Bonjour
j'ai desinstallé comme demandé
J'ai installé adwcleaner et supprimé tout ce qu'il à trouvé
Le probléme persiste ci-aprés le rapport zhpdiag
~ Rapport de ZHPDiag v2014.3.12.13 - Nicolas Coolman (12/03/2014)
~ Lancé par Sergeasus (13/03/2014 18:51:43)
~ Adresse du Site Web http://nicolascoolman.webs.com
~ Forums gratuits d'Assistance à la désinfection : http://nicolascoolman.webs.com/apps/links/
~ Traduit par Nicolas Coolman
~ Etat de la version :
~ Liste blanche : Activée par le programme
~ Elévation des Privilèges : OK
~ User Account Control (UAC): Deactivate by user
---\\ Navigateurs Internet
MSIE: Internet Explorer v11.0.9600.16518
---\\ Informations sur les produits Windows
~ Langage: Français
Windows 7 Home Premium, 64-bit Service Pack 1 (Build 7601)
Windows Server License Manager Script : OK
~ Windows(R) 7, OEM_SLP channel
System Locked Preinstallation (OEM_SLP) : OK
Windows ID Activation : OK
~ Windows Partial Key : DVQJG
Windows License : OK
~ Windows Remaining Initializations Number : 1
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK
---\\ Logiciels de protection du système
avast! Premier v9.0.2013
Malwarebytes Anti-Malware version 1.75.0.1300
Spybot - Search & Destroy v1.6.2
Windows Defender W7
---\\ Logiciels d'optimisation du système
CCleaner v3.18 =>Piriform Ltd
---\\ Logiciels de partage PeerToPeer
---\\ Surveillance de Logiciels
Adobe Flash Player 12 Plugin
Adobe Reader XI
Java 7 Update 51
---\\ Informations sur le système
~ Processor: Intel64 Family 6 Model 42 Stepping 7, GenuineIntel
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 6819 MB (71% free)
System Restore: Activé (Enable)
System drive C: has 9 GB (15%) free of 56 GB
---\\ Mode de connexion au système
~ Computer Name: SERGEASUS-PC
~ User Name: Sergeasus
~ All Users Names: Sergeasus, HomeGroupUser$, Administrateur,
~ Unselected Option: O45,O61,O62,O65,O66,O80,O82,O89
Logged in as Administrator
---\\ Variables d'environnement
~ System Unit : C:\
~ %AppZHP% : C:\Users\Sergeasus\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\Sergeasus\AppData\Roaming\
~ %Desktop% : C:\Users\Sergeasus\Desktop\
~ %Favorites% : S:\Jeux\Sergeasus venant du DD C\Sergeasus\Favoris\
~ %LocalAppData% : C:\Users\Sergeasus\AppData\Local\
~ %StartMenu% : C:\Users\Sergeasus\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\
---\\ Enumération des unités disques
C: Hard drive, Flash drive, Thumb drive (Free 9 Go of 56 Go)
D: CD-ROM drive (Not Inserted)
L: Hard drive, Flash drive, Thumb drive (Free 67 Go of 78 Go)
M: Hard drive, Flash drive, Thumb drive (Free 40 Go of 49 Go)
N: Hard drive, Flash drive, Thumb drive (Free 18 Go of 20 Go)
O: Hard drive, Flash drive, Thumb drive (Free 208 Go of 785 Go)
P: Hard drive, Flash drive, Thumb drive (Free 534 Go of 1465 Go)
Q: Hard drive, Flash drive, Thumb drive (Free 90 Go of 203 Go)
R: Hard drive, Flash drive, Thumb drive (Free 100 Go of 195 Go)
S: Hard drive, Flash drive, Thumb drive (Free 393 Go of 466 Go)
---\\ Etat du Centre de Sécurité Windows
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: Modified
~ Security Center: 49 Legitimates Filtered in 00mn 00s
---\\ Recherche particulière de fichiers génériques
[MD5.332FEAB1435662FC6C672E25BEB37BE3] - (.Microsoft Corporation - Explorateur Windows.) (.01/10/2011 - 03:43:55.) -- C:\Windows\Explorer.exe [2871808]
[MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Application de démarrage de Windows.) (.14/07/2009 - 02:39:52.) -- C:\Windows\System32\Wininit.exe [129024]
[MD5.263B6E451526A90FF8B1CEC759F22956] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.06/02/2014 - 10:24:52.) -- C:\Windows\System32\wininet.dll [2334208]
[MD5.1151B1BAA6F350B1DB6598E0FEA7C457] - (.Microsoft Corporation - Application d’ouverture de session Windows.) (.21/11/2010 - 04:24:29.) -- C:\Windows\System32\Winlogon.exe [390656]
[MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Bibliothèque de licences.) (.21/11/2010 - 04:24:16.) -- C:\Windows\System32\sppcomapi.dll [232448]
[MD5.79059559E89D06E8B80CE2944BE20228] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.28/09/2013 - 02:09:10.) -- C:\Windows\system32\Drivers\AFD.sys [497152]
[MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 - 02:52:21.) -- C:\Windows\system32\Drivers\atapi.sys [24128]
[MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.14/07/2009 - 00:19:47.) -- C:\Windows\system32\Drivers\Cdfs.sys [92160]
[MD5.F036CE71586E93D94DAB220D7BDF4416] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.21/11/2010 - 04:23:47.) -- C:\Windows\system32\Drivers\Cdrom.sys [147456]
[MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.21/11/2010 - 04:24:32.) -- C:\Windows\system32\Drivers\DfsC.sys [102400]
[MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.21/11/2010 - 04:23:47.) -- C:\Windows\system32\Drivers\HDAudBus.sys [122368]
[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Pilote de port i8042.) (.14/07/2009 - 00:19:57.) -- C:\Windows\system32\Drivers\i8042prt.sys [105472]
[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.14/07/2009 - 01:10:03.) -- C:\Windows\system32\Drivers\IpNat.sys [116224]
[MD5.A5D9106A73DC88564C825D317CAC68AC] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.01/10/2011 - 03:44:51.) -- C:\Windows\system32\Drivers\MRxSmb.sys [158208]
[MD5.09594D1089C523423B32A4229263F068] - (.Microsoft Corporation - MBT Transport driver.) (.21/11/2010 - 04:23:51.) -- C:\Windows\system32\Drivers\netBT.sys [261632]
[MD5.B98F8C6E31CD07B2E6F71F7F648E38C0] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.12/04/2013 - 15:45:08.) -- C:\Windows\system32\Drivers\ntfs.sys [1656680]
[MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Pilote de port parallèle.) (.14/07/2009 - 01:00:41.) -- C:\Windows\system32\Drivers\Parport.sys [97280]
[MD5.471815800AE33E6F1C32FB1B97C490CA] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.21/11/2010 - 04:24:33.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [129536]
[MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.14/07/2009 - 01:09:09.) -- C:\Windows\system32\Drivers\smb.sys [93184]
[MD5.DDAD5A7AB24D8B65F8D724F5C20FD806] - (.Microsoft Corporation - TDI Translation Driver.) (.21/11/2010 - 04:24:32.) -- C:\Windows\system32\Drivers\tdx.sys [119296]
[MD5.DF8126BD41180351A093A3AD2FC8903B] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.01/10/2011 - 03:43:25.) -- C:\Windows\system32\Drivers\volsnap.sys [296320]
~ Generic Processes: Scanned in 00mn 00s
---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 1/209
~ Mes musiques (My Musics) : 1/7
~ Mes Favoris (My Favorites) : 1/2
~ Mes Documents (My Documents) : 0/0
~ Mon Bureau (My Desktop) : 1/9
~ Menu demarrer (Programs) : 1/99
~ Hidden Files: Scanned in 00mn 00s
---\\ Processus lancés
[MD5.4424EAAE33F2E1B2CAE509ECC8BB99DE] - (...) -- C:\Program Files (x86)\ASUS\System Level Up Driver\SysLevelUp.exe [1175680] [PID.2676]
[MD5.5394E45877580696BBEE7C923EB08663] - (.ASUSTeK Computer Inc. - Digi+VRM Help.) -- L:\Program Files\ASUS\AI Suite II\DIGI+ VRM\VRMHelp.exe [1116800] [PID.2728]
[MD5.576C72830E3FD6ACE2910545B6130803] - (.ASUSTeK Computer Inc. - ASUS Routine Controller.) -- L:\Program Files\ASUS\AI Suite II\AsRoutineController.exe [2931328] [PID.2748]
[MD5.7DFCCC67990B6DE7F30F553A4E4612A4] - (...) -- L:\Program Files (x86)\RocketDock\RocketDock.exe [495616] [PID.2996]
[MD5.9C2692541D9C828A51B42EB83ED10CE8] - (.IObit - Advanced SystemCare 5 Tray.) -- L:\Program Files (x86)\Iobit\Advanced SystemCare 5\ASCTray.exe [1647448] [PID.2368]
[MD5.390679F7A217A5E73D756276C40AE887] - (.Safer-Networking Ltd. - System settings protector.) -- L:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe [2260480] [PID.1296]
[MD5.4115DBB2D4F249ACBB3F5B1CBF415860] - (.SPAMfighter ApS - SPAMfighter Agent.) -- C:\Program Files (x86)\Fighters\SPAMfighter\sfagent.exe [1201256] [PID.3092]
[MD5.A78AAB0D2D70EF7DD56B7328AC502059] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files (x86)\AVAST Software\Avast\AvastUI.exe [3767096] [PID.3120]
[MD5.D1D5DAB39DCB4BE0359943738D87409B] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- L:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe [532040] [PID.3284]
[MD5.D60FE5D119C0610187AF3B90D93A3A8C] - (.ASUSTeK Computer Inc. - ASUS Mobilink.) -- L:\Program Files\ASUS\AI Suite II\ASUS Mobilink\iPhone Simulator\pnSvc.exe [729216] [PID.4664]
[MD5.588BEEE7B106E6520F550A45897D00B2] - (.NVIDIA Corporation - NVIDIA NvTmru Application.) -- C:\PROGRAM FILES (X86)\NVIDIA CORPORATION\NVIDIA UPDATE CORE\NVTMRU.exe [1028384] [PID.7060]
[MD5.05C5CBE5C0C26EFF48AF60639F30F4F5] - (.NVIDIA Corporation - NVIDIA GeForce Experience Backend.) -- C:\PROGRAM FILES (X86)\NVIDIA CORPORATION\UPDATE CORE\NVBACKEND.exe [2279712] [PID.1704]
[MD5.64A2A75D8F4BD07BD0A0029AA8825BBF] - (.Nicolas Coolman - ZHPDiag.) -- L:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [8353792] [PID.6648]
[MD5.E690647AE0B4111E3D82FCE27FDFD9B4] - (.IObit - Advanced SystemCare Service.) -- L:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCService.exe [490840] [PID.872]
[MD5.CC42F104172B4A62793083D380867317] - (.AVAST Software - avast! Service.) -- C:\Program Files (x86)\AVAST Software\Avast\AvastSvc.exe [50344] [PID.1720]
[MD5.3B5DA02DEA6910A709F19180746FF0CE] - (.AVAST Software - avast! firewall service.) -- C:\Program Files (x86)\AVAST Software\Avast\afwServ.exe [113704] [PID.1852]
[MD5.133F82B6391F3390BECFA429C23FB2BE] - (.CrypKey (Canada) Ltd. - CrypKey License Service.) -- C:\Windows\system32\crypserv.exe [122880] [PID.2312]
[MD5.36A435E17C7DD97EABFFA6CE8888D5E0] - (.Nuance Communications, Inc. - Dragon NaturallySpeaking Service.) -- C:\Program Files (x86)\Common Files\Nuance\dgnsvc.exe [296808] [PID.2400]
[MD5.D40B85303BCFF96A717392B06FB015C4] - (.Freemake - FreemakeUtilsService.) -- C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [100864] [PID.2596]
[MD5.65085456FD9A74D7F1A999520C299ECB] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- L:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376] [PID.3048]
[MD5.E0D7732F2D2E24B2DB3F67B6750295B8] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- L:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512] [PID.3132]
[MD5.1C7C6D7481CABD4EF38A81F5B68F02E8] - (.NVIDIA Corporation - NVIDIA Network Service.) -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1494304] [PID.3608]
[MD5.205E1B699FD3F2F9B036EEA2EC30C620] - (...) -- C:\Windows\SysWOW64\PnkBstrA.exe [76888] [PID.3784]
[MD5.398613DDE0E76AD325DFF453F1B6AB7D] - (.SPAMfighter ApS - SPAMfighter Update Service.) -- C:\Program Files (x86)\Fighters\SPAMfighter\sfus.exe [216168] [PID.3872]
[MD5.E4FAD21646088D79F8889B6531396ACF] - (.TomTom - Windows Service for TomTom HOME.) -- L:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe [93072] [PID.4024]
[MD5.3F918D0A7AEEEBDECFCB28C4A1B8FC65] - (...) -- C:\Program Files (x86)\WinRST\WinRST.exe [59904] [PID.3232]
[MD5.794D4B48DFB6E999537C7C3947863463] - (.Safer Networking Ltd. - Spybot-S&D Security Center integration.) -- L:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [1153368] [PID.4444]
[MD5.6E3F4538B33BC19259E99BE1826286A3] - (...) -- C:\Program Files (x86)\ASUS\AXSP\1.00.14\atkexComSvc.exe [922240] [PID.5956]
[MD5.B362181ED3771DC03B4141927C80F801] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [65432] [PID.4900]
[MD5.A63173897EA1A73A75D0E65036DE5B15] - (...) -- C:\Program Files (x86)\ASUS\AAHM\1.00.14\aaHMSvc.exe [915584] [PID.4152]
[MD5.5C31DFB196CB3A488A041881634D86D2] - (...) -- C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe [586880] [PID.5420]
[MD5.0A403702CB00432AC818523CD416BF67] - (.ASUSTeK Computer Inc. - Device Handle.) -- C:\Windows\SysWOW64\AsHookDevice.exe [203392] [PID.1392]
[MD5.D41861E56E7552C13674D7F147A02464] - (.Intel Corporation - IAStorDataSvc.) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [13592] [PID.4456]
[MD5.B90E093E7A7250906F1054418B5339C0] - (.Nero AG - Nero BackItUp.) -- C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe [935208] [PID.5256]
[MD5.CDA9313E34887A111B8309B55BCDCD82] - (.NVIDIA Corporation - Stereo Vision Control Panel API Server.) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [411936] [PID.3660]
[MD5.404C388205926C83210DA3E441073D7B] - (.SPAMfighter ApS - Fighter Suite Service.) -- C:\Program Files (x86)\Fighters\FighterSuiteService.exe [1270376] [PID.4176]
[MD5.DD0042F0C3B606A6A8B92D49AFB18AD6] - (.Yahoo! Inc. - AutoUpater Service Module.) -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe [602392] [PID.6704]
~ Processes Running: Scanned in 00mn 00s
---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
C:\Users\Sergeasus\AppData\Local\Google\Chrome\User Data\Default\Preferences
G2 - GCE: Preference [User Data\Default] [apdfllckaahabafndbhieahigkjlhalf] Google Drive v.6.3 (Activé)
G2 - GCE: Preference [User Data\Default] [neajdppkdcdipfabeoofebfddakdcjhd] Google Network Speech v.1.0 (Activé)
G2 - GCE: Preference [User Data\Default] [nkeimhogjdpnpccoofpliimaahmaaome] Hangout Services v.1.0 (Activé)
G2 - GCE: Preference [User Data\Default] [nmmhkkegccagdldgiimedpiccmgmieda] Google Wallet v.0.0.6.1 (Activé)
G2 - GCE: Preference [User Data\Default] [pelmeidfhdlhlbjimpabfcbnnojbboma] Quick Start v.3.1.3, (Désactivé)
~ Google Browser: 18 Legitimates Filtered in 00mn 00s
---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
C:\Users\Sergeasus\AppData\Roaming\Mozilla\Firefox\Profiles\sqtd9i9h.default\prefs.js (.not file.)
M2 - MFEP: prefs.js [Sergeasus - sqtd9i9h.default\Eraser@vikram] [] Eraser v2.0 (..)
M2 - MFEP: prefs.js [Sergeasus - sqtd9i9h.default\quick_start@gmail.com] [] Quick Start v2.0 (..)
~ Firefox Browser: 6 Legitimates Filtered in 00mn 00s
---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = <local>
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=http://127.0.0.1:9880 =>Hijacker.Proxy
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s
---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s
---\\ Hosts file redirection (O1)
O1 - Hosts: 173.194.34.23 www.google.fr
O1 - Hosts: 173.194.34.24 www.google.fr
O1 - Hosts: 173.194.34.31 www.google.fr
O1 - Hosts: 173.194.34.18 www.google.com
O1 - Hosts: 173.194.34.19 www.google.com
O1 - Hosts: 173.194.34.20 www.google.com
O1 - Hosts: 173.194.34.16 www.google.com
O1 - Hosts: 173.194.34.17 www.google.com
O1 - Hosts: 216.196.97.228 fr.giganews.com
O1 - Hosts: 216.196.109.131 news.giganews.com
O1 - Hosts: 194.154.222.175 eu.mail.arcelormittal.com
Votre fichier Hosts comporte 15604 adresses détournées
~ Hosts File: Scanned in 00mn 02s
~ Nombre de lignes (Lines number): 15604
---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: avast! Online Security - [HKLM]{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} . (.AVAST Software - IE Webrep plugin.) -- C:\Program Files (x86)\AVAST Software\Avast\aswWebRepIE64.dll
O3 - Toolbar: avast! Online Security - [HKLM]{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} . (.AVAST Software - IE Webrep plugin.) -- C:\Program Files (x86)\AVAST Software\Avast\aswWebRepIE64.dll
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{A057A204-BACC-4D26-9990-79A187E2698E} Clé orpheline
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{ADCA5064-9E30-43FE-9856-58B07A3149FE} Clé orpheline
~ Toolbar: Scanned in 00mn 00s
---\\ Autres liens utilisateurs (O4)
O4 - GS\Desktop [Public]: DuckTales.lnk . (...) -- R:\Jeux PC\DuckTales Remastered\executable\DuckTales.exe
O4 - GS\Desktop [Public]: RomStation.lnk . (...) -- R:\Jeux PC\RomStation\RomStation.exe
O4 - GS\Desktop [Public]: Sonic Generations.lnk . (.SEGA - Sonic Generations.) -- R:\Jeux PC\Sonic Generations\SonicGenerations.exe
O4 - GS\Program [Public]: DuckTales Remastered.lnk . (...) -- R:\Jeux PC\DuckTales Remastered\executable\DuckTales.exe
O4 - GS\QuickLaunch [Sergeasus]: DriveImage XML.lnk . (...) -- L:\Program Files (x86)\Runtime Software\DriveImage XML\dixml.exe
O4 - GS\QuickLaunch [Sergeasus]: Spybot - Search & Destroy.lnk . (.Safer Networking Limited - Spybot - Search & Destroy.) -- L:\Program Files (x86)\Spybot - Search & Destroy\SpybotSD.exe
O4 - GS\QuickLaunch [Sergeasus]: WinMerge.lnk . (.http://winmerge.org - WinMerge Application.) -- L:\Program Files (x86)\WinMerge\WinMergeU.exe
O4 - GS\TaskBar [Sergeasus]: Application Mover.lnk . (.Funduc Software Inc. http://www.funduc.com - Application Mover for Windows.) -- L:\Tools\AppMove\AppMove.exe
O4 - GS\TaskBar [Sergeasus]: DriveImage XML.lnk . (...) -- L:\Program Files (x86)\Runtime Software\DriveImage XML\dixml.exe
O4 - GS\TaskBar [Sergeasus]: Euro.lnk . (...) -- L:\Euro.exe
O4 - GS\TaskBar [Sergeasus]: Resource viewer, decompiler & recompiler.lnk . (...) -- L:\ResHacker.exe
O4 - GS\TaskBar [Sergeasus]: SteamMover.lnk . (...) -- L:\SteamMover.exe
O4 - GS\TaskBar [Sergeasus]: Stellar Phoenix Windows Data Recovery - Professional.lnk . (.Stellar Information Systems Ltd. - Windows data Recovery.) -- L:\Program Files (x86)\Stellar Phoenix Windows Data Recovery\spwdrp.exe
O4 - GS\TaskBar [Sergeasus]: VuPassword.lnk . (.Pierre TORRIS - Afficheur de mots de passe.) -- L:\Program Files (x86)\VuPassword\VuPassword.exe
O4 - GS\SendTo [Sergeasus]: Free File Wiper.lnk . (.Free Software Project - Free File Wiper.) -- L:\Program Files (x86)\Effaceur definitif Free File Wiper.exe
O4 - GS\Desktop [Sergeasus]: Pac-Man.lnk . (...) -- R:\Jeux PC\PAC-MAN and the Ghostly Adventures\PACMAN.exe
O4 - GS\Desktop [Sergeasus]: PhotoFiltre Studio X.lnk . (.PhotoFiltre - PhotoFiltre Studio X.) -- C:\Program Files (x86)\PhotoFiltre Studio X\pfstudiox.exe
O4 - GS\QuickLaunch [Administrateur]: DriveImage XML.lnk . (...) -- L:\Program Files (x86)\Runtime Software\DriveImage XML\dixml.exe
O4 - GS\TaskBar [Administrateur]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\Program [Administrateur]: Internet Explorer (64-bit).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\Program [Administrateur]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\SystemTools [Administrateur]: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\Desktop [Administrateur]: VuPassword.lnk . (.Pierre TORRIS - Afficheur de mots de passe.) -- L:\Program Files (x86)\VuPassword\VuPassword.exe
~ Global Startup: 87 Legitimates Filtered in 00mn 00s
---\\ Applications lancées au démarrage du sytème (O4)
O4 - GS\Startup [Sergeasus]: SpywareBlaster.lnk . (...) -- L:\Program Files (x86)\SpywareBlaster\spywareblaster.exe
O4 - HKLM\..\Run: [ShadowPlay] . (.NVIDIA Corporation - NVIDIA Capture Server Proxy.) -- C:\Windows\system32\nvspcap64.dll
O4 - HKLM\..\Run: [RtHDVBg_DTS] . (.Realtek Semiconductor - HD Audio Background Process.) -- C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
O4 - HKCU\..\Run: [RocketDock] . (...) -- L:\Program Files (x86)\RocketDock\RocketDock.exe
O4 - HKCU\..\Run: [Advanced SystemCare 5] . (.IObit - Advanced SystemCare 5 Tray.) -- L:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCTray.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] . (.Safer-Networking Ltd. - System settings protector.) -- L:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKLM\..\Wow6432Node\Run: [sfagent] . (.SPAMfighter ApS - SPAMfighter Agent.) -- C:\Program Files (x86)\Fighters\SPAMfighter\sfagent.exe
O4 - HKLM\..\Wow6432Node\Run: [AvastUI.exe] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files (x86)\AVAST Software\Avast\AvastUI.exe
O4 - HKUS\S-1-5-21-2139952250-2211520926-4092385509-1001\..\Run: [RocketDock] . (...) -- L:\Program Files (x86)\RocketDock\RocketDock.exe
O4 - HKUS\S-1-5-21-2139952250-2211520926-4092385509-1001\..\Run: [Advanced SystemCare 5] . (.IObit - Advanced SystemCare 5 Tray.) -- L:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCTray.exe
O4 - HKUS\S-1-5-21-2139952250-2211520926-4092385509-1001\..\Run: [SpybotSD TeaTimer] . (.Safer-Networking Ltd. - System settings protector.) -- L:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
~ Application: Scanned in 00mn 00s
---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: Send by Bluetooth to [64Bits] - {7815BE26-237D-41A8-A98F-F7BD75F71086} -- Clé orpheline
~ IE Extra Buttons: Scanned in 00mn 00s
---\\ Objets ActiveX (Downloaded Program Files)(O16)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} ((no name)) - http://fpdownload2.macromedia.com/pub/shockwave/c...
~ Objets ActiveX: Scanned in 00mn 00s
---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{72425900-DCA5-44FB-A143-CF12F7ABFF58}: NameServer = 82.245.236.191
O17 - HKLM\System\CCS\Services\Tcpip\..\{31F965AB-8647-4C4E-9CAA-9EBAF17CC002}: DhcpNameServer = 192.168.0.254
O17 - HKLM\System\CCS\Services\Tcpip\..\{863B6BA7-C294-45F1-9DB1-1E4EA59EFC01}: DhcpNameServer = 192.168.0.254 82.245.236.191
O17 - HKLM\System\CS1\Services\Tcpip\..\{72425900-DCA5-44FB-A143-CF12F7ABFF58}: NameServer = 82.245.236.191
O17 - HKLM\System\CS1\Services\Tcpip\..\{31F965AB-8647-4C4E-9CAA-9EBAF17CC002}: DhcpNameServer = 192.168.0.254
O17 - HKLM\System\CS1\Services\Tcpip\..\{863B6BA7-C294-45F1-9DB1-1E4EA59EFC01}: DhcpNameServer = 192.168.0.254 82.245.236.191
O17 - HKLM\System\CS2\Services\Tcpip\..\{72425900-DCA5-44FB-A143-CF12F7ABFF58}: NameServer = 82.245.236.191
O17 - HKLM\System\CS2\Services\Tcpip\..\{31F965AB-8647-4C4E-9CAA-9EBAF17CC002}: DhcpNameServer = 192.168.0.254
O17 - HKLM\System\CS2\Services\Tcpip\..\{863B6BA7-C294-45F1-9DB1-1E4EA59EFC01}: DhcpNameServer = 192.168.0.254 82.245.236.191
~ Domain: Scanned in 00mn 00s
---\\ Protocole additionnel (O18)
O18 - Handler: vbscript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll =>.Microsoft Corporation
O18 - Filter: text/xml [64Bits] - {807553E5-5146-11D5-A672-00B0D022E945} . (...) --
~ Protocole Additionnel: Scanned in 00mn 00s
---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll
O20 - Winlogon Notify: LBTWlgn . (.Logitech, Inc. - Logitech Bluetooth Service.) -- c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll
~ Winlogon: Scanned in 00mn 00s
---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: DTSAudioService (DTSAudioService) . (.DTS - DTS Audio Service.) - C:\Program Files\Realtek\Audio\HDA\DTSAudioService64.exe
O23 - Service: WinRST (WinRST) . (...) - C:\Program Files (x86)\WinRST\WinRST.exe
~ Services: 20 Legitimates Filtered in 00mn 06s
---\\ Tâches planifiées en automatique (O39)
[MD5.00000000000000000000000000000000] [APT] [{0184501B-893B-451A-B28C-4CA6357EF5E0}] (...) -- O:\Grabit dowloads\0-Dossier reception\Foxit.Advanced.PDF.Editor.v3.04.rar\setup.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{0295A250-545B-4B00-8740-0B137D356A37}] (...) -- R:\Jeux PC\Castle of Illusion\_CommonRedist\vcredist\2010\vcredist_x64.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{2EE685F3-E097-4320-B300-4E32B6363EEF}] (...) -- L:\Program Files (x86)\Easy & Secure Eraser\Easy & Secure Eraser.exe (.not file.) [0]
[MD5.825D029BE7FB692DADD92DD8875BDBFB] [APT] [{4EC73918-6F9D-40FA-B36F-9DCEB0B1C003}] (...) -- R:\Logiciels\Adobe -Foxit - PDF\ADOBE\Adobe reader\Adobe_Reader_9_3.exe [27386256]
[MD5.00000000000000000000000000000000] [APT] [{6B1666B5-5F8C-44D2-B6B2-39B1FF4611C8}] (...) -- L:\Program Files (x86)\Craagle\CRAAGLE 4.0 - TARGUS.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{89EC03A5-5296-4DAF-85B8-275E18076451}] (...) -- O:\Grabit dowloads\0-Dossier reception\TOWN-www.town.ag-partner-of-www.ssl-news.info-0DAY-APPS-Foxit-Advanced-PDF-Editor-3.1.0-Incl-Activator-KaranPC.nfo\Foxit Advanced PDF Editor 3.1.0 Incl Activator [KaranPC].exe (.not file.) [0]
[MD5.4FD5A39E2515C9A7D0D99D796B07F850] [APT] [{A1892E5B-D15C-4064-925D-5EC620BFD3F2}] (...) -- C:\Windows\Resources\Themes\Emerald\Emerald.exe [6868835]
[MD5.00000000000000000000000000000000] [APT] [{AA630255-507E-4ED2-9805-1A2D53E3BF9D}] (...) -- M:\Downloads chrome\Kernel Recovery for Excel [CRACKED].exe (.not file.) [0]
[MD5.039C11D10CCD52D30310A82F385C1357] [APT] [{ABF1A1B0-6EE1-48D0-893C-6F25D5960D46}] (...) -- C:\Program Files (x86)\COMMON~1\INSTAL~1\Driver\7\Intel 32\IDriver.exe [618496]
[MD5.1DE90E18DB13C332CD64A1EBFB0CE8C7] [APT] [{CAD45EF0-6147-4E96-A757-A9F6AD468C05}] (...) -- C:\Windows\Resources\Themes\NVidia Dark 7 v1.0 by X-ile\Theme\Dark7MixNvidia.exe [8204100]
[MD5.00000000000000000000000000000000] [APT] [{CB8CE163-196F-4827-ABB3-1BF443CDB8B2}] (...) -- C:\Program Files (x86)\Canon\IJ Manual\MP520 SERIES\uninstall.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{EFDBE1E0-1433-4DE8-BB25-92D698631EB1}] (...) -- L:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{F49A74CB-DE35-4B98-B159-A775672D6E0C}] (...) -- M:\Downloads chrome\windirstat_setup-1.1.2.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{F82D4F23-87B6-4D46-9F06-28382CC8B1FD}] (...) -- M:\Downloads chrome\Install_CopyTrans_Suite.exe (.not file.) [0]
[MD5.064AC9875C063F20F6E593A07B65E874] [APT] [{FFE95834-5ADF-47D9-AA73-EE9D8DA0ABF7}] (.Foxit Software Company.) -- R:\Logiciels\Adobe -Foxit - PDF\FOXIT\Foxit.PDF.Creator.v1.0.1219.Proper.Patch.and.Keyfile-PPMM\FPC_Install.exe [81920]
[MD5.4424EAAE33F2E1B2CAE509ECC8BB99DE] [APT] [SystemLevelUp Driver] (...) -- C:\Program Files (x86)\ASUS\System Level Up Driver\SysLevelUp.exe [1175680]
~ Scheduled Task: 40 Legitimates Filtered in 00mn 02s
---\\ Pilotes lancés au démarrage du système (O41)
O41 - Driver: (ArcCtrl) . (. - .) - C:\Windows\System32\drivers\ArcCtrl.sys (.not file.)
O41 - Driver: (archlp) . (. - .) - C:\Windows\System32\drivers\ArcHlp.sys (.not file.)
O41 - Driver: (ArcSec) . (...) - C:\Windows\System32\drivers\ArcSec.sys
~ Drivers: 99 Legitimates Filtered in 00mn 00s
---\\ Logiciels installés (O42)
O42 - Logiciel: Application Mover - (...) [HKLM][64Bits] -- Application Mover
O42 - Logiciel: Castle of Illusion - (...) [HKLM][64Bits] -- Steam App 227600
O42 - Logiciel: DriverManager x64 - (.Schneider Electric.) [HKLM][64Bits] -- {4201BA84-EC1B-4B75-A1EF-E77D3E958465}
O42 - Logiciel: DuckTales Remastered - (...) [HKLM][64Bits] -- RHVja1RhbGVzUmVtYXN0ZXJlZA==_is1
O42 - Logiciel: HD Tach version 3 - (.Simpli Software, Inc..) [HKLM][64Bits] -- HD Tach_is1
O42 - Logiciel: PAC-MAN and the Ghostly Adventures - (...) [HKLM][64Bits] -- UEFDTUFOYW5kdGhlR2hvc3RseUFkdmVudHVyZXM=_is1
O42 - Logiciel: PLCUsb Driver X64 - (.Schneider Electric.) [HKLM][64Bits] -- {771C6F2F-BCE2-4773-BA33-21B31B14F57B}
O42 - Logiciel: System Level Up Driver - (...) [HKLM][64Bits] -- {ABB5B6B0-68E6-4F87-8F1D-A9A2A3A77355}
O42 - Logiciel: Time Stopper - (.DilSoft.) [HKLM][64Bits] -- Time Stopper4.0
O42 - Logiciel: Yahoo! Toolbar - (...) [HKLM][64Bits] -- Yahoo! Companion
~ Logic: 22 Legitimates Filtered in 00mn 00s
---\\ HKCU & HKLM Software Keys
[HKCU\Software\1110]
[HKCU\Software\1505]
[HKCU\Software\GUPPY]
[HKCU\Software\IncrediMail]
[HKCU\Software\SSA]
[HKCU\Software\Usenext Spread]
[HKLM\Software\Wow6432Node\FDT]
[HKLM\Software\Wow6432Node\RST]
[HKLM\Software\Wow6432Node\Traduction française de DriveImage XML 2.13]
~ Key Software: 507 Legitimates Filtered in 00mn 00s
---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 22/02/2013 - 12:56:57 - [0] ----D C:\Program Files (x86)\GUM2B0A.tmp
O43 - CFD: 01/12/2012 - 12:15:03 - [0] ----D C:\Program Files (x86)\GUMFAC1.tmp
O43 - CFD: 03/01/2014 - 14:46:27 - [0] RSH-D C:\Program Files (x86)\HKLM
O43 - CFD: 06/03/2014 - 20:09:17 - [1,821] ----D C:\Program Files (x86)\Time Stopper
O43 - CFD: 12/03/2014 - 19:11:51 - [4,679] ----D C:\Program Files (x86)\WinRST
O43 - CFD: 08/03/2014 - 14:46:48 - [0] ----D C:\ProgramData\HostIt
O43 - CFD: 08/03/2014 - 14:46:48 - [4,959] ----D C:\ProgramData\InstallMate =>PUP.Tarma
O43 - CFD: 07/03/2014 - 21:52:34 - [0] ----D C:\ProgramData\ProductData
O43 - CFD: 09/02/2014 - 18:48:01 - [0] ----D C:\ProgramData\SetApp
O43 - CFD: 26/10/2013 - 15:16:33 - [0,001] --H-D C:\Users\Sergeasus\AppData\Roaming\B853E4B3
O43 - CFD: 12/02/2014 - 18:04:07 - [0,002] ----D C:\Users\Sergeasus\AppData\Roaming\Idvy
O43 - CFD: 13/02/2014 - 17:10:07 - [0] ----D C:\Users\Sergeasus\AppData\Roaming\Ifxew
O43 - CFD: 16/12/2012 - 08:38:35 - [0] ----D C:\Users\Sergeasus\AppData\Roaming\Marine Aquarium 3
O43 - CFD: 19/06/2013 - 20:29:48 - [0] -SH-D C:\Users\Sergeasus\AppData\Roaming\msnmsg
O43 - CFD: 12/03/2014 - 19:11:51 - [0,005] ----D C:\Users\Sergeasus\AppData\Roaming\ProductData
O43 - CFD: 03/01/2014 - 16:14:18 - [0] ----D C:\Users\Sergeasus\AppData\Roaming\SuperPump
O43 - CFD: 10/05/2012 - 17:26:57 - [0] ----D C:\Users\Sergeasus\AppData\Roaming\SystemUpdaterApp
O43 - CFD: 25/06/2013 - 16:55:30 - [0] ----D C:\Users\Sergeasus\AppData\Roaming\ToXc6tpi
O43 - CFD: 08/03/2014 - 16:19:18 - [13,117] ----D C:\Users\Sergeasus\AppData\Roaming\uX4ZeizY
O43 - CFD: 05/11/2013 - 18:40:25 - [0,004] ----D C:\Users\Sergeasus\AppData\Roaming\Wayforward Technologies
O43 - CFD: 08/03/2014 - 19:03:40 - [0,001] ----D C:\Users\Sergeasus\AppData\Roaming\WOW64Menu
O43 - CFD: 08/06/2013 - 13:16:35 - [0,001] ----D C:\Users\Sergeasus\AppData\Local\ns0
O43 - CFD: 01/06/2013 - 07:20:24 - [0,181] ----D C:\Users\Sergeasus\AppData\Local\piratrax
O43 - CFD: 08/03/2014 - 20:42:08 - [0] ----D C:\Users\Sergeasus\AppData\Local\WinRST
O43 - CFD: 08/06/2013 - 13:11:53 - [0,001] ----D C:\Users\Sergeasus\AppData\Local\_
O43 - CFD: 09/03/2014 - 00:04:19 - [0] ----D C:\Users\Sergeasus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Appnimi
O43 - CFD: 08/06/2013 - 20:07:07 - [0,003] ----D C:\Users\Sergeasus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SuperOrca
O43 - CFD: 06/03/2014 - 22:44:11 - [0] ----D C:\Users\Sergeasus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Time Stopper
O43 - CFD: 25/05/2013 - 21:07:35 - [0] ----D C:\Users\Sergeasus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Tools
~ Program Folder: 299 Legitimates Filtered in 00mn 05s
---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.8F18FE6AF5D85C0FBA83BE6C8489D2CC] - 04/03/2014 - 14:05:53 ---A- . (...) -- C:\Windows\System32\nvcoproc.bin [3649185]
O44 - LFC:[MD5.528F558212E5C2358F28E1624A473392] - 04/03/2014 - 15:35:23 ---A- . (...) -- C:\Windows\System32\nvinfo.pb [24544]
O44 - LFC:[MD5.50C82330BFE93395C8FD73DDFFD9D505] - 08/03/2014 - 16:24:24 ---A- . (...) -- C:\Windows\System32\Drivers\RTAIODAT.DAT [732833]
O44 - LFC:[MD5.072413353DBD94C37F23CD85E0F2DF05] - 08/03/2014 - 16:24:24 ---A- . (...) -- C:\Windows\System32\Drivers\rtvienna.dat [5804772]
O44 - LFC:[MD5.4413A00AC5E3EC1A3A6AFD620240A06C] - 08/03/2014 - 16:25:05 ---A- . (...) -- C:\log.txt [10286]
O44 - LFC:[MD5.FB8B58583A25FCBC79C41F1AFCD42140] - 08/03/2014 - 19:18:18 ---A- . (...) -- C:\Windows\System32\solidlocalmon.dll [31016]
O44 - LFC:[MD5.EAD7A0F0A5E3E71EB0AACFC8E883CAF2] - 08/03/2014 - 19:18:18 ---A- . (...) -- C:\Windows\System32\solidlocalui.dll [19240]
O44 - LFC:[MD5.0450046EAB930EF46D17B7D900B21425] - 08/03/2014 - 22:08:06 ---A- . (...) -- C:\Windows\System32\AutoRunFilter.ini [3938]
O44 - LFC:[MD5.91A4A3BFA4305BFB5F6626EF89AE767E] - 11/03/2014 - 19:22:51 ---A- . (...) -- C:\Windows\System32\ServiceFilter.ini [2635]
O44 - LFC:[MD5.AF7E8964AEA0C79908AF73D964553542] - 13/03/2014 - 18:37:38 ---A- . (...) -- C:\Windows\errord.log [112]
O44 - LFC:[MD5.41304C8439214864F4F131B4B47E9C97] - 13/03/2014 - 18:37:46 ---A- . (...) -- C:\Windows\error.log [496]
O44 - LFC:[MD5.0CAD4B2AB1E8D9C64D35AEEE1D0CA076] - 13/03/2014 - 18:41:30 ---A- . (...) -- C:\Windows\System32\NetAccessLog.txt [558988]
~ Files: 83 Legitimates Filtered in 00mn 02s
---\\ Clé de registre Shell MountPoints2 (MPKS) (O51)
O51 - MPSK:{6ed52cc9-d9dd-11e2-a7e0-002683331da6}\AutoRun\command. (...) -- I:\setup.exe (.not file.)
O51 - MPSK:{bfba6bbf-4868-11e2-a722-14dae9cd7cab}\AutoRun\command. (...) -- J:\USBAutoRun.exe (.not file.)
~ Keys: Scanned in 00mn 00s
---\\ Enumération des clés de registre StartupReg (SMSR) (O53)
O53 - SMSR:HKLM\...\startupreg\SiteRanker [Key] . (...) -- c:\program files (x86)\siteranker\siteranktray.exe (.not file.)
~ SMSR Keys: 42 Legitimates Filtered in 00mn 00s
---\\ Enumération des clés de registre PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLinkedConnections"=1
O55 - MWPS:[HKCU\...\Policies\System] - "EnableLUA"=0
~ MWPS: 18 Legitimates Filtered in 00mn 00s
---\\ Enumération des clés de registre PoliciesExplorer (MWPE) (O56)
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoLowDiskSpaceChecks"=1
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoWindowsUpdate"=1
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1
~ MWPE Keys: 6 Legitimates Filtered in 00mn 00s
---\\ Liste des pilotes du système (SDL) (O58)
O58 - SDL:[MD5.A7409B5C0E35DDEE64F16F3054E5530B] - 21/09/2010 - 09:07:08 ---A- . (...) -- C:\Windows\System32\Drivers\ArcSec.sys [312184]
O58 - SDL:[MD5.C04F7B373881009D7994D9BF55D24AB4] - 31/10/2013 - 19:30:44 ---A- . (...) -- C:\Windows\System32\Drivers\aswRvrt.sys [65776]
O58 - SDL:[MD5.90399625F341AB76BA4B85A5E860EB1F] - 18/12/2013 - 19:36:38 ---A- . (...) -- C:\Windows\System32\Drivers\aswVmm.sys [207904]
O58 - SDL:[MD5.4119870B90E1B5E7797D6433D21F9216] - 13/03/2011 - 19:58:42 ---A- . (.Windows (R) Win 7 DDK provider - BulkUsb Driver.) -- C:\Windows\System32\Drivers\AthDfu.sys [51872]
O58 - SDL:[MD5.46571ED73AE84469DCA53081D33CF3C8] - 22/06/2012 - 16:02:43 ---A- . (.DT Soft Ltd - DAEMON Tools Virtual Bus Driver.) -- C:\Windows\System32\Drivers\dtsoftbus01.sys [283200]
O58 - SDL:[MD5.0E5DA5369A0FCAEA12456DD852545184] - 14/07/2009 - 02:47:48 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\System32\Drivers\elxstor.sys [530496]
O58 - SDL:[MD5.F2523EF6460FC42405B12248338AB2F0] - 10/06/2009 - 21:31:59 ---A- . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\System32\Drivers\hcw85cir.sys [31232]
O58 - SDL:[MD5.4F39094BAFB40E0C5AA5D7217DE09835] - 18/01/2010 - 10:17:26 ---A- . (.Schneider Electric Industries SAS - PlcUsb driver.) -- C:\Windows\System32\Drivers\PlcUsb.sys [192680]
O58 - SDL:[MD5.DD0443BC6CC78A19FD399817F8C51401] - 26/11/2010 - 18:02:18 ---A- . (...) -- C:\Windows\System32\Drivers\SmartDefragDriver.sys [17720]
O58 - SDL:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 02/01/1601 - 23:00:00 ---A- . (...) -- C:\Windows\System32\Drivers\sptd.sys [530488]
O58 - SDL:[MD5.F3817967ED533D08327DC73BC4D5542A] - 14/07/2009 - 02:45:55 ---A- . (.Promise Technology - Promise SuperTrak EX Series Driver for Windows.) -- C:\Windows\System32\Drivers\stexstor.sys [24656]
O58 - SDL:[MD5.2C1686795B9307265F649249AD11D629] - 20/07/2012 - 12:49:00 ---A- . (.The OpenVPN Project - TAP-Windows Virtual Network Driver.) -- C:\Windows\System32\Drivers\tap0901.sys [36736]
O58 - SDL:[MD5.C9E9D59C0099A9FF51697E9306A44240] - 13/12/2012 - 13:50:36 ---A- . (.Apple, Inc. - Apple Mobile Device USB Driver.) -- C:\Windows\System32\Drivers\usbaapl64.sys [54784]
O58 - SDL:[MD5.2263727032E9B19231A706046B8C82D3] - 17/03/2008 - 18:12:26 ---A- . (...) -- C:\Windows\System32\Ckldrv.sys [28664]
O58 - SDL:[MD5.6106653B08F4F72EEAA7F099E7C408A4] - 07/03/2013 - 09:49:18 ---A- . (...) -- C:\Windows\System32\epmntdrv.sys [17480]
O58 - SDL:[MD5.991C04A31777ED77CB92A4F96F14C2E2] - 07/03/2013 - 09:49:18 ---A- . (...) -- C:\Windows\System32\EuGdiDrv.sys [9800]
O58 - SDL:[MD5.ADAA34740E9F6AFF94CC75D5CF8ED7E2] - 25/11/2010 - 08:12:56 ---A- . (...) -- C:\Windows\SysWOW64\drivers\AsInsHelp32.sys [10216]
O58 - SDL:[MD5.EDAA17CE771C696655B6585F7CAD2100] - 25/11/2010 - 08:12:56 ---A- . (...) -- C:\Windows\SysWOW64\drivers\AsInsHelp64.sys [11832]
O58 - SDL:[MD5.FEF9DD9EA587F8886ADE43C1BEFBDAFE] - 24/08/2010 - 08:16:40 ---A- . (...) -- C:\Windows\SysWOW64\drivers\AsIO.sys [13440]
O58 - SDL:[MD5.1392B92179B07B672720763D9B1028A5] - 03/08/2010 - 06:21:24 ---A- . (...) -- C:\Windows\SysWOW64\drivers\AsUpIO.sys [14464]
O58 - SDL:[MD5.19166026A93206F9C6A8CD3A1F010AE4] - 02/04/2009 - 13:30:14 ---A- . (...) -- C:\Windows\SysWOW64\drivers\ASUSHWIO.SYS [10296]
O58 - SDL:[MD5.F17F09BA097D8EC3CE2084FA97886B85] - 07/03/2013 - 09:49:20 ---A- . (...) -- C:\Windows\SysWOW64\epmntdrv.sys [13896]
O58 - SDL:[MD5.F1DE3EEF501DDA7DDF99F2EDF0C5540E] - 07/03/2013 - 09:49:20 ---A- . (...) -- C:\Windows\SysWOW64\EuGdiDrv.sys [9160]
O58 - SDL:[MD5.5F9785E7535F8F602CB294A54962C9E7] - 07/02/2007 - 19:27:46 ---A- . (.Windows (R) Server 2003 DDK provider - SpeedFan Device Driver.) -- C:\Windows\SysWOW64\speedfan.sys [14104]
~ Drivers: 18 Legitimates Filtered in 00mn 00s
---\\ Liste des outils de désinfection (LATC) (O63)
O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
O63 - Logiciel: HiJackThis - (.Trend Micro.) [HKLM] -- {45A66726-69BC-466B-A7A4-12FCBA4883D7}
~ ADS: Scanned in 00mn 00s
---\\ Associations Shell Spawning (O67)
O67 - Shell Spawning: <.html> <htmlfile>[HKLM\..\open\Command] (.Not Key.)
O67 - Shell Spawning: <.html> <ChromeHTML.5GCC2UC2V5VKNMHMFTCIPG422Y>[HKCU\..\open\Command] (.Not Key.)
~ FASS Keys: 11 Legitimates Filtered in 00mn 00s
---\\ Menu de démarrage Internet (SMI) (O68)
O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\Shell\open\Command] (.Not Key.)
O68 - StartMenuInternet: <Google Chrome.5GCC2UC2V5VKNMHMFTCIPG422Y> <Google Chrome>[HKLM\..\Shell\open\Command] (...) -- C:\Users\Sergeasus\AppData\Local\Google\Chrome\Application\chrome.exe" http://www.awesomehp.com =>PUP.Awesomehp
O68 - StartMenuInternet: <IEXPLORE.EXE> <>[HKLM\..\Shell\open\Command] (.Not Key.)
~ Keys: Scanned in 00mn 00s
---\\ Recherche particulière à la racine du système (SPRF) (O84)
[MD5.04B9473F0E3304CA1FC0BEC7B26520D2] [SPRF][12/05/2013] (...) -- C:\Users\Sergeasus\AppData\Roaming\Sergeasuslog.dat [6177]
~ Files: 5 Legitimates Filtered in 00mn 00s
---\\ Liste des exceptions du parefeu (FirewallRules) (O87)
O87 - FAEL: "TCP Query User{28E3A901-E635-463F-95D7-8F3803F6F00D}L:\program files (x86)\netgear\smartcontrolcenter\sccd.exe" | In - Private - P6 - TRUE | .(...) -- L:\program files (x86)\netgear\smartcontrolcenter\sccd.exe
O87 - FAEL: "UDP Query User{2F31410E-FC39-4C5E-A00B-A8623837DE44}L:\program files (x86)\netgear\smartcontrolcenter\sccd.exe" | In - Private - P17 - TRUE | .(...) -- L:\program files (x86)\netgear\smartcontrolcenter\sccd.exe
O87 - FAEL: "TCP Query User{B2EDC64D-9F0F-4EDF-A5A8-13A8BD31BBEE}L:\program files (x86)\netgear\smartcontrolcenter\sccd.exe" | In - Public - P6 - TRUE | .(...) -- L:\program files (x86)\netgear\smartcontrolcenter\sccd.exe
O87 - FAEL: "UDP Query User{84FF0D9A-921C-4DBC-9A98-34D41A725185}L:\program files (x86)\netgear\smartcontrolcenter\sccd.exe" | In - Public - P17 - TRUE | .(...) -- L:\program files (x86)\netgear\smartcontrolcenter\sccd.exe
~ Firewall: 209 Legitimates Filtered in 00mn 00s
---\\ Enumère les codes produits des logiciels (PUC) (O90)
O90 - PUC: "21F1DBD139DE0C947ACC65BCED841885" . (.LifeFrame2.) -- C:\Windows\Installer\{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}\_6FEFF9B68218417F98F549.exe
O90 - PUC: "46236644801E8394FBE97A761305279C" . (..) -- C:\Windows\Installer\{44663264-E108-4938-BF9E-A767315072C9}\ARPPRODUCTICON.exe
O90 - PUC: "48AB1024B1CE57B41AFE7ED7E3594856" . (.DriverManager x64.) -- C:\Windows\Installer\{4201BA84-EC1B-4B75-A1EF-E77D3E958465}\ARPPRODUCTICON.exe
O90 - PUC: "4A4A2EB6BF99DE84EAE1E45830988F40" . (.PartitionMagic.) -- C:\Windows\Installer\{6BE2A4A4-99FB-48ED-AE1E-4E850389F804}\ARPPRODUCTICON.exe
O90 - PUC: "4D5EC2A9E1A0BE24C90EBA5DDD979EE4" . (.TotalMedia Theatre 5.) -- C:\Windows\Installer\{9A2CE5D4-0A1E-42EB-9CE0-ABD5DD79E94E}\ARPPRODUCTICON.exe1
O90 - PUC: "C539EC363E304BE41B4997C22B9FC178" . (.SmartControlCenter.) -- C:\Windows\Installer\{63CE935C-03E3-4EB4-B194-792CB2F91C87}\ARPPRODUCTICON.exe
O90 - PUC: "DCBC03ABAD30A7543AB4E36F734DD5E4" . (.Disk Unlocker.) -- C:\Windows\Installer\{BA30CBCD-03DA-457A-A34B-3EF637D45D4E}\_6FEFF9B68218417F98F549.exe
~ Update Products: 81 Legitimates Filtered in 00mn 00s
---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SS - | Demand 13/03/2014 257928 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
SS - | Demand 14/12/2012 277616 | (cphs) . (.Intel Corporation.) - C:\Windows\SysWow64\IntelCpHeciSvc.exe
SS - | Demand 21/02/2014 641352 | (iPod Service) . (.Apple Inc..) - C:\Program Files\iPod\bin\iPodService.exe
SS - | Demand 13/06/2013 357144 | (LBTServ) . (.Logitech, Inc..) - C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
SS - | Auto 07/03/2014 2151744 | (LiveUpdateSvc) . (.IObit.) - C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
SS - | Auto 21/06/2013 162408 | (SkypeUpdate) . (.Skype Technologies.) - L:\Program Files (x86)\Skype\Updater\Updater.exe
SS - | Demand 30/10/2013 566696 | (Steam Client Service) . (.Valve Corporation.) - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
SR - | Demand 21/12/2013 65432 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
SR - | Auto 10/11/2011 490840 | (AdvancedSystemCareService5) . (.IObit.) - L:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCService.exe
SR - | Auto 14/07/2011 379520 | (AFBAgent) . (.ASUSTeK Computer Inc..) - C:\Windows\system32\FBAgent.exe
SR - | Demand 13/06/2011 922240 | (asComSvc) . (...) - C:\Program Files (x86)\ASUS\AXSP\1.00.14\atkexComSvc.exe
SR - | Demand 02/12/2010 258688 | (ASDiskUnlocker) . (.ASUSTeK Computer Inc..) - L:\Program Files\ASUS\Asus Disk Unlocker\ASPFSVS64.exe
SR - | Demand 02/12/2010 915584 | (asHmComSvc) . (...) - C:\Program Files (x86)\ASUS\AAHM\1.00.14\aaHMSvc.exe
SR - | Demand 21/10/2010 586880 | (AsSysCtrlService) . (...) - C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe
SR - | Demand 13/03/2011 74912 | (AtherosSvc) . (.Atheros Commnucations.) - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
SR - | Auto 31/01/2014 50344 | (avast! Antivirus) . (.AVAST Software.) - C:\Program Files (x86)\AVAST Software\Avast\AvastSvc.exe
SR - | Auto 31/01/2014 113704 | (avast! Firewall) . (.AVAST Software.) - C:\Program Files (x86)\AVAST Software\Avast\afwServ.exe
SR - | Demand 30/08/2011 462184 | (Bonjour Service) . (.Apple Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe
SR - | Auto 08/05/2008 122880 | (Crypkey License) . (.CrypKey (Canada) Ltd..) - C:\Windows\System32\crypserv.exe
SR - | Demand 23/12/2009 203392 | (Device Handle Service) . (.ASUSTeK Computer Inc..) - C:\Windows\SysWOW64\AsHookDevice.exe
SR - | Auto 12/08/2010 296808 | (DragonSvc) . (.Nuance Communications, Inc..) - C:\Program Files (x86)\Common Files\Nuance\dgnsvc.exe
SR - | Auto 31/05/2011 210024 | (DTSAudioService) . (.DTS.) - C:\Program Files\Realtek\Audio\HDA\DTSAudioService64.exe
SR - | Auto 07/09/2012 100864 | (Freemake Improver) . (.Freemake.) - C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
SR - | Demand 20/05/2011 13592 | (IAStorDataMgrSvc) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
SR - | Demand 11/04/2011 171176 | (Intel(R) PROSet Monitoring Service) . (.Intel Corporation.) - C:\Windows\system32\IProsetMonitor.exe
SR - | Auto 04/04/2013 418376 | (MBAMScheduler) . (.Malwarebytes Corporation.) - L:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
SR - | Auto 04/04/2013 701512 | (MBAMService) . (.Malwarebytes Corporation.) - L:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
SR - | Demand 08/04/2009 105472 | (NA_Service) . (...) - C:\Windows\system32\NA_Service.exe
SR - | Demand 23/07/2009 935208 | (Nero BackItUp Scheduler 4.0) . (.Nero AG.) - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
SR - | Auto 14/07/2009 27136 | C:\Windows\system32\HPZinw12.dll (Net Driver HPZ12) . (.Hewlett-Packard.) - C:\Windows\System32\svchost.exe
SR - | Auto 10/12/2013 1494304 | (NvNetworkService) . (.NVIDIA Corporation.) - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
SR - | Auto 10/12/2013 15129376 | (NvStreamSvc) . (.NVIDIA Corporation.) - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
SR - | Demand 04/03/2014 922968 | (nvsvc) . (.NVIDIA Corporation.) - C:\Windows\system32\nvvsvc.exe
SR - | Auto 17/06/2013 6191408 | (OO DiskImage) . (.O&O Software GmbH.) - L:\Program Files (x86)\OO Software\DiskImage\oodiag.exe
SR - | Auto 14/07/2009 27136 | C:\Windows\system32\HPZipm12.dll (Pml Driver HPZ12) . (.Hewlett-Packard.) - C:\Windows\System32\svchost.exe
SR - | Auto 10/07/1658 0 | (PnkBstrA) . (...) - C:\Windows\system32\PnkBstrA.exe
SR - | Auto 26/01/2009 1153368 | (SBSDWSCService) . (.Safer Networking Ltd..) - L:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
SR - | Auto 21/08/2012 216168 | (SPAMfighter Update Service) . (.SPAMfighter ApS.) - C:\Program Files (x86)\Fighters\SPAMfighter\sfus.exe
SR - | Demand 04/03/2014 411936 | (Stereo Service) . (.NVIDIA Corporation.) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
SR - | Demand 23/08/2012 1270376 | (Suite Service) . (.SPAMfighter ApS.) - C:\Program Files (x86)\Fighters\FighterSuiteService.exe
SR - | Auto 27/08/2013 93072 | (TomTomHOMEService) . (.TomTom.) - L:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
SR - | Demand 18/01/2010 128512 | (UsbConnect) . (.Schneider Electric Industries SAS.) - C:\Windows\system32\UsbConnect.exe
SR - | Auto 14/07/2009 27136 | C:\Program Files (x86)\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 26/02/2014 59904 | (WinRST) . (...) - C:\Program Files (x86)\WinRST\WinRST.exe
SR - | Auto 10/07/1658 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe =>.Microsoft Corporation
SR - | Auto 14/07/2009 27136 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Demand 09/11/2008 602392 | (YahooAUService) . (.Yahoo! Inc..) - C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
~ Services: Scanned in 00mn 05s
---\\ Liste des émulateurs de CD/DVD (MBR Hook)
O58 - SDL:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 02/01/1601 - 23:00:00 ---A- . (...) -- C:\Windows\System32\Drivers\sptd.sys [530488]
~ Emulateurs: Scanned in 00mn 05s
---\\ Scan Additionnel (O88)
Database Version : 13031 - (12/03/2014)
Clés trouvées (Keys found) : 25
Valeurs trouvées (Values found) : 0
Dossiers trouvés (Folders found) : 5
Fichiers trouvés (Files found) : 0
[HKLM\Software\Google\Chrome\Extensions\dhdmjeclekijlogbipdlifcmgoanoemm] =>Toolbar.Expresso
[HKLM\Software\Wow6432Node\Google\Chrome\Extensions\dhdmjeclekijlogbipdlifcmgoanoemm] =>Toolbar.Expresso
[HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\DataMngr] =>Adware.Bandoo
[HKLM\Software\Expresso] =>Toolbar.Expresso
[HKLM\Software\Wow6432Node\Expresso] =>Toolbar.Expresso
[HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\SearchSettings] =>PUP.Dealio
[HKLM\Software\Wow6432Node\Microsoft\Tracing\BingBar_RASAPI32] =>Toolbar.Bing
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375] =>PUP.Tarma
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5] =>PUP.Tarma
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\789034A89BAC50E4782F0A7BDBF75632] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\75D5168E5E176C24981B4E5DBD991078] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\A97CEC23332751B47BA4B95BAA50C9D0] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F754C503375A13344B22388E18DFE87E] =>PUP.SweetIM
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Time Stopper4.0] =>Adware.TimeStopper
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ED1CAE30F47D14B41B5FC8FA53658044] =>PUP.Dealio
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\00E944CB89111313EAF35A0553F547F9] =>PUP.Dealio
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\30C16B15B255BD349A1157B8A83E2AF9] =>PUP.Dealio
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\53F55AF3F4049ED3FA6EA6F88E414E24] =>PUP.Dealio
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\68E4BF4B11615E03C97732FD581AB607] =>PUP.Dealio
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8CE3DDAB2D152683FBCEB4866BCD2B0F] =>PUP.Dealio
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AF6CE16AFEA5C9A39B766468A8B35C21] =>PUP.Dealio
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FB1E44269B58F433A8C8E671E37CFDCF] =>PUP.Dealio
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Yahoo! Companion] =>Toolbar.Yahoo
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110411591118}] =>PUP.CrossRider
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CA0054A5AB3EFFE4CB5660E44A1E7DCC] =>Adware.Boxore^
C:\ProgramData\InstallMate =>PUP.Tarma^
C:\Program Files (x86)\Time Stopper =>Adware.TimeStopper
C:\Program Files (x86)\IObit Toolbar =>PUP.Dealio
C:\ProgramData\Software =>Adware.Boxore
C:\Users\Sergeasus\AppData\Local\Software =>Adware.Boxore
~ Additionnel Scan: 288268 Items scanned in 00mn 17s
---\\ Récapitulatif des détections trouvées sur votre station
~ http://nicolascoolman.webs.com/apps/blog/show/272... =>Hijacker.Proxy
~ http://nicolascoolman.webs.com/apps/blog/show/296... =>PUP.Tarma
~ http://nicolascoolman.webs.com/apps/blog/show/410... =>PUP.Awesomehp
~ http://nicolascoolman.webs.com/apps/blog/show/266... =>Adware.Bandoo
~ http://nicolascoolman.webs.com/apps/blog/show/274... =>PUP.Dealio
~ http://nicolascoolman.webs.com/apps/blog/show/292... =>PUP.SweetIM
~ http://nicolascoolman.webs.com/apps/blog/show/275... =>PUP.CrossRider
~ http://nicolascoolman.webs.com/apps/blog/show/266... =>Adware.Boxore
~ MSI: 8 link(s) detected in 00mn 17s
~ 1533 Legitimates filtered by white list
End of the scan (661 lines in 00mn 58s)(0)
Merci beaucoup à bientot