oui mais je peu pas re télécharger firefox non plus xD ,sinon dimanche soir j aurai accès a un autre ordi , de la j ferais se que tu m a dit
!
sinon j ai tanté une "restauration du système" mais je n ai pas l option
"Protection du système. "
j arrive finalement a télécharger avec chrome je remonte le topic et essaye tout se qu ont m a proposé pour le moment je n ai rien trouvé avec tdsskilleret gmer, adwcleaner a trouvé quelque truc, j ai tout netoyé et j ai redemaré normalement , toujours un ecran bleu mais je n ai pu le message "page fault in nonpaged area"
le rapport zxdiag
~ Rapport de ZHPDiag v2014.4.26.45 - Nicolas Coolman (26/04/2014)
~ Lancé par pc2 (27/04/2014 07:33:53)
~ Adresse du Site Web
http://nicolascoolman.webs.com
~ Forums gratuits d'Assistance à la désinfection :
http://nicolascoolman.webs.com/apps/links/
~ Traduit par Nicolas Coolman
~ Etat de la version :
~ Liste blanche : Activée par le programme
~ Elévation des Privilèges : OK
~ User Account Control (UAC): Deactivate by user
---\\ Navigateurs Internet
MSIE: Internet Explorer v11.0.9600.16521
MFIE: Mozilla Firefox 28.0 (Defaut)
GCIE: Google Chrome v34.0.1847.116
---\\ Informations sur les produits Windows
~ Langage: Français
Windows 7 Ultimate, 64-bit Service Pack 1 (Build 7601)
Windows Server License Manager Script : OK
Software Protection Service (Protection logicielle) : KO
Windows Automatic Updates : OK
Windows Activation Technologies : OK
---\\ Logiciels de protection du système
Windows Defender W7
---\\ Logiciels d'optimisation du système
CCleaner v4.02 =>.Piriform Ltd
---\\ Logiciels de partage PeerToPeer
Pando Media Booster v2.6.0.7
---\\ Surveillance de Logiciels
Adobe Flash Player 11 Plugin
Adobe Reader XI MUI
---\\ Informations sur le système
~ Processor: AMD64 Family 21 Model 2 Stepping 0, AuthenticAMD
~ Operating System: 64 Bits
Boot mode: Sans échec avec prise en charge du réseau (Fail-safe with network boot)
Total RAM: 24474 MB (94% free)
System Restore: Désactivé (Disabled)
System drive C: has 1859 GB (95%) free of 1953 GB
---\\ Mode de connexion au système
~ Computer Name: PC2-PC
~ User Name: pc2
~ All Users Names: pc2, Administrateur,
~ Unselected Option: O45,O61,O62,O65,O66,O80,O82,O89
Logged in as Administrator
---\\ Variables d'environnement
~ System Unit : C:\
~ %AppZHP% : C:\Users\pc2\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\pc2\AppData\Roaming\
~ %Desktop% : \
~ %Favorites% : \
~ %LocalAppData% : C:\Users\pc2\AppData\Local\
~ %StartMenu% : C:\Users\pc2\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\
---\\ Enumération des unités disques
C: Hard drive, Flash drive, Thumb drive (Free 1859 Go of 1953 Go)
E: CD-ROM drive (Not Inserted)
F: Hard drive, Flash drive, Thumb drive (Free 91 Go of 95 Go)
---\\ Etat du Centre de Sécurité Windows
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : Out Of Date
~ Security Center: 46 Legitimates Filtered in 00mn 00s
---\\ Recherche particulière de fichiers génériques
[MD5.332FEAB1435662FC6C672E25BEB37BE3] - (.Microsoft Corporation - Explorateur Windows.) (.25/02/2011 - 07:19:30.) -- C:\Windows\Explorer.exe [2871808]
[MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Application de démarrage de Windows.) (.14/07/2009 - 02:39:52.) -- C:\Windows\System32\Wininit.exe [129024]
[MD5.DF79CE9B950C62677D232154E93A81C7] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.01/03/2014 - 04:10:28.) -- C:\Windows\System32\wininet.dll [2334208]
[MD5.1151B1BAA6F350B1DB6598E0FEA7C457] - (.Microsoft Corporation - Application d’ouverture de session Windows.) (.20/11/2010 - 04:25:32.) -- C:\Windows\System32\Winlogon.exe [390656]
[MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Bibliothèque de licences.) (.20/11/2010 - 04:27:28.) -- C:\Windows\System32\sppcomapi.dll [232448]
[MD5.79059559E89D06E8B80CE2944BE20228] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.28/09/2013 - 02:09:10.) -- C:\Windows\system32\Drivers\AFD.sys [497152]
[MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 - 02:52:21.) -- C:\Windows\system32\Drivers\atapi.sys [24128]
[MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.14/07/2009 - 00:19:47.) -- C:\Windows\system32\Drivers\Cdfs.sys [92160]
[MD5.F036CE71586E93D94DAB220D7BDF4416] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.20/11/2010 - 00:19:22.) -- C:\Windows\system32\Drivers\Cdrom.sys [147456]
[MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.20/11/2010 - 00:26:34.) -- C:\Windows\system32\Drivers\DfsC.sys [102400]
[MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.20/11/2010 - 01:43:44.) -- C:\Windows\system32\Drivers\HDAudBus.sys [122368]
[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Pilote de port i8042.) (.14/07/2009 - 00:19:57.) -- C:\Windows\system32\Drivers\i8042prt.sys [105472]
[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.14/07/2009 - 01:10:03.) -- C:\Windows\system32\Drivers\IpNat.sys [116224]
[MD5.A5D9106A73DC88564C825D317CAC68AC] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.27/04/2011 - 03:40:40.) -- C:\Windows\system32\Drivers\MRxSmb.sys [158208]
[MD5.09594D1089C523423B32A4229263F068] - (.Microsoft Corporation - MBT Transport driver.) (.20/11/2010 - 00:23:22.) -- C:\Windows\system32\Drivers\netBT.sys [261632]
[MD5.B98F8C6E31CD07B2E6F71F7F648E38C0] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.12/04/2013 - 15:45:08.) -- C:\Windows\system32\Drivers\ntfs.sys [1656680]
[MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Pilote de port parallèle.) (.14/07/2009 - 01:00:41.) -- C:\Windows\system32\Drivers\Parport.sys [97280]
[MD5.471815800AE33E6F1C32FB1B97C490CA] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.20/11/2010 - 01:52:36.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [129536]
[MD5.1B6163C503398B23FF8B939C67747683] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.20/11/2010 - 02:06:42.) -- C:\Windows\system32\Drivers\rdpdr.sys [165888]
[MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.14/07/2009 - 01:09:09.) -- C:\Windows\system32\Drivers\smb.sys [93184]
[MD5.DDAD5A7AB24D8B65F8D724F5C20FD806] - (.Microsoft Corporation - TDI Translation Driver.) (.20/11/2010 - 00:21:58.) -- C:\Windows\system32\Drivers\tdx.sys [119296]
[MD5.DF8126BD41180351A093A3AD2FC8903B] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.25/02/2011 - 07:25:38.) -- C:\Windows\system32\Drivers\volsnap.sys [296320]
~ Generic Processes: Scanned in 00mn 00s
---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 0/0
~ Mes musiques (My Musics) : 0/0
~ Mes Videos (My Videos) : 0/0
~ Mes Favoris (My Favorites) : 0/0
~ Mes Documents (My Documents) : 0/0
~ Mon Bureau (My Desktop) : 0/0
~ Menu demarrer (Programs) : 1/49
~ Hidden Files: Scanned in 00mn 00s
---\\ Processus lancés
[MD5.7EA50DC775B557AD1E06ABF3C7A2A24D] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [7869952] [PID.1364]
~ Processes Running: Scanned in 00mn 00s
---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
C:\Users\pc2\AppData\Local\Google\Chrome\User Data\Default\Preferences
---\\ Liste des dossiers d'extension Google Chrome
~ Google Lines Browser: 2 Legitimates Filtered in 00mn 01s
---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s
---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s
---\\ Hosts file redirection (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 21
---\\ Autres liens utilisateurs (O4)
O4 - GS\Desktop [Public]: eMule.lnk . (...) -- C:\Program Files (x86)\eMule\emule.exe (.not file.) =>P2P.eMule
O4 - GS\QuickLaunch [pc2]: BitTorrent.lnk . (.BitTorrent Inc. - BitTorrent.) -- C:\Users\pc2\AppData\Roaming\BitTorrent\BitTorrent.exe =>P2P.BitTorrent
~ Global Startup: 3 Legitimates Filtered in 00mn 01s
---\\ Applications lancées au démarrage du système (O4)
O4 - HKLM\..\Run: [RTHDVCPL] . (.Realtek Semiconductor - Gestionnaire audio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe =>.Realtek Semiconductor Corp
O4 - HKLM\..\Run: [Service Scheduler2 Seagate] . (.Seagate - Seagate Scheduler Helper.) -- C:\Program Files (x86)\Common Files\Seagate\Schedule2\schedhlp.exe
O4 - HKCU\..\Run: [EADM] D:\Origin\Origin.exe (.not file.)
O4 - HKCU\..\Run: [Facebook Update] . (.Facebook Inc. - Programme d'installation de Facebook.) -- C:\Users\pc2\AppData\Local\Facebook\Update\FacebookUpdate.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] . (.Disc Soft Ltd - DAEMON Tools Lite.) -- C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe =>.DT Soft Ltd
O4 - HKCU\..\Run: [Steam] D:\Steam\steam.exe (.not file.)
O4 - HKCU\..\Run: [Raptr] . (.Raptr, Inc - Raptr Desktop App.) -- C:\Program Files (x86)\Raptr\raptrstub.exe
O4 - HKCU\..\RunOnce: [Report] . (...) -- C:\AdwCleaner\AdwCleaner[S0].txt
O4 - HKLM\..\Wow6432Node\Run: [DiscWizardMonitor.exe] . (...) -- C:\Program Files (x86)\Seagate\DiscWizard\DiscWizardMonitor.exe
O4 - HKLM\..\Wow6432Node\Run: [StartCCC] . (.Advanced Micro Devices, Inc. - Catalyst® Control Center Launcher.) -- C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe =>.Advanced Micro Devices, Inc
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-2438701550-3352777223-1458468603-1000\..\Run: [EADM] D:\Origin\Origin.exe (.not file.)
O4 - HKUS\S-1-5-21-2438701550-3352777223-1458468603-1000\..\Run: [Facebook Update] . (.Facebook Inc. - Programme d'installation de Facebook.) -- C:\Users\pc2\AppData\Local\Facebook\Update\FacebookUpdate.exe
O4 - HKUS\S-1-5-21-2438701550-3352777223-1458468603-1000\..\Run: [DAEMON Tools Lite] . (.Disc Soft Ltd - DAEMON Tools Lite.) -- C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe =>.DT Soft Ltd
O4 - HKUS\S-1-5-21-2438701550-3352777223-1458468603-1000\..\Run: [Steam] D:\Steam\steam.exe (.not file.)
O4 - HKUS\S-1-5-21-2438701550-3352777223-1458468603-1000\..\Run: [Raptr] . (.Raptr, Inc - Raptr Desktop App.) -- C:\Program Files (x86)\Raptr\raptrstub.exe
O4 - HKUS\S-1-5-21-2438701550-3352777223-1458468603-1000\..\RunOnce: [Report] . (...) -- C:\AdwCleaner\AdwCleaner[S0].txt
~ Application: Scanned in 00mn 00s
---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{70F6D478-ABC6-496F-8394-8BB11EA423FD}: DhcpNameServer = 192.168.0.254
O17 - HKLM\System\CS1\Services\Tcpip\..\{70F6D478-ABC6-496F-8394-8BB11EA423FD}: DhcpNameServer = 192.168.0.254
O17 - HKLM\System\CS2\Services\Tcpip\..\{70F6D478-ABC6-496F-8394-8BB11EA423FD}: DhcpNameServer = 192.168.0.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.254
~ Domain: Scanned in 00mn 00s
---\\ Protocole additionnel (O18)
O18 - Handler: wlpg [64Bits] - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (...) --
O18 - Filter: video/x-flv [64Bits] - {20C75730-7C25-476B-95DC-C65810F9E489} . (.Advanced Micro Devices - MIME Video Detector for IE.) -- C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll
~ Protocole Additionnel: Scanned in 00mn 00s
---\\ Tâches planifiées en automatique (O39)
O39 - APT: - (..) -- C:\Windows\Tasks\Bonanza.job [282] =>Adware.BonanzaDeals
~ Scheduled Task: 5 Legitimates Filtered in 00mn 00s
---\\ Logiciels installés (O42)
O42 - Logiciel: Loadout - (.Edge of Reality.) [HKLM][64Bits] -- Steam App 208090
O42 - Logiciel: MasterSplitter Program - (...) [HKLM][64Bits] -- MasterSplitter
O42 - Logiciel: Rust - (.Facepunch Studios.) [HKLM][64Bits] -- Steam App 252490
O42 - Logiciel: Update_for_BonanzaDeals - (.Update_for_BonanzaDeals.) [HKCU][64Bits] -- Bonanza =>Adware.BonanzaDeals
~ Logic: 26 Legitimates Filtered in 00mn 00s
---\\ HKCU & HKLM Software Keys
[HKCU\Software\Pando Networks]
[HKCU\Software\Shorebound Studios]
[HKCU\Software\TomaSoft]
[HKLM\Software\Respawn]
[HKLM\Software\Wow6432Node\Pando Networks]
[HKLM\Software\Wow6432Node\Respawn]
[HKLM\Software\Wow6432Node\TomaSoft]
~ Key Software: 365 Legitimates Filtered in 00mn 00s
---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 16/01/2014 - 18:45:24 - [] ----D C:\Program Files (x86)\Dead Sky
O43 - CFD: 15/10/2013 - 19:06:06 - [] ----D C:\Program Files (x86)\Pando Networks
O43 - CFD: 18/10/2013 - 13:37:27 - [0] ----D C:\ProgramData\Babylon =>PUP.Babylon
O43 - CFD: 22/10/2013 - 13:56:35 - [0] ----D C:\ProgramData\BitGuard =>PUP.BitGuard
O43 - CFD: 19/02/2014 - 07:13:51 - [0] ----D C:\ProgramData\eSafe =>PUP.eSafeSecurity
O43 - CFD: 29/12/2013 - 11:37:17 - [] ----D C:\Users\pc2\AppData\Roaming\Bonanza =>Adware.BonanzaDeals
O43 - CFD: 16/03/2014 - 04:35:45 - [] ----D C:\Users\pc2\AppData\Roaming\library_dir
O43 - CFD: 14/02/2014 - 01:37:10 - [] ----D C:\Users\pc2\AppData\Roaming\UpdateBonanza =>Adware.BonanzaDeals
O43 - CFD: 01/03/2014 - 12:22:58 - [] ----D C:\Users\pc2\AppData\Local\DayZ
O43 - CFD: 19/02/2014 - 06:02:47 - [] ----D C:\Users\pc2\AppData\Local\EdgeOfReality
O43 - CFD: 17/04/2014 - 00:29:31 - [] ----D C:\Users\pc2\AppData\Local\Mega Limited
O43 - CFD: 25/11/2013 - 19:54:08 - [0] ----D C:\Users\pc2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MasterSplitter
~ Program Folder: 206 Legitimates Filtered in 00mn 01s
---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.227067A6BCDF9CBEBF9B2983B231E381] - 26/04/2014 - 11:38:32 --HA- . (...) -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [21200]
O44 - LFC:[MD5.227067A6BCDF9CBEBF9B2983B231E381] - 26/04/2014 - 11:38:32 --HA- . (...) -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [21200]
O44 - LFC:[MD5.FBCCF14D504B7B2DBCB5A5BDA75BD93B] - 26/04/2014 - 13:12:39 ---A- . (...) -- C:\Windows\Zone.Identifier [26]
O44 - LFC:[MD5.10B877C5E9138A45CFA8CD29BC480708] - 26/04/2014 - 21:39:39 ---A- . (...) -- C:\Sans titre1.jpg [92408]
O44 - LFC:[MD5.A443633EF9E49DA4CAFFB099BE95916E] - 26/04/2014 - 21:52:55 ---A- . (...) -- C:\Sans titre2.jpg [134493]
O44 - LFC:[MD5.515BC0CD544B09A9786D9116896AD99A] - 26/04/2014 - 21:53:43 ---A- . (...) -- C:\Sans titre3.jpg [139452]
O44 - LFC:[MD5.9A6CA77BCBC75B4FAB2ED6CE08BE6DDE] - 26/04/2014 - 22:00:42 ----- . (...) -- C:\bootsqm.dat [3288]
O44 - LFC:[MD5.50F40B2D4ED3F878D1B59313FC150504] - 27/04/2014 - 05:44:29 ---A- . (...) -- C:\TDSSKiller.2.8.16.0_27.04.2014_06.44.24_log.txt [354]
O44 - LFC:[MD5.1ECE0D57FE9FD83B9233994F7B22DC1B] - 27/04/2014 - 05:46:42 ---A- . (...) -- C:\TDSSKiller.2.8.16.0_27.04.2014_06.44.49_log.txt [133200]
O44 - LFC:[MD5.B32E029324FFC311B1E0D31A91E38185] - 27/04/2014 - 05:47:17 ---A- . (...) -- C:\TDSSKiller.3.0.0.33_27.04.2014_06.46.45_log.txt [194126]
O44 - LFC:[MD5.FB50E172074A6400F8CD2C0D31C5C6DB] - 27/04/2014 - 05:48:52 ---A- . (...) -- C:\gmer.zip [370943]
O44 - LFC:[MD5.F01B1AB88BA22DD9B993C06F9ED1DAE7] - 27/04/2014 - 06:31:54 ---A- . (...) -- C:\Windows\ntbtlog.txt [579078]
~ Files: 26 Legitimates Filtered in 00mn 02s
---\\ Clé de registre Shell MountPoints2 (MPKS) (O51)
O51 - MPSK:{203ac633-3b28-11e3-8cab-ac220b8281eb}\AutoRun\command. (...) -- E:\autorun.exe (.not file.)
~ Keys: Scanned in 00mn 00s
---\\ Enumération des clés de registre PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ MWPS: 16 Legitimates Filtered in 00mn 00s
---\\ Enumération des clés de registre PoliciesExplorer (MWPE) (O56)
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1
~ MWPE Keys: 4 Legitimates Filtered in 00mn 00s
---\\ Liste des pilotes du système (SDL) (O58)
O58 - SDL:14/07/2009 - 02:47:48 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\System32\Drivers\elxstor.sys [530496]
O58 - SDL:10/06/2009 - 21:31:59 ---A- . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\System32\Drivers\hcw85cir.sys [31232]
O58 - SDL:14/07/2009 - 02:45:55 ---A- . (.Promise Technology - Promise SuperTrak EX Series Driver for Windows.) -- C:\Windows\System32\Drivers\stexstor.sys [24656]
O58 - SDL:25/09/2013 - 14:41:02 ---A- . (.The OpenVPN Project - TAP-Windows Virtual Network Driver.) -- C:\Windows\System32\Drivers\tap0901.sys [40664]
~ Drivers: 60 Legitimates Filtered in 00mn 09s
---\\ Liste des outils de désinfection (LATC) (O63)
O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s
---\\ Menu de démarrage Internet (SMI) (O68)
O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (...) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
~ Keys: Scanned in 00mn 00s
---\\ Recherche d'infection sur les navigateurs internet (SBI) (O69)
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Mysearchdial) -
http://start.mysearchdial.com =>Adware.MyWebSearch
O69 - SBI: SearchScopes [HKCU] {4F32BDA3-8DD4-7301-2B2D-7D8952E95B86} - (Bing) -
http://www.bing.com
O69 - SBI: SearchScopes [HKUS\.DEFAULT] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) -
http://www.bing.com
O69 - SBI: SearchScopes [HKUS\S-1-5-18] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) -
http://www.bing.com
~ Keys: Scanned in 00mn 00s
---\\ Recherche particulière à la racine du système (SPRF) (O84)
[MD5.61DC865DADF9E7933136D5565113F7B8] [SPRF][27/04/2014] (...) -- \adwcleaner.exe [1329501]
[MD5.9A6CA77BCBC75B4FAB2ED6CE08BE6DDE] [SPRF][26/04/2014] (...) -- \bootsqm.dat [3288]
[MD5.D41D8CD98F00B204E9800998ECF8427E] [SPRF][02/01/1601] (...) -- \hiberfil.sys [19247198208]
[MD5.D41D8CD98F00B204E9800998ECF8427E] [SPRF][02/01/1601] (...) -- \pagefile.sys [25662930944]
~ Files: 6 Legitimates Filtered in 00mn 00s
---\\ Liste des exceptions du parefeu (FirewallRules) (O87)
O87 - FAEL: "{E2A7BA3F-BE93-4BE4-A4BF-B490E5CA0B08}" | In - None - P6 - TRUE | .(.BitTorrent Inc. - BitTorrent.) -- C:\Users\pc2\AppData\Roaming\BitTorrent\BitTorrent.exe =>P2P.BitTorrent
O87 - FAEL: "{F8A91B13-EA15-4E1D-9A58-8F406B1AE8A6}" | In - None - P17 - TRUE | .(.BitTorrent Inc. - BitTorrent.) -- C:\Users\pc2\AppData\Roaming\BitTorrent\BitTorrent.exe =>P2P.BitTorrent
~ Firewall: 2 Legitimates Filtered in 00mn 01s
---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SS - | Disabled 23/09/2012 65192 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
SS - | Auto 06/12/2013 239616 | (AMD External Events Utility) . (.AMD.) - C:\Windows\System32\atiesrxx.exe
SS - | Auto 06/12/2013 344064 | (AMD FUEL Service) . (.Advanced Micro Devices, Inc..) - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
SS - | Disabled 24/05/2012 55184 | (Apple Mobile Device) . (.Apple Inc..) - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
SS - | Demand 13/02/2014 49152 | (BEService) . (...) - C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
SS - | Disabled 30/08/2011 462184 | (Bonjour Service) . (.Apple Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe
SS - | Demand 16/10/2013 484592 | (BRSptSvc) . (.BitRaider, LLC.) - C:\ProgramData\BitRaider\BRSptSvc.exe
SS - | Auto 15/10/2013 116648 | (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 15/10/2013 116648 | (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Disabled 07/06/2012 936848 | (iPod Service) . (.Apple Inc..) - C:\Program Files\iPod\bin\iPodService.exe
SS - | Auto 24/02/2014 2818888 | (MaConfigAgent) . (.CybelSoft.) - C:\Program Files\ma-config.com\MaConfigAgent.exe
SS - | Demand 29/03/2014 119408 | (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
SS - | Disabled 13/04/2007 792112 | (NBService) . (.Nero AG.) - C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe
SS - | Disabled 16/05/2007 271920 | (NMIndexingService) . (.Nero AG.) - C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe
SS - | Demand 25/09/2013 37176 | (OpenVPNService) . (.The OpenVPN Project.) - C:\Program Files (x86)\HMA! Pro VPN\bin\openvpnserv.exe
SS - | Disabled 08/04/2013 1320496 | (PDF Architect Helper Service) . (.pdfforge GmbH.) - C:\Program Files (x86)\PDF Architect\HelperService.exe
SS - | Disabled 08/04/2013 799280 | (PDF Architect Service) . (.pdfforge GmbH.) - C:\Program Files (x86)\PDF Architect\ConversionService.exe
SS - | Demand 25/06/2010 117264 | (rpcapd) . (.CACE Technologies, Inc..) - C:\Program Files (x86)\WinPcap\rpcapd.exe
SS - | Auto 30/06/2011 1191936 | (SgtSch2Svc) . (.Seagate.) - C:\Program Files (x86)\Common Files\Seagate\Schedule2\schedul2.exe
SS - | Disabled 07/02/2013 161384 | (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files (x86)\Skype\Updater\Updater.exe
SS - | Demand 16/03/2011 407336 | (Steam Client Service) . (.Valve Corporation.) - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
SS - | Demand 10/07/1658 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe =>.Microsoft Corporation
SS - | Auto 14/07/2009 27136 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 14/07/2009 27136 | C:\Program Files (x86)\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
~ Services: Scanned in 00mn 05s
---\\ Scan Additionnel (O88)
Database Version : 13045 - (26/04/2014)
Clés trouvées (Keys found) : 2
Valeurs trouvées (Values found) : 2
Dossiers trouvés (Folders found) : 5
Fichiers trouvés (Files found) : 1
[HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Bonanza] =>Adware.BonanzaDeals^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CA0054A5AB3EFFE4CB5660E44A1E7DCC] =>Adware.Boxore^
C:\ProgramData\Babylon =>PUP.Babylon^
C:\ProgramData\BitGuard =>PUP.BitGuard^
C:\ProgramData\eSafe =>PUP.eSafeSecurity^
C:\Users\pc2\AppData\Roaming\Bonanza =>Adware.BonanzaDeals^
C:\Users\pc2\AppData\Roaming\UpdateBonanza =>Adware.BonanzaDeals^
C:\Windows\Tasks\Bonanza.job =>Adware.BonanzaDeals^
~ Additionnel Scan: 247410 Items scanned in 00mn 18s
---\\ Récapitulatif des détections trouvées sur votre station
http://nicolascoolman.webs.com/apps/blog/show/32816468-adware-bonanzadeals =>Adware.BonanzaDeals
http://nicolascoolman.webs.com/apps/blog/show/26627369-toolbar-babylon =>PUP.Babylon
http://nicolascoolman.webs.com/apps/blog/show/32979753-pup-bitguard =>PUP.BitGuard
http://nicolascoolman.webs.com/apps/blog/show/27588628-pup-esafesecurity =>PUP.eSafeSecurity
http://nicolascoolman.webs.com/apps/blog/show/27146838-adware-mywebsearch =>Adware.MyWebSearch
http://nicolascoolman.webs.com/apps/blog/show/26626977-adware-boxore =>Adware.Boxore
~ MSI: 6 link(s) detected in 00mn 00s
~ 841 Legitimates filtered by white list
End of the scan (393 lines in 00mn 52s)(0)