Sujet Précédent Sujet Suivant

Mon histoire de virus

Fermé
Utilisateur anonyme - 12 oct. 2012 à 21:41
jacques.gache Messages postés 33453 Date d'inscription mardi 13 novembre 2007 Statut Contributeur sécurité Dernière intervention 25 janvier 2016 - 13 oct. 2012 à 20:59
Bonjour,

J'ai depuis longtemps un problème de PC !
Disons qu'il se met à cliqué tout seul et des fois sur n'importe quoi et aussi lors ce que j'écrit des textes , imaginons que j'écris un texte.Ensuite la barre d'écriture va bouger pour se mettre à un endroit que je ne voulait pas quelle soit ou des fois , il prend le texte et le prend en copier coller en gr
as ! En gros je sais très bien que c'est un virus qui m'attaque,mais je ne parvient pas à le supprimer ! J'ai déjà fait des scans avec des anti -virus ! Mais je n'arrive pas à les supprimer ! Enfaite , je trouve que ces virus sous Avast et mon scan à été créer par moi meme qui scan tout types de fichiers ou autres types ... ... ...

Bref,je recherche quelqu'un d'aimable pour m'aider à supprimer ces virus qui me gachent ma vie de GEEK ! :/
Merci d'avoir lu mon message et d'y répondre surtout ! x) Aller A+ ! :D

REPONDEZ S'IL VOUS PLAIT ! :/

1 réponse

Réponse 1 / 1
jacques.gache Messages postés 33453 Date d'inscription mardi 13 novembre 2007 Statut Contributeur sécurité Dernière intervention 25 janvier 2016 1 616
12 oct. 2012 à 21:46
bonjour, pourrais tu nous poster un diagnostique avec un zhpdiag , merci

Ouvre ce lien et télécharge ZHPDiag :

https://www.zebulon.fr/telechargements/securite/systeme/zhpdiag.html

cliques sur télécharger "celui du bas"

ou directement ici: ftp://zebulon.fr/ZHPDiag2.exe



Enregistres le sur ton Bureau.

Une fois le téléchargement achevé

pour XP, double-clique sur ZHPDiag

pour Vista,et seven tu fais un clic droit sur l'icône et exécute en tant qu'administrateur.

N'oublies pas de cocher la case qui permet de mettre un raccourci sur le Bureau.

/|\ l'outil a créé 2 icônes ZHPDiag et ZHPFix.

Double cliques sur le raccourci ZHPDiag sur ton Bureau pour XP sinon clique droit et en tant que administrateur !!

Cliques sur la loupe pour lancer l'analyse.

si tu as un message te demandant la validation pour SIGCHECK acceptes avec OK cela est pour nous faire un rapport plus complet et pouvoir en faire une lecture plus approfondis

Laisses l'outil travailler, il peut être assez long

A la fin de l'analyse,clique sur l'appareil photo et enregistre le rapport sur ton Bureau.


Fermes ZHPDiag en fin d'analyse.


Pour me le transmettre clique sur ce lien :

https://www.cjoint.com/


Clique sur Parcourir et cherche le fichier C:\Documents and settings\le_nom_de_ta_session\bureau\.ZHPDiag.txt

ou directement en choisissant bureau et ZHPDiag.txt clique dessus

Clique sur Ouvrir.

Clique sur "Cliquez ici pour déposer le fichier".

Un lien de cette forme :

http://www.cijoint.fr/cjlink.php?file=cj200905/cib7SU.txt

est ajouté dans la page.

Copie ce lien dans ta réponse.


et si problème passe par celui ci : http://threat-rc.com/
ou
http://pjjoint.malekal.com/
0
Utilisateur anonyme
13 oct. 2012 à 18:48
Bonjour ,
Merci je vais essayer ce que tu m'a dit et j'espère que sa va marcher ! :D
0
jacques.gache Messages postés 33453 Date d'inscription mardi 13 novembre 2007 Statut Contributeur sécurité Dernière intervention 25 janvier 2016 1 616
13 oct. 2012 à 19:08
bonjour, postes le rapport de zhpdiag comme expliqué afin que nous puissions le lire et voire se qui est pas bon sur le pc et te guider pour utiliser les outils les plus approprié !!
0
Utilisateur anonyme
13 oct. 2012 à 19:12
Je l'ai ensuite enregistrer depuis le bloc-notes !
Voici le résultat , pareil que l'autre , il est très long :

Rapport de ZHPDiag v1.31.28 par Nicolas Coolman, Update du 30/09/2012
Run by Vincent at 13/10/2012 19:06:07
Web site : http://nicolascoolman.skyrock.com/
State : Version à jour.
UAC : Deactivate by program


---\\ Web Browser
MSIE: Internet Explorer v9.0.8112.16421
GCIE: Google Chrome v22.0.1229.94 (Defaut)

---\\ Windows Product Information
~ Langage: Français
Windows 7 Home Premium Edition, 64-bit Service Pack 1 (Build 7601)
Windows Server License Manager Script : OK
~ Windows(R) 7, OEM_SLP channel
System Locked Preinstallation (OEM_SLP) : OK
Windows ID Activation : OK
~ Windows Partial Key : BWX77
Windows License : OK
~ Windows Remaining Initializations Number : 3
Software Protection Service (Protection logicielle) : KO
Windows Automatic Updates : OK
Windows Activation Technologies : OK

---\\ System Information
~ Processor: Intel64 Family 6 Model 37 Stepping 5, GenuineIntel
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 3890 MB (50% free)
System Restore: Activé (Enable)
System drive C: has 272 GB (91%) free of 298 GB

---\\ Logged in mode
~ Computer Name: VINCENT-TOSH
~ User Name: Vincent
~ All Users Names: Vincent, Administrateur,
~ Unselected Option: O45,O61,O62,O65,O66,O80,O82,O89
Logged in as Administrator

---\\ Environnement Variables
~ System Unit : C:\
~ %AppData% : C:\Users\Vincent\AppData\Roaming\
~ %Desktop% : C:\Users\Vincent\Desktop\
~ %Favorites% : C:\Users\Vincent\Favorites\
~ %LocalAppData% : C:\Users\Vincent\AppData\Local\
~ %StartMenu% : C:\Users\Vincent\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ DOS/Devices
C:\ Hard drive, Flash drive, Thumb drive (Free 272 Go of 298 Go)
D:\ Hard drive, Flash drive, Thumb drive (Free 289 Go of 298 Go)
E:\ CD-ROM drive (Not Inserted)



---\\ Security Center & Tools Informations
~ UAC deactivate by user
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : OK
~ Scan Security Center in 00mn 00s



---\\ Recherche particulière de fichiers génériques
[MD5.332FEAB1435662FC6C672E25BEB37BE3] - (.Microsoft Corporation - Explorateur Windows.) (.25/02/2011 - 07:19:30.) -- C:\Windows\Explorer.exe [2871808]
[MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Application de démarrage de Windows.) (.14/07/2009 - 02:39:52.) -- C:\Windows\System32\Wininit.exe [129024]
[MD5.3D165C53E40236A68B7102D1A622D4E0] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.24/08/2012 - 11:21:18.) -- C:\Windows\System32\wininet.dll [1392128]
[MD5.1151B1BAA6F350B1DB6598E0FEA7C457] - (.Microsoft Corporation - Application d'ouverture de session Windows.) (.21/11/2010 - 04:24:29.) -- C:\Windows\System32\Winlogon.exe [390656]
[MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Bibliothèque de licences.) (.21/11/2010 - 04:24:16.) -- C:\Windows\System32\sppcomapi.dll [232448]
[MD5.1C7857B62DE5994A75B054A9FD4C3825] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.28/12/2011 - 04:59:24.) -- C:\Windows\system32\Drivers\AFD.sys [498688]
[MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 - 02:52:21.) -- C:\Windows\system32\Drivers\atapi.sys [24128]
[MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.14/07/2009 - 00:19:47.) -- C:\Windows\system32\Drivers\Cdfs.sys [92160]
[MD5.F036CE71586E93D94DAB220D7BDF4416] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.21/11/2010 - 04:23:47.) -- C:\Windows\system32\Drivers\Cdrom.sys [147456]
[MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.21/11/2010 - 04:24:32.) -- C:\Windows\system32\Drivers\DfsC.sys [102400]
[MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.21/11/2010 - 04:23:47.) -- C:\Windows\system32\Drivers\HDAudBus.sys [122368]
[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Pilote de port i8042.) (.14/07/2009 - 00:19:57.) -- C:\Windows\system32\Drivers\i8042prt.sys [105472]
[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.14/07/2009 - 01:10:03.) -- C:\Windows\system32\Drivers\IpNat.sys [116224]
[MD5.A5D9106A73DC88564C825D317CAC68AC] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.27/04/2011 - 03:40:40.) -- C:\Windows\system32\Drivers\MRxSmb.sys [158208]
[MD5.09594D1089C523423B32A4229263F068] - (.Microsoft Corporation - MBT Transport driver.) (.21/11/2010 - 04:23:51.) -- C:\Windows\system32\Drivers\netBT.sys [261632]
[MD5.E453ACF4E7D44E5530B5D5F2B9CA8563] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.31/08/2012 - 19:19:35.) -- C:\Windows\system32\Drivers\ntfs.sys [1659760]
[MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Pilote de port parallèle.) (.14/07/2009 - 01:00:41.) -- C:\Windows\system32\Drivers\Parport.sys [97280]
[MD5.471815800AE33E6F1C32FB1B97C490CA] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.21/11/2010 - 04:24:33.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [129536]
[MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.14/07/2009 - 01:09:09.) -- C:\Windows\system32\Drivers\smb.sys [93184]
[MD5.DDAD5A7AB24D8B65F8D724F5C20FD806] - (.Microsoft Corporation - TDI Translation Driver.) (.21/11/2010 - 04:24:32.) -- C:\Windows\system32\Drivers\tdx.sys [119296]
[MD5.0D08D2F3B3FF84E433346669B5E0F639] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.21/11/2010 - 04:23:47.) -- C:\Windows\system32\Drivers\volsnap.sys [295808]
~ Scan Generic Processes in 00mn 00s



---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 1/4
Mes musiques (My Musics) : 7/7 (Modified)
~ Mes Favoris (My Favorites) : 1/19
~ Mes Documents (My Documents) : 1/128
~ Mon Bureau (My Desktop) : 1/4
~ Menu demarrer (Programs) : 1/26
~ Scan Hidden Files in 00mn 00s



---\\ Processus lancés
[MD5.BAD0D303EF0A519409C625738F3E10A3] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe [4282728] [PID.3264]
[MD5.97A1AFD42B8016D132C7BF38C955C6E1] - (.TOSHIBA CORPORATION - ConfigFree Task Tray Menu.) -- C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe [304560] [PID.4256]
[MD5.8A07221789D46B2EA7DFCA2BC807572A] - (.TOSHIBA CORPORATION - ConfigFree Switch Manager Process.) -- C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe [62848] [PID.4420]
[MD5.22CC6CDBA678790046693654C3B212E4] - (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe [748680] [PID.4084]
[MD5.8709C95E4EC55378D5BF27F02B0ED5A5] - (.Adobe Systems Incorporated - Adobe® Flash® Player Installer/Uninstaller.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_4_402_287_ActiveX.exe [692152] [PID.2980]
[MD5.D75701A71A355EC8AC95CAC38ED7F725] - (.Guillaume Ryder (http://utilfr42.free.fr) - Clavier+.) -- C:\Users\Vincent\AppData\Local\Clavier+\Clavier.exe [101888] [PID.3284]
[MD5.848D034D067BE2FF5CD3D779BECBDA00] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1239064] [PID.3600]
[MD5.41D0F8FD52CA4B98D21F9D137F0F5FF9] - (...) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [3769856] [PID.4660]
~ Scan Processes Running in 00mn 01s



---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
C:\Users\Vincent\AppData\Local\Google\Chrome\User Data\Default\Preferences
G0 - GCSP: Preference [User Data\Default][HomePage] http://search.conduit.com
G0 - GCSP: Preference [User Data\Default] https://www.google.fr/?gws_rd=ssl
G1 - GCS: Preference [User Data\Default] None
~ Scan Google Browser in 00mn 00s



---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
C:\Users\Vincent\AppData\Roaming\Mozilla\Firefox\Profiles\8q5vouh9.default\prefs.js (.not file.)
C:\Users\Vincent\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\prefs.js (.not file.)
C:\Users\Vincent\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\user.js
M3 - MFPP: Plugins - [Vincent] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\avg-secure-search.xml
M3 - MFPP: Plugins - [Vincent] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\glarysearch.xml
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (...) -- C:\Windows\system32\Macromed\Flash\NPSWF64_11_4_402_287.dll
P2 - FPN: [HKLM] [@java.com/DTPlugin,version=10.7.2] - (.Sun Microsystems, Inc. - NPRuntime Script Plug-in Library for Java(TM) Deploy.) -- C:\Windows\system32\npDeployJava1.dll
~ Scan Firefox Browser in 00mn 00s



---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.microsoft.com/fr-fr/
R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://isearch.glarysoft.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = https://www.microsoft.com/fr-fr/
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs,Tabs = http://isearch.glarysoft.com
R3 - URLSearchHook: (no name) [64Bits] - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Sun Microsystems, Inc. - NPRuntime Script Plug-in Library for Java(TM) Deploy.) (No version) -- (.not file.)
R3 - URLSearchHook: (no name) [64Bits] - {19803860-b306-423c-bbb5-f60a7d82cde5} . (.Sun Microsystems, Inc. - NPRuntime Script Plug-in Library for Java(TM) Deploy.) (No version) -- (.not file.)
R3 - URLSearchHook: (no name) [64Bits] - {09a07b02-f491-4b6b-bfc9-684a624f4f3b} . (.Sun Microsystems, Inc. - NPRuntime Script Plug-in Library for Java(TM) Deploy.) (No version) -- (.not file.)
R3 - URLSearchHook: (no name) [64Bits] - {8e5025c2-8ea3-430d-80b8-a14151068a6d} . (.Sun Microsystems, Inc. - NPRuntime Script Plug-in Library for Java(TM) Deploy.) (No version) -- (.not file.)
R4 - HKLM\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 1
R4 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 1
~ Scan IE Browser in 00mn 00s



---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Scan Proxy management in 00mn 00s



---\\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2)
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Scan Keys in 00mn 00s



---\\ Redirection du fichier Hosts (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Scan Hosts File in 00mn 00s
~ Nombre de lignes (Lines number): 21



---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: (no name) [64Bits] - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} Clé orpheline
O2 - BHO: (no name) [64Bits] - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} Clé orpheline
O2 - BHO: (no name) [64Bits] - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} Clé orpheline
O2 - BHO: (no name) [64Bits] - {9030D464-4C02-4ABF-8ECC-5164760863C6} Clé orpheline
O2 - BHO: (no name) [64Bits] - {A7AF277D-1466-4A7B-93AF-B043984A5671} Clé orpheline
O2 - BHO: (no name) [64Bits] - {DBC80044-A445-435b-BC74-9C25C1C588A9} Clé orpheline
O2 - BHO: (no name) [64Bits] - {F3C88694-EFFA-4d78-B409-54B7B2535B14} Clé orpheline
~ Scan BHO in 00mn 00s



---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: (no name) [64Bits] - [HKLM]{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} . (...) -- (.not file.)
~ Scan Toolbar in 00mn 00s



---\\ Applications démarrées par registre & par dossier (O4)
O4 - HKLM\..\Run: [Toshiba TEMPRO] . (.Toshiba Europe GmbH - Toshiba TEMPRO.) -- C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe
O4 - HKLM\..\Run: [00TCrdMain] C:\Program Files (x86)\TOSHIBA\FlashCards\TCrdMain.exe (.not file.)
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe (.not file.)
O4 - HKLM\..\Run: [TosSENotify] . (.TOSHIBA Corporation - Pas de description.) -- C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe
O4 - HKLM\..\Run: [TosVolRegulator] . (.TOSHIBA Corporation - Toshiba Volume Regulator.) -- C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe
O4 - HKLM\..\Run: [Toshiba Registration] . (.Toshiba Europe GmbH - Toshiba Notebook Registration Reminder.) -- C:\Program Files\TOSHIBA\Registration\ToshibaReminder.exe
O4 - HKCU\..\Run: [msnmsgr] . (.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
O4 - HKLM\..\Wow6432Node\Run: [ToshibaServiceStation] . (.TOSHIBA Corporation - TOSHIBA Service Station.) -- C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe
O4 - HKLM\..\Wow6432Node\Run: [avast] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\avastUI.exe
O4 - HKLM\..\Wow6432Node\Run: [NBAgent] . (.Nero AG - Nero BackItUp.) -- c:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe
O4 - HKUS\S-1-5-18\..\Run: [TOPI.EXE] . (.TOSHIBA - TOSHIBA Online Product Information.) -- C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe
O4 - HKUS\S-1-5-18\..\Run: [TOPI.EXE] . (.TOSHIBA - TOSHIBA Online Product Information.) -- C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe
O4 - HKUS\S-1-5-21-1604864879-4231907302-2931773222-1000\..\Run: [msnmsgr] . (.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
~ Scan Application in 00mn 00s



---\\ Autres liens utilisateurs (O4)
O4 - Global Startup: C:\Users\Vincent\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\Vincent\Desktop\Clavier+.lnk . (.Guillaume Ryder (http://utilfr42.free.fr).) -- C:\Users\Vincent\AppData\Local\Clavier+\Clavier.exe
O4 - Global Startup: C:\Users\Vincent\Desktop\Google Chrome.lnk . (.Google Inc..) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O4 - Global Startup: C:\Users\Vincent\Desktop\Internet Explorer.lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\Vincent\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe
~ Scan Global Startup in 00mn 00s



---\\ Invisibilité de l'icône d'options IE dans le panneau de Configuration (O5)
O5 - control.ini: [HKLM\..\Control Panel] inetcpl.cpl=no
~ Scan IE Control Panel in 00mn 00s



---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: @C:\Program Files\TOSHIBA\BulletinBoard\TosNcUi.dll,-228 [64Bits] - {97F922BD-8563-4184-87EE-8C4ACA438823} . (...) -- C:\Program Files\TOSHIBA\BulletinBoard\images\pin.ico
~ Scan IE Extra Buttons in 00mn 00s



---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d'affectation de noms de messagerie.) -- C:\Windows\system32\napinsp.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur d'espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur d'espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\Windows\system32\mswsock.dll
O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll
O10 - WLSP:\000000000007\Winsock LSP File . (.Microsoft Corp. - Microsoft® Windows Live ID Namespace Provider.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.dll
O10 - WLSP:\000000000008\Winsock LSP File . (.Microsoft Corp. - Microsoft® Windows Live ID Namespace Provider.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.dll
~ Scan Winsock in 00mn 00s



---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{3050A3E6-CB2C-4ABA-B681-076F7BAB661D}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{3050A3E6-CB2C-4ABA-B681-076F7BAB661D}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{3050A3E6-CB2C-4ABA-B681-076F7BAB661D}: DhcpNameServer = 192.168.1.1
~ Scan Domain in 00mn 00s



---\\ Protocole additionnel (O18)
O18 - Handler: about [64Bits] - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll
O18 - Handler: cdl [64Bits] - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: dvd [64Bits] - {12D51199-0DB5-46FE-A120-47A3D7D937CC} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- C:\Windows\System32\msvidctl.dll
O18 - Handler: file [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: ftp [64Bits] - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: http [64Bits] - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: https [64Bits] - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: its [64Bits] - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll
O18 - Handler: javascript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll
O18 - Handler: livecall [64Bits] - {828030A1-22C1-4009-854F-8E305202313F} . (.Microsoft Corporation - Windows Live Messenger Protocol Handler Mod.) -- C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll
O18 - Handler: local [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: mailto [64Bits] - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll
O18 - Handler: mhtml [64Bits] - {05300401-BCBC-11d0-85E3-00C04FD85AB4} . (.Microsoft Corporation - Microsoft Internet Messaging API Resources.) -- C:\Windows\system32\inetcomm.dll
O18 - Handler: mk [64Bits] - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: ms-its [64Bits] - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll
O18 - Handler: msnim [64Bits] - {828030A1-22C1-4009-854F-8E305202313F} . (.Microsoft Corporation - Windows Live Messenger Protocol Handler Mod.) -- C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll
O18 - Handler: res [64Bits] - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll
O18 - Handler: skype4com [64Bits] - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} . (.Skype Technologies - Skype for COM API.) -- C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
O18 - Handler: tv [64Bits] - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- C:\Windows\System32\msvidctl.dll
O18 - Handler: vbscript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll
O18 - Handler: wlmailhtml [64Bits] - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} . (.Microsoft Corporation - Windows Live Mail.) -- C:\Program Files (x86)\Windows Live\Mail\mailcomm.dll
O18 - Handler: wlpg [64Bits] - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (.Microsoft Corporation - Windows Live Album Download Protocol Handle.) -- C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter: application/octet-stream [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll
O18 - Filter: application/x-complus [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll
O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll
~ Scan Protocole Additionnel in 00mn 00s



---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll
~ Scan Winlogon in 00mn 00s



---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
~ Scan SSODL in 00mn 00s



---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: avast! Antivirus (avast! Antivirus) . (.AVAST Software - avast! Service.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: avast! Firewall (avast! Firewall) . (.AVAST Software - avast! firewall service.) - C:\Program Files\AVAST Software\Avast\afwServ.exe
O23 - Service: ConfigFree WiMAX Service (cfWiMAXService) . (.TOSHIBA CORPORATION - ConfigFree Service Process.) - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe
O23 - Service: ConfigFree Service (ConfigFree Service) . (.TOSHIBA CORPORATION - ConfigFree Service Process.) - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: Service Google Update (gupdate) (gupdate) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: IconMan_R (IconMan_R) . (.Realsil Microelectronics Inc. - Realtek Card Reader Icon Tool..) - C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe
O23 - Service: Intel(R) Management and Security Applica (LMS) . (.Intel Corporation - Local Manageability Service.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: (NAUpdate) . (.Nero AG - NeroUpdate.) - c:\Program Files (x86)\Nero\Update\NASvc.exe
O23 - Service: PnkBstrA (PnkBstrA) . (...) - C:\Windows\SysWOW64\PnkBstrA.exe
O23 - Service: Skype Updater (SkypeUpdate) . (.Skype Technologies - Skype Updater Service.) - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) . (.TOSHIBA Corporation - TDCSrv Application.) - C:\Windows\system32\TODDSrv.exe
O23 - Service: TOSHIBA Power Saver (TosCoSrv) . (.TOSHIBA Corporation - TOSHIBA Power Saver.) - C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
O23 - Service: Intel(R) Management & Security Applicati (UNS) . (.Intel Corporation - User Notification Service.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
~ Scan Services in 00mn 00s



---\\ Enumération Active Desktop & MHTML Editor (O24)
O24 - Default MHTML Editor: Last - .(...) - (.not file.)
~ Scan Desktop Component in 00mn 00s



---\\ Tâches planifiées en automatique (O39)
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\Adobe Flash Player Updater.job
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
[MD5.00000000000000000000000000000000] [APT] [4908] (...) -- C:\Users\Vincent\AppData\Local\Temp\launchie.vbs \\B (.not file.)
[MD5.97A1AFD42B8016D132C7BF38C955C6E1] [APT] [ConfigFree Startup Programs] (.TOSHIBA CORPORATION.) -- C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe
[MD5.98A078F838A70F84E1BD490D7C7675F4] [APT] [Java Update Scheduler] (.Sun Microsystems, Inc..) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
[MD5.B63E5C7807334A3A8F731062F15462CC] [APT] [Programme de mise à jour en ligne de Adobe] (.Adobe Systems Incorporated.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
[MD5.00000000000000000000000000000000] [APT] [{15CA2A18-9D89-4864-8C26-EEBFAFB735E9}] (...) -- C:\Users\Vincent\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3YHJRGFZ\My MSN Password Recovery.exe (.not file.)
[MD5.00000000000000000000000000000000] [APT] [{2BBE2B85-2F81-4C2B-9C8B-FFC28928130D}] (...) -- C:\Users\Vincent\Desktop\msgrkey.exe (.not file.)
[MD5.00000000000000000000000000000000] [APT] [{39FF22F3-13BE-42B1-80C8-F9D476F880C1}] (...) -- C:\Program Files (x86)\AVG\AVG2012\avgmfapx.exe (.not file.)
[MD5.00000000000000000000000000000000] [APT] [{5696529C-23C0-405B-BB4F-B40750AF372B}] (...) -- C:\Users\Vincent\Downloads\FIXIO_PC_Cleaner_2012_Installer.exe (.not file.)
[MD5.92B476DD52794881A4B91A5529C2706B] [APT] [{80EDE53F-A04C-4692-B043-18BDAA4E4E1B}] (...) -- C:\Program Files\AVAST Software\Avast\aswRundll.exe
[MD5.00000000000000000000000000000000] [APT] [{A756511C-937D-4302-ACFE-287B17924CF1}] (...) -- C:\Program Files (x86)\FantastiGames\Uninstall.exe (.not file.)
[MD5.00000000000000000000000000000000] [APT] [{C6E01FF7-49DF-4F4F-956A-6D4BBB9A1D02}] (...) -- C:\Users\Vincent\Downloads\HiJackThis.exe (.not file.)
[MD5.00000000000000000000000000000000] [APT] [{DBE6ED9B-D819-42AE-A245-2BEC2033EAE2}] (...) -- C:\Program Files (x86)\InstallShield Installation Information\{E65C7D8E-186D-484B-BEA8-DEF0331CE600}\setup.exe (.not file.)
[MD5.0DB7F99538EF4E15DAAB5C4FC351F259] [APT] [{F06A8B4F-C1DF-45F2-8E20-AD803A0D7EC7}] (.EA Digital Illusions CE AB.) -- C:\Program Files (x86)\EA Games\Battlefield Heroes\uninstaller.exe
~ Scan Scheduled Task in 00mn 04s



---\\ Composants installés (ActiveSetup Installed Components) (O40)
O40 - ASIC: Microsoft Windows Media Player [64Bits] - >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll
O40 - ASIC: Internet Explorer [64Bits] - >{26923b43-4d38-484f-9b9e-de460746276c} . (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Explorer par utilisateur.) -- C:\Windows\System32\ie4uinit.exe
O40 - ASIC: Browser Customizations [64Bits] - >{60B49E34-C7CC-11D0-8953-00A0C90347FF} . (.Microsoft Corporation - Personnalisation d'IEAK.) -- C:\Windows\System32\iedkcs32.dll
O40 - ASIC: Microsoft Windows Media Player 12.0 [64Bits] - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Windows Media Player Extension.) -- C:\Windows\SysWOW64\wmpdxm.dll
O40 - ASIC: Themes Setup [64Bits] - {2C7339CF-2B09-4501-B3F3-F3508C9228ED} . (.Microsoft Corporation - API Windows Theme.) -- C:\Windows\System32\themeui.dll
O40 - ASIC: Microsoft Windows [64Bits] - {44BBA840-CC51-11CF-AAFA-00AA00B6015C} . (.Microsoft Corporation - Windows Mail.) -- C:\Program Files (x86)\Windows Mail\WinMail.exe
O40 - ASIC: Browsing Enhancements [64Bits] - {630b1da0-b465-11d1-9948-00c04f98bbc9} . (.Microsoft Corporation - Extension Shell dossier FTP Microsoft Internet Explorer..) -- C:\Windows\System32\msieftp.dll
O40 - ASIC: Microsoft Windows Media Player [64Bits] - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll
O40 - ASIC: Windows Desktop Update [64Bits] - {89820200-ECBD-11cf-8B85-00AA005B4340} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\System32\shell32.dll
O40 - ASIC: Web Platform Customizations [64Bits] - {89820200-ECBD-11cf-8B85-00AA005B4383} . (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Explorer par utilisateur.) -- C:\Windows\System32\ie4uinit.exe
O40 - ASIC: (no name) [64Bits] - {89B4C1CD-B018-4511-B0A1-5476DBF70820} . (.Microsoft Corporation - Microsoft .NET IE SECURITY REGISTRATION.) -- C:\Windows\system32\mscories.dll
~ Scan Active Setup in 00mn 00s



---\\ Pilotes lancés au démarrage (O41)
O41 - Driver: C:\Windows\System32\drivers\afd.sys (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\Windows\system32\drivers\afd.sys
O41 - Driver: (aswRdr) . (.AVAST Software - avast! WFP Redirect Driver.) - C:\Windows\system32\Drivers\aswrdr2.sys
O41 - Driver: (blbdrive) . (.Microsoft Corporation - BLB Drive Driver.) - C:\Windows\system32\drivers\blbdrive.sys
O41 - Driver: (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\System32\DRIVERS\cdrom.sys
O41 - Driver: C:\Windows\System32\drivers\dfsc.sys (DfsC) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\System32\Drivers\dfsc.sys
O41 - Driver: C:\Windows\System32\drivers\discache.sys (discache) . (.Microsoft Corporation - System Indexer/Cache Driver.) - C:\Windows\System32\drivers\discache.sys
O41 - Driver: (mssmbios) . (.Microsoft Corporation - System Management BIOS Driver.) - C:\Windows\system32\drivers\mssmbios.sys
O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\System32\DRIVERS\netbios.sys
O41 - Driver: C:\Windows\System32\drivers\netbt.sys (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\System32\DRIVERS\netbt.sys
O41 - Driver: C:\Windows\System32\drivers\nsiproxy.sys (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\System32\drivers\nsiproxy.sys
O41 - Driver: C:\Windows\System32\drivers\pacer.sys (Psched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\Windows\System32\DRIVERS\pacer.sys
O41 - Driver: C:\Windows\System32\wkssvc.dll (rdbss) . (.Microsoft Corporation - Pilote du sous-système de mise en mémoire t.) - C:\Windows\System32\DRIVERS\rdbss.sys
O41 - Driver: C:\Windows\System32\DRIVERS\RDPCDD.sys (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\DRIVERS\RDPCDD.sys
O41 - Driver: C:\Windows\System32\drivers\RDPENCDD.sys (RDPENCDD) . (.Microsoft Corporation - RDP Encoder Miniport.) - C:\Windows\System32\drivers\rdpencdd.sys
O41 - Driver: C:\Windows\System32\drivers\RdpRefMp.sys (RDPREFMP) . (.Microsoft Corporation - RDP Reflector Driver Miniport.) - C:\Windows\System32\drivers\rdprefmp.sys
O41 - Driver: C:\Windows\System32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\System32\DRIVERS\tdx.sys
O41 - Driver: (TermDD) . (.Microsoft Corporation - Remote Desktop Server Driver.) - C:\Windows\system32\drivers\termdd.sys
O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\Windows\system32\drivers\vga.sys
O41 - Driver: (vwififlt) . (.Microsoft Corporation - Virtual WiFi Filter Driver.) - C:\Windows\System32\DRIVERS\vwififlt.sys
O41 - Driver: C:\Windows\System32\rascfg.dll (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\System32\DRIVERS\wanarp.sys
O41 - Driver: (WfpLwf) . (.Microsoft Corporation - WFP NDIS 6.20 Lightweight Filter Driver.) - C:\Windows\System32\DRIVERS\wfplwf.sys
~ Scan Drivers in 00mn 00s



---\\ Logiciels installés (O42)
O42 - Logiciel: Adobe Flash Player 11 ActiveX - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Flash Player ActiveX
O42 - Logiciel: Adobe Flash Player 11 Plugin - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Flash Player Plugin
O42 - Logiciel: Adobe Reader 9.5.2 - Français - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {AC76BA86-7AD7-1036-7B44-A95000000001}
O42 - Logiciel: Battlefield Heroes - (.EA Digital illusions.) [HKLM][64Bits] -- {8DC910CD-8EE3-4ffc-A4EB-9B02701059C4}
O42 - Logiciel: Clavier+ 10.6.4 - (.Guillaume Ryder.) [HKLM][64Bits] -- Clavier+_is1
O42 - Logiciel: Contrôle ActiveX Windows Live Mesh pour connexions à distance - (.Microsoft Corporation.) [HKLM][64Bits] -- {55D003F4-9599-44BF-BA9E-95D060730DD3}
O42 - Logiciel: D3DX10 - (.Microsoft.) [HKLM][64Bits] -- {E09C4DB7-630C-4F06-A631-8EA7239923AF}
O42 - Logiciel: Galerie de photos Windows Live - (.Microsoft Corporation.) [HKLM][64Bits] -- {488F0347-C4A7-4374-91A7-30818BEDA710}
O42 - Logiciel: Google Chrome - (.Google Inc..) [HKLM][64Bits] -- Google Chrome
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM][64Bits] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
O42 - Logiciel: High-Definition Video Playback - (.Nero AG.) [HKLM][64Bits] -- {58CB9A9A-1EFB-4EA8-B50C-3097E754AC21}
O42 - Logiciel: Intel(R) Graphics Media Accelerator Driver - (.Intel Corporation.) [HKLM][64Bits] -- {F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}
O42 - Logiciel: Intel(R) Management Engine Components - (.Intel Corporation.) [HKLM][64Bits] -- {65153EA5-8B6E-43B6-857B-C6E4FC25798A}
O42 - Logiciel: Java(TM) 6 Update 35 - (.Oracle.) [HKLM][64Bits] -- {26A24AE4-039D-4CA4-87B4-2F83216035FF}
O42 - Logiciel: Junk Mail filter update - (.Microsoft Corporation.) [HKLM][64Bits] -- {1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}
O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM][64Bits] -- {8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}
O42 - Logiciel: MSVCRT_amd64 - (.Microsoft.) [HKLM][64Bits] -- {D0B44725-3666-492D-BEF6-587A14BD9BD9}
O42 - Logiciel: MegaCam - (.SQ.) [HKLM][64Bits] -- {77F69001-4D35-4BEA-A074-26DA04EA0CDA}
O42 - Logiciel: Mesh Runtime - (.Microsoft Corporation.) [HKLM][64Bits] -- {8C6D6116-B724-4810-8F2D-D047E6B7D68E}
O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.) [HKLM][64Bits] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}
O42 - Logiciel: Microsoft .NET Framework 4 Client Profile FRA Language Pack - (.Microsoft Corporation.) [HKLM][64Bits] -- {4B5F58F7-C7D1-3CE3-9B37-B657F0852643}
O42 - Logiciel: Microsoft SQL Server 2005 Compact Edition [ENU] - (.Microsoft Corporation.) [HKLM][64Bits] -- {F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
O42 - Logiciel: Microsoft SQL Server Compact 3.5 SP2 x64 FRA - (.Microsoft Corporation.) [HKLM][64Bits] -- {2906A05E-2D38-4B47-85A2-D3485E372C8F}
O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM][64Bits] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable - (.Microsoft Corporation.) [HKLM][64Bits] -- {710f4c1c-cc18-4c49-8cbf-51240c89a1a2}
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 - (.Microsoft Corporation.) [HKLM][64Bits] -- {8220EEFE-38CD-377E-8595-13398D740ACE}
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 - (.Microsoft Corporation.) [HKLM][64Bits] -- {5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 - (.Microsoft Corporation.) [HKLM][64Bits] -- {9A25302D-30C0-39D9-BD6F-21E6EC160475}
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 - (.Microsoft Corporation.) [HKLM][64Bits] -- {1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 - (.Microsoft Corporation.) [HKLM][64Bits] -- {9BE518E6-ECC6-35A9-88E4-87755C07200F}
O42 - Logiciel: Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 - (.Microsoft Corporation.) [HKLM][64Bits] -- {1D8E6291-B0D5-35EC-8441-6616F567A0F7}
O42 - Logiciel: Microsoft Visual C++ 2010 x64 Runtime - 10.0.30319 - (.Microsoft Corporation.) [HKLM][64Bits] -- {94D70749-4281-39AC-AD90-B56A0E0A402E}
O42 - Logiciel: Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 - (.Microsoft Corporation.) [HKLM][64Bits] -- {F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}
O42 - Logiciel: Microsoft Visual Studio 2010 Express Prerequisites x64 - FRA - (.Microsoft Corporation.) [HKLM][64Bits] -- {F48F43AA-721D-335F-9CA2-01D910104560}
O42 - Logiciel: Mini-Cam - (.Pas de propriétaire.) [HKLM][64Bits] -- {77F69001-4D35-4BEA-A074-26DA04EA0CDA}
O42 - Logiciel: Nero 10 Movie ThemePack Basic - (.Nero AG.) [HKLM][64Bits] -- {F5CB822F-B365-43D1-BCC0-4FDA1A2017A7}
O42 - Logiciel: Nero BackItUp 10 - (.Nero AG.) [HKLM][64Bits] -- {68AB6930-5BFF-4FF6-923B-516A91984FE6}
O42 - Logiciel: Nero BackItUp 10 Help (CHM) - (.Nero AG.) [HKLM][64Bits] -- {08C8666B-C502-4AB3-B4CB-D74AC42D14FE}
O42 - Logiciel: Nero BurnRights 10 - (.Nero AG.) [HKLM][64Bits] -- {943CFD7D-5336-47AF-9418-E02473A5A517}
O42 - Logiciel: Nero BurnRights 10 Help (CHM) - (.Nero AG.) [HKLM][64Bits] -- {555868C6-49FB-484F-BB43-8980651A1B00}
O42 - Logiciel: Nero Control Center 10 - (.Nero AG.) [HKLM][64Bits] -- {6DFB899F-17A2-48F0-A533-ED8D6866CF38}
O42 - Logiciel: Nero ControlCenter 10 Help (CHM) - (.Nero AG.) [HKLM][64Bits] -- {523B2B1B-D8DB-4B41-90FF-C4D799E2758A}
O42 - Logiciel: Nero Core Components 10 - (.Nero AG.) [HKLM][64Bits] -- {2436F2A8-4B7E-4B6C-AE4E-604C84AA6A4F}
O42 - Logiciel: Nero Express 10 - (.Nero AG.) [HKLM][64Bits] -- {70550193-1C22-445C-8FA4-564E155DB1A7}
O42 - Logiciel: Nero Express 10 Help (CHM) - (.Nero AG.) [HKLM][64Bits] -- {33643918-7957-4839-92C7-EA96CB621A98}
O42 - Logiciel: Nero InfoTool 10 - (.Nero AG.) [HKLM][64Bits] -- {F412B4AF-388C-4FF5-9B2F-33DB1C536953}
O42 - Logiciel: Nero InfoTool 10 Help (CHM) - (.Nero AG.) [HKLM][64Bits] -- {66049135-9659-4AAD-9169-9CCA269EBB3E}
O42 - Logiciel: Nero Kwik Media - (.Nero AG.) [HKLM][64Bits] -- {1F7D9F37-C39C-486C-BDF8-8F440FFB3352}
O42 - Logiciel: Nero Multimedia Suite 10 Essentials - (.Nero AG.) [HKLM][64Bits] -- {2063D199-D79F-471A-9019-9E647296394D}
O42 - Logiciel: Nero RescueAgent 10 - (.Nero AG.) [HKLM][64Bits] -- {E337E787-CF61-4B7B-B84F-509202A54023}
O42 - Logiciel: Nero RescueAgent 10 Help (CHM) - (.Nero AG.) [HKLM][64Bits] -- {92E25238-61A3-4ACD-A407-3C480EEF47A7}
O42 - Logiciel: Nero StartSmart 10 - (.Nero AG.) [HKLM][64Bits] -- {F61D489E-6C44-49AC-AD02-7DA8ACA73A65}
O42 - Logiciel: Nero StartSmart 10 Help (CHM) - (.Nero AG.) [HKLM][64Bits] -- {F6117F9C-ADB5-4590-9BE4-12C7BEC28702}
O42 - Logiciel: Nero Update - (.Nero AG.) [HKLM][64Bits] -- {65BB0407-4CC8-4DC7-952E-3EEFDF05602A}
O42 - Logiciel: NeroKwikMedia Help (CHM) - (.Nero AG.) [HKLM][64Bits] -- {02FCAA8F-59D3-4198-822E-135C61EE4F0B}
O42 - Logiciel: PunkBuster Services - (.Even Balance, Inc..) [HKLM][64Bits] -- PunkBusterSvc
O42 - Logiciel: Realtek Ethernet Controller Driver For Windows 7 - (.Realtek.) [HKLM][64Bits] -- {8833FFB6-5B0C-4764-81AA-06DFEED9A476}
O42 - Logiciel: Realtek USB 2.0 Card Reader - (.Realtek Semiconductor Corp..) [HKLM][64Bits] -- {96AE7E41-E34E-47D0-AC07-1091A8127911}
O42 - Logiciel: Realtek WLAN Driver - (.REALTEK Semiconductor Corp..) [HKLM][64Bits] -- {9D3D8C60-A55F-4fed-B2B9-173001290E16}
O42 - Logiciel: Skype(TM) 5.10 - (.Skype Technologies S.A..) [HKLM][64Bits] -- {EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}
O42 - Logiciel: SpecialSavings - (.Pas de propriétaire.) [HKLM][64Bits] -- SpecialSavings
O42 - Logiciel: Synaptics Pointing Device Driver - (.Synaptics Incorporated.) [HKLM][64Bits] -- SynTPDeinstKey
O42 - Logiciel: TOSHIBA Assist - (.TOSHIBA CORPORATION.) [HKLM][64Bits] -- {C2A276E3-154E-44DC-AAF1-FFDD7FD30E35}
O42 - Logiciel: TOSHIBA Bulletin Board - (.TOSHIBA Corporation.) [HKLM][64Bits] -- InstallShield_{43DBC64B-3DD1-47E2-8788-D3C3B110C574}
O42 - Logiciel: TOSHIBA Bulletin Board - (.TOSHIBA Corporation.) [HKLM][64Bits] -- {43DBC64B-3DD1-47E2-8788-D3C3B110C574}
O42 - Logiciel: TOSHIBA ConfigFree - (.TOSHIBA CORPORATION.) [HKLM][64Bits] -- {38C52F7D-A6CB-4CE7-A189-8AABE8774D8A}
O42 - Logiciel: TOSHIBA Disc Creator - (.TOSHIBA Corporation.) [HKLM][64Bits] -- {5DA0E02F-970B-424B-BF41-513A5018E4C0}
O42 - Logiciel: TOSHIBA Face Recognition - (.TOSHIBA Corporation.) [HKLM][64Bits] -- InstallShield_{F67FA545-D8E5-4209-86B1-AEE045D1003F}
O42 - Logiciel: TOSHIBA Face Recognition - (.TOSHIBA Corporation.) [HKLM][64Bits] -- {F67FA545-D8E5-4209-86B1-AEE045D1003F}
O42 - Logiciel: TOSHIBA Flash Cards Support Utility - (.TOSHIBA CORPORATION.) [HKLM][64Bits] -- InstallShield_{620BBA5E-F848-4D56-8BDA-584E44584C5E}
O42 - Logiciel: TOSHIBA Flash Cards Support Utility - (.TOSHIBA CORPORATION.) [HKLM][64Bits] -- {620BBA5E-F848-4D56-8BDA-584E44584C5E}
O42 - Logiciel: TOSHIBA HDD/SSD Alert - (.TOSHIBA Corporation.) [HKLM][64Bits] -- InstallShield_{D4322448-B6AF-4316-B859-D8A0E84DCB38}
O42 - Logiciel: TOSHIBA HDD/SSD Alert - (.TOSHIBA Corporation.) [HKLM][64Bits] -- {D4322448-B6AF-4316-B859-D8A0E84DCB38}
O42 - Logiciel: TOSHIBA Hardware Setup - (.TOSHIBA CORPORATION.) [HKLM][64Bits] -- InstallShield_{5279374D-87FE-4879-9385-F17278EBB9D3}
O42 - Logiciel: TOSHIBA Hardware Setup - (.TOSHIBA CORPORATION.) [HKLM][64Bits] -- {5279374D-87FE-4879-9385-F17278EBB9D3}
O42 - Logiciel: TOSHIBA Media Controller - (.TOSHIBA CORPORATION.) [HKLM][64Bits] -- {983CD6FE-8320-4B80-A8F6-0D0366E0AA22}
O42 - Logiciel: TOSHIBA Media Controller Plug-in - (.TOSHIBA CORPORATION.) [HKLM][64Bits] -- {F26FDF57-483E-42C8-A9C9-EEE1EDB256E0}
O42 - Logiciel: TOSHIBA Mot de passe responsable - (.TOSHIBA CORPORATION.) [HKLM][64Bits] -- InstallShield_{51B4E156-14A5-4904-9AE4-B1AA2A0E46BE}
O42 - Logiciel: TOSHIBA Online Product Information - (.TOSHIBA.) [HKLM][64Bits] -- {2290A680-4083-410A-ADCC-7092C67FC052}
O42 - Logiciel: TOSHIBA Places Icon Utility - (.TOSHIBA Corporation.) [HKLM][64Bits] -- {461F6F0D-7173-4902-9604-AB1A29108AF2}
O42 - Logiciel: TOSHIBA Recovery Media Creator - (.TOSHIBA Corporation.) [HKLM][64Bits] -- {B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}
O42 - Logiciel: TOSHIBA Recovery Media Creator Reminder - (.TOSHIBA.) [HKLM][64Bits] -- InstallShield_{773970F1-5EBA-4474-ADEE-1EA3B0A59492}
O42 - Logiciel: TOSHIBA ReelTime - (.TOSHIBA Corporation.) [HKLM][64Bits] -- InstallShield_{24811C12-F4A9-4D0F-8494-A7B8FE46123C}
O42 - Logiciel: TOSHIBA ReelTime - (.TOSHIBA Corporation.) [HKLM][64Bits] -- {24811C12-F4A9-4D0F-8494-A7B8FE46123C}
O42 - Logiciel: TOSHIBA Service Station - (.TOSHIBA.) [HKLM][64Bits] -- {AC6569FA-6919-442A-8552-073BE69E247A}
O42 - Logiciel: TOSHIBA Supervisor Password - (.TOSHIBA CORPORATION.) [HKLM][64Bits] -- {51B4E156-14A5-4904-9AE4-B1AA2A0E46BE}
O42 - Logiciel: TOSHIBA TEMPRO - (.Toshiba Europe GmbH.) [HKLM][64Bits] -- {F082CB11-4794-4259-99A1-D91BA762AD15}
O42 - Logiciel: TOSHIBA Value Added Package - (.TOSHIBA Corporation.) [HKLM][64Bits] -- InstallShield_{066CFFF8-12BF-4390-A673-75F95EFF188E}
O42 - Logiciel: TOSHIBA Web Camera Application - (.TOSHIBA Corporation.) [HKLM][64Bits] -- InstallShield_{6F3C8901-EBD3-470D-87F8-AC210F6E5E02}
O42 - Logiciel: TOSHIBA Web Camera Application - (.TOSHIBA Corporation.) [HKLM][64Bits] -- {6F3C8901-EBD3-470D-87F8-AC210F6E5E02}
O42 - Logiciel: TOSHIBA Wireless LAN Indicator - (.TOSHIBA CORPORATION.) [HKLM][64Bits] -- {5BA99779-6E12-49EF-BE49-F35B1EDB4DF9}
O42 - Logiciel: Toshiba Manuals - (.TOSHIBA.) [HKLM][64Bits] -- {90FF4432-21B7-4AF6-BA6E-FB8C1FED9173}
O42 - Logiciel: Utility Common Driver - (.TOSHIBA.) [HKLM][64Bits] -- InstallShield_{12688FD7-CB92-4A5B-BEE4-5C8E0574434F}
O42 - Logiciel: Utility Common Driver - (.TOSHIBA.) [HKLM][64Bits] -- {12688FD7-CB92-4A5B-BEE4-5C8E0574434F}
O42 - Logiciel: Visual Studio 2010 x64 Redistributables - (.AVG Technologies.) [HKLM][64Bits] -- {21B133D6-5979-47F0-BE1C-F6A6B304693F}
O42 - Logiciel: Windows Live - (.Microsoft Corporation.) [HKLM][64Bits] -- WinLiveSuite
O42 - Logiciel: Windows Live - (.Microsoft Corporation.) [HKLM][64Bits] -- {34319F1F-7CF2-4CC9-B357-1AE7D2FF3AC5}
O42 - Logiciel: Windows Live Communications Platform - (.Microsoft Corporation.) [HKLM][64Bits] -- {D45240D3-B6B3-4FF9-B243-54ECE3E10066}
O42 - Logiciel: Windows Live ID Sign-in Assistant - (.Microsoft Corporation.) [HKLM][64Bits] -- {1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}
O42 - Logiciel: Windows Live Installer - (.Microsoft Corporation.) [HKLM][64Bits] -- {0B0F231F-CE6A-483D-AA23-77B364F75917}
O42 - Logiciel: Windows Live Language Selector - (.Microsoft Corporation.) [HKLM][64Bits] -- {027E5FAB-1476-4C59-AAB4-32EF28520399}
O42 - Logiciel: Windows Live MIME IFilter - (.Microsoft Corporation.) [HKLM][64Bits] -- {DA54F80E-261C-41A2-A855-549A144F2F59}
O42 - Logiciel: Windows Live Mail - (.Microsoft Corporation.) [HKLM][64Bits] -- {9D56775A-93F3-44A3-8092-840E3826DE30}
O42 - Logiciel: Windows Live Mail - (.Microsoft Corporation.) [HKLM][64Bits] -- {9FAE6E8D-E686-49F5-A574-0A58DFD9580C}
O42 - Logiciel: Windows Live Mesh - (.Microsoft Corporation.) [HKLM][64Bits] -- {841F1FB4-FDF8-461C-A496-3E1CFD84C0B5}
O42 - Logiciel: Windows Live Mesh - (.Microsoft Corporation.) [HKLM][64Bits] -- {DECDCB7C-58CC-4865-91AF-627F9798FE48}
O42 - Logiciel: Windows Live Messenger - (.Microsoft Corporation.) [HKLM][64Bits] -- {AB61A2E9-37D3-485D-9085-19FBDF8CEF4A}
O42 - Logiciel: Windows Live Messenger - (.Microsoft Corporation.) [HKLM][64Bits] -- {E5B21F11-6933-4E0B-A25C-7963E3C07D11}
O42 - Logiciel: Windows Live Movie Maker - (.Microsoft Corporation.) [HKLM][64Bits] -- {6DEC8BD5-7574-47FA-B080-492BBBE2FEA3}
O42 - Logiciel: Windows Live Movie Maker - (.Microsoft Corporation.) [HKLM][64Bits] -- {92EA4134-10D1-418A-91E1-5A0453131A38}
O42 - Logiciel: Windows Live PIMT Platform - (.Microsoft Corporation.) [HKLM][64Bits] -- {83C292B7-38A5-440B-A731-07070E81A64F}
O42 - Logiciel: Windows Live Photo Common - (.Microsoft Corporation.) [HKLM][64Bits] -- {A9BDCA6B-3653-467B-AC83-94367DA3BFE3}
O42 - Logiciel: Windows Live Photo Common - (.Microsoft Corporation.) [HKLM][64Bits] -- {C893D8C0-1BA0-4517-B11C-E89B65E72F70}
O42 - Logiciel: Windows Live Photo Gallery - (.Microsoft Corporation.) [HKLM][64Bits] -- {3336F667-9049-4D46-98B6-4C743EEBC5B1}
O42 - Logiciel: Windows Live Remote Client - (.Microsoft Corporation.) [HKLM][64Bits] -- {DF6D988A-EEA0-4277-AAB8-158E086E439B}
O42 - Logiciel: Windows Live Remote Client Resources - (.Microsoft Corporation.) [HKLM][64Bits] -- {B750FA38-7AB0-42CB-ACBB-E7DBE9FF603F}
O42 - Logiciel: Windows Live Remote Service - (.Microsoft Corporation.) [HKLM][64Bits] -- {E02A6548-6FDE-40E2-8ED9-119D7D7E641F}
O42 - Logiciel: Windows Live Remote Service Resources - (.Microsoft Corporation.) [HKLM][64Bits] -- {5E2CD4FB-4538-4831-8176-05D653C3E6D4}
O42 - Logiciel: Windows Live SOXE - (.Microsoft Corporation.) [HKLM][64Bits] -- {682B3E4F-696A-42DE-A41C-4C07EA1678B4}
O42 - Logiciel: Windows Live SOXE Definitions - (.Microsoft Corporation.) [HKLM][64Bits] -- {200FEC62-3C34-4D60-9CE8-EC372E01C08F}
O42 - Logiciel: Windows Live UX Platform - (.Microsoft Corporation.) [HKLM][64Bits] -- {CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}
O42 - Logiciel: Windows Live UX Platform Language Pack - (.Microsoft Corporation.) [HKLM][64Bits] -- {05E379CC-F626-4E7D-8354-463865B303BF}
O42 - Logiciel: Windows Live Writer - (.Microsoft Corporation.) [HKLM][64Bits] -- {3B9A92DA-6374-4872-B646-253F18624D5F}
O42 - Logiciel: Windows Live Writer - (.Microsoft Corporation.) [HKLM][64Bits] -- {A726AE06-AAA3-43D1-87E3-70F510314F04}
O42 - Logiciel: Windows Live Writer - (.Microsoft Corporation.) [HKLM][64Bits] -- {AAAFC670-569B-4A2F-82B4-42945E0DE3EF}
O42 - Logiciel: Windows Live Writer Resources - (.Microsoft Corporation.) [HKLM][64Bits] -- {62687B11-58B5-4A18-9BC3-9DF4CE03F194}
O42 - Logiciel: Yontoo 1.10.02 - (.Yontoo LLC.) [HKLM][64Bits] -- {889DF117-14D1-44EE-9F31-C5FB5D47F68B}
O42 - Logiciel: avast! Internet Security v7.0.1466.0 - (.AVAST Software.) [HKLM][64Bits] -- avast

---\\ HKCU & HKLM Software Keys
[HKCU\Software\1ClickDownload]
[HKCU\Software\5c53d6deb16fe515]
[HKCU\Software\AVAST Software]
[HKCU\Software\AVS4YOU]
[HKCU\Software\Adobe]
[HKCU\Software\AppDataLow\Software\ConduitSearchScopes]
[HKCU\Software\AppDataLow\Software\Conduit]
[HKCU\Software\AppDataLow\Software\Crossrider]
[HKCU\Software\AppDataLow\Software\Microsoft]
[HKCU\Software\AppDataLow\Software\PriceGong]
[HKCU\Software\AppDataLow\Software\Smartbar]
[HKCU\Software\AppDataLow\Software\Unity]
[HKCU\Software\AppDataLow\Software\specialsavings]
[HKCU\Software\AppDataLow\Software]
[HKCU\Software\AppDataLow]
[HKCU\Software\Auslogics]
[HKCU\Software\BrowserCompanion]
[HKCU\Software\Bugsplat]
[HKCU\Software\Classes]
[HKCU\Software\Clients]
[HKCU\Software\Conduit]
[HKCU\Software\DataMngr_Toolbar]
[HKCU\Software\Datamngr]
[HKCU\Software\ElcomSoft]
[HKCU\Software\Electronic Arts]
[HKCU\Software\FIXIO PC Utilities]
[HKCU\Software\GlarySoft]
[HKCU\Software\Google]
[HKCU\Software\IGearSettings]
[HKCU\Software\IM Providers]
[HKCU\Software\IM]
[HKCU\Software\InstallCore]
[HKCU\Software\Intel]
[HKCU\Software\JavaSoft]
[HKCU\Software\Licenses]
[HKCU\Software\Macromedia]
[HKCU\Software\Malwarebytes' Anti-Malware]
[HKCU\Software\MozillaPlugins]
[HKCU\Software\Mozilla]
[HKCU\Software\Nero]
[HKCU\Software\Netscape]
[HKCU\Software\OfferBox]
[HKCU\Software\Policies]
[HKCU\Software\SecuROM]
[HKCU\Software\Skype]
[HKCU\Software\Softonic]
[HKCU\Software\SpeedMaxPc]
[HKCU\Software\Stellar]
[HKCU\Software\SweetIM]
[HKCU\Software\Synaptics]
[HKCU\Software\Sysinternals]
[HKCU\Software\TOSHIBA]
[HKCU\Software\Trolltech]
[HKCU\Software\TuneUp]
[HKCU\Software\Tutorials]
[HKCU\Software\Unity]
[HKCU\Software\WildTangent]
[HKCU\Software\WinRAR SFX]
[HKCU\Software\WinRAR]
[HKCU\Software\Wow6432Node]
[HKCU\Software\ZebHelpProcess Helper]
[HKCU\Software\bProtector]
[HKCU\Software\dclean]
[HKCU\Software\ej-technologies]
[HKLM\Software\AMD]
[HKLM\Software\ATI Technologies]
[HKLM\Software\AVG]
[HKLM\Software\BrowserChoice]
[HKLM\Software\CBSTEST]
[HKLM\Software\Classes]
[HKLM\Software\Clients]
[HKLM\Software\Common Toolkit Suite]
[HKLM\Software\Cyberlink]
[HKLM\Software\DTS]
[HKLM\Software\Google]
[HKLM\Software\InstalledOptions]
[HKLM\Software\Intel]
[HKLM\Software\JavaSoft]
[HKLM\Software\Macromedia]
[HKLM\Software\McAfee.com]
[HKLM\Software\McAfee]
[HKLM\Software\MozillaPlugins]
[HKLM\Software\Mozilla]
[HKLM\Software\ODBC]
[HKLM\Software\PCTools]
[HKLM\Software\Policies]
[HKLM\Software\RTLSetup]
[HKLM\Software\Realtek Semiconductor Corp.]
[HKLM\Software\Realtek]
[HKLM\Software\RegisteredApplications]
[HKLM\Software\SOFTWARE]
[HKLM\Software\SRS Labs]
[HKLM\Software\SmartPCFixer]
[HKLM\Software\SonicFocus]
[HKLM\Software\Sonic]
[HKLM\Software\Synaptics]
[HKLM\Software\TOSHIBA]
[HKLM\Software\Tarma Installer]
[HKLM\Software\TuneUp]
[HKLM\Software\Wow6432Node\AVAST Software]
[HKLM\Software\Wow6432Node\AVS4YOU]
[HKLM\Software\Wow6432Node\Adobe]
[HKLM\Software\Wow6432Node\AedgePerformanceBCN]
[HKLM\Software\Wow6432Node\ArtMoney]
[HKLM\Software\Wow6432Node\Avg]
[HKLM\Software\Wow6432Node\Babylon]
[HKLM\Software\Wow6432Node\BrowserMngr]
[HKLM\Software\Wow6432Node\COMPAL]
[HKLM\Software\Wow6432Node\Classes]
[HKLM\Software\Wow6432Node\Clients]
[HKLM\Software\Wow6432Node\Conduit]
[HKLM\Software\Wow6432Node\DataMngr]
[HKLM\Software\Wow6432Node\Electronic Arts]
[HKLM\Software\Wow6432Node\Even Balance]
[HKLM\Software\Wow6432Node\GlarySoft]
[HKLM\Software\Wow6432Node\Google]
[HKLM\Software\Wow6432Node\Iminent]
[HKLM\Software\Wow6432Node\Intel]
[HKLM\Software\Wow6432Node\JavaSoft]
[HKLM\Software\Wow6432Node\JreMetrics]
[HKLM\Software\Wow6432Node\KasperskyLab]
[HKLM\Software\Wow6432Node\Licenses]
[HKLM\Software\Wow6432Node\Macromedia]
[HKLM\Software\Wow6432Node\Malwarebytes' Anti-Malware (Trial)]
[HKLM\Software\Wow6432Node\Malwarebytes' Anti-Malware]
[HKLM\Software\Wow6432Node\McAfee]
[HKLM\Software\Wow6432Node\MozillaPlugins]
[HKLM\Software\Wow6432Node\Mozilla]
[HKLM\Software\Wow6432Node\Nero]
[HKLM\Software\Wow6432Node\ODBC]
[HKLM\Software\Wow6432Node\OfferBox]
[HKLM\Software\Wow6432Node\PCTools]
[HKLM\Software\Wow6432Node\Policies]
[HKLM\Software\Wow6432Node\RegisteredApplications]
[HKLM\Software\Wow6432Node\RtWLan]
[HKLM\Software\Wow6432Node\Skype]
[HKLM\Software\Wow6432Node\SpeedMaxPc]
[HKLM\Software\Wow6432Node\Swearware]
[HKLM\Software\Wow6432Node\SweetIM]
[HKLM\Software\Wow6432Node\Systweak]
[HKLM\Software\Wow6432Node\TEUA]
[HKLM\Software\Wow6432Node\TOSHIBA CORPORATION]
[HKLM\Software\Wow6432Node\TOSHIBA]
[HKLM\Software\Wow6432Node\TrendMicro]
[HKLM\Software\Wow6432Node\TuneUp]
[HKLM\Software\Wow6432Node\Uniblue]
[HKLM\Software\Wow6432Node\Vittalia]
[HKLM\Software\Wow6432Node\WildTangent]
[HKLM\Software\Wow6432Node\WinRAR]
[HKLM\Software\Wow6432Node\Windows]
[HKLM\Software\Wow6432Node\WiseConvert]
[HKLM\Software\Wow6432Node\intellidownload]
[HKLM\Software\Wow6432Node\mozilla.org]
[HKLM\Software\Wow6432Node]
~ Scan Softwares in 00mn 00s



---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 26/07/2011 - 11:23:50 - [109,781] ----D C:\Program Files (x86)\Adobe
O43 - CFD: 08/10/2012 - 19:15:38 - [169,389] ----D C:\Program Files (x86)\Common Files
O43 - CFD: 30/09/2012 - 12:18:28 - [0,609] ----D C:\Program Files (x86)\Conduit
O43 - CFD: 26/07/2012 - 12:21:01 - [0,001] ----D C:\Program Files (x86)\DownloadManager
O43 - CFD: 02/10/2012 - 21:32:06 - [1173,349] ----D C:\Program Files (x86)\EA Games
O43 - CFD: 03/10/2012 - 14:11:21 - [409,663] ----D C:\Program Files (x86)\Google
O43 - CFD: 01/10/2012 - 19:53:01 - [137,994] --H-D C:\Program Files (x86)\InstallShield Installation Information
O43 - CFD: 12/06/2012 - 21:40:02 - [16,108] ----D C:\Program Files (x86)\Intel
O43 - CFD: 22/09/2012 - 18:45:02 - [4,919] ----D C:\Program Files (x86)\Internet Explorer
O43 - CFD: 05/10/2012 - 19:27:41 - [84,671] ----D C:\Program Files (x86)\Java
O43 - CFD: 07/09/2012 - 21:02:29 - [0] ----D C:\Program Files (x86)\Microsoft Office
O43 - CFD: 20/06/2012 - 17:03:53 - [36,641] ----D C:\Program Files (x86)\Microsoft Silverlight
O43 - CFD: 17/03/2012 - 16:33:05 - [0] ----D C:\Program Files (x86)\Microsoft WSE
O43 - CFD: 30/09/2012 - 20:46:53 - [0,008] ----D C:\Program Files (x86)\Mozilla Firefox
O43 - CFD: 14/07/2009 - 07:32:38 - [0,025] ----D C:\Program Files (x86)\MSBuild
O43 - CFD: 29/09/2012 - 22:07:55 - [0] ----D C:\Program Files (x86)\MSXML 4.0
O43 - CFD: 06/08/2012 - 19:36:15 - [0,085] ----D C:\Program Files (x86)\Namco
O43 - CFD: 26/07/2011 - 11:36:11 - [733,678] ----D C:\Program Files (x86)\Nero
O43 - CFD: 30/07/2012 - 23:13:12 - [0,001] ----D C:\Program Files (x86)\OpenApp
O43 - CFD: 08/07/2012 - 15:41:41 - [0,058] ----D C:\Program Files (x86)\Passware
O43 - CFD: 01/09/2012 - 17:12:18 - [11,856] ----D C:\Program Files (x86)\Realtek
O43 - CFD: 18/10/2011 - 12:49:06 - [5,757] ----D C:\Program Files (x86)\Realtek WLAN Driver
O43 - CFD: 14/07/2009 - 07:32:38 - [37,349] ----D C:\Program Files (x86)\Reference Assemblies
O43 - CFD: 28/08/2012 - 23:07:32 - [16,855] R---D C:\Program Files (x86)\Skype
O43 - CFD: 08/08/2012 - 00:10:11 - [0,225] ----D C:\Program Files (x86)\smartdl
O43 - CFD: 07/08/2012 - 23:58:37 - [0,266] ----D C:\Program Files (x86)\SpecialSavings
O43 - CFD: 01/09/2012 - 17:12:29 - [0] --H-D C:\Program Files (x86)\Temp
O43 - CFD: 26/07/2012 - 22:56:07 - [6,449] ----D C:\Program Files (x86)\TorrentSearch
O43 - CFD: 18/10/2011 - 12:55:43 - [314,612] ----D C:\Program Files (x86)\TOSHIBA
O43 - CFD: 06/10/2012 - 14:02:18 - [25,511] ----D C:\Program Files (x86)\TOSHIBA Games
O43 - CFD: 26/07/2011 - 11:46:01 - [11,294] ----D C:\Program Files (x86)\Toshiba TEMPRO
O43 - CFD: 05/09/2012 - 13:51:13 - [0,768] ----D C:\Program Files (x86)\trend micro
O43 - CFD: 06/05/2012 - 15:54:44 - [1,079] ----D C:\Program Files (x86)\Ubisoft
O43 - CFD: 06/08/2012 - 19:38:43 - [3,188] --H-D C:\Program Files (x86)\Uninstall Information
O43 - CFD: 26/09/2012 - 21:04:13 - [167,817] ----D C:\Program Files (x86)\Windows Live
O43 - CFD: 21/11/2010 - 08:19:00 - [5,895] ----D C:\Program Files (x86)\Windows Mail
O43 - CFD: 08/08/2012 - 00:45:04 - [4,791] ----D C:\Program Files (x86)\Windows Media Player
O43 - CFD: 14/07/2009 - 07:32:38 - [11,632] ----D C:\Program Files (x86)\Windows NT
O43 - CFD: 21/11/2010 - 08:19:00 - [4,213] ----D C:\Program Files (x86)\Windows Photo Viewer
O43 - CFD: 21/11/2010 - 05:31:38 - [0,181] ----D C:\Program Files (x86)\Windows Portable Devices
O43 - CFD: 21/11/2010 - 08:19:00 - [6,173] ----D C:\Program Files (x86)\Windows Sidebar
O43 - CFD: 30/09/2012 - 12:18:33 - [0,756] ----D C:\Program Files (x86)\Yontoo
O43 - CFD: 13/10/2012 - 19:06:18 - [10,014] ----D C:\Program Files (x86)\ZHPDiag
O43 - CFD: 26/07/2011 - 11:23:53 - [6,244] ----D C:\Program Files (x86)\Common Files\Adobe
O43 - CFD: 07/08/2012 - 23:30:38 - [1,918] ----D C:\Program Files (x86)\Common Files\AVSMedia
O43 - CFD: 08/07/2012 - 19:39:45 - [3,652] ----D C:\Program Files (x86)\Common Files\InstallShield
O43 - CFD: 26/07/2011 - 11:17:26 - [1,201] ----D C:\Program Files (x86)\Common Files\Java
O43 - CFD: 07/09/2012 - 22:58:55 - [0,790] ----D C:\Program Files (x86)\Common Files\mcafee
O43 - CFD: 07/09/2012 - 21:51:12 - [24,886] ----D C:\Program Files (x86)\Common Files\microsoft shared
O43 - CFD: 26/07/2011 - 11:34:56 - [47,337] ----D C:\Program Files (x86)\Common Files\Nero
O43 - CFD: 17/06/2012 - 19:09:15 - [23,479] ----D C:\Program Files (x86)\Common Files\PC Tools
O43 - CFD: 18/10/2011 - 12:31:05 - [0,159] ----D C:\Program Files (x86)\Common Files\postureAgent
O43 - CFD: 14/07/2009 - 05:20:08 - [0,003] ----D C:\Program Files (x86)\Common Files\Services
O43 - CFD: 28/08/2012 - 23:07:31 - [2,056] ----D C:\Program Files (x86)\Common Files\Skype
O43 - CFD: 14/07/2009 - 05:20:08 - [39,200] ----D C:\Program Files (x86)\Common Files\SpeechEngines
O43 - CFD: 30/12/2011 - 11:05:27 - [9,767] ----D C:\Program Files (x86)\Common Files\System
O43 - CFD: 26/07/2011 - 11:40:00 - [0] ----D C:\Program Files (x86)\Common Files\Windows Live
O43 - CFD: 2
0
jacques.gache Messages postés 33453 Date d'inscription mardi 13 novembre 2007 Statut Contributeur sécurité Dernière intervention 25 janvier 2016 1 616
13 oct. 2012 à 19:13
https://forums.commentcamarche.net/forum/affich-26246323-mon-histoire-de-virus#4

je disais bien comme expliqué , car la il est pas complet car trop long !! merci de bien le poster par le biais d'un hébergeur comme EXPLIQUER dans la procédure de zhpdiag !!!


Pour me le transmettre clique sur ce lien :

https://www.cjoint.com/


Clique sur Parcourir et cherche le fichier C:\Documents and settings\le_nom_de_ta_session\bureau\.ZHPDiag.txt

ou directement en choisissant bureau et ZHPDiag.txt clique dessus

Clique sur Ouvrir.

Clique sur "Cliquez ici pour déposer le fichier".

Un lien de cette forme :

http://www.cijoint.fr/cjlink.php?file=cj200905/cib7SU.txt

est ajouté dans la page.

Copie ce lien dans ta réponse.


et si problème passe par celui ci : http://threat-rc.com/
ou
http://pjjoint.malekal.com/
0
Utilisateur anonyme
13 oct. 2012 à 19:21
Bonjour
Voilà , j'ai mis le rapport sur le site ! :P
0

Discussions similaires

Est ce que le site tlauncher est dangereux ?
caribou -
bazfile -

1 réponse
GTA 5 : comment changer de voiture principale ?
nicolas_2012 -
Xp -

26 réponses
Comment savoir si j'ai attrapé un virus sur mon téléphone ?
Infolock -
bell -

66 réponses
Virus Altruistic
Mael03250 -
MisteryBean -

11 réponses
Comment sortir du mode histoire gta v ?
Idtis -
Ccc -

3 réponses