Redirection depuis youtube

magicshark Messages postés 445 Statut Membre -  
Marou81 Messages postés 4472 Statut Membre -
Bonjour,

Depuis quelques temps peu importe le navigateur je ne peux pas regarder une vidéo complète sur youtube sans être rediriger vers :

http://www.javanet2014.com/
me disant que ma version de java n'est pas bonne et m'invitant à en télécharger une nouvelle.

et une autre me disant que cette fois c'est flash qui n'est pas bon.

Avez vous déjà vu ça connaissez vous une solution ?

Merci


--
pourquoi faire simple quand on peut faire compliquer j'aime bien aider mais pas
faire vos recherche alors avant de nous poser la question, demander lui=>google

4 réponses

  1. Faeris Messages postés 795 Statut Membre 155
     
    Salut, utilise ce logiciel de diagnostique qui me permettra de t'aider :

    ▶ Télécharge ZHPDiag (de Nicolas Coolman) sur ton bureau
    ▶ Lance le (si tu es sous Windows Vista ou Windows 7, fais le par un clic-droit --> Exécuter en temps qu'administrateur)
    ▶ Laisse toi guider lors de l'installation (pense à cocher la case pour créer un raccourci sur le Bureau). Il se lancera automatiquement à la fin de l'installation.
    ▶ /!\ Suite à ces actions,l'outil a créé 2 raccourcis : ( ZHPFix, ZHPDiag )
    ▶ Pour exécuter une analyse complète, clique sur l'icône bureau "ZHPDiag" représentant un "parchemin".
    ▶ Dans l'interface du logiciel, clique sur le bouton "Configurer" pour accéder aux réglages.
    ▶ Clique ensuite sur bouton "Loupe +" en bas à gauche, pour lancer un Diagnostic Full options.
    ▶ L'analyse s'effectue, patientez quelques minutes pendant le travail de l'outil indiqué par "Traitement en cours..."
    ▶ A l'issue de l'analyse qui sera indiquée dans l'interface du programme, 100%, le rapport va s'ouvrir dans le bloc note.
    ▶ Rends toi sur ce site, clique sur "Parcourir", sélectionne le rapport de ZHPDiag et clique sur Envoyer le fichier. Patiente pendant l'envoi du fichier, puis copie/colle le lien fourni dans ta prochaine réponse sur le forum.

    Le rapport ZHPDiag.txt sera aussi sur ton bureau. En cas de nécessité, il est sauvegardé dans C:\ZHP\ZHPDiag.txt.
    0
  2. Faeris Messages postés 795 Statut Membre 155
     
    Utilises cet outil de désinfection spécifique aux logiciels publicitaires :

    ▶ Télécharge AdwCleaner (de Xplode) sur ton Bureau.
    ▶ Lance le, clique sur Analyse puis patiente le temps du scan et clique sur Suppression
    ▶ Ensuite, le rapport s'ouvrira après un redémarrage : poste le dans ta prochaine réponse.

    Puis, utilises cet outil en complément à ADWCleaner :

    ▶ Télécharge et lance Junkware Removal Tool de Thisisu En tant qu'administrateur
    ▶ Lis les conditions d'utilisations puis veille à bien fermer tous les programmes actifs
    ▶ Lance le en appuyant sur n'importe quelle touche
    ▶ Ne fais plus rien et attends que le logiciel termine (il se ferme tout seul et affiche normalement un rapport enregistré sur le bureau)
    ▶ Poste le rapport dans ta prochaine réponse

    Ensuite, fais un examen complet avec Malwarebyte's et postes le rapport une fois terminé.

    Enfin, refais un scan avec ZHPDiag comme la première fois.
    0
  3. magicshark Messages postés 445 Statut Membre 13
     
    j'ai fait un scan minutieux sur tous mes dd avant tiers de Malwarebyte's dois-je recommencer ?
    0
    1. Faeris Messages postés 795 Statut Membre 155
       
      Non, postes directement le rapport. Ils sont disponible dans l'onglet Rapport/log quand tu ouvres Malwarebyte's.
      0
    2. magicshark Messages postés 445 Statut Membre 13
       
      je finirai les manipulation demain j'ai besoin que mon PC rèste allumer désolé. Merci beaucoup de l'aide en tous cas
      0
    3. Faeris Messages postés 795 Statut Membre 155
       
      Pas de soucis.
      0
    4. magicshark Messages postés 445 Statut Membre 13
       
      ZhpDiag :

      ~ Rapport de ZHPDiag v2014.1.2.5 - Nicolas Coolman (02/01/2014)
      ~ Lancé par pierrot (06/01/2014 21:19:34)
      ~ Adresse du Site Web https://nicolascoolman.webs.com/
      ~ Forums gratuits d'Assistance à la désinfection : https://nicolascoolman.webs.com/
      ~ Traduit par Nicolas Coolman
      ~ Etat de la version :
      ~ Liste blanche : Activée par le programme
      ~ Elévation des Privilèges : OK
      ~ User Account Control (UAC): Deactivate by user


      ---\\ Navigateurs Internet
      MSIE: Internet Explorer v11.0.9600.16476
      MFIE: Mozilla Firefox 18.0.1
      GCIE: Google Chrome v31.0.1650.63 (Defaut)

      ---\\ Informations sur les produits Windows
      ~ Langage: Français
      Windows 7 Professional, 32-bit Service Pack 1 (Build 7601)
      Windows Server License Manager Script : OK
      ~ Windows(R) 7, VOLUME_MAK channel
      Windows ID Activation : OK
      ~ Windows Partial Key : 4G37D
      Windows License : OK
      ~ Windows Remaining Initializations Number : 4
      Software Protection Service (Protection logicielle) : OK
      Windows Automatic Updates : OK
      Windows Activation Technologies : OK

      ---\\ Logiciels de protection du système
      Malwarebytes Anti-Malware version 1.75.0.1300
      Windows Defender W7

      ---\\ Logiciels d'optimisation du système

      ---\\ Logiciels de partage PeerToPeer
      Pando Media Booster v2.6.0.1

      ---\\ Surveillance de Logiciels
      Adobe Flash Player 11 Plugin
      Java 7 Update 45

      ---\\ Informations sur le système
      ~ Processor: x86 Family 6 Model 15 Stepping 13, GenuineIntel
      ~ Operating System: 32 Bits
      Boot mode: Normal (Normal boot)
      Total RAM: 3070 MB (50% free)
      System Restore: Activé (Enable)
      System drive C: has 5 GB (6%) free of 74 GB

      ---\\ Mode de connexion au système
      ~ Computer Name: PIERROT-PC
      ~ User Name: pierrot
      ~ All Users Names: pierrot, HomeGroupUser$, Administrateur,
      ~ Unselected Option: None
      Logged in as Administrator

      ---\\ Variables d'environnement
      ~ System Unit : C:\
      ~ %AppZHP% : C:\Users\pierrot\AppData\Roaming\ZHP\
      ~ %AppData% : C:\Users\pierrot\AppData\Roaming\
      ~ %Desktop% : C:\Users\pierrot\Desktop\
      ~ %Favorites% : C:\Users\pierrot\Favorites\
      ~ %LocalAppData% : C:\Users\pierrot\AppData\Local\
      ~ %StartMenu% : C:\Users\pierrot\AppData\Roaming\Microsoft\Windows\Start Menu\
      ~ %Windir% : C:\Windows\
      ~ %System% : C:\Windows\System32\

      ---\\ Enumération des unités disques
      C: Hard drive, Flash drive, Thumb drive (Free 5 Go of 74 Go)
      D: Hard drive, Flash drive, Thumb drive (Free 8 Go of 149 Go)
      E: CD-ROM drive (Not Inserted)
      G: Hard drive, Flash drive, Thumb drive (Free 9 Go of 75 Go)
      K: Floppy drive, Flash card reader, USB Key (Not Inserted)
      L: Floppy drive, Flash card reader, USB Key (Not Inserted)
      M: Floppy drive, Flash card reader, USB Key (Not Inserted)
      N: Floppy drive, Flash card reader, USB Key (Not Inserted)



      ---\\ Etat du Centre de Sécurité Windows
      [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: Modified
      [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowMyGames: Modified
      ~ Security Center: 43 Legitimates Filtered in 00mn 00s



      ---\\ Recherche particulière de fichiers génériques
      [MD5.8B88EBBB05A0E56B7DCC708498C02B3E] - (.Microsoft Corporation - Explorateur Windows.) (.25/02/2011 - 06:30:54.) -- C:\Windows\Explorer.exe [2616320]
      [MD5.B5C5DCAD3899512020D135600129D665] - (.Microsoft Corporation - Application de démarrage de Windows.) (.14/07/2009 - 02:14:45.) -- C:\Windows\System32\Wininit.exe [96256]
      [MD5.927FA6456AD6D7630F6854828D2FD16B] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.26/11/2013 - 07:33:33.) -- C:\Windows\System32\wininet.dll [1820160]
      [MD5.6D13E1406F50C66E2A95D97F22C47560] - (.Microsoft Corporation - Application d'ouverture de session Windows.) (.20/11/2010 - 13:17:54.) -- C:\Windows\System32\Winlogon.exe [286720]
      [MD5.E3AE23569749DE12D45BA3B489A036AE] - (.Microsoft Corporation - Bibliothèque de licences.) (.20/11/2010 - 13:21:24.) -- C:\Windows\System32\sppcomapi.dll [193536]
      [MD5.F81BB7E487EDCEAB630A7EE66CF23913] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.14/09/2013 - 01:48:58.) -- C:\Windows\system32\Drivers\AFD.sys [338944]
      [MD5.338C86357871C167A96AB976519BF59E] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 - 02:26:15.) -- C:\Windows\system32\Drivers\atapi.sys [21584]
      [MD5.77EA11B065E0A8AB902D78145CA51E10] - (.Microsoft Corporation - CD-ROM File System Driver.) (.14/07/2009 - 00:11:15.) -- C:\Windows\system32\Drivers\Cdfs.sys [70656]
      [MD5.BE167ED0FDB9C1FA1133953C18D5A6C9] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.20/11/2010 - 09:38:10.) -- C:\Windows\system32\Drivers\Cdrom.sys [108544]
      [MD5.F024449C97EC1E464AAFFDA18593DB88] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.20/11/2010 - 09:42:32.) -- C:\Windows\system32\Drivers\DfsC.sys [78336]
      [MD5.9036377B8A6C15DC2EEC53E489D159B5] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.20/11/2010 - 10:59:29.) -- C:\Windows\system32\Drivers\HDAudBus.sys [108544]
      [MD5.F151F0BDC47F4A28B1B20A0818EA36D6] - (.Microsoft Corporation - Pilote de port i8042.) (.14/07/2009 - 00:11:24.) -- C:\Windows\system32\Drivers\i8042prt.sys [80896]
      [MD5.A5FA468D67ABCDAA36264E463A7BB0CD] - (.Microsoft Corporation - IP Network Address Translator.) (.14/07/2009 - 00:54:29.) -- C:\Windows\system32\Drivers\IpNat.sys [101888]
      [MD5.5D16C921E3671636C0EBA3BBAAC5FD25] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.27/04/2011 - 03:17:22.) -- C:\Windows\system32\Drivers\MRxSmb.sys [123904]
      [MD5.280122DDCF04B378EDD1AD54D71C1E54] - (.Microsoft Corporation - MBT Transport driver.) (.20/11/2010 - 09:39:44.) -- C:\Windows\system32\Drivers\netBT.sys [187904]
      [MD5.5E43D2B0EE64123D4880DFA6626DEFDE] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.12/04/2013 - 14:45:29.) -- C:\Windows\system32\Drivers\ntfs.sys [1211752]
      [MD5.2EA877ED5DD9713C5AC74E8EA7348D14] - (.Microsoft Corporation - Pilote de port parallèle.) (.14/07/2009 - 00:45:35.) -- C:\Windows\system32\Drivers\Parport.sys [79360]
      [MD5.D9F91EAFEC2815365CBE6D167E4E332A] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.14/07/2009 - 00:54:34.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [78848]
      [MD5.B973FCFC50DC1434E1970A146F7E3885] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.20/11/2010 - 11:24:46.) -- C:\Windows\system32\Drivers\rdpdr.sys [133632]
      [MD5.3E21C083B8A01CB70BA1F09303010FCE] - (.Microsoft Corporation - SMB Transport driver.) (.14/07/2009 - 00:53:41.) -- C:\Windows\system32\Drivers\smb.sys [71168]
      [MD5.B459575348C20E8121D6039DA063C704] - (.Microsoft Corporation - TDI Translation Driver.) (.20/11/2010 - 09:39:17.) -- C:\Windows\system32\Drivers\tdx.sys [74752]
      [MD5.F497F67932C6FA693D7DE2780631CFE7] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.20/11/2010 - 13:30:16.) -- C:\Windows\system32\Drivers\volsnap.sys [245632]
      ~ Generic Processes: Scanned in 00mn 01s



      ---\\ Etat des fichiers cachés (Caché/Total)
      ~ Mes images (My Pictures) : 1/31
      ~ Mes musiques (My Musics) : 1/26
      ~ Mes Favoris (My Favorites) : 1/6
      ~ Mes Documents (My Documents) : 2/141
      ~ Mon Bureau (My Desktop) : 1/4955
      ~ Menu demarrer (Programs) : 1/78
      ~ Hidden Files: Scanned in 00mn 09s



      ---\\ Processus lancés
      [MD5.D1D5DAB39DCB4BE0359943738D87409B] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe [532040] [PID.1624]
      [MD5.D49C6A597814433ED6C3BF7ECF2D27BD] - (.CANON INC. - Canon My Printer.) -- C:\Program Files\Canon\MyPrinter\BJMYPRT.exe [2565520] [PID.372]
      [MD5.00AB2B491C7037BB219BEB26FAD34C72] - (.CANON INC. - Canon Solution Menu EX.) -- C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.exe [1612920] [PID.2416]
      [MD5.5F7EE76129F9A591F22F99F95D97AC95] - (.CANON INC. - Canon IJ Network Scanner Selector EX.) -- C:\Program Files\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [452016] [PID.2484]
      [MD5.5B6E8E09BE6401A7E022F52FDFCB2FF8] - (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336] [PID.1728]
      [MD5.0B692C328AF648AD478A967C21DD7936] - (.Pas de propriétaire - AgentMon Application.) -- G:\ordi Zayan\VTech\DownloadManager\System\AgentMonitor.exe [391040] [PID.2972]
      [MD5.F6987FF6C6D683F79FDCE707B071A997] - (.SFX TEAM - SuperCopier 2 (explorer file copy replaceme.) -- C:\Program Files\SuperCopier2\SuperCopier2.exe [955392] [PID.3236]
      [MD5.376A9B411BF8B77D5BF84B24D0C7DACD] - (.Google Inc. - Google Chrome.) -- C:\Users\pierrot\AppData\Local\Google\Chrome\Application\chrome.exe [863184] [PID.5336]
      [MD5.E9ACE8568F9F906996B16363E9861829] - (.Valve Corporation - Steam Client Bootstrapper (buildbot_winslav.) -- G:\Steam\Steam.exe [1823656] [PID.4592]
      [MD5.2E0B0A051FFAA86E358465BB0880D453] - (.Microsoft Corporation - Windows Update.) -- C:\Windows\system32\wuauclt.exe [53784] [PID.2696]
      [MD5.96D15D600A881779177985166A8F022F] - (.Nicolas Coolman - ZHPDiag Setup.) -- D:\telechargement\ZHPDiag2.exe [6864398] [PID.4184]
      [MD5.9E30AB5E3F6B43F69F928E6B4FCFD604] - (.Pas de propriétaire - Setup/Uninstall.) -- C:\Users\pierrot\AppData\Local\Temp\is-53VPH.tmp\ZHPDiag2.tmp [680960] [PID.5144]
      [MD5.486BDC196F8914845302745A15310D62] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [8321024] [PID.2624]
      [MD5.4B9298FD6707980AB8E3A8F0E642EC9A] - (.AMD - AMD External Events Service Module.) -- C:\Windows\system32\atiesrxx.exe [163328] [PID.832]
      [MD5.F4E24BB33314593B8AAA269A85045909] - (.AMD - AMD External Events Client Module.) -- C:\Windows\system32\atieclxx.exe [405504] [PID.1316]
      [MD5.51138BEEA3E2C21EC44D0932C71762A8] - (...) -- ystem32\rundll32.exe [0] [PID.1940]
      [MD5.CE1EE31FFF730CA975A5535D8A71AF61] - (.Pas de propriétaire - Inkjet Printer/Scanner/Fax Extended Survey.) -- C:\Program Files\Canon\IJPLM\IJPLMSVC.exe [138192] [PID.2008]
      [MD5.65085456FD9A74D7F1A999520C299ECB] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376] [PID.380]
      [MD5.E0D7732F2D2E24B2DB3F67B6750295B8] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [701512] [PID.720]
      [MD5.8C02B0CC65BEE71124A565062BA77B39] - (...) -- C:\Program Files\OpenVPN Technologies\OpenVPN Client\core\capiws.exe [24064] [PID.1188]
      [MD5.F502A4B72524D21C5CA7183E61FB522E] - (.Ralink Technology, Corp. - RalinkRegistryWriter.) -- C:\Program Files\Ralink\Common\RaRegistry.exe [375872] [PID.1744]
      [MD5.388AE59FE75F1B959DFA0900923C61BB] - (.Skype Technologies S.A. - Skype C2C Service.) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [3064000] [PID.1656]
      [MD5.4D09B93F16DA1AA08EB226F9F1AA4D51] - (.VMware, Inc. - VMware USB Arbitration Service.) -- C:\Program Files\Common Files\VMware\USB\vmware-usbarbitrator.exe [665200] [PID.2060]
      [MD5.95EEC9F8FEB9D06872A433F058AB8E60] - (.VMware, Inc. - VMware NAT Service.) -- C:\Windows\system32\vmnat.exe [432752] [PID.2108]
      [MD5.E3DED404ED971CA58DE75F45227F947C] - (.VTech - VTech Service Installer.) -- G:\ordi Zayan\VTech\DownloadManager\Applications\AppAccessory\12051\VTechUSBSocketService\VTechServiceInstaller.exe [82344] [PID.2152]
      [MD5.82FF155BF3F16AFEF04A26045EFECECF] - (.VMware, Inc. - VMware VMnet DHCP service.) -- C:\Windows\system32\vmnetdhcp.exe [354416] [PID.2184]
      [MD5.1B27939FC5B5B697D10BE276A83D3C35] - (.VTech - VTech USB Socket Service.) -- G:\ordi Zayan\VTech\DownloadManager\Applications\AppAccessory\12051\VTechUSBSocketService\VTechUSBSocketService.exe [183720] [PID.2192]
      [MD5.0FC29ADB3F634ED3E535A76395B470B5] - (.VMware, Inc. - VMware Authorization Service.) -- C:\Program Files\VMware\VMware Player\vmware-authd.exe [79872] [PID.2224]
      [MD5.A63DC5C2EA944E6657203E0C8EDEAF61] - (.Microsoft Corporation - COM Surrogate.) -- C:\Windows\system32\DllHost.exe [7168] [PID.4916]
      [MD5.6F44F5C0BC6B210FE5F5A1C8D899AD0A] - (.Microsoft Corporation - Infrastructure d'extensibilité pour les ser.) -- C:\Windows\system32\WLANExt.exe [77312] [PID.4088]
      [MD5.CF87A1DE791347E75B98885214CED2B8] - (.Microsoft Corporation - Service de la plateforme de protection logi.) -- C:\Windows\system32\sppsvc.exe [3179520] [PID.4576]
      ~ Processes Running: Scanned in 00mn 02s



      ---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
      C:\Users\pierrot\AppData\Local\Google\Chrome\User Data\Default\Preferences
      G2 - GCE: Preference [User Data\Default] [nmmhkkegccagdldgiimedpiccmgmieda] Google\u00C2 Wallet v.0.0.6.0 (Activé)
      ~ Google Browser: 11 Legitimates Filtered in 03mn 02s



      ---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
      C:\Users\pierrot\AppData\Roaming\Mozilla\Firefox\Profiles\rh29j0kd.default\prefs.js
      C:\Users\pierrot\AppData\Roaming\Mozilla\Firefox\Profiles\zns3e3ac.default\prefs.js
      P2 - FPN: [HKLM] [@divx.com/DivX Browser Plugin,version=1.0.0] - (...) -- C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (.not file.)
      P2 - FPN: [HKLM] [@divx.com/DivX VOD Helper,version=1.0.0] - (...) -- C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (.not file.)
      ~ Firefox Browser: 27 Legitimates Filtered in 00mn 00s



      ---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
      R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Pando Networks - Pando Web Plugin.) (No version) -- (.not file.)
      ~ IE Browser: 11 Legitimates Filtered in 00mn 00s



      ---\\ Internet Explorer, Proxy Management (R5)
      R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
      R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
      R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
      R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
      R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
      ~ Proxy management: Scanned in 00mn 00s



      ---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
      F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
      F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
      F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
      ~ Keys: Scanned in 00mn 00s



      ---\\ Hosts file redirection (O1)
      ~ Le fichier hosts est sain (The hosts file is clean).
      ~ Hosts File: Scanned in 00mn 07s
      ~ Nombre de lignes (Lines number): 26



      ---\\ Autres liens utilisateurs (O4)
      O4 - GS\Desktop [Public]: Battle.net.lnk . (.Blizzard Entertainment - Battle.net Setup.) -- C:\Program Files\Battle.net\Battle.net Launcher.exe
      O4 - GS\Desktop [Public]: Brutal Legend.lnk . (...) -- G:\Brutal legend\Brutal Legend\BrutalLegend.exe (.not file.)
      O4 - GS\Desktop [Public]: Hearthstone.lnk . (.Blizzard Entertainment - Hearthstone Setup.) -- C:\Program Files\Hearthstone\Hearthstone Beta Launcher.exe
      O4 - GS\Desktop [Public]: TeamSpeak 3 Client.lnk . (.TeamSpeak Systems GmbH - TeamSpeak 3 Client.) -- C:\Program Files\TeamSpeak 3 Client\ts3client_win32.exe
      O4 - GS\Program [Public]: Brutal Legend.lnk . (...) -- G:\Brutal legend\Brutal Legend\BrutalLegend.exe (.not file.)
      O4 - GS\Program [Public]: Chivalry Medieval Warfare.lnk . (...) -- D:\chivalry\Chivalry Medieval Warfare\Binaries\Win32\UDK.exe (.not file.)
      O4 - GS\Program [Public]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
      O4 - GS\QuickLaunch [pierrot]: Easy Audio Cutter.lnk . (...) -- C:\Program Files\Free mp3 Wma Converter\Easy Audio Cutter\AudioCutter.exe (.not file.)
      O4 - GS\QuickLaunch [pierrot]: Free CD Ripper.lnk . (...) -- C:\Program Files\Free mp3 Wma Converter\Free CD Ripper\FreeCDRipper.exe (.not file.)
      O4 - GS\QuickLaunch [pierrot]: Free Mp3 Wma Converter.lnk . (...) -- C:\Program Files\Free mp3 Wma Converter\FreeConverter\FreeConverter.exe (.not file.)
      O4 - GS\QuickLaunch [pierrot]: KVIrc.lnk . (...) -- C:\Program Files\KVIrc\kvirc.exe (.not file.)
      O4 - GS\QuickLaunch [pierrot]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
      O4 - GS\QuickLaunch [pierrot]: VMware Player.lnk . (.VMware, Inc. - VMware Player.) -- C:\Program Files\VMware\VMware Player\vmplayer.exe
      O4 - GS\TaskBar [pierrot]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Users\pierrot\AppData\Local\Google\Chrome\Application\chrome.exe
      O4 - GS\TaskBar [pierrot]: Minecraft (1).lnk . (...) -- C:\Users\pierrot\Downloads\Minecraft (1).exe
      O4 - GS\TaskBar [pierrot]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
      O4 - GS\TaskBar [pierrot]: SSH, Telnet and Rlogin client.lnk . (...) -- C:\Users\pierrot\Desktop\putty.exe (.not file.)
      O4 - GS\TaskBar [pierrot]: TeamSpeak 3 Client.lnk . (.TeamSpeak Systems GmbH - TeamSpeak 3 Client.) -- C:\Program Files\TeamSpeak 3 Client\ts3client_win32.exe
      O4 - GS\TaskBar [pierrot]: wperl.lnk . (...) -- C:\strawberry\perl\bin\wperl.exe
      O4 - GS\Program [pierrot]: Chat-Land messenger.lnk . (...) -- C:\Users\pierrot\chat-land\Chat-Landmessenger.exe (.not file.) =>Hijacker.ChercheUS
      O4 - GS\Program [pierrot]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
      O4 - GS\SystemTools [pierrot]: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
      O4 - GS\Desktop [pierrot]: Chromium.lnk . (.Escolade Solutions LTD - Oxy.) -- C:\Users\pierrot\AppData\Local\Oxy\Application\oxy.exe
      O4 - GS\Desktop [pierrot]: Explor@ Park.lnk . (...) -- G:\ordi Zayan\VTech\DownloadManager\System\AgentMonitor.exe
      O4 - GS\Desktop [pierrot]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Users\pierrot\AppData\Local\Google\Chrome\Application\chrome.exe
      O4 - GS\Desktop [pierrot]: PS3 Media Server.lnk . (.PS3 Media Server - PS3 Media Server.) -- D:\PS3 Media Server\PMS.exe
      ~ Global Startup: 85 Legitimates Filtered in 00mn 08s



      ---\\ Applications lancées au démarrage du sytème (O4)
      O4 - GS\Startup [Public]: OpenVPN Client.lnk . (...) -- C:\Program Files\OpenVPN Technologies\OpenVPN Client\core\uiboot.exe
      O4 - GS\Startup [Public]: Ralink Wireless Utility.lnk . (.Ralink Technology, Corp. - Ralink Wireless LAN Card Utility.) -- C:\Program Files\Ralink\Common\RaUI.exe
      O4 - HKLM\..\Run: [CanonMyPrinter] . (.CANON INC. - Canon My Printer.) -- C:\Program Files\Canon\MyPrinter\BJMyPrt.exe
      O4 - HKLM\..\Run: [CanonSolutionMenuEx] . (.CANON INC. - Canon Solution Menu EX.) -- C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.exe
      O4 - HKLM\..\Run: [IJNetworkScannerSelectorEX] . (.CANON INC. - Canon IJ Network Scanner Selector EX.) -- C:\Program Files\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
      O4 - HKLM\..\Run: [SunJavaUpdateSched] . (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe =>.Oracle Corporation
      O4 - HKLM\..\Run: [AgentMonitor] . (.Pas de propriétaire - AgentMon Application.) -- G:\ordi Zayan\VTech\DownloadManager\System\AgentMonitor.exe
      O4 - HKCU\..\Run: [Google Update] . (.Google Inc. - Programme d'installation de Google.) -- C:\Users\pierrot\AppData\Local\Google\Update\GoogleUpdate.exe =>.Google Inc
      O4 - HKCU\..\Run: [SuperCopier2.exe] . (.SFX TEAM - SuperCopier 2 (explorer file copy replaceme.) -- C:\Program Files\SuperCopier2\SuperCopier2.exe
      O4 - HKCU\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe =>.Microsoft Corporation
      O4 - HKCU\..\Run: [DAEMON Tools Lite] . (.DT Soft Ltd - DAEMON Tools Lite.) -- C:\Program Files\DAEMON Tools Lite\DTLite.exe =>.DT Soft Ltd
      O4 - HKCU\..\Run: [Steam] . (.Valve Corporation - Steam Client Bootstrapper (buildbot_winslav.) -- G:\Steam\steam.exe
      O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation
      O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation
      O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
      O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
      O4 - HKUS\S-1-5-21-2685745190-3337387317-3771212626-1000\..\Run: [Google Update] . (.Google Inc. - Programme d'installation de Google.) -- C:\Users\pierrot\AppData\Local\Google\Update\GoogleUpdate.exe =>.Google Inc
      O4 - HKUS\S-1-5-21-2685745190-3337387317-3771212626-1000\..\Run: [SuperCopier2.exe] . (.SFX TEAM - SuperCopier 2 (explorer file copy replaceme.) -- C:\Program Files\SuperCopier2\SuperCopier2.exe
      O4 - HKUS\S-1-5-21-2685745190-3337387317-3771212626-1000\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe =>.Microsoft Corporation
      O4 - HKUS\S-1-5-21-2685745190-3337387317-3771212626-1000\..\Run: [DAEMON Tools Lite] . (.DT Soft Ltd - DAEMON Tools Lite.) -- C:\Program Files\DAEMON Tools Lite\DTLite.exe =>.DT Soft Ltd
      O4 - HKUS\S-1-5-21-2685745190-3337387317-3771212626-1000\..\Run: [Steam] . (.Valve Corporation - Steam Client Bootstrapper (buildbot_winslav.) -- G:\Steam\steam.exe
      ~ Application: Scanned in 00mn 00s



      ---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
      O9 - Extra button: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} . (.Microsoft Corporation - Microsoft OneNote Internet Explorer Add-in.) -- C:\Program Files\MICROS~1\Office14\ONBttnIE.dll =>.Microsoft Corporation
      O9 - Extra button: Notes &liées OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} . (.Microsoft Corporation - Microsoft OneNote Internet Explorer Add-in.) -- C:\Program Files\MICROS~1\Office14\ONBTTN~1.dll =>.Microsoft Corporation
      O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} . (...) -- C:\Program Files\Skype\Toolbars\Internet Explorer\icon.ico
      O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (...) -- C:\Program Files\Microsoft Office\Office12\REFBARH.ICO
      ~ IE Extra Buttons: Scanned in 00mn 00s



      ---\\ Modification Domaine/Adresses DNS (O17)
      O17 - HKLM\System\CCS\Services\Tcpip\..\{D6622DA2-0BF7-4C71-B777-6CD2FAC3EDB7}: DhcpNameServer = 192.168.1.1
      O17 - HKLM\System\CS1\Services\Tcpip\..\{D6622DA2-0BF7-4C71-B777-6CD2FAC3EDB7}: DhcpNameServer = 192.168.1.1
      O17 - HKLM\System\CS2\Services\Tcpip\..\{D6622DA2-0BF7-4C71-B777-6CD2FAC3EDB7}: NameServer = 8.8.8.8,8.8.4.4
      O17 - HKLM\System\CS2\Services\Tcpip\..\{D6622DA2-0BF7-4C71-B777-6CD2FAC3EDB7}: DhcpNameServer = 192.168.1.1
      O17 - HKLM\System\CCS\Services\Tcpip\Parameters: SearchList = pierrot.lan
      O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
      ~ Domain: Scanned in 00mn 00s



      ---\\ Protocole additionnel (O18)
      O18 - Handler: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll =>.Microsoft Corporation
      O18 - Filter: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.dll =>.Microsoft Corporation
      ~ Protocole Additionnel: Scanned in 00mn 00s



      ---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
      O20 - AppInit_DLLs: . (...) - C:\ProgramData\WinWeb protection\WinWebprotection.dll
      ~ AppInit DLL: Scanned in 00mn 00s



      ---\\ Liste des services NT non Microsoft et non désactivés (O23)
      O23 - Service: WinWeb protection (89f7ebe4) . (...) - C:\Program Files\winweb~1\WinWebprotectionSvc.dll (.not file.)
      O23 - Service: OpenVPN Access Client (OpenVPNAccessClient) . (...) - C:\Program Files\OpenVPN Technologies\OpenVPN Client\core\capiws.exe
      O23 - Service: VTechUSBSocketService (VTechUSBSocketService) . (.VTech - VTech Service Installer.) - G:\ordi Zayan\VTech\DownloadManager\Applications\AppAccessory\12051\VTechUSBSocketService\VTechServiceInstaller.exe
      ~ Services: 14 Legitimates Filtered in 01mn 13s



      ---\\ Tâches planifiées en automatique (O39)
      O39 - APT:Automatic Planified Task - C:\Windows\Tasks\AutoKMS.job [294]
      [MD5.00000000000000000000000000000000] [APT] [{03548914-2CCF-4A4B-8725-9F3FF9C337BF}] (...) -- C:\Users\pierrot\chat-land\UChatLand.exe (.not file.) [0] =>Hijacker.ChercheUS
      [MD5.00000000000000000000000000000000] [APT] [{6234AF4E-54E0-482F-83CC-6298D04E2BBA}] (...) -- D:\The Elder Scrolls V Skyrim\TESV.exe (.not file.) [0]
      [MD5.00000000000000000000000000000000] [APT] [{B1DF23F5-235B-4BEA-A8FE-A20796AC0020}] (...) -- C:\Program Files\Claro LTD\claro\1.8.8.5\GUninstaller.exe (.not file.) [0] =>PUP.ClaroSearch
      [MD5.00000000000000000000000000000000] [APT] [{FFD168B3-18C3-4B20-84E6-EACF586D3F34}] (...) -- D:\The Elder Scrolls V Skyrim\TESV.exe (.not file.) [0]
      ~ Scheduled Task: 17 Legitimates Filtered in 00mn 16s



      ---\\ Logiciels installés (O42)
      O42 - Logiciel: BrowseToSave - (...) [HKLM] -- {F9474663-1411-4529-A7C2-5C3322A46495} =>Adware.Browse2Save
      O42 - Logiciel: Brutal Legend version 1 - (...) [HKLM] -- QnJ1dGFsIExlZ2VuZA==_is1
      O42 - Logiciel: Eye 110 - (...) [HKLM] -- {C679F9B9-C65D-4C65-BD6C-BF90B859E281}
      O42 - Logiciel: No More Room in Hell - (.No More Room in Hell Team.) [HKLM] -- Steam App 224260
      O42 - Logiciel: WinWeb protection - (.PlanetCore.) [HKLM] -- {5F189DF5-2D05-472B-9091-84D9848AE48B}{89f7ebe4}
      ~ Logic: 23 Legitimates Filtered in 00mn 04s



      ---\\ HKCU & HKLM Software Keys
      [HKCU\Software\Conduit] =>Toolbar.Conduit
      [HKCU\Software\Emtec]
      [HKCU\Software\IM]
      [HKCU\Software\IncrediMail]
      [HKCU\Software\Pando Networks]
      [HKCU\Software\Softonic] =>Toolbar.Conduit
      [HKLM\Software\685D6D1C-D73A-4F37-B7E5E53660311DDB]
      [HKLM\Software\Conduit] =>Toolbar.Conduit
      [HKLM\Software\Dejan0]
      [HKLM\Software\Dejan1]
      [HKLM\Software\Dejan2]
      [HKLM\Software\Dejan3]
      [HKLM\Software\Emtec]
      [HKLM\Software\IncrediMail]
      [HKLM\Software\Nom de votre sociét]
      [HKLM\Software\Pando Networks]
      [HKLM\Software\SP Global] =>PUP.AdvancedSystemProtector
      [HKLM\Software\SProtector] =>PUP.Mocaflix
      [HKLM\Software\Vittalia] =>PUP.Vittalia
      ~ Key Software: 326 Legitimates Filtered in 00mn 04s



      ---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
      O43 - CFD: 28/12/2013 - 23:17:43 - [0] ----D C:\Program Files\BrowseToSave =>Adware.Browse2Save
      O43 - CFD: 27/01/2013 - 13:21:44 - [115,946] ----D C:\Program Files\glassfish-3.1.2.2
      O43 - CFD: 05/12/2011 - 22:40:18 - [7,134] ----D C:\Program Files\Pando Networks
      O43 - CFD: 01/01/2014 - 15:51:18 - [0,002] ----D C:\ProgramData\1409411e1f0bea8e
      O43 - CFD: 07/04/2013 - 14:38:00 - [0,025] ----D C:\ProgramData\BBrowsee2sAove =>Adware.Browse2Save
      O43 - CFD: 05/10/2013 - 21:46:40 - [4,159] ----D C:\ProgramData\InstallMate =>PUP.Tarma
      O43 - CFD: 01/01/2014 - 15:51:12 - [0,007] ----D C:\ProgramData\ogefojeehnajpbfgfbpligkeieoobjgn
      O43 - CFD: 04/01/2014 - 12:47:26 - [0,007] ----D C:\ProgramData\RanedomPricce =>PUP.RandomPrice
      O43 - CFD: 04/01/2014 - 12:47:26 - [0,007] ----D C:\ProgramData\SaveLoTs
      O43 - CFD: 28/12/2013 - 23:17:58 - [4,360] ----D C:\ProgramData\WinWeb protection
      O43 - CFD: 05/01/2014 - 22:07:56 - [0] ----D C:\Users\pierrot\AppData\Roaming\Oxy
      O43 - CFD: 25/07/2012 - 12:10:35 - [0] ----D C:\Users\pierrot\AppData\Roaming\Toad Data Modeler Freeware
      O43 - CFD: 05/01/2014 - 22:06:01 - [77,768] ----D C:\Users\pierrot\AppData\Local\Oxy
      O43 - CFD: 09/04/2013 - 21:57:38 - [0,017] ----D C:\Users\pierrot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Programmes audio
      ~ 369 Dossiers CLSID vides (CLSID Empty Folders)
      ~ Program Folder: 628 Legitimates Filtered in 02mn 33s



      ---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
      O44 - LFC:[MD5.4AC1E8599B98226A3E98604226A2AD97] - 06/01/2014 - 21:24:59 --HA- . (...) -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [28288]
      O44 - LFC:[MD5.4AC1E8599B98226A3E98604226A2AD97] - 06/01/2014 - 21:24:59 --HA- . (...) -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [28288]
      ~ Files: 12 Legitimates Filtered in 00mn 10s



      ---\\ Derniers fichiers créés dans Windows Prefetcher (O45)
      O45 - LFCP:[MD5.07E13F41252F46B49AA7B41FA78A3EDF] - 06/01/2014 - 10:41:24 ---A- - C:\Windows\Prefetch\WLRMDR.EXE-C2B47318.pf
      O45 - LFCP:[MD5.E32770840B83871549B394B74A34E222] - 06/01/2014 - 20:57:39 ---A- - C:\Windows\Prefetch\RAMEDIASERVER.EXE-EDE1787E.pf
      ~ Prefetcher: 66 Legitimates Filtered in 00mn 00s



      ---\\ Clé de registre Shell MountPoints2 (MPKS) (O51)
      O51 - MPSK:{93479e9b-ec60-11e2-87f8-00241d93e602}\AutoRun\command. (...) -- H:\HTC_Sync_Manager_PC.exe (.not file.)
      O51 - MPSK:{d3852023-e929-11e2-a398-00241d93e602}\AutoRun\command. (...) -- H:\AutoRun.exe (.not file.)
      ~ Keys: Scanned in 00mn 00s



      ---\\ Enumération des clés de registre StartupReg (SMSR) (O53)
      O53 - SMSR:HKLM\...\startupreg\Chat-Landmessenger [Key] . (...) -- C:\Users\pierrot\Chat-land\Chat-Landmessenger.exe (.not file.) =>Hijacker.ChercheUS
      ~ SMSR Keys: 10 Legitimates Filtered in 00mn 00s



      ---\\ Enumération des clés de registre PoliciesSystem (MWPS) (O55)
      O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=0
      O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
      O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=0
      O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
      ~ MWPS: 16 Legitimates Filtered in 00mn 00s



      ---\\ Liste des pilotes du système (SDL) (O58)
      O58 - SDL:[MD5.67BAA789B7216F8B2CAC097FBD92F78F] - 22/12/2009 - 12:43:42 ---A- . (.Windows (R) Win 7 DDK provider - BulkUsb Driver.) -- C:\Windows\System32\Drivers\br_mcu2usb.sys [19968]
      O58 - SDL:[MD5.FB38473835476A6FB272215A1D972AF9] - 26/01/2012 - 18:59:24 ---A- . (.DT Soft Ltd - DAEMON Tools Virtual Bus Driver.) -- C:\Windows\System32\Drivers\dtsoftbus01.sys [239168]
      O58 - SDL:[MD5.0ED67910C8C326796FAA00B2BF6D9D3C] - 14/07/2009 - 02:20:28 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\System32\Drivers\elxstor.sys [453712]
      O58 - SDL:[MD5.C44E3C2BAB6837DB337DDEE7544736DB] - 13/07/2009 - 23:54:14 ---A- . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\System32\Drivers\hcw85cir.sys [26624]
      O58 - SDL:[MD5.9482616A0F87384C5AFB5F34A317BF6C] - 25/10/2007 - 17:31:08 ---A- . (.PixArt Imaging Inc. - PFC027.) -- C:\Windows\System32\Drivers\PFC027.SYS [616064]
      O58 - SDL:[MD5.DB32D325C192B801DF274BFD12A7E72B] - 14/07/2009 - 02:19:04 ---A- . (.Promise Technology - Promise SuperTrak EX Series Driver for Windows.) -- C:\Windows\System32\Drivers\stexstor.sys [21072]
      O58 - SDL:[MD5.A089FA4AF3D36AE69A349627A15BCA4C] - 08/12/2011 - 22:15:40 ---A- . (...) -- C:\Windows\System32\Drivers\SWDUMon.sys [12984]
      O58 - SDL:[MD5.8CF6E2AE1707D82E904ECCA68CEF8B87] - 15/12/2011 - 18:29:42 ---A- . (.The OpenVPN Project - TAP-Win32 Virtual Network Driver.) -- C:\Windows\System32\Drivers\tap0901.sys [26624]
      O58 - SDL:[MD5.827C8058C284FF0013E4462EFE2591A3] - 03/08/2010 - 16:25:28 ---A- . (.The OpenVPN Project - TAP-Win32 Virtual Network Driver.) -- C:\Windows\System32\Drivers\tapoas.sys [26112]
      O58 - SDL:[MD5.8AAD333C876590293F72B315E162BCC7] - 13/07/2009 - 22:40:41 ---A- . (...) -- C:\Windows\System32\ANSI.SYS [9029]
      O58 - SDL:[MD5.0FE9F16075C9ACB941C957B7C649176E] - 13/07/2009 - 22:40:44 ---A- . (...) -- C:\Windows\System32\country.sys [27097]
      O58 - SDL:[MD5.E6BC0F98FECEF245A0010D350C1A0B9B] - 13/07/2009 - 22:40:40 ---A- . (...) -- C:\Windows\System32\HIMEM.SYS [4768]
      O58 - SDL:[MD5.492090267B9608C62B956CD29BE3AFB7] - 13/07/2009 - 22:40:43 ---A- . (...) -- C:\Windows\System32\KEY01.SYS [42809]
      O58 - SDL:[MD5.FBBCFEC1379C5C02D88A361993EDF1B8] - 13/07/2009 - 22:40:43 ---A- . (...) -- C:\Windows\System32\KEYBOARD.SYS [42537]
      O58 - SDL:[MD5.FFFF296A08DBF2AC0126C62E3778AC0D] - 13/07/2009 - 22:40:23 ---A- . (...) -- C:\Windows\System32\NTDOS.SYS [27866]
      O58 - SDL:[MD5.CF9ED169FF86D935E47999E82359E898] - 13/07/2009 - 22:40:31 ---A- . (...) -- C:\Windows\System32\NTDOS404.SYS [29146]
      O58 - SDL:[MD5.03B945AC0481CD8BB161C3569D8ED1C3] - 13/07/2009 - 22:40:35 ---A- . (...) -- C:\Windows\System32\NTDOS411.SYS [29370]
      O58 - SDL:[MD5.BBC957DC18C17CC027EB80B7C77F2AEA] - 13/07/2009 - 22:40:39 ---A- . (...) -- C:\Windows\System32\NTDOS412.SYS [29274]
      O58 - SDL:[MD5.3CFFAEFFF23B0D208214A6D3061A5B1B] - 13/07/2009 - 22:40:27 ---A- . (...) -- C:\Windows\System32\NTDOS804.SYS [29146]
      O58 - SDL:[MD5.2E4112FB7D1B76E11ADFD7487B5D0E95] - 13/07/2009 - 22:40:11 ---A- . (...) -- C:\Windows\System32\NTIO.SYS [33952]
      O58 - SDL:[MD5.A98EBD4C2DF983665BF2D1AF49949974] - 13/07/2009 - 22:40:15 ---A- . (...) -- C:\Windows\System32\NTIO404.SYS [34672]
      O58 - SDL:[MD5.3F7E6406EDEF197C5CAAB2240EEF6F48] - 13/07/2009 - 22:40:17 ---A- . (...) -- C:\Windows\System32\NTIO411.SYS [35776]
      O58 - SDL:[MD5.3E64D681B776CC57BDC38A46D881F85B] - 13/07/2009 - 22:40:19 ---A- . (...) -- C:\Windows\System32\NTIO412.SYS [35536]
      O58 - SDL:[MD5.D86B6435729231C171432B4E77801BDB] - 13/07/2009 - 22:40:13 ---A- . (...) -- C:\Windows\System32\NTIO804.SYS [34672]
      ~ Drivers: 16 Legitimates Filtered in 00mn 07s



      ---\\ Derniers fichiers modifiés ou crées (Utilisateur) (O61)
      O61 - LFC: 05/01/2014 - 21:28:38 ---A- . (...) -- C:\Users\pierrot\AppData\Local\Chromium\User Data\Default\Archived History [57344]
      O61 - LFC: 05/01/2014 - 21:28:38 ---A- . (...) -- C:\Users\pierrot\AppData\Local\Chromium\User Data\Default\Archived History-journal [16384]
      O61 - LFC: 05/01/2014 - 21:28:38 ---A- . (...) -- C:\Users\pierrot\AppData\Local\Chromium\User Data\Default\Cookies [26624]
      O61 - LFC: 05/01/2014 - 21:28:38 ---A- . (...) -- C:\Users\pierrot\AppData\Local\Chromium\User Data\Default\Cookies-journal [16384]
      O61 - LFC: 05/01/2014 - 21:28:38 ---A- . (...) -- C:\Users\pierrot\AppData\Local\Chromium\User Data\Default\Current Session [817]
      O61 - LFC: 05/01/2014 - 21:28:38 ---A- . (...) -- C:\Users\pierrot\AppData\Local\Chromium\User Data\Default\Current Tabs [514]
      O61 - LFC: 05/01/2014 - 21:28:38 ---A- . (...) -- C:\Users\pierrot\AppData\Local\Chromium\User Data\Default\Extension State\CURRENT [16]
      O61 - LFC: 05/01/2014 - 21:28:38 ---A- . (...) -- C:\Users\pierrot\AppData\Local\Chromium\User Data\chrome_shutdown_ms.txt [4]
      O61 - LFC: 05/01/2014 - 21:28:39 ---A- . (...) -- C:\Users\pierrot\AppData\Local\Chromium\User Data\Default\Extension State\LOG [0]
      O61 - LFC: 05/01/2014 - 21:28:39 ---A- . (...) -- C:\Users\pierrot\AppData\Local\Chromium\User Data\Default\Extension State\LOG.old [793]
      O61 - LFC: 05/01/2014 - 21:28:39 ---A- . (...) -- C:\Users\pierrot\AppData\Local\Chromium\User Data\Default\Extension State\MANIFEST-000002 [172] =>.Google Inc
      O61 - LFC: 05/01/2014 - 21:28:39 ---A- . (...) -- C:\Users\pierrot\AppData\Local\Chromium\User Data\Default\Extension State\MANIFEST-001456 [1096] =>.Google Inc
      O61 - LFC: 05/01/2014 - 21:28:39 ---A- . (...) -- C:\Users\pierrot\AppData\Local\Chromium\User Data\Default\Favicons [20480]
      O61 - LFC: 05/01/2014 - 21:28:39 ---A- . (...) -- C:\Users\pierrot\AppData\Local\Chromium\User Data\Default\Favicons-journal [16384]
      O61 - LFC: 05/01/2014 - 21:28:39 ---A- . (...) -- C:\Users\pierrot\AppData\Local\Chromium\User Data\Default\History [90112]
      O61 - LFC: 05/01/2014 - 21:28:39 ---A- . (...) -- C:\Users\pierrot\AppData\Local\Chromium\User Data\Default\History Index 2013-05 [36864]
      O61 - LFC: 05/01/2014 - 21:28:39 ---A- . (...) -- C:\Users\pierrot\AppData\Local\Chromium\User Data\Default\History Index 2013-05-journal [16384]
      O61 - LFC: 05/01/2014 - 21:28:39 ---A- . (...) -- C:\Users\pierrot\AppData\Local\Chromium\User Data\Default\History Index 2013-11 [36864]
      O61 - LFC: 05/01/2014 - 21:28:39 ---A- . (...) -- C:\Users\pierrot\AppData\Local\Chromium\User Data\Default\History Index 2013-11-journal [16384]
      O61 - LFC: 05/01/2014 - 21:28:39 ---A- . (...) -- C:\Users\pierrot\AppData\Local\Chromium\User Data\Default\History Index 2013-12 [36864]
      O61 - LFC: 05/01/2014 - 21:28:39 ---A- . (...) -- C:\Users\pierrot\AppData\Local\Chromium\User Data\Default\History Index 2013-12-journal [16384]
      O61 - LFC: 05/01/2014 - 21:28:40 ---A- . (...) -- C:\Users\pierrot\AppData\Local\Chromium\User Data\Default\History Index 2014-01 [36864]
      O61 - LFC: 05/01/2014 - 21:28:40 ---A- . (...) -- C:\Users\pierrot\AppData\Local\Chromium\User Data\Default\History Index 2014-01-journal [16384]
      O61 - LFC: 05/01/2014 - 21:28:40 ---A- . (...) -- C:\Users\pierrot\AppData\Local\Chromium\User Data\Default\History Provider Cache [494]
      O61 - LFC: 05/01/2014 - 21:28:40 ---A- . (...) -- C:\Users\pierrot\AppData\Local\Chromium\User Data\Default\History-journal [16384]
      O61 - LFC: 05/01/2014 - 21:28:40 ---A- . (...) -- C:\Users\pierrot\AppData\Local\Chromium\User Data\Default\Last Session [59]
      O61 - LFC: 05/01/2014 - 21:28:40 ---A- . (...) -- C:\Users\pierrot\AppData\Local\Chromium\User Data\Default\Local Storage\chrome-extension_djedmhnojidjdlnbidmcolkmkbgmomja_0.localstorage [10240]
      O61 - LFC: 05/01/2014 - 21:28:40 ---A- . (...) -- C:\Users\pierrot\AppData\Local\Chromium\User Data\Default\Local Storage\chrome-extension_djedmhnojidjdlnbidmcolkmkbgmomja_0.localstorage-journal [10832]
      O61 - LFC: 05/01/2014 - 21:28:40 ---A- . (...) -- C:\Users\pierrot\AppData\Local\Chromium\User Data\Default\Managed Mode Settings [8]
      O61 - LFC: 05/01/2014 - 21:28:40 ---A- . (...) -- C:\Users\pierrot\AppData\Local\Chromium\User Data\Default\Origin Bound Certs [15360]
      O61 - LFC: 05/01/2014 - 21:28:40 ---A- . (...) -- C:\Users\pierrot\AppData\Local\Chromium\User Data\Default\Origin Bound Certs-journal [13928]
      O61 - LFC: 05/01/2014 - 21:28:40 ---A- . (...) -- C:\Users\pierrot\AppData\Local\Chromium\User Data\Default\Preferences [76259]
      O61 - LFC: 05/01/2014 - 21:28:40 ---A- . (...) -- C:\Users\pierrot\AppData\Local\Chromium\User Data\Default\Session Storage\CURRENT [16]
      O61 - LFC: 05/01/2014 - 21:28:40 ---A- . (...) -- C:\Users\pierrot\AppData\Local\Chromium\User Data\Default\Session Storage\LOG [316]
      O61 - LFC: 05/01/2014 - 21:28:40 ---A- . (...) -- C:\Users\pierrot\AppData\Local\Chromium\User Data\Default\Session Storage\LOG.old [361]
      O61 - LFC: 05/01/2014 - 21:28:40 ---A- . (...) -- C:\Users\pierrot\AppData\Local\Chromium\User Data\Default\Session Storage\MANIFEST-000398 [288] =>.Google Inc
      O61 - LFC: 05/01/2014 - 21:28:40 ---A- . (...) -- C:\Users\pierrot\AppData\Local\Chromium\User Data\Default\Top Sites [20480]
      O61 - LFC: 05/01/2014 - 21:28:40 ---A- . (...) -- C:\Users\pierrot\AppData\Local\Chromium\User Data\Default\Top Sites-journal [12824]
      O61 - LFC: 05/01/2014 - 21:28:40 ---A- . (...) -- C:\Users\pierrot\AppData\Local\Chromium\User Data\Default\User StyleSheets\Custom.css [0]
      O61 - LFC: 05/01/2014 - 21:28:40 ---A- . (...) -- C:\Users\pierrot\AppData\Local\Chromium\User Data\Default\Visited Links [131072]
      O61 - LFC: 05/01/2014 - 21:28:40 ---A- . (...) -- C:\Users\pierrot\AppData\Local\Chromium\User Data\Default\Web Data [75776]
      O61 - LFC: 05/01/2014 - 21:28:40 ---A- . (...) -- C:\Users\pierrot\AppData\Local\Chromium\User Data\Default\Web Data-journal [16384]
      O61 - LFC: 05/01/2014 - 21:28:40 ---A- . (...) -- C:\Users\pierrot\AppData\Local\Chromium\User Data\Local State [59101]
      O61 - LFC: 05/01/2014 - 21:28:41 ---A- . (...) -- C:\Users\pierrot\AppData\Local\Chromium\User Data\Safe Browsing Cookies [6144]
      O61 - LFC: 05/01/2014 - 21:28:41 ---A- . (...) -- C:\Users\pierrot\AppData\Local\Chromium\User Data\Safe Browsing Cookies-journal [4640]
      O61 - LFC: 05/01/2014 - 21:29:13 ---A- . (...) -- C:\Users\pierrot\AppData\Local\Oxy\Application\First Run [0]
      O61 - LFC: 05/01/2014 - 21:30:28 ---A- . (...) -- C:\Users\pierrot\AppData\Roaming\Oxy\config.xml [314]
      O61 - LFC: 06/01/2014 - 21:28:42 ---A- . (...) -- C:\Users\pierrot\AppData\Local\Google\Chrome\User Data\Certificate Revocation Lists [264941]
      O61 - LFC: 06/01/2014 - 21:29:04 ---A- . (...) -- C:\Users\pierrot\AppData\Local\Google\Chrome\User Data\Local State [62215]
      O61 - LFC: 06/01/2014 - 21:30:29 ---A- . (...) -- C:\Users\pierrot\AppData\Roaming\ZHP\Log.txt [15190] =>.Nicolas Coolman
      O61 - LFC: 06/01/2014 - 21:30:29 ---A- . (...) -- C:\Users\pierrot\AppData\Roaming\ZHP\TestsZHPDiag.txt [2860] =>.Nicolas Coolman
      ~ 43 Fichiers temporaires (Temporary files)
      ~ Files: 961 Legitimates Filtered in 02mn 09s



      ---\\ Fichiers Alternate Data Stream (ADS) (O62)
      O62 - ADS:Alternate Data Stream File - C:\Windows\System32\d3dx9_42.dll:Zone.Identifier
      ~ ADS: Scanned in 00mn 07s



      ---\\ Liste des outils de désinfection (LATC) (O63)
      O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
      ~ ADS: Scanned in 00mn 00s



      ---\\ Menu de démarrage Internet (SMI) (O68)
      O68 - StartMenuInternet: <Chromium.C3DAUQBGZUV6OF7HL7RBKKZDLA> <Chromium>[HKLM\..\Shell\open\Command] (.Escolade Solutions LTD - Oxy.) -- C:\Users\pierrot\AppData\Local\Oxy\Application\oxy.exe
      O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
      O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Users\pierrot\AppData\Local\Google\Chrome\Application\chrome.exe
      O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
      ~ Keys: Scanned in 00mn 00s



      ---\\ Recherche d'infection sur les navigateurs internet (SBI) (O69)
      O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (Bing) - https://www.bing.com/?toHttps=1&redig=69DA0EF8272048D9864AF4DB37211DE8
      O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} - (Bing) - https://www.bing.com/?toHttps=1&redig=69DA0EF8272048D9864AF4DB37211DE8
      ~ Keys: Scanned in 00mn 00s



      ---\\ Enumère les fichiers Crack & Keygen (CKF) (O82)
      C:\Users\pierrot\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_keygenfiles.com_0.localstorage
      C:\Users\pierrot\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_keygenfiles.com_0.localstorage-journal
      C:\Users\pierrot\AppData\Local\Temp\Download_133B\{Hearthstone_Keygen}_Downloader.exe
      C:\Users\pierrot\AppData\Local\Temp\{Hearthstone Keygen}Download_3645\{Hearthstone_Keygen}_Downloader.exe
      C:\Users\pierrot\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_keygenfiles.com_0.localstorage
      C:\Users\pierrot\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_keygenfiles.com_0.localstorage-journal
      C:\Users\pierrot\AppData\Local\Temp\Download_133B\{Hearthstone_Keygen}_Downloader.exe
      C:\Users\pierrot\AppData\Local\Temp\{Hearthstone Keygen}Download_3645\{Hearthstone_Keygen}_Downloader.exe
      ~ Files: Scanned in 02mn 13s



      ---\\ Recherche particulière à la racine du système (SPRF) (O84)
      [MD5.FE106A2F4D67EE4B677AB6B8FA18CF40] [SPRF][22/03/2013] (...) -- C:\Users\pierrot\AppData\Local\Temp\instloffer.exe [196336]
      [MD5.9F4A92C7E3DDD525BC6624E0233C31E7] [SPRF][05/01/2014] (.Amônétízé Ltd - Installer.) -- C:\Users\pierrot\AppData\Local\Temp\setup.exe [337448]
      [MD5.3433CDC9B6A08060F555A26F571CB128] [SPRF][05/01/2014] (...) -- C:\Users\pierrot\AppData\Local\Temp\tmp4E1B.exe [72232]
      [MD5.A9F2EEA910CD28E2FD7A30341A5063C6] [SPRF][05/01/2014] (.FINEDREAM INVEST LTD - Oxy Setup.) -- C:\Users\pierrot\AppData\Local\Temp\tmp5E97.exe [46105760]
      [MD5.3433CDC9B6A08060F555A26F571CB128] [SPRF][05/01/2014] (...) -- C:\Users\pierrot\AppData\Local\Temp\tmp8218.exe [72232]
      [MD5.3433CDC9B6A08060F555A26F571CB128] [SPRF][05/01/2014] (...) -- C:\Users\pierrot\AppData\Local\Temp\tmp981A.exe [72232]
      [MD5.3433CDC9B6A08060F555A26F571CB128] [SPRF][05/01/2014] (...) -- C:\Users\pierrot\AppData\Local\Temp\tmpAE2B.exe [72232]
      [MD5.BD408CE142B9E7703D96D026FA1D9D20] [SPRF][27/09/2013] (...) -- C:\Users\pierrot\Desktop\HearthStone Beta Key Generator.exe [483027]
      ~ Files: 21 Legitimates Filtered in 00mn 02s



      ---\\ Liste des exceptions du parefeu (FirewallRules) (O87)
      O87 - FAEL: "TCP Query User{99C6260B-CFA4-433F-A990-EBC6248B963B}C:\program files\kvirc\kvirc.exe" |In - Private - P6 - TRUE | .(...) -- C:\program files\kvirc\kvirc.exe (.not file.)
      O87 - FAEL: "UDP Query User{356ED937-A04F-4BAA-A791-64DAFE5B402A}C:\program files\kvirc\kvirc.exe" |In - Private - P17 - TRUE | .(...) -- C:\program files\kvirc\kvirc.exe (.not file.)
      O87 - FAEL: "TCP Query User{1130423F-A4AF-4B93-8445-7C2226F64AF7}C:\windows\kmsemulator.exe" | In - Private - P6 - TRUE | .(...) -- C:\windows\kmsemulator.exe
      O87 - FAEL: "UDP Query User{9963DC49-DF46-4A8A-9441-B5EE7D9F171C}C:\windows\kmsemulator.exe" | In - Private - P17 - TRUE | .(...) -- C:\windows\kmsemulator.exe
      O87 - FAEL: "{679BF84A-5315-4CF5-BEE8-C0646E8C8213}" | In - Private - P6 - TRUE | .(...) -- C:\Windows\System32\dmwu.exe
      O87 - FAEL: "{F4E92E99-A9D5-4740-9F11-5C86FC99D64C}" | In - Private - P17 - TRUE | .(...) -- C:\Windows\System32\dmwu.exe
      O87 - FAEL: "{4679F6F0-7385-47FA-A9AB-4CFBA010F704}" | In - Public - P6 - TRUE | .(...) -- C:\Windows\System32\dmwu.exe
      O87 - FAEL: "{0C827E6A-FEC8-4211-8625-88462E158910}" | In - Public - P17 - TRUE | .(...) -- C:\Windows\System32\dmwu.exe
      O87 - FAEL: "{765D8A24-0BB4-43FF-8E93-E65C0E2AF8D2}" | In - Private - P6 - TRUE | .(...) -- C:\Users\pierrot\AppData\Local\Oxy\Application\bin\oxy-downloader.exe
      O87 - FAEL: "{28EAA537-B500-4AE7-8240-827354406E4D}" | In - Private - P17 - TRUE | .(...) -- C:\Users\pierrot\AppData\Local\Oxy\Application\bin\oxy-downloader.exe
      ~ Firewall: 273 Legitimates Filtered in 00mn 03s



      ---\\ Enumère les codes produits des logiciels (PUC) (O90)
      O90 - PUC: "F264C71DDFB641017B5D7A4B0894CA7F" . (.Strawberry Perl.) -- C:\Windows\Installer\{D17C462F-6BFD-1014-B7D5-A7B48049ACF7}\i_main_ico
      ~ Update Products: 91 Legitimates Filtered in 00mn 00s



      ---\\ Recherche des packages WindowsInstaller (WIS) (O93) (NTFS)
      [MD5.0EDDB0D2B3A3AF5BE400253B3E587D51] [WIS][06/02/2013] (.strawberryperl.com project - Perl for Win32 operating systems..) -- C:\Windows\Installer\16569.msi [65978368]
      [MD5.F75F288EF3F562C1CB20596906F8C8E8] [WIS][06/11/2012] (.OpenVPN Technologies - OpenVPN Client.) -- C:\Windows\Installer\26750ae.msi [16289280]
      ~ WIS: 93 Legitimates Filtered in 00mn 20s



      ---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
      SS - | Demand 10/12/2013 257416 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
      SS - | Auto 04/04/2013 116648 | (gupdate) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
      SS - | Demand 04/04/2013 116648 | (gupdatem) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
      SS - | Demand 14/11/2011 311928 | (maconfservice) . (.CybelSoft.) - C:\Program Files\ma-config.com\maconfservice.exe
      SS - | Demand 21/01/2013 115608 | (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
      SS - | Demand 15/12/2011 14848 | (OpenVPNService) . (...) - C:\Program Files\OpenVPN\bin\openvpnserv.exe
      SS - | Demand 18/08/2011 625728 | (RaMediaServer) . (...) - C:\Program Files\Ralink\Common\RaMediaServer.exe
      SS - | Auto 13/07/2012 160944 | (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files\Skype\Updater\Updater.exe
      SS - | Demand 06/09/2013 565672 | (Steam Client Service) . (.Valve Corporation.) - C:\Program Files\Common Files\Steam\SteamService.exe
      SS - | Demand 19/02/2010 517096 | (SwitchBoard) . (.Adobe Systems Incorporated.) - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
      SS - | Demand 23/06/2013 22016 | (wampapache) . (.Apache Software Foundation.) - G:\DEV\wamp\bin\apache\apache2.4.4\bin\httpd.exe
      SS - | Demand 23/06/2013 10923520 | (wampmysqld) . (...) - G:\DEV\wamp\bin\mysql\mysql5.6.12\bin\mysqld.exe

      SR - | Auto 10/07/1658 0 | (89f7ebe4) . (...) - C:\Program Files\winweb~1\WinWebprotectionSvc.dll
      SR - | Auto 09/03/2012 163328 | (AMD External Events Utility) . (.AMD.) - C:\Windows\System32\atiesrxx.exe
      SR - | Auto 07/02/2011 138192 | (IJPLMSVC) . (...) - C:\Program Files\Canon\IJPLM\IJPLMSVC.exe
      SR - | Auto 04/04/2013 418376 | (MBAMScheduler) . (.Malwarebytes Corporation.) - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
      SR - | Auto 04/04/2013 701512 | (MBAMService) . (.Malwarebytes Corporation.) - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
      SR - | Auto 12/08/2010 24064 | (OpenVPNAccessClient) . (...) - C:\Program Files\OpenVPN Technologies\OpenVPN Client\core\capiws.exe
      SR - | Auto 31/03/2011 375872 | (RalinkRegistryWriter) . (.Ralink Technology, Corp..) - C:\Program Files\Ralink\Common\RaRegistry.exe
      SR - | Auto 02/10/2012 3064000 | (Skype C2C Service) . (.Skype Technologies S.A..) - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
      SR - | Auto 22/08/2011 79872 | (VMAuthdService) . (.VMware, Inc..) - C:\Program Files\VMware\VMware Player\vmware-authd.exe
      SR - | Auto 22/08/2011 354416 | (VMnetDHCP) . (.VMware, Inc..) - C:\Windows\system32\vmnetdhcp.exe
      SR - | Auto 21/08/2011 665200 | (VMUSBArbService) . (.VMware, Inc..) - C:\Program Files\Common Files\VMware\USB\vmware-usbarbitrator.exe
      SR - | Auto 22/08/2011 432752 | (VMware NAT Service) . (.VMware, Inc..) - C:\Windows\system32\vmnat.exe
      SR - | Auto 07/05/2012 82344 | (VTechUSBSocketService) . (.VTech.) - G:\ordi Zayan\VTech\DownloadManager\Applications\AppAccessory\12051\VTechUSBSocketService\VTechServiceInstaller.exe
      SR - | Auto 14/07/2009 20992 | C:\Program Files\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
      SR - | Auto 14/07/2009 20992 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe

      ~ Services: Scanned in 00mn 23s



      ---\\ Recherche d'infection sur le Master Boot Record (MBR)(O80)
      Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net

      ~ MBR: 1 Legitimates Filtered in 00mn 02s



      ---\\ Recherche d'infection sur le Master Boot Record (MBRCheck)(O80)
      Written by ad13, http://ad13.geekstog
      Run by pierrot at 06/01/2014 21:33:35

      ********* Dump file Name *********
      C:\PhysicalDisk0_MBR.bin

      ~ MBR: Scanned in 00mn 04s



      ---\\ Scan Additionnel (O88)
      Database Version : 13018 - (02/01/2014)
      Clés trouvées (Keys found) : 13
      Valeurs trouvées (Values found) : 1
      Dossiers trouvés (Folders found) : 4
      Fichiers trouvés (Files found) : 5

      [HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{F9474663-1411-4529-A7C2-5C3322A46495}] =>Adware.Browse2Save^
      [HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\Chat-Landmessenger] =>Hijacker.ChercheUS^
      [HKLM\Software\Classes\CLSID\{35b8892d-c3fb-4d88-990d-31db2ebd72bd}] =>Adware.RecordNRip
      [HKLM\Software\Classes\Interface\{3f607e46-0d3c-4442-b1de-de7fa4768f5c}] =>Adware.RecordNRip
      [HKLM\Software\Classes\TypeLib\{93e3d79c-0786-48ff-9329-93bc9f6dc2b3}] =>Adware.RecordNRip
      [HKLM\Software\Classes\Interface\{fe0273d1-99df-4ac0-87d5-1371c6271785}] =>Adware.RecordNRip
      [HKCU\Software\Softonic] =>Toolbar.Conduit
      [HKLM\Software\SP Global] =>PUP.AdvancedSystemProtector
      [HKLM\Software\SProtector] =>PUP.AdvancedSystemProtector
      [HKLM\Software\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}] =>Adware.Agent
      [HKLM\Software\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}] =>Adware.MagniPic
      [HKLM\Software\Microsoft\Tracing\apnstub_RASAPI32] =>Toolbar.Ask
      [HKLM\Software\Microsoft\Tracing\apnstub_RASMANCS] =>Toolbar.Ask
      C:\Program Files\BrowseToSave =>Adware.Browse2Save^
      C:\ProgramData\BBrowsee2sAove =>Adware.Browse2Save^
      C:\ProgramData\InstallMate =>PUP.Tarma^
      C:\ProgramData\RanedomPricce =>PUP.RandomPrice^
      [HKCU\Software\Conduit] =>Toolbar.Conduit^
      [HKLM\Software\Conduit] =>Toolbar.Conduit^
      [HKLM\Software\Vittalia] =>PUP.Vittalia^
      C:\Users\pierrot\AppData\Local\Temp\instloffer.exe =>PUP.OfferBox
      C:\Windows\KMSEmulator.exe =>Hijacker.Windows
      ~ Additionnel Scan: 361749 Items scanned in 01mn 33s



      ---\\ Récapitulatif des détections trouvées sur votre station
      ~ http://nicolascoolman.webs.com/apps/blog/show/26609108-hijacker-chercheus =>Hijacker.ChercheUS
      ~ http://nicolascoolman.webs.com/apps/blog/show/27563212-pup-clarosearch =>PUP.ClaroSearch
      ~ http://nicolascoolman.webs.com/apps/blog/show/26627530-adware-browse2save =>Adware.Browse2Save
      ~ http://nicolascoolman.webs.com/apps/blog/show/29507721-toolbar-conduit =>Toolbar.Conduit
      ~ http://nicolascoolman.webs.com/apps/blog/show/26630283-pup-advancedsystemprotector =>PUP.AdvancedSystemProtector
      ~ http://nicolascoolman.webs.com/apps/blog/show/28486577-pup-mocaflix =>PUP.MocaFlix
      ~ http://nicolascoolman.webs.com/apps/blog/show/35115580-pup-vittalia =>PUP.Vittalia
      ~ http://nicolascoolman.webs.com/apps/blog/show/29637859-toolbar-tarma =>PUP.Tarma
      ~ http://nicolascoolman.webs.com/apps/blog/show/40325236-pup-randomprice =>PUP.RandomPrice
      ~ http://nicolascoolman.webs.com/apps/blog/show/27350807-adware-recordnrip =>Adware.RecordNRip
      ~ http://nicolascoolman.webs.com/apps/blog/show/26632189-adware-magnipic =>Adware.MagniPic
      ~ http://nicolascoolman.webs.com/apps/blog/show/28927746-toolbar-ask =>Toolbar.Ask
      ~ http://nicolascoolman.webs.com/apps/blog/show/28606910-pup-offerbox =>PUP.OfferBox
      ~ http://nicolascoolman.webs.com/apps/blog/show/39592164-hijacker-windows =>Hijacker.Windows
      ~ MSI: 14 link(s) detected in 01mn 34s



      ~ 2651 Legitimates filtered by white list
      End of the scan (679 lines in 15mn 38s)(8)


      JRT :

      ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
      Junkware Removal Tool (JRT) by Thisisu
      Version: 6.0.9 (01.01.2014:1)
      OS: Windows 7 Professional x86
      Ran by pierrot on 07/01/2014 at 20:48:28,50
      ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




      ~~~ Services



      ~~~ Registry Values



      ~~~ Registry Keys

      Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-2685745190-3337387317-3771212626-1000\Software\sweetim
      Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-2685745190-3337387317-3771212626-1000\Software\web assistant
      Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\dmwu_rasapi32
      Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\dmwu_rasmancs



      ~~~ Files



      ~~~ Folders

      Successfully deleted: [Folder] "C:\Windows\system32\ai_recyclebin"
      Successfully deleted: [Empty Folder] C:\Users\pierrot\appdata\local\{00232930-C885-4F2E-87B2-F051B7EAFC21}
      Successfully deleted: [Empty Folder] C:\Users\pierrot\appdata\local\{0089D6DC-9F67-4613-9554-6DE4E29CC73A}
      Successfully deleted: [Empty Folder] C:\Users\pierrot\appdata\local\{0098EF0D-B8BD-4844-A6A0-BBB07E1B3807}
      Successfully deleted: [Empty Folder] C:\Users\pierrot\appdata\local\{00BFA643-9B49-45F2-9951-C32187EBFFCB}
      Successfully deleted: [Empty Folder] C:\Users\pierrot\appdata\local\{00E71AB4-846E-441C-B2B4-DE866ADF8A3E}
      Successfully deleted: [Empty Folder] C:\Users\pierrot\appdata\local\{01276AEC-BEE5-4006-8FDF-5B1175D9B1B8}
      Successfully deleted: [Empty Folder] C:\Users\pierrot\appdata\local\{014E0DCD-03ED-4858-B924-F17B2BAACD0E}
      Successfully deleted: [Empty Folder] C:\Users\pierrot\appdata\local\{0181C433-B669-43C6-A233-B32D66255F1F}
      Successfully deleted: [Empty Folder] C:\Users\pierrot\appdata\local\{02927C72-4054-4296-9584-C887E918BC9A}
      Successfully deleted: [Empty Folder] C:\Users\pierrot\appdata\local\{02F5AD14-2D8F-4F54-B1AE-62F6DCC32FB1}
      Successfully deleted: [Empty Folder] C:\Users\pierrot\appdata\local\{03915491-4CBA-42E2-9E23-7E3D8EA1710C}
      Successfully deleted: [Empty Folder] C:\Users\pierrot\appdata\local\{03D44C30-9ECC-44A7-BBAF-29C5345D4070}
      Successfully deleted: [Empty Folder] C:\Users\pierrot\appdata\local\{043AE949-1016-489F-AB80-9474315F7F93}
      Successfully deleted: [Empty Folder] C:\Users\pierrot\appdata\local\{04AD2085-158E-4EC5-96C5-A2E20B14D1BD}
      Successfully deleted: [Empty Folder] C:\Users\pierrot\appdata\local\{084C21D3-B290-48AB-B24D-548D315673B1}
      Successfully deleted: [Empty Folder] C:\Users\pierrot\appdata\local\{085FCA2A-7174-425E-886D-FE6B1E23664B}
      Successfully deleted: [Empty Folder] C:\Users\pierrot\appdata\local\{09AAF294-3ED6-4A90-9CF6-82D7864B8CF1}
      Successfully deleted: [Empty Folder] C:\Users\pierrot\appdata\local\{0B1D39A5-BA6C-4331-AF63-2513E35B4BF9}
      Successfully deleted: [Empty Folder] C:\Users\pierrot\appdata\local\{0B405B9C-D99A-4FF6-AAEB-D60BE1D1EB22}
      Successfully deleted: [Empty Folder] C:\Users\pierrot\appdata\local\{0C055972-680E-42DE-BF94-0810E0BB95F9}
      Successfully deleted: [Empty Folder] C:\Users\pierrot\appdata\local\{0C665AC2-E759-4198-89BD-D86981EA7250}
      Successfully deleted: [Empty Folder] C:\Users\pierrot\appdata\local\{0C94E903-7220-499B-A8D6-ABCCF43EC2C1}
      Successfully deleted: [Empty Folder] C:\Users\pierrot\appdata\local\{0CCC8A14-8E72-46CB-9893-CCC6C73AD823}
      Successfully deleted: [Empty Folder] C:\Users\pierrot\appdata\local\{0D5565F5-70CE-4AED-B555-F3F3F84A3F11}
      Successfully deleted: [Empty Folder] C:\Users\pierrot\appdata\local\{0DD94405-74D2-4C99-AFDC-E9E640316F54}
      Successfully deleted: [Empty Folder] C:\Users\pierrot\appdata\local\{0E073C77-161C-459B-85B4-8282C0C7988C}
      Successfully deleted: [Empty Folder] C:\Users\pierrot\appdata\local\{0E47B660-CB90-4EFC-86F4-8956A6653928}
      Successfully deleted: [Empty Folder] C:\Users\pierrot\appdata\local\{0E553593-D1FF-44EA-9547-37CBAA86D570}
      Successfully deleted: [Empty Folder] C:\Users\pierrot\appdata\local\{0F9CA8F3-51
      0
    5. Faeris Messages postés 795 Statut Membre 155
       
      Je t'avais demandé de passer les logiciels dans ce sens :

      1- ADWCleaner
      2- JRT
      3- ZHPDiag

      Car tu as refais le scan avec ZHPDiag avant les autres, ce qui revient à reprendre le premier que tu m'ais donné au départ. :)
      0