~ Rapport de ZHPDiag v2015.3.1.25 - Nicolas Coolman (2015-03-01) ~ Lancé par Eddy P (2015-03-03 16:09:44) ~ Facebook : https://www.facebook.com/nicolascoolman1 ~ Adresse du Forum http://forum.nicolascoolman.fr ~ Traduit par Nicolas Coolman ~ Etat de la version : Version à jour. ~ Liste blanche : Activée par le programme ~ Elévation des Privilèges : OK ~ User Account Control (UAC): Deactivate by program ---\\ Navigateurs Internet MSIE: Internet Explorer v11.0.9600.17633 MFIE: Mozilla Firefox 36.0 GCIE: Google Chrome v40.0.2214.115 ---\\ Informations sur les produits Windows ~ Langage: Français Windows Server License Manager Script : OK ---\\ Logiciels de protection du système Avast Free Antivirus v10.0.2208 AVG 2011 v10.0.1204 Malwarebytes Anti-Malware version 2.0.4.1028 Secunia PSI ---\\ Logiciels d'optimisation du système CCleaner v5.03 ---\\ Logiciels de partage PeerToPeer ---\\ Surveillance de Logiciels Adobe Flash Player 16 NPAPI Adobe Reader XI ---\\ Informations sur le système ~ Processor: Intel64 Family 6 Model 62 Stepping 4, GenuineIntel ~ Operating System: 64 Bits Boot mode: Normal (Normal boot) Total RAM: 16323 MB (69% free) System Restore: Activé (Enable) System drive C: has 173 GB (37%) free of 465 GB ---\\ Mode de connexion au système ~ Computer Name: AMDATHLON ~ User Name: Eddy P ~ All Users Names: Eddy P, Administrateur, ~ Unselected Option: O45,O61,O62,O65,O66,O80,O82,O89 Logged in as Administrator ---\\ Variables d'environnement ~ System Unit : C:\ ~ %AppZHP% : C:\Users\Eddy P\AppData\Roaming\ZHP\ ~ %AppData% : C:\Users\Eddy P\AppData\Roaming\ ~ %Desktop% : C:\Users\Eddy P\Desktop\ ~ %Favorites% : C:\Users\Eddy P\Favorites\ ~ %LocalAppData% : C:\Users\Eddy P\AppData\Local\ ~ %StartMenu% : C:\Users\Eddy P\AppData\Roaming\Microsoft\Windows\Start Menu\ ~ %Windir% : C:\Windows\ ~ %System% : C:\Windows\System32\ ---\\ Enumération des unités disques C: Hard drive, Flash drive, Thumb drive (Free 173 Go of 465 Go) D: Hard drive, Flash drive, Thumb drive (Free 190 Go of 932 Go) E: CD-ROM drive (Not Inserted) F: CD-ROM drive (Not Inserted) G: Floppy drive, Flash card reader, USB Key (Free 15 Go of 15 Go) H: Floppy drive, Flash card reader, USB Key (Free 7 Go of 7 Go) I: CD-ROM drive (Free 0 Go of 0 Go) Z: Hard drive, Flash drive, Thumb drive (Free 232 Go of 932 Go) ---\\ Etat du Centre de Sécurité Windows ~ Security Center: 49 Legitimates Filtered in 00mn 00s ---\\ Recherche particulière de fichiers génériques [MD5.332FEAB1435662FC6C672E25BEB37BE3] - (.Microsoft Corporation - Explorateur Windows.) (.2011-02-25 - 01:19:30.) -- C:\Windows\Explorer.exe [2871808] [MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Application de démarrage de Windows.) (.2009-07-13 - 20:39:52.) -- C:\Windows\System32\Wininit.exe [129024] [MD5.9DFE41A69DF70AAB75CB5BA8C1109EA2] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.2015-01-11 - 20:27:32.) -- C:\Windows\System32\wininet.dll [2358272] [MD5.8CEBD9D0A0A879CDE9F36F4383B7CAEA] - (.Microsoft Corporation - Application d’ouverture de session Windows.) (.2014-07-16 - 21:07:24.) -- C:\Windows\System32\Winlogon.exe [455168] [MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Bibliothèque de licences.) (.2010-11-20 - 22:24:16.) -- C:\Windows\System32\sppcomapi.dll [232448] [MD5.FA886682CFC5D36718D3E436AACF10B9] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.2014-05-30 - 01:45:52.) -- C:\Windows\system32\Drivers\AFD.sys [497152] [MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.2009-07-13 - 20:52:21.) -- C:\Windows\system32\Drivers\atapi.sys [24128] [MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.2009-07-13 - 18:19:47.) -- C:\Windows\system32\Drivers\Cdfs.sys [92160] [MD5.F036CE71586E93D94DAB220D7BDF4416] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.2010-11-20 - 22:23:47.) -- C:\Windows\system32\Drivers\Cdrom.sys [147456] [MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.2010-11-20 - 22:24:32.) -- C:\Windows\system32\Drivers\DfsC.sys [102400] [MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.2010-11-20 - 22:23:47.) -- C:\Windows\system32\Drivers\HDAudBus.sys [122368] [MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Pilote de port i8042.) (.2009-07-13 - 18:19:57.) -- C:\Windows\system32\Drivers\i8042prt.sys [105472] [MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.2009-07-13 - 19:10:03.) -- C:\Windows\system32\Drivers\IpNat.sys [116224] [MD5.A5D9106A73DC88564C825D317CAC68AC] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.2011-04-26 - 21:40:40.) -- C:\Windows\system32\Drivers\MRxSmb.sys [158208] [MD5.09594D1089C523423B32A4229263F068] - (.Microsoft Corporation - MBT Transport driver.) (.2010-11-20 - 22:23:51.) -- C:\Windows\system32\Drivers\netBT.sys [261632] [MD5.1A29A59A4C5BA6F8C85062A613B7E2B2] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.2014-01-23 - 21:37:55.) -- C:\Windows\system32\Drivers\ntfs.sys [1684928] [MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Pilote de port parallèle.) (.2009-07-13 - 19:00:41.) -- C:\Windows\system32\Drivers\Parport.sys [97280] [MD5.471815800AE33E6F1C32FB1B97C490CA] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.2010-11-20 - 22:24:33.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [129536] [MD5.1B6163C503398B23FF8B939C67747683] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.2010-11-20 - 22:25:07.) -- C:\Windows\system32\Drivers\rdpdr.sys [165888] [MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.2009-07-13 - 19:09:09.) -- C:\Windows\system32\Drivers\smb.sys [93184] [MD5.70988118145F5F10EF24720B97F35F65] - (.Microsoft Corporation - TDI Translation Driver.) (.2014-11-10 - 20:46:26.) -- C:\Windows\system32\Drivers\tdx.sys [119296] [MD5.0D08D2F3B3FF84E433346669B5E0F639] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.2010-11-20 - 22:23:47.) -- C:\Windows\system32\Drivers\volsnap.sys [295808] ~ Generic Processes: Scanned in 00mn 00s ---\\ Etat des fichiers cachés (Caché/Total) ~ Mes images (My Pictures) : 2/947 ~ Mes musiques (My Musics) : 6/120 Mes Videos (My Videos) : 2/2 (Modified) ~ Mes Favoris (My Favorites) : 1/1001 ~ Mes Documents (My Documents) : 6/18439 ~ Mon Bureau (My Desktop) : 6/3538 ~ Menu demarrer (Programs) : 1/81 ~ Hidden Files: Scanned in 00mn 03s ---\\ Processus lancés [MD5.7D6E1809C844B1D2AA02B6DCF1950084] - (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe [31087200] [PID.2740] [MD5.B5E6433A4CBC10C019BD24452E79D054] - (.Dropbox, Inc. - Dropbox.) -- C:\Users\Eddy P\AppData\Roaming\Dropbox\bin\Dropbox.exe [42555824] [PID.1224] [MD5.1CCCAD1593C1FD46B46F9E705B4EEBF8] - (.Druide informatique inc. - AgentAntidote.) -- C:\Program Files (x86)\Druide\Antidote 7\Programmes32\agentantidote.exe [947712] [PID.1992] [MD5.067E46B329DC3E6D1A8E82F0769E5BF6] - (.Thought Communications, Inc. - FaxTalk CallControl.) -- C:\Program Files (x86)\FaxTalk\FTclctrl.exe [120672] [PID.3140] [MD5.44ADDA5FB88EE14F57A246285775AC2F] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\avastui.exe [5227112] [PID.3192] [MD5.6DEF3394D1EE006FAC1B4ABADC1D4793] - (.Oracle Corporation - Java Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [508800] [PID.3204] [MD5.0C04D13438560D24EA3A97BD7B26B5B7] - (.RaMMicHaeL - Unchecky Background Process.) -- C:\Program Files (x86)\Unchecky\bin\unchecky_bg.exe [402536] [PID.5868] [MD5.046CA262E8D521A1B050566E330B7178] - (.NVIDIA Corporation - NVIDIA GeForce Experience Backend.) -- C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2461504] [PID.5464] [MD5.11244837251AB1255A80DA14AEB45BD3] - (.Microsoft Corporation - Windows Live Mail.) -- C:\Program Files (x86)\Windows Live\Mail\wlmail.exe [102088] [PID.7072] [MD5.E8592697D55B515379F781FAF199C73A] - (.Pelmorex Media Inc. - Pas de description.) -- C:\Users\Eddy P\AppData\Local\MétéoMédia\weathereye.exe [310920] [PID.8920] [MD5.F79AAB172AC180C9BE0C7A8799B7F18B] - (.Google - Google Drive.) -- C:\Program Files (x86)\Google\Drive\googledrivesync.exe [23308256] [PID.8576] [MD5.A81733155A2172E9E1DDA9935E088554] - (.Magex Technologies - Proprio Expert.) -- C:\Program Files (x86)\Magex Technologies\Proprio Expert\ProprioExpert.exe [18014208] [PID.5416] [MD5.B9D6D7E6E5C4FCD8DD7F88EC9D563085] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [843592] [PID.9480] [MD5.105C276BB7B43501225C419B062096D0] - (.Apple Inc. - iCloud Photos.) -- C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [43816] [PID.4208] [MD5.04E66EE5570C1E8C838261BA36681B99] - (.Free Time - FormatFactory.) -- C:\Program Files (x86)\FreeTime\FormatFactory\FormatFactory.exe [5723464] [PID.5756] [MD5.363BC25BACB34E9D40441968B1B3D5BE] - (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\IEXPLORE.exe [815288] [PID.4572] [MD5.A6D3940CE894FA561EFE1A159B46FB74] - (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe [376944] [PID.3112] [MD5.E8B7FD67DA14A7BE57A5CB80E3139E60] - (.Google Inc. - Google Toolbar Broker.) -- C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe [309704] [PID.8880] [MD5.F82DEDD741643B437767BD93C241F8CB] - (.LastPass - LastPass Tray Icon.) -- C:\Users\Eddy P\AppData\LocalLow\LastPass\LastPassBroker.exe [11277880] [PID.7880] [MD5.1ADAB4A9071A474CAC06509EB901E820] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [8182784] [PID.10388] ~ Processes Running: Scanned in 00mn 00s ---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2) C:\Users\Eddy P\AppData\Local\Google\Chrome\User Data\Default\Preferences ---\\ Liste des dossiers d'extension Google Chrome ~ Google Lines Browser: 0 Legitimates Filtered in 00mn 01s ---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3) P2 - FPN: [HKCU] [@hola.org/vlc,version=1.6.861] - (...) -- (.not file.) P2 - FPN: [HKCU] [vitzo.com/VDownloader] - (.Vitzo - VDownloader browser plug-in.) -- C:\Program Files (x86)\VDownloader\Addons\npVDownloader.dll ~ Firefox Browser: 32 Legitimates Filtered in 00mn 00s ---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4) R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.cyberpresse.ca R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://google.com R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://google.com R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs,Tabs = http://google.com R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://google.com ~ IE Browser: 24 Legitimates Filtered in 00mn 00s ---\\ Internet Explorer, Proxy Management (R5) R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll R5 - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0 ~ Proxy management: Scanned in 00mn 00s ---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe, F2 - REG:system.ini: Shell=C:\Windows\explorer.exe F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe ~ Keys: Scanned in 00mn 00s ---\\ Hosts file redirection (O1) ~ Le fichier hôte est sain (The hosts file is clean) (61) ~ Hosts File: Scanned in 00mn 00s ---\\ Browser Helper Objects de navigateur (O2) O2 - BHO: (no name) [64Bits] - {42ad2408-abba-2408-1972-4706560e817b} Clé orpheline O2 - BHO: LastPass Vault [64Bits] - {95D9ECF5-2A4D-4550-BE49-70D42F71296E} . (.LastPass - LastPass Toolbar.) -- C:\Program Files (x86)\LastPass\LPToolbar.dll =>Toolbar.LastPass ~ BHO: 23 Legitimates Filtered in 00mn 00s ---\\ Internet Explorer Toolbars (O3) O3 - Toolbar: Google Toolbar - [HKLM]{2318C2B1-4965-11d4-9B18-009027A5CD4F} . (.Google Inc. - Google Toolbar.) -- C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll O3 - Toolbar\WebBrowser: (no name) - [HKCU]{21FA44EF-376D-4D53-9B0F-8A89D3229068} Clé orpheline O3 - Toolbar\WebBrowser: (no name) - [HKCU]{2318C2B1-4965-11D4-9B18-009027A5CD4F} Clé orpheline ~ Toolbar: Scanned in 00mn 00s ---\\ Autres liens utilisateurs (O4) O4 - GS\Desktop [Public]: Replay Media Catcher 6.lnk . (.Jaksta Technologies Pty Ltd - Replay Media Catcher 6.) -- C:\Program Files (x86)\Applian Technologies\Replay Media Catcher 6\jrmcp.exe =>PUP.ApplianTechnologies O4 - GS\TaskBar [Eddy P]: Replay Media Catcher 6.lnk . (.Jaksta Technologies Pty Ltd - Replay Media Catcher 6.) -- C:\Program Files (x86)\Applian Technologies\Replay Media Catcher 6\jrmcp.exe =>PUP.ApplianTechnologies O4 - GS\Desktop [Eddy P]: Replay Media Catcher 5.lnk . (.Jaksta Technologies Pty Ltd - Replay Media Catcher 5.) -- C:\Program Files (x86)\Applian Technologies\Replay Media Catcher 5\jrmcp.exe =>PUP.ApplianTechnologies ~ Global Startup: 3 Legitimates Filtered in 00mn 01s ---\\ Applications lancées au démarrage du système (O4) O4 - HKLM\..\Run: [iTunesHelper] . (.Apple Inc. - iTunesHelper.) -- C:\Program Files\iTunes\iTunesHelper.exe O4 - HKCU\..\Run: [WeatherEye] . (.Pelmorex Media Inc. - Pas de description.) -- C:\Users\Eddy P\AppData\Local\MétéoMédia\WeatherEye.exe O4 - HKCU\..\Run: [Rainlendar2] . (.Pas de propriétaire - Rainlendar2.) -- C:\Program Files\Rainlendar2\Rainlendar2.exe O4 - HKCU\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe =>.Skype Technologies S.A. O4 - HKCU\..\Run: [GoogleDriveSync] . (.Google - Google Drive.) -- C:\Program Files (x86)\Google\Drive\googledrivesync.exe O4 - HKCU\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [RESTART_STICKY_NOTES] . (.Microsoft Corporation - Pense-bête.) -- C:\Windows\System32\StikyNot.exe =>.Microsoft Corporation O4 - HKCU\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe =>.Microsoft Corporation O4 - HKCU\..\Run: [CCleaner Monitoring] . (.Piriform Ltd - CCleaner.) -- C:\Program Files\CCleaner\CCleaner64.exe =>.Piriform Ltd O4 - HKLM\..\Wow6432Node\Run: [agentantidote.exe] . (.Druide informatique inc. - AgentAntidote.) -- C:\Program Files (x86)\Druide\Antidote 7\Programmes32\agentantidote.exe O4 - HKLM\..\Wow6432Node\Run: [agentantidote64.exe] . (.Druide informatique inc. - AgentAntidote.) -- C:\Program Files (x86)\Druide\Antidote 7\Programmes64\agentantidote64.exe O4 - HKLM\..\Wow6432Node\Run: [FaxTalk Messenger Pro 8] . (.Thought Communications, Inc. - FaxTalk CallControl.) -- C:\Program Files (x86)\FaxTalk\FTClCtrl.exe O4 - HKLM\..\Wow6432Node\Run: [AvastUI.exe] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe O4 - HKLM\..\Wow6432Node\Run: [SunJavaUpdateSched] . (.Oracle Corporation - Java Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe =>.Oracle Corporation O4 - HKLM\..\Wow6432Node\Run: [Adobe Creative Cloud] . (.Adobe Systems Incorporated - Adobe Creative Cloud.) -- C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe O4 - HKUS\S-1-5-21-3648730043-149949118-2077670278-1001\..\Run: [WeatherEye] . (.Pelmorex Media Inc. - Pas de description.) -- C:\Users\Eddy P\AppData\Local\MétéoMédia\WeatherEye.exe O4 - HKUS\S-1-5-21-3648730043-149949118-2077670278-1001\..\Run: [Rainlendar2] . (.Pas de propriétaire - Rainlendar2.) -- C:\Program Files\Rainlendar2\Rainlendar2.exe O4 - HKUS\S-1-5-21-3648730043-149949118-2077670278-1001\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe =>.Skype Technologies S.A. O4 - HKUS\S-1-5-21-3648730043-149949118-2077670278-1001\..\Run: [GoogleDriveSync] . (.Google - Google Drive.) -- C:\Program Files (x86)\Google\Drive\googledrivesync.exe O4 - HKUS\S-1-5-21-3648730043-149949118-2077670278-1001\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKUS\S-1-5-21-3648730043-149949118-2077670278-1001\..\Run: [RESTART_STICKY_NOTES] . (.Microsoft Corporation - Pense-bête.) -- C:\Windows\System32\StikyNot.exe =>.Microsoft Corporation O4 - HKUS\S-1-5-21-3648730043-149949118-2077670278-1001\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe =>.Microsoft Corporation O4 - HKUS\S-1-5-21-3648730043-149949118-2077670278-1001\..\Run: [CCleaner Monitoring] . (.Piriform Ltd - CCleaner.) -- C:\Program Files\CCleaner\CCleaner64.exe =>.Piriform Ltd ~ Application: Scanned in 00mn 00s ---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9) O9 - Extra button: &Envoyer à OneNote [64Bits] - {2670000A-7350-4f3c-8081-5663EE0C6C49} . (.Microsoft Corporation - Microsoft OneNote Internet Explorer Add-in.) -- C:\PROGRA~3\MICROS~2\Office14\ONBttnIE.dll =>.Microsoft Corporation O9 - Extra button: Notes &liées OneNote [64Bits] - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} . (.Microsoft Corporation - Microsoft OneNote Internet Explorer Add-in.) -- C:\PROGRA~3\MICROS~2\Office14\ONBTTN~1.dll =>.Microsoft Corporation O9 - Extra button: Skype Click to Call settings [64Bits] - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} . (...) -- c:\program files (x86)\skype\toolbars\internet explorer x64\icon.ico ~ IE Extra Buttons: Scanned in 00mn 00s ---\\ Modification Domaine/Adresses DNS (O17) O17 - HKLM\System\CCS\Services\Tcpip\..\{55a0fd4e-023d-4a25-af1c-e29b7fffef0e}: DhcpNameServer = 192.168.2.1 O17 - HKLM\System\CCS\Services\Tcpip\..\{F9C3F04B-BEB4-4949-9A7E-A94279C84084}: DhcpNameServer = 192.168.2.1 192.168.2.1 O17 - HKLM\System\CCS\Services\Tcpip\..\{F9C3F04B-BEB4-4949-9A7E-A94279C84084}: DhcpDomain = no-domain-set.bellcanada O17 - HKLM\System\CS1\Services\Tcpip\..\{55a0fd4e-023d-4a25-af1c-e29b7fffef0e}: DhcpNameServer = 192.168.2.1 O17 - HKLM\System\CS1\Services\Tcpip\..\{F9C3F04B-BEB4-4949-9A7E-A94279C84084}: DhcpNameServer = 192.168.2.1 192.168.2.1 O17 - HKLM\System\CS1\Services\Tcpip\..\{F9C3F04B-BEB4-4949-9A7E-A94279C84084}: DhcpDomain = no-domain-set.bellcanada O17 - HKLM\System\CS2\Services\Tcpip\..\{55a0fd4e-023d-4a25-af1c-e29b7fffef0e}: DhcpNameServer = 192.168.2.1 O17 - HKLM\System\CS2\Services\Tcpip\..\{F9C3F04B-BEB4-4949-9A7E-A94279C84084}: DhcpNameServer = 192.168.2.1 192.168.2.1 O17 - HKLM\System\CS2\Services\Tcpip\..\{F9C3F04B-BEB4-4949-9A7E-A94279C84084}: DhcpDomain = no-domain-set.bellcanada O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 ~ Domain: Scanned in 00mn 00s ---\\ Protocole additionnel (O18) O18 - Handler: wlpg [64Bits] - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (...) -- O18 - Filter: video/x-flv [64Bits] - {20C75730-7C25-476B-95DC-C65810F9E489} . (.Advanced Micro Devices - MIME Video Detector for IE.) -- C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll ~ Protocole Additionnel: Scanned in 00mn 00s ---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20) O20 - Winlogon Notify: LBTWlgn . (.Logitech, Inc. - Logitech Bluetooth Service.) -- c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll ~ Winlogon: Scanned in 00mn 00s ---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20) O20 - AppInit_DLLs: . (.Jaksta Technologies Pty Ltd - Jaksta audio capture.) - C:\Windows\Jaksta\AC\x64\jaudcap.dll ~ AppInit DLL: Scanned in 00mn 00s ---\\ Liste des services NT non Microsoft et non désactivés (O23) O23 - Service: Foxit Cloud Safe Update Service (FoxitCloudUpdateService) . (.Foxit Software Inc. - Foxit Cloud Safe Update Service.) - C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe O23 - Service: HauppaugeTVServer (HauppaugeTVServer) . (.Hauppauge Computer Works - Hauppauge TV Server.) - C:\Program Files (x86)\WinTV\TVServer\HauppaugeTVServer.exe ~ Services: 29 Legitimates Filtered in 00mn 10s ---\\ Tâches planifiées en automatique (O39) O39 - APT: - (..) -- C:\Windows\System32\Tasks\Adobe Flash Player Updater [1002] O39 - APT: - (..) -- C:\Windows\Tasks\Defraggler Volume D Task.job [296] O39 - APT: - (..) -- C:\Windows\System32\Tasks\Defraggler Volume D Task [296] O39 - APT: - (..) -- C:\Windows\Tasks\GBM - GBM Backup all files-Full.job [410] O39 - APT: - (..) -- C:\Windows\System32\Tasks\GBM - GBM Backup all files-Full [410] O39 - APT: - (..) -- C:\Windows\Tasks\GBM - Weekly backup on F-Full.job [406] O39 - APT: - (..) -- C:\Windows\System32\Tasks\GBM - Weekly backup on F-Full [406] O39 - APT: - (..) -- C:\Windows\System32\Tasks\GlaryInitialize [326] O39 - APT: - (..) -- C:\Windows\System32\Tasks\Google Software Updater [1014] O39 - APT: - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore [1066] O39 - APT: - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA [1070] O39 - APT: - (..) -- C:\Windows\Tasks\Paragon Archive name Paragon Backup A-sur Disque D.job [904] O39 - APT: - (..) -- C:\Windows\System32\Tasks\Paragon Archive name Paragon Backup A-sur Disque D [904] O39 - APT: - (..) -- C:\Windows\Tasks\Paragon Archive name Paragon Backup A-sur DisqueZ.job [904] O39 - APT: - (..) -- C:\Windows\System32\Tasks\Paragon Archive name Paragon Backup A-sur DisqueZ [904] O39 - APT: - (..) -- C:\Windows\Tasks\Paragon Archive name Paragon Backup B-sur Disque D.job [904] O39 - APT: - (..) -- C:\Windows\System32\Tasks\Paragon Archive name Paragon Backup B-sur Disque D [904] O39 - APT: - (..) -- C:\Windows\Tasks\Paragon Archive name Paragon Backup B-sur Disque Z.job [904] O39 - APT: - (..) -- C:\Windows\System32\Tasks\Paragon Archive name Paragon Backup B-sur Disque Z [904] ~ Scheduled Task: 12 Legitimates Filtered in 00mn 00s ---\\ Pilotes lancés au démarrage du système (O41) O41 - Driver: (HWiNFO32) . (.REALiX(tm) - HWiNFO32 Kernel Driver.) - C:\Program Files (x86)\HWiNFO32\HWiNFO64A.sys O41 - Driver: (PSSDK42) . (.microOLAP Technologies LTD - PSSDK Driver Protocol v4.2 64bit.) - C:\Windows\system32\Drivers\pssdk42.sys O41 - Driver: (PSSDKLBF) . (.microOLAP Technologies LTD - PSSDK Driver LoopBack v4.2 64bit.) - C:\Windows\system32\Drivers\pssdklbf.sys O41 - Driver: (UimBus) . (...) - C:\Windows\System32\DRIVERS\UimBus.sys O41 - Driver: (Uim_DEVIM) . (...) - C:\Windows\System32\DRIVERS\uim_devim.sys O41 - Driver: (Uim_IM) . (...) - C:\Windows\System32\DRIVERS\uim_im.sys ~ Drivers: 123 Legitimates Filtered in 00mn 00s ---\\ Logiciels installés (O42) O42 - Logiciel: Beneton Movie GIF 1.1.2 - (.Beneton Software.) [HKLM][64Bits] -- Beneton Movie GIF_is1 O42 - Logiciel: Digital Video Repair 2.2.4.0 - (.Rising Research.) [HKLM][64Bits] -- DigitalVideoRepair_is1 O42 - Logiciel: OverPlay VPN - (.OverPlay.net, LP..) [HKCU][64Bits] -- 006adc251e9a903c O42 - Logiciel: PowerOff 1.3.0 - (...) [HKLM][64Bits] -- PowerOff_is1 O42 - Logiciel: SanDiskSecureAccess_Manager.exe - (.DMAILER.) [HKCU][64Bits] -- @@__UNKNOWN__@@SanDiskSecureAccess_Manager.exe O42 - Logiciel: V.92 PCI Voice Faxmodem - (...) [HKLM][64Bits] -- CXT10B4 ~ Logic: 38 Legitimates Filtered in 00mn 00s ---\\ HKCU & HKLM Software Keys [HKCU\Software\5a7db446] [HKCU\Software\APN PIP] [HKCU\Software\CC] [HKCU\Software\DebugNano] [HKCU\Software\MeadCo] [HKCU\Software\Preview] [HKCU\Software\Reg] [HKCU\Software\WezzaR] [HKCU\Software\Yetisoft] [HKCU\Software\nanocosmos] [HKCU\Software\undefined] [HKLM\Software\Wow6432Node\4e8] [HKLM\Software\Wow6432Node\AcroPano] [HKLM\Software\Wow6432Node\DebugNano] [HKLM\Software\Wow6432Node\Dynasoft] [HKLM\Software\Wow6432Node\MeadCo] [HKLM\Software\Wow6432Node\Reg] [HKLM\Software\Wow6432Node\WezzaR] ~ Key Software: 844 Legitimates Filtered in 00mn 00s ---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43) O43 - CFD: 2012-03-20 - 09:54:56 - [] ----D C:\Program Files (x86)\AcroPano O43 - CFD: 2014-10-31 - 07:58:21 - [] ----D C:\Program Files (x86)\Alerte Dolphin O43 - CFD: 2015-02-14 - 23:10:44 - [] ----D C:\Program Files (x86)\Any Video Recorder O43 - CFD: 2015-01-19 - 22:34:36 - [] ----D C:\Program Files (x86)\Beneton Movie GIF O43 - CFD: 2014-03-16 - 15:29:29 - [] ----D C:\Program Files (x86)\MEDIADICO O43 - CFD: 2012-05-07 - 10:44:02 - [] ----D C:\Program Files (x86)\PCsensor O43 - CFD: 2014-10-31 - 07:58:42 - [] ----D C:\Program Files (x86)\Portable O43 - CFD: 2014-10-31 - 07:58:42 - [] ----D C:\Program Files (x86)\PowerOff O43 - CFD: 2015-01-06 - 17:26:25 - [] ----D C:\Program Files (x86)\PrivateVPN O43 - CFD: 2013-12-06 - 01:57:37 - [0] ----D C:\Program Files (x86)\PSupport O43 - CFD: 2014-12-10 - 12:08:08 - [] ----D C:\Program Files (x86)\Repair File O43 - CFD: 2011-01-22 - 16:37:28 - [0] ----D C:\Program Files (x86)\Simple Shutdown Scheduler O43 - CFD: 2015-03-03 - 14:12:53 - [] ----D C:\ProgramData\Baidu O43 - CFD: 2015-01-25 - 16:00:45 - [] ----D C:\ProgramData\boost_interprocess O43 - CFD: 2014-10-31 - 07:58:49 - [] ----D C:\ProgramData\chmview O43 - CFD: 2014-10-31 - 07:58:49 - [] ----D C:\ProgramData\complexbackup O43 - CFD: 2014-10-31 - 07:58:49 - [] ----D C:\ProgramData\createpart O43 - CFD: 2015-02-20 - 14:27:53 - [] ----D C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7 O43 - CFD: 2014-10-31 - 07:58:49 - [] ----D C:\ProgramData\ftw O43 - CFD: 2014-10-31 - 07:58:52 - [] ----D C:\ProgramData\newbackup O43 - CFD: 2014-10-31 - 07:58:52 - [] ----D C:\ProgramData\newrestore O43 - CFD: 2014-10-31 - 07:58:52 - [] ----D C:\ProgramData\PCFaxTx O43 - CFD: 2014-10-31 - 07:58:52 - [] ----D C:\ProgramData\restore O43 - CFD: 2014-10-31 - 07:58:52 - [] ----D C:\ProgramData\rmbwizard O43 - CFD: 2014-10-31 - 07:58:52 - [] ----D C:\ProgramData\scripts O43 - CFD: 2014-10-31 - 07:58:53 - [] ----D C:\ProgramData\vmcreate O43 - CFD: 2014-12-02 - 16:25:00 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Active@ Boot Disk O43 - CFD: 2015-02-14 - 23:10:44 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Any Video Recorder O43 - CFD: 2014-10-31 - 07:58:52 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Beneton Movie GIF O43 - CFD: 2014-12-13 - 00:06:56 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud O43 - CFD: 2014-10-31 - 07:58:52 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outil de mise à jour Google O43 - CFD: 2014-10-31 - 07:58:52 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pilotes de scanneur ISIS O43 - CFD: 2014-10-31 - 07:58:52 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerOff O43 - CFD: 2011-04-12 - 04:28:08 - [0] R-H-D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablet PC O43 - CFD: 2014-09-23 - 14:07:20 - [] ----D C:\Users\Eddy P\AppData\Roaming\0F1L1I1P0H1L1E1E1F O43 - CFD: 2012-02-09 - 16:02:37 - [0] ----D C:\Users\Eddy P\AppData\Roaming\My Streaming Media O43 - CFD: 2014-10-31 - 07:59:11 - [] ----D C:\Users\Eddy P\AppData\Roaming\OverPlay.net, LP O43 - CFD: 2011-01-22 - 16:38:10 - [0] ----D C:\Users\Eddy P\AppData\Roaming\SimpleShutdownScheduler O43 - CFD: 2011-10-10 - 15:46:51 - [] ----D C:\Users\Eddy P\AppData\Roaming\T-App O43 - CFD: 2014-10-31 - 07:59:14 - [] ----D C:\Users\Eddy P\AppData\Roaming\WMBrowser O43 - CFD: 2014-10-31 - 07:59:14 - [] ----D C:\Users\Eddy P\AppData\Roaming\YoutubeToMp3Converter O43 - CFD: 2015-01-18 - 22:52:44 - [] ----D C:\Users\Eddy P\AppData\Local\Arun Programs O43 - CFD: 2015-01-19 - 14:08:31 - [] ----D C:\Users\Eddy P\AppData\Local\Created_By-___Arun_Yadav_ O43 - CFD: 2014-11-12 - 11:16:57 - [] -SH-D C:\Users\Eddy P\AppData\Local\EmieBrowserModeList O43 - CFD: 2011-08-16 - 13:13:03 - [] ----D C:\Users\Eddy P\AppData\Local\ICS O43 - CFD: 2014-10-31 - 07:59:04 - [] ----D C:\Users\Eddy P\AppData\Local\QuickStores O43 - CFD: 2011-01-22 - 16:38:10 - [0] ----D C:\Users\Eddy P\AppData\Local\SimpleShutdownScheduler O43 - CFD: 2011-08-16 - 13:13:45 - [] ----D C:\Users\Eddy P\AppData\Local\TheWeatherNetwork O43 - CFD: 2011-01-25 - 15:41:59 - [0] ----D C:\Users\Eddy P\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mead & Company O43 - CFD: 2014-10-31 - 07:59:11 - [] ----D C:\Users\Eddy P\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OverPlay.net, LP O43 - CFD: 2014-10-31 - 07:59:11 - [] ----D C:\Users\Eddy P\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PCradio O43 - CFD: 2015-02-06 - 14:36:30 - [0] ----D C:\Users\Eddy P\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Post in top O43 - CFD: 2011-07-11 - 15:05:58 - [0] ----D C:\Users\Eddy P\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TheWeatherNetwork ~ Program Folder: 615 Legitimates Filtered in 00mn 00s ---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44) O44 - LFC:[MD5.AC4319D9F19167D95E7A3B23EAA6ADCD] - 2015-02-18 - 16:11:02 ---A- . (...) -- C:\Windows\ODBC.INI [489] O44 - LFC:[MD5.72CA12E3AE533B262F488053FE07FA3C] - 2015-02-19 - 15:46:28 ---A- . (...) -- C:\Windows\BRRBCOM.INI [7891] O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 2015-03-03 - 04:00:03 ---A- . (...) -- C:\Windows\System32\LogMsg.txt [0] O44 - LFC:[MD5.2C0F45A8507015961F1DA0C12F3E198D] - 2015-03-03 - 04:00:03 ---A- . (...) -- C:\Windows\System32\LogVss.txt [82] O44 - LFC:[MD5.7737105E83875C5462EF02A225FE45BF] - 2015-03-03 - 04:00:04 -SHA- . (...) -- C:\EUMONBMP.SYS [476672] O44 - LFC:[MD5.6DFDFB74BB491F8B25ED57D9C96D33B7] - 2015-03-03 - 05:30:05 -SHA- . (...) -- C:\{7D5A1F84-0600-4EC2-B0D2-E98F5D021596}.CBM [480256] O44 - LFC:[MD5.0007B3CB74A0C6B156A0B303B4D1D10C] - 2015-03-03 - 05:30:05 -SHA- . (...) -- C:\{A3BFB902-31DF-49A1-9A7C-F74E10135DC0}.CBM [4096] O44 - LFC:[MD5.5DE4E580E49D4E01F0905E39C8399F85] - 2015-03-03 - 12:58:12 --HA- . (...) -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [26784] O44 - LFC:[MD5.5DE4E580E49D4E01F0905E39C8399F85] - 2015-03-03 - 12:58:12 --HA- . (...) -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [26784] ~ Files: 21 Legitimates Filtered in 00mn 01s ---\\ Contrôle du Safe Boot (CSB) (O49) O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\hitmanpro37.sys . (...) -- C:\Windows\System32\Drivers\hitmanpro37.sys (.not file.) O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\hitmanpro37.sys . (...) -- C:\Windows\System32\Drivers\hitmanpro37.sys (.not file.) ~ CSB: 15 Legitimates Filtered in 00mn 00s ---\\ Recherche d'infection sur les pilotes (HKLM)(TDSD) (O52) O52 - TDSD: \Drivers32\"VIDC.X264"="x264vfw64.dll" . (.x264vfw project - x264vfw - H.264/MPEG-4 AVC codec.) -- C:\Windows\System32\x264vfw64.dll ~ TDSD: 14 Legitimates Filtered in 00mn 00s ---\\ Enumération des clés de registre StartupReg (SMSR) (O53) O53 - SMSR:HKLM\...\startupreg\BitTorrent [Key] . (.BitTorrent Inc. - BitTorrent.) -- C:\Users\Eddy P\AppData\Roaming\BitTorrent\BitTorrent.exe =>P2P.BitTorrent O53 - SMSR:HKLM\...\startupreg\CanonSolutionMenu [Key] . (...) -- C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe (.not file.) O53 - SMSR:HKLM\...\startupreg\DriverMax [Key] . (...) -- C:\Program Files (x86)\Innovative Solutions\DriverMax\devices.exe (.not file.) O53 - SMSR:HKLM\...\startupreg\DriverMax_RESTART [Key] . (...) -- C:\Program Files (x86)\Innovative Solutions\DriverMax\devices.exe (.not file.) O53 - SMSR:HKLM\...\startupreg\HDD Regenerator [Key] . (...) -- C:\Program Files (x86)\HDD Regenerator\Shell.exe O53 - SMSR:HKLM\...\startupreg\hpqSRMon [Key] . (...) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe (.not file.) O53 - SMSR:HKLM\...\startupreg\ISUSPM Startup [Key] . (...) -- C:\PROGRA~3\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe (.not file.) O53 - SMSR:HKLM\...\startupreg\nmapp [Key] . (...) -- C:\Program Files (x86)\Pure Networks\Network Magic\nmapp.exe (.not file.) O53 - SMSR:HKLM\...\startupreg\nmctxth [Key] . (...) -- C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmctxth.exe (.not file.) O53 - SMSR:HKLM\...\startupreg\Samsung PanelMgr [Key] . (...) -- C:\Windows\Samsung\PanelMgr\SSMMgr.exe O53 - SMSR:HKLM\...\startupreg\Smart File Advisor [Key] . (...) -- C:\Program Files (x86)\Smart File Advisor\sfa.exe (.not file.) O53 - SMSR:HKLM\...\startupreg\zzzHPSETUP [Key] . (...) -- F:\Setup.exe (.not file.) =>.Nicolas Coolman ~ SMSR Keys: 84 Legitimates Filtered in 00mn 00s ---\\ Enumération des clés de registre PoliciesSystem (MWPS) (O55) O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0 O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0 ~ MWPS: 17 Legitimates Filtered in 00mn 00s ---\\ Liste des pilotes du système (SDL) (O58) O58 - SDL:2015-01-19 - 16:16:14 ---A- . (...) -- C:\Windows\System32\Drivers\aswHwid.sys [29208] =>.ALWIL Software O58 - SDL:2015-01-19 - 16:16:14 ---A- . (...) -- C:\Windows\System32\Drivers\aswRvrt.sys [65776] =>.ALWIL Software O58 - SDL:2015-01-19 - 16:16:14 ---A- . (...) -- C:\Windows\System32\Drivers\aswVmm.sys [267632] =>.ALWIL Software O58 - SDL:2011-08-08 - 13:13:12 ---A- . (.SysProgs.org - WinCDEmu virtual CDROM bus.) -- C:\Windows\System32\Drivers\BazisVirtualCDBus.sys [198480] O58 - SDL:2008-12-07 - 11:44:56 ---A- . (...) -- C:\Windows\System32\Drivers\btnetBus.sys [35848] O58 - SDL:2011-11-04 - 15:00:00 ---A- . (.www.winchiphead.com - WDM_64 for CH341 serial, by W.ch.) -- C:\Windows\System32\Drivers\CH341S64.SYS [58368] O58 - SDL:2009-07-13 - 20:47:48 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\System32\Drivers\elxstor.sys [530496] O58 - SDL:2011-03-06 - 18:26:12 ---A- . (.eMPIA Technology, Inc. - USB 28xx BDA Driver.) -- C:\Windows\System32\Drivers\emBDA64.sys [683136] O58 - SDL:2011-03-06 - 18:25:18 ---A- . (.eMPIA Technology, Inc. - USB 28xx BDA Lower filter.) -- C:\Windows\System32\Drivers\emOEM64.sys [1189504] O58 - SDL:2014-12-15 - 00:59:40 ---A- . (.CHENGDU YIWO Tech Development Co., Ltd - Disk Backup Driver.) -- C:\Windows\System32\Drivers\eubakup.sys [60968] O58 - SDL:2014-12-15 - 00:59:40 ---A- . (...) -- C:\Windows\System32\Drivers\EUBKMON.sys [48168] O58 - SDL:2014-12-15 - 00:59:40 ---A- . (.CHENGDU YIWO Tech Development Co., Ltd - Disk Access Driver.) -- C:\Windows\System32\Drivers\eudskacs.sys [18472] O58 - SDL:2014-12-15 - 00:59:40 ---A- . (.CHENGDU YIWO Tech Development Co., Ltd - Disk Backup Image Preview Driver.) -- C:\Windows\System32\Drivers\EuFdDisk.sys [192040] O58 - SDL:2010-09-20 - 07:28:42 ---A- . (.Hauppauge Computer Works, Inc - Cx418 Raptor Driver.) -- C:\Windows\System32\Drivers\hcw18bda.sys [912896] O58 - SDL:2009-06-10 - 15:31:59 ---A- . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\System32\Drivers\hcw85cir.sys [31232] O58 - SDL:2013-06-20 - 20:07:16 ---A- . (.AnchorFree Inc. - Hotspot Shield Routing Driver.) -- C:\Windows\System32\Drivers\hssdrv6.sys [46792] O58 - SDL:2014-12-08 - 21:58:34 ---A- . (.e2eSoft - Kernel mode WDM driver.) -- C:\Windows\System32\Drivers\jaksta_va.sys [103816] O58 - SDL:2007-05-11 - 17:29:18 ---A- . (...) -- C:\Windows\System32\Drivers\LVPr2M64.sys [30496] O58 - SDL:2013-02-28 - 20:49:12 ---A- . (.Riverbed Technology, Inc. - npf.sys (NT5/6 AMD64) Kernel Driver.) -- C:\Windows\System32\Drivers\npf.sys [36600] O58 - SDL:2010-09-01 - 03:30:58 ---A- . (.Secunia - Secunia PSI Driver.) -- C:\Windows\System32\Drivers\psi_mf.sys [17976] O58 - SDL:2015-02-14 - 16:08:38 ---A- . (.microOLAP Technologies LTD - PSSDK Driver Protocol v4.2 64bit.) -- C:\Windows\System32\Drivers\pssdk42.sys [53312] O58 - SDL:2015-02-14 - 16:08:38 ---A- . (.microOLAP Technologies LTD - PSSDK Driver LoopBack v4.2 64bit.) -- C:\Windows\System32\Drivers\pssdklbf.sys [65600] O58 - SDL:2014-11-19 - 14:59:00 ---A- . (.Audials AG - Filter Driver.) -- C:\Windows\System32\Drivers\RrNetCapFilterDriver.sys [24744] O58 - SDL:2012-11-10 - 01:00:08 ---A- . (.Duplex Secure Ltd. - SCSI Pass Through Direct Host.) -- C:\Windows\System32\Drivers\sptd.sys [564824] O58 - SDL:2009-07-13 - 20:45:55 ---A- . (.Promise Technology - Promise SuperTrak EX Series Driver for Windows.) -- C:\Windows\System32\Drivers\stexstor.sys [24656] O58 - SDL:2010-02-18 - 09:28:18 ---A- . (.The OpenVPN Project - TAP-Win32 Virtual Network Driver.) -- C:\Windows\System32\Drivers\tap0901.sys [31232] O58 - SDL:2013-06-20 - 20:09:46 ---A- . (.Anchorfree Inc. - Anchorfree HSS VPN Adapter.) -- C:\Windows\System32\Drivers\taphss6.sys [42184] O58 - SDL:2010-10-04 - 09:40:18 ---A- . (.Teruten Inc - File System Mini Filter Drvier.) -- C:\Windows\System32\Drivers\TFsExDisk.sys [16448] O58 - SDL:2014-09-14 - 23:56:44 ---A- . (...) -- C:\Windows\System32\Drivers\UimBus.sys [102664] O58 - SDL:2014-09-14 - 23:56:44 ---A- . (...) -- C:\Windows\System32\Drivers\UimFIO.sys [556552] O58 - SDL:2012-09-03 - 17:51:08 ---A- . (.Windows (R) 2000 DDK provider - Image Mounter SCSI Port Driver.) -- C:\Windows\System32\Drivers\uimx64.sys [90960] O58 - SDL:2014-09-14 - 23:56:44 ---A- . (...) -- C:\Windows\System32\Drivers\uim_devim.sys [25992] O58 - SDL:2014-09-14 - 23:56:44 ---A- . (...) -- C:\Windows\System32\Drivers\uim_im.sys [700680] O58 - SDL:2012-12-13 - 12:50:36 ---A- . (.Apple, Inc. - Apple Mobile Device USB Driver.) -- C:\Windows\System32\Drivers\usbaapl64.sys [54784] O58 - SDL:2013-02-25 - 03:12:08 ---A- . (.WinISO.com - WinISO Virtual CD Drive.) -- C:\Windows\System32\Drivers\WinisoCDBus.sys [204032] O58 - SDL:2013-09-04 - 11:25:12 ---A- . (.CHENGDU YIWO Tech Development Co., Ltd - EaseUS Todo Backup Application.) -- C:\Windows\System32\Drivers\xssflt.sys [87112] O58 - SDL:2014-11-18 - 14:39:06 ---A- . (...) -- C:\Windows\System32\epmntdrv.sys [18528] O58 - SDL:2014-11-18 - 14:39:06 ---A- . (...) -- C:\Windows\System32\EuGdiDrv.sys [10848] O58 - SDL:2012-08-20 - 09:48:50 ---A- . (...) -- C:\Windows\System32\pwdrvio.sys [19032] O58 - SDL:2012-08-20 - 09:48:48 ---A- . (...) -- C:\Windows\System32\pwdspio.sys [12384] O58 - SDL:2008-01-04 - 00:34:42 ----- . (...) -- C:\Windows\SysWOW64\drivers\AsInsHelp32.sys [10216] O58 - SDL:2008-01-04 - 00:34:48 ----- . (...) -- C:\Windows\SysWOW64\drivers\AsInsHelp64.sys [11832] O58 - SDL:2012-08-22 - 04:54:10 R--A- . (...) -- C:\Windows\SysWOW64\drivers\AsIO.sys [15232] O58 - SDL:2013-01-14 - 21:52:27 R--A- . (...) -- C:\Windows\SysWOW64\drivers\AsUpIO.sys [14464] O58 - SDL:2009-04-02 - 07:30:14 ---A- . (...) -- C:\Windows\SysWOW64\drivers\ASUSHWIO.SYS [10296] O58 - SDL:2004-11-02 - 03:24:02 ---A- . (.Pas de propriétaire - mtlmnt5 driver.) -- C:\Windows\SysWOW64\drivers\mtlmnt5.sys [229720] O58 - SDL:2004-11-02 - 03:17:28 ---A- . (.Pas de propriétaire - Data pump driver.) -- C:\Windows\SysWOW64\drivers\mtlstrm.sys [1396048] O58 - SDL:2004-11-02 - 03:26:38 ---A- . (.Pas de propriétaire - Recorder agent driver.) -- C:\Windows\SysWOW64\drivers\RecAgent.sys [14520] O58 - SDL:2004-11-02 - 03:27:02 ---A- . (.Pas de propriétaire - slnt7554 driver.) -- C:\Windows\SysWOW64\drivers\slnt7554.sys [224888] O58 - SDL:2004-11-02 - 03:19:02 ---A- . (.Pas de propriétaire - HAL driver.) -- C:\Windows\SysWOW64\drivers\slnthal.sys [100176] O58 - SDL:2004-11-02 - 03:07:52 ---A- . (.Pas de propriétaire - SlWdmSup driver.) -- C:\Windows\SysWOW64\drivers\slwdmsup.sys [13216] O58 - SDL:2007-10-25 - 17:26:10 ---A- . (...) -- C:\Windows\SysWOW64\drivers\StarOpen.sys [5632] O58 - SDL:2010-10-04 - 09:40:18 ---A- . (.Teruten Inc - File System Mini Filter Drvier.) -- C:\Windows\SysWOW64\drivers\TFsExDisk.Sys [16448] O58 - SDL:2014-11-18 - 14:39:08 ---A- . (...) -- C:\Windows\SysWOW64\epmntdrv.sys [14944] O58 - SDL:2014-11-18 - 14:39:08 ---A- . (...) -- C:\Windows\SysWOW64\EuGdiDrv.sys [10208] ~ Drivers: 179 Legitimates Filtered in 00mn 00s ---\\ Liste des outils de désinfection (LATC) (O63) O63 - Logiciel: UsbFix By El Desaparecido - (.El Desaparecido - www.usbfix.net.) [HKLM] -- Usbfix O63 - Logiciel: ZHPDiag 2015 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman ~ ADS: Scanned in 00mn 00s ---\\ Liste les services legacy du registre (LALS) (O64) O64 - Services: CurCS - 2015-01-19 - C:\Windows\system32\drivers\aswHwid.sys (aswHwid) .(...) - LEGACY_ASWHWID O64 - Services: CurCS - 2014-12-15 - C:\Windows\System32\drivers\EUBKMON.sys (EUBKMON) .(...) - LEGACY_EUBKMON O64 - Services: CurCS - 2014-12-15 - C:\Windows\system32\drivers\eudskacs.sys (EUDSKACS) .(.CHENGDU YIWO Tech Development Co., Ltd - Disk Access Driver.) - LEGACY_EUDSKACS O64 - Services: CurCS - 2014-12-15 - C:\Windows\system32\drivers\EuFdDisk.sys (EUFDDISK) .(.CHENGDU YIWO Tech Development Co., Ltd - Disk Backup Image Preview Driver.) - LEGACY_EUFDDISK O64 - Services: CurCS - 2009-06-10 - C:\Windows\System32\Drivers\secdrv.sys (secdrv) .(.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) - LEGACY_SECDRV O64 - Services: CurCS - 2013-02-25 - C:\Windows\System32\drivers\WinisoCDBus.sys (WinisoCDBus) .(.WinISO.com - WinISO Virtual CD Drive.) - LEGACY_WINISOCDBUS ~ Legacy: 126 Legitimates Filtered in 00mn 00s ---\\ Menu de démarrage Internet (SMI) (O68) O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Users\Eddy P\AppData\Local\Mozilla Firefox\firefox.exe O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe ~ Keys: Scanned in 00mn 00s ---\\ Recherche d'infection sur les navigateurs internet (SBI) (O69) O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (Bing) - http://www.bing.com O69 - SBI: SearchScopes [HKCU] {11BBB4F2-FEE7-49AC-A351-2CF01C2E82C4} - (Google) - http://www.google.com O69 - SBI: SearchScopes [HKCU] {91A72D8E-CD3C-46C1-943B-D894058EB207} - ((www.google.com) Google) - http://www.google.com ~ Keys: Scanned in 00mn 00s ---\\ Recherche particulière à la racine du système (SPRF) (O84) [MD5.3443667C697FB533C238EB528BDA9B0E] [SPRF][2015-03-03] (...) -- C:\Users\Eddy P\Desktop\Registre Adwcleaner-03-03-15-12.47 h.reg [553528702] [MD5.8F700DA1A1A75501D6EEF76BC866EB29] [SPRF][2011-01-11] (...) -- C:\Windows\Downloaded Program Files\LMIProxyHelper.exe [70984] [MD5.8F79F824B63626B4BD32016F61AB15ED] [SPRF][2011-03-21] (...) -- C:\Windows\Downloaded Program Files\RACtrl.dll [4097424] ~ Files: 13 Legitimates Filtered in 00mn 02s ---\\ Liste des exceptions du parefeu (FirewallRules) (O87) O87 - FAEL: "TCP Query User{C4F4DCEE-AE56-4ABF-92E3-FAC5EAC13A7C}C:\program files (x86)\bittorrent\bittorrent.exe" | In - Private - P6 - TRUE | .(.BitTorrent Inc. - BitTorrent.) -- C:\program files (x86)\bittorrent\bittorrent.exe =>P2P.BitTorrent O87 - FAEL: "UDP Query User{4776DD6E-90B2-4BC7-BD6F-F9D4ADC7C587}C:\program files (x86)\bittorrent\bittorrent.exe" | In - Private - P17 - TRUE | .(.BitTorrent Inc. - BitTorrent.) -- C:\program files (x86)\bittorrent\bittorrent.exe =>P2P.BitTorrent O87 - FAEL: "{53DED73A-0944-4560-BB8A-E5375C282A3E}" | In - None - P6 - TRUE | .(.BitTorrent Inc. - BitTorrent.) -- C:\Users\Eddy P\AppData\Roaming\BitTorrent\BitTorrent.exe =>P2P.BitTorrent O87 - FAEL: "{D782ECB5-0E70-4F35-BF7D-2351E7A90886}" | In - None - P17 - TRUE | .(.BitTorrent Inc. - BitTorrent.) -- C:\Users\Eddy P\AppData\Roaming\BitTorrent\BitTorrent.exe =>P2P.BitTorrent ~ Firewall: 4 Legitimates Filtered in 00mn 01s ---\\ Enumère les données de la clé NameSpace (MNS) (O92) O92 - MNS: Photos iCloud - {F0D63F85-37EC-4097-B30D-61B4A8917118} ~ MNS: 1 Legitimates Filtered in 00mn 00s ---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped) SS - | Demand 2010-03-18 113152 | (ACDaemon) . (.ArcSoft Inc..) - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe SS - | Disabled 2010-03-27 1054568 | (AcrSch2Svc) . (.Acronis.) - C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe SS - | Disabled 2015-02-07 267440 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe SS - | Disabled 2010-12-16 2480048 | (afcdpsrv) . (.Acronis.) - C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe SS - | Disabled 2009-03-27 16896 | (AgereModemAudio) . (.LSI Corporation.) - C:\Program Files\LSI SoftModem\agr64svc.exe SS - | Disabled 2013-04-29 361984 | (AMD FUEL Service) . (.Advanced Micro Devices, Inc..) - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe SS - | Demand 2013-09-25 282112 | (BrYNSvc) . (.Brother Industries, Ltd..) - C:\Program Files (x86)\Browny02\BrYNSvc.exe SS - | Disabled 2012-10-02 240584 | (DTSAudioSvc) . (.DTS, Inc.) - C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe SS - | Auto 2014-10-18 107912 | (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe SS - | Demand 2014-10-18 107912 | (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe SS - | Auto 2012-08-15 194032 | (gusvc) . (.Google.) - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe SS - | Disabled 2013-05-08 82144 | (hddrsrv) . (...) - C:\Program Files (x86)\HDD Regenerator\hrsrv.exe SS - | Disabled 2014-01-08 285795 | (HOSTS Anti-PUPs) . (...) - C:\Program Files (x86)\Hosts_Anti_Adwares_PUPs\HOSTS_Anti-Adware.exe SS - | Demand 2009-07-13 27136 | C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll (hpqcxs08) . (.Hewlett-Packard Co..) - C:\Windows\System32\svchost.exe SS - | Demand 2013-08-27 828376 | (Intel(R) Capability Licensing Service TCP IP Interface) . (.Intel(R) Corporation.) - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe SS - | Demand 2014-03-24 357144 | (LBTServ) . (.Logitech, Inc..) - C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe SS - | Disabled 2014-12-16 114800 | (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe SS - | Demand 2013-02-28 118520 | (rpcapd) . (.Riverbed Technology, Inc..) - C:\Program Files (x86)\WinPcap\rpcapd.exe SS - | Disabled 2010-12-21 987704 | (Secunia PSI Agent) . (.Secunia.) - C:\Program Files (x86)\Secunia\PSI\psia.exe SS - | Disabled 2010-12-21 399416 | (Secunia Update Agent) . (.Secunia.) - C:\Program Files (x86)\Secunia\PSI\sua.exe SS - | Auto 2015-01-02 315488 | (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files (x86)\Skype\Updater\Updater.exe SS - | Disabled 2012-01-18 450848 | (UMVPFSrv) . (.Logitech Inc..) - C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe SS - | Auto 1658-07-22 0 | (VMware NAT Service) . (.VMware, Inc..) - C:\Windows\system32\vmnat.exe SR - | Auto 2009-07-13 27136 | C:\Windows\SysWOW64\ACFXAU64.dll (AcfXAudioService) . (.Conexant Systems, Inc..) - C:\Windows\System32\svchost.exe SR - | Auto 2014-12-19 81088 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe SR - | Auto 2015-01-19 77128 | (Apple Mobile Device Service) . (.Apple Inc..) - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe SR - | Auto 2013-09-17 951936 | (asHmComSvc) . (.ASUSTeK Computer Inc..) - C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe SR - | Auto 2015-01-19 50344 | (avast! Antivirus) . (.AVAST Software.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe SR - | Demand 2015-01-19 4012248 | (AvastVBoxSvc) . (.Avast Software.) - C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe SR - | Auto 2011-08-30 462184 | (Bonjour Service) . (.Apple Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe SR - | Auto 2014-06-12 64624 | (CGVPNCliService) . (.CyberGhost S.R.L.) - C:\Program Files\CyberGhost 5\Service.exe SR - | Auto 2014-12-15 37416 | (EaseUS Agent) . (.CHENGDU YIWO Tech Development Co., Ltd.) - C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe SR - | Auto 2011-09-23 33120 | (FaxTalk Messenger Pro 8) . (.Thought Communications, Inc..) - C:\Program Files (x86)\FaxTalk\FTmsgsvc.exe SR - | Auto 2014-10-28 244448 | (FoxitCloudUpdateService) . (.Foxit Software Inc..) - C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe SR - | Auto 2014-11-13 108032 | (Freemake Improver) . (.Freemake.) - C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe SR - | Auto 2014-09-16 1149760 | (GfExperienceService) . (.NVIDIA Corporation.) - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe SR - | Auto 2014-02-04 582144 | (HauppaugeTVServer) . (.Hauppauge Computer Works.) - C:\Program Files (x86)\WinTV\TVServer\HauppaugeTVServer.exe SR - | Auto 2007-07-13 111912 | (hnmsvc) . (.SingleClick Systems.) - C:\Program Files (x86)\SingleClick Systems\HomeNet Manager\hnm_svc.exe SR - | Auto 2013-11-21 15720 | (IAStorDataMgrSvc) . (.Intel Corporation.) - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe SR - | Auto 2013-08-27 747520 | (Intel(R) Capability Licensing Service Interface) . (.Intel(R) Corporation.) - C:\Program Files\Intel\iCLS Client\HeciServer.exe SR - | Auto 2014-07-09 261896 | (Intel(R) PROSet Monitoring Service) . (.Intel Corporation.) - C:\Windows\system32\IProsetMonitor.exe SR - | Demand 2015-02-13 643880 | (iPod Service) . (.Apple Inc..) - C:\Program Files\iPod\bin\iPodService.exe SR - | Auto 2014-06-24 154584 | (jhi_service) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe SR - | Auto 2014-06-24 405976 | (LMS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe SR - | Auto 2014-10-15 2820424 | (MaConfigAgent) . (.CybelSoft.) - C:\Program Files\ma-config.com\MaConfigAgent.exe SR - | Auto 2014-09-16 1796928 | (NvNetworkService) . (.NVIDIA Corporation.) - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe SR - | Auto 2014-09-16 19440960 | (NvStreamSvc) . (.NVIDIA Corporation.) - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe SR - | Auto 2015-02-05 935056 | (nvsvc) . (.NVIDIA Corporation.) - C:\Windows\system32\nvvsvc.exe SR - | Auto 2015-02-05 410952 | (Stereo Service) . (.NVIDIA Corporation.) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe SR - | Auto 2014-11-28 5419792 | (TeamViewer) . (.TeamViewer GmbH.) - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe SR - | Auto 2015-01-20 126568 | (Unchecky) . (.RaMMicHaeL.) - C:\Program Files (x86)\Unchecky\bin\unchecky_svc.exe SR - | Auto 2009-07-13 27136 | C:\Program Files (x86)\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe SR - | Auto 1658-07-22 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe =>.Microsoft Corporation SR - | Auto 2009-07-13 27136 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe ~ Services: Scanned in 00mn 06s ---\\ Liste des émulateurs de CD/DVD (MBR Hook) O58 - SDL:2012-11-10 - 01:00:08 ---A- . (.Duplex Secure Ltd. - SCSI Pass Through Direct Host.) -- C:\Windows\System32\Drivers\sptd.sys [564824] ~ Emulateurs: Scanned in 00mn 06s ---\\ Scan Additionnel (O88) Database Version : 13008 - (2015-03-01) Clés trouvées (Keys found) : 3 Valeurs trouvées (Values found) : 3 Dossiers trouvés (Folders found) : 0 Fichiers trouvés (Files found) : 0 [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95D9ECF5-2A4D-4550-BE49-70D42F71296E}] =>Toolbar.LastPass^ [HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\BitTorrent] =>P2P.BitTorrent^ [HKCU\Software\APN PIP] =>Toolbar.Ask ~ Additionnel Scan: 552386 Items scanned in 00mn 45s ---\\ Informations complémentaires sur les modules ~ http://nicolascoolman.fr/r5-internet-explorer-proxy-management-iepm/ =>.Internet Explorer, Proxy Management (R5) ~ http://nicolascoolman.fr/o2-browser-helper-objects-de-navigateur/ =>.Browser Helper Objects de navigateur (O2) ~ http://nicolascoolman.fr/o3-internet-explorer-toolbars/ =>.Internet Explorer Toolbars (O3) ~ http://nicolascoolman.fr/o4-applications-demarrees-par-le-registre/ =>.Applications lancées au démarrage du système (O4) ~ AMI: 4 Legitimates Filtered in 00mn 00s ---\\ Récapitulatif des détections trouvées sur votre station http://nicolascoolman.fr/33962622-toolbar-lastpass =>Toolbar.LastPass http://www.nicolascoolman.fr/blog/ =>PUP.ApplianTechnologies http://nicolascoolman.fr/toolbar-ask =>Toolbar.Ask ~ MSI: 3 link(s) detected in 00mn 00s ~ 1851 Legitimates filtered by white list End of the scan (685 lines in 01mn 25s)(0.2)