virus adware-onestep.k

Question

Bonjour, A chaque examen de mon ordi par McAfee , il détecte un programme potentiellement indésirable intitulé "adware-onestep.k" quand j'essaye de le mettre en quarantaine cela me donne "problème non corrigé"
J'ai essayé plusieurs solutions avec ZHP Diag - Rkill - malwarebytes mais je n'arrive pas à m'en débarasser.
Ce virus est-il dangereux pour mon ordi ?
Sur quoi agit-il
Comment faire pour m'en débarasser
Merci d'avance à tous



Configuration: Windows Vista / Internet Explorer 8.0

Utilisateur anonyme · Answer

Bonjour 

On va faire une analyse de ton systéme.  
https://www.zebulon.fr/telechargements/securite/systeme/zhpdiag.html

Ou le lien FTP en secours :
ftp://zebulon.fr/ZHPDiag2.exe 

* Télécharge ZHPDiag  ( de Nicolas coolman ).  
ou 
ZHPDiag  

                                                  *********************** 
/!\Utilisateurs de Vista et Windows 7 : Clique droit sur le logo de ZHPDiag.exe, " exécuter en tant qu'Administrateur /!\  
* Laisse toi guider lors de l'installation  
* Il se lancera automatiquement à la fin de l'installation  
* Clique sur l'icône représentant une loupe (« Lancer le diagnostic »)  
* Enregistre le rapport sur ton Bureau à l'aide de l'icône représentant une disquette  
* Héberge le rapport ZHPDiag.txt sur le site cijoint.fr ou toofiles  puis copie/colle le lien fournit dans ta prochaine réponse sur le forum

gégé57310 · Answer

bonjour.voici le resultat de zhpdiag
Rapport de ZHPDiag v1.26.611 par Nicolas Coolman, Update du 10/09/2010
Run by Gerard at 16/02/2011 14:04:15
Web site :  http://www.premiumorange.com/zeb-help-process/zhpdiag.html
Contact : nicolascoolman@yahoo.fr

---\ Web Browser
MSIE: Internet Explorer v8.0.6001.19019
MFIE: Mozilla Firefox (3.0.18)

---\ System Information
Platform : Windows Vista (TM) Home Premium (6.0.6002) Service Pack 2
Processor: x86 Family 6 Model 23 Stepping 10, GenuineIntel
Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 3325 MB (62% free)
System drive C: has 431 GB (74%) free of 581 GB

---\ Logged in mode
Computer Name: PC-DE-GERARD
User Name: Gerard
All Users Names: Gerard, Administrateur, 
Unselected Option:  O1,O45,O61,O65,O82
Logged in as Administrator

---\ DOS/Devices
C:\ Hard drive, Flash drive, Thumb drive (Free 431 Go of 581 Go)
D:\ Hard drive, Flash drive, Thumb drive (Free 9 Go of 15 Go)
E:\ CD-ROM drive (Not Inserted)
F:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
G:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
H:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
I:\ Floppy drive, Flash card reader, USB Key (Not Inserted)


---\ Security Center & Tools Informations
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK


---\ Processus lancés
[MD5.80E69585023A52F3CC5DAF2ABCE5E17E] - (.Stardock Corporation - Dell Dock.) -- C:\Program Files\Dell\DellDock\DellDock.exe   [1316192]
[MD5.9D8040F75521313503BA5DEC4ECC33D0] - (.Realtek Semiconductor - HD Audio Control Panel.) -- C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe   [6609440]
[MD5.4CD6180CB65630F9D8028E9CF51CD64F] - (.Pas de propriétaire - DataSafeOnline.) -- C:\Program Files\Dell DataSafe Online\DataSafeOnline.exe   [1779952]
[MD5.33A8CC84A281B4C7F7FBAA6DC3CA26A4] - (.Microsoft Corporation - Microsoft Default Manager.) -- C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe   [250192]
[MD5.00D1FB0073B4A8BD2989EA8FF4CC792B] - (.SupportSoft, Inc. - Dell Support Center Updates.) -- C:\Program Files\Dell Support Center\bin\sprtcmd.exe   [206064]
[MD5.874A7610503D482B4DE1C8BB87BC75F5] - (.McAfee, Inc. - McAfee Security Center.) -- C:\Program Files\McAfee.com\Agent\mcagent.exe   [1193848]
[MD5.6B87742F27B087AF7FD4ADC2DB685DE0] - (.Advanced Micro Devices Inc. - Catalyst Control Center: Monitoring program.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe   [49152]
[MD5.CE8D6FF5BEDDA023F7A1BB3FA34130DE] - (.Nero AG - Nero Home.) -- C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe   [143360]
[MD5.BF08674925F151BD4537B89A493E3E0C] - (.Microsoft Corporation - Media Center Tray Applet.) -- C:\Windows\ehome\ehtray.exe   [125952]
[MD5.FEA69C05F185C50F47937ACC2CD4656C] - (.France Telecom SA - Pas de description.) -- C:\Program Files\OrangeHSS\Launcher\Launcher.exe   [598016]
[MD5.4D7659E640A60CF69DF6911CDDCF9788] - (.Nero AG - Nero Home.) -- C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe   [905216]
[MD5.5A56936640ECF4DBC94FDB9A759EDF23] - (.France Telecom SA - Pas de description.) -- C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\AlertModule\0\AlertModule.exe   [90112]
[MD5.0F4195B9B348DE5CF9B822F81704B20E] - (.Microsoft Corporation - Media Center Media Status Aggregator Servic.) -- C:\Windows\ehome\ehmsas.exe   [37376]
[MD5.4C08FB7ACB28689B586D986D3F5826CF] - (.ATI Technologies Inc. - Catalyst Control Centre: Host application.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe   [49152]
[MD5.19669327968537BA685F5C836180B493] - (.France Telecom SA - Pas de description.) -- C:\Program Files\OrangeHSS\systray\systrayapp.exe   [94208]
[MD5.592796DC728E43393C780B5F6A977277] - (.Pas de propriétaire - Pas de description.) -- C:\Program Files\OrangeHSS\Deskboard\deskboard.exe   [1040384]
[MD5.377586E4672C472C6E8AFD370F253D46] - (.France Telecom SA - Pas de description.) -- C:\Program Files\OrangeHSS\connectivity\connectivitymanager.exe   [716800]
[MD5.3697F31073E11AACAD51546772590F65] - (.France Telecom SA - Pas de description.) -- C:\Program Files\OrangeHSS\connectivity\CoreCom\CoreCom.exe   [364544]
[MD5.4651E788FF17882DCF53EE3403E09F3C] - (.France Telecom SA - Pas de description.) -- C:\Program Files\OrangeHSS\connectivity\CoreCom\OraConfigRecover.exe   [28672]
[MD5.A7723617EAF467CD162E1682776F33D8] - (.France Telecom SA - Pas de description.) -- C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTCOMModule\0\FTCOMModule.exe   [65536]
[MD5.20A098A4D12E49342228D3AFE98EAFDF] - (.Microsoft Corporation - Windows Live Toolbar User Elevation Helper.) -- C:\Program Files\Windows Live\Toolbar\wltuser.exe   [223584]
[MD5.711FD53E441255983C0AB014E2F107F4] - (.Adobe Systems, Inc. - Adobe® Flash® Player Installer/Uninstaller.) -- C:\Windows\system32\Macromed\Flash\FlashUtil10l_ActiveX.exe   [233936]
[MD5.B988D7F127B94BD5BF8356FE81B985C4] - (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe   [638232]
[MD5.8B4022226C18FA378C324C11CBADDA36] - (.Google Inc. - Google Toolbar Broker.) -- C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe   [304304]
[MD5.652917E46875E3AF8189AFA3FAAA98AC] - (.Nicolas Coolman - Diagnostic Tool.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe   [549376]


---\ Page de démarrage de Mozilla Firefox (M0)
M0 - MFSP: prefs.js [Gerard - by8afw0b.default] http://www.lo.st


---\ Programmes d'extension pour Mozilla Firefox (M2)
M2 - MFEP: prefs.js [Gerard - by8afw0b.default\ChoiceGuard@Microsoft] [] Microsoft Choice Guard 2.0 (.Microsoft.)
M2 - MFEP: prefs.js [Gerard - by8afw0b.default\{20a82645-c095-46ed-80e3-08825760534b}] [MicrosoftCG] Microsoft .NET Framework Assistant 1.1 (.Microsoft.)
M2 - MFEP: prefs.js [Gerard - by8afw0b.default\{3112ca9c-de6d-4884-a869-9855de68056c}] [] Google Toolbar for Firefox 7.0.20100326W (.Google Inc..)
M2 - MFEP: prefs.js [Gerard - by8afw0b.default\{364d4e0c-543f-4b85-abe3-19551139da4f}] [] Softonic_France Toolbar 2.7.1.3 (.Conduit Ltd..)
M2 - MFEP: prefs.js [Gerard - by8afw0b.default\{c2db4fe6-8409-45ce-8010-189a7b5cce86}] [] NCH Toolbar 2.7.2.0 (.Conduit Ltd..)


---\ Plugins de navigateurs Opera/Firefox(P1/P2)
P2 - FPN:Firefox Plugin Navigator . (.mozilla.org - Default Plug-in.) -- C:\Program Files\Mozilla Firefox\Plugins
pnul32.dll
P2 - FPN:Firefox Plugin Navigator . (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape 10.0.1.) -- C:\Program Files\Mozilla Firefox\Plugins
ppdf32.dll
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\Macromed\Flash\NPSWF32.dll
P2 - FPN: [HKLM] [@Google.com/GoogleEarthPlugin] - (.Google - GEPlugin.) -- C:\Program Files\Google\Google Earth\plugin
pgeplugin.dll
P2 - FPN: [HKLM] [@ma-config.com/HardwareDetection] - (.Cybelsoft - Plugin NPAPI Ma-Config.com.) -- C:\Program Files\ma-config.com
phardwaredetection.dll
P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (. Microsoft Corporation - 4.0.51204.0.) -- c:\Program Files\Microsoft Silverlight\4.0.51204.0
pctrl.dll
P2 - FPN: [HKLM] [@microsoft.com/OfficeLive,version=1.5] - (.Microsoft Corp. - Office Live Update v1.5.) -- C:\Program Files\Microsoft\Office Live
pOLW.dll
P2 - FPN: [HKLM] [@microsoft.com/WLPG,version=14.0.8117.0416] - (.Microsoft Corporation - NPWLPG.) -- C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
P2 - FPN: [HKLM] [@microsoft.com/WPF,version=3.5] - (.Microsoft Corporation - Windows Presentation Foundation (WPF) plug-in for Mozilla browsers.) -- c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=8] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.2.183.39
pGoogleOneClick8.dll


---\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2)
F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\WINDOWS\explorer.exe
F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"


---\ Pages de démarrage d'Internet Explorer (R0)
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.orange.fr
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr


---\ Pages de recherche d'Internet Explorer (R1)
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk


---\ Internet Explorer URLSearchHook (R3)
R3 - URLSearchHook: NCH Toolbar - {c2db4fe6-8409-45ce-8010-189a7b5cce86} . (.Conduit Ltd. - Conduit Toolbar.) (6.2.2.4) -- C:\Program Files\NCH	bNCH.dll
R3 - URLSearchHook: NCH Toolbar - {22e03916-85c5-44b0-8dc9-1830c11238d9} . (.Conduit Ltd. - Conduit Toolbar.) (6.2.7.3) -- C:\Program Files\Elf_1	bElf_.dll
R3 - URLSearchHook: NCH Toolbar - {b9d63c58-90cc-428b-8d3b-cbb88eb07e7e} . (.Conduit Ltd. - Conduit Toolbar.) (6.2.7.3) -- C:\Program Files\Elf_1.15	bElf_.dll
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} . (.Pas de propriétaire - Pas de description.) (No version) -- C:\Program Files\OrangeHSS\SearchURLHook\SearchPageURL.dll
R3 - URLSearchHook: Search Class - {c2db4fe6-8409-45ce-8010-189a7b5cce86} . (.Conduit Ltd. - Conduit Toolbar.) (6.2.2.4) -- C:\Program Files\NCH	bNCH.dll
R3 - URLSearchHook: Search Class - {22e03916-85c5-44b0-8dc9-1830c11238d9} . (.Conduit Ltd. - Conduit Toolbar.) (6.2.7.3) -- C:\Program Files\Elf_1	bElf_.dll
R3 - URLSearchHook: Search Class - {b9d63c58-90cc-428b-8d3b-cbb88eb07e7e} . (.Conduit Ltd. - Conduit Toolbar.) (6.2.7.3) -- C:\Program Files\Elf_1.15	bElf_.dll


---\ Browser Helper Objects de navigateur (O2)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Elf 1 Toolbar - {22e03916-85c5-44b0-8dc9-1830c11238d9} . (.Conduit Ltd. - Conduit Toolbar.) -- C:\Program Files\Elf_1	bElf_.dll
O2 - BHO: McAfee Phishing Filter - {27B4851A-3207-45A2-B947-BE8AFE6163AB} . (.Pas de propriétaire - Pas de description.) -- c:\progra~1\mcafee\msk\mskapbho.dll
O2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} . (.Conduit Ltd. - Conduit Toolbar.) -- C:\Program Files\ConduitEngine\ConduitEngine.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} . (.Pas de propriétaire - Pas de description.) -- (.not file.)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} . (.Microsoft Corporation - Search Helper for Internet Explorer.) -- C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} . (.McAfee, Inc. - VSCore Script Scanner.) -- C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20101106133322.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corporation - Microsoft® Windows Live ID Login Helper.) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} . (.Google Inc. - Google Toolbar.) -- C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll
O2 - BHO: Elf 1.15 Toolbar - {b9d63c58-90cc-428b-8d3b-cbb88eb07e7e} . (.Conduit Ltd. - Conduit Toolbar.) -- C:\Program Files\Elf_1.15	bElf_.dll
O2 - BHO: NCH Toolbar - {c2db4fe6-8409-45ce-8010-189a7b5cce86} . (.Conduit Ltd. - Conduit Toolbar.) -- C:\Program Files\NCH	bNCH.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} . (.Microsoft Corporation - Windows Live Toolbar Core.) -- C:\Program Files\Windows Live\Toolbar\wltcore.dll


---\ Internet Explorer Toolbars (O3)
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} . (.Microsoft Corporation - Windows Live Toolbar Core.) -- C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: NCH Toolbar - {c2db4fe6-8409-45ce-8010-189a7b5cce86} . (.Conduit Ltd. - Conduit Toolbar.) -- C:\Program Files\NCH	bNCH.dll
O3 - Toolbar: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} . (.Conduit Ltd. - Conduit Toolbar.) -- C:\Program Files\ConduitEngine\ConduitEngine.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} . (.Google Inc. - Google Toolbar.) -- C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: Elf 1 Toolbar - {22e03916-85c5-44b0-8dc9-1830c11238d9} . (.Conduit Ltd. - Conduit Toolbar.) -- C:\Program Files\Elf_1	bElf_.dll
O3 - Toolbar: Elf 1.15 Toolbar - {b9d63c58-90cc-428b-8d3b-cbb88eb07e7e} . (.Conduit Ltd. - Conduit Toolbar.) -- C:\Program Files\Elf_1.15	bElf_.dll


---\ Applications démarrées par registre & par dossier (O4)
O4 - HKLM\..\Run: [Windows Defender] . (.Microsoft Corporation - Windows Defender User Interface.) -- C:\Program Files\Windows Defender\MSASCui.exe 
O4 - HKLM\..\Run: [RtHDVCpl] . (.Realtek Semiconductor - HD Audio Control Panel.) -- C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe 
O4 - HKLM\..\Run: [StartCCC] . (.Advanced Micro Devices, Inc. - Catalyst® Control Center Launcher.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe 
O4 - HKLM\..\Run: [Dell DataSafe Online] . (.Pas de propriétaire - DataSafeOnline.) -- C:\Program Files\Dell DataSafe Online\DataSafeOnline.exe 
O4 - HKLM\..\Run: [Microsoft Default Manager] . (.Microsoft Corporation - Microsoft Default Manager.) -- C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe 
O4 - HKLM\..\Run: [dellsupportcenter] . (.SupportSoft, Inc. - Dell Support Center Updates.) -- C:\Program Files\Dell Support Center\bin\sprtcmd.exe 
O4 - HKLM\..\Run: [ORAHSSSessionManager] . (.France Telecom SA - Pas de description.) -- C:\Program Files\OrangeHSS\SessionManager\SessionManager.exe 
O4 - HKLM\..\Run: [NeroFilterCheck] . (.Nero AG - NeroCheck.) -- C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe 
O4 - HKLM\..\Run: [mcui_exe] . (.McAfee, Inc. - McAfee Security Center.) -- C:\Program Files\McAfee.com\Agent\mcagent.exe 
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe 
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe 
O4 - HKLM\..\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe 
O4 - HKCU\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe 
O4 - HKCU\..\Run: [msnmsgr] . (.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe 
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] . (.Nero AG - Nero Home.) -- C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe 
O4 - HKCU\..\Run: [ehTray.exe] . (.Microsoft Corporation - Media Center Tray Applet.) -- C:\Windows\ehome\ehTray.exe 
O4 - HKCU\..\Run: [mrnexwasco.exe] C:\Users\Gerard\AppData\Local\Temp\mrnexwasco.exe (.not file.) 
O4 - HKCU\..\Run: [v700bin00mod.exe] C:\Users\Gerard\AppData\Roaming\6998B942FC0CB5C1A8B3B1057D806DE7\v700bin00mod.exe (.not file.) 
O4 - HKCU\..\Run: [WMPNSCFG] . (.Microsoft Corporation - Application de configuration du service Par.) -- C:\Program Files\Windows Media Player\WMPNSCFG.exe 
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe 
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter 
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe 
O4 - HKUS\S-1-5-20\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter 
O4 - HKUS\S-1-5-21-3531270471-375590653-355174037-1000\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe 
O4 - HKUS\S-1-5-21-3531270471-375590653-355174037-1000\..\Run: [msnmsgr] . (.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe 
O4 - HKUS\S-1-5-21-3531270471-375590653-355174037-1000\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] . (.Nero AG - Nero Home.) -- C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe 
O4 - HKUS\S-1-5-21-3531270471-375590653-355174037-1000\..\Run: [ehTray.exe] . (.Microsoft Corporation - Media Center Tray Applet.) -- C:\Windows\ehome\ehTray.exe 
O4 - HKUS\S-1-5-21-3531270471-375590653-355174037-1000\..\Run: [mrnexwasco.exe] C:\Users\Gerard\AppData\Local\Temp\mrnexwasco.exe (.not file.) 
O4 - HKUS\S-1-5-21-3531270471-375590653-355174037-1000\..\Run: [v700bin00mod.exe] C:\Users\Gerard\AppData\Roaming\6998B942FC0CB5C1A8B3B1057D806DE7\v700bin00mod.exe (.not file.) 
O4 - HKUS\S-1-5-21-3531270471-375590653-355174037-1000\..\Run: [WMPNSCFG] . (.Microsoft Corporation - Application de configuration du service Par.) -- C:\Program Files\Windows Media Player\WMPNSCFG.exe 
O4 - Global Startup: Adobe Gamma Loader.lnk . (.Adobe Systems, Inc. - Adobe Gamma Loader.)  -- C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Dell Dock.lnk . (.Stardock Corporation - Dell Dock.)  -- C:\Program Files\Dell\DellDock\DellDock.exe


---\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8)
O8 - Extra context menu item: E&xporter vers Microsoft Excel . (.Microsoft Corporation - Microsoft Office Excel.) -- C:\PROGRA~1\MICROS~2\Office12\EXCEL.exe
O8 - Extra context menu item: Google Sidewiki... . (.Google Inc. - Google Toolbar for Internet Explorer.) -- C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll


---\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} . (.Microsoft Corporation - Windows Live Writer Blog This Extension.) -- C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} . (.Microsoft Corporation - Microsoft Office OneNote Internet Explorer Add-in.) -- C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (.Pas de propriétaire - Pas de description.) -- C:\PROGRA~1\MICROS~2\Office12\REFBARH.ICO


---\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d'affectation de noms de messagerie.) -- C:\Windows\system32
apinsp.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur d'espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur d'espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\Windows\system32\mswsock.dll
O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll


---\ Site dans la Zone de confiance d'Internet Explorer (O15)
O15 - Trusted Zone: [HKCU\...\Domains] http.mappy.com
O15 - Trusted Zone: [HKCU\...\Domains\www] http.mappy.com
O15 - Trusted Zone: [HKCU\...\Domains] http.orange.fr
O15 - Trusted Zone: [HKCU\...\Domains\www] http.orange.fr


---\ Objets ActiveX (Downloaded Program Files)(O16)
O16 - DPF: {04CB5B64-5915-4629-B869-8945CEBADD21} (Module de délivrance de certificat MINEFI) - https://static.impots.gouv.fr/abos/static/securite/certdgi1.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} () - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab


---\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{63A2C456-2C9D-452E-BD7C-28821ADEFCDB}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{63A2C456-2C9D-452E-BD7C-28821ADEFCDB}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{63A2C456-2C9D-452E-BD7C-28821ADEFCDB}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 192.168.1.1


---\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: GoToAssist . (.Citrix Online, a division of Citrix Systems - Citrix Online GoToAssist.) -- C:\Program Files\Citrix\GoToAssist\514\G2AWinLogon.dll


---\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} . (.Microsoft Corporation - Contrôleur de site Web.) -- C:\Windows\System32\webcheck.dll


---\ Clé de Registre autorun SharedTaskScheduler (STS) (O22)
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\Windows\system32\browseui.dll


---\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: Andrea RT Filters Service (AERTFilters) . (.Andrea Electronics Corporation - Andrea filters APO access service (32-bit).) - C:\Program Files\Realtek\Audio\HDA\AERTSrv.exe
O23 - Service:  (Ati External Event Utility) . (.ATI Technologies Inc. - ATI External Event Utility EXE Module.) - C:\Windows\system32\Ati2evxx.exe
O23 - Service: Dock Login Service (DockLoginService) . (.Stardock Corporation - Dock Login Service.) - C:\Program Files\Dell\DellDock\DockLogin.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) . (.France Telecom SA - Pas de description.) - C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
O23 - Service: Service Google Update (gupdate) (gupdate) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Service McAfee Personal Firewall (McMPFSvc) . (.McAfee, Inc. - McAfee Service Host.) - C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
O23 - Service: McAfee Services (mcmscsvc) . (.McAfee, Inc. - McAfee Service Host.) - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
O23 - Service: McAfee VirusScan Announcer (McNaiAnn) . (.McAfee, Inc. - McAfee Service Host.) - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
O23 - Service: McAfee Network Agent (McNASvc) . (.McAfee, Inc. - McAfee Service Host.) - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
O23 - Service: McAfee Proxy Service (McProxy) . (.McAfee, Inc. - McAfee Service Host.) - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
O23 - Service: McShield (McShield) . (.McAfee, Inc. - McAfee On-Access Scanner service.) - C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
O23 - Service: McAfee Firewall Core Service (mfefire) . (.McAfee, Inc. - McAfee Core Firewall Service.) - C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
O23 - Service: McAfee Validation Trust Protection Service (mfevtp) . (.McAfee, Inc. - McAfee Process Validation Service.) - C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe
O23 - Service: McAfee Anti-Spam Service (MSK80Service) . (.McAfee, Inc. - McAfee Service Host.) - C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
O23 - Service: SoftThinks Agent Service (SftService) . (.SoftThinks - SoftThinks Agent Service.) - C:\Program Files\Dell DataSafe Local Backup\sftservice.exe
O23 - Service: SupportSoft Sprocket Service (DellSupportCenter) (sprtsvc_DellSupportCenter) . (.SupportSoft, Inc. - SupportSoft Agent Service.) - C:\Program Files\Dell Support Center\bin\sprtsvc.exe


---\ Enumération Active Desktop & MHTML Editor (O24)
O24 - Default MHTML Editor: Last - .(.Pas de propriétaire - Pas de description.) -  (.not file.)


---\ Tâches planifiées en automatique (O39)
O39 - APT:Automatic Planified Task  - C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
O39 - APT:Automatic Planified Task  - C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
O39 - APT:Automatic Planified Task  - C:\Windows\Tasks\User_Feed_Synchronization-{C65D1A6F-1677-4A4F-8E58-B141AF407C14}.job


---\ Composants installés (ActiveSetup Installed Components) (O40)
O40 - ASIC: Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608500} . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre6\binegutils.dll
O40 - ASIC: PixiePack Codec Pack 1.1.1200.0 - {A8D647C8-65AC-409F-B7B2-3C0FEE1A32F2} . (.Pas de propriétaire - Pas de description.) -- C:\Program Files\PixiePack Codec Pack\InstallerHelper.exe
O40 - ASIC: Adobe Flash Player - {D27CDB6E-AE6D-11CF-96B8-444553540000} . (.Adobe Systems, Inc. - Adobe Flash Player 10.1 r102.) -- C:\Windows\system32\Macromed\Flash\Flash10l.ocx


---\ Pilotes lancés au démarrage (O41)
O41 - Driver: McAfee NDIS Light Filter (mfenlfk) . (.McAfee, Inc. - McAfee NDIS Light Filter Driver.) - C:\Windows\system32\DRIVERS\mfenlfk.sys
O41 - Driver: McAfee Inc. mfewfpk (mfewfpk) . (.McAfee, Inc. - Anti-Virus Mini-Firewall Driver.) - C:\Windows\system32\drivers\mfewfpk.sys


---\ Logiciels installés (O42)
O42 - Logiciel: ATI Catalyst Control Center - (.Pas de propriétaire.) [HKLM] -- {055EE59D-217B-43A7-ABFF-507B966405D8}
O42 - Logiciel: AVS Update Manager 1.0 - (.Online Media Technologies Ltd..) [HKLM] -- AVS Update Manager_is1
O42 - Logiciel: AVS Video Converter 7 - (.Online Media Technologies Ltd..) [HKLM] -- AVS4YOU Video Converter 7_is1
O42 - Logiciel: AVS4YOU Software Navigator 1.4 - (.Online Media Technologies Ltd..) [HKLM] -- AVS4YOU Software Navigator_is1
O42 - Logiciel: Adobe Flash Player 10 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX
O42 - Logiciel: Adobe Flash Player 10 Plugin - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player Plugin
O42 - Logiciel: Adobe Photoshop 7.0 - (.Adobe Systems, Inc..) [HKLM] -- Adobe Photoshop 7.0
O42 - Logiciel: Adobe Reader X (10.0.1) - Français - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-1036-7B44-AA0000000001}
O42 - Logiciel: ArcSoft Software Suite - (.ArcSoft.) [HKLM] -- {F96368D6-ECE9-4502-B5C4-A4200637F2A3}
O42 - Logiciel: Assistant de connexion Windows Live ID - (.Microsoft Corporation.) [HKLM] -- {0840B4D6-7DD1-4187-8523-E6FC0007EFB7}
O42 - Logiciel: Catalyst Control Center - Branding - (.ATI.) [HKLM] -- {A69D7B32-2BE9-42BF-B576-69B5E0FF7394}
O42 - Logiciel: Conduit Engine - (.Conduit Ltd..) [HKLM] -- conduitEngine
O42 - Logiciel: Dell DataSafe Local Backup - (.Dell.) [HKLM] -- {0ED7EE95-6A97-47AA-AD73-152C08A15B04}
O42 - Logiciel: Dell DataSafe Local Backup - Support Software - (.Dell.) [HKLM] -- {A9668246-FB70-4103-A1E3-66C9BC2EFB49}
O42 - Logiciel: Dell DataSafe Online - (.Dell, Inc..) [HKLM] -- {13766F76-6C8C-4E57-A9F3-3212D1C6E0D1}
O42 - Logiciel: Dell Dock - (.Dell.) [HKLM] -- {E00B477F-8558-45DA-B25A-69935FB89A94}
O42 - Logiciel: Dell Edoc Viewer - (.Dell Inc.) [HKLM] -- {3138EAD3-700B-4A10-B617-B3F8096EE30D}
O42 - Logiciel: Dell Getting Started Guide - (.Dell Inc..) [HKLM] -- {7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}
O42 - Logiciel: Dell Support Center (Logiciel de support) - (.Dell.) [HKLM] -- {E3BFEE55-39E2-4BE0-B966-89FE583822C1}
O42 - Logiciel: Dell-eBay - (.Dell.) [HKLM] -- {B935C985-A17F-484B-8470-09E4FC27DC26}
O42 - Logiciel: Elf 1 Toolbar - (.Elf 1.) [HKLM] -- Elf_1 Toolbar
O42 - Logiciel: Elf 1.15 Toolbar - (.Elf 1.15.) [HKLM] -- Elf_1.15 Toolbar
O42 - Logiciel: FormatFactory 2.30 - (.Free Time.) [HKLM] -- FormatFactory
O42 - Logiciel: Free Mp3 Wma Converter V 1.81 - (.Pas de propriétaire.) [HKLM] -- Free Mp3 Wma Converter_is1
O42 - Logiciel: Galerie de photos Windows Live - (.Microsoft Corporation.) [HKLM] -- {1EE04769-91C4-4A06-92B7-FCAFE6BABDD9}
O42 - Logiciel: GoToAssist 8.0.0.514 - (.Pas de propriétaire.) [HKLM] -- GoToAssist
O42 - Logiciel: Google Chrome - (.Google Inc..) [HKLM] -- Google Chrome
O42 - Logiciel: Google Toolbar for Internet Explorer - (.Google Inc..) [HKLM] -- {18455581-E099-4BA8-BC6B-F34B2F06600C}
O42 - Logiciel: Google Toolbar for Internet Explorer - (.Google Inc..) [HKLM] -- {2318C2B1-4965-11d4-9B18-009027A5CD4F}
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
O42 - Logiciel: Google Earth - (.Google.) [HKLM] -- {4286E640-B5FB-11DF-AC4B-005056C00008}
O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB953595
O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB958484
O42 - Logiciel: Installation Windows Live - (.Microsoft Corporation.) [HKLM] -- WinLiveSuite_Wave3
O42 - Logiciel: Installation Windows Live - (.Microsoft Corporation.) [HKLM] -- {133742BA-6F46-4D3E-85AF-78631D9AD8B8}
O42 - Logiciel: Java(TM) 6 Update 13 - (.Sun Microsystems, Inc..) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F83216013FF}
O42 - Logiciel: Junk Mail filter update - (.Microsoft Corporation.) [HKLM] -- {8E5233E1-7495-44FB-8DEB-4BE906D59619}
O42 - Logiciel: Logiciel d'archivage WinRAR - (.Pas de propriétaire.) [HKLM] -- WinRAR archiver
O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM] -- {22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
O42 - Logiciel: Ma-Config.com - (.Cybelsoft.) [HKLM] -- {425FFD94-36BD-4933-881B-FE0B9DADF2B7}
O42 - Logiciel: Malwarebytes' Anti-Malware - (.Malwarebytes Corporation.) [HKLM] -- Malwarebytes' Anti-Malware_is1
O42 - Logiciel: McAfee SecurityCenter - (.McAfee, Inc..) [HKLM] -- MSC
O42 - Logiciel: Microsoft .NET Framework 3.5 Language Pack SP1 - fra - (.Microsoft Corporation.) [HKLM] -- {3E31821C-7917-367E-938E-E65FC413EA31}
O42 - Logiciel: Microsoft .NET Framework 3.5 SP1 - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 3.5 SP1
O42 - Logiciel: Microsoft .NET Framework 3.5 SP1 - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Client Profile
O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}
O42 - Logiciel: Microsoft .NET Framework 4 Client Profile FRA Language Pack - (.Microsoft Corporation.) [HKLM] -- {0F5B4A82-9DAF-3D13-8CB8-AEB25E4A614E}
O42 - Logiciel: Microsoft Choice Guard - (.Microsoft Corporation.) [HKLM] -- {F0E12BBA-AD66-4022-A453-A1C8A0C4D570}
O42 - Logiciel: Microsoft Default Manager - (.Microsoft Corporation.) [HKLM] -- {095B1DCF-5E8B-47EC-9B18-481918A731DB}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0016-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0018-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001B-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-006E-040C-0000-0000000FF1CE}_HOMESTUDENTR_{B165D3C2-40AE-4D39-86F7-E5C87C4264C0}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-00A1-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}
O42 - Logiciel: Microsoft Office Excel MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0016-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Home and Student 2007 - (.Microsoft Corporation.) [HKLM] -- HOMESTUDENTR
O42 - Logiciel: Microsoft Office Home and Student 2007 - (.Microsoft Corporation.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Live Add-in 1.5 - (.Microsoft Corporation.) [HKLM] -- {F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}
O42 - Logiciel: Microsoft Office OneNote MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-00A1-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office PowerPoint MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0018-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (Arabic) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0401-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (Dutch) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0413-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (English) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0409-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (German) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0407-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (Spanish) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0C0A-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proofing (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-002C-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0401-0000-0000000FF1CE}_HOMESTUDENTR_{14809F99-C601-4D4A-9391-F1E8FAA964C5}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A0516415-ED61-419A-981D-93596DA74165}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0413-0000-0000000FF1CE}_HOMESTUDENTR_{D66D5A44-E480-4BA4-B4F2-C554F6B30EBB}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}
O42 - Logiciel: Microsoft Office Shared MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-006E-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Word MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001B-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft SQL Server 2005 Compact Edition [ENU] - (.Microsoft Corporation.) [HKLM] -- {F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
O42 - Logiciel: Microsoft Search Enhancement Pack - (.Microsoft Corporation.) [HKLM] -- {4CBA3D4C-8F51-4D60-B27E-F6B641C571E7}
O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
O42 - Logiciel: Microsoft Sync Framework Runtime Native v1.0 (x86) - (.Microsoft Corporation.) [HKLM] -- {8A74E887-8F0F-4017-AF53-CBA42211AAA5}
O42 - Logiciel: Microsoft Sync Framework Services Native v1.0 (x86) - (.Microsoft Corporation.) [HKLM] -- {BD64AF4A-8C80-4152-AD77-FCDDF05208AB}
O42 - Logiciel: Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 - (.Microsoft Corporation.) [HKLM] -- {770657D0-A123-3C07-8E44-1C83EC895118}
O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable - (.Microsoft Corporation.) [HKLM] -- {837b34e3-7c30-493c-8f6a-2b0f04e2912c}
O42 - Logiciel: Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 - (.Microsoft Corporation.) [HKLM] -- {002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 - (.Microsoft Corporation.) [HKLM] -- {9A25302D-30C0-39D9-BD6F-21E6EC160475}
O42 - Logiciel: Module linguistique Microsoft .NET Framework 3.5 SP1- fra - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 3.5 Language Pack SP1 - fra
O42 - Logiciel: Module linguistique Microsoft .NET Framework 4 Client Profile FRA - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Client Profile FRA Language Pack
O42 - Logiciel: Mozilla Firefox (3.0.18) - (.Mozilla.) [HKLM] -- Mozilla Firefox (3.0.18)
O42 - Logiciel: NCH Toolbar - (.NCH.) [HKLM] -- NCH Toolbar
O42 - Logiciel: Nero 7 Premium - (.Nero AG.) [HKLM] -- {1CDFA6DE-FD15-4821-AB48-2832D6FA1036}
O42 - Logiciel: Orange - Logiciels Internet - (.Pas de propriétaire.) [HKLM] -- {ORAHSS}.UninstallSuite
O42 - Logiciel: Outil de téléchargement Windows Live - (.Microsoft Corporation.) [HKLM] -- {205C6BDD-7B73-42DE-8505-9A093F35A238}
O42 - Logiciel: PixiePack Codec Pack - (.None.) [HKLM] -- {A8D647C8-65AC-409F-B7B2-3C0FEE1A32F2}
O42 - Logiciel: Prism Video File Converter - (.NCH Software.) [HKLM] -- Prism
O42 - Logiciel: Quick Zip 4.60.019 - (.Joseph Leung.) [HKLM] -- Quick Zip_is1
O42 - Logiciel: RealWorld Paint.COM - (.RealWorld Graphics.) [HKLM] -- {B6883DA2-2EBE-4DD1-80F1-8954998E7788}
O42 - Logiciel: Realtek High Definition Audio Driver - (.Pas de propriétaire.) [HKLM] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}
O42 - Logiciel: Roxio Creator Audio - (.Roxio.) [HKLM] -- {73A4F29F-31AC-4EBD-AA1B-0CC5F18C8F83}
O42 - Logiciel: Roxio Creator Copy - (.Roxio.) [HKLM] -- {B6A26DE5-F2B5-4D58-9570-4FC760E00FCD}
O42 - Logiciel: Roxio Creator DE - (.Roxio.) [HKLM] -- {09760D42-E223-42AD-8C3E-55B47D0DDAC3}
O42 - Logiciel: Roxio Creator DE - (.Roxio.) [HKLM] -- {ED439A64-F018-4DD4-8BA5-328D85AB09AB}
O42 - Logiciel: Roxio Creator Data - (.Roxio.) [HKLM] -- {08E81ABD-79F7-49C2-881F-FD6CB0975693}
O42 - Logiciel: Roxio Creator Tools - (.Roxio.) [HKLM] -- {1F54DAFA-9261-4A62-B59D-6C9F26B48FE4}
O42 - Logiciel: Roxio Express Labeler 3 - (.Roxio.) [HKLM] -- {6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}
O42 - Logiciel: Roxio Update Manager - (.Roxio.) [HKLM] -- {30465B6C-B53F-49A1-9EBA-A3F187AD502E}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2288621) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{5C497F0B-2061-4CC9-A61C-6B45B867354D}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2288931) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{CD769337-C8AC-46DB-A7DC-643E50089263}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2289158) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{210B16C0-CEBD-4DE9-B474-04A7E8735E16}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2344875) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6FC5C4C1-D7AE-44C3-94B7-6424FC3E752F}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2345043) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{536FB502-775F-4494-BACE-C02CC90B7A5B}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB969559) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{69F52148-9BF6-4CDC-BF76-103DEAF3DD08}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB976321) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{7F207DCA-3399-40CB-A968-6E5991B1421A}
O42 - Logiciel: Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB2416473
O42 - Logiciel: Security Update for Microsoft Office Excel 2007 (KB2345035) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{B23002DD-34EC-4988-B810-A5E2A0BF04F1}
O42 - Logiciel: Security Update for Microsoft Office InfoPath 2007 (KB979441) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{8CCB781A-CF6B-4FCB-B6D8-59C64DF5C6DB}
O42 - Logiciel: Security Update for Microsoft Office PowerPoint 2007 (KB982158) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{F5B70033-E79C-4569-90BF-BC9B4E4F3F46}
O42 - Logiciel: Security Update for Microsoft Office PowerPoint Viewer (KB2413381) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3DED0A62-44C8-4E00-A785-5212F297A9D9}
O42 - Logiciel: Security Update for Microsoft Office Visio Viewer 2007 (KB973709) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{71127777-8B2C-4F97-AF7A-6CF8CAC8224D}
O42 - Logiciel: Security Update for Microsoft Office Word 2007 (KB2344993) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{7A5B74FA-7A92-4FC9-821A-2DD5D4E73E48}
O42 - Logiciel: Security Update for Microsoft Office system 2007 (972581) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}
O42 - Logiciel: Security Update for Microsoft Office system 2007 (KB974234) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{FCD742B9-7A55-44BC-A776-F795F21FEDDC}
O42 - Logiciel: USB Storage Driver - (.Pas de propriétaire.) [HKLM] -- GENEUIDE
O42 - Logiciel: Uninstall Dual Mode Camera - (.Pas de propriétaire.) [HKLM] -- Dual Mode Camera_is1
O42 - Logiciel: Update for 2007 Microsoft Office System (KB967642) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}
O42 - Logiciel: Update for Microsoft .NET Framework 3.5 SP1 (KB963707) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707
O42 - Logiciel: Update for Microsoft Office OneNote 2007 (KB980729) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{329050A9-EF80-40F9-B633-74508F54C1FF}
O42 - Logiciel: VLC media player 1.0.2 - (.VideoLAN Team.) [HKLM] -- VLC media player
O42 - Logiciel: Windows Live Call - (.Microsoft Corporation.) [HKLM] -- {B3B487E7-6171-4376-9074-B28082CEB504}
O42 - Logiciel: Windows Live Communications Platform - (.Microsoft Corporation.) [HKLM] -- {3175E049-F9A9-4A3D-8F19-AC9FB04514D1}
O42 - Logiciel: Windows Live FolderShare - (.Microsoft Corporation.) [HKLM] -- {76810709-A7D3-468D-9167-A1780C1E766C}
O42 - Logiciel: Windows Live Mail - (.Microsoft Corporation.) [HKLM] -- {5DD76286-9BE7-4894-A990-E905E91AC818}
O42 - Logiciel: Windows Live Messenger - (.Microsoft Corporation.) [HKLM] -- {445B183D-F4F1-45C8-B9DB-F11355CA657B}
O42 - Logiciel: Windows Live Movie Maker - (.Microsoft Corporation.) [HKLM] -- {230B83A5-7D88-4B95-B71E-F44C0C78B002}
O42 - Logiciel: Windows Live Toolbar - (.Microsoft Corporation.) [HKLM] -- {9D6524E6-15CF-4852-BF70-04FE973A3DE1}
O42 - Logiciel: Windows Live Writer - (.Microsoft Corporation.) [HKLM] -- {4634B21A-CC07-4396-890C-2B8168661FEA}
O42 - Logiciel: Windows Movie Maker 2.6 - (.Microsoft Corporation.) [HKLM] -- {B3DAF54F-DB25-4586-9EF1-96D24BB14088}
O42 - Logiciel: eMule - (.Pas de propriétaire.) [HKLM] -- eMule

---\ HKCU & HKLM Software Keys
[HKCU\Software\ATI]
[HKCU\Software\AVS4YOU]
[HKCU\Software\Ad-Remover]
[HKCU\Software\Adobe]
[HKCU\Software\Ahead]
[HKCU\Software\AppDataLow\Software\Conduit]
[HKCU\Software\AppDataLow\Software\Elf_1.15]
[HKCU\Software\AppDataLow\Software\Elf_1]
[HKCU\Software\AppDataLow\Software\Microsoft]
[HKCU\Software\AppDataLow\Software\Monitored]
[HKCU\Software\AppDataLow\Software\NCH]
[HKCU\Software\AppDataLow\Software\PriceGong]
[HKCU\Software\AppDataLow\Software\conduitEngine]
[HKCU\Software\AppDataLow\Software\settings]
[HKCU\Software\AppDataLow\Software]
[HKCU\Software\AppDataLow\Toolbar]
[HKCU\Software\AppDataLow]
[HKCU\Software\ArcSoft]
[HKCU\Software\CanonBJ]
[HKCU\Software\Classes]
[HKCU\Software\Clients]
[HKCU\Software\Conduit]
[HKCU\Software\Dell]
[HKCU\Software\FF]
[HKCU\Software\FreeTime]
[HKCU\Software\GNU]
[HKCU\Software\Gabest]
[HKCU\Software\Google]
[HKCU\Software\Haali]
[HKCU\Software\IM Providers]
[HKCU\Software\JavaSoft]
[HKCU\Software\LdShih]
[HKCU\Software\Macromedia]
[HKCU\Software\Malwarebytes' Anti-Malware]
[HKCU\Software\McAfee]
[HKCU\Software\MozillaPlugins]
[HKCU\Software\NCH Software]
[HKCU\Software\NCH Swift Sound]
[HKCU\Software\Nero]
[HKCU\Software\Netscape]
[HKCU\Software\ODBC]
[HKCU\Software\Official-eMule]
[HKCU\Software\Policies]
[HKCU\Software\QUAD Utilities]
[HKCU\Software\Quickzip]
[HKCU\Software\RapidSolution]
[HKCU\Software\RealWorld]
[HKCU\Software\Realtek]
[HKCU\Software\Roxio]
[HKCU\Software\Softonic]
[HKCU\Software\SupportSoft]
[HKCU\Software\VB and VBA Program Settings]
[HKCU\Software\WinRAR SFX]
[HKCU\Software\WinRAR]
[HKCU\Software\Windows Live Writer]
[HKCU\Software\cybelsoft]
[HKCU\Software\eMule]
[HKCU\Software\keyhole.com]
[HKLM\Software\AMD]
[HKLM\Software\ATI Technologies]
[HKLM\Software\ATI]
[HKLM\Software\AVS4YOU]
[HKLM\Software\Adobe]
[HKLM\Software\America Online]
[HKLM\Software\ArcSoft]
[HKLM\Software\Audible]
[HKLM\Software\AviSynth]
[HKLM\Software\BrowserChoice]
[HKLM\Software\CDDB]
[HKLM\Software\Canon]
[HKLM\Software\Caphyon]
[HKLM\Software\Citrix]
[HKLM\Software\Classes]
[HKLM\Software\Clients]
[HKLM\Software\Conduit]
[HKLM\Software\Dell]
[HKLM\Software\Elf_1.15]
[HKLM\Software\Elf_1]
[HKLM\Software\FRANCE TELECOM]
[HKLM\Software\GNU]
[HKLM\Software\Google]
[HKLM\Software\HaaliMkx]
[HKLM\Software\Intel]
[HKLM\Software\JL2005C]
[HKLM\Software\JL2005C_11]
[HKLM\Software\JL2005C_1]
[HKLM\Software\JL2005C_2]
[HKLM\Software\JL2005C_3]
[HKLM\Software\JL2005C_4]
[HKLM\Software\JL2005C_5]
[HKLM\Software\JL2005C_6]
[HKLM\Software\JL6_DECODE]
[HKLM\Software\JavaSoft]
[HKLM\Software\Macromedia]
[HKLM\Software\Malwarebytes' Anti-Malware]
[HKLM\Software\McAfee.com]
[HKLM\Software\McAfeeInstaller]
[HKLM\Software\McAfee]
[HKLM\Software\MicroVision]
[HKLM\Software\Mozilla Firefox 3.0.4]
[HKLM\Software\MozillaPlugins]
[HKLM\Software\Mozilla]
[HKLM\Software\NCH Software]
[HKLM\Software\NCH Swift Sound]
[HKLM\Software\NCH]
[HKLM\Software\Nero]
[HKLM\Software\ODBC]
[HKLM\Software\Official-eMule]
[HKLM\Software\PC-Doctor]
[HKLM\Software\Policies]
[HKLM\Software\QUAD Utilities]
[HKLM\Software\RapidSolution]
[HKLM\Software\Realtek]
[HKLM\Software\RegisteredApplications]
[HKLM\Software\Roxio]
[HKLM\Software\SRS Labs]
[HKLM\Software\SoftThinks]
[HKLM\Software\Sonic]
[HKLM\Software\SupportSoft]
[HKLM\Software\VideoLAN]
[HKLM\Software\WOW6432Node]
[HKLM\Software\WinRAR]
[HKLM\Software\ahead]
[HKLM\Software\cybelsoft]
[HKLM\Software\mozilla.org]


---\ Contenu des dossiers ProgramFiles/ProgramData (O43)
O43 - CFD:Common File Directory ----D- C:\Program Files\Ad-Remover
O43 - CFD:Common File Directory ----D- C:\Program Files\Adobe
O43 - CFD:Common File Directory ----D- C:\Program Files\ArcSoft
O43 - CFD:Common File Directory ----D- C:\Program Files\ATI Technologies
O43 - CFD:Common File Directory ----D- C:\Program Files\AVS4YOU
O43 - CFD:Common File Directory ----D- C:\Program Files\Canon
O43 - CFD:Common File Directory ----D- C:\Program Files\Citrix
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files
O43 - CFD:Common File Directory ----D- C:\Program Files\Conduit
O43 - CFD:Common File Directory ----D- C:\Program Files\ConduitEngine
O43 - CFD:Common File Directory ----D- C:\Program Files\Dell
O43 - CFD:Common File Directory ----D- C:\Program Files\Dell DataSafe Local Backup
O43 - CFD:Common File Directory ----D- C:\Program Files\Dell DataSafe Online
O43 - CFD:Common File Directory ----D- C:\Program Files\Dell Inc
O43 - CFD:Common File Directory ----D- C:\Program Files\Dell Support Center
O43 - CFD:Common File Directory ----D- C:\Program Files\Driver Mender
O43 - CFD:Common File Directory ----D- C:\Program Files\Elf_1
O43 - CFD:Common File Directory ----D- C:\Program Files\Elf_1.15
O43 - CFD:Common File Directory ----D- C:\Program Files\eMule
O43 - CFD:Common File Directory -SH-D- C:\Program Files\Fichiers communs
O43 - CFD:Common File Directory ----D- C:\Program Files\Free Audio Pack
O43 - CFD:Common File Directory ----D- C:\Program Files\FreeTime
O43 - CFD:Common File Directory ----D- C:\Program Files\Google
O43 - CFD:Common File Directory --H-D- C:\Program Files\InstallShield Installation Information
O43 - CFD:Common File Directory ----D- C:\Program Files\Intel
O43 - CFD:Common File Directory ----D- C:\Program Files\Internet Explorer
O43 - CFD:Common File Directory ----D- C:\Program Files\Java
O43 - CFD:Common File Directory ----D- C:\Program Files\JL2005C
O43 - CFD:Common File Directory ----D- C:\Program Files\lj631fr
O43 - CFD:Common File Directory ----D- C:\Program Files\lj632
O43 - CFD:Common File Directory ----D- C:\Program Files\ma-config.com
O43 - CFD:Common File Directory ----D- C:\Program Files\Malwarebytes' Anti-Malware
O43 - CFD:Common File Directory ----D- C:\Program Files\McAfee
O43 - CFD:Common File Directory ----D- C:\Program Files\McAfee.com
O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft
O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft Games
O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft Office
O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft Silverlight
O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft SQL Server Compact Edition
O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft Sync Framework
O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft Works
O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft.NET
O43 - CFD:Common File Directory ----D- C:\Program Files\Movie Maker
O43 - CFD:Common File Directory ----D- C:\Program Files\Movie Maker 2.6
O43 - CFD:Common File Directory ----D- C:\Program Files\Mozilla Firefox
O43 - CFD:Common File Directory ----D- C:\Program Files\MSBuild
O43 - CFD:Common File Directory ----D- C:\Program Files\NCH
O43 - CFD:Common File Directory ----D- C:\Program Files\NCH Software
O43 - CFD:Common File Directory ----D- C:\Program Files\Nero
O43 - CFD:Common File Directory ----D- C:\Program Files\OrangeHSS
O43 - CFD:Common File Directory ----D- C:\Program Files\PixiePack Codec Pack
O43 - CFD:Common File Directory ----D- C:\Program Files\QuickZip4
O43 - CFD:Common File Directory ----D- C:\Program Files\Realtek
O43 - CFD:Common File Directory ----D- C:\Program Files\RealWorld Paint.COM
O43 - CFD:Common File Directory ----D- C:\Program Files\Reference Assemblies
O43 - CFD:Common File Directory ----D- C:\Program Files\Roxio
O43 - CFD:Common File Directory ----D- C:\Program Files\Securitoo
O43 - CFD:Common File Directory --H-D- C:\Program Files\Uninstall Information
O43 - CFD:Common File Directory ----D- C:\Program Files\VDownloader 1.13
O43 - CFD:Common File Directory ----D- C:\Program Files\VideoLAN
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Calendar
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Collaboration
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Defender
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Journal
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Live
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Live SkyDrive
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Mail
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Media Player
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows NT
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Photo Gallery
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Portable Devices
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Sidebar
O43 - CFD:Common File Directory ----D- C:\Program Files\WinRAR
O43 - CFD:Common File Directory ----D- C:\Program Files\ZHPDiag
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Adobe
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Ahead
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\ArcSoft
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\AVSMedia
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\DESIGNER
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\France Telecom
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\InstallShield
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\McAfee
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\microsoft shared
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\PX Storage Engine
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Roxio Shared
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Services
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Sonic Shared
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\SpeechEngines
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\supportsoft
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\SureThing Shared
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\System
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Windows Live
O43 - CFD:Common File Directory ----D- C:\ProgramData\Adobe
O43 - CFD:Common File Directory -SH-D- C:\ProgramData\Application Data
O43 - CFD:Common File Directory ----D- C:\ProgramData\ATI
O43 - CFD:Common File Directory ----D- C:\ProgramData\AVS4YOU
O43 - CFD:Common File Directory -SH-D- C:\ProgramData\Bureau
O43 - CFD:Common File Directory --H-D- C:\ProgramData\CanonBJ
O43 - CFD:Common File Directory ----D- C:\ProgramData\Dell
O43 - CFD:Common File Directory -SH-D- C:\ProgramData\Documents
O43 - CFD:Common File Directory ----D- C:\ProgramData\Driver Mender
O43 - CFD:Common File Directory ----D- C:\ProgramData\eMule
O43 - CFD:Common File Directory -SH-D- C:\ProgramData\Favoris
O43 - CFD:Common File Directory ----D- C:\ProgramData\Google
O43 - CFD:Common File Directory ----D- C:\ProgramData\InstallShield
O43 - CFD:Common File Directory ----D- C:\ProgramData\ma-config.com
O43 - CFD:Common File Directory ----D- C:\ProgramData\Malwarebytes
O43 - CFD:Common File Directory ----D- C:\ProgramData\McAfee
O43 - CFD:Common File Directory -SH-D- C:\ProgramData\Menu Démarrer
O43 - CFD:Common File Directory ----D- C:\ProgramData\Microsoft
O43 - CFD:Common File Directory ----D- C:\ProgramData\Microsoft Help
O43 - CFD:Common File Directory -SH-D- C:\ProgramData\Modèles
O43 - CFD:Common File Directory ----D- C:\ProgramData\NCH Software
O43 - CFD:Common File Directory ----D- C:\ProgramData\Nero
O43 - CFD:Common File Directory ----D- C:\ProgramData\PC Drivers HeadQuarters
O43 - CFD:Common File Directory ----D- C:\ProgramData\PCDr
O43 - CFD:Common File Directory ----D- C:\ProgramData\QUAD Utilities
O43 - CFD:Common File Directory ----D- C:\ProgramData\RapidSolution
O43 - CFD:Common File Directory ----D- C:\ProgramData\Sonic
O43 - CFD:Common File Directory ----D- C:\ProgramData\SupportSoft
O43 - CFD:Common File Directory ----D- C:\ProgramData\UAB
O43 - CFD:Common File Directory ----D- C:\ProgramData\Uninstall
O43 - CFD:Common File Directory ----D- C:\ProgramData\WinZip
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Adobe
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Ahead
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\ArcSoft
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\AVSMedia
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\DESIGNER
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\France Telecom
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\InstallShield
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\McAfee
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\microsoft shared
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\PX Storage Engine
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Roxio Shared
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Services
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Sonic Shared
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\SpeechEngines
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\supportsoft
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\SureThing Shared
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\System
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Windows Live


---\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.00000000000000000000000000000000] - 16/02/2011 - 14:03:14 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\WindowsUpdate.log   [1898958]
O44 - LFC:[MD5.26C58ADE3468A2E2CF448E55CA76C442] - 16/02/2011 - 10:58:18 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\PerfStringBackup.INI   [1554456]
O44 - LFC:[MD5.D797F9F94EE492390E5E72C4E6A08F71] - 16/02/2011 - 10:58:18 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\perfc009.dat   [112480]
O44 - LFC:[MD5.77BD10848910D536524655669A8154A4] - 16/02/2011 - 10:58:18 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\perfc00C.dat   [136172]
O44 - LFC:[MD5.D516CFDDB13DDDF014E00D8ED1D340BD] - 16/02/2011 - 10:58:18 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\perfh009.dat   [604790]
O44 - LFC:[MD5.36812F7FAEC88F512A5C4A811D79286B] - 16/02/2011 - 10:58:18 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\perfh00C.dat   [708488]
O44 - LFC:[MD5.E8FBD860B8B25D4546E606D820A8A173] - 16/02/2011 - 10:53:50 -S-A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\bootstat.dat   [67584]
O44 - LFC:[MD5.AF5280E9CAC5B083452B2F25AD9AE34C] - 11/02/2011 - 10:36:22 ---A- . (.Pas de pro

Utilisateur anonyme · Answer

Héberge le rapport ZHPDiag.txt sur le site cijoint.fr ou toofiles  puis copie/colle le lien fournit dans ta prochaine réponse sur le forum

gégé57310 · Answer

suite du rapport ---\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44) O44 - LFC:[MD5.00000000000000000000000000000000] - 16/02/2011 - 14:03:14 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\WindowsUpdate.log [1898958] O44 - LFC:[MD5.26C58ADE3468A2E2CF448E55CA76C442] - 16/02/2011 - 10:58:18 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\PerfStringBackup.INI [1554456] O44 - LFC:[MD5.D797F9F94EE492390E5E72C4E6A08F71] - 16/02/2011 - 10:58:18 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\perfc009.dat [112480] O44 - LFC:[MD5.77BD10848910D536524655669A8154A4] - 16/02/2011 - 10:58:18 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\perfc00C.dat [136172] O44 - LFC:[MD5.D516CFDDB13DDDF014E00D8ED1D340BD] - 16/02/2011 - 10:58:18 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\perfh009.dat [604790] O44 - LFC:[MD5.36812F7FAEC88F512A5C4A811D79286B] - 16/02/2011 - 10:58:18 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\perfh00C.dat [708488] O44 - LFC:[MD5.E8FBD860B8B25D4546E606D820A8A173] - 16/02/2011 - 10:53:50 -S-A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\bootstat.dat [67584] O44 - LFC:[MD5.AF5280E9CAC5B083452B2F25AD9AE34C] - 11/02/2011 - 10:36:22 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\FNTCACHE.DAT [270768] O44 - LFC:[MD5.8E98986925EB7719B3B03CEA11EC8D82] - 10/02/2011 - 10:48:49 ---A- . (.Adobe Systems - Windows NT OpenType/Type 1 API Library..) -- C:\Windows\System32\atmlib.dll [34304] O44 - LFC:[MD5.BE8A26BD07E1D66DC4B097DE157658C2] - 10/02/2011 - 10:48:49 ---A- . (.Adobe Systems Incorporated - Windows NT OpenType/Type 1 Font Driver.) -- C:\Windows\System32\atmfd.dll [292352] O44 - LFC:[MD5.B6EBE0A7A324EEC01C0AA93BFD801B95] - 08/02/2011 - 13:11:06 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\PFRO.log [501416] ---\ Export de clé d'application autorisée (ECAA) (O47) O47 - AAKE:Key Export SP - "C:\Program Files\OrangeHSS\Connectivity\ConnectivityManager.exe" [Enabled] .(.France Telecom SA - Pas de description.) -- C:\Program Files\OrangeHSS\Connectivity\ConnectivityManager.exe ---\ Contrôle du Safe Boot (CSB) (O49) O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\mfefirek.sys . (.McAfee, Inc. - McAfee Core Firewall Engine Driver.) -- C:\Windows\System32\Drivers\mfefirek.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\mfehidk.sys . (.McAfee, Inc. - McAfee Link Driver.) -- C:\Windows\System32\Drivers\mfehidk.sys O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\mfefirek.sys . (.McAfee, Inc. - McAfee Core Firewall Engine Driver.) -- C:\Windows\System32\Drivers\mfefirek.sys O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\mfehidk.sys . (.McAfee, Inc. - McAfee Link Driver.) -- C:\Windows\System32\Drivers\mfehidk.sys O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\mfefirek.sys . (.McAfee, Inc. - McAfee Core Firewall Engine Driver.) -- C:\Windows\System32\Drivers\mfefirek.sys O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\mfehidk.sys . (.McAfee, Inc. - McAfee Link Driver.) -- C:\Windows\System32\Drivers\mfehidk.sys ---\ Trojan Driver Search Data (HKLM)(TDSD) (O52) O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\Windows\System32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm O52 - TDSD: \Drivers32\"vidc.cvid"="iccvid.dll" . (.Radius Inc. - Codec Cinepak®.) -- C:\Windows\System32\iccvid.dll O52 - TDSD: \Drivers32\"VIDC.JDCT"="jl_jdct.drv" . (.JEILIN Tech. - JEILIN JDCT Decompressor.) -- C:\Windows\System32\jl_jdct.drv O52 - TDSD: \drivers.desc\"C:\Windows\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm O52 - TDSD: \drivers.desc\"jl_jdct.drv"="JEILIN JDCT Decompressor" . (.JEILIN Tech. - JEILIN JDCT Decompressor.) -- C:\Windows\System32\jl_jdct.drv ---\ Microsoft Control Security Providers (MCSP) (O54) O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - TS Single Sign On Security Package.) -- C:\Windows\system32\credssp.dll O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - TS Single Sign On Security Package.) -- C:\Windows\system32\credssp.dll ---\ Microsoft Windows Policies System (MWPS) (O55) O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=2 O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=1 O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1 O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=1 O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1 O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1 O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=1 O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0 O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0 O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"= O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"= O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0 O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1 O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1 O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0 O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0 ---\ Microsoft Windows Policies Explorer (MWPE) (O56) O56 - MWPE:[HKLM\...\policies\Explorer] - "BindDirectlyToPropertySetStorage"=0 ---\ Liste des Drivers Système (SDL) (O58) O58 - SDL:[MD5.04F0FCAC69C7C71A3AC4EB97FAFC8303] - 21/01/2008 - 03:23:21 ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\system32\drivers\adp94xx.sys O58 - SDL:[MD5.60505E0041F7751BDBB80F88BF45C2CE] - 21/01/2008 - 03:23:25 ---A- . (.Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) -- C:\Windows\system32\drivers\adpahci.sys O58 - SDL:[MD5.8A42779B02AEC986EAB64ECFC98F8BD7] - 21/01/2008 - 03:23:26 ---A- . (.Adaptec, Inc. - Adaptec LH Ultra160 Driver (x86).) -- C:\Windows\system32\drivers\adpu160m.sys O58 - SDL:[MD5.241C9E37F8CE45EF51C3DE27515CA4E5] - 21/01/2008 - 03:23:27 ---A- . (.Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver.) -- C:\Windows\system32\drivers\adpu320.sys O58 - SDL:[MD5.FE3EA6E9AFC1A78E6EDCA121E006AFB7] - 10/11/2006 - 14:05:00 ---A- . (.Arcsoft, Inc. - Arcsoft(R) ASPI Shell.) -- C:\Windows\system32\drivers\afc.sys O58 - SDL:[MD5.9EAEF5FC9B8E351AFA7E78A6FAE91F91] - 21/01/2008 - 03:23:00 ---A- . (.Acer Laboratories Inc. - ALi mini IDE Driver.) -- C:\Windows\system32\drivers\aliide.sys O58 - SDL:[MD5.5D2888182FB46632511ACEE92FDAD522] - 21/01/2008 - 03:23:23 ---A- . (.Adaptec, Inc. - Adaptec RAID Storport Driver.) -- C:\Windows\system32\drivers\arc.sys O58 - SDL:[MD5.5E2A321BD7C8B3624E41FDEC3E244945] - 21/01/2008 - 03:23:24 ---A- . (.Adaptec, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\Windows\system32\drivers\arcsas.sys O58 - SDL:[MD5.7A46CF1F1075EB0340EA40F12D88A862] - 26/05/2009 - 14:58:20 ---A- . (.ATI Technologies Inc. - ATI Radeon Kernel Mode Driver.) -- C:\Windows\system32\drivers\atikmdag.sys O58 - SDL:[MD5.9F9ACC7F7CCDE8A15C282D3F88B43309] - 02/11/2006 - 09:24:45 ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver.) -- C:\Windows\system32\drivers\BrFiltLo.sys O58 - SDL:[MD5.56801AD62213A41F6497F96DEE83755A] - 02/11/2006 - 09:24:46 ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver.) -- C:\Windows\system32\drivers\BrFiltUp.sys O58 - SDL:[MD5.B304E75CFF293029EDDF094246747113] - 02/11/2006 - 09:25:24 ---A- . (.Brother Industries Ltd. - Pilote Brother Série I/F (WDM).) -- C:\Windows\system32\drivers\BrSerId.sys O58 - SDL:[MD5.203F0B1E73ADADBBB7B7B1FABD901F6B] - 02/11/2006 - 09:24:44 ---A- . (.Brother Industries Ltd. - Brother Serial driver (WDM version).) -- C:\Windows\system32\drivers\BrSerWdm.sys O58 - SDL:[MD5.BD456606156BA17E60A04E18016AE54B] - 02/11/2006 - 09:24:44 ---A- . (.Brother Industries Ltd. - Brother USB MDM Driver.) -- C:\Windows\system32\drivers\BrUsbMdm.sys O58 - SDL:[MD5.AF72ED54503F717A43268B3CC5FAEC2E] - 02/11/2006 - 09:24:47 ---A- . (.Brother Industries Ltd. - Brother USB Serial Driver.) -- C:\Windows\system32\drivers\BrUsbSer.sys O58 - SDL:[MD5.C716C877A528FAE6D352A7430AE0A4A4] - 17/10/2007 - 01:00:00 ---A- . (.Sonic Solutions - CDR4 CD and DVD Place Holder Driver (see PxHelp).) -- C:\Windows\system32\drivers\cdr4_xp.sys O58 - SDL:[MD5.17CD01A8B4D0A1E6CBF4BB07CD57043C] - 17/10/2007 - 01:00:00 ---A- . (.Sonic Solutions - CDRAL Place Holder Driver (see PxHelp).) -- C:\Windows\system32\drivers\cdralw2k.sys O58 - SDL:[MD5.7E6F7DA1C4DE5680820F964562548949] - 13/10/2010 - 22:28:54 ---A- . (.McAfee, Inc. - McAfee Personal Firewall IDS Plugin.) -- C:\Windows\system32\drivers\cfwids.sys O58 - SDL:[MD5.0CA25E686A4928484E9FDABD168AB629] - 21/01/2008 - 03:23:00 ---A- . (.CMD Technology, Inc. - CMD PCI IDE Bus Driver.) -- C:\Windows\system32\drivers\cmdide.sys O58 - SDL:[MD5.AE1FDF7BF7BB6C6A70F67699D880592A] - 02/11/2006 - 10:50:11 ---A- . (.Adaptec, Inc. - Adaptec Ultra SCSI miniport.) -- C:\Windows\system32\drivers\djsvs.sys O58 - SDL:[MD5.908ED85B7806E8AF3AF5E9B74F7809D4] - 21/01/2008 - 03:23:25 ---A- . (.Intel Corporation - Pilote désérialisé NDIS 6 de la carte Intel(R) PRO/1000.) -- C:\Windows\system32\drivers\e1e6032.sys O58 - SDL:[MD5.5425F74AC0C1DBD96A1E04F17D63F94C] - 21/01/2008 - 03:23:24 ---A- . (.Intel Corporation - Pilote désérialisé NDIS 6 de la carte Intel(R) PRO/1000.) -- C:\Windows\system32\drivers\E1G60I32.sys O58 - SDL:[MD5.23B62471681A124889978F6295B3F4C6] - 21/01/2008 - 03:23:22 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\system32\drivers\elxstor.sys O58 - SDL:[MD5.221DFBE3FBA7F02FE6352AF607DC23C5] - 01/08/2005 - 15:03:02 R--A- . (.General - USB Storage Driver.) -- C:\Windows\system32\drivers\geneuide.sys O58 - SDL:[MD5.16EE7B23A009E00D835CDB79574A91A6] - 21/01/2008 - 03:23:26 ---A- . (.Hewlett-Packard Company - Smart Array Storport Driver.) -- C:\Windows\system32\drivers\HpCISSs.sys O58 - SDL:[MD5.54155EA1B0DF185878E0FC9EC3AC3A14] - 21/01/2008 - 03:23:23 ---A- . (.Intel Corporation - Intel Matrix Storage Manager driver (base).) -- C:\Windows\system32\drivers\iaStorV.sys O58 - SDL:[MD5.2D077BF86E843F901D8DB709C95B49A5] - 02/11/2006 - 10:50:17 ---A- . (.Intel Corp./ICP vortex GmbH - Intel/ICP Raid Storport Driver.) -- C:\Windows\system32\drivers\iirsp.sys O58 - SDL:[MD5.BCED60D16156E428F8DF8CF27B0DF150] - 02/11/2006 - 10:50:07 ---A- . (.Integrated Technology Express, Inc. - ITE IT8211 ATA/ATAPI SCSI miniport.) -- C:\Windows\system32\drivers\iteatapi.sys O58 - SDL:[MD5.06FA654504A498C30ADCA8BEC4E87E7E] - 02/11/2006 - 10:50:09 ---A- . (.Integrated Technology Express, Inc. - ITE IT8212 ATA RAID SCSI miniport.) -- C:\Windows\system32\drivers\iteraid.sys O58 - SDL:[MD5.03CA5F0EB17C33D79EF90C4CC21E80DB] - 11/03/2008 - 15:18:56 ---A- . (.Windows (R) 2000 DDK provider - Universal Serial Bus Camera Driver.) -- C:\Windows\system32\drivers\jl2005c.sys O58 - SDL:[MD5.C7E15E82879BF3235B559563D4185365] - 21/01/2008 - 03:23:23 ---A- . (.LSI Logic - LSI Logic Fusion-MPT FC Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_fc.sys O58 - SDL:[MD5.EE01EBAE8C9BF0FA072E0FF68718920A] - 21/01/2008 - 03:23:25 ---A- . (.LSI Logic - LSI Logic Fusion-MPT SAS Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_sas.sys O58 - SDL:[MD5.912A04696E9CA30146A62AFA1463DD5C] - 21/01/2008 - 03:23:23 ---A- . (.LSI Logic - LSI Logic Fusion-MPT SCSI Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_scsi.sys O58 - SDL:[MD5.67B48A903430C6D4FB58CBACA1866601] - 29/04/2010 - 14:39:26 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Windows\system32\drivers\mbam.sys O58 - SDL:[MD5.C7DD7D9739785BD3A6B8499EEC1DEE7E] - 29/04/2010 - 14:39:38 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Windows\system32\drivers\mbamswissarmy.sys O58 - SDL:[MD5.0001CE609D66632FA17B84705F658879] - 21/01/2008 - 03:23:27 ---A- . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows Vista/Longhorn for x.) -- C:\Windows\system32\drivers\megasas.sys O58 - SDL:[MD5.C252F32CD9A49DBFC25ECF26EBD51A99] - 21/01/2008 - 03:23:27 ---A- . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\Windows\system32\drivers\MegaSR.sys O58 - SDL:[MD5.84D59A3EDDFB9438FB94F7F80D37859D] - 13/10/2010 - 22:28:54 ---A- . (.McAfee, Inc. - Access Protection Filter Driver.) -- C:\Windows\system32\drivers\mfeapfk.sys O58 - SDL:[MD5.67E961988312B1A28D6F93357B0BF998] - 13/10/2010 - 22:28:54 ---A- . (.McAfee, Inc. - Anti-Virus File System Filter Driver.) -- C:\Windows\system32\drivers\mfeavfk.sys O58 - SDL:[MD5.19161B1796CF74A6A326ABDE309062BA] - 13/10/2010 - 22:28:54 ---A- . (.McAfee, Inc. - Buffer Overflow Protection Driver.) -- C:\Windows\system32\drivers\mfebopk.sys O58 - SDL:[MD5.D723B22A3003711D3106DD2689768491] - 13/10/2010 - 22:28:54 ---A- . (.McAfee, Inc. - McAfee Driver Cleaning Driver.) -- C:\Windows\system32\drivers\mfeclnk.sys O58 - SDL:[MD5.D5F89B4934960C70882924D992C6ABFC] - 13/10/2010 - 22:28:54 ---A- . (.McAfee, Inc. - McAfee Core Firewall Engine Driver.) -- C:\Windows\system32\drivers\mfefirek.sys O58 - SDL:[MD5.0EFAB2B91B27543FE589DE700DE07136] - 13/10/2010 - 22:28:54 ---A- . (.McAfee, Inc. - McAfee Link Driver.) -- C:\Windows\system32\drivers\mfehidk.sys O58 - SDL:[MD5.B4022E16569BBD1A85E68E7E78E68880] - 13/10/2010 - 22:28:54 ---A- . (.McAfee, Inc. - McAfee NDIS Light Filter Driver.) -- C:\Windows\system32\drivers\mfenlfk.sys O58 - SDL:[MD5.C9EDA1EADA2AB6E34CD1A10C3A24AB25] - 13/10/2010 - 22:28:54 ---A- . (.McAfee, Inc. - McAfee Code Analysis Driver.) -- C:\Windows\system32\drivers\mferkdet.sys O58 - SDL:[MD5.183F32C79D1693170DF3BAECEC611125] - 13/10/2010 - 22:28:54 ---A- . (.McAfee, Inc. - Anti-Virus Mini-Firewall Driver.) -- C:\Windows\system32\drivers\mfewfpk.sys O58 - SDL:[MD5.4FBBB70D30FD20EC51F80061703B001E] - 02/11/2006 - 10:49:59 ---A- . (.LSI Logic Corporation - MegaRAID RAID Controller Driver for Windows Vista/Longhorn for.) -- C:\Windows\system32\drivers\Mraid35x.sys O58 - SDL:[MD5.2E7FB731D4790A1BC6270ACCEFACB36E] - 02/11/2006 - 10:50:19 ---A- . (.IBM Corporation - IBM ServeRAID Controller Driver.) -- C:\Windows\system32\drivers frd960.sys O58 - SDL:[MD5.E875C093AEC0C978A90F30C9E0DFBB72] - 02/11/2006 - 08:36:50 ---A- . (.N-trig Innovative Technologies - Pilote intégré de digitalisateur de tablette N-trig.) -- C:\Windows\system32\drivers trigdigi.sys O58 - SDL:[MD5.2EDF9E7751554B42CBB60116DE727101] - 21/01/2008 - 03:23:21 ---A- . (.NVIDIA Corporation - NVIDIA® nForce(TM) RAID Driver.) -- C:\Windows\system32\drivers vraid.sys O58 - SDL:[MD5.ABED0C09758D1D97DB0042DBB2688177] - 21/01/2008 - 03:23:21 ---A- . (.NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver.) -- C:\Windows\system32\drivers vstor.sys O58 - SDL:[MD5.1BF91F352D746AD7469FA71783B5FAE8] - 28/11/2006 - 19:46:22 ---A- . (.Printing Communications Assoc., Inc. (PCAUS - PCAUSA NDIS 5.0 MPR Protocol Driver.) -- C:\Windows\system32\drivers\PCAMp50.sys O58 - SDL:[MD5.1961590AA191B6B7DCF18A6A693AF7B8] - 28/11/2006 - 19:46:20 ---A- . (.Printing Communications Assoc., Inc. (PCAUS - PCAUSA NDIS 5.0 SPR Protocol Driver.) -- C:\Windows\system32\drivers\PCASp50.sys O58 - SDL:[MD5.8AE536CF74546536F282D1FBCE943324] - 20/02/1998 - 14:37:10 ---A- . (.Shuttle Technology. - Parallel Port Scanner Driver(EP1284)..) -- C:\Windows\system32\drivers\PPSCAN.SYS O58 - SDL:[MD5.03E0FE281823BA64B3782F5B38950E73] - 14/11/2007 - 02:00:00 ---A- . (.Sonic Solutions - Px Engine Device Driver for Windows 2000/XP.) -- C:\Windows\system32\drivers\pxhelp20.sys O58 - SDL:[MD5.0A6DB55AFB7820C99AA1F3A1D270F4F6] - 21/01/2008 - 03:23:24 ---A- . (.QLogic Corporation - QLogic Fibre Channel Stor Miniport Driver.) -- C:\Windows\system32\drivers\ql2300.sys O58 - SDL:[MD5.81A7E5C076E59995D54BC1ED3A16E60B] - 02/11/2006 - 10:50:35 ---A- . (.QLogic Corporation - QLogic iSCSI Storport Miniport Driver.) -- C:\Windows\system32\drivers\ql40xx.sys O58 - SDL:[MD5.DAAD0B351A544D3A76770F4BBD75260F] - 13/01/2009 - 11:33:00 ---A- . (.Realtek Semiconductor Corp. - Realtek(r) High Definition Audio Function Driver.) -- C:\Windows\system32\drivers\RTKVHDA.sys O58 - SDL:[MD5.5163F804256DEB8CF1EF64B780A18CAA] - 13/01/2009 - 13:39:40 ---A- . (.Realtek Corporation - Realtek 8101E/8168/8169 NDIS6 32-bit Driver.) -- C:\Windows\system32\drivers\Rtlh86.sys O58 - SDL:[MD5.90A3935D05B494A5A39D37E71F09A677] - 02/11/2006 - 07:37:21 ---A- . (.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) -- C:\Windows\system32\drivers\secdrv.sys O58 - SDL:[MD5.A99C6C8B0BAA970D8AA59DDC50B57F94] - 21/01/2008 - 03:23:26 ---A- . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\Windows\system32\drivers\sisraid4.sys O58 - SDL:[MD5.192AA3AC01DF071B541094F251DEED10] - 02/11/2006 - 10:50:05 ---A- . (.LSI Logic - LSI Logic 8XX SCSI Miniport Driver.) -- C:\Windows\system32\drivers\symc8xx.sys O58 - SDL:[MD5.8C8EB8C76736EBAF3B13B633B2E64125] - 02/11/2006 - 10:49:56 ---A- . (.LSI Logic - LSI Logic Hi-Perf SCSI Miniport Driver.) -- C:\Windows\system32\drivers\sym_hi.sys O58 - SDL:[MD5.8072AF52B5FD103BBBA387A1E49F62CB] - 02/11/2006 - 10:50:03 ---A- . (.LSI Logic - LSI Logic Ultra160 SCSI Miniport Driver.) -- C:\Windows\system32\drivers\sym_u3.sys O58 - SDL:[MD5.DFC3C03070C527D9579E23014F54E1B8] - 09/05/1996 - 15:10:30 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\drivers\UDNT.SYS O58 - SDL:[MD5.9224BB254F591DE4CA8D572A5F0D635C] - 21/01/2008 - 03:23:20 ---A- . (.ULi Electronics Inc. - ULi SATA Controller Driver.) -- C:\Windows\system32\drivers\uliahci.sys O58 - SDL:[MD5.8514D0E5CD0534467C5FC61BE94A569F] - 02/11/2006 - 10:50:35 ---A- . (.Promise Technology, Inc. - Promise Ultra/Sata Series Driver for Win2003.) -- C:\Windows\system32\drivers\ulsata.sys O58 - SDL:[MD5.38C3C6E62B157A6BC46594FADA45C62B] - 21/01/2008 - 03:23:23 ---A- . (.Promise Technology, Inc. - Promise SATAII150 Series Windows Drivers.) -- C:\Windows\system32\drivers\ulsata2.sys O58 - SDL:[MD5.90301F80D9B7D565A3855F031894B827] - 03/06/1996 - 14:52:18 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\drivers\UMAXDRV.SYS O58 - SDL:[MD5.E060E346806EC4127B146AEDB26B102E] - 14/11/1996 - 17:04:02 ---A- . (.UMAX Data Systems Inc. - UMAX UDS-IS11 SCSI miniport driver.) -- C:\Windows\system32\drivers\UMAXIS11.SYS O58 - SDL:[MD5.9B85266CDE681D04D67B5FB66B1498C8] - 14/11/1996 - 16:37:28 ---A- . (.UMAX Data Systems Inc. - UMAX UDS-IS10 SCSI miniport driver.) -- C:\Windows\system32\drivers\UMAXMINI.SYS O58 - SDL:[MD5.AADF5587A4063F52C2C3FED7887426FC] - 21/01/2008 - 03:23:00 ---A- . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) -- C:\Windows\system32\drivers\viaide.sys O58 - SDL:[MD5.587253E09325E6BF226B299774B728A9] - 21/01/2008 - 03:23:23 ---A- . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\Windows\system32\drivers\vsmraid.sys O58 - SDL:[MD5.8AAD333C876590293F72B315E162BCC7] - 02/11/2006 - 08:09:42 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\ANSI.SYS O58 - SDL:[MD5.0FE9F16075C9ACB941C957B7C649176E] - 02/11/2006 - 08:09:45 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\country.sys O58 - SDL:[MD5.E6BC0F98FECEF245A0010D350C1A0B9B] - 02/11/2006 - 08:09:41 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\HIMEM.SYS O58 - SDL:[MD5.492090267B9608C62B956CD29BE3AFB7] - 02/11/2006 - 08:09:44 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\KEY01.SYS O58 - SDL:[MD5.FBBCFEC1379C5C02D88A361993EDF1B8] - 02/11/2006 - 08:09:44 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\KEYBOARD.SYS O58 - SDL:[MD5.FFFF296A08DBF2AC0126C62E3778AC0D] - 02/11/2006 - 08:09:29 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\NTDOS.SYS O58 - SDL:[MD5.CF9ED169FF86D935E47999E82359E898] - 02/11/2006 - 08:09:35 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\NTDOS404.SYS O58 - SDL:[MD5.03B945AC0481CD8BB161C3569D8ED1C3] - 02/11/2006 - 08:09:38 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\NTDOS411.SYS O58 - SDL:[MD5.BBC957DC18C17CC027EB80B7C77F2AEA] - 02/11/2006 - 08:09:40 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\NTDOS412.SYS O58 - SDL:[MD5.3CFFAEFFF23B0D208214A6D3061A5B1B] - 02/11/2006 - 08:09:31 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\NTDOS804.SYS O58 - SDL:[MD5.2E4112FB7D1B76E11ADFD7487B5D0E95] - 02/11/2006 - 08:09:20 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\NTIO.SYS O58 - SDL:[MD5.A98EBD4C2DF983665BF2D1AF49949974] - 02/11/2006 - 08:09:23 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\NTIO404.SYS O58 - SDL:[MD5.3F7E6406EDEF197C5CAAB2240EEF6F48] - 02/11/2006 - 08:09:24 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\NTIO411.SYS O58 - SDL:[MD5.3E64D681B776CC57BDC38A46D881F85B] - 02/11/2006 - 08:09:26 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\NTIO412.SYS O58 - SDL:[MD5.D86B6435729231C171432B4E77801BDB] - 02/11/2006 - 08:09:22 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\NTIO804.SYS ---\ Liste des outils de nettoyage (LATC) (O63) O63 - Logiciel: Ad-Remover By C_XX - (.C_XX.) O63 - Logiciel: ZHPDiag 1.26 - (.Nicolas Coolman.) ---\ Liste des services Legacy (LALS) (O64) O64 - Services: CurCS - C:\Windows\system32\drivers\afd.sys - Ancilliary Function Driver for Winsock (AFD) .(.Microsoft Corporation - Ancillary Function Driver for WinSock.) - LEGACY_AFD O64 - Services: CurCS - (.not file.) - Beep (Beep) .(.Pas de propriétaire - Pas de description.) - LEGACY_BEEP O64 - Services: CurCS - C:\Windows\system32\DRIVERS\bowser.sys - Bowser (bowser) .(.Microsoft Corporation - NT Lan Manager Datagram Receiver Driver.) - LEGACY_BOWSER O64 - Services: CurCS - C:\Windows\system32\DRIVERS\cdfs.sys - CD/DVD File System Reader (cdfs) .(.Microsoft Corporation - CD-ROM File System Driver.) - LEGACY_CDFS O64 - Services: CurCS - C:\Windows\system32\drivers\cfwids.sys - McAfee Inc. cfwids (cfwids) .(.McAfee, Inc. - McAfee Personal Firewall IDS Plugin.) - LEGACY_CFWIDS O64 - Services: CurCS - C:\Windows\system32\CLFS.sys - Common Log (CLFS) (CLFS) .(.Microsoft Corporation - Common Log File System Driver.) - LEGACY_CLFS O64 - Services: CurCS - C:\Windows\system32\drivers\crcdisk.sys - Crcdisk Filter Driver (crcdisk) .(.Microsoft Corporation - Disk Block Verification Filter Driver.) - LEGACY_CRCDISK O64 - Services: CurCS - C:\Windows\system32\drivers\dfsc.sys (DfsC) .(.Microsoft Corporation - DFS Namespace Client Driver.) - LEGACY_DFSC O64 - Services: CurCS - C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys - driverhardwarev2 (driverhardwarev2) .(.CybelSoft - Driver NT Ma-Config.com.) - LEGACY_DRIVERHARDWAREV2 O64 - Services: CurCS - C:\Windows\system32\drivers\dxgkrnl.sys - LDDM Graphics Subsystem (DXGKrnl) .(.Microsoft Corporation - DirectX Graphics Kernel.) - LEGACY_DXGKRNL O64 - Services: CurCS - (.not file.) - FAT12/16/32 File System Driver (fastfat) .(.Pas de propriétaire - Pas de description.) - LEGACY_FASTFAT O64 - Services: CurCS - C:\Windows\system32\drivers\fileinfo.sys - File Information FS MiniFilter (FileInfo) .(.Microsoft Corporation - FileInfo Filter Driver.) - LEGACY_FILEINFO O64 - Services: CurCS - C:\Windows\system32\drivers\fltmgr.sys - FltMgr (FltMgr) .(.Microsoft Corporation - Gestionnaire de filtres de système de fichi.) - LEGACY_FLTMGR O64 - Services: CurCS - C:\Windows\system32\Drivers\FS_REC.sys - Fs_Rec (Fs_Rec) .(.Pas de propriétaire - Pas de description.) - LEGACY_FS_REC O64 - Services: CurCS - C:\Windows\system32\drivers\HTTP.sys - HTTP (HTTP) .(.Microsoft Corporation - HTTP Pile du protocole.) - LEGACY_HTTP O64 - Services: CurCS - C:\Windows\system32\DRIVERS\intelide.sys - intelide (intelide) .(.Microsoft Corporation - Intel PCI IDE Driver.) - LEGACY_INTELIDE O64 - Services: CurCS - C:\Windows\system32 ascfg.dll (IpFilterDriver) .(.Microsoft Corporation - Objets de configuration RAS.) - LEGACY_IPFILTERDRIVER O64 - Services: CurCS - C:\Windows\system32\Drivers\ksecdd.sys - KSecDD (KSecDD) .(.Microsoft Corporation - Kernel Security Support Provider Interface.) - LEGACY_KSECDD O64 - Services: CurCS - C:\Windows\system32\DRIVERS\lltdio.sys - Link-Layer Topology Discovery Mapper I/O Driver (lltdio) .(.Microsoft Corporation - Link-Layer Topology Mapper I/O Driver.) - LEGACY_LLTDIO O64 - Services: CurCS - C:\Windows\system32\drivers\luafv.sys - UAC File Virtualization (luafv) .(.Microsoft Corporation - Pilote de filtre de virtualisation de fichi.) - LEGACY_LUAFV O64 - Services: CurCS - (.not file.) - mbr (mbr) .(.Pas de propriétaire - Pas de description.) - LEGACY_MBR O64 - Services: CurCS - C:\Windows\system32\drivers\mfeapfk.sys - McAfee Inc. mfeapfk (mfeapfk) .(.McAfee, Inc. - Access Protection Filter Driver.) - LEGACY_MFEAPFK O64 - Services: CurCS - C:\Windows\system32\drivers\mfeavfk.sys - McAfee Inc. mfeavfk (mfeavfk) .(.McAfee, Inc. - Anti-Virus File System Filter Driver.) - LEGACY_MFEAVFK O64 - Services: CurCS - (.not file.) - McAfee Inc. (mfeavfk01) .(.Pas de propriétaire - Pas de description.) - LEGACY_MFEAVFK01 O64 - Services: CurCS - (.not file.) - McAfee Inc. (mfeavfk02) .(.Pas de propriétaire - Pas de description.) - LEGACY_MFEAVFK02 O64 - Services: CurCS - C:\Windows\system32\drivers\mfebopk.sys - McAfee Inc. mfebopk (mfebopk) .(.McAfee, Inc. - Buffer Overflow Protection Driver.) - LEGACY_MFEBOPK O64 - Services: CurCS - C:\Windows\system32\drivers\mfefirek.sys - McAfee Inc. mfefirek (mfefirek) .(.McAfee, Inc. - McAfee Core Firewall Engine Driver.) - LEGACY_MFEFIREK O64 - Services: CurCS - (.not file.) - McAfee Inc. (mfefirek01) .(.Pas de propriétaire - Pas de description.) - LEGACY_MFEFIREK01 O64 - Services: CurCS - C:\Windows\system32\drivers\mfehidk.sys - McAfee Inc. mfehidk (mfehidk) .(.McAfee, Inc. - McAfee Link Driver.) - LEGACY_MFEHIDK O64 - Services: CurCS - (.not file.) - McAfee Inc. (mfehidk01) .(.Pas de propriétaire - Pas de description.) - LEGACY_MFEHIDK01 O64 - Services: CurCS - C:\Windows\system32\DRIVERS\mfenlfk.sys - McAfee NDIS Light Filter (mfenlfk) .(.McAfee, Inc. - McAfee NDIS Light Filter Driver.) - LEGACY_MFENLFK O64 - Services: CurCS - C:\Windows\system32\drivers\mferkdet.sys - McAfee Inc. mferkdet (mferkdet) .(.McAfee, Inc. - McAfee Code Analysis Driver.) - LEGACY_MFERKDET O64 - Services: CurCS - (.not file.) - McAfee Inc. mferkdk (mferkdk) .(.Pas de propriétaire - Pas de description.) - LEGACY_MFERKDK O64 - Services: CurCS - (.not file.) - McAfee Inc. mfesmfk (mfesmfk) .(.Pas de propriétaire - Pas de description.) - LEGACY_MFESMFK O64 - Services: CurCS - C:\Windows\system32\drivers\mfewfpk.sys - McAfee Inc. mfewfpk (mfewfpk) .(.McAfee, Inc. - Anti-Virus Mini-Firewall Driver.) - LEGACY_MFEWFPK O64 - Services: CurCS - C:\Windows\system32\drivers\mountmgr.sys - Mount Point Manager (MountMgr) .(.Microsoft Corporation - Mount Point Manager.) - LEGACY_MOUNTMGR O64 - Services: CurCS - (.not file.) - MPFP (MPFP) .(.Pas de propriétaire - Pas de description.) - LEGACY_MPFP O64 - Services: CurCS - C:\Windows\system32\FirewallAPI.dll (mpsdrv) .(.Microsoft Corporation - API du Pare-feu Windows.) - LEGACY_MPSDRV O64 - Services: CurCS - C:\Windows\system32\drivers\mrxdav.sys - WebDav Client Redirector Driver (MRxDAV) .(.Microsoft Corporation - Windows NT WebDav Minirdr.) - LEGACY_MRXDAV O64 - Services: CurCS - C:\Windows\system32\DRIVERS\mrxsmb.sys - SMB MiniRedirector Wrapper and Engine (mrxsmb) .(.Microsoft Corporation - Windows NT SMB Minirdr.) - LEGACY_MRXSMB O64 - Services: CurCS - C:\Windows\system32\DRIVERS\mrxsmb10.sys - SMB 1.x MiniRedirector (mrxsmb10) .(.Microsoft Corporation - Longhorn SMB Downlevel SubRdr.) - LEGACY_MRXSMB10 O64 - Services: CurCS - C:\Windows\system32\DRIVERS\mrxsmb20.sys - SMB 2.0 MiniRedirector (mrxsmb20) .(.Microsoft Corporation - Longhorn SMB 2.0 Redirector.) - LEGACY_MRXSMB20 O64 - Services: CurCS - C:\Windows\system32\Drivers\MSFS.sys - Msfs (Msfs) .(.Pas de propriétaire - Pas de description.) - LEGACY_MSFS O64 - Services: CurCS - C:\Windows\system32\drivers\msisadrv.sys - Pilote de classe ISA/EISA (msisadrv) .(.Microsoft Corporation - ISA Driver.) - LEGACY_MSISADRV O64 - Services: CurCS - C:\Windows\system32\Drivers\mup.sys - Mup (Mup) .(.Microsoft Corporation - Multiple UNC Provider driver.) - LEGACY_MUP O64 - Services: CurCS - C:\Windows\system32\drivers dis.sys - NDIS System Driver (NDIS) .(.Microsoft Corporation - NDIS 6.0 wrapper driver.) - LEGACY_NDIS O64 - Services: CurCS - C:\Windows\system32\Drivers\NDPROXY.sys - NDProxy (NDProxy) .(.Pas de propriétaire - Pas de description.) - LEGACY_NDPROXY O64 - Services: CurCS - C:\Windows\system32\DRIVERS etbios.sys - NetBIOS Interface (NetBIOS) .(.Microsoft Corporation - NetBIOS interface driver.) - LEGACY_NETBIOS O64 - Services: CurCS - C:\Windows\system32\DRIVERS etbt.sys - NETBT (netbt) .(.Microsoft Corporation - MBT Transport driver.) - LEGACY_NETBT O64 - Services: CurCS - C:\Windows\system32\Drivers\NPFS.sys - Npfs (Npfs) .(.Pas de propriétaire - Pas de description.) - LEGACY_NPFS O64 - Services: CurCS - C:\Windows\system32\drivers siproxy.sys - NSI proxy service (nsiproxy) .(.Microsoft Corporation - NSI Proxy.) - LEGACY_NSIPROXY O64 - Services: CurCS - C:\Windows\system32\Drivers\NTFS.sys - Ntfs (Ntfs) .(.Pas de propriétaire - Pas de description.) - LEGACY_NTFS O64 - Services: CurCS - C:\Windows\system32\Drivers\NULL.sys - Null (Null) .(.Pas de propriétaire - Pas de description.) - LEGACY_NULL O64 - Services: CurCS - C:\Windows\system32\Drivers\PCAMp50.sys - PCAMp50 NDIS Protocol Driver (PCAMp50) .(.Printing Communications Assoc., Inc. (PCAUS - PCAUSA NDIS 5.0 MPR Protocol Driver.) - LEGACY_PCAMP50 O64 - Services: CurCS - C:\Windows\system32\Drivers\PCASp50.sys - PCASp50 NDIS Protocol Driver (PCASp50) .(.Printing Communications Assoc., Inc. (PCAUS - PCAUSA NDIS 5.0 SPR Protocol Driver.) - LEGACY_PCASP50 O64 - Services: CurCS - C:\Windows\system32\drivers\peauth.sys - PEAUTH (PEAUTH) .(.Microsoft Corporation - Protected Environment Authentication and Au.) - LEGACY_PEAUTH O64 - Services: CurCS - C:\Windows\system32\drivers\pacer.sys (PSched) .(.Microsoft Corporation - Planificateur de paquets QoS.) - LEGACY_PSCHED O64 - Services: CurCS - C:\Windows\system32\DRIVERS asacd.sys - Remote Access Auto Connection Driver (RasAcd) .(.Microsoft Corporation - RAS Automatic Connection Driver.) - LEGACY_RASACD O64 - Services: CurCS - C:\Windows\system32\DRIVERS dbss.sys - Redirected Buffering Sub Sysytem (rdbss) .(.Microsoft Corporation - Redirected Drive Buffering SubSystem Driver.) - LEGACY_RDBSS O64 - Services: CurCS - C:\Windows\system32\DRIVERS\RDPCDD.sys - RDPCDD (RDPCDD) .(.Microsoft Corporation - RDP Miniport.) - LEGACY_RDPCDD O64 - Services: CurCS - C:\Windows\system32\drivers dpencdd.sys - RDP Encoder Mirror Driver (RDPENCDD) .(.Microsoft Corporation - RDP Miniport.) - LEGACY_RDPENCDD O64 - Services: CurCS - C:\Windows\system32\DRIVERS spndr.sys - Link-Layer Topology Discovery Responder (rspndr) .(.Microsoft Corporation - Link-Layer Topology Responder Driver for ND.) - LEGACY_RSPNDR O64 - Services: CurCS - (.not file.) - Security Driver (secdrv) .(.Pas de propriétaire - Pas de description.) - LEGACY_SECDRV O64 - Services: CurCS - C:\Windows\system32 cpipcfg.dll (Smb) .(.Microsoft Corporation - Objets de configuration du réseau.) - LEGACY_SMB O64 - Services: CurCS - (.not file.) - Security Processor Loader Driver (spldr) .(.Pas de propriétaire - Pas de description.) - LEGACY_SPLDR O64 - Services: CurCS - C:\Windows\system32\DRIVERS\srv.sys - srv (srv) .(.Microsoft Corporation - Server driver.) - LEGACY_SRV O64 - Services: CurCS - C:\Windows\system32\DRIVERS\srv2.sys - srv2 (srv2) .(.Microsoft Corporation - Smb 2.0 Server driver.) - LEGACY_SRV2 O64 - Services: CurCS - C:\Windows\system32\DRIVERS\srvnet.sys - srvnet (srvnet) .(.Microsoft Corporation - Server Network driver.) - LEGACY_SRVNET O64 - Services: CurCS - C:\Windows\system32 cpipcfg.dll (Tcpip) .(.Microsoft Corporation - Objets de configuration du réseau.) - LEGACY_TCPIP O64 - Services: CurCS - C:\Windows\system32\drivers cpipreg.sys - TCP/IP Registry Compatibility (tcpipreg) .(.Microsoft Corporation - TCP/IP Registry Compatibility Driver.) - LEGACY_TCPIPREG O64 - Services: CurCS - C:\Windows\system32 cpipcfg.dll (tdx) .(.Microsoft Corporation - Objets de configuration du réseau.) - LEGACY_TDX O64 - Services: CurCS - C:\Windows\system32\DRIVERS\udfs.sys - udfs (udfs) .(.Microsoft Corporation - UDF File System Driver.) - LEGACY_UDFS O64 - Services: CurCS - C:\Windows\system32\drivers\vga.sys - VgaSave (VgaSave) .(.Microsoft Corporation - VGA/Super VGA Video Driver.) - LEGACY_VGASAVE O64 - Services: CurCS - C:\Windows\system32\drivers\volmgrx.sys - Dynamic Volume Manager (volmgrx) .(.Microsoft Corporation - Volume Manager Extension Driver.) - LEGACY_VOLMGRX O64 - Services: CurCS - C:\Windows\system32\drivers\volsnap.sys - Volumes de stockage (volsnap) .(.Microsoft Corporation - Pilote de cliché instantané du volume.) - LEGACY_VOLSNAP O64 - Services: CurCS - C:\Windows\system32\DRIVERS\wanarp.sys - Remote Access IPv6 ARP Driver (Wanarpv6) .(.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - LEGACY_WANARPV6 O64 - Services: CurCS - C:\Windows\system32\drivers\Wdf01000.sys - Kernel Mode Driver Frameworks service (Wdf01000) .(.Microsoft Corporation - WDF dynamique.) - LEGACY_WDF01000 ---\ File Associations Shell Spawning (O67) O67 - Shell Spawning: <.bat> [HKLM\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.cpl> [HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe O67 - Shell Spawning: <.cmd> [HKLM\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.com> [HKLM\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.evt> [HKLM\..\open\Command] (.Microsoft Corporation - Lanceur du composant logiciel enfichable Observateur d'événements.) -- C:\Windows\system32\eventvwr.exe O67 - Shell Spawning: <.exe> [HKLM\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.html> [HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe O67 - Shell Spawning: <.js> [HKLM\..\open\Command] (.Microsoft Corporation - Microsoft (R) Windows Based Script Host.) -- C:\Windows\System32\WScript.exe O67 - Shell Spawning: <.reg> [HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows egedit.exe O67 - Shell Spawning: <.html> [HKCU\..\open\Command] (.Not Key.) O67 - Shell Spawning: <.com> <>[HKU\..\open\Command] (.Not Key.) O67 - Shell Spawning: <.exe> <>[HKU\..\open\Command] (.Not Key.) O67 - Shell Spawning: <.bat> [HKCR\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.cpl> [HKCR\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe O67 - Shell Spawning: <.cmd> [HKCR\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.com> [HKCR\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.evt> [HKCR\..\open\Command] (.Microsoft Corporation - Lanceur du composant logiciel enfichable Observateur d'événements.) -- C:\Windows\system32\eventvwr.exe O67 - Shell Spawning: <.exe> [HKCR\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.html> [HKCR\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe O67 - Shell Spawning: <.js> [HKCR\..\open\Command] (.Microsoft Corporation - Microsoft (R) Windows Based Script Host.) -- C:\Windows\System32\WScript.exe O67 - Shell Spawning: <.reg> [HKCR\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows egedit.exe ---\ Start Menu Internet (SMI) (O68) O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe ---\ Search Browser Infection (SBI) (O69) O69 - SBI: SearchScopes [HKCU] ${searchCLSID} - (@ieframe.dll,-12512) - https://www.bing.com/?fdr=lc&toHttps=1&redig=FA6AD360E0BE4C719380F8C470A3D3A8 O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Xeoo.com) - http://www.xeoo.com O69 - SBI: SearchScopes [HKCU] {2E90F7DB-25EE-423E-B611-1C6D2DB767C6} - (Bing) - https://www.bing.com/?toHttps=1&redig=69DA0EF8272048D9864AF4DB37211DE8 O69 - SBI: SearchScopes [HKCU] {afdbddaa-5d3f-42ee-b79c-185a7020515b} - (Elf 1.15 Customized Web Search) - http://search.conduit.com O69 - SBI: SearchScopes [HKCU] {F99076E0-32CF-48E6-8C95-46738CAE515E} [DefaultScope] - (Yahoo! Search) - https://fr.search.yahoo.com/ ---\ Search Master Boot Record Infection (MBR)(O80) Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net Run by Gerard at 16/02/2011 14:08:10 device: opened successfully user: MBR read successfully called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys acpi.sys hal.dll ataport.SYS pciide.sys PCIIDEX.SYS atapi.sys kernel: MBR read successfully user & kernel MBR OK ---\ Recherche des services démarrés par Svchost (SSS) (O83) O83 - Search Svchost Services: AeLookupSvc (AeLookupSvc) . (.Microsoft Corporation - Service Expérience d'application.) -- C:\Windows\System32\aelupsvc.dll [24576] O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Rapports et solutions aux problèmes.) -- C:\Windows\System32\wercplsupport.dll [62976] O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\Windows\system32\shsvcs.dll [247296] O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes à puce Microsoft.) -- C:\Windows\System32\certprop.dll [40448] O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes à puce Microsoft.) -- C:\Windows\System32\certprop.dll [40448] O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - DLL du service Serveur.) -- C:\Windows\system32\srvsvc.dll [125952] O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Client de stratégie de groupe.) -- C:\Windows\System32\gpsvc.dll [576512] O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - Extension IKE.) -- C:\Windows\System32\ikeext.dll [438784] O83 - Search Svchost Services: AudioSrv (AudioSrv) . (.Microsoft Corporation - Service Audio Windows.) -- C:\Windows\System32\Audiosrv.dll [315392] O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Gestionnaire de numérotation automatique d'accès distant.) -- C:\Windows\System32 asauto.dll [90624] O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Gestionnaire de connexions d'accès distant.) -- C:\Windows\System32 asmans.dll [262144] O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Gestionnaire d'interface dynamique.) -- C:\Windows\System32\mprdim.dll [68608] O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - Service de notification d'événements système (SENS).) -- C:\Windows\System32\sens.dll [47104] O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Composants de l'application d'assistance à Microsoft NAT.) -- C:\Windows\System32\ipnathlp.dll [288256] O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Serveur de téléphonie Microsoft® Windows(TM).) -- C:\Windows\System32 apisrv.dll [242688] O83 - Search Svchost Services: TermService (TermService) . (.Microsoft Corporation - Gestionnaire des connexions distantes Terminal Server.) -- C:\Windows\System32 ermsrv.dll [449024] O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Agent de mise à jour automatique Windows Update.) -- C:\Windows\system32\wuaueng.dll [1929952] O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Service de transfert intelligent en arrière-plan.) -- C:\Windows\System32\qmgr.dll [758784] O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\Windows\System32\shsvcs.dll [247296] O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Service offrant une connectivité IPv6 sur un réseau IPv4..) -- C:\Windows\System32\iphlpsvc.dll [200704] O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - DLL de service d'ouverture de session secondaire.) -- C:\Windows\system32\seclogon.dll [19968] O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Service Informations d'application.) -- C:\Windows\System32\appinfo.dll [33280] O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - Service de découverte iSCSI.) -- C:\Windows\system32\iscsiexe.dll [111616] O83 - Search Svchost Services: MMCSS (MMCSS) . (.Microsoft Corporation - Service Planificateur de classes multimédias.) -- C:\Windows\system32\mmcss.dll [45056] O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\Windows\system32\profsvc.dll [153088] O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Service EAPHost Microsoft.) -- C:\Windows\System32\eapsvc.dll [57344] O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\Windows\system32\wbem\WMIsvc.dll [162304] O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Service du Planificateur de tâches.) -- C:\Windows\system32\schedsvc.dll [601600] O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Service de configuration des services Terminal Server.) -- C:\Windows\system32\sessenv.dll [84992] O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - DLL du service Explorateur d'ordinateurs.) -- C:\Windows\System32\browser.dll [81920] O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Service Gestion des clés.) -- C:\Windows\system32\kmsvc.dll [68096] ---\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped) SR - | Auto 13/01/2009 81920 | Andrea RT Filters Service (AERTFilters) . (.Andrea Electronics Corporation.) - C:\Program Files\Realtek\Audio\HDA\AERTSrv.exe SR - | Auto 26/05/2009 729088 | (Ati External Event Utility) . (.ATI Technologies Inc..) - C:\Windows\system32\Ati2evxx.exe SR - | Auto 18/12/2008 155648 | Dock Login Service (DockLoginService) . (.Stardock Corporation.) - C:\Program Files\Dell\DellDock\DockLogin.exe SR - | Auto 11/12/2007 65536 | France Telecom Routing Table Service (FTRTSVC) . (.France Telecom SA.) - C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe SS - | Demand 19/09/2009 16680 | GoToAssist (GoToAssist) . (.Citrix Online, a division of Citrix Systems.) - C:\Program Files\Citrix\GoToAssist\514\g2aservice.exe SS - | Auto 02/11/2009 133104 | Service Google Update (gupdate) (gupdate) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe SS - | Demand 23/11/2010 182768 | Google Software Updater (gusvc) . (.Google.) - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe SS - | Demand 23/09/2009 238960 | Ma-Config Service (maconfservice) . (.CybelSoft.) - C:\Program Files\ma-config.com\maconfservice.exe SR - | Auto 10/03/2010 271480 | Service McAfee Personal Firewall (McMPFSvc) . (.McAfee, Inc..) - C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe SR - | Auto 10/03/2010 271480 | McAfee Services (mcmscsvc) . (.McAfee, Inc..) - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe SR - | Auto 10/03/2010 271480 | McAfee VirusScan Announcer (McNaiAnn) . (.McAfee, Inc..) - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe SR - | Auto 10/03/2010 271480 | McAfee Network Agent (McNASvc) . (.McAfee, Inc..) - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe SS - | Demand 07/10/2010 364216 | McAfee Scanner (McODS) . (.McAfee, Inc..) - C:\Program Files\McAfee\VirusScan\mcods.exe SR - | Auto 10/03/2010 271480 | McAfee Proxy Service (McProxy) . (.McAfee, Inc..) - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe SR - | Auto 24/08/2010 171168 | McShield (McShield) . (.McAfee, Inc..) - C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe SR - | Auto 13/10/2010 188136 | McAfee Firewall Core Service (mfefire) . (.McAfee, Inc..) - C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe SR - | Auto 13/10/2010 141792 | McAfee Validation Trust Protection Service (mfevtp) . (.McAfee, Inc..) - C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe SR - | Auto 10/03/2010 271480 | McAfee Anti-Spam Service (MSK80Service) . (.McAfee, Inc..) - C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe SS - | Demand 15/01/2007 774144 | NBService (NBService) . (.Nero AG.) - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe SR - | Demand 23/12/2006 262144 | NMIndexingService (NMIndexingService) . (.Nero AG.) - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe SR - | Auto 16/07/2009 648432 | SoftThinks Agent Service (SftService) . (.SoftThinks.) - C:\Program Files\Dell DataSafe Local Backup\sftservice.exe SR - | Auto 03/06/2009 201968 | SupportSoft Sprocket Service (DellSupportCenter) (sprtsvc_DellSupportCenter) . (.SupportSoft, Inc..) - C:\Program Files\Dell Support Center\bin\sprtsvc.exe SS - | Demand 24/03/2008 74384 | stllssvr (stllssvr) . (.MicroVision Development, Inc..) - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe End of the scan (1036 lines in 03mn 57s)(0)

Utilisateur anonyme · Answer

* Télécharge de AD-Remover sur ton Bureau. (Merci à C_XX)

http://www.teamxscript.org/adremoverTelechargement.html

/!\ Ferme toutes tes applications en cours /!\

? Désactive la protection en temps réel de ton Antivirus et de tes Antispywares, qui peuvent gêner la procédure de recherche et de nettoyage de l'outil.

- Double-clique sur l'icône Ad-remover située sur ton Bureau.
- Sur la page, clique sur le bouton « Scanner »
- Confirme lancement du scan
- Laisse travailler l'outil.
- Poste le rapport qui apparaît à la fin.

(Le rapport est sauvegardé aussi sous C:\Ad-report(Scan/clean).Txt)

(CTRL+A pour tout sélectionner, CTRL+C pour copier et CTRL+V pour coller)

gégé57310 · Answer

rapport ad r
======= RAPPORT D'AD-REMOVER 2.0.0.1,F | UNIQUEMENT XP/VISTA/7 =======

Mis à jour par C_XX le 16/09/10 à 13:30
Contact: AdRemover.contact[AT]gmail.com
Site web: http://www.teamxscript.org

C:\Program Files\Ad-Remover\main.exe (SCAN [1]) -> Lancé à 14:47:21 le 16/02/2011, Mode normal

Microsoft® Windows Vista(TM) Édition Familiale Premium  Service Pack 2 (X86) 
Gerard@PC-DE-GERARD (Dell Inc. Inspiron 545) 
 
============== RECHERCHE ==============


0,Dossier trouvé: C:\Users\Gerard\AppData\LocalLow\Conduit
0,Dossier trouvé: C:\Program Files\Conduit
0,Dossier trouvé: C:\Users\Gerard\AppData\LocalLow\PriceGong

-- Fichier ouvert: C:\Users\Gerard\AppData\Roaming\Mozilla\FireFox\Profiles\by8afw0b.default\Prefs.js --
Ligne trouvée: user_pref("browser.startup.homepage", "hxxp://www.lo.st"); 
-- Fichier Fermé --
 

0,Clé trouvée: HKLM\Software\Classes\Toolbar.CT2117678
0,Clé trouvée: HKLM\Software\Classes\Toolbar.CT2856415
0,Clé trouvée: HKLM\Software\Classes\Toolbar.CT2866295
0,Clé trouvée: HKLM\Software\Conduit
0,Clé trouvée: HKCU\Software\Conduit
0,Clé trouvée: HKCU\Software\AppDataLow\Software\Conduit
0,Clé trouvée: HKCU\Software\AppDataLow\Software\PriceGong
3,Clé trouvée: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
3,Clé trouvée: HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
0,Clé trouvée: HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Scheduled Update for Ask Toolbar


============== SCAN ADDITIONNEL ==============

** Mozilla Firefox Version [3.0.18 (fr)] **

-- C:\Users\Gerard\AppData\Roaming\Mozilla\FireFox\Profiles\by8afw0b.default\Prefs.js --
browser.download.dir, C:\Users\Gerard\Downloads
browser.download.lastDir, C:\Users\Gerard\Pictures
browser.search.defaultenginename, Yahoo
browser.search.defaulturl, hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
browser.search.selectedEngine, Yahoo
browser.startup.homepage, hxxp://www.lo.st
browser.startup.homepage_override.mstone, rv:1.9.0.18

========================================

** Internet Explorer Version [8.0.6001.19019] **

[HKCU\Software\Microsoft\Internet Explorer\Main] 
Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Do404Search: 0x01000000
Enable Browser Extensions: yes
Local Page: C:\Windows\system32\blank.htm
Search bar: hxxp://search.ke.voila.fr/S/voila?kw=
Show_ToolBar: yes
Start Page: www.orange.fr
Use Custom Search URL: 1
Use Search Asst: no

[HKLM\Software\Microsoft\Internet Explorer\Main] 
AutoHide: yes
Default_Page_URL: hxxp://go.microsoft.com/fwlink/?LinkId=54896
Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Delete_Temp_Files_On_Exit: yes
Enable Browser Extensions: yes
Local Page: C:\Windows\System32\blank.htm
Search bar: hxxp://search.msn.com/spbasic.htm
Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Start Page: hxxp://fr.msn.com/
Use Search Asst: no

[HKLM\Software\Microsoft\Internet Explorer\ABOUTURLS] 
Tabs: res://ieframe.dll/tabswelcome.htm
Blank: res://mshtml.dll/blank.htm

========================================

C:\Program Files\Ad-Remover\Quarantine: 288 Fichier(s)
C:\Program Files\Ad-Remover\Backup: 18 Fichier(s)

C:\Ad-Report-CLEAN[1].txt - 16/10/2010 (10326 Octet(s)) 
C:\Ad-Report-CLEAN[2].txt - 16/10/2010 (2820 Octet(s)) 
C:\Ad-Report-SCAN[1].txt - 16/02/2011 (3561 Octet(s)) 

Fin à: 14:50:06, 16/02/2011 
 
============== E.O.F ==============

gégé57310 · Answer

je ne trouve pas d'option supprimer

gégé57310 · Answer

aie, je crois que j'ai fait une betise apres le nettoyage on me demande de redémarrer l'ordi ,ce que j'ai fait.Bon ,j'ai refait un nouveau nettoyage et voila le résultat
======= RAPPORT D'AD-REMOVER 2.0.0.1,F | UNIQUEMENT XP/VISTA/7 =======

Mis à jour par C_XX le 16/09/10 à 13:30
Contact: AdRemover.contact[AT]gmail.com
Site web: http://www.teamxscript.org

C:\Program Files\Ad-Remover\main.exe (CLEAN [4]) -> Lancé à 15:24:48 le 16/02/2011, Mode normal

Microsoft® Windows Vista(TM) Édition Familiale Premium  Service Pack 2 (X86) 
Gerard@PC-DE-GERARD (Dell Inc. Inspiron 545) 
 
============== ACTION(S) ==============



(!) -- Fichiers temporaires supprimés.


-- Fichier ouvert: C:\Users\Gerard\AppData\Roaming\Mozilla\FireFox\Profiles\by8afw0b.default\Prefs.js --
-- Fichier Fermé --
 

0,Erreur suppression clé: HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Scheduled Update for Ask Toolbar (Error code: 1)


============== SCAN ADDITIONNEL ==============

** Mozilla Firefox Version [3.0.18 (fr)] **

-- C:\Users\Gerard\AppData\Roaming\Mozilla\FireFox\Profiles\by8afw0b.default\Prefs.js --
browser.download.dir, C:\Users\Gerard\Downloads
browser.download.lastDir, C:\Users\Gerard\Pictures
browser.search.defaultenginename, Yahoo
browser.search.defaulturl, hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
browser.search.selectedEngine, Yahoo
browser.startup.homepage, hxxp://www.lo.st
browser.startup.homepage_override.mstone, rv:1.9.0.18

========================================

** Internet Explorer Version [8.0.6001.19019] **

[HKCU\Software\Microsoft\Internet Explorer\Main] 
Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Do404Search: 0x01000000
Enable Browser Extensions: yes
Local Page: C:\Windows\system32\blank.htm
Search bar: hxxp://go.microsoft.com/fwlink/?linkid=54896
Show_ToolBar: yes
Start Page: hxxp://fr.msn.com/
Use Custom Search URL: 1
Use Search Asst: no

[HKLM\Software\Microsoft\Internet Explorer\Main] 
AutoHide: yes
Default_Page_URL: hxxp://go.microsoft.com/fwlink/?LinkId=54896
Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Delete_Temp_Files_On_Exit: yes
Enable Browser Extensions: yes
Local Page: C:\Windows\System32\blank.htm
Search bar: hxxp://search.msn.com/spbasic.htm
Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Start Page: hxxp://fr.msn.com/
Use Search Asst: no

[HKLM\Software\Microsoft\Internet Explorer\ABOUTURLS] 
Tabs: res://ieframe.dll/tabswelcome.htm
Blank: res://mshtml.dll/blank.htm

========================================

C:\Program Files\Ad-Remover\Quarantine: 324 Fichier(s)
C:\Program Files\Ad-Remover\Backup: 35 Fichier(s)

C:\Ad-Report-CLEAN[1].txt - 16/10/2010 (10326 Octet(s)) 
C:\Ad-Report-CLEAN[2].txt - 16/10/2010 (2820 Octet(s)) 
C:\Ad-Report-CLEAN[3].txt - 16/02/2011 (3835 Octet(s)) 
C:\Ad-Report-CLEAN[4].txt - 16/02/2011 (2878 Octet(s)) 
C:\Ad-Report-SCAN[1].txt - 16/02/2011 (3690 Octet(s)) 
C:\Ad-Report-SCAN[2].txt - 16/02/2011 (3746 Octet(s)) 

Fin à: 15:27:33, 16/02/2011 
 
============== E.O.F ==============

Utilisateur anonyme · Answer

On va faire une vérification .
Post un nouveau rapport zhpdiag.
Héberge le rapport ZHPDiag.txt sur le site cijoint.fr ou toofiles  puis copie/colle le lien fournit dans ta prochaine réponse sur le forum

gégé57310 · Answer

Rapport de ZHPDiag v1.26.611 par Nicolas Coolman, Update du 10/09/2010
Run by Gerard at 16/02/2011 15:47:07
Web site :  http://www.premiumorange.com/zeb-help-process/zhpdiag.html
Contact : nicolascoolman@yahoo.fr

---\ Web Browser
MSIE: Internet Explorer v8.0.6001.19019
MFIE: Mozilla Firefox (3.0.18)

---\ System Information
Platform : Windows Vista (TM) Home Premium (6.0.6002) Service Pack 2
Processor: x86 Family 6 Model 23 Stepping 10, GenuineIntel
Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 3325 MB (72% free)
System drive C: has 431 GB (74%) free of 581 GB

---\ Logged in mode
Computer Name: PC-DE-GERARD
User Name: Gerard
All Users Names: Gerard, Administrateur, 
Unselected Option:  O1,O45,O61,O65,O82
Logged in as Administrator

---\ DOS/Devices
C:\ Hard drive, Flash drive, Thumb drive (Free 431 Go of 581 Go)
D:\ Hard drive, Flash drive, Thumb drive (Free 9 Go of 15 Go)
E:\ CD-ROM drive (Not Inserted)
F:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
G:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
H:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
I:\ Floppy drive, Flash card reader, USB Key (Not Inserted)


---\ Security Center & Tools Informations
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK


---\ Processus lancés
[MD5.9D8040F75521313503BA5DEC4ECC33D0] - (.Realtek Semiconductor - HD Audio Control Panel.) -- C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe   [6609440]
[MD5.4CD6180CB65630F9D8028E9CF51CD64F] - (.Pas de propriétaire - DataSafeOnline.) -- C:\Program Files\Dell DataSafe Online\DataSafeOnline.exe   [1779952]
[MD5.80E69585023A52F3CC5DAF2ABCE5E17E] - (.Stardock Corporation - Dell Dock.) -- C:\Program Files\Dell\DellDock\DellDock.exe   [1316192]
[MD5.6B87742F27B087AF7FD4ADC2DB685DE0] - (.Advanced Micro Devices Inc. - Catalyst Control Center: Monitoring program.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe   [49152]
[MD5.33A8CC84A281B4C7F7FBAA6DC3CA26A4] - (.Microsoft Corporation - Microsoft Default Manager.) -- C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe   [250192]
[MD5.00D1FB0073B4A8BD2989EA8FF4CC792B] - (.SupportSoft, Inc. - Dell Support Center Updates.) -- C:\Program Files\Dell Support Center\bin\sprtcmd.exe   [206064]
[MD5.874A7610503D482B4DE1C8BB87BC75F5] - (.McAfee, Inc. - McAfee Security Center.) -- C:\Program Files\McAfee.com\Agent\mcagent.exe   [1193848]
[MD5.FEA69C05F185C50F47937ACC2CD4656C] - (.France Telecom SA - Pas de description.) -- C:\Program Files\OrangeHSS\Launcher\Launcher.exe   [598016]
[MD5.CE8D6FF5BEDDA023F7A1BB3FA34130DE] - (.Nero AG - Nero Home.) -- C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe   [143360]
[MD5.BF08674925F151BD4537B89A493E3E0C] - (.Microsoft Corporation - Media Center Tray Applet.) -- C:\Windows\ehome\ehtray.exe   [125952]
[MD5.4D7659E640A60CF69DF6911CDDCF9788] - (.Nero AG - Nero Home.) -- C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe   [905216]
[MD5.0F4195B9B348DE5CF9B822F81704B20E] - (.Microsoft Corporation - Media Center Media Status Aggregator Servic.) -- C:\Windows\ehome\ehmsas.exe   [37376]
[MD5.4C08FB7ACB28689B586D986D3F5826CF] - (.ATI Technologies Inc. - Catalyst Control Centre: Host application.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe   [49152]
[MD5.6080A176D09435FC8E6E800996656E18] - (.Microsoft Corporation - Console IME.) -- C:\Windows\system32\conime.exe   [69120]
[MD5.5A56936640ECF4DBC94FDB9A759EDF23] - (.France Telecom SA - Pas de description.) -- C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\AlertModule\0\AlertModule.exe   [90112]
[MD5.19669327968537BA685F5C836180B493] - (.France Telecom SA - Pas de description.) -- C:\Program Files\OrangeHSS\systray\systrayapp.exe   [94208]
[MD5.592796DC728E43393C780B5F6A977277] - (.Pas de propriétaire - Pas de description.) -- C:\Program Files\OrangeHSS\Deskboard\deskboard.exe   [1040384]
[MD5.377586E4672C472C6E8AFD370F253D46] - (.France Telecom SA - Pas de description.) -- C:\Program Files\OrangeHSS\connectivity\connectivitymanager.exe   [716800]
[MD5.3697F31073E11AACAD51546772590F65] - (.France Telecom SA - Pas de description.) -- C:\Program Files\OrangeHSS\connectivity\CoreCom\CoreCom.exe   [364544]
[MD5.4651E788FF17882DCF53EE3403E09F3C] - (.France Telecom SA - Pas de description.) -- C:\Program Files\OrangeHSS\connectivity\CoreCom\OraConfigRecover.exe   [28672]
[MD5.A7723617EAF467CD162E1682776F33D8] - (.France Telecom SA - Pas de description.) -- C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTCOMModule\0\FTCOMModule.exe   [65536]
[MD5.1259E03DCD5F265B23DB738FB075DF8C] - (.Microsoft Corporation - Microsoft (R) Windows Based Script Host.) -- C:\Windows\System32\wscript.exe   [155648]
[MD5.B988D7F127B94BD5BF8356FE81B985C4] - (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe   [638232]
[MD5.20A098A4D12E49342228D3AFE98EAFDF] - (.Microsoft Corporation - Windows Live Toolbar User Elevation Helper.) -- C:\Program Files\Windows Live\Toolbar\wltuser.exe   [223584]
[MD5.8B4022226C18FA378C324C11CBADDA36] - (.Google Inc. - Google Toolbar Broker.) -- C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe   [304304]
[MD5.711FD53E441255983C0AB014E2F107F4] - (.Adobe Systems, Inc. - Adobe® Flash® Player Installer/Uninstaller.) -- C:\Windows\system32\Macromed\Flash\FlashUtil10l_ActiveX.exe   [233936]
[MD5.652917E46875E3AF8189AFA3FAAA98AC] - (.Nicolas Coolman - Diagnostic Tool.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe   [549376]


---\ Page de démarrage de Mozilla Firefox (M0)
M0 - MFSP: prefs.js [Gerard - by8afw0b.default] http://www.lo.st


---\ Programmes d'extension pour Mozilla Firefox (M2)
M2 - MFEP: prefs.js [Gerard - by8afw0b.default\ChoiceGuard@Microsoft] [] Microsoft Choice Guard 2.0 (.Microsoft.)
M2 - MFEP: prefs.js [Gerard - by8afw0b.default\{20a82645-c095-46ed-80e3-08825760534b}] [MicrosoftCG] Microsoft .NET Framework Assistant 1.1 (.Microsoft.)
M2 - MFEP: prefs.js [Gerard - by8afw0b.default\{3112ca9c-de6d-4884-a869-9855de68056c}] [] Google Toolbar for Firefox 7.0.20100326W (.Google Inc..)
M2 - MFEP: prefs.js [Gerard - by8afw0b.default\{364d4e0c-543f-4b85-abe3-19551139da4f}] [] Softonic_France Toolbar 2.7.1.3 (.Conduit Ltd..)
M2 - MFEP: prefs.js [Gerard - by8afw0b.default\{c2db4fe6-8409-45ce-8010-189a7b5cce86}] [] NCH Toolbar 2.7.2.0 (.Conduit Ltd..)


---\ Plugins de navigateurs Opera/Firefox(P1/P2)
P2 - FPN:Firefox Plugin Navigator . (.mozilla.org - Default Plug-in.) -- C:\Program Files\Mozilla Firefox\Plugins
pnul32.dll
P2 - FPN:Firefox Plugin Navigator . (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape 10.0.1.) -- C:\Program Files\Mozilla Firefox\Plugins
ppdf32.dll
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\Macromed\Flash\NPSWF32.dll
P2 - FPN: [HKLM] [@Google.com/GoogleEarthPlugin] - (.Google - GEPlugin.) -- C:\Program Files\Google\Google Earth\plugin
pgeplugin.dll
P2 - FPN: [HKLM] [@ma-config.com/HardwareDetection] - (.Cybelsoft - Plugin NPAPI Ma-Config.com.) -- C:\Program Files\ma-config.com
phardwaredetection.dll
P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (. Microsoft Corporation - 4.0.51204.0.) -- c:\Program Files\Microsoft Silverlight\4.0.51204.0
pctrl.dll
P2 - FPN: [HKLM] [@microsoft.com/OfficeLive,version=1.5] - (.Microsoft Corp. - Office Live Update v1.5.) -- C:\Program Files\Microsoft\Office Live
pOLW.dll
P2 - FPN: [HKLM] [@microsoft.com/WLPG,version=14.0.8117.0416] - (.Microsoft Corporation - NPWLPG.) -- C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
P2 - FPN: [HKLM] [@microsoft.com/WPF,version=3.5] - (.Microsoft Corporation - Windows Presentation Foundation (WPF) plug-in for Mozilla browsers.) -- c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=8] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.2.183.39
pGoogleOneClick8.dll


---\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2)
F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\WINDOWS\explorer.exe
F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"


---\ Pages de démarrage d'Internet Explorer (R0)
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr


---\ Pages de recherche d'Internet Explorer (R1)
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk


---\ Internet Explorer URLSearchHook (R3)
R3 - URLSearchHook: NCH Toolbar - {c2db4fe6-8409-45ce-8010-189a7b5cce86} . (.Conduit Ltd. - Conduit Toolbar.) (6.2.2.4) -- C:\Program Files\NCH	bNCH.dll
R3 - URLSearchHook: NCH Toolbar - {22e03916-85c5-44b0-8dc9-1830c11238d9} . (.Conduit Ltd. - Conduit Toolbar.) (6.2.7.3) -- C:\Program Files\Elf_1	bElf_.dll
R3 - URLSearchHook: NCH Toolbar - {b9d63c58-90cc-428b-8d3b-cbb88eb07e7e} . (.Conduit Ltd. - Conduit Toolbar.) (6.2.7.3) -- C:\Program Files\Elf_1.15	bElf_.dll
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} . (.Pas de propriétaire - Pas de description.) (No version) -- C:\Program Files\OrangeHSS\SearchURLHook\SearchPageURL.dll
R3 - URLSearchHook: Search Class - {c2db4fe6-8409-45ce-8010-189a7b5cce86} . (.Conduit Ltd. - Conduit Toolbar.) (6.2.2.4) -- C:\Program Files\NCH	bNCH.dll
R3 - URLSearchHook: Search Class - {22e03916-85c5-44b0-8dc9-1830c11238d9} . (.Conduit Ltd. - Conduit Toolbar.) (6.2.7.3) -- C:\Program Files\Elf_1	bElf_.dll
R3 - URLSearchHook: Search Class - {b9d63c58-90cc-428b-8d3b-cbb88eb07e7e} . (.Conduit Ltd. - Conduit Toolbar.) (6.2.7.3) -- C:\Program Files\Elf_1.15	bElf_.dll


---\ Browser Helper Objects de navigateur (O2)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Elf 1 Toolbar - {22e03916-85c5-44b0-8dc9-1830c11238d9} . (.Conduit Ltd. - Conduit Toolbar.) -- C:\Program Files\Elf_1	bElf_.dll
O2 - BHO: McAfee Phishing Filter - {27B4851A-3207-45A2-B947-BE8AFE6163AB} . (.Pas de propriétaire - Pas de description.) -- c:\progra~1\mcafee\msk\mskapbho.dll
O2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} . (.Conduit Ltd. - Conduit Toolbar.) -- C:\Program Files\ConduitEngine\ConduitEngine.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} . (.Pas de propriétaire - Pas de description.) -- (.not file.)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} . (.Microsoft Corporation - Search Helper for Internet Explorer.) -- C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} . (.McAfee, Inc. - VSCore Script Scanner.) -- C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20101106133322.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corporation - Microsoft® Windows Live ID Login Helper.) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} . (.Google Inc. - Google Toolbar.) -- C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll
O2 - BHO: Elf 1.15 Toolbar - {b9d63c58-90cc-428b-8d3b-cbb88eb07e7e} . (.Conduit Ltd. - Conduit Toolbar.) -- C:\Program Files\Elf_1.15	bElf_.dll
O2 - BHO: NCH Toolbar - {c2db4fe6-8409-45ce-8010-189a7b5cce86} . (.Conduit Ltd. - Conduit Toolbar.) -- C:\Program Files\NCH	bNCH.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} . (.Microsoft Corporation - Windows Live Toolbar Core.) -- C:\Program Files\Windows Live\Toolbar\wltcore.dll


---\ Internet Explorer Toolbars (O3)
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} . (.Microsoft Corporation - Windows Live Toolbar Core.) -- C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: NCH Toolbar - {c2db4fe6-8409-45ce-8010-189a7b5cce86} . (.Conduit Ltd. - Conduit Toolbar.) -- C:\Program Files\NCH	bNCH.dll
O3 - Toolbar: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} . (.Conduit Ltd. - Conduit Toolbar.) -- C:\Program Files\ConduitEngine\ConduitEngine.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} . (.Google Inc. - Google Toolbar.) -- C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: Elf 1 Toolbar - {22e03916-85c5-44b0-8dc9-1830c11238d9} . (.Conduit Ltd. - Conduit Toolbar.) -- C:\Program Files\Elf_1	bElf_.dll
O3 - Toolbar: Elf 1.15 Toolbar - {b9d63c58-90cc-428b-8d3b-cbb88eb07e7e} . (.Conduit Ltd. - Conduit Toolbar.) -- C:\Program Files\Elf_1.15	bElf_.dll


---\ Applications démarrées par registre & par dossier (O4)
O4 - HKLM\..\Run: [Windows Defender] . (.Microsoft Corporation - Windows Defender User Interface.) -- C:\Program Files\Windows Defender\MSASCui.exe 
O4 - HKLM\..\Run: [RtHDVCpl] . (.Realtek Semiconductor - HD Audio Control Panel.) -- C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe 
O4 - HKLM\..\Run: [StartCCC] . (.Advanced Micro Devices, Inc. - Catalyst® Control Center Launcher.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe 
O4 - HKLM\..\Run: [Dell DataSafe Online] . (.Pas de propriétaire - DataSafeOnline.) -- C:\Program Files\Dell DataSafe Online\DataSafeOnline.exe 
O4 - HKLM\..\Run: [Microsoft Default Manager] . (.Microsoft Corporation - Microsoft Default Manager.) -- C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe 
O4 - HKLM\..\Run: [dellsupportcenter] . (.SupportSoft, Inc. - Dell Support Center Updates.) -- C:\Program Files\Dell Support Center\bin\sprtcmd.exe 
O4 - HKLM\..\Run: [ORAHSSSessionManager] . (.France Telecom SA - Pas de description.) -- C:\Program Files\OrangeHSS\SessionManager\SessionManager.exe 
O4 - HKLM\..\Run: [NeroFilterCheck] . (.Nero AG - NeroCheck.) -- C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe 
O4 - HKLM\..\Run: [mcui_exe] . (.McAfee, Inc. - McAfee Security Center.) -- C:\Program Files\McAfee.com\Agent\mcagent.exe 
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe 
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe 
O4 - HKLM\..\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe 
O4 - HKCU\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe 
O4 - HKCU\..\Run: [msnmsgr] . (.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe 
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] . (.Nero AG - Nero Home.) -- C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe 
O4 - HKCU\..\Run: [ehTray.exe] . (.Microsoft Corporation - Media Center Tray Applet.) -- C:\Windows\ehome\ehTray.exe 
O4 - HKCU\..\Run: [mrnexwasco.exe] C:\Users\Gerard\AppData\Local\Temp\mrnexwasco.exe (.not file.) 
O4 - HKCU\..\Run: [v700bin00mod.exe] C:\Users\Gerard\AppData\Roaming\6998B942FC0CB5C1A8B3B1057D806DE7\v700bin00mod.exe (.not file.) 
O4 - HKCU\..\Run: [WMPNSCFG] . (.Microsoft Corporation - Application de configuration du service Par.) -- C:\Program Files\Windows Media Player\WMPNSCFG.exe 
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe 
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter 
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe 
O4 - HKUS\S-1-5-20\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter 
O4 - HKUS\S-1-5-21-3531270471-375590653-355174037-1000\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe 
O4 - HKUS\S-1-5-21-3531270471-375590653-355174037-1000\..\Run: [msnmsgr] . (.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe 
O4 - HKUS\S-1-5-21-3531270471-375590653-355174037-1000\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] . (.Nero AG - Nero Home.) -- C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe 
O4 - HKUS\S-1-5-21-3531270471-375590653-355174037-1000\..\Run: [ehTray.exe] . (.Microsoft Corporation - Media Center Tray Applet.) -- C:\Windows\ehome\ehTray.exe 
O4 - HKUS\S-1-5-21-3531270471-375590653-355174037-1000\..\Run: [mrnexwasco.exe] C:\Users\Gerard\AppData\Local\Temp\mrnexwasco.exe (.not file.) 
O4 - HKUS\S-1-5-21-3531270471-375590653-355174037-1000\..\Run: [v700bin00mod.exe] C:\Users\Gerard\AppData\Roaming\6998B942FC0CB5C1A8B3B1057D806DE7\v700bin00mod.exe (.not file.) 
O4 - HKUS\S-1-5-21-3531270471-375590653-355174037-1000\..\Run: [WMPNSCFG] . (.Microsoft Corporation - Application de configuration du service Par.) -- C:\Program Files\Windows Media Player\WMPNSCFG.exe 
O4 - Global Startup: Adobe Gamma Loader.lnk . (.Adobe Systems, Inc. - Adobe Gamma Loader.)  -- C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Dell Dock.lnk . (.Stardock Corporation - Dell Dock.)  -- C:\Program Files\Dell\DellDock\DellDock.exe


---\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8)
O8 - Extra context menu item: E&xporter vers Microsoft Excel . (.Microsoft Corporation - Microsoft Office Excel.) -- C:\PROGRA~1\MICROS~2\Office12\EXCEL.exe
O8 - Extra context menu item: Google Sidewiki... . (.Google Inc. - Google Toolbar for Internet Explorer.) -- C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll


---\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} . (.Microsoft Corporation - Windows Live Writer Blog This Extension.) -- C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} . (.Microsoft Corporation - Microsoft Office OneNote Internet Explorer Add-in.) -- C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (.Pas de propriétaire - Pas de description.) -- C:\PROGRA~1\MICROS~2\Office12\REFBARH.ICO


---\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d'affectation de noms de messagerie.) -- C:\Windows\system32
apinsp.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur d'espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur d'espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\Windows\system32\mswsock.dll
O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll


---\ Site dans la Zone de confiance d'Internet Explorer (O15)
O15 - Trusted Zone: [HKCU\...\Domains] http.mappy.com
O15 - Trusted Zone: [HKCU\...\Domains\www] http.mappy.com
O15 - Trusted Zone: [HKCU\...\Domains] http.orange.fr
O15 - Trusted Zone: [HKCU\...\Domains\www] http.orange.fr


---\ Objets ActiveX (Downloaded Program Files)(O16)
O16 - DPF: {04CB5B64-5915-4629-B869-8945CEBADD21} (Module de délivrance de certificat MINEFI) - https://static.impots.gouv.fr/abos/static/securite/certdgi1.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} () - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab


---\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{63A2C456-2C9D-452E-BD7C-28821ADEFCDB}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{63A2C456-2C9D-452E-BD7C-28821ADEFCDB}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{63A2C456-2C9D-452E-BD7C-28821ADEFCDB}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 192.168.1.1


---\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: GoToAssist . (.Citrix Online, a division of Citrix Systems - Citrix Online GoToAssist.) -- C:\Program Files\Citrix\GoToAssist\514\G2AWinLogon.dll


---\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} . (.Microsoft Corporation - Contrôleur de site Web.) -- C:\Windows\System32\webcheck.dll


---\ Clé de Registre autorun SharedTaskScheduler (STS) (O22)
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\Windows\system32\browseui.dll


---\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: Andrea RT Filters Service (AERTFilters) . (.Andrea Electronics Corporation - Andrea filters APO access service (32-bit).) - C:\Program Files\Realtek\Audio\HDA\AERTSrv.exe
O23 - Service:  (Ati External Event Utility) . (.ATI Technologies Inc. - ATI External Event Utility EXE Module.) - C:\Windows\system32\Ati2evxx.exe
O23 - Service: Dock Login Service (DockLoginService) . (.Stardock Corporation - Dock Login Service.) - C:\Program Files\Dell\DellDock\DockLogin.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) . (.France Telecom SA - Pas de description.) - C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
O23 - Service: Service Google Update (gupdate) (gupdate) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Service McAfee Personal Firewall (McMPFSvc) . (.McAfee, Inc. - McAfee Service Host.) - C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
O23 - Service: McAfee Services (mcmscsvc) . (.McAfee, Inc. - McAfee Service Host.) - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
O23 - Service: McAfee VirusScan Announcer (McNaiAnn) . (.McAfee, Inc. - McAfee Service Host.) - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
O23 - Service: McAfee Network Agent (McNASvc) . (.McAfee, Inc. - McAfee Service Host.) - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
O23 - Service: McAfee Proxy Service (McProxy) . (.McAfee, Inc. - McAfee Service Host.) - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
O23 - Service: McShield (McShield) . (.McAfee, Inc. - McAfee On-Access Scanner service.) - C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
O23 - Service: McAfee Firewall Core Service (mfefire) . (.McAfee, Inc. - McAfee Core Firewall Service.) - C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
O23 - Service: McAfee Validation Trust Protection Service (mfevtp) . (.McAfee, Inc. - McAfee Process Validation Service.) - C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe
O23 - Service: McAfee Anti-Spam Service (MSK80Service) . (.McAfee, Inc. - McAfee Service Host.) - C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
O23 - Service: SoftThinks Agent Service (SftService) . (.SoftThinks - SoftThinks Agent Service.) - C:\Program Files\Dell DataSafe Local Backup\sftservice.exe
O23 - Service: SupportSoft Sprocket Service (DellSupportCenter) (sprtsvc_DellSupportCenter) . (.SupportSoft, Inc. - SupportSoft Agent Service.) - C:\Program Files\Dell Support Center\bin\sprtsvc.exe


---\ Enumération Active Desktop & MHTML Editor (O24)
O24 - Default MHTML Editor: Last - .(.Pas de propriétaire - Pas de description.) -  (.not file.)


---\ Tâches planifiées en automatique (O39)
O39 - APT:Automatic Planified Task  - C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
O39 - APT:Automatic Planified Task  - C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
O39 - APT:Automatic Planified Task  - C:\Windows\Tasks\User_Feed_Synchronization-{C65D1A6F-1677-4A4F-8E58-B141AF407C14}.job


---\ Composants installés (ActiveSetup Installed Components) (O40)
O40 - ASIC: Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608500} . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre6\binegutils.dll
O40 - ASIC: PixiePack Codec Pack 1.1.1200.0 - {A8D647C8-65AC-409F-B7B2-3C0FEE1A32F2} . (.Pas de propriétaire - Pas de description.) -- C:\Program Files\PixiePack Codec Pack\InstallerHelper.exe
O40 - ASIC: Adobe Flash Player - {D27CDB6E-AE6D-11CF-96B8-444553540000} . (.Adobe Systems, Inc. - Adobe Flash Player 10.1 r102.) -- C:\Windows\system32\Macromed\Flash\Flash10l.ocx


---\ Pilotes lancés au démarrage (O41)
O41 - Driver: McAfee NDIS Light Filter (mfenlfk) . (.McAfee, Inc. - McAfee NDIS Light Filter Driver.) - C:\Windows\system32\DRIVERS\mfenlfk.sys
O41 - Driver: McAfee Inc. mfewfpk (mfewfpk) . (.McAfee, Inc. - Anti-Virus Mini-Firewall Driver.) - C:\Windows\system32\drivers\mfewfpk.sys


---\ Logiciels installés (O42)
O42 - Logiciel: ATI Catalyst Control Center - (.Pas de propriétaire.) [HKLM] -- {055EE59D-217B-43A7-ABFF-507B966405D8}
O42 - Logiciel: AVS Update Manager 1.0 - (.Online Media Technologies Ltd..) [HKLM] -- AVS Update Manager_is1
O42 - Logiciel: AVS Video Converter 7 - (.Online Media Technologies Ltd..) [HKLM] -- AVS4YOU Video Converter 7_is1
O42 - Logiciel: AVS4YOU Software Navigator 1.4 - (.Online Media Technologies Ltd..) [HKLM] -- AVS4YOU Software Navigator_is1
O42 - Logiciel: Adobe Flash Player 10 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX
O42 - Logiciel: Adobe Flash Player 10 Plugin - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player Plugin
O42 - Logiciel: Adobe Photoshop 7.0 - (.Adobe Systems, Inc..) [HKLM] -- Adobe Photoshop 7.0
O42 - Logiciel: Adobe Reader X (10.0.1) - Français - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-1036-7B44-AA0000000001}
O42 - Logiciel: ArcSoft Software Suite - (.ArcSoft.) [HKLM] -- {F96368D6-ECE9-4502-B5C4-A4200637F2A3}
O42 - Logiciel: Assistant de connexion Windows Live ID - (.Microsoft Corporation.) [HKLM] -- {0840B4D6-7DD1-4187-8523-E6FC0007EFB7}
O42 - Logiciel: Catalyst Control Center - Branding - (.ATI.) [HKLM] -- {A69D7B32-2BE9-42BF-B576-69B5E0FF7394}
O42 - Logiciel: Conduit Engine - (.Conduit Ltd..) [HKLM] -- conduitEngine
O42 - Logiciel: Dell DataSafe Local Backup - (.Dell.) [HKLM] -- {0ED7EE95-6A97-47AA-AD73-152C08A15B04}
O42 - Logiciel: Dell DataSafe Local Backup - Support Software - (.Dell.) [HKLM] -- {A9668246-FB70-4103-A1E3-66C9BC2EFB49}
O42 - Logiciel: Dell DataSafe Online - (.Dell, Inc..) [HKLM] -- {13766F76-6C8C-4E57-A9F3-3212D1C6E0D1}
O42 - Logiciel: Dell Dock - (.Dell.) [HKLM] -- {E00B477F-8558-45DA-B25A-69935FB89A94}
O42 - Logiciel: Dell Edoc Viewer - (.Dell Inc.) [HKLM] -- {3138EAD3-700B-4A10-B617-B3F8096EE30D}
O42 - Logiciel: Dell Getting Started Guide - (.Dell Inc..) [HKLM] -- {7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}
O42 - Logiciel: Dell Support Center (Logiciel de support) - (.Dell.) [HKLM] -- {E3BFEE55-39E2-4BE0-B966-89FE583822C1}
O42 - Logiciel: Dell-eBay - (.Dell.) [HKLM] -- {B935C985-A17F-484B-8470-09E4FC27DC26}
O42 - Logiciel: Elf 1 Toolbar - (.Elf 1.) [HKLM] -- Elf_1 Toolbar
O42 - Logiciel: Elf 1.15 Toolbar - (.Elf 1.15.) [HKLM] -- Elf_1.15 Toolbar
O42 - Logiciel: FormatFactory 2.30 - (.Free Time.) [HKLM] -- FormatFactory
O42 - Logiciel: Free Mp3 Wma Converter V 1.81 - (.Pas de propriétaire.) [HKLM] -- Free Mp3 Wma Converter_is1
O42 - Logiciel: Galerie de photos Windows Live - (.Microsoft Corporation.) [HKLM] -- {1EE04769-91C4-4A06-92B7-FCAFE6BABDD9}
O42 - Logiciel: GoToAssist 8.0.0.514 - (.Pas de propriétaire.) [HKLM] -- GoToAssist
O42 - Logiciel: Google Chrome - (.Google Inc..) [HKLM] -- Google Chrome
O42 - Logiciel: Google Toolbar for Internet Explorer - (.Google Inc..) [HKLM] -- {18455581-E099-4BA8-BC6B-F34B2F06600C}
O42 - Logiciel: Google Toolbar for Internet Explorer - (.Google Inc..) [HKLM] -- {2318C2B1-4965-11d4-9B18-009027A5CD4F}
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
O42 - Logiciel: Google Earth - (.Google.) [HKLM] -- {4286E640-B5FB-11DF-AC4B-005056C00008}
O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB953595
O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB958484
O42 - Logiciel: Installation Windows Live - (.Microsoft Corporation.) [HKLM] -- WinLiveSuite_Wave3
O42 - Logiciel: Installation Windows Live - (.Microsoft Corporation.) [HKLM] -- {133742BA-6F46-4D3E-85AF-78631D9AD8B8}
O42 - Logiciel: Java(TM) 6 Update 13 - (.Sun Microsystems, Inc..) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F83216013FF}
O42 - Logiciel: Junk Mail filter update - (.Microsoft Corporation.) [HKLM] -- {8E5233E1-7495-44FB-8DEB-4BE906D59619}
O42 - Logiciel: Logiciel d'archivage WinRAR - (.Pas de propriétaire.) [HKLM] -- WinRAR archiver
O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM] -- {22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
O42 - Logiciel: Ma-Config.com - (.Cybelsoft.) [HKLM] -- {425FFD94-36BD-4933-881B-FE0B9DADF2B7}
O42 - Logiciel: Malwarebytes' Anti-Malware - (.Malwarebytes Corporation.) [HKLM] -- Malwarebytes' Anti-Malware_is1
O42 - Logiciel: McAfee SecurityCenter - (.McAfee, Inc..) [HKLM] -- MSC
O42 - Logiciel: Microsoft .NET Framework 3.5 Language Pack SP1 - fra - (.Microsoft Corporation.) [HKLM] -- {3E31821C-7917-367E-938E-E65FC413EA31}
O42 - Logiciel: Microsoft .NET Framework 3.5 SP1 - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 3.5 SP1
O42 - Logiciel: Microsoft .NET Framework 3.5 SP1 - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Client Profile
O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}
O42 - Logiciel: Microsoft .NET Framework 4 Client Profile FRA Language Pack - (.Microsoft Corporation.) [HKLM] -- {0F5B4A82-9DAF-3D13-8CB8-AEB25E4A614E}
O42 - Logiciel: Microsoft Choice Guard - (.Microsoft Corporation.) [HKLM] -- {F0E12BBA-AD66-4022-A453-A1C8A0C4D570}
O42 - Logiciel: Microsoft Default Manager - (.Microsoft Corporation.) [HKLM] -- {095B1DCF-5E8B-47EC-9B18-481918A731DB}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0016-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0018-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001B-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-006E-040C-0000-0000000FF1CE}_HOMESTUDENTR_{B165D3C2-40AE-4D39-86F7-E5C87C4264C0}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-00A1-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}
O42 - Logiciel: Microsoft Office Excel MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0016-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Home and Student 2007 - (.Microsoft Corporation.) [HKLM] -- HOMESTUDENTR
O42 - Logiciel: Microsoft Office Home and Student 2007 - (.Microsoft Corporation.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Live Add-in 1.5 - (.Microsoft Corporation.) [HKLM] -- {F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}
O42 - Logiciel: Microsoft Office OneNote MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-00A1-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office PowerPoint MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0018-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (Arabic) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0401-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (Dutch) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0413-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (English) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0409-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (German) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0407-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (Spanish) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0C0A-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proofing (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-002C-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0401-0000-0000000FF1CE}_HOMESTUDENTR_{14809F99-C601-4D4A-9391-F1E8FAA964C5}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A0516415-ED61-419A-981D-93596DA74165}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0413-0000-0000000FF1CE}_HOMESTUDENTR_{D66D5A44-E480-4BA4-B4F2-C554F6B30EBB}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}
O42 - Logiciel: Microsoft Office Shared MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-006E-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Word MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001B-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft SQL Server 2005 Compact Edition [ENU] - (.Microsoft Corporation.) [HKLM] -- {F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
O42 - Logiciel: Microsoft Search Enhancement Pack - (.Microsoft Corporation.) [HKLM] -- {4CBA3D4C-8F51-4D60-B27E-F6B641C571E7}
O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
O42 - Logiciel: Microsoft Sync Framework Runtime Native v1.0 (x86) - (.Microsoft Corporation.) [HKLM] -- {8A74E887-8F0F-4017-AF53-CBA42211AAA5}
O42 - Logiciel: Microsoft Sync Framework Services Native v1.0 (x86) - (.Microsoft Corporation.) [HKLM] -- {BD64AF4A-8C80-4152-AD77-FCDDF05208AB}
O42 - Logiciel: Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 - (.Microsoft Corporation.) [HKLM] -- {770657D0-A123-3C07-8E44-1C83EC895118}
O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable - (.Microsoft Corporation.) [HKLM] -- {837b34e3-7c30-493c-8f6a-2b0f04e2912c}
O42 - Logiciel: Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 - (.Microsoft Corporation.) [HKLM] -- {002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 - (.Microsoft Corporation.) [HKLM] -- {9A25302D-30C0-39D9-BD6F-21E6EC160475}
O42 - Logiciel: Module linguistique Microsoft .NET Framework 3.5 SP1- fra - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 3.5 Language Pack SP1 - fra
O42 - Logiciel: Module linguistique Microsoft .NET Framework 4 Client Profile FRA - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Client Profile FRA Language Pack
O42 - Logiciel: Mozilla Firefox (3.0.18) - (.Mozilla.) [HKLM] -- Mozilla Firefox (3.0.18)
O42 - Logiciel: NCH Toolbar - (.NCH.) [HKLM] -- NCH Toolbar
O42 - Logiciel: Nero 7 Premium - (.Nero AG.) [HKLM] -- {1CDFA6DE-FD15-4821-AB48-2832D6FA1036}
O42 - Logiciel: Orange - Logiciels Internet - (.Pas de propriétaire.) [HKLM] -- {ORAHSS}.UninstallSuite
O42 - Logiciel: Outil de téléchargement Windows Live - (.Microsoft Corporation.) [HKLM] -- {205C6BDD-7B73-42DE-8505-9A093F35A238}
O42 - Logiciel: PixiePack Codec Pack - (.None.) [HKLM] -- {A8D647C8-65AC-409F-B7B2-3C0FEE1A32F2}
O42 - Logiciel: Prism Video File Converter - (.NCH Software.) [HKLM] -- Prism
O42 - Logiciel: Quick Zip 4.60.019 - (.Joseph Leung.) [HKLM] -- Quick Zip_is1
O42 - Logiciel: RealWorld Paint.COM - (.RealWorld Graphics.) [HKLM] -- {B6883DA2-2EBE-4DD1-80F1-8954998E7788}
O42 - Logiciel: Realtek High Definition Audio Driver - (.Pas de propriétaire.) [HKLM] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}
O42 - Logiciel: Roxio Creator Audio - (.Roxio.) [HKLM] -- {73A4F29F-31AC-4EBD-AA1B-0CC5F18C8F83}
O42 - Logiciel: Roxio Creator Copy - (.Roxio.) [HKLM] -- {B6A26DE5-F2B5-4D58-9570-4FC760E00FCD}
O42 - Logiciel: Roxio Creator DE - (.Roxio.) [HKLM] -- {09760D42-E223-42AD-8C3E-55B47D0DDAC3}
O42 - Logiciel: Roxio Creator DE - (.Roxio.) [HKLM] -- {ED439A64-F018-4DD4-8BA5-328D85AB09AB}
O42 - Logiciel: Roxio Creator Data - (.Roxio.) [HKLM] -- {08E81ABD-79F7-49C2-881F-FD6CB0975693}
O42 - Logiciel: Roxio Creator Tools - (.Roxio.) [HKLM] -- {1F54DAFA-9261-4A62-B59D-6C9F26B48FE4}
O42 - Logiciel: Roxio Express Labeler 3 - (.Roxio.) [HKLM] -- {6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}
O42 - Logiciel: Roxio Update Manager - (.Roxio.) [HKLM] -- {30465B6C-B53F-49A1-9EBA-A3F187AD502E}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2288621) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{5C497F0B-2061-4CC9-A61C-6B45B867354D}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2288931) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{CD769337-C8AC-46DB-A7DC-643E50089263}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2289158) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{210B16C0-CEBD-4DE9-B474-04A7E8735E16}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2344875) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6FC5C4C1-D7AE-44C3-94B7-6424FC3E752F}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2345043) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{536FB502-775F-4494-BACE-C02CC90B7A5B}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB969559) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{69F52148-9BF6-4CDC-BF76-103DEAF3DD08}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB976321) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{7F207DCA-3399-40CB-A968-6E5991B1421A}
O42 - Logiciel: Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB2416473
O42 - Logiciel: Security Update for Microsoft Office Excel 2007 (KB2345035) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{B23002DD-34EC-4988-B810-A5E2A0BF04F1}
O42 - Logiciel: Security Update for Microsoft Office InfoPath 2007 (KB979441) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{8CCB781A-CF6B-4FCB-B6D8-59C64DF5C6DB}
O42 - Logiciel: Security Update for Microsoft Office PowerPoint 2007 (KB982158) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{F5B70033-E79C-4569-90BF-BC9B4E4F3F46}
O42 - Logiciel: Security Update for Microsoft Office PowerPoint Viewer (KB2413381) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3DED0A62-44C8-4E00-A785-5212F297A9D9}
O42 - Logiciel: Security Update for Microsoft Office Visio Viewer 2007 (KB973709) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{71127777-8B2C-4F97-AF7A-6CF8CAC8224D}
O42 - Logiciel: Security Update for Microsoft Office Word 2007 (KB2344993) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{7A5B74FA-7A92-4FC9-821A-2DD5D4E73E48}
O42 - Logiciel: Security Update for Microsoft Office system 2007 (972581) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}
O42 - Logiciel: Security Update for Microsoft Office system 2007 (KB974234) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{FCD742B9-7A55-44BC-A776-F795F21FEDDC}
O42 - Logiciel: USB Storage Driver - (.Pas de propriétaire.) [HKLM] -- GENEUIDE
O42 - Logiciel: Uninstall Dual Mode Camera - (.Pas de propriétaire.) [HKLM] -- Dual Mode Camera_is1
O42 - Logiciel: Update for 2007 Microsoft Office System (KB967642) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}
O42 - Logiciel: Update for Microsoft .NET Framework 3.5 SP1 (KB963707) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707
O42 - Logiciel: Update for Microsoft Office OneNote 2007 (KB980729) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{329050A9-EF80-40F9-B633-74508F54C1FF}
O42 - Logiciel: VLC media player 1.0.2 - (.VideoLAN Team.) [HKLM] -- VLC media player
O42 - Logiciel: Windows Live Call - (.Microsoft Corporation.) [HKLM] -- {B3B487E7-6171-4376-9074-B28082CEB504}
O42 - Logiciel: Windows Live Communications Platform - (.Microsoft Corporation.) [HKLM] -- {3175E049-F9A9-4A3D-8F19-AC9FB04514D1}
O42 - Logiciel: Windows Live FolderShare - (.Microsoft Corporation.) [HKLM] -- {76810709-A7D3-468D-9167-A1780C1E766C}
O42 - Logiciel: Windows Live Mail - (.Microsoft Corporation.) [HKLM] -- {5DD76286-9BE7-4894-A990-E905E91AC818}
O42 - Logiciel: Windows Live Messenger - (.Microsoft Corporation.) [HKLM] -- {445B183D-F4F1-45C8-B9DB-F11355CA657B}
O42 - Logiciel: Windows Live Movie Maker - (.Microsoft Corporation.) [HKLM] -- {230B83A5-7D88-4B95-B71E-F44C0C78B002}
O42 - Logiciel: Windows Live Toolbar - (.Microsoft Corporation.) [HKLM] -- {9D6524E6-15CF-4852-BF70-04FE973A3DE1}
O42 - Logiciel: Windows Live Writer - (.Microsoft Corporation.) [HKLM] -- {4634B21A-CC07-4396-890C-2B8168661FEA}
O42 - Logiciel: Windows Movie Maker 2.6 - (.Microsoft Corporation.) [HKLM] -- {B3DAF54F-DB25-4586-9EF1-96D24BB14088}
O42 - Logiciel: eMule - (.Pas de propriétaire.) [HKLM] -- eMule

---\ HKCU & HKLM Software Keys
[HKCU\Software\ATI]
[HKCU\Software\AVS4YOU]
[HKCU\Software\Ad-Remover]
[HKCU\Software\Adobe]
[HKCU\Software\Ahead]
[HKCU\Software\AppDataLow\Software\Elf_1.15]
[HKCU\Software\AppDataLow\Software\Elf_1]
[HKCU\Software\AppDataLow\Software\Microsoft]
[HKCU\Software\AppDataLow\Software\Monitored]
[HKCU\Software\AppDataLow\Software\NCH]
[HKCU\Software\AppDataLow\Software\conduitEngine]
[HKCU\Software\AppDataLow\Software\settings]
[HKCU\Software\AppDataLow\Software]
[HKCU\Software\AppDataLow\Toolbar]
[HKCU\Software\AppDataLow]
[HKCU\Software\ArcSoft]
[HKCU\Software\CanonBJ]
[HKCU\Software\Classes]
[HKCU\Software\Clients]
[HKCU\Software\Dell]
[HKCU\Software\FF]
[HKCU\Software\FreeTime]
[HKCU\Software\GNU]
[HKCU\Software\Gabest]
[HKCU\Software\Google]
[HKCU\Software\Haali]
[HKCU\Software\IM Providers]
[HKCU\Software\JavaSoft]
[HKCU\Software\LdShih]
[HKCU\Software\Macromedia]
[HKCU\Software\Malwarebytes' Anti-Malware]
[HKCU\Software\McAfee]
[HKCU\Software\MozillaPlugins]
[HKCU\Software\NCH Software]
[HKCU\Software\NCH Swift Sound]
[HKCU\Software\Nero]
[HKCU\Software\Netscape]
[HKCU\Software\ODBC]
[HKCU\Software\Official-eMule]
[HKCU\Software\Policies]
[HKCU\Software\QUAD Utilities]
[HKCU\Software\Quickzip]
[HKCU\Software\RapidSolution]
[HKCU\Software\RealWorld]
[HKCU\Software\Realtek]
[HKCU\Software\Roxio]
[HKCU\Software\Softonic]
[HKCU\Software\SupportSoft]
[HKCU\Software\VB and VBA Program Settings]
[HKCU\Software\WinRAR SFX]
[HKCU\Software\WinRAR]
[HKCU\Software\Windows Live Writer]
[HKCU\Software\cybelsoft]
[HKCU\Software\eMule]
[HKCU\Software\keyhole.com]
[HKLM\Software\AMD]
[HKLM\Software\ATI Technologies]
[HKLM\Software\ATI]
[HKLM\Software\AVS4YOU]
[HKLM\Software\Adobe]
[HKLM\Software\America Online]
[HKLM\Software\ArcSoft]
[HKLM\Software\Audible]
[HKLM\Software\AviSynth]
[HKLM\Software\BrowserChoice]
[HKLM\Software\CDDB]
[HKLM\Software\Canon]
[HKLM\Software\Caphyon]
[HKLM\Software\Citrix]
[HKLM\Software\Classes]
[HKLM\Software\Clients]
[HKLM\Software\Dell]
[HKLM\Software\Elf_1.15]
[HKLM\Software\Elf_1]
[HKLM\Software\FRANCE TELECOM]
[HKLM\Software\GNU]
[HKLM\Software\Google]
[HKLM\Software\HaaliMkx]
[HKLM\Software\Intel]
[HKLM\Software\JL2005C]
[HKLM\Software\JL2005C_11]
[HKLM\Software\JL2005C_1]
[HKLM\Software\JL2005C_2]
[HKLM\Software\JL2005C_3]
[HKLM\Software\JL2005C_4]
[HKLM\Software\JL2005C_5]
[HKLM\Software\JL2005C_6]
[HKLM\Software\JL6_DECODE]
[HKLM\Software\JavaSoft]
[HKLM\Software\Macromedia]
[HKLM\Software\Malwarebytes' Anti-Malware]
[HKLM\Software\McAfee.com]
[HKLM\Software\McAfeeInstaller]
[HKLM\Software\McAfee]
[HKLM\Software\MicroVision]
[HKLM\Software\Mozilla Firefox 3.0.4]
[HKLM\Software\MozillaPlugins]
[HKLM\Software\Mozilla]
[HKLM\Software\NCH Software]
[HKLM\Software\NCH Swift Sound]
[HKLM\Software\NCH]
[HKLM\Software\Nero]
[HKLM\Software\ODBC]
[HKLM\Software\Official-eMule]
[HKLM\Software\PC-Doctor]
[HKLM\Software\Policies]
[HKLM\Software\QUAD Utilities]
[HKLM\Software\RapidSolution]
[HKLM\Software\Realtek]
[HKLM\Software\RegisteredApplications]
[HKLM\Software\Roxio]
[HKLM\Software\SRS Labs]
[HKLM\Software\SoftThinks]
[HKLM\Software\Sonic]
[HKLM\Software\SupportSoft]
[HKLM\Software\VideoLAN]
[HKLM\Software\WOW6432Node]
[HKLM\Software\WinRAR]
[HKLM\Software\ahead]
[HKLM\Software\cybelsoft]
[HKLM\Software\mozilla.org]


---\ Contenu des dossiers ProgramFiles/ProgramData (O43)
O43 - CFD:Common File Directory ----D- C:\Program Files\Ad-Remover
O43 - CFD:Common File Directory ----D- C:\Program Files\Adobe
O43 - CFD:Common File Directory ----D- C:\Program Files\ArcSoft
O43 - CFD:Common File Directory ----D- C:\Program Files\ATI Technologies
O43 - CFD:Common File Directory ----D- C:\Program Files\AVS4YOU
O43 - CFD:Common File Directory ----D- C:\Program Files\Canon
O43 - CFD:Common File Directory ----D- C:\Program Files\Citrix
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files
O43 - CFD:Common File Directory ----D- C:\Program Files\ConduitEngine
O43 - CFD:Common File Directory ----D- C:\Program Files\Dell
O43 - CFD:Common File Directory ----D- C:\Program Files\Dell DataSafe Local Backup
O43 - CFD:Common File Directory ----D- C:\Program Files\Dell DataSafe Online
O43 - CFD:Common File Directory ----D- C:\Program Files\Dell Inc
O43 - CFD:Common File Directory ----D- C:\Program Files\Dell Support Center
O43 - CFD:Common File Directory ----D- C:\Program Files\Driver Mender
O43 - CFD:Common File Directory ----D- C:\Program Files\Elf_1
O43 - CFD:Common File Directory ----D- C:\Program Files\Elf_1.15
O43 - CFD:Common File Directory ----D- C:\Program Files\eMule
O43 - CFD:Common File Directory -SH-D- C:\Program Files\Fichiers communs
O43 - CFD:Common File Directory ----D- C:\Program Files\Free Audio Pack
O43 - CFD:Common File Directory ----D- C:\Program Files\FreeTime
O43 - CFD:Common File Directory ----D- C:\Program Files\Google
O43 - CFD:Common File Directory --H-D- C:\Program Files\InstallShield Installation Information
O43 - CFD:Common File Directory ----D- C:\Program Files\Intel
O43 - CFD:Common File Directory ----D- C:\Program Files\Internet Explorer
O43 - CFD:Common File Directory ----D- C:\Program Files\Java
O43 - CFD:Common File Directory ----D- C:\Program Files\JL2005C
O43 - CFD:Common File Directory ----D- C:\Program Files\lj631fr
O43 - CFD:Common File Directory ----D- C:\Program Files\lj632
O43 - CFD:Common File Directory ----D- C:\Program Files\ma-config.com
O43 - CFD:Common File Directory ----D- C:\Program Files\Malwarebytes' Anti-Malware
O43 - CFD:Common File Directory ----D- C:\Program Files\McAfee
O43 - CFD:Common File Directory ----D- C:\Program Files\McAfee.com
O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft
O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft Games
O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft Office
O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft Silverlight
O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft SQL Server Compact Edition
O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft Sync Framework
O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft Works
O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft.NET
O43 - CFD:Common File Directory ----D- C:\Program Files\Movie Maker
O43 - CFD:Common File Directory ----D- C:\Program Files\Movie Maker 2.6
O43 - CFD:Common File Directory ----D- C:\Program Files\Mozilla Firefox
O43 - CFD:Common File Directory ----D- C:\Program Files\MSBuild
O43 - CFD:Common File Directory ----D- C:\Program Files\NCH
O43 - CFD:Common File Directory ----D- C:\Program Files\NCH Software
O43 - CFD:Common File Directory ----D- C:\Program Files\Nero
O43 - CFD:Common File Directory ----D- C:\Program Files\OrangeHSS
O43 - CFD:Common File Directory ----D- C:\Program Files\PixiePack Codec Pack
O43 - CFD:Common File Directory ----D- C:\Program Files\QuickZip4
O43 - CFD:Common File Directory ----D- C:\Program Files\Realtek
O43 - CFD:Common File Directory ----D- C:\Program Files\RealWorld Paint.COM
O43 - CFD:Common File Directory ----D- C:\Program Files\Reference Assemblies
O43 - CFD:Common File Directory ----D- C:\Program Files\Roxio
O43 - CFD:Common File Directory ----D- C:\Program Files\Securitoo
O43 - CFD:Common File Directory --H-D- C:\Program Files\Uninstall Information
O43 - CFD:Common File Directory ----D- C:\Program Files\VDownloader 1.13
O43 - CFD:Common File Directory ----D- C:\Program Files\VideoLAN
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Calendar
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Collaboration
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Defender
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Journal
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Live
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Live SkyDrive
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Mail
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Media Player
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows NT
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Photo Gallery
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Portable Devices
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Sidebar
O43 - CFD:Common File Directory ----D- C:\Program Files\WinRAR
O43 - CFD:Common File Directory ----D- C:\Program Files\ZHPDiag
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Adobe
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Ahead
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\ArcSoft
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\AVSMedia
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\DESIGNER
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\France Telecom
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\InstallShield
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\McAfee
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\microsoft shared
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\PX Storage Engine
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Roxio Shared
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Services
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Sonic Shared
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\SpeechEngines
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\supportsoft
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\SureThing Shared
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\System
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Windows Live
O43 - CFD:Common File Directory ----D- C:\ProgramData\Adobe
O43 - CFD:Common File Directory -SH-D- C:\ProgramData\Application Data
O43 - CFD:Common File Directory ----D- C:\ProgramData\ATI
O43 - CFD:Common File Directory ----D- C:\ProgramData\AVS4YOU
O43 - CFD:Common File Directory -SH-D- C:\ProgramData\Bureau
O43 - CFD:Common File Directory --H-D- C:\ProgramData\CanonBJ
O43 - CFD:Common File Directory ----D- C:\ProgramData\Dell
O43 - CFD:Common File Directory -SH-D- C:\ProgramData\Documents
O43 - CFD:Common File Directory ----D- C:\ProgramData\Driver Mender
O43 - CFD:Common File Directory ----D- C:\ProgramData\eMule
O43 - CFD:Common File Directory -SH-D- C:\ProgramData\Favoris
O43 - CFD:Common File Directory ----D- C:\ProgramData\Google
O43 - CFD:Common File Directory ----D- C:\ProgramData\InstallShield
O43 - CFD:Common File Directory ----D- C:\ProgramData\ma-config.com
O43 - CFD:Common File Directory ----D- C:\ProgramData\Malwarebytes
O43 - CFD:Common File Directory ----D- C:\ProgramData\McAfee
O43 - CFD:Common File Directory -SH-D- C:\ProgramData\Menu Démarrer
O43 - CFD:Common File Directory ----D- C:\ProgramData\Microsoft
O43 - CFD:Common File Directory ----D- C:\ProgramData\Microsoft Help
O43 - CFD:Common File Directory -SH-D- C:\ProgramData\Modèles
O43 - CFD:Common File Directory ----D- C:\ProgramData\NCH Software
O43 - CFD:Common File Directory ----D- C:\ProgramData\Nero
O43 - CFD:Common File Directory ----D- C:\ProgramData\PC Drivers HeadQuarters
O43 - CFD:Common File Directory ----D- C:\ProgramData\PCDr
O43 - CFD:Common File Directory ----D- C:\ProgramData\QUAD Utilities
O43 - CFD:Common File Directory ----D- C:\ProgramData\RapidSolution
O43 - CFD:Common File Directory ----D- C:\ProgramData\Sonic
O43 - CFD:Common File Directory ----D- C:\ProgramData\SupportSoft
O43 - CFD:Common File Directory ----D- C:\ProgramData\UAB
O43 - CFD:Common File Directory ----D- C:\ProgramData\Uninstall
O43 - CFD:Common File Directory ----D- C:\ProgramData\WinZip
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Adobe
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Ahead
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\ArcSoft
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\AVSMedia
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\DESIGNER
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\France Telecom
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\InstallShield
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\McAfee
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\microsoft shared
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\PX Storage Engine
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Roxio Shared
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Services
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Sonic Shared
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\SpeechEngines
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\supportsoft
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\SureThing Shared
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\System
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Windows Live


---\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.26C58ADE3468A2E2CF448E55CA76C442] - 16/02/2011 - 15:43:18 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\PerfStringBackup.INI   [1554456]
O44 - LFC:[MD5.D797F9F94EE492390E5E72C4E6A08F71] - 16/02/2011 - 15:43:18 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\perfc009.dat   [112480]
O44 - LFC:[MD5.77BD10848910D536524655669A8154A4] - 16/02/2011 - 15:43:18 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\perfc00C.dat   [136172]
O44 - LFC:[MD5.D516CFDDB13DDDF014E00D8ED1D340BD] - 16/02/2011 - 15:43:18 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\perfh009.dat   [604790]
O44 - LFC:[MD5.36812F7FAEC88F512A5C4A811D79286B] - 16/02/2011 - 15:43:18 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\perfh00C.dat   [708488]
O44 - LFC:[MD5.00000000000000000000000000000000] - 16/02/2011 - 15:42:06 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\WindowsUpdate.log   [1914788]
O44 - LFC:[MD5.54C14A4E7ACD9E94D874BC5149146916] - 16/02/2011 - 15:38:51 -S-A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\bootstat.dat   [67584]
O44 - LFC:[MD5.7B66908964F

Utilisateur anonyme · Answer

Pour pouvoir t'aider correctement fais se que l'on te demande .Merci.
Héberge le rapport ZHPDiag.txt sur le site cijoint.fr ou toofiles  puis copie/colle le lien fournit dans ta prochaine réponse sur le forum

gégé57310 · Answer

excuse moi mais je suis un peu limité question connaissances informatique.Quand je clique sur le document exte il s'affiche dans le bloc note.Je ne trouve pas de lien indiqué pour le copie/colle sur le forum,c'est pour cela que je fais la copie entière du résultat

Utilisateur anonyme · Answer

comment héberger les fichiers
Tuto
http://sd-1.archive-host.com/membres/up/68979205412808752/CCM/cijoint.htm

gégé57310 · Answer

ok merci
http://www.cijoint.fr/cjlink.php?file=cj201102/cijSEFcuiO.txt

Utilisateur anonyme · Answer

A faire dans l'ordre. 

1/ Copie/colle les lignes suivantes et place les dans ZHPFix :
2/Lance ZHPFix (soit via le raccourci sur ton Bureau, soit via ZHPDiag)
3/Clique sur l'icone représentant la lettre H (« coller les lignes Helper »)

----------------------------------------------------------
O4 - HKCU\..\Run: [mrnexwasco.exe] C:\Users\Gerard\AppData\Local\Temp\mrnexwasco.exe (.not file.) 
O4 - HKCU\..\Run: [v700bin00mod.exe] C:\Users\Gerard\AppData\Roaming\6998B942FC0CB5C1A8B3B1057D806DE7\v700bin00mod.exe (.not file.)     
O4 - HKUS\S-1-5-21-3531270471-375590653-355174037-1000\..\Run: [mrnexwasco.exe] C:\Users\Gerard\AppData\Local\Temp\mrnexwasco.exe (.not file.) 
O4 - HKUS\S-1-5-21-3531270471-375590653-355174037-1000\..\Run: [v700bin00mod.exe] C:\Users\Gerard\AppData\Roaming\6998B942FC0CB5C1A8B3B1057D806DE7\v700bin00mod.exe (.not file.)     
[HKCU\Software\LdShih]     
[HKCU\Software\Official-eMule]     
[HKLM\Software\Official-eMule]     
M2 - MFEP: prefs.js [Gerard - by8afw0b.default\{364d4e0c-543f-4b85-abe3-19551139da4f}] [] Softonic_France Toolbar 2.7.1.3 (.Conduit Ltd..)     
M2 - MFEP: prefs.js [Gerard - by8afw0b.default\{c2db4fe6-8409-45ce-8010-189a7b5cce86}] [] NCH Toolbar 2.7.2.0 (.Conduit Ltd..)     
R3 - URLSearchHook: NCH Toolbar - {c2db4fe6-8409-45ce-8010-189a7b5cce86} . (.Conduit Ltd. - Conduit Toolbar.) (6.2.2.4) -- C:\Program Files\NCH	bNCH.dll 
R3 - URLSearchHook: NCH Toolbar - {22e03916-85c5-44b0-8dc9-1830c11238d9} . (.Conduit Ltd. - Conduit Toolbar.) (6.2.7.3) -- C:\Program Files\Elf_1	bElf_.dll 
R3 - URLSearchHook: NCH Toolbar - {b9d63c58-90cc-428b-8d3b-cbb88eb07e7e} . (.Conduit Ltd. - Conduit Toolbar.) (6.2.7.3) -- C:\Program Files\Elf_1.15	bElf_.dll 
R3 - URLSearchHook: Search Class - {c2db4fe6-8409-45ce-8010-189a7b5cce86} . (.Conduit Ltd. - Conduit Toolbar.) (6.2.2.4) -- C:\Program Files\NCH	bNCH.dll 
R3 - URLSearchHook: Search Class - {22e03916-85c5-44b0-8dc9-1830c11238d9} . (.Conduit Ltd. - Conduit Toolbar.) (6.2.7.3) -- C:\Program Files\Elf_1	bElf_.dll 
R3 - URLSearchHook: Search Class - {b9d63c58-90cc-428b-8d3b-cbb88eb07e7e} . (.Conduit Ltd. - Conduit Toolbar.) (6.2.7.3) -- C:\Program Files\Elf_1.15	bElf_.dll 
O2 - BHO: Elf 1 Toolbar - {22e03916-85c5-44b0-8dc9-1830c11238d9} . (.Conduit Ltd. - Conduit Toolbar.) -- C:\Program Files\Elf_1	bElf_.dll 
O2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} . (.Conduit Ltd. - Conduit Toolbar.) -- C:\Program Files\ConduitEngine\ConduitEngine.dll 
O2 - BHO: Elf 1.15 Toolbar - {b9d63c58-90cc-428b-8d3b-cbb88eb07e7e} . (.Conduit Ltd. - Conduit Toolbar.) -- C:\Program Files\Elf_1.15	bElf_.dll 
O2 - BHO: NCH Toolbar - {c2db4fe6-8409-45ce-8010-189a7b5cce86} . (.Conduit Ltd. - Conduit Toolbar.) -- C:\Program Files\NCH	bNCH.dll 
O3 - Toolbar: NCH Toolbar - {c2db4fe6-8409-45ce-8010-189a7b5cce86} . (.Conduit Ltd. - Conduit Toolbar.) -- C:\Program Files\NCH	bNCH.dll 
O3 - Toolbar: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} . (.Conduit Ltd. - Conduit Toolbar.) -- C:\Program Files\ConduitEngine\ConduitEngine.dll 
O3 - Toolbar: Elf 1 Toolbar - {22e03916-85c5-44b0-8dc9-1830c11238d9} . (.Conduit Ltd. - Conduit Toolbar.) -- C:\Program Files\Elf_1	bElf_.dll 
O3 - Toolbar: Elf 1.15 Toolbar - {b9d63c58-90cc-428b-8d3b-cbb88eb07e7e} . (.Conduit Ltd. - Conduit Toolbar.) -- C:\Program Files\Elf_1.15	bElf_.dll 
O42 - Logiciel: NCH Toolbar - (.NCH.) [HKLM] -- NCH Toolbar     
[HKCU\Software\AppDataLow\Toolbar] 
 [HKCU\Software\AppDataLow\Software\Elf_1.15] 
 [HKCU\Software\AppDataLow\Software\Elf_1] 
 O43 - CFD:Common File Directory ----D- C:\Program Files\Elf_1 
 O43 - CFD:Common File Directory ----D- C:\Program Files\Elf_1.15 
 O43 - CFD:Common File Directory ----D- C:\Program Files\lj631fr 
 O43 - CFD:Common File Directory ----D- C:\Program Files\lj632 
 O43 - CFD:Common File Directory ----D- C:\ProgramData\UAB 
 O42 - Logiciel: Elf 1 Toolbar - (.Elf 1.) [HKLM] -- Elf_1 Toolbar 
 O42 - Logiciel: Elf 1.15 Toolbar - (.Elf 1.15.) [HKLM] -- Elf_1.15 Toolbar 




----------------------------------------------------------
* Clique sur"ok" (Tu dois avoir seulement les lignes copiées sur le forum)
* Clique sur « Tous », puis sur « Nettoyer »
* Copie/colle la totalité du rapport dans ta prochaine réponse

gégé57310 · Answer

bonsoir.Merci pour m'avoir consacré pas mal de ton temps.J'essayerai demain car je dois partir.
Cordialement

gégé57310 · Answer

Bonjour.Voicila totalité du rapport
Rapport de ZHPFix v1.12.3148 par Nicolas Coolman, Update du 09/09/2010
Fichier d'export Registre : C:\ZHPExportRegistry-17-02-2011-12-33-57.txt
Run by Gerard at 17/02/2011 12:33:57
Web site : http://www.premiumorange.com/zeb-help-process/zhpfix.html
Contact : nicolascoolman@yahoo.fr

========== Clé(s) du Registre ==========
HKCU\Software\LdShih  => Clé absente
HKCU\Software\Official-eMule  => Clé absente
HKLM\Software\Official-eMule  => Clé absente
[HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{c2db4fe6-8409-45ce-8010-189a7b5cce86}]  => Clé supprimée avec succès
[HKCR\CLSID\{c2db4fe6-8409-45ce-8010-189a7b5cce86}]  => Clé supprimée avec succès
[HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{22e03916-85c5-44b0-8dc9-1830c11238d9}]  => Clé supprimée avec succès
[HKCR\CLSID\{22e03916-85c5-44b0-8dc9-1830c11238d9}]  => Clé supprimée avec succès
[HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{b9d63c58-90cc-428b-8d3b-cbb88eb07e7e}]  => Clé supprimée avec succès
[HKCR\CLSID\{b9d63c58-90cc-428b-8d3b-cbb88eb07e7e}]  => Clé supprimée avec succès
O2 - BHO: Elf 1 Toolbar - {22e03916-85c5-44b0-8dc9-1830c11238d9} . (.Conduit Ltd. - Conduit Toolbar.) -- C:\Program Files\Elf_1	bElf_.dll  => Clé supprimée avec succès
O2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} . (.Conduit Ltd. - Conduit Toolbar.) -- C:\Program Files\ConduitEngine\ConduitEngine.dll  => Clé supprimée avec succès
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D}]  => Clé supprimée avec succès
[HKCR\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D}]  => Clé supprimée avec succès
O2 - BHO: Elf 1.15 Toolbar - {b9d63c58-90cc-428b-8d3b-cbb88eb07e7e} . (.Conduit Ltd. - Conduit Toolbar.) -- C:\Program Files\Elf_1.15	bElf_.dll  => Clé supprimée avec succès
O2 - BHO: NCH Toolbar - {c2db4fe6-8409-45ce-8010-189a7b5cce86} . (.Conduit Ltd. - Conduit Toolbar.) -- C:\Program Files\NCH	bNCH.dll  => Clé supprimée avec succès
HKCU\Software\AppDataLow\Toolbar  => Clé supprimée avec succès
HKCU\Software\AppDataLow\Software\Elf_1.15  => Clé supprimée avec succès
HKCU\Software\AppDataLow\Software\Elf_1  => Clé supprimée avec succès

========== Valeur(s) du Registre ==========
O4 - HKCU\..\Run: [mrnexwasco.exe] C:\Users\Gerard\AppData\Local\Temp\mrnexwasco.exe (.not file.)  => Valeur absente
O4 - HKCU\..\Run: [v700bin00mod.exe] C:\Users\Gerard\AppData\Roaming\6998B942FC0CB5C1A8B3B1057D806DE7\v700bin00mod.exe (.not file.)  => Valeur absente
O4 - HKUS\S-1-5-21-3531270471-375590653-355174037-1000\..\Run: [mrnexwasco.exe] C:\Users\Gerard\AppData\Local\Temp\mrnexwasco.exe (.not file.)  => Valeur absente
O4 - HKUS\S-1-5-21-3531270471-375590653-355174037-1000\..\Run: [v700bin00mod.exe] C:\Users\Gerard\AppData\Roaming\6998B942FC0CB5C1A8B3B1057D806DE7\v700bin00mod.exe (.not file.)  => Valeur absente
R3 - URLSearchHook: NCH Toolbar - {c2db4fe6-8409-45ce-8010-189a7b5cce86} . (.Conduit Ltd. - Conduit Toolbar.) (6.2.2.4) -- C:\Program Files\NCH	bNCH.dll  => Valeur supprimée avec succès
R3 - URLSearchHook: NCH Toolbar - {22e03916-85c5-44b0-8dc9-1830c11238d9} . (.Conduit Ltd. - Conduit Toolbar.) (6.2.7.3) -- C:\Program Files\Elf_1	bElf_.dll  => Valeur supprimée avec succès
R3 - URLSearchHook: NCH Toolbar - {b9d63c58-90cc-428b-8d3b-cbb88eb07e7e} . (.Conduit Ltd. - Conduit Toolbar.) (6.2.7.3) -- C:\Program Files\Elf_1.15	bElf_.dll  => Valeur supprimée avec succès
R3 - URLSearchHook: Search Class - {c2db4fe6-8409-45ce-8010-189a7b5cce86} . (.Conduit Ltd. - Conduit Toolbar.) (6.2.2.4) -- C:\Program Files\NCH	bNCH.dll  => Valeur absente
R3 - URLSearchHook: Search Class - {22e03916-85c5-44b0-8dc9-1830c11238d9} . (.Conduit Ltd. - Conduit Toolbar.) (6.2.7.3) -- C:\Program Files\Elf_1	bElf_.dll  => Valeur absente
R3 - URLSearchHook: Search Class - {b9d63c58-90cc-428b-8d3b-cbb88eb07e7e} . (.Conduit Ltd. - Conduit Toolbar.) (6.2.7.3) -- C:\Program Files\Elf_1.15	bElf_.dll  => Valeur absente
O3 - Toolbar: NCH Toolbar - {c2db4fe6-8409-45ce-8010-189a7b5cce86} . (.Conduit Ltd. - Conduit Toolbar.) -- C:\Program Files\NCH	bNCH.dll  => Valeur supprimée avec succès
O3 - Toolbar: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} . (.Conduit Ltd. - Conduit Toolbar.) -- C:\Program Files\ConduitEngine\ConduitEngine.dll  => Valeur supprimée avec succès
O3 - Toolbar: Elf 1 Toolbar - {22e03916-85c5-44b0-8dc9-1830c11238d9} . (.Conduit Ltd. - Conduit Toolbar.) -- C:\Program Files\Elf_1	bElf_.dll  => Valeur supprimée avec succès
O3 - Toolbar: Elf 1.15 Toolbar - {b9d63c58-90cc-428b-8d3b-cbb88eb07e7e} . (.Conduit Ltd. - Conduit Toolbar.) -- C:\Program Files\Elf_1.15	bElf_.dll  => Valeur supprimée avec succès

========== Dossier(s) ==========
C:\Documents and Settings\Gerard\Application Data\Mozilla\Firefox\Profiles\by8afw0b.default\extensions\{364d4e0c-543f-4b85-abe3-19551139da4f}  => Supprimé et mis en quarantaine
C:\Documents and Settings\Gerard\Application Data\Mozilla\Firefox\Profiles\by8afw0b.default\extensions\{c2db4fe6-8409-45ce-8010-189a7b5cce86}  => Supprimé et mis en quarantaine
C:\Program Files\Elf_1  => Supprimé et mis en quarantaine
C:\Program Files\Elf_1.15  => Supprimé et mis en quarantaine
C:\Program Files\lj631fr  => Supprimé et mis en quarantaine
C:\Program Files\lj632  => Supprimé et mis en quarantaine
C:\ProgramData\UAB  => Supprimé et mis en quarantaine

========== Fichier(s) ==========
c:\users\gerard\appdata\local	emp\mrnexwasco.exe  => Supprimé et mis en quarantaine
c:\users\gerard\appdataoaming\6998b942fc0cb5c1a8b3b1057d806de7\v700bin00mod.exe  => Supprimé et mis en quarantaine
c:\program files
ch	bnch.dll  => Supprimé et mis en quarantaine
c:\program files\elf_1	belf_.dll  => Supprimé et mis en quarantaine
c:\program files\elf_1.15	belf_.dll  => Supprimé et mis en quarantaine
c:\program files\conduitengine\conduitengine.dll  => Supprimé et mis en quarantaine

========== Logiciel(s) ==========
O42 - Logiciel: NCH Toolbar - (.NCH.) [HKLM] -- NCH Toolbar  => Logiciel non supprimé
O42 - Logiciel: Elf 1 Toolbar - (.Elf 1.) [HKLM] -- Elf_1 Toolbar  => Logiciel non supprimé
O42 - Logiciel: Elf 1.15 Toolbar - (.Elf 1.15.) [HKLM] -- Elf_1.15 Toolbar  => Logiciel non supprimé


========== Récapitulatif ==========
18 : Clé(s) du Registre
14 : Valeur(s) du Registre
7 : Dossier(s)
6 : Fichier(s)
3 : Logiciel(s)


End of the scan

Utilisateur anonyme · Answer

Télécharger  Eset Nod32 : 
http://download.eset.com/special/eos/esetsmartinstaller_fra.exe 
*	Lancer le fichier
*	Accepter les conditions
*	Autoriser le programme à accéder à Internet
*	Cliquer sur paramètre avancées pour ouvrir le menu et sélectionner les options (par défaut le scanner analyse votre ordinateur entièrement)
*	Téléchargement des signatures


Il est recommander de désactiver votre antivirus afin de ne pas ralentir le scan et d'afficher des message d'alerte ! 

*	Le scan débute dés la fin du téléchargement
*	Générer le rapport
*	Cliquer sur liste des menaces détectées puis sur exporter dans un fichier texte... 



Vous pouvez l'enregistrer sur le bureau en lui donnant un nom. Poster le rapport sur le forum. 
Si le rapport n'est pas sur le bureau regarde ici ==> C:\Program Files\EsetOnlineScanner\log.txt 

Pour vous aider voici un tuto rédigé par dorgane :
https://www.commentcamarche.net/faq/29643-scanner-en-ligne-avec-eset-nod32

gégé57310 · Answer

bonsoir.Voici le résultat du scan
C:\Users\Gerard\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\WEGFBRFQ\jeu-170[1].htm	JS/TrojanDownloader.Pegel.BH cheval de troie	nettoyé par suppression - mis en quarantaine
C:\Users\Gerard\AppData\Roaming\6998B942FC0CB5C1A8B3B1057D806DE7\enemies-names.txt	Win32/Adware.AntimalwareDoctor.AE.Gen application	nettoyé par suppression - mis en quarantaine
C:\Users\Gerard\AppData\Roaming\6998B942FC0CB5C1A8B3B1057D806DE7\local.ini	Win32/Adware.AntimalwareDoctor.AE.Gen application	nettoyé par suppression - mis en quarantaine
C:\Users\Gerard\Downloads\Setup_FreeConverter.exe	Win32/Adware.Toolbar.Dealio application	supprimé - mis en quarantaine

Utilisateur anonyme · Answer

Tu as toujours les detections??

gégé57310 · Answer

bonjour
Je viens de faire l'analyse complète avec mon antivirus Mcafee et j'ai toujours le même problème détecté potentielement indésirable adware-onestep.k.
Ce "virus " est-il dangereux et sur quoi agit-il car je n'ai aucun problème.

Utilisateur anonyme · Answer

Tu peux me donner le chemin exact di fichier indesirable??

gégé57310 · Answer

bonjour.Excuse moi d'avoir été long à te répondre.mais j'ai eu des problèmes de virus toute l'aprés midi/
Ce matin tout était ok.J'ai lancé une analyse complète,seul le virus cité plus haut "adware-onestep.k" n'a pu être mis en quarantaine,mais mon pc fonctionnait bien.Ma petite fille est venue chez nous et a joué sur l'ordi à des jeux de filles.Quand elle est partie c'est la que tout a commencé.je ne sais pas si c'est de causes a effets mais des fenêtres s'ouvraient les unes aprés les autres provenant toutes de l'icone de vista en bas a droite de l'ecran.
me donnant des attaques de port38652 , 38604 etc
et d'autres messages genre attaque from 214.2277.248.189 port 38652
threat trojan psw.win32 coced.219
visa anti-spytware has blocked a program from accessing the internet
internet explorer infected whit trojan-bnk.win32.keyloggen.gen
etc...
J'ai lancé le programme rkill puis malware bytes
j'ai refait une analyse complete avec mcafee en me deconnectant d'internet , aucun virus détecté.
et en ce moment je refais la même analyse en etant connecté.
Pour l'instant les fenetres d'alerte n'apparaissent plus.
je te donnerai le résultat une fois l'analyse terminée

gégé57310 · Answer

voila l'analyse est terminée.aucun virus juste le potentiellement indésirable
adware-Onestep.k
fichiers infectés:
c:\windows\system32\config\systemprofile\appdata\local\microsoftwindows\
temporyinternetfiles\content.IE5\694FF7LL\upgrade[1].cab

c:\windows\system32\config\systemprofile\appdata\local\microsoftwindows\
temporyinternetfiles\content.IE5\617RHMUZ\upgrade[1].cab

c:\windows\system32\config\systemprofile\appdata\local\microsoftwindows\
temporyinternetfiles\content.IE5\617RHMUZ\upgrade[3].cab


c:\windows\system32\config\systemprofile\appdata\local\microsoftwindows\
temporyinternetfiles\content.IE5\J2TPO69A\upgrade[2].cab

c:\windows\system32\config\systemprofile\appdata\local\microsoftwindows\
temporyinternetfiles\content.IE5\UWMARVW2\upgrade[1].cab

c:\windows\system32\config\systemprofile\appdata\local\microsoftwindows\
temporyinternetfiles\content.IE5\UWMARVW2\upgrade[2].cab

c:\windows\system32\config\systemprofile\appdata\local\microsoftwindows\
temporyinternetfiles\content.IE5\UWMARVW2\upgrade[3].cab

Utilisateur anonyme · Answer

On va essayer de virer les fichiers avec the avenger.Tiens moi au jus.

1. Télécharge http://www.geekstogo.com/forum/files/file/393-the-avenger-by-swandog46/ par Swandog46 sur ton Bureau.

* Décompresse le fichier
* avenger.exe sur le bureau

2. Copie le contenu en gras ci-dessous (CTRL+C),




Files to delete:
c:\windows\system32\config\systemprofile\appdata\local\microsoftwindows\
temporyinternetfiles\content.IE5\694FF7LL\upgrade[1].cab
c:\windows\system32\config\systemprofile\appdata\local\microsoftwindows\
temporyinternetfiles\content.IE5\617RHMUZ\upgrade[1].cab
c:\windows\system32\config\systemprofile\appdata\local\microsoftwindows\
temporyinternetfiles\content.IE5\617RHMUZ\upgrade[3].cab
c:\windows\system32\config\systemprofile\appdata\local\microsoftwindows\
temporyinternetfiles\content.IE5\J2TPO69A\upgrade[2].cab
c:\windows\system32\config\systemprofile\appdata\local\microsoftwindows\
temporyinternetfiles\content.IE5\UWMARVW2\upgrade[1].cab
c:\windows\system32\config\systemprofile\appdata\local\microsoftwindows\
temporyinternetfiles\content.IE5\UWMARVW2\upgrade[2].cab
c:\windows\system32\config\systemprofile\appdata\local\microsoftwindows\
temporyinternetfiles\content.IE5\UWMARVW2\upgrade[3].cab




Note: Le code ci-dessus a été intentionnellement rédigé pour CET utilisateur.
si vous n'êtes pas CET utilisateur, NE PAS appliquer ces directives : elles pourraient endommager votre système.

3. Maintenant, lance The Avenger par clic droit, exécuter en tant qu'administrateur.

* Faites un clic droit sur la fenêtre sous "Input Script There":, Et choisissez Coller.A présent du dois avoir le script dans la fenétre blanche d' Avenger.
* Clique sur Exécuter
* Réponds "Yes" quand demandé.

4. The Avenger va automatiquement faire ce qui suit:

* Il va Redémarrer le système.
* Pendant le redémarrage, il apparaitra brièvement une fenêtre de commande de windows noire sur le bureau, c'est normal.
* Après le redémarrage, il crée un fichier log qui s'ouvrira, faisant apparaitre les actions exécutées par The Avenger. Ce fichier log se trouve ici : C:\avenger.txt

5. Pour finir copie/colle le contenu du ficher c:\avenger.txt dans ta prochaine réponse. 

Tuto :
http://www.oxygenepc.com/forum/the-avenger-t594.html

Virus adware-onestep.k

25 réponses

Votre réponse

Discussions similaires

Newsletters