~ Rapport de ZHPDiag v2014.8.28.125 - Nicolas Coolman (28/08/2014) ~ Lancé par Administrateur (27/12/2014 12:20:28) ~ Adresse du Site Web http://nicolascoolman.fr ~ Adresse du Forum http://forum.nicolascoolman.fr ~ Traduit par Nicolas Coolman ~ Etat de la version : Nouvelle version disponible ~ Liste blanche : Activée par le programme ~ Elévation des Privilèges : OK ~ User Account Control (UAC): Activate by user ---\\ Navigateurs Internet MSIE: Internet Explorer v10.0.9200.17116 (Defaut) MFIE: Mozilla Firefox 34.0.5 GCIE: Google Chrome v38.0.2125.111 ---\\ Informations sur les produits Windows ~ Langage: Français Windows 8, 64-bit (Build 9200) Windows Server License Manager Script : OK ~ Windows(R) Operating System, OEM_DM channel Windows ID Activation : OK ~ Windows Partial Key : D9H36 Windows License : OK ~ Windows Remaining Initializations Number : 999 Software Protection Service (Protection logicielle) : OK Windows Automatic Updates : OK Windows Activation Technologies : OK ---\\ Logiciels de protection du système Spybot - Search & Destroy v1.6.2 Windows Defender W8 (Activate) ---\\ Logiciels d'optimisation du système CCleaner v4.18 ---\\ Logiciels de partage PeerToPeer ---\\ Surveillance de Logiciels Adobe Flash Player 16 NPAPI ---\\ Informations sur le système ~ Processor: AMD64 Family 20 Model 2 Stepping 0, AuthenticAMD ~ Operating System: 64 Bits Boot mode: Normal (Normal boot) Total RAM: 3673 MB (53% free) System Restore: Activé (Enable) System drive C: has 113 GB (25%) free of 440 GB ---\\ Mode de connexion au système ~ Computer Name: MINOU ~ User Name: Administrateur ~ All Users Names: HomeGroupUser$, chien, Administrateur, ~ Unselected Option: None Logged in as Administrator ---\\ Variables d'environnement ~ System Unit : C:\ ~ %AppZHP% : C:\Users\Administrateur\AppData\Roaming\ZHP\ ~ %AppData% : C:\Users\Administrateur\AppData\Roaming\ ~ %Desktop% : C:\Users\Administrateur\Desktop\ ~ %Favorites% : C:\Users\Administrateur\Favorites\ ~ %LocalAppData% : C:\Users\Administrateur\AppData\Local\ ~ %StartMenu% : C:\Users\Administrateur\AppData\Roaming\Microsoft\Windows\Start Menu\ ~ %Windir% : C:\Windows\ ~ %System% : C:\Windows\System32\ ---\\ Enumération des unités disques C: Hard drive, Flash drive, Thumb drive (Free 113 Go of 440 Go) D: CD-ROM drive (Free 0 Go of 0 Go) ---\\ Etat du Centre de Sécurité Windows [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : Out Of Date ~ Security Center: 49 Legitimates Filtered in 00mn 00s ---\\ Recherche particulière de fichiers génériques [MD5.0E8E6463F81C80AFBED533E0F1F8895D] - (.Microsoft Corporation - Explorateur Windows.) (.01/06/2013 - 12:34:21.) -- C:\Windows\Explorer.exe [2391280] [MD5.FE9AB232B56A12224E8A3F3F9878C9A3] - (.Microsoft Corporation - Application de démarrage de Windows.) (.26/07/2012 - 04:08:50.) -- C:\Windows\System32\Wininit.exe [132608] [MD5.949C61BEF8501BD244C50A7F182CEC74] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.20/09/2014 - 06:17:42.) -- C:\Windows\System32\wininet.dll [2236928] [MD5.75DD70A14145499C9F7D903CF9A8C91B] - (.Microsoft Corporation - Application d’ouverture de session Windows.) (.12/04/2014 - 10:10:31.) -- C:\Windows\System32\Winlogon.exe [578048] [MD5.9448F5740A037EC0C18F0E9177232DD0] - (.Microsoft Corporation - Bibliothèque de licences.) (.26/07/2012 - 04:07:20.) -- C:\Windows\System32\sppcomapi.dll [273408] [MD5.FE7FB9612D354EB41DF4F0FF5D6FB259] - (.Microsoft Corporation - Pilote de fonction connexe pour WinSock.) (.29/05/2014 - 23:24:46.) -- C:\Windows\system32\Drivers\AFD.sys [576512] [MD5.A721FF570C2387E383BDDEA9632863C9] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.26/07/2012 - 06:00:48.) -- C:\Windows\system32\Drivers\atapi.sys [25840] [MD5.990B1BABE6E81FB18E65A87EBEFB1772] - (.Microsoft Corporation - CD-ROM File System Driver.) (.26/07/2012 - 03:30:10.) -- C:\Windows\system32\Drivers\Cdfs.sys [108544] [MD5.339BFF85D788268752DA8C9644B188EE] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.26/07/2012 - 03:26:36.) -- C:\Windows\system32\Drivers\Cdrom.sys [174080] [MD5.431141C6859990824D17F71C30A78728] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.16/01/2014 - 00:42:58.) -- C:\Windows\system32\Drivers\DfsC.sys [118784] [MD5.58CC013EFA9893057160EDA018D8ADCE] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.15/07/2014 - 23:51:05.) -- C:\Windows\system32\Drivers\HDAudBus.sys [71168] [MD5.C9E9CBF73AFFBFE3E801EFB516787BA3] - (.Microsoft Corporation - Pilote de port i8042.) (.26/07/2012 - 03:28:51.) -- C:\Windows\system32\Drivers\i8042prt.sys [112640] [MD5.3969B9C218DD3FAA9F4ED2FFC3651C02] - (.Microsoft Corporation - IP Network Address Translator.) (.26/07/2012 - 03:23:01.) -- C:\Windows\system32\Drivers\IpNat.sys [145920] [MD5.14EE56050E1637926F5CFA65B1F4209B] - (.Microsoft Corporation - Minirdr SMB Windows NT.) (.12/07/2014 - 05:34:34.) -- C:\Windows\system32\Drivers\MRxSmb.sys [404480] [MD5.7CEC25C682D319D484630B3952C31A11] - (.Microsoft Corporation - MBT Transport driver.) (.26/07/2012 - 03:24:28.) -- C:\Windows\system32\Drivers\netBT.sys [331776] [MD5.7BE3EDFFA3216F989A6BDCB14795DD08] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.27/01/2014 - 04:39:40.) -- C:\Windows\system32\Drivers\ntfs.sys [1939288] [MD5.4563DAF8C6A740AD7F501E219BD10766] - (.Microsoft Corporation - Pilote de port parallèle.) (.26/07/2012 - 03:29:53.) -- C:\Windows\system32\Drivers\Parport.sys [105984] [MD5.A14D625C5AEE5FFE0F47D1A1D419FAAE] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.26/07/2012 - 03:23:17.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [124928] [MD5.B2A3AD74FF2E2FFA73AF2567108231B3] - (.Microsoft Corporation - Redirecteur de périphérique de Microsoft RDP.) (.26/07/2012 - 03:25:18.) -- C:\Windows\system32\Drivers\rdpdr.sys [179712] [MD5.73DC722CE5DF26D7638CE2446F2655C7] - (.Microsoft Corporation - TDI Translation Driver.) (.26/07/2012 - 06:26:47.) -- C:\Windows\system32\Drivers\tdx.sys [117248] [MD5.AA37946941ED3805AB3A924965907147] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.04/07/2014 - 11:52:10.) -- C:\Windows\system32\Drivers\volsnap.sys [328000] ~ Generic Processes: Scanned in 00mn 01s ---\\ Etat des fichiers cachés (Caché/Total) ~ Mes images (My Pictures) : 0/0 ~ Mes musiques (My Musics) : 0/0 ~ Mes Videos (My Videos) : 0/0 ~ Mes Favoris (My Favorites) : 0/14 ~ Mes Documents (My Documents) : 0/98 ~ Mon Bureau (My Desktop) : 0/45 ~ Menu demarrer (Programs) : 0/18 ~ Hidden Files: Scanned in 00mn 00s ---\\ Processus lancés [MD5.A1741C3B79F9DF8895E05EF43579E74B] - (.CyberLink - YouCam Mirage.) -- C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe [136488] [PID.2656] [MD5.DADDD62BEDC91BC96CFC794A2CA0D94A] - (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe [337520] [PID.1704] [MD5.33BF80A2291C54DC7D7601CDEF63138E] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [8099328] [PID.964] ~ Processes Running: Scanned in 00mn 00s ---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3) C:\Users\Administrateur\AppData\Roaming\Mozilla\Firefox\Profiles\hof45hyk.default\prefs.js ~ Firefox Browser: 3 Legitimates Filtered in 00mn 00s ---\\ Internet Explorer, Proxy Management (R5) R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll ~ Proxy management: Scanned in 00mn 00s ---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs F2 - REG:system.ini: USERINIT=C:\WINDOWS\system32\userinit.exe, F2 - REG:system.ini: Shell=C:\Windows\explorer.exe F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe ~ Keys: Scanned in 00mn 00s ---\\ Hosts file redirection (O1) ~ Le fichier hôte est sain (The hosts file is clean) (1) ~ Hosts File: Scanned in 00mn 00s ---\\ Autres liens utilisateurs (O4) O4 - GS\QuickLaunch [chien]: µTorrent.lnk . (.BitTorrent Inc. - µTorrent.) -- C:\Users\chien\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent ~ Global Startup: 1 Legitimates Filtered in 00mn 20s ---\\ Applications lancées au démarrage du système (O4) O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] . (.Adobe Systems Incorporated - Adobe Updater Startup Utility.) -- C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe =>.Adobe Systems Incorporated ~ Application: Scanned in 00mn 00s ---\\ Modification Domaine/Adresses DNS (O17) O17 - HKLM\System\CCS\Services\Tcpip\..\{0FB2F4CA-6ED8-4105-A582-EC5C0D51C3A3}: DhcpNameServer = 192.168.1.1 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\..\{A04BF144-D459-44D3-86D5-EF7078E012A0}: DhcpNameServer = 192.168.1.1 192.168.1.1 O17 - HKLM\System\CS1\Services\Tcpip\..\{0FB2F4CA-6ED8-4105-A582-EC5C0D51C3A3}: DhcpNameServer = 192.168.1.1 192.168.1.1 O17 - HKLM\System\CS1\Services\Tcpip\..\{A04BF144-D459-44D3-86D5-EF7078E012A0}: DhcpNameServer = 192.168.1.1 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 192.168.1.1 ~ Domain: Scanned in 00mn 00s ---\\ Protocole additionnel (O18) O18 - Handler: vbscript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll =>.Microsoft Corporation O18 - Filter: text/xml [64Bits] - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.dll =>.Microsoft Corporation ~ Protocole Additionnel: Scanned in 00mn 00s ---\\ Liste des services NT non Microsoft et non désactivés (O23) O23 - Service: Super Optimizer (cae99edb) . (...) - c:\Program Files (x86)\Super Optimizer\SupOptCrash.dll (.not file.) O23 - Service: Service Google Update (gupdate) (gupdate) . (...) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (.not file.) ~ Services: 3 Legitimates Filtered in 00mn 06s ---\\ Enumère les données de BootExecute (BEX) (O34) O34 - HKLM BootExecute: (autocheck autochk * ) - File not found ~ BEX: 1 Legitimates Filtered in 00mn 00s ---\\ Tâches planifiées en automatique (O39) [MD5.00000000000000000000000000000000] [APT] [$dMM6KqyKu+JyN+{$] (...) -- C:\Users\Administrateur\AppData\Roaming\playnowradio\playnowradio\1.3.4.8\playnowradio.exe (.not file.) [0] =>PUP.PlayNowRadio [MD5.00000000000000000000000000000000] [APT] [969d12c9-04b5-429a-85aa-89ab4d7b2cae-2] (...) -- C:\Program Files (x86)\Freeven pro 1.2\969d12c9-04b5-429a-85aa-89ab4d7b2cae-2.exe (.not file.) [0] =>PUP.Freeven [MD5.00000000000000000000000000000000] [APT] [gameo_update] (...) -- C:\Users\Administrateur\AppData\Roaming\Gameo\gameo.exe (.not file.) [0] [MD5.00000000000000000000000000000000] [APT] [{4AB37338-3486-48BA-A772-F0FE44EA2521}] (...) -- E:\RECUPERATION D\Généalogie\Généalogie Heredis pro 10.1\cerise Heredis Pro 10.1.exe (.not file.) [0] [MD5.00000000000000000000000000000000] [APT] [{604C6E0A-1601-4AE8-BB25-E15013622F8A}] (...) -- D:\UPDATE\MSAOE10A.exe (.not file.) [0] [MD5.00000000000000000000000000000000] [APT] [{D8C59EBE-764C-4D8A-AF1F-3ADED25579CE}] (...) -- D:\aoeadons.exe (.not file.) [0] [MD5.00000000000000000000000000000000] [APT] [{F022BCF3-7AF6-47B4-8F9B-E8850C8CEC8D}] (...) -- E:\RECUPERATION D\WinRAR 3.42 fr -Version craqu- pas de serial et activation Marche Ok par fatah.fr-.exe (.not file.) [0] O39 - APT: - (..) -- C:\Windows\System32\Tasks\Adobe Flash Player Updater [1002] O39 - APT: - (..) -- C:\Windows\System32\Tasks\GlaryInitialize 4 [358] O39 - APT: - (..) -- C:\Windows\System32\Tasks\GlaryInitialize 5 [362] O39 - APT: - (..) -- C:\Windows\System32\Tasks\GlaryOneClickOptimizer 5 [408] O39 - APT: - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore1ce7c90f3815efb [1084] O39 - APT: - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA [1088] ~ Scheduled Task: 27 Legitimates Filtered in 00mn 14s ---\\ Logiciels installés (O42) O42 - Logiciel: FTPGetter Professional 5.55 - (.FTPGetter Team.) [HKLM][64Bits] -- FTPGetter Professional_is1 O42 - Logiciel: Gameo - (.IronSource Ltd..) [HKCU][64Bits] -- Gameo O42 - Logiciel: SafeIP - (.SafeIP.) [HKLM][64Bits] -- SAFEIP_is1 O42 - Logiciel: Shopping Helper Smartbar Engine - (.ReSoft Ltd..) [HKCU][64Bits] -- {a75e6670-7578-4ccc-b6af-fe0ad00e2786} =>Hijacker.SmartBar O42 - Logiciel: Windows Product Key Finder Pro® 2.3 - (...) [HKLM][64Bits] -- Windows Product Key Finder Pro®_is1 ~ Logic: 15 Legitimates Filtered in 00mn 01s ---\\ HKCU & HKLM Software Keys [HKCU\Software\DriverWhiz] [HKCU\Software\GoldenGate] [HKCU\Software\InstallCore] =>Adware.InstallCore [HKCU\Software\SafeIP] [HKCU\Software\Super Optimizer] [HKCU\Software\Toocharger] [HKLM\Software\Wow6432Node\AVerFilters] [HKLM\Software\Wow6432Node\SecretSauce] =>Adware.SecretSauce [HKLM\Software\Wow6432Node\Veloxum] [HKLM\Software\Wow6432Node\asmwsoft] [HKLM\Software\Wow6432Node\b1.org] ~ Key Software: 265 Legitimates Filtered in 00mn 01s ---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43) O43 - CFD: 01/11/2013 - 09:31:26 - [] ----D C:\Program Files (x86)\DGP1000 O43 - CFD: 21/09/2014 - 08:03:26 - [] ----D C:\Program Files (x86)\FTPGetter O43 - CFD: 20/11/2014 - 11:49:38 - [] ----D C:\Program Files (x86)\HQVid-v2.5V15.11 O43 - CFD: 29/12/2013 - 19:56:30 - [] ----D C:\Program Files (x86)\MyDrive Connect O43 - CFD: 19/08/2014 - 18:01:30 - [] ----D C:\Program Files (x86)\RegUtility O43 - CFD: 07/06/2014 - 14:45:40 - [] ----D C:\Program Files (x86)\SafeIP O43 - CFD: 01/11/2013 - 09:31:36 - [] ----D C:\Program Files (x86)\SketchList 3D Pro O43 - CFD: 22/10/2012 - 09:35:20 - [] ----D C:\ProgramData\FreeRide Games O43 - CFD: 21/09/2014 - 08:03:51 - [0] ----D C:\ProgramData\FTPGetter O43 - CFD: 23/04/2014 - 19:11:54 - [] ----D C:\ProgramData\InstallMate =>PUP.Tarma O43 - CFD: 11/09/2013 - 10:20:23 - [] ----D C:\ProgramData\KRSHistory O43 - CFD: 11/08/2013 - 15:24:09 - [] ----D C:\ProgramData\SketchList 3D O43 - CFD: 15/04/2013 - 20:40:13 - [] ----D C:\ProgramData\Thinix O43 - CFD: 05/06/2014 - 18:28:11 - [0] -SH-D C:\ProgramData\{01BD4FC9-2F86-4706-A62E-774BB7E9D308} O43 - CFD: 03/12/2014 - 13:10:19 - [] --H-D C:\Users\Administrateur\AppData\Roaming\GoldenGate O43 - CFD: 03/12/2014 - 13:09:36 - [] ----D C:\Users\Administrateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Gameo O43 - CFD: 29/10/2014 - 16:29:13 - [] ----D C:\Users\Administrateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpyHunter =>Crapware.SpyHunter ~ Program Folder: 253 Legitimates Filtered in 00mn 01s ---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44) O44 - LFC:[MD5.62CF64DDAD6E8266A64CD110081846CB] - 27/12/2014 - 09:36:06 ---A- . (...) -- C:\immudebug.log [17568761] O44 - LFC:[MD5.0277C027A26428DB64EF4F64F52BB4FD] - 27/12/2014 - 10:57:27 ---A- . (...) -- C:\Windows\MBR.exe [208896] O44 - LFC:[MD5.F042EE4C8D66248D9B86DCF52ABAE416] - 27/12/2014 - 10:57:27 ---A- . (...) -- C:\Windows\PEV.exe [256000] O44 - LFC:[MD5.9E05A9C264C8A908A8E79450FCBFF047] - 27/12/2014 - 10:57:27 ---A- . (...) -- C:\Windows\grep.exe [80412] O44 - LFC:[MD5.2B657A67AEBB84AEA5632C53E61E23BF] - 27/12/2014 - 10:57:27 ---A- . (...) -- C:\Windows\sed.exe [98816] O44 - LFC:[MD5.5E832F4FAF5F481F2EAF3B3A48F603B8] - 27/12/2014 - 10:57:27 ---A- . (...) -- C:\Windows\zip.exe [68096] ~ Files: 16 Legitimates Filtered in 00mn 40s ---\\ Derniers fichiers créés dans Windows Prefetcher (O45) O45 - LFCP:[MD5.6593AAE4969D8F63EEA4EA04E06A8716] - 27/12/2014 - 12:02:09 ---A- - C:\Windows\Prefetch\DISKCLEANER.EXE-C159D9A9.pf =>Rogue.DiskCleaner ~ Prefetcher: 1 Legitimates Filtered in 00mn 00s ---\\ Contrôle du Safe Boot (CSB) (O49) O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\CleanHlp.sys . (...) -- C:\Windows\System32\Drivers\CleanHlp.sys (.not file.) O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\CleanHlp.sys . (...) -- C:\Windows\System32\Drivers\CleanHlp.sys (.not file.) ~ CSB: 21 Legitimates Filtered in 00mn 00s ---\\ Enumération des clés de registre PoliciesSystem (MWPS) (O55) O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0 O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0 ~ MWPS: 18 Legitimates Filtered in 00mn 00s ---\\ Enumération des clés de registre PoliciesExplorer (MWPE) (O56) O56 - MWPE:[HKCU\...\policies\Explorer] - "NoLowDiskSpaceChecks"=1 ~ MWPE Keys: 7 Legitimates Filtered in 00mn 00s ---\\ Liste des pilotes du système (SDL) (O58) O58 - SDL:28/04/2011 - 18:23:36 ---A- . (.ITE Tech. Inc. - ITE Consumer IR Driver for eHome.) -- C:\Windows\System32\Drivers\itecir.sys [70760] O58 - SDL:20/06/2012 - 08:31:02 ---A- . (.ITE Tech. Inc. - ITECIR Filter Driver.) -- C:\Windows\System32\Drivers\ITECIRfilter.sys [18064] O58 - SDL:26/07/2012 - 09:11:43 ---A- . (...) -- C:\Windows\System32\Drivers\secdrv.sys [23040] O58 - SDL:26/07/2012 - 06:00:55 ---A- . (.Promise Technology, Inc. - Promise SuperTrak EX Series Driver for Windows x64.) -- C:\Windows\System32\Drivers\stexstor.sys [30960] O58 - SDL:23/09/2013 - 13:19:12 ---A- . (.Windows (R) Win 7 DDK provider - Spyware Terminator 2012 driver.) -- C:\Windows\System32\Drivers\stflt.sys [51496] O58 - SDL:13/12/2012 - 12:50:36 ---A- . (.Apple, Inc. - Apple Mobile Device USB Driver.) -- C:\Windows\System32\Drivers\usbaapl64.sys [54784] O58 - SDL:25/09/1999 - 18:03:10 ---A- . (...) -- C:\Windows\SysWOW64\drivers\SECDRV.SYS [14368] O58 - SDL:28/04/2005 - 12:08:46 ----- . (...) -- C:\Windows\SysWOW64\AVerIO.sys [3456] ~ Drivers: 62 Legitimates Filtered in 00mn 05s ---\\ Derniers fichiers modifiés ou crées (Utilisateur) (O61) O61 - LFC: 27/12/2014 - 12:22:24 ---A- . (...) -- C:\Users\Administrateur\AppData\Local\Microsoft\Windows\1036\StructuredQuerySchema.bin [361866] ~ 2 Fichiers temporaires (Temporary files) ~ 1 Fichiers cookies (Cookies files) ~ Files: 1 Legitimates Filtered in 00mn 41s ---\\ Liste des outils de désinfection (LATC) (O63) O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman ~ ADS: Scanned in 00mn 00s ---\\ Menu de démarrage Internet (SMI) (O68) O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe ~ Keys: Scanned in 00mn 00s ---\\ Recherche d'infection sur les navigateurs internet (SBI) (O69) O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - http://www.bing.com ~ Keys: Scanned in 00mn 00s ---\\ Recherche dans la clé de registre Feature Controls (IFC) (O81) O81 - IFC: Internet Feature Controls [HKUS\.DEFAULT] [FEATURE_BROWSER_EMULATION] -- svchost.exe =>Rootkit.TDSS O81 - IFC: Internet Feature Controls [HKUS\S-1-5-18] [FEATURE_BROWSER_EMULATION] -- svchost.exe =>Rootkit.TDSS ~ Keys: Scanned in 00mn 00s ---\\ Enumère les fichiers Crack & Keygen (CKF) (O82) C:\Program Files (x86)\Serial Key Generator 5.0\Example Apps\SerialKeyGenerator_C#.NET(2010)\Source\WindowsFormsApplication1\bin\Debug\WindowsFormsApplication1.exe =>.Crack,Keygen C:\Program Files (x86)\Serial Key Generator 5.0\Example Apps\SerialKeyGenerator_C#.NET(2010)\Source\WindowsFormsApplication1\bin\Debug\WindowsFormsApplication1.vshost.exe =>.Crack,Keygen C:\Program Files (x86)\Serial Key Generator 5.0\Example Apps\SerialKeyGenerator_C#.NET(2010)\Source\WindowsFormsApplication1\bin\Debug\WindowsFormsApplication1.vshost.exe.manifest =>.Crack,Keygen C:\Program Files (x86)\Serial Key Generator 5.0\Example Apps\SerialKeyGenerator_C#.NET(2010)\Source\WindowsFormsApplication1\obj\x86\Debug\WindowsFormsApplication1.exe =>.Crack,Keygen C:\Program Files (x86)\Serial Key Generator 5.0\Example Apps\SerialKeyGenerator_C#.NET(2010)\WindowsFormsApplication1.exe =>.Crack,Keygen C:\Program Files (x86)\Serial Key Generator 5.0\Example Apps\SerialKeyGenerator_CPPBuilder(XE2)\Project1.exe =>.Crack,Keygen C:\Program Files (x86)\Serial Key Generator 5.0\Example Apps\SerialKeyGenerator_Delphi(XE2)\Project1.exe =>.Crack,Keygen C:\Program Files (x86)\Serial Key Generator 5.0\Example Apps\SerialKeyGenerator_VB.NET(2010)\Source\WindowsApplication1\bin\Debug\WindowsApplication1.exe =>.Crack,Keygen C:\Program Files (x86)\Serial Key Generator 5.0\Example Apps\SerialKeyGenerator_VB.NET(2010)\Source\WindowsApplication1\bin\Debug\WindowsApplication1.vshost.exe =>.Crack,Keygen C:\Program Files (x86)\Serial Key Generator 5.0\Example Apps\SerialKeyGenerator_VB.NET(2010)\Source\WindowsApplication1\bin\Debug\WindowsApplication1.vshost.exe.manifest =>.Crack,Keygen C:\Program Files (x86)\Serial Key Generator 5.0\Example Apps\SerialKeyGenerator_VB.NET(2010)\Source\WindowsApplication1\obj\x86\Debug\WindowsApplication1.exe =>.Crack,Keygen C:\Program Files (x86)\Serial Key Generator 5.0\Example Apps\SerialKeyGenerator_VB.NET(2010)\WindowsApplication1.exe =>.Crack,Keygen C:\RECUPERATION D\DISQUE DUR MAISON\Nouveau dossier (2)\SketchList3D.Pro.v3.0.1.2149.WiN\Nouveau dossier\SketchList.3D.1.5.0.19.cracked-SND\SketchList 3D.exe =>.Crack,Keygen C:\RECUPERATION D\DISQUE DUR MAISON\Nouveau dossier (2)\SketchList3D.Pro.v3.0.1.2149.WiN\SketchList.3D.1.5.0.19.cracked-SND(1).zip =>.Crack,Keygen C:\RECUPERATION D\DISQUE DUR MAISON\Nouveau dossier (2)\SketchList3D.Pro.v3.0.1.2149.WiN\SketchList.3D.1.5.0.19.cracked-SND.zip =>.Crack,Keygen C:\RECUPERATION D\DOSSIERS\EPUB\Adobe CS5.5 Master Collection (Keygen)\Adobe CS5.5 Master Collection (Keygen).zip =>.Crack,Keygen C:\RECUPERATION D\DOSSIERS\Photoshop\ADOBE_Keygen.zip =>.Crack,Keygen C:\RECUPERATION D\DOSSIERS\Photoshop\Adobe_Keygen_Generator_v2.04.zip =>.Crack,Keygen C:\RECUPERATION D\DOSSIERS\Photoshop\crack et keygen cs5\Keygen Adobe Master CS5.5\Adobe CS5.5 Master Collection (Keygen).zip =>.Crack,Keygen C:\RECUPERATION D\DOSSIERS\Photoshop\crack et keygen cs5\Keygen Adobe Master CS5.5\Nouveau dossier\Adobe CS5.5 Master Collection (Keygen).zip =>.Crack,Keygen C:\RECUPERATION D\DOSSIERS\Photoshop\crack et keygen cs5\Keygen Adobe Master CS5.5\Nouveau dossier\Nouveau dossier\Crack Cs5 tout produit x86 x64.zip =>.Crack,Keygen C:\RECUPERATION D\DOSSIERS\Photoshop\crack et keygen cs5\Keygen Adobe Master CS5.5\Nouveau dossier (2)\Adobe CS5.5 Master Collection (Keygen)\Adobe CS5.5 Master Collection (Keygen)\Adobe CS5.5 Master Collection (Keygen).zip =>.Crack,Keygen C:\RECUPERATION D\DOSSIERS\Photoshop\crack et keygen cs5\Keygen Adobe Master CS5.5\Nouveau dossier (2)\Adobe CS5.5 Master Collection (Keygen).zip =>.Crack,Keygen C:\RECUPERATION D\DOSSIERS\Photoshop\crack et keygen cs5\Keygen Adobe Master CS5.5\Nouveau dossier (3)\Adobe CS5 Expired Fix - Serial, Activation - amtlib.dll - Patch, Crack.zip =>.Crack,Keygen C:\RECUPERATION D\DOSSIERS\Photoshop\crack et keygen cs5\Keygen Adobe Master CS5.5\Nouveau dossier (5)\Adobe CS5.5 Master Collection (Keygen).zip =>.Crack,Keygen C:\RECUPERATION D\Soft\logiciels\3d +photos\3dsmax fr V 4\KEYGEN\3DSMAX4.EXE =>.Crack,Keygen C:\RECUPERATION D\Soft\logiciels\3d +photos\3dsmax fr V 4\keygen.zip =>.Crack,Keygen C:\RECUPERATION D\Soft\logiciels\3d +photos\InDesign\ADOBE.INDESIGN.CS.V3.0 keygen.exe =>.Crack,Keygen C:\RECUPERATION D\Soft\Soft Divers\PhotoFiltre_6.2.4_Incl.Keygen_FRENCH-BS\bs-qyr00.zip =>.Crack,Keygen C:\RECUPERATION D\Soft\TELECHARGEMENTS\WinZip.Pro.v11.0.7313.WinALL.Incl.Keygen-ViRiLiTY\winzip110.exe =>.Crack,Keygen C:\RECUPERATION D\USB\Brothersoft_downloader_For_KeyGen_Software_License_Key_Generator.exe =>.Crack,Keygen C:\Users\chien\AppData\Roaming\uTorrent\Adobe CS5 Keygen.exe.torrent =>.Crack,Keygen C:\Users\chien\Desktop\INDISIGN V9.2\Adobe.InDesign.CC.v9.2.Final.www.IR-DL.com\Adobe InDesign CC v9.2 Final (www.IR-DL.com)\Keygen\disable_activation.cmd =>.Crack,Keygen C:\Users\chien\Desktop\INDISIGN V9.2\Adobe.InDesign.CC.v9.2.Final.www.IR-DL.com\Adobe InDesign CC v9.2 Final (www.IR-DL.com)\Keygen\install.txt =>.Crack,Keygen C:\Users\chien\Desktop\INDISIGN V9.2\Adobe.InDesign.CC.v9.2.Final.www.IR-DL.com\Adobe InDesign CC v9.2 Final (www.IR-DL.com)\Keygen\Video.MP4 =>.Crack,Keygen C:\Users\chien\Desktop\INDISIGN V9.2\Adobe.InDesign.CC.v9.2.Final.www.IR-DL.com\Adobe InDesign CC v9.2 Final (www.IR-DL.com)\Keygen\xf-adobecc.exe =>.Crack,Keygen C:\Users\chien\Downloads\NTI_Media_Maker_9.0.1.9011_Premium_eng_Trial\keygen.rar =>.Crack,Keygen C:\Program Files (x86)\Serial Key Generator 5.0\Example Apps\SerialKeyGenerator_C#.NET(2010)\Source\WindowsFormsApplication1\bin\Debug\WindowsFormsApplication1.exe =>.Crack,Keygen C:\Program Files (x86)\Serial Key Generator 5.0\Example Apps\SerialKeyGenerator_C#.NET(2010)\Source\WindowsFormsApplication1\bin\Debug\WindowsFormsApplication1.vshost.exe =>.Crack,Keygen C:\Program Files (x86)\Serial Key Generator 5.0\Example Apps\SerialKeyGenerator_C#.NET(2010)\Source\WindowsFormsApplication1\bin\Debug\WindowsFormsApplication1.vshost.exe.manifest =>.Crack,Keygen C:\Program Files (x86)\Serial Key Generator 5.0\Example Apps\SerialKeyGenerator_C#.NET(2010)\Source\WindowsFormsApplication1\obj\x86\Debug\WindowsFormsApplication1.exe =>.Crack,Keygen C:\Program Files (x86)\Serial Key Generator 5.0\Example Apps\SerialKeyGenerator_C#.NET(2010)\WindowsFormsApplication1.exe =>.Crack,Keygen C:\Program Files (x86)\Serial Key Generator 5.0\Example Apps\SerialKeyGenerator_CPPBuilder(XE2)\Project1.exe =>.Crack,Keygen C:\Program Files (x86)\Serial Key Generator 5.0\Example Apps\SerialKeyGenerator_Delphi(XE2)\Project1.exe =>.Crack,Keygen C:\Program Files (x86)\Serial Key Generator 5.0\Example Apps\SerialKeyGenerator_VB.NET(2010)\Source\WindowsApplication1\bin\Debug\WindowsApplication1.exe =>.Crack,Keygen C:\Program Files (x86)\Serial Key Generator 5.0\Example Apps\SerialKeyGenerator_VB.NET(2010)\Source\WindowsApplication1\bin\Debug\WindowsApplication1.vshost.exe =>.Crack,Keygen C:\Program Files (x86)\Serial Key Generator 5.0\Example Apps\SerialKeyGenerator_VB.NET(2010)\Source\WindowsApplication1\bin\Debug\WindowsApplication1.vshost.exe.manifest =>.Crack,Keygen C:\Program Files (x86)\Serial Key Generator 5.0\Example Apps\SerialKeyGenerator_VB.NET(2010)\Source\WindowsApplication1\obj\x86\Debug\WindowsApplication1.exe =>.Crack,Keygen C:\Program Files (x86)\Serial Key Generator 5.0\Example Apps\SerialKeyGenerator_VB.NET(2010)\WindowsApplication1.exe =>.Crack,Keygen C:\RECUPERATION D\DISQUE DUR MAISON\Nouveau dossier (2)\SketchList3D.Pro.v3.0.1.2149.WiN\Nouveau dossier\SketchList.3D.1.5.0.19.cracked-SND\SketchList 3D.exe =>.Crack,Keygen C:\RECUPERATION D\DISQUE DUR MAISON\Nouveau dossier (2)\SketchList3D.Pro.v3.0.1.2149.WiN\SketchList.3D.1.5.0.19.cracked-SND(1).zip =>.Crack,Keygen C:\RECUPERATION D\DISQUE DUR MAISON\Nouveau dossier (2)\SketchList3D.Pro.v3.0.1.2149.WiN\SketchList.3D.1.5.0.19.cracked-SND.zip =>.Crack,Keygen C:\RECUPERATION D\DOSSIERS\EPUB\Adobe CS5.5 Master Collection (Keygen)\Adobe CS5.5 Master Collection (Keygen).zip =>.Crack,Keygen C:\RECUPERATION D\DOSSIERS\Photoshop\ADOBE_Keygen.zip =>.Crack,Keygen C:\RECUPERATION D\DOSSIERS\Photoshop\Adobe_Keygen_Generator_v2.04.zip =>.Crack,Keygen C:\RECUPERATION D\DOSSIERS\Photoshop\crack et keygen cs5\Keygen Adobe Master CS5.5\Adobe CS5.5 Master Collection (Keygen).zip =>.Crack,Keygen C:\RECUPERATION D\DOSSIERS\Photoshop\crack et keygen cs5\Keygen Adobe Master CS5.5\Nouveau dossier\Adobe CS5.5 Master Collection (Keygen).zip =>.Crack,Keygen C:\RECUPERATION D\DOSSIERS\Photoshop\crack et keygen cs5\Keygen Adobe Master CS5.5\Nouveau dossier\Nouveau dossier\Crack Cs5 tout produit x86 x64.zip =>.Crack,Keygen C:\RECUPERATION D\DOSSIERS\Photoshop\crack et keygen cs5\Keygen Adobe Master CS5.5\Nouveau dossier (2)\Adobe CS5.5 Master Collection (Keygen)\Adobe CS5.5 Master Collection (Keygen)\Adobe CS5.5 Master Collection (Keygen).zip =>.Crack,Keygen C:\RECUPERATION D\DOSSIERS\Photoshop\crack et keygen cs5\Keygen Adobe Master CS5.5\Nouveau dossier (2)\Adobe CS5.5 Master Collection (Keygen).zip =>.Crack,Keygen C:\RECUPERATION D\DOSSIERS\Photoshop\crack et keygen cs5\Keygen Adobe Master CS5.5\Nouveau dossier (3)\Adobe CS5 Expired Fix - Serial, Activation - amtlib.dll - Patch, Crack.zip =>.Crack,Keygen C:\RECUPERATION D\DOSSIERS\Photoshop\crack et keygen cs5\Keygen Adobe Master CS5.5\Nouveau dossier (5)\Adobe CS5.5 Master Collection (Keygen).zip =>.Crack,Keygen C:\RECUPERATION D\Soft\logiciels\3d +photos\3dsmax fr V 4\KEYGEN\3DSMAX4.EXE =>.Crack,Keygen C:\RECUPERATION D\Soft\logiciels\3d +photos\3dsmax fr V 4\keygen.zip =>.Crack,Keygen C:\RECUPERATION D\Soft\logiciels\3d +photos\InDesign\ADOBE.INDESIGN.CS.V3.0 keygen.exe =>.Crack,Keygen C:\RECUPERATION D\Soft\Soft Divers\PhotoFiltre_6.2.4_Incl.Keygen_FRENCH-BS\bs-qyr00.zip =>.Crack,Keygen C:\RECUPERATION D\Soft\TELECHARGEMENTS\WinZip.Pro.v11.0.7313.WinALL.Incl.Keygen-ViRiLiTY\winzip110.exe =>.Crack,Keygen C:\RECUPERATION D\USB\Brothersoft_downloader_For_KeyGen_Software_License_Key_Generator.exe =>.Crack,Keygen C:\Users\chien\AppData\Roaming\uTorrent\Adobe CS5 Keygen.exe.torrent =>.Crack,Keygen C:\Users\chien\Desktop\INDISIGN V9.2\Adobe.InDesign.CC.v9.2.Final.www.IR-DL.com\Adobe InDesign CC v9.2 Final (www.IR-DL.com)\Keygen\disable_activation.cmd =>.Crack,Keygen C:\Users\chien\Desktop\INDISIGN V9.2\Adobe.InDesign.CC.v9.2.Final.www.IR-DL.com\Adobe InDesign CC v9.2 Final (www.IR-DL.com)\Keygen\install.txt =>.Crack,Keygen C:\Users\chien\Desktop\INDISIGN V9.2\Adobe.InDesign.CC.v9.2.Final.www.IR-DL.com\Adobe InDesign CC v9.2 Final (www.IR-DL.com)\Keygen\Video.MP4 =>.Crack,Keygen C:\Users\chien\Desktop\INDISIGN V9.2\Adobe.InDesign.CC.v9.2.Final.www.IR-DL.com\Adobe InDesign CC v9.2 Final (www.IR-DL.com)\Keygen\xf-adobecc.exe =>.Crack,Keygen C:\Users\chien\Downloads\NTI_Media_Maker_9.0.1.9011_Premium_eng_Trial\keygen.rar =>.Crack,Keygen ~ Files: Scanned in 03mn 27s ---\\ Recherche particulière à la racine du système (SPRF) (O84) [MD5.2712A358944C065D61A38282EC47AEAA] [SPRF][30/10/2014] (...) -- C:\ProgramData\ntuser.dat [262144] [MD5.157D8B324855BFE2EB25723E123BE5C9] [SPRF][22/04/2014] (...) -- C:\Users\Administrateur\Desktop\cc_20140422_224854.reg [4610] [MD5.9B70C4BD5E0260D586D175E86FBC3117] [SPRF][01/06/2014] (...) -- C:\Users\Administrateur\Desktop\cc_20140601_150507.reg [19284] [MD5.C5114505E0F151E57AA9F271ECE60C8C] [SPRF][29/10/2014] (...) -- C:\Users\Administrateur\Desktop\cc_20141029_191650.reg [50652] ~ Files: 5 Legitimates Filtered in 00mn 00s ---\\ Liste des exceptions du parefeu (FirewallRules) (O87) O87 - FAEL: "{3B21C931-496B-4BFE-AEF0-CC16ED1E6C2C}" | In - None - P6 - TRUE | .(.BitTorrent Inc. - µTorrent.) -- C:\Users\chien\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent O87 - FAEL: "{BD49F5AD-AE37-4046-A5F0-D451C73EECD8}" | In - None - P17 - TRUE | .(.BitTorrent Inc. - µTorrent.) -- C:\Users\chien\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent ~ Firewall: 2 Legitimates Filtered in 00mn 03s ---\\ Recherche des packages WindowsInstaller (WIS) (O93) (NTFS) [MD5.BC8FAF80A6FEE9CA7D51F744A6F0D45E] [WIS][22/04/2014] (.ReSoft Ltd. - Shopping Helper Smartbar.) -- C:\Windows\Installer\c0275ec.msi [9502720] =>Hijacker.SmartBar [MD5.0A517BFDBF16092D7D813FAA69BB7F65] [WIS][09/02/2014] (.LPT - LPT System Updater Service.) -- C:\Windows\Installer\c0275f0.msi [1712128] =>Adware.IncrediBar ~ WIS: 2 Legitimates Filtered in 00mn 06s ---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped) SS - | Demand 16/12/2014 267440 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe SS - | Demand 06/08/2012 361984 | (AMD FUEL Service) . (.Advanced Micro Devices, Inc..) - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe SS - | Demand 07/09/2013 55624 | (Apple Mobile Device) . (.Apple Inc..) - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe SS - | Demand 08/08/2012 364544 | (AVerRemote) . (.AVerMedia.) - C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerRemote.exe SS - | Demand 01/04/2011 403456 | (AVerScheduleService) . (...) - C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerScheduleService.exe SS - | Auto 10/07/1658 0 | (cae99edb) . (...) - c:\Program Files (x86)\Super Optimizer\SupOptCrash.dll SS - | Demand 12/10/2013 655624 | (FLEXnet Licensing Service) . (.Acresso Software Inc..) - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe SS - | Auto 10/07/1658 0 | (gupdate) . (...) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe SS - | Demand 10/07/1658 0 | (gupdatem) . (...) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe SS - | Demand 13/07/2012 2451456 | (IconMan_R) . (.Realsil Microelectronics Inc..) - C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe SS - | Demand 17/05/2012 7680 | (IdeaTouch.LocalDataServer.Education) . (.Microsoft.) - C:\Program Files (x86)\Lenovo\EducationPortal\Services\IdeaTouch.LocalDataServer.Education.exe SS - | Demand 01/10/2013 641352 | (iPod Service) . (.Apple Inc..) - C:\Program Files\iPod\bin\iPodService.exe SS - | Demand 15/03/2011 32768 | (JME Keyboard) . (...) - C:\Windows\jmesoft\Service.exe SS - | Demand 20/06/2011 73728 | (LightScribeService) . (.Hewlett-Packard Company.) - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe SS - | Demand 09/12/2014 114800 | (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe SS - | Disabled 28/06/2013 3860480 | (SafeIPS) . (.SafeIP.) - C:\Program Files (x86)\SafeIP\SafeIPs.exe SS - | Demand 23/10/2013 172192 | (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files (x86)\Skype\Updater\Updater.exe SS - | Demand 19/02/2010 517096 | (SwitchBoard) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe SS - | Disabled 12/09/2013 5071712 | (TeamViewer8) . (.TeamViewer GmbH.) - C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe SS - | Disabled 05/06/2014 93040 | (TomTomHOMEService) . (.TomTom.) - C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe SS - | Demand 11/05/2012 211968 | (VolumeCtlSrv) . (.Wistron Corporation.) - C:\Program Files\VolumeOSD\VolumeCtlSrv.exe SS - | Disabled 10/07/1658 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe =>.Microsoft Corporation SS - | Demand 20/09/2012 29696 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe SR - | Auto 14/09/2012 239616 | (AMD External Events Utility) . (.AMD.) - C:\Windows\System32\atiesrxx.exe SR - | Auto 30/08/2011 462184 | (Bonjour Service) . (.Apple Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe SR - | Auto 26/01/2009 1153368 | (SBSDWSCService) . (.Safer Networking Ltd..) - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe SR - | Auto 10/07/1658 0 | (WinDefend) . (...) - C:\Program Files (x86)\Windows Defender\MsMpEng.exe ~ Services: Scanned in 00mn 24s ---\\ Recherche d'infection sur le Master Boot Record (MBR)(O80) Run by Administrateur at 27/12/2014 12:27:31 ~ OS 64 not supported by MBR tool ~ MBR: 0 Legitimates Filtered in 00mn 00s ---\\ Recherche d'infection sur le Master Boot Record (MBRCheck)(O80) Written by ad13, http://ad13.geekstog Run by Administrateur at 27/12/2014 12:27:33 ********* Dump file Name ********* C:\PhysicalDisk0_MBR.bin ~ MBR: Scanned in 00mn 02s ---\\ Scan Additionnel (O88) Database Version : 13026 - (28/08/2014) Clés trouvées (Keys found) : 2 Valeurs trouvées (Values found) : 1 Dossiers trouvés (Folders found) : 3 Fichiers trouvés (Files found) : 3 [HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{a75e6670-7578-4ccc-b6af-fe0ad00e2786}] =>Hijacker.SmartBar^ [HKCU\Software\InstallCore] =>Adware.InstallCore C:\ProgramData\InstallMate =>PUP.Tarma^ C:\Users\Administrateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpyHunter =>Crapware.SpyHunter^ C:\ProgramData\FreeRide Games =>Toolbar.FreeRide [HKLM\Software\Wow6432Node\SecretSauce] =>Adware.SecretSauce^ C:\Windows\Installer\c0275ec.msi =>Hijacker.SmartBar^ C:\Windows\Installer\c0275f0.msi =>Adware.IncrediBar^ ~ Additionnel Scan: 453059 Items scanned in 01mn 07s ---\\ Informations complémentaires sur les modules ~ http://nicolascoolman.fr/r5-internet-explorer-proxy-management-iepm/ =>.Internet Explorer, Proxy Management (R5) ~ http://nicolascoolman.fr/o4-applications-demarrees-par-le-registre/ =>.Applications lancées au démarrage du système (O4) ~ AMI: 2 Legitimates Filtered in 00mn 00s ---\\ Récapitulatif des détections trouvées sur votre station http://nicolascoolman.fr/pup-playnowradio =>PUP.PlayNowRadio http://nicolascoolman.fr/hijacker-smartbar =>Hijacker.SmartBar http://nicolascoolman.fr/adware-installcore =>Adware.InstallCore http://nicolascoolman.fr/adware-secretsauce =>Adware.SecretSauce http://nicolascoolman.fr/pup-tarma =>PUP.Tarma http://nicolascoolman.fr/crapware-spyhunter =>Crapware.SpyHunter http://nicolascoolman.fr/rootkit-tdss =>Rootkit.TDSS http://nicolascoolman.fr/adware-incredibar =>Adware.IncrediBar ~ MSI: 8 link(s) detected in 00mn 00s ~ 767 Legitimates filtered by white list End of the scan (538 lines in 08mn 14s)(74)