~ Rapport de ZHPDiag v2014.1.25.26 - Nicolas Coolman (25/01/2014) ~ Lancé par CC (02/02/2014 21:06:10) ~ Adresse du Site Web http://nicolascoolman.webs.com ~ Forums gratuits d'Assistance à la désinfection : http://nicolascoolman.webs.com/apps/links/ ~ Traduit par Nicolas Coolman ~ Etat de la version : ~ Liste blanche : Activée par le programme ~ Elévation des Privilèges : OK ~ User Account Control (UAC): Deactivate by program ---\\ Navigateurs Internet MSIE: Internet Explorer v9.0.8112.16421 GCIE: Google Chrome v32.0.1700.102 (Defaut) ---\\ Informations sur les produits Windows ~ Langage: Français Windows Vista (TM) Home Premium, 64-bit Service Pack 2 (Build 6002) Windows Server License Manager Script : OK Windows Automatic Updates : OK ---\\ Logiciels de protection du système Malwarebytes Anti-Malware version 1.75.0.1300 ---\\ Logiciels d'optimisation du système CCleaner =>Piriform Ltd ---\\ Logiciels de partage PeerToPeer eMule µTorrent v2.2.1 =>P2P.µTorrent ---\\ Surveillance de Logiciels Adobe Flash Player 11 Plugin Adobe Reader X Java 7 Update 51 ---\\ Informations sur le système ~ Processor: Intel64 Family 6 Model 15 Stepping 13, GenuineIntel ~ Operating System: 64 Bits Boot mode: Normal (Normal boot) Total RAM: 4094 MB (15% free) System Restore: Activé (Enable) System drive C: has 38 GB (8%) free of 454 GB ---\\ Mode de connexion au système ~ Computer Name: PCCC ~ User Name: CC ~ All Users Names: Julie, CCadmin, CC, ASPNET, Administrateur, ~ Unselected Option: O45,O61,O62,O65,O66,O80,O82,O89 Logged in as Administrator ---\\ Variables d'environnement ~ System Unit : C:\ ~ %AppZHP% : C:\Users\CC\AppData\Roaming\ZHP\ ~ %AppData% : C:\Users\CC\AppData\Roaming\ ~ %Desktop% : C:\Users\CC\Desktop\ ~ %Favorites% : C:\Users\CC\Favorites\ ~ %LocalAppData% : C:\Users\CC\AppData\Local\ ~ %StartMenu% : C:\Users\CC\AppData\Roaming\Microsoft\Windows\Start Menu\ ~ %Windir% : C:\Windows\ ~ %System% : C:\Windows\System32\ ---\\ Enumération des unités disques C: Hard drive, Flash drive, Thumb drive (Free 38 Go of 454 Go) D: Hard drive, Flash drive, Thumb drive (Free 2 Go of 12 Go) E: CD-ROM drive (Not Inserted) F: Floppy drive, Flash card reader, USB Key (Not Inserted) G: Floppy drive, Flash card reader, USB Key (Free 2 Go of 4 Go) H: Floppy drive, Flash card reader, USB Key (Not Inserted) ---\\ Etat du Centre de Sécurité Windows [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: Modified [HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: Modified [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowHelp: Modified =>PUA.StartShow [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowMyGames: Modified [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowPrinters: Modified [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowSetProgramAccessAndDefaults: Modified =>PUA.StartShow [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowNetConn: Modified ~ Security Center: 49 Legitimates Filtered in 00mn 00s ---\\ Recherche particulière de fichiers génériques [MD5.6B08E54A451B3F95E4109DBA7E594270] - (.Microsoft Corporation - Explorateur Windows.) (.11/04/2009 - 08:10:17.) -- C:\Windows\Explorer.exe [3079168] [MD5.117EA87DF785CA1B9D821F6F213DCE07] - (.Microsoft Corporation - Application de démarrage de Windows.) (.21/01/2008 - 03:50:23.) -- C:\Windows\System32\Wininit.exe [123904] [MD5.60CA010B705660542FB33B43C3653BA0] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.15/11/2013 - 02:29:03.) -- C:\Windows\System32\wininet.dll [1392128] [MD5.6D0773A3A65D28B663F334C90441D01A] - (.Microsoft Corporation - Application d'ouverture de session Windows.) (.11/04/2009 - 08:11:08.) -- C:\Windows\System32\Winlogon.exe [405504] [MD5.2BA159E1F9FD75F6A496742B20F1D9CF] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.04/09/2013 - 03:31:51.) -- C:\Windows\system32\Drivers\AFD.sys [404992] [MD5.E68D9B3A3905619732F7FE039466A623] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.11/04/2009 - 08:15:00.) -- C:\Windows\system32\Drivers\atapi.sys [20952] [MD5.B4D787DB8D30793A4D4DF9FEED18F136] - (.Microsoft Corporation - CD-ROM File System Driver.) (.21/01/2008 - 03:50:39.) -- C:\Windows\system32\Drivers\Cdfs.sys [90624] [MD5.C025AA69BE3D0D25C7A2E746EF6F94FC] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.11/04/2009 - 06:34:39.) -- C:\Windows\system32\Drivers\Cdrom.sys [79872] [MD5.8B722BA35205C71E7951CDC4CDBADE19] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.14/04/2011 - 16:14:19.) -- C:\Windows\system32\Drivers\DfsC.sys [97792] [MD5.F942C5820205F2FB453243EDFEC82A3D] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.11/04/2009 - 06:39:41.) -- C:\Windows\system32\Drivers\HDAudBus.sys [948736] [MD5.CBB597659A2713CE0C9CC20C88C7591F] - (.Microsoft Corporation - Pilote de port i8042.) (.21/01/2008 - 03:47:27.) -- C:\Windows\system32\Drivers\i8042prt.sys [64000] [MD5.B7E6212F581EA5F6AB0C3A6CEEEB89BE] - (.Microsoft Corporation - IP Network Address Translator.) (.21/01/2008 - 03:48:45.) -- C:\Windows\system32\Drivers\IpNat.sys [115712] [MD5.1485811B320FF8C7EDAD1CAEBB1C6C2B] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.29/04/2011 - 14:39:34.) -- C:\Windows\system32\Drivers\MRxSmb.sys [135680] [MD5.FC2C792EBDDC8E28DF939D6A92C83D61] - (.Microsoft Corporation - MBT Transport driver.) (.11/04/2009 - 06:42:33.) -- C:\Windows\system32\Drivers\netBT.sys [248320] [MD5.2ACCAA3C3C55370A32F17B3595E1A217] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.03/03/2013 - 20:13:14.) -- C:\Windows\system32\Drivers\ntfs.sys [1513320] [MD5.AECD57F94C887F58919F307C35498EA0] - (.Microsoft Corporation - Pilote de port parallèle.) (.02/11/2006 - 10:37:57.) -- C:\Windows\system32\Drivers\Parport.sys [96768] [MD5.AC7BC4D42A7E558718DFDEC599BBFC2C] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.11/04/2009 - 06:43:38.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [124928] [MD5.C045D1FB111C28DF0D1BE8D4BDA22C06] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.21/01/2008 - 03:46:51.) -- C:\Windows\system32\Drivers\rdpdr.sys [314368] [MD5.290B6F6A0EC4FCDFC90F5CB6D7020473] - (.Microsoft Corporation - SMB Transport driver.) (.11/04/2009 - 06:42:19.) -- C:\Windows\system32\Drivers\smb.sys [88064] [MD5.458919C8C42E398DC4802178D5FFEE27] - (.Microsoft Corporation - TDI Translation Driver.) (.11/04/2009 - 06:43:00.) -- C:\Windows\system32\Drivers\tdx.sys [94720] [MD5.582F710097B46140F5A89A19A6573D4B] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.21/08/2012 - 12:50:57.) -- C:\Windows\system32\Drivers\volsnap.sys [267648] ~ Generic Processes: Scanned in 00mn 01s ---\\ Etat des fichiers cachés (Caché/Total) ~ Mes images (My Pictures) : 2/1771 ~ Mes musiques (My Musics) : 0/6 ~ Mes Videos (My Videos) : 0/0 ~ Mes Favoris (My Favorites) : 1/5 ~ Mes Documents (My Documents) : 4/937 ~ Mon Bureau (My Desktop) : 0/10 ~ Menu demarrer (Programs) : 1/60 ~ Hidden Files: Scanned in 00mn 17s ---\\ Processus lancés [MD5.F6987FF6C6D683F79FDCE707B071A997] - (.SFX TEAM - SuperCopier 2 (explorer file copy replaceme.) -- C:\Program Files (x86)\SuperCopier2\SuperCopier2.exe [955392] [PID.3624] [MD5.DF105989C770C6AB43970A2CC0B9561A] - (.Pas de propriétaire - Logiciel Wallpaper.) -- C:\Program Files (x86)\Wallpaper\Wallpaper.exe [233472] [PID.3632] [MD5.1D35A47798F2A17A3C4010DEC372839D] - (.Google - Google Drive.) -- C:\Program Files (x86)\Google\Drive\googledrivesync.exe [20203904] [PID.3644] [MD5.6EEF6C498498CF1E98422A902E0F70A1] - (.SourceForge.net - Password Safe Application.) -- C:\Program Files (x86)\Password Safe\pwsafe.exe [3825152] [PID.3680] [MD5.26DBC63479E11D54D0C0D2A38D543E69] - (.Pas de propriétaire - OSD MFC Application.) -- C:\Program Files (x86)\HP\Buttons & OSDs control application gen2\MediaButtons.exe [2199552] [PID.3744] [MD5.6EA567154345511AFAABA045E1B92202] - (.Hewlett-Packard - Keyboard & Mouse Battery volume Detection.) -- C:\Program Files (x86)\Hewlett-Packard\HP KEYBOARD\HPKEYBOARD.exe [463360] [PID.3752] [MD5.12FD7C1EADDDA10A67B1D6F905B3CC1E] - (.Sony Corporation - Content Transfer Walkman Detector.) -- C:\Program Files (x86)\Sony\Content Transfer\ContentTransferWMDetector.exe [583016] [PID.3760] [MD5.42CD386F16D943E1F89A3D7891F8AD24] - (.Analog Devices, Inc. - SMax4PNP.) -- C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe [1314816] [PID.3768] [MD5.9B593137FBCC7C1E5D0E4A422749D9A5] - (.Google Inc. - Google Chrome.) -- C:\Users\CC\AppData\Local\Google\Chrome\Application\chrome.exe [866584] [PID.3356] [MD5.5138013F145ED88A5AB60F67E852EC1F] - (.BitTorrent, Inc. - µTorrent.) -- C:\Program Files (x86)\uTorrent\uTorrent.exe [399736] [PID.3732] =>P2P.BitTorrent [MD5.4614A8098872CB9E14FE32C89EDE9BB9] - (.Google - Hangouts Plugin.) -- C:\Users\CC\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe [64008] [PID.15284] [MD5.8911702CC546B76FE8F9C61987C68C43] - (.Microsoft Corporation - Internet Low-Mic Utility Tool.) -- C:\Program Files (x86)\Internet Explorer\IELowutil.exe [222720] [PID.18124] [MD5.D319D6875772B5ED94B6D101B8377496] - (...) -- C:\Windows\SysWOW64\OSDFORM.exe [102400] [PID.29000] [MD5.870F2231CF74C05FCFA87964A97F83B1] - (.Adobe Systems, Incorporated - Photoshop Elements 12 Editor.) -- C:\Program Files (x86)\Adobe\Photoshop Elements 12\PhotoshopElementsEditor.exe [39413152] [PID.40920] [MD5.36FDB8C775B1F7D2069B8C8D0CD09084] - (.Adobe Systems Incorporated - Adobe Reader.) -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.exe [1465920] [PID.70024] [MD5.2D821AFA5A1A9CA7F9F997A1AAD09E72] - (.Microsoft Corporation - Windows Media Player.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe [168960] [PID.70152] [MD5.05F2F2533E9F59B71CCA67AFF33EADA0] - (.Just Great Software - EditPad Lite.) -- C:\Program Files (x86)\JGsoft\EditPadLite\EditPadLite.exe [2544896] [PID.69864] [MD5.CA25CAEEBDBE25D85565877219F684F8] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [8339968] [PID.41580] [MD5.C711ED965009BDCFF9AA62CEB6FF1AAD] - (.brother Industries Ltd - brsvc01a.) -- C:\Windows\SysWOW64\brsvc01a.exe [57344] [PID.1284] [MD5.ADDA5E1951B90D3D23C56D3CF0622ADC] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [65640] [PID.1624] [MD5.A5299D04ED225D64CF07A568A3E1BF8C] - (.Apple Inc. - MobileDeviceService.) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [55184] [PID.1688] [MD5.F01964D14C12496F5297B8C2E16CEFA1] - (.brother Industries Ltd - brss01a.exe.) -- C:\Windows\SysWOW64\brss01a.exe [45056] [PID.1948] [MD5.65085456FD9A74D7F1A999520C299ECB] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376] [PID.1976] [MD5.AE6C778717DE2F6B0C0B5335036D3363] - (.Sony Corporation - Device Information Provider.) -- C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe [430136] [PID.1192] [MD5.6AF12011C88C80920D0543616E107CFF] - (...) -- C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe [245760] [PID.2420] [MD5.E9F2657D05ED097EAEAA329C9B0C93B7] - (...) -- C:\Program Files (x86)\Video-Saver\video-saver152.exe [165888] [PID.2468] [MD5.BF3818B441955E4D438EC72F06F1FE61] - (.Adobe Systems Incorporated - Adobe Photoshop Elements 11.0 (component).) -- C:\Program Files (x86)\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe [171600] [PID.324] [MD5.430C19CB511FD6E0DDCD44B42B1810DA] - (.Adobe Systems Incorporated - Adobe Photoshop Elements 12.0 (component).) -- C:\Program Files (x86)\Adobe\Elements 12 Organizer\PhotoshopElementsFileAgent.exe [181152] [PID.324] [MD5.9B593137FBCC7C1E5D0E4A422749D9A5] - (.Google Inc. - Google Chrome.) -- C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe [866584] [PID.3356] [MD5.465680BDE344CE4FF6646626AA3A9125] - (.Google Inc. - Google Crash Handler.) -- C:\Users\Julie\AppData\Local\Google\Update\1.3.22.3\GoogleCrashHandler.exe [223112] [PID.17312] ~ Processes Running: Scanned in 00mn 05s ---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2) C:\Users\CC\AppData\Local\Google\Chrome\User Data\Default\Preferences G2 - GCE: Preference [User Data\Default] [haocganpkafanhkfldbbmhcpaelmkejg] Hedgehog in the fog v.3 (Activé) G2 - GCE: Preference [User Data\Default] [jgoepmocgafhnchmokaimcmlojpnlkhp] Bouton +1 de Google v.1.2.0.329 (Activé) G2 - GCE: Preference [User Data\Default] [mcceagdollnkjlogmdckgjakjapmkdjf] Download Master v.4.0.0.2 (Activé) G2 - GCE: Preference [User Data\Default] [nkeimhogjdpnpccoofpliimaahmaaome] Hangout Services v.1.0 (Activé) G2 - GCE: Preference [User Data\Default] [ponjkmladgjfjgllmhnkhgbgocdigcjm] App Launcher Customizer for Google v.1.1.5, (Activé) ~ Google Browser: 29 Legitimates Filtered in 00mn 42s ---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3) C:\Users\CC\AppData\Roaming\Mozilla\Firefox\Profiles\bcyxpor4.default\prefs.js M3 - MFPP: Plugins - [CC] -- C:\Users\CC\AppData\Roaming\Mozilla\Firefox\Profiles\bcyxpor4.default\searchplugins\wikipedia-eng.xml M3 - MFPP: Plugins - [CC] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\acpro.xml P2 - FPN:Firefox Plugin Navigator . (.BitTorrent, Inc. - BitTorrent Plugin 1.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\npbittorrent.dll =>P2P.BitTorrent P2 - FPN: [HKCU] [@facebook.com/FBPlugin,version=1.0.1] - (.Pas de propriétaire - Provides additional functionality on Facebook. See .NVIDIA Corporation O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] . (.Adobe Systems Incorporated - Adobe Updater Startup Utility.) -- C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe =>.Adobe Systems Incorporated O4 - HKCU\..\Run: [SuperCopier2.exe] . (.SFX TEAM - SuperCopier 2 (explorer file copy replaceme.) -- C:\Program Files (x86)\SuperCopier2\SuperCopier2.exe O4 - HKCU\..\Run: [Wallpaper] . (.Pas de propriétaire - Logiciel Wallpaper.) -- C:\Program Files (x86)\Wallpaper\Wallpaper.exe O4 - HKCU\..\Run: [GoogleDriveSync] . (.Google - Google Drive.) -- C:\Program Files (x86)\Google\Drive\googledrivesync.exe O4 - HKCU\..\Run: [ehTray.exe] . (.Microsoft Corporation - Media Center Tray Applet.) -- C:\Windows\ehome\ehTray.exe O4 - HKCU\..\Run: [CAHeadless] . (.Adobe Systems Incorporated - ElementsAutoAnalyzer.) -- C:\Program Files (x86)\Adobe\Elements 12 Organizer\CAHeadless\ElementsAutoAnalyzer.exe O4 - HKCU\..\RunOnce: [FlashPlayerUpdate] . (.Adobe Systems Incorporated - Adobe® Flash® Player Installer/Uninstaller.) -- C:\Windows\system32\Macromed\Flash\FlashUtil64_11_9_900_170_ActiveX.exe O4 - HKLM\..\Wow6432Node\Run: [SoundMAX] . (.Analog Devices, Inc. - SoundMAX Audio Settings (32-bit).) -- C:\Program Files (x86)\Analog Devices\SoundMAX\SoundMAX.exe O4 - HKLM\..\Wow6432Node\Run: [Buttons & OSDs control application gen2] . (.Pas de propriétaire - OSD MFC Application.) -- C:\Program Files (x86)\HP\Buttons & OSDs control application gen2\MediaButtons.exe O4 - HKLM\..\Wow6432Node\Run: [HP KEYBOARD] . (.Hewlett-Packard - Keyboard & Mouse Battery volume Detection.) -- C:\Program Files (x86)\Hewlett-Packard\HP KEYBOARD\HPKEYBOARD.exe O4 - HKLM\..\Wow6432Node\Run: [ContentTransferWMDetector.exe] . (.Sony Corporation - Content Transfer Walkman Detector.) -- C:\Program Files (x86)\Sony\Content Transfer\ContentTransferWMDetector.exe O4 - HKLM\..\Wow6432Node\Run: [SoundMAXPnP] . (.Analog Devices, Inc. - SMax4PNP.) -- C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] Clé orpheline O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation O4 - HKUS\S-1-5-20\..\Run: [WindowsWelcomeCenter] Clé orpheline O4 - HKUS\S-1-5-21-4154590487-1511992936-3810515737-1000\..\Run: [SuperCopier2.exe] . (.SFX TEAM - SuperCopier 2 (explorer file copy replaceme.) -- C:\Program Files (x86)\SuperCopier2\SuperCopier2.exe O4 - HKUS\S-1-5-21-4154590487-1511992936-3810515737-1000\..\Run: [Wallpaper] . (.Pas de propriétaire - Logiciel Wallpaper.) -- C:\Program Files (x86)\Wallpaper\Wallpaper.exe O4 - HKUS\S-1-5-21-4154590487-1511992936-3810515737-1000\..\Run: [GoogleDriveSync] . (.Google - Google Drive.) -- C:\Program Files (x86)\Google\Drive\googledrivesync.exe O4 - HKUS\S-1-5-21-4154590487-1511992936-3810515737-1000\..\Run: [ehTray.exe] . (.Microsoft Corporation - Media Center Tray Applet.) -- C:\Windows\ehome\ehTray.exe O4 - HKUS\S-1-5-21-4154590487-1511992936-3810515737-1000\..\Run: [CAHeadless] . (.Adobe Systems Incorporated - ElementsAutoAnalyzer.) -- C:\Program Files (x86)\Adobe\Elements 12 Organizer\CAHeadless\ElementsAutoAnalyzer.exe O4 - HKUS\S-1-5-21-4154590487-1511992936-3810515737-1000\..\RunOnce: [FlashPlayerUpdate] . (.Adobe Systems Incorporated - Adobe® Flash® Player Installer/Uninstaller.) -- C:\Windows\system32\Macromed\Flash\FlashUtil64_11_9_900_170_ActiveX.exe ~ Application: Scanned in 00mn 00s ---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9) O9 - Extra button: @btrez.dll,-12650 [64Bits] - {CCA281CA-C863-46ef-9331-5C8D4460577F} . (...) -- c:\Program Files\WIDCOMM\Bluetooth Software\bt_hot_icon.ico ~ IE Extra Buttons: Scanned in 00mn 00s ---\\ Objets ActiveX (Downloaded Program Files)(O16) O16 - DPF: {615A1925-0E5B-4767-A65E-3165AEAC32A3} ((no name)) - http://quickscan.bitdefender.com/qsax/qsax64.cab ~ Objets ActiveX: Scanned in 00mn 00s ---\\ Modification Domaine/Adresses DNS (O17) O17 - HKLM\System\CCS\Services\Tcpip\..\{C9896E12-19C9-4A4F-B935-1EFA50D2DE63}: NameServer = 8.8.8.8,8.8.4.4 O17 - HKLM\System\CS1\Services\Tcpip\..\{C9896E12-19C9-4A4F-B935-1EFA50D2DE63}: NameServer = 8.8.8.8,8.8.4.4 O17 - HKLM\System\CS3\Services\Tcpip\..\{C9896E12-19C9-4A4F-B935-1EFA50D2DE63}: NameServer = 8.8.8.8,8.8.4.4 ~ Domain: Scanned in 00mn 00s ---\\ Protocole additionnel (O18) O18 - Handler: vbscript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\system32\mshtml.dll =>.Microsoft Corporation O18 - Filter: text/xml [64Bits] - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.dll =>.Microsoft Corporation ~ Protocole Additionnel: Scanned in 00mn 00s ---\\ Clé de Registre autorun SharedTaskScheduler (STS) (O22) O22 - SharedTaskScheduler: Component Categories cache daemon [64Bits] - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\Windows\System32\browseui.dll ~ STS/SSO: Scanned in 00mn 00s ---\\ Liste des services NT non Microsoft et non désactivés (O23) O23 - Service: Video-Saver (video-saver) . (...) - C:\Program Files (x86)\Video-Saver\video-saver152.exe ~ Services: 15 Legitimates Filtered in 00mn 20s ---\\ Enumère les données de BootExecute (BEX) (O34) O34 - HKLM BootExecute: (autocheck autochk * ) - File not found O34 - HKLM BootExecute: (BootDefrag.exe) - File not found ~ BEX: 3 Legitimates Filtered in 00mn 00s ---\\ Tâches planifiées en automatique (O39) [MD5.00000000000000000000000000000000] [APT] [{0A24DC49-107A-4F6E-B86C-AAAFFD9149A1}] (...) -- C:\Users\CC\Videos\Tri\OmniPage v17 Professional Cracked\AutoRun.exe (.not file.) [0] [MD5.00000000000000000000000000000000] [APT] [{E03EE736-92CD-4878-9035-C636FC83D62F}] (...) -- C:\Users\CC\Downloads\WallpaperSetup.exe (.not file.) [0] ~ Scheduled Task: 17 Legitimates Filtered in 00mn 05s ---\\ Logiciels installés (O42) O42 - Logiciel: Buttons & OSDs control application gen2 - (...) [HKLM][64Bits] -- {5A627DFB-EA4C-4FFA-B711-69E849FB40D8} O42 - Logiciel: DinnerWiz 2.11 - (.RL Vision.) [HKLM][64Bits] -- DinnerWiz_is1 ~ Logic: 22 Legitimates Filtered in 00mn 02s ---\\ HKCU & HKLM Software Keys [HKCU\Software\Jim Willsher] [HKCU\Software\Live Downloader] [HKCU\Software\TroegerSoft] [HKCU\Software\WaveNotify] [HKCU\Software\gourmet] ~ Key Software: 407 Legitimates Filtered in 00mn 02s ---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43) O43 - CFD: 26/02/2012 - 11:45:53 - [1,315] ----D C:\Program Files (x86)\DinnerWiz O43 - CFD: 02/02/2014 - 11:07:53 - [0,068] ----D C:\Program Files (x86)\EasyPhotoUploader O43 - CFD: 06/02/2010 - 19:25:06 - [6,772] ----D C:\Program Files (x86)\PocketDixXEncoder O43 - CFD: 14/03/2010 - 14:17:14 - [0,007] ----D C:\Program Files (x86)\RapidList O43 - CFD: 26/02/2012 - 11:47:56 - [0,005] ----D C:\ProgramData\RL Vision O43 - CFD: 12/03/2009 - 22:56:31 - [0,004] ----D C:\ProgramData\{CD649BED-8A0E-48BE-B3B6-0F5055BED534} O43 - CFD: 22/12/2010 - 02:19:37 - [0,007] ----D C:\Users\CC\AppData\Roaming\fdrtools.com O43 - CFD: 06/12/2008 - 00:49:57 - [2,753] ----D C:\Users\CC\AppData\Roaming\gourmet O43 - CFD: 16/02/2010 - 00:05:47 - [0] ----D C:\Users\CC\AppData\Roaming\Live Downloader O43 - CFD: 14/03/2010 - 22:28:29 - [0] ----D C:\Users\CC\AppData\Roaming\SynoSurveillance O43 - CFD: 31/01/2014 - 07:03:40 - [1,224] ----D C:\Users\CC\AppData\Local\genienext O43 - CFD: 15/02/2010 - 21:38:05 - [5,341] ----D C:\Users\CC\AppData\Local\WaveNotify O43 - CFD: 30/01/2010 - 15:28:36 - [0,006] ----D C:\Users\CC\AppData\Local\Z-Systems O43 - CFD: 17/08/2013 - 20:47:25 - [0,056] ----D C:\Users\CC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bureautique O43 - CFD: 17/08/2013 - 20:47:38 - [0,004] ----D C:\Users\CC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Réseau O43 - CFD: 02/02/2014 - 20:48:51 - [0,003] ----D C:\Users\CC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Sécurité ~ Program Folder: 288 Legitimates Filtered in 03mn 23s ---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44) O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 02/02/2014 - 10:08:42 ---A- . (...) -- C:\Windows\System32\Drivers\lvuvc.hs [0] O44 - LFC:[MD5.0A34066D56D57C0DA73BFFC1E4169FF2] - 02/02/2014 - 11:12:49 ---A- . (...) -- C:\Windows\wininit.ini [85] ~ Files: 12 Legitimates Filtered in 00mn 04s ---\\ Contrôle du Safe Boot (CSB) (O49) O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\hitmanpro36.sys . (.Pas de propriétaire - Hitman Pro 3.5 Support Driver.) -- C:\Windows\System32\Drivers\hitmanpro36.sys ~ CSB: 14 Legitimates Filtered in 00mn 00s ---\\ Clé de registre Shell MountPoints2 (MPKS) (O51) O51 - MPSK:{16557550-fa24-11e2-aecb-00221533a59b}\AutoRun\command. (...) -- H:\WD SmartWare.exe (.not file.) O51 - MPSK:{b13d5d8d-8d7d-11dd-ad89-00218663e388}\AutoRun\command. (...) -- G:\LaunchU3.exe (.not file.) ~ Keys: Scanned in 00mn 06s ---\\ Enumération des clés de registre PoliciesSystem (MWPS) (O55) O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0 O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0 ~ MWPS: 18 Legitimates Filtered in 00mn 00s ---\\ Liste des pilotes du système (SDL) (O58) O58 - SDL:[MD5.3AD4B78ECBAB5673515F0B466D126348] - 15/02/2008 - 16:20:10 ---A- . (.Analog Devices, Inc. - High Definition Audio Function Driver.) -- C:\Windows\System32\Drivers\ADIHdAud.sys [497152] O58 - SDL:[MD5.2E83D2621E87C493AB45DC6655BA77D4] - 16/08/2013 - 19:02:02 ---A- . (...) -- C:\Windows\System32\Drivers\aswSnx.sys.sum [175] O58 - SDL:[MD5.A5F29AC2F0ADE8B995B49D7350CE3AC0] - 16/08/2013 - 19:02:03 ---A- . (...) -- C:\Windows\System32\Drivers\aswSP.sys.sum [175] O58 - SDL:[MD5.E86C64478D9A90D62255FE9EB0150C6E] - 16/08/2013 - 19:02:03 ---A- . (...) -- C:\Windows\System32\Drivers\aswVmm.sys.sum [175] O58 - SDL:[MD5.BACD4306403695374373FB43D506EB1E] - 11/06/2008 - 03:15:58 ---A- . (...) -- C:\Windows\System32\Drivers\AVerAF15DMBTH64.sys [321920] O58 - SDL:[MD5.40014A6251A68D1EC48001B1653CCEE0] - 21/01/2008 - 03:47:30 ---A- . (...) -- C:\Windows\System32\Drivers\bdasup.sys [15616] O58 - SDL:[MD5.B79968002C277E869CF38BD22CD61524] - 18/09/2006 - 22:30:18 ---A- . (...) -- C:\Windows\System32\Drivers\BrUsbMdm.sys [14976] O58 - SDL:[MD5.A87528880231C54E75EA7A44943B38BF] - 19/09/2006 - 12:42:33 ---A- . (...) -- C:\Windows\System32\Drivers\BrUsbSer.sys [14720] O58 - SDL:[MD5.856A52DDFD1EDED8DA13649579831C48] - 18/02/2011 - 07:20:32 ---A- . (.Windows (R) Win 7 DDK provider - Synology Virtual USB Hub.) -- C:\Windows\System32\Drivers\busenum.sys [56160] O58 - SDL:[MD5.264CEE7B031A9D6C827F3D0CB031F2FE] - 21/01/2008 - 03:46:56 ---A- . (...) -- C:\Windows\System32\Drivers\E1G6032E.sys [146176] O58 - SDL:[MD5.C4636D6E10469404AB5308D9FD45ED07] - 21/01/2008 - 03:46:59 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\System32\Drivers\elxstor.sys [397368] O58 - SDL:[MD5.8E98D21EE06192492A5671A6144D092F] - 21/08/2012 - 13:01:20 ---A- . (...) -- C:\Windows\System32\Drivers\GEARAspiWDM.sys [33240] O58 - SDL:[MD5.603F4C5E89B67331DDACECAA6C231CB1] - 03/07/2013 - 03:22:30 ---A- . (...) -- C:\Windows\System32\Drivers\hidparse.sys [31616] O58 - SDL:[MD5.C6FF685E2EA55C3AC5C90B9E7D6930C0] - 21/02/2012 - 20:24:22 ---A- . (.Pas de propriétaire - Hitman Pro 3.5 Support Driver.) -- C:\Windows\System32\Drivers\hitmanpro36.sys [25160] O58 - SDL:[MD5.63C766CDC609FF8206CB447A65ABBA4A] - 02/11/2006 - 13:02:09 ---A- . (.Integrated Technology Express, Inc. - ITE IT8211 ATA/ATAPI SCSI miniport.) -- C:\Windows\System32\Drivers\iteatapi.sys [37480] O58 - SDL:[MD5.1281FE73B17664631D12F643CBEA3F59] - 02/11/2006 - 13:02:09 ---A- . (.Integrated Technology Express, Inc. - ITE IT8212 ATA RAID SCSI miniport.) -- C:\Windows\System32\Drivers\iteraid.sys [37480] O58 - SDL:[MD5.1D419CF43DB29396ECD7113D129D94EB] - 21/01/2008 - 03:49:00 ---A- . (...) -- C:\Windows\System32\Drivers\ksthunk.sys [20864] O58 - SDL:[MD5.B2085E335F2B57077B0CBADB6F1245CD] - 07/10/2009 - 09:45:36 ---A- . (...) -- C:\Windows\System32\Drivers\lvpopf64.sys [271640] O58 - SDL:[MD5.0EA73E498F53B96D83DBFCA074AD4CF8] - 21/01/2008 - 03:49:52 ---A- . (...) -- C:\Windows\System32\Drivers\mskssrv.sys [11008] O58 - SDL:[MD5.52E59B7E992A58E740AA63F57EDBAE8B] - 02/11/2006 - 10:37:30 ---A- . (...) -- C:\Windows\System32\Drivers\mspclock.sys [7040] O58 - SDL:[MD5.49084A75BAE043AE02D5B44D02991BB2] - 02/11/2006 - 10:37:30 ---A- . (...) -- C:\Windows\System32\Drivers\mspqm.sys [6656] O58 - SDL:[MD5.86D632D75D05D5B7C7C043FA3564AE86] - 21/01/2008 - 03:49:52 ---A- . (...) -- C:\Windows\System32\Drivers\mstee.sys [7936] O58 - SDL:[MD5.093DCD56DA1B3801AA9689F0628BAB7D] - 24/06/2008 - 12:32:00 ---A- . (...) -- C:\Windows\System32\Drivers\nvlddmkm.sys [9573792] O58 - SDL:[MD5.B5B1CE65AC15BBD11C0619E3EF7CFC28] - 11/04/2009 - 06:39:49 ---A- . (...) -- C:\Windows\System32\Drivers\ohci1394.sys [72448] O58 - SDL:[MD5.B0C2CEA708685E8AD10F028211A2D973] - 05/05/2008 - 14:05:02 ---A- . (.Pas de propriétaire - Buttons and OSDs ACPI driver gen2.) -- C:\Windows\System32\Drivers\OSDACPI.SYS [15928] O58 - SDL:[MD5.105373D52E71D2D1355AD3ACD18259C3] - 31/07/2012 - 11:42:48 ---A- . (...) -- C:\Windows\System32\Drivers\ssudbus.sys [102240] O58 - SDL:[MD5.74425FFA11C133D045E1C3BE2EAD481D] - 31/07/2012 - 11:42:48 ---A- . (...) -- C:\Windows\System32\Drivers\ssudmdm.sys [203104] O58 - SDL:[MD5.EB69069B969F4252A3BDE2BB3621811E] - 11/04/2009 - 06:39:31 ---A- . (...) -- C:\Windows\System32\Drivers\stream.sys [68224] O58 - SDL:[MD5.697F0446134CDC8F99E69306184FBBB4] - 21/01/2008 - 03:46:56 ---A- . (.ULi Electronics Inc. - ULi SATA Controller Driver.) -- C:\Windows\System32\Drivers\uliahci.sys [284728] O58 - SDL:[MD5.31707F09846056651EA2C37858F5DDB0] - 02/11/2006 - 12:50:54 ---A- . (.Promise Technology, Inc. - Promise Ultra/Sata Series Driver for Win2003.) -- C:\Windows\System32\Drivers\ulsata.sys [148072] O58 - SDL:[MD5.85E5E43ED5B48C8376281BAB519271B7] - 21/01/2008 - 03:46:52 ---A- . (.Promise Technology, Inc. - Promise SATAII150 Series x64 Windows Driver.) -- C:\Windows\System32\Drivers\ulsata2.sys [174696] O58 - SDL:[MD5.43228F8EDD1B0BCDD3145AD246E63D39] - 28/09/2012 - 10:32:56 ---A- . (.Apple, Inc. - Apple Mobile Device USB Driver.) -- C:\Windows\System32\Drivers\usbaapl64.sys [53760] O58 - SDL:[MD5.D46BDF1C810138E2D3B985FA3A7AB05E] - 11/04/2009 - 06:39:40 ---A- . (...) -- C:\Windows\System32\Drivers\USBCAMD2.sys [32640] O58 - SDL:[MD5.7BCE39EE2B61BC3A17E80BC0583F6797] - 29/06/2013 - 03:25:14 ---A- . (...) -- C:\Windows\System32\Drivers\usbd.sys [7552] O58 - SDL:[MD5.BF7A051DCCBA57C95541135B29CE0FB4] - 12/07/2013 - 10:19:36 ---A- . (...) -- C:\Windows\System32\Drivers\usbvideo.sys [168960] O58 - SDL:[MD5.FEF8FE5923FEAD2CEE4DFABFCE3393A7] - 02/11/2006 - 10:40:24 ---A- . (...) -- C:\Windows\System32\Drivers\wacompen.sys [26624] O58 - SDL:[MD5.6216FD7FD227DE454238A702B218CEC7] - 23/12/2011 - 20:58:18 ---A- . (.Devguru Co., Ltd - Device Error Recovery SDK(x86).) -- C:\Windows\SysWOW64\drivers\dgderdrv.sys [20032] ~ Drivers: 18 Legitimates Filtered in 00mn 09s ---\\ Liste des outils de désinfection (LATC) (O63) O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman ~ ADS: Scanned in 00mn 00s ---\\ Associations Shell Spawning (O67) O67 - Shell Spawning: <.com> <>[HKU\..\open\Command] (.Not Key.) O67 - Shell Spawning: <.exe> <>[HKU\..\open\Command] (.Not Key.) ~ FASS Keys: 11 Legitimates Filtered in 00mn 00s ---\\ Menu de démarrage Internet (SMI) (O68) O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe ~ Keys: Scanned in 00mn 00s ---\\ Recherche particulière à la racine du système (SPRF) (O84) [MD5.B295634FCF82048F3006F0E28354BCB8] [SPRF][20/01/2014] (...) -- C:\ProgramData\nvModes.dat [41855] [MD5.E311CCF87DFF9C3D3A36F9B9FE31F4BD] [SPRF][26/10/2008] (...) -- C:\Users\CC\AppData\Local\cqdlhuc.bat [89] [MD5.D8C56575C65AAC4A134FFA3C559FA900] [SPRF][12/09/2012] (...) -- C:\Users\CC\AppData\Local\d3d9caps.dat [680] [MD5.D385C5D7A310925BA79F1966AB4321C0] [SPRF][09/04/2011] (...) -- C:\Users\CC\AppData\Local\d3d9caps64.dat [732] [MD5.8B87FD758CF6C3078705B2A2FB5225C0] [SPRF][10/01/2009] (...) -- C:\Users\CC\AppData\Local\fusioncache.dat [90] [MD5.12BCBE9765FF1A160F6C1C77AC14373C] [SPRF][01/02/2014] (...) -- C:\Users\CC\AppData\Local\Temp\~gu3-ver.dat [106] [MD5.E538C7ED34BA783A7BAB272BE62DB1DA] [SPRF][01/02/2014] (...) -- C:\Users\CC\AppData\Local\Temp\~upgrade.dat [1094] [MD5.E91DF7B9F568D4344819B58BB554E74C] [SPRF][08/03/2011] (...) -- C:\Windows\Downloaded Program Files\JuniperExt.exe [398704] [MD5.167BA403FE81B5BEDCB7E8C7233B680A] [SPRF][08/03/2011] (...) -- C:\Windows\Downloaded Program Files\JuniperSetupClientCtrlUninstaller.exe [42896] ~ Files: 12 Legitimates Filtered in 00mn 00s ---\\ Enumère les codes produits des logiciels (PUC) (O90) O90 - PUC: "7B7A08D910CDD584EA3917D055B9C565" . (.Elements 12 Organizer.) -- C:\Windows\Installer\{9D80A7B7-DC01-485D-AE93-710D559B5C56}\ARPPRODUCTICON.exe ~ Update Products: 106 Legitimates Filtered in 00mn 00s ---\\ Recherche des packages WindowsInstaller (WIS) (O93) (NTFS) [MD5.08D4F3026EBF9139208ED7D28C32BC11] [WIS][05/01/2009] (.Synology Inc. - Synology Download Redirector.) -- C:\Windows\Installer\12ac99e.msi [133120] [MD5.FA0DE1890E5FE5C32DFB6CAE6E1A7B28] [WIS][17/06/2009] (.Synology Inc. - Synology Data Replicator II.) -- C:\Windows\Installer\c04b58.msi [220672] ~ WIS: 112 Legitimates Filtered in 00mn 15s ---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped) SS - | Disabled 22/02/2012 3045688 | (a2AntiMalware) . (.Emsi Software GmbH.) - C:\Program Files (x86)\a-squared Anti-Malware\a2service.exe SS - | Demand 10/12/2013 257416 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe SS - | Demand 10/07/1658 0 | (aspnet_state) . (...) - C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe SS - | Demand 01/11/2009 867080 | (FLEXnet Licensing Service) . (.Acresso Software Inc..) - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe SS - | Auto 01/11/2012 116648 | (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe SS - | Demand 01/11/2012 116648 | (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe SS - | Disabled 10/07/1658 0 | (HP Health Check Service) . (...) - c:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe SS - | Disabled 03/05/2008 101376 | (HP Touch Screen Enhance) . (.Hewlett-Packard.) - C:\Program Files (x86)\Hewlett-Packard\HP Touch Screen Enhance Service\HPTSEnSrv.exe SS - | Demand 12/12/2012 641504 | (iPod Service) . (.Apple Inc..) - C:\Program Files\iPod\bin\iPodService.exe SS - | Auto 04/04/2013 701512 | (MBAMService) . (.Malwarebytes Corporation.) - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe SS - | Demand 10/07/1658 0 | (rpcapd) . (...) - C:\Program Files (x86)\WinPcap\rpcapd.exe SS - | Auto 05/09/2013 171680 | (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files (x86)\Skype\Updater\Updater.exe SS - | Disabled 06/08/2007 404480 | (SynoDrService) . (...) - C:\Program Files (x86)\Synology Data Replicator 3\SynoDrServicex64.exe SS - | Demand 10/07/1658 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe =>.Microsoft Corporation SR - | Auto 17/09/2012 171600 | (AdobeActiveFileMonitor11.0) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe SR - | Auto 25/09/2013 181152 | (AdobeActiveFileMonitor12.0) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Adobe\Elements 12 Organizer\PhotoshopElementsFileAgent.exe SR - | Auto 10/05/2013 65640 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe SR - | Auto 19/10/2007 89600 | (AEADIFilters) . (.Andrea Electronics Corporation.) - C:\Windows\System32\AEADISRV.exe SR - | Auto 11/08/2012 55184 | (Apple Mobile Device) . (.Apple Inc..) - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe SR - | Auto 30/08/2011 462184 | (Bonjour Service) . (.Apple Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe SR - | Auto 13/06/2004 57344 | (Brother XP spl Service) . (.brother Industries Ltd.) - C:\Windows\SysWOW64\brsvc01a.exe SR - | Auto 04/04/2013 418376 | (MBAMScheduler) . (.Malwarebytes Corporation.) - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe SR - | Auto 24/06/2008 51200 | (nvsvc) . (.NVIDIA Corporation.) - C:\Windows\System32\nvvsvc.exe SR - | Auto 24/08/2011 430136 | (PMBDeviceInfoProvider) . (.Sony Corporation.) - C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe SR - | Auto 18/02/2011 245760 | (UsbClientService) . (...) - C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe SR - | Auto 01/02/2014 165888 | (video-saver) . (...) - C:\Program Files (x86)\Video-Saver\video-saver152.exe SR - | Auto 21/01/2008 27648 | C:\Program Files (x86)\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe SR - | Auto 21/01/2008 27648 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe ~ Services: Scanned in 00mn 19s ---\\ Scan Additionnel (O88) Database Version : 13030 - (25/01/2014) Clés trouvées (Keys found) : 1 Valeurs trouvées (Values found) : 0 Dossiers trouvés (Folders found) : 0 Fichiers trouvés (Files found) : 2 [HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2419}] =>Adware.Bandoo^ [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowHelp: Modified =>PUA.StartShow ^ C:\Program Files (x86)\uTorrent\uTorrent.exe =>P2P.BitTorrent^ ~ Additionnel Scan: 362077 Items scanned in 00mn 59s ---\\ Récapitulatif des détections trouvées sur votre station ~ http://nicolascoolman.webs.com/apps/blog/show/34077727-pua-startshow =>PUA.StartShow ~ http://nicolascoolman.webs.com/apps/blog/show/27232411-hijacker-proxy =>Hijacker.Proxy ~ http://nicolascoolman.webs.com/apps/blog/show/26611092-adware-bandoo =>Adware.Bandoo ~ MSI: 3 link(s) detected in 00mn 59s ~ 1377 Legitimates filtered by white list End of the scan (532 lines in 06mn 59s)(0)