Répondre à : rapport usbfix 2016-09-08T13:44:47+00:00
Photo du profil de Lady osLady os
Participant
Nombre d'articles : 6

Ainsi que celui de ZHPdiag (p1) :
~ Rapport de ZHPDiag v2014.6.9.87 – Nicolas Coolman (09/06/2014)
~ Lancé par OPERATEUR (09/06/2014 14:37:00)
~ Adresse du Site Web http://nicolascoolman.fr” onclick=”window.open(this.href);return false;
~ Traduit par Nicolas Coolman
~ Etat de la version : Version à jour.
~ Liste blanche : Désactivée par l’utilisateur
~ Elévation des Privilèges : OK
~ User Account Control (UAC): Deactivate by user

—\ Navigateurs Internet
MSIE: Internet Explorer v9.0.8112.16421
MFIE: Mozilla Firefox 27.0.1
GCIE: Google Chrome v35.0.1916.114 (Defaut)

—\ Informations sur les produits Windows
~ Langage: Français
Windows 7 Ultimate, 32-bit Service Pack 1 (Build 7601)
Windows Server License Manager Script : OK
~ Windows Operating System – Windows(R) 7, OEM_SLP channel
System Locked Preinstallation (OEM_SLP) : OK
Windows ID Activation : OK
~ Windows Partial Key : HYRR2
Windows License : OK
~ Windows Remaining Initializations Number : 3
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK

—\ Logiciels de protection du système
avast! Free Antivirus v9.0.2018
Windows Defender W7 (Activate)

—\ Logiciels d’optimisation du système

—\ Logiciels de partage PeerToPeer

—\ Surveillance de Logiciels

—\ Informations sur le système
~ Processor: x86 Family 15 Model 47 Stepping 2, AuthenticAMD
~ Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 1023 MB (10% free)
System Restore: Activé (Enable)
System drive C: has 125 GB (81%) free of 153 GB

—\ Mode de connexion au système
~ Computer Name: OPERATEUR-PC
~ User Name: OPERATEUR
~ All Users Names: OPERATEUR, Guest, Administrator,
~ Unselected Option: None
Logged in as Administrator

—\ Variables d’environnement
~ System Unit : C:
~ %AppZHP% : C:UsersOPERATEURAppDataRoamingZHP
~ %AppData% : C:UsersOPERATEURAppDataRoaming
~ %Desktop% : C:UsersOPERATEURDesktop
~ %Favorites% : C:UsersOPERATEURFavorites
~ %LocalAppData% : C:UsersOPERATEURAppDataLocal
~ %StartMenu% : C:UsersOPERATEURAppDataRoamingMicrosoftWindowsStart Menu
~ %Windir% : C:Windows
~ %System% : C:WindowsSystem32

—\ Enumération des unités disques
A: Floppy drive, Flash card reader, USB Key (Not Inserted)
C: Hard drive, Flash drive, Thumb drive (Free 125 Go of 153 Go)
D: CD-ROM drive (Not Inserted)
E: CD-ROM drive (Not Inserted)
F: Floppy drive, Flash card reader, USB Key (Free 12 Go of 15 Go)

—\ Etat du Centre de Sécurité Windows
[HKLMSOFTWAREMicrosoftSecurity Center] UacDisableNotify: OK
[HKLMSOFTWAREMicrosoftSecurity CenterSvc] AntiSpywareOverride: OK
[HKLMSOFTWAREMicrosoftSecurity CenterSvc] AntiVirusOverride: OK
[HKLMSOFTWAREMicrosoftSecurity CenterSvc] FirewallOverride: OK
[HKLMSOFTWAREMicrosoftWindowsCurrentVersionpoliciessystem] EnableLUA: Modified
[HKLMSOFTWAREMicrosoftWindowsCurrentVersionExplorerAdvancedFolderHiddenNOHIDDEN] CheckedValue: OK
[HKLMSOFTWAREMicrosoftWindowsCurrentVersionExplorerAdvancedFolderHiddenSHOWALL] CheckedValue: OK
[HKLMSOFTWAREMicrosoftWindowsCurrentVersionExplorerAssociations] Application: OK
[HKLMSOFTWAREMicrosoftWindows NTCurrentVersionWinlogon] Shell: OK
[HKCUSOFTWAREMicrosoftWindows NTCurrentVersionWindows] Load: OK
[HKLMSYSTEMCurrentControlSetServicesCOMSysApp] Type: OK
~ Security Center: 37 Scanned in 00mn 00s

—\ Recherche particulière de fichiers génériques
[MD5.6EF4D18AD2A63B2070DA79140D163576] – (.Microsoft Corporation – Explorateur Windows.) (.26/11/2012 – 13:26:41.) — C:WindowsExplorer.exe [3491840]
[MD5.B5C5DCAD3899512020D135600129D665] – (.Microsoft Corporation – Application de démarrage de Windows.) (.14/07/2009 – 02:14:45.) — C:WindowsSystem32Wininit.exe [96256]
[MD5.5553611E2F9EA6F613079177F1233068] – (.Microsoft Corporation – Internet Extensions for Win32.) (.10/10/2012 – 04:31:16.) — C:WindowsSystem32wininet.dll [1129472]
[MD5.6D13E1406F50C66E2A95D97F22C47560] – (.Microsoft Corporation – Application d’ouverture de session Windows.) (.20/11/2010 – 22:29:06.) — C:WindowsSystem32Winlogon.exe [286720]
[MD5.E3AE23569749DE12D45BA3B489A036AE] – (.Microsoft Corporation – Bibliothèque de licences.) (.20/11/2010 – 22:29:24.) — C:WindowsSystem32sppcomapi.dll [193536]
[MD5.9EBBBA55060F786F0FCAA3893BFA2806] – (.Microsoft Corporation – Ancillary Function Driver for WinSock.) (.10/10/2012 – 04:32:29.) — C:Windowssystem32DriversAFD.sys [338944]
[MD5.338C86357871C167A96AB976519BF59E] – (.Microsoft Corporation – ATAPI IDE Miniport Driver.) (.14/07/2009 – 02:26:15.) — C:Windowssystem32Driversatapi.sys [21584]
[MD5.77EA11B065E0A8AB902D78145CA51E10] – (.Microsoft Corporation – CD-ROM File System Driver.) (.14/07/2009 – 00:11:15.) — C:Windowssystem32DriversCdfs.sys [70656]
[MD5.BE167ED0FDB9C1FA1133953C18D5A6C9] – (.Microsoft Corporation – SCSI CD-ROM Driver.) (.20/11/2010 – 22:29:03.) — C:Windowssystem32DriversCdrom.sys [108544]
[MD5.F024449C97EC1E464AAFFDA18593DB88] – (.Microsoft Corporation – DFS Namespace Client Driver.) (.20/11/2010 – 22:29:07.) — C:Windowssystem32DriversDfsC.sys [78336]
[MD5.9036377B8A6C15DC2EEC53E489D159B5] – (.Microsoft Corporation – High Definition Audio Bus Driver.) (.20/11/2010 – 22:29:03.) — C:Windowssystem32DriversHDAudBus.sys [108544]
[MD5.F151F0BDC47F4A28B1B20A0818EA36D6] – (.Microsoft Corporation – Pilote de port i8042.) (.14/07/2009 – 00:11:24.) — C:Windowssystem32Driversi8042prt.sys [80896]
[MD5.A5FA468D67ABCDAA36264E463A7BB0CD] – (.Microsoft Corporation – IP Network Address Translator.) (.14/07/2009 – 00:54:29.) — C:Windowssystem32DriversIpNat.sys [101888]
[MD5.5D16C921E3671636C0EBA3BBAAC5FD25] – (.Microsoft Corporation – Windows NT SMB Minirdr.) (.10/10/2012 – 04:33:53.) — C:Windowssystem32DriversMRxSmb.sys [123904]
[MD5.280122DDCF04B378EDD1AD54D71C1E54] – (.Microsoft Corporation – MBT Transport driver.) (.20/11/2010 – 22:29:08.) — C:Windowssystem32DriversnetBT.sys [187904]
[MD5.0D87503986BB3DFED58E343FE39DDE13] – (.Microsoft Corporation – Pilote du système de fichiers NT.) (.10/10/2012 – 04:41:12.) — C:Windowssystem32Driversntfs.sys [1211760]
[MD5.2EA877ED5DD9713C5AC74E8EA7348D14] – (.Microsoft Corporation – Pilote de port parallèle.) (.14/07/2009 – 00:45:35.) — C:Windowssystem32DriversParport.sys [79360]
[MD5.D9F91EAFEC2815365CBE6D167E4E332A] – (.Microsoft Corporation – RAS L2TP mini-port/call-manager driver.) (.14/07/2009 – 00:54:34.) — C:Windowssystem32DriversRasl2tp.sys [78848]
[MD5.B973FCFC50DC1434E1970A146F7E3885] – (.Microsoft Corporation – Microsoft RDP Device redirector.) (.20/11/2010 – 22:29:49.) — C:Windowssystem32Driversrdpdr.sys [133632]
[MD5.3E21C083B8A01CB70BA1F09303010FCE] – (.Microsoft Corporation – SMB Transport driver.) (.14/07/2009 – 00:53:41.) — C:Windowssystem32Driverssmb.sys [71168]
[MD5.B459575348C20E8121D6039DA063C704] – (.Microsoft Corporation – TDI Translation Driver.) (.20/11/2010 – 22:29:07.) — C:Windowssystem32Driverstdx.sys [74752]
[MD5.F497F67932C6FA693D7DE2780631CFE7] – (.Microsoft Corporation – Pilote de cliché instantané du volume.) (.20/11/2010 – 22:29:03.) — C:Windowssystem32Driversvolsnap.sys [245632]
~ Generic Processes: Scanned in 00mn 01s

—\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 1/14
~ Mes musiques (My Musics) : 1/13
~ Mes Favoris (My Favorites) : 1/3
~ Mes Documents (My Documents) : 2/157
~ Mon Bureau (My Desktop) : 1/11
~ Menu demarrer (Programs) : 1/36
~ Hidden Files: Scanned in 00mn 01s

—\ Processus lancés
[MD5.5CA0EB9538C6ACEBDC3593FC53527B9D] – (.AVAST Software – avast! Antivirus.) — C:Program FilesAVAST SoftwareAvastavastui.exe [3890208] [PID.1976]
[MD5.51138BEEA3E2C21EC44D0932C71762A8] – (…) — ystem32rundll32.exe [0] [PID.6000]
[MD5.1936C4FB4887DBD02AEBE1F1A62D93B6] – (.EJIE Technology – Clover.) — C:Program FilesCloverclover.exe [891392] [PID.5648]
[MD5.1620FE36666F4BBC2314B7F360FB1965] – (.Google Inc. – Google Chrome.) — C:Program FilesGoogleChromeApplicationchrome.exe [860488] [PID.1660]
[MD5.F5546A846F16DB4578DF72F30AACB1FC] – (.Nicolas Coolman – ZHPDiag.) — C:Program FilesZHPDiagZHPDiag.exe [8066560] [PID.4372]
~ Processes Running: Scanned in 00mn 01s

—\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
C:UsersOPERATEURAppDataLocalGoogleChromeUser DataDefaultPreferences
G1 – GCS: Preference [User DataDefault] None
G2 – GCE: Preference [User DataDefault] [ahfgeienlihckogmohjhadlkjgocpleb] Google Store v.0.2 (Activé)
G2 – GCE: Preference [User DataDefault] [aohghmighlieiainnegkcijnfilokake] Documents Google v.0.6 (Activé)
G2 – GCE: Preference [User DataDefault] [apdfllckaahabafndbhieahigkjlhalf] Google Drive v.6.3 (Activé)
G2 – GCE: Preference [User DataDefault] [blpcfgokakmgnkcojhhkbfbldkacnbeo] YouTube v.4.2.6 (Activé)
G2 – GCE: Preference [User DataDefault] [coobgpohoikkiipiblmjeljniedjpjpf] Recherche Google v.0.0.0.20 (Activé)
G2 – GCE: Preference [User DataDefault] [eemcgdkfndhakfknompkggombfjjjeno] Bookmark Manager v.0.1 (Activé)
G2 – GCE: Preference [User DataDefault] [ennkphjdgehloodpbhlhldgbnhmacadg] Settings v.0.2 (Activé)
G2 – GCE: Preference [User DataDefault] [gfdkimpbcpahaombhbimeihdjnejgicl] Feedback v.1.0 (Activé)
G2 – GCE: Preference [User DataDefault] [gighmmpiobklfepjocnamgkkbiglidom] AdBlock v.2.6.37, (Activé)
G2 – GCE: Preference [User DataDefault] [gomekmidlodglbbmalcneegieacbdmki] avast! Online Security v.9.0.2018.95, (Activé)
G2 – GCE: Preference [User DataDefault] [kjccbiogefimbmiolonpolpgpcfempll] Savee net v.5.14 (Désactivé) =>PUP.SaveNet
G2 – GCE: Preference [User DataDefault] [mfehgcgbbipciphmccgaenjidiccnmng] Cloud Print v.0.1 (Activé)
G2 – GCE: Preference [User DataDefault] [mgndgikekgjfcpckkfioiadnlibdjbkf] Chrome v.0.1 (Activé)
G2 – GCE: Preference [User DataDefault] [neajdppkdcdipfabeoofebfddakdcjhd] Google Network Speech v.1.0 (Activé)
G2 – GCE: Preference [User DataDefault] [nkeimhogjdpnpccoofpliimaahmaaome] Hangout Services v.1.0 (Activé)
G2 – GCE: Preference [User DataDefault] [nmmhkkegccagdldgiimedpiccmgmieda] Google Wallet v.0.0.6.1 (Activé)
G2 – GCE: Preference [User DataDefault] [pjkljhegncpnkpknbcohdijeoejaedia] Gmail v.7 (Activé)

—\ Liste des dossiers d’extension Google Chrome
G2 – EXT: C:UsersOPERATEURAppDataLocalGoogleChromeUser DataDefaultExtensionsaohghmighlieiainnegkcijnfilokake [Documents Google]
G2 – EXT: C:UsersOPERATEURAppDataLocalGoogleChromeUser DataDefaultExtensionsapdfllckaahabafndbhieahigkjlhalf [Google Drive]
G2 – EXT: C:UsersOPERATEURAppDataLocalGoogleChromeUser DataDefaultExtensionsblpcfgokakmgnkcojhhkbfbldkacnbeo [YouTube]
G2 – EXT: C:UsersOPERATEURAppDataLocalGoogleChromeUser DataDefaultExtensionscoobgpohoikkiipiblmjeljniedjpjpf [Recherche Google]
G2 – EXT: C:UsersOPERATEURAppDataLocalGoogleChromeUser DataDefaultExtensionsgighmmpiobklfepjocnamgkkbiglidom [AdBlock]
G2 – EXT: C:UsersOPERATEURAppDataLocalGoogleChromeUser DataDefaultExtensionsgomekmidlodglbbmalcneegieacbdmki [avast! Online Security]
G2 – EXT: C:UsersOPERATEURAppDataLocalGoogleChromeUser DataDefaultExtensionskjccbiogefimbmiolonpolpgpcfempll [Savee net] =>PUP.SaveNet
G2 – EXT: C:UsersOPERATEURAppDataLocalGoogleChromeUser DataDefaultExtensionsnmmhkkegccagdldgiimedpiccmgmieda [Google Wallet]
G2 – EXT: C:UsersOPERATEURAppDataLocalGoogleChromeUser DataDefaultExtensionspjkljhegncpnkpknbcohdijeoejaedia [Gmail]
~ Google Lines Browser: 27 Scanned in 00mn 15s

—\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
M0 – MFSP: prefs.js [OPERATEUR – f2ibh1gc.default] http://fr.yahoo.com” onclick=”window.open(this.href);return false;
M2 – MFEP: prefs.js [OPERATEUR – f2ibh1gc.default{635abd67-4fe9-1b23-4f01-e679fa7484c1}] [yahoo.ytff] Yahoo! Toolbar v2.5.9.20130411104515 (..)
P2 – FPN:Firefox Plugin Navigator . (.Microsoft Corporation – The plugin allows you to have a better experience with Microsoft Lync.) — C:Program FilesMozilla FirefoxPluginsnpMeetingJoinPluginOC.dll
P2 – FPN: [HKLM] [@adobe.com/FlashPlayer] – (…) — C:Windowssystem32MacromedFlashNPSWF32.dll
P2 – FPN: [HKLM] [@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf] – (.Foxit Corporation – Foxit Reader Plug-In For Firefox and Netscape.) — C:Program FilesFoxit SoftwareFoxit ReaderpluginsnpFoxitReaderPlugin.dll
P2 – FPN: [HKLM] [@java.com/DTPlugin,version=1.6.0_37] – (.Sun Microsystems, Inc. – NPRuntime Script Plug-in Library for Java(TM) Deploy.) — C:Windowssystem32npdeployJava1.dll
P2 – FPN: [HKLM] [@java.com/JavaPlugin] – (.Sun Microsystems, Inc. – Next Generation Java Plug-in 1.6.0_37 for Mozilla browsers.) — C:Program FilesJavajre6binplugin2npjp2.dll
P2 – FPN: [HKLM] [@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6] – (.Yahoo! Inc. – Yahoo Application State Plugin version 1.0.0.7.) — C:Program FilesYahoo!SharednpYState.dll
P2 – FPN: [HKLM] [@microsoft.com/Lync,version=15.0] – (.Microsoft Corporation – The plugin allows you to have a better experience with Microsoft Lync.) — C:Program FilesMozilla Firefoxpluginsnpmeetingjoinpluginoc.dll
P2 – FPN: [HKLM] [@microsoft.com/SharePoint,version=14.0] – (.Microsoft Corporation – The plugin allows you to have a better experience with Microsoft Share.) — C:Program FilesMicrosoft OfficeOffice15NPSPWRAP.dll
P2 – FPN: [HKLM] [@tools.google.com/Google Update;version=3] – (.Google Inc. – Google Update.) — C:Program FilesGoogleUpdate1.3.24.7npGoogleUpdate3.dll
P2 – FPN: [HKLM] [@tools.google.com/Google Update;version=9] – (.Google Inc. – Google Update.) — C:Program FilesGoogleUpdate1.3.24.7npGoogleUpdate3.dll
P2 – FPN: [HKLM] [@videolan.org/vlc,version=2.0.8] – (.VideoLAN – VLC media player Web Plugin 2.1.3.) — C:Program FilesVideoLANVLCnpvlc.dll =>.VideoLAN
P2 – FPN: [HKLM] [@videolan.org/vlc,version=2.1.3] – (.VideoLAN – VLC media player Web Plugin 2.1.3.) — C:Program FilesVideoLANVLCnpvlc.dll =>.VideoLAN
~ Firefox Browser: 15 Scanned in 00mn 00s

—\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 – HKCUSOFTWAREMicrosoftInternet ExplorerMain,Start Page = http://fr.yahoo.com” onclick=”window.open(this.href);return false;
R0 – HKLMSOFTWAREMicrosoftInternet ExplorerMain,Start Page = http://fr.yahoo.com” onclick=”window.open(this.href);return false;
R1 – HKCUSOFTWAREMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft.com” onclick=”window.open(this.href);return false;
R1 – HKLMSOFTWAREMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft.com” onclick=”window.open(this.href);return false;
R1 – HKLMSOFTWAREMicrosoftInternet ExplorerMain,Default_Page_URL = http://fr.yahoo.com” onclick=”window.open(this.href);return false;
R1 – HKLMSOFTWAREMicrosoftInternet ExplorerMain,Extensions Off Page = about:noadd-ons
R1 – HKLMSOFTWAREMicrosoftInternet ExplorerMain,Security Risk Page = about:securityrisk
R1 – HKLMSOFTWAREMicrosoftInternet ExplorerMain,Default_Search_URL = http://go.microsoft.com” onclick=”window.open(this.href);return false;
R3 – URLSearchHook: Microsoft Url Search Hook – {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.VideoLAN – VLC media player Web Plugin 2.1.3.) (No version) — (.not file.) =>.VideoLAN
R3 – URLSearchHook: Yahoo! Toolbar – {EF99BD32-C1FB-11D2-892F-0090271D4F88} . (.VideoLAN – VLC media player Web Plugin 2.1.3.) (No version) — (.not file.) =>.VideoLAN
R4 – HKLMSOFTWAREMicrosoftInternet ExplorerPhishingFilter,EnabledV8 = 0
~ IE Browser: 11 Scanned in 00mn 00s

—\ Internet Explorer, Proxy Management (R5)
R5 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyOverride = *.local
R5 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyServer = no key
R5 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyEnable = 0
R5 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,MigrateProxy = 1
R5 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,EnableHttp1_1 = 1
R5 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyHttp1.1 = 0
R5 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s

—\ Analyse des lignes F0, F1, F2, F3 – IniFiles, Autoloading programs
F2 – REG:system.ini: USERINIT=C:Windowssystem32userinit.exe,
F2 – REG:system.ini: Shell=C:Windowsexplorer.exe
F2 – REG:system.ini: VMApplet=C:WindowsSystem32SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s

—\ Hosts file redirection (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 21

—\ Browser Helper Objects de navigateur (O2)
O2 – BHO: &Yahoo! Toolbar Helper – {02478D38-C3F9-4efb-9B51-7695ECA05670} . (.Yahoo! Inc. – Yahoo! Toolbar.) — C:Program FilesYahoo!CompanionInstallscpnyt.dll
O2 – BHO: HP Print Enhancer – {0347C33E-8762-4905-BF09-768834316C61} . (.Hewlett-Packard Co. – HP Smart Web Printing add-on for Internet E.) — C:Program FilesHPDigital ImagingSmart Web Printinghpswp_printenhancer.dll
O2 – BHO: Lync Click to Call BHO – {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} . (.Microsoft Corporation – Microsoft Lync.) — C:Program FilesMicrosoft OfficeOffice15OCHelper.dll
O2 – BHO: Java(tm) Plug-In SSV Helper – {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} . (.Sun Microsystems, Inc. – Java(TM) Platform SE binary.) — C:Program FilesJavajre6binssv.dll
O2 – BHO: avast! Online Security – {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} . (.AVAST Software – IE Webrep plugin.) — C:Program FilesAVAST SoftwareAvastaswWebRepIE.dll
O2 – BHO: URLRedirectionBHO – {B4F3A835-0E21-4959-BA22-42B3008E02FF} . (.Microsoft Corporation – Microsoft Office Document Cache Handler.) — C:Program FilesMicrosoft OfficeOffice15URLREDIR.dll
O2 – BHO: Microsoft SkyDrive Pro Browser Helper – {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} . (.Microsoft Corporation – Microsoft OneDrive for Business Extensions.) — C:Program FilesMicrosoft OfficeOffice15GROOVEEX.dll =>.Microsoft Corporation
O2 – BHO: Java(tm) Plug-In 2 SSV Helper – {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Sun Microsystems, Inc. – Java(TM) Platform SE binary.) — C:Program FilesJavajre6binjp2ssv.dll
O2 – BHO: TabExplorerHelper – {F8A6CAA2-533D-4AED-9E05-8EB19A4021AB} . (.EJIE Technology – Clover Tab Explorer Helper.) — C:Program FilesCloverTabHelper32.dll
O2 – BHO: SingleInstance Class – {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} . (.Yahoo! Inc – Yahoo! Single Instance for Mail.) — C:Program FilesYahoo!CompanionInstallscpnYTSingleInstance.dll
O2 – BHO: HP Smart BHO Class – {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} . (.Hewlett-Packard Co. – HP Smart Web Printing add-on for Internet E.) — C:Program FilesHPDigital ImagingSmart Web Printinghpswp_BHO.dll
~ BHO: 22 Scanned in 00mn 00s

—\ Internet Explorer Toolbars (O3)
O3 – Toolbar: Yahoo! Toolbar – [HKLM]{EF99BD32-C1FB-11D2-892F-0090271D4F88} . (.Yahoo! Inc. – Yahoo! Toolbar.) — C:Program FilesYahoo!CompanionInstallscpnyt.dll
~ Toolbar: Scanned in 00mn 00s

—\ Applications lancées au démarrage du système (O4)
O4 – HKLM..Run: [SoundMan] . (.Realtek Semiconductor Corp. – Realtek Sound Manager.) — C:WindowsSOUNDMAN.exe
O4 – HKLM..Run: [YSearchProtection] . (.Yahoo! Inc – Yahoo! Application.) — C:Program FilesYahoo!Search ProtectionSearchProtection.exe
O4 – HKLM..Run: [HP Software Update] . (.Hewlett-Packard – hpwuSchd Application.) — C:Program FilesHPHP Software UpdateHPWuSchd2.exe =>.Hewlett-Packard Co
O4 – HKLM..Run: [AvastUI.exe] . (.AVAST Software – avast! Antivirus.) — C:Program FilesAVAST SoftwareAvastAvastUI.exe
O4 – HKLM..Run: [VMonitorVMUVC] . (.Vimicro Corporation – Monitor SnapShot Button.) — C:Program FilesVimicro CorporationVMUVCVMonitor.exe
O4 – HKLM..Run: [SunJavaUpdateSched] . (.Sun Microsystems, Inc. – Java(TM) Update Scheduler.) — C:Program FilesCommon FilesJavaJava Updatejusched.exe =>.Oracle Corporation
O4 – HKCU..Run: [SuperCopier2.exe] . (.SFX TEAM – SuperCopier 2 (explorer file copy replaceme.) — C:Program FilesSuperCopier2SuperCopier2.exe
O4 – HKCU..Run: [Messenger (Yahoo!)] . (.Yahoo! Inc. – Yahoo! Messenger.) — C:Program FilesYahoo!MessengerYahooMessenger.exe
O4 – HKCU..Run: [Search Protection] . (.Yahoo! Inc – Yahoo! Application.) — C:Program FilesYahoo!Search ProtectionSearchProtection.exe
O4 – HKCU..Run: [InternetCalls] C:Program FilesInternetCalls.comInternetCallsInternetCalls.exe (.not file.)
O4 – HKCU..Run: [VoipConnect] C:Program FilesVoipConnect.comVoipConnectVoipConnect.exe (.not file.)
O4 – HKUSS-1-5-19..Run: [Sidebar] . (.Microsoft Corporation – Gadgets du Bureau Windows.) — C:Program FilesWindows SidebarSidebar.exe =>.Microsoft Corporation
O4 – HKUSS-1-5-20..Run: [Sidebar] . (.Microsoft Corporation – Gadgets du Bureau Windows.) — C:Program FilesWindows SidebarSidebar.exe =>.Microsoft Corporation
O4 – HKUSS-1-5-19..RunOnce: [mctadmin] . (.Microsoft Corporation – MCTAdmin.) — C:WindowsSystem32mctadmin.exe =>.Microsoft Corporation
O4 – HKUSS-1-5-20..RunOnce: [mctadmin] . (.Microsoft Corporation – MCTAdmin.) — C:WindowsSystem32mctadmin.exe =>.Microsoft Corporation
O4 – HKUSS-1-5-21-4055012067-1499113417-2862841071-1000..Run: [SuperCopier2.exe] . (.SFX TEAM – SuperCopier 2 (explorer file copy replaceme.) — C:Program FilesSuperCopier2SuperCopier2.exe
O4 – HKUSS-1-5-21-4055012067-1499113417-2862841071-1000..Run: [Messenger (Yahoo!)] . (.Yahoo! Inc. – Yahoo! Messenger.) — C:Program FilesYahoo!MessengerYahooMessenger.exe
O4 – HKUSS-1-5-21-4055012067-1499113417-2862841071-1000..Run: [Search Protection] . (.Yahoo! Inc – Yahoo! Application.) — C:Program FilesYahoo!Search ProtectionSearchProtection.exe
O4 – HKUSS-1-5-21-4055012067-1499113417-2862841071-1000..Run: [InternetCalls] C:Program FilesInternetCalls.comInternetCallsInternetCalls.exe (.not file.)
O4 – HKUSS-1-5-21-4055012067-1499113417-2862841071-1000..Run: [VoipConnect] C:Program FilesVoipConnect.comVoipConnectVoipConnect.exe (.not file.)
~ Application: Scanned in 00mn 00s

—\ Invisibilité de l’icône d’options IE dans le panneau de Configuration (O5)
O5 – control.ini: [HKLM..Control Panel] inetcpl.cpl=no
~ IE Control Panel: 1 Scanned in 00mn 00s

—\ Boutons situés sur la barre d’outils principale d’Internet Explorer (O9)
O9 – Extra button: &Envoyer à OneNote – {2670000A-7350-4f3c-8081-5663EE0C6C49} . (.Microsoft Corporation – Microsoft OneNote Internet Explorer Add-in.) — C:Program FilesMICROS~2Office15ONBttnIE.dll =>.Microsoft Corporation
O9 – Extra button: Cliquer pour appeler Lync – {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} . (.Microsoft Corporation – Microsoft Lync.) — C:Program FilesMicrosoft OfficeOffice15lync.exe
O9 – Extra button: Notes &liées OneNote – {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} . (.Microsoft Corporation – Microsoft OneNote Internet Explorer Add-in.) — C:Program FilesMICROS~2Office15ONBTTN~1.dll =>.Microsoft Corporation
O9 – Extra button: Afficher ou masquer l’HP Smart Web Printing – {DDE87865-83C5-48c4-8357-2F5B1AA84522} . (.Hewlett-Packard Co. – HP Smart Web Printing add-on for Internet Explorer.) — C:Program FilesHPDigital ImagingSmart Web Printinghpswp_BHO.dll
~ IE Extra Buttons: Scanned in 00mn 00s

—\ Winsock hijacker (Layered Service Provider) (O10)
O10 – WLSP:00000000001Winsock LSP File . (.Microsoft Corporation – Network Location Awareness 2.) — C:Windowssystem32NLAapi.dll
O10 – WLSP:00000000002Winsock LSP File . (.Microsoft Corporation – Fournisseur Shim d’affectation de noms de messagerie.) — C:Windowssystem32napinsp.dll
O10 – WLSP:00000000003Winsock LSP File . (.Microsoft Corporation – Fournisseur d’espace de noms PNRP.) — C:Windowssystem32pnrpnsp.dll
O10 – WLSP:00000000004Winsock LSP File . (.Microsoft Corporation – Fournisseur d’espace de noms PNRP.) — C:Windowssystem32pnrpnsp.dll
O10 – WLSP:00000000005Winsock LSP File . (.Microsoft Corporation – Fournisseur de service Sockets 2.0 de Microsoft Windows.) — C:Windowssystem32mswsock.dll =>.Microsoft Corporation
O10 – WLSP:00000000006Winsock LSP File . (.Microsoft Corporation – LDAP RnR Provider DLL.) — C:Windowssystem32winrnr.dll
O10 – WLSP:00000000007Winsock LSP File . (.Apple Inc. – Bonjour Namespace Provider.) — C:Program FilesBonjourmdnsNSP.dll
~ Winsock: 7 Scanned in 00mn 00s

—\ Modification Domaine/Adresses DNS (O17)
O17 – HKLMSystemCCSServicesTcpip..{09D9E5A6-7D73-4CF1-A3BB-188E01ED2F4C}: DhcpNameServer = 192.168.1.1
O17 – HKLMSystemCCSServicesTcpip..{5A9FDEF4-0968-4ED1-AF8D-736C13504513}: DhcpNameServer = 109.88.203.3 62.197.111.140
O17 – HKLMSystemCCSServicesTcpip..{9E1D9BA8-8D45-4E44-B5FB-1323A4F5CE1A}: DhcpNameServer = 109.88.203.3 62.197.111.140
O17 – HKLMSystemCS1ServicesTcpip..{09D9E5A6-7D73-4CF1-A3BB-188E01ED2F4C}: DhcpNameServer = 192.168.1.1
O17 – HKLMSystemCS1ServicesTcpip..{5A9FDEF4-0968-4ED1-AF8D-736C13504513}: DhcpNameServer = 109.88.203.3 62.197.111.140
O17 – HKLMSystemCS1ServicesTcpip..{9E1D9BA8-8D45-4E44-B5FB-1323A4F5CE1A}: DhcpNameServer = 109.88.203.3 62.197.111.140
O17 – HKLMSystemCS2ServicesTcpip..{09D9E5A6-7D73-4CF1-A3BB-188E01ED2F4C}: DhcpNameServer = 192.168.1.1
O17 – HKLMSystemCS2ServicesTcpip..{5A9FDEF4-0968-4ED1-AF8D-736C13504513}: DhcpNameServer = 109.88.203.3 62.197.111.140
O17 – HKLMSystemCS2ServicesTcpip..{9E1D9BA8-8D45-4E44-B5FB-1323A4F5CE1A}: DhcpNameServer = 109.88.203.3 62.197.111.140
O17 – HKLMSystemCCSServicesTcpipParameters: DhcpNameServer = 192.168.1.1
~ Domain: Scanned in 00mn 00s

—\ Protocole additionnel (O18)
O18 – Handler: vbscript – {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation – Microsoft (R) HTML Viewer.) — C:WindowsSystem32mshtml.dll
O18 – Filter: text/xml – {807583E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation – Microsoft Office XML MIME Filter.) — C:Program FilesCommon FilesMicrosoft SharedOFFICE15MSOXMLMF.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s

—\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
O21 – SSODL: WebCheck – {E6FB5E20-DE35-11CF-9C87-00AA005127ED} – CLSID or File not found.
~ SSODL: 1 Scanned in 00mn 00s

—\ Liste des services NT non Microsoft et non désactivés (O23)
O23 – Service: Advantage Database Server (Advantage) . (.iAnywhere Solutions, Inc. – Advantage Database Server.) – C:Program FilesAdvantage 9.10ServerADS.exe
O23 – Service: avast! Antivirus (avast! Antivirus) . (.AVAST Software – avast! Service.) – C:Program FilesAVAST SoftwareAvastAvastSvc.exe
O23 – Service: Service Bonjour (Bonjour Service) . (.Apple Inc. – Bonjour Service.) – C:Program FilesBonjourmDNSResponder.exe
O23 – Service: Service Google Update (gupdate) (gupdate) . (.Google Inc. – Programme d’installation de Google.) – C:Program FilesGoogleUpdateGoogleUpdate.exe =>.Google Inc
O23 – Service: NVIDIA Driver Helper Service (NVSvc) . (.NVIDIA Corporation – NVIDIA Driver Helper Service, Version 270.6.) – C:WindowsSystem32nvvsvc.exe
O23 – Service: PandoraService (PanService) . (.Pandora.TV – Pandora.TV service file.) – C:Program FilesPANDORA.TVPanServiceKMPService.exe
~ Services: 6 Scanned in 00mn 09s

—\ Enumération Active Desktop & MHTML Editor (O24)
O24 – Default MHTML Editor: Last – .(…) – (.not file.)
~ Desktop Component: 4 Scanned in 00mn 00s

—\ Enumère les données de BootExecute (BEX) (O34)
O34 – HKLM BootExecute: (autocheck autochk *) – File not found
~ BEX: 1 Scanned in 00mn 00s

—\ Tâches planifiées en automatique (O39)
[MD5.9E76CDD50C3DDDB739150D778EEC0B93] [APT] [avast! Emergency Update] (.AVAST Software.) — C:Program FilesAVAST SoftwareAvastAvastEmUpdate.exe [804304]
[MD5.506708142BC63DABA64F2D3AD1DCD5BF] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) — C:Program FilesGoogleUpdateGoogleUpdate.exe [116648]
[MD5.506708142BC63DABA64F2D3AD1DCD5BF] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) — C:Program FilesGoogleUpdateGoogleUpdate.exe [116648]
[MD5.C155A13687144076286989EF078112C2] [APT] [{744CC284-81A3-4B86-A2A5-886AD3818992}] (.Nicolas Coolman.) — C:Program FilesZHPDiagZHPFixZHPhep.exe [1917440]
[MD5.34EBD4FF6A24D86BB4716D6AFCC1A89B] [APT] [AppleSoftwareUpdate] (.Apple Inc..) — C:Program FilesApple Software UpdateSoftwareUpdate.exe [561984]
O39 – APT: GoogleUpdateTaskMachineCore – (.Google Inc..) — C:WindowsTasksGoogleUpdateTaskMachineCore.job [1058]
O39 – APT: GoogleUpdateTaskMachineCore – (.Google Inc..) — C:WindowsSystem32TasksGoogleUpdateTaskMachineCore [1058]
O39 – APT: GoogleUpdateTaskMachineUA – (.Google Inc..) — C:WindowsTasksGoogleUpdateTaskMachineUA.job [1062]
O39 – APT: GoogleUpdateTaskMachineUA – (.Google Inc..) — C:WindowsSystem32TasksGoogleUpdateTaskMachineUA [1062]
~ Scheduled Task: 10 Scanned in 00mn 09s

—\ Composants installés (ActiveSetup Installed Components) (O40)
O40 – ASIC: Microsoft Windows Media Player – >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation – Ressources du Lecteur Windows Media.) — C:WindowsSystem32wmploc.dll =>.Microsoft Corporation
O40 – ASIC: Internet Explorer – >{26923b43-4d38-484f-9b9e-de460746276c} . (.Microsoft Corporation – IE Per-User Initialization Utility.) — C:WindowsSystem32ie4uinit.exe
O40 – ASIC: Browser Customizations – >{60B49E34-C7CC-11D0-8953-00A0C90347FF} . (.Microsoft Corporation – IEAK branding.) — C:WindowsSystem32iedkcs32.dll
O40 – ASIC: Java (Sun) – {08B0E5C0-4FCB-11CF-AAA5-00401C608500} . (.Sun Microsystems, Inc. – Java(TM) Platform SE binary.) — C:Program FilesJavajre6binregutils.dll
O40 – ASIC: Microsoft Windows Media Player 12.0 – {22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation – Windows Media Player Extension.) — C:WindowsSystem32wmpdxm.dll =>.Microsoft Corporation
O40 – ASIC: Themes Setup – {2C7339CF-2B09-4501-B3F3-F3508C9228ED} . (.Microsoft Corporation – API Windows Theme.) — C:WindowsSystem32themeui.dll
O40 – ASIC: Microsoft Windows – {44BBA840-CC51-11CF-AAFA-00AA00B6015C} . (.Microsoft Corporation – Windows Mail.) — C:Program FilesWindows MailWinMail.exe =>.Microsoft Corporation
O40 – ASIC: Browsing Enhancements – {630b1da0-b465-11d1-9948-00c04f98bbc9} . (.Microsoft Corporation – Extension Shell dossier FTP Microsoft Internet Explorer..) — C:WindowsSystem32msieftp.dll
O40 – ASIC: Microsoft Windows Media Player – {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (.Microsoft Corporation – Ressources du Lecteur Windows Media.) — C:WindowsSystem32wmploc.dll =>.Microsoft Corporation
O40 – ASIC: Windows Desktop Update – {89820200-ECBD-11cf-8B85-00AA005B4340} . (.Microsoft Corporation – DLL commune du shell Windows.) — C:WindowsSystem32shell32.dll
O40 – ASIC: Web Platform Customizations – {89820200-ECBD-11cf-8B85-00AA005B4383} . (.Microsoft Corporation – IE Per-User Initialization Utility.) — C:WindowsSystem32ie4uinit.exe
O40 – ASIC: (no name) – {89B4C1CD-B018-4511-B0A1-5476DBF70820} . (.Microsoft Corporation – Microsoft .NET IE SECURITY REGISTRATION.) — C:Windowssystem32mscories.dll
O40 – ASIC: Google Chrome – {8A69D345-D564-463c-AFF1-A69D9E530F96} . (.Google Inc. – Google Chrome Installer.) — C:Program FilesGoogleChromeApplication35.0.1916.114Installerchrmstp.exe
~ Active Setup: 13 Scanned in 00mn 01s

—\ Pilotes lancés au démarrage du système (O41)
O41 – Driver: C:WindowsSystem32driversafd.sys (AFD) . (.Microsoft Corporation – Ancillary Function Driver for WinSock.) – C:Windowssystem32driversafd.sys
O41 – Driver: (aswRdr) . (.AVAST Software – avast! WFP Redirect Driver.) – C:Windowssystem32driversaswRdr2.sys
O41 – Driver: (aswSnx) . (.AVAST Software – avast! Virtualization Driver.) – C:Windowssystem32driversaswSnx.sys
O41 – Driver: (aswSP) . (.AVAST Software – avast! self protection module.) – C:Windowssystem32driversaswSP.sys
O41 – Driver: (blbdrive) . (.Microsoft Corporation – BLB Drive Driver.) – C:WindowsSystem32DRIVERSblbdrive.sys
O41 – Driver: (cdrom) . (.Microsoft Corporation – SCSI CD-ROM Driver.) – C:WindowsSystem32DRIVERScdrom.sys
O41 – Driver: C:WindowsSystem32cscsvc.dll (CSC) . (.Microsoft Corporation – Windows Client Side Caching Driver.) – C:WindowsSystem32driverscsc.sys
O41 – Driver: C:WindowsSystem32driversdfsc.sys (DfsC) . (.Microsoft Corporation – DFS Namespace Client Driver.) – C:WindowsSystem32Driversdfsc.sys
O41 – Driver: C:WindowsSystem32driversdiscache.sys (discache) . (.Microsoft Corporation – System Indexer/Cache Driver.) – C:WindowsSystem32driversdiscache.sys
O41 – Driver: (mssmbios) . (.Microsoft Corporation – System Management BIOS Driver.) – C:WindowsSystem32DRIVERSmssmbios.sys
O41 – Driver: (NetBIOS) . (.Microsoft Corporation – NetBIOS interface driver.) – C:WindowsSystem32DRIVERSnetbios.sys
O41 – Driver: C:WindowsSystem32driversnetbt.sys (NetBT) . (.Microsoft Corporation – MBT Transport driver.) – C:WindowsSystem32DRIVERSnetbt.sys
O41 – Driver: C:WindowsSystem32driversnsiproxy.sys (nsiproxy) . (.Microsoft Corporation – NSI Proxy.) – C:WindowsSystem32driversnsiproxy.sys
O41 – Driver: C:WindowsSystem32driverspacer.sys (Psched) . (.Microsoft Corporation – Planificateur de paquets QoS.) – C:WindowsSystem32DRIVERSpacer.sys
O41 – Driver: C:WindowsSystem32wkssvc.dll (rdbss) . (.Microsoft Corporation – Pilote du sous-système de mise en mémoire t.) – C:WindowsSystem32DRIVERSrdbss.sys
O41 – Driver: C:WindowsSystem32DRIVERSRDPCDD.sys (RDPCDD) . (.Microsoft Corporation – RDP Miniport.) – C:WindowsSystem32DRIVERSRDPCDD.sys
O41 – Driver: C:WindowsSystem32driversRDPENCDD.sys (RDPENCDD) . (.Microsoft Corporation – RDP Encoder Miniport.) – C:WindowsSystem32driversrdpencdd.sys
O41 – Driver: C:WindowsSystem32driversRdpRefMp.sys (RDPREFMP) . (.Microsoft Corporation – RDP Reflector Driver Miniport.) – C:WindowsSystem32driversrdprefmp.sys
O41 – Driver: (Serial) . (.Microsoft Corporation – Pilote de périphérique série.) – C:WindowsSystem32DRIVERSserial.sys
O41 – Driver: C:WindowsSystem32tcpipcfg.dll (tdx) . (.Microsoft Corporation – TDI Translation Driver.) – C:WindowsSystem32DRIVERStdx.sys
O41 – Driver: (TermDD) . (.Microsoft Corporation – Remote Desktop Server Driver.) – C:WindowsSystem32DRIVERStermdd.sys
O41 – Driver: (VgaSave) . (.Microsoft Corporation – VGA/Super VGA Video Driver.) – C:Windowssystem32driversvga.sys
O41 – Driver: C:WindowsSystem32rascfg.dll (Wanarpv6) . (.Microsoft Corporation – MS Remote Access and Routing ARP Driver.) – C:WindowsSystem32DRIVERSwanarp.sys
O41 – Driver: (WfpLwf) . (.Microsoft Corporation – WFP NDIS 6.20 Lightweight Filter Driver.) – C:WindowsSystem32DRIVERSwfplwf.sys
~ Drivers: 72 Scanned in 00mn 01s

—\ Logiciels installés (O42)
O42 – Logiciel: 32 Bit HP CIO Components Installer – (.Hewlett-Packard.) [HKLM] — {60FFB3E0-6D5B-4D73-AE5B-07E58B83AF0C}
O42 – Logiciel: Advantage Database Server for Windows v9.10 – (.iAnywhere, Inc..) [HKLM] — {0DE5137F-581B-448C-AF70-9498EF364E34}
O42 – Logiciel: Aiseesoft Convertisseur Vidéo Total Platinum 6.3.22 – (…) [HKLM] — {3661F243-518C-4d05-8BDF-7B10CC22689F}_is1
O42 – Logiciel: Analyzed – (.Marko Mihovilic.) [HKLM] — Analyzed_is1
O42 – Logiciel: Apple Software Update – (.Apple Inc..) [HKLM] — {789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE} =>.Apple Inc
O42 – Logiciel: BOB 50 – (…) [HKLM] — {A88321FF-A50F-4C79-BE65-0BA25317341F}
O42 – Logiciel: Bonjour – (.Apple Inc..) [HKLM] — {79155F2B-9895-49D7-8612-D92580E0DE5B}
O42 – Logiciel: Canyon USB2.0 PC Camera – (.Vimicro Corp..) [HKLM] — {71A51A91-E7D3-11DB-A386-005056C00008}
O42 – Logiciel: Clover 3.0 – (…) [HKLM] — Clover
O42 – Logiciel: Dropbox – (.Dropbox, Inc..) [HKCU] — Dropbox
O42 – Logiciel: Foxit Reader – (.Foxit Corporation.) [HKLM] — {BDDF6AEE-7AD7-4CDA-B57F-5BDF9417AD4F}
O42 – Logiciel: Google Chrome – (.Google Inc..) [HKLM] — Google Chrome
O42 – Logiciel: Google Update Helper – (.Google Inc..) [HKLM] — {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
O42 – Logiciel: HP Customer Participation Program 14.0 – (.HP.) [HKLM] — HPExtendedCapabilities
O42 – Logiciel: HP Deskjet F2400 All-in-One Driver Software 14.0 Rel. 6 – (.HP.) [HKLM] — {819CA3BC-2FF8-4811-B42F-421F7BFD3559}
O42 – Logiciel: HP Imaging Device Functions 14.0 – (.HP.) [HKLM] — HP Imaging Device Functions
O42 – Logiciel: HP Photosmart Wireless B110 All-In-One Driver Software 14.0 Rel. 7 – (.HP.) [HKLM] — {014E482A-0C27-47E3-BA82-307E9DCA2F47} =>.Hewlett-Packard Co
O42 – Logiciel: HP Smart Web Printing 4.60 – (.HP.) [HKLM] — HP Smart Web Printing
O42 – Logiciel: HP Solution Center 14.0 – (.HP.) [HKLM] — HP Solution Center & Imaging Support Tools
O42 – Logiciel: HP Update – (.Hewlett-Packard.) [HKLM] — {74DC0593-6BC6-4001-AD5F-D810AFB68D86}
O42 – Logiciel: Java(TM) 6 Update 37 – (.Oracle.) [HKLM] — {26A24AE4-039D-4CA4-87B4-2F83216037FF}
O42 – Logiciel: K-Lite Codec Pack 8.4.0 (Full) – (…) [HKLM] — KLiteCodecPack_is1
O42 – Logiciel: KMP Service – (.KMP.) [HKLM] — 4F6D5E84-5826-4394-9F40-3A9A19165651_is1
O42 – Logiciel: Microsoft Access MUI (English) 2013 – (.Microsoft Corporation.) [HKLM] — {90150000-0015-0409-0000-0000000FF1CE}
O42 – Logiciel: Microsoft Access MUI (French) 2013 – (.Microsoft Corporation.) [HKLM] — {90150000-0015-040C-0000-0000000FF1CE}
O42 – Logiciel: Microsoft Access Setup Metadata MUI (English) 2013 – (.Microsoft Corporation.) [HKLM] — {90150000-0117-0409-0000-0000000FF1CE}
O42 – Logiciel: Microsoft DCF MUI (English) 2013 – (.Microsoft Corporation.) [HKLM] — {90150000-0090-0409-0000-0000000FF1CE}
O42 – Logiciel: Microsoft DCF MUI (French) 2013 – (.Microsoft Corporation.) [HKLM] — {90150000-0090-040C-0000-0000000FF1CE}
O42 – Logiciel: Microsoft Excel MUI (English) 2013 – (.Microsoft Corporation.) [HKLM] — {90150000-0016-0409-0000-0000000FF1CE}
O42 – Logiciel: Microsoft Excel MUI (French) 2013 – (.Microsoft Corporation.) [HKLM] — {90150000-0016-040C-0000-0000000FF1CE}
O42 – Logiciel: Microsoft Groove MUI (English) 2013 – (.Microsoft Corporation.) [HKLM] — {90150000-00BA-0409-0000-0000000FF1CE}
O42 – Logiciel: Microsoft Groove MUI (French) 2013 – (.Microsoft Corporation.) [HKLM] — {90150000-00BA-040C-0000-0000000FF1CE}
O42 – Logiciel: Microsoft InfoPath MUI (English) 2013 – (.Microsoft Corporation.) [HKLM] — {90150000-0044-0409-0000-0000000FF1CE}
O42 – Logiciel: Microsoft InfoPath MUI (French) 2013 – (.Microsoft Corporation.) [HKLM] — {90150000-0044-040C-0000-0000000FF1CE}
O42 – Logiciel: Microsoft Lync MUI (English) 2013 – (.Microsoft Corporation.) [HKLM] — {90150000-012B-0409-0000-0000000FF1CE}
O42 – Logiciel: Microsoft Lync MUI (French) 2013 – (.Microsoft Corporation.) [HKLM] — {90150000-012B-040C-0000-0000000FF1CE}
O42 – Logiciel: Microsoft OneNote MUI (English) 2013 – (.Microsoft Corporation.) [HKLM] — {90150000-00A1-0409-0000-0000000FF1CE} =>.Microsoft Corporation
O42 – Logiciel: Microsoft OneNote MUI (French) 2013 – (.Microsoft Corporation.) [HKLM] — {90150000-00A1-040C-0000-0000000FF1CE} =>.Microsoft Corporation
O42 – Logiciel: Microsoft Outlook MUI (English) 2013 – (.Microsoft Corporation.) [HKLM] — {90150000-001A-0409-0000-0000000FF1CE}
O42 – Logiciel: Microsoft Outlook MUI (French) 2013 – (.Microsoft Corporation.) [HKLM] — {90150000-001A-040C-0000-0000000FF1CE}
O42 – Logiciel: Microsoft PowerPoint MUI (English) 2013 – (.Microsoft Corporation.) [HKLM] — {90150000-0018-0409-0000-0000000FF1CE}
O42 – Logiciel: Microsoft PowerPoint MUI (French) 2013 – (.Microsoft Corporation.) [HKLM] — {90150000-0018-040C-0000-0000000FF1CE}
O42 – Logiciel: Microsoft Publisher MUI (English) 2013 – (.Microsoft Corporation.) [HKLM] — {90150000-0019-0409-0000-0000000FF1CE}
O42 – Logiciel: Microsoft Publisher MUI (French) 2013 – (.Microsoft Corporation.) [HKLM] — {90150000-0019-040C-0000-0000000FF1CE}
O42 – Logiciel: Microsoft Word MUI (English) 2013 – (.Microsoft Corporation.) [HKLM] — {90150000-001B-0409-0000-0000000FF1CE}
O42 – Logiciel: Microsoft Word MUI (French) 2013 – (.Microsoft Corporation.) [HKLM] — {90150000-001B-040C-0000-0000000FF1CE}
O42 – Logiciel: Mozilla Firefox 27.0.1 (x86 fr) – (.Mozilla.) [HKLM] — Mozilla Firefox 27.0.1 (x86 fr)
O42 – Logiciel: Mozilla Maintenance Service – (.Mozilla.) [HKLM] — MozillaMaintenanceService
O42 – Logiciel: Realtek AC’97 Audio – (…) [HKLM] — {FB08F381-6533-4108-B7DD-039E11FBC27E}
O42 – Logiciel: Shop for HP Supplies – (.HP.) [HKLM] — Shop for HP Supplies
O42 – Logiciel: SuperCopier2 – (…) [HKLM] — SuperCopier2
O42 – Logiciel: The KMPlayer (remove only) – (.KMP Media co., Ltd.) [HKLM] — The KMPlayer
O42 – Logiciel: VLC media player 2.1.3 – (.VideoLAN.) [HKLM] — VLC media player =>.VideoLAN
O42 – Logiciel: WinDjView 1.0.3 – (.Andrew Zhezherun.) [HKLM] — WinDjView
O42 – Logiciel: WinRAR 4.00 (32-bit) – (.win.rar GmbH.) [HKLM] — WinRAR archiver
O42 – Logiciel: XMind 2012 (v3.3.1) – (.XMind Ltd..) [HKLM] — XMind_is1
O42 – Logiciel: Yahoo! Messenger – (.Yahoo! Inc..) [HKLM] — Yahoo! Messenger
O42 – Logiciel: Yahoo! Search Protection – (…) [HKLM] — Yahoo! Search Defender
O42 – Logiciel: Yahoo! Software Update – (…) [HKLM] — Yahoo! Software Update
O42 – Logiciel: Yahoo! Toolbar – (…) [HKLM] — Yahoo! Companion
O42 – Logiciel: avast! Free Antivirus v9.0.2018 – (.Avast Software.) [HKLM] — Avast
~ Logic: 43 Scanned in 00mn 00s

—\ HKCU & HKLM Software Keys
[HKCUSoftwareAVAST Software]
[HKCUSoftwareAdvantage 9.10 Links]
[HKCUSoftwareAiseesoft Studio]
[HKCUSoftwareAppDataLowSoftwareYahoo]
[HKCUSoftwareAppDataLow]
[HKCUSoftwareApple Inc.]
[HKCUSoftwareBOB 50]
[HKCUSoftwareBitTorrent] =>P2P.BitTorrent
[HKCUSoftwareClasses]
[HKCUSoftwareClients]
[HKCUSoftwareClover]
[HKCUSoftwareDRPSu Updater]
[HKCUSoftwareFoxit Software]
[HKCUSoftwareFroggie]
[HKCUSoftwareGNU]
[HKCUSoftwareGabest]
[HKCUSoftwareGoogle]
[HKCUSoftwareHP]
[HKCUSoftwareHaali]
[HKCUSoftwareHewlett-Packard]
[HKCUSoftwareIM Providers]
[HKCUSoftwareInternetCalls]
[HKCUSoftwareJavaSoft]
[HKCUSoftwareKMPlayer]
[HKCUSoftwareLAV]
[HKCUSoftwareLocal AppWizard-Generated Applications]
[HKCUSoftwareMacromedia]
[HKCUSoftwareMediaInfo]
[HKCUSoftwareMozillaPlugins]
[HKCUSoftwareMozilla]
[HKCUSoftwareNVIDIA Corporation]
[HKCUSoftwareNetscape]
[HKCUSoftwareODBC]
[HKCUSoftwareOpera Software]
[HKCUSoftwarePolicies]
[HKCUSoftwareRealtek]
[HKCUSoftwareSFX TEAM]
[HKCUSoftwareSoftonic] =>Toolbar.Conduit
[HKCUSoftwareTorch]
[HKCUSoftwareUsbFix]
[HKCUSoftwareWinRAR SFX]
[HKCUSoftwareWinRAR]
[HKCUSoftwareYahoo]
[HKCUSoftwaredrpsu]
[HKCUSoftwaremadFlac]
[HKCUSoftwaremadshi]
[HKLMSoftwareATI Technologies]
[HKLMSoftwareAVAST Software]
[HKLMSoftwareApple Inc.]
[HKLMSoftwareBOB Software]
[HKLMSoftwareCBSTEST]
[HKLMSoftwareClasses]
[HKLMSoftwareClients]
[HKLMSoftwareFoxit Software]
[HKLMSoftwareGNU]
[HKLMSoftwareGabest]
[HKLMSoftwareGoogle]
[HKLMSoftwareHaaliMkx]
[HKLMSoftwareHewlett-Packard]
[HKLMSoftwareICE]
[HKLMSoftwareIM Providers]
[HKLMSoftwareIntel]
[HKLMSoftwareInterVideo]
[HKLMSoftwareInternet Download Manager]
[HKLMSoftwareJavaSoft]
[HKLMSoftwareJreMetrics]
[HKLMSoftwareKLCodecPack]
[HKLMSoftwareKMPlayer]
[HKLMSoftwareKhronos]
[HKLMSoftwareLAV]
[HKLMSoftwareMacromedia]
[HKLMSoftwareMozillaPlugins]
[HKLMSoftwareMozilla]
[HKLMSoftwareNVIDIA Corporation]
[HKLMSoftwareODBC]
[HKLMSoftwarePandora.TV]
[HKLMSoftwarePolicies]
[HKLMSoftwareRealtek]
[HKLMSoftwareRegisteredApplications]
[HKLMSoftwareSRS Labs]
[HKLMSoftwareSage]
[HKLMSoftwareSonic]
[HKLMSoftwareTorch]
[HKLMSoftwareVideoLAN]
[HKLMSoftwareVimicro Corp.]
[HKLMSoftwareVimicro Corporation]
[HKLMSoftwareWOW6432Node]
[HKLMSoftwareWinRAR]
[HKLMSoftwareXMind Ltd]
[HKLMSoftwareYahoo]
[HKLMSoftwaremozilla.org]
[HKLMSoftwarevimicro]
~ Key Software: 198 Scanned in 00mn 00s

—\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 – CFD: 25/05/2014 – 21:33:34 – [] —-D C:Program FilesAdvantage 9.10
O43 – CFD: 06/03/2014 – 18:14:39 – [] —-D C:Program FilesAiseesoft Studio
O43 – CFD: 06/03/2014 – 17:53:40 – [] —-D C:Program FilesAmbalaGurpreet
O43 – CFD: 06/03/2014 – 18:16:04 – [] —-D C:Program FilesApple Software Update =>.Apple Inc
O43 – CFD: 20/04/2014 – 16:34:46 – [] —-D C:Program FilesAVAST Software
O43 – CFD: 06/03/2014 – 18:16:42 – [] —-D C:Program FilesBonjour
O43 – CFD: 06/03/2014 – 18:07:10 – [] —-D C:Program FilesClover
O43 – CFD: 25/05/2014 – 21:33:54 – [] —-D C:Program FilesCommon Files
O43 – CFD: 06/03/2014 – 18:42:28 – [] —-D C:Program FilesDVD Maker
O43 – CFD: 06/03/2014 – 18:29:44 – [] —-D C:Program FilesFoxit Software
O43 – CFD: 06/03/2014 – 21:04:08 – [] —-D C:Program FilesGoogle
O43 – CFD: 20/04/2014 – 17:40:57 – [] —-D C:Program FilesHP
O43 – CFD: 25/05/2014 – 21:34:00 – [] –H-D C:Program FilesInstallShield Installation Information
O43 – CFD: 06/03/2014 – 18:42:28 – [] —-D C:Program FilesInternet Explorer
O43 – CFD: 11/05/2014 – 18:56:39 – [] —-D C:Program FilesJava
O43 – CFD: 06/03/2014 – 18:29:32 – [] —-D C:Program FilesK-Lite Codec Pack
O43 – CFD: 08/03/2014 – 10:08:00 – [] —-D C:Program FilesMicrosoft Analysis Services
O43 – CFD: 12/04/2011 – 04:24:27 – [] —-D C:Program FilesMicrosoft Games
O43 – CFD: 08/03/2014 – 10:12:11 – [] —-D C:Program FilesMicrosoft Office
O43 – CFD: 08/03/2014 – 10:13:32 – [] —-D C:Program FilesMicrosoft SQL Server
O43 – CFD: 08/03/2014 – 10:53:58 – [] —-D C:Program FilesMicrosoft.NET
O43 – CFD: 11/05/2014 – 18:57:40 – [] —-D C:Program FilesMozilla Firefox
O43 – CFD: 11/03/2014 – 18:57:28 – [] —-D C:Program FilesMozilla Maintenance Service
O43 – CFD: 14/07/2009 – 06:52:30 – [] —-D C:Program FilesMSBuild
O43 – CFD: 06/03/2014 – 18:24:58 – [] —-D C:Program FilesNVIDIA Corporation
O43 – CFD: 20/04/2014 – 00:56:37 – [] —-D C:Program FilesOpera
O43 – CFD: 06/03/2014 – 18:09:37 – [] —-D C:Program FilesPANDORA.TV
O43 – CFD: 14/07/2009 – 06:52:30 – [] —-D C:Program FilesReference Assemblies
O43 – CFD: 06/03/2014 – 18:14:04 – [] —-D C:Program FilesSuperCopier2
O43 – CFD: 06/03/2014 – 18:09:10 – [] —-D C:Program FilesThe KMPlayer
O43 – CFD: 14/07/2009 – 06:53:23 – [0] —-D C:Program FilesUninstall Information
O43 – CFD: 06/03/2014 – 18:08:04 – [] —-D C:Program FilesVideoLAN
O43 – CFD: 20/04/2014 – 18:12:09 – [] —-D C:Program FilesVimicro Corporation
O43 – CFD: 06/03/2014 – 18:30:01 – [] —-D C:Program FilesWinDjView
O43 – CFD: 06/03/2014 – 18:42:28 – [] —-D C:Program FilesWindows Defender
O43 – CFD: 06/03/2014 – 18:42:28 – [] —-D C:Program FilesWindows Journal
O43 – CFD: 06/03/2014 – 18:42:28 – [] —-D C:Program FilesWindows Mail =>.Microsoft Corporation
O43 – CFD: 06/03/2014 – 18:42:28 – [] —-D C:Program FilesWindows Media Player =>.Microsoft Corporation
O43 – CFD: 14/07/2009 – 06:52:30 – [] —-D C:Program FilesWindows NT
O43 – CFD: 06/03/2014 – 18:42:28 – [] —-D C:Program FilesWindows Photo Viewer
O43 – CFD: 20/11/2010 – 23:33:48 – [] —-D C:Program FilesWindows Portable Devices
O43 – CFD: 06/03/2014 – 18:42:28 – [] —-D C:Program FilesWindows Sidebar
O43 – CFD: 06/03/2014 – 18:13:51 – [] —-D C:Program FilesWinRAR
O43 – CFD: 11/05/2014 – 19:14:22 – [] —-D C:Program FilesXMind
O43 – CFD: 20/04/2014 – 17:41:46 – [] —-D C:Program FilesYahoo!
O43 – CFD: 09/06/2014 – 14:26:21 – [] —-D C:Program FilesZHPDiag =>.Nicolas Coolman
O43 – CFD: 08/03/2014 – 10:14:03 – [] —-D C:Program FilesCommon FilesDESIGNER
O43 – CFD: 09/03/2014 – 22:05:45 – [] —-D C:Program FilesCommon FilesHewlett-Packard
O43 – CFD: 09/03/2014 – 22:06:00 – [] —-D C:Program FilesCommon FilesHP
O43 – CFD: 25/05/2014 – 21:33:57 – [] —-D C:Program FilesCommon FilesInstallShield
O43 – CFD: 11/05/2014 – 18:57:55 – [] —-D C:Program FilesCommon FilesJava
O43 – CFD: 08/03/2014 – 10:56:33 – [] —-D C:Program FilesCommon Filesmicrosoft shared
O43 – CFD: 14/07/2009 – 04:37:05 – [] —-D C:Program FilesCommon FilesServices
O43 – CFD: 14/07/2009 – 04:37:05 – [] —-D C:Program FilesCommon FilesSpeechEngines
O43 – CFD: 08/03/2014 – 10:09:52 – [] —-D C:Program FilesCommon FilesSystem
O43 – CFD: 06/03/2014 – 18:14:39 – [] —-D C:ProgramDataAiseesoft Studio
O43 – CFD: 06/03/2014 – 18:16:03 – [] —-D C:ProgramDataApple
O43 – CFD: 06/03/2014 – 18:17:25 – [] —-D C:ProgramDataApple Computer
O43 – CFD: 14/07/2009 – 06:53:55 – [0] —-D C:ProgramDataApplication Data
O43 – CFD: 20/04/2014 – 16:33:44 – [] —-D C:ProgramDataAVAST Software
O43 – CFD: 14/07/2009 – 06:53:55 – [0] —-D C:ProgramDataDesktop
O43 – CFD: 14/07/2009 – 06:53:55 – [0] —-D C:ProgramDataDocuments
O43 – CFD: 08/05/2014 – 20:36:14 – [] —-D C:ProgramDatae856c62a7ad85c7f
O43 – CFD: 14/07/2009 – 06:53:55 – [0] —-D C:ProgramDataFavorites
O43 – CFD: 20/04/2014 – 17:40:31 – [] —-D C:ProgramDataHP
O43 – CFD: 20/04/2014 – 17:40:18 – [] —-D C:ProgramDataHP Product Assistant
O43 – CFD: 06/03/2014 – 20:22:45 – [0] —-D C:ProgramDataIDM
O43 – CFD: 09/05/2014 – 17:54:54 – [] —-D C:ProgramDataInstallMate =>PUP.Tarma
O43 – CFD: 08/05/2014 – 20:45:25 – [] —-D C:ProgramDataItsReadyApp
O43 – CFD: 06/03/2014 – 20:05:30 – [] —-D C:ProgramDataMicrosoft
O43 – CFD: 22/04/2014 – 19:32:34 – [] —-D C:ProgramDataMicrosoft Help
O43 – CFD: 06/03/2014 – 18:16:18 – [] —-D C:ProgramDataMozilla
O43 – CFD: 06/03/2014 – 18:25:14 – [] —-D C:ProgramDataNVIDIA
O43 – CFD: 06/03/2014 – 18:23:24 – [] —-D C:ProgramDataNVIDIA Corporation
O43 – CFD: 08/03/2014 – 10:52:23 – [] —-D C:ProgramDataregid.1991-06.com.microsoft
O43 – CFD: 14/07/2009 – 06:53:55 – [0] —-D C:ProgramDataStart Menu
O43 – CFD: 11/05/2014 – 18:57:58 – [] —-D C:ProgramDataSun
O43 – CFD: 14/07/2009 – 06:53:55 – [0] —-D C:ProgramDataTemplates
O43 – CFD: 09/03/2014 – 22:10:55 – [] —-D C:ProgramDataWEBREG
O43 – CFD: 07/03/2014 – 18:31:36 – [] —-D C:ProgramDataYahoo!
O43 – CFD: 20/04/2014 – 17:41:41 – [] —-D C:ProgramDataYahoo! Companion
O43 – CFD: 06/03/2014 – 20:22:09 – [] —-D C:UsersOPERATEURAppDataRoamingAdobe
O43 – CFD: 06/03/2014 – 21:10:26 – [] —-D C:UsersOPERATEURAppDataRoamingApple Computer
O43 – CFD: 20/04/2014 – 16:37:15 – [] —-D C:UsersOPERATEURAppDataRoamingAVAST Software
O43 – CFD: 20/04/2014 – 13:26:14 – [0] —-D C:UsersOPERATEURAppDataRoamingDMCache
O43 – CFD: 20/04/2014 – 16:41:39 – [] —-D C:UsersOPERATEURAppDataRoamingDropbox
O43 – CFD: 20/04/2014 – 16:41:37 – [] —-D C:UsersOPERATEURAppDataRoamingDropboxMaster
O43 – CFD: 06/03/2014 – 19:57:06 – [0] —-D C:UsersOPERATEURAppDataRoamingDRPSu
O43 – CFD: 09/05/2014 – 11:01:18 – [] —-D C:UsersOPERATEURAppDataRoamingFoxit Software
O43 – CFD: 20/04/2014 – 17:44:49 – [] —-D C:UsersOPERATEURAppDataRoamingHP
O43 – CFD: 06/06/2014 – 20:50:18 – [] —-D C:UsersOPERATEURAppDataRoamingHpUpdate
O43 – CFD: 06/03/2014 – 17:55:42 – [] —-D C:UsersOPERATEURAppDataRoamingIdentities
O43 – CFD: 20/04/2014 – 18:10:02 – [] —-D C:UsersOPERATEURAppDataRoamingInstallShield
O43 – CFD: 07/03/2014 – 18:41:14 – [] —-D C:UsersOPERATEURAppDataRoamingInternetCalls
O43 – CFD: 06/03/2014 – 20:22:10 – [] —-D C:UsersOPERATEURAppDataRoamingMacromedia
O43 – CFD: 12/04/2011 – 04:24:18 – [0] —-D C:UsersOPERATEURAppDataRoamingMedia Center Programs
O43 – CFD: 06/03/2014 – 20:10:40 – [] —-D C:UsersOPERATEURAppDataRoamingMedia Player Classic
O43 – CFD: 19/05/2014 – 20:44:01 – [] —-D C:UsersOPERATEURAppDataRoamingMicrosoft
O43 – CFD: 06/03/2014 – 18:17:06 – [] —-D C:UsersOPERATEURAppDataRoamingMozilla
O43 – CFD: 06/03/2014 – 18:16:22 – [] —-D C:UsersOPERATEURAppDataRoamingOpera Software
O43 – CFD: 06/03/2014 – 18:30:10 – [] —-D C:UsersOPERATEURAppDataRoaminguTorrent =>P2P.µTorrent
O43 – CFD: 06/06/2014 – 23:12:42 – [] —-D C:UsersOPERATEURAppDataRoamingvlc
O43 – CFD: 08/03/2014 – 11:18:37 – [] —-D C:UsersOPERATEURAppDataRoamingVoipConnect
O43 – CFD: 08/03/2014 – 10:02:18 – [] —-D C:UsersOPERATEURAppDataRoamingWinRAR
O43 – CFD: 20/04/2014 – 17:41:41 – [] —-D C:UsersOPERATEURAppDataRoamingyahoo!
O43 – CFD: 09/06/2014 – 14:38:20 – [] —-D C:UsersOPERATEURAppDataRoamingZHP =>.Nicolas Coolman
O43 – CFD: 06/03/2014 – 18:16:10 – [] —-D C:UsersOPERATEURAppDataLocalApple
O43 – CFD: 06/03/2014 – 20:39:16 – [] —-D C:UsersOPERATEURAppDataLocalApple Computer
O43 – CFD: 14/07/2009 – 06:53:55 – [0] —-D C:UsersOPERATEURAppDataLocalApplication Data
O43 – CFD: 08/05/2014 – 20:36:13 – [] —-D C:UsersOPERATEURAppDataLocalChromatic Browser
O43 – CFD: 06/03/2014 – 18:07:11 – [] —-D C:UsersOPERATEURAppDataLocalClover
O43 – CFD: 08/05/2014 – 20:36:12 – [] —-D C:UsersOPERATEURAppDataLocalComodo
O43 – CFD: 09/06/2014 – 13:50:38 – [0] —-D C:UsersOPERATEURAppDataLocalElevatedDiagnostics
O43 – CFD: 09/05/2014 – 17:54:29 – [] —-D C:UsersOPERATEURAppDataLocalGoogle
O43 – CFD: 14/07/2009 – 06:53:55 – [0] —-D C:UsersOPERATEURAppDataLocalHistory
O43 – CFD: 20/04/2014 – 17:16:52 – [] —-D C:UsersOPERATEURAppDataLocalHP
O43 – CFD: 24/05/2014 – 22:12:34 – [] —-D C:UsersOPERATEURAppDataLocalMicrosoft
O43 – CFD: 26/05/2014 – 20:54:39 – [] —-D C:UsersOPERATEURAppDataLocalMicrosoft Games
O43 – CFD: 06/03/2014 – 18:26:01 – [0] —-D C:UsersOPERATEURAppDataLocalMicrosoft Help
O43 – CFD: 06/03/2014 – 20:17:03 – [] —-D C:UsersOPERATEURAppDataLocalMozilla
O43 – CFD: 06/03/2014 – 18:16:24 – [] —-D C:UsersOPERATEURAppDataLocalOpera Software
O43 – CFD: 07/03/2014 – 18:37:05 – [] —-D C:UsersOPERATEURAppDataLocalPrograms
O43 – CFD: 09/06/2014 – 14:37:58 – [] —-D C:UsersOPERATEURAppDataLocalTemp
O43 – CFD: 14/07/2009 – 06:53:55 – [0] —-D C:UsersOPERATEURAppDataLocalTemporary Internet Files
O43 – CFD: 20/04/2014 – 00:48:33 – [] —-D C:UsersOPERATEURAppDataLocalTorch
O43 – CFD: 06/03/2014 – 17:55:21 – [0] —-D C:UsersOPERATEURAppDataLocalVirtualStore
O43 – CFD: 14/07/2009 – 06:42:04 – [] —-D C:UsersOPERATEURAppDataRoamingMicrosoftWindowsStart MenuProgramsAccessories
O43 – CFD: 06/03/2014 – 17:55:58 – [] R—D C:UsersOPERATEURAppDataRoamingMicrosoftWindowsStart MenuProgramsAdministrative Tools
O43 – CFD: 20/04/2014 – 16:40:29 – [] —-D C:UsersOPERATEURAppDataRoamingMicrosoftWindowsStart MenuProgramsDropbox
O43 – CFD: 14/07/2009 – 06:37:42 – [] —-D C:UsersOPERATEURAppDataRoamingMicrosoftWindowsStart MenuProgramsMaintenance
O43 – CFD: 05/06/2014 – 12:56:50 – [] R—D C:UsersOPERATEURAppDataRoamingMicrosoftWindowsStart MenuProgramsStartup
O43 – CFD: 06/03/2014 – 18:14:06 – [] —-D C:UsersOPERATEURAppDataRoamingMicrosoftWindowsStart MenuProgramsSuperCopier2
O43 – CFD: 06/03/2014 – 18:09:15 – [] —-D C:UsersOPERATEURAppDataRoamingMicrosoftWindowsStart MenuProgramsThe KMPlayer
O43 – CFD: 06/03/2014 – 18:13:51 – [] —-D C:UsersOPERATEURAppDataRoamingMicrosoftWindowsStart MenuProgramsWinRAR
~ Program Folder: 134 Scanned in 00mn 00s

—\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 – LFC:[MD5.1EC0CC76C1865471CE7FD19D1F66EA7B] – 05/06/2014 – 00:05:39 —A- . (…) — C:WindowsMEMORY.DMP [108023606]
O44 – LFC:[MD5.D3864B64EEFFE1CA26D9C64EAB49C9E6] – 09/06/2014 – 09:06:53 —A- . (…) — C:Windowssetupact.log [10290]
O44 – LFC:[MD5.AA055C1B5F8A2FAE4D7E38A25B56367A] – 09/06/2014 – 12:56:28 -S-A- . (…) — C:Windowsbootstat.dat [67584]
O44 – LFC:[MD5.4A5F7E59DB7C2C4BB8E37222C6B16D2E] – 09/06/2014 – 12:56:33 —A- . (…) — C:WindowsWindowsUpdate.log [568413]
O44 – LFC:[MD5.EA0C689992D69E24ED9CB63D0B153ED2] – 25/05/2014 – 20:39:06


. (…) — C:ADS_ERR.adm [2048]
O44 – LFC:[MD5.8CD2F2121A3787FCB1EA17F40ABC08C5] – 25/05/2014 – 20:44:01


. (…) — C:ADS_ERR.ADI [3072]
O44 – LFC:[MD5.F5EF300DFA84171BB51DF1A20964AF9A] – 25/05/2014 – 20:44:01


. (…) — C:ADS_ERR.ADT [21448]
~ Files: 7 Scanned in 00mn 28s