Publicité
Publicité
Format du document : text/plain
Prévisualisation
~ Rapport de ZHPDiag v2013.10.18.49 - Nicolas Coolman (18/10/2013)
~ Lanc� par lolo (18/10/2013 21:56:55)
~ Adresse du Site Web http://nicolascoolman.webs.com
~ Forums gratuits d'Assistance � la d�sinfection : http://nicolascoolman.webs.com/apps/links/
~ Traduit par Nicolas Coolman
~ Etat de la version :
~ Liste blanche : Activ�e par le programme
~ El�vation des Privil�ges : OK
~ User Account Control (UAC): Activate by user
---\\ Navigateurs Internet
MSIE: Internet Explorer v9.0.8112.16421
MFIE: Mozilla Firefox 24.0 (Defaut)
---\\ Informations sur les produits Windows
~ Langage: Fran�ais
Windows Vista Home Premium Edition, 32-bit Service Pack 2 (Build 6002)
Windows Server License Manager Script : OK
~ Vista, OEM_SLP channel
System Locked Preinstallation (OEM_SLP) : OK
Windows ID Activation : OK
~ Windows Partial Key : MQ3CQ
Windows License : OK
Windows Automatic Updates : OK
---\\ Logiciels de protection du syst�me
avast! Free Antivirus v8.0.1489.0
Emsisoft Anti-Malware
---\\ Logiciels d'optimisation du syst�me
CCleaner v4.06 =>Piriform Ltd
---\\ Logiciels de partage PeerToPeer
---\\ Surveillance de Logiciels
Adobe Flash Player 11 ActiveX
Adobe Reader 8
---\\ Informations sur le syst�me
~ Processor: x86 Family 6 Model 23 Stepping 6, GenuineIntel
~ Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 3070 MB (42% free)
System Restore: Activ� (Enable)
System drive C: has 152 GB (68%) free of 221 GB
---\\ Mode de connexion au syst�me
~ Computer Name: PCDELOLO
~ User Name: lolo
~ All Users Names: lolo, Administrateur,
~ Unselected Option: O45,O61,O62,O65,O66,O80,O82,O89
Logged in as Administrator
---\\ Variables d'environnement
~ System Unit : C:\
~ %AppZHP% : C:\Users\lolo\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\lolo\AppData\Roaming\
~ %Desktop% : C:\Users\lolo\Desktop\
~ %Favorites% : C:\Users\lolo\Favorites\
~ %LocalAppData% : C:\Users\lolo\AppData\Local\
~ %StartMenu% : C:\Users\lolo\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\
---\\ Enum�ration des unit�s disques
C: Hard drive, Flash drive, Thumb drive (Free 152 Go of 221 Go)
D: Hard drive, Flash drive, Thumb drive (Free 149 Go of 149 Go)
E: CD-ROM drive (Free 0 Go of 2 Go)
---\\ Etat du Centre de S�curit� Windows
~ Security Center: 38 Legitimates Filtered in 00mn 00s
---\\ Recherche particuli�re de fichiers g�n�riques
[MD5.D07D4C3038F3578FFCE1C0237F2A1253] - (.Microsoft Corporation - Explorateur Windows.) (.11/04/2009 - 07:27:36.) -- C:\Windows\Explorer.exe [2926592]
[MD5.101BA3EA053480BB5D957EF37C06B5ED] - (.Microsoft Corporation - Application de d�marrage de Windows.) (.21/01/2008 - 03:23:42.) -- C:\Windows\System32\Wininit.exe [96768]
[MD5.C8ADAA6948993D839D14524847EA5B75] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.22/09/2013 - 11:13:22.) -- C:\Windows\System32\wininet.dll [1129472]
[MD5.898E7C06A350D4A1A64A9EA264D55452] - (.Microsoft Corporation - Application d'ouverture de session Windows.) (.11/04/2009 - 07:28:13.) -- C:\Windows\System32\Winlogon.exe [314368]
[MD5.3911B972B55FEA0478476B2E777B29FA] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.21/04/2011 - 14:58:27.) -- C:\Windows\system32\Drivers\AFD.sys [273408]
[MD5.2D9C903DC76A66813D350A562DE40ED9] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.21/01/2008 - 03:23:00.) -- C:\Windows\system32\Drivers\atapi.sys [21560]
[MD5.7ADD03E75BEB9E6DD102C3081D29840A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.21/01/2008 - 03:23:51.) -- C:\Windows\system32\Drivers\Cdfs.sys [70144]
[MD5.6B4BFFB9BECD728097024276430DB314] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.11/04/2009 - 05:39:17.) -- C:\Windows\system32\Drivers\Cdrom.sys [67072]
[MD5.622C41A07CA7E6DD91770F50D532CB6C] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.14/04/2011 - 15:59:03.) -- C:\Windows\system32\Drivers\DfsC.sys [75264]
[MD5.062452B7FFD68C8C042A6261FE8DFF4A] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.11/04/2009 - 05:42:42.) -- C:\Windows\system32\Drivers\HDAudBus.sys [561152]
[MD5.22D56C8184586B7A1F6FA60BE5F5A2BD] - (.Microsoft Corporation - Pilote de port i8042.) (.21/01/2008 - 03:23:20.) -- C:\Windows\system32\Drivers\i8042prt.sys [54784]
[MD5.8793643A67B42CEC66490B2A0CF92D68] - (.Microsoft Corporation - IP Network Address Translator.) (.21/01/2008 - 03:24:25.) -- C:\Windows\system32\Drivers\IpNat.sys [100864]
[MD5.1E94971C4B446AB2290DEB71D01CF0C2] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.29/04/2011 - 14:24:40.) -- C:\Windows\system32\Drivers\MRxSmb.sys [106496]
[MD5.ECD64230A59CBD93C85F1CD1CAB9F3F6] - (.Microsoft Corporation - MBT Transport driver.) (.11/04/2009 - 05:45:37.) -- C:\Windows\system32\Drivers\netBT.sys [185856]
[MD5.2C1121F2B87E9A6B12485DF53CD848C7] - (.Microsoft Corporation - Pilote du syst�me de fichiers NT.) (.03/03/2013 - 20:07:52.) -- C:\Windows\system32\Drivers\ntfs.sys [1082232]
[MD5.0FA9B5055484649D63C303FE404E5F4D] - (.Microsoft Corporation - Pilote de port parall�le.) (.02/11/2006 - 09:51:30.) -- C:\Windows\system32\Drivers\Parport.sys [79360]
[MD5.A214ADBAF4CB47DD2728859EF31F26B0] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.21/01/2008 - 03:24:55.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [76288]
[MD5.FBC0BACD9C3D7F6956853F64A66E252D] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.21/01/2008 - 03:23:01.) -- C:\Windows\system32\Drivers\rdpdr.sys [248832]
[MD5.7B75299A4D201D6A6533603D6914AB04] - (.Microsoft Corporation - SMB Transport driver.) (.11/04/2009 - 05:45:22.) -- C:\Windows\system32\Drivers\smb.sys [66560]
[MD5.76B06EB8A01FC8624D699E7045303E54] - (.Microsoft Corporation - TDI Translation Driver.) (.11/04/2009 - 05:45:56.) -- C:\Windows\system32\Drivers\tdx.sys [72192]
[MD5.786DB5771F05EF300390399F626BF30A] - (.Microsoft Corporation - Pilote de clich� instantan� du volume.) (.21/08/2012 - 12:47:42.) -- C:\Windows\system32\Drivers\volsnap.sys [224640]
~ Generic Processes: Scanned in 00mn 07s
---\\ Etat des fichiers cach�s (Cach�/Total)
~ Mes images (My Pictures) : 1/2055
~ Mes musiques (My Musics) : 1/102
~ Mes Videos (My Videos) : 1/2
~ Mes Favoris (My Favorites) : 1/46
~ Mes Documents (My Documents) : 1/65
~ Mon Bureau (My Desktop) : 1/13
~ Menu demarrer (Programs) : 1/27
~ Hidden Files: Scanned in 00mn 03s
---\\ Processus lanc�s
[MD5.F21A8FB31B15860C4F6021960CF723A8] - (.Synaptics, Inc. - Synaptics TouchPad Enhancements.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1041704] [PID.3568]
[MD5.3F11B20D12D89365D7721BDC860CE5F0] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe [4858968] [PID.3576]
[MD5.50772C721FE88F4248F9F52AB2219B0F] - (.Synaptics, Inc. - Synaptics Pointing Device Helper.) -- C:\Program Files\Synaptics\SynTP\SynTPHelper.exe [95528] [PID.2704]
[MD5.0D392EDE3B97E0B3131B2F63EF1DB94E] - (.Microsoft Corporation - Windows Defender User Interface.) -- C:\Program Files\Windows Defender\MSASCui.exe [1008184] [PID.3760]
[MD5.6080A176D09435FC8E6E800996656E18] - (.Microsoft Corporation - Console IME.) -- C:\Windows\system32\conime.exe [69120] [PID.2496]
[MD5.DE9BFC32E0422B40C515634A08D73D59] - (...) -- C:\Program Files\BrytonBridge2\BrytonBridge2.exe [1336320] [PID.552]
[MD5.A9182CE59CFC56F9C1DDE8B3C0AE8378] - (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe [274840] [PID.3020]
[MD5.3DEBC4F06BA637D7EE7BB1A69AC79052] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [8102912] [PID.2852]
[MD5.D25A01AC95B7210260793CB80CE10B38] - (.Emsisoft GmbH - Emsisoft Anti-Malware Service.) -- C:\Program Files\Emsisoft Anti-Malware\a2service.exe [4153784] [PID.1020]
[MD5.8FEB268CAE12E43538422312FD96B32F] - (.ATI Technologies Inc. - ATI External Event Utility EXE Module.) -- C:\Windows\system32\Ati2evxx.exe [692224] [PID.1332]
[MD5.862BB4CBC05D80C5B45BE430E5EF872F] - (.Microsoft Corporation - Service de gestion des licences Microsoft.) -- C:\Windows\system32\SLsvc.exe [3408896] [PID.1556]
[MD5.28D6701C710AD7BA3CB95E75F8F1A9AA] - (.AVAST Software - avast! Service.) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [46808] [PID.364]
[MD5.6C8B36BE3BFCCD98D5898607396BA4FE] - (.Aladdin Knowledge Systems Ltd. - Aladdin HASP License Manager Service.) -- C:\Windows\system32\hasplms.exe [1757696] [PID.2756]
[MD5.7B96206E4BDD2FE582F0DBC46F5F410E] - (.Intel Corporation - RAID Monitor.) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe [354840] [PID.2776]
[MD5.875E4E0661F3A5994DF9E5E3A0A4F96B] - (.Prolific Technology Inc. - PLFlash DeviceIoControl Service.) -- C:\Windows\system32\IoctlSvc.exe [81920] [PID.2912]
[MD5.5A0C788C5BC5F2C993CB60940ADCF95E] - (.X10 - X10 Module.) -- C:\Program Files\Common Files\X10\Common\X10nets.exe [20480] [PID.3116]
[MD5.A8C2746994605DF30CD373CC8C2D257E] - (...) -- C:\Program Files\BrytonBridge2\BBService.exe [68096] [PID.3356]
[MD5.23EA87FF1F9F9C36B11130AE13CDF6DA] - (...) -- C:\Program Files\BrytonBridge2\BBDaemon.exe [1273344] [PID.3240]
[MD5.97D9D6A04E3AD9B6C626B9931DB78DBA] - (.Microsoft Corporation - Programme d�installation de modules Windows.) -- C:\Windows\servicing\TrustedInstaller.exe [39424] [PID.1828]
~ Processes Running: Scanned in 00mn 14s
---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
C:\Users\lolo\AppData\Roaming\Mozilla\Firefox\Profiles\58j53c27.default\prefs.js
~ Firefox Browser: 6 Legitimates Filtered in 00mn 00s
---\\ Internet Explorer, D�marrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R3 - URLSearchHook: (no name) - {26842a09-ffa8-4e2c-ae12-0c80f01c3295} . (...) (No version) -- (.not file.)
R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (...) (No version) -- (.not file.)
~ IE Browser: 11 Legitimates Filtered in 00mn 00s
---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s
---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"
~ Keys: Scanned in 00mn 00s
---\\ Hosts file redirection (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 20
---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: (no name) - {1e91a655-bb4b-4693-a05e-2edebc4c9d89} Cl� orpheline
O2 - BHO: (no name) - {71c1d63a-c944-428a-a5bd-ba513190e5d2} Cl� orpheline
~ BHO: 6 Legitimates Filtered in 00mn 00s
---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: avast! WebRep - [HKLM]{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} . (.AVAST Software - IE Webrep plugin.) -- C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{2318C2B1-4965-11D4-9B18-009027A5CD4F} Cl� orpheline
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{F2CF5485-4E02-4F68-819C-B92DE9277049} Cl� orpheline
~ Toolbar: Scanned in 00mn 00s
---\\ Autres liens utilisateurs (O4)
O4 - GS\Desktop [Public]: BrytonBridge2.lnk . (...) -- C:\Program Files\BrytonBridge2\BrytonBridge2.exe
O4 - GS\Desktop [Public]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O4 - GS\Program [Public]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O4 - GS\QuickLaunch [lolo]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O4 - GS\Program [lolo]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\Program [lolo]: Webplayer.lnk . (...) -- C:\Users\lolo\AppData\Roaming\Microsoft\Installer\{9937E55B-6331-4804-93EF-77E992F204BD}\_3F7CDAE07E1639C4AEA7A8.exe
O4 - GS\SystemTools [lolo]: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\Desktop [lolo]: Connexion - Raccourci.lnk - Cl� orpheline
~ Global Startup: 52 Legitimates Filtered in 00mn 04s
---\\ Applications lanc�es au d�marrage du syt�me (O4)
O4 - GS\Startup [Public]: BrytonBridge2.lnk . (...) -- C:\Program Files\BrytonBridge2\BrytonBridge2.exe
O4 - HKLM\..\Run: [SynTPEnh] . (.Synaptics, Inc. - Synaptics TouchPad Enhancements.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [avast] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\Alwil Software\Avast5\avastUI.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] Cl� orpheline
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\Run: [WindowsWelcomeCenter] Cl� orpheline
~ Application: Scanned in 00mn 00s
---\\ Boutons situ�s sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: &Envoyer � OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} . (.Microsoft Corporation - Microsoft Office OneNote Internet Explorer Add-in.) -- C:\Program Files\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (...) -- C:\Program Files\Microsoft Office\Office12\REFBARH.ICO
~ IE Extra Buttons: Scanned in 00mn 00s
---\\ Objets ActiveX (Downloaded Program Files)(O16)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} ((no name)) - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
~ Objets ActiveX: Scanned in 00mn 00s
---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{1DF0AB42-A049-4984-837D-20D935ECF8F6}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{371A0226-918A-41D5-9CE4-4E4BF6CDA6F3}: DhcpNameServer = 192.168.0.254
O17 - HKLM\System\CS1\Services\Tcpip\..\{1DF0AB42-A049-4984-837D-20D935ECF8F6}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{371A0226-918A-41D5-9CE4-4E4BF6CDA6F3}: DhcpNameServer = 192.168.0.254
O17 - HKLM\System\CS2\Services\Tcpip\..\{1DF0AB42-A049-4984-837D-20D935ECF8F6}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{371A0226-918A-41D5-9CE4-4E4BF6CDA6F3}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS3\Services\Tcpip\..\{1DF0AB42-A049-4984-837D-20D935ECF8F6}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS3\Services\Tcpip\..\{371A0226-918A-41D5-9CE4-4E4BF6CDA6F3}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.254
~ Domain: Scanned in 00mn 00s
---\\ Protocole additionnel (O18)
O18 - Handler: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\system32\mshtml.dll =>.Microsoft Corporation
O18 - Filter: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s
---\\ Valeur de Registre AppInit_DLLs et sous-cl�s Winlogon Notify (autorun) (O20)
O20 - AppInit_DLLs: . (...) - C:\Program Files\bitguard\261694~1.246\{c16c1~1\bitguard.dll (.not file.) =>PUP.BitGuard
~ AppInit DLL: Scanned in 00mn 00s
---\\ Cl� de Registre autorun SharedTaskScheduler (STS) (O22)
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Biblioth�que de l'interface utilisateur du.) -- C:\Windows\System32\browseui.dll
~ STS/SSO: Scanned in 00mn 00s
---\\ Liste des services NT non Microsoft et non d�sactiv�s (O23)
O23 - Service: Bryton Bridge Service (BBService) . (...) - C:\Program Files\BrytonBridge2\BBService.exe
O23 - Service: X10 Device Network Service (x10nets) . (.X10 - X10 Module.) - C:\Program Files\Common Files\X10\Common\X10nets.exe
~ Services: 10 Legitimates Filtered in 00mn 26s
---\\ Pilotes lanc�s au d�marrage du syst�me (O41)
O41 - Driver: (Vsdatant) . (. - .) - C:\Windows\System32\DRIVERS\vsdatant.sys (.not file.)
~ Drivers: 82 Legitimates Filtered in 00mn 03s
---\\ Logiciels install�s (O42)
O42 - Logiciel: BrytonBridge2 - (.BrytonSport, Inc..) [HKLM] -- {BA8123A4-34B4-44B8-B8E1-D36F0D0259C9}_is1
~ Logic: 75 Legitimates Filtered in 00mn 01s
---\\ HKCU & HKLM Software Keys
[HKCU\Software\Seagull Scientific]
[HKCU\Software\Seagull]
[HKCU\Software\TEC]
[HKLM\Software\PCTools]
[HKLM\Software\Seagull Scientific]
~ Key Software: 152 Legitimates Filtered in 00mn 01s
---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 17/10/2013 - 23:21:30 - [0] ----D C:\Program Files\BrytonBridge
O43 - CFD: 17/10/2013 - 23:29:46 - [56,043] ----D C:\Program Files\BrytonBridge2
O43 - CFD: 11/10/2012 - 18:33:45 - [0] ----D C:\Program Files\GUM15D1.tmp
O43 - CFD: 06/02/2013 - 09:44:43 - [0] ----D C:\Program Files\GUM7290.tmp
O43 - CFD: 06/07/2009 - 17:33:35 - [0,145] ----D C:\Program Files\STK017_V2.03
O43 - CFD: 10/11/2010 - 18:36:23 - [0,527] ----D C:\Program Files\TKI
O43 - CFD: 17/10/2013 - 23:12:52 - [55,967] ----D C:\ProgramData\BrytonBridge
O43 - CFD: 10/11/2010 - 18:36:23 - [0,011] ----D C:\ProgramData\IMPULS
O43 - CFD: 17/11/2010 - 15:19:05 - [0,010] ----D C:\ProgramData\Seagull
O43 - CFD: 22/05/2013 - 17:02:57 - [0] ----D C:\ProgramData\? ? ?????????????????????????
O43 - CFD: 05/06/2013 - 09:54:25 - [0] ----D C:\ProgramData\?!?!?????????????????????????
O43 - CFD: 03/04/2013 - 07:59:33 - [0] ----D C:\ProgramData\?#?#?????????????????????????
O43 - CFD: 15/05/2013 - 14:43:00 - [0] ----D C:\ProgramData\?&?&?????????????????????????
O43 - CFD: 05/08/2013 - 16:59:13 - [0] ----D C:\ProgramData\?(?(?????????????????????????
O43 - CFD: 22/05/2013 - 10:04:51 - [0] ----D C:\ProgramData\?+?+?????????????????????????
O43 - CFD: 07/10/2013 - 19:21:34 - [0] ----D C:\ProgramData\?,?,?????????????????????????
O43 - CFD: 03/05/2013 - 14:22:02 - [0] ----D C:\ProgramData\?-?-?????????????????????????
O43 - CFD: 19/05/2013 - 14:55:09 - [0] ----D C:\ProgramData\?0?0?????????????????????????
O43 - CFD: 18/03/2013 - 12:41:17 - [0] ----D C:\ProgramData\?1?1?????????????????????????
O43 - CFD: 11/03/2013 - 12:47:18 - [0] ----D C:\ProgramData\?2?2?????????????????????????
O43 - CFD: 08/07/2013 - 13:40:28 - [0] ----D C:\ProgramData\?3?3?????????????????????????
O43 - CFD: 04/10/2013 - 12:40:17 - [0] ----D C:\ProgramData\?6?6?????????????????????????
O43 - CFD: 15/08/2013 - 09:33:19 - [0] ----D C:\ProgramData\?9?9?????????????????????????
O43 - CFD: 21/06/2013 - 13:02:10 - [0] ----D C:\ProgramData\?=?=?????????????????????????
O43 - CFD: 06/05/2013 - 19:38:26 - [0] ----D C:\ProgramData\?@?@?????????????????????????
O43 - CFD: 19/04/2013 - 08:09:00 - [0] ----D C:\ProgramData\?D?D?????????????????????????
O43 - CFD: 01/04/2013 - 20:47:41 - [0] ----D C:\ProgramData\?F?F?????????????????????????
O43 - CFD: 25/06/2013 - 19:02:09 - [0] ----D C:\ProgramData\?I?I?????????????????????????
O43 - CFD: 14/08/2013 - 16:27:48 - [0] ----D C:\ProgramData\?m?m?????????????????????????
O43 - CFD: 06/08/2013 - 16:27:54 - [0] ----D C:\ProgramData\?o?o?????????????????????????
O43 - CFD: 15/07/2013 - 20:08:11 - [0] ----D C:\ProgramData\?q?q?????????????????????????
O43 - CFD: 21/09/2013 - 11:23:41 - [0] ----D C:\ProgramData\?T?T?????????????????????????
O43 - CFD: 23/03/2013 - 10:10:53 - [0] ----D C:\ProgramData\?v?v?????????????????????????
O43 - CFD: 24/07/2013 - 15:36:00 - [0] ----D C:\ProgramData\?w?w?????????????????????????
O43 - CFD: 04/09/2013 - 19:20:53 - [0] ----D C:\ProgramData\?x?x?????????????????????????
O43 - CFD: 31/07/2013 - 11:02:07 - [0] ----D C:\ProgramData\?{?{?????????????????????????
O43 - CFD: 30/09/2013 - 19:23:10 - [0] ----D C:\ProgramData\?~?~?????????????????????????
O43 - CFD: 04/08/2013 - 12:29:40 - [0] ----D C:\ProgramData\???????????????????????????
O43 - CFD: 11/04/2013 - 19:04:48 - [0] ----D C:\ProgramData\?????????????????????????????
O43 - CFD: 21/05/2013 - 20:22:20 - [0] ----D C:\ProgramData\?????????????????????????????
O43 - CFD: 08/05/2013 - 11:04:30 - [0] ----D C:\ProgramData\?????????????????????????????
O43 - CFD: 25/05/2013 - 20:47:26 - [0] ----D C:\ProgramData\?????????????????????????????
O43 - CFD: 17/08/2013 - 19:50:52 - [0] ----D C:\ProgramData\?????????????????????????????
O43 - CFD: 25/05/2013 - 17:32:01 - [0] ----D C:\ProgramData\?????????????????????????????
O43 - CFD: 25/03/2013 - 19:50:56 - [0] ----D C:\ProgramData\?????????????????????????????
O43 - CFD: 25/05/2013 - 19:38:17 - [0] ----D C:\ProgramData\?????????????????????????????
O43 - CFD: 24/03/2013 - 13:51:15 - [0] ----D C:\ProgramData\?????????????????????????????
O43 - CFD: 12/06/2013 - 20:08:13 - [0] ----D C:\ProgramData\?�?�?????????????????????????
O43 - CFD: 20/03/2013 - 19:25:58 - [0] ----D C:\ProgramData\?�?�?????????????????????????
O43 - CFD: 22/03/2013 - 15:06:35 - [0] ----D C:\ProgramData\?????????????????????????????
O43 - CFD: 22/04/2013 - 13:49:33 - [0] ----D C:\ProgramData\?????????????????????????????
O43 - CFD: 07/08/2013 - 11:05:56 - [0] ----D C:\ProgramData\?????????????????????????????
O43 - CFD: 22/03/2013 - 14:46:12 - [0] ----D C:\ProgramData\?????????????????????????????
O43 - CFD: 20/04/2013 - 10:52:31 - [0] ----D C:\ProgramData\?????????????????????????????
O43 - CFD: 07/07/2013 - 14:12:08 - [0] ----D C:\ProgramData\?????????????????????????????
O43 - CFD: 28/05/2013 - 12:29:33 - [0] ----D C:\ProgramData\?????????????????????????????
O43 - CFD: 08/09/2013 - 20:27:37 - [0] ----D C:\ProgramData\?�?�?????????????????????????
O43 - CFD: 29/09/2013 - 12:31:15 - [0] ----D C:\ProgramData\?�?�?????????????????????????
O43 - CFD: 28/03/2013 - 14:31:18 - [0] ----D C:\ProgramData\?�?�?????????????????????????
O43 - CFD: 13/03/2013 - 15:14:02 - [0] ----D C:\ProgramData\?�?�?????????????????????????
O43 - CFD: 30/03/2013 - 18:31:35 - [0] ----D C:\ProgramData\?�?�?????????????????????????
O43 - CFD: 11/10/2013 - 16:14:27 - [0] ----D C:\ProgramData\?�?�?????????????????????????
O43 - CFD: 28/09/2013 - 21:31:26 - [0] ----D C:\ProgramData\?�?�?????????????????????????
O43 - CFD: 16/04/2013 - 20:59:48 - [0] ----D C:\ProgramData\?�?�?????????????????????????
O43 - CFD: 29/04/2013 - 20:49:29 - [0] ----D C:\ProgramData\?�?�?????????????????????????
O43 - CFD: 22/04/2013 - 16:13:23 - [0] ----D C:\ProgramData\?�?�?????????????????????????
O43 - CFD: 26/06/2013 - 13:27:10 - [0] ----D C:\ProgramData\?�?�?????????????????????????
O43 - CFD: 12/06/2013 - 21:30:07 - [0] ----D C:\ProgramData\?�?�?????????????????????????
O43 - CFD: 06/08/2013 - 19:32:12 - [0] ----D C:\ProgramData\?�?�?????????????????????????
O43 - CFD: 11/04/2013 - 17:54:48 - [0] ----D C:\ProgramData\?�?�?????????????????????????
O43 - CFD: 12/08/2013 - 09:44:08 - [0] ----D C:\ProgramData\?�?�?????????????????????????
O43 - CFD: 28/07/2013 - 09:22:22 - [0] ----D C:\ProgramData\?�?�?????????????????????????
O43 - CFD: 18/03/2013 - 11:44:44 - [0] ----D C:\ProgramData\?�?�?????????????????????????
O43 - CFD: 16/05/2013 - 17:23:36 - [0] ----D C:\ProgramData\?�?�?????????????????????????
O43 - CFD: 17/03/2013 - 13:41:52 - [0] ----D C:\ProgramData\?�?�?????????????????????????
O43 - CFD: 15/09/2013 - 13:17:50 - [0] ----D C:\ProgramData\?�?�?????????????????????????
O43 - CFD: 13/03/2013 - 17:49:45 - [0] ----D C:\ProgramData\?�?�?????????????????????????
O43 - CFD: 20/09/2013 - 17:26:55 - [0] ----D C:\ProgramData\?A?A?????????????????????????
O43 - CFD: 24/04/2013 - 13:24:52 - [0] ----D C:\ProgramData\?a?a?????????????????????????
O43 - CFD: 03/05/2013 - 10:35:39 - [0] ----D C:\ProgramData\?a?a?????????????????????????
O43 - CFD: 27/04/2013 - 18:21:05 - [0] ----D C:\ProgramData\?c?c?????????????????????????
O43 - CFD: 04/08/2013 - 15:52:01 - [0] ----D C:\ProgramData\?c?c?????????????????????????
O43 - CFD: 01/06/2013 - 21:27:48 - [0] ----D C:\ProgramData\?c?c?????????????????????????
O43 - CFD: 28/04/2013 - 17:17:42 - [0] ----D C:\ProgramData\?d?d?????????????????????????
O43 - CFD: 24/05/2013 - 13:11:17 - [0] ----D C:\ProgramData\?d?d?????????????????????????
O43 - CFD: 26/04/2013 - 10:37:32 - [0] ----D C:\ProgramData\?e?e?????????????????????????
O43 - CFD: 18/09/2013 - 16:39:00 - [0] ----D C:\ProgramData\?E?E?????????????????????????
O43 - CFD: 13/09/2013 - 12:39:35 - [0] ----D C:\ProgramData\?e?e?????????????????????????
O43 - CFD: 04/04/2013 - 17:08:50 - [0] ----D C:\ProgramData\?E?E?????????????????????????
O43 - CFD: 04/06/2013 - 13:48:59 - [0] ----D C:\ProgramData\?E?E?????????????????????????
O43 - CFD: 29/03/2013 - 16:44:12 - [0] ----D C:\ProgramData\?g?g?????????????????????????
O43 - CFD: 03/05/2013 - 20:54:42 - [0] ----D C:\ProgramData\?G?G?????????????????????????
O43 - CFD: 30/07/2013 - 19:16:30 - [0] ----D C:\ProgramData\?g?g?????????????????????????
O43 - CFD: 11/08/2013 - 21:00:19 - [0] ----D C:\ProgramData\?I?I?????????????????????????
O43 - CFD: 05/04/2013 - 13:31:37 - [0] ----D C:\ProgramData\?i?i?????????????????????????
O43 - CFD: 21/09/2013 - 14:29:34 - [0] ----D C:\ProgramData\?R?R?????????????????????????
O43 - CFD: 30/06/2013 - 09:15:01 - [0] ----D C:\ProgramData\?t?t?????????????????????????
O43 - CFD: 29/06/2013 - 19:33:25 - [0] ----D C:\ProgramData\?U?U?????????????????????????
O43 - CFD: 09/07/2013 - 21:34:41 - [0] ----D C:\ProgramData\?�?�?????????????????????????
O43 - CFD: 12/07/2013 - 13:04:44 - [0] ----D C:\ProgramData\?????????????????????????????
O43 - CFD: 29/04/2013 - 16:53:58 - [0] ----D C:\ProgramData\?????????????????????????????
O43 - CFD: 11/07/2013 - 17:17:44 - [0] ----D C:\ProgramData\?????????????????????????????
O43 - CFD: 15/03/2013 - 19:18:51 - [0] ----D C:\ProgramData\?????????????????????????????
O43 - CFD: 07/03/2013 - 18:38:29 - [0] ----D C:\ProgramData\?????????????????????????????
O43 - CFD: 15/08/2013 - 11:58:58 - [0] ----D C:\ProgramData\?????????????????????????????
O43 - CFD: 13/08/2013 - 18:44:43 - [0] ----D C:\ProgramData\?????????????????????????????
O43 - CFD: 07/03/2013 - 19:47:58 - [0] ----D C:\ProgramData\?????????????????????????????
O43 - CFD: 16/05/2013 - 18:30:32 - [0] ----D C:\ProgramData\?T?T?????????????????????????
O43 - CFD: 03/06/2013 - 15:11:53 - [0] ----D C:\ProgramData\?????????????????????????????
O43 - CFD: 10/07/2013 - 14:00:12 - [0] ----D C:\ProgramData\?????????????????????????????
O43 - CFD: 18/05/2013 - 14:20:34 - [0] ----D C:\ProgramData\?????????????????????????????
O43 - CFD: 03/10/2013 - 19:57:04 - [0] ----D C:\ProgramData\?????????????????????????????
O43 - CFD: 03/06/2013 - 13:04:02 - [0] ----D C:\ProgramData\?|?|?????????????????????????
O43 - CFD: 29/03/2013 - 14:33:29 - [0] ----D C:\ProgramData\?????????????????????????????
O43 - CFD: 24/05/2013 - 18:22:26 - [0] ----D C:\ProgramData\?????????????????????????????
O43 - CFD: 07/08/2013 - 18:49:34 - [0] ----D C:\ProgramData\?!?!?????????????????????????
O43 - CFD: 16/04/2013 - 13:33:07 - [0] ----D C:\ProgramData\?????????????????????????????
O43 - CFD: 22/07/2013 - 09:26:04 - [0] ----D C:\ProgramData\?????????????????????????????
O43 - CFD: 17/07/2013 - 13:21:04 - [0] ----D C:\ProgramData\?????????????????????????????
O43 - CFD: 25/03/2013 - 18:13:23 - [0] ----D C:\ProgramData\?????????????????????????????
O43 - CFD: 29/06/2013 - 15:45:44 - [0] ----D C:\ProgramData\?????????????????????????????
O43 - CFD: 12/03/2013 - 14:57:56 - [0] ----D C:\ProgramData\?a?a?????????????????????????
O43 - CFD: 05/04/2013 - 20:12:53 - [0] ----D C:\ProgramData\?i?i?????????????????????????
O43 - CFD: 21/03/2013 - 18:50:38 - [0] ----D C:\ProgramData\?O?O?????????????????????????
O43 - CFD: 30/03/2013 - 14:35:07 - [0] ----D C:\ProgramData\?U?U?????????????????????????
O43 - CFD: 08/03/2013 - 12:14:45 - [0] ----D C:\ProgramData\?u?u?????????????????????????
O43 - CFD: 05/04/2013 - 19:24:20 - [0] ----D C:\ProgramData\?U?U?????????????????????????
O43 - CFD: 30/04/2013 - 11:54:41 - [0] ----D C:\ProgramData\?u?u?????????????????????????
O43 - CFD: 14/03/2013 - 13:10:34 - [0] ----D C:\ProgramData\?u?u?????????????????????????
O43 - CFD: 07/03/2013 - 18:18:24 - [0] ----D C:\ProgramData\?a?a?????????????????????????
O43 - CFD: 29/04/2013 - 18:17:30 - [0] ----D C:\ProgramData\?????????????????????????????
O43 - CFD: 22/03/2013 - 17:54:29 - [0] ----D C:\ProgramData\?????????????????????????????
O43 - CFD: 01/04/2013 - 11:45:54 - [0] ----D C:\ProgramData\?G?G?????????????????????????
O43 - CFD: 24/04/2013 - 20:48:10 - [0] ----D C:\ProgramData\?g?g?????????????????????????
O43 - CFD: 18/05/2013 - 21:30:14 - [0] ----D C:\ProgramData\?K?K?????????????????????????
O43 - CFD: 14/03/2013 - 17:16:05 - [0] ----D C:\ProgramData\?O?O?????????????????????????
O43 - CFD: 10/04/2013 - 16:56:31 - [0] ----D C:\ProgramData\?o?o?????????????????????????
O43 - CFD: 16/03/2013 - 15:18:05 - [0] ----D C:\ProgramData\?????????????????????????????
O43 - CFD: 16/05/2013 - 19:08:18 - [0] ----D C:\ProgramData\?j?j?????????????????????????
O43 - CFD: 20/03/2013 - 13:57:06 - [0] ----D C:\ProgramData\?????????????????????????????
O43 - CFD: 14/06/2013 - 16:42:32 - [0] ----D C:\ProgramData\?????????????????????????????
O43 - CFD: 06/04/2013 - 08:46:24 - [0] ----D C:\ProgramData\?????????????????????????????
O43 - CFD: 12/04/2013 - 20:46:32 - [0] ----D C:\ProgramData\?????????????????????????????
O43 - CFD: 10/06/2013 - 15:37:33 - [0] ----D C:\ProgramData\?????????????????????????????
O43 - CFD: 13/03/2013 - 09:01:15 - [0] ----D C:\ProgramData\?????????????????????????????
O43 - CFD: 12/03/2013 - 20:04:20 - [0] ----D C:\ProgramData\?????????????????????????????
O43 - CFD: 25/04/2013 - 18:52:05 - [0] ----D C:\ProgramData\?????????????????????????????
O43 - CFD: 28/03/2013 - 17:23:20 - [0] ----D C:\ProgramData\?????????????????????????????
O43 - CFD: 17/05/2013 - 16:30:19 - [0] ----D C:\ProgramData\?????????????????????????????
O43 - CFD: 05/04/2013 - 19:45:33 - [0] ----D C:\ProgramData\?????????????????????????????
O43 - CFD: 01/04/2013 - 21:26:23 - [0] ----D C:\ProgramData\?????????????????????????????
O43 - CFD: 03/05/2013 - 13:00:51 - [0] ----D C:\ProgramData\?????????????????????????????
O43 - CFD: 02/04/2013 - 22:00:50 - [0] ----D C:\ProgramData\?????????????????????????????
O43 - CFD: 20/05/2013 - 15:25:04 - [0] ----D C:\ProgramData\?????????????????????????????
O43 - CFD: 25/03/2013 - 18:24:27 - [0] ----D C:\ProgramData\?????????????????????????????
O43 - CFD: 17/05/2013 - 18:49:56 - [0] ----D C:\ProgramData\?????????????????????????????
O43 - CFD: 10/03/2013 - 21:46:34 - [0] ----D C:\ProgramData\?????????????????????????????
O43 - CFD: 31/03/2013 - 10:36:03 - [0] ----D C:\ProgramData\?????????????????????????????
O43 - CFD: 08/04/2013 - 13:30:12 - [0] ----D C:\ProgramData\?#?#0
O43 - CFD: 23/05/2013 - 18:01:05 - [0] ----D C:\ProgramData\?�?�0
O43 - CFD: 22/05/2013 - 21:02:50 - [0] ----D C:\ProgramData\?G?G0
O43 - CFD: 22/03/2013 - 16:01:21 - [0] ----D C:\ProgramData\????0
O43 - CFD: 01/09/2013 - 10:58:31 - [0] ----D C:\ProgramData\?O?O0
O43 - CFD: 30/08/2013 - 17:16:52 - [0] ----D C:\ProgramData\?u?u0
O43 - CFD: 22/04/2013 - 17:21:34 - [0] ----D C:\ProgramData\?G?G0
O43 - CFD: 12/04/2013 - 12:49:33 - [0] ----D C:\ProgramData\????0
O43 - CFD: 02/04/2013 - 19:51:10 - [0] ----D C:\ProgramData\????0
O43 - CFD: 25/03/2013 - 19:23:10 - [0] ----D C:\ProgramData\????????????????????????p???????
O43 - CFD: 30/09/2013 - 19:01:14 - [0,021] ----D C:\Users\lolo\AppData\Local\BrytonBridge
O43 - CFD: 05/03/2013 - 22:14:32 - [0,197] ----D C:\Users\lolo\AppData\Local\Updater27096 =>PUP.CrossRider
~ Program Folder: 309 Legitimates Filtered in 00mn 25s
---\\ Contr�le du Safe Boot (CSB) (O49)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\CleanHlp.sys . (...) -- C:\Windows\System32\Drivers\CleanHlp.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\CleanHlp.sys . (...) -- C:\Windows\System32\Drivers\CleanHlp.sys (.not file.)
~ CSB: 15 Legitimates Filtered in 00mn 00s
---\\ Cl� de registre Shell MountPoints2 (MPKS) (O51)
O51 - MPSK:{b5540631-3334-11de-9e5c-806e6f6e6963}\AutoRun\command. (...) -- E:\bb\BBChecker.exe
~ Keys: Scanned in 00mn 00s
---\\ Enum�ration des cl�s de registre PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
~ MWPS: 16 Legitimates Filtered in 00mn 00s
---\\ Liste des pilotes du syst�me (SDL) (O58)
O58 - SDL:[MD5.B680134BA1813B78B47FDD1DFF223CA5] - 09/05/2013 - 09:59:10 ---A- . (...) -- C:\Windows\System32\Drivers\aswRvrt.sys [49376]
O58 - SDL:[MD5.8AAD333C876590293F72B315E162BCC7] - 02/11/2006 - 08:09:42 ---A- . (...) -- C:\Windows\System32\ANSI.SYS [9029]
~ Drivers: 16 Legitimates Filtered in 00mn 01s
---\\ Liste des outils de d�sinfection (LATC) (O63)
O63 - Logiciel: ZHPDiag 2013 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s
---\\ Associations Shell Spawning (O67)
O67 - Shell Spawning: <.com> <>[HKU\..\open\Command] (.Not Key.)
O67 - Shell Spawning: <.exe> <>[HKU\..\open\Command] (.Not Key.)
~ FASS Keys: 21 Legitimates Filtered in 00mn 01s
---\\ Menu de d�marrage Internet (SMI) (O68)
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
~ Keys: Scanned in 00mn 00s
---\\ Recherche d'infection sur les navigateurs internet (SBI) (O69)
O69 - SBI: SearchScopes [HKCU] {67A2568C-7A0A-4EED-AECC-B5405DE63B64} [DefaultScope] - (Google) - http://www.google.com
~ Keys: Scanned in 00mn 00s
---\\ Recherche particuli�re � la racine du syst�me (SPRF) (O84)
[MD5.D2C020500188246C2F0BF1552573B923] [SPRF][25/03/2011] (.Bryton Inc - BrytonBridge Setup.) -- C:\Users\lolo\AppData\Local\Temp\hermes_inst.exe [14527699]
[MD5.E2822E2E75DFBC277E048262D8311CFD] [SPRF][11/10/2013] (...) -- C:\Users\lolo\AppData\Roaming\wklnhst.dat [2164]
~ Files: 4 Legitimates Filtered in 00mn 01s
---\\ Recherche des packages WindowsInstaller (WIS) (O93) (NTFS)
~ WIS: 88 Legitimates Filtered in 01mn 17s
---\\ Etat g�n�ral des services not Microsoft (EGS) (SR=Running, SS=Stopped)
SR - | Auto 30/09/2013 4153784 | (a2AntiMalware) . (.Emsisoft GmbH.) - C:\Program Files\Emsisoft Anti-Malware\a2service.exe
SR - | Auto 10/06/2008 692224 | (Ati External Event Utility) . (.ATI Technologies Inc..) - C:\Windows\System32\Ati2evxx.exe
SR - | Auto 09/05/2013 46808 | (avast! Antivirus) . (.AVAST Software.) - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
SR - | Auto 14/09/2013 68096 | (BBService) . (...) - C:\Program Files\BrytonBridge2\BBService.exe
SS - | Demand 22/10/2008 647680 | (FLEXnet Licensing Service) . (.Macrovision Europe Ltd..) - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
SS - | Auto 08/02/2010 135664 | (gupdate) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SS - | Demand 08/02/2010 135664 | (gupdatem) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SR - | Auto 09/08/2007 1757696 | (hasplms) . (.Aladdin Knowledge Systems Ltd..) - C:\Windows\system32\hasplms.exe
SR - | Auto 07/05/2008 354840 | (IAANTMON) . (.Intel Corporation.) - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
SS - | Demand 11/09/2013 118680 | (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
SR - | Auto 19/12/2006 81920 | (PLFlash DeviceIoControl Service) . (.Prolific Technology Inc..) - C:\Windows\system32\IoctlSvc.exe
SS - | Auto 13/07/2012 160944 | (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files\Skype\Updater\Updater.exe
SR - | Auto 21/01/2008 21504 | C:\Program Files\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 21/01/2008 21504 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 12/11/2001 20480 | (x10nets) . (.X10.) - C:\Program Files\Common Files\X10\Common\X10nets.exe
~ Services: Scanned in 01mn 21s
---\\ Scan Additionnel (O88)
Database Version : 12949 - (18/10/2013)
Cl�s trouv�es (Keys found) : 6
Valeurs trouv�es (Values found) : 0
Dossiers trouv�s (Folders found) : 1
Fichiers trouv�s (Files found) : 0
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{64182481-4F71-486b-A045-B233BD0DA8FC}] =>Adware.Facemoods
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}] =>Adware.IMBooster
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{DB4E9724-F518-4DFD-9C7C-78B52103CAB9}] =>Adware.BullseyeToolbar
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}] =>Toolbar.DeltaSearch
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{82E1477C-B154-48D3-9891-33D83C26BCD3}] =>PUP.Funmoods
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110211701196}] =>PUP.CrossRider
C:\Users\lolo\AppData\Local\Updater27096 =>PUP.CrossRider^
~ Additionnel Scan: 172634 Items scanned in 03mn 36s
---\\ R�capitulatif des d�tections trouv�es sur votre station
~ http://nicolascoolman.webs.com/apps/blog/show/32979753-pup-bitguard =>PUP.BitGuard
~ http://nicolascoolman.webs.com/apps/blog/show/27583526-pup-crossrider =>PUP.CrossRider
~ http://nicolascoolman.webs.com/apps/blog/show/26764465-adware-facemoods =>Adware.Facemoods
~ http://nicolascoolman.webs.com/apps/blog/show/26684723-adware-imbooster =>Adware.IMBooster
~ http://nicolascoolman.webs.com/apps/blog/show/27674245-adware-bullseyetoolbar =>Adware.BullseyeToolbar
~ http://nicolascoolman.webs.com/apps/blog/show/27875657-toolbar-deltasearch =>Toolbar.DeltaSearch
~ http://nicolascoolman.webs.com/apps/blog/show/27630986-pup-funmoods =>PUP.Funmoods
~ MSI: 7 link(s) detected in 03mn 36s
~ 1145 Legitimates filtered by white list
End of the scan (584 lines in 08mn 26s)(0)
~ Lanc� par lolo (18/10/2013 21:56:55)
~ Adresse du Site Web http://nicolascoolman.webs.com
~ Forums gratuits d'Assistance � la d�sinfection : http://nicolascoolman.webs.com/apps/links/
~ Traduit par Nicolas Coolman
~ Etat de la version :
~ Liste blanche : Activ�e par le programme
~ El�vation des Privil�ges : OK
~ User Account Control (UAC): Activate by user
---\\ Navigateurs Internet
MSIE: Internet Explorer v9.0.8112.16421
MFIE: Mozilla Firefox 24.0 (Defaut)
---\\ Informations sur les produits Windows
~ Langage: Fran�ais
Windows Vista Home Premium Edition, 32-bit Service Pack 2 (Build 6002)
Windows Server License Manager Script : OK
~ Vista, OEM_SLP channel
System Locked Preinstallation (OEM_SLP) : OK
Windows ID Activation : OK
~ Windows Partial Key : MQ3CQ
Windows License : OK
Windows Automatic Updates : OK
---\\ Logiciels de protection du syst�me
avast! Free Antivirus v8.0.1489.0
Emsisoft Anti-Malware
---\\ Logiciels d'optimisation du syst�me
CCleaner v4.06 =>Piriform Ltd
---\\ Logiciels de partage PeerToPeer
---\\ Surveillance de Logiciels
Adobe Flash Player 11 ActiveX
Adobe Reader 8
---\\ Informations sur le syst�me
~ Processor: x86 Family 6 Model 23 Stepping 6, GenuineIntel
~ Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 3070 MB (42% free)
System Restore: Activ� (Enable)
System drive C: has 152 GB (68%) free of 221 GB
---\\ Mode de connexion au syst�me
~ Computer Name: PCDELOLO
~ User Name: lolo
~ All Users Names: lolo, Administrateur,
~ Unselected Option: O45,O61,O62,O65,O66,O80,O82,O89
Logged in as Administrator
---\\ Variables d'environnement
~ System Unit : C:\
~ %AppZHP% : C:\Users\lolo\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\lolo\AppData\Roaming\
~ %Desktop% : C:\Users\lolo\Desktop\
~ %Favorites% : C:\Users\lolo\Favorites\
~ %LocalAppData% : C:\Users\lolo\AppData\Local\
~ %StartMenu% : C:\Users\lolo\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\
---\\ Enum�ration des unit�s disques
C: Hard drive, Flash drive, Thumb drive (Free 152 Go of 221 Go)
D: Hard drive, Flash drive, Thumb drive (Free 149 Go of 149 Go)
E: CD-ROM drive (Free 0 Go of 2 Go)
---\\ Etat du Centre de S�curit� Windows
~ Security Center: 38 Legitimates Filtered in 00mn 00s
---\\ Recherche particuli�re de fichiers g�n�riques
[MD5.D07D4C3038F3578FFCE1C0237F2A1253] - (.Microsoft Corporation - Explorateur Windows.) (.11/04/2009 - 07:27:36.) -- C:\Windows\Explorer.exe [2926592]
[MD5.101BA3EA053480BB5D957EF37C06B5ED] - (.Microsoft Corporation - Application de d�marrage de Windows.) (.21/01/2008 - 03:23:42.) -- C:\Windows\System32\Wininit.exe [96768]
[MD5.C8ADAA6948993D839D14524847EA5B75] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.22/09/2013 - 11:13:22.) -- C:\Windows\System32\wininet.dll [1129472]
[MD5.898E7C06A350D4A1A64A9EA264D55452] - (.Microsoft Corporation - Application d'ouverture de session Windows.) (.11/04/2009 - 07:28:13.) -- C:\Windows\System32\Winlogon.exe [314368]
[MD5.3911B972B55FEA0478476B2E777B29FA] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.21/04/2011 - 14:58:27.) -- C:\Windows\system32\Drivers\AFD.sys [273408]
[MD5.2D9C903DC76A66813D350A562DE40ED9] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.21/01/2008 - 03:23:00.) -- C:\Windows\system32\Drivers\atapi.sys [21560]
[MD5.7ADD03E75BEB9E6DD102C3081D29840A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.21/01/2008 - 03:23:51.) -- C:\Windows\system32\Drivers\Cdfs.sys [70144]
[MD5.6B4BFFB9BECD728097024276430DB314] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.11/04/2009 - 05:39:17.) -- C:\Windows\system32\Drivers\Cdrom.sys [67072]
[MD5.622C41A07CA7E6DD91770F50D532CB6C] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.14/04/2011 - 15:59:03.) -- C:\Windows\system32\Drivers\DfsC.sys [75264]
[MD5.062452B7FFD68C8C042A6261FE8DFF4A] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.11/04/2009 - 05:42:42.) -- C:\Windows\system32\Drivers\HDAudBus.sys [561152]
[MD5.22D56C8184586B7A1F6FA60BE5F5A2BD] - (.Microsoft Corporation - Pilote de port i8042.) (.21/01/2008 - 03:23:20.) -- C:\Windows\system32\Drivers\i8042prt.sys [54784]
[MD5.8793643A67B42CEC66490B2A0CF92D68] - (.Microsoft Corporation - IP Network Address Translator.) (.21/01/2008 - 03:24:25.) -- C:\Windows\system32\Drivers\IpNat.sys [100864]
[MD5.1E94971C4B446AB2290DEB71D01CF0C2] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.29/04/2011 - 14:24:40.) -- C:\Windows\system32\Drivers\MRxSmb.sys [106496]
[MD5.ECD64230A59CBD93C85F1CD1CAB9F3F6] - (.Microsoft Corporation - MBT Transport driver.) (.11/04/2009 - 05:45:37.) -- C:\Windows\system32\Drivers\netBT.sys [185856]
[MD5.2C1121F2B87E9A6B12485DF53CD848C7] - (.Microsoft Corporation - Pilote du syst�me de fichiers NT.) (.03/03/2013 - 20:07:52.) -- C:\Windows\system32\Drivers\ntfs.sys [1082232]
[MD5.0FA9B5055484649D63C303FE404E5F4D] - (.Microsoft Corporation - Pilote de port parall�le.) (.02/11/2006 - 09:51:30.) -- C:\Windows\system32\Drivers\Parport.sys [79360]
[MD5.A214ADBAF4CB47DD2728859EF31F26B0] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.21/01/2008 - 03:24:55.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [76288]
[MD5.FBC0BACD9C3D7F6956853F64A66E252D] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.21/01/2008 - 03:23:01.) -- C:\Windows\system32\Drivers\rdpdr.sys [248832]
[MD5.7B75299A4D201D6A6533603D6914AB04] - (.Microsoft Corporation - SMB Transport driver.) (.11/04/2009 - 05:45:22.) -- C:\Windows\system32\Drivers\smb.sys [66560]
[MD5.76B06EB8A01FC8624D699E7045303E54] - (.Microsoft Corporation - TDI Translation Driver.) (.11/04/2009 - 05:45:56.) -- C:\Windows\system32\Drivers\tdx.sys [72192]
[MD5.786DB5771F05EF300390399F626BF30A] - (.Microsoft Corporation - Pilote de clich� instantan� du volume.) (.21/08/2012 - 12:47:42.) -- C:\Windows\system32\Drivers\volsnap.sys [224640]
~ Generic Processes: Scanned in 00mn 07s
---\\ Etat des fichiers cach�s (Cach�/Total)
~ Mes images (My Pictures) : 1/2055
~ Mes musiques (My Musics) : 1/102
~ Mes Videos (My Videos) : 1/2
~ Mes Favoris (My Favorites) : 1/46
~ Mes Documents (My Documents) : 1/65
~ Mon Bureau (My Desktop) : 1/13
~ Menu demarrer (Programs) : 1/27
~ Hidden Files: Scanned in 00mn 03s
---\\ Processus lanc�s
[MD5.F21A8FB31B15860C4F6021960CF723A8] - (.Synaptics, Inc. - Synaptics TouchPad Enhancements.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1041704] [PID.3568]
[MD5.3F11B20D12D89365D7721BDC860CE5F0] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe [4858968] [PID.3576]
[MD5.50772C721FE88F4248F9F52AB2219B0F] - (.Synaptics, Inc. - Synaptics Pointing Device Helper.) -- C:\Program Files\Synaptics\SynTP\SynTPHelper.exe [95528] [PID.2704]
[MD5.0D392EDE3B97E0B3131B2F63EF1DB94E] - (.Microsoft Corporation - Windows Defender User Interface.) -- C:\Program Files\Windows Defender\MSASCui.exe [1008184] [PID.3760]
[MD5.6080A176D09435FC8E6E800996656E18] - (.Microsoft Corporation - Console IME.) -- C:\Windows\system32\conime.exe [69120] [PID.2496]
[MD5.DE9BFC32E0422B40C515634A08D73D59] - (...) -- C:\Program Files\BrytonBridge2\BrytonBridge2.exe [1336320] [PID.552]
[MD5.A9182CE59CFC56F9C1DDE8B3C0AE8378] - (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe [274840] [PID.3020]
[MD5.3DEBC4F06BA637D7EE7BB1A69AC79052] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [8102912] [PID.2852]
[MD5.D25A01AC95B7210260793CB80CE10B38] - (.Emsisoft GmbH - Emsisoft Anti-Malware Service.) -- C:\Program Files\Emsisoft Anti-Malware\a2service.exe [4153784] [PID.1020]
[MD5.8FEB268CAE12E43538422312FD96B32F] - (.ATI Technologies Inc. - ATI External Event Utility EXE Module.) -- C:\Windows\system32\Ati2evxx.exe [692224] [PID.1332]
[MD5.862BB4CBC05D80C5B45BE430E5EF872F] - (.Microsoft Corporation - Service de gestion des licences Microsoft.) -- C:\Windows\system32\SLsvc.exe [3408896] [PID.1556]
[MD5.28D6701C710AD7BA3CB95E75F8F1A9AA] - (.AVAST Software - avast! Service.) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [46808] [PID.364]
[MD5.6C8B36BE3BFCCD98D5898607396BA4FE] - (.Aladdin Knowledge Systems Ltd. - Aladdin HASP License Manager Service.) -- C:\Windows\system32\hasplms.exe [1757696] [PID.2756]
[MD5.7B96206E4BDD2FE582F0DBC46F5F410E] - (.Intel Corporation - RAID Monitor.) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe [354840] [PID.2776]
[MD5.875E4E0661F3A5994DF9E5E3A0A4F96B] - (.Prolific Technology Inc. - PLFlash DeviceIoControl Service.) -- C:\Windows\system32\IoctlSvc.exe [81920] [PID.2912]
[MD5.5A0C788C5BC5F2C993CB60940ADCF95E] - (.X10 - X10 Module.) -- C:\Program Files\Common Files\X10\Common\X10nets.exe [20480] [PID.3116]
[MD5.A8C2746994605DF30CD373CC8C2D257E] - (...) -- C:\Program Files\BrytonBridge2\BBService.exe [68096] [PID.3356]
[MD5.23EA87FF1F9F9C36B11130AE13CDF6DA] - (...) -- C:\Program Files\BrytonBridge2\BBDaemon.exe [1273344] [PID.3240]
[MD5.97D9D6A04E3AD9B6C626B9931DB78DBA] - (.Microsoft Corporation - Programme d�installation de modules Windows.) -- C:\Windows\servicing\TrustedInstaller.exe [39424] [PID.1828]
~ Processes Running: Scanned in 00mn 14s
---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
C:\Users\lolo\AppData\Roaming\Mozilla\Firefox\Profiles\58j53c27.default\prefs.js
~ Firefox Browser: 6 Legitimates Filtered in 00mn 00s
---\\ Internet Explorer, D�marrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R3 - URLSearchHook: (no name) - {26842a09-ffa8-4e2c-ae12-0c80f01c3295} . (...) (No version) -- (.not file.)
R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (...) (No version) -- (.not file.)
~ IE Browser: 11 Legitimates Filtered in 00mn 00s
---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s
---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"
~ Keys: Scanned in 00mn 00s
---\\ Hosts file redirection (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 20
---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: (no name) - {1e91a655-bb4b-4693-a05e-2edebc4c9d89} Cl� orpheline
O2 - BHO: (no name) - {71c1d63a-c944-428a-a5bd-ba513190e5d2} Cl� orpheline
~ BHO: 6 Legitimates Filtered in 00mn 00s
---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: avast! WebRep - [HKLM]{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} . (.AVAST Software - IE Webrep plugin.) -- C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{2318C2B1-4965-11D4-9B18-009027A5CD4F} Cl� orpheline
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{F2CF5485-4E02-4F68-819C-B92DE9277049} Cl� orpheline
~ Toolbar: Scanned in 00mn 00s
---\\ Autres liens utilisateurs (O4)
O4 - GS\Desktop [Public]: BrytonBridge2.lnk . (...) -- C:\Program Files\BrytonBridge2\BrytonBridge2.exe
O4 - GS\Desktop [Public]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O4 - GS\Program [Public]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O4 - GS\QuickLaunch [lolo]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O4 - GS\Program [lolo]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\Program [lolo]: Webplayer.lnk . (...) -- C:\Users\lolo\AppData\Roaming\Microsoft\Installer\{9937E55B-6331-4804-93EF-77E992F204BD}\_3F7CDAE07E1639C4AEA7A8.exe
O4 - GS\SystemTools [lolo]: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\Desktop [lolo]: Connexion - Raccourci.lnk - Cl� orpheline
~ Global Startup: 52 Legitimates Filtered in 00mn 04s
---\\ Applications lanc�es au d�marrage du syt�me (O4)
O4 - GS\Startup [Public]: BrytonBridge2.lnk . (...) -- C:\Program Files\BrytonBridge2\BrytonBridge2.exe
O4 - HKLM\..\Run: [SynTPEnh] . (.Synaptics, Inc. - Synaptics TouchPad Enhancements.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [avast] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\Alwil Software\Avast5\avastUI.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] Cl� orpheline
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\Run: [WindowsWelcomeCenter] Cl� orpheline
~ Application: Scanned in 00mn 00s
---\\ Boutons situ�s sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: &Envoyer � OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} . (.Microsoft Corporation - Microsoft Office OneNote Internet Explorer Add-in.) -- C:\Program Files\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (...) -- C:\Program Files\Microsoft Office\Office12\REFBARH.ICO
~ IE Extra Buttons: Scanned in 00mn 00s
---\\ Objets ActiveX (Downloaded Program Files)(O16)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} ((no name)) - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
~ Objets ActiveX: Scanned in 00mn 00s
---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{1DF0AB42-A049-4984-837D-20D935ECF8F6}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{371A0226-918A-41D5-9CE4-4E4BF6CDA6F3}: DhcpNameServer = 192.168.0.254
O17 - HKLM\System\CS1\Services\Tcpip\..\{1DF0AB42-A049-4984-837D-20D935ECF8F6}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{371A0226-918A-41D5-9CE4-4E4BF6CDA6F3}: DhcpNameServer = 192.168.0.254
O17 - HKLM\System\CS2\Services\Tcpip\..\{1DF0AB42-A049-4984-837D-20D935ECF8F6}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{371A0226-918A-41D5-9CE4-4E4BF6CDA6F3}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS3\Services\Tcpip\..\{1DF0AB42-A049-4984-837D-20D935ECF8F6}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS3\Services\Tcpip\..\{371A0226-918A-41D5-9CE4-4E4BF6CDA6F3}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.254
~ Domain: Scanned in 00mn 00s
---\\ Protocole additionnel (O18)
O18 - Handler: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\system32\mshtml.dll =>.Microsoft Corporation
O18 - Filter: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s
---\\ Valeur de Registre AppInit_DLLs et sous-cl�s Winlogon Notify (autorun) (O20)
O20 - AppInit_DLLs: . (...) - C:\Program Files\bitguard\261694~1.246\{c16c1~1\bitguard.dll (.not file.) =>PUP.BitGuard
~ AppInit DLL: Scanned in 00mn 00s
---\\ Cl� de Registre autorun SharedTaskScheduler (STS) (O22)
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Biblioth�que de l'interface utilisateur du.) -- C:\Windows\System32\browseui.dll
~ STS/SSO: Scanned in 00mn 00s
---\\ Liste des services NT non Microsoft et non d�sactiv�s (O23)
O23 - Service: Bryton Bridge Service (BBService) . (...) - C:\Program Files\BrytonBridge2\BBService.exe
O23 - Service: X10 Device Network Service (x10nets) . (.X10 - X10 Module.) - C:\Program Files\Common Files\X10\Common\X10nets.exe
~ Services: 10 Legitimates Filtered in 00mn 26s
---\\ Pilotes lanc�s au d�marrage du syst�me (O41)
O41 - Driver: (Vsdatant) . (. - .) - C:\Windows\System32\DRIVERS\vsdatant.sys (.not file.)
~ Drivers: 82 Legitimates Filtered in 00mn 03s
---\\ Logiciels install�s (O42)
O42 - Logiciel: BrytonBridge2 - (.BrytonSport, Inc..) [HKLM] -- {BA8123A4-34B4-44B8-B8E1-D36F0D0259C9}_is1
~ Logic: 75 Legitimates Filtered in 00mn 01s
---\\ HKCU & HKLM Software Keys
[HKCU\Software\Seagull Scientific]
[HKCU\Software\Seagull]
[HKCU\Software\TEC]
[HKLM\Software\PCTools]
[HKLM\Software\Seagull Scientific]
~ Key Software: 152 Legitimates Filtered in 00mn 01s
---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 17/10/2013 - 23:21:30 - [0] ----D C:\Program Files\BrytonBridge
O43 - CFD: 17/10/2013 - 23:29:46 - [56,043] ----D C:\Program Files\BrytonBridge2
O43 - CFD: 11/10/2012 - 18:33:45 - [0] ----D C:\Program Files\GUM15D1.tmp
O43 - CFD: 06/02/2013 - 09:44:43 - [0] ----D C:\Program Files\GUM7290.tmp
O43 - CFD: 06/07/2009 - 17:33:35 - [0,145] ----D C:\Program Files\STK017_V2.03
O43 - CFD: 10/11/2010 - 18:36:23 - [0,527] ----D C:\Program Files\TKI
O43 - CFD: 17/10/2013 - 23:12:52 - [55,967] ----D C:\ProgramData\BrytonBridge
O43 - CFD: 10/11/2010 - 18:36:23 - [0,011] ----D C:\ProgramData\IMPULS
O43 - CFD: 17/11/2010 - 15:19:05 - [0,010] ----D C:\ProgramData\Seagull
O43 - CFD: 22/05/2013 - 17:02:57 - [0] ----D C:\ProgramData\? ? ?????????????????????????
O43 - CFD: 05/06/2013 - 09:54:25 - [0] ----D C:\ProgramData\?!?!?????????????????????????
O43 - CFD: 03/04/2013 - 07:59:33 - [0] ----D C:\ProgramData\?#?#?????????????????????????
O43 - CFD: 15/05/2013 - 14:43:00 - [0] ----D C:\ProgramData\?&?&?????????????????????????
O43 - CFD: 05/08/2013 - 16:59:13 - [0] ----D C:\ProgramData\?(?(?????????????????????????
O43 - CFD: 22/05/2013 - 10:04:51 - [0] ----D C:\ProgramData\?+?+?????????????????????????
O43 - CFD: 07/10/2013 - 19:21:34 - [0] ----D C:\ProgramData\?,?,?????????????????????????
O43 - CFD: 03/05/2013 - 14:22:02 - [0] ----D C:\ProgramData\?-?-?????????????????????????
O43 - CFD: 19/05/2013 - 14:55:09 - [0] ----D C:\ProgramData\?0?0?????????????????????????
O43 - CFD: 18/03/2013 - 12:41:17 - [0] ----D C:\ProgramData\?1?1?????????????????????????
O43 - CFD: 11/03/2013 - 12:47:18 - [0] ----D C:\ProgramData\?2?2?????????????????????????
O43 - CFD: 08/07/2013 - 13:40:28 - [0] ----D C:\ProgramData\?3?3?????????????????????????
O43 - CFD: 04/10/2013 - 12:40:17 - [0] ----D C:\ProgramData\?6?6?????????????????????????
O43 - CFD: 15/08/2013 - 09:33:19 - [0] ----D C:\ProgramData\?9?9?????????????????????????
O43 - CFD: 21/06/2013 - 13:02:10 - [0] ----D C:\ProgramData\?=?=?????????????????????????
O43 - CFD: 06/05/2013 - 19:38:26 - [0] ----D C:\ProgramData\?@?@?????????????????????????
O43 - CFD: 19/04/2013 - 08:09:00 - [0] ----D C:\ProgramData\?D?D?????????????????????????
O43 - CFD: 01/04/2013 - 20:47:41 - [0] ----D C:\ProgramData\?F?F?????????????????????????
O43 - CFD: 25/06/2013 - 19:02:09 - [0] ----D C:\ProgramData\?I?I?????????????????????????
O43 - CFD: 14/08/2013 - 16:27:48 - [0] ----D C:\ProgramData\?m?m?????????????????????????
O43 - CFD: 06/08/2013 - 16:27:54 - [0] ----D C:\ProgramData\?o?o?????????????????????????
O43 - CFD: 15/07/2013 - 20:08:11 - [0] ----D C:\ProgramData\?q?q?????????????????????????
O43 - CFD: 21/09/2013 - 11:23:41 - [0] ----D C:\ProgramData\?T?T?????????????????????????
O43 - CFD: 23/03/2013 - 10:10:53 - [0] ----D C:\ProgramData\?v?v?????????????????????????
O43 - CFD: 24/07/2013 - 15:36:00 - [0] ----D C:\ProgramData\?w?w?????????????????????????
O43 - CFD: 04/09/2013 - 19:20:53 - [0] ----D C:\ProgramData\?x?x?????????????????????????
O43 - CFD: 31/07/2013 - 11:02:07 - [0] ----D C:\ProgramData\?{?{?????????????????????????
O43 - CFD: 30/09/2013 - 19:23:10 - [0] ----D C:\ProgramData\?~?~?????????????????????????
O43 - CFD: 04/08/2013 - 12:29:40 - [0] ----D C:\ProgramData\???????????????????????????
O43 - CFD: 11/04/2013 - 19:04:48 - [0] ----D C:\ProgramData\?????????????????????????????
O43 - CFD: 21/05/2013 - 20:22:20 - [0] ----D C:\ProgramData\?????????????????????????????
O43 - CFD: 08/05/2013 - 11:04:30 - [0] ----D C:\ProgramData\?????????????????????????????
O43 - CFD: 25/05/2013 - 20:47:26 - [0] ----D C:\ProgramData\?????????????????????????????
O43 - CFD: 17/08/2013 - 19:50:52 - [0] ----D C:\ProgramData\?????????????????????????????
O43 - CFD: 25/05/2013 - 17:32:01 - [0] ----D C:\ProgramData\?????????????????????????????
O43 - CFD: 25/03/2013 - 19:50:56 - [0] ----D C:\ProgramData\?????????????????????????????
O43 - CFD: 25/05/2013 - 19:38:17 - [0] ----D C:\ProgramData\?????????????????????????????
O43 - CFD: 24/03/2013 - 13:51:15 - [0] ----D C:\ProgramData\?????????????????????????????
O43 - CFD: 12/06/2013 - 20:08:13 - [0] ----D C:\ProgramData\?�?�?????????????????????????
O43 - CFD: 20/03/2013 - 19:25:58 - [0] ----D C:\ProgramData\?�?�?????????????????????????
O43 - CFD: 22/03/2013 - 15:06:35 - [0] ----D C:\ProgramData\?????????????????????????????
O43 - CFD: 22/04/2013 - 13:49:33 - [0] ----D C:\ProgramData\?????????????????????????????
O43 - CFD: 07/08/2013 - 11:05:56 - [0] ----D C:\ProgramData\?????????????????????????????
O43 - CFD: 22/03/2013 - 14:46:12 - [0] ----D C:\ProgramData\?????????????????????????????
O43 - CFD: 20/04/2013 - 10:52:31 - [0] ----D C:\ProgramData\?????????????????????????????
O43 - CFD: 07/07/2013 - 14:12:08 - [0] ----D C:\ProgramData\?????????????????????????????
O43 - CFD: 28/05/2013 - 12:29:33 - [0] ----D C:\ProgramData\?????????????????????????????
O43 - CFD: 08/09/2013 - 20:27:37 - [0] ----D C:\ProgramData\?�?�?????????????????????????
O43 - CFD: 29/09/2013 - 12:31:15 - [0] ----D C:\ProgramData\?�?�?????????????????????????
O43 - CFD: 28/03/2013 - 14:31:18 - [0] ----D C:\ProgramData\?�?�?????????????????????????
O43 - CFD: 13/03/2013 - 15:14:02 - [0] ----D C:\ProgramData\?�?�?????????????????????????
O43 - CFD: 30/03/2013 - 18:31:35 - [0] ----D C:\ProgramData\?�?�?????????????????????????
O43 - CFD: 11/10/2013 - 16:14:27 - [0] ----D C:\ProgramData\?�?�?????????????????????????
O43 - CFD: 28/09/2013 - 21:31:26 - [0] ----D C:\ProgramData\?�?�?????????????????????????
O43 - CFD: 16/04/2013 - 20:59:48 - [0] ----D C:\ProgramData\?�?�?????????????????????????
O43 - CFD: 29/04/2013 - 20:49:29 - [0] ----D C:\ProgramData\?�?�?????????????????????????
O43 - CFD: 22/04/2013 - 16:13:23 - [0] ----D C:\ProgramData\?�?�?????????????????????????
O43 - CFD: 26/06/2013 - 13:27:10 - [0] ----D C:\ProgramData\?�?�?????????????????????????
O43 - CFD: 12/06/2013 - 21:30:07 - [0] ----D C:\ProgramData\?�?�?????????????????????????
O43 - CFD: 06/08/2013 - 19:32:12 - [0] ----D C:\ProgramData\?�?�?????????????????????????
O43 - CFD: 11/04/2013 - 17:54:48 - [0] ----D C:\ProgramData\?�?�?????????????????????????
O43 - CFD: 12/08/2013 - 09:44:08 - [0] ----D C:\ProgramData\?�?�?????????????????????????
O43 - CFD: 28/07/2013 - 09:22:22 - [0] ----D C:\ProgramData\?�?�?????????????????????????
O43 - CFD: 18/03/2013 - 11:44:44 - [0] ----D C:\ProgramData\?�?�?????????????????????????
O43 - CFD: 16/05/2013 - 17:23:36 - [0] ----D C:\ProgramData\?�?�?????????????????????????
O43 - CFD: 17/03/2013 - 13:41:52 - [0] ----D C:\ProgramData\?�?�?????????????????????????
O43 - CFD: 15/09/2013 - 13:17:50 - [0] ----D C:\ProgramData\?�?�?????????????????????????
O43 - CFD: 13/03/2013 - 17:49:45 - [0] ----D C:\ProgramData\?�?�?????????????????????????
O43 - CFD: 20/09/2013 - 17:26:55 - [0] ----D C:\ProgramData\?A?A?????????????????????????
O43 - CFD: 24/04/2013 - 13:24:52 - [0] ----D C:\ProgramData\?a?a?????????????????????????
O43 - CFD: 03/05/2013 - 10:35:39 - [0] ----D C:\ProgramData\?a?a?????????????????????????
O43 - CFD: 27/04/2013 - 18:21:05 - [0] ----D C:\ProgramData\?c?c?????????????????????????
O43 - CFD: 04/08/2013 - 15:52:01 - [0] ----D C:\ProgramData\?c?c?????????????????????????
O43 - CFD: 01/06/2013 - 21:27:48 - [0] ----D C:\ProgramData\?c?c?????????????????????????
O43 - CFD: 28/04/2013 - 17:17:42 - [0] ----D C:\ProgramData\?d?d?????????????????????????
O43 - CFD: 24/05/2013 - 13:11:17 - [0] ----D C:\ProgramData\?d?d?????????????????????????
O43 - CFD: 26/04/2013 - 10:37:32 - [0] ----D C:\ProgramData\?e?e?????????????????????????
O43 - CFD: 18/09/2013 - 16:39:00 - [0] ----D C:\ProgramData\?E?E?????????????????????????
O43 - CFD: 13/09/2013 - 12:39:35 - [0] ----D C:\ProgramData\?e?e?????????????????????????
O43 - CFD: 04/04/2013 - 17:08:50 - [0] ----D C:\ProgramData\?E?E?????????????????????????
O43 - CFD: 04/06/2013 - 13:48:59 - [0] ----D C:\ProgramData\?E?E?????????????????????????
O43 - CFD: 29/03/2013 - 16:44:12 - [0] ----D C:\ProgramData\?g?g?????????????????????????
O43 - CFD: 03/05/2013 - 20:54:42 - [0] ----D C:\ProgramData\?G?G?????????????????????????
O43 - CFD: 30/07/2013 - 19:16:30 - [0] ----D C:\ProgramData\?g?g?????????????????????????
O43 - CFD: 11/08/2013 - 21:00:19 - [0] ----D C:\ProgramData\?I?I?????????????????????????
O43 - CFD: 05/04/2013 - 13:31:37 - [0] ----D C:\ProgramData\?i?i?????????????????????????
O43 - CFD: 21/09/2013 - 14:29:34 - [0] ----D C:\ProgramData\?R?R?????????????????????????
O43 - CFD: 30/06/2013 - 09:15:01 - [0] ----D C:\ProgramData\?t?t?????????????????????????
O43 - CFD: 29/06/2013 - 19:33:25 - [0] ----D C:\ProgramData\?U?U?????????????????????????
O43 - CFD: 09/07/2013 - 21:34:41 - [0] ----D C:\ProgramData\?�?�?????????????????????????
O43 - CFD: 12/07/2013 - 13:04:44 - [0] ----D C:\ProgramData\?????????????????????????????
O43 - CFD: 29/04/2013 - 16:53:58 - [0] ----D C:\ProgramData\?????????????????????????????
O43 - CFD: 11/07/2013 - 17:17:44 - [0] ----D C:\ProgramData\?????????????????????????????
O43 - CFD: 15/03/2013 - 19:18:51 - [0] ----D C:\ProgramData\?????????????????????????????
O43 - CFD: 07/03/2013 - 18:38:29 - [0] ----D C:\ProgramData\?????????????????????????????
O43 - CFD: 15/08/2013 - 11:58:58 - [0] ----D C:\ProgramData\?????????????????????????????
O43 - CFD: 13/08/2013 - 18:44:43 - [0] ----D C:\ProgramData\?????????????????????????????
O43 - CFD: 07/03/2013 - 19:47:58 - [0] ----D C:\ProgramData\?????????????????????????????
O43 - CFD: 16/05/2013 - 18:30:32 - [0] ----D C:\ProgramData\?T?T?????????????????????????
O43 - CFD: 03/06/2013 - 15:11:53 - [0] ----D C:\ProgramData\?????????????????????????????
O43 - CFD: 10/07/2013 - 14:00:12 - [0] ----D C:\ProgramData\?????????????????????????????
O43 - CFD: 18/05/2013 - 14:20:34 - [0] ----D C:\ProgramData\?????????????????????????????
O43 - CFD: 03/10/2013 - 19:57:04 - [0] ----D C:\ProgramData\?????????????????????????????
O43 - CFD: 03/06/2013 - 13:04:02 - [0] ----D C:\ProgramData\?|?|?????????????????????????
O43 - CFD: 29/03/2013 - 14:33:29 - [0] ----D C:\ProgramData\?????????????????????????????
O43 - CFD: 24/05/2013 - 18:22:26 - [0] ----D C:\ProgramData\?????????????????????????????
O43 - CFD: 07/08/2013 - 18:49:34 - [0] ----D C:\ProgramData\?!?!?????????????????????????
O43 - CFD: 16/04/2013 - 13:33:07 - [0] ----D C:\ProgramData\?????????????????????????????
O43 - CFD: 22/07/2013 - 09:26:04 - [0] ----D C:\ProgramData\?????????????????????????????
O43 - CFD: 17/07/2013 - 13:21:04 - [0] ----D C:\ProgramData\?????????????????????????????
O43 - CFD: 25/03/2013 - 18:13:23 - [0] ----D C:\ProgramData\?????????????????????????????
O43 - CFD: 29/06/2013 - 15:45:44 - [0] ----D C:\ProgramData\?????????????????????????????
O43 - CFD: 12/03/2013 - 14:57:56 - [0] ----D C:\ProgramData\?a?a?????????????????????????
O43 - CFD: 05/04/2013 - 20:12:53 - [0] ----D C:\ProgramData\?i?i?????????????????????????
O43 - CFD: 21/03/2013 - 18:50:38 - [0] ----D C:\ProgramData\?O?O?????????????????????????
O43 - CFD: 30/03/2013 - 14:35:07 - [0] ----D C:\ProgramData\?U?U?????????????????????????
O43 - CFD: 08/03/2013 - 12:14:45 - [0] ----D C:\ProgramData\?u?u?????????????????????????
O43 - CFD: 05/04/2013 - 19:24:20 - [0] ----D C:\ProgramData\?U?U?????????????????????????
O43 - CFD: 30/04/2013 - 11:54:41 - [0] ----D C:\ProgramData\?u?u?????????????????????????
O43 - CFD: 14/03/2013 - 13:10:34 - [0] ----D C:\ProgramData\?u?u?????????????????????????
O43 - CFD: 07/03/2013 - 18:18:24 - [0] ----D C:\ProgramData\?a?a?????????????????????????
O43 - CFD: 29/04/2013 - 18:17:30 - [0] ----D C:\ProgramData\?????????????????????????????
O43 - CFD: 22/03/2013 - 17:54:29 - [0] ----D C:\ProgramData\?????????????????????????????
O43 - CFD: 01/04/2013 - 11:45:54 - [0] ----D C:\ProgramData\?G?G?????????????????????????
O43 - CFD: 24/04/2013 - 20:48:10 - [0] ----D C:\ProgramData\?g?g?????????????????????????
O43 - CFD: 18/05/2013 - 21:30:14 - [0] ----D C:\ProgramData\?K?K?????????????????????????
O43 - CFD: 14/03/2013 - 17:16:05 - [0] ----D C:\ProgramData\?O?O?????????????????????????
O43 - CFD: 10/04/2013 - 16:56:31 - [0] ----D C:\ProgramData\?o?o?????????????????????????
O43 - CFD: 16/03/2013 - 15:18:05 - [0] ----D C:\ProgramData\?????????????????????????????
O43 - CFD: 16/05/2013 - 19:08:18 - [0] ----D C:\ProgramData\?j?j?????????????????????????
O43 - CFD: 20/03/2013 - 13:57:06 - [0] ----D C:\ProgramData\?????????????????????????????
O43 - CFD: 14/06/2013 - 16:42:32 - [0] ----D C:\ProgramData\?????????????????????????????
O43 - CFD: 06/04/2013 - 08:46:24 - [0] ----D C:\ProgramData\?????????????????????????????
O43 - CFD: 12/04/2013 - 20:46:32 - [0] ----D C:\ProgramData\?????????????????????????????
O43 - CFD: 10/06/2013 - 15:37:33 - [0] ----D C:\ProgramData\?????????????????????????????
O43 - CFD: 13/03/2013 - 09:01:15 - [0] ----D C:\ProgramData\?????????????????????????????
O43 - CFD: 12/03/2013 - 20:04:20 - [0] ----D C:\ProgramData\?????????????????????????????
O43 - CFD: 25/04/2013 - 18:52:05 - [0] ----D C:\ProgramData\?????????????????????????????
O43 - CFD: 28/03/2013 - 17:23:20 - [0] ----D C:\ProgramData\?????????????????????????????
O43 - CFD: 17/05/2013 - 16:30:19 - [0] ----D C:\ProgramData\?????????????????????????????
O43 - CFD: 05/04/2013 - 19:45:33 - [0] ----D C:\ProgramData\?????????????????????????????
O43 - CFD: 01/04/2013 - 21:26:23 - [0] ----D C:\ProgramData\?????????????????????????????
O43 - CFD: 03/05/2013 - 13:00:51 - [0] ----D C:\ProgramData\?????????????????????????????
O43 - CFD: 02/04/2013 - 22:00:50 - [0] ----D C:\ProgramData\?????????????????????????????
O43 - CFD: 20/05/2013 - 15:25:04 - [0] ----D C:\ProgramData\?????????????????????????????
O43 - CFD: 25/03/2013 - 18:24:27 - [0] ----D C:\ProgramData\?????????????????????????????
O43 - CFD: 17/05/2013 - 18:49:56 - [0] ----D C:\ProgramData\?????????????????????????????
O43 - CFD: 10/03/2013 - 21:46:34 - [0] ----D C:\ProgramData\?????????????????????????????
O43 - CFD: 31/03/2013 - 10:36:03 - [0] ----D C:\ProgramData\?????????????????????????????
O43 - CFD: 08/04/2013 - 13:30:12 - [0] ----D C:\ProgramData\?#?#0
O43 - CFD: 23/05/2013 - 18:01:05 - [0] ----D C:\ProgramData\?�?�0
O43 - CFD: 22/05/2013 - 21:02:50 - [0] ----D C:\ProgramData\?G?G0
O43 - CFD: 22/03/2013 - 16:01:21 - [0] ----D C:\ProgramData\????0
O43 - CFD: 01/09/2013 - 10:58:31 - [0] ----D C:\ProgramData\?O?O0
O43 - CFD: 30/08/2013 - 17:16:52 - [0] ----D C:\ProgramData\?u?u0
O43 - CFD: 22/04/2013 - 17:21:34 - [0] ----D C:\ProgramData\?G?G0
O43 - CFD: 12/04/2013 - 12:49:33 - [0] ----D C:\ProgramData\????0
O43 - CFD: 02/04/2013 - 19:51:10 - [0] ----D C:\ProgramData\????0
O43 - CFD: 25/03/2013 - 19:23:10 - [0] ----D C:\ProgramData\????????????????????????p???????
O43 - CFD: 30/09/2013 - 19:01:14 - [0,021] ----D C:\Users\lolo\AppData\Local\BrytonBridge
O43 - CFD: 05/03/2013 - 22:14:32 - [0,197] ----D C:\Users\lolo\AppData\Local\Updater27096 =>PUP.CrossRider
~ Program Folder: 309 Legitimates Filtered in 00mn 25s
---\\ Contr�le du Safe Boot (CSB) (O49)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\CleanHlp.sys . (...) -- C:\Windows\System32\Drivers\CleanHlp.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\CleanHlp.sys . (...) -- C:\Windows\System32\Drivers\CleanHlp.sys (.not file.)
~ CSB: 15 Legitimates Filtered in 00mn 00s
---\\ Cl� de registre Shell MountPoints2 (MPKS) (O51)
O51 - MPSK:{b5540631-3334-11de-9e5c-806e6f6e6963}\AutoRun\command. (...) -- E:\bb\BBChecker.exe
~ Keys: Scanned in 00mn 00s
---\\ Enum�ration des cl�s de registre PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
~ MWPS: 16 Legitimates Filtered in 00mn 00s
---\\ Liste des pilotes du syst�me (SDL) (O58)
O58 - SDL:[MD5.B680134BA1813B78B47FDD1DFF223CA5] - 09/05/2013 - 09:59:10 ---A- . (...) -- C:\Windows\System32\Drivers\aswRvrt.sys [49376]
O58 - SDL:[MD5.8AAD333C876590293F72B315E162BCC7] - 02/11/2006 - 08:09:42 ---A- . (...) -- C:\Windows\System32\ANSI.SYS [9029]
~ Drivers: 16 Legitimates Filtered in 00mn 01s
---\\ Liste des outils de d�sinfection (LATC) (O63)
O63 - Logiciel: ZHPDiag 2013 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s
---\\ Associations Shell Spawning (O67)
O67 - Shell Spawning: <.com> <>[HKU\..\open\Command] (.Not Key.)
O67 - Shell Spawning: <.exe> <>[HKU\..\open\Command] (.Not Key.)
~ FASS Keys: 21 Legitimates Filtered in 00mn 01s
---\\ Menu de d�marrage Internet (SMI) (O68)
O68 - StartMenuInternet:
O68 - StartMenuInternet:
~ Keys: Scanned in 00mn 00s
---\\ Recherche d'infection sur les navigateurs internet (SBI) (O69)
O69 - SBI: SearchScopes [HKCU] {67A2568C-7A0A-4EED-AECC-B5405DE63B64} [DefaultScope] - (Google) - http://www.google.com
~ Keys: Scanned in 00mn 00s
---\\ Recherche particuli�re � la racine du syst�me (SPRF) (O84)
[MD5.D2C020500188246C2F0BF1552573B923] [SPRF][25/03/2011] (.Bryton Inc - BrytonBridge Setup.) -- C:\Users\lolo\AppData\Local\Temp\hermes_inst.exe [14527699]
[MD5.E2822E2E75DFBC277E048262D8311CFD] [SPRF][11/10/2013] (...) -- C:\Users\lolo\AppData\Roaming\wklnhst.dat [2164]
~ Files: 4 Legitimates Filtered in 00mn 01s
---\\ Recherche des packages WindowsInstaller (WIS) (O93) (NTFS)
~ WIS: 88 Legitimates Filtered in 01mn 17s
---\\ Etat g�n�ral des services not Microsoft (EGS) (SR=Running, SS=Stopped)
SR - | Auto 30/09/2013 4153784 | (a2AntiMalware) . (.Emsisoft GmbH.) - C:\Program Files\Emsisoft Anti-Malware\a2service.exe
SR - | Auto 10/06/2008 692224 | (Ati External Event Utility) . (.ATI Technologies Inc..) - C:\Windows\System32\Ati2evxx.exe
SR - | Auto 09/05/2013 46808 | (avast! Antivirus) . (.AVAST Software.) - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
SR - | Auto 14/09/2013 68096 | (BBService) . (...) - C:\Program Files\BrytonBridge2\BBService.exe
SS - | Demand 22/10/2008 647680 | (FLEXnet Licensing Service) . (.Macrovision Europe Ltd..) - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
SS - | Auto 08/02/2010 135664 | (gupdate) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SS - | Demand 08/02/2010 135664 | (gupdatem) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SR - | Auto 09/08/2007 1757696 | (hasplms) . (.Aladdin Knowledge Systems Ltd..) - C:\Windows\system32\hasplms.exe
SR - | Auto 07/05/2008 354840 | (IAANTMON) . (.Intel Corporation.) - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
SS - | Demand 11/09/2013 118680 | (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
SR - | Auto 19/12/2006 81920 | (PLFlash DeviceIoControl Service) . (.Prolific Technology Inc..) - C:\Windows\system32\IoctlSvc.exe
SS - | Auto 13/07/2012 160944 | (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files\Skype\Updater\Updater.exe
SR - | Auto 21/01/2008 21504 | C:\Program Files\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 21/01/2008 21504 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 12/11/2001 20480 | (x10nets) . (.X10.) - C:\Program Files\Common Files\X10\Common\X10nets.exe
~ Services: Scanned in 01mn 21s
---\\ Scan Additionnel (O88)
Database Version : 12949 - (18/10/2013)
Cl�s trouv�es (Keys found) : 6
Valeurs trouv�es (Values found) : 0
Dossiers trouv�s (Folders found) : 1
Fichiers trouv�s (Files found) : 0
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{64182481-4F71-486b-A045-B233BD0DA8FC}] =>Adware.Facemoods
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}] =>Adware.IMBooster
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{DB4E9724-F518-4DFD-9C7C-78B52103CAB9}] =>Adware.BullseyeToolbar
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}] =>Toolbar.DeltaSearch
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{82E1477C-B154-48D3-9891-33D83C26BCD3}] =>PUP.Funmoods
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110211701196}] =>PUP.CrossRider
C:\Users\lolo\AppData\Local\Updater27096 =>PUP.CrossRider^
~ Additionnel Scan: 172634 Items scanned in 03mn 36s
---\\ R�capitulatif des d�tections trouv�es sur votre station
~ http://nicolascoolman.webs.com/apps/blog/show/32979753-pup-bitguard =>PUP.BitGuard
~ http://nicolascoolman.webs.com/apps/blog/show/27583526-pup-crossrider =>PUP.CrossRider
~ http://nicolascoolman.webs.com/apps/blog/show/26764465-adware-facemoods =>Adware.Facemoods
~ http://nicolascoolman.webs.com/apps/blog/show/26684723-adware-imbooster =>Adware.IMBooster
~ http://nicolascoolman.webs.com/apps/blog/show/27674245-adware-bullseyetoolbar =>Adware.BullseyeToolbar
~ http://nicolascoolman.webs.com/apps/blog/show/27875657-toolbar-deltasearch =>Toolbar.DeltaSearch
~ http://nicolascoolman.webs.com/apps/blog/show/27630986-pup-funmoods =>PUP.Funmoods
~ MSI: 7 link(s) detected in 03mn 36s
~ 1145 Legitimates filtered by white list
End of the scan (584 lines in 08mn 26s)(0)