cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Rapport de ZHPDiag v2013.4.22.135 par Nicolas Coolman, Update du 22/04/2013
Run by Jordy at 23/04/2013 02:05:47
State : Version � jour.
WhiteList : Enable
High Elevated Privileges : OK
UAC : Deactivate by user


---\\ Web Browser
MSIE: Internet Explorer v9.0.8112.16421
MFIE: Mozilla Firefox 15.0.1
GCIE: Google Chrome v26.0.1410.64 (Defaut)

---\\ Windows Product Information
~ Langage: Fran�ais
Windows 7 Home Premium Edition, 64-bit Service Pack 1 (Build 7601)
Windows Server License Manager Script : OK
~ Windows(R) 7, OEM_SLP channel
System Locked Preinstallation (OEM_SLP) : OK
Windows ID Activation : OK
~ Windows Partial Key : 7QJB7
Windows License : OK
~ Windows Remaining Initializations Number : 2
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK

---\\ System Protection
Malwarebytes Anti-Malware version 1.75.0.1300
Microsoft Security Client v4.2.0223.1
Windows Defender W7

---\\ System Optimizer
CCleaner v3.23

---\\ Software Update
Adobe Flash Player 11 Plugin
Adobe Reader X
Java 7 Update 21

---\\ System Information
~ Processor: AMD64 Family 18 Model 1 Stepping 0, AuthenticAMD
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 3562 MB (33% free)
System Restore: Activ� (Enable)
System drive C: has 279 GB (62%) free of 450 GB

---\\ Logged in mode
~ Computer Name: ACERASPIRE7560G
~ User Name: Jordy
~ All Users Names: Mcx1-ACERASPIRE7560G, Jordy, HomeGroupUser$, Administrateur,
~ Unselected Option: None
Logged in as Administrator

---\\ Environnement Variables
~ System Unit : C:\
~ %AppData% : C:\Users\Jordy\AppData\Roaming\
~ %Desktop% : C:\Users\Jordy\Desktop\
~ %Favorites% : C:\Users\Jordy\Favorites\
~ %LocalAppData% : C:\Users\Jordy\AppData\Local\
~ %StartMenu% : C:\Users\Jordy\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ DOS/Devices
C:\ Hard drive, Flash drive, Thumb drive (Free 279 Go of 450 Go)
D:\ CD-ROM drive (Not Inserted)



---\\ Security Center & Tools Informations
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoClose: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] DisableTaskMgr: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : Out Of Date
~ Security Center: Scanned in 00mn 00s



---\\ Recherche particuli�re de fichiers g�n�riques
[MD5.332FEAB1435662FC6C672E25BEB37BE3] - (.Microsoft Corporation - Explorateur Windows.) (.14/07/2011 - 06:30:29.) -- C:\Windows\Explorer.exe [2871808]
[MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Application de d�marrage de Windows.) (.14/07/2009 - 02:39:52.) -- C:\Windows\System32\Wininit.exe [129024]
[MD5.FA274190682AA41A46B285208ED46A74] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.02/02/2013 - 07:47:19.) -- C:\Windows\System32\wininet.dll [1392128]
[MD5.1151B1BAA6F350B1DB6598E0FEA7C457] - (.Microsoft Corporation - Application d�ouverture de session Windows.) (.21/11/2010 - 04:24:29.) -- C:\Windows\System32\Winlogon.exe [390656]
[MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Biblioth�que de licences.) (.21/11/2010 - 04:24:16.) -- C:\Windows\System32\sppcomapi.dll [232448]
[MD5.1C7857B62DE5994A75B054A9FD4C3825] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.28/12/2011 - 04:59:24.) -- C:\Windows\system32\Drivers\AFD.sys [498688]
[MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 - 02:52:21.) -- C:\Windows\system32\Drivers\atapi.sys [24128]
[MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.14/07/2009 - 00:19:47.) -- C:\Windows\system32\Drivers\Cdfs.sys [92160]
[MD5.F036CE71586E93D94DAB220D7BDF4416] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.21/11/2010 - 04:23:47.) -- C:\Windows\system32\Drivers\Cdrom.sys [147456]
[MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.21/11/2010 - 04:24:32.) -- C:\Windows\system32\Drivers\DfsC.sys [102400]
[MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.21/11/2010 - 04:23:47.) -- C:\Windows\system32\Drivers\HDAudBus.sys [122368]
[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Pilote de port i8042.) (.14/07/2009 - 00:19:57.) -- C:\Windows\system32\Drivers\i8042prt.sys [105472]
[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.14/07/2009 - 01:10:03.) -- C:\Windows\system32\Drivers\IpNat.sys [116224]
[MD5.A5D9106A73DC88564C825D317CAC68AC] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.14/07/2011 - 06:33:59.) -- C:\Windows\system32\Drivers\MRxSmb.sys [158208]
[MD5.09594D1089C523423B32A4229263F068] - (.Microsoft Corporation - MBT Transport driver.) (.21/11/2010 - 04:23:51.) -- C:\Windows\system32\Drivers\netBT.sys [261632]
[MD5.E453ACF4E7D44E5530B5D5F2B9CA8563] - (.Microsoft Corporation - Pilote du syst�me de fichiers NT.) (.31/08/2012 - 19:19:35.) -- C:\Windows\system32\Drivers\ntfs.sys [1659760]
[MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Pilote de port parall�le.) (.14/07/2009 - 01:00:41.) -- C:\Windows\system32\Drivers\Parport.sys [97280]
[MD5.471815800AE33E6F1C32FB1B97C490CA] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.21/11/2010 - 04:24:33.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [129536]
[MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.14/07/2009 - 01:09:09.) -- C:\Windows\system32\Drivers\smb.sys [93184]
[MD5.DDAD5A7AB24D8B65F8D724F5C20FD806] - (.Microsoft Corporation - TDI Translation Driver.) (.21/11/2010 - 04:24:32.) -- C:\Windows\system32\Drivers\tdx.sys [119296]
[MD5.0D08D2F3B3FF84E433346669B5E0F639] - (.Microsoft Corporation - Pilote de clich� instantan� du volume.) (.21/11/2010 - 04:23:47.) -- C:\Windows\system32\Drivers\volsnap.sys [295808]
~ Generic Processes: Scanned in 00mn 00s



---\\ Etat des fichiers cach�s (Cach�/Total)
~ Mes images (My Pictures) : 1/4
~ Mes musiques (My Musics) : 17/171
~ Mes Videos (My Videos) : 1/4
~ Mes Favoris (My Favorites) : 1/19
~ Mes Documents (My Documents) : 1/34
~ Mon Bureau (My Desktop) : 1/25763
~ Menu demarrer (Programs) : 1/48
~ Hidden Files: Scanned in 00mn 48s



---\\ Processus lanc�s
[MD5.D1D5DAB39DCB4BE0359943738D87409B] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe [532040] [PID.2236]
[MD5.D5D8D0D64F410B9F05E2BC00EC92EFC2] - (.CyberLink Corp. - clear.fi Resident Program.) -- C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe [120104] [PID.3468]
[MD5.4611572CFCF1B4EED470582D3FAC88A7] - (.Microsoft Corporation - Microsoft LifeCam Device Application.) -- C:\Windows\vVX1000.exe [762224] [PID.3276]
[MD5.61B6FB932CF78CAB7A1EF9F118A1A38E] - (.CyberLink - DMREngine.) -- C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe [169352] [PID.3592]
[MD5.AAB979089E192ACC0FE1E3C018F8B591] - (.Akamai Technologies, Inc. - Akamai NetSession Client.) -- C:\Users\Jordy\AppData\Local\Akamai\netsession_win.exe [4480768] [PID.3956]
[MD5.0D360F06B168A6F37ACA9D9F958245DA] - (.NTI Corporation - Acer Backup Manager.) -- C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe [297280] [PID.4372]
[MD5.D474767D4805CEF801AF6D4AEED1F9E3] - (.CyberLink Corp. - clear.fi Movie Resident Program.) -- C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe [177448] [PID.4556]
[MD5.AD8BD96B41C40AC36D803DF267B26EF0] - (.LogMeIn Inc. - Hamachi Client Application.) -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [2254768] [PID.4196]
[MD5.81800928E0F713DF31F3393CC26F4013] - (.Pas de propri�taire - DivX Update.) -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1263952] [PID.4512]
[MD5.523AF55BD9280CF296653912EF75DD0B] - (.BlueStack Systems, Inc. - BlueStacks Agent.) -- C:\Program Files (x86)\BlueStacks\HD-Agent.exe [601976] [PID.5068]
[MD5.D63797E8E7781EE1500A810CB6194FA6] - (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816] [PID.4724]
[MD5.7E4AD8220AF0B281274F9785DD53E25C] - (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe [18642024] [PID.7032]
[MD5.4E9592BB2C100E571F82640E59E9ECD5] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1312720] [PID.3360]
[MD5.F89D2B0AD1A0ECD767923E7471C05142] - (...) -- C:\Program Files (x86)\Dofus2.0\app\UpLauncher.exe [3944312] [PID.5504]
[MD5.01CEB56BA2DFEAEEF9EE5EFC3AC3A93A] - (...) -- C:\Program Files (x86)\Dofus2.0\app\DofusMod.exe [142336] [PID.1920]
[MD5.107EA4E532DD44BBDA04DEC24E0CD103] - (...) -- C:\Program Files (x86)\Dofus2.0\app\reg\Reg.exe [95232] [PID.6448]
[MD5.858E13176C6332EC966E2299BDD870D0] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [6961664] [PID.6412]
[MD5.3927397AC60D943DAF8808AFFED582B7] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [65192] [PID.1944]
[MD5.D9BD54860A00FE88B660D26E66EB075A] - (.BlueStack Systems, Inc. - BlueStacks Log Rotator Service.) -- C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [384888] [PID.1368]
[MD5.9DD3A22F804697606C2B7FF9E912FF6B] - (.Dritek System Inc. - Dritek WMI Service.) -- C:\Program Files (x86)\Launch Manager\dsiwmis.exe [353360] [PID.1908]
[MD5.C9B2D1D3F86FD3673EF847DEF73B6F9E] - (.Acer Incorporated - Global Registration Service.) -- C:\Program Files (x86)\Acer\Registration\GREGsvc.exe [36456] [PID.1888]
[MD5.93B73DED2BC688F140C6AE2FBAD45789] - (.Acer Incorporated - Updater Service.) -- C:\Program Files\Acer\Acer Updater\UpdaterService.exe [255376] [PID.1464]
[MD5.21ACFD2B4BF6C0F4D9080A437E400E88] - (.Dritek System Inc. - Launch Manager utility process.) -- C:\Program Files (x86)\Launch Manager\LMutilps32.exe [418896] [PID.2092]
[MD5.65085456FD9A74D7F1A999520C299ECB] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376] [PID.2112]
[MD5.E0D7732F2D2E24B2DB3F67B6750295B8] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512] [PID.2132]
[MD5.1873214666F6F0A883742DF91FBC48C9] - (.NTI Corporation - Backup Manager Module.) -- C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [256832] [PID.2180]
[MD5.6B1B2F8D62D606B200C2072564090104] - (.TeamViewer GmbH - TeamViewer 8.) -- C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [3560288] [PID.2328]
[MD5.173BBAE8027339608CBD5C5369BCDDDD] - (.BlueStack Systems, Inc. - BlueStacks Service.) -- C:\Program Files (x86)\BlueStacks\HD-Service.exe [393080] [PID.2684]
[MD5.8319754775B1B890189A7EE28F094840] - (.BlueStack Systems - BlueStacks Network Helper Process.) -- C:\Program Files (x86)\BlueStacks\HD-Network.exe [376696] [PID.2492]
[MD5.D554334E42962E07D8EE72398FA03368] - (.BlueStack Systems - BlueStacks Block Device Helper Process.) -- C:\Program Files (x86)\BlueStacks\HD-BlockDevice.exe [260472] [PID.2964]
[MD5.40F10A427CB6F607F8222AF691C87FEB] - (.BlueStack Systems - BlueStacks Shared Folder Helper Process.) -- C:\Program Files (x86)\BlueStacks\HD-SharedFolder.exe [366456] [PID.2868]
~ Processes Running: Scanned in 00mn 03s



---\\ Google Chrome, D�marrage,Recherche,Extensions (G0,G1,G2)
C:\Users\Jordy\AppData\Local\Google\Chrome\User Data\Default\Preferences
G1 - GCS: Preference [User Data\Default] None
~ Google Browser: Scanned in 00mn 00s



---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
C:\Users\Jordy\AppData\Roaming\Mozilla\Firefox\Profiles\hc5yo5kr.default\prefs.js
M2 - MFEP: prefs.js [Jordy - hc5yo5kr.default\crossriderapp3847@crossrider.com] [] Color My Facebook v (..) =>PUP.CrossRider
M2 - MFEP: prefs.js [Jordy - hc5yo5kr.default\OneClickDownload@OneClickDownload.com] [] OneClickDownloader v1.1 (..)
P2 - FPN: [HKCU] [pandonetworks.com/PandoWebPlugin] - (.Pando Networks - Pando Web Plugin.) -- C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
~ Firefox Browser: 34 Legitimates Filtered in 00mn 00s



---\\ Internet Explorer, D�marrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R4 - HKLM\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 1
R4 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 1
~ IE Browser: 15 Legitimates Filtered in 00mn 00s



---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride =
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s



---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s



---\\ Redirection du fichier Hosts (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 42



---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: Claro LTD Helper Object [64Bits] - {000F18F2-09EB-4A59-82B2-5AE4184C39C3} . (.Montera Technologeis LTD - Pas de description.) -- C:\Program Files (x86)\Claro LTD\claro\1.8.3.10\bh\claro.dll
O2 - BHO: CrossriderApp0003847 [64Bits] - {11111111-1111-1111-1111-110011381147} . (.Duval - Color My Facebook BHO.) -- C:\Program Files (x86)\Color My Facebook\Color My Facebook.dll =>PUP.CrossRider
O2 - BHO: TBSB04240 [64Bits] - {4F37A8FE-00B3-430F-85AA-F97F12E8B651} . (.Pas de propri�taire - IE Toolbar Engine.) -- C:\Program Files (x86)\Force Download Toolbar\tbunsm6E9C.tmp\tbcore3.dll
O2 - BHO: AMD SteadyVideo BHO [64Bits] - {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} . (.Advanced Micro Devices - This plugin allows the user to turn AMD Ste.) -- C:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll
~ BHO: 10 Legitimates Filtered in 00mn 01s



---\\ Applications d�marr�es par registre & par dossier (O4)
O4 - HKLM\..\Run: [ETDCtrl] C:\Program Files (x86)\Elantech\ETDCtrl.exe (.not file.)
O4 - HKLM\..\Run: [Power Management] . (.Acer Incorporated - ePowerTray.) -- C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] . (.Adobe Systems Incorporated - Adobe Updater Startup Utility.) -- C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe
O4 - HKLM\..\Run: [MSC] . (.Microsoft Corporation - Microsoft Security Client User Interface.) -- c:\Program Files\Microsoft Security Client\msseces.exe
O4 - HKLM\..\Run: [VX1000] . (.Microsoft Corporation - Microsoft LifeCam Device Application.) -- C:\Windows\vVX1000.exe
O4 - HKLM\..\Run: [RtHDVCpl] . (.Realtek Semiconductor - Gestionnaire audio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
O4 - HKLM\..\Run: [RtHDVBg_Dolby] . (.Realtek Semiconductor - HD Audio Background Process.) -- C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
O4 - HKCU\..\Run: [AdobeBridge] Cl� orpheline
O4 - HKCU\..\Run: [Akamai NetSession Interface] . (.Akamai Technologies, Inc. - Akamai NetSession Client.) -- C:\Users\Jordy\AppData\Local\Akamai\netsession_win.exe
O4 - HKCU\..\Run: [Xvid] . (...) -- C:\Program Files (x86)\Xvid\CheckUpdate.exe
O4 - HKCU\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe
O4 - HKCU\..\Run: [HP Photosmart 7520 series (NET)] . (.Hewlett-Packard Co. - ScanToPCActivationApp.) -- C:\Program Files\HP\HP Photosmart 7520 series\Bin\ScanToPCActivationApp.exe
O4 - HKCU\..\Run: [Facebook Update] . (.Facebook Inc. - Programme d'installation de Facebook.) -- C:\Users\Jordy\AppData\Local\Facebook\Update\FacebookUpdate.exe
O4 - HKCU\..\Run: [Clownfish] Cl� orpheline
O4 - HKLM\..\Wow6432Node\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
O4 - HKLM\..\Wow6432Node\Run: [BackupManagerTray] . (.NTI Corporation - Acer Backup Manager.) -- C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
O4 - HKLM\..\Wow6432Node\Run: [SuiteTray] . (.Egis Technology Inc. - SuiteTray.) -- C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe
O4 - HKLM\..\Wow6432Node\Run: [ArcadeMovieService] . (.CyberLink Corp. - clear.fi Movie Resident Program.) -- C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe
O4 - HKLM\..\Wow6432Node\Run: [APSDaemon] . (.Apple Inc. - Apple Push.) -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
O4 - HKLM\..\Wow6432Node\Run: [SwitchBoard] . (.Adobe Systems Incorporated - SwitchBoard Server (32 bit).) -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Wow6432Node\Run: [AdobeCS6ServiceManager] . (.Adobe Systems Incorporated - Adobe CS6 Service Manager.) -- C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe
O4 - HKLM\..\Wow6432Node\Run: [QuickTime Task] . (.Apple Inc. - QuickTime Task.) -- C:\Program Files (x86)\QuickTime\QTTask.exe
O4 - HKLM\..\Wow6432Node\Run: [DivXMediaServer] . (.DivX, LLC - DivX DLNA Media Server.) -- C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe
O4 - HKLM\..\Wow6432Node\Run: [LogMeIn Hamachi Ui] . (.LogMeIn Inc. - Hamachi Client Application.) -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
O4 - HKLM\..\Wow6432Node\Run: [DivXUpdate] . (.Pas de propri�taire - DivX Update.) -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
O4 - HKLM\..\Wow6432Node\Run: [BlueStacks Agent] . (.BlueStack Systems, Inc. - BlueStacks Agent.) -- C:\Program Files (x86)\BlueStacks\HD-Agent.exe
O4 - HKLM\..\Wow6432Node\Run: [StartCCC] . (.Advanced Micro Devices, Inc. - Catalyst� Control Center Launcher.) -- C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
O4 - HKLM\..\Wow6432Node\Run: [WsmUpdater] . (.Web Solution Mart - Updater.) -- C:\Program Files (x86)\Web Solution Mart\Fake Webcam Codecs Pack\Updater.exe
O4 - HKLM\..\Wow6432Node\Run: [SunJavaUpdateSched] . (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
O4 - HKUS\S-1-5-18\..\Run: [TELEPHONESURPCAGENT] C:\Program Files (x86)\Orange\Telephone sur PC\TelephoneSurPCAgent.exe (.not file.)
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-19\..\Run: [TELEPHONESURPCAGENT] C:\Program Files (x86)\Orange\Telephone sur PC\TelephoneSurPCAgent.exe (.not file.)
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-20\..\Run: [TELEPHONESURPCAGENT] C:\Program Files (x86)\Orange\Telephone sur PC\TelephoneSurPCAgent.exe (.not file.)
O4 - HKUS\S-1-5-18\..\RunOnce: [IsMyWinLockerReboot] . (.Microsoft Corporation - Installateur Windows�.) -- C:\Windows\System32\msiexec.exe
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe
O4 - HKUS\S-1-5-19\..\RunOnce: [IsMyWinLockerReboot] . (.Microsoft Corporation - Installateur Windows�.) -- C:\Windows\System32\msiexec.exe
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe
O4 - HKUS\S-1-5-20\..\RunOnce: [IsMyWinLockerReboot] . (.Microsoft Corporation - Installateur Windows�.) -- C:\Windows\System32\msiexec.exe
O4 - HKUS\S-1-5-21-2056384228-3841943728-1353220323-1000\..\Run: [AdobeBridge] Cl� orpheline
O4 - HKUS\S-1-5-21-2056384228-3841943728-1353220323-1000\..\Run: [Akamai NetSession Interface] . (.Akamai Technologies, Inc. - Akamai NetSession Client.) -- C:\Users\Jordy\AppData\Local\Akamai\netsession_win.exe
O4 - HKUS\S-1-5-21-2056384228-3841943728-1353220323-1000\..\Run: [Xvid] . (...) -- C:\Program Files (x86)\Xvid\CheckUpdate.exe
O4 - HKUS\S-1-5-21-2056384228-3841943728-1353220323-1000\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe
O4 - HKUS\S-1-5-21-2056384228-3841943728-1353220323-1000\..\Run: [HP Photosmart 7520 series (NET)] . (.Hewlett-Packard Co. - ScanToPCActivationApp.) -- C:\Program Files\HP\HP Photosmart 7520 series\Bin\ScanToPCActivationApp.exe
O4 - HKUS\S-1-5-21-2056384228-3841943728-1353220323-1000\..\Run: [Facebook Update] . (.Facebook Inc. - Programme d'installation de Facebook.) -- C:\Users\Jordy\AppData\Local\Facebook\Update\FacebookUpdate.exe
O4 - HKUS\S-1-5-21-2056384228-3841943728-1353220323-1000\..\Run: [Clownfish] Cl� orpheline
~ Application: Scanned in 00mn 00s



---\\ Autres liens utilisateurs (O4)
O4 - GS\Programs: Microsoft SkyDrive.lnk . (.Microsoft Corporation - Microsoft SkyDrive Setup.) -- C:\Program Files (x86)\Microsoft SkyDrive\SkyDriveSetup.exe
O4 - GS\QuickLaunch: Dofus.lnk . (...) -- C:\Program Files (x86)\Dofus\UpLauncher.exe
O4 - GS\Accessories: Private Character Editor.lnk . (.Microsoft Corporation - �diteur de caract�res priv�s.) -- C:\Windows\system32\eudcedit.exe
O4 - GS\SendTo: Fax Recipient.lnk . (.Microsoft Corporation - Microsoft Windows Fax and Scan.) -- C:\Windows\system32\WFS.exe
O4 - GS\Desktop: Dofus.lnk . (...) -- C:\Program Files (x86)\Dofus\UpLauncher.exe
O4 - GS\Desktop: Dofus2.lnk . (...) -- C:\Program Files (x86)\Dofus2.0\app\UpLauncher.exe
O4 - GS\Desktop: Dofus2Beta.lnk . (...) -- C:\Program Files (x86)\Dofus2Beta\app\UpLauncher.exe
O4 - GS\Desktop: Free AVI to MP4 Converter.lnk . (...) -- C:\Program Files (x86)\DoremiSoft\Free AVI to MP4 Converter\DoremiSoftFreeware.exe (.not file.)
O4 - GS\Desktop: PhotoFiltre Studio X.lnk . (.PhotoFiltre - PhotoFiltre Studio X.) -- C:\Program Files (x86)\PhotoFiltre Studio X\pfstudiox.exe
O4 - GS\Desktop: SkyFall 2.0.lnk . (...) -- C:\Users\Jordy\Desktop\SkyfullLauncher.exe (.not file.)
O4 - GS\TaskBar: ALLCapture Entreprise 3.0.lnk . (.balesio GmbH & Co. KG - ALLCapture Enterprise.) -- C:\Program Files (x86)\ALLCapture Enterprise 3.0\ALLCapture.exe
O4 - GS\TaskBar: CamStudio.lnk . (...) -- C:\Program Files (x86)\CamStudio\Recorder.exe
O4 - GS\TaskBar: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O4 - GS\TaskBar: Skype.lnk . (...) -- C:\Windows\Installer\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}\SkypeIcon.exe
O4 - GS\TaskBar: TeamSpeak 3 Client.lnk . (...) -- C:\Program Files (x86)\TeamSpeak 3 Client\ts3client_win64.exe (.not file.)
O4 - GS\TaskBar: Windows Explorer.lnk . (.Microsoft Corporation - Explorateur Windows.) -- C:\Windows\explorer.exe
O4 - GS\TaskBar: Windows Live Mail.lnk . (.Microsoft Corporation - Windows Live Mail.) -- C:\Program Files (x86)\Windows Live\Mail\wlmail.exe
O4 - GS\Programs: Internet Explorer (64-bit).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\Programs: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\Programs: Microsoft SkyDrive.lnk . (.Microsoft Corporation - Microsoft SkyDrive.) -- C:\Users\Jordy\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
O4 - GS\Programs: RuneScape.lnk . (...) -- C:\Users\Jordy\jagexcache\jagexlauncher\bin\JagexLauncher.exe
O4 - GS\QuickLaunch: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O4 - GS\QuickLaunch: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\QuickLaunch: Sothink SWF Quicker.lnk . (.SourceTec - Sothink SWF Quicker.) -- C:\Program Files (x86)\SourceTec\Sothink SWF Quicker\SWFQuicker.exe
O4 - GS\QuickLaunch: SplitCam.lnk . (.SplitCam Co. - SplitCam Stream Splitter.) -- C:\Program Files (x86)\SplitCam\SplitCam.exe
O4 - GS\QuickLaunch: WampServer.lnk . (.Aestan Software - Aestan Tray Menu.) -- C:\wamp\wampmanager.exe
O4 - GS\Accessories: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\SendTo: Skype.lnk . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe
O4 - GS\Desktop: Adobe After Effects CS6.lnk . (...) -- C:\Program Files (x86)\Adobe\Adobe After Effects CS6\Support Files\AfterFX.exe (.not file.)
O4 - GS\Desktop: Adobe Photoshop CS6 (64 Bit).lnk . (...) -- C:\Program Files (x86)\Adobe\Adobe Photoshop CS6 (64 Bit)\Photoshop.exe (.not file.)
O4 - GS\Desktop: ALLCapture Entreprise 3.0.lnk . (.balesio GmbH & Co. KG - ALLCapture Enterprise.) -- C:\Program Files (x86)\ALLCapture Enterprise 3.0\ALLCapture.exe
O4 - GS\Desktop: Alliance of Valiant Arms.lnk . (.Aeria Games & Entertainment - Ignite Launcher.) -- C:\AeriaGames\AVA\aeria_launcher.exe
O4 - GS\Desktop: Apps.lnk . (...) -- C:\Users\Public\Libraries\Apps.library-ms
O4 - GS\Desktop: Audacity.lnk . (.The Audacity Team - Audacity�, the Free, Cross-Platform Sound E.) -- C:\Program Files (x86)\Audacity\audacity.exe
O4 - GS\Desktop: CamStudio.lnk . (...) -- C:\Program Files (x86)\CamStudio\Recorder.exe
O4 - GS\Desktop: Camtasia Studio�7.lnk . (.TechSmith Corporation - Camtasia Studio.) -- C:\Program Files (x86)\TechSmith\Camtasia Studio 7\CamtasiaStudio.exe
O4 - GS\Desktop: CCleaner.lnk . (...) -- C:\Program Files (x86)\CCleaner\CCleaner64.exe (.not file.)
O4 - GS\Desktop: Cheat Engine.lnk . (...) -- C:\Program Files (x86)\Cheat Engine 6.1\Cheat Engine.exe
O4 - GS\Desktop: clear.fi Tutorial.lnk . (.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe
O4 - GS\Desktop: clear.fi.lnk . (.Acer Incorporated - clear.fi.) -- C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fi.exe
O4 - GS\Desktop: Clownfish.lnk . (.Bogdan Sharkov - Clownfish for Skype.) -- C:\Program Files (x86)\Clownfish\Clownfish.exe
O4 - GS\Desktop: CommView.lnk . (.TamoSoft - CommView Packet Analyzer.) -- C:\Program Files (x86)\CommView\cv.exe
O4 - GS\Desktop: CyberGhost VPN.lnk . (...) -- C:\Program Files (x86)\CyberGhost VPN\CyberGhost.exe (.not file.)
O4 - GS\Desktop: Defraggler.lnk . (...) -- C:\Program Files (x86)\Defraggler\Defraggler64.exe (.not file.)
O4 - GS\Desktop: DivX Movies.lnk . (...) -- C:\Users\Jordy\Videos\DivX Movies
O4 - GS\Desktop: DivX Plus Converter.lnk . (.DivX, Inc. - DivX Converter.) -- C:\Program Files (x86)\DivX\DivX Plus Converter\DivXConverterLauncher.exe
O4 - GS\Desktop: DivX Plus Player.lnk . (...) -- C:\Program Files (x86)\DivX\DivX Plus Player\DivX Plus Player.exe
O4 - GS\Desktop: D�marrer la d�tection.lnk . (...) -- C:\Program Files (x86)\ma-config.com\x64\MCDetection.exe (.not file.)
O4 - GS\Desktop: EasyScan.lnk . (.Micromega Software System - Logiciel d'acquisition d'images par scanner.) -- C:\Program Files (x86)\EasyScan\EasyScan.exe
O4 - GS\Desktop: Elsword.lnk . (...) -- C:\Program Files (x86)\Gameforge4D\Elsword_FR\elsword.exe
O4 - GS\Desktop: Fake Webcam 7.3.lnk . (.Web Solution Mart - Pas de description.) -- C:\Program Files (x86)\Fake Webcam 7.3\7.3.0.0\FakeWebcam.exe
O4 - GS\Desktop: Fraps.lnk . (.Beepa P/L - Fraps.) -- C:\Fraps\fraps.exe
O4 - GS\Desktop: Game Booster 3.lnk . (.IObit - Game Booster.) -- C:\Program Files (x86)\IObit\Game Booster 3\GameBooster.exe
O4 - GS\Desktop: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O4 - GS\Desktop: HP Photosmart 7520 series.lnk . (...) -- C:\Program Files (x86)\HP\HP Photosmart 7520 series\Bin\HP Photosmart 7520 series.exe (.not file.)
O4 - GS\Desktop: Jouer � League of Legends.lnk . (...) -- C:\Riot Games\League of Legends\lol.launcher.exe
O4 - GS\Desktop: LogMeIn Hamachi.lnk . (.LogMeIn Inc. - Hamachi Client Application.) -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
O4 - GS\Desktop: MappyPlus.lnk . (...) -- C:\Windows\Installer\{A62CDADB-9A49-47F5-9ECE-2B2F0C5608DE}\app_icon.ico
O4 - GS\Desktop: Metin2.lnk . (...) -- C:\Program Files (x86)\Metin2\metin2.exe
O4 - GS\Desktop: MouseServer.lnk . (.wifimouse.necta.us - MouseServer.) -- C:\Program Files (x86)\MouseServer\MouseServer.exe
O4 - GS\Desktop: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O4 - GS\Desktop: Mumble.lnk . (.Thorvald Natvig - Mumble - Low-latency VoIP client.) -- C:\Program Files (x86)\Mumble\mumble.exe
O4 - GS\Desktop: Musique XBOX.lnk . (...) -- C:\Users\Jordy\AppData\Roaming\Microsoft\Windows\Libraries\Music.library-ms
O4 - GS\Desktop: My Radiomatisme.lnk . (...) -- C:\Program Files (x86)\My Radiomatisme\My Radiomatisme.exe (.not file.)
O4 - GS\Desktop: Navicat Lite.lnk . (.PremiumSoft CyberTech Ltd. - Navicat.) -- C:\Program Files (x86)\PremiumSoft\Navicat Lite 8.2\navicat.exe
O4 - GS\Desktop: OpenOffice.org 3.4.1.lnk . (.OpenOffice.org - OpenOffice.org 3.4.1.) -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
O4 - GS\Desktop: Ordinateur.lnk - Cl� orpheline
O4 - GS\Desktop: PhotoFiltre 7.lnk . (.Antonio Da Cruz - PhotoFiltre.) -- C:\Program Files (x86)\PhotoFiltre 7\PhotoFiltre7.exe
O4 - GS\Desktop: Pinnacle Studio 15.lnk . (.Pinnacle Systems - Studio program file.) -- C:\Program Files (x86)\Pinnacle\Studio 15\Programs\Studio.exe
O4 - GS\Desktop: Rappelz.lnk . (...) -- C:\Program Files (x86)\gPotato.eu\Rappelz\Launcher.exe (.not file.)
O4 - GS\Desktop: Razer Game Booster.lnk . (.Razer USA Ltd - Game Booster.) -- C:\Program Files (x86)\Razer\Razer Game Booster\GameBooster.exe
O4 - GS\Desktop: Recuva.lnk . (.Piriform Ltd - Recuva.) -- C:\Program Files\Recuva\recuva64.exe
O4 - GS\Desktop: Skype.lnk . (...) -- C:\Windows\Installer\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}\SkypeIcon.exe
O4 - GS\Desktop: Sothink SWF Quicker.lnk . (.SourceTec - Sothink SWF Quicker.) -- C:\Program Files (x86)\SourceTec\Sothink SWF Quicker\SWFQuicker.exe
O4 - GS\Desktop: SplitCam.lnk . (.SplitCam Co. - SplitCam Stream Splitter.) -- C:\Program Files (x86)\SplitCam\SplitCam.exe
O4 - GS\Desktop: Start BlueStacks.lnk . (.BlueStack Systems, Inc. - BlueStacks StartLauncher.) -- C:\Program Files (x86)\BlueStacks\HD-StartLauncher.exe
O4 - GS\Desktop: TeamSpeak 3 Client.lnk . (...) -- C:\Program Files (x86)\TeamSpeak 3 Client\ts3client_win64.exe (.not file.)
O4 - GS\Desktop: TeamViewer 8.lnk . (.TeamViewer GmbH - TeamViewer 8.) -- C:\Program Files (x86)\TeamViewer\Version8\TeamViewer.exe
O4 - GS\Desktop: Vegas Pro 12.0 (64-bit).lnk . (...) -- C:\Program Files (x86)\Sony\Vegas Pro 12.0\vegas120.exe (.not file.)
O4 - GS\Desktop: Windows Live Mail.lnk . (.Microsoft Corporation - Windows Live Mail.) -- C:\Program Files (x86)\Windows Live\Mail\wlmail.exe
O4 - GS\Desktop: Windows Live Messenger.lnk . (.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
O4 - GS\Desktop: Windows Movie Maker 2.6.lnk . (.Microsoft Corporation - Windows Movie Maker.) -- C:\Windows\Installer\{B3DAF54F-DB25-4586-9EF1-96D24BB14088}\MOVIEMK.exe
O4 - GS\Desktop: �Torrent.lnk . (.BitTorrent Inc. - �Torrent.) -- C:\Program Files (x86)\uTorrent\uTorrent.exe
~ Global Startup: Scanned in 00mn 02s



---\\ Boutons situ�s sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: &Envoyer � OneNote [64Bits] - {2670000A-7350-4f3c-8081-5663EE0C6C49} -- C:\Program Files (x86)\MICROS~2\Office14\ONBttnIE.dll (.not file.)
O9 - Extra button: Notes &li�es OneNote [64Bits] - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} -- C:\Program Files (x86)\MICROS~2\Office14\ONBTTN~1.dll (.not file.)
~ IE Extra Buttons: Scanned in 00mn 00s



---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{FC9E2CEB-2AB1-427E-8806-1C52A6173464}: NameServer = 8.8.8.8,8.8.4.4
O17 - HKLM\System\CCS\Services\Tcpip\..\{FC9E2CEB-2AB1-427E-8806-1C52A6173464}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{FC9E2CEB-2AB1-427E-8806-1C52A6173464}: NameServer = 8.8.8.8,8.8.4.4
O17 - HKLM\System\CS1\Services\Tcpip\..\{FC9E2CEB-2AB1-427E-8806-1C52A6173464}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{FC9E2CEB-2AB1-427E-8806-1C52A6173464}: NameServer = 8.8.8.8,8.8.4.4
O17 - HKLM\System\CS2\Services\Tcpip\..\{FC9E2CEB-2AB1-427E-8806-1C52A6173464}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
~ Domain: Scanned in 00mn 00s



---\\ Protocole additionnel (O18)
O18 - Handler: wlpg [64Bits] - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (...) --
O18 - Filter: video/x-flv [64Bits] - {20C75730-7C25-476B-95DC-C65810F9E489} . (.Advanced Micro Devices - MIME Video Detector for IE.) -- C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll
~ Protocole Additionnel: Scanned in 00mn 00s



---\\ T�ches planifi�es en automatique (O39)
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GBoxUpdaterTask{4E9524AB-C047-4054-A5D2-CA79C00C72E6}.job [358]
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\One-Click Tweak.job [524]
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\OptimizerPro1UpdaterTask{1F0EA5D9-D02F-450C-BA5E-07F84C65F384}.job [412] =>PUP.OptimizerPro
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\WxDFastUpdaterTask{74A7DEB5-815C-4ABB-BA98-A87BF66B1848}.job [376]
[MD5.00000000000000000000000000000000] [APT] [GBoxUpdaterTask{4E9524AB-C047-4054-A5D2-CA79C00C72E6}] (...) -- C:\ProgramData\Premium\GBox\GBox.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [One-Click Tweak] (...) -- C:\Program Files (x86)\Advanced PC Tweaker\OneClick.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [OptimizerPro1UpdaterTask{1F0EA5D9-D02F-450C-BA5E-07F84C65F384}] (...) -- C:\ProgramData\Premium\OptimizerPro1\OptimizerPro1.exe (.not file.) [0] =>PUP.OptimizerPro
[MD5.2D83CA7E5653054832FCCB3C5D43563C] [APT] [Updater3847.exe] (.Duval.) -- C:\Users\Jordy\AppData\Local\Updater3847\Updater3847.exe [208472]
[MD5.00000000000000000000000000000000] [APT] [WxDFastUpdaterTask{74A7DEB5-815C-4ABB-BA98-A87BF66B1848}] (...) -- C:\ProgramData\Premium\WxDFast\WxDFast.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [YourFile Update] (...) -- C:\Program Files (x86)\YourFileDownloader\YourFileUpdater.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{1EC6949D-9778-4D1C-A494-EAE52C6D6C42}] (...) -- C:\Program Files (x86)\Shiva-Rappelz\Shiva-Rappelz.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{325D22FD-CCF4-4762-ACE7-A57427EDEC4F}] (...) -- C:\Program Files (x86)\Shiva-Rappelz\Shiva-Rappelz.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{4A5998E1-D795-4616-9905-F076C117E409}] (...) -- D:\Driver\PCLEUSBHardwareInstall.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{4D22294F-D148-4EAB-9594-16B66598BF25}] (...) -- C:\Users\Jordy\Desktop\Dofus\Uninstall.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{550D729F-14D1-4E13-B9E9-97B4FB25FBCF}] (...) -- C:\Program Files (x86)\Shiva-Rappelz\Shiva-Rappelz.exe (.not file.) [0]
[MD5.97B8D8E32C82A4F1D6456F3CAA408870] [APT] [{74312921-F594-4B7F-AD54-AD1A1F7E96D4}] (...) -- C:\Program Files (x86)\Dofus\Dofus.exe [415232]
[MD5.00000000000000000000000000000000] [APT] [{AE61C994-5A6E-4A2F-83D1-27722D204469}] (...) -- C:\Users\Jordy\Desktop\Drivers\setup.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{C5D68805-61AE-47F5-A697-CAC0DB54ECE7}] (...) -- C:\Users\Jordy\Desktop\Dofus\Uninstall.exe (.not file.) [0]
[MD5.97B8D8E32C82A4F1D6456F3CAA408870] [APT] [{C7B854B1-DE89-4ABE-BC18-881642FD15BF}] (...) -- C:\Program Files (x86)\Dofus\Dofus.exe [415232]
[MD5.00000000000000000000000000000000] [APT] [{CA495056-FD1D-4EED-A4CA-9933B9B75968}] (...) -- D:\Driver\PCLEBendPCI.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{CE396EE6-9D41-47F2-BF4F-630A151EA02B}] (...) -- C:\Users\Jordy\Desktop\Drivers\Nouveau dossier\setup.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{CF16B676-A2AA-4C41-A77E-4E202AB8053C}] (...) -- D:\Driver\DC10plusHardwareInstall_East.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{CF8E9130-0280-40DD-BC8E-6BD7284AF09D}] (...) -- C:\Users\Jordy\Desktop\Installateur.exe (.not file.) [0]
~ Scheduled Task: 45 Legitimates Filtered in 00mn 07s



---\\ Pilotes lanc�s au d�marrage (O41)
O41 - Driver: (TsVp) . (.TamoSoft - CommView Pid Driver for Vista/2008/W7 x64.) - C:\Windows\System32\DRIVERS\tsvp.sys
~ Drivers: 72 Legitimates Filtered in 00mn 01s



---\\ Logiciels install�s (O42)
O42 - Logiciel: 3.4.0.9271.1 - (...) [HKLM][64Bits] -- Adobe flex sdk redistributed by sothink_is1
O42 - Logiciel: ActivePerl 5.16.1 Build 1601 (64-bit) - (.ActiveState.) [HKLM][64Bits] -- {653D48F0-098C-45C1-8267-86EA7B9D0EDB}
O42 - Logiciel: Akamai NetSession Interface - (.Akamai Technologies, Inc.) [HKCU][64Bits] -- Akamai
O42 - Logiciel: Alliance of Valiant Arms - (...) [HKLM][64Bits] -- Alliance of Valiant Arms
O42 - Logiciel: Claro LTD toolbar - (.Claro LTD.) [HKLM][64Bits] -- claro
O42 - Logiciel: CommView - (.TamoSoft.) [HKLM][64Bits] -- {70C4E840-DAB4-11DF-5F90-014727066952}
O42 - Logiciel: Ecstazy version 1.29 - (.Ecstazy, Inc..) [HKLM][64Bits] -- {DDE34C48-60D7-4FF3-8803-EE251978B961}_is1
O42 - Logiciel: Elsword_FR - (...) [HKLM][64Bits] -- Elsword_FR_is1
O42 - Logiciel: Force Download Toolbar - (.Force Download.) [HKLM][64Bits] -- Force Download Toolbar
O42 - Logiciel: Livestream for Producers - (.Livestream.) [HKLM][64Bits] -- {A5BB86DF-EE99-41EB-9446-B4623A725E2A}
O42 - Logiciel: MouseServer version 1.3.0.0 - (.Necta Co..) [HKLM][64Bits] -- {E13018F5-FFC7-4729-9C1B-1A85807D03E6}_is1
O42 - Logiciel: My Radiomatisme 1.0.0.25 - (.My Progsoft.) [HKLM][64Bits] -- {EE0B037B-D2F2-4893-AF15-7FA3DF10E856}_is1
O42 - Logiciel: Pando Media Booster - (.Pando Networks Inc..) [HKLM][64Bits] -- {980A182F-E0A2-4A40-94C1-AE0C1235902E}
O42 - Logiciel: SplitCam - (.SplitCam Co.) [HKLM][64Bits] -- SplitCam
O42 - Logiciel: UwAmp (Uninstall) - (...) [HKLM][64Bits] -- UwAmp
O42 - Logiciel: �Torrent - (.BitTorrent Inc..) [HKLM][64Bits] -- uTorrent
~ Logic: 225 Legitimates Filtered in 00mn 02s



---\\ HKCU & HKLM Software Keys
[HKCU\Software\BitTorrent]
[HKCU\Software\Chris PC-Lock]
[HKCU\Software\Claro LTD]
[HKCU\Software\CommView]
[HKCU\Software\Datel X360 Explorer]
[HKCU\Software\IncrediMail]
[HKCU\Software\InstallCore] =>PUP.InstallCore
[HKCU\Software\RuneScape]
[HKCU\Software\SplitCam]
[HKCU\Software\SweetIM] =>PUP.SweetIM
[HKCU\Software\UwAmp]
[HKLM\Software\ActiveState]
[HKLM\Software\Perl]
[HKLM\Software\TamoSoft]
[HKLM\Software\Wow6432Node\AedgePerformanceBCN]
[HKLM\Software\Wow6432Node\Claro LTD]
[HKLM\Software\Wow6432Node\SimplyGen]
[HKLM\Software\Wow6432Node\SweetIM] =>PUP.SweetIM
[HKLM\Software\Wow6432Node\YourFileDownloader]
~ Key Software: 376 Legitimates Filtered in 00mn 02s



---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 21/10/2012 - 00:16:26 - [2,167] ----D C:\Program Files (x86)\Claro LTD
O43 - CFD: 23/03/2013 - 23:25:00 - [13,276] ----D C:\Program Files (x86)\CommView
O43 - CFD: 15/10/2012 - 22:44:53 - [7,473] ----D C:\Program Files (x86)\Force Download Toolbar
O43 - CFD: 20/02/2013 - 15:01:30 - [49,904] ----D C:\Program Files (x86)\Livestream for Producers
O43 - CFD: 14/03/2013 - 00:28:03 - [1,010] ----D C:\Program Files (x86)\MouseServer
O43 - CFD: 13/04/2013 - 22:29:25 - [0] ----D C:\Program Files (x86)\rkfree
O43 - CFD: 21/10/2012 - 00:16:20 - [187,882] ----D C:\Program Files (x86)\SplitCam
O43 - CFD: 13/04/2013 - 12:16:56 - [0,765] ----D C:\Program Files (x86)\uTorrent
O43 - CFD: 08/04/2013 - 18:07:06 - [14,831] ----D C:\Program Files (x86)\XZONE REACTOR Application
O43 - CFD: 14/11/2012 - 20:29:59 - [0] ----D C:\Program Files (x86)\YourFileDownloader
O43 - CFD: 08/09/2012 - 21:58:43 - [0,000] ----D C:\ProgramData\IM
O43 - CFD: 08/09/2012 - 21:57:29 - [0,012] ----D C:\ProgramData\IncrediMail
O43 - CFD: 04/10/2012 - 07:05:25 - [0,033] ---AD C:\ProgramData\rkfree
O43 - CFD: 06/12/2012 - 21:22:31 - [0,000] ----D C:\ProgramData\TamoSoft
O43 - CFD: 25/09/2012 - 13:15:50 - [0,003] ----D C:\Users\Jordy\AppData\Roaming\Datel
O43 - CFD: 25/09/2012 - 11:45:04 - [0,010] ----D C:\Users\Jordy\AppData\Roaming\dfs 2.3
O43 - CFD: 26/09/2012 - 23:19:33 - [0,000] ----D C:\Users\Jordy\AppData\Roaming\SmartBot
O43 - CFD: 20/03/2013 - 20:47:37 - [0,003] ----D C:\Users\Jordy\AppData\Roaming\Telephone sur PC
O43 - CFD: 22/04/2013 - 14:52:42 - [1,620] ----D C:\Users\Jordy\AppData\Roaming\uTorrent
O43 - CFD: 14/11/2012 - 20:29:31 - [0] ----D C:\Users\Jordy\AppData\Roaming\YourFileDownloader
O43 - CFD: 18/03/2013 - 18:06:42 - [42,756] ----D C:\Users\Jordy\AppData\Local\Akamai
O43 - CFD: 08/09/2012 - 22:01:55 - [17,381] ----D C:\Users\Jordy\AppData\Local\IM
O43 - CFD: 26/12/2012 - 16:49:44 - [0,001] ----D C:\Users\Jordy\AppData\Local\PatakTools
O43 - CFD: 20/02/2013 - 15:02:57 - [0,243] ----D C:\Users\Jordy\AppData\Local\Producer
O43 - CFD: 24/01/2013 - 15:59:20 - [0,199] ----D C:\Users\Jordy\AppData\Local\Updater3847
O43 - CFD: 11/11/2012 - 20:43:20 - [0,001] ----D C:\Users\Jordy\AppData\Local\xKickAss
O43 - CFD: 05/03/2013 - 02:16:20 - [0,003] ----D C:\Users\Jordy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RuneScape
O43 - CFD: 21/10/2012 - 00:16:18 - [0,003] ----D C:\Users\Jordy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SplitCam
O43 - CFD: 20/10/2012 - 22:22:47 - [0] ----D C:\Users\Jordy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\UwAmp
~ 3 Dossiers CLSID vides (CLSID Empty Folders)
~ Program Folder: 359 Legitimates Filtered in 01mn 14s



---\\ Derniers fichiers modifi�s ou cr�es sous Windows et System32 (O44)
O44 - LFC:[MD5.6BEEA36145ADB71EB7362C2757887EBE] - 13/04/2013 - 00:15:05 ---A- . (...) -- C:\Windows\SplitCam.INI [1431]
O44 - LFC:[MD5.EE6407670B4CA47CCC9AF5ED41A19150] - 12/04/2013 - 23:00:23 ---A- . (.Pas de propri�taire - Lagarith.) -- C:\Windows\SysNative\LAGARITH.DLL [148992]
O44 - LFC:[MD5.EE6407670B4CA47CCC9AF5ED41A19150] - 12/04/2013 - 23:00:23 RSHAD . (.Pas de propri�taire - Lagarith.) -- C:\Windows\System32\LAGARITH.DLL [148992]
O44 - LFC:[MD5.0021736A3EF29F98A22765A4430B1029] - 08/04/2013 - 20:25:05 ---A- . (...) -- C:\Windows\WPE PRO - modified.INI [318]
~ Files: 22 Legitimates Filtered in 00mn 06s



---\\ Derniers fichiers cr��s dans Windows Prefetcher (O45)
O45 - LFCP:[MD5.65AB580D43549F6D8C188D865B2DEA93] - 19/04/2013 - 23:21:50 ---A- - C:\Windows\Prefetch\CAMTASIASTUDIO.EXE-D52CBE48.pf
O45 - LFCP:[MD5.0A8C5574495F3A9F5BFAAB8E62EBD985] - 19/04/2013 - 23:25:51 ---A- - C:\Windows\Prefetch\CAMRECORDER.EXE-4401A56C.pf
O45 - LFCP:[MD5.B49C6C3279C831A757DC0BE9FE4BD4EF] - 19/04/2013 - 23:52:47 ---A- - C:\Windows\Prefetch\HD-QUIT.EXE-F99C030F.pf
O45 - LFCP:[MD5.E18F3E7C21F5095FB2257CB46FEFB951] - 19/04/2013 - 23:52:51 ---A- - C:\Windows\Prefetch\HD-RESTART.EXE-F65371A1.pf
O45 - LFCP:[MD5.C6AFAB8245DB24897261DCF906D7E64E] - 19/04/2013 - 23:53:18 ---A- - C:\Windows\Prefetch\HD-SERVICE.EXE-06E74E75.pf
O45 - LFCP:[MD5.7EFAF7C09A781468588B39C41089C0E4] - 19/04/2013 - 23:53:19 ---A- - C:\Windows\Prefetch\HD-BLOCKDEVICE.EXE-2BA47AC7.pf
O45 - LFCP:[MD5.2446E68ABD4B89DCB7FF5EB94147663D] - 19/04/2013 - 23:53:19 ---A- - C:\Windows\Prefetch\HD-NETWORK.EXE-97DB19B2.pf
O45 - LFCP:[MD5.FEED3E3BED7D3607B7139B7351BBFB75] - 19/04/2013 - 23:53:19 ---A- - C:\Windows\Prefetch\HD-SHAREDFOLDER.EXE-D8C6ABAF.pf
O45 - LFCP:[MD5.49C91ACB0AC25F5C9BB9CDD0A9B6965D] - 22/04/2013 - 12:30:26 ---A- - C:\Windows\Prefetch\HD-RUNAPP.EXE-7DC2AC8E.pf
O45 - LFCP:[MD5.2FB9F0DF58103B1E83CE0B6B2986BA07] - 22/04/2013 - 12:30:32 ---A- - C:\Windows\Prefetch\HD-FRONTEND.EXE-7EB64AE8.pf
O45 - LFCP:[MD5.D03012A1200C89E5898A555CA9520337] - 22/04/2013 - 12:30:44 ---A- - C:\Windows\Prefetch\HD-ADB.EXE-0FB674E3.pf
O45 - LFCP:[MD5.F392A236609EAB6ED6A6182126AFB0DF] - 22/04/2013 - 14:27:03 ---A- - C:\Windows\Prefetch\RAVBG64.EXE-7CC661DA.pf
O45 - LFCP:[MD5.5663615E86FCDAD4DF293E502C7B96B0] - 22/04/2013 - 14:27:03 ---A- - C:\Windows\Prefetch\UPDATERSTARTUPUTILITY.EXE-68AA7E20.pf
O45 - LFCP:[MD5.07CF655DE7539C3EC4ABF8D5824491BA] - 22/04/2013 - 19:38:04 ---A- - C:\Windows\Prefetch\PHOTOFILTRE7.EXE-051F9F5C.pf
O45 - LFCP:[MD5.3B159A7546A4962BC3CBFBFC8FD1F322] - 22/04/2013 - 23:43:20 ---A- - C:\Windows\Prefetch\PMB.EXE-B9083A8E.pf
O45 - LFCP:[MD5.219513F50EDA3C2E39FBD734416C2BC6] - 23/04/2013 - 00:50:44 ---A- - C:\Windows\Prefetch\MMLOADDRVPXDISCRETE.EXE-AE9DDA34.pf
O45 - LFCP:[MD5.12E6ADC1E66F88E36A9E317A50F11F51] - 23/04/2013 - 01:07:54 ---A- - C:\Windows\Prefetch\ALLCAPTURE.EXE-6A7345CA.pf
~ Prefetcher: 141 Legitimates Filtered in 00mn 00s



---\\ Export de cl� d'application autoris�e (O47)
O47 - AAKE:Key Export SP - "C:\Users\Jordy\AppData\Local\Temp\vbc.exe" [Enabled] .(...) -- C:\Users\Jordy\AppData\Local\Temp\vbc.exe (.not file.)
O47 - AAKE:Key Export SP - "C:\Users\Jordy\AppData\Roaming\svchost.exe" [Enabled] .(...) -- C:\Users\Jordy\AppData\Roaming\svchost.exe (.not file.)
~ Keys Export: 3 Legitimates Filtered in 00mn 00s



---\\ Microsoft Windows Policies System (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ MWPS: 19 Legitimates Filtered in 00mn 00s



---\\ Microsoft Windows Policies Explorer (O56)
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoChangeStartMenu"=0
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoClose"=0
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoLogOff"=0
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1
~ MWPE Keys: 11 Legitimates Filtered in 00mn 00s



---\\ Liste des Drivers Syst�me (O58)
O58 - SDL:[MD5.2F6B34B83843F0C5118B63AC634F5BF4] - 14/07/2009 - 02:52:21 ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\System32\Drivers\adp94xx.sys [491088]
O58 - SDL:[MD5.1E6438D4EA6E1174A3B3B1EDC4DE660B] - 18/03/2009 - 16:35:42 --HA- . (.LogMeIn, Inc. - Hamachi Virtual Network Interface Driver.) -- C:\Windows\System32\hamachi.sys [33856]
O58 - SDL:[MD5.F2B3785D7282BAC66D4B644FC88749F0] - 13/06/2002 - 14:08:46 ----- . (.Padus, Inc. - Padus(R) ASPI Shell.) -- C:\Windows\SysWOW64\drivers\pfc.sys [14604]
O58 - SDL:[MD5.BBC47A2E02BE7DEAA8ED514AAB4F1FAF] - 01/02/2012 - 20:50:44 ---A- . (.INCA Internet Co., Ltd. - nProtect NPSC Kernel Mode Driver for NT.) -- C:\Windows\SysWOW64\npptNT2.sys [4774]
~ Drivers: Scanned in 00mn 00s



---\\ Derniers fichiers modifi�s ou cr�es (Utilisateur) (O61)
O61 - LFC: 22/04/2013 - 22:02:21 ---A- C:\Users\Jordy\AppData\Roaming\ALLCapture\ALLCapture.xml [2088]
O61 - LFC: 22/04/2013 - 22:33:51 ---A- C:\Users\Jordy\AppData\Local\Google\Chrome\User Data\Certificate Revocation Lists [268915]
O61 - LFC: 22/04/2013 - 23:43:18 ---A- C:\Users\Jordy\AppData\Local\PMB Files\cert\secmod.db [16384]
O61 - LFC: 22/04/2013 - 23:44:04 ---A- C:\Users\Jordy\AppData\Local\PMB Files\pando.save [846]
O61 - LFC: 22/04/2013 - 23:44:06 ---A- C:\Users\Jordy\AppData\Local\PMB Files\cert\cert8.db [65536]
O61 - LFC: 22/04/2013 - 23:44:06 ---A- C:\Users\Jordy\AppData\Local\PMB Files\cert\key3.db [16384]
O61 - LFC: 23/04/2013 - 00:55:32 ---A- C:\Users\Jordy\AppData\Roaming\D2Info0 [125]
O61 - LFC: 23/04/2013 - 00:55:56 ---A- C:\Users\Jordy\AppData\Roaming\app\Jerakine_lang.dat [4859]
O61 - LFC: 23/04/2013 - 01:07:47 ---A- C:\Users\Jordy\AppData\Roaming\ALLCapture\ALLCENT30.cfg [114]
O61 - LFC: 23/04/2013 - 01:08:50 ---A- C:\Users\Jordy\AppData\Local\Google\Chrome\User Data\Local State [30485]
~ 46 Fichiers temporaires (Temporary files)
~ Files: 616 Legitimates Filtered in 00mn 34s



---\\ Liste des outils de nettoyage (O63)
O63 - Logiciel: ZHPDiag 2013 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1
~ ADS: Scanned in 00mn 00s



---\\ Liste des services Legacy (O64)
O64 - Services: CurCS - 25/09/2012 - C:\Windows\System32\DRIVERS\cv2k1.sys (CV2K1) .(.TamoSoft - CommView Driver for Windows XP/2003/Vista/2.) - LEGACY_CV2K1
O64 - Services: CurCS - 27/06/2012 - C:\Windows\System32\DRIVERS\tsvp.sys (TsVp) .(.TamoSoft - CommView Pid Driver for Vista/2008/W7 x64.) - LEGACY_TSVP
O64 - Services: CurCS - 13/11/2012 - C:\Program Files (x86)\Razer\Razer Game Booster\Driver\WinRing0x64.sys (WinRing0_1_2_0) .(.OpenLibSys.org - WinRing0.) - LEGACY_WINRING0_1_2_0
~ Legacy: 98 Legitimates Filtered in 00mn 10s



---\\ File Associations Shell Spawning (O67)
O67 - Shell Spawning: <.html> [HKCU\..\open\Command] (.Not Key.)
~ FASS Keys: 19 Legitimates Filtered in 00mn 00s



---\\ Start Menu Internet (O68)
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
~ Keys: Scanned in 00mn 00s



---\\ Search Browser Infection (O69)
O69 - SBI: prefs.js [Jordy - hc5yo5kr.default] user_pref("extensions.claro.admin", false);
O69 - SBI: prefs.js [Jordy - hc5yo5kr.default] user_pref("extensions.claro.aflt", "babsst");
O69 - SBI: prefs.js [Jordy - hc5yo5kr.default] user_pref("extensions.claro.appId", "{C3110516-8EFC-49D6-8B72-69354F332062}");
O69 - SBI: prefs.js [Jordy - hc5yo5kr.default] user_pref("extensions.claro.dfltLng", "en");
O69 - SBI: prefs.js [Jordy - hc5yo5kr.default] user_pref("extensions.claro.excTlbr", false);
O69 - SBI: prefs.js [Jordy - hc5yo5kr.default] user_pref("extensions.claro.id", "68b709d900000000000000ffb7549b44");
O69 - SBI: prefs.js [Jordy - hc5yo5kr.default] user_pref("extensions.claro.instlDay", "15633");
O69 - SBI: prefs.js [Jordy - hc5yo5kr.default] user_pref("extensions.claro.instlRef", "sst");
O69 - SBI: prefs.js [Jordy - hc5yo5kr.default] user_pref("extensions.claro.prdct", "claro");
O69 - SBI: prefs.js [Jordy - hc5yo5kr.default] user_pref("extensions.claro.prtnrId", "claro");
O69 - SBI: prefs.js [Jordy - hc5yo5kr.default] user_pref("extensions.claro.tlbrId", "claro");
O69 - SBI: prefs.js [Jordy - hc5yo5kr.default] user_pref("extensions.claro.tlbrSrchUrl", "");
O69 - SBI: prefs.js [Jordy - hc5yo5kr.default] user_pref("extensions.claro.vrsn", "1.8.3.10");
O69 - SBI: prefs.js [Jordy - hc5yo5kr.default] user_pref("extensions.claro.vrsni", "1.8.3.10");
O69 - SBI: prefs.js [Jordy - hc5yo5kr.default] user_pref("extensions.claro_i.smplGrp", "none");
O69 - SBI: prefs.js [Jordy - hc5yo5kr.default] user_pref("extensions.claro_i.vrsnTs", "1.8.3.100:16:21");
O69 - SBI: prefs.js [Jordy - hc5yo5kr.default] user_pref("extensions.crossrider.bic", "13cef662e0357676ecd22ac4ec6c4e4f"); =>PUP.CrossRider
O69 - SBI: SearchScopes [HKCU] ${searchCLSID} - (@ieframe.dll,-12512) - http://search.live.com
~ Keys: Scanned in 00mn 00s



---\\ Recherche particuliere � la racine de certains dossiers (O84)
[MD5.61DFA7D3A349A75FDBD72CC22D9AA99A] [SPRF][12/04/2013] (.Web Solution Mart - Fake Webcam Codecs Pack Setup.) -- C:\Users\Jordy\AppData\Local\Temp\FH68B8.tmp.exe [12444400]
[MD5.85D06A2F6EE0490731069C5EEDA3EF14] [SPRF][12/04/2013] (.Web Solution Mart - Fake Webcam Effects and Overlays Pack Setup.) -- C:\Users\Jordy\AppData\Local\Temp\FH8D48.tmp.exe [8719040]
[MD5.28BACDF86D2558E1248A5C4C658CAB2B] [SPRF][13/11/2012] (...) -- C:\Users\Jordy\AppData\Local\Temp\gbinit.exe [1036696]
[MD5.FE3EBAF3B285433A2566AEF82738D554] [SPRF][05/03/2013] (...) -- C:\Users\Jordy\AppData\Local\Temp\ICReinstall_Minecraft.exe [667016]
[MD5.6C137D2BEF3CDD43F3AE2FD6705B9FED] [SPRF][05/04/2013] (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Users\Jordy\AppData\Local\Temp\jre-7u21-windows-i586-iftw.exe [904104]
[MD5.95E5725507E83429DE4F16C80155AC4B] [SPRF][10/10/2012] (.Pas de propri�taire - Pipix v2.7.exe.) -- C:\Users\Jordy\Desktop\Pipix_v2.7.exe [766585]
~ Files: Scanned in 00mn 02s



---\\ Firewall Active Exception List (FirewallRules) (O87)
O87 - FAEL: "{912C1961-D768-4623-9B41-77AF8556F15E}" | In - Domain - P6 - TRUE | .(.Pas de propri�taire - Pando Media Booster.) -- C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
O87 - FAEL: "{4556E17F-57D7-4495-A0B2-9BD5162AC45F}" | In - Domain - P17 - TRUE | .(.Pas de propri�taire - Pando Media Booster.) -- C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
O87 - FAEL: "{6F216A51-401E-41E3-8699-0BB8469F7545}" | In - Private - P6 - TRUE | .(.Pas de propri�taire - Pando Media Booster.) -- C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
O87 - FAEL: "{DD0600F0-B74F-4D2B-B3E4-072AB1C8DD80}" | In - Private - P17 - TRUE | .(.Pas de propri�taire - Pando Media Booster.) -- C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
O87 - FAEL: "{1360827B-05C3-44B8-930F-650467CD33FD}" | In - None - P17 - TRUE | .(.Pas de propri�taire - Pando Media Booster.) -- C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
O87 - FAEL: "TCP Query User{41340FD0-ACF9-427C-913D-759E09C8D888}C:\program files (x86)\metin2\metin2client.bin" | In - Private - P6 - TRUE | .(.Ymir Entertainment - Metin2Client.) -- C:\program files (x86)\metin2\metin2client.bin
O87 - FAEL: "UDP Query User{F52579D8-9295-4D2B-B319-C8854720D0B7}C:\program files (x86)\metin2\metin2client.bin" | In - Private - P17 - TRUE | .(.Ymir Entertainment - Metin2Client.) -- C:\program files (x86)\metin2\metin2client.bin
O87 - FAEL: "{632B7541-3EBF-4ACF-AD21-FE798E8B3BDE}" | In - Public - P17 - TRUE | .(.Ymir Entertainment - Metin2Client.) -- C:\program files (x86)\metin2\metin2client.bin
O87 - FAEL: "{AFFA42E1-5A42-4173-9C28-A660C7990DEB}" | In - Public - P6 - TRUE | .(.Ymir Entertainment - Metin2Client.) -- C:\program files (x86)\metin2\metin2client.bin
O87 - FAEL: "{C0913A9C-295A-4885-BD87-F1382CE955A6}" | In - None - P6 - TRUE | .(.BitTorrent Inc. - �Torrent.) -- C:\Program Files (x86)\uTorrent\uTorrent.exe
O87 - FAEL: "{67058D15-9E98-43B5-99F7-C04442DCE697}" | In - None - P17 - TRUE | .(.BitTorrent Inc. - �Torrent.) -- C:\Program Files (x86)\uTorrent\uTorrent.exe
O87 - FAEL: "TCP Query User{22907DDC-31C9-4A62-B445-BD627914A3AD}C:\program files (x86)\mouseserver\mouseserver.exe" | In - Private - P6 - TRUE | .(.wifimouse.necta.us - MouseServer.) -- C:\program files (x86)\mouseserver\mouseserver.exe
O87 - FAEL: "UDP Query User{5ACE4F8C-B570-463A-90A7-F079853D9F1D}C:\program files (x86)\mouseserver\mouseserver.exe" | In - Private - P17 - TRUE | .(.wifimouse.necta.us - MouseServer.) -- C:\program files (x86)\mouseserver\mouseserver.exe
O87 - FAEL: "{19C58643-06A2-43EA-8B9D-EDCA05B54054}" | In - Public - P17 - TRUE | .(.wifimouse.necta.us - MouseServer.) -- C:\program files (x86)\mouseserver\mouseserver.exe
O87 - FAEL: "{9313813D-EC8E-4592-AD55-CA0620F5B017}" | In - Public - P6 - TRUE | .(.wifimouse.necta.us - MouseServer.) -- C:\program files (x86)\mouseserver\mouseserver.exe
~ Firewall: 295 Legitimates Filtered in 00mn 02s



---\\ Scan Additionnel (O88)
Database Version : v2.11647 - (22/04/2013)
Cl�s trouv�es (Keys found) : 83
Valeurs trouv�es (Values found) : 1
Dossiers trouv�s (Folders found) : 7
Fichiers trouv�s (Files found) : 0

[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{000F18F2-09EB-4A59-82B2-5AE4184C39C3}] =>Hijacker.Agent
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{000F18F2-09EB-4A59-82B2-5AE4184C39C3}] =>Hijacker.Agent
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{000F18F2-09EB-4A59-82B2-5AE4184C39C3}] =>Hijacker.Agent
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4F37A8FE-00B3-430F-85AA-F97F12E8B651}] =>Toolbar.Conduit
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{4F37A8FE-00B3-430F-85AA-F97F12E8B651}] =>Toolbar.Conduit
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4F37A8FE-00B3-430F-85AA-F97F12E8B651}] =>Toolbar.Conduit
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{60295942-9E5F-4EE8-B785-3A655904D24F}] =>PUP.ClaroSearch
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9E131A93-EED7-4BEB-B015-A0ADB30B5646}] =>Hijacker.Agent
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{9E131A93-EED7-4BEB-B015-A0ADB30B5646}] =>Hijacker.Agent
[HKLM\Software\Classes\AppID\Complitly.DLL] =>Adware.PredictAd
[HKLM\Software\Wow6432Node\Microsoft\Tracing\YourFile_RASAPI32] =>PUP.YourFileDownloader
[HKLM\Software\Wow6432Node\Microsoft\Tracing\BingBar_RASMANCS] =>Toolbar.Bing
[HKCU\Software\{EBC7E151-8AF5-4026-B48E-0A8642BE4FDE}] =>Toolbar.Conduit
[HKLM\Software\Wow6432Node\Google\Chrome\Extensions\pmlghpafmmnmmkjdhacccolfgnkiboco] =>PUP.1ClickDownloader
[HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\HssSrv] =>Toolbar.Agent
[HKCU\Software\1ClickDownload] =>PUP.1ClickDownloader
[HKLM\Software\Wow6432Node\AedgePerformanceBCN] =>Adware.SPointer
[HKCU\Software\SweetIM] =>PUP.SweetIM
[HKLM\Software\Wow6432Node\SweetIM] =>PUP.SweetIM
[HKLM\Software\Wow6432Node\SimplyGen] =>Adware.PredictAd
[HKLM\Software\Wow6432Node\Microsoft\Tracing\MyBabylontb_RASAPI32] =>Toolbar.Babylon
[HKLM\Software\Wow6432Node\Microsoft\Tracing\MyBabylontb_RASMANCS] =>Toolbar.Babylon
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\claro] =>PUP.ClaroSearch
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{37D4F18B-902D-4794-807B-D6C5314B4FF7}] =>Toolbar.Conduit
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{37D4F18B-902D-4794-807B-D6C5314B4FF7}] =>Toolbar.Conduit
[HKLM\Software\Classes\Prod.cap] =>Toolbar.Babylon
[HKLM\Software\Wow6432Node\Microsoft\Tracing\offerbox_RASAPI32] =>PUP.OfferBox
[HKLM\Software\Wow6432Node\Microsoft\Tracing\offerbox_RASMANCS] =>PUP.OfferBox
[HKLM\Software\Wow6432Node\Microsoft\Tracing\OfferBoxHTTPProxy_RASAPI32] =>PUP.OfferBox
[HKLM\Software\Wow6432Node\Microsoft\Tracing\OfferBoxHTTPProxy_RASMANCS] =>PUP.OfferBox
[HKLM\Software\Wow6432Node\Microsoft\Tracing\BingBar_RASAPI32] =>Toolbar.Bing
[HKCU\Software\InstallCore] =>Adware.InstallCore
[HKLM\Software\Classes\AppID\{C3110516-8EFC-49D6-8B72-69354F332062}] =>PUP.ClaroSearch
[HKLM\Software\Wow6432Node\Classes\AppID\{C3110516-8EFC-49D6-8B72-69354F332062}] =>PUP.ClaroSearch
[HKLM\Software\Classes\AppID\{CCC3E766-7BA9-4629-AC1A-7F4B7F362E65}] =>PUP.ClaroSearch
[HKLM\Software\Classes\TypeLib\{CCC3E766-7BA9-4629-AC1A-7F4B7F362E65}] =>PUP.ClaroSearch
[HKLM\Software\Wow6432Node\Classes\AppID\{CCC3E766-7BA9-4629-AC1A-7F4B7F362E65}] =>PUP.ClaroSearch
[HKLM\Software\Classes\TypeLib\{A903AC15-686E-4D67-A355-86FCBE9F60DA}] =>PUP.ClaroSearch
[HKLM\Software\Classes\Interface\{16466D47-74A8-4928-B8B2-07CD79ABFC9F}] =>PUP.ClaroSearch
[HKLM\Software\Wow6432Node\Classes\Interface\{16466D47-74A8-4928-B8B2-07CD79ABFC9F}] =>PUP.ClaroSearch
[HKLM\Software\Classes\Interface\{26D5CC0A-7A46-4D86-AF45-2EFA320B0C54}] =>PUP.ClaroSearch
[HKLM\Software\Wow6432Node\Classes\Interface\{26D5CC0A-7A46-4D86-AF45-2EFA320B0C54}] =>PUP.ClaroSearch
[HKLM\Software\Classes\Interface\{2D13AC8F-037E-40C5-ADA6-231BA74EA2F4}] =>PUP.ClaroSearch
[HKLM\Software\Wow6432Node\Classes\Interface\{2D13AC8F-037E-40C5-ADA6-231BA74EA2F4}] =>PUP.ClaroSearch
[HKLM\Software\Classes\Interface\{322EDCF5-9E7D-4021-8C67-F3FFE4961A38}] =>PUP.ClaroSearch
[HKLM\Software\Wow6432Node\Classes\Interface\{322EDCF5-9E7D-4021-8C67-F3FFE4961A38}] =>PUP.ClaroSearch
[HKLM\Software\Classes\Interface\{3E254398-828F-4D51-A39E-3F6B6D96A12C}] =>PUP.ClaroSearch
[HKLM\Software\Wow6432Node\Classes\Interface\{3E254398-828F-4D51-A39E-3F6B6D96A12C}] =>PUP.ClaroSearch
[HKLM\Software\Classes\Interface\{442DAF0C-7EAD-48D9-ABEA-E0036470D6D5}] =>PUP.ClaroSearch
[HKLM\Software\Wow6432Node\Classes\Interface\{442DAF0C-7EAD-48D9-ABEA-E0036470D6D5}] =>PUP.ClaroSearch
[HKLM\Software\Classes\Interface\{58EB187D-24F8-4423-BD6C-655CE4C416BD}] =>PUP.ClaroSearch
[HKLM\Software\Wow6432Node\Classes\Interface\{58EB187D-24F8-4423-BD6C-655CE4C416BD}] =>PUP.ClaroSearch
[HKLM\Software\Classes\Interface\{6BEB066C-A791-4A21-B934-7783533FE888}] =>PUP.ClaroSearch
[HKLM\Software\Wow6432Node\Classes\Interface\{6BEB066C-A791-4A21-B934-7783533FE888}] =>PUP.ClaroSearch
[HKLM\Software\Classes\Interface\{A07612DF-B1DD-484F-A1C3-36CA4CE919D2}] =>PUP.ClaroSearch
[HKLM\Software\Wow6432Node\Classes\Interface\{A07612DF-B1DD-484F-A1C3-36CA4CE919D2}] =>PUP.ClaroSearch
[HKLM\Software\Classes\Interface\{A76F97B2-2C56-456A-A29E-72741595C2E8}] =>PUP.ClaroSearch
[HKLM\Software\Wow6432Node\Classes\Interface\{A76F97B2-2C56-456A-A29E-72741595C2E8}] =>PUP.ClaroSearch
[HKLM\Software\Classes\Interface\{B19D9D96-E59C-4936-B283-8A831CDB3A53}] =>PUP.ClaroSearch
[HKLM\Software\Wow6432Node\Classes\Interface\{B19D9D96-E59C-4936-B283-8A831CDB3A53}] =>PUP.ClaroSearch
[HKLM\Software\Classes\Interface\{DC8AAABA-3F8B-4866-8B3A-D9368133A478}] =>PUP.ClaroSearch
[HKLM\Software\Wow6432Node\Classes\Interface\{DC8AAABA-3F8B-4866-8B3A-D9368133A478}] =>PUP.ClaroSearch
[HKLM\Software\Classes\Interface\{E15519AE-99BE-42DD-BE60-FFC3C183F443}] =>PUP.ClaroSearch
[HKLM\Software\Wow6432Node\Classes\Interface\{E15519AE-99BE-42DD-BE60-FFC3C183F443}] =>PUP.ClaroSearch
[HKLM\Software\Classes\esrv.claroESrvc.1] =>PUP.ClaroSearch
[HKLM\Software\Classes\esrv.claroESrvc] =>PUP.ClaroSearch
[HKLM\Software\Wow6432Node\Microsoft\Tracing\boxore_RASAPI32] =>Adware.Boxore
[HKLM\Software\Wow6432Node\Microsoft\Tracing\boxore_RASMANCS] =>Adware.Boxore
[HKLM\Software\Wow6432Node\Microsoft\Tracing\ConduitInstaller_RASAPI32] =>Toolbar.Conduit
[HKLM\Software\Wow6432Node\Microsoft\Tracing\ConduitInstaller_RASMANCS] =>Toolbar.Conduit
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110011381147}] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Classes\CLSID\{11111111-1111-1111-1111-110011381147}] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Classes\CLSID\{22222222-2222-2222-2222-220022382247}] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11111111-1111-1111-1111-110011381147}] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{21111111-1111-1111-1111-110011381147}] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110011381147}] =>PUP.CrossRider
[HKLM\Software\Classes\claro.claroappCore] =>PUP.ClaroSearch^
[HKLM\Software\Classes\claro.claroappCore.1] =>PUP.ClaroSearch^
[HKLM\Software\Classes\claro.clarodskBnd] =>PUP.ClaroSearch^
[HKLM\Software\Classes\claro.clarodskBnd.1] =>PUP.ClaroSearch^
[HKLM\Software\Classes\claro.claroHlpr] =>PUP.ClaroSearch^
[HKLM\Software\Classes\claro.claroHlpr.1] =>PUP.ClaroSearch^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CA0054A5AB3EFFE4CB5660E44A1E7DCC] =>Adware.Boxore^
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Toolbar]:{9E131A93-EED7-4BEB-B015-A0ADB30B5646} =>PUP.ClaroSearch
C:\Program Files (x86)\yourfiledownloader =>PUP.YourFileDownloader
C:\Program Files (x86)\Claro LTD =>PUP.ClaroSearch
C:\Program Files (x86)\Force Download Toolbar =>Toolbar.Conduit
C:\Program Files (x86)\rkfree =>Keylogger.Logixoft
C:\ProgramData\rkfree =>Keylogger.Logixoft
C:\Users\Jordy\AppData\Roaming\yourfiledownloader =>PUP.YourFileDownloader
C:\Users\Jordy\AppData\Local\\Updater3847 =>PUP.CrossRider^
~ Additionnel Scan: 346016 Items scanned in 00mn 45s



---\\ Product Upgrade Codes (O90)
O90 - PUC: "79407899D9A1CF9449F9CE4F89A6ABF1" . (.ForceDownload.) -- C:\Windows\Installer\{99870497-1A9D-49FC-949F-ECF4986ABA1F}\ARPPRODUCTICON.exe
~ Update Products: 410 Legitimates Filtered in 00mn 00s



---\\ Etat g�n�ral des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SR - | Auto 18/12/2012 65192 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
SS - | Demand 12/03/2013 253656 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
SR - | Auto 19/12/2012 240640 | (AMD External Events Utility) . (.AMD.) - C:\Windows\System32\atiesrxx.exe
SR - | Auto 19/12/2012 361984 | (AMD FUEL Service) . (.Advanced Micro Devices, Inc..) - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
SR - | Auto 15/02/2013 393080 | (BstHdAndroidSvc) . (.BlueStack Systems, Inc..) - C:\Program Files (x86)\BlueStacks\HD-Service.exe
SR - | Auto 15/02/2013 384888 | (BstHdLogRotatorSvc) . (.BlueStack Systems, Inc..) - C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
SS - | Demand 26/04/2012 2438696 | (CGVPNCliSrvc) . (.mobile concepts GmbH.) - C:\Program Files\CyberGhost VPN\CGVPNCliService.exe
SR - | Auto 01/07/2011 353360 | (DsiWMIService) . (.Dritek System Inc..) - C:\Program Files (x86)\Launch Manager\dsiwmis.exe
SS - | Demand 21/06/2011 173424 | (EgisTec Ticket Service) . (.Egis Technology Inc..) - C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe
SR - | Auto 02/08/2011 872552 | (ePowerSvc) . (.Acer Incorporated.) - C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
SS - | Demand 29/06/2012 655624 | (FLEXnet Licensing Service) . (.Acresso Software Inc..) - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
SR - | Auto 30/05/2011 36456 | (GREGService) . (.Acer Incorporated.) - C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
SS - | Auto 19/02/2013 116648 | (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 19/02/2013 116648 | (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SR - | Auto 10/12/2012 2465712 | (Hamachi2Svc) . (.LogMeIn Inc..) - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
SR - | Auto 05/04/2012 255376 | (Live Updater Service) . (.Acer Incorporated.) - C:\Program Files\Acer\Acer Updater\UpdaterService.exe
SS - | Demand 05/02/2013 428928 | (maconfservice) . (.CybelSoft.) - C:\Program Files\ma-config.com\x64\maconfservice.exe
SR - | Auto 04/04/2013 418376 | (MBAMScheduler) . (.Malwarebytes Corporation.) - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
SR - | Auto 04/04/2013 701512 | (MBAMService) . (.Malwarebytes Corporation.) - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
SS - | Demand 06/09/2012 114144 | (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
SS - | Demand ??\??\???? 0 | (npggsvc) . (.INCA Internet Co., Ltd..) - C:\Windows\system32\GameMon.des
SR - | Auto 24/04/2011 256832 | (NTI IScheduleSvc) . (.NTI Corporation.) - C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
SS - | Auto 28/02/2013 161384 | (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files (x86)\Skype\Updater\Updater.exe
SS - | Demand 19/02/2010 517096 | (SwitchBoard) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
SR - | Auto 06/03/2013 3560288 | (TeamViewer8) . (.TeamViewer GmbH.) - C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
SS - | Demand 26/09/2011 18432 | (wampapache) . (.Apache Software Foundation.) - c:\wamp\bin\apache\apache2.2.21\bin\httpd.exe
SS - | Demand 8176640 | (wampmysqld) . (...) - c:\wamp\bin\mysql\mysql5.5.20\bin\mysqld.exe
SS - | Demand 14/07/2009 27136 | C:\Program Files (x86)\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe
SR - | Auto 14/07/2009 27136 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
~ Services: Scanned in 00mn 02s



---\\ Recherche Master Boot Record Infection (MBR)(O80)
Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net
Run by Jordy at 23/04/2013 02:13:56

device: opened successfully
user: error reading MBR

Disk trace:
error: Read Descripteur non valide
kernel: error reading MBR
~ MBR: 9 Legitimates Filtered in 00mn 02s



---\\ Recherche Master Boot Record Infection (MBRCheck)(O80)
Written by ad13, http://ad13.geekstog
Run by Jordy at 23/04/2013 02:13:58

********* Dump file Name *********
C:\PhysicalDisk0_MBR.bin
~ MBR: Scanned in 00mn 04s



~ 2660 Legitimates filtered by white list
End of the scan (830 lines in 08mn 11s)(0)

Publicité


Signaler le contenu de ce document

Publicité