Rapport de ZHPDiag v2013.4.20.122 par Nicolas Coolman, Update du 20/04/2013 Run by Utilisateur at 21/04/2013 18:01:16 State : Version à jour. WhiteList : Enable High Elevated Privileges : OK UAC : Deactivate by program ---\\ Web Browser MSIE: Internet Explorer v10.0.9200.16540 MFIE: Mozilla Firefox 10.0.2 (Defaut) ---\\ Windows Product Information ~ Langage: Français Windows 8 Home Premium Edition, 64-bit (Build 9200) Windows Server License Manager Script : OK ~ ion : Windows(R) Operating System, OEM_DM channel Windows ID Activation : OK ~ Windows Partial Key : 3PBQ6 Windows License : OK ~ Windows Remaining Initializations Number : 999 Software Protection Service (Protection logicielle) : OK Windows Automatic Updates : OK Windows Activation Technologies : OK ---\\ System Protection Kaspersky Anti-Virus 2013 v13.0.1.4190 Malwarebytes Anti-Malware version 1.75.0.1300 Windows Defender W8 ---\\ System Optimizer CCleaner v4.00 ---\\ Software Update Adobe Reader X Java 7 Update 21 ---\\ System Information ~ Processor: Intel64 Family 6 Model 58 Stepping 9, GenuineIntel ~ Operating System: 64 Bits Boot mode: Normal (Normal boot) Total RAM: 5962 MB (72% free) System Restore: Activé (Enable) System drive C: has 804 GB (87%) free of 914 GB ---\\ Logged in mode ~ Computer Name: PORTABLE-ACER ~ User Name: Utilisateur ~ All Users Names: Utilisateur, UpdatusUser, Administrateur, ~ Unselected Option: None Logged in as Administrator ---\\ Environnement Variables ~ System Unit : C:\ ~ %AppData% : C:\Users\Utilisateur\AppData\Roaming\ ~ %Desktop% : C:\Users\Utilisateur\Desktop\ ~ %Favorites% : C:\Users\Utilisateur\Favorites\ ~ %LocalAppData% : C:\Users\Utilisateur\AppData\Local\ ~ %StartMenu% : C:\Users\Utilisateur\AppData\Roaming\Microsoft\Windows\Start Menu\ ~ %Windir% : C:\Windows\ ~ %System% : C:\Windows\System32\ ---\\ DOS/Devices C:\ Hard drive, Flash drive, Thumb drive (Free 804 Go of 914 Go) D:\ CD-ROM drive (Not Inserted) ---\\ Security Center & Tools Informations [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : OK ~ Security Center: Scanned in 00mn 00s ---\\ Recherche particulière de fichiers génériques [MD5.E13A31D5254C25406A7946BDD9B06364] - (.Microsoft Corporation - Explorateur Windows.) (.11/10/2012 - 08:35:16.) -- C:\Windows\Explorer.exe [2380944] [MD5.FE9AB232B56A12224E8A3F3F9878C9A3] - (.Microsoft Corporation - Application de démarrage de Windows.) (.26/07/2012 - 04:08:50.) -- C:\Windows\System32\Wininit.exe [132608] [MD5.753C0848AE7872A3F59663078A517293] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.21/02/2013 - 11:15:07.) -- C:\Windows\System32\wininet.dll [2240512] [MD5.BCF2036A0DD579E47C008C133550283E] - (.Microsoft Corporation - Application d’ouverture de session Windows.) (.11/10/2012 - 06:46:58.) -- C:\Windows\System32\Winlogon.exe [517120] [MD5.9448F5740A037EC0C18F0E9177232DD0] - (.Microsoft Corporation - Bibliothèque de licences.) (.26/07/2012 - 04:07:20.) -- C:\Windows\System32\sppcomapi.dll [273408] [MD5.36D6A3201721558A8AFBCC09C2DA4C2C] - (.Microsoft Corporation - Pilote de fonction connexe pour WinSock.) (.06/11/2012 - 04:53:44.) -- C:\Windows\system32\Drivers\AFD.sys [560640] [MD5.A721FF570C2387E383BDDEA9632863C9] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.26/07/2012 - 06:00:48.) -- C:\Windows\system32\Drivers\atapi.sys [25840] [MD5.990B1BABE6E81FB18E65A87EBEFB1772] - (.Microsoft Corporation - CD-ROM File System Driver.) (.26/07/2012 - 03:30:10.) -- C:\Windows\system32\Drivers\Cdfs.sys [108544] [MD5.339BFF85D788268752DA8C9644B188EE] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.26/07/2012 - 03:26:36.) -- C:\Windows\system32\Drivers\Cdrom.sys [174080] [MD5.09D9EB9E7898F8E6561473A20CC808B9] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.26/07/2012 - 03:26:53.) -- C:\Windows\system32\Drivers\DfsC.sys [118784] [MD5.7D87B5B6C7188D553E11B59DC7F0B111] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.20/09/2012 - 07:08:44.) -- C:\Windows\system32\Drivers\HDAudBus.sys [71168] [MD5.C9E9CBF73AFFBFE3E801EFB516787BA3] - (.Microsoft Corporation - Pilote de port i8042.) (.26/07/2012 - 03:28:51.) -- C:\Windows\system32\Drivers\i8042prt.sys [112640] [MD5.3969B9C218DD3FAA9F4ED2FFC3651C02] - (.Microsoft Corporation - IP Network Address Translator.) (.26/07/2012 - 03:23:01.) -- C:\Windows\system32\Drivers\IpNat.sys [145920] [MD5.93179D48066918323628CB016D8C94DC] - (.Microsoft Corporation - Minirdr SMB Windows NT.) (.05/02/2013 - 23:29:09.) -- C:\Windows\system32\Drivers\MRxSmb.sys [370688] [MD5.7CEC25C682D319D484630B3952C31A11] - (.Microsoft Corporation - MBT Transport driver.) (.26/07/2012 - 03:24:28.) -- C:\Windows\system32\Drivers\netBT.sys [331776] [MD5.76929F4A69E425911A63B407E26C2589] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.02/02/2013 - 11:54:54.) -- C:\Windows\system32\Drivers\ntfs.sys [1933544] [MD5.4563DAF8C6A740AD7F501E219BD10766] - (.Microsoft Corporation - Pilote de port parallèle.) (.26/07/2012 - 03:29:53.) -- C:\Windows\system32\Drivers\Parport.sys [105984] [MD5.A14D625C5AEE5FFE0F47D1A1D419FAAE] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.26/07/2012 - 03:23:17.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [124928] [MD5.B2A3AD74FF2E2FFA73AF2567108231B3] - (.Microsoft Corporation - Redirecteur de périphérique de Microsoft RDP.) (.26/07/2012 - 03:25:18.) -- C:\Windows\system32\Drivers\rdpdr.sys [179712] [MD5.73DC722CE5DF26D7638CE2446F2655C7] - (.Microsoft Corporation - TDI Translation Driver.) (.26/07/2012 - 06:26:47.) -- C:\Windows\system32\Drivers\tdx.sys [117248] [MD5.2FB3CDFD5EAF4CD9D4AFAF96877D13AE] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.26/07/2012 - 05:57:09.) -- C:\Windows\system32\Drivers\volsnap.sys [332016] ~ Generic Processes: Scanned in 00mn 00s ---\\ Etat des fichiers cachés (Caché/Total) ~ Mes images (My Pictures) : 1/6 ~ Mes Favoris (My Favorites) : 1/1987 ~ Mes Documents (My Documents) : 1/680 ~ Mon Bureau (My Desktop) : 1/110 ~ Menu demarrer (Programs) : 1/32 ~ Hidden Files: Scanned in 00mn 00s ---\\ Processus lancés [MD5.1B38F4C2BCDB133B757E22BEB61FB3FC] - (.Dritek System Inc. - Launch Manager.) -- C:\Program Files (x86)\Launch Manager\LManager.exe [1176176] [PID.3096] [MD5.3C3B37BD28CF8E7CC7C89C8C0D5F2B34] - (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe [18672232] [PID.1256] [MD5.0D8A2C637046E578EFC7F08EBE86555F] - (.Microsoft Corporation - Microsoft SkyDrive.) -- C:\Users\Utilisateur\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe [256600] [PID.3032] [MD5.68B4E27EF0698FBDDD58753756C7EE6E] - (.NTI Corporation - Acer Backup Manager.) -- C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe [533568] [PID.5180] [MD5.E84DA43E726D043CA2DEE71F01DB261A] - (.Microsoft Corporation - Microsoft OneNote Quick Launcher.) -- C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.exe [228448] [PID.5964] [MD5.D63797E8E7781EE1500A810CB6194FA6] - (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816] [PID.4864] [MD5.587EFD6A3A30A35A27904D21AE1FB882] - (.Kaspersky Lab ZAO - Kaspersky Anti-Virus.) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe [356376] [PID.1196] [MD5.7AE4D6C70C2D7912AB2B4651DF595575] - (.CyberLink - MediaEspresso DeviceDetector.) -- C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe [990320] [PID.3656] [MD5.1C1DF0FA3ED8892C42DF7C8962E328BA] - (.Pas de propriétaire - iuEmailOutlookAgent.) -- C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuEmailOutlookAgent.exe [25232] [PID.2492] [MD5.804E2D61CDF360A4492C86D6132135CC] - (.Pas de propriétaire - iuBrowserIEAgent.) -- C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuBrowserIEAgent.exe [44176] [PID.3220] [MD5.60A3399135BEFC6F4BADBD6C13A4AC24] - (.Microsoft Corporation - Hôte Microsoft WWA.) -- C:\Windows\syswow64\wwahost.exe [333824] [PID.7472] [MD5.FC23F9D6BCBF9C25563DEEB9AC2514F9] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [6919680] [PID.1396] ~ Processes Running: Scanned in 00mn 00s ---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3) C:\Users\Utilisateur\AppData\Roaming\Mozilla\Firefox\Profiles\kmrd7b3h.default\prefs.js ~ Firefox Browser: 12 Legitimates Filtered in 00mn 00s ---\\ Internet Explorer, Proxy Management (R5) R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll ~ Proxy management: Scanned in 00mn 00s ---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe, F2 - REG:system.ini: Shell=C:\Windows\explorer.exe F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe ~ Keys: Scanned in 00mn 00s ---\\ Redirection du fichier Hosts (O1) ~ Le fichier hosts est sain (The hosts file is clean). ~ Hosts File: Scanned in 00mn 00s ~ Nombre de lignes (Lines number): 21 ---\\ Internet Explorer Toolbars (O3) O3 - Toolbar: (no name) [64Bits] - [HKLM]{9421DD08-935F-4701-A9CA-22DF90AC4EA6} Clé orpheline ~ Toolbar: Scanned in 00mn 00s ---\\ Applications démarrées par registre & par dossier (O4) O4 - HKLM\..\Run: [IgfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\Windows\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\Windows\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\Windows\system32\igfxpers.exe O4 - HKLM\..\Run: [RtHDVCpl] . (.Realtek Semiconductor - Gestionnaire audio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe O4 - HKLM\..\Run: [RtHDVBg_Dolby] . (.Realtek Semiconductor - HD Audio Background Process.) -- C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe O4 - HKLM\..\Run: [BtPreLoad] . (...) -- C:\Program Files (x86)\Bluetooth Suite\BtPreLoad.exe O4 - HKCU\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe O4 - HKCU\..\Run: [GarminExpressTrayApp] . (.Garmin Ltd or its subsidiaries - Express Tray.) -- C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe O4 - HKCU\..\Run: [Sony PC Companion] . (.Sony - Sony PC Companion.) -- C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe O4 - HKCU\..\Run: [SkyDrive] . (.Microsoft Corporation - Microsoft SkyDrive.) -- C:\Users\Utilisateur\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe O4 - HKCU\..\Run: [Google Update] . (.Google Inc. - Programme d'installation de Google.) -- C:\Users\Utilisateur\AppData\Local\Google\Update\GoogleUpdate.exe O4 - HKCU\..\Run: [MusicManager] . (.Google Inc. - Music Manager.) -- C:\Users\Utilisateur\AppData\Local\Programs\Google\MusicManager\MusicManager.exe O4 - HKCU\..\Run: [Spotify Web Helper] . (.Spotify Ltd - SpotifyWebHelper.) -- C:\Users\Utilisateur\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe O4 - HKCU\..\RunOnce: [Uninstall C:\Users\Utilisateur\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64] . (.Microsoft Corporation - Interpréteur de commandes Windows.) -- C:\Windows\system32\cmd.exe O4 - HKCU\..\RunOnce: [Uninstall C:\Users\Utilisateur\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112\amd64] . (.Microsoft Corporation - Interpréteur de commandes Windows.) -- C:\Windows\system32\cmd.exe O4 - HKLM\..\Wow6432Node\Run: [Dolby Home Theater v4] . (.Dolby Laboratories Inc. - Dolby Profile Selector.) -- C:\Dolby PCEE4\pcee4.exe O4 - HKLM\..\Wow6432Node\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe O4 - HKLM\..\Wow6432Node\Run: [AVP] . (.Kaspersky Lab ZAO - Kaspersky Anti-Virus.) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\runner_avp.exe O4 - HKLM\..\Wow6432Node\Run: [SunJavaUpdateSched] . (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe O4 - HKUS\S-1-5-18\..\RunOnce: [IsMyWinLockerReboot] . (.Microsoft Corporation - Installateur Windows®.) -- C:\Windows\System32\msiexec.exe O4 - HKUS\S-1-5-19\..\RunOnce: [IsMyWinLockerReboot] . (.Microsoft Corporation - Installateur Windows®.) -- C:\Windows\System32\msiexec.exe O4 - HKUS\S-1-5-20\..\RunOnce: [IsMyWinLockerReboot] . (.Microsoft Corporation - Installateur Windows®.) -- C:\Windows\System32\msiexec.exe O4 - HKUS\S-1-5-21-1997297245-714959127-2717857365-1002\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe O4 - HKUS\S-1-5-21-1997297245-714959127-2717857365-1002\..\Run: [GarminExpressTrayApp] . (.Garmin Ltd or its subsidiaries - Express Tray.) -- C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe O4 - HKUS\S-1-5-21-1997297245-714959127-2717857365-1002\..\Run: [Sony PC Companion] . (.Sony - Sony PC Companion.) -- C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe O4 - HKUS\S-1-5-21-1997297245-714959127-2717857365-1002\..\Run: [SkyDrive] . (.Microsoft Corporation - Microsoft SkyDrive.) -- C:\Users\Utilisateur\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe O4 - HKUS\S-1-5-21-1997297245-714959127-2717857365-1002\..\Run: [Google Update] . (.Google Inc. - Programme d'installation de Google.) -- C:\Users\Utilisateur\AppData\Local\Google\Update\GoogleUpdate.exe O4 - HKUS\S-1-5-21-1997297245-714959127-2717857365-1002\..\Run: [MusicManager] . (.Google Inc. - Music Manager.) -- C:\Users\Utilisateur\AppData\Local\Programs\Google\MusicManager\MusicManager.exe O4 - HKUS\S-1-5-21-1997297245-714959127-2717857365-1002\..\Run: [Spotify Web Helper] . (.Spotify Ltd - SpotifyWebHelper.) -- C:\Users\Utilisateur\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe O4 - HKUS\S-1-5-21-1997297245-714959127-2717857365-1002\..\RunOnce: [Uninstall C:\Users\Utilisateur\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64] . (.Microsoft Corporation - Interpréteur de commandes Windows.) -- C:\Windows\system32\cmd.exe O4 - HKUS\S-1-5-21-1997297245-714959127-2717857365-1002\..\RunOnce: [Uninstall C:\Users\Utilisateur\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112\amd64] . (.Microsoft Corporation - Interpréteur de commandes Windows.) -- C:\Windows\system32\cmd.exe ~ Application: Scanned in 00mn 00s ---\\ Autres liens utilisateurs (O4) O4 - GS\QuickLaunch: Labography.lnk . (.axpha - Pas de description.) -- C:\Program Files (x86)\Labography\Labography.exe O4 - GS\Desktop: Ancien disque.lnk . (...) -- C:\Users\Public\Documents\Ancien disque O4 - GS\Desktop: caroline.cassegrain - Raccourci.lnk . (...) -- C:\Users\Public\Documents\Ancien disque\Partition DATA\caroline.cassegrain O4 - GS\Desktop: Dropbox.lnk . (.Dropbox, Inc. - Dropbox.) -- C:\Users\Utilisateur\AppData\Roaming\Dropbox\bin\Dropbox.exe O4 - GS\Desktop: GoToAssist Customer.lnk . (.Citrix Online, a division of Citrix Systems - GoToAssist.) -- C:\Program Files (x86)\Citrix\GoToAssist Remote Support Customer\461\g2ax_service.exe O4 - GS\Desktop: Microsoft Office.lnk . (...) -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office O4 - GS\Desktop: Microsoft Outlook 2010.lnk . (...) -- C:\Windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\outicon.exe O4 - GS\Desktop: Microsoft Word 2010.lnk . (...) -- C:\Windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\wordicon.exe O4 - GS\Desktop: Movie Maker.lnk . (.Microsoft Corporation - Movie Maker.) -- C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.exe O4 - GS\Desktop: Spotify.lnk . (.Spotify Ltd - Spotify.) -- C:\Users\Utilisateur\AppData\Roaming\Spotify\spotify.exe ~ Global Startup: Scanned in 00mn 00s ---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9) O9 - Extra button: Clavier virtuel [64Bits] - {0C4CC089-D306-440D-9772-464E226F6539} . (...) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\kbrd.ico O9 - Extra button: &Envoyer à OneNote [64Bits] - {2670000A-7350-4f3c-8081-5663EE0C6C49} . (.Microsoft Corporation - Microsoft OneNote Internet Explorer Add-in.) -- C:\Program Files (x86)\MICROS~1\Office14\ONBttnIE.dll O9 - Extra button: Send by Bluetooth to [64Bits] - {7815BE26-237D-41A8-A98F-F7BD75F71086} -- Clé orpheline O9 - Extra button: Notes &liées OneNote [64Bits] - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} . (.Microsoft Corporation - Microsoft OneNote Internet Explorer Add-in.) -- C:\Program Files (x86)\MICROS~1\Office14\ONBTTN~1.dll O9 - Extra button: Analyse des liens [64Bits] - {CCF151D8-D089-449F-A5A4-D9909053F20F} . (...) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\logo.ico ~ IE Extra Buttons: Scanned in 00mn 00s ---\\ Modification Domaine/Adresses DNS (O17) O17 - HKLM\System\CCS\Services\Tcpip\..\{22EE4085-2678-429C-B002-3D9FB5ECB895}: DhcpNameServer = 192.168.1.1 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\..\{CFD1BB39-00BE-40E1-8759-01940423DFFC}: DhcpNameServer = 192.168.1.1 192.168.1.1 O17 - HKLM\System\CS1\Services\Tcpip\..\{22EE4085-2678-429C-B002-3D9FB5ECB895}: DhcpNameServer = 192.168.1.1 192.168.1.1 O17 - HKLM\System\CS1\Services\Tcpip\..\{CFD1BB39-00BE-40E1-8759-01940423DFFC}: DhcpNameServer = 192.168.1.1 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 192.168.1.1 ~ Domain: Scanned in 00mn 00s ---\\ Protocole additionnel (O18) O18 - Handler: wlpg [64Bits] - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (...) -- O18 - Filter: text/xml [64Bits] - {807573E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.dll ~ Protocole Additionnel: Scanned in 00mn 00s ---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20) O20 - Winlogon Notify: GoToAssist Express Customer . (.Citrix Online, a division of Citrix Systems - GoToAssist.) -- C:\Program Files (x86)\Citrix\GoToAssist Remote Support Customer\461\g2ax_winlogonx64.dll O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll ~ Winlogon: Scanned in 00mn 00s ---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20) O20 - AppInit_DLLs: . (.NVIDIA Corporation - NVIDIA shim initialization dll, Version 307.) - C:\Windows\system32\nvinitx.dll ~ AppInit DLL: Scanned in 00mn 00s ---\\ Tâches planifiées en automatique (O39) [MD5.00000000000000000000000000000000] [APT] [{E57A24C2-827C-40C1-969C-50CA07BAAB17}] (...) -- C:\Program Files\McAfee\MSC\mcuihost.exe (.not file.) [0] ~ Scheduled Task: 16 Legitimates Filtered in 00mn 01s ---\\ Logiciels installés (O42) O42 - Logiciel: Kazoo Player - (...) [HKLM][64Bits] -- Kazoo Player O42 - Logiciel: PC Sync - (.France Telecom.) [HKLM][64Bits] -- {A4DCAA77-151D-4CE9-8D79-E4ADB48031A2} ~ Logic: 144 Legitimates Filtered in 00mn 00s ---\\ HKCU & HKLM Software Keys [HKCU\Software\Voxmobili] [HKLM\Software\Wow6432Node\LightWork Design] [HKLM\Software\Wow6432Node\Voxmobili] ~ Key Software: 205 Legitimates Filtered in 00mn 00s ---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43) O43 - CFD: 01/03/2013 - 10:01:27 - [1,978] ----D C:\Program Files (x86)\Lang O43 - CFD: 01/03/2013 - 10:26:35 - [4,912] ----D C:\Program Files (x86)\PC Sync O43 - CFD: 22/02/2013 - 00:23:00 - [0,257] ----D C:\Users\Utilisateur\AppData\Roaming\lm O43 - CFD: 03/04/2013 - 18:22:29 - [0,126] ----D C:\Users\Utilisateur\AppData\Roaming\Voxmobili ~ Program Folder: 174 Legitimates Filtered in 00mn 00s ---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44) O44 - LFC:[MD5.EE3EBB40636DFE10BFADC6BBC7A803C1] - 12/04/2013 - 17:47:37 ---A- . (...) -- C:\DelFix.txt [538] O44 - LFC:[MD5.4FD2E5BDBBBAB094B65E76908F9FADB3] - 12/04/2013 - 17:30:12 ---A- . (...) -- C:\Windows\SysNative\ApnDatabase.xml [387867] O44 - LFC:[MD5.4FD2E5BDBBBAB094B65E76908F9FADB3] - 12/04/2013 - 17:30:12 RSHAD . (...) -- C:\Windows\System32\ApnDatabase.xml [387867] ~ Files: 150 Legitimates Filtered in 00mn 02s ---\\ Derniers fichiers créés dans Windows Prefetcher (O45) O45 - LFCP:[MD5.7E5FC43565DFE3FCD0393DD05B6734B8] - 16/04/2013 - 16:30:17 ---A- - C:\Windows\Prefetch\G2AX_COMM_CUSTOMER.EXE-ED1E8DB6.pf O45 - LFCP:[MD5.723C5FD5D9CBC353D87EC513BEFD0D6D] - 16/04/2013 - 16:30:17 ---A- - C:\Windows\Prefetch\G2AX_SERVICE.EXE-2E89FCEA.pf O45 - LFCP:[MD5.FA7ED5ACF8DF19F489AA33FD437E9640] - 16/04/2013 - 16:30:17 ---A- - C:\Windows\Prefetch\G2AX_SYSTEM_CUSTOMER.EXE-838B31D3.pf O45 - LFCP:[MD5.81558163F187DAADB170100BADF7600E] - 16/04/2013 - 16:30:17 ---A- - C:\Windows\Prefetch\G2AX_USER_CUSTOMER.EXE-CC0D244D.pf O45 - LFCP:[MD5.4A4D2C74C480BF2410A55EBD44868B2C] - 20/04/2013 - 08:05:39 ---A- - C:\Windows\Prefetch\WSHOST.EXE-05F0A3AF.pf O45 - LFCP:[MD5.388B979601A47E433015B3EFC7933C65] - 20/04/2013 - 08:07:52 ---A- - C:\Windows\Prefetch\WMIAV.EXE-970393A8.pf O45 - LFCP:[MD5.FEAA30FD1C5BB82F4673E65F917C10D6] - 20/04/2013 - 16:25:20 ---A- - C:\Windows\Prefetch\GETSYSTEMINFO5.0.EXE-577741C5.pf O45 - LFCP:[MD5.36FC5A99FA5EB0578B0B212D2D40F21F] - 20/04/2013 - 16:56:10 ---A- - C:\Windows\Prefetch\GETSYSTEMINFO.EXE-6A1AB791.pf O45 - LFCP:[MD5.74DECD299F443B15F17F6D4B80783950] - 20/04/2013 - 17:13:19 ---A- - C:\Windows\Prefetch\GETSYSTEMINFO.EXE-74EC3CCC.pf O45 - LFCP:[MD5.83EF4B0631B0CB6756C01C1DDFF51CEA] - 21/04/2013 - 07:34:12 ---A- - C:\Windows\Prefetch\LIVECOMM.EXE-C6BA460D.pf O45 - LFCP:[MD5.7909F6A741FCA4F23A1B410563345882] - 21/04/2013 - 07:43:02 ---A- - C:\Windows\Prefetch\KAVREMOVER.EXE-E4AC5887.pf O45 - LFCP:[MD5.B77F418F6095060A42512BF0DA9BE6FD] - 21/04/2013 - 07:45:09 ---A- - C:\Windows\Prefetch\ACTF9DD.TMP-AD9FBAF6.pf O45 - LFCP:[MD5.0892C4C446DAB9F0CCE02E10265335F7] - 21/04/2013 - 07:56:12 ---A- - C:\Windows\Prefetch\KAV13.0.1.4190FR-FR (1).EXE-8D218B4B.pf O45 - LFCP:[MD5.76A55760F8F9D58326C75287137A88F5] - 21/04/2013 - 08:04:17 ---A- - C:\Windows\Prefetch\NARRATOR.EXE-6ADE25EF.pf O45 - LFCP:[MD5.7869AFCB29AF2C51655293B1A13FD82C] - 21/04/2013 - 08:06:13 ---A- - C:\Windows\Prefetch\BTPRELOAD.EXE-C2648C44.pf O45 - LFCP:[MD5.C29C0753CB2B5B9398727BA4E84C63C8] - 21/04/2013 - 08:10:18 ---A- - C:\Windows\Prefetch\SYSTEMSETTINGS.EXE-D8CC3B5E.pf O45 - LFCP:[MD5.E320D77C746DA7F188DEE2BBE540555A] - 21/04/2013 - 08:14:31 ---A- - C:\Windows\Prefetch\ITYPE.EXE-0362FC3B.pf O45 - LFCP:[MD5.08224A3E33CE55B8F6910791C6C67112] - 21/04/2013 - 08:38:18 ---A- - C:\Windows\Prefetch\CONVERSIONSERVICE.EXE-6B89E6B3.pf O45 - LFCP:[MD5.1D027F6CBBAB0ED7851C092D08B877E0] - 21/04/2013 - 09:25:00 ---A- - C:\Windows\Prefetch\SRTASKS.EXE-29C2E869.pf O45 - LFCP:[MD5.BE10D3572E62F43692D5CF5795AFD6AC] - 21/04/2013 - 09:25:55 ---A- - C:\Windows\Prefetch\PATCHJRE.EXE-3DD8DF36.pf O45 - LFCP:[MD5.D8D1A27EE87748EB24323366C761662A] - 21/04/2013 - 09:37:13 ---A- - C:\Windows\Prefetch\LAUNCHERLOADER.EXE-68FE515F.pf O45 - LFCP:[MD5.09A934A24C4F43B6C3A973F63F050BEE] - 21/04/2013 - 12:25:23 ---A- - C:\Windows\Prefetch\SYSTEMPROPERTIESPERFORMANCE.E-14A3348E.pf O45 - LFCP:[MD5.0737C2111FB37C38F1955B0E5E33CBA7] - 21/04/2013 - 16:55:08 ---A- - C:\Windows\Prefetch\DKRUN32.EXE-8583E6AC.pf O45 - LFCP:[MD5.241E73BF43554CB8CC155D52D2AF2CA2] - 21/04/2013 - 16:55:16 ---A- - C:\Windows\Prefetch\LMUTILPS32.EXE-9827F12C.pf O45 - LFCP:[MD5.75E4D4986AFE545F935FC34F64850A37] - 21/04/2013 - 16:55:34 ---A- - C:\Windows\Prefetch\RAVBG64.EXE-B555701F.pf O45 - LFCP:[MD5.101DB2A1A1E8C237A5A903CDCD549AF0] - 21/04/2013 - 16:55:41 ---A- - C:\Windows\Prefetch\PCEE4.EXE-D1DF4BE1.pf O45 - LFCP:[MD5.2453BA4CF7AD3690E1F9F52196F47D07] - 21/04/2013 - 16:56:35 ---A- - C:\Windows\Prefetch\BTVSTACK.EXE-0FA626F5.pf ~ Prefetcher: 289 Legitimates Filtered in 00mn 02s ---\\ Microsoft Windows Policies System (O55) O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0 O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0 O55 - MWPS:[HKLM\...\Policies\System] - "DisableCAD"=1 O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPath"=1 ~ MWPS: 19 Legitimates Filtered in 00mn 00s ---\\ Microsoft Windows Policies Explorer (O56) O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1 ~ MWPE Keys: 4 Legitimates Filtered in 00mn 00s ---\\ Liste des Drivers Système (O58) O58 - SDL:[MD5.4F18D4C7EA14F11A7211F60D553C03DB] - 26/07/2012 - 06:00:49 ---A- . (.LSI - LSI 3ware SCSI Storport Driver.) -- C:\Windows\System32\Drivers\3ware.sys [106736] O58 - SDL:[MD5.EE4B203FAFF6FFEC620F755E99216DE7] - 23/11/1999 - 09:17:34 ---A- . (...) -- C:\Windows\SysWOW64\dc240u.sys [7808] ~ Drivers: Scanned in 00mn 00s ---\\ Derniers fichiers modifiés ou crées (Utilisateur) (O61) O61 - LFC: 20/04/2013 - 16:43:59 ---A- C:\Users\Utilisateur\Documents\Dossier provisoire\Rapport 7 Kaspersky Update.txt [227391] O61 - LFC: 20/04/2013 - 16:44:12 ---A- C:\Users\Utilisateur\Documents\Dossier provisoire\Rapport 6 Kaspersky Update.txt [227391] O61 - LFC: 20/04/2013 - 16:44:30 ---A- C:\Users\Utilisateur\Documents\Dossier provisoire\Rapport 5 Kaspersky Update.txt [227391] O61 - LFC: 20/04/2013 - 16:44:41 ---A- C:\Users\Utilisateur\Documents\Dossier provisoire\Rapport 4 Kaspersky Update.txt [227391] O61 - LFC: 20/04/2013 - 16:44:58 ---A- C:\Users\Utilisateur\Documents\Dossier provisoire\Rapport 3 Kaspersky Update.txt [227391] O61 - LFC: 20/04/2013 - 16:45:15 ---A- C:\Users\Utilisateur\Documents\Dossier provisoire\Rapport 2 Kaspersky Update.txt [227391] O61 - LFC: 20/04/2013 - 16:45:25 ---A- C:\Users\Utilisateur\Documents\Dossier provisoire\Rapport 1 Kaspersky Update.txt [227391] O61 - LFC: 20/04/2013 - 16:52:43 ---A- C:\Users\Utilisateur\Downloads\GetSystemInfo5.0.exe [2286392] O61 - LFC: 21/04/2013 - 07:41:16 ---A- C:\Users\Utilisateur\Downloads\kavremover.exe [4870584] O61 - LFC: 21/04/2013 - 07:55:42 ---A- C:\Users\Utilisateur\Downloads\kav13.0.1.4190fr-fr (1).exe [180920544] O61 - LFC: 21/04/2013 - 12:30:18 ---A- C:\Users\Utilisateur\AppData\Local\resmon.resmoncfg [7609] O61 - LFC: 21/04/2013 - 12:41:46 ---A- C:\Users\Utilisateur\AppData\Roaming\Microsoft\Microsoft IntelliPoint\SQM\sqmdata00.sqm [380] O61 - LFC: 21/04/2013 - 12:41:46 ---A- C:\Users\Utilisateur\AppData\Roaming\Microsoft\Microsoft IntelliType Pro\SQM\sqmdata00.sqm [368] ~ Files: 109 Legitimates Filtered in 00mn 59s ---\\ Liste des outils de nettoyage (O63) O63 - Logiciel: ZHPDiag 2013 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 ~ ADS: Scanned in 00mn 00s ---\\ Start Menu Internet (O68) O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe ~ Keys: Scanned in 00mn 00s ---\\ Search Browser Infection (O69) O69 - SBI: SearchScopes [HKCU] {E1D76648-4DEF-4399-B8AE-8C8FDB6030A6} [DefaultScope] - (Google) - http://www.google.com ~ Keys: Scanned in 00mn 00s ---\\ Recherche particuliere à la racine de certains dossiers (O84) [MD5.55A6EE694E36653DB1E79CD03DFB99FF] [SPRF][21/04/2013] (...) -- C:\ProgramData\ntuser.dat [262144] [MD5.A9DA5B43CF597F83B1EB441968E24891] [SPRF][25/03/2013] (.Piriform Ltd - CCleaner.) -- C:\Program Files (x86)\CCleaner.exe [3497240] [MD5.85B757B3EFCD1393543EC8E2EC17A15F] [SPRF][25/03/2013] (.Piriform Ltd - CCleaner.) -- C:\Program Files (x86)\CCleaner64.exe [6025496] [MD5.8E4CFEA6825EFB1A3886D472B517133D] [SPRF][25/03/2013] (.Piriform Ltd - CCleaner Installer.) -- C:\Program Files (x86)\uninst.exe [149872] ~ Files: Scanned in 00mn 00s ---\\ Firewall Active Exception List (FirewallRules) (O87) O87 - FAEL: "{C6F7037F-6A30-42B1-8295-3ED101CF9638}" | In - Public - P6 - TRUE | .(.pdfforge GbR - PDF Architect Application.) -- C:\Program Files (x86)\PDF Architect\PDF Architect.exe O87 - FAEL: "{BB8F71F2-75A0-4F16-B7D4-A4D2D9C328DD}" | In - Public - P17 - TRUE | .(.pdfforge GbR - PDF Architect Application.) -- C:\Program Files (x86)\PDF Architect\PDF Architect.exe O87 - FAEL: "{3B32FEF2-11F3-4A64-AB8D-61350D6C0B96}" | In - Domain - P6 - FALSE | .(.pdfforge GbR - PDF Architect Application.) -- C:\Program Files (x86)\PDF Architect\PDF Architect.exe O87 - FAEL: "{C78B8A44-223F-45A4-98C0-52DFB95B5B47}" | In - Domain - P17 - FALSE | .(.pdfforge GbR - PDF Architect Application.) -- C:\Program Files (x86)\PDF Architect\PDF Architect.exe ~ Firewall: 270 Legitimates Filtered in 00mn 01s ---\\ Scan Additionnel (O88) Database Version : v2.11632 - (20/04/2013) Clés trouvées (Keys found) : 3 Valeurs trouvées (Values found) : 0 Dossiers trouvés (Folders found) : 0 Fichiers trouvés (Files found) : 0 [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{25A3A431-30BB-47C8-AD6A-E1063801134F}] =>Toolbar.Agent [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{25A3A431-30BB-47C8-AD6A-E1063801134F}] =>Toolbar.Agent [HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{31111111-1111-1111-1111-110211701196}] =>PUP.CrossRider ~ Additionnel Scan: 195122 Items scanned in 00mn 11s ---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped) SR - | Auto 18/12/2012 65192 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe SR - | Auto 10/08/2012 211584 | (AtherosSvc) . (.Qualcomm Atheros Commnucations.) - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe SR - | Auto 01/03/2013 356376 | (AVP) . (.Kaspersky Lab ZAO.) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe SR - | Auto 23/08/2012 2435728 | (CCDMonitorService) . (.Acer Incorporated.) - C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe SS - | Demand 23/10/2012 277024 | (cphs) . (.Intel Corporation.) - C:\Windows\SysWow64\IntelCpHeciSvc.exe SS - | Demand 23/08/2012 468624 | (DeviceFastLaneService) . (.Acer Incorporated.) - C:\Program Files\Acer\Acer Device Fast-lane\DeviceFastLaneSvc.exe SR - | Auto 21/08/2012 348784 | (DsiWMIService) . (.Dritek System Inc..) - C:\Program Files (x86)\Launch Manager\dsiwmis.exe SS - | Demand 12/07/2012 174160 | (EgisTec Ticket Service) . (.Egis Technology Inc..) - C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe SR - | Demand 22/08/2012 658576 | (ePowerSvc) . (.Acer Incorporated.) - C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe SR - | Auto 30/08/2012 28560 | (ETDService) . (.ELAN Microelectronics Corp..) - C:\Program Files\Elantech\ETDService.exe SS - | Demand 23/11/2012 655624 | (FLEXnet Licensing Service) . (.Acresso Software Inc..) - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe SS - | Demand 12/10/2010 206072 | (GamesAppService) . (.WildTangent, Inc..) - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe SR - | Auto 07/03/2013 185176 | (Garmin Core Update Service) . (.Garmin Ltd or its subsidiaries.) - C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe SS - | Demand 27/02/2013 610960 | (GoToAssist Remote Support Customer) . (.Citrix Online, a division of Citrix Systems.) - C:\Program Files (x86)\Citrix\GoToAssist Remote Support Customer\461\g2ax_service.exe SR - | Auto 13/07/2012 2451456 | (IconMan_R) . (.Realsil Microelectronics Inc..) - C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe SR - | Auto 20/04/2012 635104 | (Intel(R) Capability Licensing Service Interface) . (.Intel(R) Corporation.) - C:\Program Files\Intel\iCLS Client\HeciServer.exe SR - | Auto 17/07/2012 165760 | (jhi_service) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe SR - | Auto 17/07/2012 276864 | (LMS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe SS - | Demand 05/02/2013 428928 | (maconfservice) . (.CybelSoft.) - C:\Program Files\ma-config.com\x64\maconfservice.exe SR - | Auto 23/08/2012 259136 | (NTI IScheduleSvc) . (.NTI Corporation.) - C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe SR - | Auto 12/10/2012 891240 | (nvsvc) . (.NVIDIA Corporation.) - C:\Windows\system32\nvvsvc.exe SR - | Auto 12/10/2012 1258856 | (nvUpdatusService) . (.NVIDIA Corporation.) - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe SS - | Demand 09/01/2013 1324104 | (PDF Architect Helper Service) . (.pdfforge GbR.) - C:\Program Files (x86)\PDF Architect\HelperService.exe SS - | Demand 09/01/2013 795208 | (PDF Architect Service) . (.pdfforge GbR.) - C:\Program Files (x86)\PDF Architect\ConversionService.exe SR - | Auto 23/11/2012 93296 | (RfButtonDriverService) . (.Dritek System INC..) - C:\Windows\RfBtnSvc64.exe SS - | Auto 28/02/2013 161384 | (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files (x86)\Skype\Updater\Updater.exe SS - | Demand 18/01/2012 155320 | (Sony PC Companion) . (.Avanquest Software.) - C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe SR - | Auto 26/02/2013 3560800 | (TeamViewer8) . (.TeamViewer GmbH.) - C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe SR - | Auto 17/07/2012 364416 | (UNS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe SS - | Demand 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe SS - | Demand 20/09/2012 29696 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe ~ Services: Scanned in 00mn 01s ---\\ Recherche Master Boot Record Infection (MBR)(O80) Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net ~ MBR: 1 Legitimates Filtered in 00mn 02s ---\\ Recherche Master Boot Record Infection (MBRCheck)(O80) Written by ad13, http://ad13.geekstog Run by Utilisateur at 21/04/2013 18:06:16 ********* Dump file Name ********* C:\PhysicalDisk0_MBR.bin ~ MBR: Scanned in 00mn 04s ~ 1536 Legitimates filtered by white list End of the scan (479 lines in 04mn 59s)(0)