Virus Windows Repair
Fermé
artquandciel
Messages postés
4
Date d'inscription
dimanche 17 avril 2011
Statut
Membre
Dernière intervention
17 avril 2011
-
17 avril 2011 à 18:37
Tigzy Messages postés 7498 Date d'inscription lundi 15 février 2010 Statut Contributeur sécurité Dernière intervention 15 septembre 2021 - 18 avril 2011 à 07:38
Tigzy Messages postés 7498 Date d'inscription lundi 15 février 2010 Statut Contributeur sécurité Dernière intervention 15 septembre 2021 - 18 avril 2011 à 07:38
A voir également:
- Virus Windows Repair
- Clé windows 10 gratuit - Guide
- Windows 10 gratuit - Guide
- Windows 12 - Guide
- Windows repair windows 10 - Télécharger - Utilitaires
- Windows ne démarre pas - Guide
5 réponses
Xplode
Messages postés
8820
Date d'inscription
vendredi 21 août 2009
Statut
Contributeur sécurité
Dernière intervention
2 juillet 2015
726
Modifié par Xplode le 17/04/2011 à 18:41
Modifié par Xplode le 17/04/2011 à 18:41
Hello,
1ère étape :
Relance RogueKiller avec l'option n°6 et poste moi le rapport.
2ème étape :
?????????? Malwarebytes' Anti-Malware ??????????
? Télécharge Malwarebytes' Anti-malware sur ton bureau.
? Installe le en suivant les instructions. Coche "Créer une icône sur le bureau"
? A la fin de l'installation, MBAM se mettra à jour automatiquement puis s'exécutera.
? Une fois lancé, clique sur "Exécuter un examen complet" puis sur [Rechercher]
? Sélectionne tout tes disques locaux et amovibles.
? Patiente pendant toute la durée du scan, puis clique sur [Ok] une fois l'analyse effectuée.
? Clique ensuite sur [Afficher les résultats] puis sur [Supprimer la sélection]. Valide ensuite par [Ok].
? MBAM ouvrira un rapport, copie/colle son contenu dans ta prochaine réponse.
? Tu peux ensuite vider la quarantaine de MBAM.
Note : MBAM t'invitera peut être à redémarrer ton PC, fais le. Le rapport se trouve dans la partie " Rapports/Logs " de MBAM.
? Si tu as des soucis, un tutoriel est disponible à cette adresse.
3ème étape :
?????????? ZHPDiag ??????????
? Nous allons effectuer un diagnostic de ton ordinateur, pour ce faire, télécharge ZHPDiag ( de Nicolas Coolman ).
? Exécute l'installateur -> /!\ Coche la case " créer une icône sur le bureau " /!\
? Lance le en double cliquant sur l'icône ZHPDiag qui se trouve sur ton bureau.
Note : Sous Vista/Seven : Clic droit sur l'icône -> " Exécuter en tant qu'administrateur "
? Clique sur l'icône en forme de loupe en haut à gauche ( Lancer le diagnostic ).
? Une fois l'analyse terminée, clique sur l'icône en forme de disquette bleue puis sauvegarde le fichier sur ton bureau.
Copie/Colle son contenu ici
Xplode - Contributeur sécurité.
1ère étape :
Relance RogueKiller avec l'option n°6 et poste moi le rapport.
2ème étape :
?????????? Malwarebytes' Anti-Malware ??????????
? Télécharge Malwarebytes' Anti-malware sur ton bureau.
? Installe le en suivant les instructions. Coche "Créer une icône sur le bureau"
? A la fin de l'installation, MBAM se mettra à jour automatiquement puis s'exécutera.
? Une fois lancé, clique sur "Exécuter un examen complet" puis sur [Rechercher]
? Sélectionne tout tes disques locaux et amovibles.
? Patiente pendant toute la durée du scan, puis clique sur [Ok] une fois l'analyse effectuée.
? Clique ensuite sur [Afficher les résultats] puis sur [Supprimer la sélection]. Valide ensuite par [Ok].
? MBAM ouvrira un rapport, copie/colle son contenu dans ta prochaine réponse.
? Tu peux ensuite vider la quarantaine de MBAM.
Note : MBAM t'invitera peut être à redémarrer ton PC, fais le. Le rapport se trouve dans la partie " Rapports/Logs " de MBAM.
? Si tu as des soucis, un tutoriel est disponible à cette adresse.
3ème étape :
?????????? ZHPDiag ??????????
? Nous allons effectuer un diagnostic de ton ordinateur, pour ce faire, télécharge ZHPDiag ( de Nicolas Coolman ).
? Exécute l'installateur -> /!\ Coche la case " créer une icône sur le bureau " /!\
? Lance le en double cliquant sur l'icône ZHPDiag qui se trouve sur ton bureau.
Note : Sous Vista/Seven : Clic droit sur l'icône -> " Exécuter en tant qu'administrateur "
? Clique sur l'icône en forme de loupe en haut à gauche ( Lancer le diagnostic ).
? Une fois l'analyse terminée, clique sur l'icône en forme de disquette bleue puis sauvegarde le fichier sur ton bureau.
Copie/Colle son contenu ici
Xplode - Contributeur sécurité.
artquandciel
Messages postés
4
Date d'inscription
dimanche 17 avril 2011
Statut
Membre
Dernière intervention
17 avril 2011
17 avril 2011 à 18:53
17 avril 2011 à 18:53
Merci pour ta réponse rapide!
Voici le rapport RogueKiller 6
RogueKiller V4.3.9 [16/04/2011] par Tigzy
contact sur https://www.luanagames.com/index.fr.html
mail: tigzyRK<at>gmail<dot>com
Remontees: https://www.luanagames.com/index.fr.html
Systeme d'exploitation: Windows 7 (6.1.7600 ) 64 bits version
Demarrage : Mode normal
Utilisateur: thaf [Droits d'admin]
Mode: Raccourcis RAZ -- Date : 17/04/2011 18:52:21
Processus malicieux: 0
Attributs de fichiers restaures:
Bureau: Success 0 / Fail 0
Lancement rapide: Success 0 / Fail 0
Programmes: Success 0 / Fail 0
Menu demarrer: Success 0 / Fail 0
Dossier utilisateur: Success 1042 / Fail 0
Mes documents: Success 3972 / Fail 0
Mes favoris: Success 29 / Fail 0
Mes images: Success 1 / Fail 0
Ma musique: Success 4512 / Fail 0
Mes videos: Success 1 / Fail 0
Disques locaux: Success 16022 / Fail 10
Termine : << RKreport[2].txt >>
RKreport[1].txt ; RKreport[2].txt
Je suis en train de télécharger Malwarebytes.
Voici le rapport RogueKiller 6
RogueKiller V4.3.9 [16/04/2011] par Tigzy
contact sur https://www.luanagames.com/index.fr.html
mail: tigzyRK<at>gmail<dot>com
Remontees: https://www.luanagames.com/index.fr.html
Systeme d'exploitation: Windows 7 (6.1.7600 ) 64 bits version
Demarrage : Mode normal
Utilisateur: thaf [Droits d'admin]
Mode: Raccourcis RAZ -- Date : 17/04/2011 18:52:21
Processus malicieux: 0
Attributs de fichiers restaures:
Bureau: Success 0 / Fail 0
Lancement rapide: Success 0 / Fail 0
Programmes: Success 0 / Fail 0
Menu demarrer: Success 0 / Fail 0
Dossier utilisateur: Success 1042 / Fail 0
Mes documents: Success 3972 / Fail 0
Mes favoris: Success 29 / Fail 0
Mes images: Success 1 / Fail 0
Ma musique: Success 4512 / Fail 0
Mes videos: Success 1 / Fail 0
Disques locaux: Success 16022 / Fail 10
Termine : << RKreport[2].txt >>
RKreport[1].txt ; RKreport[2].txt
Je suis en train de télécharger Malwarebytes.
artquandciel
Messages postés
4
Date d'inscription
dimanche 17 avril 2011
Statut
Membre
Dernière intervention
17 avril 2011
17 avril 2011 à 20:00
17 avril 2011 à 20:00
Voilà le rapport Malwarebytes. Etrangement, mon ordi ne semble plus être infecté. Et je peux maintenant accéder à mes documents ce qui n'était pas le cas avant!
Malwarebytes' Anti-Malware 1.50
www.malwarebytes.org
Version de la base de données: 6385
Windows 6.1.7600
Internet Explorer 8.0.7600.16385
17/04/2011 19:35:41
mbam-log-2011-04-17 (19-35-41).txt
Type d'examen: Examen complet (C:\|D:\|G:\|H:\|I:\|J:\|)
Elément(s) analysé(s): 357315
Temps écoulé: 33 minute(s), 38 seconde(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 0
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
(Aucun élément nuisible détecté)
Fichier(s) infecté(s):
(Aucun élément nuisible détecté)
Malwarebytes' Anti-Malware 1.50
www.malwarebytes.org
Version de la base de données: 6385
Windows 6.1.7600
Internet Explorer 8.0.7600.16385
17/04/2011 19:35:41
mbam-log-2011-04-17 (19-35-41).txt
Type d'examen: Examen complet (C:\|D:\|G:\|H:\|I:\|J:\|)
Elément(s) analysé(s): 357315
Temps écoulé: 33 minute(s), 38 seconde(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 0
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
(Aucun élément nuisible détecté)
Fichier(s) infecté(s):
(Aucun élément nuisible détecté)
Tigzy
Messages postés
7498
Date d'inscription
lundi 15 février 2010
Statut
Contributeur sécurité
Dernière intervention
15 septembre 2021
582
18 avril 2011 à 07:38
18 avril 2011 à 07:38
Voilà le rapport Malwarebytes. Etrangement, mon ordi ne semble plus être infecté.
Salut, ça n'a rien d'étrange! :))
[APPDT/TMP/DESKTOP] HKCU\[...]\Run : MqUAIhhYBM (C:\ProgramData\MqUAIhhYBM.exe) -> DELETED
Salut, ça n'a rien d'étrange! :))
[APPDT/TMP/DESKTOP] HKCU\[...]\Run : MqUAIhhYBM (C:\ProgramData\MqUAIhhYBM.exe) -> DELETED
Xplode
Messages postés
8820
Date d'inscription
vendredi 21 août 2009
Statut
Contributeur sécurité
Dernière intervention
2 juillet 2015
726
17 avril 2011 à 20:12
17 avril 2011 à 20:12
Ok :) Fais quand même le rapport ZHPDiag.
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
artquandciel
Messages postés
4
Date d'inscription
dimanche 17 avril 2011
Statut
Membre
Dernière intervention
17 avril 2011
17 avril 2011 à 20:45
17 avril 2011 à 20:45
Voilà c'est fait!
Rapport de ZHPDiag v1.27.1903 par Nicolas Coolman, Update du 17/04/2011
Run by thaf at 17/04/2011 20:41:10
Web site : http://www.premiumorange.com/zeb-help-process/zhpdiag.html
---\\ Web Browser
MSIE: Internet Explorer v8.0.7600.16385
GCIE: Google Chrome v10.0.648.204 (Defaut)
---\\ System Information
Windows 7 Home Premium Edition, 64-bit (Build 7600)
Processor: Intel64 Family 6 Model 23 Stepping 10, GenuineIntel
Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 4095 MB (57% free)
System Restore: Activé (Enable)
System drive C: has 456 GB (78%) free of 582 GB
---\\ Logged in mode
Computer Name: THAF-PC
User Name: thaf
All Users Names: thaf, HomeGroupUser$, Administrateur,
Unselected Option: O45,O61,O62,O65,O66,O82
Logged in as Administrator
---\\ Environnement Variables
%AppData%=C:\Users\thaf\AppData\Roaming
%LocalAppData%=C:\Users\thaf\AppData\Local
%StartMenu%=C:\Users\thaf\AppData\Roaming\Microsoft\Windows\Start Menu
---\\ DOS/Devices
C:\ Hard drive, Flash drive, Thumb drive (Free 456 Go of 582 Go)
D:\ Hard drive, Flash drive, Thumb drive (Free 2 Go of 14 Go)
E:\ CD-ROM drive (Free 0 Go of 1 Go)
G:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
H:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
I:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
J:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
---\\ Security Center & Tools Informations
[HKLM\SOFTWARE\Microsoft\Security Center] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] UacDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] UpdatesDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] UacDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] NoActiveDesktopChanges: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] DisableTaskMgr: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] DisableRegistryTools: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] NoDispScrSavPage: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowSearch: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK
---\\ Recherche particulière de fichiers génériques
[MD5.9AAAEC8DAC27AA17B053E6352AD233AE] - (.Microsoft Corporation - Explorateur Windows.) (.31/10/2009 07:34:59.) -- C:\Windows\Explorer.exe [2870272]
[MD5.B5C5DCAD3899512020D135600129D665] - (.Microsoft Corporation - Application de démarrage de Windows.) (.14/07/2009 02:14:45.) -- C:\Windows\system32\Wininit.exe [96256]
[MD5.214605C48AE416BC067C39D227CFCC57] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.24/02/2011 06:32:44.) -- C:\Windows\system32\wininet.dll [981504]
---\\ Processus lancés
[MD5.9157189DC07511ECBBE1D2615D8A2FED] - (.Hewlett-Packard - HP Advisor.) -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe [1668664]
[MD5.E207A39FF4847AA5805CC223778BBFE1] - (.Logitech Inc. - Logitech Vid.) -- C:\Program Files (x86)\Logitech\Logitech Vid\Vid.exe [6061400]
[MD5.F02A533F517EB38333CB12A9E8963773] - (.Google Inc. - Programme d'installation de Google.) -- C:\Users\thaf\AppData\Local\Google\Update\GoogleUpdate.exe [136176]
[MD5.3588AFA5623BB8844F71F271A7A96669] - (...) -- C:\Program Files (x86)\Orange\MailNotifier\MailNotifier.exe [634368]
[MD5.554A50B5310E702029D3A675459108FF] - (.Hewlett-Packard - hpsysdrv.) -- C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe [62768]
[MD5.013F05784A4BD193C9CD1817ACC31B6B] - (.Pas de propriétaire - HP Remote Solution.) -- C:\Program Files (x86)\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe [656896]
[MD5.5516C26A6AF8EB4E2CAB48EC98A74398] - (.Hewlett-Packard - hpwuSchd Application.) -- C:\Program Files (x86)\hp\HP Software Update\hpwuschd2.exe [54576]
[MD5.72DE9723E5203A5C5D284C6D001A1D14] - (.France Telecom SA - Orange Connection Kit.) -- C:\Program Files (x86)\Orange\Connexion Internet Orange\Launcher\Launcher.exe [717552]
[MD5.729C556547EA1787E1838BB8D6F0990C] - (...) -- C:\Program Files (x86)\WatchGuard\Mobile VPN\NcpBudgetGui.exe [989696]
[MD5.73A63334D92870B4FB58A3DEDE02F284] - (...) -- C:\Program Files (x86)\WatchGuard\Mobile VPN\rwsrsu.exe [819712]
[MD5.527F995C40417C0F4EBB74ACA98F915A] - (.France Telecom SA - Orange Connection Kit.) -- C:\PROGRA~2\COMMON~1\France Telecom\Shared Modules\AlertModule\0\AlertModule.exe [90112]
[MD5.2589FFE360BED8F824CBC6171CB5B874] - (...) -- C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe [2793304]
[MD5.73BB442A717B9BB0097C243374C14A3E] - (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [948672]
[MD5.2E9A1A6555C20424FC6DCC3AF21F4D68] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe [3451496]
[MD5.98D472ECFBC0E8ED25A0483E765F42B6] - (...) -- C:\Program Files (x86)\Common Files\Logishrd\LQCVFX\COCIManager.exe [560472]
[MD5.C65B115A03DB0260895DE96681E88221] - (.CyberLink Corp. - HP DVDSmart Resident Program.) -- c:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe [128296]
[MD5.EF06E2DEDA4BEBF1848FE395D078FFC1] - (.CyberLink - CyberLink MediaLibray Service.) -- c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe [206120]
[MD5.A0F1DFC9E47B2524213AFF32E26BE92D] - (.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe [164864]
[MD5.453B783EAEC289407002AE37752D229D] - (.Google Inc. - Google Chrome.) -- C:\Users\thaf\AppData\Local\Google\Chrome\Application\chrome.exe [1004088]
[MD5.51138BEEA3E2C21EC44D0932C71762A8] - (...) -- C:\Windows\SysWOW64\rundll32.exe [44544]
[MD5.D6D0AD94EFC131772C3265F242D78FCB] - (.Nicolas Coolman - Diagnostic Tool.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [644096]
---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
P2 - FPN: [HKCU] [@facebook.com/FBPlugin,version=1.0.3] - (.Pas de propriétaire - Provides additional functionality on Facebook. See <a href="http://www.) -- C:\Users\thaf\AppData\Roaming\Facebook\npfbplugin_1_0_3.dll
P2 - FPN: [HKCU] [@tools.google.com/Google Update;version=8] - (.Google Inc. - Google Update.) -- C:\Users\thaf\AppData\Local\Google\Update\1.2.183.39\npGoogleOneClick8.dll
---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
G1 - GCS: Preference [User Data\Default] None
G0 - GCSP: Preference [User Data\Default][HomePage] http://r.orange.fr
G2 - GCE: Preference [User Data\Default] [bgngjfgpahnnncnimlhjgjhdajmaeeoa] Pearltrees v.1.0.12 (Activé)
G2 - GCE: Preference [User Data\Default] [lncjcfkpannmofmpgdfoonkniofdnaba] Chrome PDF Viewer v. (Désactivé)
---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://r.orange.fr
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com
R0 - HKUS\S-1-5-21-4220392474-3154016718-1942710015-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://r.orange.fr
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/?gws_rd=ssl
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.google.com/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.microsoft.com/fr-fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.microsoft.com/fr-fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = https://www.google.com/?gws_rd=ssl
R1 - HKUS\S-1-5-21-4220392474-3154016718-1942710015-1000\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/?gws_rd=ssl
R3 - URLSearchHook: (no name) [64Bits] - {AEEC3B59-CA98-4EBA-A140-57B94E283583} Clé orpheline
R3 - URLSearchHook: Microsoft Url Search Hook [64Bits] - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Navigateur Internet.) (8.00.7600.16385 (win7_rtm.090713-1255)) -- C:\Windows\System32\ieframe.dll
R3 - URLSearchHook: Search Class [64Bits] - {08C06D61-F1F3-4799-86F8-BE1A89362C85} . (.Pas de propriétaire - Pas de description.) (No version) -- C:\Program Files (x86)\Orange\Connexion Internet Orange\SearchURLHook\SearchPageURL.dll
R4 - HKLM\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 0
---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
---\\ ---\\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2)
F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: VMApplet=C:\WINDOWS\system32\SystemPropertiesPerformance.exe
---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: avast! WebRep [64Bits] - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} . (.Pas de propriétaire - avast! WebRep Plugin.) -- C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: avast! WebRep [64Bits] - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} . (.Pas de propriétaire - avast! WebRep Plugin.) -- C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
---\\ ---\\ Applications démarrées par registre & par dossier (O4)
O4 - HKLM\..\Run: [NvCplDaemon] C:\Windows\system32\NvCpl.dll (.not file.)
O4 - HKLM\..\Run: [SmartMenu] . (.Pas de propriétaire - SmartMenu.) -- C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
O4 - HKCU\..\Run: [HPADVISOR] . (.Hewlett-Packard - HP Advisor.) -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe
O4 - HKCU\..\Run: [Logitech Vid] . (.Logitech Inc. - Logitech Vid.) -- C:\Program Files (x86)\Logitech\Logitech Vid\Vid.exe
O4 - HKCU\..\Run: [OE Backup] . (.Bodrag - Pas de description.) -- C:\Program Files (x86)\Bodrag\Outlook Express Backup Expert\OEBackup.exe
O4 - HKCU\..\Run: [Google Update] . (.Google Inc. - Programme d'installation de Google.) -- C:\Users\thaf\AppData\Local\Google\Update\GoogleUpdate.exe
O4 - HKCU\..\Run: [MailNotifier] . (...) -- C:\Program Files (x86)\Orange\MailNotifier\MailNotifier.exe
O4 - HKLM\..\Wow6432Node\Run: [hpsysdrv] . (.Hewlett-Packard - hpsysdrv.) -- c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe
O4 - HKLM\..\Wow6432Node\Run: [HP Remote Solution] C:\Program Files\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe (.not file.)
O4 - HKLM\..\Wow6432Node\Run: [HP Software Update] . (.Hewlett-Packard - hpwuSchd Application.) -- c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Wow6432Node\Run: [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe (.not file.)
O4 - HKLM\..\Wow6432Node\Run: [UpdatePRCShortCut] Clé orpheline
O4 - HKLM\..\Wow6432Node\Run: [ORAHSSSessionManager] . (.France Telecom SA - Orange Connection Kit.) -- C:\Program Files (x86)\Orange\Connexion Internet Orange\SessionManager\SessionManager.exe
O4 - HKLM\..\Wow6432Node\Run: [NcpBudgetGui] . (...) -- C:\Program Files (x86)\WatchGuard\Mobile VPN\NcpBudgetGui.exe
O4 - HKLM\..\Wow6432Node\Run: [NcpPopup] . (...) -- C:\Program Files (x86)\WatchGuard\Mobile VPN\ncppopup.exe
O4 - HKLM\..\Wow6432Node\Run: [NcpRsuGui] . (...) -- C:\Program Files (x86)\WatchGuard\Mobile VPN\rwsrsu.exe
O4 - HKLM\..\Wow6432Node\Run: [LogitechQuickCamRibbon] . (...) -- C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe
O4 - HKLM\..\Wow6432Node\Run: [Adobe Reader Speed Launcher] . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe
O4 - HKLM\..\Wow6432Node\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
O4 - HKLM\..\Wow6432Node\Run: [avast] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\avastUI.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-21-4220392474-3154016718-1942710015-1000\..\Run: [HPADVISOR] . (.Hewlett-Packard - HP Advisor.) -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe
O4 - HKUS\S-1-5-21-4220392474-3154016718-1942710015-1000\..\Run: [Logitech Vid] . (.Logitech Inc. - Logitech Vid.) -- C:\Program Files (x86)\Logitech\Logitech Vid\Vid.exe
O4 - HKUS\S-1-5-21-4220392474-3154016718-1942710015-1000\..\Run: [OE Backup] . (.Bodrag - Pas de description.) -- C:\Program Files (x86)\Bodrag\Outlook Express Backup Expert\OEBackup.exe
O4 - HKUS\S-1-5-21-4220392474-3154016718-1942710015-1000\..\Run: [Google Update] . (.Google Inc. - Programme d'installation de Google.) -- C:\Users\thaf\AppData\Local\Google\Update\GoogleUpdate.exe
O4 - HKUS\S-1-5-21-4220392474-3154016718-1942710015-1000\..\Run: [MailNotifier] . (...) -- C:\Program Files (x86)\Orange\MailNotifier\MailNotifier.exe
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (.not file.)
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (.not file.)
---\\ ---\\ Autres liens utilisateurs (O4)
O4 - Global Startup: C:\Users\thaf\Desktop\Mobile VPN Monitor.lnk . (.NCP engineering GmbH.) -- C:\Program Files (x86)\WatchGuard\Mobile VPN\NCPMON.exe
---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8)
O8 - Extra context menu item: &Recherche AOL Toolbar . (.Pas de propriétaire - Pas de description.) -- C:\ProgramData\AOL\ieToolbar\resources\fr-FR\local\search.html
O8 - Extra context menu item: Add to Google Photos Screensa&ver . (.Google Inc. - Google Photos Screensaver.) -- C:\Windows\system32\GPhotos.scr
O8 - Extra context menu item: ajouter cette page à vos favoris Orange - (.not file.) - C:\Users\thaf\AppData\Local\Temp\cce1699.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel . (.Microsoft Corporation - Microsoft Office Excel.) -- C:\PROGRA~2\MICROS~2\Office12\EXCEL.exe
O8 - Extra context menu item: Google Sidewiki... - (.not file.) - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll
O8 - Extra context menu item: traduire la page - (.not file.) - C:\Users\thaf\AppData\Local\Temp\cce1687.html
O8 - Extra context menu item: traduire le texte sélectionné - (.not file.) - C:\Users\thaf\AppData\Local\Temp\cce1688.html
---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\Windows\system32\mswsock.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll
O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d'affectation de noms de messagerie.) -- C:\Windows\system32\napinsp.dll
O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Fournisseur d'espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - Fournisseur d'espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{205B7237-B254-48DA-A248-C318AA1FE68C}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{205B7237-B254-48DA-A248-C318AA1FE68C}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{205B7237-B254-48DA-A248-C318AA1FE68C}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: (avast! Antivirus) . (.AVAST Software - avast! Service.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: (FTRTSVC) . (.France Telecom SA - Orange Connection Kit.) - C:\PROGRA~2\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
O23 - Service: (GameConsoleService) . (.WildTangent, Inc. - GameConsoleService.) - C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe
O23 - Service: (gupdate) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: (gusvc) . (.Google - gusvc.) - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: (HP Health Check Service) . (.Hewlett-Packard - HP Health Check Service.) - C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: (hpqwmiex) . (.Hewlett-Packard Development Company, L.P. - hpqwmiex Module.) - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: (LightScribeService) . (.Hewlett-Packard Company - LightScribe Service.) - c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
O23 - Service: (LVPrcS64) . (.Logitech Inc. - Logitech LVPrcSrv Module..) - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: (ncpclcfg) . (.NCP engineering GmbH - NCP Client Configuration Service.) - C:\Program Files (x86)\WatchGuard\Mobile VPN\ncpclcfg.exe
O23 - Service: (ncprwsnt) . (.NCP Engineering GmbH - Provides NCP VPN, PPP and Dial services.) - C:\Program Files (x86)\WatchGuard\Mobile VPN\ncprwsnt.exe
O23 - Service: (NcpSec) . (...) - C:\Program Files (x86)\WatchGuard\Mobile VPN\ncpsec.exe
O23 - Service: (nvsvc) . (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 186.2.) - C:\Windows\system32\nvvsvc.exe
O23 - Service: (Orange update Core Service) . (...) - C:\Program Files (x86)\Orange\OrangeUpdate\Service\OUCore.exe
O23 - Service: (rwsrsu) . (...) - C:\Program Files (x86)\WatchGuard\Mobile VPN\rwsrsu.exe
---\\ Enumération Active Desktop & MHTML Editor (O24)
O24 - Default MHTML Editor: Last - .(...) - (.not file.)
---\\ Tâches planifiées en automatique (O39)
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4220392474-3154016718-1942710015-1000Core.job
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4220392474-3154016718-1942710015-1000UA.job
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\HPCeeScheduleForthaf.job
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\PCDRScheduledMaintenance.job
[MD5.EF06E2DEDA4BEBF1848FE395D078FFC1] [APT] [CLMLSvc] (.CyberLink.) -- c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
[MD5.C65B115A03DB0260895DE96681E88221] [APT] [DVDAgent] (.CyberLink Corp..) -- c:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe
[MD5.8F0DE4FEF8201E306F9938B0905AC96A] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
[MD5.8F0DE4FEF8201E306F9938B0905AC96A] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
[MD5.F02A533F517EB38333CB12A9E8963773] [APT] [GoogleUpdateTaskUserS-1-5-21-4220392474-3154016718-1942710015-1000Core] (.Google Inc..) -- C:\Users\thaf\AppData\Local\Google\Update\GoogleUpdate.exe
[MD5.F02A533F517EB38333CB12A9E8963773] [APT] [GoogleUpdateTaskUserS-1-5-21-4220392474-3154016718-1942710015-1000UA] (.Google Inc..) -- C:\Users\thaf\AppData\Local\Google\Update\GoogleUpdate.exe
[MD5.19241811C54D6E8D352418A73C68D26E] [APT] [HPCeeScheduleForthaf] (.Hewlett-Packard.) -- C:\Program Files (x86)\hewlett-packard\sdp\ceement\HPCEE.exe
[MD5.55933254903B7E3C3F997630FF612E11] [APT] [PCDRScheduledMaintenance] (.PC-Doctor, Inc..) -- C:\Program Files\PC-Doctor for Windows\pcdr5cuiw32.exe
[MD5.BF9EAB227D409CE1E75C23BB10CF5DBC] [APT] [{E6CB7701-9E2E-4F02-970C-87D6DF0958D5}] (.Skype Technologies S.A..) -- C:\Program Files (x86)\Skype\Phone\Skype.exe
[MD5.ACB856FE8856E8091F5EF0ADB6450A55] [APT] [PC Health Analysis] (.Hewlett-Packard.) -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe
[MD5.ACB856FE8856E8091F5EF0ADB6450A55] [APT] [PC Tuneup] (.Hewlett-Packard.) -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe
---\\ Pilotes lancés au démarrage (O41)
O41 - Driver: C:\Windows\system32\drivers\afd.sys (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\Windows\system32\drivers\afd.sys
O41 - Driver: (blbdrive) . (.Microsoft Corporation - BLB Drive Driver.) - C:\Windows\system32\DRIVERS\blbdrive.sys
O41 - Driver: (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\system32\DRIVERS\cdrom.sys
O41 - Driver: C:\Windows\system32\drivers\dfsc.sys (DfsC) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\System32\Drivers\dfsc.sys
O41 - Driver: C:\Windows\system32\drivers\discache.sys (discache) . (.Microsoft Corporation - System Indexer/Cache Driver.) - C:\Windows\System32\drivers\discache.sys
O41 - Driver: (mssmbios) . (.Microsoft Corporation - System Management BIOS Driver.) - C:\Windows\system32\DRIVERS\mssmbios.sys
O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\System32\DRIVERS\netbios.sys
O41 - Driver: C:\Windows\system32\drivers\netbt.sys (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\System32\DRIVERS\netbt.sys
O41 - Driver: C:\Windows\system32\drivers\nsiproxy.sys (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\System32\drivers\nsiproxy.sys
O41 - Driver: C:\Windows\system32\drivers\pacer.sys (Psched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\Windows\System32\DRIVERS\pacer.sys
O41 - Driver: C:\Windows\system32\wkssvc.dll (rdbss) . (.Microsoft Corporation - Pilote du sous-système de mise en mémoire t.) - C:\Windows\System32\DRIVERS\rdbss.sys
O41 - Driver: C:\Windows\system32\DRIVERS\RDPCDD.sys (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\DRIVERS\RDPCDD.sys
O41 - Driver: C:\Windows\system32\drivers\RDPENCDD.sys (RDPENCDD) . (.Microsoft Corporation - RDP Encoder Miniport.) - C:\Windows\System32\drivers\rdpencdd.sys
O41 - Driver: C:\Windows\system32\drivers\RdpRefMp.sys (RDPREFMP) . (.Microsoft Corporation - RDP Reflector Driver Miniport.) - C:\Windows\System32\drivers\rdprefmp.sys
O41 - Driver: C:\Windows\system32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\System32\DRIVERS\tdx.sys
O41 - Driver: (TermDD) . (.Microsoft Corporation - Remote Desktop Server Driver.) - C:\Windows\system32\DRIVERS\termdd.sys
O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\Windows\system32\drivers\vga.sys
O41 - Driver: C:\Windows\system32\rascfg.dll (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\System32\DRIVERS\wanarp.sys
O41 - Driver: (WfpLwf) . (.Microsoft Corporation - WFP NDIS 6.20 Lightweight Filter Driver.) - C:\Windows\System32\DRIVERS\wfplwf.sys
---\\ Logiciels installés (O42)
O42 - Logiciel: AOL Toolbar 5.0 - (.AOL LLC.) [HKLM][64Bits] -- AOL Toolbar
O42 - Logiciel: Activation Assistant for the 2007 Microsoft Office suites - (.Microsoft Corporation.) [HKLM][64Bits] -- Activation Assistant for the 2007 Microsoft Office suites
O42 - Logiciel: ActiveCheck component for HP Active Support Library - (.Hewlett-Packard.) [HKLM][64Bits] -- {254C37AA-6B72-4300-84F6-98A82419187E}
O42 - Logiciel: Adobe AIR - (.Adobe Systems Inc..) [HKLM][64Bits] -- Adobe AIR
O42 - Logiciel: Adobe AIR - (.Adobe Systems Inc..) [HKLM][64Bits] -- {B194272D-1F92-46DF-99EB-8D5CE91CB4EC}
O42 - Logiciel: Adobe Flash Player 10 ActiveX - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Flash Player ActiveX
O42 - Logiciel: Adobe Flash Player 10 ActiveX 64-bit - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX 64
O42 - Logiciel: Adobe Flash Player 9 ActiveX - (.Adobe Systems.) [HKLM][64Bits] -- ShockwaveFlash
O42 - Logiciel: Adobe Reader 9.3 - Français - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {AC76BA86-7AD7-1036-7B44-A93000000001}
O42 - Logiciel: Connexion Internet Orange - (.Pas de propriétaire.) [HKLM][64Bits] -- {ORAHSS}.UninstallSuite
O42 - Logiciel: CyberLink DVD Suite Deluxe - (.CyberLink Corp..) [HKLM][64Bits] -- InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}
O42 - Logiciel: CyberLink DVD Suite Deluxe - (.CyberLink Corp..) [HKLM][64Bits] -- {1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}
O42 - Logiciel: Download Updater (AOL LLC) - (.Pas de propriétaire.) [HKLM][64Bits] -- SoftwareUpdUtility
O42 - Logiciel: Facebook Plug-In - (.Facebook, Inc..) [HKCU] -- Facebook Plug-In
O42 - Logiciel: Frets On Fire - (.Pas de propriétaire.) [HKLM][64Bits] -- Frets on Fire
O42 - Logiciel: Google Chrome - (.Google Inc..) [HKCU] -- Google Chrome
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM][64Bits] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
O42 - Logiciel: HP Advisor - (.Hewlett-Packard.) [HKLM][64Bits] -- {B53E61D7-7C80-40DF-82D2-CF5390D6D20A}
O42 - Logiciel: HP Customer Experience Enhancements - (.Hewlett-Packard.) [HKLM][64Bits] -- {5B295588-59C1-4386-9F85-BB4BEDCB0D22}
O42 - Logiciel: HP Games - (.WildTangent.) [HKLM][64Bits] -- WildTangent hp Master Uninstall
O42 - Logiciel: HP MediaSmart DVD - (.Hewlett-Packard.) [HKLM][64Bits] -- InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}
O42 - Logiciel: HP MediaSmart DVD - (.Hewlett-Packard.) [HKLM][64Bits] -- {DCCAD079-F92C-44DA-B258-624FC6517A5A}
O42 - Logiciel: HP MediaSmart Movie Themes - (.Hewlett-Packard.) [HKLM][64Bits] -- InstallShield_{3023EBDA-BF1B-4831-B347-E5018555F26E}
O42 - Logiciel: HP MediaSmart Movie Themes - (.Hewlett-Packard.) [HKLM][64Bits] -- {3023EBDA-BF1B-4831-B347-E5018555F26E}
O42 - Logiciel: HP MediaSmart Music/Photo/Video - (.Hewlett-Packard.) [HKLM][64Bits] -- InstallShield_{B2EE25B9-5B00-4ACF-94F0-92433C28C39E}
O42 - Logiciel: HP MediaSmart Music/Photo/Video - (.Hewlett-Packard.) [HKLM][64Bits] -- {B2EE25B9-5B00-4ACF-94F0-92433C28C39E}
O42 - Logiciel: HP MediaSmart SmartMenu - (.Hewlett-Packard.) [HKLM] -- {26280024-DFB7-4967-90DB-7F9C6660D01E}
O42 - Logiciel: HP Remote Solution - (.TopSeed.) [HKLM][64Bits] -- HP Remote Solution
O42 - Logiciel: HP Remote Solution - (.TopSeed.) [HKLM][64Bits] -- {C611CF88-969D-43E6-A877-D6D6439DD081}
O42 - Logiciel: HP Setup - (.Hewlett-Packard.) [HKLM][64Bits] -- {F3B912F5-EB57-45AA-B3D1-EB532BCF6EF8}
O42 - Logiciel: HP Support Assistant - (.Hewlett-Packard.) [HKLM][64Bits] -- {4F46FDB9-B906-47BF-B3D5-C62E01B3C5EE}
O42 - Logiciel: HP Update - (.Hewlett-Packard.) [HKLM][64Bits] -- {D46D081B-F60E-467E-A7C4-117B70D76731}
O42 - Logiciel: HPAsset component for HP Active Support Library - (.Hewlett-Packard.) [HKLM][64Bits] -- {669D4A35-146B-4314-89F1-1AC3D7B88367}
O42 - Logiciel: LabelPrint - (.CyberLink Corp..) [HKLM][64Bits] -- InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}
O42 - Logiciel: LabelPrint - (.CyberLink Corp..) [HKLM][64Bits] -- {C59C179C-668D-49A9-B6EA-0121CCFC1243}
O42 - Logiciel: Les Sims 2 - (.Pas de propriétaire.) [HKLM][64Bits] -- {6E7DD182-9FC6-4651-0095-2E666CC6AF35}
O42 - Logiciel: Les Sims(TM) 2 Animaux & Cie - (.Pas de propriétaire.) [HKLM][64Bits] -- {4817189D-1785-4627-A33C-39FD90919300}
O42 - Logiciel: LightScribe System Software - (.LightScribe.) [HKLM][64Bits] -- {DD6C316A-FE75-4FBB-9D22-4C1920232B72}
O42 - Logiciel: Logitech Vid - (.Logitech Inc..) [HKLM][64Bits] -- {4FBCEA31-5D18-4212-9231-DE7CF1BE7DBB}
O42 - Logiciel: Logitech Webcam Software - (.Logitech Inc..) [HKLM] -- {987FE247-4E69-4A2E-A961-D14F901FDBF6}
O42 - Logiciel: MSXML 4.0 SP2 (KB954430) - (.Microsoft Corporation.) [HKLM][64Bits] -- {86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
O42 - Logiciel: MSXML 4.0 SP2 (KB973688) - (.Microsoft Corporation.) [HKLM][64Bits] -- {F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
O42 - Logiciel: Malwarebytes' Anti-Malware - (.Malwarebytes Corporation.) [HKLM][64Bits] -- Malwarebytes' Anti-Malware_is1
O42 - Logiciel: Microsoft Office Access MUI (French) 2007 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90120000-0015-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Excel MUI (French) 2007 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90120000-0016-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Home and Student 2007 - (.Microsoft Corporation.) [HKLM][64Bits] -- HOMESTUDENTR
O42 - Logiciel: Microsoft Office Home and Student 2007 - (.Microsoft Corporation.) [HKLM][64Bits] -- {91120000-002F-0000-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office InfoPath MUI (French) 2007 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90120000-0044-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Office 64-bit Components 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-002A-0000-1000-0000000FF1CE}
O42 - Logiciel: Microsoft Office OneNote MUI (French) 2007 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90120000-00A1-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Outlook MUI (French) 2007 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90120000-001A-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office PowerPoint MUI (French) 2007 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90120000-0018-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office PowerPoint Viewer 2007 (French) - (.Microsoft Corporation.) [HKLM][64Bits] -- {95120000-00AF-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Professional Plus 2007 - (.Microsoft Corporation.) [HKLM][64Bits] -- PROPLUS
O42 - Logiciel: Microsoft Office Professional Plus 2007 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90120000-0011-0000-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (Arabic) 2007 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90120000-001F-0401-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (Dutch) 2007 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90120000-001F-0413-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (English) 2007 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90120000-001F-0409-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (French) 2007 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90120000-001F-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (German) 2007 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90120000-001F-0407-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (Spanish) 2007 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90120000-001F-0C0A-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proofing (French) 2007 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90120000-002C-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Publisher MUI (French) 2007 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90120000-0019-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Shared 64-bit MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-002A-040C-1000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Shared MUI (French) 2007 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90120000-006E-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Word MUI (French) 2007 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90120000-001B-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable (x64) - (.Microsoft Corporation.) [HKLM] -- {071c9b48-7c32-4621-a0ac-3f809523288f}
O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable - (.Microsoft Corporation.) [HKLM][64Bits] -- {7299052b-02a4-4627-81f2-1818da5d550d}
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 - (.Microsoft Corporation.) [HKLM] -- {8220EEFE-38CD-377E-8595-13398D740ACE}
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 - (.Microsoft Corporation.) [HKLM][64Bits] -- {9A25302D-30C0-39D9-BD6F-21E6EC160475}
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 - (.Microsoft Corporation.) [HKLM][64Bits] -- {1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
O42 - Logiciel: Microsoft Works - (.Microsoft Corporation.) [HKLM][64Bits] -- {3B160861-7250-451E-B5EE-8B92BF30A710}
O42 - Logiciel: Module de compatibilité pour Microsoft Office System 2007 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90120000-0020-040C-0000-0000000FF1CE}
O42 - Logiciel: NVIDIA Drivers - (.NVIDIA Corporation.) [HKLM] -- NVIDIA Drivers
O42 - Logiciel: Notification Mail - (.Orange.) [HKLM][64Bits] -- MailNotifier
O42 - Logiciel: Orange Desktop Search - (.Orange.) [HKLM][64Bits] -- OrangeDesktopSearch2
O42 - Logiciel: Orange update - (.Orange.) [HKLM][64Bits] -- OrangeUpdateManager
O42 - Logiciel: Outils de diagnostic du matériel - (.PC-Doctor, Inc..) [HKLM] -- PC-Doctor for Windows
O42 - Logiciel: Picasa 3 - (.Google, Inc..) [HKLM][64Bits] -- Picasa 3
O42 - Logiciel: Power2Go - (.CyberLink Corp..) [HKLM][64Bits] -- InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}
O42 - Logiciel: Power2Go - (.CyberLink Corp..) [HKLM][64Bits] -- {40BF1E83-20EB-11D8-97C5-0009C5020658}
O42 - Logiciel: PowerDirector - (.CyberLink Corp..) [HKLM][64Bits] -- InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}
O42 - Logiciel: PowerDirector - (.CyberLink Corp..) [HKLM][64Bits] -- {CB099890-1D5F-11D5-9EA9-0050BAE317E1}
O42 - Logiciel: PowerRecover - (.CyberLink Corp..) [HKLM][64Bits] -- {44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}
O42 - Logiciel: Pro100 - (.Pas de propriétaire.) [HKLM][64Bits] -- Pro100
O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM][64Bits] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}
O42 - Logiciel: Skype web features - (.Skype Technologies S.A..) [HKLM][64Bits] -- {541DEAC0-5F3D-45E6-B7CB-94ECF3B96748}
O42 - Logiciel: Skype(TM) 4.1 - (.Skype Technologies S.A..) [HKLM][64Bits] -- {D103C4BA-F905-437A-8049-DB24763BBE36}
O42 - Logiciel: Spotify - (.Pas de propriétaire.) [HKLM][64Bits] -- Spotify
O42 - Logiciel: StarCraft II - (.Blizzard Entertainment.) [HKLM][64Bits] -- StarCraft II
O42 - Logiciel: TweetDeck - (.TweetDeck Inc..) [HKLM][64Bits] -- TweetDeckFast.FFF259DC0CE2657847BBB4AFF0E62062EFC56543.1
O42 - Logiciel: TweetDeck - (.TweetDeck Inc..) [HKLM][64Bits] -- {BDF3C27A-BDAA-FA3E-D8A4-3367AB7FCB4F}
O42 - Logiciel: Update for Office 2007 (KB934528) - (.Pas de propriétaire.) [HKLM][64Bits] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{2B939677-2FFD-48F6-9075-7BF48CB87C80}
O42 - Logiciel: Update for Office System 2007 Setup (KB929722) - (.Pas de propriétaire.) [HKLM][64Bits] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{D8E9BEBD-655F-467D-8176-CA9959C140A3}
O42 - Logiciel: WatchGuard Mobile VPN - (.WatchGuard Technologies, Inc..) [HKLM][64Bits] -- NCP RWS/GA
O42 - Logiciel: avast! Free Antivirus - (.AVAST Software.) [HKLM][64Bits] -- avast
O42 - Logiciel: barre d'outils Orange - (.France Telecom SA.) [HKLM][64Bits] -- OrangeToolbarFR
---\\ HKCU & HKLM Software Keys
[HKCU\Software\AOL]
[HKCU\Software\AVAST Software]
[HKCU\Software\Adobe]
[HKCU\Software\AppDataLow\SOFTWARE]
[HKCU\Software\AppDataLow\Software\Microsoft]
[HKCU\Software\AppDataLow\Software\Orange]
[HKCU\Software\AppDataLow]
[HKCU\Software\Blizzard Entertainment]
[HKCU\Software\Bodrag]
[HKCU\Software\Borland]
[HKCU\Software\Classes]
[HKCU\Software\Clients]
[HKCU\Software\CyberLink]
[HKCU\Software\EasyBits]
[HKCU\Software\Ecru]
[HKCU\Software\Google]
[HKCU\Software\Headlight]
[HKCU\Software\Hewlett-Packard]
[HKCU\Software\Leadertech]
[HKCU\Software\LogiShrd]
[HKCU\Software\Logitech]
[HKCU\Software\Macromedia]
[HKCU\Software\Malwarebytes' Anti-Malware]
[HKCU\Software\MimarSinan]
[HKCU\Software\MozillaPlugins]
[HKCU\Software\NVIDIA Corporation]
[HKCU\Software\Netscape]
[HKCU\Software\Norton]
[HKCU\Software\ODBC]
[HKCU\Software\ORANGE]
[HKCU\Software\Policies]
[HKCU\Software\Razer]
[HKCU\Software\Skype]
[HKCU\Software\Spotify]
[HKCU\Software\Trolltech]
[HKCU\Software\Wow6432Node]
[HKCU\Software\etoro]
[HKCU\Software\kde.org]
[HKLM\Software\ATI Technologies]
[HKLM\Software\AVAST Software]
[HKLM\Software\Adobe]
[HKLM\Software\America Online]
[HKLM\Software\Blizzard Entertainment]
[HKLM\Software\Classes]
[HKLM\Software\Clients]
[HKLM\Software\CyberLink]
[HKLM\Software\DesktopSearch2]
[HKLM\Software\DesktopSearch]
[HKLM\Software\DivXNetworks]
[HKLM\Software\EA GAMES]
[HKLM\Software\EasyBits]
[HKLM\Software\Electronic Arts]
[HKLM\Software\FRANCE TELECOM]
[HKLM\Software\Google]
[HKLM\Software\Hewlett-Packard]
[HKLM\Software\Intel]
[HKLM\Software\Licenses]
[HKLM\Software\LightScribe]
[HKLM\Software\LogiShrd]
[HKLM\Software\Logitech]
[HKLM\Software\Macromedia]
[HKLM\Software\Malwarebytes' Anti-Malware]
[HKLM\Software\MimarSinan]
[HKLM\Software\MozillaPlugins]
[HKLM\Software\NCP engineering GmbH]
[HKLM\Software\NVIDIA Corporation]
[HKLM\Software\Norton]
[HKLM\Software\ODBC]
[HKLM\Software\ORANGE]
[HKLM\Software\PC-Doctor]
[HKLM\Software\Policies]
[HKLM\Software\Realtek Semiconductor Corp.]
[HKLM\Software\Realtek]
[HKLM\Software\RegisteredApplications]
[HKLM\Software\SRS Labs]
[HKLM\Software\Skype]
[HKLM\Software\Sonic]
[HKLM\Software\Symantec]
[HKLM\Software\Volatile]
[HKLM\Software\WildTangent]
[HKLM\Software\Wilson WindowWare]
[HKLM\Software\Wow6432Node]
---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 27/03/2011 - 18:42:14 - [166779289] ----D- C:\Program Files\AVAST Software
O43 - CFD: 24/01/2010 - 19:07:20 - [99032681] ----D- C:\Program Files\Common Files
O43 - CFD: 21/09/2009 - 03:27:48 - [90257428] ----D- C:\Program Files\DVD Maker
O43 - CFD: 19/01/2010 - 20:09:24 - [0] -SH-D- C:\Program Files\Fichiers communs
O43 - CFD: 31/10/2010 - 10:26:30 - [0] ----D- C:\Program Files\Google
O43 - CFD: 20/09/2009 - 17:56:22 - [1262813] ----D- C:\Program Files\Hewlett-Packard
O43 - CFD: 17/04/2011 - 20:08:10 - [5170695] ----D- C:\Program Files\Internet Explorer
O43 - CFD: 24/01/2010 - 19:14:24 - [22566755] ----D- C:\Program Files\Logitech
O43 - CFD: 14/07/2009 - 09:45:56 - [149236786] ----D- C:\Program Files\Microsoft Games
O43 - CFD: 22/01/2010 - 21:58:30 - [1140374] ----D- C:\Program Files\Microsoft Office
O43 - CFD: 14/07/2009 - 07:32:40 - [25757] ----D- C:\Program Files\MSBuild
O43 - CFD: 19/01/2010 - 20:09:46 - [126093] R---D- C:\Program Files\Online Services
O43 - CFD: 19/01/2010 - 21:45:54 - [146102256] ----D- C:\Program Files\PC-Doctor for Windows
O43 - CFD: 20/09/2009 - 17:32:12 - [9706560] ----D- C:\Program Files\Realtek
O43 - CFD: 14/07/2009 - 07:32:40 - [36253865] ----D- C:\Program Files\Reference Assemblies
O43 - CFD: 14/07/2009 - 07:09:28 - [0] --H-D- C:\Program Files\Uninstall Information
O43 - CFD: 21/09/2009 - 03:27:48 - [4039168] ----D- C:\Program Files\Windows Defender
O43 - CFD: 21/09/2009 - 03:27:48 - [9224824] ----D- C:\Program Files\Windows Journal
O43 - CFD: 17/04/2011 - 20:08:12 - [6667264] ----D- C:\Program Files\Windows Mail
O43 - CFD: 17/04/2011 - 20:08:08 - [7687085] ----D- C:\Program Files\Windows Media Player
O43 - CFD: 19/01/2010 - 20:09:24 - [12627124] ----D- C:\Program Files\Windows NT
O43 - CFD: 21/09/2009 - 03:27:48 - [5516568] ----D- C:\Program Files\Windows Photo Viewer
O43 - CFD: 14/07/2009 - 07:32:40 - [235008] ----D- C:\Program Files\Windows Portable Devices
O43 - CFD: 19/01/2010 - 20:09:44 - [10036897] ----D- C:\Program Files\Windows Sidebar
O43 - CFD: 24/01/2010 - 19:14:26 - [29724747] ----D- C:\Program Files\Common Files\logishrd
O43 - CFD: 22/01/2010 - 21:59:34 - [56686493] ----D- C:\Program Files\Common Files\Microsoft Shared
O43 - CFD: 14/07/2009 - 05:20:10 - [2702] ----D- C:\Program Files\Common Files\Services
O43 - CFD: 14/07/2009 - 05:20:10 - [608768] ----D- C:\Program Files\Common Files\SpeechEngines
O43 - CFD: 21/09/2009 - 03:28:54 - [12009971] ----D- C:\Program Files\Common Files\System
O43 - CFD: 19/06/2010 - 17:44:54 - [228003773] ----D- C:\ProgramData\Adobe
O43 - CFD: 20/09/2009 - 18:11:10 - [13631099] ----D- C:\ProgramData\AOL
O43 - CFD: 14/07/2009 - 07:08:58 - [0] -SH-D- C:\ProgramData\Application Data
O43 - CFD: 27/03/2011 - 18:42:14 - [25029985] ----D- C:\ProgramData\AVAST Software
O43 - CFD: 20/02/2010 - 16:14:20 - [0] ----D- C:\ProgramData\Babylon
O43 - CFD: 11/11/2010 - 20:05:48 - [544] ----D- C:\ProgramData\Blizzard
O43 - CFD: 26/12/2010 - 10:41:00 - [140051185] ----D- C:\ProgramData\Blizzard Entertainment
O43 - CFD: 19/01/2010 - 20:09:24 - [0] ----D- C:\ProgramData\Bureau
O43 - CFD: 24/01/2010 - 23:11:54 - [132034] ----D- C:\ProgramData\CyberLink
O43 - CFD: 14/07/2009 - 07:08:58 - [0] ----D- C:\ProgramData\Desktop
O43 - CFD: 14/07/2009 - 07:08:58 - [0] ----D- C:\ProgramData\Documents
O43 - CFD: 23/01/2010 - 01:21:26 - [0] ----D- C:\ProgramData\eMule
O43 - CFD: 19/01/2010 - 20:09:24 - [0] ----D- C:\ProgramData\Favoris
O43 - CFD: 14/07/2009 - 07:08:58 - [0] ----D- C:\ProgramData\Favorites
O43 - CFD: 30/10/2010 - 14:02:10 - [501936] ----D- C:\ProgramData\Google
O43 - CFD: 19/01/2010 - 20:12:28 - [45004302] ----D- C:\ProgramData\Hewlett-Packard
O43 - CFD: 28/01/2010 - 21:08:02 - [12948692] ----D- C:\ProgramData\LogiShrd
O43 - CFD: 17/04/2011 - 18:57:22 - [6572679] ----D- C:\ProgramData\Malwarebytes
O43 - CFD: 19/01/2010 - 20:09:24 - [0] ----D- C:\ProgramData\Menu Démarrer
O43 - CFD: 26/12/2010 - 12:20:38 - [223064973] -S--D- C:\ProgramData\Microsoft
O43 - CFD: 21/02/2010 - 13:09:56 - [65924] ----D- C:\ProgramData\Microsoft Help
O43 - CFD: 19/01/2010 - 20:09:24 - [0] ----D- C:\ProgramData\Modèles
O43 - CFD: 21/02/2010 - 12:26:04 - [276] ----D- C:\ProgramData\Norton
O43 - CFD: 20/09/2009 - 18:11:38 - [8100937] ----D- C:\ProgramData\NortonInstaller
O43 - CFD: 20/09/2009 - 17:44:50 - [234788] ----D- C:\ProgramData\NVIDIA
O43 - CFD: 17/04/2011 - 17:51:50 - [64532] ----D- C:\ProgramData\Orange
O43 - CFD: 20/09/2009 - 17:56:08 - [3201357] ----D- C:\ProgramData\PC-Doctor for Windows
O43 - CFD: 18/12/2010 - 19:50:02 - [3444] --H-D- C:\ProgramData\Recovery
O43 - CFD: 23/01/2010 - 21:30:36 - [27171037] ----D- C:\ProgramData\Skype
O43 - CFD: 14/07/2009 - 07:08:58 - [0] ----D- C:\ProgramData\Start Menu
O43 - CFD: 20/09/2009 - 18:12:44 - [327822] ----D- C:\ProgramData\Temp
O43 - CFD: 14/07/2009 - 07:08:58 - [0] ----D- C:\ProgramData\Templates
O43 - CFD: 21/02/2010 - 13:34:10 - [3013055326] ----D- C:\ProgramData\WildTangent
O43 - CFD: 16/10/2010 - 18:15:16 - [14089406] --H-D- C:\Users\thaf\AppData\Roaming\Adobe
O43 - CFD: 20/02/2010 - 16:14:20 - [1015] --H-D- C:\Users\thaf\AppData\Roaming\Babylon
O43 - CFD: 24/01/2010 - 23:11:52 - [0] --H-D- C:\Users\thaf\AppData\Roaming\CyberLink
O43 - CFD: 06/03/2010 - 16:29:20 - [6558611] --H-D- C:\Users\thaf\AppData\Roaming\Facebook
O43 - CFD: 24/01/2010 - 17:48:12 - [17022] --H-D- C:\Users\thaf\AppData\Roaming\fretsonfire
O43 - CFD: 07/02/2010 - 12:26:30 - [0] --H-D- C:\Users\thaf\AppData\Roaming\GetRightToGo
O43 - CFD: 28/02/2010 - 12:26:38 - [0] --H-D- C:\Users\thaf\AppData\Roaming\Google
O43 - CFD: 22/01/2010 - 21:47:08 - [63138] --H-D- C:\Users\thaf\AppData\Roaming\Hewlett-Packard
O43 - CFD: 19/01/2010 - 20:09:52 - [34504] --H-D- C:\Users\thaf\AppData\Roaming\HP TCS
O43 - CFD: 19/01/2010 - 21:09:32 - [0] --H-D- C:\Users\thaf\AppData\Roaming\Identities
O43 - CFD: 24/01/2010 - 19:14:32 - [353] --H-D- C:\Users\thaf\AppData\Roaming\Leadertech
O43 - CFD: 19/01/2010 - 21:47:14 - [92426] --H-D- C:\Users\thaf\AppData\Roaming\Macromedia
O43 - CFD: 17/04/2011 - 18:57:28 - [1061] ----D- C:\Users\thaf\AppData\Roaming\Malwarebytes
O43 - CFD: 14/07/2009 - 09:44:40 - [0] --H-D- C:\Users\thaf\AppData\Roaming\Media Center Programs
O43 - CFD: 12/11/2010 - 01:24:00 - [12254888] -S--D- C:\Users\thaf\AppData\Roaming\Microsoft
O43 - CFD: 07/03/2010 - 19:50:06 - [1165208] --H-D- C:\Users\thaf\AppData\Roaming\Skype
O43 - CFD: 07/03/2010 - 19:20:12 - [36720] --H-D- C:\Users\thaf\AppData\Roaming\skypePM
O43 - CFD: 17/04/2011 - 20:04:36 - [1362729] --H-D- C:\Users\thaf\AppData\Roaming\Spotify
O43 - CFD: 19/06/2010 - 17:44:56 - [62159] --H-D- C:\Users\thaf\AppData\Roaming\TweetDeckFast.FFF259DC0CE2657847BBB4AFF0E62062EFC56543.1
O43 - CFD: 21/02/2010 - 13:34:12 - [667] --H-D- C:\Users\thaf\AppData\Roaming\WildTangent
O43 - CFD: 23/01/2010 - 01:21:44 - [4176] --H-D- C:\Users\thaf\AppData\Roaming\_MDLogs
O43 - CFD: 19/06/2010 - 17:43:52 - [6012544] --H-D- C:\Users\thaf\Appdata\Local\Adobe
O43 - CFD: 19/01/2010 - 21:42:52 - [14419] --H-D- C:\Users\thaf\Appdata\Local\AOL
O43 - CFD: 19/01/2010 - 20:09:30 - [0] -SH-D- C:\Users\thaf\Appdata\Local\Application Data
O43 - CFD: 11/11/2010 - 20:04:44 - [0] --H-D- C:\Users\thaf\Appdata\Local\Blizzard Entertainment
O43 - CFD: 21/01/2010 - 21:09:56 - [0] --H-D- C:\Users\thaf\Appdata\Local\CyberLink
O43 - CFD: 12/12/2010 - 13:59:44 - [0] --H-D- C:\Users\thaf\Appdata\Local\Diagnostics
O43 - CFD: 26/03/2010 - 23:27:56 - [0] ----D- C:\Users\thaf\Appdata\Local\ElevatedDiagnostics
O43 - CFD: 23/01/2010 - 01:21:26 - [0] --H-D- C:\Users\thaf\Appdata\Local\eMule
O43 - CFD: 01/11/2010 - 22:01:24 - [921247739] --H-D- C:\Users\thaf\Appdata\Local\Google
O43 - CFD: 19/01/2010 - 21:09:50 - [46202162] --H-D- C:\Users\thaf\Appdata\Local\Hewlett-Packard
O43 - CFD: 19/01/2010 - 21:09:14 - [368] --H-D- C:\Users\thaf\Appdata\Local\Hewlett-Packard_Company
O43 - CFD: 19/01/2010 - 20:09:30 - [0] -SH-D- C:\Users\thaf\Appdata\Local\Historique
O43 - CFD: 24/01/2010 - 19:14:40 - [25094938] --H-D- C:\Users\thaf\Appdata\Local\LogiShrd
O43 - CFD: 16/05/2010 - 15:51:44 - [718250436] --H-D- C:\Users\thaf\Appdata\Local\Microsoft
O43 - CFD: 21/03/2010 - 21:40:58 - [768276] --H-D- C:\Users\thaf\Appdata\Local\Microsoft Games
O43 - CFD: 22/01/2010 - 21:47:40 - [0] --H-D- C:\Users\thaf\Appdata\Local\Microsoft Help
O43 - CFD: 25/01/2010 - 23:06:58 - [1547] --H-D- C:\Users\thaf\Appdata\Local\Orange
O43 - CFD: 21/01/2010 - 21:09:56 - [0] --H-D- C:\Users\thaf\Appdata\Local\PowerCinema
O43 - CFD: 22/01/2010 - 22:01:04 - [285696] --H-D- C:\Users\thaf\Appdata\Local\Seven Zip
O43 - CFD: 17/04/2011 - 18:18:52 - [2295634465] --H-D- C:\Users\thaf\Appdata\Local\Spotify
O43 - CFD: 17/04/2011 - 20:40:34 - [872539069] --H-D- C:\Users\thaf\Appdata\Local\Temp
O43 - CFD: 19/01/2010 - 20:09:30 - [0] -SH-D- C:\Users\thaf\Appdata\Local\Temporary Internet Files
O43 - CFD: 12/02/2010 - 22:25:08 - [11962596] --H-D- C:\Users\thaf\Appdata\Local\VirtualStore
O43 - CFD: 22/01/2010 - 22:01:28 - [12686438] ----D- C:\Program Files (x86)\Activation Assistant for the 2007 Microsoft Office suites
O43 - CFD: 19/06/2010 - 17:44:50 - [241829745] ----D- C:\Program Files (x86)\Adobe
O43 - CFD: 20/09/2009 - 18:11:10 - [2958944] ----D- C:\Program Files (x86)\AOL
O43 - CFD: 26/02/2010 - 21:38:18 - [2359296] ----D- C:\Program Files (x86)\Bodrag
O43 - CFD: 11/11/2010 - 20:05:02 - [444542919] ----D- C:\Program Files (x86)\Common Files
O43 - CFD: 20/09/2009 - 17:50:22 - [911910852] ----D- C:\Program Files (x86)\Cyberlink
O43 - CFD: 31/07/2010 - 14:12:46 - [3774997861] ----D- C:\Program Files (x86)\EA GAMES
O43 - CFD: 24/01/2010 - 17:45:16 - [59999954] ----D- C:\Program Files (x86)\Frets on Fire
O43 - CFD: 01/11/2010 - 22:00:04 - [78633200] ----D- C:\Program Files (x86)\Google
O43 - CFD: 20/09/2009 - 18:12:52 - [1083806237] ----D- C:\Program Files (x86)\Hewlett-Packard
O43 - CFD: 20/09/2009 - 17:55:28 - [3117921] ----D- C:\Program Files (x86)\hp
O43 - CFD: 20/09/2009 - 18:10:18 - [461742490] ----D- C:\Program Files (x86)\HP Games
O43 - CFD: 21/01/2010 - 17:04:56 - [103509207] --H-D- C:\Program Files (x86)\InstallShield Installation Information
O43 - CFD: 17/04/2011 - 20:08:10 - [4473355] ----D- C:\Program Files (x86)\Internet Explorer
O43 - CFD: 24/01/2010 - 19:14:36 - [47304912] ----D- C:\Program Files (x86)\Logitech
O43 - CFD: 17/04/2011 - 18:57:22 - [4934082] ----D- C:\Program Files (x86)\Malwarebytes' Anti-Malware
O43 - CFD: 21/02/2010 - 13:09:10 - [620157116] ----D- C:\Program Files (x86)\Microsoft Office
O43 - CFD: 21/02/2010 - 13:09:20 - [14904] ----D- C:\Program Files (x86)\Microsoft Visual Studio
O43 - CFD: 21/02/2010 - 13:07:30 - [1387249] ----D- C:\Program Files (x86)\Microsoft Visual Studio 8
O43 - CFD: 22/01/2010 - 22:00:20 - [144949414] ----D- C:\Program Files (x86)\Microsoft Works
O43 - CFD: 22/01/2010 - 22:00:06 - [8152064] ----D- C:\Program Files (x86)\Microsoft.NET
O43 - CFD: 21/02/2010 - 13:09:24 - [26521] ----D- C:\Program Files (x86)\MSBuild
O43 - CFD: 17/04/2011 - 18:43:52 - [0] ----D- C:\Program Files (x86)\MSXML 4.0
O43 - CFD: 19/01/2010 - 20:09:46 - [784721] R---D- C:\Program Files (x86)\Online Services
O43 - CFD: 17/04/2011 - 17:50:00 - [383612619] ----D- C:\Program Files (x86)\Orange
O43 - CFD: 12/02/2010 - 22:20:50 - [71883120] ----D- C:\Program Files (x86)\Pro100Demo
O43 - CFD: 20/09/2009 - 17:43:34 - [6822075] ----D- C:\Program Files (x86)\Realtek
O43 - CFD: 14/07/2009 - 07:32:40 - [38597377] ----D- C:\Program Files (x86)\Reference Assemblies
O43 - CFD: 19/01/2010 - 21:42:38 - [60435509] ----D- C:\Program Files (x86)\Securitoo
O43 - CFD: 23/01/2010 - 21:30:54 - [37555851] R---D- C:\Program Files (x86)\Skype
O43 - CFD: 01/05/2010 - 23:29:20 - [4089415] ----D- C:\Program Files (x86)\Spotify
O43 - CFD: 26/12/2010 - 11:00:40 - [9349411121] --H-D- C:\Program Files (x86)\StarCraft II
O43 - CFD: 20/09/2009 - 17:43:42 - [0] --H-D- C:\Program Files (x86)\Temp
O43 - CFD: 19/06/2010 - 17:44:52 - [3013223] ----D- C:\Program Files (x86)\TweetDeck
O43 - CFD: 14/07/2009 - 06:57:08 - [0] --H-D- C:\Program Files (x86)\Uninstall Information
O43 - CFD: 21/01/2010 - 17:04:56 - [32007302] ----D- C:\Program Files (x86)\WatchGuard
O43 - CFD: 21/09/2009 - 03:27:48 - [524800] ----D- C:\Program Files (x86)\Windows Defender
O43 - CFD: 17/04/2011 - 20:08:12 - [6180864] ----D- C:\Program Files (x86)\Windows Mail
O43 - CFD: 17/04/2011 - 20:08:08 - [5024017] ----D- C:\Program Files (x86)\Windows Media Player
O43 - CFD: 14/07/2009 - 07:32:40 - [12197556] ----D- C:\Program Files (x86)\Windows NT
O43 - CFD: 21/09/2009 - 03:27:48 - [4417800] ----D- C:\Program Files (x86)\Windows Photo Viewer
O43 - CFD: 14/07/2009 - 07:32:42 - [189440] ----D- C:\Program Files (x86)\Windows Portable Devices
O43 - CFD: 19/01/2010 - 20:09:44 - [5994166] ----D- C:\Program Files (x86)\Windows Sidebar
O43 - CFD: 17/04/2011 - 20:41:20 - [3753510] ----D- C:\Program Files (x86)\ZHPDiag
O43 - CFD: 24/01/2010 - 19:14:26 - [29724747] ----D- C:\Program Files\Common Files\logishrd
O43 - CFD: 22/01/2010 - 21:59:34 - [56686493] ----D- C:\Program Files\Common Files\Microsoft Shared
O43 - CFD: 14/07/2009 - 05:20:10 - [2702] ----D- C:\Program Files\Common Files\Services
O43 - CFD: 14/07/2009 - 05:20:10 - [608768] ----D- C:\Program Files\Common Files\SpeechEngines
O43 - CFD: 21/09/2009 - 03:28:54 - [12009971] ----D- C:\Program Files\Common Files\System
---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.190000000000000000000000ECEF1800] - 17/04/2011 - 19:34:36 ---A- . (...) -- C:\Windows\WindowsUpdate.log [1895145]
O44 - LFC:[MD5.5B86555B56609B1B6A24586DF0B572CF] - 17/04/2011 - 19:15:17 --HA- . (...) -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [15568]
O44 - LFC:[MD5.5B86555B56609B1B6A24586DF0B572CF] - 17/04/2011 - 19:15:17 --HA- . (...) -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [15568]
O44 - LFC:[MD5.C4E3EEC10BFCB2AE8506D306415D5661] - 17/04/2011 - 19:09:44 ---A- . (...) -- C:\Windows\setupact.log [49394]
O44 - LFC:[MD5.6D321B595C6389A8498646F10E340AC7] - 17/04/2011 - 19:09:39 ---A- . (...) -- C:\Windows\SysNative\FNTCACHE.DAT [436904]
O44 - LFC:[MD5.BA47170CB18CA3F197938973F47AB89F] - 17/04/2011 - 19:09:34 -S-A- . (...) -- C:\Windows\bootstat.dat [67584]
O44 - LFC:[MD5.C3C79DA8E8C1C8CAB4CAE9F3522CB9EB] - 17/04/2011 - 19:09:11 ---A- . (...) -- C:\Windows\PFRO.log [288906]
O44 - LFC:[MD5.6536374C37CEF52022BCFA0F0EB5A23C] - 17/04/2011 - 17:45:44 ---A- . (...) -- C:\Windows\msxml4-KB973688-enu.LOG [295230]
O44 - LFC:[MD5.E3C5074B2E5532437495202567D0E249] - 17/04/2011 - 17:44:20 ---A- . (...) -- C:\Windows\msxml4-KB954430-enu.LOG [294824]
O44 - LFC:[MD5.8BD25A34DA5E53AE115977DD1E15AB3C] - 17/04/2011 - 17:13:30 ---A- . (.Adobe Systems - Windows NT OpenType/Type 1 API Library..) -- C:\Windows\SysNative\atmlib.dll [46080]
O44 - LFC:[MD5.8BD25A34DA5E53AE115977DD1E15AB3C] - 17/04/2011 - 17:13:30 ---A- . (.Adobe Systems - Windows NT OpenType/Type 1 API Library..) -- C:\Windows\System32\atmlib.dll [34304]
O44 - LFC:[MD5.EFC5353E4F513DEF55ED7B7872363957] - 17/04/2011 - 17:13:30 ---A- . (.Adobe Systems Incorporated - Windows NT OpenType/Type 1 Font Driver.) -- C:\Windows\SysNative\atmfd.dll [367104]
O44 - LFC:[MD5.EFC5353E4F513DEF55ED7B7872363957] - 17/04/2011 - 17:13:30 ---A- . (.Adobe Systems Incorporated - Windows NT OpenType/Type 1 Font Driver.) -- C:\Windows\System32\atmfd.dll [294912]
O44 - LFC:[MD5.2320C2AC6577ECF1D4211F2D9BABE3DD] - 27/03/2011 - 17:43:01 ---A- . (.AVAST Software - avast! start-up scanner.) -- C:\Windows\SysNative\aswBoot.exe [238968]
O44 - LFC:[MD5.0439C6170F7F6355BB5275C9CAA6050F] - 27/03/2011 - 17:42:15 ---A- . (.AVAST Software - avast! Screen Saver stub.) -- C:\Windows\avastSS.scr [40648]
O44 - LFC:[MD5.2320C2AC6577ECF1D4211F2D9BABE3DD] - 27/03/2011 - 17:42:15 ---A- . (.AVAST Software - avast! start-up scanner.) -- C:\Windows\System32\aswBoot.exe [190016]
O44 - LFC:[MD5.B365A3FA489E9E19541AE449113CAFB0] - 27/03/2011 - 17:29:31 ---A- . (...) -- C:\Windows\SysNative\PerfStringBackup.INI [1524562]
O44 - LFC:[MD5.90635ABBE060D029E9BB4EA839EF60E5] - 27/03/2011 - 17:29:31 ---A- . (...) -- C:\Windows\SysNative\perfc009.dat [103370]
O44 - LFC:[MD5.AE3B79DF50BD742848C36E9028268DBE] - 27/03/2011 - 17:29:31 ---A- . (...) -- C:\Windows\SysNative\perfc00C.dat [127478]
O44 - LFC:[MD5.557A6711D334E9EDB444E838BD9C0546] - 27/03/2011 - 17:29:31 ---A- . (...) -- C:\Windows\SysNative\perfh009.dat [606992]
O44 - LFC:[MD5.73E2D02657FF45ABD5BB643AF1B1BBD2] - 27/03/2011 - 17:29:31 ---A- . (...) -- C:\Windows\SysNative\perfh00C.dat [694766]
---\\ Export de clé d'application autorisée (O47)
O47 - AAKE:Key Export SP - "C:\Program Files (x86)\Orange\Connexion Internet Orange\Connectivity\ConnectivityManager.exe" [Enabled] .(.France Telecom SA.) -- C:\Program Files (x86)\Orange\Connexion Internet Orange\Connectivity\ConnectivityManager.exe
---\\ MountPoints2 Shell Key (O51)
O51 - MPSK:{521ab794-a7a3-11de-99b7-806e6f6e6963}\AutoRun\command. (.Electronic Arts Inc. - Electronic Arts AutoRun.) -- E:\Autorun.exe
---\\ Trojan Driver Search Data (HKLM) (O52)
O52 - TDSD: \Drivers32\"vidc.i420"="lvcod64.dll" . (.Logitech Inc. - Video Codec.) -- (.not file.)
O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\Windows\System32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
O52 - TDSD: \drivers.desc\"C:\Windows\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
---\\ Microsoft Control Security Providers (O54)
O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\system32\credssp.dll
O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\system32\credssp.dll
---\\ Microsoft Windows Policies System (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=5
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=3
O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1
O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=1
O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0
O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=
O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0
O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
O55 - MWPS:[HKLM\...\Policies\System] - "HideFastUserSwitching"=0
O55 - MWPS:[HKCU\...\Policies\System] - "DisableLockWorkstation"=0
O55 - MWPS:[HKCU\...\Policies\System] - "DisableTaskMgr"=0
O55 - MWPS:[HKCU\...\Policies\System] - "DisableChangePassword"=0
---\\ Microsoft Windows Policies Explorer (O56)
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktop"=1
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1
O56 - MWPE:[HKLM\...\policies\Explorer] - "ForceActiveDesktopOn"=0
---\\ Liste des Drivers Système (O58)
O58 - SDL:[MD5.2F6B34B83843F0C5118B63AC634F5BF4] - 14/07/2009 - 02:52:21 ---A
Rapport de ZHPDiag v1.27.1903 par Nicolas Coolman, Update du 17/04/2011
Run by thaf at 17/04/2011 20:41:10
Web site : http://www.premiumorange.com/zeb-help-process/zhpdiag.html
---\\ Web Browser
MSIE: Internet Explorer v8.0.7600.16385
GCIE: Google Chrome v10.0.648.204 (Defaut)
---\\ System Information
Windows 7 Home Premium Edition, 64-bit (Build 7600)
Processor: Intel64 Family 6 Model 23 Stepping 10, GenuineIntel
Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 4095 MB (57% free)
System Restore: Activé (Enable)
System drive C: has 456 GB (78%) free of 582 GB
---\\ Logged in mode
Computer Name: THAF-PC
User Name: thaf
All Users Names: thaf, HomeGroupUser$, Administrateur,
Unselected Option: O45,O61,O62,O65,O66,O82
Logged in as Administrator
---\\ Environnement Variables
%AppData%=C:\Users\thaf\AppData\Roaming
%LocalAppData%=C:\Users\thaf\AppData\Local
%StartMenu%=C:\Users\thaf\AppData\Roaming\Microsoft\Windows\Start Menu
---\\ DOS/Devices
C:\ Hard drive, Flash drive, Thumb drive (Free 456 Go of 582 Go)
D:\ Hard drive, Flash drive, Thumb drive (Free 2 Go of 14 Go)
E:\ CD-ROM drive (Free 0 Go of 1 Go)
G:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
H:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
I:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
J:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
---\\ Security Center & Tools Informations
[HKLM\SOFTWARE\Microsoft\Security Center] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] UacDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] UpdatesDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] UacDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] NoActiveDesktopChanges: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] DisableTaskMgr: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] DisableRegistryTools: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] NoDispScrSavPage: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowSearch: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK
---\\ Recherche particulière de fichiers génériques
[MD5.9AAAEC8DAC27AA17B053E6352AD233AE] - (.Microsoft Corporation - Explorateur Windows.) (.31/10/2009 07:34:59.) -- C:\Windows\Explorer.exe [2870272]
[MD5.B5C5DCAD3899512020D135600129D665] - (.Microsoft Corporation - Application de démarrage de Windows.) (.14/07/2009 02:14:45.) -- C:\Windows\system32\Wininit.exe [96256]
[MD5.214605C48AE416BC067C39D227CFCC57] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.24/02/2011 06:32:44.) -- C:\Windows\system32\wininet.dll [981504]
---\\ Processus lancés
[MD5.9157189DC07511ECBBE1D2615D8A2FED] - (.Hewlett-Packard - HP Advisor.) -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe [1668664]
[MD5.E207A39FF4847AA5805CC223778BBFE1] - (.Logitech Inc. - Logitech Vid.) -- C:\Program Files (x86)\Logitech\Logitech Vid\Vid.exe [6061400]
[MD5.F02A533F517EB38333CB12A9E8963773] - (.Google Inc. - Programme d'installation de Google.) -- C:\Users\thaf\AppData\Local\Google\Update\GoogleUpdate.exe [136176]
[MD5.3588AFA5623BB8844F71F271A7A96669] - (...) -- C:\Program Files (x86)\Orange\MailNotifier\MailNotifier.exe [634368]
[MD5.554A50B5310E702029D3A675459108FF] - (.Hewlett-Packard - hpsysdrv.) -- C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe [62768]
[MD5.013F05784A4BD193C9CD1817ACC31B6B] - (.Pas de propriétaire - HP Remote Solution.) -- C:\Program Files (x86)\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe [656896]
[MD5.5516C26A6AF8EB4E2CAB48EC98A74398] - (.Hewlett-Packard - hpwuSchd Application.) -- C:\Program Files (x86)\hp\HP Software Update\hpwuschd2.exe [54576]
[MD5.72DE9723E5203A5C5D284C6D001A1D14] - (.France Telecom SA - Orange Connection Kit.) -- C:\Program Files (x86)\Orange\Connexion Internet Orange\Launcher\Launcher.exe [717552]
[MD5.729C556547EA1787E1838BB8D6F0990C] - (...) -- C:\Program Files (x86)\WatchGuard\Mobile VPN\NcpBudgetGui.exe [989696]
[MD5.73A63334D92870B4FB58A3DEDE02F284] - (...) -- C:\Program Files (x86)\WatchGuard\Mobile VPN\rwsrsu.exe [819712]
[MD5.527F995C40417C0F4EBB74ACA98F915A] - (.France Telecom SA - Orange Connection Kit.) -- C:\PROGRA~2\COMMON~1\France Telecom\Shared Modules\AlertModule\0\AlertModule.exe [90112]
[MD5.2589FFE360BED8F824CBC6171CB5B874] - (...) -- C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe [2793304]
[MD5.73BB442A717B9BB0097C243374C14A3E] - (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [948672]
[MD5.2E9A1A6555C20424FC6DCC3AF21F4D68] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe [3451496]
[MD5.98D472ECFBC0E8ED25A0483E765F42B6] - (...) -- C:\Program Files (x86)\Common Files\Logishrd\LQCVFX\COCIManager.exe [560472]
[MD5.C65B115A03DB0260895DE96681E88221] - (.CyberLink Corp. - HP DVDSmart Resident Program.) -- c:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe [128296]
[MD5.EF06E2DEDA4BEBF1848FE395D078FFC1] - (.CyberLink - CyberLink MediaLibray Service.) -- c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe [206120]
[MD5.A0F1DFC9E47B2524213AFF32E26BE92D] - (.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe [164864]
[MD5.453B783EAEC289407002AE37752D229D] - (.Google Inc. - Google Chrome.) -- C:\Users\thaf\AppData\Local\Google\Chrome\Application\chrome.exe [1004088]
[MD5.51138BEEA3E2C21EC44D0932C71762A8] - (...) -- C:\Windows\SysWOW64\rundll32.exe [44544]
[MD5.D6D0AD94EFC131772C3265F242D78FCB] - (.Nicolas Coolman - Diagnostic Tool.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [644096]
---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
P2 - FPN: [HKCU] [@facebook.com/FBPlugin,version=1.0.3] - (.Pas de propriétaire - Provides additional functionality on Facebook. See <a href="http://www.) -- C:\Users\thaf\AppData\Roaming\Facebook\npfbplugin_1_0_3.dll
P2 - FPN: [HKCU] [@tools.google.com/Google Update;version=8] - (.Google Inc. - Google Update.) -- C:\Users\thaf\AppData\Local\Google\Update\1.2.183.39\npGoogleOneClick8.dll
---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
G1 - GCS: Preference [User Data\Default] None
G0 - GCSP: Preference [User Data\Default][HomePage] http://r.orange.fr
G2 - GCE: Preference [User Data\Default] [bgngjfgpahnnncnimlhjgjhdajmaeeoa] Pearltrees v.1.0.12 (Activé)
G2 - GCE: Preference [User Data\Default] [lncjcfkpannmofmpgdfoonkniofdnaba] Chrome PDF Viewer v. (Désactivé)
---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://r.orange.fr
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com
R0 - HKUS\S-1-5-21-4220392474-3154016718-1942710015-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://r.orange.fr
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/?gws_rd=ssl
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.google.com/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.microsoft.com/fr-fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.microsoft.com/fr-fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = https://www.google.com/?gws_rd=ssl
R1 - HKUS\S-1-5-21-4220392474-3154016718-1942710015-1000\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/?gws_rd=ssl
R3 - URLSearchHook: (no name) [64Bits] - {AEEC3B59-CA98-4EBA-A140-57B94E283583} Clé orpheline
R3 - URLSearchHook: Microsoft Url Search Hook [64Bits] - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Navigateur Internet.) (8.00.7600.16385 (win7_rtm.090713-1255)) -- C:\Windows\System32\ieframe.dll
R3 - URLSearchHook: Search Class [64Bits] - {08C06D61-F1F3-4799-86F8-BE1A89362C85} . (.Pas de propriétaire - Pas de description.) (No version) -- C:\Program Files (x86)\Orange\Connexion Internet Orange\SearchURLHook\SearchPageURL.dll
R4 - HKLM\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 0
---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
---\\ ---\\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2)
F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: VMApplet=C:\WINDOWS\system32\SystemPropertiesPerformance.exe
---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: avast! WebRep [64Bits] - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} . (.Pas de propriétaire - avast! WebRep Plugin.) -- C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: avast! WebRep [64Bits] - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} . (.Pas de propriétaire - avast! WebRep Plugin.) -- C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
---\\ ---\\ Applications démarrées par registre & par dossier (O4)
O4 - HKLM\..\Run: [NvCplDaemon] C:\Windows\system32\NvCpl.dll (.not file.)
O4 - HKLM\..\Run: [SmartMenu] . (.Pas de propriétaire - SmartMenu.) -- C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
O4 - HKCU\..\Run: [HPADVISOR] . (.Hewlett-Packard - HP Advisor.) -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe
O4 - HKCU\..\Run: [Logitech Vid] . (.Logitech Inc. - Logitech Vid.) -- C:\Program Files (x86)\Logitech\Logitech Vid\Vid.exe
O4 - HKCU\..\Run: [OE Backup] . (.Bodrag - Pas de description.) -- C:\Program Files (x86)\Bodrag\Outlook Express Backup Expert\OEBackup.exe
O4 - HKCU\..\Run: [Google Update] . (.Google Inc. - Programme d'installation de Google.) -- C:\Users\thaf\AppData\Local\Google\Update\GoogleUpdate.exe
O4 - HKCU\..\Run: [MailNotifier] . (...) -- C:\Program Files (x86)\Orange\MailNotifier\MailNotifier.exe
O4 - HKLM\..\Wow6432Node\Run: [hpsysdrv] . (.Hewlett-Packard - hpsysdrv.) -- c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe
O4 - HKLM\..\Wow6432Node\Run: [HP Remote Solution] C:\Program Files\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe (.not file.)
O4 - HKLM\..\Wow6432Node\Run: [HP Software Update] . (.Hewlett-Packard - hpwuSchd Application.) -- c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Wow6432Node\Run: [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe (.not file.)
O4 - HKLM\..\Wow6432Node\Run: [UpdatePRCShortCut] Clé orpheline
O4 - HKLM\..\Wow6432Node\Run: [ORAHSSSessionManager] . (.France Telecom SA - Orange Connection Kit.) -- C:\Program Files (x86)\Orange\Connexion Internet Orange\SessionManager\SessionManager.exe
O4 - HKLM\..\Wow6432Node\Run: [NcpBudgetGui] . (...) -- C:\Program Files (x86)\WatchGuard\Mobile VPN\NcpBudgetGui.exe
O4 - HKLM\..\Wow6432Node\Run: [NcpPopup] . (...) -- C:\Program Files (x86)\WatchGuard\Mobile VPN\ncppopup.exe
O4 - HKLM\..\Wow6432Node\Run: [NcpRsuGui] . (...) -- C:\Program Files (x86)\WatchGuard\Mobile VPN\rwsrsu.exe
O4 - HKLM\..\Wow6432Node\Run: [LogitechQuickCamRibbon] . (...) -- C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe
O4 - HKLM\..\Wow6432Node\Run: [Adobe Reader Speed Launcher] . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe
O4 - HKLM\..\Wow6432Node\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
O4 - HKLM\..\Wow6432Node\Run: [avast] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\avastUI.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-21-4220392474-3154016718-1942710015-1000\..\Run: [HPADVISOR] . (.Hewlett-Packard - HP Advisor.) -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe
O4 - HKUS\S-1-5-21-4220392474-3154016718-1942710015-1000\..\Run: [Logitech Vid] . (.Logitech Inc. - Logitech Vid.) -- C:\Program Files (x86)\Logitech\Logitech Vid\Vid.exe
O4 - HKUS\S-1-5-21-4220392474-3154016718-1942710015-1000\..\Run: [OE Backup] . (.Bodrag - Pas de description.) -- C:\Program Files (x86)\Bodrag\Outlook Express Backup Expert\OEBackup.exe
O4 - HKUS\S-1-5-21-4220392474-3154016718-1942710015-1000\..\Run: [Google Update] . (.Google Inc. - Programme d'installation de Google.) -- C:\Users\thaf\AppData\Local\Google\Update\GoogleUpdate.exe
O4 - HKUS\S-1-5-21-4220392474-3154016718-1942710015-1000\..\Run: [MailNotifier] . (...) -- C:\Program Files (x86)\Orange\MailNotifier\MailNotifier.exe
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (.not file.)
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (.not file.)
---\\ ---\\ Autres liens utilisateurs (O4)
O4 - Global Startup: C:\Users\thaf\Desktop\Mobile VPN Monitor.lnk . (.NCP engineering GmbH.) -- C:\Program Files (x86)\WatchGuard\Mobile VPN\NCPMON.exe
---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8)
O8 - Extra context menu item: &Recherche AOL Toolbar . (.Pas de propriétaire - Pas de description.) -- C:\ProgramData\AOL\ieToolbar\resources\fr-FR\local\search.html
O8 - Extra context menu item: Add to Google Photos Screensa&ver . (.Google Inc. - Google Photos Screensaver.) -- C:\Windows\system32\GPhotos.scr
O8 - Extra context menu item: ajouter cette page à vos favoris Orange - (.not file.) - C:\Users\thaf\AppData\Local\Temp\cce1699.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel . (.Microsoft Corporation - Microsoft Office Excel.) -- C:\PROGRA~2\MICROS~2\Office12\EXCEL.exe
O8 - Extra context menu item: Google Sidewiki... - (.not file.) - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll
O8 - Extra context menu item: traduire la page - (.not file.) - C:\Users\thaf\AppData\Local\Temp\cce1687.html
O8 - Extra context menu item: traduire le texte sélectionné - (.not file.) - C:\Users\thaf\AppData\Local\Temp\cce1688.html
---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\Windows\system32\mswsock.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll
O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d'affectation de noms de messagerie.) -- C:\Windows\system32\napinsp.dll
O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Fournisseur d'espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - Fournisseur d'espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{205B7237-B254-48DA-A248-C318AA1FE68C}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{205B7237-B254-48DA-A248-C318AA1FE68C}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{205B7237-B254-48DA-A248-C318AA1FE68C}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: (avast! Antivirus) . (.AVAST Software - avast! Service.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: (FTRTSVC) . (.France Telecom SA - Orange Connection Kit.) - C:\PROGRA~2\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
O23 - Service: (GameConsoleService) . (.WildTangent, Inc. - GameConsoleService.) - C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe
O23 - Service: (gupdate) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: (gusvc) . (.Google - gusvc.) - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: (HP Health Check Service) . (.Hewlett-Packard - HP Health Check Service.) - C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: (hpqwmiex) . (.Hewlett-Packard Development Company, L.P. - hpqwmiex Module.) - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: (LightScribeService) . (.Hewlett-Packard Company - LightScribe Service.) - c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
O23 - Service: (LVPrcS64) . (.Logitech Inc. - Logitech LVPrcSrv Module..) - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: (ncpclcfg) . (.NCP engineering GmbH - NCP Client Configuration Service.) - C:\Program Files (x86)\WatchGuard\Mobile VPN\ncpclcfg.exe
O23 - Service: (ncprwsnt) . (.NCP Engineering GmbH - Provides NCP VPN, PPP and Dial services.) - C:\Program Files (x86)\WatchGuard\Mobile VPN\ncprwsnt.exe
O23 - Service: (NcpSec) . (...) - C:\Program Files (x86)\WatchGuard\Mobile VPN\ncpsec.exe
O23 - Service: (nvsvc) . (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 186.2.) - C:\Windows\system32\nvvsvc.exe
O23 - Service: (Orange update Core Service) . (...) - C:\Program Files (x86)\Orange\OrangeUpdate\Service\OUCore.exe
O23 - Service: (rwsrsu) . (...) - C:\Program Files (x86)\WatchGuard\Mobile VPN\rwsrsu.exe
---\\ Enumération Active Desktop & MHTML Editor (O24)
O24 - Default MHTML Editor: Last - .(...) - (.not file.)
---\\ Tâches planifiées en automatique (O39)
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4220392474-3154016718-1942710015-1000Core.job
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4220392474-3154016718-1942710015-1000UA.job
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\HPCeeScheduleForthaf.job
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\PCDRScheduledMaintenance.job
[MD5.EF06E2DEDA4BEBF1848FE395D078FFC1] [APT] [CLMLSvc] (.CyberLink.) -- c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
[MD5.C65B115A03DB0260895DE96681E88221] [APT] [DVDAgent] (.CyberLink Corp..) -- c:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe
[MD5.8F0DE4FEF8201E306F9938B0905AC96A] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
[MD5.8F0DE4FEF8201E306F9938B0905AC96A] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
[MD5.F02A533F517EB38333CB12A9E8963773] [APT] [GoogleUpdateTaskUserS-1-5-21-4220392474-3154016718-1942710015-1000Core] (.Google Inc..) -- C:\Users\thaf\AppData\Local\Google\Update\GoogleUpdate.exe
[MD5.F02A533F517EB38333CB12A9E8963773] [APT] [GoogleUpdateTaskUserS-1-5-21-4220392474-3154016718-1942710015-1000UA] (.Google Inc..) -- C:\Users\thaf\AppData\Local\Google\Update\GoogleUpdate.exe
[MD5.19241811C54D6E8D352418A73C68D26E] [APT] [HPCeeScheduleForthaf] (.Hewlett-Packard.) -- C:\Program Files (x86)\hewlett-packard\sdp\ceement\HPCEE.exe
[MD5.55933254903B7E3C3F997630FF612E11] [APT] [PCDRScheduledMaintenance] (.PC-Doctor, Inc..) -- C:\Program Files\PC-Doctor for Windows\pcdr5cuiw32.exe
[MD5.BF9EAB227D409CE1E75C23BB10CF5DBC] [APT] [{E6CB7701-9E2E-4F02-970C-87D6DF0958D5}] (.Skype Technologies S.A..) -- C:\Program Files (x86)\Skype\Phone\Skype.exe
[MD5.ACB856FE8856E8091F5EF0ADB6450A55] [APT] [PC Health Analysis] (.Hewlett-Packard.) -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe
[MD5.ACB856FE8856E8091F5EF0ADB6450A55] [APT] [PC Tuneup] (.Hewlett-Packard.) -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe
---\\ Pilotes lancés au démarrage (O41)
O41 - Driver: C:\Windows\system32\drivers\afd.sys (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\Windows\system32\drivers\afd.sys
O41 - Driver: (blbdrive) . (.Microsoft Corporation - BLB Drive Driver.) - C:\Windows\system32\DRIVERS\blbdrive.sys
O41 - Driver: (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\system32\DRIVERS\cdrom.sys
O41 - Driver: C:\Windows\system32\drivers\dfsc.sys (DfsC) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\System32\Drivers\dfsc.sys
O41 - Driver: C:\Windows\system32\drivers\discache.sys (discache) . (.Microsoft Corporation - System Indexer/Cache Driver.) - C:\Windows\System32\drivers\discache.sys
O41 - Driver: (mssmbios) . (.Microsoft Corporation - System Management BIOS Driver.) - C:\Windows\system32\DRIVERS\mssmbios.sys
O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\System32\DRIVERS\netbios.sys
O41 - Driver: C:\Windows\system32\drivers\netbt.sys (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\System32\DRIVERS\netbt.sys
O41 - Driver: C:\Windows\system32\drivers\nsiproxy.sys (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\System32\drivers\nsiproxy.sys
O41 - Driver: C:\Windows\system32\drivers\pacer.sys (Psched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\Windows\System32\DRIVERS\pacer.sys
O41 - Driver: C:\Windows\system32\wkssvc.dll (rdbss) . (.Microsoft Corporation - Pilote du sous-système de mise en mémoire t.) - C:\Windows\System32\DRIVERS\rdbss.sys
O41 - Driver: C:\Windows\system32\DRIVERS\RDPCDD.sys (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\DRIVERS\RDPCDD.sys
O41 - Driver: C:\Windows\system32\drivers\RDPENCDD.sys (RDPENCDD) . (.Microsoft Corporation - RDP Encoder Miniport.) - C:\Windows\System32\drivers\rdpencdd.sys
O41 - Driver: C:\Windows\system32\drivers\RdpRefMp.sys (RDPREFMP) . (.Microsoft Corporation - RDP Reflector Driver Miniport.) - C:\Windows\System32\drivers\rdprefmp.sys
O41 - Driver: C:\Windows\system32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\System32\DRIVERS\tdx.sys
O41 - Driver: (TermDD) . (.Microsoft Corporation - Remote Desktop Server Driver.) - C:\Windows\system32\DRIVERS\termdd.sys
O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\Windows\system32\drivers\vga.sys
O41 - Driver: C:\Windows\system32\rascfg.dll (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\System32\DRIVERS\wanarp.sys
O41 - Driver: (WfpLwf) . (.Microsoft Corporation - WFP NDIS 6.20 Lightweight Filter Driver.) - C:\Windows\System32\DRIVERS\wfplwf.sys
---\\ Logiciels installés (O42)
O42 - Logiciel: AOL Toolbar 5.0 - (.AOL LLC.) [HKLM][64Bits] -- AOL Toolbar
O42 - Logiciel: Activation Assistant for the 2007 Microsoft Office suites - (.Microsoft Corporation.) [HKLM][64Bits] -- Activation Assistant for the 2007 Microsoft Office suites
O42 - Logiciel: ActiveCheck component for HP Active Support Library - (.Hewlett-Packard.) [HKLM][64Bits] -- {254C37AA-6B72-4300-84F6-98A82419187E}
O42 - Logiciel: Adobe AIR - (.Adobe Systems Inc..) [HKLM][64Bits] -- Adobe AIR
O42 - Logiciel: Adobe AIR - (.Adobe Systems Inc..) [HKLM][64Bits] -- {B194272D-1F92-46DF-99EB-8D5CE91CB4EC}
O42 - Logiciel: Adobe Flash Player 10 ActiveX - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Flash Player ActiveX
O42 - Logiciel: Adobe Flash Player 10 ActiveX 64-bit - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX 64
O42 - Logiciel: Adobe Flash Player 9 ActiveX - (.Adobe Systems.) [HKLM][64Bits] -- ShockwaveFlash
O42 - Logiciel: Adobe Reader 9.3 - Français - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {AC76BA86-7AD7-1036-7B44-A93000000001}
O42 - Logiciel: Connexion Internet Orange - (.Pas de propriétaire.) [HKLM][64Bits] -- {ORAHSS}.UninstallSuite
O42 - Logiciel: CyberLink DVD Suite Deluxe - (.CyberLink Corp..) [HKLM][64Bits] -- InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}
O42 - Logiciel: CyberLink DVD Suite Deluxe - (.CyberLink Corp..) [HKLM][64Bits] -- {1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}
O42 - Logiciel: Download Updater (AOL LLC) - (.Pas de propriétaire.) [HKLM][64Bits] -- SoftwareUpdUtility
O42 - Logiciel: Facebook Plug-In - (.Facebook, Inc..) [HKCU] -- Facebook Plug-In
O42 - Logiciel: Frets On Fire - (.Pas de propriétaire.) [HKLM][64Bits] -- Frets on Fire
O42 - Logiciel: Google Chrome - (.Google Inc..) [HKCU] -- Google Chrome
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM][64Bits] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
O42 - Logiciel: HP Advisor - (.Hewlett-Packard.) [HKLM][64Bits] -- {B53E61D7-7C80-40DF-82D2-CF5390D6D20A}
O42 - Logiciel: HP Customer Experience Enhancements - (.Hewlett-Packard.) [HKLM][64Bits] -- {5B295588-59C1-4386-9F85-BB4BEDCB0D22}
O42 - Logiciel: HP Games - (.WildTangent.) [HKLM][64Bits] -- WildTangent hp Master Uninstall
O42 - Logiciel: HP MediaSmart DVD - (.Hewlett-Packard.) [HKLM][64Bits] -- InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}
O42 - Logiciel: HP MediaSmart DVD - (.Hewlett-Packard.) [HKLM][64Bits] -- {DCCAD079-F92C-44DA-B258-624FC6517A5A}
O42 - Logiciel: HP MediaSmart Movie Themes - (.Hewlett-Packard.) [HKLM][64Bits] -- InstallShield_{3023EBDA-BF1B-4831-B347-E5018555F26E}
O42 - Logiciel: HP MediaSmart Movie Themes - (.Hewlett-Packard.) [HKLM][64Bits] -- {3023EBDA-BF1B-4831-B347-E5018555F26E}
O42 - Logiciel: HP MediaSmart Music/Photo/Video - (.Hewlett-Packard.) [HKLM][64Bits] -- InstallShield_{B2EE25B9-5B00-4ACF-94F0-92433C28C39E}
O42 - Logiciel: HP MediaSmart Music/Photo/Video - (.Hewlett-Packard.) [HKLM][64Bits] -- {B2EE25B9-5B00-4ACF-94F0-92433C28C39E}
O42 - Logiciel: HP MediaSmart SmartMenu - (.Hewlett-Packard.) [HKLM] -- {26280024-DFB7-4967-90DB-7F9C6660D01E}
O42 - Logiciel: HP Remote Solution - (.TopSeed.) [HKLM][64Bits] -- HP Remote Solution
O42 - Logiciel: HP Remote Solution - (.TopSeed.) [HKLM][64Bits] -- {C611CF88-969D-43E6-A877-D6D6439DD081}
O42 - Logiciel: HP Setup - (.Hewlett-Packard.) [HKLM][64Bits] -- {F3B912F5-EB57-45AA-B3D1-EB532BCF6EF8}
O42 - Logiciel: HP Support Assistant - (.Hewlett-Packard.) [HKLM][64Bits] -- {4F46FDB9-B906-47BF-B3D5-C62E01B3C5EE}
O42 - Logiciel: HP Update - (.Hewlett-Packard.) [HKLM][64Bits] -- {D46D081B-F60E-467E-A7C4-117B70D76731}
O42 - Logiciel: HPAsset component for HP Active Support Library - (.Hewlett-Packard.) [HKLM][64Bits] -- {669D4A35-146B-4314-89F1-1AC3D7B88367}
O42 - Logiciel: LabelPrint - (.CyberLink Corp..) [HKLM][64Bits] -- InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}
O42 - Logiciel: LabelPrint - (.CyberLink Corp..) [HKLM][64Bits] -- {C59C179C-668D-49A9-B6EA-0121CCFC1243}
O42 - Logiciel: Les Sims 2 - (.Pas de propriétaire.) [HKLM][64Bits] -- {6E7DD182-9FC6-4651-0095-2E666CC6AF35}
O42 - Logiciel: Les Sims(TM) 2 Animaux & Cie - (.Pas de propriétaire.) [HKLM][64Bits] -- {4817189D-1785-4627-A33C-39FD90919300}
O42 - Logiciel: LightScribe System Software - (.LightScribe.) [HKLM][64Bits] -- {DD6C316A-FE75-4FBB-9D22-4C1920232B72}
O42 - Logiciel: Logitech Vid - (.Logitech Inc..) [HKLM][64Bits] -- {4FBCEA31-5D18-4212-9231-DE7CF1BE7DBB}
O42 - Logiciel: Logitech Webcam Software - (.Logitech Inc..) [HKLM] -- {987FE247-4E69-4A2E-A961-D14F901FDBF6}
O42 - Logiciel: MSXML 4.0 SP2 (KB954430) - (.Microsoft Corporation.) [HKLM][64Bits] -- {86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
O42 - Logiciel: MSXML 4.0 SP2 (KB973688) - (.Microsoft Corporation.) [HKLM][64Bits] -- {F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
O42 - Logiciel: Malwarebytes' Anti-Malware - (.Malwarebytes Corporation.) [HKLM][64Bits] -- Malwarebytes' Anti-Malware_is1
O42 - Logiciel: Microsoft Office Access MUI (French) 2007 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90120000-0015-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Excel MUI (French) 2007 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90120000-0016-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Home and Student 2007 - (.Microsoft Corporation.) [HKLM][64Bits] -- HOMESTUDENTR
O42 - Logiciel: Microsoft Office Home and Student 2007 - (.Microsoft Corporation.) [HKLM][64Bits] -- {91120000-002F-0000-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office InfoPath MUI (French) 2007 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90120000-0044-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Office 64-bit Components 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-002A-0000-1000-0000000FF1CE}
O42 - Logiciel: Microsoft Office OneNote MUI (French) 2007 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90120000-00A1-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Outlook MUI (French) 2007 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90120000-001A-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office PowerPoint MUI (French) 2007 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90120000-0018-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office PowerPoint Viewer 2007 (French) - (.Microsoft Corporation.) [HKLM][64Bits] -- {95120000-00AF-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Professional Plus 2007 - (.Microsoft Corporation.) [HKLM][64Bits] -- PROPLUS
O42 - Logiciel: Microsoft Office Professional Plus 2007 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90120000-0011-0000-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (Arabic) 2007 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90120000-001F-0401-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (Dutch) 2007 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90120000-001F-0413-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (English) 2007 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90120000-001F-0409-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (French) 2007 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90120000-001F-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (German) 2007 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90120000-001F-0407-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (Spanish) 2007 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90120000-001F-0C0A-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proofing (French) 2007 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90120000-002C-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Publisher MUI (French) 2007 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90120000-0019-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Shared 64-bit MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-002A-040C-1000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Shared MUI (French) 2007 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90120000-006E-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Word MUI (French) 2007 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90120000-001B-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable (x64) - (.Microsoft Corporation.) [HKLM] -- {071c9b48-7c32-4621-a0ac-3f809523288f}
O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable - (.Microsoft Corporation.) [HKLM][64Bits] -- {7299052b-02a4-4627-81f2-1818da5d550d}
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 - (.Microsoft Corporation.) [HKLM] -- {8220EEFE-38CD-377E-8595-13398D740ACE}
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 - (.Microsoft Corporation.) [HKLM][64Bits] -- {9A25302D-30C0-39D9-BD6F-21E6EC160475}
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 - (.Microsoft Corporation.) [HKLM][64Bits] -- {1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
O42 - Logiciel: Microsoft Works - (.Microsoft Corporation.) [HKLM][64Bits] -- {3B160861-7250-451E-B5EE-8B92BF30A710}
O42 - Logiciel: Module de compatibilité pour Microsoft Office System 2007 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90120000-0020-040C-0000-0000000FF1CE}
O42 - Logiciel: NVIDIA Drivers - (.NVIDIA Corporation.) [HKLM] -- NVIDIA Drivers
O42 - Logiciel: Notification Mail - (.Orange.) [HKLM][64Bits] -- MailNotifier
O42 - Logiciel: Orange Desktop Search - (.Orange.) [HKLM][64Bits] -- OrangeDesktopSearch2
O42 - Logiciel: Orange update - (.Orange.) [HKLM][64Bits] -- OrangeUpdateManager
O42 - Logiciel: Outils de diagnostic du matériel - (.PC-Doctor, Inc..) [HKLM] -- PC-Doctor for Windows
O42 - Logiciel: Picasa 3 - (.Google, Inc..) [HKLM][64Bits] -- Picasa 3
O42 - Logiciel: Power2Go - (.CyberLink Corp..) [HKLM][64Bits] -- InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}
O42 - Logiciel: Power2Go - (.CyberLink Corp..) [HKLM][64Bits] -- {40BF1E83-20EB-11D8-97C5-0009C5020658}
O42 - Logiciel: PowerDirector - (.CyberLink Corp..) [HKLM][64Bits] -- InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}
O42 - Logiciel: PowerDirector - (.CyberLink Corp..) [HKLM][64Bits] -- {CB099890-1D5F-11D5-9EA9-0050BAE317E1}
O42 - Logiciel: PowerRecover - (.CyberLink Corp..) [HKLM][64Bits] -- {44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}
O42 - Logiciel: Pro100 - (.Pas de propriétaire.) [HKLM][64Bits] -- Pro100
O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM][64Bits] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}
O42 - Logiciel: Skype web features - (.Skype Technologies S.A..) [HKLM][64Bits] -- {541DEAC0-5F3D-45E6-B7CB-94ECF3B96748}
O42 - Logiciel: Skype(TM) 4.1 - (.Skype Technologies S.A..) [HKLM][64Bits] -- {D103C4BA-F905-437A-8049-DB24763BBE36}
O42 - Logiciel: Spotify - (.Pas de propriétaire.) [HKLM][64Bits] -- Spotify
O42 - Logiciel: StarCraft II - (.Blizzard Entertainment.) [HKLM][64Bits] -- StarCraft II
O42 - Logiciel: TweetDeck - (.TweetDeck Inc..) [HKLM][64Bits] -- TweetDeckFast.FFF259DC0CE2657847BBB4AFF0E62062EFC56543.1
O42 - Logiciel: TweetDeck - (.TweetDeck Inc..) [HKLM][64Bits] -- {BDF3C27A-BDAA-FA3E-D8A4-3367AB7FCB4F}
O42 - Logiciel: Update for Office 2007 (KB934528) - (.Pas de propriétaire.) [HKLM][64Bits] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{2B939677-2FFD-48F6-9075-7BF48CB87C80}
O42 - Logiciel: Update for Office System 2007 Setup (KB929722) - (.Pas de propriétaire.) [HKLM][64Bits] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{D8E9BEBD-655F-467D-8176-CA9959C140A3}
O42 - Logiciel: WatchGuard Mobile VPN - (.WatchGuard Technologies, Inc..) [HKLM][64Bits] -- NCP RWS/GA
O42 - Logiciel: avast! Free Antivirus - (.AVAST Software.) [HKLM][64Bits] -- avast
O42 - Logiciel: barre d'outils Orange - (.France Telecom SA.) [HKLM][64Bits] -- OrangeToolbarFR
---\\ HKCU & HKLM Software Keys
[HKCU\Software\AOL]
[HKCU\Software\AVAST Software]
[HKCU\Software\Adobe]
[HKCU\Software\AppDataLow\SOFTWARE]
[HKCU\Software\AppDataLow\Software\Microsoft]
[HKCU\Software\AppDataLow\Software\Orange]
[HKCU\Software\AppDataLow]
[HKCU\Software\Blizzard Entertainment]
[HKCU\Software\Bodrag]
[HKCU\Software\Borland]
[HKCU\Software\Classes]
[HKCU\Software\Clients]
[HKCU\Software\CyberLink]
[HKCU\Software\EasyBits]
[HKCU\Software\Ecru]
[HKCU\Software\Google]
[HKCU\Software\Headlight]
[HKCU\Software\Hewlett-Packard]
[HKCU\Software\Leadertech]
[HKCU\Software\LogiShrd]
[HKCU\Software\Logitech]
[HKCU\Software\Macromedia]
[HKCU\Software\Malwarebytes' Anti-Malware]
[HKCU\Software\MimarSinan]
[HKCU\Software\MozillaPlugins]
[HKCU\Software\NVIDIA Corporation]
[HKCU\Software\Netscape]
[HKCU\Software\Norton]
[HKCU\Software\ODBC]
[HKCU\Software\ORANGE]
[HKCU\Software\Policies]
[HKCU\Software\Razer]
[HKCU\Software\Skype]
[HKCU\Software\Spotify]
[HKCU\Software\Trolltech]
[HKCU\Software\Wow6432Node]
[HKCU\Software\etoro]
[HKCU\Software\kde.org]
[HKLM\Software\ATI Technologies]
[HKLM\Software\AVAST Software]
[HKLM\Software\Adobe]
[HKLM\Software\America Online]
[HKLM\Software\Blizzard Entertainment]
[HKLM\Software\Classes]
[HKLM\Software\Clients]
[HKLM\Software\CyberLink]
[HKLM\Software\DesktopSearch2]
[HKLM\Software\DesktopSearch]
[HKLM\Software\DivXNetworks]
[HKLM\Software\EA GAMES]
[HKLM\Software\EasyBits]
[HKLM\Software\Electronic Arts]
[HKLM\Software\FRANCE TELECOM]
[HKLM\Software\Google]
[HKLM\Software\Hewlett-Packard]
[HKLM\Software\Intel]
[HKLM\Software\Licenses]
[HKLM\Software\LightScribe]
[HKLM\Software\LogiShrd]
[HKLM\Software\Logitech]
[HKLM\Software\Macromedia]
[HKLM\Software\Malwarebytes' Anti-Malware]
[HKLM\Software\MimarSinan]
[HKLM\Software\MozillaPlugins]
[HKLM\Software\NCP engineering GmbH]
[HKLM\Software\NVIDIA Corporation]
[HKLM\Software\Norton]
[HKLM\Software\ODBC]
[HKLM\Software\ORANGE]
[HKLM\Software\PC-Doctor]
[HKLM\Software\Policies]
[HKLM\Software\Realtek Semiconductor Corp.]
[HKLM\Software\Realtek]
[HKLM\Software\RegisteredApplications]
[HKLM\Software\SRS Labs]
[HKLM\Software\Skype]
[HKLM\Software\Sonic]
[HKLM\Software\Symantec]
[HKLM\Software\Volatile]
[HKLM\Software\WildTangent]
[HKLM\Software\Wilson WindowWare]
[HKLM\Software\Wow6432Node]
---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 27/03/2011 - 18:42:14 - [166779289] ----D- C:\Program Files\AVAST Software
O43 - CFD: 24/01/2010 - 19:07:20 - [99032681] ----D- C:\Program Files\Common Files
O43 - CFD: 21/09/2009 - 03:27:48 - [90257428] ----D- C:\Program Files\DVD Maker
O43 - CFD: 19/01/2010 - 20:09:24 - [0] -SH-D- C:\Program Files\Fichiers communs
O43 - CFD: 31/10/2010 - 10:26:30 - [0] ----D- C:\Program Files\Google
O43 - CFD: 20/09/2009 - 17:56:22 - [1262813] ----D- C:\Program Files\Hewlett-Packard
O43 - CFD: 17/04/2011 - 20:08:10 - [5170695] ----D- C:\Program Files\Internet Explorer
O43 - CFD: 24/01/2010 - 19:14:24 - [22566755] ----D- C:\Program Files\Logitech
O43 - CFD: 14/07/2009 - 09:45:56 - [149236786] ----D- C:\Program Files\Microsoft Games
O43 - CFD: 22/01/2010 - 21:58:30 - [1140374] ----D- C:\Program Files\Microsoft Office
O43 - CFD: 14/07/2009 - 07:32:40 - [25757] ----D- C:\Program Files\MSBuild
O43 - CFD: 19/01/2010 - 20:09:46 - [126093] R---D- C:\Program Files\Online Services
O43 - CFD: 19/01/2010 - 21:45:54 - [146102256] ----D- C:\Program Files\PC-Doctor for Windows
O43 - CFD: 20/09/2009 - 17:32:12 - [9706560] ----D- C:\Program Files\Realtek
O43 - CFD: 14/07/2009 - 07:32:40 - [36253865] ----D- C:\Program Files\Reference Assemblies
O43 - CFD: 14/07/2009 - 07:09:28 - [0] --H-D- C:\Program Files\Uninstall Information
O43 - CFD: 21/09/2009 - 03:27:48 - [4039168] ----D- C:\Program Files\Windows Defender
O43 - CFD: 21/09/2009 - 03:27:48 - [9224824] ----D- C:\Program Files\Windows Journal
O43 - CFD: 17/04/2011 - 20:08:12 - [6667264] ----D- C:\Program Files\Windows Mail
O43 - CFD: 17/04/2011 - 20:08:08 - [7687085] ----D- C:\Program Files\Windows Media Player
O43 - CFD: 19/01/2010 - 20:09:24 - [12627124] ----D- C:\Program Files\Windows NT
O43 - CFD: 21/09/2009 - 03:27:48 - [5516568] ----D- C:\Program Files\Windows Photo Viewer
O43 - CFD: 14/07/2009 - 07:32:40 - [235008] ----D- C:\Program Files\Windows Portable Devices
O43 - CFD: 19/01/2010 - 20:09:44 - [10036897] ----D- C:\Program Files\Windows Sidebar
O43 - CFD: 24/01/2010 - 19:14:26 - [29724747] ----D- C:\Program Files\Common Files\logishrd
O43 - CFD: 22/01/2010 - 21:59:34 - [56686493] ----D- C:\Program Files\Common Files\Microsoft Shared
O43 - CFD: 14/07/2009 - 05:20:10 - [2702] ----D- C:\Program Files\Common Files\Services
O43 - CFD: 14/07/2009 - 05:20:10 - [608768] ----D- C:\Program Files\Common Files\SpeechEngines
O43 - CFD: 21/09/2009 - 03:28:54 - [12009971] ----D- C:\Program Files\Common Files\System
O43 - CFD: 19/06/2010 - 17:44:54 - [228003773] ----D- C:\ProgramData\Adobe
O43 - CFD: 20/09/2009 - 18:11:10 - [13631099] ----D- C:\ProgramData\AOL
O43 - CFD: 14/07/2009 - 07:08:58 - [0] -SH-D- C:\ProgramData\Application Data
O43 - CFD: 27/03/2011 - 18:42:14 - [25029985] ----D- C:\ProgramData\AVAST Software
O43 - CFD: 20/02/2010 - 16:14:20 - [0] ----D- C:\ProgramData\Babylon
O43 - CFD: 11/11/2010 - 20:05:48 - [544] ----D- C:\ProgramData\Blizzard
O43 - CFD: 26/12/2010 - 10:41:00 - [140051185] ----D- C:\ProgramData\Blizzard Entertainment
O43 - CFD: 19/01/2010 - 20:09:24 - [0] ----D- C:\ProgramData\Bureau
O43 - CFD: 24/01/2010 - 23:11:54 - [132034] ----D- C:\ProgramData\CyberLink
O43 - CFD: 14/07/2009 - 07:08:58 - [0] ----D- C:\ProgramData\Desktop
O43 - CFD: 14/07/2009 - 07:08:58 - [0] ----D- C:\ProgramData\Documents
O43 - CFD: 23/01/2010 - 01:21:26 - [0] ----D- C:\ProgramData\eMule
O43 - CFD: 19/01/2010 - 20:09:24 - [0] ----D- C:\ProgramData\Favoris
O43 - CFD: 14/07/2009 - 07:08:58 - [0] ----D- C:\ProgramData\Favorites
O43 - CFD: 30/10/2010 - 14:02:10 - [501936] ----D- C:\ProgramData\Google
O43 - CFD: 19/01/2010 - 20:12:28 - [45004302] ----D- C:\ProgramData\Hewlett-Packard
O43 - CFD: 28/01/2010 - 21:08:02 - [12948692] ----D- C:\ProgramData\LogiShrd
O43 - CFD: 17/04/2011 - 18:57:22 - [6572679] ----D- C:\ProgramData\Malwarebytes
O43 - CFD: 19/01/2010 - 20:09:24 - [0] ----D- C:\ProgramData\Menu Démarrer
O43 - CFD: 26/12/2010 - 12:20:38 - [223064973] -S--D- C:\ProgramData\Microsoft
O43 - CFD: 21/02/2010 - 13:09:56 - [65924] ----D- C:\ProgramData\Microsoft Help
O43 - CFD: 19/01/2010 - 20:09:24 - [0] ----D- C:\ProgramData\Modèles
O43 - CFD: 21/02/2010 - 12:26:04 - [276] ----D- C:\ProgramData\Norton
O43 - CFD: 20/09/2009 - 18:11:38 - [8100937] ----D- C:\ProgramData\NortonInstaller
O43 - CFD: 20/09/2009 - 17:44:50 - [234788] ----D- C:\ProgramData\NVIDIA
O43 - CFD: 17/04/2011 - 17:51:50 - [64532] ----D- C:\ProgramData\Orange
O43 - CFD: 20/09/2009 - 17:56:08 - [3201357] ----D- C:\ProgramData\PC-Doctor for Windows
O43 - CFD: 18/12/2010 - 19:50:02 - [3444] --H-D- C:\ProgramData\Recovery
O43 - CFD: 23/01/2010 - 21:30:36 - [27171037] ----D- C:\ProgramData\Skype
O43 - CFD: 14/07/2009 - 07:08:58 - [0] ----D- C:\ProgramData\Start Menu
O43 - CFD: 20/09/2009 - 18:12:44 - [327822] ----D- C:\ProgramData\Temp
O43 - CFD: 14/07/2009 - 07:08:58 - [0] ----D- C:\ProgramData\Templates
O43 - CFD: 21/02/2010 - 13:34:10 - [3013055326] ----D- C:\ProgramData\WildTangent
O43 - CFD: 16/10/2010 - 18:15:16 - [14089406] --H-D- C:\Users\thaf\AppData\Roaming\Adobe
O43 - CFD: 20/02/2010 - 16:14:20 - [1015] --H-D- C:\Users\thaf\AppData\Roaming\Babylon
O43 - CFD: 24/01/2010 - 23:11:52 - [0] --H-D- C:\Users\thaf\AppData\Roaming\CyberLink
O43 - CFD: 06/03/2010 - 16:29:20 - [6558611] --H-D- C:\Users\thaf\AppData\Roaming\Facebook
O43 - CFD: 24/01/2010 - 17:48:12 - [17022] --H-D- C:\Users\thaf\AppData\Roaming\fretsonfire
O43 - CFD: 07/02/2010 - 12:26:30 - [0] --H-D- C:\Users\thaf\AppData\Roaming\GetRightToGo
O43 - CFD: 28/02/2010 - 12:26:38 - [0] --H-D- C:\Users\thaf\AppData\Roaming\Google
O43 - CFD: 22/01/2010 - 21:47:08 - [63138] --H-D- C:\Users\thaf\AppData\Roaming\Hewlett-Packard
O43 - CFD: 19/01/2010 - 20:09:52 - [34504] --H-D- C:\Users\thaf\AppData\Roaming\HP TCS
O43 - CFD: 19/01/2010 - 21:09:32 - [0] --H-D- C:\Users\thaf\AppData\Roaming\Identities
O43 - CFD: 24/01/2010 - 19:14:32 - [353] --H-D- C:\Users\thaf\AppData\Roaming\Leadertech
O43 - CFD: 19/01/2010 - 21:47:14 - [92426] --H-D- C:\Users\thaf\AppData\Roaming\Macromedia
O43 - CFD: 17/04/2011 - 18:57:28 - [1061] ----D- C:\Users\thaf\AppData\Roaming\Malwarebytes
O43 - CFD: 14/07/2009 - 09:44:40 - [0] --H-D- C:\Users\thaf\AppData\Roaming\Media Center Programs
O43 - CFD: 12/11/2010 - 01:24:00 - [12254888] -S--D- C:\Users\thaf\AppData\Roaming\Microsoft
O43 - CFD: 07/03/2010 - 19:50:06 - [1165208] --H-D- C:\Users\thaf\AppData\Roaming\Skype
O43 - CFD: 07/03/2010 - 19:20:12 - [36720] --H-D- C:\Users\thaf\AppData\Roaming\skypePM
O43 - CFD: 17/04/2011 - 20:04:36 - [1362729] --H-D- C:\Users\thaf\AppData\Roaming\Spotify
O43 - CFD: 19/06/2010 - 17:44:56 - [62159] --H-D- C:\Users\thaf\AppData\Roaming\TweetDeckFast.FFF259DC0CE2657847BBB4AFF0E62062EFC56543.1
O43 - CFD: 21/02/2010 - 13:34:12 - [667] --H-D- C:\Users\thaf\AppData\Roaming\WildTangent
O43 - CFD: 23/01/2010 - 01:21:44 - [4176] --H-D- C:\Users\thaf\AppData\Roaming\_MDLogs
O43 - CFD: 19/06/2010 - 17:43:52 - [6012544] --H-D- C:\Users\thaf\Appdata\Local\Adobe
O43 - CFD: 19/01/2010 - 21:42:52 - [14419] --H-D- C:\Users\thaf\Appdata\Local\AOL
O43 - CFD: 19/01/2010 - 20:09:30 - [0] -SH-D- C:\Users\thaf\Appdata\Local\Application Data
O43 - CFD: 11/11/2010 - 20:04:44 - [0] --H-D- C:\Users\thaf\Appdata\Local\Blizzard Entertainment
O43 - CFD: 21/01/2010 - 21:09:56 - [0] --H-D- C:\Users\thaf\Appdata\Local\CyberLink
O43 - CFD: 12/12/2010 - 13:59:44 - [0] --H-D- C:\Users\thaf\Appdata\Local\Diagnostics
O43 - CFD: 26/03/2010 - 23:27:56 - [0] ----D- C:\Users\thaf\Appdata\Local\ElevatedDiagnostics
O43 - CFD: 23/01/2010 - 01:21:26 - [0] --H-D- C:\Users\thaf\Appdata\Local\eMule
O43 - CFD: 01/11/2010 - 22:01:24 - [921247739] --H-D- C:\Users\thaf\Appdata\Local\Google
O43 - CFD: 19/01/2010 - 21:09:50 - [46202162] --H-D- C:\Users\thaf\Appdata\Local\Hewlett-Packard
O43 - CFD: 19/01/2010 - 21:09:14 - [368] --H-D- C:\Users\thaf\Appdata\Local\Hewlett-Packard_Company
O43 - CFD: 19/01/2010 - 20:09:30 - [0] -SH-D- C:\Users\thaf\Appdata\Local\Historique
O43 - CFD: 24/01/2010 - 19:14:40 - [25094938] --H-D- C:\Users\thaf\Appdata\Local\LogiShrd
O43 - CFD: 16/05/2010 - 15:51:44 - [718250436] --H-D- C:\Users\thaf\Appdata\Local\Microsoft
O43 - CFD: 21/03/2010 - 21:40:58 - [768276] --H-D- C:\Users\thaf\Appdata\Local\Microsoft Games
O43 - CFD: 22/01/2010 - 21:47:40 - [0] --H-D- C:\Users\thaf\Appdata\Local\Microsoft Help
O43 - CFD: 25/01/2010 - 23:06:58 - [1547] --H-D- C:\Users\thaf\Appdata\Local\Orange
O43 - CFD: 21/01/2010 - 21:09:56 - [0] --H-D- C:\Users\thaf\Appdata\Local\PowerCinema
O43 - CFD: 22/01/2010 - 22:01:04 - [285696] --H-D- C:\Users\thaf\Appdata\Local\Seven Zip
O43 - CFD: 17/04/2011 - 18:18:52 - [2295634465] --H-D- C:\Users\thaf\Appdata\Local\Spotify
O43 - CFD: 17/04/2011 - 20:40:34 - [872539069] --H-D- C:\Users\thaf\Appdata\Local\Temp
O43 - CFD: 19/01/2010 - 20:09:30 - [0] -SH-D- C:\Users\thaf\Appdata\Local\Temporary Internet Files
O43 - CFD: 12/02/2010 - 22:25:08 - [11962596] --H-D- C:\Users\thaf\Appdata\Local\VirtualStore
O43 - CFD: 22/01/2010 - 22:01:28 - [12686438] ----D- C:\Program Files (x86)\Activation Assistant for the 2007 Microsoft Office suites
O43 - CFD: 19/06/2010 - 17:44:50 - [241829745] ----D- C:\Program Files (x86)\Adobe
O43 - CFD: 20/09/2009 - 18:11:10 - [2958944] ----D- C:\Program Files (x86)\AOL
O43 - CFD: 26/02/2010 - 21:38:18 - [2359296] ----D- C:\Program Files (x86)\Bodrag
O43 - CFD: 11/11/2010 - 20:05:02 - [444542919] ----D- C:\Program Files (x86)\Common Files
O43 - CFD: 20/09/2009 - 17:50:22 - [911910852] ----D- C:\Program Files (x86)\Cyberlink
O43 - CFD: 31/07/2010 - 14:12:46 - [3774997861] ----D- C:\Program Files (x86)\EA GAMES
O43 - CFD: 24/01/2010 - 17:45:16 - [59999954] ----D- C:\Program Files (x86)\Frets on Fire
O43 - CFD: 01/11/2010 - 22:00:04 - [78633200] ----D- C:\Program Files (x86)\Google
O43 - CFD: 20/09/2009 - 18:12:52 - [1083806237] ----D- C:\Program Files (x86)\Hewlett-Packard
O43 - CFD: 20/09/2009 - 17:55:28 - [3117921] ----D- C:\Program Files (x86)\hp
O43 - CFD: 20/09/2009 - 18:10:18 - [461742490] ----D- C:\Program Files (x86)\HP Games
O43 - CFD: 21/01/2010 - 17:04:56 - [103509207] --H-D- C:\Program Files (x86)\InstallShield Installation Information
O43 - CFD: 17/04/2011 - 20:08:10 - [4473355] ----D- C:\Program Files (x86)\Internet Explorer
O43 - CFD: 24/01/2010 - 19:14:36 - [47304912] ----D- C:\Program Files (x86)\Logitech
O43 - CFD: 17/04/2011 - 18:57:22 - [4934082] ----D- C:\Program Files (x86)\Malwarebytes' Anti-Malware
O43 - CFD: 21/02/2010 - 13:09:10 - [620157116] ----D- C:\Program Files (x86)\Microsoft Office
O43 - CFD: 21/02/2010 - 13:09:20 - [14904] ----D- C:\Program Files (x86)\Microsoft Visual Studio
O43 - CFD: 21/02/2010 - 13:07:30 - [1387249] ----D- C:\Program Files (x86)\Microsoft Visual Studio 8
O43 - CFD: 22/01/2010 - 22:00:20 - [144949414] ----D- C:\Program Files (x86)\Microsoft Works
O43 - CFD: 22/01/2010 - 22:00:06 - [8152064] ----D- C:\Program Files (x86)\Microsoft.NET
O43 - CFD: 21/02/2010 - 13:09:24 - [26521] ----D- C:\Program Files (x86)\MSBuild
O43 - CFD: 17/04/2011 - 18:43:52 - [0] ----D- C:\Program Files (x86)\MSXML 4.0
O43 - CFD: 19/01/2010 - 20:09:46 - [784721] R---D- C:\Program Files (x86)\Online Services
O43 - CFD: 17/04/2011 - 17:50:00 - [383612619] ----D- C:\Program Files (x86)\Orange
O43 - CFD: 12/02/2010 - 22:20:50 - [71883120] ----D- C:\Program Files (x86)\Pro100Demo
O43 - CFD: 20/09/2009 - 17:43:34 - [6822075] ----D- C:\Program Files (x86)\Realtek
O43 - CFD: 14/07/2009 - 07:32:40 - [38597377] ----D- C:\Program Files (x86)\Reference Assemblies
O43 - CFD: 19/01/2010 - 21:42:38 - [60435509] ----D- C:\Program Files (x86)\Securitoo
O43 - CFD: 23/01/2010 - 21:30:54 - [37555851] R---D- C:\Program Files (x86)\Skype
O43 - CFD: 01/05/2010 - 23:29:20 - [4089415] ----D- C:\Program Files (x86)\Spotify
O43 - CFD: 26/12/2010 - 11:00:40 - [9349411121] --H-D- C:\Program Files (x86)\StarCraft II
O43 - CFD: 20/09/2009 - 17:43:42 - [0] --H-D- C:\Program Files (x86)\Temp
O43 - CFD: 19/06/2010 - 17:44:52 - [3013223] ----D- C:\Program Files (x86)\TweetDeck
O43 - CFD: 14/07/2009 - 06:57:08 - [0] --H-D- C:\Program Files (x86)\Uninstall Information
O43 - CFD: 21/01/2010 - 17:04:56 - [32007302] ----D- C:\Program Files (x86)\WatchGuard
O43 - CFD: 21/09/2009 - 03:27:48 - [524800] ----D- C:\Program Files (x86)\Windows Defender
O43 - CFD: 17/04/2011 - 20:08:12 - [6180864] ----D- C:\Program Files (x86)\Windows Mail
O43 - CFD: 17/04/2011 - 20:08:08 - [5024017] ----D- C:\Program Files (x86)\Windows Media Player
O43 - CFD: 14/07/2009 - 07:32:40 - [12197556] ----D- C:\Program Files (x86)\Windows NT
O43 - CFD: 21/09/2009 - 03:27:48 - [4417800] ----D- C:\Program Files (x86)\Windows Photo Viewer
O43 - CFD: 14/07/2009 - 07:32:42 - [189440] ----D- C:\Program Files (x86)\Windows Portable Devices
O43 - CFD: 19/01/2010 - 20:09:44 - [5994166] ----D- C:\Program Files (x86)\Windows Sidebar
O43 - CFD: 17/04/2011 - 20:41:20 - [3753510] ----D- C:\Program Files (x86)\ZHPDiag
O43 - CFD: 24/01/2010 - 19:14:26 - [29724747] ----D- C:\Program Files\Common Files\logishrd
O43 - CFD: 22/01/2010 - 21:59:34 - [56686493] ----D- C:\Program Files\Common Files\Microsoft Shared
O43 - CFD: 14/07/2009 - 05:20:10 - [2702] ----D- C:\Program Files\Common Files\Services
O43 - CFD: 14/07/2009 - 05:20:10 - [608768] ----D- C:\Program Files\Common Files\SpeechEngines
O43 - CFD: 21/09/2009 - 03:28:54 - [12009971] ----D- C:\Program Files\Common Files\System
---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.190000000000000000000000ECEF1800] - 17/04/2011 - 19:34:36 ---A- . (...) -- C:\Windows\WindowsUpdate.log [1895145]
O44 - LFC:[MD5.5B86555B56609B1B6A24586DF0B572CF] - 17/04/2011 - 19:15:17 --HA- . (...) -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [15568]
O44 - LFC:[MD5.5B86555B56609B1B6A24586DF0B572CF] - 17/04/2011 - 19:15:17 --HA- . (...) -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [15568]
O44 - LFC:[MD5.C4E3EEC10BFCB2AE8506D306415D5661] - 17/04/2011 - 19:09:44 ---A- . (...) -- C:\Windows\setupact.log [49394]
O44 - LFC:[MD5.6D321B595C6389A8498646F10E340AC7] - 17/04/2011 - 19:09:39 ---A- . (...) -- C:\Windows\SysNative\FNTCACHE.DAT [436904]
O44 - LFC:[MD5.BA47170CB18CA3F197938973F47AB89F] - 17/04/2011 - 19:09:34 -S-A- . (...) -- C:\Windows\bootstat.dat [67584]
O44 - LFC:[MD5.C3C79DA8E8C1C8CAB4CAE9F3522CB9EB] - 17/04/2011 - 19:09:11 ---A- . (...) -- C:\Windows\PFRO.log [288906]
O44 - LFC:[MD5.6536374C37CEF52022BCFA0F0EB5A23C] - 17/04/2011 - 17:45:44 ---A- . (...) -- C:\Windows\msxml4-KB973688-enu.LOG [295230]
O44 - LFC:[MD5.E3C5074B2E5532437495202567D0E249] - 17/04/2011 - 17:44:20 ---A- . (...) -- C:\Windows\msxml4-KB954430-enu.LOG [294824]
O44 - LFC:[MD5.8BD25A34DA5E53AE115977DD1E15AB3C] - 17/04/2011 - 17:13:30 ---A- . (.Adobe Systems - Windows NT OpenType/Type 1 API Library..) -- C:\Windows\SysNative\atmlib.dll [46080]
O44 - LFC:[MD5.8BD25A34DA5E53AE115977DD1E15AB3C] - 17/04/2011 - 17:13:30 ---A- . (.Adobe Systems - Windows NT OpenType/Type 1 API Library..) -- C:\Windows\System32\atmlib.dll [34304]
O44 - LFC:[MD5.EFC5353E4F513DEF55ED7B7872363957] - 17/04/2011 - 17:13:30 ---A- . (.Adobe Systems Incorporated - Windows NT OpenType/Type 1 Font Driver.) -- C:\Windows\SysNative\atmfd.dll [367104]
O44 - LFC:[MD5.EFC5353E4F513DEF55ED7B7872363957] - 17/04/2011 - 17:13:30 ---A- . (.Adobe Systems Incorporated - Windows NT OpenType/Type 1 Font Driver.) -- C:\Windows\System32\atmfd.dll [294912]
O44 - LFC:[MD5.2320C2AC6577ECF1D4211F2D9BABE3DD] - 27/03/2011 - 17:43:01 ---A- . (.AVAST Software - avast! start-up scanner.) -- C:\Windows\SysNative\aswBoot.exe [238968]
O44 - LFC:[MD5.0439C6170F7F6355BB5275C9CAA6050F] - 27/03/2011 - 17:42:15 ---A- . (.AVAST Software - avast! Screen Saver stub.) -- C:\Windows\avastSS.scr [40648]
O44 - LFC:[MD5.2320C2AC6577ECF1D4211F2D9BABE3DD] - 27/03/2011 - 17:42:15 ---A- . (.AVAST Software - avast! start-up scanner.) -- C:\Windows\System32\aswBoot.exe [190016]
O44 - LFC:[MD5.B365A3FA489E9E19541AE449113CAFB0] - 27/03/2011 - 17:29:31 ---A- . (...) -- C:\Windows\SysNative\PerfStringBackup.INI [1524562]
O44 - LFC:[MD5.90635ABBE060D029E9BB4EA839EF60E5] - 27/03/2011 - 17:29:31 ---A- . (...) -- C:\Windows\SysNative\perfc009.dat [103370]
O44 - LFC:[MD5.AE3B79DF50BD742848C36E9028268DBE] - 27/03/2011 - 17:29:31 ---A- . (...) -- C:\Windows\SysNative\perfc00C.dat [127478]
O44 - LFC:[MD5.557A6711D334E9EDB444E838BD9C0546] - 27/03/2011 - 17:29:31 ---A- . (...) -- C:\Windows\SysNative\perfh009.dat [606992]
O44 - LFC:[MD5.73E2D02657FF45ABD5BB643AF1B1BBD2] - 27/03/2011 - 17:29:31 ---A- . (...) -- C:\Windows\SysNative\perfh00C.dat [694766]
---\\ Export de clé d'application autorisée (O47)
O47 - AAKE:Key Export SP - "C:\Program Files (x86)\Orange\Connexion Internet Orange\Connectivity\ConnectivityManager.exe" [Enabled] .(.France Telecom SA.) -- C:\Program Files (x86)\Orange\Connexion Internet Orange\Connectivity\ConnectivityManager.exe
---\\ MountPoints2 Shell Key (O51)
O51 - MPSK:{521ab794-a7a3-11de-99b7-806e6f6e6963}\AutoRun\command. (.Electronic Arts Inc. - Electronic Arts AutoRun.) -- E:\Autorun.exe
---\\ Trojan Driver Search Data (HKLM) (O52)
O52 - TDSD: \Drivers32\"vidc.i420"="lvcod64.dll" . (.Logitech Inc. - Video Codec.) -- (.not file.)
O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\Windows\System32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
O52 - TDSD: \drivers.desc\"C:\Windows\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
---\\ Microsoft Control Security Providers (O54)
O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\system32\credssp.dll
O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\system32\credssp.dll
---\\ Microsoft Windows Policies System (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=5
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=3
O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1
O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=1
O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0
O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=
O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0
O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
O55 - MWPS:[HKLM\...\Policies\System] - "HideFastUserSwitching"=0
O55 - MWPS:[HKCU\...\Policies\System] - "DisableLockWorkstation"=0
O55 - MWPS:[HKCU\...\Policies\System] - "DisableTaskMgr"=0
O55 - MWPS:[HKCU\...\Policies\System] - "DisableChangePassword"=0
---\\ Microsoft Windows Policies Explorer (O56)
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktop"=1
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1
O56 - MWPE:[HKLM\...\policies\Explorer] - "ForceActiveDesktopOn"=0
---\\ Liste des Drivers Système (O58)
O58 - SDL:[MD5.2F6B34B83843F0C5118B63AC634F5BF4] - 14/07/2009 - 02:52:21 ---A
