cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Rapport de ZHPDiag v1.25.1436 par Nicolas Coolman, Update du 14/06/2010
Run by user at 27-09-2017 1:15:58
Web site : http://www.premiumorange.com/zeb-help-process/zhpdiag.html
Contact : nicolascoolman@yahoo.fr

---\\ Web Browser
MSIE: Internet Explorer v8.0.7600.16385
MFIE: Mozilla Firefox 55.0.3 (x86 fr)

---\\ System Information
Platform : Windows 7 Ultimate (6.1.7600)
Processor: x86 Family 6 Model 42 Stepping 7, GenuineIntel
Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 3469.2 MB (64% free)
System drive C: has 141 GB (81%) free of 173 GB

---\\ Logged in mode
Computer Name: CH-BUR-COMPT
User Name: user
All Users Names: user, Administrateur,
Unselected Option: O1,O45,O61,O65
Logged in as Administrator

---\\ DOS/Devices
C:\ Hard drive, Flash drive, Thumb drive (Free 141 Go of 173 Go)
D:\ Hard drive, Flash drive, Thumb drive (Free 145 Go of 146 Go)
E:\ Hard drive, Flash drive, Thumb drive (Free 145 Go of 146 Go)
F:\ CD-ROM drive (Not Inserted)
G:\ Floppy drive, Flash card reader, USB Key (Not Inserted)


---\\ Security Center & Tools Informations
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] DisableRegistryTools: OK


---\\ Processus lancés
[MD5.9D7CB86536BA20C6BAD4605714618AFF] - (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe [35736]
[MD5.BAD6BEA0DE1F69C82BDB74378CE0C20A] - (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [932288]
[MD5.93DB1FF92B03D24738A71E6E4992DFD3] - (.Sun Microsystems, Inc. - Java(TM) Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe [248552]
[MD5.8C779DA97B8A745CECDF149721988E21] - (.Intel Corporation - igfxTray Module.) -- C:\Windows\system32\igfxtray.exe [144152]
[MD5.36E3525045E761F7D5A66023337E0440] - (.Intel Corporation - persistence Module.) -- C:\Windows\system32\igfxpers.exe [188184]
[MD5.0F484CEBC0E6724B157E644787B66B68] - (.Zbshareware Lab - USB Disk Security.) -- C:\Program Files\USB Disk Security\USBGuard.exe [623520]
[MD5.6FB60B441A8F326C03FD37C2B450E426] - (.CANON INC. - Canon Advanced Printing Technology Printer.) -- C:\Windows\system32\spool\DRIVERS\W32X86\3\CNAP2LAK.exe [226784]
[MD5.72748761510AD63CB9CA800DABE5E3FC] - (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe [36760]
[MD5.6740051C97B30CF7267FAE2D109F5394] - (.Adobe Systems Inc. - AcroTray.) -- C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe [821144]
[MD5.2D52B68167FE0AEB2F636E89F5A15DAE] - (.Kaspersky Lab ZAO - Kaspersky Endpoint Security 10 for Windows.) -- C:\Program Files\Kaspersky Lab\Kaspersky Endpoint Security 10 for Windows SP1\avp.exe [1194320]
[MD5.129B99D8D60CB6DF63799E410E989377] - (.Pas de propriétaire - Pas de description.) -- C:\Program Files\Lexmark\ErrorApp\LMab1err.exe [645736]
[MD5.889CFF36EDDD89281E1C9BF1CE91B223] - (.Tonec Inc. - Internet Download Manager (IDM).) -- C:\Program Files\Internet Download Manager\IDMan.exe [3907152]
[MD5.440B3149E00A5A825E2114D1AD54B052] - (.Adobe Systems Incorporated - Adobe Collaboration Synchronizer 10.0.) -- C:\Program Files\Adobe\Acrobat 10.0\Acrobat\AdobeCollabSync.exe [1216416]
[MD5.ED0B0C8FA614F9BCE14B2655B6C46B84] - (.Crystal Rich Ltd - USB and SATA Device Manager.) -- C:\Program Files\USB Safely Remove\USBSafelyRemove.exe [1839448]
[MD5.E2FE656A79D8F4C4FD70201E7423BDA0] - (.Microsoft Corporation - Hôte des applications HTML de Microsoft(R).) -- C:\Windows\System32\Mshta.exe [47104]
[MD5.54A47F6B5E09A77E61649109C6A08866] - (.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\System32\svchost.exe [20992]
[MD5.567F071A1E399DCBA21BABDB1713FE28] - (.Kaspersky Lab ZAO - Kaspersky Seamless Update Service.) -- C:\Program Files\Kaspersky Lab\Kaspersky Endpoint Security 10 for Windows SP1\avpsus.exe [2481072]
[MD5.C5A75EB48E2344ABDC162BDA79E16841] - (.Microsoft Corporation - .NET Runtime Optimization Service.) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [130384]
[MD5.DD7423ABBE2913E70D50E9318AD57EE4] - (.Google Inc. - Programme d'installation de Google.) -- C:\Program Files\Google\Update\GoogleUpdate.exe [144200]
[MD5.28B3162EC8D01114313D7F447D8E157E] - (.Intel(R) Corporation - Intel(R) Capability Licensing Service Inter.) -- C:\Program Files\Intel\iCLS Client\HeciServer.exe [423136]
[MD5.3628933AF5305EAB8173949BFF912F04] - (.Intel Corporation - Intel(R) Dynamic Application Loader Host In.) -- C:\Program Files\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [161560]
[MD5.BF22ACF4CF3734D61357E67F0521BC03] - (.Intel Corporation - Local Manageability Service.) -- C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [277784]
[MD5.7CF1B716372B89568AE4C0FE769F5869] - (.Microsoft Corporation - Machine Debug Manager.) -- C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [335872]
[MD5.CBDA684766C7986B8756D6A0FC0B3D47] - (.Pas de propriétaire - Pas de description.) -- C:\Program Files\Net Monitor for Employees Pro\bin\NLSAgentSvc.exe [1346688]
[MD5.F42309C4191C506B71DB5D1126D26318] - (.Microsoft Corporation - Local Security Authority Process.) -- C:\Windows\system32\lsass.exe [22528]
[MD5.49B6DD6AB3715B7A67965F17194E98A9] - (.Microsoft Corporation - Application sous-système spouleur.) -- C:\Windows\System32\spoolsv.exe [316416]
[MD5.4C287F9069FEDBD791178876EE9DE536] - (.Microsoft Corporation - Service de la plateforme de protection logi.) -- C:\Windows\system32\sppsvc.exe [3179520]
[MD5.2AA61246A5B813C1B12BCCFAA6F23DD8] - (.TeamViewer GmbH - TeamViewer 10.) -- C:\Program Files\TeamViewer\TeamViewer_Service.exe [5702416]
[MD5.B097EBA0E3FEB020BB65FE43AF5ECCFF] - (.Intel Corporation - User Notification Service.) -- C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [363800]
[MD5.9EAB14398771BE7D26A4145764248C81] - (.Pas de propriétaire - Pas de description.) -- C:\Program Files\USB Safely Remove\USBSRService.exe [257880]
[MD5.147C60622CB53E901EFD8BB6D44A4C46] - (.Splashtop Inc. - Splashtop Connect IE Software Updater Servi.) -- C:\Program Files\Splashtop\Splashtop Connect IE Software Updater\WCUService.exe [497480]
[MD5.622D95520182F6D3D05310D5810CA8B3] - (.Microsoft Corporation - Indexeur Microsoft Windows Search.) -- C:\Windows\system32\SearchIndexer.exe [428032]


---\\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2)
F2 - REG:system.ini: UserInit=C:\Windows\System32\Userinit.exe,
F2 - REG:system.ini: Shell=explorer.exe


---\\ Pages de recherche d'Internet Explorer (R1)
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896


---\\ Internet Explorer URLSearchHook (R3)
R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Navigateur Internet.) (8.00.7600.16385 (win7_rtm.090713-1255)) -- C:\Windows\System32\ieframe.dll


---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} . (.Internet Download Manager, Tonec Inc. - IDM Browser Helper Object.) -- C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: SmartView VisualBookmark - {0E5680D1-BF44-4929-94AF-FD30D784AD1D} . (.DeviceVM, Inc. - SmartView for IE Extension.) -- C:\Program Files\DeviceVM\SmartView\SmartView.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} . (.Adobe Systems Incorporated - Adobe PDF Toolbar for Internet Explorer.) -- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} . (.Skype Technologies S.A. - Skype add-on for IE.) -- C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} . (.Adobe Systems Incorporated - Adobe PDF Toolbar for Internet Explorer.) -- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll


---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} . (.Adobe Systems Incorporated - Adobe PDF Toolbar for Internet Explorer.) -- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll


---\\ Applications démarrées automatiquement par le registre (O4)
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe
O4 - HKLM\..\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] . (.Sun Microsystems, Inc. - Java(TM) Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe
O4 - HKLM\..\Run: [IgfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [USB Security] . (.Zbshareware Lab - USB Disk Security.) -- C:\Program Files\USB Disk Security\USBGuard.exe
O4 - HKLM\..\Run: [CNAP2 Launcher] . (.CANON INC. - Canon Advanced Printing Technology Printer.) -- C:\Windows\system32\spool\DRIVERS\W32X86\3\CNAP2LAK.exe
O4 - HKLM\..\Run: [Adobe Acrobat Speed Launcher] . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] . (.Adobe Systems Inc. - AcroTray.) -- C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe
O4 - HKLM\..\Run: [AVP] . (.Kaspersky Lab ZAO - Kaspersky Endpoint Security 10 for Windows.) -- C:\Program Files\Kaspersky Lab\Kaspersky Endpoint Security 10 for Windows SP1\avp.exe
O4 - HKCU\..\Run: [CNAP2 Launcher] . (.CANON INC. - Canon Advanced Printing Technology Printer.) -- C:\Windows\system32\spool\DRIVERS\W32X86\3\CNAP2LAK.exe
O4 - HKCU\..\Run: [LMab1err] . (.Pas de propriétaire - Pas de description.) -- C:\Program Files\Lexmark\ErrorApp\LMab1err.exe
O4 - HKCU\..\Run: [IDMan] . (.Tonec Inc. - Internet Download Manager (IDM).) -- C:\Program Files\Internet Download Manager\IDMan.exe
O4 - HKCU\..\Run: [Adobe Acrobat Synchronizer] . (.Adobe Systems Incorporated - Adobe Collaboration Synchronizer 10.0.) -- C:\Program Files\Adobe\Acrobat 10.0\Acrobat\AdobeCollabSync.exe
O4 - HKCU\..\Run: [USB Safely Remove] . (.Crystal Rich Ltd - USB and SATA Device Manager.) -- C:\Program Files\USB Safely Remove\USBSafelyRemove.exe
O4 - HKCU\..\policies\Explorer: [1] . (.Microsoft Corporation - Hôte des applications HTML de Microsoft(R).) -- C:\Windows\System32\Mshta.exe
O4 - Global Startup: Snagit 11.lnk . (.TechSmith Corporation - Snagit.) -- C:\Program Files\TechSmith\Snagit 11\Snagit32.exe
O4 - Global Startup: Facebook Gameroom.lnk . (.Facebook - FacebookGameroom.) -- C:\Users\user\AppData\Local\Facebook\Games\FacebookGameroom.exe


---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8)
O8 - Extra context menu item: ÅÏÑÇÌ Åáì ãáÝ PDF ÇáãæÌæÏ ÍÇáíÇð . (.Adobe Systems Incorporated - Adobe PDF Toolbar for Internet Explorer.) -- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O8 - Extra context menu item: ÅáÍÇÞ æÌåÉ ÇáÑÇÈØ ÈãáÝ PDF ÇáãæÌæÏ . (.Adobe Systems Incorporated - Adobe PDF Toolbar for Internet Explorer.) -- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O8 - Extra context menu item: ÊÍãíá Çáßá ÈæÇÓØÉ Internet Download Manager . (.Pas de propriétaire - Pas de description.) -- C:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: ÊÍãíá ÈæÇÓØÉ Internet Download Manager . (.Pas de propriétaire - Pas de description.) -- C:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: ÊÍæíá Åáì Adobe PDF . (.Adobe Systems Incorporated - Adobe PDF Toolbar for Internet Explorer.) -- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O8 - Extra context menu item: ÊÍæíá æÌåÉ ÇáÑÇÈØ Åáì Adobe PDF . (.Adobe Systems Incorporated - Adobe PDF Toolbar for Internet Explorer.) -- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll


---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} . (.Pas de propriétaire - Pas de description.) -- C:\Program Files\Skype\Toolbars\Internet Explorer\icon.ico
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (.Pas de propriétaire - Pas de description.) -- C:\PROGRA~1\MICROS~2\Office12\REFBARH.ICO


---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\Windows\system32\mswsock.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll
O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d’affectation de noms de messagerie.) -- C:\Windows\system32\napinsp.dll
O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll


---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{1A2CC401-539E-4351-AE80-4AE8EDD09EA2}: NameServer = 8.8.8.8,4.2.2.2
O17 - HKLM\System\CS1\Services\Tcpip\..\{1A2CC401-539E-4351-AE80-4AE8EDD09EA2}: NameServer = 8.8.8.8,4.2.2.2
O17 - HKLM\System\CS2\Services\Tcpip\..\{1A2CC401-539E-4351-AE80-4AE8EDD09EA2}: NameServer = 8.8.8.8,4.2.2.2


---\\ Protocole additionnel et piratage de protocole (O18)
O18 - Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} . (.Skype Technologies S.A. - Skype add-on for IE.) -- C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} . (.Skype Technologies - Skype for COM API.) -- C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL


---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll


---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSODL) (O21)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.


---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: Kaspersky Endpoint Security Service (AVP) . (.Kaspersky Lab ZAO - Kaspersky Endpoint Security 10 for Windows.) - C:\Program Files\Kaspersky Lab\Kaspersky Endpoint Security 10 for Windows SP1\avp.exe
O23 - Service: Kaspersky Seamless Update Service (avpsus) . (.Kaspersky Lab ZAO - Kaspersky Seamless Update Service.) - C:\Program Files\Kaspersky Lab\Kaspersky Endpoint Security 10 for Windows SP1\avpsus.exe
O23 - Service: ÎÏãÉ Google Update (gupdate) (gupdate) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Capability Licensing Service Interface (Intel(R) Capability Licensing Service Interface) . (.Intel(R) Corporation - Intel(R) Capability Licensing Service Inter.) - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) . (.Intel Corporation - Intel(R) Dynamic Application Loader Host In.) - C:\Program Files\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) . (.Intel Corporation - Local Manageability Service.) - C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Net Monitor for Employees Agent (NMEmployeesAgent) . (.Pas de propriétaire - Pas de description.) - C:\Program Files\Net Monitor for Employees Pro\bin\NLSAgentSvc.exe
O23 - Service: TeamViewer 10 (TeamViewer) . (.TeamViewer GmbH - TeamViewer 10.) - C:\Program Files\TeamViewer\TeamViewer_Service.exe
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) . (.Intel Corporation - User Notification Service.) - C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: USB Safely Remove Assistant (USBSafelyRemoveService) . (.Pas de propriétaire - Pas de description.) - C:\Program Files\USB Safely Remove\USBSRService.exe
O23 - Service: Splashtop Connect IE Software Updater Service (WCUService_STC_IE) . (.Splashtop Inc. - Splashtop Connect IE Software Updater Servi.) - C:\Program Files\Splashtop\Splashtop Connect IE Software Updater\WCUService.exe


---\\ Composants installés (ActiveSetup Installed Components) (O40)
O40 - ASIC: Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608500} . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre6\bin\regutils.dll
O40 - ASIC: Google Chrome - {8A69D345-D564-463c-AFF1-A69D9E530F96} . (.Google Inc. - Google Chrome Installer.) -- C:\Program Files\Google\Chrome\Application\61.0.3163.100\Installer\chrmstp.exe


---\\ Pilotes lancés au démarrage (O41)
O41 - Driver: Kaspersky Lab KLFltDev (KLFLTDEV) . (.Kaspersky Lab ZAO - Klfltdev Pnp device filter [fre_wlh_x86].) - C:\Windows\system32\DRIVERS\klfltdev.sys
O41 - Driver: Kaspersky Lab Driver (KLIF) . (.Kaspersky Lab ZAO - Klif Mini-Filter [fre_wlh_x86].) - C:\Windows\system32\DRIVERS\klif.sys
O41 - Driver: Kaspersky Anti-Virus NDIS 6 Filter (KLIM6) . (.AO Kaspersky Lab - Packet Network Filter [fre_wlh_x86].) - C:\Windows\system32\DRIVERS\klim6.sys
O41 - Driver: kltdi (kltdi) . (.Kaspersky Lab ZAO - Network filtering component [fre_wxp_x86].) - C:\Windows\system32\DRIVERS\kltdi.sys
O41 - Driver: kneps (kneps) . (.Kaspersky Lab ZAO - KNEPS Power [fre_wxp_x86].) - C:\Windows\system32\DRIVERS\kneps.sys


---\\ Logiciels installés (O42)
O42 - Logiciel: Adobe Acrobat X Professional - Middle Eastern, North African, Greek - (.Adobe Systems.) [HKLM]
O42 - Logiciel: Adobe Flash Player 10 ActiveX - (.Adobe Systems Incorporated.) [HKLM]
O42 - Logiciel: Adobe Reader X - Arabic - (.Adobe Systems Incorporated.) [HKLM]
O42 - Logiciel: Borland Delphi 7 - (.Borland Software Corporation.) [HKLM]
O42 - Logiciel: CCleaner - (.Piriform.) [HKLM]
O42 - Logiciel: Canon LBP3010/LBP3018/LBP3050 - (.Pas de propriétaire.) [HKLM]
O42 - Logiciel: Canon LBP3100/LBP3108/LBP3150 - (.Pas de propriétaire.) [HKLM]
O42 - Logiciel: DAS - (.Pas de propriétaire.) [HKCU]
O42 - Logiciel: Emp0621 - (.WFMS.) [HKLM]
O42 - Logiciel: Facebook Gameroom 1.9.6443.18496 - (.Facebook.) [HKLM]
O42 - Logiciel: Google Chrome - (.Google Inc..) [HKLM]
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM]
O42 - Logiciel: Intel(R) Management Engine Components - (.Intel Corporation.) [HKLM]
O42 - Logiciel: Intel(R) OpenCL CPU Runtime - (.Intel Corporation.) [HKLM]
O42 - Logiciel: Intel(R) Processor Graphics - (.Intel Corporation.) [HKLM]
O42 - Logiciel: Intel® Trusted Connect Service Client - (.Intel Corporation.) [HKLM]
O42 - Logiciel: Internet Download Manager - (.Tonec Inc..) [HKLM]
O42 - Logiciel: Java(TM) 6 Update 23 - (.Oracle.) [HKLM]
O42 - Logiciel: Lexmark MS510 Series Programme de désinstallation - (.Lexmark International, Inc..) [HKLM]
O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.) [HKLM]
O42 - Logiciel: Microsoft .NET Framework 4 Client Profile FRA Language Pack - (.Microsoft Corporation.) [HKLM]
O42 - Logiciel: Microsoft Office Access MUI (French) 2007 - (.Microsoft Corporation.) [HKLM]
O42 - Logiciel: Microsoft Office Excel MUI (French) 2007 - (.Microsoft Corporation.) [HKLM]
O42 - Logiciel: Microsoft Office InfoPath MUI (French) 2007 - (.Microsoft Corporation.) [HKLM]
O42 - Logiciel: Microsoft Office Outlook MUI (French) 2007 - (.Microsoft Corporation.) [HKLM]
O42 - Logiciel: Microsoft Office PowerPoint MUI (French) 2007 - (.Microsoft Corporation.) [HKLM]
O42 - Logiciel: Microsoft Office Professional Plus 2007 - (.Microsoft Corporation.) [HKLM]
O42 - Logiciel: Microsoft Office Proof (Arabic) 2007 - (.Microsoft Corporation.) [HKLM]
O42 - Logiciel: Microsoft Office Proof (Dutch) 2007 - (.Microsoft Corporation.) [HKLM]
O42 - Logiciel: Microsoft Office Proof (English) 2007 - (.Microsoft Corporation.) [HKLM]
O42 - Logiciel: Microsoft Office Proof (French) 2007 - (.Microsoft Corporation.) [HKLM]
O42 - Logiciel: Microsoft Office Proof (German) 2007 - (.Microsoft Corporation.) [HKLM]
O42 - Logiciel: Microsoft Office Proof (Spanish) 2007 - (.Microsoft Corporation.) [HKLM]
O42 - Logiciel: Microsoft Office Proofing (French) 2007 - (.Microsoft Corporation.) [HKLM]
O42 - Logiciel: Microsoft Office Publisher MUI (French) 2007 - (.Microsoft Corporation.) [HKLM]
O42 - Logiciel: Microsoft Office Shared MUI (French) 2007 - (.Microsoft Corporation.) [HKLM]
O42 - Logiciel: Microsoft Office Word MUI (French) 2007 - (.Microsoft Corporation.) [HKLM]
O42 - Logiciel: Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 - (.Microsoft Corporation.) [HKLM]
O42 - Logiciel: Module linguistique Microsoft .NET Framework 4 Client Profile FRA - (.Microsoft Corporation.) [HKLM]
O42 - Logiciel: Morefunc - (.Pas de propriétaire.) [HKLM]
O42 - Logiciel: Mozilla Firefox 55.0.3 (x86 fr) - (.Mozilla.) [HKLM]
O42 - Logiciel: Mozilla Maintenance Service - (.Mozilla.) [HKLM]
O42 - Logiciel: Nero 7 Essentials - (.Nero AG.) [HKLM]
O42 - Logiciel: PDFCreator - (.Frank Heindörfer, Philip Chinery.) [HKLM]
O42 - Logiciel: Realtek Ethernet Controller Driver - (.Realtek.) [HKLM]
O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM]
O42 - Logiciel: Recuva - (.Piriform.) [HKLM]
O42 - Logiciel: Skype Toolbars - (.Skype Technologies S.A..) [HKLM]
O42 - Logiciel: Skype™ 5.1 - (.Skype Technologies S.A..) [HKLM]
O42 - Logiciel: SmartView for IE - (.DeviceVM, Inc..) [HKLM]
O42 - Logiciel: Snagit 11 - (.TechSmith Corporation.) [HKLM]
O42 - Logiciel: TeamViewer 10 - (.TeamViewer.) [HKLM]
O42 - Logiciel: USB Disk Security - (.Zbshareware Lab.) [HKLM]
O42 - Logiciel: USB Safely Remove 4.7 - (.SafelyRemove.com.) [HKLM]
O42 - Logiciel: VLC media player 1.1.7 - (.VideoLAN.) [HKLM]
O42 - Logiciel: WGEPADMI - (.GENISOFT.) [HKLM]
O42 - Logiciel: WinRAR 4.01 (32-bit) - (.win.rar GmbH.) [HKLM]
O42 - Logiciel: neroxml - (.Nero AG.) [HKLM]

---\\ HKCU & HKLM Software Keys
[HKCU\Software\7-ZIP]
[HKCU\Software\ASProtect]
[HKCU\Software\Adobe]
[HKCU\Software\Ahead]
[HKCU\Software\AppDataLow]
[HKCU\Software\CNAS]
[HKCU\Software\Cameyo]
[HKCU\Software\Canon]
[HKCU\Software\Chromium]
[HKCU\Software\Classes]
[HKCU\Software\Clients]
[HKCU\Software\DeviceVM]
[HKCU\Software\Djemai]
[HKCU\Software\DownloadAstro]
[HKCU\Software\DownloadManager]
[HKCU\Software\Facebook]
[HKCU\Software\Google]
[HKCU\Software\GsftBm]
[HKCU\Software\Gsft]
[HKCU\Software\ImgBurn]
[HKCU\Software\Intel]
[HKCU\Software\JavaSoft]
[HKCU\Software\KasperskyLab]
[HKCU\Software\Lexmark]
[HKCU\Software\MSM]
[HKCU\Software\Macromedia]
[HKCU\Software\MiTeC]
[HKCU\Software\MozillaPlugins]
[HKCU\Software\Mozilla]
[HKCU\Software\Netscape]
[HKCU\Software\ODBC]
[HKCU\Software\PC SOFT]
[HKCU\Software\PDFCreator]
[HKCU\Software\Piriform]
[HKCU\Software\Policies]
[HKCU\Software\Printers]
[HKCU\Software\Realtek]
[HKCU\Software\SMAD?V]
[HKCU\Software\SafelyRemove]
[HKCU\Software\Salamander]
[HKCU\Software\Security Stronghold]
[HKCU\Software\Skype]
[HKCU\Software\SoftLogica]
[HKCU\Software\Splashtop Inc.]
[HKCU\Software\Sysinternals]
[HKCU\Software\TeamViewer]
[HKCU\Software\TechSmith]
[HKCU\Software\Trolltech]
[HKCU\Software\VOS]
[HKCU\Software\WFMS]
[HKCU\Software\WinRAR SFX]
[HKCU\Software\WinRAR]
[HKCU\Software\softline]
[HKLM\Software\ATI Technologies]
[HKLM\Software\Adobe]
[HKLM\Software\Ahead]
[HKLM\Software\Apple Inc.]
[HKLM\Software\Audible]
[HKLM\Software\Borland]
[HKLM\Software\CNRC]
[HKLM\Software\Canon]
[HKLM\Software\Classes]
[HKLM\Software\Clients]
[HKLM\Software\DeviceVM]
[HKLM\Software\EnigmaSoftwareGroup]
[HKLM\Software\Foxconn]
[HKLM\Software\GENISOFT]
[HKLM\Software\Google]
[HKLM\Software\InfoWatch]
[HKLM\Software\Intel]
[HKLM\Software\JavaSoft]
[HKLM\Software\Jawego]
[HKLM\Software\KasperskyLab]
[HKLM\Software\Khronos]
[HKLM\Software\Lexmark]
[HKLM\Software\MAXSOFT-OCRON]
[HKLM\Software\Macromedia]
[HKLM\Software\Magical Jelly Bean Software]
[HKLM\Software\MozillaPlugins]
[HKLM\Software\Mozilla]
[HKLM\Software\Nero]
[HKLM\Software\Net Monitor for Employees Pro]
[HKLM\Software\Nevrona Designs]
[HKLM\Software\ODBC]
[HKLM\Software\PC Purifier]
[HKLM\Software\PDFCreator]
[HKLM\Software\Piriform]
[HKLM\Software\Policies]
[HKLM\Software\RTLSetup]
[HKLM\Software\Realtek Semiconductor Corp.]
[HKLM\Software\Realtek]
[HKLM\Software\RegisteredApplications]
[HKLM\Software\SRS Labs]
[HKLM\Software\Skype]
[HKLM\Software\Sonic]
[HKLM\Software\Splashtop Inc.]
[HKLM\Software\Swearware]
[HKLM\Software\TechSmith]
[HKLM\Software\VideoLAN]
[HKLM\Software\WinRAR]
[HKLM\Software\Wow6432Node]
[HKLM\Software\mozilla.org]
[HKLM\Software\zBff]
[HKLM\Software\zbshareware]
[HKLM\Software\zbsharewarelab]


---\\ Contenu des dossiers Fichiers Communs (O43)
O43 - CFD:Common File Directory ----D- C:\Program Files\Adobe
O43 - CFD:Common File Directory ----D- C:\Program Files\Avira
O43 - CFD:Common File Directory R---D- C:\Program Files\Borland
O43 - CFD:Common File Directory ----D- C:\Program Files\Canon
O43 - CFD:Common File Directory ----D- C:\Program Files\CCleaner
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files
O43 - CFD:Common File Directory ----D- C:\Program Files\das
O43 - CFD:Common File Directory ----D- C:\Program Files\DeviceVM
O43 - CFD:Common File Directory ----D- C:\Program Files\DVD Maker
O43 - CFD:Common File Directory ----D- C:\Program Files\Emp0621
O43 - CFD:Common File Directory -SH-D- C:\Program Files\Fichiers communs
O43 - CFD:Common File Directory ----D- C:\Program Files\GENISOFT
O43 - CFD:Common File Directory ----D- C:\Program Files\GENISOFT-rappel
O43 - CFD:Common File Directory ----D- C:\Program Files\Google
O43 - CFD:Common File Directory --H-D- C:\Program Files\InstallShield Installation Information
O43 - CFD:Common File Directory ----D- C:\Program Files\Intel
O43 - CFD:Common File Directory ----D- C:\Program Files\Internet Download Manager
O43 - CFD:Common File Directory ----D- C:\Program Files\Internet Explorer
O43 - CFD:Common File Directory ----D- C:\Program Files\Java
O43 - CFD:Common File Directory ----D- C:\Program Files\Kaspersky Lab
O43 - CFD:Common File Directory ----D- C:\Program Files\Lexmark
O43 - CFD:Common File Directory ----D- C:\Program Files\Lexmark MS510 Series
O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft Games
O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft Office
O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft Visual Studio
O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft Visual Studio 8
O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft Works
O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft.NET
O43 - CFD:Common File Directory ----D- C:\Program Files\Morefunc
O43 - CFD:Common File Directory ----D- C:\Program Files\Mozilla Firefox
O43 - CFD:Common File Directory ----D- C:\Program Files\Mozilla Maintenance Service
O43 - CFD:Common File Directory ----D- C:\Program Files\MSBuild
O43 - CFD:Common File Directory ----D- C:\Program Files\Nero
O43 - CFD:Common File Directory ----D- C:\Program Files\Net Monitor for Employees Pro
O43 - CFD:Common File Directory ----D- C:\Program Files\OLDGENISOFT
O43 - CFD:Common File Directory ----D- C:\Program Files\PDFCreator
O43 - CFD:Common File Directory ----D- C:\Program Files\Realtek
O43 - CFD:Common File Directory ----D- C:\Program Files\Recuva
O43 - CFD:Common File Directory ----D- C:\Program Files\Reference Assemblies
O43 - CFD:Common File Directory R---D- C:\Program Files\Skype
O43 - CFD:Common File Directory ----D- C:\Program Files\SMADAV
O43 - CFD:Common File Directory ----D- C:\Program Files\Splashtop
O43 - CFD:Common File Directory ----D- C:\Program Files\Stronghold AntiMalware
O43 - CFD:Common File Directory ----D- C:\Program Files\TeamViewer
O43 - CFD:Common File Directory ----D- C:\Program Files\TechSmith
O43 - CFD:Common File Directory --H-D- C:\Program Files\Temp
O43 - CFD:Common File Directory --H-D- C:\Program Files\Uninstall Information
O43 - CFD:Common File Directory ----D- C:\Program Files\USB Disk Security
O43 - CFD:Common File Directory ----D- C:\Program Files\USB Safely Remove
O43 - CFD:Common File Directory ----D- C:\Program Files\VideoLAN
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Defender
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Journal
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Mail
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Media Player
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows NT
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Photo Viewer
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Portable Devices
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Sidebar
O43 - CFD:Common File Directory ----D- C:\Program Files\WinRAR
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Adobe
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Ahead
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Borland Shared
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\DESIGNER
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\InstallShield
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Intel
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Java
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\microsoft shared
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\PC SOFT
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\postureAgent
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Services
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Skype
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\SpeechEngines
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\System


---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.68F9C22293B7EC5D462040220DFF4963] - 24-09-2017 - 9:47:05 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\eac_settings_backup.xml [1216]
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 24-09-2017 - 9:57:22 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\setuperr.log [0]
O44 - LFC:[MD5.1F8681DF17FC686D257C7716E6EB5436] - 26-09-2017 - 23:53:03 --HA- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [17136]
O44 - LFC:[MD5.1F8681DF17FC686D257C7716E6EB5436] - 26-09-2017 - 23:53:03 --HA- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [17136]
O44 - LFC:[MD5.00000000000000000000000000000000] - 26-09-2017 - 23:48:57 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\WindowsUpdate.log [1834630]
O44 - LFC:[MD5.D7E8ACF75FB47C9F7B48E688C9C233C6] - 26-09-2017 - 23:45:42 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\setupact.log [8477]
O44 - LFC:[MD5.B2BF1C8070FF9195BB6CE23787FAACE1] - 26-09-2017 - 23:45:41 -S-A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\bootstat.dat [67584]
O44 - LFC:[MD5.BF29E1821CBE52A467097DD6E165973F] - 24-09-2017 - 10:37:17 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\ntbtlog.txt [328120]
O44 - LFC:[MD5.D1E75542EC8D1B4851765A57AC63618E] - 24-09-2017 - 10:00:07 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\diagerr.xml [1908]
O44 - LFC:[MD5.E4DC0450D80867120C04A0ADD5E8A5B7] - 24-09-2017 - 10:00:07 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\diagwrn.xml [2562]
O44 - LFC:[MD5.EEBB0FA277FF042F70E581A2E4C494F9] - 04-09-2017 - 13:12:26 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\PhotoSnapViewer.INI [151]


---\\ MountPoints2 Shell Key (MPSK) (O51)
O51 - MPSK:{42d33be8-41c1-11e6-b945-10604b7357ea}\Shell\AutoRun\command. (.Pas de propriétaire - Pas de description.) -- H:\Lenovo_Suite.exe (.not file.)
O51 - MPSK:{7f49db48-635a-11e3-9132-806e6f6e6963}\Shell\AutoRun\command. (.Pas de propriétaire - Pas de description.) -- F:\reatogoMenu.exe
O51 - MPSK:{a980f172-6ab8-11e7-a4f8-10604b7357ea}\Shell\AutoRun\command. (.Pas de propriétaire - Pas de description.) -- G:\Auto.exe (.not file.)


---\\ Trojan Driver Search Data (HKLM)(TDSD) (O52)
O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\Windows\System32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
O52 - TDSD: \Drivers32\"vidc.cvid"="iccvid.dll" . (.Radius Inc. - Codec Cinepak®.) -- C:\Windows\System32\iccvid.dll
O52 - TDSD: \drivers.desc\"C:\Windows\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm


---\\ ShareTools MSconfig StartupReg (SMSR) (O53)
O53 - SMSR:HKLM\...\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} [Key] . (.Nero AG - Nero Home.) -- C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
O53 - SMSR:HKLM\...\startupreg\NeroFilterCheck [Key] . (.Nero AG - NeroCheck.) -- C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe


---\\ Microsoft Control Security Providers (MCSP) (O54)
O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - "SecurityProviders"=credssp.dll
O54 - MCSP:[HKLM\...\ControlSet001\Control] - "SecurityProviders"=credssp.dll


---\\ Microsoft Windows Policies System (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=0
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=3
O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1
O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=0
O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0
O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=
O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0
O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
O55 - MWPS:[HKCU\...\Policies\System] - "disableregistrytools"=0


---\\ Microsoft Windows Policies Explorer (MWPE) (O56)
O56 - MWPE:[HKCU\...\Policies\Explorer] - "1"=Mshta.exe


---\\ Liste des Drivers Système (SDL) (O58)
O58 - SDL:[MD5.21E785EBD7DC90A06391141AAC7892FB] - 14-07-2009 - 2:26:15 ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\system32\drivers\adp94xx.sys
O58 - SDL:[MD5.0C676BC278D5B59FF5ABD57BBE9123F2] - 14-07-2009 - 2:26:17 ---A- . (.Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) -- C:\Windows\system32\drivers\adpahci.sys
O58 - SDL:[MD5.7C7B5EE4B7B822EC85321FE23A27DB33] - 14-07-2009 - 2:26:15 ---A- . (.Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver.) -- C:\Windows\system32\drivers\adpu320.sys
O58 - SDL:[MD5.0D40BCF52EA90FC7DF2AEAB6503DEA44] - 14-07-2009 - 2:26:15 ---A- . (.Acer Laboratories Inc. - ALi mini IDE Driver.) -- C:\Windows\system32\drivers\aliide.sys
O58 - SDL:[MD5.2101A86C25C154F8314B24EF49D7FBC2] - 14-07-2009 - 2:26:15 ---A- . (.Advanced Micro Devices - AHCI 1.2 Device Driver.) -- C:\Windows\system32\drivers\amdsata.sys
O58 - SDL:[MD5.EA43AF0C423FF267355F74E7A53BDABA] - 14-07-2009 - 2:26:15 ---A- . (.AMD Technologies Inc. - AMD Technology AHCI Compatible Controller Driver for Windows fa.) -- C:\Windows\system32\drivers\amdsbs.sys
O58 - SDL:[MD5.B81C2B5616F6420A9941EA093A92B150] - 14-07-2009 - 2:26:15 ---A- . (.Advanced Micro Devices - Storage Filter Driver.) -- C:\Windows\system32\drivers\amdxata.sys
O58 - SDL:[MD5.2932004F49677BD84DBC72EDB754FFB3] - 14-07-2009 - 2:26:15 ---A- . (.Adaptec, Inc. - Adaptec RAID Storport Driver.) -- C:\Windows\system32\drivers\arc.sys
O58 - SDL:[MD5.5D6F36C46FD283AE1B57BD2E9FEB0BC7] - 14-07-2009 - 2:26:15 ---A- . (.Adaptec, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\Windows\system32\drivers\arcsas.sys
O58 - SDL:[MD5.BD8869EB9CDE6BBE4508D869929869EE] - 14-07-2009 - 23:02:49 ---A- . (.Broadcom Corporation - Pilote unifié NDIS6.x Broadcom NetXtreme Gigabit Ethernet..) -- C:\Windows\system32\drivers\b57nd60x.sys
O58 - SDL:[MD5.9F9ACC7F7CCDE8A15C282D3F88B43309] - 14-07-2009 - 23:53:28 ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver.) -- C:\Windows\system32\drivers\BrFiltLo.sys
O58 - SDL:[MD5.56801AD62213A41F6497F96DEE83755A] - 14-07-2009 - 23:53:28 ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver.) -- C:\Windows\system32\drivers\BrFiltUp.sys
O58 - SDL:[MD5.845B8CE732E67F3B4133164868C666EA] - 14-07-2009 - 1:57:25 ---A- . (.Brother Industries Ltd. - Pilote Brother Série I/F (WDM).) -- C:\Windows\system32\drivers\BrSerId.sys
O58 - SDL:[MD5.203F0B1E73ADADBBB7B7B1FABD901F6B] - 14-07-2009 - 23:53:32 ---A- . (.Brother Industries Ltd. - Brother Serial driver (WDM version).) -- C:\Windows\system32\drivers\BrSerWdm.sys
O58 - SDL:[MD5.BD456606156BA17E60A04E18016AE54B] - 14-07-2009 - 23:53:33 ---A- . (.Brother Industries Ltd. - Brother USB MDM Driver.) -- C:\Windows\system32\drivers\BrUsbMdm.sys
O58 - SDL:[MD5.AF72ED54503F717A43268B3CC5FAEC2E] - 14-07-2009 - 23:53:33 ---A- . (.Brother Industries Ltd. - Brother USB Serial Driver.) -- C:\Windows\system32\drivers\BrUsbSer.sys
O58 - SDL:[MD5.1A231ABEC60FD316EC54C66715543CEC] - 14-07-2009 - 23:02:48 ---A- . (.Broadcom Corporation - Broadcom NetXtreme II GigE VBD.) -- C:\Windows\system32\drivers\bxvbdx.sys
O58 - SDL:[MD5.C537B1DB64D495B9B4717B4D6D9EDBF2] - 14-07-2009 - 2:26:21 ---A- . (.CMD Technology, Inc. - CMD PCI IDE Bus Driver.) -- C:\Windows\system32\drivers\cmdide.sys
O58 - SDL:[MD5.8B30250D573A8F6B4BD23195160D8707] - 14-07-2009 - 2:20:28 ---A- . (.Adaptec, Inc. - Adaptec Ultra SCSI miniport.) -- C:\Windows\system32\drivers\djsvs.sys
O58 - SDL:[MD5.0ED67910C8C326796FAA00B2BF6D9D3C] - 14-07-2009 - 2:20:28 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\system32\drivers\elxstor.sys
O58 - SDL:[MD5.024E1B5CAC09731E4D868E64DBFB4AB0] - 14-07-2009 - 23:02:48 ---A- . (.Broadcom Corporation - Broadcom NetXtreme II 10 GigE VBD.) -- C:\Windows\system32\drivers\evbdx.sys
O58 - SDL:[MD5.C44E3C2BAB6837DB337DDEE7544736DB] - 14-07-2009 - 23:54:14 ---A- . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\system32\drivers\hcw85cir.sys
O58 - SDL:[MD5.240D715CFE4FB8F4CDA76F6863E62334] - 09-11-2011 - 17:52:02 ---A- . (.Intel Corporation - Intel(R) Management Engine Interface.) -- C:\Windows\system32\drivers\HECI.sys
O58 - SDL:[MD5.295FDC419039090EB8B49FFDBB374549] - 14-07-2009 - 2:20:28 ---A- . (.Hewlett-Packard Company - Smart Array SAS/SATA Controller Media Driver.) -- C:\Windows\system32\drivers\HpSAMD.sys
O58 - SDL:[MD5.E64665E2A6CAEB52C8AE6E5EB6F3FD7C] - 30-11-2011 - 4:30:40 ---A- . (.Intel Corporation - Intel Rapid Storage Technology driver - x86.) -- C:\Windows\system32\drivers\iaStor.sys
O58 - SDL:[MD5.934AF4D7C5F457B9F0743F4299B77B67] - 14-07-2009 - 2:20:36 ---A- . (.Intel Corporation - Intel Matrix Storage Manager driver - ia32.) -- C:\Windows\system32\drivers\iaStorV.sys
O58 - SDL:[MD5.48ADA0D72D0B4C1A6686D6D948F6E15E] - 12-06-2015 - 5:00:58 ---A- . (.Tonec Inc. - Internet Download Manager WFP Driver.) -- C:\Windows\system32\drivers\idmwfp.sys
O58 - SDL:[MD5.89DCA0728B445E6BF808C11753153B9D] - 18-01-2012 - 11:12:30 ---A- . (.Intel Corporation - Intel Graphics Kernel Mode Driver.) -- C:\Windows\system32\drivers\igdkmd32.sys
O58 - SDL:[MD5.4173FF5708F3236CF25195FECD742915] - 14-07-2009 - 2:20:36 ---A- . (.Intel Corp./ICP vortex GmbH - Intel/ICP Raid Storport Driver.) -- C:\Windows\system32\drivers\iirsp.sys
O58 - SDL:[MD5.B1DE832A8D46E3AB591EFE7BBD343338] - 11-09-2015 - 20:30:36 ---A- . (.Kaspersky Lab ZAO - Kaspersky Unified Driver.) -- C:\Windows\system32\drivers\kl1.sys
O58 - SDL:[MD5.FBA1476823E3FA834663F2F9A3207224] - 01-10-2015 - 11:45:36 ---A- . (.Kaspersky Lab ZAO - Filter Core [fre_wlh_x86].) -- C:\Windows\system32\drivers\klflt.sys
O58 - SDL:[MD5.9B92D9136CF98ABF48DF14C94A1E47CE] - 05-10-2015 - 11:23:40 ---A- . (.Kaspersky Lab ZAO - Klfltdev Pnp device filter [fre_wlh_x86].) -- C:\Windows\system32\drivers\klfltdev.sys
O58 - SDL:[MD5.3D7737C78EC2FC9F239E3CAD559C480F] - 01-10-2015 - 11:45:40 ---A- . (.Kaspersky Lab ZAO - Klif Mini-Filter [fre_wlh_x86].) -- C:\Windows\system32\drivers\klif.sys
O58 - SDL:[MD5.127A224745FA61227CDEDE03F76C74AC] - 06-08-2015 - 14:30:08 ---A- . (.AO Kaspersky Lab - Packet Network Filter [fre_wlh_x86].) -- C:\Windows\system32\drivers\klim6.sys
O58 - SDL:[MD5.8E682FBB727A3A3C3B7FAF986FF4EA54] - 11-06-2015 - 15:52:38 ---A- . (.Kaspersky Lab ZAO - Network filtering component [fre_wxp_x86].) -- C:\Windows\system32\drivers\kltdi.sys
O58 - SDL:[MD5.9F1D8F9DC94B86EE45FBCBED7BF357EC] - 11-09-2015 - 18:18:46 ---A- . (.Kaspersky Lab ZAO - KNEPS Power [fre_wxp_x86].) -- C:\Windows\system32\drivers\kneps.sys
O58 - SDL:[MD5.EB119A53CCF2ACC000AC71B065B78FEF] - 14-07-2009 - 2:20:36 ---A- . (.LSI Corporation - LSI Fusion-MPT FC Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_fc.sys
O58 - SDL:[MD5.8ADE1C877256A22E49B75D1CC9161F9C] - 14-07-2009 - 2:20:37 ---A- . (.LSI Corporation - LSI Fusion-MPT SAS Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_sas.sys
O58 - SDL:[MD5.DC9DC3D3DAA0E276FD2EC262E38B11E9] - 14-07-2009 - 2:20:36 ---A- . (.LSI Corporation - LSI SAS Gen2 Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_sas2.sys
O58 - SDL:[MD5.0A036C7D7CAB643A7F07135AC47E0524] - 14-07-2009 - 2:20:36 ---A- . (.LSI Corporation - LSI Fusion-MPT SCSI Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_scsi.sys
O58 - SDL:[MD5.0FFF5B045293002AB38EB1FD1FC2FB74] - 14-07-2009 - 2:20:36 ---A- . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows 7 for x86.) -- C:\Windows\system32\drivers\megasas.sys
O58 - SDL:[MD5.DCBAB2920C75F390CAF1D29F675D03D6] - 14-07-2009 - 2:20:36 ---A- . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\Windows\system32\drivers\MegaSR.sys
O58 - SDL:[MD5.1D85C4B390B0EE09C7A46B91EFB2C097] - 14-07-2009 - 2:20:44 ---A- . (.IBM Corporation - IBM ServeRAID Controller Driver.) -- C:\Windows\system32\drivers\nfrd960.sys
O58 - SDL:[MD5.3F3D04B1D08D43C16EA7963954EC768D] - 14-07-2009 - 2:20:44 ---A- . (.NVIDIA Corporation - NVIDIA® nForce(TM) RAID Driver.) -- C:\Windows\system32\drivers\nvraid.sys
O58 - SDL:[MD5.C99F251A5DE63C6F129CF71933ACED0F] - 14-07-2009 - 2:20:44 ---A- . (.NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver.) -- C:\Windows\system32\drivers\nvstor.sys
O58 - SDL:[MD5.AB95ECF1F6659A60DDC166D8315B0751] - 14-07-2009 - 2:19:04 ---A- . (.QLogic Corporation - QLogic Fibre Channel Stor Miniport Driver.) -- C:\Windows\system32\drivers\ql2300.sys
O58 - SDL:[MD5.B4DD51DD25182244B86737DC51AF2270] - 14-07-2009 - 2:19:04 ---A- . (.QLogic Corporation - QLogic iSCSI Storport Miniport Driver.) -- C:\Windows\system32\drivers\ql40xx.sys
O58 - SDL:[MD5.6A2586DCB5B04A52404699EB325DF1DB] - 30-09-2011 - 2:30:32 ---A- . (.Realtek - Realtek 8101E/8168/8169 NDIS 6.20 32-bit Driver.) -- C:\Windows\system32\drivers\Rt86win7.sys
O58 - SDL:[MD5.345AC48D17F5C2F2AA1EE50D34C3978B] - 19-10-2011 - 4:53:14 ---A- . (.Realtek Semiconductor Corp. - Realtek(r) High Definition Audio Function Driver.) -- C:\Windows\system32\drivers\RTKVHDA.sys
O58 - SDL:[MD5.90A3935D05B494A5A39D37E71F09A677] - 13-07-2009 - 21:50:20 ---A- . (.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) -- C:\Windows\system32\drivers\secdrv.sys
O58 - SDL:[MD5.A9F0486851BECB6DDA1D89D381E71055] - 14-07-2009 - 2:19:04 ---A- . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) -- C:\Windows\system32\drivers\sisraid2.sys
O58 - SDL:[MD5.3727097B55738E2F554972C3BE5BC1AA] - 14-07-2009 - 2:19:04 ---A- . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\Windows\system32\drivers\sisraid4.sys
O58 - SDL:[MD5.DB32D325C192B801DF274BFD12A7E72B] - 14-07-2009 - 2:19:04 ---A- . (.Promise Technology - Promise SuperTrak EX Series Driver for Windows.) -- C:\Windows\system32\drivers\stexstor.sys
O58 - SDL:[MD5.6976DF1DA8E17C1E85EFC991C46983BB] - 10-03-2016 - 5:17:36 ---A- . (.MBB - USB Modem/Serial Device Driver.) -- C:\Windows\system32\drivers\usb2ser.sys
O58 - SDL:[MD5.E43574F6A56A0EE11809B48C09E4FD3C] - 14-07-2009 - 2:19:10 ---A- . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) -- C:\Windows\system32\drivers\viaide.sys
O58 - SDL:[MD5.9DFA0CC2F8855A04816729651175B631] - 14-07-2009 - 2:19:11 ---A- . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\Windows\system32\drivers\vsmraid.sys
O58 - SDL:[MD5.8AAD333C876590293F72B315E162BCC7] - 13-07-2009 - 22:40:41 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\ANSI.SYS
O58 - SDL:[MD5.0FE9F16075C9ACB941C957B7C649176E] - 13-07-2009 - 22:40:44 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\country.sys
O58 - SDL:[MD5.E6BC0F98FECEF245A0010D350C1A0B9B] - 13-07-2009 - 22:40:40 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\HIMEM.SYS
O58 - SDL:[MD5.492090267B9608C62B956CD29BE3AFB7] - 13-07-2009 - 22:40:43 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\KEY01.SYS
O58 - SDL:[MD5.FBBCFEC1379C5C02D88A361993EDF1B8] - 13-07-2009 - 22:40:43 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\KEYBOARD.SYS
O58 - SDL:[MD5.FFFF296A08DBF2AC0126C62E3778AC0D] - 13-07-2009 - 22:40:23 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\NTDOS.SYS
O58 - SDL:[MD5.CF9ED169FF86D935E47999E82359E898] - 13-07-2009 - 22:40:31 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\NTDOS404.SYS
O58 - SDL:[MD5.03B945AC0481CD8BB161C3569D8ED1C3] - 13-07-2009 - 22:40:35 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\NTDOS411.SYS
O58 - SDL:[MD5.BBC957DC18C17CC027EB80B7C77F2AEA] - 13-07-2009 - 22:40:39 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\NTDOS412.SYS
O58 - SDL:[MD5.3CFFAEFFF23B0D208214A6D3061A5B1B] - 13-07-2009 - 22:40:27 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\NTDOS804.SYS
O58 - SDL:[MD5.2E4112FB7D1B76E11ADFD7487B5D0E95] - 13-07-2009 - 22:40:11 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\NTIO.SYS
O58 - SDL:[MD5.A98EBD4C2DF983665BF2D1AF49949974] - 13-07-2009 - 22:40:15 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\NTIO404.SYS
O58 - SDL:[MD5.3F7E6406EDEF197C5CAAB2240EEF6F48] - 13-07-2009 - 22:40:17 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\NTIO411.SYS
O58 - SDL:[MD5.3E64D681B776CC57BDC38A46D881F85B] - 13-07-2009 - 22:40:19 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\NTIO412.SYS
O58 - SDL:[MD5.D86B6435729231C171432B4E77801BDB] - 13-07-2009 - 22:40:13 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\NTIO804.SYS


---\\ Liste des outils de nettoyage (LATC) (O63)
O63 - Logiciel: ZHPDiag 1.25 - (.Nicolas Coolman.)
O63 - Logiciel: ComboFix - (.sUBs.)


---\\ Liste des services Legacy (LALS) (O64)
O64 - Services: CurCS - (.not file.) - avkmgr (avkmgr) .(.Pas de propriétaire - Pas de description.) - LEGACY_AVKMGR
O64 - Services: CurCS - (.not file.) - Beep (Beep) .(.Pas de propriétaire - Pas de description.) - LEGACY_BEEP
O64 - Services: CurCS - (.not file.) - FAT12/16/32 File System Driver (fastfat) .(.Pas de propriétaire - Pas de description.) - LEGACY_FASTFAT
O64 - Services: CurCS - C:\Windows\system32\DRIVERS\idmwfp.sys - IDMWFP (IDMWFP) .(.Tonec Inc. - Internet Download Manager WFP Driver.) - LEGACY_IDMWFP
O64 - Services: CurCS - C:\Windows\system32\DRIVERS\kl1.sys - kl1 (kl1) .(.Kaspersky Lab ZAO - Kaspersky Unified Driver.) - LEGACY_KL1
O64 - Services: CurCS - C:\Windows\system32\DRIVERS\klif.sys - Kaspersky Lab Driver (KLIF) .(.Kaspersky Lab ZAO - Klif Mini-Filter [fre_wlh_x86].) - LEGACY_KLIF
O64 - Services: CurCS - C:\Windows\system32\DRIVERS\klim6.sys - Kaspersky Anti-Virus NDIS 6 Filter (KLIM6) .(.AO Kaspersky Lab - Packet Network Filter [fre_wlh_x86].) - LEGACY_KLIM6
O64 - Services: CurCS - C:\Windows\system32\DRIVERS\kltdi.sys - kltdi (kltdi) .(.Kaspersky Lab ZAO - Network filtering component [fre_wxp_x86].) - LEGACY_KLTDI
O64 - Services: CurCS - C:\Windows\system32\DRIVERS\kneps.sys - kneps (kneps) .(.Kaspersky Lab ZAO - KNEPS Power [fre_wxp_x86].) - LEGACY_KNEPS
O64 - Services: CurCS - (.not file.) - PROCEXP113 (PROCEXP113) .(.Pas de propriétaire - Pas de description.) - LEGACY_PROCEXP113
O64 - Services: CurCS - (.not file.) - RDP Winstation Driver (RDPWD) .(.Pas de propriétaire - Pas de description.) - LEGACY_RDPWD
O64 - Services: CurCS - (.not file.) - Security Driver (secdrv) .(.Pas de propriétaire - Pas de description.) - LEGACY_SECDRV
O64 - Services: CurCS - (.not file.) - Security Processor Loader Driver (spldr) .(.Pas de propriétaire - Pas de description.) - LEGACY_SPLDR


---\\ Observateur d'évènement d'application (OEA) (O66)
O66 - EventLog: ID=1000 (Application Error) - (.Microsoft Corporation - Applications Services et Contrôleur.) -- C:\Windows\system32\services.exe


---\\ File Associations Shell Spawning (O67)
O67 - Shell Spawning: <.bat> [HKLM\..\open\Command] "%1" %* (.not file.)
O67 - Shell Spawning: <.cpl> [HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe
O67 - Shell Spawning: <.cmd> [HKLM\..\open\Command] "%1" %* (.not file.)
O67 - Shell Spawning: <.com> [HKLM\..\open\Command] "%1" %* (.not file.)
O67 - Shell Spawning: <.evt> [HKLM\..\open\Command] (.Microsoft Corporation - Lanceur du composant logiciel enfichable Observateur d’événements.) -- C:\Windows\system32\eventvwr.exe
O67 - Shell Spawning: <.exe> [HKLM\..\open\Command] "%1" %* (.not file.)
O67 - Shell Spawning: <.html> [HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O67 - Shell Spawning: <.js> [HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe
O67 - Shell Spawning: <.reg> [HKLM\..\open\Command] (.Microsoft Corporation - Editeur du Registre.) -- C:\Windows\regedit.exe
O67 - Shell Spawning: <.html> [HKCU\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O67 - Shell Spawning: <.bat> [HKCR\..\open\Command] "%1" %* (.not file.)
O67 - Shell Spawning: <.cpl> [HKCR\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe
O67 - Shell Spawning: <.cmd> [HKCR\..\open\Command] "%1" %* (.not file.)
O67 - Shell Spawning: <.com> [HKCR\..\open\Command] "%1" %* (.not file.)
O67 - Shell Spawning: <.evt> [HKCR\..\open\Command] (.Microsoft Corporation - Lanceur du composant logiciel enfichable Observateur d’événements.) -- C:\Windows\system32\eventvwr.exe
O67 - Shell Spawning: <.exe> [HKCR\..\open\Command] "%1" %* (.not file.)
O67 - Shell Spawning: <.html> [HKCR\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O67 - Shell Spawning: <.js> [HKCR\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe
O67 - Shell Spawning: <.reg> [HKCR\..\open\Command] (.Microsoft Corporation - Editeur du Registre.) -- C:\Windows\regedit.exe


---\\ Start Menu Internet (SMI) (O68)
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe


---\\ Search Browser Infection (SBI) (O69)


---\\ Recherche d'infection Master Boot Record (O80)
Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net
Run by user at 27-09-2017 1:18:47
device: opened successfully
user: MBR read successfully
called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys halmacpi.dll win32k.sys iaStor.sys
kernel: MBR read successfully
user & kernel MBR OK



End of the scan (637 lines in 02mn 49s)

Publicité


Signaler le contenu de ce document

Publicité