Publicité
Publicité
Format du document : text/plain
Prévisualisation
Rapport de ZHPDiag v2013.6.13.18 par Nicolas Coolman, Update du 13.06.2013
Run by media at 16.06.2013 19:50:55
WebSite: http://nicolascoolman.webs.com
State : Version � jour.
WhiteList : Enable
High Elevated Privileges : OK
UAC :
---\\ Web Browser
MSIE: Internet Explorer v10.0.9200.16618
GCIE: Google Chrome v27.0.1453.110 (Defaut)
---\\ Windows Product Information
~ Langage: Fran�ais
Windows 7 Home Premium Edition, 64-bit Service Pack 1 (Build 7601)
Windows Server License Manager Script : OK
~ Windows(R) 7, OEM_SLP channel
System Locked Preinstallation (OEM_SLP) : OK
Windows ID Activation : OK
~ Windows Partial Key : CGKHQ
Windows License : OK
~ Windows Remaining Initializations Number : 2
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK
---\\ System Protection
avast! Internet Security v8.0.1489.0
Malwarebytes Anti-Malware version 1.75.0.1300
Windows Defender W7
---\\ System Optimizer
---\\ Peer To Peer (P2P)
---\\ Software Update
Adobe Flash Player 11 Plugin
Adobe Reader X MUI
Java 7 Update 21
---\\ System Information
~ Processor: Intel64 Family 6 Model 42 Stepping 7, GenuineIntel
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 4007.2 MB (56% free)
System Restore: Activ� (Enable)
System drive C: has 191 GB (68%) free of 278 GB
---\\ Logged in mode
~ Computer Name: MEDIA-VAIO
~ User Name: media
~ All Users Names: media, C�dric, Administrateur,
~ Unselected Option: None
Logged in as Administrator
---\\ Environnement Variables
~ System Unit : C:\
~ %AppData% : C:\Users\media\AppData\Roaming\
~ %Desktop% : C:\Users\media\Desktop\
~ %Favorites% : C:\Users\media\Favorites\
~ %LocalAppData% : C:\Users\media\AppData\Local\
~ %StartMenu% : C:\Users\media\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\
---\\ DOS/Devices
C:\ Hard drive, Flash drive, Thumb drive (Free 191 Go of 278 Go)
D:\ CD-ROM drive (Free 0 Go of 5 Go)
Q:\ Hard drive, Flash drive, Thumb drive (Free 0 Go of 0 Go)
---\\ Security Center & Tools Informations
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
~ Security Center: 32 Legitimates Filtered in 00mn 00s
---\\ Recherche particuli�re de fichiers g�n�riques
[MD5.332FEAB1435662FC6C672E25BEB37BE3] - (.Microsoft Corporation - Explorateur Windows.) (.26.05.2011 - 21:04:40.) -- C:\Windows\Explorer.exe [2871808]
[MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Application de d�marrage de Windows.) (.14.07.2009 - 02:39:52.) -- C:\Windows\System32\Wininit.exe [129024]
[MD5.12716D987D475B051F35895659159705] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.17.05.2013 - 01:59:03.) -- C:\Windows\System32\wininet.dll [2241024]
[MD5.1151B1BAA6F350B1DB6598E0FEA7C457] - (.Microsoft Corporation - Application d�ouverture de session Windows.) (.21.11.2010 - 04:24:29.) -- C:\Windows\System32\Winlogon.exe [390656]
[MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Biblioth�que de licences.) (.21.11.2010 - 04:24:16.) -- C:\Windows\System32\sppcomapi.dll [232448]
[MD5.1C7857B62DE5994A75B054A9FD4C3825] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.28.12.2011 - 04:59:24.) -- C:\Windows\system32\Drivers\AFD.sys [498688]
[MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14.07.2009 - 02:52:21.) -- C:\Windows\system32\Drivers\atapi.sys [24128]
[MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.14.07.2009 - 00:19:47.) -- C:\Windows\system32\Drivers\Cdfs.sys [92160]
[MD5.F036CE71586E93D94DAB220D7BDF4416] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.21.11.2010 - 04:23:47.) -- C:\Windows\system32\Drivers\Cdrom.sys [147456]
[MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.21.11.2010 - 04:24:32.) -- C:\Windows\system32\Drivers\DfsC.sys [102400]
[MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.21.11.2010 - 04:23:47.) -- C:\Windows\system32\Drivers\HDAudBus.sys [122368]
[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Pilote de port i8042.) (.14.07.2009 - 00:19:57.) -- C:\Windows\system32\Drivers\i8042prt.sys [105472]
[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.14.07.2009 - 01:10:03.) -- C:\Windows\system32\Drivers\IpNat.sys [116224]
[MD5.A5D9106A73DC88564C825D317CAC68AC] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.27.04.2011 - 03:40:40.) -- C:\Windows\system32\Drivers\MRxSmb.sys [158208]
[MD5.09594D1089C523423B32A4229263F068] - (.Microsoft Corporation - MBT Transport driver.) (.21.11.2010 - 04:23:51.) -- C:\Windows\system32\Drivers\netBT.sys [261632]
[MD5.B98F8C6E31CD07B2E6F71F7F648E38C0] - (.Microsoft Corporation - Pilote du syst�me de fichiers NT.) (.12.04.2013 - 15:45:08.) -- C:\Windows\system32\Drivers\ntfs.sys [1656680]
[MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Pilote de port parall�le.) (.14.07.2009 - 01:00:41.) -- C:\Windows\system32\Drivers\Parport.sys [97280]
[MD5.471815800AE33E6F1C32FB1B97C490CA] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.21.11.2010 - 04:24:33.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [129536]
[MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.14.07.2009 - 01:09:09.) -- C:\Windows\system32\Drivers\smb.sys [93184]
[MD5.DDAD5A7AB24D8B65F8D724F5C20FD806] - (.Microsoft Corporation - TDI Translation Driver.) (.21.11.2010 - 04:24:32.) -- C:\Windows\system32\Drivers\tdx.sys [119296]
[MD5.0D08D2F3B3FF84E433346669B5E0F639] - (.Microsoft Corporation - Pilote de clich� instantan� du volume.) (.21.11.2010 - 04:23:47.) -- C:\Windows\system32\Drivers\volsnap.sys [295808]
~ Generic Processes: Scanned in 00mn 00s
---\\ Etat des fichiers cach�s (Cach�/Total)
~ Mes images (My Pictures) : 1/393
~ Mes musiques (My Musics) : 1/9
~ Mes Videos (My Videos) : 1/2
~ Mes Favoris (My Favorites) : 1/20
~ Mes Documents (My Documents) : 1/1056
~ Mon Bureau (My Desktop) : 1/554
~ Menu demarrer (Programs) : 1/44
~ Hidden Files: Scanned in 00mn 00s
---\\ Processus lanc�s
[MD5.E4401CF27225C1D6E664E86195978562] - (.Apple Inc. - iTunesHelper.) -- C:\Program Files (x86)\iTunes\iTunesHelper.exe [152544] [PID.4316]
[MD5.3F11B20D12D89365D7721BDC860CE5F0] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe [4858968] [PID.4324]
[MD5.D63797E8E7781EE1500A810CB6194FA6] - (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816] [PID.4388]
[MD5.A1B303E029EE731119B1D985677FFAD2] - (.Ask - Ask Updater.) -- C:\Program Files (x86)\Ask.com\Updater\Updater.exe [1646216] [PID.4560]
[MD5.E0E38B274FD0B9F56D3B043788BBBFB7] - (.Sony of America Corporation - VaioCare Window Listener Application.) -- C:\Program Files\Sony\VAIO Care\listener.exe [81336] [PID.1156]
[MD5.2F3390C8E3620B3991D7D82014E26AA7] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [825808] [PID.4836]
[MD5.B8DD83B85636F7D6EC0F09B090E49130] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [7494656] [PID.5732]
[MD5.28D6701C710AD7BA3CB95E75F8F1A9AA] - (.AVAST Software - avast! Service.) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe [46808] [PID.1472]
[MD5.C2009C6A452BD07B30D773349589B762] - (.AVAST Software - avast! firewall service.) -- C:\Program Files\AVAST Software\Avast\afwServ.exe [137960] [PID.1564]
[MD5.4FE5C6D40664AE07BE5105874357D2ED] - (.Apple Inc. - MobileDeviceService.) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [57008] [PID.1896]
[MD5.4C4A576818EA028257C624AE36FF7A03] - (.Atheros - Atheros Coex Service Application.) -- C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [138400] [PID.1952]
[MD5.C3CDDD18F43D44AB713CF8C4916F7696] - (.Microsoft Corporation - Microsoft Application Virtualization Virtua.) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [219496] [PID.2124]
[MD5.387D3DFFCF0A544539E9C5D8B81169A2] - (.Sony Corporation - VAIO Control Center (Service Module).) -- C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe [66696] [PID.2272]
[MD5.13693B6354DD6E72DC5131DA7D764B90] - (.Microsoft Corporation - Microsoft Application Virtualization Client.) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [508776] [PID.2432]
[MD5.0A045A2325326B319ECC0006E2D9CEC6] - (.Sony Corporation - VAIO Control Center (Service Sub Module).) -- C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe [183432] [PID.2656]
[MD5.A63DC5C2EA944E6657203E0C8EDEAF61] - (.Microsoft Corporation - COM Surrogate.) -- C:\Windows\SysWOW64\DllHost.exe [7168] [PID.2768]
[MD5.72794D112CBAFF3BC0C29BF7350D4741] - (.Microsoft Corporation - Microsoft Office Client Virtualization Serv.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.exe [822624] [PID.1860]
[MD5.1474F121C3DF1232D3E7239C03691EE6] - (.Adobe Systems Incorporated - Adobe Photoshop Elements 9.0 (component).) -- C:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe [169408] [PID.1580]
[MD5.E79A8E33BD136D14BAE1FA20EB2EF124] - (.Intel Corporation - IAStorDataSvc.) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [13592] [PID.3996]
[MD5.F4A17DCAB576267C85663E64F3ACE5A4] - (.Intel Corporation - Local Manageability Service.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [326424] [PID.1016]
[MD5.1FE69F3C1CA1CF4B7EC7E2E9090FFFDC] - (.ArcSoft, Inc. - MgiSvr.) -- C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [105024] [PID.1228]
[MD5.DB641944F7E4B14C13C3FEFC89843F69] - (.Intel Corporation - User Notification Service.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2656536] [PID.2160]
[MD5.986BA923FF336B6DB24405C58DDD6090] - (.Sony Corporation - VAIOCare.) -- C:\Program Files\Sony\VAIO Care\VCService.exe [54408] [PID.1512]
~ Processes Running: Scanned in 00mn 00s
---\\ Google Chrome, D�marrage,Recherche,Extensions (G0,G1,G2)
C:\Users\media\AppData\Local\Google\Chrome\User Data\Default\Preferences
G1 - GCS: Preference [User Data\Default] http://websearch.ask.com
G2 - GCE: Preference [User Data\Default] [aaaaojmikegpiepcfdkkjaplodkpfmlo] Ask Toolbar v.7.15.23.42079 (Activ�) =>Toolbar.Ask
~ Google Browser: 23 Legitimates Filtered in 00mn 14s
---\\ Internet Explorer, D�marrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://vaioportal.sony.eu
R3 - URLSearchHook: UrlSearchHook Class [64Bits] - {00000000-6E41-4FD3-8538-502F5495E5FC} . (.Ask - Ask Toolbar.) (5.15.23.36191) -- C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll =>Toolbar.Ask
~ IE Browser: 17 Legitimates Filtered in 00mn 00s
---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride =;*.local
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s
---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s
---\\ Redirection du fichier Hosts (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 21
---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: Ask Toolbar BHO [64Bits] - {D4027C7F-154A-4066-A1AD-4243D8127440} . (.Ask - Ask Toolbar.) -- C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll =>Toolbar.Ask
~ BHO: 18 Legitimates Filtered in 00mn 00s
---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: (no name) [64Bits] - [HKLM]{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} Cl� orpheline
~ Toolbar: Scanned in 00mn 00s
---\\ Applications d�marr�es par registre & par dossier (O4)
O4 - HKCU\..\Run: [EA Core] C:\Program Files (x86)\Electronic Arts\EADM\Core.exe (.not file.)
O4 - HKCU\..\Run: [EADM] . (.Electronic Arts - Origin.) -- C:\Program Files (x86)\Origin\Origin.exe
O4 - HKCU\..\Run: [msnmsgr] . (.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
O4 - HKCU\..\RunOnce: [Application Restart #0] . (.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
O4 - HKCU\..\RunOnce: [Application Restart #1] . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O4 - HKLM\..\Wow6432Node\Run: [APSDaemon] . (.Apple Inc. - Apple Push.) -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
O4 - HKLM\..\Wow6432Node\Run: [iTunesHelper] . (.Apple Inc. - iTunesHelper.) -- C:\Program Files (x86)\iTunes\iTunesHelper.exe
O4 - HKLM\..\Wow6432Node\Run: [avast] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\avastUI.exe
O4 - HKLM\..\Wow6432Node\Run: [SunJavaUpdateSched] . (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
O4 - HKLM\..\Wow6432Node\Run: [ApnUpdater] . (.Ask - Ask Updater.) -- C:\Program Files (x86)\Ask.com\Updater\Updater.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe
O4 - HKUS\S-1-5-21-478446803-484296432-3205155776-1002\..\Run: [msnmsgr] ~"C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe (.not file.)
~ Application: Scanned in 00mn 00s
---\\ Autres liens utilisateurs (O4)
O4 - GS\TaskBar: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O4 - GS\TaskBar: Windows Explorer.lnk . (.Microsoft Corporation - Explorateur Windows.) -- C:\Windows\explorer.exe
O4 - GS\TaskBar: Windows Media Player.lnk . (.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe
O4 - GS\Programs: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\QuickLaunch: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O4 - GS\QuickLaunch: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\Accessories: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\Accessories: Private Character Editor.lnk . (.Microsoft Corporation - �diteur de caract�res priv�s.) -- C:\Windows\system32\eudcedit.exe
O4 - GS\SendTo: Fax Recipient.lnk . (.Microsoft Corporation - Microsoft Windows Fax and Scan.) -- C:\Windows\system32\WFS.exe
O4 - GS\Desktop: Audacity.lnk . (.The Audacity Team - Audacity�, the Free, Cross-Platform Sound E.) -- C:\Program Files (x86)\Audacity\audacity.exe
O4 - GS\Desktop: PhotoFiltre Studio X.lnk . (.Antonio Da Cruz - PhotoFiltre Studio.) -- C:\Program Files (x86)\PhotoFiltre Studio X\pfstudiox.exe
O4 - GS\Desktop: PhotoFiltre.lnk . (.Antonio Da Cruz - PhotoFiltre.) -- C:\Program Files (x86)\PhotoFiltre\PhotoFiltre.exe
O4 - GS\TaskBar: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\TaskBar: Microsoft Office 2010.lnk . (...) -- C:\Windows\Installer\{95140000-0070-0000-0000-0000000FF1CE}\oobeicon.exe
O4 - GS\TaskBar: Mozilla Firefox.lnk . (...) -- C:\Users\media\AppData\Local\Mozilla Firefox\firefox.exe (.not file.)
O4 - GS\Programs: Mozilla Firefox.lnk . (...) -- C:\Users\media\AppData\Local\Mozilla Firefox\firefox.exe (.not file.)
O4 - GS\SendTo: Skype.lnk . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe
O4 - GS\Desktop: Mozilla Firefox.lnk . (...) -- C:\Users\media\AppData\Local\Mozilla Firefox\firefox.exe (.not file.)
~ Global Startup: Scanned in 00mn 00s
---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{34E37C38-3E9D-487D-BE8B-F240BA83723A}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{34E37C38-3E9D-487D-BE8B-F240BA83723A}: DhcpDomain = sitecomwl351
O17 - HKLM\System\CS1\Services\Tcpip\..\{34E37C38-3E9D-487D-BE8B-F240BA83723A}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{34E37C38-3E9D-487D-BE8B-F240BA83723A}: DhcpDomain = sitecomwl351
O17 - HKLM\System\CS2\Services\Tcpip\..\{34E37C38-3E9D-487D-BE8B-F240BA83723A}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{34E37C38-3E9D-487D-BE8B-F240BA83723A}: DhcpDomain = sitecomwl351
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
~ Domain: Scanned in 00mn 00s
---\\ Protocole additionnel (O18)
O18 - Handler: wlpg [64Bits] - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (...) --
O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll
~ Protocole Additionnel: Scanned in 00mn 00s
---\\ Valeur de Registre AppInit_DLLs et sous-cl�s Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll
~ Winlogon: Scanned in 00mn 00s
---\\ T�ches planifi�es en automatique (O39)
[MD5.AEF195FC98A19DB3BAF3A88D8708AFBF] [APT] [Scheduled Update for Ask Toolbar] (...) -- C:\Program Files (x86)\Ask.com\UpdateTask.exe [137864] =>Toolbar.Ask
[MD5.E49E9ED46FFE5B675454E0FE307BEC9C] [APT] [{A47E3901-DE5B-4675-8C25-46D6DFC3EAD1}] (.Electronic Arts.) -- D:\autorun.exe [54544]
~ Scheduled Task: 42 Legitimates Filtered in 00mn 01s
---\\ Logiciels install�s (O42)
O42 - Logiciel: Ask Toolbar - (.Ask.com.) [HKLM][64Bits] -- {86D4B82A-ABED-442A-BE86-96357B70F4FE} =>Toolbar.Ask
O42 - Logiciel: Ask Toolbar Updater - (.Ask.com.) [HKCU][64Bits] -- {79A765E1-C399-405B-85AF-466F52E918B0} =>Toolbar.Ask
~ Logic: 146 Legitimates Filtered in 00mn 00s
---\\ HKCU & HKLM Software Keys
[HKCU\Software\APN]
[HKCU\Software\AppDataLow\Software\AskToolbar]
[HKCU\Software\Ask.com]
[HKCU\Software\Tqdigital]
[HKLM\Software\Wow6432Node\APN]
[HKLM\Software\Wow6432Node\AskToolbar]
[HKLM\Software\Wow6432Node\Tqdigital]
~ Key Software: 155 Legitimates Filtered in 00mn 00s
---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 15.06.2013 - 09:48:36 - [3.515] ----D C:\Program Files (x86)\Ask.com
O43 - CFD: 27.04.2013 - 22:28:15 - [2032.189] ----D C:\Program Files (x86)\NetDragon
O43 - CFD: 15.06.2013 - 09:38:26 - [0] ----D C:\ProgramData\Ask
O43 - CFD: 15.06.2013 - 09:48:33 - [0.192] ----D C:\Users\media\AppData\Local\APN
~ 1 Dossiers CLSID vides (CLSID Empty Folders)
~ Program Folder: 154 Legitimates Filtered in 00mn 03s
---\\ Derniers fichiers cr��s dans Windows Prefetcher (O45)
O45 - LFCP:[MD5.35608607F71ED7EB90655A6F9368B6FA] - 16.06.2013 - 18:42:50 ---A- - C:\Windows\Prefetch\VCSYSTEMTRAY.EXE-9E70A9A4.pf
O45 - LFCP:[MD5.06D3E7831EA56ACC65C33908CF6C7946] - 16.06.2013 - 18:42:51 ---A- - C:\Windows\Prefetch\VESGFXMGR.EXE-035A0F11.pf
~ Prefetcher: 91 Legitimates Filtered in 00mn 00s
---\\ MountPoints2 Shell Key (O51)
O51 - MPSK:{64a6b826-5f9f-11e1-86db-806e6f6e6963}\AutoRun\command. (.Electronic Arts - Autorun Application.) -- D:\Autorun.exe
~ Keys: Scanned in 00mn 00s
---\\ ShareTools MSconfig StartupReg (O53)
O53 - SMSR:HKLM\...\startupreg\Dolby Home Theater v4 [Key] . (...) -- C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe (.not file.)
~ SMSR Keys: 15 Legitimates Filtered in 00mn 00s
---\\ Microsoft Windows Policies System (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ MWPS: 18 Legitimates Filtered in 00mn 00s
---\\ Microsoft Windows Policies Explorer (O56)
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1
~ MWPE Keys: 6 Legitimates Filtered in 00mn 00s
---\\ Liste des Drivers Syst�me (O58)
O58 - SDL:[MD5.2F6B34B83843F0C5118B63AC634F5BF4] - 14.07.2009 - 02:52:21 ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\System32\Drivers\adp94xx.sys [491088]
O58 - SDL:[MD5.A5E770426D18F8EF332A593F3289DA91] - 21.06.2011 - 01:03:42 ---A- . (.Atheros Communications, Inc. - Atheros Extensible Wireless LAN device driver.) -- C:\Windows\System32\athrx.sys [2753536]
~ Drivers: Scanned in 00mn 00s
---\\ Derniers fichiers modifi�s ou cr�es (Utilisateur) (O61)
O61 - LFC: 16.06.2013 - 02:17:06 ---A- C:\Users\media\AppData\Local\Google\Chrome\User Data\Local State [35533]
~ Files: 163 Legitimates Filtered in 00mn 39s
---\\ Liste des outils de nettoyage (O63)
O63 - Logiciel: ZHPDiag 2013 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1
~ ADS: Scanned in 00mn 00s
---\\ File Associations Shell Spawning (O67)
O67 - Shell Spawning: <.html>[HKCU\..\open\Command] (.Not Key.)
~ FASS Keys: 19 Legitimates Filtered in 00mn 00s
---\\ Start Menu Internet (O68)
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
~ Keys: Scanned in 00mn 00s
---\\ Search Browser Infection (O69)
O69 - SBI: SearchScopes [HKCU] {133BD69A-6CC0-4827-8155-3603E69EEC00} - (Zinio) - http://services.zinio.com
O69 - SBI: SearchScopes [HKCU] {46EEC660-C435-4227-8EAD-1B3410D8FEC9} - (Ask Search) - http://websearch.ask.com
O69 - SBI: SearchScopes [HKCU] {8C2C416B-A601-4FBA-B6DE-60D0225F7673} - (eBay) - http://rover.ebay.com
~ Keys: Scanned in 00mn 00s
---\\ Recherche particuliere � la racine de certains dossiers (O84)
[MD5.4EF33D516F31BEB1C9847D1FDA69375C] [SPRF][13.06.2013] (...) -- C:\Users\media\Desktop\adwcleaner.exe [648201]
[MD5.09A3F926C400C29B3CF04FD15A0D8DEA] [SPRF][13.06.2013] (.Oleg N. Scherbakov - 7z Setup SFX.) -- C:\Users\media\Desktop\JRT.exe [545954]
~ Files: Scanned in 00mn 00s
---\\ Scan Additionnel (O88)
Database Version : v2.12472 - (13.06.2013)
Cl�s trouv�es (Keys found) : 49
Valeurs trouv�es (Values found) : 2
Dossiers trouv�s (Folders found) : 3
Fichiers trouv�s (Files found) : 0
[HKLM\Software\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}] =>Adware.AskSBAR
[HKLM\Software\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}] =>Toolbar.Ask
[HKLM\Software\Wow6432Node\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}] =>Toolbar.Ask
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}] =>Toolbar.Ask
[HKLM\Software\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}] =>Toolbar.Ask
[HKLM\Software\Wow6432Node\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}] =>Toolbar.Ask
[HKLM\Software\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}] =>Adware.AskSBAR
[HKLM\Software\Wow6432Node\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}] =>Adware.AskSBAR
[HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}] =>Adware.AskSBAR
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}] =>Adware.AskSBAR
[HKLM\Software\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}] =>Toolbar.Ask
[HKLM\Software\Wow6432Node\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}] =>Toolbar.Ask
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}] =>Adware.AskSBAR
[HKLM\Software\Classes\AppID\GenericAskToolbar.DLL] =>Adware.AskSBAR
[HKLM\Software\Classes\GenericAskToolbar.ToolbarWnd] =>Adware.AskSBAR
[HKLM\Software\Classes\GenericAskToolbar.ToolbarWnd.1] =>Adware.AskSBAR
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E12F736682067FDE4D1158D5940A82E] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1A24B5BB8521B03E0C8D908F5ABC0AE6] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\261F213D1F55267499B1F87D0CC3BCF7] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2B0D56C4F4C46D844A57FFED6F0D2852] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49D4375FE41653242AEA4C969E4E65E0] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AA0923513360135B272E8289C5F13FA] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6F7467AF8F29C134CBBAB394ECCFDE96] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\741B4ADF27276464790022C965AB6DA8] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7DE196B10195F5647A2B21B761F3DE01] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\922525DCC5199162F8935747CA3D8E59] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9D4F5849367142E4685ED8C25E44C5ED] =>Toolbar.Ask
[HKLM\Software\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF] =>Toolbar.AVGSearch
[HKLM\Software\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF] =>Toolbar.AVGSearch
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF] =>Toolbar.AVGSearch
[HKLM\Software\Wow6432Node\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF] =>Toolbar.AVGSearch
[HKLM\Software\Wow6432Node\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF] =>Toolbar.AVGSearch
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A5875B04372C19545BEB90D4D606C472] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A876D9E80B896EC44A8620248CC79296] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B66FFAB725B92594C986DE826A867888] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BCDA179D619B91648538E3394CAC94CC] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D677B1A9671D4D4004F6F2A4469E86EA] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DD1402A9DD4215A43ABDE169A41AFA0E] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E36E114A0EAD2AD46B381D23AD69CDDF] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EF8E618DB3AEDFBB384561B5C548F65E] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\F928123A039649549966D4C29D35B1C9] =>Adware.MyWebSearch
[HKCU\Software\APN] =>Toolbar.Ask
[HKLM\Software\Wow6432Node\APN] =>Toolbar.Ask
[HKCU\Software\Ask.com] =>Toolbar.AskBar
[HKCU\Software\AppDataLow\Software\AskToolbar] =>Toolbar.AskTBar
[HKLM\Software\Wow6432Node\AskToolbar] =>Toolbar.AskTBar
[HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-405B-85AF-466F52E918B0}] =>Toolbar.AskBar
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0CFE535C35F99574E8340BFA75BF92C2] =>Toolbar.Ask
[HKLM\Software\Wow6432Node\Google\Chrome\Extensions\aaaaojmikegpiepcfdkkjaplodkpfmlo] =>Toolbar.Ask
[HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks]:{00000000-6E41-4FD3-8538-502F5495E5FC} =>Adware.ShopperReports
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Toolbar]:{D4027C7F-154A-4066-A1AD-4243D8127440} =>Adware.AskSBAR
C:\Program Files (x86)\Ask.com =>Toolbar.AskBar
C:\Users\media\AppData\LocalLow\AskToolbar =>Toolbar.AskTBar
C:\Users\media\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaojmikegpiepcfdkkjaplodkpfmlo =>Toolbar.Ask
~ Additionnel Scan: 349046 Items scanned in 00mn 27s
---\\ Product Upgrade Codes (O90)
O90 - PUC: "A28B4D68DEBAA244EB686953B7074FEF" . (.Ask Toolbar.) -- C:\Windows\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE}\ARPPRODUCTICON.exe =>Toolbar.Ask
~ Update Products: 403 Legitimates Filtered in 00mn 00s
---\\ Etat g�n�ral des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SS - | Demand 18.03.2010 113152 | (ACDaemon) . (.ArcSoft Inc..) - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
SR - | Auto 30.09.2010 169408 | (AdobeActiveFileMonitor9.0) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe
SS - | Demand 12.06.2013 256904 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
SR - | Auto 21.12.2012 57008 | (Apple Mobile Device) . (.Apple Inc..) - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
SR - | Auto 05.07.2011 138400 | (Atheros Bt&Wlan Coex Agent) . (.Atheros.) - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
SR - | Auto 05.07.2011 98976 | (AtherosSvc) . (.Atheros Commnucations.) - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
SR - | Auto 09.05.2013 46808 | (avast! Antivirus) . (.AVAST Software.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
SR - | Auto 09.05.2013 137960 | (avast! Firewall) . (.AVAST Software.) - C:\Program Files\AVAST Software\Avast\afwServ.exe
SS - | Auto 11.06.2012 193616 | (BBSvc) . (.Microsoft Corporation..) - C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BBSvc.exe
SR - | Demand 11.06.2012 240208 | (BBUpdate) . (.Microsoft Corporation..) - C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.exe
SR - | Auto 30.08.2011 462184 | (Bonjour Service) . (.Apple Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe
SS - | Auto 11.06.2013 116648 | (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 11.06.2013 116648 | (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SR - | Auto 30.04.2011 13592 | (IAStorDataMgrSvc) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
SS - | Demand 03.04.2005 69632 | (IDriverT) . (.Macrovision Corporation.) - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
SR - | Demand 12.12.2012 641504 | (iPod Service) . (.Apple Inc..) - C:\Program Files\iPod\bin\iPodService.exe
SR - | Auto 24.06.2011 326424 | (LMS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
SR - | Auto 22.07.2011 259512 | (SampleCollector) . (.Sony Corporation.) - C:\Program Files\Sony\VAIO Care\VCPerfService.exe
SS - | Auto 13.07.2012 160944 | (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files (x86)\Skype\Updater\Updater.exe
SS - | Demand 21.02.2011 113824 | (SOHCImp) . (.Sony Corporation.) - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe
SS - | Demand 21.02.2011 67232 | (SOHDs) . (.Sony Corporation.) - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe
SS - | Demand 20.01.2011 286936 | (SpfService) . (.Sony Corporation.) - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe
SR - | Auto 23.02.2011 105024 | (uCamMonitor) . (.ArcSoft, Inc..) - C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
SR - | Auto 24.06.2011 2656536 | (UNS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
SR - | Auto 07.07.2011 66696 | (VAIO Event Service) . (.Sony Corporation.) - C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe
SR - | Auto 31.05.2011 552584 | (VAIO Power Management) . (.Sony Corporation.) - C:\Program Files\Sony\VAIO Power Management\SPMService.exe
SS - | Demand 20.01.2011 887000 | (VCFw) . (.Sony Corporation.) - C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
SS - | Demand 19.05.2011 549616 | (VcmIAlzMgr) . (.Sony Corporation.) - C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
SS - | Demand 18.02.2011 385336 | (VcmINSMgr) . (.Sony Corporation.) - C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe
SS - | Demand 18.02.2011 99104 | (VcmXmlIfHelper) . (.Sony Corporation.) - C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe
SR - | Demand 12.08.2011 54408 | (VCService) . (.Sony Corporation.) - C:\Program Files\Sony\VAIO Care\VCService.exe
SR - | Auto 15.07.2011 969352 | (VSNService) . (.Sony Corporation.) - C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
SS - | Demand 30.06.2011 1380480 | (VUAgent) . (.Sony Corporation.) - C:\Program Files\Sony\VAIO Update Common\VUAgent.exe
SS - | Demand 14.07.2009 27136 | C:\Program Files (x86)\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SS - | Demand 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe
SR - | Auto 14.07.2009 27136 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
~ Services: Scanned in 00mn 00s
---\\ Recherche Master Boot Record Infection (MBR)(O80)
Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net
Run by media at 16.06.2013 19:54:18
device: opened successfully
user: error reading MBR
Disk trace:
error: Read Descripteur non valide
kernel: error reading MBR
~ MBR: 10 Legitimates Filtered in 00mn 02s
---\\ Recherche Master Boot Record Infection (MBRCheck)(O80)
Written by ad13, http://ad13.geekstog
Run by media at 16.06.2013 19:54:20
********* Dump file Name *********
C:\PhysicalDisk0_MBR.bin
~ MBR: Scanned in 00mn 04s
~ 1659 Legitimates filtered by white list
End of the scan (518 lines in 03mn 24s)(0)
Run by media at 16.06.2013 19:50:55
WebSite: http://nicolascoolman.webs.com
State : Version � jour.
WhiteList : Enable
High Elevated Privileges : OK
UAC :
---\\ Web Browser
MSIE: Internet Explorer v10.0.9200.16618
GCIE: Google Chrome v27.0.1453.110 (Defaut)
---\\ Windows Product Information
~ Langage: Fran�ais
Windows 7 Home Premium Edition, 64-bit Service Pack 1 (Build 7601)
Windows Server License Manager Script : OK
~ Windows(R) 7, OEM_SLP channel
System Locked Preinstallation (OEM_SLP) : OK
Windows ID Activation : OK
~ Windows Partial Key : CGKHQ
Windows License : OK
~ Windows Remaining Initializations Number : 2
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK
---\\ System Protection
avast! Internet Security v8.0.1489.0
Malwarebytes Anti-Malware version 1.75.0.1300
Windows Defender W7
---\\ System Optimizer
---\\ Peer To Peer (P2P)
---\\ Software Update
Adobe Flash Player 11 Plugin
Adobe Reader X MUI
Java 7 Update 21
---\\ System Information
~ Processor: Intel64 Family 6 Model 42 Stepping 7, GenuineIntel
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 4007.2 MB (56% free)
System Restore: Activ� (Enable)
System drive C: has 191 GB (68%) free of 278 GB
---\\ Logged in mode
~ Computer Name: MEDIA-VAIO
~ User Name: media
~ All Users Names: media, C�dric, Administrateur,
~ Unselected Option: None
Logged in as Administrator
---\\ Environnement Variables
~ System Unit : C:\
~ %AppData% : C:\Users\media\AppData\Roaming\
~ %Desktop% : C:\Users\media\Desktop\
~ %Favorites% : C:\Users\media\Favorites\
~ %LocalAppData% : C:\Users\media\AppData\Local\
~ %StartMenu% : C:\Users\media\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\
---\\ DOS/Devices
C:\ Hard drive, Flash drive, Thumb drive (Free 191 Go of 278 Go)
D:\ CD-ROM drive (Free 0 Go of 5 Go)
Q:\ Hard drive, Flash drive, Thumb drive (Free 0 Go of 0 Go)
---\\ Security Center & Tools Informations
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
~ Security Center: 32 Legitimates Filtered in 00mn 00s
---\\ Recherche particuli�re de fichiers g�n�riques
[MD5.332FEAB1435662FC6C672E25BEB37BE3] - (.Microsoft Corporation - Explorateur Windows.) (.26.05.2011 - 21:04:40.) -- C:\Windows\Explorer.exe [2871808]
[MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Application de d�marrage de Windows.) (.14.07.2009 - 02:39:52.) -- C:\Windows\System32\Wininit.exe [129024]
[MD5.12716D987D475B051F35895659159705] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.17.05.2013 - 01:59:03.) -- C:\Windows\System32\wininet.dll [2241024]
[MD5.1151B1BAA6F350B1DB6598E0FEA7C457] - (.Microsoft Corporation - Application d�ouverture de session Windows.) (.21.11.2010 - 04:24:29.) -- C:\Windows\System32\Winlogon.exe [390656]
[MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Biblioth�que de licences.) (.21.11.2010 - 04:24:16.) -- C:\Windows\System32\sppcomapi.dll [232448]
[MD5.1C7857B62DE5994A75B054A9FD4C3825] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.28.12.2011 - 04:59:24.) -- C:\Windows\system32\Drivers\AFD.sys [498688]
[MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14.07.2009 - 02:52:21.) -- C:\Windows\system32\Drivers\atapi.sys [24128]
[MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.14.07.2009 - 00:19:47.) -- C:\Windows\system32\Drivers\Cdfs.sys [92160]
[MD5.F036CE71586E93D94DAB220D7BDF4416] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.21.11.2010 - 04:23:47.) -- C:\Windows\system32\Drivers\Cdrom.sys [147456]
[MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.21.11.2010 - 04:24:32.) -- C:\Windows\system32\Drivers\DfsC.sys [102400]
[MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.21.11.2010 - 04:23:47.) -- C:\Windows\system32\Drivers\HDAudBus.sys [122368]
[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Pilote de port i8042.) (.14.07.2009 - 00:19:57.) -- C:\Windows\system32\Drivers\i8042prt.sys [105472]
[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.14.07.2009 - 01:10:03.) -- C:\Windows\system32\Drivers\IpNat.sys [116224]
[MD5.A5D9106A73DC88564C825D317CAC68AC] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.27.04.2011 - 03:40:40.) -- C:\Windows\system32\Drivers\MRxSmb.sys [158208]
[MD5.09594D1089C523423B32A4229263F068] - (.Microsoft Corporation - MBT Transport driver.) (.21.11.2010 - 04:23:51.) -- C:\Windows\system32\Drivers\netBT.sys [261632]
[MD5.B98F8C6E31CD07B2E6F71F7F648E38C0] - (.Microsoft Corporation - Pilote du syst�me de fichiers NT.) (.12.04.2013 - 15:45:08.) -- C:\Windows\system32\Drivers\ntfs.sys [1656680]
[MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Pilote de port parall�le.) (.14.07.2009 - 01:00:41.) -- C:\Windows\system32\Drivers\Parport.sys [97280]
[MD5.471815800AE33E6F1C32FB1B97C490CA] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.21.11.2010 - 04:24:33.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [129536]
[MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.14.07.2009 - 01:09:09.) -- C:\Windows\system32\Drivers\smb.sys [93184]
[MD5.DDAD5A7AB24D8B65F8D724F5C20FD806] - (.Microsoft Corporation - TDI Translation Driver.) (.21.11.2010 - 04:24:32.) -- C:\Windows\system32\Drivers\tdx.sys [119296]
[MD5.0D08D2F3B3FF84E433346669B5E0F639] - (.Microsoft Corporation - Pilote de clich� instantan� du volume.) (.21.11.2010 - 04:23:47.) -- C:\Windows\system32\Drivers\volsnap.sys [295808]
~ Generic Processes: Scanned in 00mn 00s
---\\ Etat des fichiers cach�s (Cach�/Total)
~ Mes images (My Pictures) : 1/393
~ Mes musiques (My Musics) : 1/9
~ Mes Videos (My Videos) : 1/2
~ Mes Favoris (My Favorites) : 1/20
~ Mes Documents (My Documents) : 1/1056
~ Mon Bureau (My Desktop) : 1/554
~ Menu demarrer (Programs) : 1/44
~ Hidden Files: Scanned in 00mn 00s
---\\ Processus lanc�s
[MD5.E4401CF27225C1D6E664E86195978562] - (.Apple Inc. - iTunesHelper.) -- C:\Program Files (x86)\iTunes\iTunesHelper.exe [152544] [PID.4316]
[MD5.3F11B20D12D89365D7721BDC860CE5F0] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe [4858968] [PID.4324]
[MD5.D63797E8E7781EE1500A810CB6194FA6] - (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816] [PID.4388]
[MD5.A1B303E029EE731119B1D985677FFAD2] - (.Ask - Ask Updater.) -- C:\Program Files (x86)\Ask.com\Updater\Updater.exe [1646216] [PID.4560]
[MD5.E0E38B274FD0B9F56D3B043788BBBFB7] - (.Sony of America Corporation - VaioCare Window Listener Application.) -- C:\Program Files\Sony\VAIO Care\listener.exe [81336] [PID.1156]
[MD5.2F3390C8E3620B3991D7D82014E26AA7] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [825808] [PID.4836]
[MD5.B8DD83B85636F7D6EC0F09B090E49130] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [7494656] [PID.5732]
[MD5.28D6701C710AD7BA3CB95E75F8F1A9AA] - (.AVAST Software - avast! Service.) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe [46808] [PID.1472]
[MD5.C2009C6A452BD07B30D773349589B762] - (.AVAST Software - avast! firewall service.) -- C:\Program Files\AVAST Software\Avast\afwServ.exe [137960] [PID.1564]
[MD5.4FE5C6D40664AE07BE5105874357D2ED] - (.Apple Inc. - MobileDeviceService.) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [57008] [PID.1896]
[MD5.4C4A576818EA028257C624AE36FF7A03] - (.Atheros - Atheros Coex Service Application.) -- C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [138400] [PID.1952]
[MD5.C3CDDD18F43D44AB713CF8C4916F7696] - (.Microsoft Corporation - Microsoft Application Virtualization Virtua.) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [219496] [PID.2124]
[MD5.387D3DFFCF0A544539E9C5D8B81169A2] - (.Sony Corporation - VAIO Control Center (Service Module).) -- C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe [66696] [PID.2272]
[MD5.13693B6354DD6E72DC5131DA7D764B90] - (.Microsoft Corporation - Microsoft Application Virtualization Client.) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [508776] [PID.2432]
[MD5.0A045A2325326B319ECC0006E2D9CEC6] - (.Sony Corporation - VAIO Control Center (Service Sub Module).) -- C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe [183432] [PID.2656]
[MD5.A63DC5C2EA944E6657203E0C8EDEAF61] - (.Microsoft Corporation - COM Surrogate.) -- C:\Windows\SysWOW64\DllHost.exe [7168] [PID.2768]
[MD5.72794D112CBAFF3BC0C29BF7350D4741] - (.Microsoft Corporation - Microsoft Office Client Virtualization Serv.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.exe [822624] [PID.1860]
[MD5.1474F121C3DF1232D3E7239C03691EE6] - (.Adobe Systems Incorporated - Adobe Photoshop Elements 9.0 (component).) -- C:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe [169408] [PID.1580]
[MD5.E79A8E33BD136D14BAE1FA20EB2EF124] - (.Intel Corporation - IAStorDataSvc.) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [13592] [PID.3996]
[MD5.F4A17DCAB576267C85663E64F3ACE5A4] - (.Intel Corporation - Local Manageability Service.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [326424] [PID.1016]
[MD5.1FE69F3C1CA1CF4B7EC7E2E9090FFFDC] - (.ArcSoft, Inc. - MgiSvr.) -- C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [105024] [PID.1228]
[MD5.DB641944F7E4B14C13C3FEFC89843F69] - (.Intel Corporation - User Notification Service.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2656536] [PID.2160]
[MD5.986BA923FF336B6DB24405C58DDD6090] - (.Sony Corporation - VAIOCare.) -- C:\Program Files\Sony\VAIO Care\VCService.exe [54408] [PID.1512]
~ Processes Running: Scanned in 00mn 00s
---\\ Google Chrome, D�marrage,Recherche,Extensions (G0,G1,G2)
C:\Users\media\AppData\Local\Google\Chrome\User Data\Default\Preferences
G1 - GCS: Preference [User Data\Default] http://websearch.ask.com
G2 - GCE: Preference [User Data\Default] [aaaaojmikegpiepcfdkkjaplodkpfmlo] Ask Toolbar v.7.15.23.42079 (Activ�) =>Toolbar.Ask
~ Google Browser: 23 Legitimates Filtered in 00mn 14s
---\\ Internet Explorer, D�marrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://vaioportal.sony.eu
R3 - URLSearchHook: UrlSearchHook Class [64Bits] - {00000000-6E41-4FD3-8538-502F5495E5FC} . (.Ask - Ask Toolbar.) (5.15.23.36191) -- C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll =>Toolbar.Ask
~ IE Browser: 17 Legitimates Filtered in 00mn 00s
---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride =
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s
---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s
---\\ Redirection du fichier Hosts (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 21
---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: Ask Toolbar BHO [64Bits] - {D4027C7F-154A-4066-A1AD-4243D8127440} . (.Ask - Ask Toolbar.) -- C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll =>Toolbar.Ask
~ BHO: 18 Legitimates Filtered in 00mn 00s
---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: (no name) [64Bits] - [HKLM]{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} Cl� orpheline
~ Toolbar: Scanned in 00mn 00s
---\\ Applications d�marr�es par registre & par dossier (O4)
O4 - HKCU\..\Run: [EA Core] C:\Program Files (x86)\Electronic Arts\EADM\Core.exe (.not file.)
O4 - HKCU\..\Run: [EADM] . (.Electronic Arts - Origin.) -- C:\Program Files (x86)\Origin\Origin.exe
O4 - HKCU\..\Run: [msnmsgr] . (.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
O4 - HKCU\..\RunOnce: [Application Restart #0] . (.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
O4 - HKCU\..\RunOnce: [Application Restart #1] . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O4 - HKLM\..\Wow6432Node\Run: [APSDaemon] . (.Apple Inc. - Apple Push.) -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
O4 - HKLM\..\Wow6432Node\Run: [iTunesHelper] . (.Apple Inc. - iTunesHelper.) -- C:\Program Files (x86)\iTunes\iTunesHelper.exe
O4 - HKLM\..\Wow6432Node\Run: [avast] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\avastUI.exe
O4 - HKLM\..\Wow6432Node\Run: [SunJavaUpdateSched] . (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
O4 - HKLM\..\Wow6432Node\Run: [ApnUpdater] . (.Ask - Ask Updater.) -- C:\Program Files (x86)\Ask.com\Updater\Updater.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe
O4 - HKUS\S-1-5-21-478446803-484296432-3205155776-1002\..\Run: [msnmsgr] ~"C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe (.not file.)
~ Application: Scanned in 00mn 00s
---\\ Autres liens utilisateurs (O4)
O4 - GS\TaskBar: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O4 - GS\TaskBar: Windows Explorer.lnk . (.Microsoft Corporation - Explorateur Windows.) -- C:\Windows\explorer.exe
O4 - GS\TaskBar: Windows Media Player.lnk . (.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe
O4 - GS\Programs: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\QuickLaunch: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O4 - GS\QuickLaunch: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\Accessories: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\Accessories: Private Character Editor.lnk . (.Microsoft Corporation - �diteur de caract�res priv�s.) -- C:\Windows\system32\eudcedit.exe
O4 - GS\SendTo: Fax Recipient.lnk . (.Microsoft Corporation - Microsoft Windows Fax and Scan.) -- C:\Windows\system32\WFS.exe
O4 - GS\Desktop: Audacity.lnk . (.The Audacity Team - Audacity�, the Free, Cross-Platform Sound E.) -- C:\Program Files (x86)\Audacity\audacity.exe
O4 - GS\Desktop: PhotoFiltre Studio X.lnk . (.Antonio Da Cruz - PhotoFiltre Studio.) -- C:\Program Files (x86)\PhotoFiltre Studio X\pfstudiox.exe
O4 - GS\Desktop: PhotoFiltre.lnk . (.Antonio Da Cruz - PhotoFiltre.) -- C:\Program Files (x86)\PhotoFiltre\PhotoFiltre.exe
O4 - GS\TaskBar: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\TaskBar: Microsoft Office 2010.lnk . (...) -- C:\Windows\Installer\{95140000-0070-0000-0000-0000000FF1CE}\oobeicon.exe
O4 - GS\TaskBar: Mozilla Firefox.lnk . (...) -- C:\Users\media\AppData\Local\Mozilla Firefox\firefox.exe (.not file.)
O4 - GS\Programs: Mozilla Firefox.lnk . (...) -- C:\Users\media\AppData\Local\Mozilla Firefox\firefox.exe (.not file.)
O4 - GS\SendTo: Skype.lnk . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe
O4 - GS\Desktop: Mozilla Firefox.lnk . (...) -- C:\Users\media\AppData\Local\Mozilla Firefox\firefox.exe (.not file.)
~ Global Startup: Scanned in 00mn 00s
---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{34E37C38-3E9D-487D-BE8B-F240BA83723A}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{34E37C38-3E9D-487D-BE8B-F240BA83723A}: DhcpDomain = sitecomwl351
O17 - HKLM\System\CS1\Services\Tcpip\..\{34E37C38-3E9D-487D-BE8B-F240BA83723A}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{34E37C38-3E9D-487D-BE8B-F240BA83723A}: DhcpDomain = sitecomwl351
O17 - HKLM\System\CS2\Services\Tcpip\..\{34E37C38-3E9D-487D-BE8B-F240BA83723A}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{34E37C38-3E9D-487D-BE8B-F240BA83723A}: DhcpDomain = sitecomwl351
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
~ Domain: Scanned in 00mn 00s
---\\ Protocole additionnel (O18)
O18 - Handler: wlpg [64Bits] - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (...) --
O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll
~ Protocole Additionnel: Scanned in 00mn 00s
---\\ Valeur de Registre AppInit_DLLs et sous-cl�s Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll
~ Winlogon: Scanned in 00mn 00s
---\\ T�ches planifi�es en automatique (O39)
[MD5.AEF195FC98A19DB3BAF3A88D8708AFBF] [APT] [Scheduled Update for Ask Toolbar] (...) -- C:\Program Files (x86)\Ask.com\UpdateTask.exe [137864] =>Toolbar.Ask
[MD5.E49E9ED46FFE5B675454E0FE307BEC9C] [APT] [{A47E3901-DE5B-4675-8C25-46D6DFC3EAD1}] (.Electronic Arts.) -- D:\autorun.exe [54544]
~ Scheduled Task: 42 Legitimates Filtered in 00mn 01s
---\\ Logiciels install�s (O42)
O42 - Logiciel: Ask Toolbar - (.Ask.com.) [HKLM][64Bits] -- {86D4B82A-ABED-442A-BE86-96357B70F4FE} =>Toolbar.Ask
O42 - Logiciel: Ask Toolbar Updater - (.Ask.com.) [HKCU][64Bits] -- {79A765E1-C399-405B-85AF-466F52E918B0} =>Toolbar.Ask
~ Logic: 146 Legitimates Filtered in 00mn 00s
---\\ HKCU & HKLM Software Keys
[HKCU\Software\APN]
[HKCU\Software\AppDataLow\Software\AskToolbar]
[HKCU\Software\Ask.com]
[HKCU\Software\Tqdigital]
[HKLM\Software\Wow6432Node\APN]
[HKLM\Software\Wow6432Node\AskToolbar]
[HKLM\Software\Wow6432Node\Tqdigital]
~ Key Software: 155 Legitimates Filtered in 00mn 00s
---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 15.06.2013 - 09:48:36 - [3.515] ----D C:\Program Files (x86)\Ask.com
O43 - CFD: 27.04.2013 - 22:28:15 - [2032.189] ----D C:\Program Files (x86)\NetDragon
O43 - CFD: 15.06.2013 - 09:38:26 - [0] ----D C:\ProgramData\Ask
O43 - CFD: 15.06.2013 - 09:48:33 - [0.192] ----D C:\Users\media\AppData\Local\APN
~ 1 Dossiers CLSID vides (CLSID Empty Folders)
~ Program Folder: 154 Legitimates Filtered in 00mn 03s
---\\ Derniers fichiers cr��s dans Windows Prefetcher (O45)
O45 - LFCP:[MD5.35608607F71ED7EB90655A6F9368B6FA] - 16.06.2013 - 18:42:50 ---A- - C:\Windows\Prefetch\VCSYSTEMTRAY.EXE-9E70A9A4.pf
O45 - LFCP:[MD5.06D3E7831EA56ACC65C33908CF6C7946] - 16.06.2013 - 18:42:51 ---A- - C:\Windows\Prefetch\VESGFXMGR.EXE-035A0F11.pf
~ Prefetcher: 91 Legitimates Filtered in 00mn 00s
---\\ MountPoints2 Shell Key (O51)
O51 - MPSK:{64a6b826-5f9f-11e1-86db-806e6f6e6963}\AutoRun\command. (.Electronic Arts - Autorun Application.) -- D:\Autorun.exe
~ Keys: Scanned in 00mn 00s
---\\ ShareTools MSconfig StartupReg (O53)
O53 - SMSR:HKLM\...\startupreg\Dolby Home Theater v4 [Key] . (...) -- C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe (.not file.)
~ SMSR Keys: 15 Legitimates Filtered in 00mn 00s
---\\ Microsoft Windows Policies System (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ MWPS: 18 Legitimates Filtered in 00mn 00s
---\\ Microsoft Windows Policies Explorer (O56)
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1
~ MWPE Keys: 6 Legitimates Filtered in 00mn 00s
---\\ Liste des Drivers Syst�me (O58)
O58 - SDL:[MD5.2F6B34B83843F0C5118B63AC634F5BF4] - 14.07.2009 - 02:52:21 ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\System32\Drivers\adp94xx.sys [491088]
O58 - SDL:[MD5.A5E770426D18F8EF332A593F3289DA91] - 21.06.2011 - 01:03:42 ---A- . (.Atheros Communications, Inc. - Atheros Extensible Wireless LAN device driver.) -- C:\Windows\System32\athrx.sys [2753536]
~ Drivers: Scanned in 00mn 00s
---\\ Derniers fichiers modifi�s ou cr�es (Utilisateur) (O61)
O61 - LFC: 16.06.2013 - 02:17:06 ---A- C:\Users\media\AppData\Local\Google\Chrome\User Data\Local State [35533]
~ Files: 163 Legitimates Filtered in 00mn 39s
---\\ Liste des outils de nettoyage (O63)
O63 - Logiciel: ZHPDiag 2013 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1
~ ADS: Scanned in 00mn 00s
---\\ File Associations Shell Spawning (O67)
O67 - Shell Spawning: <.html>
~ FASS Keys: 19 Legitimates Filtered in 00mn 00s
---\\ Start Menu Internet (O68)
O68 - StartMenuInternet:
O68 - StartMenuInternet:
~ Keys: Scanned in 00mn 00s
---\\ Search Browser Infection (O69)
O69 - SBI: SearchScopes [HKCU] {133BD69A-6CC0-4827-8155-3603E69EEC00} - (Zinio) - http://services.zinio.com
O69 - SBI: SearchScopes [HKCU] {46EEC660-C435-4227-8EAD-1B3410D8FEC9} - (Ask Search) - http://websearch.ask.com
O69 - SBI: SearchScopes [HKCU] {8C2C416B-A601-4FBA-B6DE-60D0225F7673} - (eBay) - http://rover.ebay.com
~ Keys: Scanned in 00mn 00s
---\\ Recherche particuliere � la racine de certains dossiers (O84)
[MD5.4EF33D516F31BEB1C9847D1FDA69375C] [SPRF][13.06.2013] (...) -- C:\Users\media\Desktop\adwcleaner.exe [648201]
[MD5.09A3F926C400C29B3CF04FD15A0D8DEA] [SPRF][13.06.2013] (.Oleg N. Scherbakov - 7z Setup SFX.) -- C:\Users\media\Desktop\JRT.exe [545954]
~ Files: Scanned in 00mn 00s
---\\ Scan Additionnel (O88)
Database Version : v2.12472 - (13.06.2013)
Cl�s trouv�es (Keys found) : 49
Valeurs trouv�es (Values found) : 2
Dossiers trouv�s (Folders found) : 3
Fichiers trouv�s (Files found) : 0
[HKLM\Software\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}] =>Adware.AskSBAR
[HKLM\Software\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}] =>Toolbar.Ask
[HKLM\Software\Wow6432Node\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}] =>Toolbar.Ask
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}] =>Toolbar.Ask
[HKLM\Software\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}] =>Toolbar.Ask
[HKLM\Software\Wow6432Node\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}] =>Toolbar.Ask
[HKLM\Software\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}] =>Adware.AskSBAR
[HKLM\Software\Wow6432Node\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}] =>Adware.AskSBAR
[HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}] =>Adware.AskSBAR
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}] =>Adware.AskSBAR
[HKLM\Software\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}] =>Toolbar.Ask
[HKLM\Software\Wow6432Node\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}] =>Toolbar.Ask
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}] =>Adware.AskSBAR
[HKLM\Software\Classes\AppID\GenericAskToolbar.DLL] =>Adware.AskSBAR
[HKLM\Software\Classes\GenericAskToolbar.ToolbarWnd] =>Adware.AskSBAR
[HKLM\Software\Classes\GenericAskToolbar.ToolbarWnd.1] =>Adware.AskSBAR
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E12F736682067FDE4D1158D5940A82E] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1A24B5BB8521B03E0C8D908F5ABC0AE6] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\261F213D1F55267499B1F87D0CC3BCF7] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2B0D56C4F4C46D844A57FFED6F0D2852] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49D4375FE41653242AEA4C969E4E65E0] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AA0923513360135B272E8289C5F13FA] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6F7467AF8F29C134CBBAB394ECCFDE96] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\741B4ADF27276464790022C965AB6DA8] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7DE196B10195F5647A2B21B761F3DE01] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\922525DCC5199162F8935747CA3D8E59] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9D4F5849367142E4685ED8C25E44C5ED] =>Toolbar.Ask
[HKLM\Software\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF] =>Toolbar.AVGSearch
[HKLM\Software\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF] =>Toolbar.AVGSearch
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF] =>Toolbar.AVGSearch
[HKLM\Software\Wow6432Node\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF] =>Toolbar.AVGSearch
[HKLM\Software\Wow6432Node\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF] =>Toolbar.AVGSearch
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A5875B04372C19545BEB90D4D606C472] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A876D9E80B896EC44A8620248CC79296] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B66FFAB725B92594C986DE826A867888] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BCDA179D619B91648538E3394CAC94CC] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D677B1A9671D4D4004F6F2A4469E86EA] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DD1402A9DD4215A43ABDE169A41AFA0E] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E36E114A0EAD2AD46B381D23AD69CDDF] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EF8E618DB3AEDFBB384561B5C548F65E] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\F928123A039649549966D4C29D35B1C9] =>Adware.MyWebSearch
[HKCU\Software\APN] =>Toolbar.Ask
[HKLM\Software\Wow6432Node\APN] =>Toolbar.Ask
[HKCU\Software\Ask.com] =>Toolbar.AskBar
[HKCU\Software\AppDataLow\Software\AskToolbar] =>Toolbar.AskTBar
[HKLM\Software\Wow6432Node\AskToolbar] =>Toolbar.AskTBar
[HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-405B-85AF-466F52E918B0}] =>Toolbar.AskBar
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0CFE535C35F99574E8340BFA75BF92C2] =>Toolbar.Ask
[HKLM\Software\Wow6432Node\Google\Chrome\Extensions\aaaaojmikegpiepcfdkkjaplodkpfmlo] =>Toolbar.Ask
[HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks]:{00000000-6E41-4FD3-8538-502F5495E5FC} =>Adware.ShopperReports
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Toolbar]:{D4027C7F-154A-4066-A1AD-4243D8127440} =>Adware.AskSBAR
C:\Program Files (x86)\Ask.com =>Toolbar.AskBar
C:\Users\media\AppData\LocalLow\AskToolbar =>Toolbar.AskTBar
C:\Users\media\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaojmikegpiepcfdkkjaplodkpfmlo =>Toolbar.Ask
~ Additionnel Scan: 349046 Items scanned in 00mn 27s
---\\ Product Upgrade Codes (O90)
O90 - PUC: "A28B4D68DEBAA244EB686953B7074FEF" . (.Ask Toolbar.) -- C:\Windows\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE}\ARPPRODUCTICON.exe =>Toolbar.Ask
~ Update Products: 403 Legitimates Filtered in 00mn 00s
---\\ Etat g�n�ral des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SS - | Demand 18.03.2010 113152 | (ACDaemon) . (.ArcSoft Inc..) - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
SR - | Auto 30.09.2010 169408 | (AdobeActiveFileMonitor9.0) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe
SS - | Demand 12.06.2013 256904 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
SR - | Auto 21.12.2012 57008 | (Apple Mobile Device) . (.Apple Inc..) - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
SR - | Auto 05.07.2011 138400 | (Atheros Bt&Wlan Coex Agent) . (.Atheros.) - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
SR - | Auto 05.07.2011 98976 | (AtherosSvc) . (.Atheros Commnucations.) - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
SR - | Auto 09.05.2013 46808 | (avast! Antivirus) . (.AVAST Software.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
SR - | Auto 09.05.2013 137960 | (avast! Firewall) . (.AVAST Software.) - C:\Program Files\AVAST Software\Avast\afwServ.exe
SS - | Auto 11.06.2012 193616 | (BBSvc) . (.Microsoft Corporation..) - C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BBSvc.exe
SR - | Demand 11.06.2012 240208 | (BBUpdate) . (.Microsoft Corporation..) - C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.exe
SR - | Auto 30.08.2011 462184 | (Bonjour Service) . (.Apple Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe
SS - | Auto 11.06.2013 116648 | (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 11.06.2013 116648 | (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SR - | Auto 30.04.2011 13592 | (IAStorDataMgrSvc) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
SS - | Demand 03.04.2005 69632 | (IDriverT) . (.Macrovision Corporation.) - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
SR - | Demand 12.12.2012 641504 | (iPod Service) . (.Apple Inc..) - C:\Program Files\iPod\bin\iPodService.exe
SR - | Auto 24.06.2011 326424 | (LMS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
SR - | Auto 22.07.2011 259512 | (SampleCollector) . (.Sony Corporation.) - C:\Program Files\Sony\VAIO Care\VCPerfService.exe
SS - | Auto 13.07.2012 160944 | (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files (x86)\Skype\Updater\Updater.exe
SS - | Demand 21.02.2011 113824 | (SOHCImp) . (.Sony Corporation.) - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe
SS - | Demand 21.02.2011 67232 | (SOHDs) . (.Sony Corporation.) - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe
SS - | Demand 20.01.2011 286936 | (SpfService) . (.Sony Corporation.) - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe
SR - | Auto 23.02.2011 105024 | (uCamMonitor) . (.ArcSoft, Inc..) - C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
SR - | Auto 24.06.2011 2656536 | (UNS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
SR - | Auto 07.07.2011 66696 | (VAIO Event Service) . (.Sony Corporation.) - C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe
SR - | Auto 31.05.2011 552584 | (VAIO Power Management) . (.Sony Corporation.) - C:\Program Files\Sony\VAIO Power Management\SPMService.exe
SS - | Demand 20.01.2011 887000 | (VCFw) . (.Sony Corporation.) - C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
SS - | Demand 19.05.2011 549616 | (VcmIAlzMgr) . (.Sony Corporation.) - C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
SS - | Demand 18.02.2011 385336 | (VcmINSMgr) . (.Sony Corporation.) - C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe
SS - | Demand 18.02.2011 99104 | (VcmXmlIfHelper) . (.Sony Corporation.) - C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe
SR - | Demand 12.08.2011 54408 | (VCService) . (.Sony Corporation.) - C:\Program Files\Sony\VAIO Care\VCService.exe
SR - | Auto 15.07.2011 969352 | (VSNService) . (.Sony Corporation.) - C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
SS - | Demand 30.06.2011 1380480 | (VUAgent) . (.Sony Corporation.) - C:\Program Files\Sony\VAIO Update Common\VUAgent.exe
SS - | Demand 14.07.2009 27136 | C:\Program Files (x86)\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SS - | Demand 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe
SR - | Auto 14.07.2009 27136 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
~ Services: Scanned in 00mn 00s
---\\ Recherche Master Boot Record Infection (MBR)(O80)
Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net
Run by media at 16.06.2013 19:54:18
device: opened successfully
user: error reading MBR
Disk trace:
error: Read Descripteur non valide
kernel: error reading MBR
~ MBR: 10 Legitimates Filtered in 00mn 02s
---\\ Recherche Master Boot Record Infection (MBRCheck)(O80)
Written by ad13, http://ad13.geekstog
Run by media at 16.06.2013 19:54:20
********* Dump file Name *********
C:\PhysicalDisk0_MBR.bin
~ MBR: Scanned in 00mn 04s
~ 1659 Legitimates filtered by white list
End of the scan (518 lines in 03mn 24s)(0)