Sujet Précédent Sujet Suivant

Comment supprimer antivirus 2010?

Fermé
jas - 5 nov. 2010 à 12:24
jlpjlp Messages postés 51580 Date d'inscription vendredi 18 mai 2007 Statut Contributeur sécurité Dernière intervention 3 mai 2022 - 9 nov. 2010 à 17:59
Bonjour,



J'ai un serieux probleme avec un programme Antivirus Studio 2010.D'abord il s'est installé tout seul puis il me lance des messages d'alertes, d'infections.... tout le temps. je n'arrive pas à le desinstaller
Veuillez m'aider svp.
Merci
A voir également:

14 réponses

Réponse 1 / 14
jlpjlp Messages postés 51580 Date d'inscription vendredi 18 mai 2007 Statut Contributeur sécurité Dernière intervention 3 mai 2022 5 040
5 nov. 2010 à 12:25
slt

Télécharge ZHPDiag ( de Nicolas coolman ).
https://www.zebulon.fr/telechargements/securite/systeme/zhpdiag.html


(outil de diagnostic)

Double clique sur le fichier d'installation, puis installe le avec les paramètres par défaut ( N'oublie pas de cocher " Créer une icône sur le bureau " )

Lance ZHPDiag en double cliquant sur l'icône présente sur ton bureau (Clique droit -> Executer en tant qu'admin ( vista )

Clique sur la loupe en haut à gauche, puis laisse l'outil scanner.

Une fois le scan terminé, clique sur l'icône en forme de disquette et enregistre le fichier sur ton bureau.

Rend toi sur Cjoint : http://www.cijoint.fr/

Clique sur "Parcourir " dans la partie " Joindre un fichier[...] "

Sélectionne le rapport ZHPdiag.txt qui se trouve sur ton bureau

Clique ensuite sur "Cliquez ici pour déposer le fichier " et copie/colle le lien dans ton prochain message
2
Réponse 2 / 14
jas
5 nov. 2010 à 22:51
salut jlpjlp
merci pour ton aide
voici le rapport s'il s'agit bien de ca



Rapport de ZHPDiag v1.27.101 par Nicolas Coolman, Update du 05/11/2010
Run by SUHAIL at 05/11/2010 22:45:57
Web site : http://www.premiumorange.com/zeb-help-process/zhpdiag.html
Contact : nicolascoolman@yahoo.fr

---\\ Web Browser
MSIE: Internet Explorer v8.0.7600.16385

---\\ System Information
Windows 7 Home Premium Edition, 64-bit (Build 7600)
Processor: AMD64 Family 16 Model 6 Stepping 3, AuthenticAMD
Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 2810 MB (63% free)
System drive C: has 121 GB (81%) free of 149 GB

---\\ Logged in mode
Computer Name: SUHAIL-TOSH
User Name: SUHAIL
All Users Names: SUHAIL, HomeGroupUser$, Administrateur,
Unselected Option: O1,O45,O61,O62,O65,O82
Logged in as Administrator

---\\ DOS/Devices
C:\ Hard drive, Flash drive, Thumb drive (Free 121 Go of 149 Go)
D:\ Hard drive, Flash drive, Thumb drive (Free 141 Go of 149 Go)
E:\ CD-ROM drive (Not Inserted)


---\\ Security Center & Tools Informations
[HKLM\SOFTWARE\Microsoft\Security Center] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] UacDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] UpdatesDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] UacDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] NoActiveDesktopChanges: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoFolderOptions: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] DisableTaskMgr: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] DisableRegistryTools: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] NoDispScrSavPage: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowSearch: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: Modified


---\\ Recherche particulière de fichiers génériques
[MD5.9AAAEC8DAC27AA17B053E6352AD233AE] - (.Microsoft Corporation - Explorateur Windows.) (.31/10/2009 07:34:59.) -- C:\Windows\Explorer.exe [2870272]
[MD5.B5C5DCAD3899512020D135600129D665] - (.Microsoft Corporation - Application de démarrage de Windows.) (.14/07/2009 02:14:45.) -- C:\Windows\System32\Wininit.exe [96256]


---\\ Processus lancés
[MD5.7D428F677F223EA7F23D34990510B29F] - (.Enigma Software Group USA, LLC. - SpyHunter4 application.) -- C:\Program Files (x86)\Enigma Software Group\SpyHunter\Spyhunter4.exe [4086104]
[MD5.05973FB5F863CDB65852D88ADB383A33] - (.TOSHIBA - TOSHIBA Online Product Information.) -- C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\TOPI.exe [4581280]
[MD5.5D61BE7DB55B026A5D61A3EED09D0EAD] - (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408]
[MD5.DE0F08DC492F9493AFD535CB195B7D34] - (.It Systems - AV software.) -- C:\Users\SUHAIL\AppData\Roaming\AntiVirus 2010\securitycenter.exe [326656]
[MD5.89F7C30A91E5581BDF14C62AB46A2B2D] - (.McAfee, Inc. - McAfee Security Scanner Scheduler.) -- C:\Program Files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe [255536]
[MD5.F7E0783DA9043BC131BB37C77EDB04DF] - (.TOSHIBA CORPORATION. - Pas de description.) -- C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe [2454840]
[MD5.BAD6BEA0DE1F69C82BDB74378CE0C20A] - (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [932288]
[MD5.80A02F5ADDDF2D615B85A4F19424DCBB] - (.Nero AG - Nero BackItUp.) -- C:\Program Files (x86)\Nero\Nero BackItUp & Burn\Nero BackItUp\NBAgent.exe [1086760]
[MD5.A7E406711790197712D376B44A9FBB0B] - (.TOSHIBA CORPORATION - ConfigFree Task Tray Menu.) -- C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe [304496]
[MD5.8A07221789D46B2EA7DFCA2BC807572A] - (.TOSHIBA CORPORATION - ConfigFree Switch Manager Process.) -- C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe [62848]
[MD5.61EDBCE47ADF3E52AB0B9F49EE4AEBB8] - (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe [673040]
[MD5.8B4022226C18FA378C324C11CBADDA36] - (.Google Inc. - Google Toolbar Broker.) -- C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe [304304]
[MD5.AD3D7E95C4F3DAF0E703E3B36A95E288] - (.Nicolas Coolman - Diagnostic Tool.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [617472]


---\\ Plugins de navigateurs Opera/Firefox(P1/P2)
P2 - FPN: [HKLM] [@adobe.com/ShockwavePlayer] - (.Adobe Systems, Inc. - Adobe Shockwave for Director Netscape plug-in, version 11.5.8.612.) -- C:\Windows\system32\Adobe\Director\np32dsw.dll
P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (. Microsoft Corporation - 4.0.50917.0.) -- C:\Program Files (x86)\Microsoft Silverlight\4.0.50917.0\npctrl.dll
P2 - FPN: [HKLM] [@microsoft.com/WLPG,version=14.0.8081.0709] - (.Microsoft Corporation - NPWLPG.) -- C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=8] - (.Google Inc. - Google Update.) -- C:\Program Files (x86)\Google\Update\1.2.183.39\npGoogleOneClick8.dll


---\\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2)
F2 - REG:system.ini: UserInit=userinit.exe
F2 - REG:system.ini: Shell=C:\WINDOWS\explorer.exe
F2 - REG:system.ini: VMApplet=C:\WINDOWS\system32\SystemPropertiesPerformance.exe


---\\ Pages de démarrage d'Internet Explorer (R0)
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?cobrand=toshiba.msn.com&ocid=TSHDHP&pc=MATB
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp


---\\ Pages de recherche d'Internet Explorer (R1)
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?cobrand=toshiba.msn.com&ocid=TSHDHP&pc=MATB
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0


---\\ Internet Explorer URLSearchHook (R3)
R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Navigateur Internet.) (8.00.7600.16385 (win7_rtm.090713-1255)) -- C:\Windows\SysWOW64\ieframe.dll
R3 - URLSearchHook: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} . (.McAfee, Inc. - SiteAdvisor.) (3,1,0,135) -- c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll


---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: McAfee Phishing Filter - {27B4851A-3207-45A2-B947-BE8AFE6163AB} . (.Pas de propriétaire - Pas de description.) -- c:\PROGRA~1\mcafee\msk\mskapbho.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} Clé orpheline
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} . (.McAfee, Inc. - VSCore Script Scanner.) -- C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20100822220810.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corporation - Microsoft® Windows Live ID Login Helper.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} . (.Google Inc. - Google Toolbar.) -- C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} . (.Skype Technologies S.A. - Skype add-on for IE.) -- C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll
O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} . (.McAfee, Inc. - SiteAdvisor.) -- c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO: TOSHIBA Media Controller Plug-in - {F3C88694-EFFA-4d78-B409-54B7B2535B14} . (.<TOSHIBA> - TOSHIBA Media Controller Plug-in.) -- C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll


---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} . (.McAfee, Inc. - SiteAdvisor.) -- c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} . (.Google Inc. - Google Toolbar.) -- C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll


---\\ Applications démarrées par registre & par dossier (O4)
O4 - HKLM\..\Run: [TWebCamera] . (.TOSHIBA CORPORATION. - Pas de description.) -- C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe
O4 - HKLM\..\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
O4 - HKLM\..\Run: [mcui_exe] . (.McAfee, Inc. - McAfee Security Center.) -- C:\Program Files\McAfee.com\Agent\mcagent.exe
O4 - HKLM\..\Run: [NBAgent] . (.Nero AG - Nero BackItUp.) -- c:\Program Files (x86)\Nero\Nero BackItUp & Burn\Nero BackItUp\NBAgent.exe
O4 - HKLM\..\Run: [StartCCC] . (.Advanced Micro Devices, Inc. - Catalyst® Control Center Launcher.) -- C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
O4 - HKLM\..\Run: [ToshibaServiceStation] . (.TOSHIBA Corporation - TOSHIBA Service Station.) -- C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe
O4 - HKCU\..\Run: [TOSHIBA Online Product Information] . (.TOSHIBA - TOSHIBA Online Product Information.) -- C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe
O4 - HKCU\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [RegistryBooster] C:\Program Files (x86)\Uniblue\RegistryBooster\launcher.exe (.not file.)
O4 - HKCU\..\Run: [lcsgk0wwet8p] . (.It Systems - AV software.) -- C:\Users\SUHAIL\AppData\Local\Temp\svchost.exe
O4 - HKCU\..\Run: [SecurityCenter] . (.It Systems - AV software.) -- C:\Users\SUHAIL\AppData\Roaming\AntiVirus 2010\securitycenter.exe
O4 - HKLM\..\Wow6432Node\Run: [TWebCamera] . (.TOSHIBA CORPORATION. - Pas de description.) -- C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe
O4 - HKLM\..\Wow6432Node\Run: [Adobe Reader Speed Launcher] . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe
O4 - HKLM\..\Wow6432Node\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
O4 - HKLM\..\Wow6432Node\Run: [mcui_exe] . (.McAfee, Inc. - McAfee Security Center.) -- C:\Program Files\McAfee.com\Agent\mcagent.exe
O4 - HKLM\..\Wow6432Node\Run: [NBAgent] . (.Nero AG - Nero BackItUp.) -- c:\Program Files (x86)\Nero\Nero BackItUp & Burn\Nero BackItUp\NBAgent.exe
O4 - HKLM\..\Wow6432Node\Run: [StartCCC] . (.Advanced Micro Devices, Inc. - Catalyst® Control Center Launcher.) -- C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
O4 - HKLM\..\Wow6432Node\Run: [ToshibaServiceStation] . (.TOSHIBA Corporation - TOSHIBA Service Station.) -- C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe
O4 - HKUS\S-1-5-18\..\Run: [TOSHIBA Online Product Information] . (.TOSHIBA - TOSHIBA Online Product Information.) -- C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe
O4 - HKUS\S-1-5-18\..\Run: [TOSHIBA Online Product Information] . (.TOSHIBA - TOSHIBA Online Product Information.) -- C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-21-2418857894-801486372-2152463246-1001\..\Run: [TOSHIBA Online Product Information] . (.TOSHIBA - TOSHIBA Online Product Information.) -- C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe
O4 - HKUS\S-1-5-21-2418857894-801486372-2152463246-1001\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-21-2418857894-801486372-2152463246-1001\..\Run: [RegistryBooster] C:\Program Files (x86)\Uniblue\RegistryBooster\launcher.exe (.not file.)
O4 - HKUS\S-1-5-21-2418857894-801486372-2152463246-1001\..\Run: [lcsgk0wwet8p] . (.It Systems - AV software.) -- C:\Users\SUHAIL\AppData\Local\Temp\svchost.exe
O4 - HKUS\S-1-5-21-2418857894-801486372-2152463246-1001\..\Run: [SecurityCenter] . (.It Systems - AV software.) -- C:\Users\SUHAIL\AppData\Roaming\AntiVirus 2010\securitycenter.exe
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (.not file.)
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (.not file.)
O4 - Global Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk . (.McAfee, Inc..) -- C:\Program Files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe


---\\ Autres liens utilisateurs (O4)
O4 - Global Startup: C:\Documents And Settings\SUHAIL\Desktop\Internet Explorer.lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Documents And Settings\SUHAIL\Desktop\Module de sécurité.lnk . (.Pas de propriétaire.) -- C:\hb32.exe
O4 - Global Startup: C:\Users\SUHAIL\Desktop\Internet Explorer.lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\SUHAIL\Desktop\Module de sécurité.lnk . (.Pas de propriétaire.) -- C:\hb32.exe
O4 - Global Startup: C:\Users\SUHAIL\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\AntiVirus 2010.lnk . (.It Systems.) -- C:\Users\SUHAIL\AppData\Roaming\AntiVirus 2010\AntiVirus_Studio_2010.exe
O4 - Global Startup: C:\Users\SUHAIL\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\SUHAIL\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk - Clé orpheline
O4 - Global Startup: C:\Users\SUHAIL\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk - Clé orpheline


---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8)
O8 - Extra context menu item: E&xporter vers Microsoft Excel . (.Microsoft Corporation - Microsoft Office Excel.) -- C:\PROGRA~2\MIF5BA~1\Office12\EXCEL.exe
O8 - Extra context menu item: Google Sidewiki... . (.Google Inc. - Google Toolbar for Internet Explorer.) -- C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_950DF09FAB501E03.dll


---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} . (.Microsoft Corporation - Windows Live Writer Blog This Extension.) -- C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} . (.Microsoft Corporation - Microsoft Office OneNote Internet Explorer Add-in.) -- C:\PROGRA~2\MIF5BA~1\Office12\ONBttnIE.dll
O9 - Extra button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} . (.Pas de propriétaire - Pas de description.) -- C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\icon.ico
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (.Pas de propriétaire - Pas de description.) -- C:\PROGRA~2\MIF5BA~1\Office12\REFBARH.ICO


---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\Windows\system32\mswsock.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll
O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d'affectation de noms de messagerie.) -- C:\Windows\system32\napinsp.dll
O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Fournisseur d'espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - Fournisseur d'espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000007\Winsock LSP File . (.Microsoft Corporation - Microsoft® Windows Live ID Namespace Provider.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL
O10 - WLSP:\000000000008\Winsock LSP File . (.Microsoft Corporation - Microsoft® Windows Live ID Namespace Provider.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL


---\\ Objets ActiveX (Downloaded Program Files)(O16)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
O16 - DPF: {3F932FFA-F092-4FDB-92C5-1285978614D2} (WATCH_16R Control) - http://192.168.1.220:5004/WATCH_16R.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} () - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab


---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{579B9A1E-3E09-4679-8A97-FE66243444CC}: DhcpNameServer = 212.76.224.172 82.216.111.122 82.216.111.121 82.216.111.123
O17 - HKLM\System\CCS\Services\Tcpip\..\{A72B9897-14D2-458A-86D5-67AE371F2D57}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{579B9A1E-3E09-4679-8A97-FE66243444CC}: DhcpNameServer = 212.76.224.172 82.216.111.122 82.216.111.121 82.216.111.123
O17 - HKLM\System\CS1\Services\Tcpip\..\{A72B9897-14D2-458A-86D5-67AE371F2D57}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{579B9A1E-3E09-4679-8A97-FE66243444CC}: DhcpNameServer = 212.76.224.172 82.216.111.122 82.216.111.121 82.216.111.123
O17 - HKLM\System\CS2\Services\Tcpip\..\{A72B9897-14D2-458A-86D5-67AE371F2D57}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 212.76.224.172 82.216.111.122 82.216.111.121 82.216.111.123


---\\ Protocole additionnel et piratage de protocole (O18)
O18 - Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} . (.McAfee, Inc. - SiteAdvisor.) -- c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O18 - Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} . (.McAfee, Inc. - SiteAdvisor.) -- c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O18 - Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} . (.Skype Technologies S.A. - Skype add-on for IE.) -- C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} . (.Skype Technologies - Skype for COM API.) -- C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL


---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.


---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: McAfee Application Installer Cleanup (0281271288992481) (0281271288992481mcinstcleanup) . (.McAfee, Inc. - McAfee Installer.) - C:\Windows\TEMP\028127~1.exe
O23 - Service: (AMD External Events Utility) . (.Pas de propriétaire - Pas de description.) - C:\Windows\system32\atiesrxx.exe (.not file.)
O23 - Service: ConfigFree WiMAX Service (cfWiMAXService) . (.TOSHIBA CORPORATION - ConfigFree Service Process.) - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe
O23 - Service: ConfigFree Service (ConfigFree Service) . (.TOSHIBA CORPORATION - ConfigFree Service Process.) - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: Service Google Update (gupdate) (gupdate) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: McAfee SiteAdvisor Service (McAfee SiteAdvisor Service) . (.McAfee, Inc. - McAfee Service Host.) - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
O23 - Service: Service McAfee Personal Firewall (McMPFSvc) . (.McAfee, Inc. - McAfee Service Host.) - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
O23 - Service: McAfee Services (mcmscsvc) . (.McAfee, Inc. - McAfee Service Host.) - C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
O23 - Service: McAfee VirusScan Announcer (McNaiAnn) . (.McAfee, Inc. - McAfee Service Host.) - C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
O23 - Service: McAfee Network Agent (McNASvc) . (.McAfee, Inc. - McAfee Service Host.) - C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
O23 - Service: McAfee Proxy Service (McProxy) . (.McAfee, Inc. - McAfee Service Host.) - C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
O23 - Service: McShield (McShield) . (.McAfee, Inc. - McAfee On-Access Scanner service.) - C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
O23 - Service: McAfee Firewall Core Service (mfefire) . (.McAfee, Inc. - McAfee Core Firewall Service.) - C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
O23 - Service: McAfee Validation Trust Protection Service (mfevtp) . (.McAfee, Inc. - McAfee Process Validation Service.) - C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe
O23 - Service: McAfee Anti-Spam Service (MSK80Service) . (.McAfee, Inc. - McAfee Service Host.) - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
O23 - Service: Nero BackItUp Scheduler 4.0 (Nero BackItUp Scheduler 4.0) . (.Nero AG - Nero BackItUp.) - c:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: C:\Windows\system32\samsrv.dll (SamSs) . (.Pas de propriétaire - Pas de description.) - C:\Windows\system32\lsass.exe (.not file.)
O23 - Service: C:\Windows\system32\spoolsv.exe (Spooler) . (.Pas de propriétaire - Pas de description.) - C:\Windows\System32\spoolsv.exe (.not file.)
O23 - Service: C:\Windows\system32\sppsvc.exe (sppsvc) . (.Pas de propriétaire - Pas de description.) - C:\Windows\system32\sppsvc.exe (.not file.)
O23 - Service: SpyHunter 4 Service (SpyHunter 4 Service) . (.Enigma Software Group USA, LLC. - Service scanner interface.) - C:\PROGRA~2\ENIGMA~1\SPYHUN~1\SH4SER~1.exe
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) . (.Pas de propriétaire - Pas de description.) - C:\Windows\system32\TODDSrv.exe (.not file.)
O23 - Service: TOSHIBA Power Saver (TosCoSrv) . (.TOSHIBA Corporation - TOSHIBA Power Saver.) - C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
O23 - Service: TOSHIBA eco Utility Service (TOSHIBA eco Utility Service) . (.TOSHIBA Corporation - TOSHIBA eco Utility Service.) - C:\Program Files\TOSHIBA\TECO\TecoService.exe


---\\ Enumération Active Desktop & MHTML Editor (O24)
O24 - Default MHTML Editor: Last - .(.Pas de propriétaire - Pas de description.) - (.not file.)


---\\ Tâches planifiées en automatique (O39)
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\Norton Security Scan for SUHAIL.job


---\\ Composants installés (ActiveSetup Installed Components) (O40)
O40 - ASIC: Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608500} . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Program Files (x86)\Java\jre6\bin\regutils.dll
O40 - ASIC: Microsoft Windows - {44BBA840-CC51-11CF-AAFA-00AA00B6015C} . (.Pas de propriétaire - Pas de description.) -- %ProgramFiles(x86)%\Windows Mail\WinMail.exe


---\\ Pilotes lancés au démarrage (O41)
O41 - Driver: C:\Windows\system32\drivers\afd.sys (AFD) . (.Pas de propriétaire - Pas de description.) - C:\Windows\system32\drivers\afd.sys
O41 - Driver: (blbdrive) . (.Pas de propriétaire - Pas de description.) - C:\Windows\system32\DRIVERS\blbdrive.sys
O41 - Driver: Pilote de CD-ROM (cdrom) . (.Pas de propriétaire - Pas de description.) - C:\Windows\system32\DRIVERS\cdrom.sys
O41 - Driver: C:\Windows\system32\drivers\dfsc.sys (DfsC) . (.Pas de propriétaire - Pas de description.) - C:\Windows\system32\Drivers\dfsc.sys
O41 - Driver: C:\Windows\system32\drivers\discache.sys (discache) . (.Pas de propriétaire - Pas de description.) - C:\Windows\system32\drivers\discache.sys
O41 - Driver: McAfee NDIS Light Filter (mfenlfk) . (.Pas de propriétaire - Pas de description.) - C:\Windows\system32\DRIVERS\mfenlfk.sys
O41 - Driver: Pilote BIOS de gestion de systèmes Microsoft (mssmbios) . (.Pas de propriétaire - Pas de description.) - C:\Windows\system32\DRIVERS\mssmbios.sys
O41 - Driver: NetBIOS Interface (NetBIOS) . (.Pas de propriétaire - Pas de description.) - C:\Windows\system32\DRIVERS\netbios.sys
O41 - Driver: C:\Windows\system32\drivers\netbt.sys (NetBT) . (.Pas de propriétaire - Pas de description.) - C:\Windows\system32\DRIVERS\netbt.sys
O41 - Driver: C:\Windows\system32\drivers\nsiproxy.sys (nsiproxy) . (.Pas de propriétaire - Pas de description.) - C:\Windows\system32\drivers\nsiproxy.sys
O41 - Driver: C:\Windows\system32\drivers\pacer.sys (Psched) . (.Pas de propriétaire - Pas de description.) - C:\Windows\system32\DRIVERS\pacer.sys
O41 - Driver: C:\Windows\system32\wkssvc.dll (rdbss) . (.Pas de propriétaire - Pas de description.) - C:\Windows\system32\DRIVERS\rdbss.sys
O41 - Driver: C:\Windows\system32\DRIVERS\RDPCDD.sys (RDPCDD) . (.Pas de propriétaire - Pas de description.) - C:\Windows\system32\DRIVERS\RDPCDD.sys
O41 - Driver: C:\Windows\system32\drivers\RDPENCDD.sys (RDPENCDD) . (.Pas de propriétaire - Pas de description.) - C:\Windows\system32\drivers\rdpencdd.sys
O41 - Driver: C:\Windows\system32\drivers\RdpRefMp.sys (RDPREFMP) . (.Pas de propriétaire - Pas de description.) - C:\Windows\system32\drivers\rdprefmp.sys
O41 - Driver: Pilote de périphérique terminal (TermDD) . (.Pas de propriétaire - Pas de description.) - C:\Windows\system32\DRIVERS\termdd.sys
O41 - Driver: (VgaSave) . (.Pas de propriétaire - Pas de description.) - C:\Windows\system32\drivers\vga.sys
O41 - Driver: Virtual WiFi Filter Driver (vwififlt) . (.Pas de propriétaire - Pas de description.) - C:\Windows\system32\DRIVERS\vwififlt.sys
O41 - Driver: WFP Lightweight Filter (WfpLwf) . (.Pas de propriétaire - Pas de description.) - C:\Windows\system32\DRIVERS\wfplwf.sys


---\\ Logiciels installés (O42)
O42 - Logiciel: Adobe AIR - (.Adobe Systems Inc..) [HKLM] -- Adobe AIR
O42 - Logiciel: Adobe AIR - (.Adobe Systems Inc..) [HKLM] -- {A2BCA9F1-566C-4805-97D1-7FDC93386723}
O42 - Logiciel: Adobe Flash Player 10 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX
O42 - Logiciel: Adobe Reader 9.3.4 - Français - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-1036-7B44-A93000000001}
O42 - Logiciel: Adobe Shockwave Player 11.5 - (.Adobe Systems, Inc..) [HKLM] -- Adobe Shockwave Player
O42 - Logiciel: Advertising Center - (.Nero AG.) [HKLM] -- {B2EC4A38-B545-4A00-8214-13FE0E915E6D}
O42 - Logiciel: AntiVirus 2010 - (.Pas de propriétaire.) [HKCU] -- AntiVirus 2010
O42 - Logiciel: Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver - (.Atheros Communications Inc..) [HKLM] -- {3108C217-BE83-42E4-AE9E-A56A2A92E549}
O42 - Logiciel: Bejeweled 2 Deluxe - (.WildTangent.) [HKLM] -- WT083929
O42 - Logiciel: Catalyst Control Center - Branding - (.ATI.) [HKLM] -- {8BD785CF-30C7-4182-B250-0D5FCE78D4DD}
O42 - Logiciel: Chuzzle Deluxe - (.WildTangent.) [HKLM] -- WT083877
O42 - Logiciel: Diner Dash 2 Restaurant Rescue - (.WildTangent.) [HKLM] -- WT083916
O42 - Logiciel: FATE - (.WildTangent.) [HKLM] -- WT083945
O42 - Logiciel: FIXIO PC Cleaner - (.LULU software.) [HKLM] -- {1C415213-C4A7-4CB0-A982-AC236879B14A}
O42 - Logiciel: Galerie de photos Windows Live - (.Microsoft Corporation.) [HKLM] -- {B131E59D-202C-43C6-84C9-68F0C37541F1}
O42 - Logiciel: Google Toolbar for Internet Explorer - (.Google Inc..) [HKLM] -- {18455581-E099-4BA8-BC6B-F34B2F06600C}
O42 - Logiciel: Google Toolbar for Internet Explorer - (.Google Inc..) [HKLM] -- {2318C2B1-4965-11d4-9B18-009027A5CD4F}
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
O42 - Logiciel: Home'Bank Light 3.3.3 - (.ING Belguim.) [HKLM] -- Home'Bank Light_is1
O42 - Logiciel: Installation Windows Live - (.Microsoft Corporation.) [HKLM] -- WinLiveSuite_Wave3
O42 - Logiciel: Installation Windows Live - (.Microsoft Corporation.) [HKLM] -- {46ABBC54-1872-4AA3-95E2-F2C063A63F31}
O42 - Logiciel: Java(TM) 6 Update 17 - (.Sun Microsystems, Inc..) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F83216017FF}
O42 - Logiciel: Jeux WildTangent - (.WildTangent.) [HKLM] -- WildTangent toshiba Master Uninstall
O42 - Logiciel: Jewel Quest II - (.WildTangent.) [HKLM] -- WT083910
O42 - Logiciel: Junk Mail filter update - (.Microsoft Corporation.) [HKLM] -- {E2DFE069-083E-4631-9B6C-43C48E991DE5}
O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM] -- {22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
O42 - Logiciel: MSXML 4.0 SP2 (KB954430) - (.Microsoft Corporation.) [HKLM] -- {86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
O42 - Logiciel: MSXML 4.0 SP2 (KB973688) - (.Microsoft Corporation.) [HKLM] -- {F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
O42 - Logiciel: McAfee Internet Security - (.McAfee, Inc..) [HKLM] -- MSC
O42 - Logiciel: McAfee Security Scan Plus - (.McAfee, Inc..) [HKLM] -- McAfee Security Scan
O42 - Logiciel: Microsoft Choice Guard - (.Microsoft Corporation.) [HKLM] -- {F0E12BBA-AD66-4022-A453-A1C8A0C4D570}
O42 - Logiciel: Microsoft Office Excel MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0016-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Home and Student 2007 - (.Microsoft Corporation.) [HKLM] -- HOMESTUDENTR
O42 - Logiciel: Microsoft Office Home and Student 2007 - (.Microsoft Corporation.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office OneNote MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-00A1-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office PowerPoint MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0018-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office PowerPoint Viewer 2007 (French) - (.Microsoft Corporation.) [HKLM] -- {95120000-00AF-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (Arabic) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0401-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (Dutch) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0413-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (English) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0409-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (German) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0407-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (Spanish) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0C0A-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proofing (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-002C-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Shared MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-006E-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Suite Activation Assistant - (.Microsoft Corporation.) [HKLM] -- {E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}
O42 - Logiciel: Microsoft Office Word MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001B-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft SQL Server 2005 Compact Edition [ENU] - (.Microsoft Corporation.) [HKLM] -- {F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable - (.Microsoft Corporation.) [HKLM] -- {837b34e3-7c30-493c-8f6a-2b0f04e2912c}
O42 - Logiciel: Microsoft Works - (.Microsoft Corporation.) [HKLM] -- {3B160861-7250-451E-B5EE-8B92BF30A710}
O42 - Logiciel: Module de compatibilité pour Microsoft Office System 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0020-040C-0000-0000000FF1CE}
O42 - Logiciel: Nero 9 Essentials - (.Nero AG.) [HKLM] -- {dac7e46c-156d-4bc4-ae15-2a3f4635a440}
O42 - Logiciel: Nero BackItUp - (.Nero AG.) [HKLM] -- {0420F95C-11FF-4E02-B967-6CC22B188F9F}
O42 - Logiciel: Nero BackItUp and Burn - (.Nero AG.) [HKLM] -- {E08CC458-41FB-4BB5-9B08-2C83DB55A5B9}
O42 - Logiciel: Nero BurnRights - (.Nero AG.) [HKLM] -- {397516AE-7DFE-4F90-84E0-BD616D559434}
O42 - Logiciel: Nero BurnRights - (.Nero AG.) [HKLM] -- {7829DB6F-A066-4E40-8912-CB07887C20BB}
O42 - Logiciel: Nero BurnRights Help - (.Nero AG.) [HKLM] -- {F6BDD7C5-89ED-4569-9318-469AA9732572}
O42 - Logiciel: Nero ControlCenter - (.Nero AG.) [HKLM] -- {BD5CA0DA-71AD-43DA-B19E-6EEE0C9ADC9A}
O42 - Logiciel: Nero ControlCenter - (.Nero AG.) [HKLM] -- {F4041DCE-3FE1-4E18-8A9E-9DE65231EE36}
O42 - Logiciel: Nero DiscSpeed - (.Nero AG.) [HKLM] -- {869200DB-287A-4DC0-B02B-2B6787FBCD4C}
O42 - Logiciel: Nero DiscSpeed Help - (.Nero AG.) [HKLM] -- {CC019E3F-59D2-4486-8D4B-878105B62A71}
O42 - Logiciel: Nero DriveSpeed - (.Nero AG.) [HKLM] -- {33CF58F5-48D8-4575-83D6-96F574E4D83A}
O42 - Logiciel: Nero DriveSpeed Help - (.Nero AG.) [HKLM] -- {E5C7D048-F9B4-4219-B323-8BDB01A2563D}
O42 - Logiciel: Nero Express - (.Nero AG.) [HKLM] -- {6C3CF7AC-5AB0-42D9-93C0-68166A57AFB6}
O42 - Logiciel: Nero Express Help - (.Nero AG.) [HKLM] -- {83202942-84B3-4C50-8622-B8C0AA2D2885}
O42 - Logiciel: Nero InfoTool - (.Nero AG.) [HKLM] -- {FBCDFD61-7DCF-4E71-9226-873BA0053139}
O42 - Logiciel: Nero InfoTool Help - (.Nero AG.) [HKLM] -- {20400DBD-E6DB-45B8-9B6B-1DD7033818EC}
O42 - Logiciel: Nero Installer - (.Nero AG.) [HKLM] -- {E8A80433-302B-4FF1-815D-FCC8EAC482FF}
O42 - Logiciel: Nero Online Upgrade - (.Nero AG.) [HKLM] -- {C81A2FE0-3574-00A9-CED4-BDAA334CBE8E}
O42 - Logiciel: Nero RescueAgent - (.Nero AG.) [HKLM] -- {51E2F9B3-A972-4F58-B4EF-4D9676D9F5D1}
O42 - Logiciel: Nero StartSmart - (.Nero AG.) [HKLM] -- {7748AC8C-18E3-43BB-959B-088FAEA16FB2}
O42 - Logiciel: Nero StartSmart Help - (.Nero AG.) [HKLM] -- {2348B586-C9AE-46CE-936C-A68E9426E214}
O42 - Logiciel: NeroExpress - (.Nero AG.) [HKLM] -- {595A3116-40BB-4E0F-A2E8-D7951DA56270}
O42 - Logiciel: Norton Security Scan - (.Symantec Corporation.) [HKLM] -- NSS
O42 - Logiciel: Outil de téléchargement Windows Live - (.Microsoft Corporation.) [HKLM] -- {205C6BDD-7B73-42DE-8505-9A093F35A238}
O42 - Logiciel: Penguins! - (.WildTangent.) [HKLM] -- WT083958
O42 - Logiciel: Photo Service - powered by myphotobook - (.myphotobook GmbH.) [HKLM] -- eu.myphotobook.001F9DF2D0BAABEB11F42CCEE43224607B61109C.1
O42 - Logiciel: Photo Service - powered by myphotobook - (.myphotobook GmbH.) [HKLM] -- {9DA0961E-FCFE-EEF2-04AA-32631F7CEC9E}
O42 - Logiciel: Plants vs. Zombies - (.WildTangent.) [HKLM] -- WT083925
O42 - Logiciel: Polar Bowler - (.WildTangent.) [HKLM] -- WT083959
O42 - Logiciel: Realtek USB 2.0 Card Reader - (.Realtek Semiconductor Corp..) [HKLM] -- {96AE7E41-E34E-47D0-AC07-1091A8127911}
O42 - Logiciel: Realtek WLAN Driver - (.REALTEK Semiconductor Corp..) [HKLM] -- {9D3D8C60-A55F-4fed-B2B9-173001290E16}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB951550) - (.Microsoft.) [HKLM] -- {90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{B243E9A5-ED77-4F1B-B338-2486FD82DC85}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB951550) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{B243E9A5-ED77-4F1B-B338-2486FD82DC85}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB951944) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{797AE457-BA17-4BBC-B501-25FB3A0103C7}
O42 - Logiciel: Skype Toolbars - (.Skype Technologies S.A..) [HKLM] -- {981029E0-7FC9-4CF3-AB39-6F133621921A}
O42 - Logiciel: Skype(TM) 4.2 - (.Skype Technologies S.A..) [HKLM] -- {D103C4BA-F905-437A-8049-DB24763BBE36}
O42 - Logiciel: SpyHunter - (.Enigma Software Group USA, LLC.) [HKLM] -- {9EFA7323-47A0-48E2-8F77-35DB5EED500A}
O42 - Logiciel: TOSHIBA Bulletin Board - (.TOSHIBA Corporation.) [HKLM] -- InstallShield_{C14518AF-1A0F-4D39-8011-69BAA01CD380}
O42 - Logiciel: TOSHIBA ConfigFree - (.TOSHIBA Corporation.) [HKLM] -- {607BE7BF-7C28-4ADB-A4A0-385962B901C3}
O42 - Logiciel: TOSHIBA Face Recognition - (.TOSHIBA Corporation.) [HKLM] -- InstallShield_{F67FA545-D8E5-4209-86B1-AEE045D1003F}
O42 - Logiciel: TOSHIBA HDD/SSD Alert - (.TOSHIBA Corporation.) [HKLM] -- InstallShield_{D4322448-B6AF-4316-B859-D8A0E84DCB38}
O42 - Logiciel: TOSHIBA Hardware Setup - (.TOSHIBA Corporation.) [HKLM] -- {8E9CEA3B-EBD1-439C-A01D-830CB39613C6}
O42 - Logiciel: TOSHIBA Media Controller - (.TOSHIBA CORPORATION.) [HKLM] -- {983CD6FE-8320-4B80-A8F6-0D0366E0AA22}
O42 - Logiciel: TOSHIBA Media Controller Plug-in - (.TOSHIBA CORPORATION.) [HKLM] -- {F26FDF57-483E-42C8-A9C9-EEE1EDB256E0}
O42 - Logiciel: TOSHIBA Online Product Information - (.TOSHIBA.) [HKLM] -- {2290A680-4083-410A-ADCC-7092C67FC052}
O42 - Logiciel: TOSHIBA Recovery Media Creator Reminder - (.TOSHIBA.) [HKLM] -- InstallShield_{773970F1-5EBA-4474-ADEE-1EA3B0A59492}
O42 - Logiciel: TOSHIBA ReelTime - (.TOSHIBA Corporation.) [HKLM] -- InstallShield_{A0E99122-25C1-4CA4-9063-499A2A814EB6}
O42 - Logiciel: TOSHIBA Service Station - (.TOSHIBA.) [HKLM] -- {AC6569FA-6919-442A-8552-073BE69E247A}
O42 - Logiciel: TOSHIBA Supervisor Password - (.TOSHIBA Corporation.) [HKLM] -- {073B89C3-BA88-41B5-965F-B35A88EAE838}
O42 - Logiciel: TOSHIBA Value Added Package - (.TOSHIBA Corporation.) [HKLM] -- InstallShield_{066CFFF8-12BF-4390-A673-75F95EFF188E}
O42 - Logiciel: TOSHIBA Web Camera Application - (.TOSHIBA Corporation.) [HKLM] -- {5E6F6CF3-BACC-4144-868C-E14622C658F3}
O42 - Logiciel: TOSHIBA eco Utility - (.TOSHIBA Corporation.) [HKLM] -- InstallShield_{B3FF1CD9-B2F0-4D71-BB55-5F580401C48E}
O42 - Logiciel: TRORMCLauncher - (.Pas de propriétaire.) [HKLM] -- InstallShield_{E65C7D8E-186D-484B-BEA8-DEF0331CE600}
O42 - Logiciel: Toshiba Assist - (.TOSHIBA.) [HKLM] -- {1B87C40B-A60B-4EF3-9A68-706CF4B69978}
O42 - Logiciel: Toshiba Manuals - (.TOSHIBA.) [HKLM] -- {90FF4432-21B7-4AF6-BA6E-FB8C1FED9173}
O42 - Logiciel: Toshiba TEMPRO - (.Toshiba Europe GmbH.) [HKLM] -- {2B000B80-A3FA-4B92-A5FF-D9AD402B6701}
O42 - Logiciel: Update for 2007 Microsoft Office System (KB967642) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}
O42 - Logiciel: Update for Microsoft Office Word 2007 (KB974631) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{1D53FB73-9826-4541-B2E0-A239C6EBA718}
O42 - Logiciel: Update for Microsoft Office Word 2007 (KB974631) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{34726474-50D6-49FC-B8AC-35411459D27A}
O42 - Logiciel: Update for Office System 2007 Setup (KB929722) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{D8E9BEBD-655F-467D-8176-CA9959C140A3}
O42 - Logiciel: WildTangent ORB Game Console - (.WildTangent.) [HKLM] -- TOSHIBA Game Console
O42 - Logiciel: Windows Live Call - (.Microsoft Corporation.) [HKLM] -- {82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}
O42 - Logiciel: Windows Live Communications Platform - (.Microsoft Corporation.) [HKLM] -- {3B4E636E-9D65-4D67-BA61-189800823F52}
O42 - Logiciel: Windows Live FolderShare - (.Microsoft Corporation.) [HKLM] -- {2075CB0A-D26F-4DAA-B424-5079296B43BA}
O42 - Logiciel: Windows Live Mail - (.Microsoft Corporation.) [HKLM] -- {5DD76286-9BE7-4894-A990-E905E91AC818}
O42 - Logiciel: Windows Live Messenger - (.Microsoft Corporation.) [HKLM] -- {770F1BEC-2871-4E70-B837-FB8525FFA3B1}
O42 - Logiciel: Windows Live Movie Maker - (.Microsoft Corporation.) [HKLM] -- {53B20C18-D8D4-4588-8737-9BBFE303C354}
O42 - Logiciel: Windows Live Writer - (.Microsoft Corporation.) [HKLM] -- {4634B21A-CC07-4396-890C-2B8168661FEA}
O42 - Logiciel: Zuma Deluxe - (.WildTangent.) [HKLM] -- WT083890
O42 - Logiciel: neroxml - (.Nero AG.) [HKLM] -- {56C049BE-79E9-4502-BEA7-9754A3E60F9B}

---\\ HKCU & HKLM Software Keys
[HKCU\Software\ATI]
[HKCU\Software\Adobe]
[HKCU\Software\AppDataLow\Software\Adobe]
[HKCU\Software\AppDataLow\Software\Macromedia]
[HKCU\Software\AppDataLow\Software\Microsoft]
[HKCU\Software\AppDataLow\Software]
[HKCU\Software\AppDataLow]
[HKCU\Software\BBL]
[HKCU\Software\Classes]
[HKCU\Software\Clients]
[HKCU\Software\FIXIO PC Utilities]
[HKCU\Software\Google]
[HKCU\Software\IM Providers]
[HKCU\Software\JavaSoft]
[HKCU\Software\Macromedia]
[HKCU\Software\McAfee]
[HKCU\Software\Nero]
[HKCU\Software\Netscape]
[HKCU\Software\ODBC]
[HKCU\Software\Policies]
[HKCU\Software\Skype]
[HKCU\Software\Softonic]
[HKCU\Software\Synaptics]
[HKCU\Software\TOSHIBA]
[HKCU\Software\Wow6432Node]
[HKCU\Software\roxio]
[HKLM\Software\ATI Technologies]
[HKLM\Software\ATI]
[HKLM\Software\Adobe]
[HKLM\Software\AppDataLow]
[HKLM\Software\Atheros Communications Inc.]
[HKLM\Software\Audible]
[HKLM\Software\Classes]
[HKLM\Software\Clients]
[HKLM\Software\Digital River]
[HKLM\Software\EnigmaSoftwareGroup]
[HKLM\Software\Google]
[HKLM\Software\Intel]
[HKLM\Software\JavaSoft]
[HKLM\Software\Macromedia]
[HKLM\Software\McAfee.com]
[HKLM\Software\McAfeeInstaller]
[HKLM\Software\McAfee]
[HKLM\Software\MozillaPlugins]
[HKLM\Software\Mozilla]
[HKLM\Software\Nero]
[HKLM\Software\Norton]
[HKLM\Software\ODBC]
[HKLM\Software\Policies]
[HKLM\Software\Realtek Semiconductor Corp.]
[HKLM\Software\RegisteredApplications]
[HKLM\Software\RtWLan]
[HKLM\Software\SiteAdvisor]
[HKLM\Software\Skype]
[HKLM\Software\Symantec]
[HKLM\Software\TOSHIBA Corporation]
[HKLM\Software\TOSHIBA]
[HKLM\Software\TeamViewer]
[HKLM\Software\Uniblue]
[HKLM\Software\WildTangent]
[HKLM\Software\mcafeeupdater]


---\\ Contenu des dossiers ProgramFiles/ProgramData (O43)
O43 - CFD:Common File Directory ----D- C:\Program Files\ATI
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files
O43 - CFD:Common File Directory ----D- C:\Program Files\CONEXANT
O43 - CFD:Common File Directory ----D- C:\Program Files\DVD Maker
O43 - CFD:Common File Directory -SH-D- C:\Program Files\Fichiers communs
O43 - CFD:Common File Directory ----D- C:\Program Files\Google
O43 - CFD:Common File Directory ----D- C:\Program Files\Internet Explorer
O43 - CFD:Common File Directory ----D- C:\Program Files\mcafee
O43 - CFD:Common File Directory ----D- C:\Program Files\mcafee.com
O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft Games
O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft Office
O43 - CFD:Common File Directory ----D- C:\Program Files\MSBuild
O43 - CFD:Common File Directory ----D- C:\Program Files\PlayReady
O43 - CFD:Common File Directory ----D- C:\Program Files\Reference Assemblies
O43 - CFD:Common File Directory ----D- C:\Program Files\Synaptics
O43 - CFD:Common File Directory ----D- C:\Program Files\TOSHIBA
O43 - CFD:Common File Directory --H-D- C:\Program Files\Uninstall Information
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Defender
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Journal
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Mail
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Media Player
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows NT
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Photo Viewer
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Portable Devices
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Sidebar
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\mcafee
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Microsoft Shared
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Services
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\SpeechEngines
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\System
O43 - CFD:Common File Directory ----D- C:\ProgramData\Adobe
O43 - CFD:Common File Directory -SH-D- C:\ProgramData\Application Data
O43 - CFD:Common File Directory ----D- C:\ProgramData\ATI
O43 - CFD:Common File Directory -SH-D- C:\ProgramData\Bureau
O43 - CFD:Common File Directory -SH-D- C:\ProgramData\Desktop
O43 - CFD:Common File Directory -SH-D- C:\ProgramData\Documents
O43 - CFD:Common File Directory -SH-D- C:\ProgramData\Favoris
O43 - CFD:Common File Directory -SH-D- C:\ProgramData\Favorites
O43 - CFD:Common File Directory ----D- C:\ProgramData\Google
O43 - CFD:Common File Directory ----D- C:\ProgramData\McAfee
O43 - CFD:Common File Directory ----D- C:\ProgramData\McAfee Security Scan
O43 - CFD:Common File Directory -SH-D- C:\ProgramData\Menu Démarrer
O43 - CFD:Common File Directory -S--D- C:\ProgramData\Microsoft
O43 - CFD:Common File Directory ----D- C:\ProgramData\Microsoft Help
O43 - CFD:Common File Directory -SH-D- C:\ProgramData\Modèles
O43 - CFD:Common File Directory ----D- C:\ProgramData\Nero
O43 - CFD:Common File Directory ----D- C:\ProgramData\Norton
O43 - CFD:Common File Directory ----D- C:\ProgramData\NortonInstaller
O43 - CFD:Common File Directory ----D- C:\ProgramData\Skype
O43 - CFD:Common File Directory -SH-D- C:\ProgramData\Start Menu
O43 - CFD:Common File Directory ----D- C:\ProgramData\Symantec
O43 - CFD:Common File Directory -SH-D- C:\ProgramData\Templates
O43 - CFD:Common File Directory ----D- C:\ProgramData\TOSHIBA
O43 - CFD:Common File Directory ----D- C:\ProgramData\ToshibaEurope
O43 - CFD:Common File Directory ----D- C:\ProgramData\WildTangent
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\mcafee
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Microsoft Shared
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Services
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\SpeechEngines
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\System
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Adobe
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\ATI Technologies
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Common Files
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Enigma Software Group
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\FIXIO PC Utilities
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Google
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\ING
O43 - CFD:Common File Directory --H-D- C:\Program Files (x86)\InstallShield Installation Information
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Internet Explorer
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Java
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\McAfee
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\McAfee Security Scan
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\mcafee.com
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Microsoft
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Microsoft Office
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Microsoft Office Suite Activation Assistant
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Microsoft Silverlight
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Microsoft Works
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Microsoft.NET
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\MSBuild
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\MSXML 4.0
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Nero
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Norton Security Scan
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\NortonInstaller
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Photo-Service
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Realtek
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Realtek WLAN Driver
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Reference Assemblies
O43 - CFD:Common File Directory R---D- C:\Program Files (x86)\Skype
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\TOSHIBA
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\TOSHIBA Games
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Toshiba TEMPRO
O43 - CFD:Common File Directory --H-D- C:\Program Files (x86)\Uninstall Information
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Windows Defender
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Windows Live
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Windows Live SkyDrive
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Windows Mail
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Windows Media Player
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Windows NT
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Windows Photo Viewer
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Windows Portable Devices
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Windows Sidebar
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\ZHPDiag
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Common Files\Adobe
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Common Files\Adobe AIR
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Common Files\DESIGNER
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Common Files\InstallShield
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Common Files\mcafee
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Common Files\microsoft shared
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Common Files\Nero
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Common Files\Services
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Common Files\Skype
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Common Files\SpeechEngines
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Common Files\System
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Common Files\Windows Live
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Common Files\Wise Installation Wizard


---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.24D95BC48E4623C7701C2DC94E9ED57A] - 05/11/2010 - 22:27:01 --HA- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [16080]
O44 - LFC:[MD5.24D95BC48E4623C7701C2DC94E9ED57A] - 05/11/2010 - 22:27:01 --HA- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [16080]
O44 - LFC:[MD5.34A4A8C942A061EF75F8C49655E4B09C] - 05/11/2010 - 22:22:07 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\setupact.log [40659]
O44 - LFC:[MD5.0B776F2DB53744B06D3CC10390C170C5] - 05/11/2010 - 22:22:06 -S-A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\bootstat.dat [67584]
O44 - LFC:[MD5.58A12AFE1F5D1AB033A7DA46744F48DA] - 04/11/2010 - 16:16:55 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\win.ini [720]
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 04/11/2010 - 14:33:36 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\autoexec.bat [0]
O44 - LFC:[MD5.2E8C08513D0222394F52EBA57AF663A9] - 03/11/2010 - 22:57:40 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\WindowsUpdate.log [1596904]
O44 - LFC:[MD5.B365A3FA489E9E19541AE449113CAFB0] - 03/11/2010 - 14:17:54 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\SysNative\PerfStringBackup.INI [1524562]
O44 - LFC:[MD5.C6F145E3793460A56028E54B6A084431] - 03/11/2010 - 14:17:54 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\SysNative\perfc009.dat [103568]
O44 - LFC:[MD5.0D4607DA081946EDD91C2D0431E232BD] - 03/11/2010 - 14:17:54 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\SysNative\perfc00C.dat [127684]
O44 - LFC:[MD5.08CE9D1E38ABB5E24C9B53ABFE5D454F] - 03/11/2010 - 14:17:54 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\SysNative\perfh009.dat [607190]
O44 - LFC:[MD5.8062FB9A9A3B257B1DA8122828C5823E] - 03/11/2010 - 14:17:54 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\SysNative\perfh00C.dat [695004]
O44 - LFC:[MD5.CBDA0B81BED9EE8F452C7319C4A6C983] - 28/10/2010 - 14:39:46 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\PFRO.log [27426]
O44 - LFC:[MD5.5A2C345F46FA4C1C77F3E89A8D276540] - 14/10/2010 - 20:21:04 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\SysNative\FNTCACHE.DAT [338032]


---\\ Déni du service (Local Security Authority) (LSA) (O48)
O48 - LSA:Local Security Authority Authentication Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll
O48 - LSA:Local Security Authority Notification Packages . (.Microsoft Corporation - Moteur du client de l'Éditeur de configuration de sécurité Windows.) -- C:\Windows\System32\scecli.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll


---\\ Trojan Driver Search Data (HKLM)(TDSD) (O52)
O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\Windows\SysWOW64\l3codeca.acm" . (.Pas de propriétaire - Pas de description.) -- (.not file.)
O52 - TDSD: \Drivers32\"vidc.cvid"="iccvid.dll" . (.Radius Inc. - Codec Cinepak®.) -- C:\Windows\System32\iccvid.dll
O52 - TDSD: \drivers.desc\"C:\Windows\SysWOW64\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Pas de propriétaire - Pas de description.) -- (.not file.)


---\\ Microsoft Control Security Providers (MCSP) (O54)
O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\system32\credssp.dll
O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\system32\credssp.dll


---\\ Microsoft Windows Policies System (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=0
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=3
O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1
O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=0
O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0
O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=
O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0
O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLinkedConnections"=1


---\\ Microsoft Windows Policies Explorer (MWPE) (O56)
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktop"=1
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1
O56 - MWPE:[HKLM\...\policies\Explorer] - "ForceActiveDesktopOn"=0


---\\ Liste des Drivers Système (SDL) (O58)
O58 - SDL:[MD5.2F6B34B83843F0C5118B63AC634F5BF4] - 14/07/2009 - 02:52:21 ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\system32\drivers\adp94xx.sys
O58 - SDL:[MD5.597F78224EE9224EA1A13D6350CED962] - 14/07/2009 - 02:52:21 ---A- . (.Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) -- C:\Windows\system32\drivers\adpahci.sys
O58 - SDL:[MD5.E109549C90F62FB570B9540C4B148E54] - 14/07/2009 - 02:52:21 ---A- . (.Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver (X64).) -- C:\Windows\system32\drivers\adpu320.sys
O58 - SDL:[MD5.5812713A477A3AD7363C7438CA2EE038] - 14/07/2009 - 02:52:21 ---A- . (.Acer Laboratories Inc. - ALi mini IDE Driver.) -- C:\Windows\system32\drivers\aliide.sys
O58 - SDL:[MD5.7A4B413614C055935567CF88A9734D38] - 14/07/2009 - 02:52:21 ---A- . (.Advanced Micro Devices - AHCI 1.2 Device Driver.) -- C:\Windows\system32\drivers\amdsata.sys
O58 -
0
Réponse 3 / 14
jlpjlp Messages postés 51580 Date d'inscription vendredi 18 mai 2007 Statut Contributeur sécurité Dernière intervention 3 mai 2022 5 040
5 nov. 2010 à 22:54
colle un rapport après mise à jour avec le logiciel malwarebyte antimalware (une analyse rapide) et colle le rapport btenu puis supprime ce qui est trouvé


a plus
0
Réponse 4 / 14
jas
6 nov. 2010 à 10:54
salut
voici le rapport
Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Version de la base de données: 5058

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

6/11/2010 10:41:24
rapport

Type d'examen: Examen rapide
Elément(s) analysé(s): 142019
Temps écoulé: 5 minute(s), 12 seconde(s)

Processus mémoire infecté(s): 2
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 2
Valeur(s) du Registre infectée(s): 2
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 2
Fichier(s) infecté(s): 13

Processus mémoire infecté(s):
C:\Users\SUHAIL\AppData\Local\Temp\svchost.exe (Trojan.FakeAlert) -> No action taken.
C:\Users\SUHAIL\AppData\Roaming\AntiVirus 2010\securitycenter.exe (Trojan.FakeAlert) -> No action taken.

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
HKEY_CURRENT_USER\Software\AntiVirus 2010 (Rogue.AntiVirus2010) -> No action taken.
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\AntiVirus 2010 (Rogue.AntiVirus2010) -> No action taken.

Valeur(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\lcsgk0wwet8p (Trojan.FakeAlert) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\securitycenter (Trojan.FakeAlert) -> No action taken.

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
C:\Users\SUHAIL\AppData\Roaming\AntiVirus 2010 (Rogue.AntiVirus2010) -> No action taken.
C:\Users\SUHAIL\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AntiVirus 2010 (Rogue.AntiVirus2010) -> No action taken.

Fichier(s) infecté(s):
C:\Users\SUHAIL\AppData\Local\Temp\svchost.exe (Trojan.FakeAlert) -> No action taken.
C:\Users\SUHAIL\AppData\Roaming\AntiVirus 2010\securitycenter.exe (Trojan.FakeAlert) -> No action taken.
C:\Users\SUHAIL\AppData\Local\Temp\1360.tmp (Trojan.FakeAlert) -> No action taken.
C:\Users\SUHAIL\AppData\Local\Temp\4910.tmp (Trojan.FakeAlert) -> No action taken.
C:\Users\SUHAIL\AppData\Roaming\AntiVirus 2010\AntiVirus_Studio_2010.exe (Rogue.AntiVirus2010) -> No action taken.
C:\Users\SUHAIL\AppData\Roaming\AntiVirus 2010\securityhelper.exe (Rogue.AntiVirus2010) -> No action taken.
C:\Users\SUHAIL\AppData\Roaming\AntiVirus 2010\taskmgr.dll (Rogue.AntiVirus2010) -> No action taken.
C:\Users\SUHAIL\AppData\Local\Temp\0.4127620556317585.exe (Trojan.Dropper) -> No action taken.
C:\Users\SUHAIL\AppData\Local\Temp\kilslmd.exex (Trojan.FakeAlert) -> No action taken.
C:\Users\SUHAIL\AppData\Local\Temp\ppddfcfux.exxe (Trojan.FakeAlert) -> No action taken.
C:\Users\SUHAIL\AppData\Local\Temp\test.exe (Trojan.Zlob) -> No action taken.
C:\Users\SUHAIL\AppData\Local\Temp\w32rim_mem.exe (Trojan.Downloader) -> No action taken.
C:\Users\SUHAIL\AppData\Local\Temp\wrfwe_di.exe (Trojan.Downloader) -> No action taken.


petite info le pc deconne de plus en plus
merci à plus
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 14
jlpjlp Messages postés 51580 Date d'inscription vendredi 18 mai 2007 Statut Contributeur sécurité Dernière intervention 3 mai 2022 5 040
6 nov. 2010 à 12:07
il faut supprimer ce qui est trouvé

puis

remets nous un rapport Zhpdiag


a plus
0
Réponse 6 / 14
jas
6 nov. 2010 à 12:35
salut voici le nouveau rapport, je ne sais pas pourquoi il est si long

merci pour ton aide

Rapport de ZHPDiag v1.27.101 par Nicolas Coolman, Update du 05/11/2010
Run by SUHAIL at 06/11/2010 12:10:37
Web site : http://www.premiumorange.com/zeb-help-process/zhpdiag.html
Contact : nicolascoolman@yahoo.fr

---\\ Web Browser
MSIE: Internet Explorer v8.0.7600.16385

---\\ System Information
Windows 7 Home Premium Edition, 64-bit (Build 7600)
Processor: AMD64 Family 16 Model 6 Stepping 3, AuthenticAMD
Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 2810 MB (57% free)
System drive C: has 121 GB (80%) free of 149 GB

---\\ Logged in mode
Computer Name: SUHAIL-TOSH
User Name: SUHAIL
All Users Names: SUHAIL, HomeGroupUser$, Administrateur,
Unselected Option: O1,O45,O61,O62,O65,O82
Logged in as Administrator

---\\ DOS/Devices
C:\ Hard drive, Flash drive, Thumb drive (Free 121 Go of 149 Go)
D:\ Hard drive, Flash drive, Thumb drive (Free 141 Go of 149 Go)
E:\ CD-ROM drive (Not Inserted)


---\\ Security Center & Tools Informations
[HKLM\SOFTWARE\Microsoft\Security Center] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] UacDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] UpdatesDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] UacDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] NoActiveDesktopChanges: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoFolderOptions: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] DisableTaskMgr: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] DisableRegistryTools: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] NoDispScrSavPage: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowSearch: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: Modified


---\\ Recherche particulière de fichiers génériques
[MD5.9AAAEC8DAC27AA17B053E6352AD233AE] - (.Microsoft Corporation - Explorateur Windows.) (.31/10/2009 07:34:59.) -- C:\Windows\Explorer.exe [2870272]
[MD5.B5C5DCAD3899512020D135600129D665] - (.Microsoft Corporation - Application de démarrage de Windows.) (.14/07/2009 02:14:45.) -- C:\Windows\System32\Wininit.exe [96256]


---\\ Processus lancés
[MD5.05973FB5F863CDB65852D88ADB383A33] - (.TOSHIBA - TOSHIBA Online Product Information.) -- C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\TOPI.exe [4581280]
[MD5.5D61BE7DB55B026A5D61A3EED09D0EAD] - (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408]
[MD5.89F7C30A91E5581BDF14C62AB46A2B2D] - (.McAfee, Inc. - McAfee Security Scanner Scheduler.) -- C:\Program Files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe [255536]
[MD5.F7E0783DA9043BC131BB37C77EDB04DF] - (.TOSHIBA CORPORATION. - Pas de description.) -- C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe [2454840]
[MD5.BAD6BEA0DE1F69C82BDB74378CE0C20A] - (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [932288]
[MD5.80A02F5ADDDF2D615B85A4F19424DCBB] - (.Nero AG - Nero BackItUp.) -- C:\Program Files (x86)\Nero\Nero BackItUp & Burn\Nero BackItUp\NBAgent.exe [1086760]
[MD5.61EDBCE47ADF3E52AB0B9F49EE4AEBB8] - (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe [673040]
[MD5.A7E406711790197712D376B44A9FBB0B] - (.TOSHIBA CORPORATION - ConfigFree Task Tray Menu.) -- C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe [304496]
[MD5.8A07221789D46B2EA7DFCA2BC807572A] - (.TOSHIBA CORPORATION - ConfigFree Switch Manager Process.) -- C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe [62848]
[MD5.8B4022226C18FA378C324C11CBADDA36] - (.Google Inc. - Google Toolbar Broker.) -- C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe [304304]
[MD5.AD3D7E95C4F3DAF0E703E3B36A95E288] - (.Nicolas Coolman - Diagnostic Tool.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [617472]


---\\ Plugins de navigateurs Opera/Firefox(P1/P2)
P2 - FPN: [HKLM] [@adobe.com/ShockwavePlayer] - (.Adobe Systems, Inc. - Adobe Shockwave for Director Netscape plug-in, version 11.5.8.612.) -- C:\Windows\system32\Adobe\Director\np32dsw.dll
P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (. Microsoft Corporation - 4.0.50917.0.) -- C:\Program Files (x86)\Microsoft Silverlight\4.0.50917.0\npctrl.dll
P2 - FPN: [HKLM] [@microsoft.com/WLPG,version=14.0.8081.0709] - (.Microsoft Corporation - NPWLPG.) -- C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=8] - (.Google Inc. - Google Update.) -- C:\Program Files (x86)\Google\Update\1.2.183.39\npGoogleOneClick8.dll


---\\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2)
F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\WINDOWS\explorer.exe
F2 - REG:system.ini: VMApplet=C:\WINDOWS\system32\SystemPropertiesPerformance.exe


---\\ Pages de démarrage d'Internet Explorer (R0)
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?cobrand=toshiba.msn.com&ocid=TSHDHP&pc=MATB
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp


---\\ Pages de recherche d'Internet Explorer (R1)
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?cobrand=toshiba.msn.com&ocid=TSHDHP&pc=MATB
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0


---\\ Internet Explorer URLSearchHook (R3)
R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Navigateur Internet.) (8.00.7600.16385 (win7_rtm.090713-1255)) -- C:\Windows\SysWOW64\ieframe.dll
R3 - URLSearchHook: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} . (.McAfee, Inc. - SiteAdvisor.) (3,2,0,124) -- c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll


---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: McAfee Phishing Filter - {27B4851A-3207-45A2-B947-BE8AFE6163AB} . (.Pas de propriétaire - Pas de description.) -- c:\PROGRA~1\mcafee\msk\mskapbho.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} Clé orpheline
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} . (.McAfee, Inc. - VSCore Script Scanner.) -- C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20100822220810.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corporation - Microsoft® Windows Live ID Login Helper.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} . (.Google Inc. - Google Toolbar.) -- C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} . (.Skype Technologies S.A. - Skype add-on for IE.) -- C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll
O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} . (.McAfee, Inc. - SiteAdvisor.) -- c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO: TOSHIBA Media Controller Plug-in - {F3C88694-EFFA-4d78-B409-54B7B2535B14} . (.<TOSHIBA> - TOSHIBA Media Controller Plug-in.) -- C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll


---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} . (.McAfee, Inc. - SiteAdvisor.) -- c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} . (.Google Inc. - Google Toolbar.) -- C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll


---\\ Applications démarrées par registre & par dossier (O4)
O4 - HKLM\..\Run: [TWebCamera] . (.TOSHIBA CORPORATION. - Pas de description.) -- C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe
O4 - HKLM\..\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
O4 - HKLM\..\Run: [mcui_exe] . (.McAfee, Inc. - McAfee Security Center.) -- C:\Program Files\McAfee.com\Agent\mcagent.exe
O4 - HKLM\..\Run: [NBAgent] . (.Nero AG - Nero BackItUp.) -- c:\Program Files (x86)\Nero\Nero BackItUp & Burn\Nero BackItUp\NBAgent.exe
O4 - HKLM\..\Run: [StartCCC] . (.Advanced Micro Devices, Inc. - Catalyst® Control Center Launcher.) -- C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
O4 - HKLM\..\Run: [ToshibaServiceStation] . (.TOSHIBA Corporation - TOSHIBA Service Station.) -- C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe
O4 - HKCU\..\Run: [TOSHIBA Online Product Information] . (.TOSHIBA - TOSHIBA Online Product Information.) -- C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe
O4 - HKCU\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [RegistryBooster] C:\Program Files (x86)\Uniblue\RegistryBooster\launcher.exe (.not file.)
O4 - HKLM\..\Wow6432Node\Run: [TWebCamera] . (.TOSHIBA CORPORATION. - Pas de description.) -- C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe
O4 - HKLM\..\Wow6432Node\Run: [Adobe Reader Speed Launcher] . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe
O4 - HKLM\..\Wow6432Node\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
O4 - HKLM\..\Wow6432Node\Run: [mcui_exe] . (.McAfee, Inc. - McAfee Security Center.) -- C:\Program Files\McAfee.com\Agent\mcagent.exe
O4 - HKLM\..\Wow6432Node\Run: [NBAgent] . (.Nero AG - Nero BackItUp.) -- c:\Program Files (x86)\Nero\Nero BackItUp & Burn\Nero BackItUp\NBAgent.exe
O4 - HKLM\..\Wow6432Node\Run: [StartCCC] . (.Advanced Micro Devices, Inc. - Catalyst® Control Center Launcher.) -- C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
O4 - HKLM\..\Wow6432Node\Run: [ToshibaServiceStation] . (.TOSHIBA Corporation - TOSHIBA Service Station.) -- C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe
O4 - HKUS\S-1-5-18\..\Run: [TOSHIBA Online Product Information] . (.TOSHIBA - TOSHIBA Online Product Information.) -- C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe
O4 - HKUS\S-1-5-18\..\Run: [TOSHIBA Online Product Information] . (.TOSHIBA - TOSHIBA Online Product Information.) -- C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-21-2418857894-801486372-2152463246-1001\..\Run: [TOSHIBA Online Product Information] . (.TOSHIBA - TOSHIBA Online Product Information.) -- C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe
O4 - HKUS\S-1-5-21-2418857894-801486372-2152463246-1001\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-21-2418857894-801486372-2152463246-1001\..\Run: [RegistryBooster] C:\Program Files (x86)\Uniblue\RegistryBooster\launcher.exe (.not file.)
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (.not file.)
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (.not file.)
O4 - Global Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk . (.McAfee, Inc..) -- C:\Program Files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe


---\\ Autres liens utilisateurs (O4)
O4 - Global Startup: C:\Documents And Settings\SUHAIL\Desktop\Internet Explorer.lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Documents And Settings\SUHAIL\Desktop\Module de sécurité.lnk . (.Pas de propriétaire.) -- C:\hb32.exe
O4 - Global Startup: C:\Users\SUHAIL\Desktop\Internet Explorer.lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\SUHAIL\Desktop\Module de sécurité.lnk . (.Pas de propriétaire.) -- C:\hb32.exe
O4 - Global Startup: C:\Users\SUHAIL\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\AntiVirus 2010.lnk . (.Pas de propriétaire.) -- C:\Users\SUHAIL\AppData\Roaming\AntiVirus 2010\AntiVirus_Studio_2010.exe (.not file.)
O4 - Global Startup: C:\Users\SUHAIL\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\SUHAIL\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk - Clé orpheline
O4 - Global Startup: C:\Users\SUHAIL\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk - Clé orpheline


---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8)
O8 - Extra context menu item: E&xporter vers Microsoft Excel . (.Microsoft Corporation - Microsoft Office Excel.) -- C:\PROGRA~2\MIF5BA~1\Office12\EXCEL.exe
O8 - Extra context menu item: Google Sidewiki... . (.Google Inc. - Google Toolbar for Internet Explorer.) -- C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_950DF09FAB501E03.dll


---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} . (.Microsoft Corporation - Windows Live Writer Blog This Extension.) -- C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} . (.Microsoft Corporation - Microsoft Office OneNote Internet Explorer Add-in.) -- C:\PROGRA~2\MIF5BA~1\Office12\ONBttnIE.dll
O9 - Extra button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} . (.Pas de propriétaire - Pas de description.) -- C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\icon.ico
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (.Pas de propriétaire - Pas de description.) -- C:\PROGRA~2\MIF5BA~1\Office12\REFBARH.ICO


---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\Windows\system32\mswsock.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll
O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d'affectation de noms de messagerie.) -- C:\Windows\system32\napinsp.dll
O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Fournisseur d'espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - Fournisseur d'espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000007\Winsock LSP File . (.Microsoft Corporation - Microsoft® Windows Live ID Namespace Provider.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL
O10 - WLSP:\000000000008\Winsock LSP File . (.Microsoft Corporation - Microsoft® Windows Live ID Namespace Provider.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL


---\\ Objets ActiveX (Downloaded Program Files)(O16)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
O16 - DPF: {3F932FFA-F092-4FDB-92C5-1285978614D2} (WATCH_16R Control) - http://192.168.1.220:5004/WATCH_16R.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} () - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab


---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{579B9A1E-3E09-4679-8A97-FE66243444CC}: DhcpNameServer = 212.76.224.172 82.216.111.122 82.216.111.121 82.216.111.123
O17 - HKLM\System\CCS\Services\Tcpip\..\{A72B9897-14D2-458A-86D5-67AE371F2D57}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{579B9A1E-3E09-4679-8A97-FE66243444CC}: DhcpNameServer = 212.76.224.172 82.216.111.122 82.216.111.121 82.216.111.123
O17 - HKLM\System\CS1\Services\Tcpip\..\{A72B9897-14D2-458A-86D5-67AE371F2D57}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{579B9A1E-3E09-4679-8A97-FE66243444CC}: DhcpNameServer = 212.76.224.172 82.216.111.122 82.216.111.121 82.216.111.123
O17 - HKLM\System\CS2\Services\Tcpip\..\{A72B9897-14D2-458A-86D5-67AE371F2D57}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 212.76.224.172 82.216.111.122 82.216.111.121 82.216.111.123


---\\ Protocole additionnel et piratage de protocole (O18)
O18 - Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} . (.McAfee, Inc. - SiteAdvisor.) -- c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O18 - Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} . (.McAfee, Inc. - SiteAdvisor.) -- c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O18 - Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} . (.Skype Technologies S.A. - Skype add-on for IE.) -- C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} . (.Skype Technologies - Skype for COM API.) -- C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL


---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.


---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: (AMD External Events Utility) . (.Pas de propriétaire - Pas de description.) - C:\Windows\system32\atiesrxx.exe (.not file.)
O23 - Service: ConfigFree WiMAX Service (cfWiMAXService) . (.TOSHIBA CORPORATION - ConfigFree Service Process.) - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe
O23 - Service: ConfigFree Service (ConfigFree Service) . (.TOSHIBA CORPORATION - ConfigFree Service Process.) - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: Service Google Update (gupdate) (gupdate) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: McAfee SiteAdvisor Service (McAfee SiteAdvisor Service) . (.McAfee, Inc. - McAfee Service Host.) - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
O23 - Service: Service McAfee Personal Firewall (McMPFSvc) . (.McAfee, Inc. - McAfee Service Host.) - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
O23 - Service: McAfee Services (mcmscsvc) . (.McAfee, Inc. - McAfee Service Host.) - C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
O23 - Service: McAfee VirusScan Announcer (McNaiAnn) . (.McAfee, Inc. - McAfee Service Host.) - C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
O23 - Service: McAfee Network Agent (McNASvc) . (.McAfee, Inc. - McAfee Service Host.) - C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
O23 - Service: McAfee Proxy Service (McProxy) . (.McAfee, Inc. - McAfee Service Host.) - C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
O23 - Service: McShield (McShield) . (.McAfee, Inc. - McAfee On-Access Scanner service.) - C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
O23 - Service: McAfee Firewall Core Service (mfefire) . (.McAfee, Inc. - McAfee Core Firewall Service.) - C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
O23 - Service: McAfee Validation Trust Protection Service (mfevtp) . (.McAfee, Inc. - McAfee Process Validation Service.) - C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe
O23 - Service: McAfee Anti-Spam Service (MSK80Service) . (.McAfee, Inc. - McAfee Service Host.) - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
O23 - Service: Nero BackItUp Scheduler 4.0 (Nero BackItUp Scheduler 4.0) . (.Nero AG - Nero BackItUp.) - c:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: C:\Windows\system32\samsrv.dll (SamSs) . (.Pas de propriétaire - Pas de description.) - C:\Windows\system32\lsass.exe (.not file.)
O23 - Service: C:\Windows\system32\spoolsv.exe (Spooler) . (.Pas de propriétaire - Pas de description.) - C:\Windows\System32\spoolsv.exe (.not file.)
O23 - Service: C:\Windows\system32\sppsvc.exe (sppsvc) . (.Pas de propriétaire - Pas de description.) - C:\Windows\system32\sppsvc.exe (.not file.)
O23 - Service: SpyHunter 4 Service (SpyHunter 4 Service) . (.Enigma Software Group USA, LLC. - Service scanner interface.) - C:\PROGRA~2\ENIGMA~1\SPYHUN~1\SH4SER~1.exe
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) . (.Pas de propriétaire - Pas de description.) - C:\Windows\system32\TODDSrv.exe (.not file.)
O23 - Service: TOSHIBA Power Saver (TosCoSrv) . (.TOSHIBA Corporation - TOSHIBA Power Saver.) - C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
O23 - Service: TOSHIBA eco Utility Service (TOSHIBA eco Utility Service) . (.TOSHIBA Corporation - TOSHIBA eco Utility Service.) - C:\Program Files\TOSHIBA\TECO\TecoService.exe


---\\ Enumération Active Desktop & MHTML Editor (O24)
O24 - Default MHTML Editor: Last - .(.Pas de propriétaire - Pas de description.) - (.not file.)


---\\ Tâches planifiées en automatique (O39)
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\Norton Security Scan for SUHAIL.job


---\\ Composants installés (ActiveSetup Installed Components) (O40)
O40 - ASIC: Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608500} . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Program Files (x86)\Java\jre6\bin\regutils.dll
O40 - ASIC: Microsoft Windows - {44BBA840-CC51-11CF-AAFA-00AA00B6015C} . (.Pas de propriétaire - Pas de description.) -- %ProgramFiles(x86)%\Windows Mail\WinMail.exe


---\\ Pilotes lancés au démarrage (O41)
O41 - Driver: C:\Windows\system32\drivers\afd.sys (AFD) . (.Pas de propriétaire - Pas de description.) - C:\Windows\system32\drivers\afd.sys
O41 - Driver: (blbdrive) . (.Pas de propriétaire - Pas de description.) - C:\Windows\system32\DRIVERS\blbdrive.sys
O41 - Driver: Pilote de CD-ROM (cdrom) . (.Pas de propriétaire - Pas de description.) - C:\Windows\system32\DRIVERS\cdrom.sys
O41 - Driver: C:\Windows\system32\drivers\dfsc.sys (DfsC) . (.Pas de propriétaire - Pas de description.) - C:\Windows\system32\Drivers\dfsc.sys
O41 - Driver: C:\Windows\system32\drivers\discache.sys (discache) . (.Pas de propriétaire - Pas de description.) - C:\Windows\system32\drivers\discache.sys
O41 - Driver: McAfee NDIS Light Filter (mfenlfk) . (.Pas de propriétaire - Pas de description.) - C:\Windows\system32\DRIVERS\mfenlfk.sys
O41 - Driver: Pilote BIOS de gestion de systèmes Microsoft (mssmbios) . (.Pas de propriétaire - Pas de description.) - C:\Windows\system32\DRIVERS\mssmbios.sys
O41 - Driver: NetBIOS Interface (NetBIOS) . (.Pas de propriétaire - Pas de description.) - C:\Windows\system32\DRIVERS\netbios.sys
O41 - Driver: C:\Windows\system32\drivers\netbt.sys (NetBT) . (.Pas de propriétaire - Pas de description.) - C:\Windows\system32\DRIVERS\netbt.sys
O41 - Driver: C:\Windows\system32\drivers\nsiproxy.sys (nsiproxy) . (.Pas de propriétaire - Pas de description.) - C:\Windows\system32\drivers\nsiproxy.sys
O41 - Driver: C:\Windows\system32\drivers\pacer.sys (Psched) . (.Pas de propriétaire - Pas de description.) - C:\Windows\system32\DRIVERS\pacer.sys
O41 - Driver: C:\Windows\system32\wkssvc.dll (rdbss) . (.Pas de propriétaire - Pas de description.) - C:\Windows\system32\DRIVERS\rdbss.sys
O41 - Driver: C:\Windows\system32\DRIVERS\RDPCDD.sys (RDPCDD) . (.Pas de propriétaire - Pas de description.) - C:\Windows\system32\DRIVERS\RDPCDD.sys
O41 - Driver: C:\Windows\system32\drivers\RDPENCDD.sys (RDPENCDD) . (.Pas de propriétaire - Pas de description.) - C:\Windows\system32\drivers\rdpencdd.sys
O41 - Driver: C:\Windows\system32\drivers\RdpRefMp.sys (RDPREFMP) . (.Pas de propriétaire - Pas de description.) - C:\Windows\system32\drivers\rdprefmp.sys
O41 - Driver: Pilote de périphérique terminal (TermDD) . (.Pas de propriétaire - Pas de description.) - C:\Windows\system32\DRIVERS\termdd.sys
O41 - Driver: (VgaSave) . (.Pas de propriétaire - Pas de description.) - C:\Windows\system32\drivers\vga.sys
O41 - Driver: Virtual WiFi Filter Driver (vwififlt) . (.Pas de propriétaire - Pas de description.) - C:\Windows\system32\DRIVERS\vwififlt.sys
O41 - Driver: WFP Lightweight Filter (WfpLwf) . (.Pas de propriétaire - Pas de description.) - C:\Windows\system32\DRIVERS\wfplwf.sys


---\\ Logiciels installés (O42)
O42 - Logiciel: Adobe AIR - (.Adobe Systems Inc..) [HKLM] -- Adobe AIR
O42 - Logiciel: Adobe AIR - (.Adobe Systems Inc..) [HKLM] -- {A2BCA9F1-566C-4805-97D1-7FDC93386723}
O42 - Logiciel: Adobe Flash Player 10 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX
O42 - Logiciel: Adobe Reader 9.3.4 - Français - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-1036-7B44-A93000000001}
O42 - Logiciel: Adobe Shockwave Player 11.5 - (.Adobe Systems, Inc..) [HKLM] -- Adobe Shockwave Player
O42 - Logiciel: Advertising Center - (.Nero AG.) [HKLM] -- {B2EC4A38-B545-4A00-8214-13FE0E915E6D}
O42 - Logiciel: Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver - (.Atheros Communications Inc..) [HKLM] -- {3108C217-BE83-42E4-AE9E-A56A2A92E549}
O42 - Logiciel: Bejeweled 2 Deluxe - (.WildTangent.) [HKLM] -- WT083929
O42 - Logiciel: Catalyst Control Center - Branding - (.ATI.) [HKLM] -- {8BD785CF-30C7-4182-B250-0D5FCE78D4DD}
O42 - Logiciel: Chuzzle Deluxe - (.WildTangent.) [HKLM] -- WT083877
O42 - Logiciel: Diner Dash 2 Restaurant Rescue - (.WildTangent.) [HKLM] -- WT083916
O42 - Logiciel: FATE - (.WildTangent.) [HKLM] -- WT083945
O42 - Logiciel: FIXIO PC Cleaner - (.LULU software.) [HKLM] -- {1C415213-C4A7-4CB0-A982-AC236879B14A}
O42 - Logiciel: Galerie de photos Windows Live - (.Microsoft Corporation.) [HKLM] -- {B131E59D-202C-43C6-84C9-68F0C37541F1}
O42 - Logiciel: Google Toolbar for Internet Explorer - (.Google Inc..) [HKLM] -- {18455581-E099-4BA8-BC6B-F34B2F06600C}
O42 - Logiciel: Google Toolbar for Internet Explorer - (.Google Inc..) [HKLM] -- {2318C2B1-4965-11d4-9B18-009027A5CD4F}
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
O42 - Logiciel: Home'Bank Light 3.3.3 - (.ING Belguim.) [HKLM] -- Home'Bank Light_is1
O42 - Logiciel: Installation Windows Live - (.Microsoft Corporation.) [HKLM] -- WinLiveSuite_Wave3
O42 - Logiciel: Installation Windows Live - (.Microsoft Corporation.) [HKLM] -- {46ABBC54-1872-4AA3-95E2-F2C063A63F31}
O42 - Logiciel: Java(TM) 6 Update 17 - (.Sun Microsystems, Inc..) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F83216017FF}
O42 - Logiciel: Jeux WildTangent - (.WildTangent.) [HKLM] -- WildTangent toshiba Master Uninstall
O42 - Logiciel: Jewel Quest II - (.WildTangent.) [HKLM] -- WT083910
O42 - Logiciel: Junk Mail filter update - (.Microsoft Corporation.) [HKLM] -- {E2DFE069-083E-4631-9B6C-43C48E991DE5}
O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM] -- {22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
O42 - Logiciel: MSXML 4.0 SP2 (KB954430) - (.Microsoft Corporation.) [HKLM] -- {86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
O42 - Logiciel: MSXML 4.0 SP2 (KB973688) - (.Microsoft Corporation.) [HKLM] -- {F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
O42 - Logiciel: Malwarebytes' Anti-Malware - (.Malwarebytes Corporation.) [HKLM] -- Malwarebytes' Anti-Malware_is1
O42 - Logiciel: McAfee Internet Security - (.McAfee, Inc..) [HKLM] -- MSC
O42 - Logiciel: McAfee Security Scan Plus - (.McAfee, Inc..) [HKLM] -- McAfee Security Scan
O42 - Logiciel: Microsoft Choice Guard - (.Microsoft Corporation.) [HKLM] -- {F0E12BBA-AD66-4022-A453-A1C8A0C4D570}
O42 - Logiciel: Microsoft Office Excel MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0016-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Home and Student 2007 - (.Microsoft Corporation.) [HKLM] -- HOMESTUDENTR
O42 - Logiciel: Microsoft Office Home and Student 2007 - (.Microsoft Corporation.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office OneNote MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-00A1-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office PowerPoint MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0018-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office PowerPoint Viewer 2007 (French) - (.Microsoft Corporation.) [HKLM] -- {95120000-00AF-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (Arabic) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0401-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (Dutch) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0413-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (English) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0409-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (German) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0407-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (Spanish) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0C0A-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proofing (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-002C-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Shared MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-006E-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Suite Activation Assistant - (.Microsoft Corporation.) [HKLM] -- {E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}
O42 - Logiciel: Microsoft Office Word MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001B-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft SQL Server 2005 Compact Edition [ENU] - (.Microsoft Corporation.) [HKLM] -- {F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable - (.Microsoft Corporation.) [HKLM] -- {837b34e3-7c30-493c-8f6a-2b0f04e2912c}
O42 - Logiciel: Microsoft Works - (.Microsoft Corporation.) [HKLM] -- {3B160861-7250-451E-B5EE-8B92BF30A710}
O42 - Logiciel: Module de compatibilité pour Microsoft Office System 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0020-040C-0000-0000000FF1CE}
O42 - Logiciel: Nero 9 Essentials - (.Nero AG.) [HKLM] -- {dac7e46c-156d-4bc4-ae15-2a3f4635a440}
O42 - Logiciel: Nero BackItUp - (.Nero AG.) [HKLM] -- {0420F95C-11FF-4E02-B967-6CC22B188F9F}
O42 - Logiciel: Nero BackItUp and Burn - (.Nero AG.) [HKLM] -- {E08CC458-41FB-4BB5-9B08-2C83DB55A5B9}
O42 - Logiciel: Nero BurnRights - (.Nero AG.) [HKLM] -- {397516AE-7DFE-4F90-84E0-BD616D559434}
O42 - Logiciel: Nero BurnRights - (.Nero AG.) [HKLM] -- {7829DB6F-A066-4E40-8912-CB07887C20BB}
O42 - Logiciel: Nero BurnRights Help - (.Nero AG.) [HKLM] -- {F6BDD7C5-89ED-4569-9318-469AA9732572}
O42 - Logiciel: Nero ControlCenter - (.Nero AG.) [HKLM] -- {BD5CA0DA-71AD-43DA-B19E-6EEE0C9ADC9A}
O42 - Logiciel: Nero ControlCenter - (.Nero AG.) [HKLM] -- {F4041DCE-3FE1-4E18-8A9E-9DE65231EE36}
O42 - Logiciel: Nero DiscSpeed - (.Nero AG.) [HKLM] -- {869200DB-287A-4DC0-B02B-2B6787FBCD4C}
O42 - Logiciel: Nero DiscSpeed Help - (.Nero AG.) [HKLM] -- {CC019E3F-59D2-4486-8D4B-878105B62A71}
O42 - Logiciel: Nero DriveSpeed - (.Nero AG.) [HKLM] -- {33CF58F5-48D8-4575-83D6-96F574E4D83A}
O42 - Logiciel: Nero DriveSpeed Help - (.Nero AG.) [HKLM] -- {E5C7D048-F9B4-4219-B323-8BDB01A2563D}
O42 - Logiciel: Nero Express - (.Nero AG.) [HKLM] -- {6C3CF7AC-5AB0-42D9-93C0-68166A57AFB6}
O42 - Logiciel: Nero Express Help - (.Nero AG.) [HKLM] -- {83202942-84B3-4C50-8622-B8C0AA2D2885}
O42 - Logiciel: Nero InfoTool - (.Nero AG.) [HKLM] -- {FBCDFD61-7DCF-4E71-9226-873BA0053139}
O42 - Logiciel: Nero InfoTool Help - (.Nero AG.) [HKLM] -- {20400DBD-E6DB-45B8-9B6B-1DD7033818EC}
O42 - Logiciel: Nero Installer - (.Nero AG.) [HKLM] -- {E8A80433-302B-4FF1-815D-FCC8EAC482FF}
O42 - Logiciel: Nero Online Upgrade - (.Nero AG.) [HKLM] -- {C81A2FE0-3574-00A9-CED4-BDAA334CBE8E}
O42 - Logiciel: Nero RescueAgent - (.Nero AG.) [HKLM] -- {51E2F9B3-A972-4F58-B4EF-4D9676D9F5D1}
O42 - Logiciel: Nero StartSmart - (.Nero AG.) [HKLM] -- {7748AC8C-18E3-43BB-959B-088FAEA16FB2}
O42 - Logiciel: Nero StartSmart Help - (.Nero AG.) [HKLM] -- {2348B586-C9AE-46CE-936C-A68E9426E214}
O42 - Logiciel: NeroExpress - (.Nero AG.) [HKLM] -- {595A3116-40BB-4E0F-A2E8-D7951DA56270}
O42 - Logiciel: Norton Security Scan - (.Symantec Corporation.) [HKLM] -- NSS
O42 - Logiciel: Outil de téléchargement Windows Live - (.Microsoft Corporation.) [HKLM] -- {205C6BDD-7B73-42DE-8505-9A093F35A238}
O42 - Logiciel: Penguins! - (.WildTangent.) [HKLM] -- WT083958
O42 - Logiciel: Photo Service - powered by myphotobook - (.myphotobook GmbH.) [HKLM] -- eu.myphotobook.001F9DF2D0BAABEB11F42CCEE43224607B61109C.1
O42 - Logiciel: Photo Service - powered by myphotobook - (.myphotobook GmbH.) [HKLM] -- {9DA0961E-FCFE-EEF2-04AA-32631F7CEC9E}
O42 - Logiciel: Plants vs. Zombies - (.WildTangent.) [HKLM] -- WT083925
O42 - Logiciel: Polar Bowler - (.WildTangent.) [HKLM] -- WT083959
O42 - Logiciel: Realtek USB 2.0 Card Reader - (.Realtek Semiconductor Corp..) [HKLM] -- {96AE7E41-E34E-47D0-AC07-1091A8127911}
O42 - Logiciel: Realtek WLAN Driver - (.REALTEK Semiconductor Corp..) [HKLM] -- {9D3D8C60-A55F-4fed-B2B9-173001290E16}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB951550) - (.Microsoft.) [HKLM] -- {90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{B243E9A5-ED77-4F1B-B338-2486FD82DC85}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB951550) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{B243E9A5-ED77-4F1B-B338-2486FD82DC85}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB951944) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{797AE457-BA17-4BBC-B501-25FB3A0103C7}
O42 - Logiciel: Skype Toolbars - (.Skype Technologies S.A..) [HKLM] -- {981029E0-7FC9-4CF3-AB39-6F133621921A}
O42 - Logiciel: Skype(TM) 4.2 - (.Skype Technologies S.A..) [HKLM] -- {D103C4BA-F905-437A-8049-DB24763BBE36}
O42 - Logiciel: SpyHunter - (.Enigma Software Group USA, LLC.) [HKLM] -- {9EFA7323-47A0-48E2-8F77-35DB5EED500A}
O42 - Logiciel: TOSHIBA Bulletin Board - (.TOSHIBA Corporation.) [HKLM] -- InstallShield_{C14518AF-1A0F-4D39-8011-69BAA01CD380}
O42 - Logiciel: TOSHIBA ConfigFree - (.TOSHIBA Corporation.) [HKLM] -- {607BE7BF-7C28-4ADB-A4A0-385962B901C3}
O42 - Logiciel: TOSHIBA Face Recognition - (.TOSHIBA Corporation.) [HKLM] -- InstallShield_{F67FA545-D8E5-4209-86B1-AEE045D1003F}
O42 - Logiciel: TOSHIBA HDD/SSD Alert - (.TOSHIBA Corporation.) [HKLM] -- InstallShield_{D4322448-B6AF-4316-B859-D8A0E84DCB38}
O42 - Logiciel: TOSHIBA Hardware Setup - (.TOSHIBA Corporation.) [HKLM] -- {8E9CEA3B-EBD1-439C-A01D-830CB39613C6}
O42 - Logiciel: TOSHIBA Media Controller - (.TOSHIBA CORPORATION.) [HKLM] -- {983CD6FE-8320-4B80-A8F6-0D0366E0AA22}
O42 - Logiciel: TOSHIBA Media Controller Plug-in - (.TOSHIBA CORPORATION.) [HKLM] -- {F26FDF57-483E-42C8-A9C9-EEE1EDB256E0}
O42 - Logiciel: TOSHIBA Online Product Information - (.TOSHIBA.) [HKLM] -- {2290A680-4083-410A-ADCC-7092C67FC052}
O42 - Logiciel: TOSHIBA Recovery Media Creator Reminder - (.TOSHIBA.) [HKLM] -- InstallShield_{773970F1-5EBA-4474-ADEE-1EA3B0A59492}
O42 - Logiciel: TOSHIBA ReelTime - (.TOSHIBA Corporation.) [HKLM] -- InstallShield_{A0E99122-25C1-4CA4-9063-499A2A814EB6}
O42 - Logiciel: TOSHIBA Service Station - (.TOSHIBA.) [HKLM] -- {AC6569FA-6919-442A-8552-073BE69E247A}
O42 - Logiciel: TOSHIBA Supervisor Password - (.TOSHIBA Corporation.) [HKLM] -- {073B89C3-BA88-41B5-965F-B35A88EAE838}
O42 - Logiciel: TOSHIBA Value Added Package - (.TOSHIBA Corporation.) [HKLM] -- InstallShield_{066CFFF8-12BF-4390-A673-75F95EFF188E}
O42 - Logiciel: TOSHIBA Web Camera Application - (.TOSHIBA Corporation.) [HKLM] -- {5E6F6CF3-BACC-4144-868C-E14622C658F3}
O42 - Logiciel: TOSHIBA eco Utility - (.TOSHIBA Corporation.) [HKLM] -- InstallShield_{B3FF1CD9-B2F0-4D71-BB55-5F580401C48E}
O42 - Logiciel: TRORMCLauncher - (.Pas de propriétaire.) [HKLM] -- InstallShield_{E65C7D8E-186D-484B-BEA8-DEF0331CE600}
O42 - Logiciel: Toshiba Assist - (.TOSHIBA.) [HKLM] -- {1B87C40B-A60B-4EF3-9A68-706CF4B69978}
O42 - Logiciel: Toshiba Manuals - (.TOSHIBA.) [HKLM] -- {90FF4432-21B7-4AF6-BA6E-FB8C1FED9173}
O42 - Logiciel: Toshiba TEMPRO - (.Toshiba Europe GmbH.) [HKLM] -- {2B000B80-A3FA-4B92-A5FF-D9AD402B6701}
O42 - Logiciel: Update for 2007 Microsoft Office System (KB967642) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}
O42 - Logiciel: Update for Microsoft Office Word 2007 (KB974631) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{1D53FB73-9826-4541-B2E0-A239C6EBA718}
O42 - Logiciel: Update for Microsoft Office Word 2007 (KB974631) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{34726474-50D6-49FC-B8AC-35411459D27A}
O42 - Logiciel: Update for Office System 2007 Setup (KB929722) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{D8E9BEBD-655F-467D-8176-CA9959C140A3}
O42 - Logiciel: WildTangent ORB Game Console - (.WildTangent.) [HKLM] -- TOSHIBA Game Console
O42 - Logiciel: Windows Live Call - (.Microsoft Corporation.) [HKLM] -- {82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}
O42 - Logiciel: Windows Live Communications Platform - (.Microsoft Corporation.) [HKLM] -- {3B4E636E-9D65-4D67-BA61-189800823F52}
O42 - Logiciel: Windows Live FolderShare - (.Microsoft Corporation.) [HKLM] -- {2075CB0A-D26F-4DAA-B424-5079296B43BA}
O42 - Logiciel: Windows Live Mail - (.Microsoft Corporation.) [HKLM] -- {5DD76286-9BE7-4894-A990-E905E91AC818}
O42 - Logiciel: Windows Live Messenger - (.Microsoft Corporation.) [HKLM] -- {770F1BEC-2871-4E70-B837-FB8525FFA3B1}
O42 - Logiciel: Windows Live Movie Maker - (.Microsoft Corporation.) [HKLM] -- {53B20C18-D8D4-4588-8737-9BBFE303C354}
O42 - Logiciel: Windows Live Writer - (.Microsoft Corporation.) [HKLM] -- {4634B21A-CC07-4396-890C-2B8168661FEA}
O42 - Logiciel: Zuma Deluxe - (.WildTangent.) [HKLM] -- WT083890
O42 - Logiciel: neroxml - (.Nero AG.) [HKLM] -- {56C049BE-79E9-4502-BEA7-9754A3E60F9B}

---\\ HKCU & HKLM Software Keys
[HKCU\Software\ATI]
[HKCU\Software\Adobe]
[HKCU\Software\AppDataLow\Software\Adobe]
[HKCU\Software\AppDataLow\Software\Macromedia]
[HKCU\Software\AppDataLow\Software\Microsoft]
[HKCU\Software\AppDataLow\Software]
[HKCU\Software\AppDataLow]
[HKCU\Software\BBL]
[HKCU\Software\Classes]
[HKCU\Software\Clients]
[HKCU\Software\FIXIO PC Utilities]
[HKCU\Software\Google]
[HKCU\Software\IM Providers]
[HKCU\Software\JavaSoft]
[HKCU\Software\Macromedia]
[HKCU\Software\Malwarebytes' Anti-Malware]
[HKCU\Software\McAfee]
[HKCU\Software\Nero]
[HKCU\Software\Netscape]
[HKCU\Software\ODBC]
[HKCU\Software\Policies]
[HKCU\Software\Skype]
[HKCU\Software\Softonic]
[HKCU\Software\Synaptics]
[HKCU\Software\TOSHIBA]
[HKCU\Software\Wow6432Node]
[HKCU\Software\roxio]
[HKLM\Software\ATI Technologies]
[HKLM\Software\ATI]
[HKLM\Software\Adobe]
[HKLM\Software\AppDataLow]
[HKLM\Software\Atheros Communications Inc.]
[HKLM\Software\Audible]
[HKLM\Software\Classes]
[HKLM\Software\Clients]
[HKLM\Software\Digital River]
[HKLM\Software\EnigmaSoftwareGroup]
[HKLM\Software\Google]
[HKLM\Software\Intel]
[HKLM\Software\JavaSoft]
[HKLM\Software\Macromedia]
[HKLM\Software\Malwarebytes' Anti-Malware]
[HKLM\Software\McAfee.com]
[HKLM\Software\McAfeeInstaller]
[HKLM\Software\McAfee]
[HKLM\Software\MozillaPlugins]
[HKLM\Software\Mozilla]
[HKLM\Software\Nero]
[HKLM\Software\Norton]
[HKLM\Software\ODBC]
[HKLM\Software\Policies]
[HKLM\Software\Realtek Semiconductor Corp.]
[HKLM\Software\RegisteredApplications]
[HKLM\Software\RtWLan]
[HKLM\Software\SiteAdvisor]
[HKLM\Software\Skype]
[HKLM\Software\Symantec]
[HKLM\Software\TOSHIBA Corporation]
[HKLM\Software\TOSHIBA]
[HKLM\Software\TeamViewer]
[HKLM\Software\Uniblue]
[HKLM\Software\WildTangent]
[HKLM\Software\mcafeeupdater]


---\\ Contenu des dossiers ProgramFiles/ProgramData (O43)
O43 - CFD:Common File Directory ----D- C:\Program Files\ATI
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files
O43 - CFD:Common File Directory ----D- C:\Program Files\CONEXANT
O43 - CFD:Common File Directory ----D- C:\Program Files\DVD Maker
O43 - CFD:Common File Directory -SH-D- C:\Program Files\Fichiers communs
O43 - CFD:Common File Directory ----D- C:\Program Files\Google
O43 - CFD:Common File Directory ----D- C:\Program Files\Internet Explorer
O43 - CFD:Common File Directory ----D- C:\Program Files\mcafee
O43 - CFD:Common File Directory ----D- C:\Program Files\mcafee.com
O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft Games
O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft Office
O43 - CFD:Common File Directory ----D- C:\Program Files\MSBuild
O43 - CFD:Common File Directory ----D- C:\Program Files\PlayReady
O43 - CFD:Common File Directory ----D- C:\Program Files\Reference Assemblies
O43 - CFD:Common File Directory ----D- C:\Program Files\Synaptics
O43 - CFD:Common File Directory ----D- C:\Program Files\TOSHIBA
O43 - CFD:Common File Directory --H-D- C:\Program Files\Uninstall Information
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Defender
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Journal
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Mail
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Media Player
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows NT
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Photo Viewer
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Portable Devices
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Sidebar
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\mcafee
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Microsoft Shared
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Services
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\SpeechEngines
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\System
O43 - CFD:Common File Directory ----D- C:\ProgramData\Adobe
O43 - CFD:Common File Directory -SH-D- C:\ProgramData\Application Data
O43 - CFD:Common File Directory ----D- C:\ProgramData\ATI
O43 - CFD:Common File Directory -SH-D- C:\ProgramData\Bureau
O43 - CFD:Common File Directory -SH-D- C:\ProgramData\Desktop
O43 - CFD:Common File Directory -SH-D- C:\ProgramData\Documents
O43 - CFD:Common File Directory -SH-D- C:\ProgramData\Favoris
O43 - CFD:Common File Directory -SH-D- C:\ProgramData\Favorites
O43 - CFD:Common File Directory ----D- C:\ProgramData\Google
O43 - CFD:Common File Directory ----D- C:\ProgramData\Malwarebytes
O43 - CFD:Common File Directory ----D- C:\ProgramData\McAfee
O43 - CFD:Common File Directory ----D- C:\ProgramData\McAfee Security Scan
O43 - CFD:Common File Directory -SH-D- C:\ProgramData\Menu Démarrer
O43 - CFD:Common File Directory -S--D- C:\ProgramData\Microsoft
O43 - CFD:Common File Directory ----D- C:\ProgramData\Microsoft Help
O43 - CFD:Common File Directory -SH-D- C:\ProgramData\Modèles
O43 - CFD:Common File Directory ----D- C:\ProgramData\Nero
O43 - CFD:Common File Directory ----D- C:\ProgramData\Norton
O43 - CFD:Common File Directory ----D- C:\ProgramData\NortonInstaller
O43 - CFD:Common File Directory ----D- C:\ProgramData\Skype
O43 - CFD:Common File Directory -SH-D- C:\ProgramData\Start Menu
O43 - CFD:Common File Directory ----D- C:\ProgramData\Symantec
O43 - CFD:Common File Directory -SH-D- C:\ProgramData\Templates
O43 - CFD:Common File Directory ----D- C:\ProgramData\TOSHIBA
O43 - CFD:Common File Directory ----D- C:\ProgramData\ToshibaEurope
O43 - CFD:Common File Directory ----D- C:\ProgramData\WildTangent
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\mcafee
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Microsoft Shared
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Services
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\SpeechEngines
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\System
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Adobe
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\ATI Technologies
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Common Files
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Enigma Software Group
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\FIXIO PC Utilities
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Google
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\ING
O43 - CFD:Common File Directory --H-D- C:\Program Files (x86)\InstallShield Installation Information
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Internet Explorer
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Java
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Malwarebytes' Anti-Malware
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\McAfee
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\McAfee Security Scan
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\mcafee.com
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Microsoft
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Microsoft Office
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Microsoft Office Suite Activation Assistant
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Microsoft Silverlight
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Microsoft Works
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Microsoft.NET
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\MSBuild
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\MSXML 4.0
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Nero
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Norton Security Scan
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\NortonInstaller
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Photo-Service
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Realtek
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Realtek WLAN Driver
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Reference Assemblies
O43 - CFD:Common File Directory R---D- C:\Program Files (x86)\Skype
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\TOSHIBA
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\TOSHIBA Games
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Toshiba TEMPRO
O43 - CFD:Common File Directory --H-D- C:\Program Files (x86)\Uninstall Information
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Windows Defender
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Windows Live
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Windows Live SkyDrive
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Windows Mail
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Windows Media Player
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Windows NT
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Windows Photo Viewer
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Windows Portable Devices
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Windows Sidebar
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\ZHPDiag
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Common Files\Adobe
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Common Files\Adobe AIR
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Common Files\DESIGNER
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Common Files\InstallShield
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Common Files\mcafee
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Common Files\microsoft shared
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Common Files\Nero
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Common Files\Services
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Common Files\Skype
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Common Files\SpeechEngines
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Common Files\System
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Common Files\Windows Live
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Common Files\Wise Installation Wizard


---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.0F7A61D2F9E92E9288AF0DDD3AB199FC] - 06/11/2010 - 11:26:58 --HA- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [16080]
O44 - LFC:[MD5.0F7A61D2F9E92E9288AF0DDD3AB199FC] - 06/11/2010 - 11:26:58 --HA- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [16080]
O44 - LFC:[MD5.1DFC341745875947B748514FFB783140] - 06/11/2010 - 11:18:37 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\setupact.log [40827]
O44 - LFC:[MD5.45202B4A9068DB03989549DBD32EDBD6] - 06/11/2010 - 11:18:35 -S-A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\bootstat.dat [67584]
O44 - LFC:[MD5.443456A733B5C74C30CDDD3618867AFE] - 06/11/2010 - 10:09:27 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\PFRO.log [27750]
O44 - LFC:[MD5.58A12AFE1F5D1AB033A7DA46744F48DA] - 04/11/2010 - 16:16:55 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\win.ini [720]
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 04/11/2010 - 14:33:36 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\autoexec.bat [0]
O44 - LFC:[MD5.2E8C08513D0222394F52EBA57AF663A9] - 03/11/2010 - 22:57:40 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\WindowsUpdate.log [1596904]
O44 - LFC:[MD5.B365A3FA489E9E19541AE449113CAFB0] - 03/11/2010 - 14:17:54 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\SysNative\PerfStringBackup.INI [1524562]
O44 - LFC:[MD5.C6F145E3793460A56028E54B6A084431] - 03/11/2010 - 14:17:54 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\SysNative\perfc009.dat [103568]
O44 - LFC:[MD5.0D4607DA081946EDD91C2D0431E232BD] - 03/11/2010 - 14:17:54 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\SysNative\perfc00C.dat [127684]
O44 - LFC:[MD5.08CE9D1E38ABB5E24C9B53ABFE5D454F] - 03/11/2010 - 14:17:54 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\SysNative\perfh009.dat [607190]
O44 - LFC:[MD5.8062FB9A9A3B257B1DA8122828C5823E] - 03/11/2010 - 14:17:54 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\SysNative\perfh00C.dat [695004]
O44 - LFC:[MD5.5A2C345F46FA4C1C77F3E89A8D276540] - 14/10/2010 - 20:21:04 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\SysNative\FNTCACHE.DAT [338032]


---\\ Déni du service (Local Security Authority) (LSA) (O48)
O48 - LSA:Local Security Authority Authentication Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll
O48 - LSA:Local Security Authority Notification Packages . (.Microsoft Corporation - Moteur du client de l'Éditeur de configuration de sécurité Windows.) -- C:\Windows\System32\scecli.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll


---\\ Trojan Driver Search Data (HKLM)(TDSD) (O52)
O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\Windows\SysWOW64\l3codeca.acm" . (.Pas de propriétaire - Pas de description.) -- (.not file.)
O52 - TDSD: \Drivers32\"vidc.cvid"="iccvid.dll" . (.Radius Inc. - Codec Cinepak®.) -- C:\Windows\System32\iccvid.dll
O52 - TDSD: \drivers.desc\"C:\Windows\SysWOW64\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Pas de propriétaire - Pas de description.) -- (.not file.)


---\\ Microsoft Control Security Providers (MCSP) (O54)
O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\system32\credssp.dll
O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\system32\credssp.dll


---\\ Microsoft Windows Policies System (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=0
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=3
O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1
O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=0
O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0
O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=
O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0
O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLinkedConnections"=1


---\\ Microsoft Windows Policies Explorer (MWPE) (O56)
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktop"=1
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1
O56 - MWPE:[HKLM\...\policies\Explorer] - "ForceActiveDesktopOn"=0


---\\ Liste des Drivers Système (SDL) (O58)
O58 - SDL:[MD5.2F6B34B83843F0C5118B63AC634F5BF4] - 14/07/2009 - 02:52:21 ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\system32\drivers\adp94xx.sys
O58 - SDL:[MD5.597F78224EE9224EA1A13D6350CED962] - 14/07/2009 - 02:52:21 ---A- . (.Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) -- C:\Windows\system32\drivers\adpahci.sys
O58 - SDL:[MD5.E109549C90F62FB570B9540C4B148E54] - 14/07/2009 - 02:52:21 ---A- . (.Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver (X64).) -- C:\Windows\system32\drivers\adpu320.sys
O58 - SDL:[MD5.5812713A477A3AD7363C7438CA2EE038] - 14/07/2009 - 02:52:21 ---A- . (.Acer Laboratories Inc. - ALi mini IDE Driver.) -- C:\Windows\system32\drivers\aliide.sys
O58 - SDL:[MD5.7A4B413614C055935567CF88A9734D38] - 14/07/2009 - 02:52:21 ---A- . (.Advanced Micro Devices - AHCI 1.2 Device Driver.) -- C:\Windows\system32\drivers\amdsata.sys
O58 - SDL:[MD5.F67F933E79241ED32FF46A4F29B5120B] - 14/07/2009 - 02:52:20 ---A- . (.AMD Technologies Inc. - AMD Technology AHCI Compatible Controller Driver for Windows -.) -- C:\Windows\system32\drivers\amdsbs.sys
O58 - SDL:[MD5.B4AD0CACBAB298671DD6F6EF7E20679D] - 14/07/2009 - 02:52:21 ---A- . (.Advanced Micro Devices - Storage Filter Driver.) -- C:\Windows\system32\drivers\amdxata.sys
O58 - SDL:[MD5.C484F8CEB1717C540242531DB7845C4E] - 14/07/2009 - 02:52:21 ---A- . (.Adaptec, Inc. - Adaptec RAID Storport Driver.) -- C:\Windows\system32\drivers\arc.sys
O58 - SDL:[MD5.019AF6924AEFE7839F61C830227FE79C] - 14/07/2009 - 02:52:21 ---A- . (.Adaptec, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\Windows\system32\drivers\arcsas.sys
O58 - SDL:[MD5.E857EEE6B92AAA473EBB3465ADD8F7E7] - 20/
0
Réponse 7 / 14
jas
6 nov. 2010 à 12:56
salut
je ne sais pas si le virus est vraiment partit ou pas mais ca fait 10 minutes que je n'ai plus d'alertes ni d'autres problèmes
j'arrive pas à y croire
merci beaucoup pour cette précieuse aide
0
Réponse 8 / 14
jas
6 nov. 2010 à 13:04
salut
le virus a l'air d'être bien partit c chouette
tu pourrais me dire comment se proteger des virus sans trop payer bien sur

encore et encore merci
0
Réponse 9 / 14
jlpjlp Messages postés 51580 Date d'inscription vendredi 18 mai 2007 Statut Contributeur sécurité Dernière intervention 3 mai 2022 5 040
6 nov. 2010 à 13:55
fais passer le rapport via le site ci joint

Rend toi sur Cjoint : http://www.cijoint.fr/

Clique sur "Parcourir " dans la partie " Joindre un fichier[...] "

Sélectionne le rapport ZHPdiag.txt qui se trouve sur ton bureau

Clique ensuite sur "Cliquez ici pour déposer le fichier " et copie/colle le lien dans ton prochain message
0
Réponse 10 / 14
jas
6 nov. 2010 à 17:20
je n'arrive pas a deposer le fichier
il dit vs n avez pas choisi de fichier


en fait pq t as besoin du rapport car le probleme est resolu
à plus
0
Réponse 11 / 14
jlpjlp Messages postés 51580 Date d'inscription vendredi 18 mai 2007 Statut Contributeur sécurité Dernière intervention 3 mai 2022 5 040
6 nov. 2010 à 18:40
c'est pour être sûr qu'il ne reste rien

sinon :



Télécharge OTL de OLDTimer ici :

http://www.geekstogo.com/forum/files/file/398-otl-oldtimers-list-it/

et enregistre le sur ton Bureau.

Double clic sur OTL.exe pour le lancer.

Coche les 2 cases Lop et Purity

Coche la case devant "scan all users"

Clic sur Run Scan.

A la fin du scan, le Bloc-Notes va s'ouvrir avec le rapport (OTL.txt).

Ce fichier est sur ton Bureau (en général C:\Documents and settings\le_nom_de_ta_session\OTL.txt)


Pour me le transmettre clique sur ce lien :

http://www.cijoint.fr/

Clique sur Parcourir et cherche le fichier ci-dessus.

Clique sur Ouvrir.

Clique sur "Cliquez ici pour déposer le fichier".

Un lien de cette forme :

http://www.cijoint.fr/cjlink.php?file=cj200905/cijSKAP5fU.txt

est ajouté dans la page.

Copie ce lien dans ta réponse.
0
Réponse 12 / 14
jas
9 nov. 2010 à 17:31
salut
desole pr cette abscence
je n'arrive à telecharger OTL reponse
OTLne peut se telecharger à partir d'un dossier temporaire le faire sur bureau ou (j'ai oublié la 2eme option)

à plus
0
Réponse 13 / 14
jlpjlp Messages postés 51580 Date d'inscription vendredi 18 mai 2007 Statut Contributeur sécurité Dernière intervention 3 mai 2022 5 040
9 nov. 2010 à 17:59
il faut pas l'executer de suite mais enregistrer le logiciel sur le bureau puis le lancer depuis le fichier téléchargé sur ton bureau

a plus
0
Réponse 14 / 14
toure522 Messages postés 13 Date d'inscription samedi 5 décembre 2009 Statut Membre Dernière intervention 4 janvier 2011
5 nov. 2010 à 12:28
telecharge revo uninstalleur installe le enuiste cherche l antivirus et desinstalle le

il se trouve ici https://revo-uninstaller-portable.fr.softonic.com/
-1