Rapport

1. Rapport de ZHPDiag v2013.3.28.105 par Nicolas Coolman, Update du 28/03/2013
2. Run by Matteo at 29/03/2013 19:55:05
3. State : Version à jour.
4. High Elevated Privileges : OK
5. UAC : Deactivate by user
6.  
7.  
8. ---\\ Web Browser
9. MSIE: Internet Explorer v9.0.8112.16421
10. MFIE: Mozilla Firefox 15.0.1 v15.0.1
11. MFIE: Mozilla Firefox 19.0.2 v19.0.2
12. GCIE: Google Chrome v25.0.1364.172 (Defaut)
13.  
14. ---\\ Windows Product Information
15. ~ Langage: Français
16. Windows 7 Home Premium Edition, 64-bit Service Pack 1 (Build 7601)
17. Windows Server License Manager Script : OK
18. ~ Windows(R) 7, OEM_SLP channel
19. System Locked Preinstallation (OEM_SLP) : OK
20. Windows ID Activation : OK
21. ~ Windows Partial Key : 9YQTR
22. Windows License : OK
23. ~ Windows Remaining Initializations Number : 1
24. Software Protection Service (Protection logicielle) : OK
25. Windows Automatic Updates : OK
26. Windows Activation Technologies : OK
27.  
28. ---\\ System Information
29. ~ Processor: Intel64 Family 6 Model 42 Stepping 7, GenuineIntel
30. ~ Operating System: 64 Bits
31. Boot mode: Normal (Normal boot)
32. Total RAM: 6055 MB (36% free)
33. System Restore: Activé (Enable)
34. System drive C: has 100 GB (34%) free of 293 GB
35.  
36. ---\\ Logged in mode
37. ~ Computer Name: PCDEMATTEO
38. ~ User Name: Matteo
39. ~ All Users Names: UpdatusUser, Matteo, HomeGroupUser$, Administrateur,
40. ~ Unselected Option: None
41. Logged in as Administrator
42.  
43. ---\\ Environnement Variables
44. ~ System Unit : C:\
45. ~ %AppData% : C:\Users\Matteo\AppData\Roaming\
46. ~ %Desktop% : C:\Users\Matteo\Desktop\
47. ~ %Favorites% : C:\Users\Matteo\Favorites\
48. ~ %LocalAppData% : C:\Users\Matteo\AppData\Local\
49. ~ %StartMenu% : C:\Users\Matteo\AppData\Roaming\Microsoft\Windows\Start Menu\
50. ~ %Windir% : C:\Windows\
51. ~ %System% : C:\Windows\System32\
52.  
53. ---\\ DOS/Devices
54. C:\ Hard drive, Flash drive, Thumb drive (Free 100 Go of 293 Go)
55. D:\ Hard drive, Flash drive, Thumb drive (Free 143 Go of 381 Go)
56. E:\ CD-ROM drive (Not Inserted)
57. F:\ CD-ROM drive (Free 0 Go of 2 Go)
58. H:\ CD-ROM drive (Not Inserted)
59.  
60.  
61.  
62. ---\\ Security Center & Tools Informations
63. [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
64. [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
65. [HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
66. [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
67. [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: Modified
68. [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
69. [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
70. [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
71. [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
72. [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : Out Of Date
73. ~ Security Center: Scanned in 00mn 00s
74.  
75.  
76.  
77. ---\\ Recherche particulière de fichiers génériques
78. [MD5.2A918679E1CC652B377F5849EBEAD1A7] - (.Microsoft Corporation - Explorateur Windows.) (.25/02/2011 - 07:19:30.) -- C:\Windows\Explorer.exe [2388992]
79. [MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Application de démarrage de Windows.) (.14/07/2009 - 02:39:52.) -- C:\Windows\System32\Wininit.exe [129024]
80. [MD5.8EA68FD3780DDDD5072F8CB830B3CB3D] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.29/06/2012 - 04:49:11.) -- C:\Windows\System32\wininet.dll [1392128]
81. [MD5.1151B1BAA6F350B1DB6598E0FEA7C457] - (.Microsoft Corporation - Application d’ouverture de session Windows.) (.20/11/2010 - 14:25:32.) -- C:\Windows\System32\Winlogon.exe [390656]
82. [MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Bibliothèque de licences.) (.20/11/2010 - 14:27:28.) -- C:\Windows\System32\sppcomapi.dll [232448]
83. [MD5.1C7857B62DE5994A75B054A9FD4C3825] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.28/12/2011 - 04:59:24.) -- C:\Windows\system32\Drivers\AFD.sys [498688]
84. [MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 - 02:52:21.) -- C:\Windows\system32\Drivers\atapi.sys [24128]
85. [MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.14/07/2009 - 00:19:47.) -- C:\Windows\system32\Drivers\Cdfs.sys [92160]
86. [MD5.F036CE71586E93D94DAB220D7BDF4416] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.20/11/2010 - 10:19:22.) -- C:\Windows\system32\Drivers\Cdrom.sys [147456]
87. [MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.20/11/2010 - 10:26:34.) -- C:\Windows\system32\Drivers\DfsC.sys [102400]
88. [MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.20/11/2010 - 11:43:44.) -- C:\Windows\system32\Drivers\HDAudBus.sys [122368]
89. [MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Pilote de port i8042.) (.14/07/2009 - 00:19:57.) -- C:\Windows\system32\Drivers\i8042prt.sys [105472]
90. [MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.14/07/2009 - 01:10:03.) -- C:\Windows\system32\Drivers\IpNat.sys [116224]
91. [MD5.A5D9106A73DC88564C825D317CAC68AC] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.27/04/2011 - 03:40:40.) -- C:\Windows\system32\Drivers\MRxSmb.sys [158208]
92. [MD5.09594D1089C523423B32A4229263F068] - (.Microsoft Corporation - MBT Transport driver.) (.20/11/2010 - 10:23:22.) -- C:\Windows\system32\Drivers\netBT.sys [261632]
93. [MD5.A2F74975097F52A00745F9637451FDD8] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.11/03/2011 - 07:41:34.) -- C:\Windows\system32\Drivers\ntfs.sys [1659776]
94. [MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Pilote de port parallèle.) (.14/07/2009 - 01:00:41.) -- C:\Windows\system32\Drivers\Parport.sys [97280]
95. [MD5.471815800AE33E6F1C32FB1B97C490CA] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.20/11/2010 - 11:52:36.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [129536]
96. [MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.14/07/2009 - 01:09:09.) -- C:\Windows\system32\Drivers\smb.sys [93184]
97. [MD5.DDAD5A7AB24D8B65F8D724F5C20FD806] - (.Microsoft Corporation - TDI Translation Driver.) (.20/11/2010 - 10:21:58.) -- C:\Windows\system32\Drivers\tdx.sys [119296]
98. [MD5.0D08D2F3B3FF84E433346669B5E0F639] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.20/11/2010 - 14:34:04.) -- C:\Windows\system32\Drivers\volsnap.sys [295808]
99. ~ Generic Processes: Scanned in 00mn 03s
100.  
101.  
102.  
103. ---\\ Etat des fichiers cachés (Caché/Total)
104. ~ Mes images (My Pictures) : 1/5
105. ~ Mes musiques (My Musics) : 1/12
106. ~ Mes Videos (My Videos) : 1/79
107. ~ Mes Favoris (My Favorites) : 1/8
108. ~ Mes Documents (My Documents) : 0/109
109. ~ Mon Bureau (My Desktop) : 0/632
110. ~ Menu demarrer (Programs) : 1/96
111. ~ Hidden Files: Scanned in 00mn 04s
112.  
113.  
114.  
115. ---\\ Processus lancés
116. [MD5.18E5C2F937F9DEB8C282DF66A3761925] - (.ASUS - ASLDR Service.) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe [84536] [PID.1496]
117. [MD5.7910158929571214A959D5A6D16DD9C0] - (.ASUS - GFNEXSrv.) -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe [96896] [PID.1672]
118. [MD5.E41F55D0B71734BB68FF26963EB250E4] - (.Avira Operations GmbH & Co. KG - Avira Scheduler.) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [86752] [PID.1856]
119. [MD5.01F61F0F2B551EAEE2C12619B13B93D2] - (.ASUS - HControl.) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe [166528] [PID.1796]
120. [MD5.149126216A694E6BA84E92ECA77AAE3B] - (.ASUS - ATKOSD.) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe [2488888] [PID.396]
121. [MD5.5BB1F77C8AF725A15EC9366498D275BB] - (.ASUS - ATKOSD2.) -- C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [5732992] [PID.2116]
122. [MD5.BC3DA234CDA880578526DAB028F40268] - (.ASUS - SmartLogon Application.) -- C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe [305792] [PID.2132]
123. [MD5.F4DCD4912B185C3AAEB92A7040832AD1] - (.Pas de propriétaire - ALU.) -- C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe [51768] [PID.2140]
124. [MD5.AA11E1368EEB237DD100BAC6AFFE1C57] - (.ASUS - KBFiltr.) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe [113208] [PID.2164]
125. [MD5.4A7C441D99D86704D194E7678873B95D] - (.ASUS - WDC.) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe [174648] [PID.2256]
126. [MD5.D19C4EE2AC7C47B8F5F84FFF1A789D8A] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [63960] [PID.2276]
127. [MD5.880AE0BEDE234F27AC252049373B8CB9] - (.Avira Operations GmbH & Co. KG - Avira On-Access Service.) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [110816] [PID.2368]
128. [MD5.A5299D04ED225D64CF07A568A3E1BF8C] - (.Apple Inc. - MobileDeviceService.) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [55184] [PID.2416]
129. [MD5.37DEB76A2CF005841C4E45DE2B94D84F] - (.ASUS - AsScrPro.) -- C:\Windows\AsScrPro.exe [3058304] [PID.2448]
130. [MD5.57B4D34232852BFE4453BE571DF90D21] - (.CyberLink - CyberLink MediaLibray Service.) -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [103720] [PID.2460]
131. [MD5.497F27E279C0F921E2130BB89C1CB5CA] - (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe [18705664] [PID.2312]
132. [MD5.BF2F2717C13A4BD4FD73F2788534E86B] - (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe [917400] [PID.2732]
133. [MD5.1F81444A2AC10FFEB46B325A1F916B12] - (...) -- C:\Windows\Lion Skin Pack\UberIcon\UberIcon.exe [159744] [PID.3168]
134. [MD5.4D6B7C0464A92343B8B0F940D95BA99E] - (.VirtuaWin - VirtuaWin v4.1.) -- C:\Windows\Lion Skin Pack\VirtuaWin\VirtuaWin.exe [136704] [PID.0]
135. [MD5.FC8B588E9BBC070C411136554A9AA56E] - (.Y'z@Home - Attach drop shadow to windows..) -- C:\Windows\Lion Skin Pack\YzShadow\YzShadow.exe [151552] [PID.3192]
136. [MD5.7EE22E13DEC8A6D18F4643C1EA34B0F0] - (.Virage Logic Corporation / Sonic Focus - ASUS_MATray.exe.) -- C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe [984400] [PID.3584]
137. [MD5.79A3B950988F8D2B81906D0C0473158B] - (.ASUS - ATK Media.) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [170624] [PID.3600]
138. [MD5.5AEBF6FA9805C9101220AA4FB4FA17E7] - (.ASUS - HControlUser.) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [105016] [PID.3608]
139. [MD5.FD22B00049F775E952371E9C3DAC631B] - (.Pas de propriétaire - Wireless Console 3.) -- C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe [1601536] [PID.3616]
140. [MD5.2ED9C81918815AF05D81159955FC3643] - (.Bandoo Media, inc - Data Manager.) -- C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\datamngrUI.exe [1694608] [PID.0]
141. [MD5.12916E0642E92561C98B18A2A2D01B14] - (.Sun Microsystems, Inc. - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [252848] [PID.3800]
142. [MD5.4D41BF8132A7CBCDAB77C96CC0B4A7BC] - (...) -- C:\Users\Matteo\Documents\DCSCMIN\IMDCSC.exe [1494207] [PID.3848]
143. [MD5.3CB07566302BCEEB898DE270A0BEC175] - (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [946352] [PID.3288]
144. [MD5.AD8BD96B41C40AC36D803DF267B26EF0] - (.LogMeIn Inc. - Hamachi Client Application.) -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [2254768] [PID.3628]
145. [MD5.4D337AC93FFE620A7DAB5A09FB04DA5D] - (...) -- C:\Windows\Lion Skin Pack\VirtuaWin\modules\WinList.exe [14848] [PID.3968]
146. [MD5.E4401CF27225C1D6E664E86195978562] - (.Apple Inc. - iTunesHelper.) -- C:\Program Files (x86)\iTunes\iTunesHelper.exe [152544] [PID.4036]
147. [MD5.5B8E2CA848D2336013D46701CC1DD5F8] - (.Avira Operations GmbH & Co. KG - Avira System Tray Tool.) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [345312] [PID.3908]
148. [MD5.705AB7370EEEE5E799F419DF90FCEBBC] - (.Iminent - Iminent.) -- C:\Program Files (x86)\Iminent\Iminent.exe [1074736] [PID.3508]
149. [MD5.75CF6235E6FA5B1B74A7934A24862CC9] - (.Iminent - Iminent.) -- C:\Program Files (x86)\Iminent\Iminent.Messengers.exe [884784] [PID.3960]
150. [MD5.8D3B3AD7F9B6EE8AC96B1AD293BB0FB0] - (.Freemake - CaptureLibService.) -- C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe [8704] [PID.2880]
151. [MD5.46973BE31BA606A0143C5932E7BDFDBD] - (.AnchorFree Inc. - Pas de description.) -- C:\Program Files (x86)\Hotspot Shield\bin\openvpnas.exe [511344] [PID.1560]
152. [MD5.E489256CEB48F882809B98769A0BAC25] - (.AnchorFree Inc. - Pas de description.) -- C:\Program Files (x86)\Hotspot Shield\HssWPR\hsssrv.exe [412016] [PID.1352]
153. [MD5.D175CFBC4B0A5B3E5F4A689B0C4ED04E] - (...) -- C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe [388976] [PID.3880]
154. [MD5.1ACAA67676E9E7BDA5E0C41B6E0DECAF] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [398184] [PID.4104]
155. [MD5.916B8954AC3E06DC9E898AFFB41F3FB6] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [682344] [PID.4584]
156. [MD5.6FF6EF1CC25E558CF0335928B658D11E] - (...) -- C:\Program Files (x86)\OpenVPN Technologies\PrivateTunnel\core\capiws.exe [24064] [PID.4624]
157. [MD5.205E1B699FD3F2F9B036EEA2EC30C620] - (...) -- C:\Windows\SysWOW64\PnkBstrA.exe [76888] [PID.4744]
158. [MD5.7853D2AB445C10F97610B2B05FA4CF0A] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe [512360] [PID.4824]
159. [MD5.388AE59FE75F1B959DFA0900923C61BB] - (.Skype Technologies S.A. - Skype C2C Service.) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [3064000] [PID.4972]
160. [MD5.791227582A5070BD78B7E05285D13446] - (.Iminent - Iminent Protection.) -- C:\Program Files (x86)\Common Files\Umbrella\umbrella.exe [2663976] [PID.2628]
161. [MD5.9511B23DAE049EAC7579B5DB822EC001] - (.ASUSTek Computer Inc. - AIRecoveryRemind.) -- C:\Program Files (x86)\ASUS\AI Recovery\AIRecoveryRemind.exe [509568] [PID.4360]
162. [MD5.1ECC8ADA1A2DE3A5A943020A01752626] - (...) -- C:\Program Files (x86)\OpenVPN Technologies\PrivateTunnel\core\ovpntray.exe [68096] [PID.5352]
163. [MD5.00572C26C6DCF99362068FB7283B7126] - (.NVIDIA Corporation - NVIDIA Settings Update Manager.) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2009704] [PID.5664]
164. [MD5.5DFE72B9F1FF669070FC032090B7B982] - (.Sun Microsystems, Inc. - Java(TM) Update Checker.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe [507312] [PID.6224]
165. [MD5.AA6844A5127ED4B20DF6D313467B929D] - (.Mozilla Corporation - Plugin Container for Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe [17304] [PID.5232]
166. [MD5.680AD8F376970696B45269F074A8A28E] - (.Adobe Systems, Inc. - Adobe Flash Player 11.6 r602.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_6_602_180.exe [1822424] [PID.5768]
167. [MD5.B55A4A88D4DA4BA371EE48EEF80703BD] - (.Avira Operations GmbH & Co. KG - Avira On-Demand Scanner.) -- c:\program files (x86)\avira\antivir desktop\avscan.exe [639712] [PID.5020]
168. [MD5.D54EAB26A6060E8A6318A947C8541B79] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [6184448] [PID.8696]
169. [MD5.2F0B43190DA225D624DF41587C832296] - (...) -- C:\Program Files (x86)\Dofus2\app\Dofus.exe [142336] [PID.8376]
170. ~ Processes Running: Scanned in 00mn 17s
171.  
172.  
173.  
174. ---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
175. C:\Users\Matteo\AppData\Local\Google\Chrome\User Data\Default\Preferences
176. G1 - GCS: Preference [User Data\Default] None
177. ~ Google Browser: Scanned in 00mn 00s
178.  
179.  
180.  
181. ---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
182. C:\Users\Matteo\AppData\Roaming\Mozilla\Firefox\Profiles\7gf4zulc.default\prefs.js
183. M3 - MFPP: Plugins - [Matteo] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\amazon-france.xml
184. M3 - MFPP: Plugins - [Matteo] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\bing.xml
185. M3 - MFPP: Plugins - [Matteo] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\cnrtl-tlfi-fr.xml
186. M3 - MFPP: Plugins - [Matteo] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\eBay-france.xml
187. M3 - MFPP: Plugins - [Matteo] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\google.xml
188. M3 - MFPP: Plugins - [Matteo] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\Search_Results.xml
189. M3 - MFPP: Plugins - [Matteo] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\wikipedia-fr.xml
190. M3 - MFPP: Plugins - [Matteo] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\yahoo-france.xml
191. P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (...) -- C:\Windows\system32\Macromed\Flash\NPSWF64_11_6_602_180.dll
192. P2 - FPN: [HKLM] [@java.com/JavaPlugin] - (.Sun Microsystems, Inc. - Next Generation Java Plug-in 1.6.0_25 for Mozilla browsers.) -- C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
193. P2 - FPN: [HKLM] [@microsoft.com/OfficeAuthz,version=14.0] - (.Microsoft Corporation - Office Authorization plug-in for NPAPI browsers.) -- C:\Program Files\Microsoft Office\Office14\NPAUTHZ.dll
194. P2 - FPN: [HKCU] [@talk.google.com/GoogleTalkPlugin] - (.Google - Version 3.17.0.12440.) -- C:\Users\Matteo\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
195. P2 - FPN: [HKCU] [@talk.google.com/O1DPlugin] - (.Google - Version 3.17.0.12440.) -- C:\Users\Matteo\AppData\Roaming\Mozilla\plugins\npo1d.dll
196. P2 - FPN: [HKCU] [@talk.google.com/O3DPlugin] - (.Pas de propriétaire - Google Talk Plugin Video Accelerator version:0.1.44.24.) -- C:\Users\Matteo\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll
197. P2 - FPN: [HKCU] [@tools.google.com/Google Update;version=3] - (.Google Inc. - Google Update.) -- C:\Users\Matteo\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll
198. P2 - FPN: [HKCU] [@tools.google.com/Google Update;version=9] - (.Google Inc. - Google Update.) -- C:\Users\Matteo\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll
199. P2 - FPN: [HKCU] [@unity3d.com/UnityPlayer,version=1.0] - (.Unity Technologies ApS - Unity Player 4.0.0f7.) -- C:\Users\Matteo\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
200. P2 - FPN: [HKCU] [electronicarts.com/GameFacePlugin] - (.Electronic Arts - EA SPORTS Game Face Plugin 1.8.0.0.) -- C:\Users\Matteo\AppData\Roaming\Electronic Arts\Game Face\npGameFacePlugin.dll
201. P2 - FPN: [HKCU] [pandonetworks.com/PandoWebPlugin] - (.Pando Networks - Pando Web Plugin.) -- C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
202. P2 - FPN: [HKCU] [ubisoft.com/uplaypc] - (.Ubisoft - Uplay PC Plugin.) -- C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll
203. ~ Firefox Browser: Scanned in 00mn 01s
204.  
205.  
206.  
207. ---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
208. R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://klit.startnow.com
209. R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://asus.msn.com
210. R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://asus.msn.com
211. R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com
212. R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus.msn.com
213. R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
214. R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
215. R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com
216. R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
217. R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
218. R3 - URLSearchHook: Microsoft Url Search Hook [64Bits] - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Navigateur Internet.) (9.00.8112.16421 (WIN7_IE9_RTM.110308-0330)) -- C:\Windows\SysWOW64\ieframe.dll
219. R4 - HKLM\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 0
220. R4 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 0
221. ~ IE Browser: Scanned in 00mn 00s
222.  
223.  
224.  
225. ---\\ Internet Explorer, Proxy Management (R5)
226. R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
227. R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
228. R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
229. R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
230. R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
231. R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
232. ~ Proxy management: Scanned in 00mn 00s
233.  
234.  
235.  
236. ---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
237. F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
238. F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
239. F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
240. ~ Keys: Scanned in 00mn 00s
241.  
242.  
243.  
244. ---\\ Redirection du fichier Hosts (O1)
245. ~ Le fichier hosts est sain (The hosts file is clean).
246. ~ Hosts File: Scanned in 00mn 00s
247. ~ Nombre de lignes (Lines number): 36
248.  
249.  
250.  
251. ---\\ Browser Helper Objects de navigateur (O2)
252. O2 - BHO: AcroIEHelperStub [64Bits] - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
253. O2 - BHO: StartNow Toolbar Helper [64Bits] - {6E13D095-45C3-4271-9475-F3B48227DD9F} . (.Pas de propriétaire - Toolbar.) -- C:\Program Files (x86)\StartNow Toolbar\Toolbar32.dll
254. O2 - BHO: Java(tm) Plug-In SSV Helper [64Bits] - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Program Files (x86)\Java\jre7\bin\ssv.dll
255. O2 - BHO: Windows Live ID Sign-in Helper [64Bits] - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corp. - Microsoft® Windows Live ID Login Helper.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
256. O2 - BHO: Searchqu Toolbar [64Bits] - {99079a25-328f-4bd4-be04-00955acaa0a7} . (.Pas de propriétaire - dtx Dynamic Link Library.) -- C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\searchqudtx.dll
257. O2 - BHO: DataMngr [64Bits] - {9D717F81-9148-4f12-8568-69135F087DB0} . (.Bandoo Media, inc - Url Helper.) -- C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\BrowserConnection.dll
258. O2 - BHO: IMinent WebBooster [64Bits] - {A09AB6EB-31B5-454C-97EC-9B294D92EE2A} . (.Iminent - Iminent BHO.) -- C:\Program Files (x86)\Iminent\Iminent.WebBooster.InternetExplorer.dll
259. O2 - BHO: Google Toolbar Helper [64Bits] - {AA58ED58-01DD-4d91-8333-CF10577473F7} . (.Google Inc. - Google Toolbar.) -- C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
260. O2 - BHO: SkypeIEPluginBHO [64Bits] - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} . (.Skype Technologies S.A. - Skype Click to Call for Internet Explorer.) -- C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
261. O2 - BHO: URLRedirectionBHO [64Bits] - {B4F3A835-0E21-4959-BA22-42B3008E02FF} . (.Microsoft Corporation - Microsoft Office Document Cache Handler.) -- C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.dll
262. O2 - BHO: Bing Bar Helper [64Bits] - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} . (...) -- "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (.not file.)
263. O2 - BHO: Java(tm) Plug-In 2 SSV Helper [64Bits] - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
264. O2 - BHO: Freemake.YoutubeButton [64Bits] - {e9e8eb35-ff77-455d-b677-91e5e4fc06c2} . (...) -- mscoree.dll (.not file.)
265. O2 - BHO: Hotspot Shield Class [64Bits] - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} . (.AnchorFree Inc. - Pas de description.) -- C:\Program Files (x86)\Hotspot Shield\HssIE\HssIE.dll
266. ~ BHO: Scanned in 00mn 02s
267.  
268.  
269.  
270. ---\\ Internet Explorer Toolbars (O3)
271. O3 - Toolbar: Google Toolbar [64Bits] - [HKLM]{2318C2B1-4965-11d4-9B18-009027A5CD4F} . (.Google Inc. - Google Toolbar.) -- C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
272. ~ Toolbar: Scanned in 00mn 00s
273.  
274.  
275.  
276. ---\\ Applications démarrées par registre & par dossier (O4)
277. O4 - HKLM\..\Run: [IgfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\Windows\system32\igfxtray.exe
278. O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\Windows\system32\hkcmd.exe
279. O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\Windows\system32\igfxpers.exe
280. O4 - HKLM\..\Run: [RtHDVBg] . (.Realtek Semiconductor - HD Audio Background Process.) -- C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
281. O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe (.not file.)
282. O4 - HKLM\..\Run: [IntelPAN] . (.Intel(R) Corporation - Intel(R) PROSet/Wireless Framework.) -- C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
283. O4 - HKLM\..\Run: [SynAsusAcpi] C:\Program Files (x86)\Synaptics\SynTP\SynAsusAcpi.exe (.not file.)
284. O4 - HKLM\..\Run: [IntelTBRunOnce] . (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\wscript.exe
285. O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] . (.Adobe Systems Incorporated - Adobe Updater Startup Utility.) -- C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe
286. O4 - HKCU\..\Run: [AdobeBridge] Clé orpheline
287. O4 - HKCU\..\Run: [Dxtory Update Checker 2.0] . (.Dxtory Software - Update Checker.) -- D:\Dxtory2.0\UpdateChecker.exe
288. O4 - HKCU\..\Run: [DAEMON Tools Lite] . (.DT Soft Ltd - DAEMON Tools Lite.) -- C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
289. O4 - HKCU\..\Run: [Google Update] . (.Google Inc. - Programme d'installation de Google.) -- C:\Users\Matteo\AppData\Local\Google\Update\GoogleUpdate.exe
290. O4 - HKCU\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe
291. O4 - HKCU\..\Run: [Clownfish] Clé orpheline
292. O4 - HKCU\..\Run: [368301] . (...) -- C:\Users\Matteo\368301\svhost.exe
293. O4 - HKCU\..\Run: [DarkComet RAT] . (...) -- C:\Users\Matteo\Documents\DCSCMIN\IMDCSC.exe
294. O4 - HKCU\..\Run: [815461] . (...) -- C:\Users\Matteo\815461\svhost.exe
295. O4 - HKCU\..\Run: [launcher] . (.Microsoft - Starter2.) -- C:\Users\Matteo\AppData\Local\launcher.exe
296. O4 - HKLM\..\Wow6432Node\Run: [ASUSPRP] . (.ASUSTek Computer Inc. - ASUS Product Register Program.) -- C:\Program Files (x86)\ASUS\APRP\APRP.exe
297. O4 - HKLM\..\Wow6432Node\Run: [ASUSWebStorage] . (.ecareme - AsusWebStorage.) -- C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSPanel.exe
298. O4 - HKLM\..\Wow6432Node\Run: [SonicMasterTray] . (.Virage Logic Corporation / Sonic Focus - ASUS_MATray.exe.) -- C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe
299. O4 - HKLM\..\Wow6432Node\Run: [ATKOSD2] . (.ASUS - ATKOSD2.) -- C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
300. O4 - HKLM\..\Wow6432Node\Run: [ATKMEDIA] . (.ASUS - ATK Media.) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
301. O4 - HKLM\..\Wow6432Node\Run: [HControlUser] . (.ASUS - HControlUser.) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
302. O4 - HKLM\..\Wow6432Node\Run: [Wireless Console 3] . (.Pas de propriétaire - Wireless Console 3.) -- C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
303. O4 - HKLM\..\Wow6432Node\Run: [UpdateLBPShortCut] . (.CyberLink Corp. - MUI StartMenu Application.) -- C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe
304. O4 - HKLM\..\Wow6432Node\Run: [UpdateP2GoShortCut] . (.CyberLink Corp. - MUI StartMenu Application.) -- C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe
305. O4 - HKLM\..\Wow6432Node\Run: [APSDaemon] . (.Apple Inc. - Apple Push.) -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
306. O4 - HKLM\..\Wow6432Node\Run: [DATAMNGR] . (.Bandoo Media, inc - Data Manager.) -- C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\datamngrUI.exe
307. O4 - HKLM\..\Wow6432Node\Run: [SwitchBoard] . (.Adobe Systems Incorporated - SwitchBoard Server (32 bit).) -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
308. O4 - HKLM\..\Wow6432Node\Run: [AdobeCS6ServiceManager] . (.Adobe Systems Incorporated - Adobe CS6 Service Manager.) -- C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe
309. O4 - HKLM\..\Wow6432Node\Run: [SunJavaUpdateSched] . (.Sun Microsystems, Inc. - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
310. O4 - HKLM\..\Wow6432Node\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
311. O4 - HKLM\..\Wow6432Node\Run: [LogMeIn Hamachi Ui] . (.LogMeIn Inc. - Hamachi Client Application.) -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
312. O4 - HKLM\..\Wow6432Node\Run: [QuickTime Task] . (.Apple Inc. - QuickTime Task.) -- C:\Program Files (x86)\QuickTime\QTTask.exe
313. O4 - HKLM\..\Wow6432Node\Run: [iTunesHelper] . (.Apple Inc. - iTunesHelper.) -- C:\Program Files (x86)\iTunes\iTunesHelper.exe
314. O4 - HKLM\..\Wow6432Node\Run: [avgnt] . (.Avira Operations GmbH & Co. KG - Avira System Tray Tool.) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
315. O4 - HKLM\..\Wow6432Node\Run: [launcher] . (.Microsoft - Starter2.) -- C:\Users\Matteo\AppData\Local\launcher.exe
316. O4 - HKLM\..\Wow6432Node\Run: [Iminent] . (.Iminent - Iminent.) -- C:\Program Files (x86)\Iminent\Iminent.exe
317. O4 - HKLM\..\Wow6432Node\Run: [IminentMessenger] . (.Iminent - Iminent.) -- C:\Program Files (x86)\Iminent\Iminent.Messengers.exe
318. O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
319. O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
320. O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe
321. O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe
322. O4 - HKUS\S-1-5-21-4177998247-950098203-1800129927-1001\..\Run: [AdobeBridge] Clé orpheline
323. O4 - HKUS\S-1-5-21-4177998247-950098203-1800129927-1001\..\Run: [Dxtory Update Checker 2.0] . (.Dxtory Software - Update Checker.) -- D:\Dxtory2.0\UpdateChecker.exe
324. O4 - HKUS\S-1-5-21-4177998247-950098203-1800129927-1001\..\Run: [DAEMON Tools Lite] . (.DT Soft Ltd - DAEMON Tools Lite.) -- C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
325. O4 - HKUS\S-1-5-21-4177998247-950098203-1800129927-1001\..\Run: [Google Update] . (.Google Inc. - Programme d'installation de Google.) -- C:\Users\Matteo\AppData\Local\Google\Update\GoogleUpdate.exe
326. O4 - HKUS\S-1-5-21-4177998247-950098203-1800129927-1001\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe
327. O4 - HKUS\S-1-5-21-4177998247-950098203-1800129927-1001\..\Run: [Clownfish] Clé orpheline
328. O4 - HKUS\S-1-5-21-4177998247-950098203-1800129927-1001\..\Run: [368301] . (...) -- C:\Users\Matteo\368301\svhost.exe
329. O4 - HKUS\S-1-5-21-4177998247-950098203-1800129927-1001\..\Run: [DarkComet RAT] . (...) -- C:\Users\Matteo\Documents\DCSCMIN\IMDCSC.exe
330. O4 - HKUS\S-1-5-21-4177998247-950098203-1800129927-1001\..\Run: [815461] . (...) -- C:\Users\Matteo\815461\svhost.exe
331. O4 - HKUS\S-1-5-21-4177998247-950098203-1800129927-1001\..\Run: [launcher] . (.Microsoft - Starter2.) -- C:\Users\Matteo\AppData\Local\launcher.exe
332. ~ Application: Scanned in 00mn 01s
333.  
334.  
335.  
336. ---\\ Autres liens utilisateurs (O4)
337. O4 - GS\QuickLaunch: Dofus.lnk . (...) -- C:\Program Files (x86)\Dofus\UpLauncher.exe (.not file.)
338. O4 - GS\QuickLaunch: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
339. O4 - GS\QuickLaunch: Wakfu.lnk . (...) -- C:\Program Files (x86)\Wakfu\UpLauncher.exe
340. O4 - GS\QuickLaunch: Wireshark.lnk . (.The Wireshark developer community, http://w - Wireshark.) -- C:\Program Files\Wireshark\wireshark.exe
341. O4 - GS\Accessories: Private Character Editor.lnk . (.Microsoft Corporation - Éditeur de caractères privés.) -- C:\Windows\system32\eudcedit.exe
342. O4 - GS\SendTo: Fax Recipient.lnk . (.Microsoft Corporation - Microsoft Windows Fax and Scan.) -- C:\Windows\system32\WFS.exe
343. O4 - GS\Desktop: Blender.lnk . (...) -- C:\Program Files (x86)\Blender Foundation\Blender\blender.exe (.not file.)
344. O4 - GS\Desktop: Dofus 2.lnk . (...) -- C:\Program Files (x86)\Dofus 2\app\UpLauncher.exe (.not file.)
345. O4 - GS\Desktop: Dofus.lnk . (...) -- C:\Program Files (x86)\Dofus\UpLauncher.exe (.not file.)
346. O4 - GS\Desktop: Dofus2.lnk . (...) -- C:\Program Files (x86)\Dofus2\app\UpLauncher.exe
347. O4 - GS\Desktop: Dofus2Beta.lnk . (...) -- C:\Program Files (x86)\Dofus2Beta\app\UpLauncher.exe
348. O4 - GS\Desktop: EasyPicture2Icon.lnk . (.Picture2Icon.com - Easy Picture2Icon.) -- D:\EasyPicture2Icon\EasyPicture2Icon.exe
349. O4 - GS\Desktop: Gadwin PrintScreen.lnk . (.Gadwin Systems, Inc - Gadwin PrintScreen.) -- C:\Program Files (x86)\Gadwin Systems\PrintScreen\PrintScreen.exe
350. O4 - GS\Desktop: Mupen64 0.5.1.lnk . (...) -- C:\Program Files (x86)\mupen64 0.5\mupen64.exe
351. O4 - GS\Desktop: PhotoFiltre.lnk . (.Antonio Da Cruz - PhotoFiltre.) -- C:\Program Files (x86)\PhotoFiltre\photofiltre.exe
352. O4 - GS\Desktop: Wakfu.lnk . (...) -- C:\Program Files (x86)\Wakfu\UpLauncher.exe
353. O4 - GS\Desktop: Wolfenstein - Enemy Territory.lnk . (...) -- C:\Program Files (x86)\Wolfenstein - Enemy Territory\ET.exe
354. O4 - GS\TaskBar: Dofus2.lnk . (...) -- C:\Program Files (x86)\Dofus2\app\UpLauncher.exe
355. O4 - GS\TaskBar: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
356. O4 - GS\TaskBar: Skype.lnk . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe
357. O4 - GS\Programs: Internet Explorer (64-bit).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
358. O4 - GS\Programs: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
359. O4 - GS\Programs: Play IW4M (Modern Warfare 2).lnk . (...) -- C:\Users\Matteo\AppData\Local\IW4M\LaunchIW4M.exe
360. O4 - GS\QuickLaunch: DS3 Tool.lnk . (.www.motioninjoy.com - DS3_Tool.) -- C:\Program Files\MotioninJoy\ds3\DS3_Tool.exe
361. O4 - GS\QuickLaunch: Hex Editor Neo.lnk . (.HHD Software Ltd. - HHD Software Hex Editor Neo (x64).) -- C:\Users\Matteo\AppData\Local\HHD Software\Hex Editor Neo\HexFrame.exe
362. O4 - GS\QuickLaunch: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
363. O4 - GS\QuickLaunch: ManyCam.lnk . (.ManyCam LLC - ManyCam Virtual Webcam.) -- C:\Program Files (x86)\ManyCam\Bin\ManyCam.exe
364. O4 - GS\QuickLaunch: µTorrent.lnk . (.BitTorrent, Inc. - µTorrent.) -- C:\Program Files (x86)\uTorrent\uTorrent.exe
365. O4 - GS\Accessories: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
366. O4 - GS\SendTo: AVS Mobile Uploader.lnk . (.Online Media Technologies Ltd. - AVS Mobile Uploader.) -- C:\Program Files (x86)\Common Files\AVSMedia\MobileUploader\AVSMobileUploader.exe
367. O4 - GS\SendTo: AVS Video Burner.lnk . (.Online Media Technologies Ltd. - AVS Video Burner.) -- C:\Program Files (x86)\Common Files\AVSMedia\BurnerService\AVSVideoBurner.exe
368. O4 - GS\SendTo: AVS Video Uploader.lnk . (.Online Media Technologies Ltd. - AVS Video Uploader.) -- C:\Program Files (x86)\Common Files\AVSMedia\VideoUploader\AVSVideoUploader.exe
369. O4 - GS\SendTo: Skype.lnk . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe
370. O4 - GS\SendTo: Transfert de fichiers Bluetooth.LNK . (.Microsoft Corporation - Pas de description.) -- C:\Windows\System32\fsquirt.exe
371. O4 - Global Startup: C:\Users\Matteo\Desktop\Champions of Regnum.url . (...) -- C:\Users\Matteo\Desktop\Champions of Regnum.url
372. O4 - GS\Desktop: GeoGebra 4.2.lnk . (.Oracle Corporation - Java(TM) Web Start Launcher.) -- C:\Windows\SysWOW64\javaws.exe http://www.geogebra.org
373. O4 - GS\Desktop: GTA SA.EXE - Raccourci.lnk . (...) -- D:\PCJeux\GTA SA\GTA.San.Andreas\GTA SA.exe
374. O4 - GS\Desktop: Navigateur Internet.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
375. O4 - GS\Desktop: SkyrimLauncher.exe - Raccourci.lnk . (.Bethesda Softworks - Skyrim Launcher.) -- C:\Program Files (x86)\The Elder Scrolls V Skyrim\SkyrimLauncher.exe
376. O4 - GS\Desktop: TornTV.lnk . (.TornTVApp - TornTVApp.) -- C:\Program Files (x86)\TornTV.com\TornTV.exe
377. O4 - GS\TaskBar: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
378. O4 - GS\TaskBar: Vegas Pro 11.0.lnk . (...) -- C:\Program Files (x86)\Sony\Vegas Pro 11.0\vegas110.exe (.not file.)
379. O4 - GS\TaskBar: Windows Explorer.lnk . (.Microsoft Corporation - Explorateur Windows.) -- C:\Windows\explorer.exe
380. O4 - GS\TaskBar: Windows Live Photo Gallery.lnk . (.Microsoft Corporation - Windows Live Photo Gallery.) -- C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoGallery.exe
381. O4 - GS\TaskBar: Windows Media Player.lnk . (.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe
382. O4 - GS\QuickLaunch: CyberGhost VPN.lnk . (.CyberGhost SRL - CyberGhost VPN Client.) -- C:\Program Files\CyberGhost VPN\CyberGhost.exe
383. O4 - GS\Desktop: VirtualDJ PRO Full.lnk . (.Atomix Productions - VirtualDJ.) -- C:\Program Files (x86)\VirtualDJ\virtualdj_pro.exe
384. ~ Global Startup: Scanned in 00mn 11s
385.  
386.  
387.  
388. ---\\ Invisibilité de l'icône d'options IE dans le panneau de Configuration (O5)
389. ~ IE Control Panel: 1 Legitimates Scanned in 00mn 00s
390.  
391.  
392.  
393. ---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
394. O9 - Extra button: Skype Click to Call [64Bits] - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} . (...) -- c:\program files (x86)\skype\toolbars\internet explorer x64\icon.ico
395. ~ IE Extra Buttons: Scanned in 00mn 00s
396.  
397.  
398.  
399. ---\\ Winsock hijacker (Layered Service Provider) (O10)
400. ~ Winsock: 10 Legitimates Scanned in 00mn 00s
401.  
402.  
403.  
404. ---\\ Objets ActiveX (Downloaded Program Files)(O16)
405. O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} ((no name)) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
406. ~ Objets ActiveX: Scanned in 00mn 00s
407.  
408.  
409.  
410. ---\\ Modification Domaine/Adresses DNS (O17)
411. O17 - HKLM\System\CCS\Services\Tcpip\..\{3AD36C41-217F-413C-BD60-91565F93CEDB}: DhcpNameServer = 10.11.0.1
412. O17 - HKLM\System\CCS\Services\Tcpip\..\{6CD5C281-D437-4EF1-BCC7-B5B80D1939D1}: DhcpNameServer = 192.168.1.254
413. O17 - HKLM\System\CCS\Services\Tcpip\..\{877C5335-8FCB-4249-9C8A-F69314E14471}: DhcpNameServer = 10.93.112.1
414. O17 - HKLM\System\CCS\Services\Tcpip\..\{877C5335-8FCB-4249-9C8A-F69314E14471}: DhcpDomain = hshld.com
415. O17 - HKLM\System\CS1\Services\Tcpip\..\{3AD36C41-217F-413C-BD60-91565F93CEDB}: DhcpNameServer = 10.11.0.1
416. O17 - HKLM\System\CS1\Services\Tcpip\..\{6CD5C281-D437-4EF1-BCC7-B5B80D1939D1}: DhcpNameServer = 192.168.1.254
417. O17 - HKLM\System\CS1\Services\Tcpip\..\{877C5335-8FCB-4249-9C8A-F69314E14471}: DhcpNameServer = 10.93.112.1
418. O17 - HKLM\System\CS1\Services\Tcpip\..\{877C5335-8FCB-4249-9C8A-F69314E14471}: DhcpDomain = hshld.com
419. O17 - HKLM\System\CS2\Services\Tcpip\..\{3AD36C41-217F-413C-BD60-91565F93CEDB}: DhcpNameServer = 10.11.0.1
420. O17 - HKLM\System\CS2\Services\Tcpip\..\{6CD5C281-D437-4EF1-BCC7-B5B80D1939D1}: DhcpNameServer = 192.168.1.254
421. O17 - HKLM\System\CS2\Services\Tcpip\..\{877C5335-8FCB-4249-9C8A-F69314E14471}: DhcpNameServer = 10.93.112.1
422. O17 - HKLM\System\CS2\Services\Tcpip\..\{877C5335-8FCB-4249-9C8A-F69314E14471}: DhcpDomain = hshld.com
423. O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
424. ~ Domain: Scanned in 00mn 00s
425.  
426.  
427.  
428. ---\\ Protocole additionnel (O18)
429. O18 - Handler: wlpg [64Bits] - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (...) --
430. O18 - Filter: text/xml [64Bits] - {807573E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.dll
431. ~ Protocole Additionnel: Scanned in 00mn 00s
432.  
433.  
434.  
435. ---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
436. O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll
437. ~ Winlogon: Scanned in 00mn 00s
438.  
439.  
440.  
441. ---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
442. O20 - AppInit_DLLs: . (.Bandoo Media, inc - Data Manager.) - C:\Program Files (x86)\WIA6EB~1\Datamngr\x64\datamngr.dll
443. ~ AppInit DLL: Scanned in 00mn 00s
444.  
445.  
446.  
447. ---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
448. ~ SSODL: 1 Legitimates Scanned in 00mn 00s
449.  
450.  
451.  
452. ---\\ Liste des services NT non Microsoft et non désactivés (O23)
453. O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) . (.Intel(R) Corporation - Intel(R) PROSet/Wireless Event Log Service.) - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
454. O23 - Service: (FreemakeVideoCapture) . (.Freemake - CaptureLibService.) - C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe
455. O23 - Service: Hotspot Shield Routing Service (HssSrv) . (.AnchorFree Inc. - Pas de description.) - C:\Program Files (x86)\Hotspot Shield\HssWPR\hsssrv.exe
456. O23 - Service: Hotspot Shield Monitoring Service (HssWd) . (...) - C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe
457. O23 - Service: OpenVPN Access Client (OpenVPNAccessClient) . (...) - C:\Program Files (x86)\OpenVPN Technologies\PrivateTunnel\core\capiws.exe
458. O23 - Service: Intel(R) PROSet/Wireless Registry Servic (RegSrvc) . (.Intel(R) Corporation - Intel(R) PROSet/Wireless Registry Service.) - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
459. O23 - Service: SProtection (SProtection) . (.Iminent - Iminent Protection.) - C:\Program Files (x86)\Common Files\Umbrella\umbrella.exe
460. O23 - Service: Intel(R) Turbo Boost Technology Monitor (TurboBoost) . (.Intel(R) Corporation - Turbo Boost Monitor Service.) - C:\Program Files\Intel\TurboBoost\TurboBoost.exe
461. O23 - Service: (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)
462. ~ Services: 28 Legitimates Scanned in 00mn 06s
463.  
464.  
465.  
466. ---\\ Enumération Active Desktop & MHTML Editor (O24)
467. ~ Desktop Component: 1 Legitimates Scanned in 00mn 00s
468.  
469.  
470.  
471. ---\\ BootExecute (O34)
472. ~ BEX: 1 Legitimates Scanned in 00mn 00s
473.  
474.  
475.  
476. ---\\ Tâches planifiées en automatique (O39)
477. O39 - APT:Automatic Planified Task - C:\Windows\Tasks\Adobe Flash Player Updater.job [1002]
478. O39 - APT:Automatic Planified Task - C:\Windows\Tasks\AIRecoveryRemind.job [282]
479. O39 - APT:Automatic Planified Task - C:\Windows\Tasks\AutoKMS.job [202]
480. O39 - APT:Automatic Planified Task - C:\Windows\Tasks\AutoKMSDaily.job [202]
481. O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job [1078]
482. O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job [1082]
483. O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4177998247-950098203-1800129927-1001Core.job [1030]
484. O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4177998247-950098203-1800129927-1001UA.job [1082]
485. [MD5.3ACABCA6A8DB71B7F19C8A7523AE1846] [APT] [ACMON] (.ASUS.) -- C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [691328]
486. [MD5.EA856F4A46320389D1899B2CAA7BF40F] [APT] [Adobe Flash Player Updater] (.Adobe Systems Incorporated.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [253656]
487. [MD5.1315C5C5C54CE2AA37A155F97027DB59] [APT] [AdobeAAMUpdater-1.0-PCdeMatteo-Matteo] (.Adobe Systems Incorporated.) -- C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392]
488. [MD5.9511B23DAE049EAC7579B5DB822EC001] [APT] [AIRecoveryRemind] (.ASUSTek Computer Inc..) -- C:\Program Files (x86)\ASUS\AI Recovery\AIRecoveryRemind.exe [509568]
489. [MD5.F4DCD4912B185C3AAEB92A7040832AD1] [APT] [ASUS Live Update] (...) -- C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe [51768]
490. [MD5.180E79B16063F7DFD005DC021AC543C6] [APT] [ASUS P4G] (.ASUS.) -- C:\Program Files\P4G\BatteryLife.exe [977024]
491. [MD5.BC3DA234CDA880578526DAB028F40268] [APT] [ASUS SmartLogon Console Sensor] (.ASUS.) -- C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe [305792]
492. [MD5.5BB1F77C8AF725A15EC9366498D275BB] [APT] [ATKOSD2] (.ASUS.) -- C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [5732992]
493. [MD5.00000000000000000000000000000000] [APT] [AutoKMS] (...) -- C:\Windows\AutoKMS.exe (.not file.) [0]
494. [MD5.00000000000000000000000000000000] [APT] [AutoKMSDaily] (...) -- C:\Windows\AutoKMS.exe (.not file.) [0]
495. [MD5.45C26D4AF94C4D2335B5960F1D9BCC7D] [APT] [CCleanerSkipUAC] (.Piriform Ltd.) -- C:\Program Files\CCleaner\CCleaner.exe [3113312]
496. [MD5.8F0DE4FEF8201E306F9938B0905AC96A] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [135664]
497. [MD5.8F0DE4FEF8201E306F9938B0905AC96A] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [135664]
498. [MD5.506708142BC63DABA64F2D3AD1DCD5BF] [APT] [GoogleUpdateTaskUserS-1-5-21-4177998247-950098203-1800129927-1001Core] (.Google Inc..) -- C:\Users\Matteo\AppData\Local\Google\Update\GoogleUpdate.exe [116648]
499. [MD5.506708142BC63DABA64F2D3AD1DCD5BF] [APT] [GoogleUpdateTaskUserS-1-5-21-4177998247-950098203-1800129927-1001UA] (.Google Inc..) -- C:\Users\Matteo\AppData\Local\Google\Update\GoogleUpdate.exe [116648]
500. [MD5.00000000000000000000000000000000] [APT] [{507005D8-FF68-4CE3-989B-26E98DB24F59}] (...) -- C:\Users\Matteo\AppData\Local\Temp\Shockwave_Installer_FF.exe (.not file.) [0]
501. [MD5.46FD58A19453BC8C54E1F2EA7255869D] [APT] [{A58F48BB-EEAF-4EE9-84AF-2E68A8C98F6E}] (.Valve Corporation.) -- C:\Program Files (x86)\Steam\steam.exe [1602984]
502. [MD5.00000000000000000000000000000000] [APT] [{EFE0DFE3-4D7A-451A-AF93-68A704A76276}] (...) -- C:\Users\Matteo\Downloads\InstallIW4M.exe (.not file.) [0]
503. ~ Scheduled Task: Scanned in 00mn 10s
504.  
505.  
506.  
507. ---\\ Composants installés (ActiveSetup Installed Components) (O40)
508. ~ Active Setup: 12 Legitimates Scanned in 00mn 00s
509.  
510.  
511.  
512. ---\\ Pilotes lancés au démarrage (O41)
513. ~ Drivers: 75 Legitimates Scanned in 00mn 00s
514.  
515.  
516.  
517. ---\\ Logiciels installés (O42)
518. O42 - Logiciel: ACID Pro 7.0 - (.Sony.) [HKLM][64Bits] -- {F7FD5E5E-3F0C-4931-AA1B-EAB838BC02DB}
519. O42 - Logiciel: Actionaz 2.0.8.0 - (.Jmgr.) [HKLM][64Bits] -- Actionaz 2_is1
520. O42 - Logiciel: Adobe Flash Player 11 ActiveX - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Flash Player ActiveX
521. O42 - Logiciel: Adobe Flash Player 11 Plugin - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Flash Player Plugin
522. O42 - Logiciel: Adobe Reader X (10.1.4) - Français - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {AC76BA86-7AD7-1036-7B44-AA1000000001}
523. O42 - Logiciel: Adobe Story - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- com.adobe.AdobeStory.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
524. O42 - Logiciel: Adobe Story - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {C28DD992-5B7B-D195-6841-4EC57DF512BD}
525. O42 - Logiciel: AdobeColorCommonSetRGB - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {16E6D2C1-7C90-4309-8EC4-D2212690AAA4}
526. O42 - Logiciel: America's Army 3 - (.U.S. Army.) [HKLM][64Bits] -- Steam App 13140
527. O42 - Logiciel: Avira Free Antivirus - (.Avira.) [HKLM][64Bits] -- Avira AntiVir Desktop
528. O42 - Logiciel: Bing Bar - (.Microsoft Corporation.) [HKLM][64Bits] -- {1E03DB52-D5CB-4338-A338-E526DD4D4DB1}
529. O42 - Logiciel: Blacklight Retribution - (.Perfect World Entertainment.) [HKLM][64Bits] -- Blacklight Retribution
530. O42 - Logiciel: Champions of Regnum - (...) [HKLM][64Bits] -- Steam App 222520
531. O42 - Logiciel: CustoPackTools - (.neOceane.) [HKLM][64Bits] -- CustoPackTools
532. O42 - Logiciel: CyberGhost VPN - (.CyberGhost S.R.L..) [HKLM][64Bits] -- CyberGhost VPN_is1
533. O42 - Logiciel: Downloader - (...) [HKLM][64Bits] -- Downloader
534. O42 - Logiciel: Dxtory 2.0.104 - (.Dxtory Software.) [HKLM][64Bits] -- Dxtory2.0_is1
535. O42 - Logiciel: Easy Picture2Icon 3.0 - (.Picture2Icon.com.) [HKLM][64Bits] -- Easy Picture2Icon
536. O42 - Logiciel: Elgato Game Capture HD - (.Elgato Systems GmbH.) [HKLM][64Bits] -- {ECDCD309-72F5-46C0-8A75-CC4116D4496C}
537. O42 - Logiciel: Gadwin PrintScreen - (.Gadwin Systems, Inc..) [HKLM][64Bits] -- Gadwin PrintScreen
538. O42 - Logiciel: HHD Software Free Hex Editor Neo 5.01 - (.HHD Software, Ltd..) [HKCU][64Bits] -- {8EB85C0E-DE7D-4A53-BD66-708B8F2C80B0}
539. O42 - Logiciel: Havij 1.15 Free - (.ITSecTeam.) [HKLM][64Bits] -- Havij_is1
540. O42 - Logiciel: Iminent - (.Iminent.) [HKLM][64Bits] -- IMBoosterARP
541. O42 - Logiciel: Iminent - (.Iminent.) [HKLM][64Bits] -- {118D6CE9-5F18-42F9-958A-14676A629FDE}
542. O42 - Logiciel: Installeur_cresus-land_V0.1.6 - (...) [HKCU][64Bits] -- Installeur_cresus-land_V0.1.6
543. O42 - Logiciel: Island-projets V2.2.5 - (...) [HKCU][64Bits] -- Island-projets V2.2.5
544. O42 - Logiciel: Java 7 Update 7 - (.Oracle.) [HKLM][64Bits] -- {26A24AE4-039D-4CA4-87B4-2F83217007FF}
545. O42 - Logiciel: Java(TM) 6 Update 22 - (.Oracle.) [HKLM][64Bits] -- {26A24AE4-039D-4CA4-87B4-2F83216022F0}
546. O42 - Logiciel: Java(TM) 6 Update 25 (64-bit) - (.Oracle.) [HKLM][64Bits] -- {26A24AE4-039D-4CA4-87B4-2F86416025FF}
547. O42 - Logiciel: Java(TM) 6 Update 29 - (.Oracle.) [HKLM][64Bits] -- {26A24AE4-039D-4CA4-87B4-2F83216026FF}
548. O42 - Logiciel: Java(TM) SE Development Kit 6 Update 25 (64-bit) - (.Oracle.) [HKLM][64Bits] -- {64A3A4F4-B792-11D6-A78A-00B0D0160250}
549. O42 - Logiciel: Java(TM) SE Development Kit 6 Update 25 - (.Oracle.) [HKLM][64Bits] -- {32A3A4F4-B792-11D6-A78A-00B0D0160250}
550. O42 - Logiciel: LMMS 0.4.13 - (.LMMS Developers.) [HKLM][64Bits] -- lmms
551. O42 - Logiciel: Lion Skin Pack 4.0 - (.Publisher.) [HKLM][64Bits] -- Lion Skin Pack
552. O42 - Logiciel: Mixcraft - (...) [HKCU][64Bits] -- Mixcraft
553. O42 - Logiciel: MotioninJoy ds3 driver version 0.6.0003 - (.www.motioninjoy.com.) [HKLM][64Bits] -- {330DAC67-5B62-452A-A0E4-6B4A5923940F}_is1
554. O42 - Logiciel: No-IP DUC - (.Vitalwerks Internet Solutions LLC.) [HKLM][64Bits] -- NoIPDUC
555. O42 - Logiciel: PS3 Xploder Ultimate Edition - (...) [HKLM][64Bits] -- PS3Xploder
556. O42 - Logiciel: Pamela RME 2.0 - (.Scendix Software-Vertriebsges. mbH.) [HKLM][64Bits] -- MoodEditor
557. O42 - Logiciel: Pando Media Booster - (.Pando Networks Inc..) [HKLM][64Bits] -- {980A182F-E0A2-4A40-94C1-AE0C1235902E}
558. O42 - Logiciel: PlayerTuto.com 2.0.2 - (.Weecast.) [HKLM][64Bits] -- {2B7FD473-DF96-40D4-9EE3-A427B450B1BC}_is1
559. O42 - Logiciel: Portal 2 - (.Valve.) [HKLM][64Bits] -- Steam App 620
560. O42 - Logiciel: PremiumSoft Navicat Lite 8.2 - (.PremiumSoft CyberTech Ltd..) [HKLM][64Bits] -- PremiumSoft Navicat Lite 8.2_is1
561. O42 - Logiciel: PrivateTunnel - (.OpenVPN Technologies.) [HKLM][64Bits] -- {24FB6757-0527-4D62-8E70-FD913FA42E41}
562. O42 - Logiciel: Requiem - (.Gravity Interactive, Inc..) [HKLM][64Bits] -- {A40D4978-6996-4C77-9A43-29C13D12B7BE}
563. O42 - Logiciel: SecurityKISS Tunnel v0.3.0 - (...) [HKLM][64Bits] -- SecurityKISS Tunnel_is1
564. O42 - Logiciel: Share YouTube Videos version 1 - (...) [HKLM][64Bits] -- {55DAC5D1-B178-42B2-86A3-94A3E0B4F3DD}_is1
565. O42 - Logiciel: Shield Server - (...) [HKCU][64Bits] -- Shield Server
566. O42 - Logiciel: Space Pirates and Zombies - (...) [HKLM][64Bits] -- Steam App 107200
567. O42 - Logiciel: StartNow Toolbar - (.StartNow.com.) [HKLM][64Bits] -- StartNow Toolbar
568. O42 - Logiciel: Syas - (...) [HKCU][64Bits] -- Syas
569. O42 - Logiciel: The Secrets of Da Vinci - (.Nobilis.) [HKLM][64Bits] -- {3E4B6A1A-C3A0-4B66-AC75-207D8E7E7111}_is1
570. O42 - Logiciel: TornTV - (.TornTV.com.) [HKLM][64Bits] -- 1ClickDownload
571. O42 - Logiciel: Wakfu - (.Ankama Games.) [HKLM][64Bits] -- Wakfu
572. O42 - Logiciel: Windows Searchqu Toolbar - (.Bandoo Media Inc.) [HKLM][64Bits] -- Windows Searchqu Toolbar
573. O42 - Logiciel: Wireshark 1.8.5 (64-bit) - (.The Wireshark developer community, http://www.wireshark.org.) [HKLM][64Bits] -- Wireshark
574. O42 - Logiciel: Wolfenstein - Enemy Territory - (...) [HKLM][64Bits] -- Wolfenstein - Enemy Territory
575. O42 - Logiciel: WorldPainter 0.10.2 - (.pepsoft.org.) [HKLM][64Bits] -- 4144-4862-0472-7103
576. O42 - Logiciel: v1.1 - (.Agia3D.) [HKLM][64Bits] -- {7197B8C8-A9CE-4C4C-88E4-32D4ADB59214}_is1
577. O42 - Logiciel: µTorrent - (...) [HKLM][64Bits] -- uTorrent
578. ~ Logic: 288 Legitimates Scanned in 00mn 00s
579.  
580.  
581.  
582. ---\\ HKCU & HKLM Software Keys
583. [HKCU\Software\AIST]
584. [HKCU\Software\APN PIP]
585. [HKCU\Software\AppDataLow\Software\searchqutoolbar]
586. [HKCU\Software\BitTorrent]
587. [HKCU\Software\Clock]
588. [HKCU\Software\Clownfish]
589. [HKCU\Software\DC3_FEXEC]
590. [HKCU\Software\DXTransform]
591. [HKCU\Software\DataMngr]
592. [HKCU\Software\DataMngr_Toolbar]
593. [HKCU\Software\Digimarc]
594. [HKCU\Software\Elgato Systems GmbH]
595. [HKCU\Software\Elgato Systems]
596. [HKCU\Software\Enterbrain]
597. [HKCU\Software\Firesoft]
598. [HKCU\Software\Gadwin Systems]
599. [HKCU\Software\HDSoft]
600. [HKCU\Software\HHD Software]
601. [HKCU\Software\IGagnant]
602. [HKCU\Software\Iminent]
603. [HKCU\Software\Jmgr.info]
604. [HKCU\Software\KeepVid]
605. [HKCU\Software\MC4D]
606. [HKCU\Software\Nobilis]
607. [HKCU\Software\Nucleoid]
608. [HKCU\Software\Pando Networks]
609. [HKCU\Software\PremiumSoft]
610. [HKCU\Software\P®O Group]
611. [HKCU\Software\RedGiantSoftware]
612. [HKCU\Software\S.A.D]
613. [HKCU\Software\Softonic]
614. [HKCU\Software\SplitMediaLabs]
615. [HKCU\Software\Text to Speech Maker]
616. [HKCU\Software\UB658]
617. [HKCU\Software\UberIcon-v1.0.0]
618. [HKCU\Software\Vitalwerks]
619. [HKCU\Software\Winject]
620. [HKCU\Software\Xploder]
621. [HKCU\Software\Zugo]
622. [HKCU\Software\[Kortal_Ltd.]]
623. [HKCU\Software\fourDeltaOne]
624. [HKLM\Software\DataMngr]
625. [HKLM\Software\MAXON Installer]
626. [HKLM\Software\PANDhcpDns]
627. [HKLM\Software\S.A.D]
628. [HKLM\Software\Wow6432Node\Babylon]
629. [HKLM\Software\Wow6432Node\DataMngr]
630. [HKLM\Software\Wow6432Node\Iminent]
631. [HKLM\Software\Wow6432Node\LMMS Developers]
632. [HKLM\Software\Wow6432Node\Metaboli]
633. [HKLM\Software\Wow6432Node\PIP]
634. [HKLM\Software\Wow6432Node\Pando Networks]
635. [HKLM\Software\Wow6432Node\REvision]
636. [HKLM\Software\Wow6432Node\SearchquMediabarTb]
637. [HKLM\Software\Wow6432Node\SplitMediaLabs]
638. [HKLM\Software\Wow6432Node\Umbrella]
639. [HKLM\Software\neOceane]
640. ~ Key Software: 431 Legitimates Scanned in 00mn 00s
641.  
642.  
643.  
644. ---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
645. O43 - CFD: 17/08/2011 - 16:58:03 - [8,895] ----D C:\Program Files (x86)\Adobe Story
646. O43 - CFD: 16/10/2011 - 18:53:19 - [0,014] ----D C:\Program Files (x86)\AIST
647. O43 - CFD: 10/07/2012 - 17:08:34 - [1,128] ----D C:\Program Files (x86)\Clownfish
648. O43 - CFD: 30/11/2011 - 17:17:05 - [71,432] ----D C:\Program Files (x86)\CustoPackTools
649. O43 - CFD: 26/08/2012 - 10:10:12 - [5,676] ----D C:\Program Files (x86)\Downloader
650. O43 - CFD: 13/07/2012 - 12:40:01 - [1,103] ----D C:\Program Files (x86)\EasyPicture2Icon
651. O43 - CFD: 01/10/2012 - 19:31:40 - [68,673] ----D C:\Program Files (x86)\Elgato
652. O43 - CFD: 13/11/2011 - 19:46:31 - [3,482] ----D C:\Program Files (x86)\Gadwin Systems
653. O43 - CFD: 08/09/2012 - 14:03:40 - [1,549] ----D C:\Program Files (x86)\Havij
654. O43 - CFD: 15/03/2013 - 20:40:43 - [17,266] ----D C:\Program Files (x86)\Iminent
655. O43 - CFD: 13/06/2012 - 16:28:18 - [232,437] ----D C:\Program Files (x86)\Infinites-Paradize
656. O43 - CFD: 02/11/2012 - 14:56:39 - [182,185] ----D C:\Program Files (x86)\Island-projets V2.2.5
657. O43 - CFD: 28/10/2012 - 16:09:07 - [5,218] ----D C:\Program Files (x86)\Jmgr.info
658. O43 - CFD: 17/05/2012 - 14:58:31 - [33,483] ----D C:\Program Files (x86)\LooksBuilder
659. O43 - CFD: 11/09/2011 - 12:25:15 - [2,750] ----D C:\Program Files (x86)\Mixcraft
660. O43 - CFD: 01/09/2011 - 09:54:43 - [6,119] ----D C:\Program Files (x86)\mupen64 0.5
661. O43 - CFD: 02/09/2011 - 23:33:43 - [0] ----D C:\Program Files (x86)\NCT
662. O43 - CFD: 04/09/2012 - 19:42:13 - [2,773] ----D C:\Program Files (x86)\No-IP
663. O43 - CFD: 26/08/2012 - 12:00:58 - [1337,169] ----D C:\Program Files (x86)\Nobilis
664. O43 - CFD: 01/09/2011 - 16:16:50 - [7,186] ----D C:\Program Files (x86)\Pando Networks
665. O43 - CFD: 29/10/2011 - 19:25:27 - [56,033] ----D C:\Program Files (x86)\PlayerTuto.com
666. O43 - CFD: 27/10/2012 - 14:12:07 - [27,023] ----D C:\Program Files (x86)\PremiumSoft
667. O43 - CFD: 23/10/2012 - 18:12:21 - [1,870] ----D C:\Program Files (x86)\Share YouTube Videos
668. O43 - CFD: 30/11/2011 - 17:05:20 - [0,000] ----D C:\Program Files (x86)\Skin Pack
669. O43 - CFD: 25/10/2012 - 13:25:11 - [83,773] ----D C:\Program Files (x86)\SplitMediaLabs
670. O43 - CFD: 12/05/2012 - 11:51:11 - [1,246] ----D C:\Program Files (x86)\StartNow Toolbar
671. O43 - CFD: 13/12/2011 - 20:35:41 - [0,000] ----D C:\Program Files (x86)\Text to Speech Maker
672. O43 - CFD: 15/03/2013 - 20:39:48 - [1,093] ----D C:\Program Files (x86)\TornTV.com
673. O43 - CFD: 12/12/2011 - 17:26:28 - [0,924] ----D C:\Program Files (x86)\uTorrent
674. O43 - CFD: 10/07/2012 - 17:30:12 - [15,199] ----D C:\Program Files (x86)\UX Pack
675. O43 - CFD: 17/01/2013 - 17:31:11 - [830,945] ----D C:\Program Files (x86)\Wakfu
676. O43 - CFD: 18/11/2011 - 21:37:07 - [15,356] ----D C:\Program Files (x86)\Windows Searchqu Toolbar
677. O43 - CFD: 07/12/2011 - 13:57:51 - [264,500] ----D C:\Program Files (x86)\Wolfenstein - Enemy Territory
678. O43 - CFD: 24/05/2012 - 17:01:50 - [17,626] ----D C:\Program Files (x86)\Xploder
679. O43 - CFD: 15/03/2013 - 20:40:12 - [2,541] ----D C:\Program Files (x86)\Common Files\Umbrella
680. O43 - CFD: 28/08/2012 - 22:36:50 - [0,202] ----D C:\ProgramData\Ask
681. O43 - CFD: 13/05/2012 - 08:40:14 - [0] ----D C:\ProgramData\Babylon
682. O43 - CFD: 19/11/2011 - 08:45:49 - [0,000] ----D C:\ProgramData\boost_interprocess
683. O43 - CFD: 30/11/2011 - 17:14:55 - [18,597] ----D C:\ProgramData\CustoPackTools
684. O43 - CFD: 15/03/2013 - 20:40:35 - [0,030] ----D C:\ProgramData\Iminent
685. O43 - CFD: 18/11/2011 - 19:16:38 - [0,001] ----D C:\ProgramData\MotioninJoy
686. O43 - CFD: 26/10/2011 - 16:40:26 - [0,001] ----D C:\ProgramData\Partner
687. O43 - CFD: 17/05/2012 - 14:55:49 - [0,000] ----D C:\ProgramData\RedGiant
688. O43 - CFD: 25/10/2012 - 13:25:11 - [8,130] ----D C:\ProgramData\SplitMediaLabs
689. O43 - CFD: 13/03/2013 - 11:28:37 - [8,566] ----D C:\Users\Matteo\AppData\Roaming\.Cripeur
690. O43 - CFD: 27/10/2011 - 09:43:15 - [0,099] ----D C:\Users\Matteo\AppData\Roaming\.podcast
691. O43 - CFD: 30/01/2013 - 17:12:28 - [77,214] ----D C:\Users\Matteo\AppData\Roaming\.spoutcraft
692. O43 - CFD: 13/05/2012 - 08:40:14 - [0,006] ----D C:\Users\Matteo\AppData\Roaming\Babylon
693. O43 - CFD: 03/12/2011 - 13:25:30 - [0,060] ----D C:\Users\Matteo\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
694. O43 - CFD: 01/10/2012 - 19:31:44 - [2,914] ----D C:\Users\Matteo\AppData\Roaming\Elgato
695. O43 - CFD: 26/04/2012 - 13:27:41 - [0,015] ----D C:\Users\Matteo\AppData\Roaming\iFree
696. O43 - CFD: 15/03/2013 - 20:40:33 - [0,016] ----D C:\Users\Matteo\AppData\Roaming\Iminent
697. O43 - CFD: 27/10/2012 - 13:47:42 - [-1542,712] ----D C:\Users\Matteo\AppData\Roaming\MAXON
698. O43 - CFD: 19/09/2012 - 18:20:30 - [1,448] ----D C:\Users\Matteo\AppData\Roaming\MinMaxGames
699. O43 - CFD: 18/11/2011 - 19:16:38 - [0,006] ----D C:\Users\Matteo\AppData\Roaming\MotioninJoy
700. O43 - CFD: 06/08/2012 - 18:49:19 - [0,000] ----D C:\Users\Matteo\AppData\Roaming\MW2 FoV Changer
701. O43 - CFD: 02/12/2012 - 18:49:03 - [0] ----D C:\Users\Matteo\AppData\Roaming\NetMedia Providers
702. O43 - CFD: 30/07/2012 - 21:10:18 - [0] ----D C:\Users\Matteo\AppData\Roaming\Pamela
703. O43 - CFD: 10/09/2012 - 16:31:57 - [0,006] ----D C:\Users\Matteo\AppData\Roaming\PrivateTunnel
704. O43 - CFD: 12/11/2011 - 16:46:53 - [0] ----D C:\Users\Matteo\AppData\Roaming\Publish Providers
705. O43 - CFD: 27/11/2012 - 21:10:16 - [0] ----D C:\Users\Matteo\AppData\Roaming\RegBeta.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1
706. O43 - CFD: 25/10/2012 - 13:24:49 - [0,886] ----D C:\Users\Matteo\AppData\Roaming\SplitMediaLabs
707. O43 - CFD: 18/03/2013 - 21:49:04 - [7,868] ----D C:\Users\Matteo\AppData\Roaming\uTorrent
708. O43 - CFD: 29/10/2011 - 19:26:32 - [0,210] ----D C:\Users\Matteo\AppData\Roaming\Weecast
709. O43 - CFD: 03/03/2013 - 20:51:42 - [0,003] ----D C:\Users\Matteo\AppData\Roaming\Wireshark
710. O43 - CFD: 29/09/2012 - 12:26:55 - [0,032] ----D C:\Users\Matteo\AppData\Roaming\WorldPainter
711. O43 - CFD: 13/05/2012 - 08:40:17 - [4,485] ----D C:\Users\Matteo\AppData\Local\Babylon
712. O43 - CFD: 26/08/2012 - 10:10:47 - [0,101] ----D C:\Users\Matteo\AppData\Local\Downloader
713. O43 - CFD: 31/08/2012 - 17:37:25 - [0,014] ----D C:\Users\Matteo\AppData\Local\Dxtory Software
714. O43 - CFD: 24/09/2011 - 08:49:37 - [0,001] --H-D C:\Users\Matteo\AppData\Local\EjbubQXydoQn
715. O43 - CFD: 11/03/2012 - 18:20:30 - [31,273] ----D C:\Users\Matteo\AppData\Local\HHD Software
716. O43 - CFD: 28/08/2012 - 16:32:53 - [24,419] ----D C:\Users\Matteo\AppData\Local\IW4M
717. O43 - CFD: 17/05/2012 - 16:51:05 - [0,053] ----D C:\Users\Matteo\AppData\Local\LooksBuilder
718. O43 - CFD: 03/10/2012 - 18:32:23 - [0,002] ----D C:\Users\Matteo\AppData\Local\master131
719. O43 - CFD: 05/09/2012 - 18:26:23 - [0,014] ----D C:\Users\Matteo\AppData\Local\MCEdit
720. O43 - CFD: 02/09/2011 - 11:58:10 - [0,001] ----D C:\Users\Matteo\AppData\Local\ODUI
721. O43 - CFD: 24/09/2011 - 08:49:36 - [0,001] --H-D C:\Users\Matteo\AppData\Local\OFVvJ6JC5MF6k
722. O43 - CFD: 25/10/2012 - 13:26:47 - [7,606] ----D C:\Users\Matteo\AppData\Local\SplitMediaLabs
723. O43 - CFD: 16/09/2012 - 21:08:52 - [0,001] ----D C:\Users\Matteo\AppData\Local\TeknoGods
724. O43 - CFD: 31/10/2012 - 15:08:04 - [0,001] ----D C:\Users\Matteo\AppData\Local\Vitalwerks
725. O43 - CFD: 26/08/2012 - 10:10:12 - [0,004] ----D C:\Users\Matteo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Downloader
726. O43 - CFD: 13/07/2012 - 12:38:52 - [0] ----D C:\Users\Matteo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\EasyPicture2Icon
727. O43 - CFD: 13/11/2011 - 19:46:33 - [0] ----D C:\Users\Matteo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Gadwin Systems
728. O43 - CFD: 11/03/2012 - 18:20:33 - [0,013] ----D C:\Users\Matteo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HHD Hex Editor Neo
729. O43 - CFD: 02/11/2012 - 17:01:27 - [0,001] ----D C:\Users\Matteo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Installeur_cresus-land_V0.1.6
730. O43 - CFD: 02/11/2012 - 14:56:39 - [0,002] ----D C:\Users\Matteo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Island-projets V2.2.5
731. O43 - CFD: 11/09/2011 - 12:25:01 - [0,002] ----D C:\Users\Matteo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mixcraft
732. O43 - CFD: 08/09/2012 - 13:14:41 - [0,001] R---D C:\Users\Matteo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Musique - Raccourci
733. O43 - CFD: 04/09/2012 - 19:42:14 - [0,003] ----D C:\Users\Matteo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\No-IP DUC
734. O43 - CFD: 02/11/2012 - 14:24:01 - [0,001] ----D C:\Users\Matteo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Shield Server
735. O43 - CFD: 15/03/2013 - 20:39:44 - [0,002] ----D C:\Users\Matteo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TornTV.com
736. O43 - CFD: 17/01/2013 - 17:16:37 - [0] ----D C:\Users\Matteo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wakfu
737. O43 - CFD: 10/03/2013 - 19:48:04 - [0,003] ----D C:\Users\Matteo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wirecast for YouTube
738. O43 - CFD: 07/12/2011 - 13:57:52 - [0] ----D C:\Users\Matteo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wolfenstein - Enemy Territory
739. O43 - CFD: 12/09/2012 - 17:16:28 - [0,004] ----D C:\Users\Matteo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Xploder
740. ~ 132 Dossiers CLSID vides (CLSID Empty Folders)
741. ~ Program Folder: 533 Legitimates Scanned in 01mn 44s
742.  
743.  
744.  
745. ---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
746. O44 - LFC:[MD5.6BCAF46E2B7FA9ACE92B4D39F3037C5C] - 29/03/2013 - 17:00:44 ---A- . (...) -- C:\Windows\SysNative\acovcnt.exe [45056]
747. O44 - LFC:[MD5.6BCAF46E2B7FA9ACE92B4D39F3037C5C] - 29/03/2013 - 17:00:44 RSHAD . (...) -- C:\Windows\System32\acovcnt.exe [45056]
748. O44 - LFC:[MD5.A6022DA23109E9CAADC5EF2B2767AF42] - 21/03/2013 - 12:34:32 ---A- . (...) -- C:\Windows\SysNative\ServiceFilter.ini [1708]
749. O44 - LFC:[MD5.A6022DA23109E9CAADC5EF2B2767AF42] - 21/03/2013 - 12:34:32 RSHAD . (...) -- C:\Windows\System32\ServiceFilter.ini [1708]
750. O44 - LFC:[MD5.D622D1A057977A67BD172D23B628B809] - 15/03/2013 - 14:59:04 ---A- . (.Zano - MAJUp.) -- C:\Windows\SysNative\MAJUp.exe [19456]
751. O44 - LFC:[MD5.D622D1A057977A67BD172D23B628B809] - 15/03/2013 - 14:59:04 RSHAD . (.Zano - MAJUp.) -- C:\Windows\System32\MAJUp.exe [19456]
752. O44 - LFC:[MD5.455AC723D6AE7F92D1BF6BC449C81B03] - 15/03/2013 - 14:59:01 ---A- . (...) -- C:\Windows\SysNative\conect [45]
753. O44 - LFC:[MD5.455AC723D6AE7F92D1BF6BC449C81B03] - 15/03/2013 - 14:59:01 RSHAD . (...) -- C:\Windows\System32\conect [45]
754. O44 - LFC:[MD5.867624D3C752C518FAE68A4F749155B7] - 01/03/2013 - 21:44:49 ---A- . (...) -- C:\Windows\SysNative\AutoRunFilter.ini [2844]
755. O44 - LFC:[MD5.867624D3C752C518FAE68A4F749155B7] - 01/03/2013 - 21:44:49 RSHAD . (...) -- C:\Windows\System32\AutoRunFilter.ini [2844]
756. ~ Files: 27 Legitimates Scanned in 00mn 04s
757.  
758.  
759.  
760. ---\\ Derniers fichiers créés dans Windows Prefetcher (O45)
761. O45 - LFCP:[MD5.5B3F1CE1CE9EFEEFFE10EE2A02604976] - 15/03/2013 - 19:05:00 ---A- - C:\Windows\Prefetch\UPDATETASK.EXE-2134F96B.pf
762. O45 - LFCP:[MD5.3EDBAE760EE58E9D8449EAA76EE2E834] - 28/03/2013 - 17:11:49 ---A- - C:\Windows\Prefetch\AUDACITY.EXE-17036B07.pf
763. O45 - LFCP:[MD5.9372027D1BFF7D47037DBCA68B20374F] - 28/03/2013 - 19:39:21 ---A- - C:\Windows\Prefetch\GOOGLETALKPLUGIN.EXE-13212292.pf
764. O45 - LFCP:[MD5.73F8B4750DA732CBB2AFC2B9A3A616A7] - 28/03/2013 - 19:41:31 ---A- - C:\Windows\Prefetch\WMIAPSRV.EXE-29F35ED0.pf
765. O45 - LFCP:[MD5.C1FD00A686C081DC90180D82B6C11686] - 29/03/2013 - 16:55:38 ---A- - C:\Windows\Prefetch\SMARTLOGON.EXE-8F794AF5.pf
766. O45 - LFCP:[MD5.0802D626B9CDF2808C55F5206AC714DF] - 29/03/2013 - 17:01:43 ---A- - C:\Windows\Prefetch\C2C_SERVICE.EXE-76976284.pf
767. O45 - LFCP:[MD5.3FC1E262DC70E6916D27C34737E63B97] - 29/03/2013 - 17:01:43 ---A- - C:\Windows\Prefetch\PNKBSTRA.EXE-473DE145.pf
768. O45 - LFCP:[MD5.0FC4E9166C63FD90B88C57AFC4490938] - 29/03/2013 - 17:01:43 ---A- - C:\Windows\Prefetch\REGSRVC.EXE-E4A04EBD.pf
769. O45 - LFCP:[MD5.447A8EF48B451B51B0A33FF631D86646] - 29/03/2013 - 17:01:43 ---A- - C:\Windows\Prefetch\SEAPORT.EXE-2B903D32.pf
770. O45 - LFCP:[MD5.945CC287337EF7123825F1A761FD21E7] - 29/03/2013 - 17:01:43 ---A- - C:\Windows\Prefetch\UMBRELLA.EXE-9B266DB9.pf
771. O45 - LFCP:[MD5.37ECC30AC693343C7244B0D4AA6530A3] - 29/03/2013 - 17:01:43 ---A- - C:\Windows\Prefetch\UPDATER.EXE-EA1310CB.pf
772. O45 - LFCP:[MD5.FC9E94842C30B78B9084506B9DBFA6AC] - 29/03/2013 - 17:01:53 ---A- - C:\Windows\Prefetch\LAUNCHER.EXE-6D7D849B.pf
773. O45 - LFCP:[MD5.358511D96A82F49F27A87326804581C2] - 29/03/2013 - 17:01:56 ---A- - C:\Windows\Prefetch\FANCYSTART.EXE-91A615E7.pf
774. O45 - LFCP:[MD5.2656F6ED1A2409CFA69AF82D5BEADF31] - 29/03/2013 - 17:01:59 ---A- - C:\Windows\Prefetch\UBERICON.EXE-2870C9EB.pf
775. O45 - LFCP:[MD5.A0927BE210D6CCFD933C8CF725315D70] - 29/03/2013 - 17:02:02 ---A- - C:\Windows\Prefetch\VIRTUA~1.EXE-A6C5D901.pf
776. O45 - LFCP:[MD5.835321B14F79F6B8CF48B77BB50ACE3C] - 29/03/2013 - 17:02:09 ---A- - C:\Windows\Prefetch\YZSHADOW.EXE-4DB6D16F.pf
777. O45 - LFCP:[MD5.B8EC992A2F53D3DF8B626C11052B2BB9] - 29/03/2013 - 17:02:12 ---A- - C:\Windows\Prefetch\IMINENT.EXE-239E2AD1.pf
778. O45 - LFCP:[MD5.813DBCED6D0D038113C86EC8AE80309A] - 29/03/2013 - 17:02:14 ---A- - C:\Windows\Prefetch\LAUNCHER.EXE-9EEB3D43.pf
779. O45 - LFCP:[MD5.87A93813CE9D585358E908A0A1563E8F] - 29/03/2013 - 17:02:19 ---A- - C:\Windows\Prefetch\IMINENT.MESSENGERS.EXE-C7B6CC1B.pf
780. O45 - LFCP:[MD5.5BABE316872DCB307AE7EF8C689A394E] - 29/03/2013 - 17:02:35 ---A- - C:\Windows\Prefetch\WINLIST.EXE-EF5220E0.pf
781. O45 - LFCP:[MD5.AA29EABC3DE7A9EBF4C67CDB3615B843] - 29/03/2013 - 17:03:02 ---A- - C:\Windows\Prefetch\DW20.EXE-E115992B.pf
782. O45 - LFCP:[MD5.0D592DBF0108C5AB495DF7381C72ECA6] - 29/03/2013 - 17:05:50 ---A- - C:\Windows\Prefetch\FREEMAKEERRORREPORTER.EXE-7CA8C7FD.pf
783. O45 - LFCP:[MD5.EA41DEEB0F3F66B7C1164C2960F21F16] - 29/03/2013 - 17:09:51 ---A- - C:\Windows\Prefetch\MMC.EXE-F39CDED6.pf
784. O45 - LFCP:[MD5.39D145D961EF3E4D136A4BAC056FB8CB] - 29/03/2013 - 17:37:28 ---A- - C:\Windows\Prefetch\WSCTOOL.EXE-EB22FE56.pf
785. O45 - LFCP:[MD5.336B56A94448C32F23CEC0BD0F0C5FF9] - 29/03/2013 - 17:46:43 ---A- - C:\Windows\Prefetch\CHRMSTP.EXE-974BC8FC.pf
786. O45 - LFCP:[MD5.0348712C7B27CFFC25EEE6A3DBC70BD2] - 29/03/2013 - 17:52:42 ---A- - C:\Windows\Prefetch\SCHED.EXE-CD2C25D2.pf
787. O45 - LFCP:[MD5.EA299D30C4C66590FCCCD618F60C8D66] - 29/03/2013 - 17:53:12 ---A- - C:\Windows\Prefetch\AVRESTART.EXE-EF804372.pf
788. O45 - LFCP:[MD5.68405822FFEEB49D8468726FDB31F2AC] - 29/03/2013 - 18:00:32 ---A- - C:\Windows\Prefetch\APRP.EXE-A549635F.pf
789. O45 - LFCP:[MD5.ACE2B65F32771403A5D4835DCE51EC66] - 29/03/2013 - 18:00:32 ---A- - C:\Windows\Prefetch\ASUSWSPANEL.EXE-40B13933.pf
790. O45 - LFCP:[MD5.C98DC70D57BCF38D2DA05146DEBC91E0] - 29/03/2013 - 18:00:32 ---A- - C:\Windows\Prefetch\ATKOSD2.EXE-8FADD2D9.pf
791. O45 - LFCP:[MD5.696ED4DE389837DE320C7B338A0C106E] - 29/03/2013 - 18:00:32 ---A- - C:\Windows\Prefetch\IWRAP.EXE-20582B89.pf
792. O45 - LFCP:[MD5.CF587CE3047B0696575A00198E23F341] - 29/03/2013 - 18:00:32 ---A- - C:\Windows\Prefetch\MUISTARTMENU.EXE-0C8E9917.pf
793. O45 - LFCP:[MD5.4E5239A2B036826DF7E826FD9DA7E464] - 29/03/2013 - 18:00:32 ---A- - C:\Windows\Prefetch\MUISTARTMENU.EXE-F128F39F.pf
794. O45 - LFCP:[MD5.4B0581EDA4C36D4D7F74B33223E42ADF] - 29/03/2013 - 18:01:06 ---A- - C:\Windows\Prefetch\UPDATER.EXE-F2F2FB04.pf
795. O45 - LFCP:[MD5.0AD436FC6012EF00CCE6DC3F0C8F2ABE] - 29/03/2013 - 18:04:17 ---A- - C:\Windows\Prefetch\JUCHECK.EXE-550A12E1.pf
796. O45 - LFCP:[MD5.E6894948D115826522D86D88250038B1] - 29/03/2013 - 19:54:30 ---A- - C:\Windows\Prefetch\AVSCAN.EXE-EDA6668B.pf
797. O45 - LFCP:[MD5.144E1E43BB06766720159350636893AB] - 29/03/2013 - 19:55:02 ---A- - C:\Windows\Prefetch\UPLAUNCHER.EXE-96232E14.pf
798. O45 - LFCP:[MD5.8EA2BDFDE8AA2F62C1490CD1A84B08C2] - 29/03/2013 - 19:55:20 ---A- - C:\Windows\Prefetch\GUARDGUI.EXE-BDAEFB77.pf
799. O45 - LFCP:[MD5.78C20CEC2B932FC97AACC8366C8E3358] - 29/03/2013 - 19:55:21 ---A- - C:\Windows\Prefetch\DOFUSMOD.EXE-C9F41656.pf
800. O45 - LFCP:[MD5.D98A658EE550A82A3D89C7136626204E] - 29/03/2013 - 19:55:30 ---A- - C:\Windows\Prefetch\DOFUS.EXE-F2EF46CE.pf
801. ~ Prefetcher: 139 Legitimates Scanned in 00mn 00s
802.  
803.  
804.  
805. ---\\ Déni du service (Local Security Authority) (O48)
806. ~ LSA: 9 Legitimates Scanned in 00mn 00s
807.  
808.  
809.  
810. ---\\ Contrôle du Safe Boot (CSB) (O49)
811. ~ CBS: 13 Legitimates Scanned in 00mn 00s
812.  
813.  
814.  
815. ---\\ MountPoints2 Shell Key (O51)
816. O51 - MPSK:{ab55b624-ff0d-11e1-901a-f46d0422e1c9}\AutoRun\command. (.SEGA - Football Manager 2012 Setup.) -- F:\Setup.exe
817. ~ Keys: Scanned in 00mn 00s
818.  
819.  
820.  
821. ---\\ Trojan Driver Search Data (HKLM) (O52)
822. O52 - TDSD: \Drivers32\"vidc.xtor"="DxtoryCodec64.dll" . (.Dxtory Software - Dxtory DirectShow and VFW Decoder.) -- C:\Windows\System32\DxtoryCodec64.dll
823. ~ TDSD: 5 Legitimates Scanned in 00mn 00s
824.  
825.  
826.  
827. ---\\ ShareTools MSconfig StartupReg (O53)
828. O53 - SMSR:HKLM\...\startupreg\ASUS Screen Saver Protector [Key] . (.ASUS - AsScrPro.) -- C:\Windows\AsScrPro.exe
829. O53 - SMSR:HKLM\...\startupreg\CLMLServer [Key] . (.CyberLink - CyberLink MediaLibray Service.) -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
830. O53 - SMSR:HKLM\...\startupreg\RtHDVCpl [Key] . (.Realtek Semiconductor - Gestionnaire audio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
831. ~ SMSR Keys: 3 Legitimates Scanned in 00mn 00s
832.  
833.  
834.  
835. ---\\ Microsoft Control Security Providers (O54)
836. ~ MSCP: 2 Legitimates Scanned in 00mn 00s
837.  
838.  
839.  
840. ---\\ Microsoft Windows Policies System (O55)
841. O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=0
842. O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
843. O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
844. ~ MWPS: 16 Legitimates Scanned in 00mn 00s
845.  
846.  
847.  
848. ---\\ Microsoft Windows Policies Explorer (O56)
849. O56 - MWPE:[HKCU\...\policies\Explorer] - "NoDriveAutoRun"=0
850. O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktop"=1
851. O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1
852. O56 - MWPE:[HKLM\...\policies\Explorer] - "ForceActiveDesktopOn"=0
853. ~ Keys: Scanned in 00mn 00s
854.  
855.  
856.  
857. ---\\ Liste des Drivers Système (O58)
858. O58 - SDL:[MD5.2F6B34B83843F0C5118B63AC634F5BF4] - 14/07/2009 - 02:52:21 ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\System32\Drivers\adp94xx.sys [491088]
859. O58 - SDL:[MD5.1E6438D4EA6E1174A3B3B1EDC4DE660B] - 18/03/2009 - 16:35:42 --HA- . (.LogMeIn, Inc. - Hamachi Virtual Network Interface Driver.) -- C:\Windows\System32\hamachi.sys [33856]
860. O58 - SDL:[MD5.E2F1DCF4A68CC6CF694FBFBA1842F4CD] - 09/03/2005 - 19:50:16 ---A- . (...) -- C:\Windows\SysWOW64\drivers\libusb0.sys [33792]
861. ~ Drivers: Scanned in 00mn 00s
862.  
863.  
864.  
865. ---\\ Derniers fichiers modifiés ou crées (Utilisateur) (O61)
866. O61 - LFC: 26/03/2013 - 18:28:38 ---A- C:\Users\Matteo\Default\Session Storage\000032.sst [4809]
867. O61 - LFC: 26/03/2013 - 18:34:16 ---A- C:\Users\Matteo\Default\File System\001\p\.usage [24]
868. O61 - LFC: 26/03/2013 - 18:34:16 ---A- C:\Users\Matteo\Default\File System\001\p\00\00000000 [822765]
869. O61 - LFC: 26/03/2013 - 18:34:19 ---A- C:\Users\Matteo\Certificate Revocation Lists [268727]
870. O61 - LFC: 26/03/2013 - 18:58:32 ---A- C:\Users\Matteo\Safe Browsing Download [1466116]
871. O61 - LFC: 26/03/2013 - 18:58:33 ---A- C:\Users\Matteo\Safe Browsing Bloom [8141480]
872. O61 - LFC: 26/03/2013 - 18:58:33 ---A- C:\Users\Matteo\Safe Browsing Bloom Prefix Set [1506488]
873. O61 - LFC: 26/03/2013 - 18:58:33 ---A- C:\Users\Matteo\Safe Browsing Csd Whitelist [134668]
874. O61 - LFC: 26/03/2013 - 18:58:33 ---A- C:\Users\Matteo\Safe Browsing Download Whitelist [19852]
875. O61 - LFC: 26/03/2013 - 18:59:02 ---A- C:\Users\Matteo\Safe Browsing Cookies [6144]
876. O61 - LFC: 26/03/2013 - 18:59:02 ---A- C:\Users\Matteo\Safe Browsing Cookies-journal [4640]
877. O61 - LFC: 26/03/2013 - 19:06:00 ---A- C:\Users\Matteo\AppData\Local\Google\Update\Download\{D0AB2EBC-931B-4013-9FEB-C9C4C2225C8C}\3.17.0.12440\googletalkpluginaccel.msi [8871936]
878. O61 - LFC: 26/03/2013 - 19:06:00 ---A- C:\Users\Matteo\AppData\Local\Google\Update\Install\{B67E3F1C-2A82-4FA2-8C5F-D3BCAFC7E56D}\googletalkpluginaccel.msi [8871936]
879. O61 - LFC: 26/03/2013 - 20:15:19 ---A- C:\Users\Matteo\Downloads\lmms-0.4.13-win64.exe [23001026]
880. O61 - LFC: 26/03/2013 - 21:03:08 ---A- C:\Users\Matteo\.lmmsrc.xml [836]
881. O61 - LFC: 26/03/2013 - 21:20:00 ---A- C:\Users\Matteo\Downloads\Allods_FR.exe [695128]
882. O61 - LFC: 27/03/2013 - 18:12:50 ---A- C:\Users\Matteo\Default\Session Storage\000034.sst [891]
883. O61 - LFC: 28/03/2013 - 19:20:19 ---A- C:\Users\Matteo\Default\File System\Origins\LOG.old [145]
884. O61 - LFC: 28/03/2013 - 19:20:20 ---A- C:\Users\Matteo\Default\Session Storage\000037.sst [303]
885. O61 - LFC: 28/03/2013 - 19:20:51 ---A- C:\Users\Matteo\Default\Shortcuts [20480]
886. O61 - LFC: 28/03/2013 - 19:20:51 ---A- C:\Users\Matteo\Default\Shortcuts-journal [12824]
887. O61 - LFC: 28/03/2013 - 19:24:06 ---A- C:\Users\Matteo\Default\Extension State\LOG.old [145]
888. O61 - LFC: 28/03/2013 - 19:24:06 ---A- C:\Users\Matteo\Default\File System\001\p\Paths\LOG.old [145]
889. O61 - LFC: 28/03/2013 - 19:24:06 ---A- C:\Users\Matteo\Default\Last Session [68694]
890. O61 - LFC: 28/03/2013 - 19:24:06 ---A- C:\Users\Matteo\Default\Last Tabs [14409]
891. O61 - LFC: 28/03/2013 - 19:24:06 ---A- C:\Users\Matteo\Default\Media Cache\data_0 [45056]
892. O61 - LFC: 28/03/2013 - 19:24:06 ---A- C:\Users\Matteo\Default\Media Cache\data_1 [270336]
893. O61 - LFC: 28/03/2013 - 19:24:06 ---A- C:\Users\Matteo\Default\Session Storage\LOG.old [269]
894. O61 - LFC: 28/03/2013 - 19:24:42 ---A- C:\Users\Matteo\Default\File System\001\p\Paths\CURRENT [16]
895. O61 - LFC: 28/03/2013 - 19:24:42 ---A- C:\Users\Matteo\Default\File System\001\p\Paths\MANIFEST-000041 [86]
896. O61 - LFC: 28/03/2013 - 19:24:42 ---A- C:\Users\Matteo\Default\File System\Origins\CURRENT [16]
897. O61 - LFC: 28/03/2013 - 19:24:42 ---A- C:\Users\Matteo\Default\File System\Origins\MANIFEST-000044 [230]
898. O61 - LFC: 28/03/2013 - 19:24:42 ---A- C:\Users\Matteo\Default\Network Action Predictor [58368]
899. O61 - LFC: 28/03/2013 - 19:24:42 ---A- C:\Users\Matteo\Default\Network Action Predictor-journal [16384]
900. O61 - LFC: 28/03/2013 - 19:24:44 ---A- C:\Users\Matteo\Default\Session Storage\000040.sst [454]
901. O61 - LFC: 28/03/2013 - 19:24:44 ---A- C:\Users\Matteo\Default\Session Storage\CURRENT [16]
902. O61 - LFC: 28/03/2013 - 19:24:44 ---A- C:\Users\Matteo\Default\Session Storage\MANIFEST-000039 [375]
903. O61 - LFC: 28/03/2013 - 19:24:45 ---A- C:\Users\Matteo\Default\Local Storage\http_www.youtube.com_0.localstorage [54272]
904. O61 - LFC: 28/03/2013 - 19:24:45 ---A- C:\Users\Matteo\Default\Local Storage\http_www.youtube.com_0.localstorage-journal [16384]
905. O61 - LFC: 28/03/2013 - 19:24:46 ---A- C:\Users\Matteo\Default\Extension State\CURRENT [16]
906. O61 - LFC: 28/03/2013 - 19:24:46 ---A- C:\Users\Matteo\Default\Extension State\MANIFEST-000023 [237]
907. O61 - LFC: 28/03/2013 - 19:24:51 ---A- C:\Users\Matteo\Default\Managed Mode Settings [8]
908. O61 - LFC: 28/03/2013 - 19:24:51 ---A- C:\Users\Matteo\Default\TransportSecurity [1104]
909. O61 - LFC: 28/03/2013 - 19:24:57 ---A- C:\Users\Matteo\Default\Top Sites [299008]
910. O61 - LFC: 28/03/2013 - 19:24:57 ---A- C:\Users\Matteo\Default\Top Sites-journal [16384]
911. O61 - LFC: 28/03/2013 - 19:25:09 ---A- C:\Users\Matteo\Default\History Index 2013-03 [4046848]
912. O61 - LFC: 28/03/2013 - 19:25:09 ---A- C:\Users\Matteo\Default\History Index 2013-03-journal [16384]
913. O61 - LFC: 28/03/2013 - 19:25:12 ---A- C:\Users\Matteo\Default\QuotaManager [13312]
914. O61 - LFC: 28/03/2013 - 19:25:12 ---A- C:\Users\Matteo\Default\QuotaManager-journal [8768]
915. O61 - LFC: 28/03/2013 - 19:26:02 ---A- C:\Users\Matteo\Default\Web Data [77824]
916. O61 - LFC: 28/03/2013 - 19:26:02 ---A- C:\Users\Matteo\Default\Web Data-journal [10792]
917. O61 - LFC: 28/03/2013 - 19:26:05 ---A- C:\Users\Matteo\Default\Favicons [215040]
918. O61 - LFC: 28/03/2013 - 19:26:05 ---A- C:\Users\Matteo\Default\Favicons-journal [16384]
919. O61 - LFC: 28/03/2013 - 19:26:13 ---A- C:\Users\Matteo\Default\Cookies [196608]
920. O61 - LFC: 28/03/2013 - 19:26:13 ---A- C:\Users\Matteo\Default\Cookies-journal [16384]
921. O61 - LFC: 28/03/2013 - 19:26:13 ---A- C:\Users\Matteo\Default\Current Session [69776]
922. O61 - LFC: 28/03/2013 - 19:26:13 ---A- C:\Users\Matteo\Default\Current Tabs [18614]
923. O61 - LFC: 28/03/2013 - 19:26:13 ---A- C:\Users\Matteo\Default\Extension State\LOG [145]
924. O61 - LFC: 28/03/2013 - 19:26:13 ---A- C:\Users\Matteo\Default\File System\001\p\Paths\LOG [145]
925. O61 - LFC: 28/03/2013 - 19:26:13 ---A- C:\Users\Matteo\Default\File System\Origins\LOG [145]
926. O61 - LFC: 28/03/2013 - 19:26:13 ---A- C:\Users\Matteo\Default\History [356352]
927. O61 - LFC: 28/03/2013 - 19:26:13 ---A- C:\Users\Matteo\Default\History Provider Cache [40057]
928. O61 - LFC: 28/03/2013 - 19:26:13 ---A- C:\Users\Matteo\Default\History-journal [16384]
929. O61 - LFC: 28/03/2013 - 19:26:13 ---A- C:\Users\Matteo\Default\Preferences [95186]
930. O61 - LFC: 28/03/2013 - 19:26:13 ---A- C:\Users\Matteo\Default\Session Storage\LOG [264]
931. O61 - LFC: 28/03/2013 - 19:26:13 ---A- C:\Users\Matteo\Default\Visited Links [131072]
932. O61 - LFC: 28/03/2013 - 19:26:13 ---A- C:\Users\Matteo\Local State [24735]
933. O61 - LFC: 28/03/2013 - 19:26:13 ---A- C:\Users\Matteo\chrome_shutdown_ms.txt [4]
934. O61 - LFC: 29/03/2013 - 17:04:43 ---A- C:\Users\Matteo\AppData\Roaming\Iminent\Mediator\Datas\globalcache.dat [6144]
935. O61 - LFC: 29/03/2013 - 17:46:37 ---A- C:\Users\Matteo\AppData\Local\Google\Chrome\User Data\EULA Accepted [0]
936. O61 - LFC: 29/03/2013 - 17:46:37 ---A- C:\Users\Matteo\AppData\Local\Google\Chrome\User Data\First Run [0]
937. O61 - LFC: 29/03/2013 - 17:56:36 --HA- C:\Users\Matteo\AppData\Local\IconCache.db [1941065]
938. O61 - LFC: 29/03/2013 - 18:00:30 ---A- C:\Users\Matteo\AppData\Roaming\PrivateTunnel\firstrun.txt [10]
939. O61 - LFC: 29/03/2013 - 18:06:37 ---A- C:\Users\Matteo\AppData\Local\Google\Chrome\User Data\Certificate Revocation Lists [270659]
940. O61 - LFC: 29/03/2013 - 19:29:20 ---A- C:\Users\Matteo\Downloads\ZHPDiag2.exe [5481865]
941. O61 - LFC: 29/03/2013 - 19:36:25 ---A- C:\Users\Matteo\AppData\Local\Google\Chrome\User Data\Local State [24727]
942. O61 - LFC: 29/03/2013 - 19:36:26 ---A- C:\Users\Matteo\AppData\Local\Google\Chrome\User Data\chrome_shutdown_ms.txt [5]
943. O61 - LFC: 29/03/2013 - 19:55:21 ---A- C:\Users\Matteo\AppData\Roaming\D2Info0 [125]
944. O61 - LFC: 29/03/2013 - 19:55:27 ---A- C:\Users\Matteo\AppData\Roaming\dclogs\2013-03-29-6.dc [6275]
945. ~ 5 Fichiers temporaires (Temporary files)
946. ~ Files: 788 Legitimates Scanned in 01mn 03s
947.  
948.  
949.  
950. ---\\ Liste des outils de nettoyage (O63)
951. O63 - Logiciel: ZHPDiag 2013 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1
952. O63 - Logiciel: RSIT - (.random/random.)
953. ~ ADS: Scanned in 00mn 00s
954.  
955.  
956.  
957. ---\\ Liste des services Legacy (O64)
958. O64 - Services: CurCS - 26/08/2012 - C:\Windows\System32\DRIVERS\lirsgt.sys - lirsgt (lirsgt) .(...) - LEGACY_LIRSGT
959. O64 - Services: CurCS - 11/02/2011 - C:\Windows\System32\drivers\npf.sys (npf) .(.CACE Technologies, Inc. - npf.sys (NT5/6 AMD64) Kernel Driver.) - LEGACY_NPF
960. ~ Legacy: 85 Legitimates Scanned in 00mn 00s
961.  
962.  
963.  
964. ---\\ File Associations Shell Spawning (O67)
965. O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] (...) -- "%1" %*
966. O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe
967. O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] (...) -- "%1" %*
968. O67 - Shell Spawning: <.com> <comfile>[HKLM\..\open\Command] (...) -- "%1" %*
969. O67 - Shell Spawning: <.evt> <evtfile>[HKLM\..\open\Command] (.Microsoft Corporation - Lanceur du composant logiciel enfichable Observateur d’événements.) -- C:\Windows\System32\eventvwr.exe
970. O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] (...) -- "%1" %*
971. O67 - Shell Spawning: <.html> <htmlfile>[HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
972. O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe
973. O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe
974. O67 - Shell Spawning: <.html> <ChromeHTML>[HKCU\..\open\Command] (.Not Key.)
975. O67 - Shell Spawning: <.bat> <batfile>[HKCR\..\open\Command] (...) -- "%1" %*
976. O67 - Shell Spawning: <.cpl> <cplfile>[HKCR\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe
977. O67 - Shell Spawning: <.cmd> <cmdfile>[HKCR\..\open\Command] (...) -- "%1" %*
978. O67 - Shell Spawning: <.com> <comfile>[HKCR\..\open\Command] (...) -- "%1" %*
979. O67 - Shell Spawning: <.evt> <evtfile>[HKCR\..\open\Command] (.Microsoft Corporation - Lanceur du composant logiciel enfichable Observateur d’événements.) -- C:\Windows\System32\eventvwr.exe
980. O67 - Shell Spawning: <.exe> <exefile>[HKCR\..\open\Command] (...) -- "%1" %*
981. O67 - Shell Spawning: <.html> <ChromeHTML>[HKCR\..\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
982. O67 - Shell Spawning: <.js> <JSFile>[HKCR\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe
983. O67 - Shell Spawning: <.reg> <regfile>[HKCR\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe
984. ~ Keys: Scanned in 00mn 00s
985.  
986.  
987.  
988. ---\\ Start Menu Internet (O68)
989. O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
990. O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
991. O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
992. ~ Keys: Scanned in 00mn 00s
993.  
994.  
995.  
996. ---\\ Search Browser Infection (O69)
997. O69 - SBI: SearchScopes [HKCU] {0388404D-6072-4CEB-B521-8F090FEAEE57} [DefaultScope] - (Yahoo!) - http://klit.startnow.com
998. O69 - SBI: SearchScopes [HKCU] {9BB47C17-9C68-4BB3-B188-DD9AF0FD2410} - (Search Results) - http://dts.search-results.com
999. ~ Keys: Scanned in 00mn 00s
1000.  
1001.  
1002.  
1003. ---\\ Crack & Keygen Files (O82)
1004. C:\Users\Administrateur\Desktop\Keygen Acid Pro 7.0\Coleccion musical mia.rar
1005. C:\Users\Administrateur\Desktop\Keygen Acid Pro 7.0\Coleccion musical mia.rar
1006. D:\Downloads\Winrar Cracker Just Instal By TehxBaBy.exe
1007. ~ Files: Scanned in 04mn 37s
1008.  
1009.  
1010.  
1011. ---\\ Recherche des services démarrés par Svchost (O83)
1012. ~ Services: 32 Legitimates Scanned in 00mn 00s
1013.  
1014.  
1015.  
1016. ---\\ Recherche particuliere à la racine de certains dossiers (O84)
1017. [MD5.1612A5E091BF486BD868802A5F1076C8] [SPRF][02/09/2011] (...) -- C:\ProgramData\499A45AD2C.sys [88]
1018. [MD5.90E1D86D979B92738A47D7072CB22DA8] [SPRF][07/07/2010] (...) -- C:\ProgramData\FullRemove.exe [131472]
1019. [MD5.EA3CFC52E4F1399FF67D63E5FA01BB22] [SPRF][02/09/2011] (...) -- C:\ProgramData\KGyGaAvL.sys [5642]
1020. [MD5.E8552EE508F16CBB91A7F841651EFB7D] [SPRF][15/03/2013] (.Microsoft - Starter2.) -- C:\Users\Matteo\AppData\Local\launcher.exe [156160]
1021. [MD5.6D9E5361414A404F62DC249F2AADC327] [SPRF][31/01/2008] (.Pas de propriétaire - 7-zip32.) -- C:\Users\Matteo\AppData\Local\Temp\7-zip32.dll [506880]
1022. [MD5.F4F883EAF7F7413A085D9868511AF8A9] [SPRF][15/03/2013] (...) -- C:\Users\Matteo\AppData\Local\Temp\jansi-64-git-Bukkit-1.4.7-R1.0-15-g8e7c097-b2646jnks.dll [17408]
1023. [MD5.F4F883EAF7F7413A085D9868511AF8A9] [SPRF][15/03/2013] (...) -- C:\Users\Matteo\AppData\Local\Temp\jansi-64-git-Bukkit-1.4.7-R1.0-b2624jnks.dll [17408]
1024. [MD5.E5B43485D986CFECA401F10E9268C85A] [SPRF][15/03/2013] (...) -- C:\Users\Matteo\AppData\Local\Temp\sqlite-3.7.2-sqlitejdbc.dll [515584]
1025. [MD5.4D41BF8132A7CBCDAB77C96CC0B4A7BC] [SPRF][15/03/2013] (...) -- C:\Users\Matteo\AppData\Roaming\win32.exe [1494207]
1026. [MD5.F64D89856906F7D22ADC07EC5744D8E1] [SPRF][01/04/2012] (.DevComponents.com - DevComponents.DotNetBar.) -- C:\Users\Matteo\Desktop\DevComponents.DotNetBar2.dll [4640768]
1027. [MD5.A3263FA647E746E197F7D753DAFA489F] [SPRF][15/03/2013] (.Pas de propriétaire - PhoenixAPI.) -- C:\Users\Matteo\Desktop\PhoenixAPI.dll [1257984]
1028. [MD5.4A9A21400EDED54777A25A988DED328C] [SPRF][15/03/2013] (.Pas de propriétaire - PhoenixBot.) -- C:\Users\Matteo\Desktop\PhoenixBot.exe [980480]
1029. [MD5.E8FD90C0630DC1B80FEDFA2C86D89B48] [SPRF][15/03/2013] (.Pas de propriétaire - PhoenixUpdate.) -- C:\Users\Matteo\Desktop\PhoenixUpdate.exe [24576]
1030. ~ Files: Scanned in 00mn 00s
1031.  
1032.  
1033.  
1034. ---\\ Firewall Active Exception List (FirewallRules) (O87)
1035. O87 - FAEL: "{B6D1DC2A-6205-4BB8-8012-CD187092887B}" | In - None - P17 - TRUE | .(.Pas de propriétaire - Pando Media Booster.) -- C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
1036. O87 - FAEL: "{B186B359-AC87-48AE-88EE-27B645A1E0DA}" | In - Public - P6 - TRUE | .(.Visicom Media Inc. - DTX broker.) -- C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\dtUser.exe
1037. O87 - FAEL: "{B4072AA4-8533-4908-902E-A4D18754F78C}" | In - Public - P17 - TRUE | .(.Visicom Media Inc. - DTX broker.) -- C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\dtUser.exe
1038. O87 - FAEL: "TCP Query User{E120EBFC-3F67-42BE-83D5-2C097CA05773}C:\program files (x86)\wolfenstein - enemy territory\et.exe" | In - Public - P6 - TRUE | .(...) -- C:\program files (x86)\wolfenstein - enemy territory\et.exe
1039. O87 - FAEL: "UDP Query User{8A32A138-CBDD-4017-80AE-1312B98DCE1A}C:\program files (x86)\wolfenstein - enemy territory\et.exe" | In - Public - P17 - TRUE | .(...) -- C:\program files (x86)\wolfenstein - enemy territory\et.exe
1040. O87 - FAEL: "{FE0627F4-AA82-48ED-97CE-5AABA801E3E3}" | In - None - P6 - TRUE | .(.BitTorrent, Inc. - µTorrent.) -- C:\Program Files (x86)\uTorrent\uTorrent.exe
1041. O87 - FAEL: "{75E9141C-AD0B-440F-9A07-BBD0C60B9B12}" | In - None - P17 - TRUE | .(.BitTorrent, Inc. - µTorrent.) -- C:\Program Files (x86)\uTorrent\uTorrent.exe
1042. O87 - FAEL: "TCP Query User{5D9DC56E-A734-4C9D-8B9D-275D397E9BE1}D:\speedartppb\patchblocker.exe" | In - Private - P6 - TRUE | .(.Microsoft - WindowsFormsApplication1.) -- D:\speedartppb\patchblocker.exe
1043. O87 - FAEL: "UDP Query User{4E6764EE-ED83-4073-9BE7-7BC854764802}D:\speedartppb\patchblocker.exe" | In - Private - P17 - TRUE | .(.Microsoft - WindowsFormsApplication1.) -- D:\speedartppb\patchblocker.exe
1044. O87 - FAEL: "TCP Query User{7F26C0AD-FD03-42D4-A2C9-95D12A25114D}C:\users\matteo\appdata\local\iw4m\iw4m.dat" | In - Private - P6 - TRUE | .(...) -- C:\users\matteo\appdata\local\iw4m\iw4m.dat
1045. O87 - FAEL: "UDP Query User{1843908C-1912-43E8-B529-F07C1DDBC567}C:\users\matteo\appdata\local\iw4m\iw4m.dat" | In - Private - P17 - TRUE | .(...) -- C:\users\matteo\appdata\local\iw4m\iw4m.dat
1046. O87 - FAEL: "TCP Query User{BCAD09BC-BD6D-485D-A22A-13836396B15B}D:\downloads\patchblocker.exe" | In - Private - P6 - TRUE | .(.Microsoft - WindowsFormsApplication1.) -- D:\downloads\patchblocker.exe
1047. O87 - FAEL: "UDP Query User{F72F3E5E-CFF0-4EE5-972A-B721412DA33B}D:\downloads\patchblocker.exe" | In - Private - P17 - TRUE | .(.Microsoft - WindowsFormsApplication1.) -- D:\downloads\patchblocker.exe
1048. O87 - FAEL: "TCP Query User{856B6FD0-84AF-460F-A941-7368A9268D9C}D:\download\pipix_v2.6.exe" | In - Private - P6 - TRUE | .(...) -- D:\download\pipix_v2.6.exe
1049. O87 - FAEL: "UDP Query User{5DEFC87B-0DE2-441F-A652-CB6D25556DA9}D:\download\pipix_v2.6.exe" | In - Private - P17 - TRUE | .(...) -- D:\download\pipix_v2.6.exe
1050. O87 - FAEL: "TCP Query User{BC89C52B-DB70-4024-B3FE-316C27811713}D:\download\minecraftsp.exe" | In - Private - P6 - TRUE | .(.AnjoCaido - Minecraft - Single Player Only (or you buy it and use your username here.) -- D:\download\minecraftsp.exe
1051. O87 - FAEL: "UDP Query User{85B78D56-819B-4B3B-A2E2-42A3C99D62F3}D:\download\minecraftsp.exe" | In - Private - P17 - TRUE | .(.AnjoCaido - Minecraft - Single Player Only (or you buy it and use your username here.) -- D:\download\minecraftsp.exe
1052. O87 - FAEL: "{B2616791-374B-43AC-B37F-A61AA2129419}" | In - None - P17 - TRUE | .(.Pas de propriétaire - Wireless PAN DHCP and DNS Server.) -- C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
1053. O87 - FAEL: "{912B3679-5021-49D9-B9BC-0346149F8F54}" | In - Domain - P6 - TRUE | .(.Pas de propriétaire - Pando Media Booster.) -- C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
1054. O87 - FAEL: "{34D1D0B9-3191-4432-BA20-C63651602160}" | In - Domain - P17 - TRUE | .(.Pas de propriétaire - Pando Media Booster.) -- C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
1055. O87 - FAEL: "{25BE1337-1B17-41D4-AD11-81A5265BF49F}" | In - Private - P6 - TRUE | .(.Pas de propriétaire - Pando Media Booster.) -- C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
1056. O87 - FAEL: "{F6100DEC-3D2D-40BE-87AE-02E46C471D45}" | In - Private - P17 - TRUE | .(.Pas de propriétaire - Pando Media Booster.) -- C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
1057. O87 - FAEL: "{9773C481-AA5B-4F78-81DB-5536B9C44DF8}" | In - None - P17 - TRUE | .(.Pas de propriétaire - Pando Media Booster.) -- C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
1058. O87 - FAEL: "TCP Query User{469F5770-0FF0-433F-A075-031AF306630C}D:\pcjeux\call of duty modern warfare 3\iw5mp_server.exe" | In - Private - P6 - TRUE | .(...) -- D:\pcjeux\call of duty modern warfare 3\iw5mp_server.exe
1059. O87 - FAEL: "UDP Query User{5351EB78-E3FA-4474-B201-670EAC98B025}D:\pcjeux\call of duty modern warfare 3\iw5mp_server.exe" | In - Private - P17 - TRUE | .(...) -- D:\pcjeux\call of duty modern warfare 3\iw5mp_server.exe
1060. O87 - FAEL: "TCP Query User{0A578BAB-55D2-4340-8540-C5D208B87857}D:\pcjeux\call of duty modern warfare 3\iw5mp.exe" | In - Private - P6 - TRUE | .(...) -- D:\pcjeux\call of duty modern warfare 3\iw5mp.exe
1061. O87 - FAEL: "UDP Query User{1BBD6B2E-87B3-4CA0-9238-2357C514E5AA}D:\pcjeux\call of duty modern warfare 3\iw5mp.exe" | In - Private - P17 - TRUE | .(...) -- D:\pcjeux\call of duty modern warfare 3\iw5mp.exe
1062. O87 - FAEL: "TCP Query User{53948F4E-9CC6-442D-9421-051ABA6E07EF}D:\pcjeux\call of duty modern warfare 3\iw5sp.exe" | In - Public - P6 - TRUE | .(...) -- D:\pcjeux\call of duty modern warfare 3\iw5sp.exe
1063. O87 - FAEL: "UDP Query User{D0B706D0-7BDA-4135-888D-2BB3D7B7B61F}D:\pcjeux\call of duty modern warfare 3\iw5sp.exe" | In - Public - P17 - TRUE | .(...) -- D:\pcjeux\call of duty modern warfare 3\iw5sp.exe
1064. O87 - FAEL: "{22826F6C-F505-4020-B16D-DC5AAE3438C4}" | In - Private - P6 - TRUE | .(...) -- D:\Assasins\ACRSP.exe
1065. O87 - FAEL: "{CFF06D8F-EE09-4D14-AB58-367A124E796D}" | In - Private - P17 - TRUE | .(...) -- D:\Assasins\ACRSP.exe
1066. O87 - FAEL: "{BDD48FDF-8C0C-4C5B-94B7-E430BE241EB0}" | In - Private - P6 - TRUE | .(...) -- D:\Assasins\ACRMP.exe
1067. O87 - FAEL: "{AD9676E5-B99E-4DD0-B877-F6C00AE6B522}" | In - Private - P17 - TRUE | .(...) -- D:\Assasins\ACRMP.exe
1068. O87 - FAEL: "TCP Query User{2B013ADF-AAE2-4BA1-8AA0-CACE0104C4A6}D:\assasins\acrpr.exe" | In - Public - P6 - TRUE | .(...) -- D:\assasins\acrpr.exe
1069. O87 - FAEL: "UDP Query User{D402C97A-358C-4456-BCA5-53AE3008D266}D:\assasins\acrpr.exe" | In - Public - P17 - TRUE | .(...) -- D:\assasins\acrpr.exe
1070. O87 - FAEL: "TCP Query User{57861DBC-0CFB-4579-8EA9-4F1D54D213DB}D:\assasins\acrsp.exe" | In - Public - P6 - TRUE | .(...) -- D:\assasins\acrsp.exe
1071. O87 - FAEL: "UDP Query User{6D3FB067-E019-4FE8-BB97-C1A5888D989C}D:\assasins\acrsp.exe" | In - Public - P17 - TRUE | .(...) -- D:\assasins\acrsp.exe
1072. O87 - FAEL: "TCP Query User{6A4D17DE-6A77-4DCE-A326-5FE3220B7ACB}C:\users\matteo\desktop\phoenixbot.exe" | In - Private - P6 - TRUE | .(.Pas de propriétaire - PhoenixBot.) -- C:\users\matteo\desktop\phoenixbot.exe
1073. O87 - FAEL: "UDP Query User{F74C9CCD-48C7-40EB-8152-ED55778957CD}C:\users\matteo\desktop\phoenixbot.exe" | In - Private - P17 - TRUE | .(.Pas de propriétaire - PhoenixBot.) -- C:\users\matteo\desktop\phoenixbot.exe
1074. O87 - FAEL: "TCP Query User{0CB6DB7A-2233-452C-8304-43403BB22A4F}C:\program files\sony\vegas pro 12.0\vegas120.exe" | In - Private - P6 - TRUE | .(.Sony Creative Software Inc. - Vegas Pro.) -- C:\program files\sony\vegas pro 12.0\vegas120.exe
1075. O87 - FAEL: "UDP Query User{4BD8C3FA-5768-46A2-B672-9933F05465F4}C:\program files\sony\vegas pro 12.0\vegas120.exe" | In - Private - P17 - TRUE | .(.Sony Creative Software Inc. - Vegas Pro.) -- C:\program files\sony\vegas pro 12.0\vegas120.exe
1076. O87 - FAEL: "{90ABD615-A2A2-494B-983D-5EA7734D857F}" | In - None - P17 - TRUE | .(.Iminent - Iminent.) -- C:\Program Files (x86)\Iminent\Iminent.exe
1077. O87 - FAEL: "{D6F24D4F-C352-4E13-B020-4E0E1DE3EB88}" | In - None - P17 - TRUE | .(.Iminent - Iminent.) -- C:\Program Files (x86)\Iminent\Iminent.Messengers.exe
1078. ~ Firewall: 299 Legitimates Scanned in 00mn 05s
1079.  
1080.  
1081.  
1082. ---\\ Scan Additionnel (O88)
1083. Database Version : v2.11334 - (28/03/2013)
1084. Clés trouvées (Keys found) : 312
1085. Valeurs trouvées (Values found) : 1
1086. Dossiers trouvés (Folders found) : 19
1087. Fichiers trouvés (Files found) : 0
1088.  
1089. [HKLM\Software\Classes\AppID\{01994268-3C10-4044-A1EA-7A9C1B739A11}] =>Adware.IMBooster
1090. [HKLM\Software\Wow6432Node\Classes\AppID\{01994268-3C10-4044-A1EA-7A9C1B739A11}] =>Adware.IMBooster
1091. [HKLM\Software\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}] =>Adware.IMBooster
1092. [HKLM\Software\Wow6432Node\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}] =>Adware.IMBooster
1093. [HKLM\Software\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}] =>Adware.IMBooster
1094. [HKLM\Software\Wow6432Node\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}] =>Adware.IMBooster
1095. [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{05EEB91A-AEF7-4F8A-978F-FB83E7B03F8E}] =>Toolbar.Conduit
1096. [HKLM\Software\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}] =>Adware.IMBooster
1097. [HKLM\Software\Wow6432Node\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}] =>Adware.IMBooster
1098. [HKLM\Software\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}] =>Adware.IMBooster
1099. [HKLM\Software\Wow6432Node\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}] =>Adware.IMBooster
1100. [HKLM\Software\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}] =>PUP.RewardsArcade
1101. [HKLM\Software\Wow6432Node\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}] =>PUP.RewardsArcade
1102. [HKLM\Software\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}] =>PUP.RewardsArcade
1103. [HKLM\Software\Wow6432Node\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}] =>PUP.RewardsArcade
1104. [HKLM\Software\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}] =>PUP.RewardsArcade
1105. [HKLM\Software\Wow6432Node\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}] =>PUP.RewardsArcade
1106. [HKLM\Software\Classes\Interface\{1B730ACF-26A3-447B-9994-14AEE0EB72CC}] =>Adware.Bandoo
1107. [HKLM\Software\Wow6432Node\Classes\Interface\{1B730ACF-26A3-447B-9994-14AEE0EB72CC}] =>Adware.Bandoo
1108. [HKLM\Software\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}] =>PUP.RewardsArcade
1109. [HKLM\Software\Wow6432Node\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}] =>PUP.RewardsArcade
1110. [HKLM\Software\Classes\TypeLib\{2BF2028E-3F3C-4C05-AB45-B2F1DCFE0759}] =>PUP.RewardsArcade
1111. [HKLM\Software\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}] =>PUP.RewardsArcade
1112. [HKLM\Software\Wow6432Node\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}] =>PUP.RewardsArcade
1113. [HKLM\Software\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}] =>PUP.RewardsArcade
1114. [HKLM\Software\Wow6432Node\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}] =>PUP.RewardsArcade
1115. [HKLM\Software\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}] =>PUP.RewardsArcade
1116. [HKLM\Software\Wow6432Node\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}] =>PUP.RewardsArcade
1117. [HKLM\Software\Classes\Interface\{44B619BC-3D2B-4990-AA4F-9AA366921792}] =>Adware.Bandoo
1118. [HKLM\Software\Wow6432Node\Classes\Interface\{44B619BC-3D2B-4990-AA4F-9AA366921792}] =>Adware.Bandoo
1119. [HKLM\Software\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}] =>PUP.RewardsArcade
1120. [HKLM\Software\Wow6432Node\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}] =>PUP.RewardsArcade
1121. [HKLM\Software\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}] =>PUP.RewardsArcade
1122. [HKLM\Software\Wow6432Node\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}] =>PUP.RewardsArcade
1123. [HKLM\Software\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}] =>PUP.RewardsArcade
1124. [HKLM\Software\Wow6432Node\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}] =>PUP.RewardsArcade
1125. [HKLM\Software\Classes\TypeLib\{5B4144E1-B61D-495A-9A50-CD1A95D86D15}] =>Adware.Bandoo
1126. [HKLM\Software\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}] =>PUP.RewardsArcade
1127. [HKLM\Software\Wow6432Node\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}] =>PUP.RewardsArcade
1128. [HKLM\Software\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}] =>PUP.RewardsArcade
1129. [HKLM\Software\Wow6432Node\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}] =>PUP.RewardsArcade
1130. [HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68B81CCD-A80C-4060-8947-5AE69ED01199}] =>Adware.IMBooster
1131. [HKLM\Software\Classes\TypeLib\{6A4BCABA-C437-4C76-A54E-AF31B8A76CB9}] =>Adware.Bandoo
1132. [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6E13D095-45C3-4271-9475-F3B48227DD9F}] =>Adware.Zugo
1133. [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{6E13D095-45C3-4271-9475-F3B48227DD9F}] =>Adware.Zugo
1134. [HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6E13D095-45C3-4271-9475-F3B48227DD9F}] =>Adware.Zugo
1135. [HKLM\Software\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}] =>PUP.RewardsArcade
1136. [HKLM\Software\Wow6432Node\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}] =>PUP.RewardsArcade
1137. [HKLM\Software\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}] =>PUP.RewardsArcade
1138. [HKLM\Software\Wow6432Node\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}] =>PUP.RewardsArcade
1139. [HKLM\Software\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}] =>PUP.RewardsArcade
1140. [HKLM\Software\Wow6432Node\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}] =>PUP.RewardsArcade
1141. [HKLM\Software\Classes\TypeLib\{841D5A49-E48D-413C-9C28-EB3D9081D705}] =>Adware.Bandoo
1142. [HKLM\Software\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}] =>PUP.RewardsArcade
1143. [HKLM\Software\Wow6432Node\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}] =>PUP.RewardsArcade
1144. [HKLM\Software\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}] =>Toolbar.Skype
1145. [HKLM\Software\Microsoft\Internet Explorer\extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}] =>Toolbar.Skype
1146. [HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}] =>Toolbar.Skype
1147. [HKLM\Software\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}] =>PUP.RewardsArcade
1148. [HKLM\Software\Wow6432Node\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}] =>PUP.RewardsArcade
1149. [HKLM\Software\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}] =>PUP.RewardsArcade
1150. [HKLM\Software\Wow6432Node\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}] =>PUP.RewardsArcade
1151. [HKLM\Software\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}] =>PUP.RewardsArcade
1152. [HKLM\Software\Wow6432Node\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}] =>PUP.RewardsArcade
1153. [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{99079A25-328F-4BD4-BE04-00955ACAA0A7}] =>Adware.Bandoo
1154. [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{99079A25-328F-4BD4-BE04-00955ACAA0A7}] =>Adware.Bandoo
1155. [HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{99079A25-328F-4BD4-BE04-00955ACAA0A7}] =>Adware.Bandoo
1156. [HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{99079A25-328F-4BD4-BE04-00955ACAA0A7}] =>Adware.Bandoo
1157. [HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2410}] =>Adware.Bandoo
1158. [HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2410}] =>Adware.Bandoo
1159. [HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2410}] =>Adware.Bandoo
1160. [HKLM\Software\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}] =>PUP.RewardsArcade
1161. [HKLM\Software\Wow6432Node\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}] =>PUP.RewardsArcade
1162. [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9D717F81-9148-4F12-8568-69135F087DB0}] =>Adware.Bandoo
1163. [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{9D717F81-9148-4F12-8568-69135F087DB0}] =>Adware.Bandoo
1164. [HKLM\Software\Classes\CLSID\{9D717F81-9148-4F12-8568-69135F087DB0}] =>Adware.Bandoo
1165. [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9D717F81-9148-4F12-8568-69135F087DB0}] =>Adware.Bandoo
1166. [HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9D717F81-9148-4F12-8568-69135F087DB0}] =>Adware.Bandoo
1167. [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}] =>Adware.IMBooster
1168. [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}] =>Adware.IMBooster
1169. [HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}] =>Adware.IMBooster
1170. [HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0388404D-6072-4CEB-B521-8F090FEAEE57}] =>Toolbar.Agent
1171. [HKLM\Software\Classes\CLSID\{A40DC6C5-79D0-4ca8-A185-8FF989AF1115}] =>Adware.Bandoo
1172. [HKLM\Software\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}] =>PUP.RewardsArcade
1173. [HKLM\Software\Wow6432Node\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}] =>PUP.RewardsArcade
1174. [HKLM\Software\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}] =>PUP.RewardsArcade
1175. [HKLM\Software\Wow6432Node\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}] =>PUP.RewardsArcade
1176. [HKLM\Software\Classes\TypeLib\{A9CAF365-EA35-45DA-BD8B-2EFA09D374AC}] =>Adware.IMBooster
1177. [HKLM\Software\Classes\AppID\{AC662AF2-4601-4A68-84DF-A3FE83F1A5F9}] =>Adware.Bandoo
1178. [HKLM\Software\Wow6432Node\Classes\AppID\{AC662AF2-4601-4A68-84DF-A3FE83F1A5F9}] =>Adware.Bandoo
1179. [HKLM\Software\Classes\Interface\{ACA608DB-A210-4253-B799-3FD24E9A7BF5}] =>Adware.IMBooster
1180. [HKLM\Software\Wow6432Node\Classes\Interface\{ACA608DB-A210-4253-B799-3FD24E9A7BF5}] =>Adware.IMBooster
1181. [HKLM\Software\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}] =>PUP.RewardsArcade
1182. [HKLM\Software\Wow6432Node\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}] =>PUP.RewardsArcade
1183. [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}] =>Toolbar.Skype
1184. [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}] =>Toolbar.Skype
1185. [HKLM\Software\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}] =>Toolbar.Skype
1186. [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}] =>Toolbar.Skype
1187. [HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}] =>Toolbar.Skype
1188. [HKLM\Software\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}] =>PUP.RewardsArcade
1189. [HKLM\Software\Wow6432Node\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}] =>PUP.RewardsArcade
1190. [HKLM\Software\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}] =>PUP.RewardsArcade
1191. [HKLM\Software\Wow6432Node\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}] =>PUP.RewardsArcade
1192. [HKLM\Software\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}] =>PUP.RewardsArcade
1193. [HKLM\Software\Wow6432Node\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}] =>PUP.RewardsArcade
1194. [HKLM\Software\Classes\Interface\{C58D664A-3DBC-4925-AE74-0382007DF113}] =>Adware.IMBooster
1195. [HKLM\Software\Wow6432Node\Classes\Interface\{C58D664A-3DBC-4925-AE74-0382007DF113}] =>Adware.IMBooster
1196. [HKLM\Software\Classes\Interface\{C776D7F4-BA85-4B75-AAFC-3A0A11FE6E36}] =>Adware.IMBooster
1197. [HKLM\Software\Wow6432Node\Classes\Interface\{C776D7F4-BA85-4B75-AAFC-3A0A11FE6E36}] =>Adware.IMBooster
1198. [HKLM\Software\Classes\CLSID\{CC1AC828-BB47-4361-AFB5-96EEE259DD87}] =>Adware.Bandoo
1199. [HKLM\Software\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}] =>PUP.RewardsArcade
1200. [HKLM\Software\Wow6432Node\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}] =>PUP.RewardsArcade
1201. [HKLM\Software\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}] =>PUP.RewardsArcade
1202. [HKLM\Software\Wow6432Node\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}] =>PUP.RewardsArcade
1203. [HKLM\Software\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}] =>PUP.RewardsArcade
1204. [HKLM\Software\Wow6432Node\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}] =>PUP.RewardsArcade
1205. [HKLM\Software\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}] =>PUP.RewardsArcade
1206. [HKLM\Software\Wow6432Node\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}] =>PUP.RewardsArcade
1207. [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}] =>Adware.AskSBAR
1208. [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}] =>Adware.AskSBAR
1209. [HKLM\Software\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}] =>PUP.RewardsArcade
1210. [HKLM\Software\Wow6432Node\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}] =>PUP.RewardsArcade
1211. [HKLM\Software\Classes\AppID\{D97A8234-F2A2-4AD4-91D5-FECDB2C553AF}] =>Adware.Bandoo
1212. [HKLM\Software\Wow6432Node\Classes\AppID\{D97A8234-F2A2-4AD4-91D5-FECDB2C553AF}] =>Adware.Bandoo
1213. [HKLM\Software\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}] =>PUP.RewardsArcade
1214. [HKLM\Software\Wow6432Node\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}] =>PUP.RewardsArcade
1215. [HKLM\Software\Classes\TypeLib\{DB538320-D3C5-433C-BCA9-C4081A054FCF}] =>PUP.RewardsArcade
1216. [HKLM\Software\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}] =>PUP.RewardsArcade
1217. [HKLM\Software\Wow6432Node\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}] =>PUP.RewardsArcade
1218. [HKLM\Software\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}] =>PUP.RewardsArcade
1219. [HKLM\Software\Wow6432Node\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}] =>PUP.RewardsArcade
1220. [HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48d2-9061-8BBD4899EB08}] =>Adware.IMBooster
1221. [HKLM\Software\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}] =>PUP.RewardsArcade
1222. [HKLM\Software\Wow6432Node\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}] =>PUP.RewardsArcade
1223. [HKLM\Software\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}] =>PUP.RewardsArcade
1224. [HKLM\Software\Wow6432Node\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}] =>PUP.RewardsArcade
1225. [HKLM\Software\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}] =>PUP.RewardsArcade
1226. [HKLM\Software\Wow6432Node\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}] =>PUP.RewardsArcade
1227. [HKLM\Software\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}] =>PUP.RewardsArcade
1228. [HKLM\Software\Wow6432Node\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}] =>PUP.RewardsArcade
1229. [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}] =>Trojan.Adclicker
1230. [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}] =>Trojan.Adclicker
1231. [HKLM\Software\Classes\CLSID\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}] =>Trojan.Adclicker
1232. [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}] =>Trojan.Adclicker
1233. [HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}] =>Trojan.Adclicker
1234. [HKLM\Software\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}] =>PUP.RewardsArcade
1235. [HKLM\Software\Wow6432Node\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}] =>PUP.RewardsArcade
1236. [HKLM\Software\Classes\CLSID\{FEFD3AF5-A346-4451-AA23-A3AD54915515}] =>Adware.Bandoo
1237. [HKLM\Software\Classes\AppID\BrowserConnection.dll] =>Adware.Bandoo
1238. [HKLM\Software\Classes\AppID\DNSBHO.dll] =>Adware.Bandoo
1239. [HKLM\Software\Classes\AppID\Toolbar.DLL] =>Toolbar.Agent
1240. [HKLM\Software\Wow6432Node\Microsoft\Tracing\BingBar_RASMANCS] =>Toolbar.Bing
1241. [HKLM\Software\Classes\BrowserConnection.Loader] =>Adware.Bandoo
1242. [HKLM\Software\Classes\BrowserConnection.Loader.1] =>Adware.Bandoo
1243. [HKLM\Software\Classes\DnsBHO.BHO] =>Adware.Bandoo
1244. [HKLM\Software\Classes\DnsBHO.BHO.1] =>Adware.Bandoo
1245. [HKLM\Software\Classes\SearchQUIEHelper.DNSGuard] =>Adware.Bandoo
1246. [HKLM\Software\Classes\SearchQUIEHelper.DNSGuard.1] =>Adware.Bandoo
1247. [HKLM\Software\Wow6432Node\Google\Chrome\Extensions\paoponfhfdfnjgddpnpjkambkcgdaaib] =>Toolbar.Conduit
1248. [HKLM\SYSTEM\CurrentControlSet\Services\HssSrv] =>Toolbar.Agent
1249. [HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\HssSrv] =>Toolbar.Agent
1250. [HKCU\Software\1ClickDownload] =>PUP.1ClickDownloader
1251. [HKCU\Software\APN PIP] =>Toolbar.Ask
1252. [HKCU\Software\DataMngr] =>Adware.Bandoo
1253. [HKLM\Software\DataMngr] =>Adware.Bandoo
1254. [HKLM\Software\Wow6432Node\DataMngr] =>Adware.Bandoo
1255. [HKCU\Software\DataMngr_Toolbar] =>Toolbar.Agent
1256. [HKCU\Software\DC3_FEXEC] =>Backdoor.Fynloski
1257. [HKCU\Software\IGagnant] =>Toolbar.Agent
1258. [HKCU\Software\Iminent] =>Adware.IMBooster
1259. [HKLM\Software\Wow6432Node\Iminent] =>Adware.IMBooster
1260. [HKLM\Software\Wow6432Node\PIP] =>Toolbar.Ask
1261. [HKLM\Software\Wow6432Node\SearchquMediabarTb] =>Adware.Bandoo
1262. [HKCU\Software\AppDataLow\Software\searchqutoolbar] =>Adware.Bandoo
1263. [HKCU\Software\Softonic] =>Toolbar.Conduit
1264. [HKCU\Software\Zugo] =>Adware.Zugo
1265. [HKLM\Software\Wow6432Node\Microsoft\Tracing\Iminent_RASAPI32] =>Adware.Bandoo
1266. [HKLM\Software\Wow6432Node\Microsoft\Tracing\Iminent_RASMANCS] =>Adware.Bandoo
1267. [HKLM\Software\Wow6432Node\Microsoft\Tracing\SearchquMediaBar_RASAPI32] =>Adware.Bandoo
1268. [HKLM\Software\Wow6432Node\Microsoft\Tracing\SearchquMediaBar_RASMANCS] =>Adware.Bandoo
1269. [HKLM\Software\Wow6432Node\Microsoft\Tracing\SetupDataMngr_Searchqu_RASAPI32] =>Adware.Bandoo
1270. [HKLM\Software\Wow6432Node\Microsoft\Tracing\SetupDataMngr_Searchqu_RASMANCS] =>Adware.Bandoo
1271. [HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{1E03DB52-D5CB-4338-A338-E526DD4D4DB1}] =>Toolbar.Bing
1272. [HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\IMBoosterARP] =>Adware.IMBooster
1273. [HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\SearchTheWebARP] =>Adware.IMBooster
1274. [HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\StartNow Toolbar] =>Adware.Zugo
1275. [HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Windows Searchqu Toolbar] =>Adware.Bandoo
1276. [HKLM\Software\Classes\Prod.cap] =>Toolbar.Babylon
1277. [HKLM\Software\Wow6432Node\Microsoft\Tracing\BingBar_RASAPI32] =>Toolbar.Bing
1278. [HKLM\Software\Classes\Installer\Features\25BD30E1BC5D83343A835E62DDD4D41B] =>Toolbar.Agent
1279. [HKLM\Software\Classes\Installer\Products\25BD30E1BC5D83343A835E62DDD4D41B] =>Toolbar.Agent
1280. [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\25BD30E1BC5D83343A835E62DDD4D41B] =>Toolbar.Agent
1281. [HKLM\Software\Wow6432Node\Classes\Installer\Features\25BD30E1BC5D83343A835E62DDD4D41B] =>Toolbar.Agent
1282. [HKLM\Software\Wow6432Node\Classes\Installer\Products\25BD30E1BC5D83343A835E62DDD4D41B] =>Toolbar.Agent
1283. [HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\1ClickDownload] =>PUP.1ClickDownloader
1284. [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375] =>Toolbar.Agent
1285. [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5] =>Toolbar.Agent
1286. [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{5911488E-9D1E-40EC-8CBB-06B231CC153F}] =>Adware.Zugo
1287. [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{5911488E-9D1E-40EC-8CBB-06B231CC153F}] =>Adware.Zugo
1288. [HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{118D6CE9-5F18-42F9-958A-14676A629FDE}] =>Adware.IMBooster
1289. [HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}] =>Toolbar.Bing
1290. [HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}] =>Toolbar.Bing
1291. [HKLM\Software\Classes\Installer\Features\9EC6D81181F59F2459A84176A626F9ED] =>Adware.IMBooster
1292. [HKLM\Software\Classes\Installer\Products\9EC6D81181F59F2459A84176A626F9ED] =>Adware.IMBooster
1293. [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\9EC6D81181F59F2459A84176A626F9ED] =>Adware.IMBooster
1294. [HKLM\Software\Wow6432Node\Classes\Installer\Features\9EC6D81181F59F2459A84176A626F9ED] =>Adware.IMBooster
1295. [HKLM\Software\Wow6432Node\Classes\Installer\Products\9EC6D81181F59F2459A84176A626F9ED] =>Adware.IMBooster
1296. [HKLM\Software\Classes\iminent] =>Adware.IMBooster
1297. [HKLM\Software\Classes\Iminent.Business.Tinyfying.DownloadArgs] =>Adware.IMBooster
1298. [HKLM\Software\Classes\Iminent.Business.Tinyfying.LinkToPromoteArgs] =>Adware.IMBooster
1299. [HKLM\Software\Classes\Iminent.Business.Tinyfying.RawDataArgs] =>Adware.IMBooster
1300. [HKLM\Software\Classes\Iminent.Business.Tinyfying.TinyUrlArgs] =>Adware.IMBooster
1301. [HKLM\Software\Classes\Iminent.Business.Tinyfying.ViralLinkArgs] =>Adware.IMBooster
1302. [HKLM\Software\Classes\Iminent.Mediator.Communication.ClientCallback] =>Adware.IMBooster
1303. [HKLM\Software\Classes\Iminent.Mediator.Communication.ContractBase] =>Adware.IMBooster
1304. [HKLM\Software\Classes\Iminent.Mediator.Communication.DataContracts.AddToUserContentCommand] =>Adware.IMBooster
1305. [HKLM\Software\Classes\Iminent.Mediator.Communication.DataContracts.CheckLoginStatusCommand] =>Adware.IMBooster
1306. [HKLM\Software\Classes\Iminent.Mediator.Communication.DataContracts.CleanCacheCommand] =>Adware.IMBooster
1307. [HKLM\Software\Classes\Iminent.Mediator.Communication.DataContracts.GameOverCallback] =>Adware.IMBooster
1308. [HKLM\Software\Classes\Iminent.Mediator.Communication.DataContracts.GetCreditCommand] =>Adware.IMBooster
1309. [HKLM\Software\Classes\Iminent.Mediator.Communication.DataContracts.GetInstallationContextCommand] =>Adware.IMBooster
1310. [HKLM\Software\Classes\Iminent.Mediator.Communication.DataContracts.GetLoginStatusCommand] =>Adware.IMBooster
1311. [HKLM\Software\Classes\Iminent.Mediator.Communication.DataContracts.GetLoginStatusResult] =>Adware.IMBooster
1312. [HKLM\Software\Classes\Iminent.Mediator.Communication.DataContracts.GetVariableCommand] =>Adware.IMBooster
1313. [HKLM\Software\Classes\Iminent.Mediator.Communication.DataContracts.GetVariableResult] =>Adware.IMBooster
1314. [HKLM\Software\Classes\Iminent.Mediator.Communication.DataContracts.InstallationContextResult] =>Adware.IMBooster
1315. [HKLM\Software\Classes\Iminent.Mediator.Communication.DataContracts.LoadContentCommand] =>Adware.IMBooster
1316. [HKLM\Software\Classes\Iminent.Mediator.Communication.DataContracts.LoadContentCommandResult] =>Adware.IMBooster
1317. [HKLM\Software\Classes\Iminent.Mediator.Communication.DataContracts.LoginCommand] =>Adware.IMBooster
1318. [HKLM\Software\Classes\Iminent.Mediator.Communication.DataContracts.LoginStatusChangedCallback] =>Adware.IMBooster
1319. [HKLM\Software\Classes\Iminent.Mediator.Communication.DataContracts.LogoutCommand] =>Adware.IMBooster
1320. [HKLM\Software\Classes\Iminent.Mediator.Communication.DataContracts.MergeIdentityCommand] =>Adware.IMBooster
1321. [HKLM\Software\Classes\Iminent.Mediator.Communication.DataContracts.MyAccountCommand] =>Adware.IMBooster
1322. [HKLM\Software\Classes\Iminent.Mediator.Communication.DataContracts.PlayContentCommand] =>Adware.IMBooster
1323. [HKLM\Software\Classes\Iminent.Mediator.Communication.DataContracts.PostContentCallback] =>Adware.IMBooster
1324. [HKLM\Software\Classes\Iminent.Mediator.Communication.DataContracts.RecycleViewsCommand] =>Adware.IMBooster
1325. [HKLM\Software\Classes\Iminent.Mediator.Communication.DataContracts.SetVariableCommand] =>Adware.IMBooster
1326. [HKLM\Software\Classes\Iminent.Mediator.Communication.DataContracts.ShowBrowserWindowCommand] =>Adware.IMBooster
1327. [HKLM\Software\Classes\Iminent.Mediator.Communication.DataContracts.ShowControlCenterCommand] =>Adware.IMBooster
1328. [HKLM\Software\Classes\Iminent.Mediator.Communication.DataContracts.ShowPluginWindowCommand] =>Adware.IMBooster
1329. [HKLM\Software\Classes\Iminent.Mediator.Communication.DataContracts.TestContentCommand] =>Adware.IMBooster
1330. [HKLM\Software\Classes\Iminent.Mediator.Communication.DataContracts.UserContentChangedCallback] =>Adware.IMBooster
1331. [HKLM\Software\Classes\Iminent.Mediator.Communication.DataContracts.VariableChangedCallback] =>Adware.IMBooster
1332. [HKLM\Software\Classes\Iminent.Mediator.Communication.DataContracts.WarmUpCommand] =>Adware.IMBooster
1333. [HKLM\Software\Classes\Iminent.Mediator.Communication.DataContracts.WelcomeCommand] =>Adware.IMBooster
1334. [HKLM\Software\Classes\Iminent.Mediator.Communication.ServerCommand] =>Adware.IMBooster
1335. [HKLM\Software\Classes\Iminent.Mediator.Communication.ServerResult] =>Adware.IMBooster
1336. [HKLM\Software\Classes\Iminent.Mediator.LightContent] =>Adware.IMBooster
1337. [HKLM\Software\Classes\Iminent.Mediator.LightUri] =>Adware.IMBooster
1338. [HKLM\Software\Classes\Iminent.Mediator.MediatorServiceProxy] =>Adware.IMBooster
1339. [HKLM\Software\Classes\IminentWebBooster.ActiveContentHandle.1] =>Adware.IMBooster
1340. [HKLM\Software\Classes\IminentWebBooster.ActiveContentHandler] =>Adware.IMBooster
1341. [HKLM\Software\Classes\IminentWebBooster.BrowserHelperObject] =>Adware.IMBooster
1342. [HKLM\Software\Classes\IminentWebBooster.BrowserHelperObject.1] =>Adware.IMBooster
1343. [HKLM\Software\Classes\IminentWebBooster.ScriptExtender] =>Adware.IMBooster
1344. [HKLM\Software\Classes\IminentWebBooster.ScriptExtender.1] =>Adware.IMBooster
1345. [HKLM\Software\Classes\IminentWebBooster.TinyUrlHandler] =>Adware.IMBooster
1346. [HKLM\Software\Classes\IminentWebBooster.TinyUrlHandler.1] =>Adware.IMBooster
1347. [HKLM\Software\Wow6432Node\Classes\iminent] =>Adware.IMBooster
1348. [HKLM\Software\Wow6432Node\Classes\Iminent.Business.Tinyfying.DownloadArgs] =>Adware.IMBooster
1349. [HKLM\Software\Wow6432Node\Classes\Iminent.Business.Tinyfying.LinkToPromoteArgs] =>Adware.IMBooster
1350. [HKLM\Software\Wow6432Node\Classes\Iminent.Business.Tinyfying.RawDataArgs] =>Adware.IMBooster
1351. [HKLM\Software\Wow6432Node\Classes\Iminent.Business.Tinyfying.TinyUrlArgs] =>Adware.IMBooster
1352. [HKLM\Software\Wow6432Node\Classes\Iminent.Business.Tinyfying.ViralLinkArgs] =>Adware.IMBooster
1353. [HKLM\Software\Wow6432Node\Classes\Iminent.Mediator.Communication.ClientCallback] =>Adware.IMBooster
1354. [HKLM\Software\Wow6432Node\Classes\Iminent.Mediator.Communication.ContractBase] =>Adware.IMBooster
1355. [HKLM\Software\Wow6432Node\Classes\Iminent.Mediator.Communication.DataContracts.AddToUserContentCommand] =>Adware.IMBooster
1356. [HKLM\Software\Wow6432Node\Classes\Iminent.Mediator.Communication.DataContracts.CheckLoginStatusCommand] =>Adware.IMBooster
1357. [HKLM\Software\Wow6432Node\Classes\Iminent.Mediator.Communication.DataContracts.CleanCacheCommand] =>Adware.IMBooster
1358. [HKLM\Software\Wow6432Node\Classes\Iminent.Mediator.Communication.DataContracts.GameOverCallback] =>Adware.IMBooster
1359. [HKLM\Software\Wow6432Node\Classes\Iminent.Mediator.Communication.DataContracts.GetCreditCommand] =>Adware.IMBooster
1360. [HKLM\Software\Wow6432Node\Classes\Iminent.Mediator.Communication.DataContracts.GetInstallationContextCommand] =>Adware.IMBooster
1361. [HKLM\Software\Wow6432Node\Classes\Iminent.Mediator.Communication.DataContracts.GetLoginStatusCommand] =>Adware.IMBooster
1362. [HKLM\Software\Wow6432Node\Classes\Iminent.Mediator.Communication.DataContracts.GetLoginStatusResult] =>Adware.IMBooster
1363. [HKLM\Software\Wow6432Node\Classes\Iminent.Mediator.Communication.DataContracts.GetVariableCommand] =>Adware.IMBooster
1364. [HKLM\Software\Wow6432Node\Classes\Iminent.Mediator.Communication.DataContracts.GetVariableResult] =>Adware.IMBooster
1365. [HKLM\Software\Wow6432Node\Classes\Iminent.Mediator.Communication.DataContracts.InstallationContextResult] =>Adware.IMBooster
1366. [HKLM\Software\Wow6432Node\Classes\Iminent.Mediator.Communication.DataContracts.LoadContentCommand] =>Adware.IMBooster
1367. [HKLM\Software\Wow6432Node\Classes\Iminent.Mediator.Communication.DataContracts.LoadContentCommandResult] =>Adware.IMBooster
1368. [HKLM\Software\Wow6432Node\Classes\Iminent.Mediator.Communication.DataContracts.LoginCommand] =>Adware.IMBooster
1369. [HKLM\Software\Wow6432Node\Classes\Iminent.Mediator.Communication.DataContracts.LoginStatusChangedCallback] =>Adware.IMBooster
1370. [HKLM\Software\Wow6432Node\Classes\Iminent.Mediator.Communication.DataContracts.LogoutCommand] =>Adware.IMBooster
1371. [HKLM\Software\Wow6432Node\Classes\Iminent.Mediator.Communication.DataContracts.MergeIdentityCommand] =>Adware.IMBooster
1372. [HKLM\Software\Wow6432Node\Classes\Iminent.Mediator.Communication.DataContracts.MyAccountCommand] =>Adware.IMBooster
1373. [HKLM\Software\Wow6432Node\Classes\Iminent.Mediator.Communication.DataContracts.PlayContentCommand] =>Adware.IMBooster
1374. [HKLM\Software\Wow6432Node\Classes\Iminent.Mediator.Communication.DataContracts.PostContentCallback] =>Adware.IMBooster
1375. [HKLM\Software\Wow6432Node\Classes\Iminent.Mediator.Communication.DataContracts.RecycleViewsCommand] =>Adware.IMBooster
1376. [HKLM\Software\Wow6432Node\Classes\Iminent.Mediator.Communication.DataContracts.SetVariableCommand] =>Adware.IMBooster
1377. [HKLM\Software\Wow6432Node\Classes\Iminent.Mediator.Communication.DataContracts.ShowBrowserWindowCommand] =>Adware.IMBooster
1378. [HKLM\Software\Wow6432Node\Classes\Iminent.Mediator.Communication.DataContracts.ShowControlCenterCommand] =>Adware.IMBooster
1379. [HKLM\Software\Wow6432Node\Classes\Iminent.Mediator.Communication.DataContracts.ShowPluginWindowCommand] =>Adware.IMBooster
1380. [HKLM\Software\Wow6432Node\Classes\Iminent.Mediator.Communication.DataContracts.TestContentCommand] =>Adware.IMBooster
1381. [HKLM\Software\Wow6432Node\Classes\Iminent.Mediator.Communication.DataContracts.UserContentChangedCallback] =>Adware.IMBooster
1382. [HKLM\Software\Wow6432Node\Classes\Iminent.Mediator.Communication.DataContracts.VariableChangedCallback] =>Adware.IMBooster
1383. [HKLM\Software\Wow6432Node\Classes\Iminent.Mediator.Communication.DataContracts.WarmUpCommand] =>Adware.IMBooster
1384. [HKLM\Software\Wow6432Node\Classes\Iminent.Mediator.Communication.DataContracts.WelcomeCommand] =>Adware.IMBooster
1385. [HKLM\Software\Wow6432Node\Classes\Iminent.Mediator.Communication.ServerCommand] =>Adware.IMBooster
1386. [HKLM\Software\Wow6432Node\Classes\Iminent.Mediator.Communication.ServerResult] =>Adware.IMBooster
1387. [HKLM\Software\Wow6432Node\Classes\Iminent.Mediator.LightContent] =>Adware.IMBooster
1388. [HKLM\Software\Wow6432Node\Classes\Iminent.Mediator.LightUri] =>Adware.IMBooster
1389. [HKLM\Software\Wow6432Node\Classes\Iminent.Mediator.MediatorServiceProxy] =>Adware.IMBooster
1390. [HKLM\Software\Wow6432Node\Classes\IminentWebBooster.ActiveContentHandle.1] =>Adware.IMBooster
1391. [HKLM\Software\Wow6432Node\Classes\IminentWebBooster.ActiveContentHandler] =>Adware.IMBooster
1392. [HKLM\Software\Wow6432Node\Classes\IminentWebBooster.BrowserHelperObject] =>Adware.IMBooster
1393. [HKLM\Software\Wow6432Node\Classes\IminentWebBooster.BrowserHelperObject.1] =>Adware.IMBooster
1394. [HKLM\Software\Wow6432Node\Classes\IminentWebBooster.ScriptExtender] =>Adware.IMBooster
1395. [HKLM\Software\Wow6432Node\Classes\IminentWebBooster.ScriptExtender.1] =>Adware.IMBooster
1396. [HKLM\Software\Wow6432Node\Classes\IminentWebBooster.TinyUrlHandler] =>Adware.IMBooster
1397. [HKLM\Software\Wow6432Node\Classes\IminentWebBooster.TinyUrlHandler.1] =>Adware.IMBooster
1398. [HKLM\Software\Wow6432Node\Classes\SearchQUIEHelper.DNSGuard] =>Adware.Bandoo
1399. [HKLM\Software\Wow6432Node\Classes\SearchQUIEHelper.DNSGuard.1] =>Adware.Bandoo
1400. [HKLM\Software\Classes\AppID\Iminent.WebBooster.InternetExplorer.DLL] =>Adware.IMBooster
1401. [HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Toolbar]:{99079A25-328F-4BD4-BE04-00955ACAA0A7} =>Adware.Bandoo
1402. C:\Program Files (x86)\Conduit =>Toolbar.Conduit
1403. C:\Program Files (x86)\Iminent =>Adware.IMBooster
1404. C:\Program Files (x86)\StartNow Toolbar =>Adware.Zugo
1405. C:\Program Files (x86)\Windows Searchqu Toolbar =>Adware.Bandoo
1406. C:\Program Files (x86)\torntv.com =>Hijacker.TornTV
1407. C:\Program Files (x86)\Common Files\Umbrella =>Adware.IMBooster
1408. C:\ProgramData\Babylon =>Toolbar.Babylon
1409. C:\ProgramData\Iminent =>Adware.IMBooster
1410. C:\ProgramData\Partner =>Spyware.Partner
1411. C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Iminent =>Adware.IMBooster
1412. C:\Users\Matteo\AppData\Roaming\Babylon =>Toolbar.Babylon
1413. C:\Users\Matteo\AppData\Roaming\Iminent =>Adware.IMBooster
1414. C:\Users\Matteo\AppData\Local\Babylon =>Toolbar.Babylon
1415. C:\Users\Matteo\AppData\Local\Conduit =>Toolbar.Conduit
1416. C:\Users\Matteo\AppData\LocalLow\Conduit =>Toolbar.Conduit
1417. C:\Users\Matteo\AppData\LocalLow\searchquband =>Adware.Bandoo
1418. C:\Users\Matteo\AppData\LocalLow\searchqutoolbar =>Adware.Bandoo
1419. C:\Users\Matteo\AppData\Local\Temp\Iminent =>Adware.IMBooster
1420. C:\Users\Matteo\AppData\Local\Google\Chrome\User Data\Default\Extensions\jbpkiefagocgkmemidfngdkamloieekf =>Hijacker.TornTV
1421. ~ Additionnel: Scanned in 00mn 16s
1422.  
1423.  
1424.  
1425. ---\\ Product Upgrade Codes (O90)
1426. O90 - PUC: "25BD30E1BC5D83343A835E62DDD4D41B" . (.Bing Bar.) -- C:\Windows\Installer\{1E03DB52-D5CB-4338-A338-E526DD4D4DB1}\icon_installer_ico
1427. O90 - PUC: "2962BE55EFAF2534AADCBA39975EF780" . (.XSplit.) -- C:\Windows\Installer\{55EB2692-FAFE-4352-AACD-AB9379E57F08}\XSplit.Core.exe
1428. O90 - PUC: "33C884396D8DA27438BB7F613053C50F" . (.Magic Bullet Suite 64-bit.) -- C:\Windows\Installer\{93488C33-D8D6-472A-83BB-F71603355CF0}\ARPPRODUCTICON.exe
1429. O90 - PUC: "3EA2121C9BBD563448378FBA7C0BB6BB" . (.Pinnacle Instant DVD Recorder.) -- C:\Windows\Installer\{C1212AE3-DBB9-4365-8473-F8ABC7B06BBB}\ARPPRODUCTICON.exe
1430. O90 - PUC: "7576BF42725026D4E807DF19F34AE214" . (.PrivateTunnel.) -- C:\Windows\Installer\{24FB6757-0527-4D62-8E70-FD913FA42E41}\openvpn.ico
1431. O90 - PUC: "78851BEF2390D2D4BB58A60CF3FBA18A" . (.Pinnacle VideoSpin.) -- C:\Windows\Installer\{FEB15887-0932-4D2D-BB85-6AC03FBF1AA8}\VideoSpin.exe
1432. O90 - PUC: "8794D04A699677C4A934921CD3217BEB" . (.Requiem.) -- C:\Windows\Installer\{A40D4978-6996-4C77-9A43-29C13D12B7BE}\RequiemIcon.ico
1433. O90 - PUC: "8D7961433299E5444BA225E9A599BCA7" . (.syncables desktop SE.) -- C:\Windows\Installer\{341697D8-9923-445E-B42A-529E5A99CB7A}\ARPPRODUCTICON.exe
1434. O90 - PUC: "903DCDCE5F270C64A857CC14614D94C6" . (.Elgato Game Capture HD.) -- C:\Windows\Installer\{ECDCD309-72F5-46C0-8A75-CC4116D4496C}\GameCapture.ico
1435. O90 - PUC: "9EC6D81181F59F2459A84176A626F9ED" . (.Iminent.) -- C:\Windows\Installer\{118D6CE9-5F18-42F9-958A-14676A629FDE}\imbooster.ico
1436. O90 - PUC: "E5E5DF7FC0F31394AAB1AE8B83CB20BD" . (.ACID Pro 7.0.) -- C:\Windows\Installer\{F7FD5E5E-3F0C-4931-AA1B-EAB838BC02DB}\acid70.ico
1437. ~ Update Products: 339 Legitimates Scanned in 00mn 00s
1438.  
1439.  
1440.  
1441. ---\\ MyComputer Name Space (O92)
1442. O92 - MNS: ASUS WebStorage Drive - {d6044399-0b9e-4084-a9ac-c4b7c7800fcf}
1443. O92 - MNS: Flux de photos - {F0D63F85-37EC-4097-B30D-61B4A8917118}
1444. ~ MNS: Scanned in 00mn 00s
1445.  
1446.  
1447.  
1448. ---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
1449. SR - | Auto 27/07/2012 63960 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
1450. SS - | Demand 12/03/2013 253656 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
1451. SR - | Auto 04/03/2011 379520 | (AFBAgent) . (.ASUSTeK Computer Inc..) - C:\Windows\system32\FBAgent.exe
1452. SR - | Auto 29/03/2013 86752 | (AntiVirSchedulerService) . (.Avira Operations GmbH & Co. KG.) - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
1453. SR - | Auto 29/03/2013 110816 | (AntiVirService) . (.Avira Operations GmbH & Co. KG.) - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
1454. SR - | Auto 11/08/2012 55184 | (Apple Mobile Device) . (.Apple Inc..) - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
1455. SR - | Auto 16/06/2009 84536 | (ASLDRService) . (.ASUS.) - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
1456. SR - | Auto 15/12/2009 96896 | (ATKGFNEXSrv) . (.ASUS.) - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
1457. SS - | Demand 02/03/2011 183560 | (BBSvc) . (.Microsoft Corporation..) - C:\Program Files (x86)\Microsoft\BingBar\BBSvc.exe
1458. SR - | Auto 30/08/2011 462184 | (Bonjour Service) . (.Apple Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe
1459. SS - | Demand 04/05/2012 2438696 | (CGVPNCliSrvc) . (.mobile concepts GmbH.) - C:\Program Files\CyberGhost VPN\CGVPNCliService.exe
1460. SR - | Auto 02/05/2011 1517328 | (EvtEng) . (.Intel(R) Corporation.) - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
1461. SS - | Auto 20/09/2012 101376 | (Freemake Improver) . (.Freemake.) - C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
1462. SR - | Auto 07/09/2012 8704 | (FreemakeVideoCapture) . (.Freemake.) - C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe
1463. SS - | Auto 13/04/2011 135664 | (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
1464. SS - | Demand 13/04/2011 135664 | (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
1465. SS - | Demand 23/08/2012 194032 | (gusvc) . (.Google.) - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
1466. SR - | Auto 10/12/2012 2465712 | (Hamachi2Svc) . (.LogMeIn Inc..) - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
1467. SR - | Auto 14/09/2012 511344 | (hshld) . (.AnchorFree Inc..) - C:\Program Files (x86)\Hotspot Shield\bin\openvpnas.exe
1468. SR - | Auto 14/09/2012 412016 | (HssSrv) . (.AnchorFree Inc..) - C:\Program Files (x86)\Hotspot Shield\HssWPR\hsssrv.exe
1469. SS - | Demand 78072 | (HssTrayService) . (...) - C:\Program Files (x86)\Hotspot Shield\bin\HssTrayService.exe
1470. SR - | Auto 388976 | (HssWd) . (...) - C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe
1471. SR - | Demand 12/12/2012 641504 | (iPod Service) . (.Apple Inc..) - C:\Program Files\iPod\bin\iPodService.exe
1472. SS - | Auto 30/12/1899 0 | C:\Windows\System32\libusbd-nt.exe (libusbd) . (.http://libusb-win32.sourceforge.net.) - c:\system32\libusbd-nt.exe
1473. SR - | Auto 14/12/2012 398184 | (MBAMScheduler) . (.Malwarebytes Corporation.) - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
1474. SR - | Auto 14/12/2012 682344 | (MBAMService) . (.Malwarebytes Corporation.) - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
1475. SS - | Demand 12/03/2013 115608 | (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
1476. SS - | Demand 340240 | (MyWiFiDHCPDNS) . (...) - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
1477. SR - | Auto 11/05/2011 1007208 | (NVSvc) . (.NVIDIA Corporation.) - C:\Windows\System32\nvvsvc.exe
1478. SR - | Auto 10/05/2011 2009704 | (nvUpdatusService) . (.NVIDIA Corporation.) - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
1479. SR - | Auto 24064 | (OpenVPNAccessClient) . (...) - C:\Program Files (x86)\OpenVPN Technologies\PrivateTunnel\core\capiws.exe
1480. SR - | Auto 0 | (PnkBstrA) . (...) - C:\Windows\system32\PnkBstrA.exe
1481. SR - | Auto 02/05/2011 844560 | (RegSrvc) . (.Intel(R) Corporation.) - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
1482. SR - | Auto 25/02/2011 249648 | (SeaPort) . (.Microsoft Corporation.) - C:\Program Files (x86)\Microsoft\BingBar\SeaPort.exe
1483. SR - | Auto 02/10/2012 3064000 | (Skype C2C Service) . (.Skype Technologies S.A..) - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
1484. SS - | Auto 08/01/2013 161536 | (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files (x86)\Skype\Updater\Updater.exe
1485. SR - | Auto 25/01/2013 2663976 | (SProtection) . (.Iminent.) - C:\Program Files (x86)\Common Files\Umbrella\umbrella.exe
1486. SS - | Demand 25/02/2013 543144 | (Steam Client Service) . (.Valve Corporation.) - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
1487. SS - | Demand 19/02/2010 517096 | (SwitchBoard) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
1488. SR - | Auto 17/04/2010 134928 | (TurboBoost) . (.Intel(R) Corporation.) - C:\Program Files\Intel\TurboBoost\TurboBoost.exe
1489. SS - | Demand 13/05/2012 18432 | (wampapache) . (.Apache Software Foundation.) - c:\wamp\bin\apache\apache2.2.22\bin\httpd.exe
1490. SS - | Demand 8177664 | (wampmysqld) . (...) - c:\wamp\bin\mysql\mysql5.5.24\bin\mysqld.exe
1491. SR - | Auto 14/07/2009 27136 | C:\Program Files (x86)\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
1492. SR - | Auto 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe
1493. SR - | Auto 14/07/2009 27136 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
1494. ~ Services: Scanned in 00mn 02s
1495.  
1496.  
1497.  
1498. ---\\ Recherche Master Boot Record Infection (MBR)(O80)
1499. Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net
1500. ~ MBR: 1 Legitimates Scanned in 00mn 02s
1501.  
1502.  
1503.  
1504. ---\\ Recherche Master Boot Record Infection (MBRCheck)(O80)
1505. Written by ad13, http://ad13.geekstog
1506. Run by Matteo at 29/03/2013 20:06:01
1507.  
1508. ********* Dump file Name *********
1509. C:\PhysicalDisk0_MBR.bin
1510. ~ MBR: Scanned in 00mn 04s
1511.  
1512.  
1513.  
1514. End of the scan (1513 lines in 10mn 56s)(3)