Publicité
Publicité
Format du document : text/plain
Prévisualisation
Rapport de ZHPDiag v1.24.22 par Nicolas Coolman
Run by venaultm at 27/09/2016 17:15:01
Web site : http://www.premiumorange.com/zeb-help-process/zhpdiag.html
Platform : Windows 7 Professional
MSIE: Internet Explorer v9.11.9600.17239
MFIE: Mozilla Firefox 42.0 (x86 fr)
Boot mode: Normal (Normal boot)
Total RAM: 1,9 Gb (56 % free)
System drive C: 233 Go (186 Go free)
---\\ Processus lancés
C:\Program Files (x86)\Trend Micro\OfficeScan Client\Pccntmon.exe
C:\Alise\AliseUpdate\AESUpdate.exe
C:\Program Files (x86)\mpck_en_031020345\mpck_en_031020345.exe
C:\Program Files (x86)\DPower\DiskPower.exe
C:\Users\venaultm\AppData\Local\mpck_en_031020345\upmpck_en_031020345.exe
C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AdobeCollabSync.exe
C:\Program Files (x86)\DPower\6HSAZ0KEJL.exe
C:\Program Files (x86)\DPower\GOT4FZ5U6W.exe
C:\Program Files (x86)\DPower\UU5EFRITTL.exe
C:\Program Files (x86)\DPower\GPPTKZPNIZ.exe
C:\Program Files (x86)\DPower\PEI7UYIIP4.exe
C:\Program Files (x86)\DPower\UETS1YJ7F6.exe
C:\Program Files (x86)\DPower\0NSSZ88PM9.exe
C:\Program Files (x86)\DPower\K5CZ5TOYMH.exe
C:\Program Files (x86)\DPower\9ZJIM3IL98.exe
C:\Program Files (x86)\DPower\6IZTJ2SIK7.exe
C:\Program Files\CCleaner\CCleaner64.exe
C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Windows\System32\svchost.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
C:\Program Files (x86)\Firebird\Firebird_2_5.Alise\bin\fbguard.exe
C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
C:\Windows\system32\igfxCUIService.exe
C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
c:\alise\exe\JobAES.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
C:\Windows\system32\lsass.exe
C:\Program Files (x86)\Trend Micro\OfficeScan Client\ntrtscan.exe
C:\Windows\system32\nvvsvc.exe
C:\Program Files (x86)\OCS Inventory Agent\OcsService.exe
C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\sppsvc.exe
C:\Program Files (x86)\Trend Micro\OfficeScan Client\tmlisten.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Windows\system32\SearchIndexer.exe
---\\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2)
F2 - REG:system.ini: UserInit=userinit.exe
F2 - REG:system.ini: Shell=explorer.exe
---\\ Pages de démarrage d'Internet Explorer (R0)
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/webhp?complete=0&gws_rd=ssl
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.sweet-page.com/?type=hp&ts=1421674449&from=corfr&uid=ST500DM002-1BD142_W3T6WX88XXXXW3T6WX88
---\\ Pages de recherche d'Internet Explorer (R1)
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.sweet-page.com/web/?type=ds&ts=1421674449&from=corfr&uid=ST500DM002-1BD142_W3T6WX88XXXXW3T6WX88&q={searchTerms}
---\\ Internet Explorer URLSearchHook (R3)
R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll
---\\ Redirection du fichier Hosts (O1)
O1 - Hosts: 172.20.100.1 intra-pdc1
O1 - Hosts: 172.20.100.2 intra-lrd7
O1 - Hosts: 172.20.100.6 intra-lrd6
O1 - Hosts: 172.20.100.7 intra-lrd
O1 - Hosts: 172.20.100.11 intra-lrd1
O1 - Hosts: 172.20.100.12 intra-lrd4
O1 - Hosts: 172.20.100.14 serveur-install
O1 - Hosts: 172.20.100.16 arts-doisneau
---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
---\\ Applications démarrées automatiquement par le registre (O4)
O4 - HKLM\..\Run: [OfficeScanNT Monitor] C:\Program Files (x86)\Trend Micro\OfficeScan Client\Pccntmon.exe" -HideWindow
O4 - HKLM\..\Run: [AliseUpdate] C:\Alise\AliseUpdate\AESUpdate.exe
O4 - HKLM\..\Run: [mpck_en_031020345] C:\Program Files (x86)\mpck_en_031020345\mpck_en_031020345.exe
O4 - HKLM\..\Run: [DiskPower] C:\Program Files (x86)\DPower\DiskPower.exe
O4 - HKLM\..\RunOnce: [upmpck_en_031020345.exe] C:\Users\venaultm\AppData\Local\mpck_en_031020345\upmpck_en_031020345.exe -runonce
O4 - HKCU\..\Run: [Adobe Reader Synchronizer] C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AdobeCollabSync.exe
O4 - HKCU\..\Run: [VYCB5AHIOH] C:\Program Files (x86)\DPower\6HSAZ0KEJL.exe
O4 - HKCU\..\Run: [GRZA5AQWD0] C:\Program Files (x86)\DPower\GOT4FZ5U6W.exe
O4 - HKCU\..\Run: [A5HJX01A7C] C:\Program Files (x86)\DPower\UU5EFRITTL.exe
O4 - HKCU\..\Run: [9P7DA7E5VO] C:\Program Files (x86)\DPower\GPPTKZPNIZ.exe
O4 - HKCU\..\Run: [WOJ7AOL6XQ] C:\Program Files (x86)\DPower\PEI7UYIIP4.exe
O4 - HKCU\..\Run: [03IRZ5EQSR] C:\Program Files (x86)\DPower\UETS1YJ7F6.exe
O4 - HKCU\..\Run: [CDEW2CN0DD] C:\Program Files (x86)\DPower\0NSSZ88PM9.exe
O4 - HKCU\..\Run: [7KBRN53ZUO] C:\Program Files (x86)\DPower\K5CZ5TOYMH.exe
O4 - HKCU\..\Run: [PAVO4C12N0] C:\Program Files (x86)\DPower\9ZJIM3IL98.exe
O4 - HKCU\..\Run: [TWYK1E7JSE] C:\Program Files (x86)\DPower\6IZTJ2SIK7.exe
O4 - HKCU\..\Run: [CCleaner Monitoring] C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKLM\..\policies\Explorer: [NoActiveDesktop] Data=1
O4 - HKLM\..\policies\Explorer: [NoActiveDesktopChanges] Data=1
O4 - HKLM\..\policies\Explorer: [ForceActiveDesktopOn] Data=0
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
O4 - Global Startup: Aide mémoire.lnk - C:\Users\venaultm\AppData\Roaming\Aide mémoire\TrayIcon.exe
---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~4\Office12\REFBARH.ICO
---\\ Onglet supplémentaire dans les options avancées d'Internet Explorer (O11)
O11 - Options group: [accelerated_graphics] Accelerated graphics - C:\Windows\SysWOW64\inetcpl.cpl
O11 - Options group: [accessibility] Accessibility - C:\Windows\SysWOW64\inetcpl.cpl
O11 - Options group: [browse] Browsing - C:\Windows\SysWOW64\inetcpl.cpl
O11 - Options group: [crypto] Security - C:\Windows\SysWOW64\inetcpl.cpl
O11 - Options group: [http] HTTP settings - C:\Windows\SysWOW64\inetcpl.cpl
O11 - Options group: [international] International - C:\Windows\SysWOW64\inetcpl.cpl
O11 - Options group: [multimedia] Multimedia - C:\Windows\SysWOW64\inetcpl.cpl
---\\ Objets ActiveX (Downloaded Program Files)(O16)
O16 - DPF: {00134F72-5284-44F7-95A8-52A619F70751} (ObjWinNTCheck Class) - https://172.20.100.2:4343/officescan/console/html/ClientInstall/WinNTChk.cab
O16 - DPF: {08D75BC1-D2B5-11D1-88FC-0080C859833B} (OfficeScan Corp Edition Web-Deployment SetupCtrl Class) - https://172.20.100.2:4343/officescan/console/html/ClientInstall/setup.cab
O16 - DPF: {5EFE8CB1-D095-11D1-88FC-0080C859833B} (OfficeScan Corp Edition Web-Deployment ObjRemoveCtrl Class) - https://172.20.100.2:4343/officescan/console/html/ClientInstall/RemoveCtrl.cab
---\\ Protocole additionnel et piratage de protocole (O18)
O18 - Handler: cdl - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysWOW64\urlmon.dll
O18 - Handler: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysWOW64\msvidctl.dll
O18 - Handler: mhtml - {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\system32\inetcomm.dll
O18 - Handler: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files (x86)\Common Files\Microsoft Shared\Help\hxds.dll
O18 - Handler: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysWOW64\msvidctl.dll
O18 - Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSODL) (O21)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - (not file)
---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Apple Mobile Device (Apple Mobile Device) - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Service Bonjour (Bonjour Service) - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Microsoft .NET Framework NGEN v4.0.30319_X86 (clr_optimization_v4.0.30319_32) - C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
O23 - Service: Microsoft .NET Framework NGEN v4.0.30319_X64 (clr_optimization_v4.0.30319_64) - C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
O23 - Service: Firebird Guardian - 2.5 Alise (FirebirdGuardian2.5 Alise) - C:\Program Files (x86)\Firebird\Firebird_2_5.Alise\bin\fbguard.exe -s 2.5 Alise
O23 - Service: Service Google Update (gupdate) (gupdate) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /svc
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - C:\Windows\system32\igfxCUIService.exe
O23 - Service: Intel(R) Identity Protection Technology Host Interface Service (jhi_service) - C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
O23 - Service: Gestionnaire des tâches Alise (JobAES) - c:\alise\exe\JobAES.exe
O23 - Service: Machine Debug Manager (MDM) - C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
O23 - Service: OfficeScan NT RealTime Scan (ntrtscan) - C:\Program Files (x86)\Trend Micro\OfficeScan Client\ntrtscan.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - C:\Windows\system32\nvvsvc.exe
O23 - Service: OCS Inventory Service (OCS Inventory Service) - C:\Program Files (x86)\OCS Inventory Agent\OcsService.exe
O23 - Service: RealNetworks Downloader Resolver Service (RealNetworks Downloader Resolver Service) - C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - C:\Windows\System32\spoolsv.exe
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - C:\Windows\system32\sppsvc.exe
O23 - Service: OfficeScan NT Listener (tmlisten) - C:\Program Files (x86)\Trend Micro\OfficeScan Client\tmlisten.exe
O23 - Service: Windows Live ID Sign-in Assistant (wlidsvc) - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
O23 - Service: @%systemroot%\system32\SearchIndexer.exe,-103 (WSearch) - C:\Windows\system32\SearchIndexer.exe /Embedding
---\\ Tâches planifiées en automatique (O39)
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
---\\ Composants installés (ActiveSetup Installed Components) (O40)
O40 - ASIC: Microsoft Windows Media Player - >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\system32\unregmp2.exe /ShowWMP
O40 - ASIC: Macromedia Shockwave Director 10.1 - {166B1BCA-3F9C-11CF-8075-444553540000} - C:\Windows\SysWow64\Adobe\Director\SwDir_1207148.dll
O40 - ASIC: Microsoft Windows Media Player 12.0 - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\SysWOW64\wmpdxm.dll
O40 - ASIC: Adobe Shockwave Director 10.4 - {233C1507-6A77-46A4-9443-F871F945D258} - C:\Windows\SysWow64\Adobe\Director\SwDir_1207148.dll
O40 - ASIC: Macromedia Shockwave Director 10.1 - {2A202491-F00D-11cf-87CC-0020AFEECF20} - (not file)
O40 - ASIC: Themes Setup - {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - C:\Windows\system32\regsvr32.exe /s /n /i:/UserInstall C:\Windows\system32\themeui.dll
O40 - ASIC: Internet Explorer - {2D46B6DC-2207-486B-B523-A557E6D54B47} - C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
O40 - ASIC: Offline Browsing Pack - {3af36230-a269-11d1-b5bf-0000f8051515} - (not file)
O40 - ASIC: Microsoft Windows - {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
O40 - ASIC: DirectDrawEx - {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - (not file)
O40 - ASIC: Internet Explorer Help - {45ea75a0-a269-11d1-b5bf-0000f8051515} - (not file)
O40 - ASIC: Microsoft Windows Script 5.6 - {4f645220-306d-11d2-995d-00c04f98bbc9} - (not file)
O40 - ASIC: Internet Explorer Setup Tools - {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - (not file)
O40 - ASIC: Browsing Enhancements - {630b1da0-b465-11d1-9948-00c04f98bbc9} - (not file)
O40 - ASIC: Microsoft Windows Media Player - {6BF52A52-394A-11d3-B153-00C04F79FAA6} - C:\Windows\system32\unregmp2.exe /FirstLogon /Shortcuts /RegBrowsers /ResetMUI
O40 - ASIC: MSN Site Access - {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - (not file)
O40 - ASIC: Address Book 7 - {7790769C-0471-11d2-AF11-00C04FA35D02} - (not file)
O40 - ASIC: .NET Framework - {7C028AF8-F614-47B3-82DA-BA94E41B1089} - (not file)
O40 - ASIC: .NET Framework - {7DEBE4EB-6B40-3766-BB35-5CBBC385DA37} - (not file)
O40 - ASIC: Windows Desktop Update - {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
O40 - ASIC: (no name) - {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
O40 - ASIC: Google Chrome - {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\53.0.2785.116\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
O40 - ASIC: Dynamic HTML Data Binding - {9381D8F2-0288-11D0-9501-00AA00B911A5} - (not file)
O40 - ASIC: .NET Framework - {C6BAF60B-6E91-453F-BFF9-D3789CFEFCDD} - (not file)
O40 - ASIC: Internet Explorer Core Fonts - {C9E9A340-D1F1-11D0-821E-444553540600} - (not file)
O40 - ASIC: HTML Help - {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - (not file)
O40 - ASIC: Active Directory Service Interface - {E92B03AB-B707-11d2-9CBD-0000F87A369E} - (not file)
O40 - ASIC: .NET Framework - {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - (not file)
---\\ Pilotes lancés au démarrage (O41)
O41 - Driver: @%systemroot%\system32\drivers\afd.sys,-1000 (AFD) - C:\Windows\system32\drivers\afd.sys
O41 - Driver: (no object) (blbdrive) - C:\Windows\system32\drivers\blbdrive.sys
O41 - Driver: Pilote de CD-ROM (cdrom) - C:\Windows\system32\drivers\cdrom.sys
O41 - Driver: @%systemroot%\system32\cscsvc.dll,-202 (CSC) - C:\WINDOWS\system32\drivers\csc.sys
O41 - Driver: @%systemroot%\system32\drivers\dfsc.sys,-101 (DfsC) - C:\WINDOWS\System32\Drivers\dfsc.sys
O41 - Driver: @%systemroot%\system32\drivers\discache.sys,-102 (discache) - C:\WINDOWS\System32\drivers\discache.sys
O41 - Driver: Pilote BIOS de gestion de systèmes Microsoft (mssmbios) - C:\Windows\system32\drivers\mssmbios.sys
O41 - Driver: NetBIOS Interface (NetBIOS) - C:\WINDOWS\system32\DRIVERS\netbios.sys
O41 - Driver: @%SystemRoot%\system32\drivers\netbt.sys,-2 (NetBT) - C:\WINDOWS\System32\DRIVERS\netbt.sys
O41 - Driver: @%SystemRoot%\system32\drivers\nsiproxy.sys,-2 (nsiproxy) - C:\WINDOWS\system32\drivers\nsiproxy.sys
O41 - Driver: @%SystemRoot%\System32\drivers\pacer.sys,-101 (Psched) - C:\WINDOWS\system32\DRIVERS\pacer.sys
O41 - Driver: @%systemroot%\system32\wkssvc.dll,-1000 (rdbss) - C:\WINDOWS\system32\DRIVERS\rdbss.sys
O41 - Driver: @%systemroot%\system32\DRIVERS\RDPCDD.sys,-100 (RDPCDD) - C:\WINDOWS\System32\DRIVERS\RDPCDD.sys
O41 - Driver: @%systemroot%\system32\drivers\RDPENCDD.sys,-101 (RDPENCDD) - C:\WINDOWS\system32\drivers\rdpencdd.sys
O41 - Driver: @%systemroot%\system32\drivers\RdpRefMp.sys,-101 (RDPREFMP) - C:\WINDOWS\system32\drivers\rdprefmp.sys
O41 - Driver: Pilote de port série (Serial) - C:\Windows\system32\drivers\serial.sys
O41 - Driver: @%SystemRoot%\system32\tcpipcfg.dll,-50004 (tdx) - C:\WINDOWS\system32\DRIVERS\tdx.sys
O41 - Driver: Pilote de périphérique terminal (TermDD) - C:\Windows\system32\drivers\termdd.sys
O41 - Driver: tmcomm (tmcomm) - C:\WINDOWS\system32\DRIVERS\tmcomm.sys
O41 - Driver: Trend Micro TDI Driver (tmtdi) - C:\WINDOWS\system32\DRIVERS\tmtdi.sys
O41 - Driver: (no object) (VgaSave) - C:\Windows\System32\drivers\vga.sys
O41 - Driver: Virtual PC Network Filter Driver (vpcnfltr) - C:\WINDOWS\system32\DRIVERS\vpcnfltr.sys
O41 - Driver: @%SystemRoot%\system32\drivers\vpcvmm.sys,-100 (vpcvmm) - C:\WINDOWS\system32\drivers\vpcvmm.sys
O41 - Driver: @%systemroot%\system32\rascfg.dll,-32012 (Wanarpv6) - C:\WINDOWS\system32\DRIVERS\wanarp.sys
O41 - Driver: WFP Lightweight Filter (WfpLwf) - C:\WINDOWS\system32\DRIVERS\wfplwf.sys
---\\ Logiciels installés (O42)
O42 - Logiciel: 7-Zip 4.45 beta
O42 - Logiciel: ALISE PERF+
O42 - Logiciel: Adobe AIR
O42 - Logiciel: Adobe Flash Player 14 ActiveX
O42 - Logiciel: Adobe Flash Player 14 Plugin
O42 - Logiciel: Adobe Reader XI (11.0.06) - Français
O42 - Logiciel: Adobe Shockwave Player 11.6
O42 - Logiciel: Adobe Shockwave Player 12.0
O42 - Logiciel: Alise Update 6.0
O42 - Logiciel: Apple Application Support
O42 - Logiciel: Apple Software Update
O42 - Logiciel: Avery Wizard 5.0
O42 - Logiciel: Complément Microsoft Enregistrer en tant que PDF ou XPS pour programmes Microsoft Office 2007
O42 - Logiciel: Crystal 11
O42 - Logiciel: D3DX10
O42 - Logiciel: DPower version 1.0
O42 - Logiciel: Education Nationale
O42 - Logiciel: Firebird 2.5
O42 - Logiciel: Firebird ODBC 1.2.0.69
O42 - Logiciel: Galerie de photos Windows Live
O42 - Logiciel: Google Chrome
O42 - Logiciel: Google Update Helper
O42 - Logiciel: Intel(R) Identity Protection Technology 1.1.2.0
O42 - Logiciel: Intel(R) Processor Graphics
O42 - Logiciel: Java 7 Update 67
O42 - Logiciel: LYCEE ROBERT DOISNEAU CUI
O42 - Logiciel: LibreOffice 4.0.2.2
O42 - Logiciel: Logiciel pour périphérique à chipset Intel®
O42 - Logiciel: MSI to redistribute MS VS2005 CRT libraries
O42 - Logiciel: MSVCRT
O42 - Logiciel: Microsoft Office Access MUI (French) 2007
O42 - Logiciel: Microsoft Office Excel MUI (French) 2007
O42 - Logiciel: Microsoft Office InfoPath MUI (French) 2007
O42 - Logiciel: Microsoft Office Outlook MUI (French) 2007
O42 - Logiciel: Microsoft Office PowerPoint MUI (French) 2007
O42 - Logiciel: Microsoft Office Professional Plus 2007
O42 - Logiciel: Microsoft Office Proof (Arabic) 2007
O42 - Logiciel: Microsoft Office Proof (Dutch) 2007
O42 - Logiciel: Microsoft Office Proof (English) 2007
O42 - Logiciel: Microsoft Office Proof (French) 2007
O42 - Logiciel: Microsoft Office Proof (German) 2007
O42 - Logiciel: Microsoft Office Proof (Spanish) 2007
O42 - Logiciel: Microsoft Office Proofing (French) 2007
O42 - Logiciel: Microsoft Office Publisher MUI (French) 2007
O42 - Logiciel: Microsoft Office Shared MUI (French) 2007
O42 - Logiciel: Microsoft Office Word MUI (French) 2007
O42 - Logiciel: Microsoft SQL Server 2005 Compact Edition [ENU]
O42 - Logiciel: Microsoft Silverlight
O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
O42 - Logiciel: Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610
O42 - Logiciel: Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610
O42 - Logiciel: Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610
O42 - Logiciel: Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610
O42 - Logiciel: MobilePCStarterKit 000.031020345
O42 - Logiciel: Mozilla Firefox 42.0 (x86 fr)
O42 - Logiciel: Mozilla Maintenance Service
O42 - Logiciel: OCS Inventory NG Agent 2.1.0.3
O42 - Logiciel: QuickTime
O42 - Logiciel: RealDownloader
O42 - Logiciel: RealNetworks - Microsoft Visual C++ 2008 Runtime
O42 - Logiciel: RealNetworks - Microsoft Visual C++ 2010 Runtime
O42 - Logiciel: RealPlayer
O42 - Logiciel: RealUpgrade 1.1
O42 - Logiciel: Realtek Ethernet Controller All-In-One Windows Driver
O42 - Logiciel: Realtek High Definition Audio Driver
O42 - Logiciel: Security Update for Microsoft .NET Framework 4.5.1 (KB2898869)
O42 - Logiciel: Security Update for Microsoft .NET Framework 4.5.1 (KB2901126)
O42 - Logiciel: Security Update for Microsoft .NET Framework 4.5.1 (KB2931368)
O42 - Logiciel: Trend Micro OfficeScan Client
O42 - Logiciel: UDF 2.5
O42 - Logiciel: VLC media player 2.1.2
O42 - Logiciel: Windows Live
O42 - Logiciel: Windows Live Communications Platform
O42 - Logiciel: Windows Live Installer
O42 - Logiciel: Windows Live Movie Maker
O42 - Logiciel: Windows Live PIMT Platform
O42 - Logiciel: Windows Live Photo Common
O42 - Logiciel: Windows Live Photo Gallery
O42 - Logiciel: Windows Live SOXE
O42 - Logiciel: Windows Live SOXE Definitions
O42 - Logiciel: Windows Live UX Platform
O42 - Logiciel: Windows Live UX Platform Language Pack
O42 - Logiciel: XnView 2.34
O42 - Logiciel: swMSM
---\\ Contenu des dossiers Fichiers Communs (O43)
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\7-Zip
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Adobe
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Apple Software Update
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Avery
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Bonjour
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Business Objects
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Common Files
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\DPower
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Dynamo Combo
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Ethnos 6
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Firebird
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Google
O43 - CFD:Common File Directory --H-D- C:\Program Files (x86)\InstallShield Installation Information
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Intel
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Internet Explorer
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\iTunes
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Java
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\LibreOffice 4.0
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Microsoft
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Microsoft Office 2007
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Microsoft Silverlight
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Microsoft Visual Studio
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Microsoft Visual Studio 8
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Microsoft Works
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Microsoft.NET
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Mozilla Firefox
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Mozilla Maintenance Service
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\mpck_en_031020345
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\MSBuild
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\MSECache
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Navilog1
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\NVIDIA Corporation
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\OCS Inventory Agent
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Office DEPOT Designer d´étiquettes 2.0
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\QuickTime
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Real
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\RealNetworks
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Realtek
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Reference Assemblies
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\RemotePackages
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Trend Micro
O43 - CFD:Common File Directory --H-D- C:\Program Files (x86)\Uninstall Information
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\VideoLAN
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Windows Defender
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Windows Live
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Windows Mail
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Windows Media Player
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Windows NT
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Windows Photo Viewer
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Windows Portable Devices
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Windows Sidebar
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Windows Virtual PC
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\XnView
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\ZHPDiag
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Common Files\Adobe
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Common Files\Adobe AIR
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Common Files\Apple
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Common Files\DESIGNER
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Common Files\InstallShield
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Common Files\Intel
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Common Files\Java
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Common Files\Lenovo
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Common Files\microsoft shared
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Common Files\Services
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Common Files\SpeechEngines
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Common Files\System
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Common Files\Windows Live
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Common Files\xing shared
---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:Last File Created 27/09/2016 - 07:49:44 -S-A- C:\Windows\bootstat.dat
O44 - LFC:Last File Created 27/09/2016 - 14:26:12 ---A- C:\Windows\cfgall.ini
O44 - LFC:Last File Created 27/09/2016 - 14:56:34 ---A- C:\Windows\ComptaBud.ini
O44 - LFC:Last File Created 27/09/2016 - 14:59:41 ---A- C:\Windows\ComptaGene.ini
---\\ Contrôle du Safe Boot (CSB) (O49)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vgasave.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgrx.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\nsiproxy.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpencdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vgasave.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgrx.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\vgasave.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\volmgrx.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\ipnat.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\nsiproxy.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\rdpencdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\vgasave.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\volmgrx.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Minimal\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Minimal\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Minimal\vgasave.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Minimal\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Minimal\volmgrx.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\ipnat.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\nsiproxy.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\rdpencdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\vgasave.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\volmgrx.sys
---\\ Trojan Driver Search Data (TDSD) (O52)
O52 - TDSD:HKLM\...\Drivers32\"vidc.mrle"="msrle32.dll"
O52 - TDSD:HKLM\...\Drivers32\"vidc.msvc"="msvidc32.dll"
O52 - TDSD:HKLM\...\Drivers32\"msacm.imaadpcm"="imaadp32.acm"
O52 - TDSD:HKLM\...\Drivers32\"msacm.msg711"="msg711.acm"
O52 - TDSD:HKLM\...\Drivers32\"msacm.msgsm610"="msgsm32.acm"
O52 - TDSD:HKLM\...\Drivers32\"msacm.msadpcm"="msadp32.acm"
O52 - TDSD:HKLM\...\Drivers32\"midimapper"="midimap.dll"
O52 - TDSD:HKLM\...\Drivers32\"wavemapper"="msacm32.drv"
O52 - TDSD:HKLM\...\Drivers32\"vidc.uyvy"="msyuv.dll"
O52 - TDSD:HKLM\...\Drivers32\"vidc.yuy2"="msyuv.dll"
O52 - TDSD:HKLM\...\Drivers32\"vidc.yvyu"="msyuv.dll"
O52 - TDSD:HKLM\...\Drivers32\"vidc.iyuv"="iyuv_32.dll"
O52 - TDSD:HKLM\...\Drivers32\"vidc.i420"="iyuv_32.dll"
O52 - TDSD:HKLM\...\Drivers32\"vidc.yvu9"="tsbyuv.dll"
O52 - TDSD:HKLM\...\Drivers32\"msacm.l3acm"="C:\Windows\SysWOW64\l3codeca.acm"
O52 - TDSD:HKLM\...\Drivers32\"vidc.cvid"="iccvid.dll"
O52 - TDSD:HKLM\...\Drivers32\"wave2"="wdmaud.drv"
O52 - TDSD:HKLM\...\Drivers32\"midi2"="wdmaud.drv"
O52 - TDSD:HKLM\...\Drivers32\"mixer2"="wdmaud.drv"
O52 - TDSD:HKLM\...\Drivers32\"wave"="wdmaud.drv"
O52 - TDSD:HKLM\...\Drivers32\"midi"="wdmaud.drv"
O52 - TDSD:HKLM\...\Drivers32\"mixer"="wdmaud.drv"
O52 - TDSD:HKLM\...\Drivers32\"aux"="wdmaud.drv"
O52 - TDSD:HKLM\...\Drivers32\"wave1"="wdmaud.drv"
O52 - TDSD:HKLM\...\Drivers32\"midi1"="wdmaud.drv"
O52 - TDSD:HKLM\...\Drivers32\"mixer1"="wdmaud.drv"
O52 - TDSD:HKLM\...\Drivers32\"aux1"="wdmaud.drv"
O52 - TDSD:HKLM\...\Drivers32\"wave3"="wdmaud.drv"
O52 - TDSD:HKLM\...\Drivers32\"midi3"="wdmaud.drv"
O52 - TDSD:HKLM\...\Drivers32\"mixer3"="wdmaud.drv"
O52 - TDSD:HKLM\...\Drivers32\"aux2"="wdmaud.drv"
O52 - TDSD:HKLM\...\drivers.desc\"C:\Windows\SysWOW64\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec"
---\\ Microsoft Control Security Providers (MCSP) (O54)
O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - "SecurityProviders"=credssp.dll
O54 - MCSP:[HKLM\...\ControlSet001\Control] - "SecurityProviders"=credssp.dll
---\\ Microsoft Windows Policies System (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=0
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=3
O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1
O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=0
O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0
O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=
O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0
O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
O55 - MWPS:[HKLM\...\Policies\System] - "SoftwareSASGeneration"=1
---\\ Microsoft Windows Policies Explorer (MWPE) (O56)
O56 - MWPE:[HKCU\...\Policies\Explorer] - "NoDriveTypeAutoRun"=145
O56 - MWPE:[HKLM\...\Policies\Explorer] - "NoActiveDesktop"=1
O56 - MWPE:[HKLM\...\Policies\Explorer] - "NoActiveDesktopChanges"=1
O56 - MWPE:[HKLM\...\Policies\Explorer] - "ForceActiveDesktopOn"=0
---\\ Liste des Drivers Système (SDL) (O58)
O58 - SDL:System Drivers List - C:\Windows\system32\drivers\wimmount.sys
---\\ Liste des outils de nettoyage (LATC) (O63)
O63 - Logiciel: ZHPDiag 1.24
End of the scan: 496 lines
Run by venaultm at 27/09/2016 17:15:01
Web site : http://www.premiumorange.com/zeb-help-process/zhpdiag.html
Platform : Windows 7 Professional
MSIE: Internet Explorer v9.11.9600.17239
MFIE: Mozilla Firefox 42.0 (x86 fr)
Boot mode: Normal (Normal boot)
Total RAM: 1,9 Gb (56 % free)
System drive C: 233 Go (186 Go free)
---\\ Processus lancés
C:\Program Files (x86)\Trend Micro\OfficeScan Client\Pccntmon.exe
C:\Alise\AliseUpdate\AESUpdate.exe
C:\Program Files (x86)\mpck_en_031020345\mpck_en_031020345.exe
C:\Program Files (x86)\DPower\DiskPower.exe
C:\Users\venaultm\AppData\Local\mpck_en_031020345\upmpck_en_031020345.exe
C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AdobeCollabSync.exe
C:\Program Files (x86)\DPower\6HSAZ0KEJL.exe
C:\Program Files (x86)\DPower\GOT4FZ5U6W.exe
C:\Program Files (x86)\DPower\UU5EFRITTL.exe
C:\Program Files (x86)\DPower\GPPTKZPNIZ.exe
C:\Program Files (x86)\DPower\PEI7UYIIP4.exe
C:\Program Files (x86)\DPower\UETS1YJ7F6.exe
C:\Program Files (x86)\DPower\0NSSZ88PM9.exe
C:\Program Files (x86)\DPower\K5CZ5TOYMH.exe
C:\Program Files (x86)\DPower\9ZJIM3IL98.exe
C:\Program Files (x86)\DPower\6IZTJ2SIK7.exe
C:\Program Files\CCleaner\CCleaner64.exe
C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Windows\System32\svchost.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
C:\Program Files (x86)\Firebird\Firebird_2_5.Alise\bin\fbguard.exe
C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
C:\Windows\system32\igfxCUIService.exe
C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
c:\alise\exe\JobAES.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
C:\Windows\system32\lsass.exe
C:\Program Files (x86)\Trend Micro\OfficeScan Client\ntrtscan.exe
C:\Windows\system32\nvvsvc.exe
C:\Program Files (x86)\OCS Inventory Agent\OcsService.exe
C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\sppsvc.exe
C:\Program Files (x86)\Trend Micro\OfficeScan Client\tmlisten.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Windows\system32\SearchIndexer.exe
---\\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2)
F2 - REG:system.ini: UserInit=userinit.exe
F2 - REG:system.ini: Shell=explorer.exe
---\\ Pages de démarrage d'Internet Explorer (R0)
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/webhp?complete=0&gws_rd=ssl
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.sweet-page.com/?type=hp&ts=1421674449&from=corfr&uid=ST500DM002-1BD142_W3T6WX88XXXXW3T6WX88
---\\ Pages de recherche d'Internet Explorer (R1)
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.sweet-page.com/web/?type=ds&ts=1421674449&from=corfr&uid=ST500DM002-1BD142_W3T6WX88XXXXW3T6WX88&q={searchTerms}
---\\ Internet Explorer URLSearchHook (R3)
R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll
---\\ Redirection du fichier Hosts (O1)
O1 - Hosts: 172.20.100.1 intra-pdc1
O1 - Hosts: 172.20.100.2 intra-lrd7
O1 - Hosts: 172.20.100.6 intra-lrd6
O1 - Hosts: 172.20.100.7 intra-lrd
O1 - Hosts: 172.20.100.11 intra-lrd1
O1 - Hosts: 172.20.100.12 intra-lrd4
O1 - Hosts: 172.20.100.14 serveur-install
O1 - Hosts: 172.20.100.16 arts-doisneau
---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
---\\ Applications démarrées automatiquement par le registre (O4)
O4 - HKLM\..\Run: [OfficeScanNT Monitor] C:\Program Files (x86)\Trend Micro\OfficeScan Client\Pccntmon.exe" -HideWindow
O4 - HKLM\..\Run: [AliseUpdate] C:\Alise\AliseUpdate\AESUpdate.exe
O4 - HKLM\..\Run: [mpck_en_031020345] C:\Program Files (x86)\mpck_en_031020345\mpck_en_031020345.exe
O4 - HKLM\..\Run: [DiskPower] C:\Program Files (x86)\DPower\DiskPower.exe
O4 - HKLM\..\RunOnce: [upmpck_en_031020345.exe] C:\Users\venaultm\AppData\Local\mpck_en_031020345\upmpck_en_031020345.exe -runonce
O4 - HKCU\..\Run: [Adobe Reader Synchronizer] C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AdobeCollabSync.exe
O4 - HKCU\..\Run: [VYCB5AHIOH] C:\Program Files (x86)\DPower\6HSAZ0KEJL.exe
O4 - HKCU\..\Run: [GRZA5AQWD0] C:\Program Files (x86)\DPower\GOT4FZ5U6W.exe
O4 - HKCU\..\Run: [A5HJX01A7C] C:\Program Files (x86)\DPower\UU5EFRITTL.exe
O4 - HKCU\..\Run: [9P7DA7E5VO] C:\Program Files (x86)\DPower\GPPTKZPNIZ.exe
O4 - HKCU\..\Run: [WOJ7AOL6XQ] C:\Program Files (x86)\DPower\PEI7UYIIP4.exe
O4 - HKCU\..\Run: [03IRZ5EQSR] C:\Program Files (x86)\DPower\UETS1YJ7F6.exe
O4 - HKCU\..\Run: [CDEW2CN0DD] C:\Program Files (x86)\DPower\0NSSZ88PM9.exe
O4 - HKCU\..\Run: [7KBRN53ZUO] C:\Program Files (x86)\DPower\K5CZ5TOYMH.exe
O4 - HKCU\..\Run: [PAVO4C12N0] C:\Program Files (x86)\DPower\9ZJIM3IL98.exe
O4 - HKCU\..\Run: [TWYK1E7JSE] C:\Program Files (x86)\DPower\6IZTJ2SIK7.exe
O4 - HKCU\..\Run: [CCleaner Monitoring] C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKLM\..\policies\Explorer: [NoActiveDesktop] Data=1
O4 - HKLM\..\policies\Explorer: [NoActiveDesktopChanges] Data=1
O4 - HKLM\..\policies\Explorer: [ForceActiveDesktopOn] Data=0
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
O4 - Global Startup: Aide mémoire.lnk - C:\Users\venaultm\AppData\Roaming\Aide mémoire\TrayIcon.exe
---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~4\Office12\REFBARH.ICO
---\\ Onglet supplémentaire dans les options avancées d'Internet Explorer (O11)
O11 - Options group: [accelerated_graphics] Accelerated graphics - C:\Windows\SysWOW64\inetcpl.cpl
O11 - Options group: [accessibility] Accessibility - C:\Windows\SysWOW64\inetcpl.cpl
O11 - Options group: [browse] Browsing - C:\Windows\SysWOW64\inetcpl.cpl
O11 - Options group: [crypto] Security - C:\Windows\SysWOW64\inetcpl.cpl
O11 - Options group: [http] HTTP settings - C:\Windows\SysWOW64\inetcpl.cpl
O11 - Options group: [international] International - C:\Windows\SysWOW64\inetcpl.cpl
O11 - Options group: [multimedia] Multimedia - C:\Windows\SysWOW64\inetcpl.cpl
---\\ Objets ActiveX (Downloaded Program Files)(O16)
O16 - DPF: {00134F72-5284-44F7-95A8-52A619F70751} (ObjWinNTCheck Class) - https://172.20.100.2:4343/officescan/console/html/ClientInstall/WinNTChk.cab
O16 - DPF: {08D75BC1-D2B5-11D1-88FC-0080C859833B} (OfficeScan Corp Edition Web-Deployment SetupCtrl Class) - https://172.20.100.2:4343/officescan/console/html/ClientInstall/setup.cab
O16 - DPF: {5EFE8CB1-D095-11D1-88FC-0080C859833B} (OfficeScan Corp Edition Web-Deployment ObjRemoveCtrl Class) - https://172.20.100.2:4343/officescan/console/html/ClientInstall/RemoveCtrl.cab
---\\ Protocole additionnel et piratage de protocole (O18)
O18 - Handler: cdl - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysWOW64\urlmon.dll
O18 - Handler: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysWOW64\msvidctl.dll
O18 - Handler: mhtml - {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\system32\inetcomm.dll
O18 - Handler: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files (x86)\Common Files\Microsoft Shared\Help\hxds.dll
O18 - Handler: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysWOW64\msvidctl.dll
O18 - Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSODL) (O21)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - (not file)
---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Apple Mobile Device (Apple Mobile Device) - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Service Bonjour (Bonjour Service) - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Microsoft .NET Framework NGEN v4.0.30319_X86 (clr_optimization_v4.0.30319_32) - C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
O23 - Service: Microsoft .NET Framework NGEN v4.0.30319_X64 (clr_optimization_v4.0.30319_64) - C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
O23 - Service: Firebird Guardian - 2.5 Alise (FirebirdGuardian2.5 Alise) - C:\Program Files (x86)\Firebird\Firebird_2_5.Alise\bin\fbguard.exe -s 2.5 Alise
O23 - Service: Service Google Update (gupdate) (gupdate) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /svc
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - C:\Windows\system32\igfxCUIService.exe
O23 - Service: Intel(R) Identity Protection Technology Host Interface Service (jhi_service) - C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
O23 - Service: Gestionnaire des tâches Alise (JobAES) - c:\alise\exe\JobAES.exe
O23 - Service: Machine Debug Manager (MDM) - C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
O23 - Service: OfficeScan NT RealTime Scan (ntrtscan) - C:\Program Files (x86)\Trend Micro\OfficeScan Client\ntrtscan.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - C:\Windows\system32\nvvsvc.exe
O23 - Service: OCS Inventory Service (OCS Inventory Service) - C:\Program Files (x86)\OCS Inventory Agent\OcsService.exe
O23 - Service: RealNetworks Downloader Resolver Service (RealNetworks Downloader Resolver Service) - C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - C:\Windows\System32\spoolsv.exe
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - C:\Windows\system32\sppsvc.exe
O23 - Service: OfficeScan NT Listener (tmlisten) - C:\Program Files (x86)\Trend Micro\OfficeScan Client\tmlisten.exe
O23 - Service: Windows Live ID Sign-in Assistant (wlidsvc) - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
O23 - Service: @%systemroot%\system32\SearchIndexer.exe,-103 (WSearch) - C:\Windows\system32\SearchIndexer.exe /Embedding
---\\ Tâches planifiées en automatique (O39)
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
---\\ Composants installés (ActiveSetup Installed Components) (O40)
O40 - ASIC: Microsoft Windows Media Player - >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\system32\unregmp2.exe /ShowWMP
O40 - ASIC: Macromedia Shockwave Director 10.1 - {166B1BCA-3F9C-11CF-8075-444553540000} - C:\Windows\SysWow64\Adobe\Director\SwDir_1207148.dll
O40 - ASIC: Microsoft Windows Media Player 12.0 - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\SysWOW64\wmpdxm.dll
O40 - ASIC: Adobe Shockwave Director 10.4 - {233C1507-6A77-46A4-9443-F871F945D258} - C:\Windows\SysWow64\Adobe\Director\SwDir_1207148.dll
O40 - ASIC: Macromedia Shockwave Director 10.1 - {2A202491-F00D-11cf-87CC-0020AFEECF20} - (not file)
O40 - ASIC: Themes Setup - {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - C:\Windows\system32\regsvr32.exe /s /n /i:/UserInstall C:\Windows\system32\themeui.dll
O40 - ASIC: Internet Explorer - {2D46B6DC-2207-486B-B523-A557E6D54B47} - C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
O40 - ASIC: Offline Browsing Pack - {3af36230-a269-11d1-b5bf-0000f8051515} - (not file)
O40 - ASIC: Microsoft Windows - {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
O40 - ASIC: DirectDrawEx - {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - (not file)
O40 - ASIC: Internet Explorer Help - {45ea75a0-a269-11d1-b5bf-0000f8051515} - (not file)
O40 - ASIC: Microsoft Windows Script 5.6 - {4f645220-306d-11d2-995d-00c04f98bbc9} - (not file)
O40 - ASIC: Internet Explorer Setup Tools - {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - (not file)
O40 - ASIC: Browsing Enhancements - {630b1da0-b465-11d1-9948-00c04f98bbc9} - (not file)
O40 - ASIC: Microsoft Windows Media Player - {6BF52A52-394A-11d3-B153-00C04F79FAA6} - C:\Windows\system32\unregmp2.exe /FirstLogon /Shortcuts /RegBrowsers /ResetMUI
O40 - ASIC: MSN Site Access - {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - (not file)
O40 - ASIC: Address Book 7 - {7790769C-0471-11d2-AF11-00C04FA35D02} - (not file)
O40 - ASIC: .NET Framework - {7C028AF8-F614-47B3-82DA-BA94E41B1089} - (not file)
O40 - ASIC: .NET Framework - {7DEBE4EB-6B40-3766-BB35-5CBBC385DA37} - (not file)
O40 - ASIC: Windows Desktop Update - {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
O40 - ASIC: (no name) - {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
O40 - ASIC: Google Chrome - {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\53.0.2785.116\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
O40 - ASIC: Dynamic HTML Data Binding - {9381D8F2-0288-11D0-9501-00AA00B911A5} - (not file)
O40 - ASIC: .NET Framework - {C6BAF60B-6E91-453F-BFF9-D3789CFEFCDD} - (not file)
O40 - ASIC: Internet Explorer Core Fonts - {C9E9A340-D1F1-11D0-821E-444553540600} - (not file)
O40 - ASIC: HTML Help - {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - (not file)
O40 - ASIC: Active Directory Service Interface - {E92B03AB-B707-11d2-9CBD-0000F87A369E} - (not file)
O40 - ASIC: .NET Framework - {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - (not file)
---\\ Pilotes lancés au démarrage (O41)
O41 - Driver: @%systemroot%\system32\drivers\afd.sys,-1000 (AFD) - C:\Windows\system32\drivers\afd.sys
O41 - Driver: (no object) (blbdrive) - C:\Windows\system32\drivers\blbdrive.sys
O41 - Driver: Pilote de CD-ROM (cdrom) - C:\Windows\system32\drivers\cdrom.sys
O41 - Driver: @%systemroot%\system32\cscsvc.dll,-202 (CSC) - C:\WINDOWS\system32\drivers\csc.sys
O41 - Driver: @%systemroot%\system32\drivers\dfsc.sys,-101 (DfsC) - C:\WINDOWS\System32\Drivers\dfsc.sys
O41 - Driver: @%systemroot%\system32\drivers\discache.sys,-102 (discache) - C:\WINDOWS\System32\drivers\discache.sys
O41 - Driver: Pilote BIOS de gestion de systèmes Microsoft (mssmbios) - C:\Windows\system32\drivers\mssmbios.sys
O41 - Driver: NetBIOS Interface (NetBIOS) - C:\WINDOWS\system32\DRIVERS\netbios.sys
O41 - Driver: @%SystemRoot%\system32\drivers\netbt.sys,-2 (NetBT) - C:\WINDOWS\System32\DRIVERS\netbt.sys
O41 - Driver: @%SystemRoot%\system32\drivers\nsiproxy.sys,-2 (nsiproxy) - C:\WINDOWS\system32\drivers\nsiproxy.sys
O41 - Driver: @%SystemRoot%\System32\drivers\pacer.sys,-101 (Psched) - C:\WINDOWS\system32\DRIVERS\pacer.sys
O41 - Driver: @%systemroot%\system32\wkssvc.dll,-1000 (rdbss) - C:\WINDOWS\system32\DRIVERS\rdbss.sys
O41 - Driver: @%systemroot%\system32\DRIVERS\RDPCDD.sys,-100 (RDPCDD) - C:\WINDOWS\System32\DRIVERS\RDPCDD.sys
O41 - Driver: @%systemroot%\system32\drivers\RDPENCDD.sys,-101 (RDPENCDD) - C:\WINDOWS\system32\drivers\rdpencdd.sys
O41 - Driver: @%systemroot%\system32\drivers\RdpRefMp.sys,-101 (RDPREFMP) - C:\WINDOWS\system32\drivers\rdprefmp.sys
O41 - Driver: Pilote de port série (Serial) - C:\Windows\system32\drivers\serial.sys
O41 - Driver: @%SystemRoot%\system32\tcpipcfg.dll,-50004 (tdx) - C:\WINDOWS\system32\DRIVERS\tdx.sys
O41 - Driver: Pilote de périphérique terminal (TermDD) - C:\Windows\system32\drivers\termdd.sys
O41 - Driver: tmcomm (tmcomm) - C:\WINDOWS\system32\DRIVERS\tmcomm.sys
O41 - Driver: Trend Micro TDI Driver (tmtdi) - C:\WINDOWS\system32\DRIVERS\tmtdi.sys
O41 - Driver: (no object) (VgaSave) - C:\Windows\System32\drivers\vga.sys
O41 - Driver: Virtual PC Network Filter Driver (vpcnfltr) - C:\WINDOWS\system32\DRIVERS\vpcnfltr.sys
O41 - Driver: @%SystemRoot%\system32\drivers\vpcvmm.sys,-100 (vpcvmm) - C:\WINDOWS\system32\drivers\vpcvmm.sys
O41 - Driver: @%systemroot%\system32\rascfg.dll,-32012 (Wanarpv6) - C:\WINDOWS\system32\DRIVERS\wanarp.sys
O41 - Driver: WFP Lightweight Filter (WfpLwf) - C:\WINDOWS\system32\DRIVERS\wfplwf.sys
---\\ Logiciels installés (O42)
O42 - Logiciel: 7-Zip 4.45 beta
O42 - Logiciel: ALISE PERF+
O42 - Logiciel: Adobe AIR
O42 - Logiciel: Adobe Flash Player 14 ActiveX
O42 - Logiciel: Adobe Flash Player 14 Plugin
O42 - Logiciel: Adobe Reader XI (11.0.06) - Français
O42 - Logiciel: Adobe Shockwave Player 11.6
O42 - Logiciel: Adobe Shockwave Player 12.0
O42 - Logiciel: Alise Update 6.0
O42 - Logiciel: Apple Application Support
O42 - Logiciel: Apple Software Update
O42 - Logiciel: Avery Wizard 5.0
O42 - Logiciel: Complément Microsoft Enregistrer en tant que PDF ou XPS pour programmes Microsoft Office 2007
O42 - Logiciel: Crystal 11
O42 - Logiciel: D3DX10
O42 - Logiciel: DPower version 1.0
O42 - Logiciel: Education Nationale
O42 - Logiciel: Firebird 2.5
O42 - Logiciel: Firebird ODBC 1.2.0.69
O42 - Logiciel: Galerie de photos Windows Live
O42 - Logiciel: Google Chrome
O42 - Logiciel: Google Update Helper
O42 - Logiciel: Intel(R) Identity Protection Technology 1.1.2.0
O42 - Logiciel: Intel(R) Processor Graphics
O42 - Logiciel: Java 7 Update 67
O42 - Logiciel: LYCEE ROBERT DOISNEAU CUI
O42 - Logiciel: LibreOffice 4.0.2.2
O42 - Logiciel: Logiciel pour périphérique à chipset Intel®
O42 - Logiciel: MSI to redistribute MS VS2005 CRT libraries
O42 - Logiciel: MSVCRT
O42 - Logiciel: Microsoft Office Access MUI (French) 2007
O42 - Logiciel: Microsoft Office Excel MUI (French) 2007
O42 - Logiciel: Microsoft Office InfoPath MUI (French) 2007
O42 - Logiciel: Microsoft Office Outlook MUI (French) 2007
O42 - Logiciel: Microsoft Office PowerPoint MUI (French) 2007
O42 - Logiciel: Microsoft Office Professional Plus 2007
O42 - Logiciel: Microsoft Office Proof (Arabic) 2007
O42 - Logiciel: Microsoft Office Proof (Dutch) 2007
O42 - Logiciel: Microsoft Office Proof (English) 2007
O42 - Logiciel: Microsoft Office Proof (French) 2007
O42 - Logiciel: Microsoft Office Proof (German) 2007
O42 - Logiciel: Microsoft Office Proof (Spanish) 2007
O42 - Logiciel: Microsoft Office Proofing (French) 2007
O42 - Logiciel: Microsoft Office Publisher MUI (French) 2007
O42 - Logiciel: Microsoft Office Shared MUI (French) 2007
O42 - Logiciel: Microsoft Office Word MUI (French) 2007
O42 - Logiciel: Microsoft SQL Server 2005 Compact Edition [ENU]
O42 - Logiciel: Microsoft Silverlight
O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
O42 - Logiciel: Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610
O42 - Logiciel: Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610
O42 - Logiciel: Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610
O42 - Logiciel: Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610
O42 - Logiciel: MobilePCStarterKit 000.031020345
O42 - Logiciel: Mozilla Firefox 42.0 (x86 fr)
O42 - Logiciel: Mozilla Maintenance Service
O42 - Logiciel: OCS Inventory NG Agent 2.1.0.3
O42 - Logiciel: QuickTime
O42 - Logiciel: RealDownloader
O42 - Logiciel: RealNetworks - Microsoft Visual C++ 2008 Runtime
O42 - Logiciel: RealNetworks - Microsoft Visual C++ 2010 Runtime
O42 - Logiciel: RealPlayer
O42 - Logiciel: RealUpgrade 1.1
O42 - Logiciel: Realtek Ethernet Controller All-In-One Windows Driver
O42 - Logiciel: Realtek High Definition Audio Driver
O42 - Logiciel: Security Update for Microsoft .NET Framework 4.5.1 (KB2898869)
O42 - Logiciel: Security Update for Microsoft .NET Framework 4.5.1 (KB2901126)
O42 - Logiciel: Security Update for Microsoft .NET Framework 4.5.1 (KB2931368)
O42 - Logiciel: Trend Micro OfficeScan Client
O42 - Logiciel: UDF 2.5
O42 - Logiciel: VLC media player 2.1.2
O42 - Logiciel: Windows Live
O42 - Logiciel: Windows Live Communications Platform
O42 - Logiciel: Windows Live Installer
O42 - Logiciel: Windows Live Movie Maker
O42 - Logiciel: Windows Live PIMT Platform
O42 - Logiciel: Windows Live Photo Common
O42 - Logiciel: Windows Live Photo Gallery
O42 - Logiciel: Windows Live SOXE
O42 - Logiciel: Windows Live SOXE Definitions
O42 - Logiciel: Windows Live UX Platform
O42 - Logiciel: Windows Live UX Platform Language Pack
O42 - Logiciel: XnView 2.34
O42 - Logiciel: swMSM
---\\ Contenu des dossiers Fichiers Communs (O43)
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\7-Zip
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Adobe
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Apple Software Update
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Avery
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Bonjour
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Business Objects
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Common Files
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\DPower
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Dynamo Combo
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Ethnos 6
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Firebird
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Google
O43 - CFD:Common File Directory --H-D- C:\Program Files (x86)\InstallShield Installation Information
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Intel
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Internet Explorer
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\iTunes
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Java
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\LibreOffice 4.0
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Microsoft
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Microsoft Office 2007
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Microsoft Silverlight
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Microsoft Visual Studio
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Microsoft Visual Studio 8
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Microsoft Works
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Microsoft.NET
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Mozilla Firefox
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Mozilla Maintenance Service
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\mpck_en_031020345
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\MSBuild
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\MSECache
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Navilog1
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\NVIDIA Corporation
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\OCS Inventory Agent
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Office DEPOT Designer d´étiquettes 2.0
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\QuickTime
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Real
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\RealNetworks
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Realtek
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Reference Assemblies
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\RemotePackages
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Trend Micro
O43 - CFD:Common File Directory --H-D- C:\Program Files (x86)\Uninstall Information
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\VideoLAN
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Windows Defender
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Windows Live
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Windows Mail
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Windows Media Player
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Windows NT
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Windows Photo Viewer
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Windows Portable Devices
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Windows Sidebar
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Windows Virtual PC
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\XnView
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\ZHPDiag
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Common Files\Adobe
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Common Files\Adobe AIR
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Common Files\Apple
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Common Files\DESIGNER
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Common Files\InstallShield
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Common Files\Intel
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Common Files\Java
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Common Files\Lenovo
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Common Files\microsoft shared
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Common Files\Services
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Common Files\SpeechEngines
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Common Files\System
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Common Files\Windows Live
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Common Files\xing shared
---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:Last File Created 27/09/2016 - 07:49:44 -S-A- C:\Windows\bootstat.dat
O44 - LFC:Last File Created 27/09/2016 - 14:26:12 ---A- C:\Windows\cfgall.ini
O44 - LFC:Last File Created 27/09/2016 - 14:56:34 ---A- C:\Windows\ComptaBud.ini
O44 - LFC:Last File Created 27/09/2016 - 14:59:41 ---A- C:\Windows\ComptaGene.ini
---\\ Contrôle du Safe Boot (CSB) (O49)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vgasave.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgrx.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\nsiproxy.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpencdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vgasave.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgrx.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\vgasave.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\volmgrx.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\ipnat.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\nsiproxy.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\rdpencdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\vgasave.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\volmgrx.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Minimal\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Minimal\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Minimal\vgasave.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Minimal\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Minimal\volmgrx.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\ipnat.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\nsiproxy.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\rdpencdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\vgasave.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\volmgrx.sys
---\\ Trojan Driver Search Data (TDSD) (O52)
O52 - TDSD:HKLM\...\Drivers32\"vidc.mrle"="msrle32.dll"
O52 - TDSD:HKLM\...\Drivers32\"vidc.msvc"="msvidc32.dll"
O52 - TDSD:HKLM\...\Drivers32\"msacm.imaadpcm"="imaadp32.acm"
O52 - TDSD:HKLM\...\Drivers32\"msacm.msg711"="msg711.acm"
O52 - TDSD:HKLM\...\Drivers32\"msacm.msgsm610"="msgsm32.acm"
O52 - TDSD:HKLM\...\Drivers32\"msacm.msadpcm"="msadp32.acm"
O52 - TDSD:HKLM\...\Drivers32\"midimapper"="midimap.dll"
O52 - TDSD:HKLM\...\Drivers32\"wavemapper"="msacm32.drv"
O52 - TDSD:HKLM\...\Drivers32\"vidc.uyvy"="msyuv.dll"
O52 - TDSD:HKLM\...\Drivers32\"vidc.yuy2"="msyuv.dll"
O52 - TDSD:HKLM\...\Drivers32\"vidc.yvyu"="msyuv.dll"
O52 - TDSD:HKLM\...\Drivers32\"vidc.iyuv"="iyuv_32.dll"
O52 - TDSD:HKLM\...\Drivers32\"vidc.i420"="iyuv_32.dll"
O52 - TDSD:HKLM\...\Drivers32\"vidc.yvu9"="tsbyuv.dll"
O52 - TDSD:HKLM\...\Drivers32\"msacm.l3acm"="C:\Windows\SysWOW64\l3codeca.acm"
O52 - TDSD:HKLM\...\Drivers32\"vidc.cvid"="iccvid.dll"
O52 - TDSD:HKLM\...\Drivers32\"wave2"="wdmaud.drv"
O52 - TDSD:HKLM\...\Drivers32\"midi2"="wdmaud.drv"
O52 - TDSD:HKLM\...\Drivers32\"mixer2"="wdmaud.drv"
O52 - TDSD:HKLM\...\Drivers32\"wave"="wdmaud.drv"
O52 - TDSD:HKLM\...\Drivers32\"midi"="wdmaud.drv"
O52 - TDSD:HKLM\...\Drivers32\"mixer"="wdmaud.drv"
O52 - TDSD:HKLM\...\Drivers32\"aux"="wdmaud.drv"
O52 - TDSD:HKLM\...\Drivers32\"wave1"="wdmaud.drv"
O52 - TDSD:HKLM\...\Drivers32\"midi1"="wdmaud.drv"
O52 - TDSD:HKLM\...\Drivers32\"mixer1"="wdmaud.drv"
O52 - TDSD:HKLM\...\Drivers32\"aux1"="wdmaud.drv"
O52 - TDSD:HKLM\...\Drivers32\"wave3"="wdmaud.drv"
O52 - TDSD:HKLM\...\Drivers32\"midi3"="wdmaud.drv"
O52 - TDSD:HKLM\...\Drivers32\"mixer3"="wdmaud.drv"
O52 - TDSD:HKLM\...\Drivers32\"aux2"="wdmaud.drv"
O52 - TDSD:HKLM\...\drivers.desc\"C:\Windows\SysWOW64\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec"
---\\ Microsoft Control Security Providers (MCSP) (O54)
O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - "SecurityProviders"=credssp.dll
O54 - MCSP:[HKLM\...\ControlSet001\Control] - "SecurityProviders"=credssp.dll
---\\ Microsoft Windows Policies System (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=0
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=3
O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1
O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=0
O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0
O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=
O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0
O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
O55 - MWPS:[HKLM\...\Policies\System] - "SoftwareSASGeneration"=1
---\\ Microsoft Windows Policies Explorer (MWPE) (O56)
O56 - MWPE:[HKCU\...\Policies\Explorer] - "NoDriveTypeAutoRun"=145
O56 - MWPE:[HKLM\...\Policies\Explorer] - "NoActiveDesktop"=1
O56 - MWPE:[HKLM\...\Policies\Explorer] - "NoActiveDesktopChanges"=1
O56 - MWPE:[HKLM\...\Policies\Explorer] - "ForceActiveDesktopOn"=0
---\\ Liste des Drivers Système (SDL) (O58)
O58 - SDL:System Drivers List - C:\Windows\system32\drivers\wimmount.sys
---\\ Liste des outils de nettoyage (LATC) (O63)
O63 - Logiciel: ZHPDiag 1.24
End of the scan: 496 lines