4-AC3B-443C-8143-237EDE760403}
O42 - Logiciel: NTI Media Maker 8 - (.NewTech Infosystems.) [HKLM] -- InstallShield_{2413930C-8309-47A6-BC61-5EF27A4222BC}
O42 - Logiciel: NVIDIA Display Control Panel - (.NVIDIA Corporation.) [HKLM] -- NVIDIA Display Control Panel
O42 - Logiciel: NVIDIA Drivers - (.NVIDIA Corporation.) [HKLM] -- NVIDIA Drivers
O42 - Logiciel: NVIDIA ForceWare Network Access Manager - (.NVIDIA Corporation.) [HKLM] -- InstallShield_{7CFA46E3-CC2F-4355-82AE-6012DC3633FD}
O42 - Logiciel: NVIDIA ForceWare Network Access Manager - (.NVIDIA Corporation.) [HKLM] -- {7CFA46E3-CC2F-4355-82AE-6012DC3633FD}
O42 - Logiciel: Nero 7 Ultra Edition - (.Nero AG.) [HKLM] -- {22FB6750-ADDF-4726-B67F-6901E1991036}
O42 - Logiciel: Notification de cadeaux MSN - (.Microsoft.) [HKCU] -- Notification de cadeaux MSN
O42 - Logiciel: OfferBox - (.Secure Digital Services.) [HKLM] -- {2C8574B5-6935-4FCE-860E-F4E8602378FF}
O42 - Logiciel: Outil de téléchargement Windows Live - (.Microsoft Corporation.) [HKLM] -- {205C6BDD-7B73-42DE-8505-9A093F35A238}
O42 - Logiciel: PVSonyDll - (.NVIDIA Corporation.) [HKLM] -- {3D3E663D-4E7E-4577-A560-7ECDDD45548A}
O42 - Logiciel: PhotoFiltre - (.Pas de propriétaire.) [HKCU] -- PhotoFiltre
O42 - Logiciel: PlayReady PC runtime - (.Microsoft Corporation.) [HKLM] -- {B0E5D7E7-A106-458F-BA7B-2F8CAEA3BF16}
O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2277947) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{5857EE21-03D0-482E-9620-5A30B314A2AE}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB969559) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{69F52148-9BF6-4CDC-BF76-103DEAF3DD08}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB976321) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{7F207DCA-3399-40CB-A968-6E5991B1421A}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB982312) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{B0EC5722-241F-4CDA-83B4-AA5846B6F9F4}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB982331) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{E8766951-2B6C-4022-86E8-80D2D1762B76}
O42 - Logiciel: Security Update for Microsoft Office Excel 2007 (KB982308) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C3F9A0DC-A5D1-4BB6-870E-2953E5A2487B}
O42 - Logiciel: Security Update for Microsoft Office InfoPath 2007 (KB979441) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{8CCB781A-CF6B-4FCB-B6D8-59C64DF5C6DB}
O42 - Logiciel: Security Update for Microsoft Office PowerPoint 2007 (KB982158) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{F5B70033-E79C-4569-90BF-BC9B4E4F3F46}
O42 - Logiciel: Security Update for Microsoft Office Visio Viewer 2007 (KB973709) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{71127777-8B2C-4F97-AF7A-6CF8CAC8224D}
O42 - Logiciel: Security Update for Microsoft Office Word 2007 (KB2251419) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{7E9103DA-253F-41FF-9E83-7C83806C77DA}
O42 - Logiciel: Security Update for Microsoft Office system 2007 (972581) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}
O42 - Logiciel: Security Update for Microsoft Office system 2007 (KB974234) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{FCD742B9-7A55-44BC-A776-F795F21FEDDC}
O42 - Logiciel: Spelling Dictionaries Support For Adobe Reader 9 - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-5464-3428-900000000004}
O42 - Logiciel: SweetIM Toolbar for Internet Explorer 3.9 - (.SweetIM Technologies Ltd..) [HKLM] -- {1CD4D45E-4851-496D-840F-2C2E752ECFB7}
O42 - Logiciel: SweetIM for Messenger 3.1 - (.SweetIM Technologies Ltd..) [HKLM] -- {DA95E878-B181-4366-A433-6145592707A8}
O42 - Logiciel: Update for 2007 Microsoft Office System (KB967642) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}
O42 - Logiciel: Update for Microsoft .NET Framework 3.5 SP1 (KB963707) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707
O42 - Logiciel: Update for Microsoft Office OneNote 2007 (KB980729) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{329050A9-EF80-40F9-B633-74508F54C1FF}
O42 - Logiciel: VirginMega.Fr Premium - (.VirginMega.Fr.) [HKLM] -- {D416E000-D999-470A-BCAC-98E717CC1AFC}
O42 - Logiciel: Windows Live Call - (.Microsoft Corporation.) [HKLM] -- {82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}
O42 - Logiciel: Windows Live Communications Platform - (.Microsoft Corporation.) [HKLM] -- {ED00D08A-3C5F-488D-93A0-A04F21F23956}
O42 - Logiciel: Windows Live Contrôle parental - (.Microsoft Corporation.) [HKLM] -- {D5D81435-B8DE-4CAF-867F-7998F2B92CFC}
O42 - Logiciel: Windows Live FolderShare - (.Microsoft Corporation.) [HKLM] -- {2075CB0A-D26F-4DAA-B424-5079296B43BA}
O42 - Logiciel: Windows Live Mail - (.Microsoft Corporation.) [HKLM] -- {5DD76286-9BE7-4894-A990-E905E91AC818}
O42 - Logiciel: Windows Live Messenger - (.Microsoft Corporation.) [HKLM] -- {770F1BEC-2871-4E70-B837-FB8525FFA3B1}
O42 - Logiciel: Windows Live Writer - (.Microsoft Corporation.) [HKLM] -- {4634B21A-CC07-4396-890C-2B8168661FEA}
O42 - Logiciel: Zynga Toolbar - (.Pas de propriétaire.) [HKLM] -- Zynga Toolbar
O42 - Logiciel: eMule - (.Pas de propriétaire.) [HKLM] -- eMule
O42 - Logiciel: eSobi v2 - (.esobi Inc..) [HKLM] -- InstallShield_{15D967B5-A4BE-42AE-9E84-64CD062B25AA}
O42 - Logiciel: neroxml - (.Nero AG.) [HKLM] -- {56C049BE-79E9-4502-BEA7-9754A3E60F9B}
O42 - Logiciel: viCompte - (.Pas de propriétaire.) [HKCU] -- VICOMPTE
O42 - Logiciel: viCompte - (.Pas de propriétaire.) [HKCU] -- VICOMTEviCompte32

---\\ HKCU & HKLM Software Keys
[HKCU\Software\ABBYY]
[HKCU\Software\Acer]
[HKCU\Software\Adobe]
[HKCU\Software\Ahead]
[HKCU\Software\AppDataLow\Aurigma]
[HKCU\Software\AppDataLow\Software\Adobe]
[HKCU\Software\AppDataLow\Software\Conduit]
[HKCU\Software\AppDataLow\Software\Google]
[HKCU\Software\AppDataLow\Software\Macromedia]
[HKCU\Software\AppDataLow\Software\Microsoft]
[HKCU\Software\AppDataLow\Software\Monitored]
[HKCU\Software\AppDataLow\Software\Zynga]
[HKCU\Software\AppDataLow\Software\settings]
[HKCU\Software\AppDataLow\Software]
[HKCU\Software\AppDataLow\Toolbar]
[HKCU\Software\AppDataLow]
[HKCU\Software\Classes]
[HKCU\Software\CyberLink]
[HKCU\Software\EPSON]
[HKCU\Software\Google]
[HKCU\Software\HookNetwork]
[HKCU\Software\IM Providers]
[HKCU\Software\Local AppWizard-Generated Applications]
[HKCU\Software\Macromedia]
[HKCU\Software\McAfee]
[HKCU\Software\NVIDIA Corporation]
[HKCU\Software\Nero]
[HKCU\Software\Netscape]
[HKCU\Software\NewTech Infosystems]
[HKCU\Software\Northcode Inc]
[HKCU\Software\ODBC]
[HKCU\Software\OXXOgames]
[HKCU\Software\Oberon Media]
[HKCU\Software\OfferBox]
[HKCU\Software\PC SOFT]
[HKCU\Software\Policies]
[HKCU\Software\Realtek]
[HKCU\Software\SEIKO EPSON]
[HKCU\Software\Safer Networking Limited]
[HKCU\Software\Spointer]
[HKCU\Software\SweetIM]
[HKCU\Software\Usbfix]
[HKCU\Software\VirginMega]
[HKCU\Software\Windows Live Writer]
[HKCU\Software\eMule]
[HKCU\Software\eSobi]
[HKLM\Software\ABBYY]
[HKLM\Software\Acer Incorporated]
[HKLM\Software\Acer]
[HKLM\Software\Adobe]
[HKLM\Software\Ahead]
[HKLM\Software\America Online]
[HKLM\Software\AppDataLow]
[HKLM\Software\Audible]
[HKLM\Software\BrowserChoice]
[HKLM\Software\Classes]
[HKLM\Software\Clients]
[HKLM\Software\Conduit]
[HKLM\Software\Creative Tech]
[HKLM\Software\CyberLink]
[HKLM\Software\Digital River]
[HKLM\Software\EPSON]
[HKLM\Software\Google]
[HKLM\Software\Hauppauge]
[HKLM\Software\Intel]
[HKLM\Software\Khronos]
[HKLM\Software\Licenses]
[HKLM\Software\Macromedia]
[HKLM\Software\McAfee.com]
[HKLM\Software\McAfee]
[HKLM\Software\MozillaPlugins]
[HKLM\Software\Mozilla]
[HKLM\Software\NVIDIA Corporation]
[HKLM\Software\Nero]
[HKLM\Software\NewTech Infosystems]
[HKLM\Software\ODBC]
[HKLM\Software\Oberon Media]
[HKLM\Software\OemSetup]
[HKLM\Software\OfferBox]
[HKLM\Software\Piriform]
[HKLM\Software\Policies]
[HKLM\Software\Realtek Semiconductor Corp.]
[HKLM\Software\Realtek]
[HKLM\Software\RegisteredApplications]
[HKLM\Software\SRS Labs]
[HKLM\Software\Safer Networking Limited]
[HKLM\Software\SimDebug]
[HKLM\Software\SiteAdvisor]
[HKLM\Software\Sonic]
[HKLM\Software\SweetIM]
[HKLM\Software\Symantec]
[HKLM\Software\TrendMicro]
[HKLM\Software\VirginMega]
[HKLM\Software\WOW6432Node]
[HKLM\Software\Waves Audio]
[HKLM\Software\Zynga]
[HKLM\Software\mcafeeupdater]

---\\ Contenu des dossiers ProgramFiles/ProgramData (O43)
O43 - CFD:Common File Directory ----D- C:\Program Files\ABBYY FineReader 6.0 Sprint
O43 - CFD:Common File Directory ----D- C:\Program Files\Acer
O43 - CFD:Common File Directory ----D- C:\Program Files\Acer Arcade Live
O43 - CFD:Common File Directory ----D- C:\Program Files\Acer GameZone
O43 - CFD:Common File Directory ----D- C:\Program Files\Acer Incorporated
O43 - CFD:Common File Directory ----D- C:\Program Files\Adobe
O43 - CFD:Common File Directory ----D- C:\Program Files\bin32
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files
O43 - CFD:Common File Directory ----D- C:\Program Files\Conduit
O43 - CFD:Common File Directory ----D- C:\Program Files\CyberLink
O43 - CFD:Common File Directory ----D- C:\Program Files\eMule
O43 - CFD:Common File Directory ----D- C:\Program Files\epson
O43 - CFD:Common File Directory ----D- C:\Program Files\Epson Software
O43 - CFD:Common File Directory ----D- C:\Program Files\eSobi
O43 - CFD:Common File Directory -SH-D- C:\Program Files\Fichiers communs
O43 - CFD:Common File Directory ----D- C:\Program Files\Fluendo
O43 - CFD:Common File Directory ----D- C:\Program Files\Google
O43 - CFD:Common File Directory --H-D- C:\Program Files\InstallShield Installation Information
O43 - CFD:Common File Directory ----D- C:\Program Files\Internet Explorer
O43 - CFD:Common File Directory ----D- C:\Program Files\log
O43 - CFD:Common File Directory ----D- C:\Program Files\McAfee
O43 - CFD:Common File Directory ----D- C:\Program Files\McAfee Security Scan
O43 - CFD:Common File Directory ----D- C:\Program Files\McAfee.com
O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft
O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft Games
O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft Office
O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft Office Suite Activation Assistant
O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft Silverlight
O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft SQL Server Compact Edition
O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft Works
O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft.NET
O43 - CFD:Common File Directory ----D- C:\Program Files\Movie Maker
O43 - CFD:Common File Directory ----D- C:\Program Files\MSBuild
O43 - CFD:Common File Directory ----D- C:\Program Files\MSXML 4.0
O43 - CFD:Common File Directory ----D- C:\Program Files\Nero
O43 - CFD:Common File Directory ----D- C:\Program Files\NewTech Infosystems
O43 - CFD:Common File Directory ----D- C:\Program Files\NVIDIA Corporation
O43 - CFD:Common File Directory ----D- C:\Program Files\OfferBox
O43 - CFD:Common File Directory ----D- C:\Program Files\PhotoFiltre
O43 - CFD:Common File Directory ----D- C:\Program Files\PlayReady
O43 - CFD:Common File Directory ----D- C:\Program Files\profile
O43 - CFD:Common File Directory ----D- C:\Program Files\Realtek
O43 - CFD:Common File Directory ----D- C:\Program Files\Reference Assemblies
O43 - CFD:Common File Directory ----D- C:\Program Files\Spybot - Search & Destroy
O43 - CFD:Common File Directory ----D- C:\Program Files\SweetIM
O43 - CFD:Common File Directory ----D- C:\Program Files\trend micro
O43 - CFD:Common File Directory --H-D- C:\Program Files\Uninstall Information
O43 - CFD:Common File Directory ----D- C:\Program Files\VirginMega
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Calendar
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Collaboration
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Defender
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Journal
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Live
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Live SkyDrive
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Mail
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Media Player
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows NT
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Photo Gallery
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Portable Devices
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Sidebar
O43 - CFD:Common File Directory ----D- C:\Program Files\YUAN
O43 - CFD:Common File Directory ----D- C:\Program Files\ZHPDiag
O43 - CFD:Common File Directory ----D- C:\Program Files\Zynga
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Adobe
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Ahead
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\DESIGNER
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\InstallShield
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\McAfee
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\microsoft shared
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Nero
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Oberon Media
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\PC Tools
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Services
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\SpeechEngines
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\System
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Windows Live
O43 - CFD:Common File Directory ----D- C:\ProgramData\Acer GameZone Console
O43 - CFD:Common File Directory ----D- C:\ProgramData\Adobe
O43 - CFD:Common File Directory ----D- C:\ProgramData\Ahead
O43 - CFD:Common File Directory -SH-D- C:\ProgramData\Application Data
O43 - CFD:Common File Directory ----D- C:\ProgramData\Arcade Lab
O43 - CFD:Common File Directory -SH-D- C:\ProgramData\Bureau
O43 - CFD:Common File Directory ----D- C:\ProgramData\CyberLink
O43 - CFD:Common File Directory -SH-D- C:\ProgramData\Desktop
O43 - CFD:Common File Directory -SH-D- C:\ProgramData\Documents
O43 - CFD:Common File Directory ----D- C:\ProgramData\Downloaded Installations
O43 - CFD:Common File Directory ----D- C:\ProgramData\eMule
O43 - CFD:Common File Directory ----D- C:\ProgramData\EPSON
O43 - CFD:Common File Directory ----D- C:\ProgramData\eSobi
O43 - CFD:Common File Directory -SH-D- C:\ProgramData\Favoris
O43 - CFD:Common File Directory -SH-D- C:\ProgramData\Favorites
O43 - CFD:Common File Directory ----D- C:\ProgramData\Friends Games
O43 - CFD:Common File Directory ----D- C:\ProgramData\Google
O43 - CFD:Common File Directory ----D- C:\ProgramData\McAfee
O43 - CFD:Common File Directory ----D- C:\ProgramData\McAfee Security Scan
O43 - CFD:Common File Directory -SH-D- C:\ProgramData\Menu Démarrer
O43 - CFD:Common File Directory -S--D- C:\ProgramData\Microsoft
O43 - CFD:Common File Directory ----D- C:\ProgramData\Microsoft Help
O43 - CFD:Common File Directory -SH-D- C:\ProgramData\Modèles
O43 - CFD:Common File Directory ----D- C:\ProgramData\Nero
O43 - CFD:Common File Directory ----D- C:\ProgramData\Norton
O43 - CFD:Common File Directory ----D- C:\ProgramData\NortonInstaller
O43 - CFD:Common File Directory ----D- C:\ProgramData\NVIDIA
O43 - CFD:Common File Directory ----D- C:\ProgramData\SiteAdvisor
O43 - CFD:Common File Directory ----D- C:\ProgramData\Spybot - Search & Destroy
O43 - CFD:Common File Directory -SH-D- C:\ProgramData\Start Menu
O43 - CFD:Common File Directory ----D- C:\ProgramData\SweetIM
O43 - CFD:Common File Directory ----D- C:\ProgramData\Symantec
O43 - CFD:Common File Directory ---AD- C:\ProgramData\TEMP
O43 - CFD:Common File Directory -SH-D- C:\ProgramData\Templates
O43 - CFD:Common File Directory ----D- C:\ProgramData\UDL
O43 - CFD:Common File Directory ----D- C:\ProgramData\WindowsSearch
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Adobe
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Ahead
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\DESIGNER
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\InstallShield
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\McAfee
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\microsoft shared
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Nero
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Oberon Media
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\PC Tools
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Services
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\SpeechEngines
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\System
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Windows Live

---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.187FF7EA545FFB50A86A5A59ADBD800F] - 11/09/2010 - 08:23:02 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\UsbFix.txt [2780]
O44 - LFC:[MD5.26AAC193BC50ED9D6E3C7D4821E4231F] - 11/09/2010 - 08:22:47 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\UsbFix_Upload_Me_PC-DE-ANNELISE.zip [2676]
O44 - LFC:[MD5.00000000000000000000000000000000] - 11/09/2010 - 08:20:23 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\LogConfigTemp.xml [0]
O44 - LFC:[MD5.4AE18CEF7F93BB62D8ACF7B7470C95F4] - 11/09/2010 - 08:18:02 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\PerfStringBackup.INI [1470810]
O44 - LFC:[MD5.CE8BAF9968A8537BDE3E0CE071696D0E] - 11/09/2010 - 08:18:02 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\perfc009.dat [101052]
O44 - LFC:[MD5.6897916B32097626186024074827D43F] - 11/09/2010 - 08:18:02 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\perfc00C.dat [123350]
O44 - LFC:[MD5.711795D74A420D86A433BFDECC539BC0] - 11/09/2010 - 08:18:02 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\perfh009.dat [586980]
O44 - LFC:[MD5.078F0F30A1148D21050BDB3EF2DA3A99] - 11/09/2010 - 08:18:02 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\perfh00C.dat [669328]
O44 - LFC:[MD5.00000000000000000000000000000000] - 11/09/2010 - 08:16:09 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\WindowsUpdate.log [1574384]
O44 - LFC:[MD5.226627B2DE05C904706AE3A762193842] - 11/09/2010 - 08:12:17 -S-A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\bootstat.dat [67584]
O44 - LFC:[MD5.F5EC36F22A4391A04DF4146346BD9AE5] - 11/09/2010 - 08:12:14 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\PFRO.log [2585316]
O44 - LFC:[MD5.60E72B0A71970CABC0A33D8975A94B07] - 10/09/2010 - 18:45:32 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\MEMORY.DMP [367242980]
O44 - LFC:[MD5.4CE91CEDF6EC0F5FDFF2B6E2DB4E520A] - 05/09/2010 - 09:34:42 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\NeroDigital.ini [69]
O44 - LFC:[MD5.EEBB0FA277FF042F70E581A2E4C494F9] - 27/08/2010 - 21:30:50 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\PhotoSnapViewer.INI [151]
O44 - LFC:[MD5.403F171BE080DF2B7A3865F014F4D0CA] - 19/08/2010 - 20:56:15 ---A- . (.McAfee, Inc. - McAfee Driver Cleaning Driver.) -- C:\Windows\System32\drivers\mfeclnk.sys [9344]
O44 - LFC:[MD5.53ED75F57E87831D3651FF32CB3D5648] - 19/08/2010 - 20:55:53 ---A- . (.McAfee, Inc. - Anti-Virus Mini-Firewall Driver.) -- C:\Windows\System32\drivers\mfewfpk.sys [160720]
O44 - LFC:[MD5.E411594AC94BAEF7F8EA991CC8F47FD1] - 19/08/2010 - 20:55:53 ---A- . (.McAfee, Inc. - McAfee Code Analysis Driver.) -- C:\Windows\System32\drivers\mferkdet.sys [83496]
O44 - LFC:[MD5.738EA065C00112C46A64ECF7F6D81902] - 19/08/2010 - 20:55:53 ---A- . (.McAfee, Inc. - McAfee NDIS Light Filter Driver.) -- C:\Windows\System32\drivers\mfenlfk.sys [64304]
O44 - LFC:[MD5.B77E959E1C50D3E3A9D9EF423BE62E09] - 19/08/2010 - 20:55:52 ---A- . (.McAfee, Inc. - Access Protection Filter Driver.) -- C:\Windows\System32\drivers\mfeapfk.sys [95568]
O44 - LFC:[MD5.E84596FCB591117F5597498A5F82AD97] - 19/08/2010 - 20:55:52 ---A- . (.McAfee, Inc. - Anti-Virus File System Filter Driver.) -- C:\Windows\System32\drivers\mfeavfk.sys [152320]
O44 - LFC:[MD5.D40CE01E2D3FE0C079CD2D6B3E4B823B] - 19/08/2010 - 20:55:52 ---A- . (.McAfee, Inc. - Buffer Overflow Protection Driver.) -- C:\Windows\System32\drivers\mfebopk.sys [51688]
O44 - LFC:[MD5.3962C6A9E35C4319DCDAB0497614FD69] - 19/08/2010 - 20:55:52 ---A- . (.McAfee, Inc. - McAfee Core Firewall Engine Driver.) -- C:\Windows\System32\drivers\mfefirek.sys [312616]
O44 - LFC:[MD5.E7ECF7872BF8F2897AE5A696D908C2F7] - 19/08/2010 - 20:55:52 ---A- . (.McAfee, Inc. - McAfee Link Driver.) -- C:\Windows\System32\drivers\mfehidk.sys [385880]
O44 - LFC:[MD5.44E4A7DDED054DD55AE995C3AED719AE] - 19/08/2010 - 20:55:52 ---A- . (.McAfee, Inc. - McAfee Personal Firewall IDS Plugin.) -- C:\Windows\System32\drivers\cfwids.sys [55456]
O44 - LFC:[MD5.0F09FECFC18B10BFC3E056156C824BB9] - 13/08/2010 - 02:26:36 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\FNTCACHE.DAT [295896]

---\\ Export de clé d'application autorisée (ECAA) (O47)
O47 - AAKE:Key Export SP - "C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSfsu.exe" [Enabled] .(.Egis Incorporated. - eDataSecurity Management.) -- C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSfsu.exe
O47 - AAKE:Key Export SP - "C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\encryption.exe" [Enabled] .(. Egis Incorporated. - .) -- C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\encryption.exe
O47 - AAKE:Key Export SP - "C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\decryption.exe" [Enabled] .(. Egis Incorporated. - .) -- C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\decryption.exe
O47 - AAKE:Key Export SP - "C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSMgr.exe" [Enabled] .(.Pas de propriétaire - Pas de description.) (.not file.) -- C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSMgr.exe
O47 - AAKE:Key Export SP - "C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStbmngr.exe" [Enabled] .(.Egis Incorporated. - .) (.not file.) -- C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStbmngr.exe
O47 - AAKE:Key Export SP - "C:\Program Files\Acer\Empowering Technology\eDataSecurity\x64\eDSfsu.exe" [Enabled] .(.Egis Incorporated. - .) (.not file.) -- C:\Program Files\Acer\Empowering Technology\eDataSecurity\x64\eDSfsu.exe
O47 - AAKE:Key Export SP - "C:\Program Files\Acer\Empowering Technology\eDataSecurity\x64\encryption.exe" [Enabled] .(.Pas de propriétaire - .) (.not file.) -- C:\Program Files\Acer\Empowering Technology\eDataSecurity\x64\encryption.exe
O47 - AAKE:Key Export SP - "C:\Program Files\Acer\Empowering Technology\eDataSecurity\x64\decryption.exe" [Enabled] .(.Pas de propriétaire - .) (.not file.)

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question

Réponse 5 / 21

moment de grace Messages postés 29042 Date d'inscription samedi 6 décembre 2008 Statut Contributeur sécurité Dernière intervention 18 juillet 2013 2 272
11 sept. 2010 à 09:46

Rend toi sur Cjoint : http://www.cijoint.fr/

Clique sur "Parcourir " dans la partie " Joindre un fichier[...] "

Sélectionne le rapport ZHPdiag.txt qui se trouve sur ton bureau

Clique ensuite sur "Cliquez ici pour déposer le fichier " et copie/colle le lien dans ton prochain message

si soucis avec ci joint. fr

=> utiliser https://www.cjoint.com/
=> utiliser http://ww38.toofiles.com/fr/oip/documents/txt/av.html

Réponse 6 / 21

annelise
11 sept. 2010 à 09:53

http://www.cijoint.fr/cjlink.php?file=cj201009/cijYUVgywD.txt

Réponse 7 / 21

moment de grace Messages postés 29042 Date d'inscription samedi 6 décembre 2008 Statut Contributeur sécurité Dernière intervention 18 juillet 2013 2 272
11 sept. 2010 à 10:00

ok

1)

* Télécharge de AD-Remover sur ton Bureau. (Merci à C_XX)
http://pagesperso-orange.fr/NosTools/C_XX/AD-R.exe

Miroir:

https://www.androidworld.fr/

/!\ Déconnecte-toi d'internet et ferme toutes applications en cours /!\

Désactive provisoirement et seulement le temps de l'utilisation de ADremover, la protection en temps réel de ton Antivirus et de tes Antispywares, qui peuvent gêner fortement la procédure de recherche et de nettoyage de l'outil.

- Double-clique sur l'icône Ad-remover située sur ton Bureau.
- Sur la page, clique sur le bouton « NETTOYER »
- Confirme lancement du scan
- Laisse travailler l'outil.
- Poste le rapport qui apparaît à la fin.

(Le rapport est sauvegardé aussi sous C:\Ad-report(Scan/clean).Txt)

(CTRL+A pour tout sélectionner, CTRL+C pour copier et CTRL+V pour coller)

...................................

2)

Téléchargez MalwareByte's Anti-Malware (que tu pourras garder)

https://www.commentcamarche.net/telecharger/securite/14361-malwarebytes-anti-malware/

. Enregistres le sur le bureau
. Double cliques sur le fichier téléchargé pour lancer le processus d'installation.
. Dans l'onglet "mise à jour", cliques sur le bouton Recherche de mise à jour
. Si le pare-feu demande l'autorisation de se connecter pour malwarebytes, accepte
. Une fois la mise à jour terminé
. Rend-toi dans l'onglet, Recherche
. Sélectionnes Exécuter un examen complet (examen assez long)
. Cliques sur Rechercher
. Le scan démarre.
. A la fin de l'analyse, un message s'affiche : L'examen s'est terminé normalement. Cliquez sur 'Afficher les résultats' pour afficher tous les objets trouvés.
. Cliques sur Ok pour poursuivre.
. Si des malwares ont été détectés, clique sur Afficher les résultats
. Sélectionnes tout (ou laisses cochés) et cliques sur Supprimer la sélection Malwarebytes va détruire les fichiers et clés de registre et en mettre une copie dans la quarantaine.
. Malwarebytes va ouvrir le bloc-notes et y copier le rapport d'analyse.
. Rends toi dans l'onglet rapport/log
. Tu cliques dessus pour l'afficher, une fois affiché
. Tu cliques sur edition en haut du boc notes, et puis sur sélectionner tous
. Tu recliques sur edition et puis sur copier et tu reviens sur le forum et dans ta réponse
. tu cliques droit dans le cadre de la reponse et coller

Si tu as besoin d'aide regarde ces tutoriels :
Aide: https://www.malekal.com/tutoriel-malwarebyte-anti-malware/
http://www.infos-du-net.com/forum/278396-11-tuto-malwarebytes-anti-malware-mbam

Réponse 8 / 21

annelise
11 sept. 2010 à 11:46

Mis à jour par C_XX le 06/09/10 à 15:20
Contact: AdRemover.contact[AT]gmail.com
Site web: http://www.teamxscript.org

C:\Program Files\Ad-Remover\main.exe (CLEAN [2]) -> Lancé à 10:29:57 le 11/09/2010, Mode normal

Microsoft® Windows Vista(TM) Édition Familiale Premium Service Pack 2 (X86)
anne lise@PC-DE-ANNELISE (Acer Aspire X3200)

============== ACTION(S) ==============

(!) -- Fichiers temporaires supprimés.

============== SCAN ADDITIONNEL ==============

** Internet Explorer Version [8.0.6001.18943] **

[HKCU\Software\Microsoft\Internet Explorer\Main]
AutoHide: yes
Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Do404Search: 0x01000000
Enable Browser Extensions: yes
Local Page: C:\Windows\system32\blank.htm
Search bar: hxxp://go.microsoft.com/fwlink/?linkid=54896
Show_ToolBar: yes
Start Page: hxxp://fr.msn.com/
Use Search Asst: no

[HKLM\Software\Microsoft\Internet Explorer\Main]
AutoHide: yes
Default_Page_URL: hxxp://go.microsoft.com/fwlink/?LinkId=54896
Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Delete_Temp_Files_On_Exit: yes
Enable Browser Extensions: yes
Local Page: C:\Windows\System32\blank.htm
Search bar: hxxp://search.msn.com/spbasic.htm
Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Start Page: hxxp://fr.msn.com/
Use Search Asst: no

[HKLM\Software\Microsoft\Internet Explorer\ABOUTURLS]
Tabs: res://ieframe.dll/tabswelcome.htm
Blank: res://mshtml.dll/blank.htm

========================================

C:\Program Files\Ad-Remover\Quarantine: 3 Fichier(s)
C:\Program Files\Ad-Remover\Backup: 17 Fichier(s)

C:\Ad-Report-CLEAN[1].txt - 11/09/2010 (2779 Octet(s))
C:\Ad-Report-CLEAN[2].txt - 11/09/2010 (1916 Octet(s))
C:\Ad-Report-SCAN[1].txt - 11/09/2010 (2715 Octet(s))

Fin à: 10:35:25, 11/09/2010

============== E.O.F ==============
je vais faire malware bytes

Réponse 9 / 21

moment de grace Messages postés 29042 Date d'inscription samedi 6 décembre 2008 Statut Contributeur sécurité Dernière intervention 18 juillet 2013 2 272
11 sept. 2010 à 11:49

ok

MBAM est plus long

@ +

Réponse 10 / 21

annelise
11 sept. 2010 à 14:41

voila le rapport :
Version de la base de données: 4594

Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.18943

11/09/2010 14:10:19
mbam-log-2010-09-11 (14-10-19).txt

Type d'examen: Examen complet (C:\|)
Elément(s) analysé(s): 263947
Temps écoulé: 2 heure(s), 17 minute(s), 56 seconde(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 1

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
C:\Users\Public\msnl.exe (Worm.Zeroll) -> No action taken.

merci de ton aide

Réponse 11 / 21

moment de grace Messages postés 29042 Date d'inscription samedi 6 décembre 2008 Statut Contributeur sécurité Dernière intervention 18 juillet 2013 2 272
11 sept. 2010 à 14:43

No action taken.

l'as tu supprimé ?

....................

Fais un nouveau rapport ZHPdiag stp

Rend toi sur Cjoint : http://www.cijoint.fr/

Clique sur "Parcourir " dans la partie " Joindre un fichier[...] "

Sélectionne le rapport ZHPdiag.txt qui se trouve sur ton bureau

Clique ensuite sur "Cliquez ici pour déposer le fichier " et copie/colle le lien dans ton prochain message

Réponse 12 / 21

annelise
11 sept. 2010 à 14:45

oui

Réponse 13 / 21

annelise
11 sept. 2010 à 15:01

par Nicolas Coolman, Update du 10/09/2010
Run by anne lise at 11/09/2010 14:52:24
Web site : http://www.premiumorange.com/zeb-help-process/zhpdiag.html
Contact : nicolascoolman@yahoo.fr

---\\ Web Browser
MSIE: Internet Explorer v8.0.6001.18943

---\\ System Information
Platform : Windows Vista (TM) Home Premium (6.0.6002) Service Pack 2
Processor: x86 Family 16 Model 2 Stepping 3, AuthenticAMD
Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 2813 MB (56% free)
System drive C: has 82 GB (60%) free of 137 GB

---\\ Logged in mode
Computer Name: PC-DE-ANNELISE
User Name: anne lise
All Users Names: anne lise, Administrateur,
Unselected Option: O1,O45,O61,O65,O82
Logged in as Administrator

---\\ DOS/Devices
C:\ Hard drive, Flash drive, Thumb drive (Free 82 Go of 137 Go)
D:\ Hard drive, Flash drive, Thumb drive (Free 131 Go of 141 Go)
E:\ CD-ROM drive (Not Inserted)
F:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
G:\ Floppy drive, Flash card reader, USB Key (Not Inserted)

---\\ Security Center & Tools Informations
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] DisableTaskMgr: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] DisableRegistryTools: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] NoDispScrSavPage: OK

---\\ Processus lancés
[MD5.151B2D097C7182898387994CEA34890B] - (.Realtek Semiconductor - HD Audio Control Panel.) -- C:\Windows\RtHDVCpl.exe [5369856]
[MD5.9F5F2F0FB0A7F5AA9F16B9A7B6DAD89F] - (.Google - Google Desktop.) -- C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [30192]
[MD5.E43F473CB4262EBAB41E37F3291DBE9B] - (.Pas de propriétaire - Pas de description.) -- C:\Program Files\Acer\Empowering Technology\SysMonitor.exe [319488]
[MD5.D373AA365A9C7669E2E65DB6857E47DE] - (.Pas de propriétaire - Acer Empowering Technology Framework Launch.) -- C:\Program Files\Acer\Empowering Technology\Framework.Launcher.exe [323584]
[MD5.15A33EF5C43C5ADBABECA6B216D839B5] - (.Egis Incorporated - Acer eDataSecurity Management Loader.) -- C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe [526896]
[MD5.B99E33D026ABF2EDE890CED8E0FD223B] - (.SweetIM Technologies Ltd. - SweetIM Instant Messenger Enhancer.) -- C:\Program Files\SweetIM\Messenger\SweetIM.exe [111928]
[MD5.1A4FEE255228AB6EFCAA81BC6BE2D591] - (.McAfee, Inc. - McAfee Security Center.) -- C:\Program Files\McAfee.com\Agent\mcagent.exe [1193848]
[MD5.3EBFE205F79CA1C5DF01E85436427278] - (.Acer - ProductR Application.) -- C:\Program Files\Acer\WR_PopUp\ProductReg.exe [135168]
[MD5.E616A6A6E91B0A86F2F6217CDE835FFE] - (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [68856]
[MD5.F2C201341735E6674F7AD892CEA3799B] - (.Microsoft Corporation - Media Center Tray Applet.) -- C:\Windows\ehome\ehtray.exe [135680]
[MD5.1B31D1266691EDD4224B0036449F14B4] - (.Nero AG - Nero Home.) -- C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe [152872]
[MD5.896A1DB9A972AD2339C2E8569EC926D1] - (.Safer Networking Limited - System settings protector.) -- C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2144088]
[MD5.89F7C30A91E5581BDF14C62AB46A2B2D] - (.McAfee, Inc. - McAfee Security Scanner Scheduler.) -- C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe [255536]
[MD5.BC9C9BE7BB74D629362608ACE470E7DA] - (.Microsoft Corporation - Notification de cadeaux MSN.) -- C:\Users\anne lise\AppData\Roaming\Microsoft\Notification de cadeaux MSN\lsnfier.exe [135680]
[MD5.8BA23C9FE7FF3DCEEE24069D86BFB22C] - (.Acer - AcerRegTool.) -- C:\Program Files\Acer\WR_PopUp\AcerRegTool.exe [2428928]
[MD5.0F4195B9B348DE5CF9B822F81704B20E] - (.Microsoft Corporation - Media Center Media Status Aggregator Servic.) -- C:\Windows\ehome\ehmsas.exe [37376]
[MD5.96E8CF4D3731D90058DE39A3BECAD707] - (.Nero AG - Nero Home.) -- C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe [1201448]
[MD5.7420BE0E7D3D1320054F7ACA0594953D] - (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe [638232]
[MD5.CEDF6D51B66006142B892BE96F8E5E18] - (.Google Inc. - Google Toolbar Broker.) -- C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe [304304]
[MD5.F94066F5CC9791D6887A4C31505663D1] - (.Secure Digital Services Limited - OfferBox.) -- C:\Program Files\OfferBox\OfferBox.exe [1957720]
[MD5.678F50CBC5537150CFDCCA7944130B6D] - (.Adobe Systems, Inc. - Adobe Flash Player Helper 10.0 r45.) -- C:\Windows\system32\Macromed\Flash\FlashUtil10e.exe [256280]
[MD5.58167840168120E7F69E48002DECFE1A] - (.Nicolas Coolman - Nettoyeur de rapport ZHPDiag.) -- C:\Program Files\ZHPDiag\ZHPFix.exe [473600]
[MD5.652917E46875E3AF8189AFA3FAAA98AC] - (.Nicolas Coolman - Diagnostic Tool.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [549376]

---\\ Plugins de navigateurs Opera/Firefox(P1/P2)
P2 - FPN: [HKLM] [@adobe.com/ShockwavePlayer] - (.Adobe Systems, Inc. - Adobe Shockwave for Director Netscape plug-in, version 11.5.) -- C:\Windows\system32\Adobe\Director\np32dsw.dll
P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (. Microsoft Corporation - 4.0.50826.0.) -- C:\Program Files\Microsoft Silverlight\4.0.50826.0\npctrl.dll
P2 - FPN: [HKLM] [@microsoft.com/OfficeLive,version=1.4] - (.Microsoft Corp. - Office Live Update v1.4.) -- C:\Program Files\Microsoft\Office Live\npOLW.dll
P2 - FPN: [HKLM] [@microsoft.com/WLPG,version=14.0.8081.0709] - (.Microsoft Corporation - NPWLPG.) -- C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
P2 - FPN: [HKLM] [@microsoft.com/WPF,version=3.5] - (.Microsoft Corporation - Windows Presentation Foundation (WPF) plug-in for Mozilla browsers.) -- C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=8] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.2.183.23\npGoogleOneClick8.dll

---\\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2)
F2 - REG:system.ini: UserInit=C:\Windows\system32\Userinit.exe,
F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"

---\\ Pages de démarrage d'Internet Explorer (R0)
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr

---\\ Pages de recherche d'Internet Explorer (R1)
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk

---\\ Internet Explorer URLSearchHook (R3)
R3 - URLSearchHook: Zynga Toolbar - {7b13ec3e-999a-4b70-b9cb-2617b8323822} . (.Conduit Ltd. - Conduit Toolbar.) (5, 3, 5, 4) -- C:\Program Files\Zynga\tbZyng.dll
R3 - URLSearchHook: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} . (.McAfee, Inc. - SiteAdvisor.) (3,1,1,118) -- c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
R3 - URLSearchHook: McAfee SiteAdvisor Toolbar - {7b13ec3e-999a-4b70-b9cb-2617b8323822} . (.Conduit Ltd. - Conduit Toolbar.) (5, 3, 5, 4) -- C:\Program Files\Zynga\tbZyng.dll
R3 - URLSearchHook: McAfee SiteAdvisor Toolbar - {EEE6C35D-6118-11DC-9C72-001320C79847} . (.SweetIM Technologies Ltd. - SweetIM Toolbar Helper Module.) (3, 9, 0, 4) -- C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgHelper.dll

---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: McAfee Phishing Filter - {27B4851A-3207-45A2-B947-BE8AFE6163AB} . (.Pas de propriétaire - Pas de description.) -- c:\progra~1\mcafee\msk\mskapbho.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} . (.Pas de propriétaire - Pas de description.) -- (.not file.)
O2 - BHO: Zynga Toolbar - {7b13ec3e-999a-4b70-b9cb-2617b8323822} . (.Conduit Ltd. - Conduit Toolbar.) -- C:\Program Files\Zynga\tbZyng.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} . (.McAfee, Inc. - VSCore Script Scanner.) -- C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20100819215615.dll
O2 - BHO: ShowBarObj Class - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} . (.Egis - ActiveToolBand Module.) -- C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\ActiveToolBand.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corporation - Microsoft® Windows Live ID Login Helper.) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} . (.SEIKO EPSON CORPORATION / CyCom Technology - Epson Easy Photo Print (TBL).) -- C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} . (.Google Inc. - Google Toolbar.) -- C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\5.5.5126.1836\swg.dll
O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} . (.McAfee, Inc. - SiteAdvisor.) -- c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O2 - BHO: SWEETIE - {EEE6C35C-6118-11DC-9C72-001320C79847} . (.SweetIM Technologies Ltd. - SweetIM Toolbar for Internet Explorer.) -- C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O2 - BHO: OfferBox - {FC0D62C2-9640-4AEB-A5D5-CF25DF11FA8C} . (.Secure Digital Services Limited - OfferBox.) -- C:\Program Files\OfferBox\OfferBoxBHO.dll

---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} . (.McAfee, Inc. - SiteAdvisor.) -- c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} . (.Egis Incorporated. - Acer eDataSecurity Management Explorer Tool.) -- C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll
O3 - Toolbar: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} . (.SEIKO EPSON CORPORATION / CyCom Technology - Epson Easy Photo Print (TBL).) -- C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll
O3 - Toolbar: Zynga Toolbar - {7b13ec3e-999a-4b70-b9cb-2617b8323822} . (.Conduit Ltd. - Conduit Toolbar.) -- C:\Program Files\Zynga\tbZyng.dll
O3 - Toolbar: SweetIM Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} . (.SweetIM Technologies Ltd. - SweetIM Toolbar for Internet Explorer.) -- C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} . (.Google Inc. - Google Toolbar.) -- C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

---\\ Applications démarrées par registre & par dossier (O4)
O4 - HKLM\..\Run: [Windows Defender] . (.Microsoft Corporation - Windows Defender User Interface.) -- C:\Program Files\Windows Defender\MSASCui.exe
O4 - HKLM\..\Run: [RtHDVCpl] . (.Realtek Semiconductor - HD Audio Control Panel.) -- C:\Windows\RtHDVCpl.exe
O4 - HKLM\..\Run: [Google Desktop Search] . (.Google - Google Desktop.) -- C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O4 - HKLM\..\Run: [Acer Empowering Technology Monitor] . (.Pas de propriétaire - Pas de description.) -- C:\Program Files\Acer\Empowering Technology\SysMonitor.exe
O4 - HKLM\..\Run: [EmpoweringTechnology] . (.Pas de propriétaire - Acer Empowering Technology Framework Launch.) -- C:\Program Files\Acer\Empowering Technology\Framework.Launcher.exe
O4 - HKLM\..\Run: [eDataSecurity Loader] . (.Egis Incorporated - Acer eDataSecurity Management Loader.) -- C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe
O4 - HKLM\..\Run: [PCMMediaSharing] . (.Pas de propriétaire - Pas de description.) -- C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exe
O4 - HKLM\..\Run: [Setresolution] C:\ACER\config\1440X900.cmd (.not file.)
O4 - HKLM\..\Run: [MontiorGeo] c:\Acer\MonitorGeo.cmd (.not file.)
O4 - HKLM\..\Run: [eRecoveryService] Clé orpheline
O4 - HKLM\..\Run: [Skytel] . (.Realtek Semiconductor Corp. - Realtek Voice Manager.) -- C:\Windows\Skytel.exe
O4 - HKLM\..\Run: [P0620Cfg.exe] P0620Cfg.exe /d:1
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe
O4 - HKLM\..\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
O4 - HKLM\..\Run: [NeroFilterCheck] . (.Nero AG - NeroCheck.) -- C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [SweetIM] . (.SweetIM Technologies Ltd. - SweetIM Instant Messenger Enhancer.) -- C:\Program Files\SweetIM\Messenger\SweetIM.exe
O4 - HKLM\..\Run: [mcui_exe] . (.McAfee, Inc. - McAfee Security Center.) -- C:\Program Files\McAfee.com\Agent\mcagent.exe
O4 - HKCU\..\Run: [ProductReg] . (.Acer - ProductR Application.) -- C:\Program Files\Acer\WR_PopUp\ProductReg.exe
O4 - HKCU\..\Run: [msnmsgr] ~C:\Program Files\Windows Live\Messenger\msnmsgr.exe (.not file.)
O4 - HKCU\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [EPSON SX100 Series] . (.SEIKO EPSON CORPORATION - EPSON Status Monitor 3.) -- C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIEDE.exe
O4 - HKCU\..\Run: [ehTray.exe] . (.Microsoft Corporation - Media Center Tray Applet.) -- C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] . (.Nero AG - Nero Home.) -- C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
O4 - HKCU\..\Run: [WMPNSCFG] . (.Microsoft Corporation - Application de configuration du service Par.) -- C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] . (.Safer Networking Limited - System settings protector.) -- C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-20\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
O4 - HKUS\S-1-5-21-2331048494-3691586261-404424970-1000\..\Run: [ProductReg] . (.Acer - ProductR Application.) -- C:\Program Files\Acer\WR_PopUp\ProductReg.exe
O4 - HKUS\S-1-5-21-2331048494-3691586261-404424970-1000\..\Run: [msnmsgr] ~C:\Program Files\Windows Live\Messenger\msnmsgr.exe (.not file.)
O4 - HKUS\S-1-5-21-2331048494-3691586261-404424970-1000\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-21-2331048494-3691586261-404424970-1000\..\Run: [EPSON SX100 Series] . (.SEIKO EPSON CORPORATION - EPSON Status Monitor 3.) -- C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIEDE.exe
O4 - HKUS\S-1-5-21-2331048494-3691586261-404424970-1000\..\Run: [ehTray.exe] . (.Microsoft Corporation - Media Center Tray Applet.) -- C:\Windows\ehome\ehTray.exe
O4 - HKUS\S-1-5-21-2331048494-3691586261-404424970-1000\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] . (.Nero AG - Nero Home.) -- C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
O4 - HKUS\S-1-5-21-2331048494-3691586261-404424970-1000\..\Run: [WMPNSCFG] . (.Microsoft Corporation - Application de configuration du service Par.) -- C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-21-2331048494-3691586261-404424970-1000\..\Run: [SpybotSD TeaTimer] . (.Safer Networking Limited - System settings protector.) -- C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - Global Startup: McAfee Security Scan Plus.lnk . (.McAfee, Inc. - McAfee Security Scanner Scheduler.) -- C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe
O4 - Global Startup: Notification de cadeaux MSN.lnk . (.Microsoft Corporation - Notification de cadeaux MSN.) -- C:\Users\anne lise\AppData\Roaming\Microsoft\Notification de cadeaux MSN\lsnfier.exe

---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8)
O8 - Extra context menu item: E&xporter vers Microsoft Excel . (.Microsoft Corporation - Microsoft Office Excel.) -- C:\PROGRA~1\MICROS~2\Office12\EXCEL.exe
O8 - Extra context menu item: Google Sidewiki... . (.Google Inc. - Google Toolbar for Internet Explorer.) -- C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll

---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} . (.Microsoft Corporation - Windows Live Writer Blog This Extension.) -- C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} . (.Microsoft Corporation - Microsoft Office OneNote Internet Explorer Add-in.) -- C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (.Pas de propriétaire - Pas de description.) -- C:\PROGRA~1\MICROS~2\Office12\REFBARH.ICO

---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d'affectation de noms de messagerie.) -- C:\Windows\system32\napinsp.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur d'espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur d'espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\Windows\system32\mswsock.dll
O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll

---\\ Objets ActiveX (Downloaded Program Files)(O16)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} () - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} (Windows Live Hotmail Photo Upload Tool) - http://gfx2.hotmail.com/mail/w4/pr01/photouploadcontrol/VistaMSNPUpldfr-fr.cab

---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{A6FC4066-460B-4373-9E14-78E0326203BE}: DhcpNameServer = 89.2.0.1 89.2.0.2
O17 - HKLM\System\CS1\Services\Tcpip\..\{A6FC4066-460B-4373-9E14-78E0326203BE}: DhcpNameServer = 89.2.0.1 89.2.0.2
O17 - HKLM\System\CS3\Services\Tcpip\..\{A6FC4066-460B-4373-9E14-78E0326203BE}: DhcpNameServer = 89.2.0.1 89.2.0.2
O17 - HKLM\System\CCS\Services\Tcpip\..\{A6FC4066-460B-4373-9E14-78E0326203BE}: DhcpDomain = numericable.fr
O17 - HKLM\System\CS1\Services\Tcpip\..\{A6FC4066-460B-4373-9E14-78E0326203BE}: DhcpDomain = numericable.fr
O17 - HKLM\System\CS3\Services\Tcpip\..\{A6FC4066-460B-4373-9E14-78E0326203BE}: DhcpDomain = numericable.fr
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 89.2.0.1 89.2.0.2

---\\ Protocole additionnel et piratage de protocole (O18)
O18 - Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} . (.McAfee, Inc. - SiteAdvisor.) -- c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O18 - Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} . (.McAfee, Inc. - SiteAdvisor.) -- c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O18 - Handler: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} . (.Pas de propriétaire - Pas de description.) -- C:\Program Files\Windows Live\Mail\mailcomm.dll

---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} . (.Microsoft Corporation - Contrôleur de site Web.) -- C:\Windows\System32\webcheck.dll

---\\ Clé de Registre autorun SharedTaskScheduler (STS) (O22)
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\Windows\system32\browseui.dll

---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: Acer HomeMedia Connect Service (Acer HomeMedia Connect Service) . (.CyberLink - CLMSServer.) - C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe
O23 - Service: eDataSecurity Service (eDataSecurity Service) . (.Egis Incorporated - Acer eDataSecurity Management Service.) - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
O23 - Service: Empowering Technology Service (ETService) . (.Pas de propriétaire - Acer Empowering Technology Framework Servic.) - C:\Program Files\Acer\Empowering Technology\Service\ETService.exe
O23 - Service: ForceWare Intelligent Application Manager (IAM) (ForceWare Intelligent Application Manager (IAM)) . (.Pas de propriétaire - app_filter Module.) - C:\Program Files\bin32\nSvcAppFlt.exe
O23 - Service: Service Google Update (gupdate) (gupdate) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: McAfee SiteAdvisor Service (McAfee SiteAdvisor Service) . (.McAfee, Inc. - SiteAdvisor.) - C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
O23 - Service: Service McAfee Personal Firewall (McMPFSvc) . (.McAfee, Inc. - McAfee Service Host.) - C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
O23 - Service: McAfee Services (mcmscsvc) . (.McAfee, Inc. - McAfee Service Host.) - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
O23 - Service: McAfee VirusScan Announcer (McNaiAnn) . (.McAfee, Inc. - McAfee Service Host.) - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
O23 - Service: McAfee Network Agent (McNASvc) . (.McAfee, Inc. - McAfee Service Host.) - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
O23 - Service: McAfee Proxy Service (McProxy) . (.McAfee, Inc. - McAfee Service Host.) - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
O23 - Service: McShield (McShield) . (.McAfee, Inc. - McAfee On-Access Scanner service.) - C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
O23 - Service: McAfee Firewall Core Service (mfefire) . (.McAfee, Inc. - McAfee Core Firewall Service.) - C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
O23 - Service: McAfee Validation Trust Protection Service (mfevtp) . (.McAfee, Inc. - McAfee Process Validation Service.) - C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe
O23 - Service: McAfee Anti-Spam Service (MSK80Service) . (.McAfee, Inc. - McAfee Service Host.) - C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
O23 - Service: ForceWare IP service (nSvcIp) . (.Pas de propriétaire - NVIDIA Corporation.) - C:\Program Files\bin32\nSvcIp.exe
O23 - Service: NTI Backup Now 5 Scheduler Service (NTISchedulerSvc) . (.NewTech Infosystems, Inc. - NTI Backup Now 5 SchedulerSvc NT Service.) - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) . (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 196.2.) - C:\Windows\system32\nvvsvc.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) . (.Pas de propriétaire - RichVideo Module.) - C:\Program Files\CyberLink\Shared Files\RichVideo.exe

---\\ Enumération Active Desktop & MHTML Editor (O24)
O24 - Default MHTML Editor: Last - .(.Microsoft Corporation - Microsoft Office Word.) - C:\Program Files\Microsoft Office\Office12\WINWORD.exe

---\\ Tâches planifiées en automatique (O39)
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\User_Feed_Synchronization-{3971B895-E2D2-4FA0-931B-DA00D5270BBE}.job

---\\ Composants installés (ActiveSetup Installed Components) (O40)
O40 - ASIC: Adobe Flash Player - {D27CDB6E-AE6D-11CF-96B8-444553540000} . (.Adobe Systems, Inc. - Adobe Flash Player 10.0 r45.) -- C:\Windows\system32\Macromed\Flash\Flash10e.ocx

---\\ Pilotes lancés au démarrage (O41)
O41 - Driver: McAfee NDIS Light Filter (mfenlfk) . (.McAfee, Inc. - McAfee NDIS Light Filter Driver.) - C:\Windows\system32\DRIVERS\mfenlfk.sys
O41 - Driver: McAfee Inc. mfewfpk (mfewfpk) . (.McAfee, Inc. - Anti-Virus Mini-Firewall Driver.) - C:\Windows\system32\drivers\mfewfpk.sys

---\\ Logiciels installés (O42)
O42 - Logiciel: ABBYY FineReader 6.0 Sprint - (.ABBYY Software House.) [HKLM] -- {ACF60000-22B9-4CE9-98D6-2CCF359BAC07}
O42 - Logiciel: AV Input Selection - (.YUAN.) [HKLM] -- {F429ED71-4A8B-457A-85E4-F6398CE73E58}
O42 - Logiciel: Acer Arcade Live Main Page - (.Acer Inc..) [HKLM] -- {EFBDC2B0-FAA8-4B78-8DE1-AEBE7958FA37}
O42 - Logiciel: Acer DV Magician - (.Acer Inc..) [HKLM] -- {F6EFFB76-4A07-11DA-9D78-000129760D75}
O42 - Logiciel: Acer DVDivine - (.Acer Inc..) [HKLM] -- {B145EC69-66F5-11D8-9D75-000129760D75}
O42 - Logiciel: Acer Empowering Technology - (.Acer Incorporated.) [HKLM] -- {8F1B6239-FEA0-450A-A950-B05276CE177C}
O42 - Logiciel: Acer HomeMedia - (.Acer Inc..) [HKLM] -- {AA4BF92B-2AAF-11DA-9D78-000129760D75}
O42 - Logiciel: Acer HomeMedia Connect - (.Acer Inc..) [HKLM] -- {132888AE-EF67-41C5-BCA2-7D5D2488AB63}
O42 - Logiciel: Acer HomeMedia Trial Creator - (.Acer Inc..) [HKLM] -- {B580C409-E16F-44FF-904D-3AE94E113BE0}
O42 - Logiciel: Acer Product Registration - (.Acer Incorporated.) [HKLM] -- {DA20E1A8-07CB-4EE7-9B72-A7E28C953F0E}
O42 - Logiciel: Acer ScreenSaver - (.Acer Incorporated.) [HKLM] -- {79DD56FC-DB8B-47F5-9C80-78B62E05F9BC}
O42 - Logiciel: Acer SlideShow DVD - (.Acer Inc..) [HKLM] -- {41581EF5-45A7-11DA-9D78-000129760D75}
O42 - Logiciel: Acer VideoMagician - (.Acer Inc..) [HKLM] -- {F79A208D-D929-11D9-9D77-000129760D75}
O42 - Logiciel: Acer eDataSecurity Management - (.Egis Inc..) [HKLM] -- {A5633652-3795-4829-BB0B-644F0279E279}
O42 - Logiciel: Acer eRecovery Management - (.Acer Incorporated.) [HKLM] -- {7F811A54-5A09-4579-90E1-C93498E230D9}
O42 - Logiciel: Adobe Flash Player 10 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX
O42 - Logiciel: Adobe Reader 9.3.4 - Français - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-1036-7B44-A93000000001}
O42 - Logiciel: Adobe Shockwave Player 11.5 - (.Adobe Systems, Inc..) [HKLM] -- Adobe Shockwave Player
O42 - Logiciel: Alice Greenfingers - (.Oberon Media.) [HKLM] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112920767}
O42 - Logiciel: Alien Shooter - (.Oberon Media.) [HKLM] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110082360}
O42 - Logiciel: Assistant de connexion Windows Live ID - (.Microsoft Corporation.) [HKLM] -- {10A44844-4465-456E-8C97-80BDD4F68845}
O42 - Logiciel: Beetle Junior - (.Oberon Media.) [HKLM] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110052107}
O42 - Logiciel: C:\Program Files\Acer GameZone\GameConsole - (.Oberon Media, Inc..) [HKLM] -- {71C2828F-2678-4675-BDEC-895424861262}_is1
O42 - Logiciel: Chicken Invaders 2 - (.Oberon Media.) [HKLM] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110209593}
O42 - Logiciel: Creative WebCam Instant Driver (1.01.02.0729) - (.Pas de propriétaire.) [HKLM] -- Creative PD0620
O42 - Logiciel: Dream Day First Home - (.Oberon Media.) [HKLM] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113832110}
O42 - Logiciel: Désinstaller l"imprimante EPSON SX100 Series - (.SEIKO EPSON Corporation.) [HKLM] -- EPSON SX100 Series
O42 - Logiciel: EPSON Scan - (.Pas de propriétaire.) [HKLM] -- EPSON Scanner
O42 - Logiciel: EPSON Stylus SX100_TX100 Manuel - (.Pas de propriétaire.) [HKLM] -- EPSON Stylus SX100_TX100 Guide d'utilisation
O42 - Logiciel: Epson Easy Photo Print 2 - (.SEIKO EPSON CORPORATION.) [HKLM] -- {DEDB47A3-C988-4A43-A645-E2CEA571E680}
O42 - Logiciel: Galapago - (.Oberon Media.) [HKLM] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111307457}
O42 - Logiciel: Galerie de photos Windows Live - (.Microsoft Corporation.) [HKLM] -- {B131E59D-202C-43C6-84C9-68F0C37541F1}
O42 - Logiciel: Go-Go Gourmet - (.Oberon Media.) [HKLM] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-114072167}
O42 - Logiciel: Google Desktop - (.Google.) [HKLM] -- Google Desktop
O42 - Logiciel: Google Toolbar for Internet Explorer - (.Google Inc..) [HKLM] -- {18455581-E099-4BA8-BC6B-F34B2F06600C}
O42 - Logiciel: Google Toolbar for Internet Explorer - (.Google Inc..) [HKLM] -- {2318C2B1-4965-11d4-9B18-009027A5CD4F}
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
O42 - Logiciel: Heroes of Hellas - (.Oberon Media.) [HKLM] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113786380}
O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB953595
O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB958484
O42 - Logiciel: Installation Windows Live - (.Microsoft Corporation.) [HKLM] -- WinLiveSuite_Wave3
O42 - Logiciel: Installation Windows Live - (.Microsoft Corporation.) [HKLM] -- {46ABBC54-1872-4AA3-95E2-F2C063A63F31}
O42 - Logiciel: Junk Mail filter update - (.Microsoft Corporation.) [HKLM] -- {E2DFE069-083E-4631-9B6C-43C48E991DE5}
O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM] -- {22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
O42 - Logiciel: MSXML 4.0 SP2 (KB954430) - (.Microsoft Corporation.) [HKLM] -- {86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
O42 - Logiciel: MSXML 4.0 SP2 (KB973688) - (.Microsoft Corporation.) [HKLM] -- {F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
O42 - Logiciel: Magic Farm - (.Oberon Media.) [HKLM] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-114717227}
O42 - Logiciel: Magic Match Adventures - (.Oberon Media.) [HKLM] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11408540}
O42 - Logiciel: Malwarebytes' Anti-Malware - (.Malwarebytes Corporation.) [HKLM] -- Malwarebytes' Anti-Malware_is1
O42 - Logiciel: McAfee Internet Security Suite - (.McAfee, Inc..) [HKLM] -- MSC
O42 - Logiciel: McAfee Security Scan Plus - (.McAfee, Inc..) [HKLM] -- McAfee Security Scan
O42 - Logiciel: Microsoft .NET Framework 3.5 Language Pack SP1 - fra - (.Microsoft Corporation.) [HKLM] -- {3E31821C-7917-367E-938E-E65FC413EA31}
O42 - Logiciel: Microsoft .NET Framework 3.5 SP1 - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 3.5 SP1
O42 - Logiciel: Microsoft .NET Framework 3.5 SP1 - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
O42 - Logiciel: Microsoft Choice Guard - (.Microsoft Corporation.) [HKLM] -- {F0E12BBA-AD66-4022-A453-A1C8A0C4D570}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0016-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0018-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001B-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-006E-040C-0000-0000000FF1CE}_HOMESTUDENTR_{B165D3C2-40AE-4D39-86F7-E5C87C4264C0}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-00A1-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}
O42 - Logiciel: Microsoft Office Excel MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0016-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Home and Student 2007 - (.Microsoft Corporation.) [HKLM] -- HOMESTUDENTR
O42 - Logiciel: Microsoft Office Home and Student 2007 - (.Microsoft Corporation.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Live Add-in 1.4 - (.Microsoft Corporation.) [HKLM] -- {AE3CF174-872C-46C6-B9F6-C0593F3BC7B8}
O42 - Logiciel: Microsoft Office OneNote MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-00A1-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office PowerPoint MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0018-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (Arabic) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0401-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (Dutch) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0413-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (English) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0409-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (German) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0407-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (Spanish) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0C0A-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proofing (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-002C-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0401-0000-0000000FF1CE}_HOMESTUDENTR_{14809F99-C601-4D4A-9391-F1E8FAA964C5}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A0516415-ED61-419A-981D-93596DA74165}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0413-0000-0000000FF1CE}_HOMESTUDENTR_{D66D5A44-E480-4BA4-B4F2-C554F6B30EBB}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}
O42 - Logiciel: Microsoft Office Shared MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-006E-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Suite Activation Assistant - (.Microsoft Corporation.) [HKLM] -- {E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}
O42 - Logiciel: Microsoft Office Word MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001B-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft SQL Server 2005 Compact Edition [ENU] - (.Microsoft Corporation.) [HKLM] -- {F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
O42 - Logiciel: Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 - (.Microsoft Corporation.) [HKLM] -- {770657D0-A123-3C07-8E44-1C83EC895118}
O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable - (.Microsoft Corporation.) [HKLM] -- {837b34e3-7c30-493c-8f6a-2b0f04e2912c}
O42 - Logiciel: Microsoft Works - (.Microsoft Corporation.) [HKLM] -- {6B1CB38D-E2E4-4a30-933D-EFDEBA76AD9C}
O42 - Logiciel: Module linguistique Microsoft .NET Framework 3.5 SP1- fra - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 3.5 Language Pack SP1 - fra
O42 - Logiciel: Mystery Solitaire - Secret Island - (.Oberon Media.) [HKLM] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111796363}
O42 - Logiciel: NTI Backup Now 5 - (.NewTech Infosystems.) [HKLM] -- InstallShield_{12EFA1A4-AC3B-443C-8143-237EDE760403}
O42 - Logiciel: NTI Media Maker 8 - (.NewTech Infosystems.) [HKLM] -- InstallShield_{2413930C-8309-47A6-BC61-5EF27A4222BC}
O42 - Logiciel: NVIDIA Display Control Panel - (.NVIDIA Corporation.) [HKLM] -- NVIDIA Display Control Panel
O42 - Logiciel: NVIDIA Drivers - (.NVIDIA Corporation.) [HKLM] -- NVIDIA Drivers
O42 - Logiciel: NVIDIA ForceWare Network Access Manager - (.NVIDIA Corporation.) [HKLM] -- InstallShield_{7CFA46E3-CC2F-4355-82AE-6012DC3633FD}
O42 - Logiciel: NVIDIA ForceWare Network Access Manager - (.NVIDIA Corporation.) [HKLM] -- {7CFA46E3-CC2F-4355-82AE-6012DC3633FD}
O42 - Logiciel: Nero 7 Ultra Edition - (.Nero AG.) [HKLM] -- {22FB6750-ADDF-4726-B67F-6901E1991036}
O42 - Logiciel: Notification de cadeaux MSN - (.Microsoft.) [HKCU] -- Notification de cadeaux MSN
O42 - Logiciel: OfferBox - (.Secure Digital Services.) [HKLM] -- {2C8574B5-6935-4FCE-860E-F4E8602378FF}
O42 - Logiciel: Outil de téléchargement Windows Live - (.Microsoft Corporation.) [HKLM] -- {205C6BDD-7B73-42DE-8505-9A093F35A238}
O42 - Logiciel: PVSonyDll - (.NVIDIA Corporation.) [HKLM] -- {3D3E663D-4E7E-4577-A560-7ECDDD45548A}
O42 - Logiciel: PhotoFiltre - (.Pas de propriétaire.) [HKCU] -- PhotoFiltre
O42 - Logiciel: PlayReady PC runtime - (.Microsoft Corporation.) [HKLM] -- {B0E5D7E7-A106-458F-BA7B-2F8CAEA3BF16}
O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2277947) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{5857EE21-03D0-482E-9620-5A30B314A2AE}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB969559) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{69F52148-9BF6-4CDC-BF76-103DEAF3DD08}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB976321) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{7F207DCA-3399-40CB-A968-6E5991B1421A}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB982312) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{B0EC5722-241F-4CDA-83B4-AA5846B6F9F4}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB982331) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{E8766951-2B6C-4022-86E8-80D2D1762B76}
O42 - Logiciel: Security Update for Microsoft Office Excel 2007 (KB982308) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C3F9A0DC-A5D1-4BB6-870E-2953E5A2487B}
O42 - Logiciel: Security Update for Microsoft Office InfoPath 2007 (KB979441) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{8CCB781A-CF6B-4FCB-B6D8-59C64DF5C6DB}
O42 - Logiciel: Security Update for Microsoft Office PowerPoint 2007 (KB982158) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{F5B70033-E79C-4569-90BF-BC9B4E4F3F46}
O42 - Logiciel: Security Update for Microsoft Office Visio Viewer 2007 (KB973709) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{71127777-8B2C-4F97-AF7A-6CF8CAC8224D}
O42 - Logiciel: Security Update for Microsoft Office Word 2007 (KB2251419) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{7E9103DA-253F-41FF-9E83-7C83806C77DA}
O42 - Logiciel: Security Update for Microsoft Office system 2007 (972581) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}
O42 - Logiciel: Security Update for Microsoft Office system 2007 (KB974234) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{FCD742B9-7A55-44BC-A776-F795F21FEDDC}
O42 - Logiciel: Spelling Dictionaries Support For Adobe Reader 9 - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-5464-3428-900000000004}
O42 - Logiciel: Update for 2007 Microsoft Office System (KB967642) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}
O42 - Logiciel: Update for Microsoft .NET Framework 3.5 SP1 (KB963707) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707
O42 - Logiciel: Update for Microsoft Office OneNote 2007 (KB980729) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{329050A9-EF80-40F9-B633-74508F54C1FF}
O42 - Logiciel: VirginMega.Fr Premium - (.VirginMega.Fr.) [HKLM] -- {D416E000-D999-470A-BCAC-98E717CC1AFC}
O42 - Logiciel: Windows Live Call - (.Microsoft Corporation.) [HKLM] -- {82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}
O42 - Logiciel: Windows Live Communications Platform - (.Microsoft Corporation.) [HKLM] -- {ED00D08A-3C5F-488D-93A0-A04F21F23956}
O42 - Logiciel: Windows Live Contrôle parental - (.Microsoft Corporation.) [HKLM] -- {D5D81435-B8DE-4CAF-867F-7998F2B92CFC}
O42 - Logiciel: Windows Live FolderShare - (.Microsoft Corporation.) [HKLM] -- {2075CB0A-D26F-4DAA-B424-5079296B43BA}
O42 - Logiciel: Windows Live Mail - (.Microsoft Corporation.) [HKLM] -- {5DD76286-9BE7-4894-A990-E905E91AC818}
O42 - Logiciel: Windows Live Messenger - (.Microsoft Corporation.) [HKLM] -- {770F1BEC-2871-4E70-B837-FB8525FFA3B1}
O42 - Logiciel: Windows Live Writer - (.Microsoft Corporation.) [HKLM] -- {4634B21A-CC07-4396-890C-2B8168661FEA}
O42 - Logiciel: Zynga Toolbar - (.Pas de propriétaire.) [HKLM] -- Zynga Toolbar
O42 - Logiciel: eMule - (.Pas de propriétaire.) [HKLM] -- eMule
O42 - Logiciel: eSobi v2 - (.esobi Inc..) [HKLM] -- InstallShield_{15D967B5-A4BE-42AE-9E84-64CD062B25AA}
O42 - Logiciel: neroxml - (.Nero AG.) [HKLM] -- {56C049BE-79E9-4502-BEA7-9754A3E60F9B}
O42 - Logiciel: viCompte - (.Pas de propriétaire.) [HKCU] -- VICOMPTE
O42 - Logiciel: viCompte - (.Pas de propriétaire.) [HKCU] -- VICOMTEviCompte32

---\\ HKCU & HKLM Software Keys
[HKCU\Software\ABBYY]
[HKCU\Software\Acer]
[HKCU\Software\Ad-Remover]
[HKCU\Software\Adobe]
[HKCU\Software\Ahead]
[HKCU\Software\AppDataLow\Aurigma]
[HKCU\Software\AppDataLow\Software\Adobe]
[HKCU\Software\AppDataLow\Software\Google]
[HKCU\Software\AppDataLow\Software\Macromedia]
[HKCU\Software\AppDataLow\Software\Microsoft]
[HKCU\Software\AppDataLow\Software\Monitored]
[HKCU\Software\AppDataLow\Software\Zynga]
[HKCU\Software\AppDataLow\Software\settings]
[HKCU\Software\AppDataLow\Software]
[HKCU\Software\AppDataLow\Toolbar]
[HKCU\Software\AppDataLow]
[HKCU\Software\Classes]
[HKCU\Software\CyberLink]
[HKCU\Software\EPSON]
[HKCU\Software\Google]
[HKCU\Software\HookNetwork]
[HKCU\Software\IM Providers]
[HKCU\Software\Local AppWizard-Generated Applications]
[HKCU\Software\Macromedia]
[HKCU\Software\Malwarebytes' Anti-Malware]
[HKCU\Software\McAfee]
[HKCU\Software\NVIDIA Corporation]
[HKCU\Software\Nero]
[HKCU\Software\Netscape]
[HKCU\Software\NewTech Infosystems]
[HKCU\Software\Northcode Inc]
[HKCU\Software\ODBC]
[HKCU\Software\OXXOgames]
[HKCU\Software\Oberon Media]
[HKCU\Software\OfferBox]
[HKCU\Software\PC SOFT]
[HKCU\Software\Policies]
[HKCU\Software\Realtek]
[HKCU\Software\SEIKO EPSON]
[HKCU\Software\Safer Networking Limited]
[HKCU\Software\Spointer]
[HKCU\Software\SweetIM]
[HKCU\Software\Usbfix]
[HKCU\Software\VirginMega]
[HKCU\Software\Windows Live Writer]
[HKCU\Software\eMule]
[HKCU\Software\eSobi]
[HKLM\Software\ABBYY]
[HKLM\Software\Acer Incorporated]
[HKLM\Software\Acer]
[HKLM\Software\Adobe]
[HKLM\Software\Ahead]
[HKLM\Software\America Online]
[HKLM\Software\AppDataLow]
[HKLM\Software\Audible]
[HKLM\Software\BrowserChoice]
[HKLM\Software\Classes]
[HKLM\Software\Clients]
[HKLM\Software\Creative Tech]
[HKLM\Software\CyberLink]
[HKLM\Software\Digital River]
[HKLM\Software\EPSON]
[HKLM\Software\Google]
[HKLM\Software\Hauppauge]
[HKLM\Software\Intel]
[HKLM\Software\Khronos]
[HKLM\Software\Licenses]
[HKLM\Software\Macromedia]
[HKLM\Software\Malwarebytes' Anti-Malware]
[HKLM\Software\McAfee.com]
[HKLM\Software\McAfee]
[HKLM\Software\MozillaPlugins]
[HKLM\Software\Mozilla]
[HKLM\Software\NVIDIA Corporation]
[HKLM\Software\Nero]
[HKLM\Software\NewTech Infosystems]
[HKLM\Software\ODBC]
[HKLM\Software\Oberon Media]
[HKLM\Software\OemSetup]
[HKLM\Software\OfferBox]
[HKLM\Software\Piriform]
[HKLM\Software\Policies]
[HKLM\Software\Realtek Semiconductor Corp.]
[HKLM\Software\Realtek]
[HKLM\Software\RegisteredApplications]
[HKLM\Software\SRS Labs]
[HKLM\Software\Safer Networking Limited]
[HKLM\Software\SimDebug]
[HKLM\Software\SiteAdvisor]
[HKLM\Software\Sonic]
[HKLM\Software\SweetIM]
[HKLM\Software\Symantec]
[HKLM\Software\TrendMicro]
[HKLM\Software\VirginMega]
[HKLM\Software\WOW6432Node]
[HKLM\Software\Waves Audio]
[HKLM\Software\Zynga]
[HKLM\Software\mcafeeupdater]

---\\ Contenu des dossiers ProgramFiles/ProgramData (O43)
O43 - CFD:Common File Directory ----D- C:\Program Files\ABBYY FineReader 6.0 Sprint
O43 - CFD:Common File Directory ----D- C:\Program Files\Acer
O43 - CFD:Common File Directory ----D- C:\Program Files\Acer Arcade Live
O43 - CFD:Common File Directory ----D- C:\Program Files\Acer GameZone
O43 - CFD:Common File Directory ----D- C:\Program Files\Acer Incorporated
O43 - CFD:Common File Directory ----D- C:\Program Files\Ad-Remover
O43 - CFD:Common File Directory ----D- C:\Program Files\Adobe
O43 - CFD:Common File Directory ----D- C:\Program Files\bin32
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files
O43 - CFD:Common File Directory ----D- C:\Program Files\CyberLink
O43 - CFD:Common File Directory ----D- C:\Program Files\eMule
O43 - CFD:Common File Directory ----D- C:\Program Files\epson
O43 - CFD:Common File Directory ----D- C:\Program Files\Epson Software
O43 - CFD:Common File Directory ----D- C:\Program Files\eSobi
O43 - CFD:Common File Directory -SH-D- C:\Program Files\Fichiers communs
O43 - CFD:Common File Directory ----D- C:\Program Files\Fluendo
O43 - CFD:Common File Directory ----D- C:\Program Files\Google
O43 - CFD:Common File Directory --H-D- C:\Program Files\InstallShield Installation Information
O43 - CFD:Common File Directory ----D- C:\Program Files\Internet Explorer
O43 - CFD:Common File Directory ----D- C:\Program Files\log
O43 - CFD:Common File Directory ----D- C:\Program Files\Malwarebytes' Anti-Malware
O43 - CFD:Common File Directory ----D- C:\Program Files\McAfee
O43 - CFD:Common File Directory ----D- C:\Program Files\McAfee Security Scan
O43 - CFD:Common File Directory ----D- C:\Program Files\McAfee.com
O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft
O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft Games
O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft Office
O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft Office Suite Activation Assistant
O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft Silverlight
O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft SQL Server Compact Edition
O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft Works
O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft.NET
O43 - CFD:Common File Directory ----D- C:\Program Files\Movie Maker
O43 - CFD:Common File Directory ----D- C:\Program Files\MSBuild
O43 - CFD:Common File Directory ----D- C:\Program Files\MSXML 4.0
O43 - CFD:Common File Directory ----D- C:\Program Files\Nero
O43 - CFD:Common File Directory ----D- C:\Program Files\NewTech Infosystems
O43 - CFD:Common File Directory ----D- C:\Program Files\NVIDIA Corporation
O43 - CFD:Common File Directory ----D- C:\Program Files\OfferBox
O43 - CFD:Common File Directory ----D- C:\Program Files\PhotoFiltre
O43 - CFD:Common File Directory ----D- C:\Program Files\PlayReady
O43 - CFD:Common File Directory ----D- C:\Program Files\profile
O43 - CFD:Common File Directory ----D- C:\Program Files\Realtek
O43 - CFD:Common File Directory ----D- C:\Program Files\Reference Assemblies
O43 - CFD:Common File Directory ----D- C:\Program Files\Spybot - Search & Destroy
O43 - CFD:Common File Directory ----D- C:\Program Files\SweetIM
O43 - CFD:Common File Directory ----D- C:\Program Files\trend micro
O43 - CFD:Common File Directory --H-D- C:\Program Files\Uninstall Information
O43 - CFD:Common File Directory ----D- C:\Program Files\VirginMega
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Calendar
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Collaboration
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Defender
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Journal
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Live
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Live SkyDrive
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Mail
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Media Player
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows NT
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Photo Gallery
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Portable Devices
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Sidebar
O43 - CFD:Common File Directory ----D- C:\Program Files\YUAN
O43 - CFD:Common File Directory ----D- C:\Program Files\ZHPDiag
O43 - CFD:Common File Directory ----D- C:\Program Files\Zynga
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Adobe
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Ahead
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\DESIGNER
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\InstallShield
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\McAfee
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\microsoft shared
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Nero
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Oberon Media
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Services
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\SpeechEngines
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\System
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Windows Live
O43 - CFD:Common File Directory ----D- C:\ProgramData\Acer GameZone Console
O43 - CFD:Common File Directory ----D- C:\ProgramData\Adobe
O43 - CFD:Common File Directory ----D- C:\ProgramData\Ahead
O43 - CFD:Common File Directory -SH-D- C:\ProgramData\Application Data
O43 - CFD:Common File Directory ----D- C:\ProgramData\Arcade Lab
O43 - CFD:Common File Directory -SH-D- C:\ProgramData\Bureau
O43 - CFD:Common File Directory ----D- C:\ProgramData\CyberLink
O43 - CFD:Common File Directory -SH-D- C:\ProgramData\Desktop
O43 - CFD:Common File Directory -SH-D- C:\ProgramData\Documents
O43 - CFD:Common File Directory ----D- C:\ProgramData\Downloaded Installations
O43 - CFD:Common File Directory ----D- C:\ProgramData\eMule
O43 - CFD:Common File Directory ----D- C:\ProgramData\EPSON
O43 - CFD:Common File Directory ----D- C:\ProgramData\eSobi
O43 - CFD:Common File Directory -SH-D- C:\ProgramData\Favoris
O43 - CFD:Common File Directory -SH-D- C:\ProgramData\Favorites
O43 - CFD:Common File Directory ----D- C:\ProgramData\Friends Games
O43 - CFD:Common File Directory ----D- C:\ProgramData\Google
O43 - CFD:Common File Directory ----D- C:\ProgramData\Malwarebytes
O43 - CFD:Common File Directory ----D- C:\ProgramData\McAfee
O43 - CFD:Common File Directory ----D- C:\ProgramData\McAfee Security Scan
O43 - CFD:Common File Directory -SH-D- C:\ProgramData\Menu Démarrer
O43 - CFD:Common File Directory -S--D- C:\ProgramData\Microsoft
O43 - CFD:Common File Directory ----D- C:\ProgramData\Microsoft Help
O43 - CFD:Common File Directory -SH-D- C:\ProgramData\Modèles
O43 - CFD:Common File Directory ----D- C:\ProgramData\Nero
O43 - CFD:Common File Directory ----D- C:\ProgramData\Norton
O43 - CFD:Common File Directory ----D- C:\ProgramData\NortonInstaller
O43 - CFD:Common File Directory ----D- C:\ProgramData\NVIDIA
O43 - CFD:Common File Directory ----D- C:\ProgramData\SiteAdvisor
O43 - CFD:Common File Directory ----D- C:\ProgramData\Spybot - Search & Destroy
O43 - CFD:Common File Directory -SH-D- C:\ProgramData\Start Menu
O43 - CFD:Common File Directory ----D- C:\ProgramData\SweetIM
O43 - CFD:Common File Directory ----D- C:\ProgramData\Symantec
O43 - CFD:Common File Directory ---AD- C:\ProgramData\TEMP
O43 - CFD:Common File Directory -SH-D- C:\ProgramData\Templates
O43 - CFD:Common File Directory ----D- C:\ProgramData\UDL
O43 - CFD:Common File Directory ----D- C:\ProgramData\WindowsSearch
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Adobe
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Ahead
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\DESIGNER
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\InstallShield
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\McAfee
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\microsoft shared
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Nero
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Oberon Media
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Services
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\SpeechEngines
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\System
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Windows Live

---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.00000000000000000000000000000000] - 11/09/2010 - 13:52:09 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\WindowsUpdate.log [1603828]
O44 - LFC:[MD5.00000000000000000000000000000000] - 11/09/2010 - 13:48:03 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\LogConfigTemp.xml [0]
O44 - LFC:[MD5.771E677A2B67BCA8E43FC9E2A93DC168] - 11/09/2010 - 13:47:47 -S-A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\bootstat.dat [67584]
O44 - LFC:[MD5.BE36F9E5C7715C0495D675A2F33EFD19] - 11/09/2010 - 13:47:45 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\PFRO.log [2678178]
O44 - LFC:[MD5.C7DD7D9739785BD3A6B8499EEC1DEE7E] - 11/09/2010 - 10:50:47 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Windows\System32\drivers\mbamswissarmy.sys [38224]
O44 - LFC:[MD5.67B48A903430C6D4FB58CBACA1866601] - 11/09/2010 - 10:50:45 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Windows\System32\drivers\mbam.sys [20952]
O44 - LFC:[MD5.4AE18CEF7F93BB62D8ACF7B7470C95F4] - 11/09/2010 - 10:49:39 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\PerfStringBackup.INI [1470810]
O44 - LFC:[MD5.CE8BAF9968A8537BDE3E0CE071696D0E] - 11/09/2010 - 10:49:39 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\perfc009.dat [101052]
O44 - LFC:[MD5.6897916B32097626186024074827D43F] - 11/09/2010 - 10:49:39 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\perfc00C.dat [123350]
O44 - LFC:[MD5.711795D74A420D86A433BFDECC539BC0] - 11/09/2010 - 10:49:39 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\perfh009.dat [586980]
O44 - LFC:[MD5.078F0F30A1148D21050BDB3EF2DA3A99] - 11/09/2010 - 10:49:39 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\perfh00C.dat [669328]
O44 - LFC:[MD5.594D157F16E3C984A4722105D4FAFDB1] - 11/09/2010 - 09:35:26 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Ad-Report-CLEAN[2].txt [2102]
O44 - LFC:[MD5.22ED81CD7FC823B68A750ABF97166FE0] - 11/09/2010 - 09:25:37 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Ad-Report-CLEAN[1].txt [2779]
O44 - LFC:[MD5.56E73475D99BFFE533EA3141D82F4DC3] - 11/09/2010 - 09:17:28 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Ad-Report-SCAN[1].txt [2715]
O44 - LFC:[MD5.187FF7EA545FFB50A86A5A59ADBD800F] - 11/09/2010 - 08:23:02 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\UsbFix.txt [2780]
O44 - LFC:[MD5.26AAC193BC50ED9D6E3C7D4821E4231F] - 11/09/2010 - 08:22:47 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\UsbFix_Upload_Me_PC-DE-ANNELISE.zip [2676]
O44 - LFC:[MD5.60E72B0A71970CABC0A33D8975A94B07] - 10/09/2010 - 18:45:32 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\MEMORY.DMP [367242980]
O44 - LFC:[MD5.4CE91CEDF6EC0F5FDFF2B6E2DB4E520A] - 05/09/2010 - 09:34:42 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\NeroDigital.ini [69]
O44 - LFC:[MD5.EEBB0FA277FF042F70E581A2E4C494F9] - 27/08/2010 - 21:30:50 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\PhotoSnapViewer.INI [151]
O44 - LFC:[MD5.403F171BE080DF2B7A3865F014F4D0CA] - 19/08/2010 - 20:56:15 ---A- . (.McAfee, Inc. - McAfee Driver Cleaning Driver.) -- C:\Windows\System32\drivers\mfeclnk.sys [9344]
O44 - LFC:[MD5.53ED75F57E87831D3651FF32CB3D5648] - 19/08/2010 - 20:55:53 ---A- . (.McAfee, Inc. - Anti-Virus Mini-Firewall Driver.) -- C:\Windows\System32\drivers\mfewfpk.sys [160720]
O44 - LFC:[MD5.E411594AC94BAEF7F8EA991CC8F47FD1] - 19/08/2010 - 20:55:53 ---A- . (.McAfee, Inc. - McAfee Code Analysis Driver.) -- C:\Windows\System32\drivers\mferkdet.sys [83496]
O44 - LFC:[MD5.738EA065C00112C46A64ECF7F6D81902] - 19/08/2010 - 20:55:53 ---A- . (.McAfee, Inc. - McAfee NDIS Light Filter Driver.) -- C:\Windows\System32\drivers\mfenlfk.sys [64304]
O44 - LFC:[MD5.B77E959E1C50D3E3A9D9EF423BE62E09] - 19/08/2010 - 20:55:52 ---A- . (.McAfee, Inc. - Access Protection Filter Driver.) -- C:\Windows\System32\drivers\mfeapfk.sys [95568]
O44 - LFC:[MD5.E84596FCB591117F5597498A5F82AD97] - 19/08/2010 - 20

Réponse 14 / 21

moment de grace Messages postés 29042 Date d'inscription samedi 6 décembre 2008 Statut Contributeur sécurité Dernière intervention 18 juillet 2013 2 272
11 sept. 2010 à 16:20

Réponse 15 / 21

annelise
11 sept. 2010 à 18:33

http://www.cijoint.fr/cjlink.php?file=cj201009/cijF6wZNvT.txt

Réponse 16 / 21

moment de grace Messages postés 29042 Date d'inscription samedi 6 décembre 2008 Statut Contributeur sécurité Dernière intervention 18 juillet 2013 2 272
11 sept. 2010 à 19:12

Copie tout le texte présent en gras ci-dessous ( tu le selectionnes avec ta souris / Clique droit dessus et choisis "copier" ou fait Ctrl+C )

O2 - BHO: OfferBox - {FC0D62C2-9640-4AEB-A5D5-CF25DF11FA8C} . (.Secure Digital Services Limited - OfferBox.) -- C:\Program Files\OfferBox\OfferBoxBHO.dll
[HKCU\Software\AppDataLow\Toolbar]

Puis Lance ZHPFix depuis le raccourci du bureau .

* Une fois l'outil ZHPFix ouvert , clique sur le bouton [ H ] ( "coller les lignes Helper" ) .

* Dans l'encadré principal tu verras donc les lignes que tu as copié précédemment apparaitrent .

Vérifie que toutes les lignes que je t'ai demandé de copier (et seulement elles) sont dans la fenêtre.

Clique sur " Ok " , puis " Tous " et enfin " Nettoyer ".

Copie/Colle le rapport à l'écran dans ton prochain message

le rapport se trouve dans le dossier de zhpdiag dans program files sous le nom de ZHPFixReport

Réponse 17 / 21

annelise
12 sept. 2010 à 08:26

Rapport de ZHPFix v1.12.3148 par Nicolas Coolman, Update du 09/09/2010
Fichier d'export Registre : C:\ZHPExportRegistry-12-09-2010-08-22-30.txt
Run by anne lise at 12/09/2010 08:22:30
Web site : http://www.premiumorange.com/zeb-help-process/zhpfix.html
Contact : nicolascoolman@yahoo.fr

========== Clé(s) du Registre ==========
O2 - BHO: OfferBox - {FC0D62C2-9640-4AEB-A5D5-CF25DF11FA8C} . (.Secure Digital Services Limited - OfferBox.) -- C:\Program Files\OfferBox\OfferBoxBHO.dll => Clé supprimée avec succès
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FC0D62C2-9640-4AEB-A5D5-CF25DF11FA8C}] => Clé supprimée avec succès
[HKCR\CLSID\{FC0D62C2-9640-4AEB-A5D5-CF25DF11FA8C}] => Clé supprimée avec succès
HKCU\Software\AppDataLow\Toolbar => Clé supprimée avec succès

========== Récapitulatif ==========
4 : Clé(s) du Registre

End of the scan

Réponse 18 / 21

moment de grace Messages postés 29042 Date d'inscription samedi 6 décembre 2008 Statut Contributeur sécurité Dernière intervention 18 juillet 2013 2 272
12 sept. 2010 à 08:34

ok

comment va ce pc ?

Réponse 19 / 21

annelise
12 sept. 2010 à 08:37

franchement il va nikel heureusement qu'il y a des personnes commme toi pour nous aider. Je n'ai plus des fenetres de conversations qui s'ouvrent sans cesse. je te remercie

Réponse 20 / 21

moment de grace Messages postés 29042 Date d'inscription samedi 6 décembre 2008 Statut Contributeur sécurité Dernière intervention 18 juillet 2013 2 272
12 sept. 2010 à 08:43

bien

pour finir et en en te souhaitant une bonne continuation

1)

* Lancez Adobe Reader
* Cliquez sur Edition --> Préférences --> JavaScript
* Décochez "Activer Acrobat JavaScript"
* Validez

....................

2)
IMPORTANT

Purger la restauration systeme vista
https://www.commentcamarche.net/faq/13214-vista-desactiver-reactiver-la-restauration-systeme-de-vista

.................

3)
Clique droit sur l'icône ZHPFix.exe sur ton Bureau,
puis sélectionne 'Exécuter en tant qu'administrateur'.

Clique sur le A rouge (Nettoyeur de Tools).

Clique sur Nettoyer.

Fais redémarrer l'ordi pour terminer le nettoyage.
...................

Recommandations pour l'avenir

Tu es la meilleure protection pour ton pc que tout autre antivirus, si tu admets un minimum de rigueur dans son utilisation...Les virus sont vigilants et pénètrent ta machine par toutes les portes que tu laisseras ouvertes...
- logiciels non à jour (windows, internet explorer, java, adobe reader etc)
- installation de toolbar
- fréquentation de sites piégés
- P2P
- Application de cracks
- Supports usb

Pour t'aider dans cette tâche, voici quelques pistes

Pour naviguer sur internet plus en sécurité et à l'abri des publicités, je te conseille vivement d'installer et d'utiliser le navigateur firefox
http://www.mozilla-europe.org/fr/firefox/

Une fois que c'est fait, lances le et installe l'extension de sécurité adblock plus
pour bloquer les publicités
https://addons.mozilla.org/fr/mobile/addon/1865

............................

WOT - Extension pour ton navigateur internet :
Voici une extension à télécharger qui te permettra, en faisant tes recherches sur google, de savoir si le site proposé lors de tes recherches est un site de confiance ou un site à éviter car il pourrait infecter ton PC :
Pour Firefox : https://addons.mozilla.org/fr/firefox/addon/wot-safe-browsing-tool/
Pour internet explorer : https://chrome.google.com/webstore/detail/wot-web-of-trust-website/bhmmomiinigofkjcapegjjndpbikblnp

........................

Tu dois aussi mettre à jour tous tes autres programmes pour combler des failles de sécurité... Vérifie les mises disponibles à l'aide de ce petit programme (choisis la version sans installation) : Update Checker
https://www.commentcamarche.net/telecharger/utilitaires/9771-filehippo-app-manager/
Et particulièrement Internet explorer, même s'il n'est pas ton navigateur, car les MAJ sécurité Windows ne s'opèrent que par ce chemin là

......................................

Pour éviter une infection toolbar, il faut tout lire attentivement lorsque tu installes un programme gratuit, et décocher tous les programmes additionnels qui sont proposés, en particulier les barres d'outils !

..........................

Vaccines tes disques amovibles à l'aide de USBFix (de Chiquitine29 et C_XX)
http://pagesperso-orange.fr/NosTools/Chiquitine29/UsbFix.exe
Au menu principal, choisis l'option 3 (Vaccination).

explications ici https://forum.malekal.com/viewtopic.php?t=5544&start=
............................

garder Malwarebytes et faire un examen de temps en temps ton PC, avec mise à jour avant chaque scan
.......................

Télécharge et installe CCleaner (N'installe pas la Yahoo Toolbar) :
https://www.commentcamarche.net/telecharger/utilitaires/5647-ccleaner/

* Lance-le.(clic droit "en tant qu'administrateur" pour Vista) Va dans Options puis Avancé et décoche la case Effacer uniquement les fichiers etc....
* Va dans Nettoyeur, choisis Analyse. Une fois terminé, lance le nettoyage.
* Ensuite, choisis Registre, puis Chercher des erreurs. Une fois terminé, répare toutes les erreurs tant de fois qu il en trouve a l analyse

..........................
utilitaire pour défragmenter , utilises pour ce faire Defraggler https://www.clubic.com/telecharger-fiche44314-defraggler.html

........................
A lire pour mieux comprendre l'environnement qui t'entoure
http://assiste.com.free.fr/p/abc/a/zombies_et_botnets.html
https://www.malekal.com/fichiers/projetantimalwares/ProjetAntiMalware-courte.pdf

http://www.libellules.ch/...

Discussions similaires

piratage compte facebook

Est ce que le site tlauncher est dangereux ?

Comment savoir si j'ai attrapé un virus sur mon téléphone ?

Avis iPhone sans Face ID

Virus Altruistic

Discussions similaires

Newsletters