~ Rapport de ZHPDiag v2013.10.18.49 - Nicolas Coolman (18/10/2013) ~ Lancé par lolo (18/10/2013 21:56:55) ~ Adresse du Site Web http://nicolascoolman.webs.com ~ Forums gratuits d'Assistance à la désinfection : http://nicolascoolman.webs.com/apps/links/ ~ Traduit par Nicolas Coolman ~ Etat de la version : ~ Liste blanche : Activée par le programme ~ Elévation des Privilèges : OK ~ User Account Control (UAC): Activate by user ---\\ Navigateurs Internet MSIE: Internet Explorer v9.0.8112.16421 MFIE: Mozilla Firefox 24.0 (Defaut) ---\\ Informations sur les produits Windows ~ Langage: Français Windows Vista Home Premium Edition, 32-bit Service Pack 2 (Build 6002) Windows Server License Manager Script : OK ~ Vista, OEM_SLP channel System Locked Preinstallation (OEM_SLP) : OK Windows ID Activation : OK ~ Windows Partial Key : MQ3CQ Windows License : OK Windows Automatic Updates : OK ---\\ Logiciels de protection du système avast! Free Antivirus v8.0.1489.0 Emsisoft Anti-Malware ---\\ Logiciels d'optimisation du système CCleaner v4.06 =>Piriform Ltd ---\\ Logiciels de partage PeerToPeer ---\\ Surveillance de Logiciels Adobe Flash Player 11 ActiveX Adobe Reader 8 ---\\ Informations sur le système ~ Processor: x86 Family 6 Model 23 Stepping 6, GenuineIntel ~ Operating System: 32 Bits Boot mode: Normal (Normal boot) Total RAM: 3070 MB (42% free) System Restore: Activé (Enable) System drive C: has 152 GB (68%) free of 221 GB ---\\ Mode de connexion au système ~ Computer Name: PCDELOLO ~ User Name: lolo ~ All Users Names: lolo, Administrateur, ~ Unselected Option: O45,O61,O62,O65,O66,O80,O82,O89 Logged in as Administrator ---\\ Variables d'environnement ~ System Unit : C:\ ~ %AppZHP% : C:\Users\lolo\AppData\Roaming\ZHP\ ~ %AppData% : C:\Users\lolo\AppData\Roaming\ ~ %Desktop% : C:\Users\lolo\Desktop\ ~ %Favorites% : C:\Users\lolo\Favorites\ ~ %LocalAppData% : C:\Users\lolo\AppData\Local\ ~ %StartMenu% : C:\Users\lolo\AppData\Roaming\Microsoft\Windows\Start Menu\ ~ %Windir% : C:\Windows\ ~ %System% : C:\Windows\System32\ ---\\ Enumération des unités disques C: Hard drive, Flash drive, Thumb drive (Free 152 Go of 221 Go) D: Hard drive, Flash drive, Thumb drive (Free 149 Go of 149 Go) E: CD-ROM drive (Free 0 Go of 2 Go) ---\\ Etat du Centre de Sécurité Windows ~ Security Center: 38 Legitimates Filtered in 00mn 00s ---\\ Recherche particulière de fichiers génériques [MD5.D07D4C3038F3578FFCE1C0237F2A1253] - (.Microsoft Corporation - Explorateur Windows.) (.11/04/2009 - 07:27:36.) -- C:\Windows\Explorer.exe [2926592] [MD5.101BA3EA053480BB5D957EF37C06B5ED] - (.Microsoft Corporation - Application de démarrage de Windows.) (.21/01/2008 - 03:23:42.) -- C:\Windows\System32\Wininit.exe [96768] [MD5.C8ADAA6948993D839D14524847EA5B75] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.22/09/2013 - 11:13:22.) -- C:\Windows\System32\wininet.dll [1129472] [MD5.898E7C06A350D4A1A64A9EA264D55452] - (.Microsoft Corporation - Application d'ouverture de session Windows.) (.11/04/2009 - 07:28:13.) -- C:\Windows\System32\Winlogon.exe [314368] [MD5.3911B972B55FEA0478476B2E777B29FA] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.21/04/2011 - 14:58:27.) -- C:\Windows\system32\Drivers\AFD.sys [273408] [MD5.2D9C903DC76A66813D350A562DE40ED9] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.21/01/2008 - 03:23:00.) -- C:\Windows\system32\Drivers\atapi.sys [21560] [MD5.7ADD03E75BEB9E6DD102C3081D29840A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.21/01/2008 - 03:23:51.) -- C:\Windows\system32\Drivers\Cdfs.sys [70144] [MD5.6B4BFFB9BECD728097024276430DB314] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.11/04/2009 - 05:39:17.) -- C:\Windows\system32\Drivers\Cdrom.sys [67072] [MD5.622C41A07CA7E6DD91770F50D532CB6C] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.14/04/2011 - 15:59:03.) -- C:\Windows\system32\Drivers\DfsC.sys [75264] [MD5.062452B7FFD68C8C042A6261FE8DFF4A] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.11/04/2009 - 05:42:42.) -- C:\Windows\system32\Drivers\HDAudBus.sys [561152] [MD5.22D56C8184586B7A1F6FA60BE5F5A2BD] - (.Microsoft Corporation - Pilote de port i8042.) (.21/01/2008 - 03:23:20.) -- C:\Windows\system32\Drivers\i8042prt.sys [54784] [MD5.8793643A67B42CEC66490B2A0CF92D68] - (.Microsoft Corporation - IP Network Address Translator.) (.21/01/2008 - 03:24:25.) -- C:\Windows\system32\Drivers\IpNat.sys [100864] [MD5.1E94971C4B446AB2290DEB71D01CF0C2] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.29/04/2011 - 14:24:40.) -- C:\Windows\system32\Drivers\MRxSmb.sys [106496] [MD5.ECD64230A59CBD93C85F1CD1CAB9F3F6] - (.Microsoft Corporation - MBT Transport driver.) (.11/04/2009 - 05:45:37.) -- C:\Windows\system32\Drivers\netBT.sys [185856] [MD5.2C1121F2B87E9A6B12485DF53CD848C7] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.03/03/2013 - 20:07:52.) -- C:\Windows\system32\Drivers\ntfs.sys [1082232] [MD5.0FA9B5055484649D63C303FE404E5F4D] - (.Microsoft Corporation - Pilote de port parallèle.) (.02/11/2006 - 09:51:30.) -- C:\Windows\system32\Drivers\Parport.sys [79360] [MD5.A214ADBAF4CB47DD2728859EF31F26B0] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.21/01/2008 - 03:24:55.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [76288] [MD5.FBC0BACD9C3D7F6956853F64A66E252D] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.21/01/2008 - 03:23:01.) -- C:\Windows\system32\Drivers\rdpdr.sys [248832] [MD5.7B75299A4D201D6A6533603D6914AB04] - (.Microsoft Corporation - SMB Transport driver.) (.11/04/2009 - 05:45:22.) -- C:\Windows\system32\Drivers\smb.sys [66560] [MD5.76B06EB8A01FC8624D699E7045303E54] - (.Microsoft Corporation - TDI Translation Driver.) (.11/04/2009 - 05:45:56.) -- C:\Windows\system32\Drivers\tdx.sys [72192] [MD5.786DB5771F05EF300390399F626BF30A] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.21/08/2012 - 12:47:42.) -- C:\Windows\system32\Drivers\volsnap.sys [224640] ~ Generic Processes: Scanned in 00mn 07s ---\\ Etat des fichiers cachés (Caché/Total) ~ Mes images (My Pictures) : 1/2055 ~ Mes musiques (My Musics) : 1/102 ~ Mes Videos (My Videos) : 1/2 ~ Mes Favoris (My Favorites) : 1/46 ~ Mes Documents (My Documents) : 1/65 ~ Mon Bureau (My Desktop) : 1/13 ~ Menu demarrer (Programs) : 1/27 ~ Hidden Files: Scanned in 00mn 03s ---\\ Processus lancés [MD5.F21A8FB31B15860C4F6021960CF723A8] - (.Synaptics, Inc. - Synaptics TouchPad Enhancements.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1041704] [PID.3568] [MD5.3F11B20D12D89365D7721BDC860CE5F0] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe [4858968] [PID.3576] [MD5.50772C721FE88F4248F9F52AB2219B0F] - (.Synaptics, Inc. - Synaptics Pointing Device Helper.) -- C:\Program Files\Synaptics\SynTP\SynTPHelper.exe [95528] [PID.2704] [MD5.0D392EDE3B97E0B3131B2F63EF1DB94E] - (.Microsoft Corporation - Windows Defender User Interface.) -- C:\Program Files\Windows Defender\MSASCui.exe [1008184] [PID.3760] [MD5.6080A176D09435FC8E6E800996656E18] - (.Microsoft Corporation - Console IME.) -- C:\Windows\system32\conime.exe [69120] [PID.2496] [MD5.DE9BFC32E0422B40C515634A08D73D59] - (...) -- C:\Program Files\BrytonBridge2\BrytonBridge2.exe [1336320] [PID.552] [MD5.A9182CE59CFC56F9C1DDE8B3C0AE8378] - (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe [274840] [PID.3020] [MD5.3DEBC4F06BA637D7EE7BB1A69AC79052] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [8102912] [PID.2852] [MD5.D25A01AC95B7210260793CB80CE10B38] - (.Emsisoft GmbH - Emsisoft Anti-Malware Service.) -- C:\Program Files\Emsisoft Anti-Malware\a2service.exe [4153784] [PID.1020] [MD5.8FEB268CAE12E43538422312FD96B32F] - (.ATI Technologies Inc. - ATI External Event Utility EXE Module.) -- C:\Windows\system32\Ati2evxx.exe [692224] [PID.1332] [MD5.862BB4CBC05D80C5B45BE430E5EF872F] - (.Microsoft Corporation - Service de gestion des licences Microsoft.) -- C:\Windows\system32\SLsvc.exe [3408896] [PID.1556] [MD5.28D6701C710AD7BA3CB95E75F8F1A9AA] - (.AVAST Software - avast! Service.) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [46808] [PID.364] [MD5.6C8B36BE3BFCCD98D5898607396BA4FE] - (.Aladdin Knowledge Systems Ltd. - Aladdin HASP License Manager Service.) -- C:\Windows\system32\hasplms.exe [1757696] [PID.2756] [MD5.7B96206E4BDD2FE582F0DBC46F5F410E] - (.Intel Corporation - RAID Monitor.) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe [354840] [PID.2776] [MD5.875E4E0661F3A5994DF9E5E3A0A4F96B] - (.Prolific Technology Inc. - PLFlash DeviceIoControl Service.) -- C:\Windows\system32\IoctlSvc.exe [81920] [PID.2912] [MD5.5A0C788C5BC5F2C993CB60940ADCF95E] - (.X10 - X10 Module.) -- C:\Program Files\Common Files\X10\Common\X10nets.exe [20480] [PID.3116] [MD5.A8C2746994605DF30CD373CC8C2D257E] - (...) -- C:\Program Files\BrytonBridge2\BBService.exe [68096] [PID.3356] [MD5.23EA87FF1F9F9C36B11130AE13CDF6DA] - (...) -- C:\Program Files\BrytonBridge2\BBDaemon.exe [1273344] [PID.3240] [MD5.97D9D6A04E3AD9B6C626B9931DB78DBA] - (.Microsoft Corporation - Programme d’installation de modules Windows.) -- C:\Windows\servicing\TrustedInstaller.exe [39424] [PID.1828] ~ Processes Running: Scanned in 00mn 14s ---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3) C:\Users\lolo\AppData\Roaming\Mozilla\Firefox\Profiles\58j53c27.default\prefs.js ~ Firefox Browser: 6 Legitimates Filtered in 00mn 00s ---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4) R3 - URLSearchHook: (no name) - {26842a09-ffa8-4e2c-ae12-0c80f01c3295} . (...) (No version) -- (.not file.) R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (...) (No version) -- (.not file.) ~ IE Browser: 11 Legitimates Filtered in 00mn 00s ---\\ Internet Explorer, Proxy Management (R5) R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll ~ Proxy management: Scanned in 00mn 00s ---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe, F2 - REG:system.ini: Shell=C:\Windows\explorer.exe F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl" ~ Keys: Scanned in 00mn 00s ---\\ Hosts file redirection (O1) ~ Le fichier hosts est sain (The hosts file is clean). ~ Hosts File: Scanned in 00mn 00s ~ Nombre de lignes (Lines number): 20 ---\\ Browser Helper Objects de navigateur (O2) O2 - BHO: (no name) - {1e91a655-bb4b-4693-a05e-2edebc4c9d89} Clé orpheline O2 - BHO: (no name) - {71c1d63a-c944-428a-a5bd-ba513190e5d2} Clé orpheline ~ BHO: 6 Legitimates Filtered in 00mn 00s ---\\ Internet Explorer Toolbars (O3) O3 - Toolbar: avast! WebRep - [HKLM]{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} . (.AVAST Software - IE Webrep plugin.) -- C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll O3 - Toolbar\WebBrowser: (no name) - [HKCU]{2318C2B1-4965-11D4-9B18-009027A5CD4F} Clé orpheline O3 - Toolbar\WebBrowser: (no name) - [HKCU]{F2CF5485-4E02-4F68-819C-B92DE9277049} Clé orpheline ~ Toolbar: Scanned in 00mn 00s ---\\ Autres liens utilisateurs (O4) O4 - GS\Desktop [Public]: BrytonBridge2.lnk . (...) -- C:\Program Files\BrytonBridge2\BrytonBridge2.exe O4 - GS\Desktop [Public]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe O4 - GS\Program [Public]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe O4 - GS\QuickLaunch [lolo]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe O4 - GS\Program [lolo]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe O4 - GS\Program [lolo]: Webplayer.lnk . (...) -- C:\Users\lolo\AppData\Roaming\Microsoft\Installer\{9937E55B-6331-4804-93EF-77E992F204BD}\_3F7CDAE07E1639C4AEA7A8.exe O4 - GS\SystemTools [lolo]: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe O4 - GS\Desktop [lolo]: Connexion - Raccourci.lnk - Clé orpheline ~ Global Startup: 52 Legitimates Filtered in 00mn 04s ---\\ Applications lancées au démarrage du sytème (O4) O4 - GS\Startup [Public]: BrytonBridge2.lnk . (...) -- C:\Program Files\BrytonBridge2\BrytonBridge2.exe O4 - HKLM\..\Run: [SynTPEnh] . (.Synaptics, Inc. - Synaptics TouchPad Enhancements.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [avast] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\Alwil Software\Avast5\avastUI.exe O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] Clé orpheline O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation O4 - HKUS\S-1-5-20\..\Run: [WindowsWelcomeCenter] Clé orpheline ~ Application: Scanned in 00mn 00s ---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9) O9 - Extra button: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} . (.Microsoft Corporation - Microsoft Office OneNote Internet Explorer Add-in.) -- C:\Program Files\MICROS~3\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (...) -- C:\Program Files\Microsoft Office\Office12\REFBARH.ICO ~ IE Extra Buttons: Scanned in 00mn 00s ---\\ Objets ActiveX (Downloaded Program Files)(O16) O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} ((no name)) - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab ~ Objets ActiveX: Scanned in 00mn 00s ---\\ Modification Domaine/Adresses DNS (O17) O17 - HKLM\System\CCS\Services\Tcpip\..\{1DF0AB42-A049-4984-837D-20D935ECF8F6}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\..\{371A0226-918A-41D5-9CE4-4E4BF6CDA6F3}: DhcpNameServer = 192.168.0.254 O17 - HKLM\System\CS1\Services\Tcpip\..\{1DF0AB42-A049-4984-837D-20D935ECF8F6}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CS1\Services\Tcpip\..\{371A0226-918A-41D5-9CE4-4E4BF6CDA6F3}: DhcpNameServer = 192.168.0.254 O17 - HKLM\System\CS2\Services\Tcpip\..\{1DF0AB42-A049-4984-837D-20D935ECF8F6}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CS2\Services\Tcpip\..\{371A0226-918A-41D5-9CE4-4E4BF6CDA6F3}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CS3\Services\Tcpip\..\{1DF0AB42-A049-4984-837D-20D935ECF8F6}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CS3\Services\Tcpip\..\{371A0226-918A-41D5-9CE4-4E4BF6CDA6F3}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.254 ~ Domain: Scanned in 00mn 00s ---\\ Protocole additionnel (O18) O18 - Handler: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\system32\mshtml.dll =>.Microsoft Corporation O18 - Filter: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.dll =>.Microsoft Corporation ~ Protocole Additionnel: Scanned in 00mn 00s ---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20) O20 - AppInit_DLLs: . (...) - C:\Program Files\bitguard\261694~1.246\{c16c1~1\bitguard.dll (.not file.) =>PUP.BitGuard ~ AppInit DLL: Scanned in 00mn 00s ---\\ Clé de Registre autorun SharedTaskScheduler (STS) (O22) O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\Windows\System32\browseui.dll ~ STS/SSO: Scanned in 00mn 00s ---\\ Liste des services NT non Microsoft et non désactivés (O23) O23 - Service: Bryton Bridge Service (BBService) . (...) - C:\Program Files\BrytonBridge2\BBService.exe O23 - Service: X10 Device Network Service (x10nets) . (.X10 - X10 Module.) - C:\Program Files\Common Files\X10\Common\X10nets.exe ~ Services: 10 Legitimates Filtered in 00mn 26s ---\\ Pilotes lancés au démarrage du système (O41) O41 - Driver: (Vsdatant) . (. - .) - C:\Windows\System32\DRIVERS\vsdatant.sys (.not file.) ~ Drivers: 82 Legitimates Filtered in 00mn 03s ---\\ Logiciels installés (O42) O42 - Logiciel: BrytonBridge2 - (.BrytonSport, Inc..) [HKLM] -- {BA8123A4-34B4-44B8-B8E1-D36F0D0259C9}_is1 ~ Logic: 75 Legitimates Filtered in 00mn 01s ---\\ HKCU & HKLM Software Keys [HKCU\Software\Seagull Scientific] [HKCU\Software\Seagull] [HKCU\Software\TEC] [HKLM\Software\PCTools] [HKLM\Software\Seagull Scientific] ~ Key Software: 152 Legitimates Filtered in 00mn 01s ---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43) O43 - CFD: 17/10/2013 - 23:21:30 - [0] ----D C:\Program Files\BrytonBridge O43 - CFD: 17/10/2013 - 23:29:46 - [56,043] ----D C:\Program Files\BrytonBridge2 O43 - CFD: 11/10/2012 - 18:33:45 - [0] ----D C:\Program Files\GUM15D1.tmp O43 - CFD: 06/02/2013 - 09:44:43 - [0] ----D C:\Program Files\GUM7290.tmp O43 - CFD: 06/07/2009 - 17:33:35 - [0,145] ----D C:\Program Files\STK017_V2.03 O43 - CFD: 10/11/2010 - 18:36:23 - [0,527] ----D C:\Program Files\TKI O43 - CFD: 17/10/2013 - 23:12:52 - [55,967] ----D C:\ProgramData\BrytonBridge O43 - CFD: 10/11/2010 - 18:36:23 - [0,011] ----D C:\ProgramData\IMPULS O43 - CFD: 17/11/2010 - 15:19:05 - [0,010] ----D C:\ProgramData\Seagull O43 - CFD: 22/05/2013 - 17:02:57 - [0] ----D C:\ProgramData\? ? ????????????????????????? O43 - CFD: 05/06/2013 - 09:54:25 - [0] ----D C:\ProgramData\?!?!????????????????????????? O43 - CFD: 03/04/2013 - 07:59:33 - [0] ----D C:\ProgramData\?#?#????????????????????????? O43 - CFD: 15/05/2013 - 14:43:00 - [0] ----D C:\ProgramData\?&?&????????????????????????? O43 - CFD: 05/08/2013 - 16:59:13 - [0] ----D C:\ProgramData\?(?(????????????????????????? O43 - CFD: 22/05/2013 - 10:04:51 - [0] ----D C:\ProgramData\?+?+????????????????????????? O43 - CFD: 07/10/2013 - 19:21:34 - [0] ----D C:\ProgramData\?,?,????????????????????????? O43 - CFD: 03/05/2013 - 14:22:02 - [0] ----D C:\ProgramData\?-?-????????????????????????? O43 - CFD: 19/05/2013 - 14:55:09 - [0] ----D C:\ProgramData\?0?0????????????????????????? O43 - CFD: 18/03/2013 - 12:41:17 - [0] ----D C:\ProgramData\?1?1????????????????????????? O43 - CFD: 11/03/2013 - 12:47:18 - [0] ----D C:\ProgramData\?2?2????????????????????????? O43 - CFD: 08/07/2013 - 13:40:28 - [0] ----D C:\ProgramData\?3?3????????????????????????? O43 - CFD: 04/10/2013 - 12:40:17 - [0] ----D C:\ProgramData\?6?6????????????????????????? O43 - CFD: 15/08/2013 - 09:33:19 - [0] ----D C:\ProgramData\?9?9????????????????????????? O43 - CFD: 21/06/2013 - 13:02:10 - [0] ----D C:\ProgramData\?=?=????????????????????????? O43 - CFD: 06/05/2013 - 19:38:26 - [0] ----D C:\ProgramData\?@?@????????????????????????? O43 - CFD: 19/04/2013 - 08:09:00 - [0] ----D C:\ProgramData\?D?D????????????????????????? O43 - CFD: 01/04/2013 - 20:47:41 - [0] ----D C:\ProgramData\?F?F????????????????????????? O43 - CFD: 25/06/2013 - 19:02:09 - [0] ----D C:\ProgramData\?I?I????????????????????????? O43 - CFD: 14/08/2013 - 16:27:48 - [0] ----D C:\ProgramData\?m?m????????????????????????? O43 - CFD: 06/08/2013 - 16:27:54 - [0] ----D C:\ProgramData\?o?o????????????????????????? O43 - CFD: 15/07/2013 - 20:08:11 - [0] ----D C:\ProgramData\?q?q????????????????????????? O43 - CFD: 21/09/2013 - 11:23:41 - [0] ----D C:\ProgramData\?T?T????????????????????????? O43 - CFD: 23/03/2013 - 10:10:53 - [0] ----D C:\ProgramData\?v?v????????????????????????? O43 - CFD: 24/07/2013 - 15:36:00 - [0] ----D C:\ProgramData\?w?w????????????????????????? O43 - CFD: 04/09/2013 - 19:20:53 - [0] ----D C:\ProgramData\?x?x????????????????????????? O43 - CFD: 31/07/2013 - 11:02:07 - [0] ----D C:\ProgramData\?{?{????????????????????????? O43 - CFD: 30/09/2013 - 19:23:10 - [0] ----D C:\ProgramData\?~?~????????????????????????? O43 - CFD: 04/08/2013 - 12:29:40 - [0] ----D C:\ProgramData\??????????????????????????? O43 - CFD: 11/04/2013 - 19:04:48 - [0] ----D C:\ProgramData\????????????????????????????? O43 - CFD: 21/05/2013 - 20:22:20 - [0] ----D C:\ProgramData\????????????????????????????? O43 - CFD: 08/05/2013 - 11:04:30 - [0] ----D C:\ProgramData\????????????????????????????? O43 - CFD: 25/05/2013 - 20:47:26 - [0] ----D C:\ProgramData\????????????????????????????? O43 - CFD: 17/08/2013 - 19:50:52 - [0] ----D C:\ProgramData\????????????????????????????? O43 - CFD: 25/05/2013 - 17:32:01 - [0] ----D C:\ProgramData\????????????????????????????? O43 - CFD: 25/03/2013 - 19:50:56 - [0] ----D C:\ProgramData\????????????????????????????? O43 - CFD: 25/05/2013 - 19:38:17 - [0] ----D C:\ProgramData\????????????????????????????? O43 - CFD: 24/03/2013 - 13:51:15 - [0] ----D C:\ProgramData\????????????????????????????? O43 - CFD: 12/06/2013 - 20:08:13 - [0] ----D C:\ProgramData\??????????????????????????? O43 - CFD: 20/03/2013 - 19:25:58 - [0] ----D C:\ProgramData\??????????????????????????? O43 - CFD: 22/03/2013 - 15:06:35 - [0] ----D C:\ProgramData\????????????????????????????? O43 - CFD: 22/04/2013 - 13:49:33 - [0] ----D C:\ProgramData\????????????????????????????? O43 - CFD: 07/08/2013 - 11:05:56 - [0] ----D C:\ProgramData\????????????????????????????? O43 - CFD: 22/03/2013 - 14:46:12 - [0] ----D C:\ProgramData\????????????????????????????? O43 - CFD: 20/04/2013 - 10:52:31 - [0] ----D C:\ProgramData\????????????????????????????? O43 - CFD: 07/07/2013 - 14:12:08 - [0] ----D C:\ProgramData\????????????????????????????? O43 - CFD: 28/05/2013 - 12:29:33 - [0] ----D C:\ProgramData\????????????????????????????? O43 - CFD: 08/09/2013 - 20:27:37 - [0] ----D C:\ProgramData\?¤?¤????????????????????????? O43 - CFD: 29/09/2013 - 12:31:15 - [0] ----D C:\ProgramData\?§?§????????????????????????? O43 - CFD: 28/03/2013 - 14:31:18 - [0] ----D C:\ProgramData\?©?©????????????????????????? O43 - CFD: 13/03/2013 - 15:14:02 - [0] ----D C:\ProgramData\?¯?¯????????????????????????? O43 - CFD: 30/03/2013 - 18:31:35 - [0] ----D C:\ProgramData\?µ?µ????????????????????????? O43 - CFD: 11/10/2013 - 16:14:27 - [0] ----D C:\ProgramData\?·?·????????????????????????? O43 - CFD: 28/09/2013 - 21:31:26 - [0] ----D C:\ProgramData\?½?½????????????????????????? O43 - CFD: 16/04/2013 - 20:59:48 - [0] ----D C:\ProgramData\?â?â????????????????????????? O43 - CFD: 29/04/2013 - 20:49:29 - [0] ----D C:\ProgramData\?Ã?Ã????????????????????????? O43 - CFD: 22/04/2013 - 16:13:23 - [0] ----D C:\ProgramData\?Å?Å????????????????????????? O43 - CFD: 26/06/2013 - 13:27:10 - [0] ----D C:\ProgramData\?æ?æ????????????????????????? O43 - CFD: 12/06/2013 - 21:30:07 - [0] ----D C:\ProgramData\?ë?ë????????????????????????? O43 - CFD: 06/08/2013 - 19:32:12 - [0] ----D C:\ProgramData\?í?í????????????????????????? O43 - CFD: 11/04/2013 - 17:54:48 - [0] ----D C:\ProgramData\?Ð?Ð????????????????????????? O43 - CFD: 12/08/2013 - 09:44:08 - [0] ----D C:\ProgramData\?Ñ?Ñ????????????????????????? O43 - CFD: 28/07/2013 - 09:22:22 - [0] ----D C:\ProgramData\?Ó?Ó????????????????????????? O43 - CFD: 18/03/2013 - 11:44:44 - [0] ----D C:\ProgramData\?Õ?Õ????????????????????????? O43 - CFD: 16/05/2013 - 17:23:36 - [0] ----D C:\ProgramData\?ú?ú????????????????????????? O43 - CFD: 17/03/2013 - 13:41:52 - [0] ----D C:\ProgramData\?Ü?Ü????????????????????????? O43 - CFD: 15/09/2013 - 13:17:50 - [0] ----D C:\ProgramData\?ý?ý????????????????????????? O43 - CFD: 13/03/2013 - 17:49:45 - [0] ----D C:\ProgramData\?þ?þ????????????????????????? O43 - CFD: 20/09/2013 - 17:26:55 - [0] ----D C:\ProgramData\?A?A????????????????????????? O43 - CFD: 24/04/2013 - 13:24:52 - [0] ----D C:\ProgramData\?a?a????????????????????????? O43 - CFD: 03/05/2013 - 10:35:39 - [0] ----D C:\ProgramData\?a?a????????????????????????? O43 - CFD: 27/04/2013 - 18:21:05 - [0] ----D C:\ProgramData\?c?c????????????????????????? O43 - CFD: 04/08/2013 - 15:52:01 - [0] ----D C:\ProgramData\?c?c????????????????????????? O43 - CFD: 01/06/2013 - 21:27:48 - [0] ----D C:\ProgramData\?c?c????????????????????????? O43 - CFD: 28/04/2013 - 17:17:42 - [0] ----D C:\ProgramData\?d?d????????????????????????? O43 - CFD: 24/05/2013 - 13:11:17 - [0] ----D C:\ProgramData\?d?d????????????????????????? O43 - CFD: 26/04/2013 - 10:37:32 - [0] ----D C:\ProgramData\?e?e????????????????????????? O43 - CFD: 18/09/2013 - 16:39:00 - [0] ----D C:\ProgramData\?E?E????????????????????????? O43 - CFD: 13/09/2013 - 12:39:35 - [0] ----D C:\ProgramData\?e?e????????????????????????? O43 - CFD: 04/04/2013 - 17:08:50 - [0] ----D C:\ProgramData\?E?E????????????????????????? O43 - CFD: 04/06/2013 - 13:48:59 - [0] ----D C:\ProgramData\?E?E????????????????????????? O43 - CFD: 29/03/2013 - 16:44:12 - [0] ----D C:\ProgramData\?g?g????????????????????????? O43 - CFD: 03/05/2013 - 20:54:42 - [0] ----D C:\ProgramData\?G?G????????????????????????? O43 - CFD: 30/07/2013 - 19:16:30 - [0] ----D C:\ProgramData\?g?g????????????????????????? O43 - CFD: 11/08/2013 - 21:00:19 - [0] ----D C:\ProgramData\?I?I????????????????????????? O43 - CFD: 05/04/2013 - 13:31:37 - [0] ----D C:\ProgramData\?i?i????????????????????????? O43 - CFD: 21/09/2013 - 14:29:34 - [0] ----D C:\ProgramData\?R?R????????????????????????? O43 - CFD: 30/06/2013 - 09:15:01 - [0] ----D C:\ProgramData\?t?t????????????????????????? O43 - CFD: 29/06/2013 - 19:33:25 - [0] ----D C:\ProgramData\?U?U????????????????????????? O43 - CFD: 09/07/2013 - 21:34:41 - [0] ----D C:\ProgramData\?ÿ?ÿ????????????????????????? O43 - CFD: 12/07/2013 - 13:04:44 - [0] ----D C:\ProgramData\????????????????????????????? O43 - CFD: 29/04/2013 - 16:53:58 - [0] ----D C:\ProgramData\????????????????????????????? O43 - CFD: 11/07/2013 - 17:17:44 - [0] ----D C:\ProgramData\????????????????????????????? O43 - CFD: 15/03/2013 - 19:18:51 - [0] ----D C:\ProgramData\????????????????????????????? O43 - CFD: 07/03/2013 - 18:38:29 - [0] ----D C:\ProgramData\????????????????????????????? O43 - CFD: 15/08/2013 - 11:58:58 - [0] ----D C:\ProgramData\????????????????????????????? O43 - CFD: 13/08/2013 - 18:44:43 - [0] ----D C:\ProgramData\????????????????????????????? O43 - CFD: 07/03/2013 - 19:47:58 - [0] ----D C:\ProgramData\????????????????????????????? O43 - CFD: 16/05/2013 - 18:30:32 - [0] ----D C:\ProgramData\?T?T????????????????????????? O43 - CFD: 03/06/2013 - 15:11:53 - [0] ----D C:\ProgramData\????????????????????????????? O43 - CFD: 10/07/2013 - 14:00:12 - [0] ----D C:\ProgramData\????????????????????????????? O43 - CFD: 18/05/2013 - 14:20:34 - [0] ----D C:\ProgramData\????????????????????????????? O43 - CFD: 03/10/2013 - 19:57:04 - [0] ----D C:\ProgramData\????????????????????????????? O43 - CFD: 03/06/2013 - 13:04:02 - [0] ----D C:\ProgramData\?|?|????????????????????????? O43 - CFD: 29/03/2013 - 14:33:29 - [0] ----D C:\ProgramData\????????????????????????????? O43 - CFD: 24/05/2013 - 18:22:26 - [0] ----D C:\ProgramData\????????????????????????????? O43 - CFD: 07/08/2013 - 18:49:34 - [0] ----D C:\ProgramData\?!?!????????????????????????? O43 - CFD: 16/04/2013 - 13:33:07 - [0] ----D C:\ProgramData\????????????????????????????? O43 - CFD: 22/07/2013 - 09:26:04 - [0] ----D C:\ProgramData\????????????????????????????? O43 - CFD: 17/07/2013 - 13:21:04 - [0] ----D C:\ProgramData\????????????????????????????? O43 - CFD: 25/03/2013 - 18:13:23 - [0] ----D C:\ProgramData\????????????????????????????? O43 - CFD: 29/06/2013 - 15:45:44 - [0] ----D C:\ProgramData\????????????????????????????? O43 - CFD: 12/03/2013 - 14:57:56 - [0] ----D C:\ProgramData\?a?a????????????????????????? O43 - CFD: 05/04/2013 - 20:12:53 - [0] ----D C:\ProgramData\?i?i????????????????????????? O43 - CFD: 21/03/2013 - 18:50:38 - [0] ----D C:\ProgramData\?O?O????????????????????????? O43 - CFD: 30/03/2013 - 14:35:07 - [0] ----D C:\ProgramData\?U?U????????????????????????? O43 - CFD: 08/03/2013 - 12:14:45 - [0] ----D C:\ProgramData\?u?u????????????????????????? O43 - CFD: 05/04/2013 - 19:24:20 - [0] ----D C:\ProgramData\?U?U????????????????????????? O43 - CFD: 30/04/2013 - 11:54:41 - [0] ----D C:\ProgramData\?u?u????????????????????????? O43 - CFD: 14/03/2013 - 13:10:34 - [0] ----D C:\ProgramData\?u?u????????????????????????? O43 - CFD: 07/03/2013 - 18:18:24 - [0] ----D C:\ProgramData\?a?a????????????????????????? O43 - CFD: 29/04/2013 - 18:17:30 - [0] ----D C:\ProgramData\????????????????????????????? O43 - CFD: 22/03/2013 - 17:54:29 - [0] ----D C:\ProgramData\????????????????????????????? O43 - CFD: 01/04/2013 - 11:45:54 - [0] ----D C:\ProgramData\?G?G????????????????????????? O43 - CFD: 24/04/2013 - 20:48:10 - [0] ----D C:\ProgramData\?g?g????????????????????????? O43 - CFD: 18/05/2013 - 21:30:14 - [0] ----D C:\ProgramData\?K?K????????????????????????? O43 - CFD: 14/03/2013 - 17:16:05 - [0] ----D C:\ProgramData\?O?O????????????????????????? O43 - CFD: 10/04/2013 - 16:56:31 - [0] ----D C:\ProgramData\?o?o????????????????????????? O43 - CFD: 16/03/2013 - 15:18:05 - [0] ----D C:\ProgramData\????????????????????????????? O43 - CFD: 16/05/2013 - 19:08:18 - [0] ----D C:\ProgramData\?j?j????????????????????????? O43 - CFD: 20/03/2013 - 13:57:06 - [0] ----D C:\ProgramData\????????????????????????????? O43 - CFD: 14/06/2013 - 16:42:32 - [0] ----D C:\ProgramData\????????????????????????????? O43 - CFD: 06/04/2013 - 08:46:24 - [0] ----D C:\ProgramData\????????????????????????????? O43 - CFD: 12/04/2013 - 20:46:32 - [0] ----D C:\ProgramData\????????????????????????????? O43 - CFD: 10/06/2013 - 15:37:33 - [0] ----D C:\ProgramData\????????????????????????????? O43 - CFD: 13/03/2013 - 09:01:15 - [0] ----D C:\ProgramData\????????????????????????????? O43 - CFD: 12/03/2013 - 20:04:20 - [0] ----D C:\ProgramData\????????????????????????????? O43 - CFD: 25/04/2013 - 18:52:05 - [0] ----D C:\ProgramData\????????????????????????????? O43 - CFD: 28/03/2013 - 17:23:20 - [0] ----D C:\ProgramData\????????????????????????????? O43 - CFD: 17/05/2013 - 16:30:19 - [0] ----D C:\ProgramData\????????????????????????????? O43 - CFD: 05/04/2013 - 19:45:33 - [0] ----D C:\ProgramData\????????????????????????????? O43 - CFD: 01/04/2013 - 21:26:23 - [0] ----D C:\ProgramData\????????????????????????????? O43 - CFD: 03/05/2013 - 13:00:51 - [0] ----D C:\ProgramData\????????????????????????????? O43 - CFD: 02/04/2013 - 22:00:50 - [0] ----D C:\ProgramData\????????????????????????????? O43 - CFD: 20/05/2013 - 15:25:04 - [0] ----D C:\ProgramData\????????????????????????????? O43 - CFD: 25/03/2013 - 18:24:27 - [0] ----D C:\ProgramData\????????????????????????????? O43 - CFD: 17/05/2013 - 18:49:56 - [0] ----D C:\ProgramData\????????????????????????????? O43 - CFD: 10/03/2013 - 21:46:34 - [0] ----D C:\ProgramData\????????????????????????????? O43 - CFD: 31/03/2013 - 10:36:03 - [0] ----D C:\ProgramData\????????????????????????????? O43 - CFD: 08/04/2013 - 13:30:12 - [0] ----D C:\ProgramData\?#?#0 O43 - CFD: 23/05/2013 - 18:01:05 - [0] ----D C:\ProgramData\?ý?ý0 O43 - CFD: 22/05/2013 - 21:02:50 - [0] ----D C:\ProgramData\?G?G0 O43 - CFD: 22/03/2013 - 16:01:21 - [0] ----D C:\ProgramData\????0 O43 - CFD: 01/09/2013 - 10:58:31 - [0] ----D C:\ProgramData\?O?O0 O43 - CFD: 30/08/2013 - 17:16:52 - [0] ----D C:\ProgramData\?u?u0 O43 - CFD: 22/04/2013 - 17:21:34 - [0] ----D C:\ProgramData\?G?G0 O43 - CFD: 12/04/2013 - 12:49:33 - [0] ----D C:\ProgramData\????0 O43 - CFD: 02/04/2013 - 19:51:10 - [0] ----D C:\ProgramData\????0 O43 - CFD: 25/03/2013 - 19:23:10 - [0] ----D C:\ProgramData\????????????????????????p??????? O43 - CFD: 30/09/2013 - 19:01:14 - [0,021] ----D C:\Users\lolo\AppData\Local\BrytonBridge O43 - CFD: 05/03/2013 - 22:14:32 - [0,197] ----D C:\Users\lolo\AppData\Local\Updater27096 =>PUP.CrossRider ~ Program Folder: 309 Legitimates Filtered in 00mn 25s ---\\ Contrôle du Safe Boot (CSB) (O49) O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\CleanHlp.sys . (...) -- C:\Windows\System32\Drivers\CleanHlp.sys (.not file.) O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\CleanHlp.sys . (...) -- C:\Windows\System32\Drivers\CleanHlp.sys (.not file.) ~ CSB: 15 Legitimates Filtered in 00mn 00s ---\\ Clé de registre Shell MountPoints2 (MPKS) (O51) O51 - MPSK:{b5540631-3334-11de-9e5c-806e6f6e6963}\AutoRun\command. (...) -- E:\bb\BBChecker.exe ~ Keys: Scanned in 00mn 00s ---\\ Enumération des clés de registre PoliciesSystem (MWPS) (O55) O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0 O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0 ~ MWPS: 16 Legitimates Filtered in 00mn 00s ---\\ Liste des pilotes du système (SDL) (O58) O58 - SDL:[MD5.B680134BA1813B78B47FDD1DFF223CA5] - 09/05/2013 - 09:59:10 ---A- . (...) -- C:\Windows\System32\Drivers\aswRvrt.sys [49376] O58 - SDL:[MD5.8AAD333C876590293F72B315E162BCC7] - 02/11/2006 - 08:09:42 ---A- . (...) -- C:\Windows\System32\ANSI.SYS [9029] ~ Drivers: 16 Legitimates Filtered in 00mn 01s ---\\ Liste des outils de désinfection (LATC) (O63) O63 - Logiciel: ZHPDiag 2013 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman ~ ADS: Scanned in 00mn 00s ---\\ Associations Shell Spawning (O67) O67 - Shell Spawning: <.com> <>[HKU\..\open\Command] (.Not Key.) O67 - Shell Spawning: <.exe> <>[HKU\..\open\Command] (.Not Key.) ~ FASS Keys: 21 Legitimates Filtered in 00mn 01s ---\\ Menu de démarrage Internet (SMI) (O68) O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe ~ Keys: Scanned in 00mn 00s ---\\ Recherche d'infection sur les navigateurs internet (SBI) (O69) O69 - SBI: SearchScopes [HKCU] {67A2568C-7A0A-4EED-AECC-B5405DE63B64} [DefaultScope] - (Google) - http://www.google.com ~ Keys: Scanned in 00mn 00s ---\\ Recherche particulière à la racine du système (SPRF) (O84) [MD5.D2C020500188246C2F0BF1552573B923] [SPRF][25/03/2011] (.Bryton Inc - BrytonBridge Setup.) -- C:\Users\lolo\AppData\Local\Temp\hermes_inst.exe [14527699] [MD5.E2822E2E75DFBC277E048262D8311CFD] [SPRF][11/10/2013] (...) -- C:\Users\lolo\AppData\Roaming\wklnhst.dat [2164] ~ Files: 4 Legitimates Filtered in 00mn 01s ---\\ Recherche des packages WindowsInstaller (WIS) (O93) (NTFS) ~ WIS: 88 Legitimates Filtered in 01mn 17s ---\\ Etat général des services not Microsoft (EGS) (SR=Running, SS=Stopped) SR - | Auto 30/09/2013 4153784 | (a2AntiMalware) . (.Emsisoft GmbH.) - C:\Program Files\Emsisoft Anti-Malware\a2service.exe SR - | Auto 10/06/2008 692224 | (Ati External Event Utility) . (.ATI Technologies Inc..) - C:\Windows\System32\Ati2evxx.exe SR - | Auto 09/05/2013 46808 | (avast! Antivirus) . (.AVAST Software.) - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe SR - | Auto 14/09/2013 68096 | (BBService) . (...) - C:\Program Files\BrytonBridge2\BBService.exe SS - | Demand 22/10/2008 647680 | (FLEXnet Licensing Service) . (.Macrovision Europe Ltd..) - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe SS - | Auto 08/02/2010 135664 | (gupdate) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe SS - | Demand 08/02/2010 135664 | (gupdatem) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe SR - | Auto 09/08/2007 1757696 | (hasplms) . (.Aladdin Knowledge Systems Ltd..) - C:\Windows\system32\hasplms.exe SR - | Auto 07/05/2008 354840 | (IAANTMON) . (.Intel Corporation.) - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe SS - | Demand 11/09/2013 118680 | (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe SR - | Auto 19/12/2006 81920 | (PLFlash DeviceIoControl Service) . (.Prolific Technology Inc..) - C:\Windows\system32\IoctlSvc.exe SS - | Auto 13/07/2012 160944 | (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files\Skype\Updater\Updater.exe SR - | Auto 21/01/2008 21504 | C:\Program Files\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe SR - | Auto 21/01/2008 21504 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe SR - | Auto 12/11/2001 20480 | (x10nets) . (.X10.) - C:\Program Files\Common Files\X10\Common\X10nets.exe ~ Services: Scanned in 01mn 21s ---\\ Scan Additionnel (O88) Database Version : 12949 - (18/10/2013) Clés trouvées (Keys found) : 6 Valeurs trouvées (Values found) : 0 Dossiers trouvés (Folders found) : 1 Fichiers trouvés (Files found) : 0 [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{64182481-4F71-486b-A045-B233BD0DA8FC}] =>Adware.Facemoods [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}] =>Adware.IMBooster [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{DB4E9724-F518-4DFD-9C7C-78B52103CAB9}] =>Adware.BullseyeToolbar [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}] =>Toolbar.DeltaSearch [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{82E1477C-B154-48D3-9891-33D83C26BCD3}] =>PUP.Funmoods [HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110211701196}] =>PUP.CrossRider C:\Users\lolo\AppData\Local\Updater27096 =>PUP.CrossRider^ ~ Additionnel Scan: 172634 Items scanned in 03mn 36s ---\\ Récapitulatif des détections trouvées sur votre station ~ http://nicolascoolman.webs.com/apps/blog/show/32979753-pup-bitguard =>PUP.BitGuard ~ http://nicolascoolman.webs.com/apps/blog/show/27583526-pup-crossrider =>PUP.CrossRider ~ http://nicolascoolman.webs.com/apps/blog/show/26764465-adware-facemoods =>Adware.Facemoods ~ http://nicolascoolman.webs.com/apps/blog/show/26684723-adware-imbooster =>Adware.IMBooster ~ http://nicolascoolman.webs.com/apps/blog/show/27674245-adware-bullseyetoolbar =>Adware.BullseyeToolbar ~ http://nicolascoolman.webs.com/apps/blog/show/27875657-toolbar-deltasearch =>Toolbar.DeltaSearch ~ http://nicolascoolman.webs.com/apps/blog/show/27630986-pup-funmoods =>PUP.Funmoods ~ MSI: 7 link(s) detected in 03mn 36s ~ 1145 Legitimates filtered by white list End of the scan (584 lines in 08mn 26s)(0)