bonjour voici enfin mes 3 rapports :
Malwarebytes Anti-Malware
www.malwarebytes.org
Scan
Date: 10/01/2015
Scan Time: 10:08:56
Logfile: Malwarebytes.txt
Administrator: Yes
Version: 2.00.4.1028
Malware Database: v2015.01.10.09
Rootkit Database: v2015.01.07.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled
OS: Windows 7
CPU: x86
File System: NTFS
User: mateo
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 286562
Time Elapsed: 7 min, 34 sec
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
Processes: 0
(No malicious items detected)
Modules: 0
(No malicious items detected)
Registry Keys: 0
(No malicious items detected)
Registry Values: 0
(No malicious items detected)
Registry Data: 0
(No malicious items detected)
Folders: 0
(No malicious items detected)
Files: 0
(No malicious items detected)
Physical Sectors: 0
(No malicious items detected)
(end)
# AdwCleaner v4.107 - Rapport créé le 10/01/2015 à 10:33:01
# Mis à jour le 07/01/2015 par Xplode
# Database : 2015-01-03.1 [Live]
# Système d'exploitation : Windows 7 Ultimate (32 bits)
# Nom d'utilisateur : mateo - MATEO-PC
# Exécuté depuis : C:\Users\mateo\Downloads\adwcleaner_4.107.exe
# Option : Nettoyer
***** [ Services ] *****
***** [ Fichiers / Dossiers ] *****
***** [ Tâches planifiées ] *****
***** [ Raccourcis ] *****
***** [ Registre ] *****
Clé Supprimée : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Clé Supprimée : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
***** [ Navigateurs ] *****
-\\ Internet Explorer v9.0.8112.16421
*************************
AdwCleaner[R0].txt - [865 octets] - [10/01/2015 10:22:25]
AdwCleaner[S0].txt - [789 octets] - [10/01/2015 10:33:01]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [848 octets] ##########
~ Rapport de ZHPDiag v2015.1.9.4 - Nicolas Coolman (09/01/2015)
~ Lancé par mateo (10/01/2015 10:49:24)
~ Facebook : https://www.facebook.com/nicolascoolman1
~ Adresse du Forum http://forum.nicolascoolman.fr
~ Traduit par Nicolas Coolman
~ Etat de la version : Version à jour.
~ Liste blanche : Activée par le programme
~ Elévation des Privilèges : OK
~ User Account Control (UAC): Activate by user
---\\ Navigateurs Internet
MSIE: Internet Explorer v9.0.8112.16421 (Defaut)
---\\ Informations sur les produits Windows
~ Langage: Français
Windows 7 Ultimate, 32-bit (Build 7600)
Windows Server License Manager Script : OK
~ Windows Operating System - Windows(R) 7, OEM_SLP channel
System Locked Preinstallation (OEM_SLP) : OK
Windows ID Activation : OK
~ Windows Partial Key : 2C9T3
Windows License : OK
~ Windows Remaining Initializations Number : 3
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK
---\\ Logiciels de protection du système
avast! Free Antivirus v7.0.1474.0
Malwarebytes Anti-Malware version 2.0.4.1028
Windows Defender W7 (Activate)
---\\ Logiciels d'optimisation du système
---\\ Logiciels de partage PeerToPeer
---\\ Surveillance de Logiciels
---\\ Informations sur le système
~ Processor: x86 Family 16 Model 6 Stepping 2, AuthenticAMD
~ Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 3454 MB (54% free)
System Restore: Activé (Enable)
System drive C: has 542 GB (92%) free of 583 GB
---\\ Mode de connexion au système
~ Computer Name: MATEO-PC
~ User Name: mateo
~ All Users Names: mateo, HomeGroupUser$, Administrateur,
~ Unselected Option: O45,O61,O62,O65,O66,O80,O82,O89
Logged in as Administrator
---\\ Variables d'environnement
~ System Unit : C:\
~ %AppZHP% : C:\Users\mateo\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\mateo\AppData\Roaming\
~ %Desktop% : C:\Users\mateo\Desktop\
~ %Favorites% : C:\Users\mateo\Favorites\
~ %LocalAppData% : C:\Users\mateo\AppData\Local\
~ %StartMenu% : C:\Users\mateo\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\
---\\ Enumération des unités disques
C: Hard drive, Flash drive, Thumb drive (Free 542 Go of 583 Go)
D: Hard drive, Flash drive, Thumb drive (Free 2 Go of 13 Go)
E: CD-ROM drive (Not Inserted)
---\\ Etat du Centre de Sécurité Windows
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : Out Of Date
~ Security Center: 38 Legitimates Filtered in 00mn 00s
---\\ Recherche particulière de fichiers génériques
[MD5.2AF58D15EDC06EC6FDACCE1F19482BBF] - (.Microsoft Corporation - Explorateur Windows.) (.26/02/2011 - 06:33:07.) -- C:\Windows\Explorer.exe [2614784]
[MD5.B5C5DCAD3899512020D135600129D665] - (.Microsoft Corporation - Application de démarrage de Windows.) (.14/07/2009 - 02:14:45.) -- C:\Windows\System32\Wininit.exe [96256]
[MD5.A1236375B74EA63C75657D564890C436] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.05/01/2013 - 11:24:59.) -- C:\Windows\System32\wininet.dll [1126912]
[MD5.37CDB7E72EB66BA85A87CBE37E7F03FD] - (.Microsoft Corporation - Application d’ouverture de session Windows.) (.28/10/2009 - 07:17:59.) -- C:\Windows\System32\Winlogon.exe [285696]
[MD5.58C94EAE54BF0C5E2B80B2E5E7744D4C] - (.Microsoft Corporation - Bibliothèque de licences.) (.14/07/2009 - 02:16:15.) -- C:\Windows\System32\sppcomapi.dll [193024]
[MD5.0DB7A48388D54D154EBEC120461A0FCD] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.25/04/2011 - 03:35:40.) -- C:\Windows\system32\Drivers\AFD.sys [338944]
[MD5.338C86357871C167A96AB976519BF59E] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 - 02:26:15.) -- C:\Windows\system32\Drivers\atapi.sys [21584]
[MD5.77EA11B065E0A8AB902D78145CA51E10] - (.Microsoft Corporation - CD-ROM File System Driver.) (.14/07/2009 - 00:11:15.) -- C:\Windows\system32\Drivers\Cdfs.sys [70656]
[MD5.BA6E70AA0E6091BC39DE29477D866A77] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.14/07/2009 - 00:11:26.) -- C:\Windows\system32\Drivers\Cdrom.sys [108544]
[MD5.8E09E52EE2E3CEB199EF3DD99CF9E3FB] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.14/07/2009 - 00:14:17.) -- C:\Windows\system32\Drivers\DfsC.sys [78336]
[MD5.717A2207FD6F13AD3E664C7D5A43C7BF] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.14/07/2009 - 00:50:56.) -- C:\Windows\system32\Drivers\HDAudBus.sys [108544]
[MD5.F151F0BDC47F4A28B1B20A0818EA36D6] - (.Microsoft Corporation - Pilote de port i8042.) (.14/07/2009 - 00:11:24.) -- C:\Windows\system32\Drivers\i8042prt.sys [80896]
[MD5.A5FA468D67ABCDAA36264E463A7BB0CD] - (.Microsoft Corporation - IP Network Address Translator.) (.14/07/2009 - 00:54:29.) -- C:\Windows\system32\Drivers\IpNat.sys [101888]
[MD5.CA7570E42522E24324A12161DB14EC02] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.04/05/2011 - 03:43:41.) -- C:\Windows\system32\Drivers\MRxSmb.sys [123392]
[MD5.DD52A733BF4CA5AF84562A5E2F963B91] - (.Microsoft Corporation - MBT Transport driver.) (.14/07/2009 - 00:12:21.) -- C:\Windows\system32\Drivers\netBT.sys [187904]
[MD5.5126C5402C730C2A953275D8497A4715] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.31/08/2012 - 18:21:56.) -- C:\Windows\system32\Drivers\ntfs.sys [1210736]
[MD5.2EA877ED5DD9713C5AC74E8EA7348D14] - (.Microsoft Corporation - Pilote de port parallèle.) (.14/07/2009 - 00:45:35.) -- C:\Windows\system32\Drivers\Parport.sys [79360]
[MD5.D9F91EAFEC2815365CBE6D167E4E332A] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.14/07/2009 - 00:54:34.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [78848]
[MD5.C5FF95883FFEF704D50C40D21CFB3AB5] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.14/07/2009 - 01:02:58.) -- C:\Windows\system32\Drivers\rdpdr.sys [133120]
[MD5.3E21C083B8A01CB70BA1F09303010FCE] - (.Microsoft Corporation - SMB Transport driver.) (.14/07/2009 - 00:53:41.) -- C:\Windows\system32\Drivers\smb.sys [71168]
[MD5.CB39E896A2A83702D1737BFD402B3542] - (.Microsoft Corporation - TDI Translation Driver.) (.14/07/2009 - 00:12:11.) -- C:\Windows\system32\Drivers\tdx.sys [74240]
[MD5.59F06B4968E58BC83DFC56CA4517960E] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.06/09/2012 - 17:48:29.) -- C:\Windows\system32\Drivers\volsnap.sys [245616]
~ Generic Processes: Scanned in 00mn 03s
---\\ Etat des fichiers cachés (Caché/Total)
~ Mes musiques (My Musics) : 1/323
~ Mes Favoris (My Favorites) : 1/26
Mes Documents (My Documents) : 2/2 (Modified)
~ Mon Bureau (My Desktop) : 1/16
~ Menu demarrer (Programs) : 1/25
~ Hidden Files: Scanned in 00mn 01s
---\\ Processus lancés
[MD5.3C13F26A4766752314A5413038BD86B4] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files\Malwarebytes Anti-Malware\mbam.exe [7229752] [PID.2064]
[MD5.083649EF692A066880C9326020915AFE] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe [4297136] [PID.2392]
[MD5.392AFF0CC9987772988CFD2B58A1B47D] - (.Realtek Semiconductor - Gestionnaire audio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [7731744] [PID.2408]
[MD5.4298DB2F9FE4FE4C96AC4528542680F8] - (.Hewlett-Packard - HP BATTERY INDICATOR.) -- C:\Program Files\Hewlett-Packard\HP MAINSTREAM KEYBOARD\BATINDICATOR.exe [2068992] [PID.2416]
[MD5.EDCB55CF7135CCF9818EEC413FB39410] - (.Hewlett-Packard - HP LED INDICATOR.) -- C:\Program Files\Hewlett-Packard\HP MAINSTREAM KEYBOARD\CNYHKEY.exe [2068992] [PID.3892]
[MD5.5D61BE7DB55B026A5D61A3EED09D0EAD] - (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408] [PID.2196]
[MD5.904E13BA41AF2E353A32CF351CA53639] - (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe [748336] [PID.3640]
[MD5.E8B7FD67DA14A7BE57A5CB80E3139E60] - (.Google Inc. - Google Toolbar Broker.) -- C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe [309704] [PID.3828]
[MD5.2E0B0A051FFAA86E358465BB0880D453] - (.Microsoft Corporation - Windows Update.) -- C:\Windows\system32\wuauclt.exe [53784] [PID.2800]
[MD5.E6B65C40F24E207DF5937AA3641CA381] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [8151040] [PID.2108]
[MD5.51138BEEA3E2C21EC44D0932C71762A8] - (...) -- ystem32\RunDll32.exe [0] [PID.2836]
~ Processes Running: Scanned in 00mn 05s
---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://free.fr
~ IE Browser: 10 Legitimates Filtered in 00mn 00s
---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s
---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s
---\\ Hosts file redirection (O1)
~ Le fichier hôte est sain (The hosts file is clean) (21)
~ Hosts File: Scanned in 00mn 00s
---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: avast! WebRep - [HKLM]{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} . (.AVAST Software - avast! WebRep Plugin.) -- C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O3 - Toolbar: Google Toolbar - [HKLM]{2318C2B1-4965-11d4-9B18-009027A5CD4F} . (.Google Inc. - Google Toolbar.) -- C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{2318C2B1-4965-11D4-9B18-009027A5CD4F} Clé orpheline
~ Toolbar: Scanned in 00mn 00s
---\\ Applications lancées au démarrage du système (O4)
O4 - HKLM\..\Run: [avast] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\avastUI.exe
O4 - HKLM\..\Run: [RtHDVCpl] . (.Realtek Semiconductor - Gestionnaire audio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe =>.Realtek Semiconductor Corp
O4 - HKLM\..\Run: [BATINDICATOR] . (.Hewlett-Packard - HP BATTERY INDICATOR.) -- C:\Program Files\Hewlett-Packard\HP MAINSTREAM KEYBOARD\BATINDICATOR.exe
O4 - HKLM\..\Run: [LaunchHPOSIAPP] . (.Hewlett-Packard - Launch a application..) -- C:\Program Files\Hewlett-Packard\HP MAINSTREAM KEYBOARD\LaunchApp.exe
O4 - HKCU\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-1523626536-3365604143-2392636475-1000\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
~ Application: Scanned in 00mn 00s
---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{1F651E84-974D-42A4-98ED-5655D8E71557}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{1F651E84-974D-42A4-98ED-5655D8E71557}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{1F651E84-974D-42A4-98ED-5655D8E71557}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
~ Domain: Scanned in 00mn 00s
---\\ Protocole additionnel (O18)
O18 - Handler: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll =>.Microsoft Corporation
O18 - Filter: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s
---\\ Tâches planifiées en automatique (O39)
[MD5.A677951CE27E521035D4B3CDB3B6B557] [APT] [{3C41778C-BDC7-497A-BF72-AC797ED55C2D}] (.ORCHESTRA SOFTWARE.) -- C:\OrchestraPDV\Orchestrapdv.exe [7490048]
[MD5.00000000000000000000000000000000] [APT] [{A09CFBB6-FFA5-42F3-93E9-FBA911BC6215}] (...) -- C:\Program Files\Utilitaire r‚seau pour SAGEM Wi-Fi 11g USB adapter\WLANUTL.exe (.not file.) [0]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore [1054]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA [1058]
~ Scheduled Task: 9 Legitimates Filtered in 00mn 07s
---\\ Logiciels installés (O42)
O42 - Logiciel: Dot Impact Printer 3.7.0 - (...) [HKLM] -- Dot Impact Printer 3.7.0
O42 - Logiciel: Orchestra Restaurant - (...) [HKLM] -- OrchestraRestaurant
~ Logic: 17 Legitimates Filtered in 00mn 00s
---\\ HKCU & HKLM Software Keys
[HKLM\Software\XCard]
[HKLM\Software\deltavox]
~ Key Software: 91 Legitimates Filtered in 00mn 00s
---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 08/01/2015 - 20:33:59 - [] ----D C:\Program Files\fh
O43 - CFD: 08/01/2015 - 11:34:56 - [0] ----D C:\Program Files\GUMEB23.tmp
O43 - CFD: 14/07/2009 - 10:00:32 - [0] R-H-D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablet PC
~ Program Folder: 103 Legitimates Filtered in 00mn 00s
---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.41783D246CA88D527E20D973B170847F] - 10/01/2015 - 09:19:18 ---A- . (...) -- C:\Windows\ORESTAURANT.INI [4019]
O44 - LFC:[MD5.7BBEDE8C95DBBE1221B39ED702B4ED14] - 10/01/2015 - 09:19:22 ---A- . (...) -- C:\Windows\WD.INI [153]
~ Files: 11 Legitimates Filtered in 00mn 02s
---\\ Clé de registre Shell MountPoints2 (MPSK) (O51)
O51 - MPSK:{d7fb46b9-fe2c-11e0-89ee-00269ef75eaa}\AutoRun\command. (...) -- F:\Startme.exe (.not file.)
~ Keys: Scanned in 00mn 00s
---\\ Enumération des clés de registre PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ MWPS: 16 Legitimates Filtered in 00mn 00s
---\\ Liste des pilotes du système (SDL) (O58)
O58 - SDL:14/07/2009 - 02:20:28 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\System32\Drivers\elxstor.sys [453712]
O58 - SDL:13/07/2009 - 23:54:14 ---A- . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\System32\Drivers\hcw85cir.sys [26624]
O58 - SDL:14/07/2009 - 02:19:04 ---A- . (.Promise Technology - Promise SuperTrak EX Series Driver for Windows.) -- C:\Windows\System32\Drivers\stexstor.sys [21072]
O58 - SDL:13/07/2009 - 22:40:41 ---A- . (...) -- C:\Windows\System32\ANSI.SYS [9029]
O58 - SDL:13/07/2009 - 22:40:44 ---A- . (...) -- C:\Windows\System32\country.sys [27097]
O58 - SDL:13/07/2009 - 22:40:40 ---A- . (...) -- C:\Windows\System32\HIMEM.SYS [4768]
O58 - SDL:13/07/2009 - 22:40:43 ---A- . (...) -- C:\Windows\System32\KEY01.SYS [42809]
O58 - SDL:13/07/2009 - 22:40:43 ---A- . (...) -- C:\Windows\System32\KEYBOARD.SYS [42537]
O58 - SDL:13/07/2009 - 22:40:23 ---A- . (...) -- C:\Windows\System32\NTDOS.SYS [27866]
O58 - SDL:13/07/2009 - 22:40:31 ---A- . (...) -- C:\Windows\System32\NTDOS404.SYS [29146]
O58 - SDL:13/07/2009 - 22:40:35 ---A- . (...) -- C:\Windows\System32\NTDOS411.SYS [29370]
O58 - SDL:13/07/2009 - 22:40:39 ---A- . (...) -- C:\Windows\System32\NTDOS412.SYS [29274]
O58 - SDL:13/07/2009 - 22:40:27 ---A- . (...) -- C:\Windows\System32\NTDOS804.SYS [29146]
O58 - SDL:13/07/2009 - 22:40:11 ---A- . (...) -- C:\Windows\System32\NTIO.SYS [33952]
O58 - SDL:13/07/2009 - 22:40:15 ---A- . (...) -- C:\Windows\System32\NTIO404.SYS [34672]
O58 - SDL:13/07/2009 - 22:40:17 ---A- . (...) -- C:\Windows\System32\NTIO411.SYS [35776]
O58 - SDL:13/07/2009 - 22:40:19 ---A- . (...) -- C:\Windows\System32\NTIO412.SYS [35536]
O58 - SDL:13/07/2009 - 22:40:13 ---A- . (...) -- C:\Windows\System32\NTIO804.SYS [34672]
~ Drivers: 76 Legitimates Filtered in 00mn 09s
---\\ Liste des outils de désinfection (LATC) (O63)
O63 - Logiciel: ZHPDiag 2015 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s
---\\ Menu de démarrage Internet (SMI) (O68)
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
~ Keys: Scanned in 00mn 00s
---\\ Recherche d'infection sur les navigateurs internet (SBI) (O69)
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - http://www.bing.com
O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} [DefaultScope] - (Google) - http://www.google.com
~ Keys: Scanned in 00mn 00s
---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SS - | Auto 30/10/2012 44808 | (avast! Antivirus) . (.AVAST Software.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
SS - | Auto 10/01/2015 107912 | (gupdate) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SS - | Demand 10/01/2015 107912 | (gupdatem) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SS - | Demand 02/01/2013 194032 | (gusvc) . (.Google.) - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
SR - | Auto 31/03/2009 81920 | (AERTFilters) . (.Andrea Electronics Corporation.) - C:\Program Files\Realtek\Audio\HDA\AERTSrv.exe
SR - | Auto 21/11/2014 1871160 | (MBAMScheduler) . (.Malwarebytes Corporation.) - C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
SR - | Auto 21/11/2014 969016 | (MBAMService) . (.Malwarebytes Corporation.) - C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
SR - | Auto 29/06/2010 129640 | (nvsvc) . (.NVIDIA Corporation.) - C:\Windows\system32\nvvsvc.exe
SR - | Auto 14/07/2009 20992 | C:\Program Files\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 14/07/2009 20992 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
~ Services: Scanned in 00mn 19s
---\\ Scan Additionnel (O88)
Database Version : 13008 - (09/01/2015)
Clés trouvées (Keys found) : 2
Valeurs trouvées (Values found) : 0
Dossiers trouvés (Folders found) : 0
Fichiers trouvés (Files found) : 0
[HKLM\Software\Classes\protector_dll.protectorbho.1] =>PUP.BProtector
[HKLM\Software\Classes\protector_dll.protectorbho] =>PUP.BProtector
~ Additionnel Scan: 131268 Items scanned in 00mn 28s
---\\ Informations complémentaires sur les modules
~ http://nicolascoolman.fr/r5-internet-explorer-proxy-management-iepm/ =>.Internet Explorer, Proxy Management (R5)
~ http://nicolascoolman.fr/o3-internet-explorer-toolbars/ =>.Internet Explorer Toolbars (O3)
~ http://nicolascoolman.fr/o4-applications-demarrees-par-le-registre/ =>.Applications lancées au démarrage du système (O4)
~ http://nicolascoolman.fr/o51-mountpoints2-shell-key-mpsk/ =>.Clé de registre Shell MountPoints2 (MPSK) (O51)
~ AMI: 4 Legitimates Filtered in 00mn 00s
---\\ Récapitulatif des détections trouvées sur votre station
http://nicolascoolman.fr/pup-bprotector =>PUP.BProtector
~ MSI: 1 link(s) detected in 00mn 00s
~ 505 Legitimates filtered by white list
End of the scan (337 lines in 02mn 04s)(0)
voila bonne journée à plus
par contre je pense que le 2eme rapport ne doit pas être bon