Rapport 4

1. Rapport de ZHPDiag v2013.3.28.105 par Nicolas Coolman, Update du 28/03/2013
2. Run by Matteo at 30/03/2013 15:21:04
3. State : Nouvelle version disponible
4. High Elevated Privileges : OK
5. UAC : Deactivate by user
6.  
7.  
8. ---\\ Web Browser
9. MSIE: Internet Explorer v9.0.8112.16421
10. MFIE: Mozilla Firefox 15.0.1 v15.0.1
11. MFIE: Mozilla Firefox 19.0.2 v19.0.2
12. GCIE: Google Chrome v26.0.1410.43 (Defaut)
13.  
14. ---\\ Windows Product Information
15. ~ Langage: Français
16. Windows 7 Home Premium Edition, 64-bit Service Pack 1 (Build 7601)
17. Windows Server License Manager Script : OK
18. ~ Windows(R) 7, OEM_SLP channel
19. System Locked Preinstallation (OEM_SLP) : OK
20. Windows ID Activation : OK
21. ~ Windows Partial Key : 9YQTR
22. Windows License : OK
23. ~ Windows Remaining Initializations Number : 1
24. Software Protection Service (Protection logicielle) : OK
25. Windows Automatic Updates : OK
26. Windows Activation Technologies : OK
27.  
28. ---\\ System Information
29. ~ Processor: Intel64 Family 6 Model 42 Stepping 7, GenuineIntel
30. ~ Operating System: 64 Bits
31. Boot mode: Normal (Normal boot)
32. Total RAM: 6055 MB (39% free)
33. System Restore: Activé (Enable)
34. System drive C: has 99 GB (33%) free of 293 GB
35.  
36. ---\\ Logged in mode
37. ~ Computer Name: PCDEMATTEO
38. ~ User Name: Matteo
39. ~ All Users Names: UpdatusUser, Matteo, HomeGroupUser$, Administrateur,
40. ~ Unselected Option: None
41. Logged in as Administrator
42.  
43. ---\\ Environnement Variables
44. ~ System Unit : C:\
45. ~ %AppData% : C:\Users\Matteo\AppData\Roaming\
46. ~ %Desktop% : C:\Users\Matteo\Desktop\
47. ~ %Favorites% : C:\Users\Matteo\Favorites\
48. ~ %LocalAppData% : C:\Users\Matteo\AppData\Local\
49. ~ %StartMenu% : C:\Users\Matteo\AppData\Roaming\Microsoft\Windows\Start Menu\
50. ~ %Windir% : C:\Windows\
51. ~ %System% : C:\Windows\System32\
52.  
53. ---\\ DOS/Devices
54. C:\ Hard drive, Flash drive, Thumb drive (Free 99 Go of 293 Go)
55. D:\ Hard drive, Flash drive, Thumb drive (Free 143 Go of 381 Go)
56. E:\ CD-ROM drive (Not Inserted)
57. F:\ CD-ROM drive (Free 0 Go of 2 Go)
58. H:\ CD-ROM drive (Not Inserted)
59.  
60.  
61.  
62. ---\\ Security Center & Tools Informations
63. [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
64. [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
65. [HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
66. [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
67. [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: Modified
68. [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
69. [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
70. [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
71. [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
72. [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : Out Of Date
73. ~ Security Center: Scanned in 00mn 00s
74.  
75.  
76.  
77. ---\\ Recherche particulière de fichiers génériques
78. [MD5.2A918679E1CC652B377F5849EBEAD1A7] - (.Microsoft Corporation - Explorateur Windows.) (.25/02/2011 - 07:19:30.) -- C:\Windows\Explorer.exe [2388992]
79. [MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Application de démarrage de Windows.) (.14/07/2009 - 02:39:52.) -- C:\Windows\System32\Wininit.exe [129024]
80. [MD5.8EA68FD3780DDDD5072F8CB830B3CB3D] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.29/06/2012 - 04:49:11.) -- C:\Windows\System32\wininet.dll [1392128]
81. [MD5.1151B1BAA6F350B1DB6598E0FEA7C457] - (.Microsoft Corporation - Application d’ouverture de session Windows.) (.20/11/2010 - 14:25:32.) -- C:\Windows\System32\Winlogon.exe [390656]
82. [MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Bibliothèque de licences.) (.20/11/2010 - 14:27:28.) -- C:\Windows\System32\sppcomapi.dll [232448]
83. [MD5.1C7857B62DE5994A75B054A9FD4C3825] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.28/12/2011 - 04:59:24.) -- C:\Windows\system32\Drivers\AFD.sys [498688]
84. [MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 - 02:52:21.) -- C:\Windows\system32\Drivers\atapi.sys [24128]
85. [MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.14/07/2009 - 00:19:47.) -- C:\Windows\system32\Drivers\Cdfs.sys [92160]
86. [MD5.F036CE71586E93D94DAB220D7BDF4416] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.20/11/2010 - 10:19:22.) -- C:\Windows\system32\Drivers\Cdrom.sys [147456]
87. [MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.20/11/2010 - 10:26:34.) -- C:\Windows\system32\Drivers\DfsC.sys [102400]
88. [MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.20/11/2010 - 11:43:44.) -- C:\Windows\system32\Drivers\HDAudBus.sys [122368]
89. [MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Pilote de port i8042.) (.14/07/2009 - 00:19:57.) -- C:\Windows\system32\Drivers\i8042prt.sys [105472]
90. [MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.14/07/2009 - 01:10:03.) -- C:\Windows\system32\Drivers\IpNat.sys [116224]
91. [MD5.A5D9106A73DC88564C825D317CAC68AC] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.27/04/2011 - 03:40:40.) -- C:\Windows\system32\Drivers\MRxSmb.sys [158208]
92. [MD5.09594D1089C523423B32A4229263F068] - (.Microsoft Corporation - MBT Transport driver.) (.20/11/2010 - 10:23:22.) -- C:\Windows\system32\Drivers\netBT.sys [261632]
93. [MD5.A2F74975097F52A00745F9637451FDD8] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.11/03/2011 - 07:41:34.) -- C:\Windows\system32\Drivers\ntfs.sys [1659776]
94. [MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Pilote de port parallèle.) (.14/07/2009 - 01:00:41.) -- C:\Windows\system32\Drivers\Parport.sys [97280]
95. [MD5.471815800AE33E6F1C32FB1B97C490CA] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.20/11/2010 - 11:52:36.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [129536]
96. [MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.14/07/2009 - 01:09:09.) -- C:\Windows\system32\Drivers\smb.sys [93184]
97. [MD5.DDAD5A7AB24D8B65F8D724F5C20FD806] - (.Microsoft Corporation - TDI Translation Driver.) (.20/11/2010 - 10:21:58.) -- C:\Windows\system32\Drivers\tdx.sys [119296]
98. [MD5.0D08D2F3B3FF84E433346669B5E0F639] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.20/11/2010 - 14:34:04.) -- C:\Windows\system32\Drivers\volsnap.sys [295808]
99. ~ Generic Processes: Scanned in 00mn 00s
100.  
101.  
102.  
103. ---\\ Etat des fichiers cachés (Caché/Total)
104. ~ Mes images (My Pictures) : 1/5
105. ~ Mes musiques (My Musics) : 1/12
106. ~ Mes Videos (My Videos) : 1/79
107. ~ Mes Favoris (My Favorites) : 1/8
108. ~ Mes Documents (My Documents) : 0/109
109. ~ Mon Bureau (My Desktop) : 0/631
110. ~ Menu demarrer (Programs) : 1/94
111. ~ Hidden Files: Scanned in 00mn 03s
112.  
113.  
114.  
115. ---\\ Processus lancés
116. [MD5.18E5C2F937F9DEB8C282DF66A3761925] - (.ASUS - ASLDR Service.) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe [84536] [PID.1468]
117. [MD5.7910158929571214A959D5A6D16DD9C0] - (.ASUS - GFNEXSrv.) -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe [96896] [PID.1684]
118. [MD5.E41F55D0B71734BB68FF26963EB250E4] - (.Avira Operations GmbH & Co. KG - Avira Scheduler.) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [86752] [PID.1908]
119. [MD5.D19C4EE2AC7C47B8F5F84FFF1A789D8A] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [63960] [PID.1064]
120. [MD5.880AE0BEDE234F27AC252049373B8CB9] - (.Avira Operations GmbH & Co. KG - Avira On-Access Service.) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [110816] [PID.1136]
121. [MD5.A5299D04ED225D64CF07A568A3E1BF8C] - (.Apple Inc. - MobileDeviceService.) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [55184] [PID.1512]
122. [MD5.5BB1F77C8AF725A15EC9366498D275BB] - (.ASUS - ATKOSD2.) -- C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [5732992] [PID.2584]
123. [MD5.BC3DA234CDA880578526DAB028F40268] - (.ASUS - SmartLogon Application.) -- C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe [305792] [PID.2628]
124. [MD5.F4DCD4912B185C3AAEB92A7040832AD1] - (.Pas de propriétaire - ALU.) -- C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe [51768] [PID.2660]
125. [MD5.01F61F0F2B551EAEE2C12619B13B93D2] - (.ASUS - HControl.) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe [166528] [PID.2772]
126. [MD5.149126216A694E6BA84E92ECA77AAE3B] - (.ASUS - ATKOSD.) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe [2488888] [PID.2848]
127. [MD5.AA11E1368EEB237DD100BAC6AFFE1C57] - (.ASUS - KBFiltr.) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe [113208] [PID.2868]
128. [MD5.4A7C441D99D86704D194E7678873B95D] - (.ASUS - WDC.) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe [174648] [PID.2880]
129. [MD5.8D3B3AD7F9B6EE8AC96B1AD293BB0FB0] - (.Freemake - CaptureLibService.) -- C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe [8704] [PID.2940]
130. [MD5.497F27E279C0F921E2130BB89C1CB5CA] - (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe [18705664] [PID.3136]
131. [MD5.37DEB76A2CF005841C4E45DE2B94D84F] - (.ASUS - AsScrPro.) -- C:\Windows\AsScrPro.exe [3058304] [PID.3188]
132. [MD5.57B4D34232852BFE4453BE571DF90D21] - (.CyberLink - CyberLink MediaLibray Service.) -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [103720] [PID.3232]
133. [MD5.1F81444A2AC10FFEB46B325A1F916B12] - (...) -- C:\Windows\Lion Skin Pack\UberIcon\UberIcon.exe [159744] [PID.3900]
134. [MD5.4D6B7C0464A92343B8B0F940D95BA99E] - (.VirtuaWin - VirtuaWin v4.1.) -- C:\Windows\Lion Skin Pack\VirtuaWin\VirtuaWin.exe [136704] [PID.0]
135. [MD5.FC8B588E9BBC070C411136554A9AA56E] - (.Y'z@Home - Attach drop shadow to windows..) -- C:\Windows\Lion Skin Pack\YzShadow\YzShadow.exe [151552] [PID.3916]
136. [MD5.7EE22E13DEC8A6D18F4643C1EA34B0F0] - (.Virage Logic Corporation / Sonic Focus - ASUS_MATray.exe.) -- C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe [984400] [PID.3992]
137. [MD5.79A3B950988F8D2B81906D0C0473158B] - (.ASUS - ATK Media.) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [170624] [PID.4008]
138. [MD5.5AEBF6FA9805C9101220AA4FB4FA17E7] - (.ASUS - HControlUser.) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [105016] [PID.4016]
139. [MD5.FD22B00049F775E952371E9C3DAC631B] - (.Pas de propriétaire - Wireless Console 3.) -- C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe [1601536] [PID.4032]
140. [MD5.46973BE31BA606A0143C5932E7BDFDBD] - (.AnchorFree Inc. - Pas de description.) -- C:\Program Files (x86)\Hotspot Shield\bin\openvpnas.exe [511344] [PID.2764]
141. [MD5.12916E0642E92561C98B18A2A2D01B14] - (.Sun Microsystems, Inc. - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [252848] [PID.3004]
142. [MD5.3CB07566302BCEEB898DE270A0BEC175] - (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [946352] [PID.2252]
143. [MD5.AD8BD96B41C40AC36D803DF267B26EF0] - (.LogMeIn Inc. - Hamachi Client Application.) -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [2254768] [PID.2276]
144. [MD5.E4401CF27225C1D6E664E86195978562] - (.Apple Inc. - iTunesHelper.) -- C:\Program Files (x86)\iTunes\iTunesHelper.exe [152544] [PID.1252]
145. [MD5.E489256CEB48F882809B98769A0BAC25] - (.AnchorFree Inc. - Pas de description.) -- C:\Program Files (x86)\Hotspot Shield\HssWPR\hsssrv.exe [412016] [PID.1288]
146. [MD5.5B8E2CA848D2336013D46701CC1DD5F8] - (.Avira Operations GmbH & Co. KG - Avira System Tray Tool.) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [345312] [PID.3528]
147. [MD5.D175CFBC4B0A5B3E5F4A689B0C4ED04E] - (...) -- C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe [388976] [PID.1860]
148. [MD5.4D41BF8132A7CBCDAB77C96CC0B4A7BC] - (...) -- C:\Users\Matteo\Documents\DCSCMIN\IMDCSC.exe [1494207] [PID.4104]
149. [MD5.1ACAA67676E9E7BDA5E0C41B6E0DECAF] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [398184] [PID.4212]
150. [MD5.4D337AC93FFE620A7DAB5A09FB04DA5D] - (...) -- C:\Windows\Lion Skin Pack\VirtuaWin\modules\WinList.exe [14848] [PID.4596]
151. [MD5.916B8954AC3E06DC9E898AFFB41F3FB6] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [682344] [PID.4996]
152. [MD5.6FF6EF1CC25E558CF0335928B658D11E] - (...) -- C:\Program Files (x86)\OpenVPN Technologies\PrivateTunnel\core\capiws.exe [24064] [PID.2916]
153. [MD5.7853D2AB445C10F97610B2B05FA4CF0A] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe [512360] [PID.3460]
154. [MD5.205E1B699FD3F2F9B036EEA2EC30C620] - (...) -- C:\Windows\SysWOW64\PnkBstrA.exe [76888] [PID.4372]
155. [MD5.388AE59FE75F1B959DFA0900923C61BB] - (.Skype Technologies S.A. - Skype C2C Service.) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [3064000] [PID.4528]
156. [MD5.1ECC8ADA1A2DE3A5A943020A01752626] - (...) -- C:\Program Files (x86)\OpenVPN Technologies\PrivateTunnel\core\ovpntray.exe [68096] [PID.1664]
157. [MD5.BF2F2717C13A4BD4FD73F2788534E86B] - (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe [917400] [PID.780]
158. [MD5.00572C26C6DCF99362068FB7283B7126] - (.NVIDIA Corporation - NVIDIA Settings Update Manager.) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2009704] [PID.1848]
159. [MD5.AA6844A5127ED4B20DF6D313467B929D] - (.Mozilla Corporation - Plugin Container for Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe [17304] [PID.5500]
160. [MD5.680AD8F376970696B45269F074A8A28E] - (.Adobe Systems, Inc. - Adobe Flash Player 11.6 r602.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_6_602_180.exe [1822424] [PID.3044]
161. [MD5.5DFE72B9F1FF669070FC032090B7B982] - (.Sun Microsystems, Inc. - Java(TM) Update Checker.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe [507312] [PID.6044]
162. [MD5.74D5745FB992D8D193F08ABFA63E418C] - (.Avira Operations GmbH & Co. KG - Avira Control Center.) -- C:\program files (x86)\avira\antivir desktop\avcenter.exe [330976] [PID.4620]
163. [MD5.2F0B43190DA225D624DF41587C832296] - (...) -- C:\Program Files (x86)\Dofus2\app\Dofus.exe [142336] [PID.2440]
164. [MD5.D54EAB26A6060E8A6318A947C8541B79] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [6184448] [PID.5200]
165. ~ Processes Running: Scanned in 00mn 01s
166.  
167.  
168.  
169. ---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
170. C:\Users\Matteo\AppData\Local\Google\Chrome\User Data\Default\Preferences
171. G1 - GCS: Preference [User Data\Default] None
172. ~ Google Browser: Scanned in 00mn 00s
173.  
174.  
175.  
176. ---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
177. C:\Users\Matteo\AppData\Roaming\Mozilla\Firefox\Profiles\7gf4zulc.default\prefs.js
178. M3 - MFPP: Plugins - [Matteo] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\amazon-france.xml
179. M3 - MFPP: Plugins - [Matteo] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\bing.xml
180. M3 - MFPP: Plugins - [Matteo] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\cnrtl-tlfi-fr.xml
181. M3 - MFPP: Plugins - [Matteo] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\eBay-france.xml
182. M3 - MFPP: Plugins - [Matteo] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\google.xml
183. M3 - MFPP: Plugins - [Matteo] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\wikipedia-fr.xml
184. M3 - MFPP: Plugins - [Matteo] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\yahoo-france.xml
185. P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (...) -- C:\Windows\system32\Macromed\Flash\NPSWF64_11_6_602_180.dll
186. P2 - FPN: [HKLM] [@java.com/JavaPlugin] - (.Sun Microsystems, Inc. - Next Generation Java Plug-in 1.6.0_25 for Mozilla browsers.) -- C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
187. P2 - FPN: [HKLM] [@microsoft.com/OfficeAuthz,version=14.0] - (.Microsoft Corporation - Office Authorization plug-in for NPAPI browsers.) -- C:\Program Files\Microsoft Office\Office14\NPAUTHZ.dll
188. P2 - FPN: [HKCU] [@talk.google.com/GoogleTalkPlugin] - (.Google - Version 3.17.0.12440.) -- C:\Users\Matteo\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
189. P2 - FPN: [HKCU] [@talk.google.com/O1DPlugin] - (.Google - Version 3.17.0.12440.) -- C:\Users\Matteo\AppData\Roaming\Mozilla\plugins\npo1d.dll
190. P2 - FPN: [HKCU] [@talk.google.com/O3DPlugin] - (.Pas de propriétaire - Google Talk Plugin Video Accelerator version:0.1.44.24.) -- C:\Users\Matteo\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll
191. P2 - FPN: [HKCU] [@tools.google.com/Google Update;version=3] - (.Google Inc. - Google Update.) -- C:\Users\Matteo\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll
192. P2 - FPN: [HKCU] [@tools.google.com/Google Update;version=9] - (.Google Inc. - Google Update.) -- C:\Users\Matteo\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll
193. P2 - FPN: [HKCU] [@unity3d.com/UnityPlayer,version=1.0] - (.Unity Technologies ApS - Unity Player 4.0.0f7.) -- C:\Users\Matteo\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
194. P2 - FPN: [HKCU] [electronicarts.com/GameFacePlugin] - (.Electronic Arts - EA SPORTS Game Face Plugin 1.8.0.0.) -- C:\Users\Matteo\AppData\Roaming\Electronic Arts\Game Face\npGameFacePlugin.dll
195. P2 - FPN: [HKCU] [pandonetworks.com/PandoWebPlugin] - (.Pando Networks - Pando Web Plugin.) -- C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
196. P2 - FPN: [HKCU] [ubisoft.com/uplaypc] - (.Ubisoft - Uplay PC Plugin.) -- C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll
197. ~ Firefox Browser: Scanned in 00mn 00s
198.  
199.  
200.  
201. ---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
202. R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
203. R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://asus.msn.com
204. R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://asus.msn.com
205. R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com
206. R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus.msn.com
207. R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
208. R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
209. R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com
210. R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
211. R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
212. R3 - URLSearchHook: Microsoft Url Search Hook [64Bits] - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Navigateur Internet.) (9.00.8112.16421 (WIN7_IE9_RTM.110308-0330)) -- C:\Windows\SysWOW64\ieframe.dll
213. R4 - HKLM\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 0
214. R4 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 0
215. ~ IE Browser: Scanned in 00mn 00s
216.  
217.  
218.  
219. ---\\ Internet Explorer, Proxy Management (R5)
220. R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
221. R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
222. R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
223. R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
224. R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
225. R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
226. ~ Proxy management: Scanned in 00mn 00s
227.  
228.  
229.  
230. ---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
231. F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
232. F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
233. F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
234. ~ Keys: Scanned in 00mn 00s
235.  
236.  
237.  
238. ---\\ Redirection du fichier Hosts (O1)
239. ~ Le fichier hosts est sain (The hosts file is clean).
240. ~ Hosts File: Scanned in 00mn 00s
241. ~ Nombre de lignes (Lines number): 36
242.  
243.  
244.  
245. ---\\ Browser Helper Objects de navigateur (O2)
246. O2 - BHO: AcroIEHelperStub [64Bits] - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
247. O2 - BHO: Java(tm) Plug-In SSV Helper [64Bits] - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Program Files (x86)\Java\jre7\bin\ssv.dll
248. O2 - BHO: Windows Live ID Sign-in Helper [64Bits] - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corp. - Microsoft® Windows Live ID Login Helper.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
249. O2 - BHO: Google Toolbar Helper [64Bits] - {AA58ED58-01DD-4d91-8333-CF10577473F7} . (.Google Inc. - Google Toolbar.) -- C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
250. O2 - BHO: SkypeIEPluginBHO [64Bits] - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} . (.Skype Technologies S.A. - Skype Click to Call for Internet Explorer.) -- C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
251. O2 - BHO: URLRedirectionBHO [64Bits] - {B4F3A835-0E21-4959-BA22-42B3008E02FF} . (.Microsoft Corporation - Microsoft Office Document Cache Handler.) -- C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.dll
252. O2 - BHO: Bing Bar Helper [64Bits] - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} . (...) -- "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (.not file.)
253. O2 - BHO: Java(tm) Plug-In 2 SSV Helper [64Bits] - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
254. O2 - BHO: Freemake.YoutubeButton [64Bits] - {e9e8eb35-ff77-455d-b677-91e5e4fc06c2} . (...) -- mscoree.dll (.not file.)
255. ~ BHO: Scanned in 00mn 00s
256.  
257.  
258.  
259. ---\\ Internet Explorer Toolbars (O3)
260. O3 - Toolbar: Google Toolbar [64Bits] - [HKLM]{2318C2B1-4965-11d4-9B18-009027A5CD4F} . (.Google Inc. - Google Toolbar.) -- C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
261. ~ Toolbar: Scanned in 00mn 00s
262.  
263.  
264.  
265. ---\\ Applications démarrées par registre & par dossier (O4)
266. O4 - HKLM\..\Run: [IgfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\Windows\system32\igfxtray.exe
267. O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\Windows\system32\hkcmd.exe
268. O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\Windows\system32\igfxpers.exe
269. O4 - HKLM\..\Run: [RtHDVBg] . (.Realtek Semiconductor - HD Audio Background Process.) -- C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
270. O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe (.not file.)
271. O4 - HKLM\..\Run: [IntelPAN] . (.Intel(R) Corporation - Intel(R) PROSet/Wireless Framework.) -- C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
272. O4 - HKLM\..\Run: [SynAsusAcpi] C:\Program Files (x86)\Synaptics\SynTP\SynAsusAcpi.exe (.not file.)
273. O4 - HKLM\..\Run: [IntelTBRunOnce] . (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\wscript.exe
274. O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] . (.Adobe Systems Incorporated - Adobe Updater Startup Utility.) -- C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe
275. O4 - HKCU\..\Run: [AdobeBridge] Clé orpheline
276. O4 - HKCU\..\Run: [Dxtory Update Checker 2.0] . (.Dxtory Software - Update Checker.) -- D:\Dxtory2.0\UpdateChecker.exe
277. O4 - HKCU\..\Run: [DAEMON Tools Lite] . (.DT Soft Ltd - DAEMON Tools Lite.) -- C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
278. O4 - HKCU\..\Run: [Google Update] . (.Google Inc. - Programme d'installation de Google.) -- C:\Users\Matteo\AppData\Local\Google\Update\GoogleUpdate.exe
279. O4 - HKCU\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe
280. O4 - HKCU\..\Run: [Clownfish] Clé orpheline
281. O4 - HKCU\..\Run: [368301] . (...) -- C:\Users\Matteo\368301\svhost.exe
282. O4 - HKCU\..\Run: [DarkComet RAT] . (...) -- C:\Users\Matteo\Documents\DCSCMIN\IMDCSC.exe
283. O4 - HKCU\..\Run: [815461] . (...) -- C:\Users\Matteo\815461\svhost.exe
284. O4 - HKCU\..\Run: [launcher] . (.Microsoft - Starter2.) -- C:\Users\Matteo\AppData\Local\launcher.exe
285. O4 - HKLM\..\Wow6432Node\Run: [ASUSPRP] . (.ASUSTek Computer Inc. - ASUS Product Register Program.) -- C:\Program Files (x86)\ASUS\APRP\APRP.exe
286. O4 - HKLM\..\Wow6432Node\Run: [ASUSWebStorage] . (.ecareme - AsusWebStorage.) -- C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSPanel.exe
287. O4 - HKLM\..\Wow6432Node\Run: [SonicMasterTray] . (.Virage Logic Corporation / Sonic Focus - ASUS_MATray.exe.) -- C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe
288. O4 - HKLM\..\Wow6432Node\Run: [ATKOSD2] . (.ASUS - ATKOSD2.) -- C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
289. O4 - HKLM\..\Wow6432Node\Run: [ATKMEDIA] . (.ASUS - ATK Media.) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
290. O4 - HKLM\..\Wow6432Node\Run: [HControlUser] . (.ASUS - HControlUser.) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
291. O4 - HKLM\..\Wow6432Node\Run: [Wireless Console 3] . (.Pas de propriétaire - Wireless Console 3.) -- C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
292. O4 - HKLM\..\Wow6432Node\Run: [UpdateLBPShortCut] . (.CyberLink Corp. - MUI StartMenu Application.) -- C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe
293. O4 - HKLM\..\Wow6432Node\Run: [UpdateP2GoShortCut] . (.CyberLink Corp. - MUI StartMenu Application.) -- C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe
294. O4 - HKLM\..\Wow6432Node\Run: [APSDaemon] . (.Apple Inc. - Apple Push.) -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
295. O4 - HKLM\..\Wow6432Node\Run: [SwitchBoard] . (.Adobe Systems Incorporated - SwitchBoard Server (32 bit).) -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
296. O4 - HKLM\..\Wow6432Node\Run: [AdobeCS6ServiceManager] . (.Adobe Systems Incorporated - Adobe CS6 Service Manager.) -- C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe
297. O4 - HKLM\..\Wow6432Node\Run: [SunJavaUpdateSched] . (.Sun Microsystems, Inc. - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
298. O4 - HKLM\..\Wow6432Node\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
299. O4 - HKLM\..\Wow6432Node\Run: [LogMeIn Hamachi Ui] . (.LogMeIn Inc. - Hamachi Client Application.) -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
300. O4 - HKLM\..\Wow6432Node\Run: [QuickTime Task] . (.Apple Inc. - QuickTime Task.) -- C:\Program Files (x86)\QuickTime\QTTask.exe
301. O4 - HKLM\..\Wow6432Node\Run: [iTunesHelper] . (.Apple Inc. - iTunesHelper.) -- C:\Program Files (x86)\iTunes\iTunesHelper.exe
302. O4 - HKLM\..\Wow6432Node\Run: [avgnt] . (.Avira Operations GmbH & Co. KG - Avira System Tray Tool.) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
303. O4 - HKLM\..\Wow6432Node\Run: [launcher] . (.Microsoft - Starter2.) -- C:\Users\Matteo\AppData\Local\launcher.exe
304. O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
305. O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
306. O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe
307. O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe
308. O4 - HKUS\S-1-5-21-4177998247-950098203-1800129927-1001\..\Run: [AdobeBridge] Clé orpheline
309. O4 - HKUS\S-1-5-21-4177998247-950098203-1800129927-1001\..\Run: [Dxtory Update Checker 2.0] . (.Dxtory Software - Update Checker.) -- D:\Dxtory2.0\UpdateChecker.exe
310. O4 - HKUS\S-1-5-21-4177998247-950098203-1800129927-1001\..\Run: [DAEMON Tools Lite] . (.DT Soft Ltd - DAEMON Tools Lite.) -- C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
311. O4 - HKUS\S-1-5-21-4177998247-950098203-1800129927-1001\..\Run: [Google Update] . (.Google Inc. - Programme d'installation de Google.) -- C:\Users\Matteo\AppData\Local\Google\Update\GoogleUpdate.exe
312. O4 - HKUS\S-1-5-21-4177998247-950098203-1800129927-1001\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe
313. O4 - HKUS\S-1-5-21-4177998247-950098203-1800129927-1001\..\Run: [Clownfish] Clé orpheline
314. O4 - HKUS\S-1-5-21-4177998247-950098203-1800129927-1001\..\Run: [368301] . (...) -- C:\Users\Matteo\368301\svhost.exe
315. O4 - HKUS\S-1-5-21-4177998247-950098203-1800129927-1001\..\Run: [DarkComet RAT] . (...) -- C:\Users\Matteo\Documents\DCSCMIN\IMDCSC.exe
316. O4 - HKUS\S-1-5-21-4177998247-950098203-1800129927-1001\..\Run: [815461] . (...) -- C:\Users\Matteo\815461\svhost.exe
317. O4 - HKUS\S-1-5-21-4177998247-950098203-1800129927-1001\..\Run: [launcher] . (.Microsoft - Starter2.) -- C:\Users\Matteo\AppData\Local\launcher.exe
318. ~ Application: Scanned in 00mn 00s
319.  
320.  
321.  
322. ---\\ Autres liens utilisateurs (O4)
323. O4 - GS\QuickLaunch: Dofus.lnk . (...) -- C:\Program Files (x86)\Dofus\UpLauncher.exe (.not file.)
324. O4 - GS\QuickLaunch: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
325. O4 - GS\QuickLaunch: Wakfu.lnk . (...) -- C:\Program Files (x86)\Wakfu\UpLauncher.exe
326. O4 - GS\QuickLaunch: Wireshark.lnk . (.The Wireshark developer community, http://w - Wireshark.) -- C:\Program Files\Wireshark\wireshark.exe
327. O4 - GS\Accessories: Private Character Editor.lnk . (.Microsoft Corporation - Éditeur de caractères privés.) -- C:\Windows\system32\eudcedit.exe
328. O4 - GS\SendTo: Fax Recipient.lnk . (.Microsoft Corporation - Microsoft Windows Fax and Scan.) -- C:\Windows\system32\WFS.exe
329. O4 - GS\Desktop: Blender.lnk . (...) -- C:\Program Files (x86)\Blender Foundation\Blender\blender.exe (.not file.)
330. O4 - GS\Desktop: Dofus 2.lnk . (...) -- C:\Program Files (x86)\Dofus 2\app\UpLauncher.exe (.not file.)
331. O4 - GS\Desktop: Dofus.lnk . (...) -- C:\Program Files (x86)\Dofus\UpLauncher.exe (.not file.)
332. O4 - GS\Desktop: Dofus2.lnk . (...) -- C:\Program Files (x86)\Dofus2\app\UpLauncher.exe
333. O4 - GS\Desktop: Dofus2Beta.lnk . (...) -- C:\Program Files (x86)\Dofus2Beta\app\UpLauncher.exe
334. O4 - GS\Desktop: EasyPicture2Icon.lnk . (.Picture2Icon.com - Easy Picture2Icon.) -- D:\EasyPicture2Icon\EasyPicture2Icon.exe
335. O4 - GS\Desktop: Gadwin PrintScreen.lnk . (.Gadwin Systems, Inc - Gadwin PrintScreen.) -- C:\Program Files (x86)\Gadwin Systems\PrintScreen\PrintScreen.exe
336. O4 - GS\Desktop: Mupen64 0.5.1.lnk . (...) -- C:\Program Files (x86)\mupen64 0.5\mupen64.exe
337. O4 - GS\Desktop: PhotoFiltre.lnk . (.Antonio Da Cruz - PhotoFiltre.) -- C:\Program Files (x86)\PhotoFiltre\photofiltre.exe
338. O4 - GS\Desktop: Wakfu.lnk . (...) -- C:\Program Files (x86)\Wakfu\UpLauncher.exe
339. O4 - GS\Desktop: Wolfenstein - Enemy Territory.lnk . (...) -- C:\Program Files (x86)\Wolfenstein - Enemy Territory\ET.exe
340. O4 - GS\TaskBar: Dofus2.lnk . (...) -- C:\Program Files (x86)\Dofus2\app\UpLauncher.exe
341. O4 - GS\TaskBar: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
342. O4 - GS\TaskBar: Skype.lnk . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe
343. O4 - GS\Programs: Internet Explorer (64-bit).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
344. O4 - GS\Programs: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
345. O4 - GS\Programs: Play IW4M (Modern Warfare 2).lnk . (...) -- C:\Users\Matteo\AppData\Local\IW4M\LaunchIW4M.exe
346. O4 - GS\QuickLaunch: DS3 Tool.lnk . (.www.motioninjoy.com - DS3_Tool.) -- C:\Program Files\MotioninJoy\ds3\DS3_Tool.exe
347. O4 - GS\QuickLaunch: Hex Editor Neo.lnk . (.HHD Software Ltd. - HHD Software Hex Editor Neo (x64).) -- C:\Users\Matteo\AppData\Local\HHD Software\Hex Editor Neo\HexFrame.exe
348. O4 - GS\QuickLaunch: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
349. O4 - GS\QuickLaunch: ManyCam.lnk . (.ManyCam LLC - ManyCam Virtual Webcam.) -- C:\Program Files (x86)\ManyCam\Bin\ManyCam.exe
350. O4 - GS\QuickLaunch: µTorrent.lnk . (.BitTorrent, Inc. - µTorrent.) -- C:\Program Files (x86)\uTorrent\uTorrent.exe
351. O4 - GS\Accessories: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
352. O4 - GS\SendTo: AVS Mobile Uploader.lnk . (.Online Media Technologies Ltd. - AVS Mobile Uploader.) -- C:\Program Files (x86)\Common Files\AVSMedia\MobileUploader\AVSMobileUploader.exe
353. O4 - GS\SendTo: AVS Video Burner.lnk . (.Online Media Technologies Ltd. - AVS Video Burner.) -- C:\Program Files (x86)\Common Files\AVSMedia\BurnerService\AVSVideoBurner.exe
354. O4 - GS\SendTo: AVS Video Uploader.lnk . (.Online Media Technologies Ltd. - AVS Video Uploader.) -- C:\Program Files (x86)\Common Files\AVSMedia\VideoUploader\AVSVideoUploader.exe
355. O4 - GS\SendTo: Skype.lnk . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe
356. O4 - GS\SendTo: Transfert de fichiers Bluetooth.LNK . (.Microsoft Corporation - Pas de description.) -- C:\Windows\System32\fsquirt.exe
357. O4 - Global Startup: C:\Users\Matteo\Desktop\Champions of Regnum.url . (...) -- C:\Users\Matteo\Desktop\Champions of Regnum.url
358. O4 - GS\Desktop: GeoGebra 4.2.lnk . (.Oracle Corporation - Java(TM) Web Start Launcher.) -- C:\Windows\SysWOW64\javaws.exe http://www.geogebra.org
359. O4 - GS\Desktop: GTA SA.EXE - Raccourci.lnk . (...) -- D:\PCJeux\GTA SA\GTA.San.Andreas\GTA SA.exe
360. O4 - GS\Desktop: Navigateur Internet.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
361. O4 - GS\Desktop: SkyrimLauncher.exe - Raccourci.lnk . (.Bethesda Softworks - Skyrim Launcher.) -- C:\Program Files (x86)\The Elder Scrolls V Skyrim\SkyrimLauncher.exe
362. O4 - GS\TaskBar: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
363. O4 - GS\TaskBar: Vegas Pro 11.0.lnk . (...) -- C:\Program Files (x86)\Sony\Vegas Pro 11.0\vegas110.exe (.not file.)
364. O4 - GS\TaskBar: Windows Explorer.lnk . (.Microsoft Corporation - Explorateur Windows.) -- C:\Windows\explorer.exe
365. O4 - GS\TaskBar: Windows Live Photo Gallery.lnk . (.Microsoft Corporation - Windows Live Photo Gallery.) -- C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoGallery.exe
366. O4 - GS\TaskBar: Windows Media Player.lnk . (.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe
367. O4 - GS\QuickLaunch: CyberGhost VPN.lnk . (.CyberGhost SRL - CyberGhost VPN Client.) -- C:\Program Files\CyberGhost VPN\CyberGhost.exe
368. O4 - GS\Desktop: VirtualDJ PRO Full.lnk . (.Atomix Productions - VirtualDJ.) -- C:\Program Files (x86)\VirtualDJ\virtualdj_pro.exe
369. ~ Global Startup: Scanned in 00mn 06s
370.  
371.  
372.  
373. ---\\ Invisibilité de l'icône d'options IE dans le panneau de Configuration (O5)
374. ~ IE Control Panel: 1 Legitimates Scanned in 00mn 00s
375.  
376.  
377.  
378. ---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
379. O9 - Extra button: Skype Click to Call [64Bits] - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} . (...) -- c:\program files (x86)\skype\toolbars\internet explorer x64\icon.ico
380. ~ IE Extra Buttons: Scanned in 00mn 00s
381.  
382.  
383.  
384. ---\\ Winsock hijacker (Layered Service Provider) (O10)
385. ~ Winsock: 10 Legitimates Scanned in 00mn 00s
386.  
387.  
388.  
389. ---\\ Objets ActiveX (Downloaded Program Files)(O16)
390. O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} ((no name)) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
391. ~ Objets ActiveX: Scanned in 00mn 00s
392.  
393.  
394.  
395. ---\\ Modification Domaine/Adresses DNS (O17)
396. O17 - HKLM\System\CCS\Services\Tcpip\..\{3AD36C41-217F-413C-BD60-91565F93CEDB}: DhcpNameServer = 10.11.0.1
397. O17 - HKLM\System\CCS\Services\Tcpip\..\{6CD5C281-D437-4EF1-BCC7-B5B80D1939D1}: DhcpNameServer = 192.168.1.254
398. O17 - HKLM\System\CCS\Services\Tcpip\..\{877C5335-8FCB-4249-9C8A-F69314E14471}: DhcpNameServer = 10.93.112.1
399. O17 - HKLM\System\CCS\Services\Tcpip\..\{877C5335-8FCB-4249-9C8A-F69314E14471}: DhcpDomain = hshld.com
400. O17 - HKLM\System\CS1\Services\Tcpip\..\{3AD36C41-217F-413C-BD60-91565F93CEDB}: DhcpNameServer = 10.11.0.1
401. O17 - HKLM\System\CS1\Services\Tcpip\..\{6CD5C281-D437-4EF1-BCC7-B5B80D1939D1}: DhcpNameServer = 192.168.1.254
402. O17 - HKLM\System\CS1\Services\Tcpip\..\{877C5335-8FCB-4249-9C8A-F69314E14471}: DhcpNameServer = 10.93.112.1
403. O17 - HKLM\System\CS1\Services\Tcpip\..\{877C5335-8FCB-4249-9C8A-F69314E14471}: DhcpDomain = hshld.com
404. O17 - HKLM\System\CS2\Services\Tcpip\..\{3AD36C41-217F-413C-BD60-91565F93CEDB}: DhcpNameServer = 10.11.0.1
405. O17 - HKLM\System\CS2\Services\Tcpip\..\{6CD5C281-D437-4EF1-BCC7-B5B80D1939D1}: DhcpNameServer = 192.168.1.254
406. O17 - HKLM\System\CS2\Services\Tcpip\..\{877C5335-8FCB-4249-9C8A-F69314E14471}: DhcpNameServer = 10.93.112.1
407. O17 - HKLM\System\CS2\Services\Tcpip\..\{877C5335-8FCB-4249-9C8A-F69314E14471}: DhcpDomain = hshld.com
408. O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
409. ~ Domain: Scanned in 00mn 00s
410.  
411.  
412.  
413. ---\\ Protocole additionnel (O18)
414. O18 - Handler: wlpg [64Bits] - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (...) --
415. O18 - Filter: text/xml [64Bits] - {807573E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.dll
416. ~ Protocole Additionnel: Scanned in 00mn 00s
417.  
418.  
419.  
420. ---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
421. O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll
422. ~ Winlogon: Scanned in 00mn 00s
423.  
424.  
425.  
426. ---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
427. O20 - AppInit_DLLs: . (...) - C:\Windows\SysWOW64\nvinit.dll (.not file.)
428. ~ AppInit DLL: Scanned in 00mn 00s
429.  
430.  
431.  
432. ---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
433. ~ SSODL: 1 Legitimates Scanned in 00mn 00s
434.  
435.  
436.  
437. ---\\ Liste des services NT non Microsoft et non désactivés (O23)
438. O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) . (.Intel(R) Corporation - Intel(R) PROSet/Wireless Event Log Service.) - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
439. O23 - Service: (FreemakeVideoCapture) . (.Freemake - CaptureLibService.) - C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe
440. O23 - Service: Hotspot Shield Routing Service (HssSrv) . (.AnchorFree Inc. - Pas de description.) - C:\Program Files (x86)\Hotspot Shield\HssWPR\hsssrv.exe
441. O23 - Service: Hotspot Shield Monitoring Service (HssWd) . (...) - C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe
442. O23 - Service: OpenVPN Access Client (OpenVPNAccessClient) . (...) - C:\Program Files (x86)\OpenVPN Technologies\PrivateTunnel\core\capiws.exe
443. O23 - Service: Intel(R) PROSet/Wireless Registry Servic (RegSrvc) . (.Intel(R) Corporation - Intel(R) PROSet/Wireless Registry Service.) - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
444. O23 - Service: Intel(R) Turbo Boost Technology Monitor (TurboBoost) . (.Intel(R) Corporation - Turbo Boost Monitor Service.) - C:\Program Files\Intel\TurboBoost\TurboBoost.exe
445. O23 - Service: (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)
446. ~ Services: 27 Legitimates Scanned in 00mn 04s
447.  
448.  
449.  
450. ---\\ Enumération Active Desktop & MHTML Editor (O24)
451. ~ Desktop Component: 1 Legitimates Scanned in 00mn 00s
452.  
453.  
454.  
455. ---\\ BootExecute (O34)
456. ~ BEX: 1 Legitimates Scanned in 00mn 00s
457.  
458.  
459.  
460. ---\\ Tâches planifiées en automatique (O39)
461. O39 - APT:Automatic Planified Task - C:\Windows\Tasks\Adobe Flash Player Updater.job [1002]
462. O39 - APT:Automatic Planified Task - C:\Windows\Tasks\AIRecoveryRemind.job [282]
463. O39 - APT:Automatic Planified Task - C:\Windows\Tasks\AutoKMS.job [202]
464. O39 - APT:Automatic Planified Task - C:\Windows\Tasks\AutoKMSDaily.job [202]
465. O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job [1078]
466. O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job [1082]
467. O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4177998247-950098203-1800129927-1001Core.job [1030]
468. O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4177998247-950098203-1800129927-1001UA.job [1082]
469. [MD5.3ACABCA6A8DB71B7F19C8A7523AE1846] [APT] [ACMON] (.ASUS.) -- C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [691328]
470. [MD5.EA856F4A46320389D1899B2CAA7BF40F] [APT] [Adobe Flash Player Updater] (.Adobe Systems Incorporated.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [253656]
471. [MD5.1315C5C5C54CE2AA37A155F97027DB59] [APT] [AdobeAAMUpdater-1.0-PCdeMatteo-Matteo] (.Adobe Systems Incorporated.) -- C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392]
472. [MD5.9511B23DAE049EAC7579B5DB822EC001] [APT] [AIRecoveryRemind] (.ASUSTek Computer Inc..) -- C:\Program Files (x86)\ASUS\AI Recovery\AIRecoveryRemind.exe [509568]
473. [MD5.F4DCD4912B185C3AAEB92A7040832AD1] [APT] [ASUS Live Update] (...) -- C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe [51768]
474. [MD5.180E79B16063F7DFD005DC021AC543C6] [APT] [ASUS P4G] (.ASUS.) -- C:\Program Files\P4G\BatteryLife.exe [977024]
475. [MD5.BC3DA234CDA880578526DAB028F40268] [APT] [ASUS SmartLogon Console Sensor] (.ASUS.) -- C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe [305792]
476. [MD5.5BB1F77C8AF725A15EC9366498D275BB] [APT] [ATKOSD2] (.ASUS.) -- C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [5732992]
477. [MD5.00000000000000000000000000000000] [APT] [AutoKMS] (...) -- C:\Windows\AutoKMS.exe (.not file.) [0]
478. [MD5.00000000000000000000000000000000] [APT] [AutoKMSDaily] (...) -- C:\Windows\AutoKMS.exe (.not file.) [0]
479. [MD5.45C26D4AF94C4D2335B5960F1D9BCC7D] [APT] [CCleanerSkipUAC] (.Piriform Ltd.) -- C:\Program Files\CCleaner\CCleaner.exe [3113312]
480. [MD5.8F0DE4FEF8201E306F9938B0905AC96A] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [135664]
481. [MD5.8F0DE4FEF8201E306F9938B0905AC96A] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [135664]
482. [MD5.506708142BC63DABA64F2D3AD1DCD5BF] [APT] [GoogleUpdateTaskUserS-1-5-21-4177998247-950098203-1800129927-1001Core] (.Google Inc..) -- C:\Users\Matteo\AppData\Local\Google\Update\GoogleUpdate.exe [116648]
483. [MD5.506708142BC63DABA64F2D3AD1DCD5BF] [APT] [GoogleUpdateTaskUserS-1-5-21-4177998247-950098203-1800129927-1001UA] (.Google Inc..) -- C:\Users\Matteo\AppData\Local\Google\Update\GoogleUpdate.exe [116648]
484. [MD5.00000000000000000000000000000000] [APT] [{507005D8-FF68-4CE3-989B-26E98DB24F59}] (...) -- C:\Users\Matteo\AppData\Local\Temp\Shockwave_Installer_FF.exe (.not file.) [0]
485. [MD5.46FD58A19453BC8C54E1F2EA7255869D] [APT] [{A58F48BB-EEAF-4EE9-84AF-2E68A8C98F6E}] (.Valve Corporation.) -- C:\Program Files (x86)\Steam\steam.exe [1602984]
486. [MD5.00000000000000000000000000000000] [APT] [{EFE0DFE3-4D7A-451A-AF93-68A704A76276}] (...) -- C:\Users\Matteo\Downloads\InstallIW4M.exe (.not file.) [0]
487. ~ Scheduled Task: Scanned in 00mn 05s
488.  
489.  
490.  
491. ---\\ Composants installés (ActiveSetup Installed Components) (O40)
492. ~ Active Setup: 12 Legitimates Scanned in 00mn 01s
493.  
494.  
495.  
496. ---\\ Pilotes lancés au démarrage (O41)
497. ~ Drivers: 75 Legitimates Scanned in 00mn 00s
498.  
499.  
500.  
501. ---\\ Logiciels installés (O42)
502. O42 - Logiciel: ACID Pro 7.0 - (.Sony.) [HKLM][64Bits] -- {F7FD5E5E-3F0C-4931-AA1B-EAB838BC02DB}
503. O42 - Logiciel: Actionaz 2.0.8.0 - (.Jmgr.) [HKLM][64Bits] -- Actionaz 2_is1
504. O42 - Logiciel: Adobe Flash Player 11 ActiveX - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Flash Player ActiveX
505. O42 - Logiciel: Adobe Flash Player 11 Plugin - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Flash Player Plugin
506. O42 - Logiciel: Adobe Reader X (10.1.4) - Français - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {AC76BA86-7AD7-1036-7B44-AA1000000001}
507. O42 - Logiciel: Adobe Story - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- com.adobe.AdobeStory.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
508. O42 - Logiciel: Adobe Story - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {C28DD992-5B7B-D195-6841-4EC57DF512BD}
509. O42 - Logiciel: AdobeColorCommonSetRGB - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {16E6D2C1-7C90-4309-8EC4-D2212690AAA4}
510. O42 - Logiciel: America's Army 3 - (.U.S. Army.) [HKLM][64Bits] -- Steam App 13140
511. O42 - Logiciel: Avira Free Antivirus - (.Avira.) [HKLM][64Bits] -- Avira AntiVir Desktop
512. O42 - Logiciel: Bing Bar - (.Microsoft Corporation.) [HKLM][64Bits] -- {1E03DB52-D5CB-4338-A338-E526DD4D4DB1}
513. O42 - Logiciel: Blacklight Retribution - (.Perfect World Entertainment.) [HKLM][64Bits] -- Blacklight Retribution
514. O42 - Logiciel: Champions of Regnum - (...) [HKLM][64Bits] -- Steam App 222520
515. O42 - Logiciel: CustoPackTools - (.neOceane.) [HKLM][64Bits] -- CustoPackTools
516. O42 - Logiciel: CyberGhost VPN - (.CyberGhost S.R.L..) [HKLM][64Bits] -- CyberGhost VPN_is1
517. O42 - Logiciel: Downloader - (...) [HKLM][64Bits] -- Downloader
518. O42 - Logiciel: Dxtory 2.0.104 - (.Dxtory Software.) [HKLM][64Bits] -- Dxtory2.0_is1
519. O42 - Logiciel: Easy Picture2Icon 3.0 - (.Picture2Icon.com.) [HKLM][64Bits] -- Easy Picture2Icon
520. O42 - Logiciel: Elgato Game Capture HD - (.Elgato Systems GmbH.) [HKLM][64Bits] -- {ECDCD309-72F5-46C0-8A75-CC4116D4496C}
521. O42 - Logiciel: Gadwin PrintScreen - (.Gadwin Systems, Inc..) [HKLM][64Bits] -- Gadwin PrintScreen
522. O42 - Logiciel: HHD Software Free Hex Editor Neo 5.01 - (.HHD Software, Ltd..) [HKCU][64Bits] -- {8EB85C0E-DE7D-4A53-BD66-708B8F2C80B0}
523. O42 - Logiciel: Havij 1.15 Free - (.ITSecTeam.) [HKLM][64Bits] -- Havij_is1
524. O42 - Logiciel: Installeur_cresus-land_V0.1.6 - (...) [HKCU][64Bits] -- Installeur_cresus-land_V0.1.6
525. O42 - Logiciel: Island-projets V2.2.5 - (...) [HKCU][64Bits] -- Island-projets V2.2.5
526. O42 - Logiciel: Java 7 Update 7 - (.Oracle.) [HKLM][64Bits] -- {26A24AE4-039D-4CA4-87B4-2F83217007FF}
527. O42 - Logiciel: Java(TM) 6 Update 22 - (.Oracle.) [HKLM][64Bits] -- {26A24AE4-039D-4CA4-87B4-2F83216022F0}
528. O42 - Logiciel: Java(TM) 6 Update 25 (64-bit) - (.Oracle.) [HKLM][64Bits] -- {26A24AE4-039D-4CA4-87B4-2F86416025FF}
529. O42 - Logiciel: Java(TM) 6 Update 29 - (.Oracle.) [HKLM][64Bits] -- {26A24AE4-039D-4CA4-87B4-2F83216026FF}
530. O42 - Logiciel: Java(TM) SE Development Kit 6 Update 25 (64-bit) - (.Oracle.) [HKLM][64Bits] -- {64A3A4F4-B792-11D6-A78A-00B0D0160250}
531. O42 - Logiciel: Java(TM) SE Development Kit 6 Update 25 - (.Oracle.) [HKLM][64Bits] -- {32A3A4F4-B792-11D6-A78A-00B0D0160250}
532. O42 - Logiciel: LMMS 0.4.13 - (.LMMS Developers.) [HKLM][64Bits] -- lmms
533. O42 - Logiciel: Lion Skin Pack 4.0 - (.Publisher.) [HKLM][64Bits] -- Lion Skin Pack
534. O42 - Logiciel: Mixcraft - (...) [HKCU][64Bits] -- Mixcraft
535. O42 - Logiciel: MotioninJoy ds3 driver version 0.6.0003 - (.www.motioninjoy.com.) [HKLM][64Bits] -- {330DAC67-5B62-452A-A0E4-6B4A5923940F}_is1
536. O42 - Logiciel: No-IP DUC - (.Vitalwerks Internet Solutions LLC.) [HKLM][64Bits] -- NoIPDUC
537. O42 - Logiciel: PS3 Xploder Ultimate Edition - (...) [HKLM][64Bits] -- PS3Xploder
538. O42 - Logiciel: Pamela RME 2.0 - (.Scendix Software-Vertriebsges. mbH.) [HKLM][64Bits] -- MoodEditor
539. O42 - Logiciel: Pando Media Booster - (.Pando Networks Inc..) [HKLM][64Bits] -- {980A182F-E0A2-4A40-94C1-AE0C1235902E}
540. O42 - Logiciel: PlayerTuto.com 2.0.2 - (.Weecast.) [HKLM][64Bits] -- {2B7FD473-DF96-40D4-9EE3-A427B450B1BC}_is1
541. O42 - Logiciel: Portal 2 - (.Valve.) [HKLM][64Bits] -- Steam App 620
542. O42 - Logiciel: PremiumSoft Navicat Lite 8.2 - (.PremiumSoft CyberTech Ltd..) [HKLM][64Bits] -- PremiumSoft Navicat Lite 8.2_is1
543. O42 - Logiciel: PrivateTunnel - (.OpenVPN Technologies.) [HKLM][64Bits] -- {24FB6757-0527-4D62-8E70-FD913FA42E41}
544. O42 - Logiciel: Requiem - (.Gravity Interactive, Inc..) [HKLM][64Bits] -- {A40D4978-6996-4C77-9A43-29C13D12B7BE}
545. O42 - Logiciel: SecurityKISS Tunnel v0.3.0 - (...) [HKLM][64Bits] -- SecurityKISS Tunnel_is1
546. O42 - Logiciel: Share YouTube Videos version 1 - (...) [HKLM][64Bits] -- {55DAC5D1-B178-42B2-86A3-94A3E0B4F3DD}_is1
547. O42 - Logiciel: Shield Server - (...) [HKCU][64Bits] -- Shield Server
548. O42 - Logiciel: Space Pirates and Zombies - (...) [HKLM][64Bits] -- Steam App 107200
549. O42 - Logiciel: Syas - (...) [HKCU][64Bits] -- Syas
550. O42 - Logiciel: The Secrets of Da Vinci - (.Nobilis.) [HKLM][64Bits] -- {3E4B6A1A-C3A0-4B66-AC75-207D8E7E7111}_is1
551. O42 - Logiciel: Wakfu - (.Ankama Games.) [HKLM][64Bits] -- Wakfu
552. O42 - Logiciel: Wireshark 1.8.5 (64-bit) - (.The Wireshark developer community, http://www.wireshark.org.) [HKLM][64Bits] -- Wireshark
553. O42 - Logiciel: Wolfenstein - Enemy Territory - (...) [HKLM][64Bits] -- Wolfenstein - Enemy Territory
554. O42 - Logiciel: WorldPainter 0.10.2 - (.pepsoft.org.) [HKLM][64Bits] -- 4144-4862-0472-7103
555. O42 - Logiciel: v1.1 - (.Agia3D.) [HKLM][64Bits] -- {7197B8C8-A9CE-4C4C-88E4-32D4ADB59214}_is1
556. O42 - Logiciel: µTorrent - (...) [HKLM][64Bits] -- uTorrent
557. ~ Logic: 279 Legitimates Scanned in 00mn 00s
558.  
559.  
560.  
561. ---\\ HKCU & HKLM Software Keys
562. [HKCU\Software\AIST]
563. [HKCU\Software\BitTorrent]
564. [HKCU\Software\Clock]
565. [HKCU\Software\Clownfish]
566. [HKCU\Software\DC3_FEXEC]
567. [HKCU\Software\DXTransform]
568. [HKCU\Software\Digimarc]
569. [HKCU\Software\Elgato Systems GmbH]
570. [HKCU\Software\Elgato Systems]
571. [HKCU\Software\Enterbrain]
572. [HKCU\Software\Firesoft]
573. [HKCU\Software\Gadwin Systems]
574. [HKCU\Software\HDSoft]
575. [HKCU\Software\HHD Software]
576. [HKCU\Software\IGagnant]
577. [HKCU\Software\Jmgr.info]
578. [HKCU\Software\KeepVid]
579. [HKCU\Software\MC4D]
580. [HKCU\Software\Nobilis]
581. [HKCU\Software\Nucleoid]
582. [HKCU\Software\Pando Networks]
583. [HKCU\Software\PremiumSoft]
584. [HKCU\Software\P®O Group]
585. [HKCU\Software\RedGiantSoftware]
586. [HKCU\Software\S.A.D]
587. [HKCU\Software\SplitMediaLabs]
588. [HKCU\Software\Text to Speech Maker]
589. [HKCU\Software\UB658]
590. [HKCU\Software\UberIcon-v1.0.0]
591. [HKCU\Software\Vitalwerks]
592. [HKCU\Software\Winject]
593. [HKCU\Software\Xploder]
594. [HKCU\Software\[Kortal_Ltd.]]
595. [HKCU\Software\fourDeltaOne]
596. [HKLM\Software\MAXON Installer]
597. [HKLM\Software\PANDhcpDns]
598. [HKLM\Software\S.A.D]
599. [HKLM\Software\Wow6432Node\LMMS Developers]
600. [HKLM\Software\Wow6432Node\Metaboli]
601. [HKLM\Software\Wow6432Node\Pando Networks]
602. [HKLM\Software\Wow6432Node\REvision]
603. [HKLM\Software\Wow6432Node\SplitMediaLabs]
604. [HKLM\Software\neOceane]
605. ~ Key Software: 408 Legitimates Scanned in 00mn 00s
606.  
607.  
608.  
609. ---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
610. O43 - CFD: 17/08/2011 - 16:58:03 - [8,895] ----D C:\Program Files (x86)\Adobe Story
611. O43 - CFD: 16/10/2011 - 18:53:19 - [0,014] ----D C:\Program Files (x86)\AIST
612. O43 - CFD: 10/07/2012 - 17:08:34 - [1,128] ----D C:\Program Files (x86)\Clownfish
613. O43 - CFD: 30/11/2011 - 17:17:05 - [71,432] ----D C:\Program Files (x86)\CustoPackTools
614. O43 - CFD: 26/08/2012 - 10:10:12 - [5,676] ----D C:\Program Files (x86)\Downloader
615. O43 - CFD: 13/07/2012 - 12:40:01 - [1,103] ----D C:\Program Files (x86)\EasyPicture2Icon
616. O43 - CFD: 01/10/2012 - 19:31:40 - [68,673] ----D C:\Program Files (x86)\Elgato
617. O43 - CFD: 13/11/2011 - 19:46:31 - [3,482] ----D C:\Program Files (x86)\Gadwin Systems
618. O43 - CFD: 08/09/2012 - 14:03:40 - [1,549] ----D C:\Program Files (x86)\Havij
619. O43 - CFD: 13/06/2012 - 16:28:18 - [232,437] ----D C:\Program Files (x86)\Infinites-Paradize
620. O43 - CFD: 02/11/2012 - 14:56:39 - [182,185] ----D C:\Program Files (x86)\Island-projets V2.2.5
621. O43 - CFD: 28/10/2012 - 16:09:07 - [5,218] ----D C:\Program Files (x86)\Jmgr.info
622. O43 - CFD: 17/05/2012 - 14:58:31 - [33,483] ----D C:\Program Files (x86)\LooksBuilder
623. O43 - CFD: 11/09/2011 - 12:25:15 - [2,750] ----D C:\Program Files (x86)\Mixcraft
624. O43 - CFD: 01/09/2011 - 09:54:43 - [6,119] ----D C:\Program Files (x86)\mupen64 0.5
625. O43 - CFD: 02/09/2011 - 23:33:43 - [0] ----D C:\Program Files (x86)\NCT
626. O43 - CFD: 04/09/2012 - 19:42:13 - [2,773] ----D C:\Program Files (x86)\No-IP
627. O43 - CFD: 26/08/2012 - 12:00:58 - [1337,169] ----D C:\Program Files (x86)\Nobilis
628. O43 - CFD: 01/09/2011 - 16:16:50 - [7,186] ----D C:\Program Files (x86)\Pando Networks
629. O43 - CFD: 29/10/2011 - 19:25:27 - [56,033] ----D C:\Program Files (x86)\PlayerTuto.com
630. O43 - CFD: 27/10/2012 - 14:12:07 - [27,023] ----D C:\Program Files (x86)\PremiumSoft
631. O43 - CFD: 23/10/2012 - 18:12:21 - [1,870] ----D C:\Program Files (x86)\Share YouTube Videos
632. O43 - CFD: 30/11/2011 - 17:05:20 - [0,000] ----D C:\Program Files (x86)\Skin Pack
633. O43 - CFD: 25/10/2012 - 13:25:11 - [83,773] ----D C:\Program Files (x86)\SplitMediaLabs
634. O43 - CFD: 12/05/2012 - 11:51:11 - [1,246] ----D C:\Program Files (x86)\StartNow Toolbar
635. O43 - CFD: 13/12/2011 - 20:35:41 - [0,000] ----D C:\Program Files (x86)\Text to Speech Maker
636. O43 - CFD: 12/12/2011 - 17:26:28 - [0,924] ----D C:\Program Files (x86)\uTorrent
637. O43 - CFD: 10/07/2012 - 17:30:12 - [15,199] ----D C:\Program Files (x86)\UX Pack
638. O43 - CFD: 17/01/2013 - 17:31:11 - [830,945] ----D C:\Program Files (x86)\Wakfu
639. O43 - CFD: 07/12/2011 - 13:57:51 - [264,500] ----D C:\Program Files (x86)\Wolfenstein - Enemy Territory
640. O43 - CFD: 24/05/2012 - 17:01:50 - [17,626] ----D C:\Program Files (x86)\Xploder
641. O43 - CFD: 30/11/2011 - 17:14:55 - [18,597] ----D C:\ProgramData\CustoPackTools
642. O43 - CFD: 18/11/2011 - 19:16:38 - [0,001] ----D C:\ProgramData\MotioninJoy
643. O43 - CFD: 17/05/2012 - 14:55:49 - [0,000] ----D C:\ProgramData\RedGiant
644. O43 - CFD: 25/10/2012 - 13:25:11 - [8,130] ----D C:\ProgramData\SplitMediaLabs
645. O43 - CFD: 13/03/2013 - 11:28:37 - [8,566] ----D C:\Users\Matteo\AppData\Roaming\.Cripeur
646. O43 - CFD: 27/10/2011 - 09:43:15 - [0,099] ----D C:\Users\Matteo\AppData\Roaming\.podcast
647. O43 - CFD: 30/01/2013 - 17:12:28 - [77,214] ----D C:\Users\Matteo\AppData\Roaming\.spoutcraft
648. O43 - CFD: 03/12/2011 - 13:25:30 - [0,060] ----D C:\Users\Matteo\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
649. O43 - CFD: 01/10/2012 - 19:31:44 - [2,914] ----D C:\Users\Matteo\AppData\Roaming\Elgato
650. O43 - CFD: 26/04/2012 - 13:27:41 - [0,015] ----D C:\Users\Matteo\AppData\Roaming\iFree
651. O43 - CFD: 27/10/2012 - 13:47:42 - [-1542,712] ----D C:\Users\Matteo\AppData\Roaming\MAXON
652. O43 - CFD: 19/09/2012 - 18:20:30 - [1,448] ----D C:\Users\Matteo\AppData\Roaming\MinMaxGames
653. O43 - CFD: 18/11/2011 - 19:16:38 - [0,006] ----D C:\Users\Matteo\AppData\Roaming\MotioninJoy
654. O43 - CFD: 06/08/2012 - 18:49:19 - [0,000] ----D C:\Users\Matteo\AppData\Roaming\MW2 FoV Changer
655. O43 - CFD: 02/12/2012 - 18:49:03 - [0] ----D C:\Users\Matteo\AppData\Roaming\NetMedia Providers
656. O43 - CFD: 30/07/2012 - 21:10:18 - [0] ----D C:\Users\Matteo\AppData\Roaming\Pamela
657. O43 - CFD: 10/09/2012 - 16:31:57 - [0,006] ----D C:\Users\Matteo\AppData\Roaming\PrivateTunnel
658. O43 - CFD: 12/11/2011 - 16:46:53 - [0] ----D C:\Users\Matteo\AppData\Roaming\Publish Providers
659. O43 - CFD: 27/11/2012 - 21:10:16 - [0] ----D C:\Users\Matteo\AppData\Roaming\RegBeta.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1
660. O43 - CFD: 25/10/2012 - 13:24:49 - [0,886] ----D C:\Users\Matteo\AppData\Roaming\SplitMediaLabs
661. O43 - CFD: 18/03/2013 - 21:49:04 - [7,868] ----D C:\Users\Matteo\AppData\Roaming\uTorrent
662. O43 - CFD: 29/10/2011 - 19:26:32 - [0,210] ----D C:\Users\Matteo\AppData\Roaming\Weecast
663. O43 - CFD: 03/03/2013 - 20:51:42 - [0,003] ----D C:\Users\Matteo\AppData\Roaming\Wireshark
664. O43 - CFD: 29/09/2012 - 12:26:55 - [0,032] ----D C:\Users\Matteo\AppData\Roaming\WorldPainter
665. O43 - CFD: 26/08/2012 - 10:10:47 - [0,101] ----D C:\Users\Matteo\AppData\Local\Downloader
666. O43 - CFD: 31/08/2012 - 17:37:25 - [0,014] ----D C:\Users\Matteo\AppData\Local\Dxtory Software
667. O43 - CFD: 24/09/2011 - 08:49:37 - [0,001] --H-D C:\Users\Matteo\AppData\Local\EjbubQXydoQn
668. O43 - CFD: 11/03/2012 - 18:20:30 - [31,273] ----D C:\Users\Matteo\AppData\Local\HHD Software
669. O43 - CFD: 28/08/2012 - 16:32:53 - [24,419] ----D C:\Users\Matteo\AppData\Local\IW4M
670. O43 - CFD: 17/05/2012 - 16:51:05 - [0,053] ----D C:\Users\Matteo\AppData\Local\LooksBuilder
671. O43 - CFD: 03/10/2012 - 18:32:23 - [0,002] ----D C:\Users\Matteo\AppData\Local\master131
672. O43 - CFD: 05/09/2012 - 18:26:23 - [0,014] ----D C:\Users\Matteo\AppData\Local\MCEdit
673. O43 - CFD: 02/09/2011 - 11:58:10 - [0,001] ----D C:\Users\Matteo\AppData\Local\ODUI
674. O43 - CFD: 24/09/2011 - 08:49:36 - [0,001] --H-D C:\Users\Matteo\AppData\Local\OFVvJ6JC5MF6k
675. O43 - CFD: 25/10/2012 - 13:26:47 - [7,606] ----D C:\Users\Matteo\AppData\Local\SplitMediaLabs
676. O43 - CFD: 16/09/2012 - 21:08:52 - [0,001] ----D C:\Users\Matteo\AppData\Local\TeknoGods
677. O43 - CFD: 31/10/2012 - 15:08:04 - [0,001] ----D C:\Users\Matteo\AppData\Local\Vitalwerks
678. O43 - CFD: 26/08/2012 - 10:10:12 - [0,004] ----D C:\Users\Matteo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Downloader
679. O43 - CFD: 13/07/2012 - 12:38:52 - [0] ----D C:\Users\Matteo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\EasyPicture2Icon
680. O43 - CFD: 13/11/2011 - 19:46:33 - [0] ----D C:\Users\Matteo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Gadwin Systems
681. O43 - CFD: 11/03/2012 - 18:20:33 - [0,013] ----D C:\Users\Matteo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HHD Hex Editor Neo
682. O43 - CFD: 02/11/2012 - 17:01:27 - [0,001] ----D C:\Users\Matteo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Installeur_cresus-land_V0.1.6
683. O43 - CFD: 02/11/2012 - 14:56:39 - [0,002] ----D C:\Users\Matteo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Island-projets V2.2.5
684. O43 - CFD: 11/09/2011 - 12:25:01 - [0,002] ----D C:\Users\Matteo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mixcraft
685. O43 - CFD: 08/09/2012 - 13:14:41 - [0,001] R---D C:\Users\Matteo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Musique - Raccourci
686. O43 - CFD: 04/09/2012 - 19:42:14 - [0,003] ----D C:\Users\Matteo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\No-IP DUC
687. O43 - CFD: 02/11/2012 - 14:24:01 - [0,001] ----D C:\Users\Matteo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Shield Server
688. O43 - CFD: 17/01/2013 - 17:16:37 - [0] ----D C:\Users\Matteo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wakfu
689. O43 - CFD: 10/03/2013 - 19:48:04 - [0,003] ----D C:\Users\Matteo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wirecast for YouTube
690. O43 - CFD: 07/12/2011 - 13:57:52 - [0] ----D C:\Users\Matteo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wolfenstein - Enemy Territory
691. O43 - CFD: 12/09/2012 - 17:16:28 - [0,004] ----D C:\Users\Matteo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Xploder
692. ~ 132 Dossiers CLSID vides (CLSID Empty Folders)
693. ~ Program Folder: 517 Legitimates Scanned in 02mn 42s
694.  
695.  
696.  
697. ---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
698. O44 - LFC:[MD5.6DB30AF3AB1C21B6C0A8B77E0905C89D] - 30/03/2013 - 13:07:07 ---A- . (...) -- C:\Windows\SysNative\AutoRunFilter.ini [2900]
699. O44 - LFC:[MD5.6DB30AF3AB1C21B6C0A8B77E0905C89D] - 30/03/2013 - 13:07:07 RSHAD . (...) -- C:\Windows\System32\AutoRunFilter.ini [2900]
700. O44 - LFC:[MD5.6BCAF46E2B7FA9ACE92B4D39F3037C5C] - 29/03/2013 - 17:00:44 ---A- . (...) -- C:\Windows\SysNative\acovcnt.exe [45056]
701. O44 - LFC:[MD5.6BCAF46E2B7FA9ACE92B4D39F3037C5C] - 29/03/2013 - 17:00:44 RSHAD . (...) -- C:\Windows\System32\acovcnt.exe [45056]
702. O44 - LFC:[MD5.A6022DA23109E9CAADC5EF2B2767AF42] - 21/03/2013 - 12:34:32 ---A- . (...) -- C:\Windows\SysNative\ServiceFilter.ini [1708]
703. O44 - LFC:[MD5.A6022DA23109E9CAADC5EF2B2767AF42] - 21/03/2013 - 12:34:32 RSHAD . (...) -- C:\Windows\System32\ServiceFilter.ini [1708]
704. O44 - LFC:[MD5.D622D1A057977A67BD172D23B628B809] - 15/03/2013 - 14:59:04 ---A- . (.Zano - MAJUp.) -- C:\Windows\SysNative\MAJUp.exe [19456]
705. O44 - LFC:[MD5.D622D1A057977A67BD172D23B628B809] - 15/03/2013 - 14:59:04 RSHAD . (.Zano - MAJUp.) -- C:\Windows\System32\MAJUp.exe [19456]
706. O44 - LFC:[MD5.455AC723D6AE7F92D1BF6BC449C81B03] - 15/03/2013 - 14:59:01 ---A- . (...) -- C:\Windows\SysNative\conect [45]
707. O44 - LFC:[MD5.455AC723D6AE7F92D1BF6BC449C81B03] - 15/03/2013 - 14:59:01 RSHAD . (...) -- C:\Windows\System32\conect [45]
708. ~ Files: 29 Legitimates Scanned in 00mn 59s
709.  
710.  
711.  
712. ---\\ Derniers fichiers créés dans Windows Prefetcher (O45)
713. O45 - LFCP:[MD5.5B3F1CE1CE9EFEEFFE10EE2A02604976] - 15/03/2013 - 19:05:00 ---A- - C:\Windows\Prefetch\UPDATETASK.EXE-2134F96B.pf
714. O45 - LFCP:[MD5.3EDBAE760EE58E9D8449EAA76EE2E834] - 28/03/2013 - 17:11:49 ---A- - C:\Windows\Prefetch\AUDACITY.EXE-17036B07.pf
715. O45 - LFCP:[MD5.9372027D1BFF7D47037DBCA68B20374F] - 28/03/2013 - 19:39:21 ---A- - C:\Windows\Prefetch\GOOGLETALKPLUGIN.EXE-13212292.pf
716. O45 - LFCP:[MD5.73F8B4750DA732CBB2AFC2B9A3A616A7] - 28/03/2013 - 19:41:31 ---A- - C:\Windows\Prefetch\WMIAPSRV.EXE-29F35ED0.pf
717. O45 - LFCP:[MD5.0802D626B9CDF2808C55F5206AC714DF] - 29/03/2013 - 17:01:43 ---A- - C:\Windows\Prefetch\C2C_SERVICE.EXE-76976284.pf
718. O45 - LFCP:[MD5.3FC1E262DC70E6916D27C34737E63B97] - 29/03/2013 - 17:01:43 ---A- - C:\Windows\Prefetch\PNKBSTRA.EXE-473DE145.pf
719. O45 - LFCP:[MD5.0FC4E9166C63FD90B88C57AFC4490938] - 29/03/2013 - 17:01:43 ---A- - C:\Windows\Prefetch\REGSRVC.EXE-E4A04EBD.pf
720. O45 - LFCP:[MD5.447A8EF48B451B51B0A33FF631D86646] - 29/03/2013 - 17:01:43 ---A- - C:\Windows\Prefetch\SEAPORT.EXE-2B903D32.pf
721. O45 - LFCP:[MD5.945CC287337EF7123825F1A761FD21E7] - 29/03/2013 - 17:01:43 ---A- - C:\Windows\Prefetch\UMBRELLA.EXE-9B266DB9.pf
722. O45 - LFCP:[MD5.37ECC30AC693343C7244B0D4AA6530A3] - 29/03/2013 - 17:01:43 ---A- - C:\Windows\Prefetch\UPDATER.EXE-EA1310CB.pf
723. O45 - LFCP:[MD5.2656F6ED1A2409CFA69AF82D5BEADF31] - 29/03/2013 - 17:01:59 ---A- - C:\Windows\Prefetch\UBERICON.EXE-2870C9EB.pf
724. O45 - LFCP:[MD5.A0927BE210D6CCFD933C8CF725315D70] - 29/03/2013 - 17:02:02 ---A- - C:\Windows\Prefetch\VIRTUA~1.EXE-A6C5D901.pf
725. O45 - LFCP:[MD5.B8EC992A2F53D3DF8B626C11052B2BB9] - 29/03/2013 - 17:02:12 ---A- - C:\Windows\Prefetch\IMINENT.EXE-239E2AD1.pf
726. O45 - LFCP:[MD5.813DBCED6D0D038113C86EC8AE80309A] - 29/03/2013 - 17:02:14 ---A- - C:\Windows\Prefetch\LAUNCHER.EXE-9EEB3D43.pf
727. O45 - LFCP:[MD5.87A93813CE9D585358E908A0A1563E8F] - 29/03/2013 - 17:02:19 ---A- - C:\Windows\Prefetch\IMINENT.MESSENGERS.EXE-C7B6CC1B.pf
728. O45 - LFCP:[MD5.AA29EABC3DE7A9EBF4C67CDB3615B843] - 29/03/2013 - 17:03:02 ---A- - C:\Windows\Prefetch\DW20.EXE-E115992B.pf
729. O45 - LFCP:[MD5.0D592DBF0108C5AB495DF7381C72ECA6] - 29/03/2013 - 17:05:50 ---A- - C:\Windows\Prefetch\FREEMAKEERRORREPORTER.EXE-7CA8C7FD.pf
730. O45 - LFCP:[MD5.336B56A94448C32F23CEC0BD0F0C5FF9] - 29/03/2013 - 17:46:43 ---A- - C:\Windows\Prefetch\CHRMSTP.EXE-974BC8FC.pf
731. O45 - LFCP:[MD5.0348712C7B27CFFC25EEE6A3DBC70BD2] - 29/03/2013 - 17:52:42 ---A- - C:\Windows\Prefetch\SCHED.EXE-CD2C25D2.pf
732. O45 - LFCP:[MD5.EA299D30C4C66590FCCCD618F60C8D66] - 29/03/2013 - 17:53:12 ---A- - C:\Windows\Prefetch\AVRESTART.EXE-EF804372.pf
733. O45 - LFCP:[MD5.68405822FFEEB49D8468726FDB31F2AC] - 29/03/2013 - 18:00:32 ---A- - C:\Windows\Prefetch\APRP.EXE-A549635F.pf
734. O45 - LFCP:[MD5.ACE2B65F32771403A5D4835DCE51EC66] - 29/03/2013 - 18:00:32 ---A- - C:\Windows\Prefetch\ASUSWSPANEL.EXE-40B13933.pf
735. O45 - LFCP:[MD5.C98DC70D57BCF38D2DA05146DEBC91E0] - 29/03/2013 - 18:00:32 ---A- - C:\Windows\Prefetch\ATKOSD2.EXE-8FADD2D9.pf
736. O45 - LFCP:[MD5.4E5239A2B036826DF7E826FD9DA7E464] - 29/03/2013 - 18:00:32 ---A- - C:\Windows\Prefetch\MUISTARTMENU.EXE-F128F39F.pf
737. O45 - LFCP:[MD5.4B0581EDA4C36D4D7F74B33223E42ADF] - 29/03/2013 - 18:01:06 ---A- - C:\Windows\Prefetch\UPDATER.EXE-F2F2FB04.pf
738. O45 - LFCP:[MD5.B33B30C0BE7F1DDCCC94C6CBE22D959C] - 29/03/2013 - 19:59:18 ---A- - C:\Windows\Prefetch\AVSCAN.EXE-EDA6668B.pf
739. O45 - LFCP:[MD5.10893BE209B537CFBF82A139A22EF59A] - 30/03/2013 - 11:18:00 ---A- - C:\Windows\Prefetch\SMARTLOGON.EXE-8F794AF5.pf
740. O45 - LFCP:[MD5.2A72CF1CF42B4BD64FEFBE830EC92038] - 30/03/2013 - 11:28:52 ---A- - C:\Windows\Prefetch\MMC.EXE-F39CDED6.pf
741. O45 - LFCP:[MD5.CB2AAFD00E9EA0A8B1A65A181AB51699] - 30/03/2013 - 11:43:21 ---A- - C:\Windows\Prefetch\GUARDGUI.EXE-BDAEFB77.pf
742. O45 - LFCP:[MD5.55251E644B8F2C8BB32DF5F04C571784] - 30/03/2013 - 12:58:14 ---A- - C:\Windows\Prefetch\IWRAP.EXE-20582B89.pf
743. O45 - LFCP:[MD5.030144AE9DD0DF0F063137697D51DFEF] - 30/03/2013 - 13:01:28 ---A- - C:\Windows\Prefetch\WINLIST.EXE-EF5220E0.pf
744. O45 - LFCP:[MD5.F39E96FCE403527C75F37E611E909C4C] - 30/03/2013 - 13:08:52 ---A- - C:\Windows\Prefetch\FANCYSTART.EXE-91A615E7.pf
745. O45 - LFCP:[MD5.85CF5A9C7FA27D618FBFA31F64B8994D] - 30/03/2013 - 13:08:52 ---A- - C:\Windows\Prefetch\LAUNCHER.EXE-6D7D849B.pf
746. O45 - LFCP:[MD5.818B37B9F55006A074253E3FF338CA1D] - 30/03/2013 - 13:08:52 ---A- - C:\Windows\Prefetch\MUISTARTMENU.EXE-0C8E9917.pf
747. O45 - LFCP:[MD5.9834EF2B20EF69A3CD7D7A993292C540] - 30/03/2013 - 13:08:52 ---A- - C:\Windows\Prefetch\YZSHADOW.EXE-4DB6D16F.pf
748. O45 - LFCP:[MD5.EEB606597EF0EFCF0CA52BF2D441959E] - 30/03/2013 - 13:12:40 ---A- - C:\Windows\Prefetch\JUCHECK.EXE-550A12E1.pf
749. O45 - LFCP:[MD5.8F6C5E4700AFC43A16100A288F4B4A98] - 30/03/2013 - 13:15:15 ---A- - C:\Windows\Prefetch\WSCTOOL.EXE-EB22FE56.pf
750. O45 - LFCP:[MD5.51C1F54E5CCBE7B2B6C4A78489645701] - 30/03/2013 - 13:55:51 ---A- - C:\Windows\Prefetch\UPLAUNCHER.EXE-96232E14.pf
751. O45 - LFCP:[MD5.346049A17D27FA78A1460AF43F33125F] - 30/03/2013 - 13:55:59 ---A- - C:\Windows\Prefetch\DOFUSMOD.EXE-C9F41656.pf
752. O45 - LFCP:[MD5.6323A958407F4B8599CB520515E20AD1] - 30/03/2013 - 13:56:10 ---A- - C:\Windows\Prefetch\DOFUS.EXE-F2EF46CE.pf
753. ~ Prefetcher: 139 Legitimates Scanned in 00mn 00s
754.  
755.  
756.  
757. ---\\ Déni du service (Local Security Authority) (O48)
758. ~ LSA: 9 Legitimates Scanned in 00mn 00s
759.  
760.  
761.  
762. ---\\ Contrôle du Safe Boot (CSB) (O49)
763. ~ CBS: 13 Legitimates Scanned in 00mn 00s
764.  
765.  
766.  
767. ---\\ MountPoints2 Shell Key (O51)
768. O51 - MPSK:{ab55b624-ff0d-11e1-901a-f46d0422e1c9}\AutoRun\command. (.SEGA - Football Manager 2012 Setup.) -- F:\Setup.exe
769. ~ Keys: Scanned in 00mn 00s
770.  
771.  
772.  
773. ---\\ Trojan Driver Search Data (HKLM) (O52)
774. O52 - TDSD: \Drivers32\"vidc.xtor"="DxtoryCodec64.dll" . (.Dxtory Software - Dxtory DirectShow and VFW Decoder.) -- C:\Windows\System32\DxtoryCodec64.dll
775. ~ TDSD: 5 Legitimates Scanned in 00mn 00s
776.  
777.  
778.  
779. ---\\ ShareTools MSconfig StartupReg (O53)
780. O53 - SMSR:HKLM\...\startupreg\ASUS Screen Saver Protector [Key] . (.ASUS - AsScrPro.) -- C:\Windows\AsScrPro.exe
781. O53 - SMSR:HKLM\...\startupreg\CLMLServer [Key] . (.CyberLink - CyberLink MediaLibray Service.) -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
782. O53 - SMSR:HKLM\...\startupreg\RtHDVCpl [Key] . (.Realtek Semiconductor - Gestionnaire audio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
783. ~ SMSR Keys: 3 Legitimates Scanned in 00mn 00s
784.  
785.  
786.  
787. ---\\ Microsoft Control Security Providers (O54)
788. ~ MSCP: 2 Legitimates Scanned in 00mn 00s
789.  
790.  
791.  
792. ---\\ Microsoft Windows Policies System (O55)
793. O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=0
794. O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
795. O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
796. ~ MWPS: 16 Legitimates Scanned in 00mn 00s
797.  
798.  
799.  
800. ---\\ Microsoft Windows Policies Explorer (O56)
801. O56 - MWPE:[HKCU\...\policies\Explorer] - "NoDriveAutoRun"=0
802. O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktop"=1
803. O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1
804. O56 - MWPE:[HKLM\...\policies\Explorer] - "ForceActiveDesktopOn"=0
805. ~ Keys: Scanned in 00mn 00s
806.  
807.  
808.  
809. ---\\ Liste des Drivers Système (O58)
810. O58 - SDL:[MD5.2F6B34B83843F0C5118B63AC634F5BF4] - 14/07/2009 - 02:52:21 ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\System32\Drivers\adp94xx.sys [491088]
811. O58 - SDL:[MD5.1E6438D4EA6E1174A3B3B1EDC4DE660B] - 18/03/2009 - 16:35:42 --HA- . (.LogMeIn, Inc. - Hamachi Virtual Network Interface Driver.) -- C:\Windows\System32\hamachi.sys [33856]
812. O58 - SDL:[MD5.E2F1DCF4A68CC6CF694FBFBA1842F4CD] - 09/03/2005 - 19:50:16 ---A- . (...) -- C:\Windows\SysWOW64\drivers\libusb0.sys [33792]
813. ~ Drivers: Scanned in 00mn 00s
814.  
815.  
816.  
817. ---\\ Derniers fichiers modifiés ou crées (Utilisateur) (O61)
818. O61 - LFC: 27/03/2013 - 18:12:50 ---A- C:\Users\Matteo\Default\Session Storage\000034.sst [891]
819. O61 - LFC: 28/03/2013 - 19:20:19 ---A- C:\Users\Matteo\Default\File System\Origins\LOG.old [145]
820. O61 - LFC: 28/03/2013 - 19:20:20 ---A- C:\Users\Matteo\Default\Session Storage\000037.sst [303]
821. O61 - LFC: 28/03/2013 - 19:20:51 ---A- C:\Users\Matteo\Default\Shortcuts [20480]
822. O61 - LFC: 28/03/2013 - 19:20:51 ---A- C:\Users\Matteo\Default\Shortcuts-journal [12824]
823. O61 - LFC: 28/03/2013 - 19:24:06 ---A- C:\Users\Matteo\Default\Extension State\LOG.old [145]
824. O61 - LFC: 28/03/2013 - 19:24:06 ---A- C:\Users\Matteo\Default\File System\001\p\Paths\LOG.old [145]
825. O61 - LFC: 28/03/2013 - 19:24:06 ---A- C:\Users\Matteo\Default\Last Session [68694]
826. O61 - LFC: 28/03/2013 - 19:24:06 ---A- C:\Users\Matteo\Default\Last Tabs [14409]
827. O61 - LFC: 28/03/2013 - 19:24:06 ---A- C:\Users\Matteo\Default\Media Cache\data_0 [45056]
828. O61 - LFC: 28/03/2013 - 19:24:06 ---A- C:\Users\Matteo\Default\Media Cache\data_1 [270336]
829. O61 - LFC: 28/03/2013 - 19:24:06 ---A- C:\Users\Matteo\Default\Session Storage\LOG.old [269]
830. O61 - LFC: 28/03/2013 - 19:24:42 ---A- C:\Users\Matteo\Default\File System\001\p\Paths\CURRENT [16]
831. O61 - LFC: 28/03/2013 - 19:24:42 ---A- C:\Users\Matteo\Default\File System\001\p\Paths\MANIFEST-000041 [86]
832. O61 - LFC: 28/03/2013 - 19:24:42 ---A- C:\Users\Matteo\Default\File System\Origins\CURRENT [16]
833. O61 - LFC: 28/03/2013 - 19:24:42 ---A- C:\Users\Matteo\Default\File System\Origins\MANIFEST-000044 [230]
834. O61 - LFC: 28/03/2013 - 19:24:42 ---A- C:\Users\Matteo\Default\Network Action Predictor [58368]
835. O61 - LFC: 28/03/2013 - 19:24:42 ---A- C:\Users\Matteo\Default\Network Action Predictor-journal [16384]
836. O61 - LFC: 28/03/2013 - 19:24:44 ---A- C:\Users\Matteo\Default\Session Storage\000040.sst [454]
837. O61 - LFC: 28/03/2013 - 19:24:44 ---A- C:\Users\Matteo\Default\Session Storage\CURRENT [16]
838. O61 - LFC: 28/03/2013 - 19:24:44 ---A- C:\Users\Matteo\Default\Session Storage\MANIFEST-000039 [375]
839. O61 - LFC: 28/03/2013 - 19:24:45 ---A- C:\Users\Matteo\Default\Local Storage\http_www.youtube.com_0.localstorage [54272]
840. O61 - LFC: 28/03/2013 - 19:24:45 ---A- C:\Users\Matteo\Default\Local Storage\http_www.youtube.com_0.localstorage-journal [16384]
841. O61 - LFC: 28/03/2013 - 19:24:46 ---A- C:\Users\Matteo\Default\Extension State\CURRENT [16]
842. O61 - LFC: 28/03/2013 - 19:24:46 ---A- C:\Users\Matteo\Default\Extension State\MANIFEST-000023 [237]
843. O61 - LFC: 28/03/2013 - 19:24:51 ---A- C:\Users\Matteo\Default\Managed Mode Settings [8]
844. O61 - LFC: 28/03/2013 - 19:24:51 ---A- C:\Users\Matteo\Default\TransportSecurity [1104]
845. O61 - LFC: 28/03/2013 - 19:24:57 ---A- C:\Users\Matteo\Default\Top Sites [299008]
846. O61 - LFC: 28/03/2013 - 19:24:57 ---A- C:\Users\Matteo\Default\Top Sites-journal [16384]
847. O61 - LFC: 28/03/2013 - 19:25:09 ---A- C:\Users\Matteo\Default\History Index 2013-03 [4046848]
848. O61 - LFC: 28/03/2013 - 19:25:09 ---A- C:\Users\Matteo\Default\History Index 2013-03-journal [16384]
849. O61 - LFC: 28/03/2013 - 19:25:12 ---A- C:\Users\Matteo\Default\QuotaManager [13312]
850. O61 - LFC: 28/03/2013 - 19:25:12 ---A- C:\Users\Matteo\Default\QuotaManager-journal [8768]
851. O61 - LFC: 28/03/2013 - 19:26:02 ---A- C:\Users\Matteo\Default\Web Data [77824]
852. O61 - LFC: 28/03/2013 - 19:26:02 ---A- C:\Users\Matteo\Default\Web Data-journal [10792]
853. O61 - LFC: 28/03/2013 - 19:26:05 ---A- C:\Users\Matteo\Default\Favicons [215040]
854. O61 - LFC: 28/03/2013 - 19:26:05 ---A- C:\Users\Matteo\Default\Favicons-journal [16384]
855. O61 - LFC: 28/03/2013 - 19:26:13 ---A- C:\Users\Matteo\Default\Cookies [196608]
856. O61 - LFC: 28/03/2013 - 19:26:13 ---A- C:\Users\Matteo\Default\Cookies-journal [16384]
857. O61 - LFC: 28/03/2013 - 19:26:13 ---A- C:\Users\Matteo\Default\Current Session [69776]
858. O61 - LFC: 28/03/2013 - 19:26:13 ---A- C:\Users\Matteo\Default\Current Tabs [18614]
859. O61 - LFC: 28/03/2013 - 19:26:13 ---A- C:\Users\Matteo\Default\Extension State\LOG [145]
860. O61 - LFC: 28/03/2013 - 19:26:13 ---A- C:\Users\Matteo\Default\File System\001\p\Paths\LOG [145]
861. O61 - LFC: 28/03/2013 - 19:26:13 ---A- C:\Users\Matteo\Default\File System\Origins\LOG [145]
862. O61 - LFC: 28/03/2013 - 19:26:13 ---A- C:\Users\Matteo\Default\History [356352]
863. O61 - LFC: 28/03/2013 - 19:26:13 ---A- C:\Users\Matteo\Default\History Provider Cache [40057]
864. O61 - LFC: 28/03/2013 - 19:26:13 ---A- C:\Users\Matteo\Default\History-journal [16384]
865. O61 - LFC: 28/03/2013 - 19:26:13 ---A- C:\Users\Matteo\Default\Preferences [95186]
866. O61 - LFC: 28/03/2013 - 19:26:13 ---A- C:\Users\Matteo\Default\Session Storage\LOG [264]
867. O61 - LFC: 28/03/2013 - 19:26:13 ---A- C:\Users\Matteo\Default\Visited Links [131072]
868. O61 - LFC: 28/03/2013 - 19:26:13 ---A- C:\Users\Matteo\Local State [24735]
869. O61 - LFC: 28/03/2013 - 19:26:13 ---A- C:\Users\Matteo\chrome_shutdown_ms.txt [4]
870. O61 - LFC: 29/03/2013 - 17:46:37 ---A- C:\Users\Matteo\AppData\Local\Google\Chrome\User Data\EULA Accepted [0]
871. O61 - LFC: 29/03/2013 - 17:46:37 ---A- C:\Users\Matteo\AppData\Local\Google\Chrome\User Data\First Run [0]
872. O61 - LFC: 29/03/2013 - 18:06:37 ---A- C:\Users\Matteo\AppData\Local\Google\Chrome\User Data\Certificate Revocation Lists [270659]
873. O61 - LFC: 29/03/2013 - 19:29:20 ---A- C:\Users\Matteo\Downloads\ZHPDiag2.exe [5481865]
874. O61 - LFC: 29/03/2013 - 22:23:02 ---A- C:\Users\Matteo\AppData\Roaming\dclogs\2013-03-29-6.dc [320662]
875. O61 - LFC: 30/03/2013 - 11:43:44 ---A- C:\Users\Matteo\AppData\Local\Google\Chrome\User Data\Local State [25579]
876. O61 - LFC: 30/03/2013 - 11:43:44 ---A- C:\Users\Matteo\AppData\Local\Google\Chrome\User Data\chrome_shutdown_ms.txt [4]
877. O61 - LFC: 30/03/2013 - 13:00:59 ---A- C:\Users\Matteo\AppData\Local\Dxtory Software\Dxtory2.0\vercheck.txt [7]
878. O61 - LFC: 30/03/2013 - 13:05:04 --HA- C:\Users\Matteo\AppData\Local\IconCache.db [1949167]
879. O61 - LFC: 30/03/2013 - 13:08:45 ---A- C:\Users\Matteo\AppData\Roaming\PrivateTunnel\firstrun.txt [10]
880. O61 - LFC: 30/03/2013 - 13:56:01 ---A- C:\Users\Matteo\AppData\Roaming\D2Info0 [125]
881. O61 - LFC: 30/03/2013 - 15:21:22 ---A- C:\Users\Matteo\AppData\Roaming\dclogs\2013-03-30-7.dc [39068]
882. ~ 8 Fichiers temporaires (Temporary files)
883. ~ Files: 737 Legitimates Scanned in 03mn 14s
884.  
885.  
886.  
887. ---\\ Liste des outils de nettoyage (O63)
888. O63 - Logiciel: ZHPDiag 2013 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1
889. O63 - Logiciel: RSIT - (.random/random.)
890. ~ ADS: Scanned in 00mn 00s
891.  
892.  
893.  
894. ---\\ Liste des services Legacy (O64)
895. O64 - Services: CurCS - 26/08/2012 - C:\Windows\System32\DRIVERS\lirsgt.sys - lirsgt (lirsgt) .(...) - LEGACY_LIRSGT
896. O64 - Services: CurCS - 11/02/2011 - C:\Windows\System32\drivers\npf.sys (npf) .(.CACE Technologies, Inc. - npf.sys (NT5/6 AMD64) Kernel Driver.) - LEGACY_NPF
897. ~ Legacy: 85 Legitimates Scanned in 00mn 00s
898.  
899.  
900.  
901. ---\\ File Associations Shell Spawning (O67)
902. O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] (...) -- "%1" %*
903. O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe
904. O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] (...) -- "%1" %*
905. O67 - Shell Spawning: <.com> <comfile>[HKLM\..\open\Command] (...) -- "%1" %*
906. O67 - Shell Spawning: <.evt> <evtfile>[HKLM\..\open\Command] (.Microsoft Corporation - Lanceur du composant logiciel enfichable Observateur d’événements.) -- C:\Windows\System32\eventvwr.exe
907. O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] (...) -- "%1" %*
908. O67 - Shell Spawning: <.html> <htmlfile>[HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
909. O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe
910. O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe
911. O67 - Shell Spawning: <.html> <ChromeHTML>[HKCU\..\open\Command] (.Not Key.)
912. O67 - Shell Spawning: <.bat> <batfile>[HKCR\..\open\Command] (...) -- "%1" %*
913. O67 - Shell Spawning: <.cpl> <cplfile>[HKCR\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe
914. O67 - Shell Spawning: <.cmd> <cmdfile>[HKCR\..\open\Command] (...) -- "%1" %*
915. O67 - Shell Spawning: <.com> <comfile>[HKCR\..\open\Command] (...) -- "%1" %*
916. O67 - Shell Spawning: <.evt> <evtfile>[HKCR\..\open\Command] (.Microsoft Corporation - Lanceur du composant logiciel enfichable Observateur d’événements.) -- C:\Windows\System32\eventvwr.exe
917. O67 - Shell Spawning: <.exe> <exefile>[HKCR\..\open\Command] (...) -- "%1" %*
918. O67 - Shell Spawning: <.html> <ChromeHTML>[HKCR\..\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
919. O67 - Shell Spawning: <.js> <JSFile>[HKCR\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe
920. O67 - Shell Spawning: <.reg> <regfile>[HKCR\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe
921. ~ Keys: Scanned in 00mn 00s
922.  
923.  
924.  
925. ---\\ Start Menu Internet (O68)
926. O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
927. O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
928. O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
929. ~ Keys: Scanned in 00mn 00s
930.  
931.  
932.  
933. ---\\ Crack & Keygen Files (O82)
934. C:\Users\Administrateur\Desktop\Keygen Acid Pro 7.0\Coleccion musical mia.rar
935. C:\Users\Administrateur\Desktop\Keygen Acid Pro 7.0\Coleccion musical mia.rar
936. D:\Downloads\Winrar Cracker Just Instal By TehxBaBy.exe
937. ~ Files: Scanned in 05mn 27s
938.  
939.  
940.  
941. ---\\ Recherche des services démarrés par Svchost (O83)
942. ~ Services: 32 Legitimates Scanned in 00mn 00s
943.  
944.  
945.  
946. ---\\ Recherche particuliere à la racine de certains dossiers (O84)
947. [MD5.1612A5E091BF486BD868802A5F1076C8] [SPRF][02/09/2011] (...) -- C:\ProgramData\499A45AD2C.sys [88]
948. [MD5.90E1D86D979B92738A47D7072CB22DA8] [SPRF][07/07/2010] (...) -- C:\ProgramData\FullRemove.exe [131472]
949. [MD5.EA3CFC52E4F1399FF67D63E5FA01BB22] [SPRF][02/09/2011] (...) -- C:\ProgramData\KGyGaAvL.sys [5642]
950. [MD5.E8552EE508F16CBB91A7F841651EFB7D] [SPRF][15/03/2013] (.Microsoft - Starter2.) -- C:\Users\Matteo\AppData\Local\launcher.exe [156160]
951. [MD5.6D9E5361414A404F62DC249F2AADC327] [SPRF][31/01/2008] (.Pas de propriétaire - 7-zip32.) -- C:\Users\Matteo\AppData\Local\Temp\7-zip32.dll [506880]
952. [MD5.F4F883EAF7F7413A085D9868511AF8A9] [SPRF][15/03/2013] (...) -- C:\Users\Matteo\AppData\Local\Temp\jansi-64-git-Bukkit-1.4.7-R1.0-15-g8e7c097-b2646jnks.dll [17408]
953. [MD5.F4F883EAF7F7413A085D9868511AF8A9] [SPRF][15/03/2013] (...) -- C:\Users\Matteo\AppData\Local\Temp\jansi-64-git-Bukkit-1.4.7-R1.0-b2624jnks.dll [17408]
954. [MD5.E5B43485D986CFECA401F10E9268C85A] [SPRF][15/03/2013] (...) -- C:\Users\Matteo\AppData\Local\Temp\sqlite-3.7.2-sqlitejdbc.dll [515584]
955. [MD5.4D41BF8132A7CBCDAB77C96CC0B4A7BC] [SPRF][15/03/2013] (...) -- C:\Users\Matteo\AppData\Roaming\win32.exe [1494207]
956. [MD5.F64D89856906F7D22ADC07EC5744D8E1] [SPRF][01/04/2012] (.DevComponents.com - DevComponents.DotNetBar.) -- C:\Users\Matteo\Desktop\DevComponents.DotNetBar2.dll [4640768]
957. [MD5.A3263FA647E746E197F7D753DAFA489F] [SPRF][15/03/2013] (.Pas de propriétaire - PhoenixAPI.) -- C:\Users\Matteo\Desktop\PhoenixAPI.dll [1257984]
958. [MD5.4A9A21400EDED54777A25A988DED328C] [SPRF][15/03/2013] (.Pas de propriétaire - PhoenixBot.) -- C:\Users\Matteo\Desktop\PhoenixBot.exe [980480]
959. [MD5.E8FD90C0630DC1B80FEDFA2C86D89B48] [SPRF][15/03/2013] (.Pas de propriétaire - PhoenixUpdate.) -- C:\Users\Matteo\Desktop\PhoenixUpdate.exe [24576]
960. ~ Files: Scanned in 00mn 00s
961.  
962.  
963.  
964. ---\\ Firewall Active Exception List (FirewallRules) (O87)
965. O87 - FAEL: "{B6D1DC2A-6205-4BB8-8012-CD187092887B}" | In - None - P17 - TRUE | .(.Pas de propriétaire - Pando Media Booster.) -- C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
966. O87 - FAEL: "{B186B359-AC87-48AE-88EE-27B645A1E0DA}" |In - Public - P6 - TRUE | .(...) -- C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\dtUser.exe (.not file.)
967. O87 - FAEL: "{B4072AA4-8533-4908-902E-A4D18754F78C}" |In - Public - P17 - TRUE | .(...) -- C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\dtUser.exe (.not file.)
968. O87 - FAEL: "TCP Query User{E120EBFC-3F67-42BE-83D5-2C097CA05773}C:\program files (x86)\wolfenstein - enemy territory\et.exe" | In - Public - P6 - TRUE | .(...) -- C:\program files (x86)\wolfenstein - enemy territory\et.exe
969. O87 - FAEL: "UDP Query User{8A32A138-CBDD-4017-80AE-1312B98DCE1A}C:\program files (x86)\wolfenstein - enemy territory\et.exe" | In - Public - P17 - TRUE | .(...) -- C:\program files (x86)\wolfenstein - enemy territory\et.exe
970. O87 - FAEL: "{FE0627F4-AA82-48ED-97CE-5AABA801E3E3}" | In - None - P6 - TRUE | .(.BitTorrent, Inc. - µTorrent.) -- C:\Program Files (x86)\uTorrent\uTorrent.exe
971. O87 - FAEL: "{75E9141C-AD0B-440F-9A07-BBD0C60B9B12}" | In - None - P17 - TRUE | .(.BitTorrent, Inc. - µTorrent.) -- C:\Program Files (x86)\uTorrent\uTorrent.exe
972. O87 - FAEL: "TCP Query User{5D9DC56E-A734-4C9D-8B9D-275D397E9BE1}D:\speedartppb\patchblocker.exe" | In - Private - P6 - TRUE | .(.Microsoft - WindowsFormsApplication1.) -- D:\speedartppb\patchblocker.exe
973. O87 - FAEL: "UDP Query User{4E6764EE-ED83-4073-9BE7-7BC854764802}D:\speedartppb\patchblocker.exe" | In - Private - P17 - TRUE | .(.Microsoft - WindowsFormsApplication1.) -- D:\speedartppb\patchblocker.exe
974. O87 - FAEL: "TCP Query User{7F26C0AD-FD03-42D4-A2C9-95D12A25114D}C:\users\matteo\appdata\local\iw4m\iw4m.dat" | In - Private - P6 - TRUE | .(...) -- C:\users\matteo\appdata\local\iw4m\iw4m.dat
975. O87 - FAEL: "UDP Query User{1843908C-1912-43E8-B529-F07C1DDBC567}C:\users\matteo\appdata\local\iw4m\iw4m.dat" | In - Private - P17 - TRUE | .(...) -- C:\users\matteo\appdata\local\iw4m\iw4m.dat
976. O87 - FAEL: "TCP Query User{BCAD09BC-BD6D-485D-A22A-13836396B15B}D:\downloads\patchblocker.exe" | In - Private - P6 - TRUE | .(.Microsoft - WindowsFormsApplication1.) -- D:\downloads\patchblocker.exe
977. O87 - FAEL: "UDP Query User{F72F3E5E-CFF0-4EE5-972A-B721412DA33B}D:\downloads\patchblocker.exe" | In - Private - P17 - TRUE | .(.Microsoft - WindowsFormsApplication1.) -- D:\downloads\patchblocker.exe
978. O87 - FAEL: "TCP Query User{856B6FD0-84AF-460F-A941-7368A9268D9C}D:\download\pipix_v2.6.exe" | In - Private - P6 - TRUE | .(...) -- D:\download\pipix_v2.6.exe
979. O87 - FAEL: "UDP Query User{5DEFC87B-0DE2-441F-A652-CB6D25556DA9}D:\download\pipix_v2.6.exe" | In - Private - P17 - TRUE | .(...) -- D:\download\pipix_v2.6.exe
980. O87 - FAEL: "TCP Query User{BC89C52B-DB70-4024-B3FE-316C27811713}D:\download\minecraftsp.exe" | In - Private - P6 - TRUE | .(.AnjoCaido - Minecraft - Single Player Only (or you buy it and use your username here.) -- D:\download\minecraftsp.exe
981. O87 - FAEL: "UDP Query User{85B78D56-819B-4B3B-A2E2-42A3C99D62F3}D:\download\minecraftsp.exe" | In - Private - P17 - TRUE | .(.AnjoCaido - Minecraft - Single Player Only (or you buy it and use your username here.) -- D:\download\minecraftsp.exe
982. O87 - FAEL: "{B2616791-374B-43AC-B37F-A61AA2129419}" | In - None - P17 - TRUE | .(.Pas de propriétaire - Wireless PAN DHCP and DNS Server.) -- C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
983. O87 - FAEL: "{912B3679-5021-49D9-B9BC-0346149F8F54}" | In - Domain - P6 - TRUE | .(.Pas de propriétaire - Pando Media Booster.) -- C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
984. O87 - FAEL: "{34D1D0B9-3191-4432-BA20-C63651602160}" | In - Domain - P17 - TRUE | .(.Pas de propriétaire - Pando Media Booster.) -- C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
985. O87 - FAEL: "{25BE1337-1B17-41D4-AD11-81A5265BF49F}" | In - Private - P6 - TRUE | .(.Pas de propriétaire - Pando Media Booster.) -- C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
986. O87 - FAEL: "{F6100DEC-3D2D-40BE-87AE-02E46C471D45}" | In - Private - P17 - TRUE | .(.Pas de propriétaire - Pando Media Booster.) -- C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
987. O87 - FAEL: "{9773C481-AA5B-4F78-81DB-5536B9C44DF8}" | In - None - P17 - TRUE | .(.Pas de propriétaire - Pando Media Booster.) -- C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
988. O87 - FAEL: "TCP Query User{469F5770-0FF0-433F-A075-031AF306630C}D:\pcjeux\call of duty modern warfare 3\iw5mp_server.exe" | In - Private - P6 - TRUE | .(...) -- D:\pcjeux\call of duty modern warfare 3\iw5mp_server.exe
989. O87 - FAEL: "UDP Query User{5351EB78-E3FA-4474-B201-670EAC98B025}D:\pcjeux\call of duty modern warfare 3\iw5mp_server.exe" | In - Private - P17 - TRUE | .(...) -- D:\pcjeux\call of duty modern warfare 3\iw5mp_server.exe
990. O87 - FAEL: "TCP Query User{0A578BAB-55D2-4340-8540-C5D208B87857}D:\pcjeux\call of duty modern warfare 3\iw5mp.exe" | In - Private - P6 - TRUE | .(...) -- D:\pcjeux\call of duty modern warfare 3\iw5mp.exe
991. O87 - FAEL: "UDP Query User{1BBD6B2E-87B3-4CA0-9238-2357C514E5AA}D:\pcjeux\call of duty modern warfare 3\iw5mp.exe" | In - Private - P17 - TRUE | .(...) -- D:\pcjeux\call of duty modern warfare 3\iw5mp.exe
992. O87 - FAEL: "TCP Query User{53948F4E-9CC6-442D-9421-051ABA6E07EF}D:\pcjeux\call of duty modern warfare 3\iw5sp.exe" | In - Public - P6 - TRUE | .(...) -- D:\pcjeux\call of duty modern warfare 3\iw5sp.exe
993. O87 - FAEL: "UDP Query User{D0B706D0-7BDA-4135-888D-2BB3D7B7B61F}D:\pcjeux\call of duty modern warfare 3\iw5sp.exe" | In - Public - P17 - TRUE | .(...) -- D:\pcjeux\call of duty modern warfare 3\iw5sp.exe
994. O87 - FAEL: "{22826F6C-F505-4020-B16D-DC5AAE3438C4}" | In - Private - P6 - TRUE | .(...) -- D:\Assasins\ACRSP.exe
995. O87 - FAEL: "{CFF06D8F-EE09-4D14-AB58-367A124E796D}" | In - Private - P17 - TRUE | .(...) -- D:\Assasins\ACRSP.exe
996. O87 - FAEL: "{BDD48FDF-8C0C-4C5B-94B7-E430BE241EB0}" | In - Private - P6 - TRUE | .(...) -- D:\Assasins\ACRMP.exe
997. O87 - FAEL: "{AD9676E5-B99E-4DD0-B877-F6C00AE6B522}" | In - Private - P17 - TRUE | .(...) -- D:\Assasins\ACRMP.exe
998. O87 - FAEL: "TCP Query User{2B013ADF-AAE2-4BA1-8AA0-CACE0104C4A6}D:\assasins\acrpr.exe" | In - Public - P6 - TRUE | .(...) -- D:\assasins\acrpr.exe
999. O87 - FAEL: "UDP Query User{D402C97A-358C-4456-BCA5-53AE3008D266}D:\assasins\acrpr.exe" | In - Public - P17 - TRUE | .(...) -- D:\assasins\acrpr.exe
1000. O87 - FAEL: "TCP Query User{57861DBC-0CFB-4579-8EA9-4F1D54D213DB}D:\assasins\acrsp.exe" | In - Public - P6 - TRUE | .(...) -- D:\assasins\acrsp.exe
1001. O87 - FAEL: "UDP Query User{6D3FB067-E019-4FE8-BB97-C1A5888D989C}D:\assasins\acrsp.exe" | In - Public - P17 - TRUE | .(...) -- D:\assasins\acrsp.exe
1002. O87 - FAEL: "TCP Query User{6A4D17DE-6A77-4DCE-A326-5FE3220B7ACB}C:\users\matteo\desktop\phoenixbot.exe" | In - Private - P6 - TRUE | .(.Pas de propriétaire - PhoenixBot.) -- C:\users\matteo\desktop\phoenixbot.exe
1003. O87 - FAEL: "UDP Query User{F74C9CCD-48C7-40EB-8152-ED55778957CD}C:\users\matteo\desktop\phoenixbot.exe" | In - Private - P17 - TRUE | .(.Pas de propriétaire - PhoenixBot.) -- C:\users\matteo\desktop\phoenixbot.exe
1004. O87 - FAEL: "TCP Query User{0CB6DB7A-2233-452C-8304-43403BB22A4F}C:\program files\sony\vegas pro 12.0\vegas120.exe" | In - Private - P6 - TRUE | .(.Sony Creative Software Inc. - Vegas Pro.) -- C:\program files\sony\vegas pro 12.0\vegas120.exe
1005. O87 - FAEL: "UDP Query User{4BD8C3FA-5768-46A2-B672-9933F05465F4}C:\program files\sony\vegas pro 12.0\vegas120.exe" | In - Private - P17 - TRUE | .(.Sony Creative Software Inc. - Vegas Pro.) -- C:\program files\sony\vegas pro 12.0\vegas120.exe
1006. O87 - FAEL: "{90ABD615-A2A2-494B-983D-5EA7734D857F}" |In - None - P17 - TRUE | .(...) -- C:\Program Files (x86)\Iminent\Iminent.exe (.not file.)
1007. O87 - FAEL: "{D6F24D4F-C352-4E13-B020-4E0E1DE3EB88}" |In - None - P17 - TRUE | .(...) -- C:\Program Files (x86)\Iminent\Iminent.Messengers.exe (.not file.)
1008. ~ Firewall: 299 Legitimates Scanned in 00mn 05s
1009.  
1010.  
1011.  
1012. ---\\ Scan Additionnel (O88)
1013. Database Version : v2.11334 - (28/03/2013)
1014. Clés trouvées (Keys found) : 31
1015. Valeurs trouvées (Values found) : 0
1016. Dossiers trouvés (Folders found) : 2
1017. Fichiers trouvés (Files found) : 0
1018.  
1019. [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{05EEB91A-AEF7-4F8A-978F-FB83E7B03F8E}] =>Toolbar.Conduit
1020. [HKLM\Software\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}] =>Toolbar.Skype
1021. [HKLM\Software\Microsoft\Internet Explorer\extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}] =>Toolbar.Skype
1022. [HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}] =>Toolbar.Skype
1023. [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}] =>Toolbar.Skype
1024. [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}] =>Toolbar.Skype
1025. [HKLM\Software\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}] =>Toolbar.Skype
1026. [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}] =>Toolbar.Skype
1027. [HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}] =>Toolbar.Skype
1028. [HKLM\Software\Wow6432Node\Microsoft\Tracing\BingBar_RASMANCS] =>Toolbar.Bing
1029. [HKLM\Software\Wow6432Node\Google\Chrome\Extensions\paoponfhfdfnjgddpnpjkambkcgdaaib] =>Toolbar.Conduit
1030. [HKLM\SYSTEM\CurrentControlSet\Services\HssSrv] =>Toolbar.Agent
1031. [HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\HssSrv] =>Toolbar.Agent
1032. [HKCU\Software\DC3_FEXEC] =>Backdoor.Fynloski
1033. [HKCU\Software\IGagnant] =>Toolbar.Agent
1034. [HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{1E03DB52-D5CB-4338-A338-E526DD4D4DB1}] =>Toolbar.Bing
1035. [HKLM\Software\Wow6432Node\Microsoft\Tracing\BingBar_RASAPI32] =>Toolbar.Bing
1036. [HKLM\Software\Classes\Installer\Features\25BD30E1BC5D83343A835E62DDD4D41B] =>Toolbar.Agent
1037. [HKLM\Software\Classes\Installer\Products\25BD30E1BC5D83343A835E62DDD4D41B] =>Toolbar.Agent
1038. [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\25BD30E1BC5D83343A835E62DDD4D41B] =>Toolbar.Agent
1039. [HKLM\Software\Wow6432Node\Classes\Installer\Features\25BD30E1BC5D83343A835E62DDD4D41B] =>Toolbar.Agent
1040. [HKLM\Software\Wow6432Node\Classes\Installer\Products\25BD30E1BC5D83343A835E62DDD4D41B] =>Toolbar.Agent
1041. [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375] =>Toolbar.Agent
1042. [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5] =>Toolbar.Agent
1043. [HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}] =>Toolbar.Bing
1044. [HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}] =>Toolbar.Bing
1045. [HKLM\Software\Classes\Installer\Features\9EC6D81181F59F2459A84176A626F9ED] =>Adware.IMBooster
1046. [HKLM\Software\Classes\Installer\Products\9EC6D81181F59F2459A84176A626F9ED] =>Adware.IMBooster
1047. [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\9EC6D81181F59F2459A84176A626F9ED] =>Adware.IMBooster
1048. [HKLM\Software\Wow6432Node\Classes\Installer\Features\9EC6D81181F59F2459A84176A626F9ED] =>Adware.IMBooster
1049. [HKLM\Software\Wow6432Node\Classes\Installer\Products\9EC6D81181F59F2459A84176A626F9ED] =>Adware.IMBooster
1050. C:\Program Files (x86)\StartNow Toolbar =>Adware.Zugo
1051. C:\Users\Matteo\AppData\Local\Google\Chrome\User Data\Default\Extensions\jbpkiefagocgkmemidfngdkamloieekf =>Hijacker.TornTV
1052. ~ Additionnel: Scanned in 00mn 14s
1053.  
1054.  
1055.  
1056. ---\\ Product Upgrade Codes (O90)
1057. O90 - PUC: "25BD30E1BC5D83343A835E62DDD4D41B" . (.Bing Bar.) -- C:\Windows\Installer\{1E03DB52-D5CB-4338-A338-E526DD4D4DB1}\icon_installer_ico
1058. O90 - PUC: "2962BE55EFAF2534AADCBA39975EF780" . (.XSplit.) -- C:\Windows\Installer\{55EB2692-FAFE-4352-AACD-AB9379E57F08}\XSplit.Core.exe
1059. O90 - PUC: "33C884396D8DA27438BB7F613053C50F" . (.Magic Bullet Suite 64-bit.) -- C:\Windows\Installer\{93488C33-D8D6-472A-83BB-F71603355CF0}\ARPPRODUCTICON.exe
1060. O90 - PUC: "3EA2121C9BBD563448378FBA7C0BB6BB" . (.Pinnacle Instant DVD Recorder.) -- C:\Windows\Installer\{C1212AE3-DBB9-4365-8473-F8ABC7B06BBB}\ARPPRODUCTICON.exe
1061. O90 - PUC: "7576BF42725026D4E807DF19F34AE214" . (.PrivateTunnel.) -- C:\Windows\Installer\{24FB6757-0527-4D62-8E70-FD913FA42E41}\openvpn.ico
1062. O90 - PUC: "78851BEF2390D2D4BB58A60CF3FBA18A" . (.Pinnacle VideoSpin.) -- C:\Windows\Installer\{FEB15887-0932-4D2D-BB85-6AC03FBF1AA8}\VideoSpin.exe
1063. O90 - PUC: "8794D04A699677C4A934921CD3217BEB" . (.Requiem.) -- C:\Windows\Installer\{A40D4978-6996-4C77-9A43-29C13D12B7BE}\RequiemIcon.ico
1064. O90 - PUC: "8D7961433299E5444BA225E9A599BCA7" . (.syncables desktop SE.) -- C:\Windows\Installer\{341697D8-9923-445E-B42A-529E5A99CB7A}\ARPPRODUCTICON.exe
1065. O90 - PUC: "903DCDCE5F270C64A857CC14614D94C6" . (.Elgato Game Capture HD.) -- C:\Windows\Installer\{ECDCD309-72F5-46C0-8A75-CC4116D4496C}\GameCapture.ico
1066. O90 - PUC: "9EC6D81181F59F2459A84176A626F9ED" . (.Iminent.) -- C:\Windows\Installer\{118D6CE9-5F18-42F9-958A-14676A629FDE}\imbooster.ico
1067. O90 - PUC: "E5E5DF7FC0F31394AAB1AE8B83CB20BD" . (.ACID Pro 7.0.) -- C:\Windows\Installer\{F7FD5E5E-3F0C-4931-AA1B-EAB838BC02DB}\acid70.ico
1068. ~ Update Products: 339 Legitimates Scanned in 00mn 00s
1069.  
1070.  
1071.  
1072. ---\\ MyComputer Name Space (O92)
1073. O92 - MNS: ASUS WebStorage Drive - {d6044399-0b9e-4084-a9ac-c4b7c7800fcf}
1074. O92 - MNS: Flux de photos - {F0D63F85-37EC-4097-B30D-61B4A8917118}
1075. ~ MNS: Scanned in 00mn 00s
1076.  
1077.  
1078.  
1079. ---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
1080. SR - | Auto 27/07/2012 63960 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
1081. SS - | Demand 12/03/2013 253656 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
1082. SR - | Auto 04/03/2011 379520 | (AFBAgent) . (.ASUSTeK Computer Inc..) - C:\Windows\system32\FBAgent.exe
1083. SR - | Auto 29/03/2013 86752 | (AntiVirSchedulerService) . (.Avira Operations GmbH & Co. KG.) - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
1084. SR - | Auto 29/03/2013 110816 | (AntiVirService) . (.Avira Operations GmbH & Co. KG.) - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
1085. SR - | Auto 11/08/2012 55184 | (Apple Mobile Device) . (.Apple Inc..) - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
1086. SR - | Auto 16/06/2009 84536 | (ASLDRService) . (.ASUS.) - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
1087. SR - | Auto 15/12/2009 96896 | (ATKGFNEXSrv) . (.ASUS.) - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
1088. SS - | Demand 02/03/2011 183560 | (BBSvc) . (.Microsoft Corporation..) - C:\Program Files (x86)\Microsoft\BingBar\BBSvc.exe
1089. SR - | Auto 30/08/2011 462184 | (Bonjour Service) . (.Apple Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe
1090. SS - | Demand 04/05/2012 2438696 | (CGVPNCliSrvc) . (.mobile concepts GmbH.) - C:\Program Files\CyberGhost VPN\CGVPNCliService.exe
1091. SR - | Auto 02/05/2011 1517328 | (EvtEng) . (.Intel(R) Corporation.) - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
1092. SS - | Auto 20/09/2012 101376 | (Freemake Improver) . (.Freemake.) - C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
1093. SR - | Auto 07/09/2012 8704 | (FreemakeVideoCapture) . (.Freemake.) - C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe
1094. SS - | Auto 13/04/2011 135664 | (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
1095. SS - | Demand 13/04/2011 135664 | (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
1096. SS - | Demand 23/08/2012 194032 | (gusvc) . (.Google.) - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
1097. SR - | Auto 10/12/2012 2465712 | (Hamachi2Svc) . (.LogMeIn Inc..) - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
1098. SR - | Auto 14/09/2012 511344 | (hshld) . (.AnchorFree Inc..) - C:\Program Files (x86)\Hotspot Shield\bin\openvpnas.exe
1099. SR - | Auto 14/09/2012 412016 | (HssSrv) . (.AnchorFree Inc..) - C:\Program Files (x86)\Hotspot Shield\HssWPR\hsssrv.exe
1100. SS - | Demand 78072 | (HssTrayService) . (...) - C:\Program Files (x86)\Hotspot Shield\bin\HssTrayService.exe
1101. SR - | Auto 388976 | (HssWd) . (...) - C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe
1102. SR - | Demand 12/12/2012 641504 | (iPod Service) . (.Apple Inc..) - C:\Program Files\iPod\bin\iPodService.exe
1103. SS - | Auto 30/12/1899 0 | C:\Windows\System32\libusbd-nt.exe (libusbd) . (.http://libusb-win32.sourceforge.net.) - c:\system32\libusbd-nt.exe
1104. SR - | Auto 14/12/2012 398184 | (MBAMScheduler) . (.Malwarebytes Corporation.) - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
1105. SR - | Auto 14/12/2012 682344 | (MBAMService) . (.Malwarebytes Corporation.) - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
1106. SS - | Demand 12/03/2013 115608 | (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
1107. SS - | Demand 340240 | (MyWiFiDHCPDNS) . (...) - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
1108. SR - | Auto 11/05/2011 1007208 | (NVSvc) . (.NVIDIA Corporation.) - C:\Windows\System32\nvvsvc.exe
1109. SR - | Auto 10/05/2011 2009704 | (nvUpdatusService) . (.NVIDIA Corporation.) - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
1110. SR - | Auto 24064 | (OpenVPNAccessClient) . (...) - C:\Program Files (x86)\OpenVPN Technologies\PrivateTunnel\core\capiws.exe
1111. SR - | Auto 0 | (PnkBstrA) . (...) - C:\Windows\system32\PnkBstrA.exe
1112. SR - | Auto 02/05/2011 844560 | (RegSrvc) . (.Intel(R) Corporation.) - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
1113. SR - | Auto 25/02/2011 249648 | (SeaPort) . (.Microsoft Corporation.) - C:\Program Files (x86)\Microsoft\BingBar\SeaPort.exe
1114. SR - | Auto 02/10/2012 3064000 | (Skype C2C Service) . (.Skype Technologies S.A..) - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
1115. SS - | Auto 08/01/2013 161536 | (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files (x86)\Skype\Updater\Updater.exe
1116. SS - | Demand 25/02/2013 543144 | (Steam Client Service) . (.Valve Corporation.) - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
1117. SS - | Demand 19/02/2010 517096 | (SwitchBoard) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
1118. SR - | Auto 17/04/2010 134928 | (TurboBoost) . (.Intel(R) Corporation.) - C:\Program Files\Intel\TurboBoost\TurboBoost.exe
1119. SS - | Demand 13/05/2012 18432 | (wampapache) . (.Apache Software Foundation.) - c:\wamp\bin\apache\apache2.2.22\bin\httpd.exe
1120. SS - | Demand 8177664 | (wampmysqld) . (...) - c:\wamp\bin\mysql\mysql5.5.24\bin\mysqld.exe
1121. SR - | Auto 14/07/2009 27136 | C:\Program Files (x86)\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
1122. SR - | Auto 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe
1123. SR - | Auto 14/07/2009 27136 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
1124. ~ Services: Scanned in 00mn 01s
1125.  
1126.  
1127.  
1128. ---\\ Recherche Master Boot Record Infection (MBR)(O80)
1129. Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net
1130. ~ MBR: 1 Legitimates Scanned in 00mn 02s
1131.  
1132.  
1133.  
1134. ---\\ Recherche Master Boot Record Infection (MBRCheck)(O80)
1135. Written by ad13, http://ad13.geekstog
1136. Run by Matteo at 30/03/2013 15:36:11
1137.  
1138. ********* Dump file Name *********
1139. C:\PhysicalDisk0_MBR.bin
1140. ~ MBR: Scanned in 00mn 04s
1141.  
1142.  
1143.  
1144. End of the scan (1143 lines in 15mn 06s)(3)