Infection par un virus je cherch l'aide
Résolu
SiSimo
-
SiSimo -
SiSimo -
Bonjour,
g un virus qu rend tt mes dossiers sur mon disc extern et mes clés en raccourcis .
maintenant j'ai 2 pc et mon disc dur et 2 clés sont inféctés, je sais pas quoi faire . Aidez moi SVP.
Merci
g un virus qu rend tt mes dossiers sur mon disc extern et mes clés en raccourcis .
maintenant j'ai 2 pc et mon disc dur et 2 clés sont inféctés, je sais pas quoi faire . Aidez moi SVP.
Merci
A voir également:
- Infection par un virus je cherch l'aide
- Virus mcafee - Accueil - Piratage
- Virus facebook demande d'amis - Accueil - Facebook
- Undisclosed-recipients virus - Guide
- Panda anti virus gratuit - Télécharger - Antivirus & Antimalwares
- Impossible de terminer l'opération car le fichier contient un virus - Forum Virus
48 réponses
ComboFix 11-10-01.03 - SONY 01/10/2011 21:10:53.1.4 - x64
Microsoft Windows 7 Édition Familiale Premium 6.1.7601.1.1252.33.1036.18.3950.2537 [GMT 0:00]
Lancé depuis: c:\users\SONY\Desktop\SISIMO.exe
AV: McAfee VirusScan *Disabled/Updated* {86355677-4064-3EA7-ABB3-1B136EB04637}
FW: McAfee Personal Firewall *Disabled* {BE0ED752-0A0B-3FFF-80EC-B2269063014C}
SP: McAfee VirusScan *Disabled/Updated* {3D54B793-665E-3129-9103-206115370C8A}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\google\common\google updater\googleupdaterservice.exe
c:\users\SONY\AppData\Roaming\.#
c:\users\SONY\AppData\Roaming\18EE.tmp
c:\users\SONY\AppData\Roaming\19D8.tmp
c:\users\SONY\AppData\Roaming\2B24.tmp
c:\users\SONY\AppData\Roaming\31DB.tmp
c:\users\SONY\AppData\Roaming\33BE.tmp
c:\users\SONY\AppData\Roaming\3E19.tmp
c:\users\SONY\AppData\Roaming\4BD0.tmp
c:\users\SONY\AppData\Roaming\535D.tmp
c:\users\SONY\AppData\Roaming\565A.tmp
c:\users\SONY\AppData\Roaming\59C.tmp
c:\users\SONY\AppData\Roaming\650B.tmp
c:\users\SONY\AppData\Roaming\7C40.tmp
c:\users\SONY\AppData\Roaming\9EBF.tmp
c:\users\SONY\AppData\Roaming\A8AD.tmp
c:\users\SONY\AppData\Roaming\AE29.tmp
c:\users\SONY\AppData\Roaming\Aofafa.exe
c:\users\SONY\AppData\Roaming\C51.tmp
c:\users\SONY\AppData\Roaming\CDEA.tmp
c:\users\SONY\AppData\Roaming\D327.tmp
c:\users\SONY\AppData\Roaming\D623.tmp
c:\users\SONY\AppData\Roaming\DD25.tmp
c:\users\SONY\AppData\Roaming\F5B3.tmp
c:\users\SONY\AppData\Roaming\FF45.tmp
c:\windows\SysWow64\comct332.ocx
.
.
((((((((((((((((((((((((((((( Fichiers créés du 2011-09-01 au 2011-10-01 ))))))))))))))))))))))))))))))))))))
.
.
2011-10-01 21:20 . 2011-10-01 21:20 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-10-01 15:38 . 2011-10-01 15:38 -------- d-----w- c:\users\SONY\AppData\Local\Mozilla
2011-09-30 23:51 . 2011-09-30 23:59 -------- d-----w- C:\Kill'em
2011-09-29 21:45 . 2011-09-29 21:45 -------- d-----w- c:\users\SONY\AppData\Roaming\Malwarebytes
2011-09-29 21:45 . 2011-09-29 21:45 -------- d-----w- c:\programdata\Malwarebytes
2011-09-29 21:45 . 2011-09-29 21:45 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2011-09-29 21:45 . 2011-08-31 17:00 25416 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-09-29 21:04 . 2011-09-30 17:05 -------- d-----w- c:\users\SONY\AppData\Local\ElevatedDiagnostics
2011-09-29 20:23 . 2011-09-29 20:26 -------- d-----w- c:\program files (x86)\Ad-Remover
2011-09-29 16:57 . 2011-09-30 13:19 512 ----a-w- C:\PhysicalDisk0_MBR.bin
2011-09-29 16:40 . 2011-09-30 14:26 -------- d-----w- C:\ZHP
2011-09-29 16:39 . 2011-09-30 13:19 -------- d-----w- c:\program files (x86)\ZHPDiag
2011-09-29 14:13 . 2011-09-29 14:26 -------- d-----w- C:\UsbFix
2011-09-25 16:19 . 2011-09-25 16:19 -------- d-----w- c:\programdata\Alwil Software
2011-09-25 16:19 . 2011-09-25 16:19 -------- d-----w- c:\program files\Alwil Software
2011-09-14 20:57 . 2002-09-26 16:42 24576 ----a-w- c:\windows\enddisk32.exe
2011-09-14 20:57 . 2007-02-07 16:50 58264 ----a-w- c:\windows\SysWow64\drivers\adildrx64.sys
2011-09-14 20:57 . 2007-01-04 13:47 69656 ----a-w- c:\windows\SysWow64\drivers\e4ldr.sys
2011-09-14 20:57 . 2007-01-04 13:47 71832 ----a-w- c:\windows\SysWow64\drivers\e4ldrx64.sys
2011-09-14 20:57 . 2007-01-04 13:47 71832 ----a-w- c:\windows\system32\drivers\e4ldrx64.sys
2011-09-14 20:57 . 2007-02-07 16:50 56088 ----a-w- c:\windows\SysWow64\drivers\adildr.sys
2011-09-14 20:57 . 2011-09-14 20:57 -------- d-----w- c:\program files (x86)\SAGEM
2011-09-03 16:58 . 2011-09-03 16:58 -------- d-----w- c:\program files (x86)\Menara
.
.
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-09-29 14:26 . 2011-09-29 14:26 4503442 ----a-w- C:\UsbFix_Upload_Me_SONY-VAIO.zip
2011-07-26 15:23 . 2009-07-14 02:36 152576 ----a-w- c:\windows\SysWow64\msclmd.dll
2011-07-26 15:22 . 2009-07-14 02:36 175616 ----a-w- c:\windows\system32\msclmd.dll
2011-07-22 05:22 . 2011-08-11 16:34 1638912 ----a-w- c:\windows\system32\mshtml.tlb
2011-07-22 04:54 . 2011-08-11 16:34 1638912 ----a-w- c:\windows\SysWow64\mshtml.tlb
2011-07-16 05:41 . 2011-08-11 16:36 362496 ----a-w- c:\windows\system32\wow64win.dll
2011-07-16 05:41 . 2011-08-11 16:36 243200 ----a-w- c:\windows\system32\wow64.dll
2011-07-16 05:41 . 2011-08-11 16:36 13312 ----a-w- c:\windows\system32\wow64cpu.dll
2011-07-16 05:39 . 2011-08-11 16:36 16384 ----a-w- c:\windows\system32\ntvdm64.dll
2011-07-16 05:37 . 2011-08-11 16:36 421888 ----a-w- c:\windows\system32\KernelBase.dll
2011-07-16 05:21 . 2011-08-11 16:36 4608 ---ha-w- c:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2011-07-16 05:21 . 2011-08-11 16:36 4096 ---ha-w- c:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2011-07-16 05:21 . 2011-08-11 16:36 4096 ---ha-w- c:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2011-07-16 05:21 . 2011-08-11 16:36 6144 ---ha-w- c:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2011-07-16 05:21 . 2011-08-11 16:36 3584 ---ha-w- c:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2011-07-16 05:21 . 2011-08-11 16:36 3072 ---ha-w- c:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2011-07-16 05:21 . 2011-08-11 16:36 3072 ---ha-w- c:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2011-07-16 05:21 . 2011-08-11 16:36 3072 ---ha-w- c:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2011-07-16 05:21 . 2011-08-11 16:36 4608 ---ha-w- c:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2011-07-16 05:21 . 2011-08-11 16:36 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2011-07-16 05:21 . 2011-08-11 16:36 3584 ---ha-w- c:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2011-07-16 05:21 . 2011-08-11 16:36 3584 ---ha-w- c:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2011-07-16 05:21 . 2011-08-11 16:36 3072 ---ha-w- c:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2011-07-16 05:21 . 2011-08-11 16:36 3584 ---ha-w- c:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2011-07-16 05:21 . 2011-08-11 16:36 3584 ---ha-w- c:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2011-07-16 05:21 . 2011-08-11 16:36 3584 ---ha-w- c:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2011-07-16 05:21 . 2011-08-11 16:36 3072 ---ha-w- c:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2011-07-16 05:21 . 2011-08-11 16:36 3072 ---ha-w- c:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2011-07-16 05:21 . 2011-08-11 16:36 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2011-07-16 05:21 . 2011-08-11 16:36 5120 ---ha-w- c:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2011-07-16 05:21 . 2011-08-11 16:36 3072 ---ha-w- c:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2011-07-16 05:21 . 2011-08-11 16:36 3072 ---ha-w- c:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2011-07-16 05:21 . 2011-08-11 16:36 3584 ---ha-w- c:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2011-07-16 05:21 . 2011-08-11 16:36 3072 ---ha-w- c:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2011-07-16 05:21 . 2011-08-11 16:36 3072 ---ha-w- c:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2011-07-16 05:21 . 2011-08-11 16:36 3072 ---ha-w- c:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2011-07-16 05:21 . 2011-08-11 16:36 3072 ---ha-w- c:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2011-07-16 05:21 . 2011-08-11 16:36 3072 ---ha-w- c:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2011-07-16 04:29 . 2011-08-11 16:36 14336 ----a-w- c:\windows\SysWow64\ntvdm64.dll
2011-07-16 04:26 . 2011-08-11 16:36 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2011-07-16 04:25 . 2011-08-11 16:36 25600 ----a-w- c:\windows\SysWow64\setup16.exe
2011-07-16 04:24 . 2011-08-11 16:36 5120 ----a-w- c:\windows\SysWow64\wow32.dll
2011-07-16 04:24 . 2011-08-11 16:36 272384 ----a-w- c:\windows\SysWow64\KernelBase.dll
2011-07-16 04:15 . 2011-08-11 16:36 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
2011-07-16 04:15 . 2011-08-11 16:36 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
2011-07-16 04:15 . 2011-08-11 16:36 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
2011-07-16 04:15 . 2011-08-11 16:36 5120 ---ha-w- c:\windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
2011-07-16 04:15 . 2011-08-11 16:36 4608 ---ha-w- c:\windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
2011-07-16 04:15 . 2011-08-11 16:36 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
2011-07-16 04:15 . 2011-08-11 16:36 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
2011-07-16 04:15 . 2011-08-11 16:36 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
2011-07-16 04:15 . 2011-08-11 16:36 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
2011-07-16 04:15 . 2011-08-11 16:36 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
2011-07-16 04:15 . 2011-08-11 16:36 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
2011-07-16 04:15 . 2011-08-11 16:36 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
2011-07-16 04:15 . 2011-08-11 16:36 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
2011-07-16 04:15 . 2011-08-11 16:36 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
2011-07-16 04:15 . 2011-08-11 16:36 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
2011-07-16 04:15 . 2011-08-11 16:36 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
2011-07-16 04:15 . 2011-08-11 16:36 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
2011-07-16 04:15 . 2011-08-11 16:36 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
2011-07-16 04:15 . 2011-08-11 16:36 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
2011-07-16 04:15 . 2011-08-11 16:36 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
2011-07-16 04:15 . 2011-08-11 16:36 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
2011-07-16 04:15 . 2011-08-11 16:36 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
2011-07-16 04:15 . 2011-08-11 16:36 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
2011-07-16 04:15 . 2011-08-11 16:36 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
2011-07-16 02:21 . 2011-08-11 16:36 7680 ----a-w- c:\windows\SysWow64\instnm.exe
2011-07-16 02:21 . 2011-08-11 16:36 2048 ----a-w- c:\windows\SysWow64\user.exe
2011-07-16 02:17 . 2011-08-11 16:36 4608 ---ha-w- c:\windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
2011-07-16 02:17 . 2011-08-11 16:36 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
2011-07-16 02:17 . 2011-08-11 16:36 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
2011-07-16 02:17 . 2011-08-11 16:36 6144 ---ha-w- c:\windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
2011-07-09 05:26 . 2011-08-25 16:16 2048 ----a-w- c:\windows\system32\tzres.dll
2011-07-09 04:29 . 2011-08-25 16:16 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2011-07-09 02:46 . 2011-08-11 16:37 288768 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
.
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"msnmsgr"="c:\program files (x86)\Windows Live\Messenger\msnmsgr.exe" [2010-04-16 3872080]
"REVAService"="c:\program files (x86)\LG Electronics\LG EV-DO Rev.A USB Modem\Modem Software\REVAService.exe" [2008-12-02 23040]
"Free Download Manager"="c:\program files (x86)\Free Download Manager\fdm.exe" [2010-04-28 3727411]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2009-11-20 284696]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-10-03 35696]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2009-09-04 935288]
"ISBMgr.exe"="c:\program files (x86)\Sony\ISB Utility\ISBMgr.exe" [2009-08-26 320880]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-01-13 98304]
"McENUI"="c:\progra~2\McAfee\MHN\McENUI.exe" [2009-04-09 1176808]
"NortonOnlineBackupReminder"="c:\program files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe" [2009-06-17 538472]
"PMBVolumeWatcher"="c:\program files (x86)\Sony\PMB\PMBVolumeWatcher.exe" [2009-10-24 597792]
"MarketingTools"="c:\program files (x86)\Sony\Marketing Tools\MarketingTools.exe" [2010-02-20 26624]
"SunJavaUpdateSched"="c:\program files (x86)\Java\jre6\bin\jusched.exe" [2010-02-20 149280]
"mcagent_exe"="c:\program files (x86)\McAfee.com\Agent\mcagent.exe" [2009-05-01 645328]
"autodetect"="c:\program files (x86)\Internet Haut Débit Mobile\AutoDect.exe" [2010-03-02 129360]
"Acrobat Assistant 8.0"="c:\program files (x86)\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe" [2007-05-10 624248]
"PWRISOVM.EXE"="c:\program files (x86)\PowerISO\PWRISOVM.EXE" [2008-03-14 233472]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2007-10-19 286720]
"adiras"="c:\windows\adirasx64.exe" [2007-02-13 253008]
.
c:\users\SONY\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
CodeMeter Control Center.lnk - c:\program files (x86)\CodeMeter\Runtime\bin\CodeMeterCC.exe [2009-8-19 6348800]
OneNote 2007 - Capture d''cran et lancement.lnk - c:\program files (x86)\Microsoft Office\Office12\ONENOTEM.EXE [2009-2-26 97680]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2009-9-4 1081632]
Serveur r'seau.lnk - c:\program files (x86)\WIBUKEY\Server\WkSvMgr.exe [N/A]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\VESWinlogon]
2009-12-01 21:03 98304 ----a-w- c:\windows\System32\VESWinlogon.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 E4LOADER;General Purpose USB Driver (e4ldrx64.sys);c:\windows\system32\Drivers\e4ldrx64.sys [2007-01-04 71832]
R2 gupdate;Service Google Update (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-02-20 133104]
R2 mi-raysat_3dsMax2009_64;mental ray 3.6 Satellite for Autodesk 3ds Max 2009 64-bit 64-bit;c:\program files\Autodesk\3ds Max 2009\mentalray\satellite\raysat_3dsMax2009_64server.exe [2008-03-10 65536]
R2 Roxio Upnp Server 10;Roxio Upnp Server 10;c:\program files (x86)\Roxio\Digital Home 10\RoxioUpnpService10.exe [2009-08-31 362992]
R3 btusbflt;Bluetooth USB Filter;c:\windows\system32\drivers\btusbflt.sys [x]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [x]
R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2010-09-16 1030600]
R3 gupdatem;Service Google Update (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-02-20 133104]
R3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys [x]
R3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [x]
R3 massfilter;ZTE Mass Storage Filter Driver;c:\windows\system32\drivers\massfilter.sys [x]
R3 Revoflt;Revoflt;c:\windows\system32\DRIVERS\revoflt.sys [x]
R3 Roxio UPnP Renderer 10;Roxio UPnP Renderer 10;c:\program files (x86)\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe [2009-08-31 313840]
R3 SOHCImp;VAIO Media plus Content Importer;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe [2009-10-15 120104]
R3 SOHDBSvr;VAIO Media plus Database Manager;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDBSvr.exe [2009-10-15 70952]
R3 SOHDms;VAIO Media plus Digital Media Server;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe [2009-10-15 427304]
R3 SOHDs;VAIO Media plus Device Searcher;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe [2009-10-15 75048]
R3 SOHPlMgr;VAIO Media plus Playlist Manager;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHPlMgr.exe [2009-10-15 91432]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 UsblgwmAtc;LGE Wireless USB Serial02 Device;c:\windows\system32\DRIVERS\lgwusb64ser02.sys [x]
R3 UsblgwmDiag;LGE Wireless USB Serial01 Device;c:\windows\system32\DRIVERS\lgwusb64ser01.sys [x]
R3 USBlgwmModem;LGE Wireless USB Modem;c:\windows\system32\DRIVERS\lgwusb64modem.sys [x]
R3 usblgwubus;LGE Wireless Composite USB Device;c:\windows\system32\DRIVERS\lgwusb64bus.sys [x]
R3 VcmINSMgr;VAIO Content Metadata Intelligent Network Service Manager;c:\program files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe [2009-09-01 361840]
R3 VcmXmlIfHelper;VAIO Content Metadata XML Interface;c:\program files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe [2010-02-19 115568]
R3 VUAgent;VUAgent;c:\program files\Sony\VAIO Update 5\VUAgent.exe [2011-04-20 1021840]
R3 WatAdminSvc;Service Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe [x]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
S2 CodeMeter.exe;CodeMeter Runtime Server;c:\program files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe [2009-08-19 1705280]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2009-11-20 13336]
S2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files (x86)\McAfee\SiteAdvisor\McSACore.exe [2011-08-10 102608]
S2 PMBDeviceInfoProvider;PMBDeviceInfoProvider;c:\program files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe [2009-10-24 360224]
S2 rimspci;rimspci;c:\windows\system32\drivers\rimssne64.sys [x]
S2 risdsnpe;risdsnpe;c:\windows\system32\drivers\risdsne64.sys [x]
S2 SampleCollector;VAIO Care Performance Service;c:\program files\Sony\VAIO Care\VCPerfService.exe [2011-01-29 259192]
S2 uCamMonitor;CamMonitor;c:\program files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [2008-09-18 104960]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2009-12-14 2320920]
S2 VCFw;VAIO Content Folder Watcher;c:\program files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [2009-09-14 642416]
S2 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager;c:\program files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [2010-02-19 529776]
S2 VSNService;VSNService;c:\program files\Sony\VAIO Smart Network\VSNService.exe [2009-11-25 821760]
S3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect;c:\windows\system32\DRIVERS\ArcSoftKsUFilter.sys [x]
S3 e4usbaw;USB ADSL2 WAN Adapter;c:\windows\system32\DRIVERS\e4usbawx64.sys [2007-01-04 146968]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [x]
S3 SFEP;Sony Firmware Extension Parser;c:\windows\system32\drivers\SFEP.sys [x]
S3 VAIO Power Management;VAIO Power Management;c:\program files\Sony\VAIO Power Management\SPMService.exe [2009-11-30 571248]
S3 VCService;VCService;c:\program files\Sony\VAIO Care\VCService.exe [2011-02-14 44736]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x]
S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys [x]
.
.
Contenu du dossier 'Tâches planifiées'
.
2011-10-01 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-02-20 07:48]
.
2011-10-01 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-02-20 07:48]
.
2011-01-15 c:\windows\Tasks\McDefragTask.job
- c:\progra~2\mcafee\mqc\QcConsol.exe [2010-02-20 07:57]
.
2011-10-01 c:\windows\Tasks\McQcTask.job
- c:\progra~2\mcafee\mqc\QcConsol.exe [2010-02-20 07:57]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2010-02-20 171520]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Examen supplémentaire -------
.
uLocal Page = c:\windows\SysWOW64\blank.htm
uStart Page = hxxp://www.menara.ma/
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: Ajouter au fichier PDF existant - c:\program files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convertir en Adobe PDF - c:\program files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convertir la cible du lien en Adobe PDF - c:\program files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convertir la cible du lien en un fichier PDF existant - c:\program files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convertir la sélection en Adobe PDF - c:\program files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convertir la sélection en un fichier PDF existant - c:\program files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convertir les liens sélectionnés en fichier Adobe PDF - c:\program files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convertir les liens sélectionnés en un fichier PDF existant - c:\program files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: E&xporter vers Microsoft Excel - c:\progra~2\MICROS~1\OFFICE11\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
IE: Tout télécharger avec Free Download Manager - file://c:\program files (x86)\Free Download Manager\dlall.htm
IE: Télécharger avec Free Download Manager - file://c:\program files (x86)\Free Download Manager\dllink.htm
IE: Télécharger la sélection avec Free Download Manager - file://c:\program files (x86)\Free Download Manager\dlselected.htm
IE: Télécharger la vidéo avec Free Download Manager - file://c:\program files (x86)\Free Download Manager\dlfvideo.htm
TCP: Interfaces\{26214654-1E4D-4121-90A0-7D9F5835EBC9}: NameServer = 212.217.0.12
FF - ProfilePath - c:\users\SONY\AppData\Roaming\Mozilla\Firefox\Profiles\5fcc3we6.default\
.
- - - - ORPHELINS SUPPRIMES - - - -
.
Wow6432Node-HKCU-Run-Software Informer - c:\program files (x86)\Software Informer\softinfo.exe
Wow6432Node-HKCU-Run-Aofafa - c:\users\SONY\AppData\Roaming\Aofafa.exe
HKLM-Run-Apoint - c:\program files (x86)\Apoint\Apoint.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SampleCollector]
"ImagePath"="\"c:\program files\Sony\VAIO Care\VCPerfService.exe\" \"/service\" \"/sstates\" \"/sampleinterval=5000\" \"/procinterval=5\" \"/dllinterval=120\" \"/counter=\Processor(_Total)\% Processor Time:1/counter=\PhysicalDisk(_Total)\Disk Bytes/sec:1\" \"/counter=\Network Interface(*)\Bytes Total/sec:1\" \"/expandcounter=\Processor Information(*)\Processor Frequency:1\" \"/expandcounter=\Processor(*)\% Idle Time:1\" \"/expandcounter=\Processor(*)\% C1 Time:1\" \"/expandcounter=\Processor(*)\% C2 Time:1\" \"/expandcounter=\Processor(*)\% C3 Time:1\" \"/expandcounter=\Processor(*)\% Processor Time:1\" \"/directory=c:\programdata\Sony Corporation\VAIO Care\inteldata\""
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10m_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10m_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10m.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10m.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10m.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10m.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Heure de fin: 2011-10-01 21:32:26
ComboFix-quarantined-files.txt 2011-10-01 21:32
.
Avant-CF: 160 619 159 552 octets libres
Après-CF: 164 212 944 896 octets libres
.
- - End Of File - - 879668F6695E1E0CDF6E01484A4C87B9
Microsoft Windows 7 Édition Familiale Premium 6.1.7601.1.1252.33.1036.18.3950.2537 [GMT 0:00]
Lancé depuis: c:\users\SONY\Desktop\SISIMO.exe
AV: McAfee VirusScan *Disabled/Updated* {86355677-4064-3EA7-ABB3-1B136EB04637}
FW: McAfee Personal Firewall *Disabled* {BE0ED752-0A0B-3FFF-80EC-B2269063014C}
SP: McAfee VirusScan *Disabled/Updated* {3D54B793-665E-3129-9103-206115370C8A}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\google\common\google updater\googleupdaterservice.exe
c:\users\SONY\AppData\Roaming\.#
c:\users\SONY\AppData\Roaming\18EE.tmp
c:\users\SONY\AppData\Roaming\19D8.tmp
c:\users\SONY\AppData\Roaming\2B24.tmp
c:\users\SONY\AppData\Roaming\31DB.tmp
c:\users\SONY\AppData\Roaming\33BE.tmp
c:\users\SONY\AppData\Roaming\3E19.tmp
c:\users\SONY\AppData\Roaming\4BD0.tmp
c:\users\SONY\AppData\Roaming\535D.tmp
c:\users\SONY\AppData\Roaming\565A.tmp
c:\users\SONY\AppData\Roaming\59C.tmp
c:\users\SONY\AppData\Roaming\650B.tmp
c:\users\SONY\AppData\Roaming\7C40.tmp
c:\users\SONY\AppData\Roaming\9EBF.tmp
c:\users\SONY\AppData\Roaming\A8AD.tmp
c:\users\SONY\AppData\Roaming\AE29.tmp
c:\users\SONY\AppData\Roaming\Aofafa.exe
c:\users\SONY\AppData\Roaming\C51.tmp
c:\users\SONY\AppData\Roaming\CDEA.tmp
c:\users\SONY\AppData\Roaming\D327.tmp
c:\users\SONY\AppData\Roaming\D623.tmp
c:\users\SONY\AppData\Roaming\DD25.tmp
c:\users\SONY\AppData\Roaming\F5B3.tmp
c:\users\SONY\AppData\Roaming\FF45.tmp
c:\windows\SysWow64\comct332.ocx
.
.
((((((((((((((((((((((((((((( Fichiers créés du 2011-09-01 au 2011-10-01 ))))))))))))))))))))))))))))))))))))
.
.
2011-10-01 21:20 . 2011-10-01 21:20 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-10-01 15:38 . 2011-10-01 15:38 -------- d-----w- c:\users\SONY\AppData\Local\Mozilla
2011-09-30 23:51 . 2011-09-30 23:59 -------- d-----w- C:\Kill'em
2011-09-29 21:45 . 2011-09-29 21:45 -------- d-----w- c:\users\SONY\AppData\Roaming\Malwarebytes
2011-09-29 21:45 . 2011-09-29 21:45 -------- d-----w- c:\programdata\Malwarebytes
2011-09-29 21:45 . 2011-09-29 21:45 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2011-09-29 21:45 . 2011-08-31 17:00 25416 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-09-29 21:04 . 2011-09-30 17:05 -------- d-----w- c:\users\SONY\AppData\Local\ElevatedDiagnostics
2011-09-29 20:23 . 2011-09-29 20:26 -------- d-----w- c:\program files (x86)\Ad-Remover
2011-09-29 16:57 . 2011-09-30 13:19 512 ----a-w- C:\PhysicalDisk0_MBR.bin
2011-09-29 16:40 . 2011-09-30 14:26 -------- d-----w- C:\ZHP
2011-09-29 16:39 . 2011-09-30 13:19 -------- d-----w- c:\program files (x86)\ZHPDiag
2011-09-29 14:13 . 2011-09-29 14:26 -------- d-----w- C:\UsbFix
2011-09-25 16:19 . 2011-09-25 16:19 -------- d-----w- c:\programdata\Alwil Software
2011-09-25 16:19 . 2011-09-25 16:19 -------- d-----w- c:\program files\Alwil Software
2011-09-14 20:57 . 2002-09-26 16:42 24576 ----a-w- c:\windows\enddisk32.exe
2011-09-14 20:57 . 2007-02-07 16:50 58264 ----a-w- c:\windows\SysWow64\drivers\adildrx64.sys
2011-09-14 20:57 . 2007-01-04 13:47 69656 ----a-w- c:\windows\SysWow64\drivers\e4ldr.sys
2011-09-14 20:57 . 2007-01-04 13:47 71832 ----a-w- c:\windows\SysWow64\drivers\e4ldrx64.sys
2011-09-14 20:57 . 2007-01-04 13:47 71832 ----a-w- c:\windows\system32\drivers\e4ldrx64.sys
2011-09-14 20:57 . 2007-02-07 16:50 56088 ----a-w- c:\windows\SysWow64\drivers\adildr.sys
2011-09-14 20:57 . 2011-09-14 20:57 -------- d-----w- c:\program files (x86)\SAGEM
2011-09-03 16:58 . 2011-09-03 16:58 -------- d-----w- c:\program files (x86)\Menara
.
.
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-09-29 14:26 . 2011-09-29 14:26 4503442 ----a-w- C:\UsbFix_Upload_Me_SONY-VAIO.zip
2011-07-26 15:23 . 2009-07-14 02:36 152576 ----a-w- c:\windows\SysWow64\msclmd.dll
2011-07-26 15:22 . 2009-07-14 02:36 175616 ----a-w- c:\windows\system32\msclmd.dll
2011-07-22 05:22 . 2011-08-11 16:34 1638912 ----a-w- c:\windows\system32\mshtml.tlb
2011-07-22 04:54 . 2011-08-11 16:34 1638912 ----a-w- c:\windows\SysWow64\mshtml.tlb
2011-07-16 05:41 . 2011-08-11 16:36 362496 ----a-w- c:\windows\system32\wow64win.dll
2011-07-16 05:41 . 2011-08-11 16:36 243200 ----a-w- c:\windows\system32\wow64.dll
2011-07-16 05:41 . 2011-08-11 16:36 13312 ----a-w- c:\windows\system32\wow64cpu.dll
2011-07-16 05:39 . 2011-08-11 16:36 16384 ----a-w- c:\windows\system32\ntvdm64.dll
2011-07-16 05:37 . 2011-08-11 16:36 421888 ----a-w- c:\windows\system32\KernelBase.dll
2011-07-16 05:21 . 2011-08-11 16:36 4608 ---ha-w- c:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2011-07-16 05:21 . 2011-08-11 16:36 4096 ---ha-w- c:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2011-07-16 05:21 . 2011-08-11 16:36 4096 ---ha-w- c:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2011-07-16 05:21 . 2011-08-11 16:36 6144 ---ha-w- c:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2011-07-16 05:21 . 2011-08-11 16:36 3584 ---ha-w- c:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2011-07-16 05:21 . 2011-08-11 16:36 3072 ---ha-w- c:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2011-07-16 05:21 . 2011-08-11 16:36 3072 ---ha-w- c:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2011-07-16 05:21 . 2011-08-11 16:36 3072 ---ha-w- c:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2011-07-16 05:21 . 2011-08-11 16:36 4608 ---ha-w- c:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2011-07-16 05:21 . 2011-08-11 16:36 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2011-07-16 05:21 . 2011-08-11 16:36 3584 ---ha-w- c:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2011-07-16 05:21 . 2011-08-11 16:36 3584 ---ha-w- c:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2011-07-16 05:21 . 2011-08-11 16:36 3072 ---ha-w- c:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2011-07-16 05:21 . 2011-08-11 16:36 3584 ---ha-w- c:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2011-07-16 05:21 . 2011-08-11 16:36 3584 ---ha-w- c:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2011-07-16 05:21 . 2011-08-11 16:36 3584 ---ha-w- c:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2011-07-16 05:21 . 2011-08-11 16:36 3072 ---ha-w- c:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2011-07-16 05:21 . 2011-08-11 16:36 3072 ---ha-w- c:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2011-07-16 05:21 . 2011-08-11 16:36 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2011-07-16 05:21 . 2011-08-11 16:36 5120 ---ha-w- c:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2011-07-16 05:21 . 2011-08-11 16:36 3072 ---ha-w- c:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2011-07-16 05:21 . 2011-08-11 16:36 3072 ---ha-w- c:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2011-07-16 05:21 . 2011-08-11 16:36 3584 ---ha-w- c:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2011-07-16 05:21 . 2011-08-11 16:36 3072 ---ha-w- c:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2011-07-16 05:21 . 2011-08-11 16:36 3072 ---ha-w- c:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2011-07-16 05:21 . 2011-08-11 16:36 3072 ---ha-w- c:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2011-07-16 05:21 . 2011-08-11 16:36 3072 ---ha-w- c:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2011-07-16 05:21 . 2011-08-11 16:36 3072 ---ha-w- c:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2011-07-16 04:29 . 2011-08-11 16:36 14336 ----a-w- c:\windows\SysWow64\ntvdm64.dll
2011-07-16 04:26 . 2011-08-11 16:36 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2011-07-16 04:25 . 2011-08-11 16:36 25600 ----a-w- c:\windows\SysWow64\setup16.exe
2011-07-16 04:24 . 2011-08-11 16:36 5120 ----a-w- c:\windows\SysWow64\wow32.dll
2011-07-16 04:24 . 2011-08-11 16:36 272384 ----a-w- c:\windows\SysWow64\KernelBase.dll
2011-07-16 04:15 . 2011-08-11 16:36 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
2011-07-16 04:15 . 2011-08-11 16:36 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
2011-07-16 04:15 . 2011-08-11 16:36 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
2011-07-16 04:15 . 2011-08-11 16:36 5120 ---ha-w- c:\windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
2011-07-16 04:15 . 2011-08-11 16:36 4608 ---ha-w- c:\windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
2011-07-16 04:15 . 2011-08-11 16:36 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
2011-07-16 04:15 . 2011-08-11 16:36 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
2011-07-16 04:15 . 2011-08-11 16:36 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
2011-07-16 04:15 . 2011-08-11 16:36 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
2011-07-16 04:15 . 2011-08-11 16:36 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
2011-07-16 04:15 . 2011-08-11 16:36 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
2011-07-16 04:15 . 2011-08-11 16:36 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
2011-07-16 04:15 . 2011-08-11 16:36 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
2011-07-16 04:15 . 2011-08-11 16:36 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
2011-07-16 04:15 . 2011-08-11 16:36 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
2011-07-16 04:15 . 2011-08-11 16:36 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
2011-07-16 04:15 . 2011-08-11 16:36 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
2011-07-16 04:15 . 2011-08-11 16:36 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
2011-07-16 04:15 . 2011-08-11 16:36 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
2011-07-16 04:15 . 2011-08-11 16:36 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
2011-07-16 04:15 . 2011-08-11 16:36 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
2011-07-16 04:15 . 2011-08-11 16:36 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
2011-07-16 04:15 . 2011-08-11 16:36 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
2011-07-16 04:15 . 2011-08-11 16:36 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
2011-07-16 02:21 . 2011-08-11 16:36 7680 ----a-w- c:\windows\SysWow64\instnm.exe
2011-07-16 02:21 . 2011-08-11 16:36 2048 ----a-w- c:\windows\SysWow64\user.exe
2011-07-16 02:17 . 2011-08-11 16:36 4608 ---ha-w- c:\windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
2011-07-16 02:17 . 2011-08-11 16:36 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
2011-07-16 02:17 . 2011-08-11 16:36 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
2011-07-16 02:17 . 2011-08-11 16:36 6144 ---ha-w- c:\windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
2011-07-09 05:26 . 2011-08-25 16:16 2048 ----a-w- c:\windows\system32\tzres.dll
2011-07-09 04:29 . 2011-08-25 16:16 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2011-07-09 02:46 . 2011-08-11 16:37 288768 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
.
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"msnmsgr"="c:\program files (x86)\Windows Live\Messenger\msnmsgr.exe" [2010-04-16 3872080]
"REVAService"="c:\program files (x86)\LG Electronics\LG EV-DO Rev.A USB Modem\Modem Software\REVAService.exe" [2008-12-02 23040]
"Free Download Manager"="c:\program files (x86)\Free Download Manager\fdm.exe" [2010-04-28 3727411]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2009-11-20 284696]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-10-03 35696]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2009-09-04 935288]
"ISBMgr.exe"="c:\program files (x86)\Sony\ISB Utility\ISBMgr.exe" [2009-08-26 320880]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-01-13 98304]
"McENUI"="c:\progra~2\McAfee\MHN\McENUI.exe" [2009-04-09 1176808]
"NortonOnlineBackupReminder"="c:\program files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe" [2009-06-17 538472]
"PMBVolumeWatcher"="c:\program files (x86)\Sony\PMB\PMBVolumeWatcher.exe" [2009-10-24 597792]
"MarketingTools"="c:\program files (x86)\Sony\Marketing Tools\MarketingTools.exe" [2010-02-20 26624]
"SunJavaUpdateSched"="c:\program files (x86)\Java\jre6\bin\jusched.exe" [2010-02-20 149280]
"mcagent_exe"="c:\program files (x86)\McAfee.com\Agent\mcagent.exe" [2009-05-01 645328]
"autodetect"="c:\program files (x86)\Internet Haut Débit Mobile\AutoDect.exe" [2010-03-02 129360]
"Acrobat Assistant 8.0"="c:\program files (x86)\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe" [2007-05-10 624248]
"PWRISOVM.EXE"="c:\program files (x86)\PowerISO\PWRISOVM.EXE" [2008-03-14 233472]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2007-10-19 286720]
"adiras"="c:\windows\adirasx64.exe" [2007-02-13 253008]
.
c:\users\SONY\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
CodeMeter Control Center.lnk - c:\program files (x86)\CodeMeter\Runtime\bin\CodeMeterCC.exe [2009-8-19 6348800]
OneNote 2007 - Capture d''cran et lancement.lnk - c:\program files (x86)\Microsoft Office\Office12\ONENOTEM.EXE [2009-2-26 97680]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2009-9-4 1081632]
Serveur r'seau.lnk - c:\program files (x86)\WIBUKEY\Server\WkSvMgr.exe [N/A]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\VESWinlogon]
2009-12-01 21:03 98304 ----a-w- c:\windows\System32\VESWinlogon.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 E4LOADER;General Purpose USB Driver (e4ldrx64.sys);c:\windows\system32\Drivers\e4ldrx64.sys [2007-01-04 71832]
R2 gupdate;Service Google Update (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-02-20 133104]
R2 mi-raysat_3dsMax2009_64;mental ray 3.6 Satellite for Autodesk 3ds Max 2009 64-bit 64-bit;c:\program files\Autodesk\3ds Max 2009\mentalray\satellite\raysat_3dsMax2009_64server.exe [2008-03-10 65536]
R2 Roxio Upnp Server 10;Roxio Upnp Server 10;c:\program files (x86)\Roxio\Digital Home 10\RoxioUpnpService10.exe [2009-08-31 362992]
R3 btusbflt;Bluetooth USB Filter;c:\windows\system32\drivers\btusbflt.sys [x]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [x]
R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2010-09-16 1030600]
R3 gupdatem;Service Google Update (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-02-20 133104]
R3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys [x]
R3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [x]
R3 massfilter;ZTE Mass Storage Filter Driver;c:\windows\system32\drivers\massfilter.sys [x]
R3 Revoflt;Revoflt;c:\windows\system32\DRIVERS\revoflt.sys [x]
R3 Roxio UPnP Renderer 10;Roxio UPnP Renderer 10;c:\program files (x86)\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe [2009-08-31 313840]
R3 SOHCImp;VAIO Media plus Content Importer;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe [2009-10-15 120104]
R3 SOHDBSvr;VAIO Media plus Database Manager;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDBSvr.exe [2009-10-15 70952]
R3 SOHDms;VAIO Media plus Digital Media Server;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe [2009-10-15 427304]
R3 SOHDs;VAIO Media plus Device Searcher;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe [2009-10-15 75048]
R3 SOHPlMgr;VAIO Media plus Playlist Manager;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHPlMgr.exe [2009-10-15 91432]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 UsblgwmAtc;LGE Wireless USB Serial02 Device;c:\windows\system32\DRIVERS\lgwusb64ser02.sys [x]
R3 UsblgwmDiag;LGE Wireless USB Serial01 Device;c:\windows\system32\DRIVERS\lgwusb64ser01.sys [x]
R3 USBlgwmModem;LGE Wireless USB Modem;c:\windows\system32\DRIVERS\lgwusb64modem.sys [x]
R3 usblgwubus;LGE Wireless Composite USB Device;c:\windows\system32\DRIVERS\lgwusb64bus.sys [x]
R3 VcmINSMgr;VAIO Content Metadata Intelligent Network Service Manager;c:\program files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe [2009-09-01 361840]
R3 VcmXmlIfHelper;VAIO Content Metadata XML Interface;c:\program files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe [2010-02-19 115568]
R3 VUAgent;VUAgent;c:\program files\Sony\VAIO Update 5\VUAgent.exe [2011-04-20 1021840]
R3 WatAdminSvc;Service Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe [x]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
S2 CodeMeter.exe;CodeMeter Runtime Server;c:\program files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe [2009-08-19 1705280]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2009-11-20 13336]
S2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files (x86)\McAfee\SiteAdvisor\McSACore.exe [2011-08-10 102608]
S2 PMBDeviceInfoProvider;PMBDeviceInfoProvider;c:\program files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe [2009-10-24 360224]
S2 rimspci;rimspci;c:\windows\system32\drivers\rimssne64.sys [x]
S2 risdsnpe;risdsnpe;c:\windows\system32\drivers\risdsne64.sys [x]
S2 SampleCollector;VAIO Care Performance Service;c:\program files\Sony\VAIO Care\VCPerfService.exe [2011-01-29 259192]
S2 uCamMonitor;CamMonitor;c:\program files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [2008-09-18 104960]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2009-12-14 2320920]
S2 VCFw;VAIO Content Folder Watcher;c:\program files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [2009-09-14 642416]
S2 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager;c:\program files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [2010-02-19 529776]
S2 VSNService;VSNService;c:\program files\Sony\VAIO Smart Network\VSNService.exe [2009-11-25 821760]
S3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect;c:\windows\system32\DRIVERS\ArcSoftKsUFilter.sys [x]
S3 e4usbaw;USB ADSL2 WAN Adapter;c:\windows\system32\DRIVERS\e4usbawx64.sys [2007-01-04 146968]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [x]
S3 SFEP;Sony Firmware Extension Parser;c:\windows\system32\drivers\SFEP.sys [x]
S3 VAIO Power Management;VAIO Power Management;c:\program files\Sony\VAIO Power Management\SPMService.exe [2009-11-30 571248]
S3 VCService;VCService;c:\program files\Sony\VAIO Care\VCService.exe [2011-02-14 44736]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x]
S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys [x]
.
.
Contenu du dossier 'Tâches planifiées'
.
2011-10-01 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-02-20 07:48]
.
2011-10-01 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-02-20 07:48]
.
2011-01-15 c:\windows\Tasks\McDefragTask.job
- c:\progra~2\mcafee\mqc\QcConsol.exe [2010-02-20 07:57]
.
2011-10-01 c:\windows\Tasks\McQcTask.job
- c:\progra~2\mcafee\mqc\QcConsol.exe [2010-02-20 07:57]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2010-02-20 171520]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Examen supplémentaire -------
.
uLocal Page = c:\windows\SysWOW64\blank.htm
uStart Page = hxxp://www.menara.ma/
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: Ajouter au fichier PDF existant - c:\program files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convertir en Adobe PDF - c:\program files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convertir la cible du lien en Adobe PDF - c:\program files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convertir la cible du lien en un fichier PDF existant - c:\program files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convertir la sélection en Adobe PDF - c:\program files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convertir la sélection en un fichier PDF existant - c:\program files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convertir les liens sélectionnés en fichier Adobe PDF - c:\program files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convertir les liens sélectionnés en un fichier PDF existant - c:\program files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: E&xporter vers Microsoft Excel - c:\progra~2\MICROS~1\OFFICE11\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
IE: Tout télécharger avec Free Download Manager - file://c:\program files (x86)\Free Download Manager\dlall.htm
IE: Télécharger avec Free Download Manager - file://c:\program files (x86)\Free Download Manager\dllink.htm
IE: Télécharger la sélection avec Free Download Manager - file://c:\program files (x86)\Free Download Manager\dlselected.htm
IE: Télécharger la vidéo avec Free Download Manager - file://c:\program files (x86)\Free Download Manager\dlfvideo.htm
TCP: Interfaces\{26214654-1E4D-4121-90A0-7D9F5835EBC9}: NameServer = 212.217.0.12
FF - ProfilePath - c:\users\SONY\AppData\Roaming\Mozilla\Firefox\Profiles\5fcc3we6.default\
.
- - - - ORPHELINS SUPPRIMES - - - -
.
Wow6432Node-HKCU-Run-Software Informer - c:\program files (x86)\Software Informer\softinfo.exe
Wow6432Node-HKCU-Run-Aofafa - c:\users\SONY\AppData\Roaming\Aofafa.exe
HKLM-Run-Apoint - c:\program files (x86)\Apoint\Apoint.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SampleCollector]
"ImagePath"="\"c:\program files\Sony\VAIO Care\VCPerfService.exe\" \"/service\" \"/sstates\" \"/sampleinterval=5000\" \"/procinterval=5\" \"/dllinterval=120\" \"/counter=\Processor(_Total)\% Processor Time:1/counter=\PhysicalDisk(_Total)\Disk Bytes/sec:1\" \"/counter=\Network Interface(*)\Bytes Total/sec:1\" \"/expandcounter=\Processor Information(*)\Processor Frequency:1\" \"/expandcounter=\Processor(*)\% Idle Time:1\" \"/expandcounter=\Processor(*)\% C1 Time:1\" \"/expandcounter=\Processor(*)\% C2 Time:1\" \"/expandcounter=\Processor(*)\% C3 Time:1\" \"/expandcounter=\Processor(*)\% Processor Time:1\" \"/directory=c:\programdata\Sony Corporation\VAIO Care\inteldata\""
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10m_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10m_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10m.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10m.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10m.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10m.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Heure de fin: 2011-10-01 21:32:26
ComboFix-quarantined-files.txt 2011-10-01 21:32
.
Avant-CF: 160 619 159 552 octets libres
Après-CF: 164 212 944 896 octets libres
.
- - End Of File - - 879668F6695E1E0CDF6E01484A4C87B9
je vois que tu as un parefeu McAfee..
celui de windows est il bien désactivé alors ?
celui de McAfee est il bien configuré ?
=> désactive le et fais à nouveau un test sur un des liens qui ne fonctionnent pas
celui de windows est il bien désactivé alors ?
celui de McAfee est il bien configuré ?
=> désactive le et fais à nouveau un test sur un des liens qui ne fonctionnent pas
Rapport ESET
C:\Downloads\Software\SoftonicDownloader_pour_magical-jelly-bean-keyfinder.exe une variante de Win32/SoftonicDownloader.A application nettoyé par suppression - mis en quarantaine
C:\Downloads\Software\SoftonicDownloader_pour_produkey.exe une variante de Win32/SoftonicDownloader.A application nettoyé par suppression - mis en quarantaine
C:\Kill'em\Quarantine\QUE1238.tmp.kill'em une variante de Win32/Adware.OneStep.R application supprimé - mis en quarantaine
C:\Kill'em\Quarantine\QUE1812.tmp.kill'em une variante de Win32/Adware.OneStep.R application supprimé - mis en quarantaine
C:\Kill'em\Quarantine\QUE188E.tmp.kill'em une variante de Win32/Adware.OneStep.T application supprimé - mis en quarantaine
C:\Kill'em\Quarantine\QUE256A.tmp.kill'em une variante de Win32/Adware.OneStep.AB application supprimé - mis en quarantaine
C:\Kill'em\Quarantine\QUE3F60.tmp.kill'em une variante de Win32/Adware.OneStep.T application supprimé - mis en quarantaine
C:\Kill'em\Quarantine\QUEA1B7.tmp.kill'em une variante de Win32/Adware.OneStep.X application supprimé - mis en quarantaine
C:\Kill'em\Quarantine\QUEB412.tmp.kill'em menaces multiples supprimé - mis en quarantaine
C:\Kill'em\Quarantine\QUEBD2.tmp.kill'em une variante de Win32/Adware.OneStep.T application supprimé - mis en quarantaine
C:\Kill'em\Quarantine\QUED088.tmp.kill'em menaces multiples supprimé - mis en quarantaine
C:\Kill'em\Quarantine\QUEFEF6.tmp.kill'em une variante de Win32/Adware.OneStep.T application supprimé - mis en quarantaine
C:\Program Files (x86)\Ad-Remover\Quarantine\C\Program Files (x86)\QueryExplorer\queryexplorer.exe.vir une variante de Win32/Adware.OneStep.AI application nettoyé par suppression - mis en quarantaine
C:\Program Files (x86)\Ad-Remover\Quarantine\C\ProgramData\QueryExplorer\queryexplorer197.exe.vir une variante de Win32/Adware.OneStep.AI application nettoyé par suppression - mis en quarantaine
C:\Qoobox\Quarantine\C\Users\SONY\AppData\Roaming\2B24.tmp.vir une variante de Win32/Kryptik.TJK cheval de troie nettoyé par suppression - mis en quarantaine
C:\Qoobox\Quarantine\C\Users\SONY\AppData\Roaming\3E19.tmp.vir Win32/Lethic.AA cheval de troie nettoyé par suppression - mis en quarantaine
C:\Qoobox\Quarantine\C\Users\SONY\AppData\Roaming\4BD0.tmp.vir IRC/SdBot cheval de troie nettoyé par suppression - mis en quarantaine
C:\Qoobox\Quarantine\C\Users\SONY\AppData\Roaming\535D.tmp.vir une variante de Win32/Kryptik.TJK cheval de troie nettoyé par suppression - mis en quarantaine
C:\Qoobox\Quarantine\C\Users\SONY\AppData\Roaming\7C40.tmp.vir une variante de Win32/Kryptik.TJK cheval de troie nettoyé par suppression - mis en quarantaine
C:\Qoobox\Quarantine\C\Users\SONY\AppData\Roaming\A8AD.tmp.vir une variante de Win32/Kryptik.TJK cheval de troie nettoyé par suppression - mis en quarantaine
C:\Qoobox\Quarantine\C\Users\SONY\AppData\Roaming\AE29.tmp.vir une variante de Win32/Kryptik.TJK cheval de troie nettoyé par suppression - mis en quarantaine
C:\Qoobox\Quarantine\C\Users\SONY\AppData\Roaming\Aofafa.exe.vir Win32/Dorkbot.A ver nettoyé par suppression - mis en quarantaine
C:\Qoobox\Quarantine\C\Users\SONY\AppData\Roaming\C51.tmp.vir IRC/SdBot cheval de troie nettoyé par suppression - mis en quarantaine
C:\Qoobox\Quarantine\C\Users\SONY\AppData\Roaming\F5B3.tmp.vir une variante de Win32/Kryptik.TJK cheval de troie nettoyé par suppression - mis en quarantaine
C:\Qoobox\Quarantine\C\Users\SONY\AppData\Roaming\FF45.tmp.vir Win32/Lethic.AA cheval de troie nettoyé par suppression - mis en quarantaine
C:\UsbFix\Quarantine\C\Users\SONY\AppData\Roaming\3F12.tmp.vir une variante de Win32/Injector.JLT cheval de troie nettoyé par suppression - mis en quarantaine
C:\UsbFix\Quarantine\C\Users\SONY\AppData\Roaming\4762.tmp.vir Win32/Lethic.AA cheval de troie nettoyé par suppression - mis en quarantaine
C:\UsbFix\Quarantine\C\Users\SONY\AppData\Roaming\55C4.tmp.vir IRC/SdBot cheval de troie nettoyé par suppression - mis en quarantaine
C:\UsbFix\Quarantine\C\Users\SONY\AppData\Roaming\6A86.tmp.vir Win32/Lethic.AA cheval de troie nettoyé par suppression - mis en quarantaine
C:\UsbFix\Quarantine\C\Users\SONY\AppData\Roaming\7A5F.tmp.vir IRC/SdBot cheval de troie nettoyé par suppression - mis en quarantaine
C:\UsbFix\Quarantine\C\Users\SONY\AppData\Roaming\8AA3.tmp.vir Win32/Lethic.AA cheval de troie nettoyé par suppression - mis en quarantaine
C:\UsbFix\Quarantine\C\Users\SONY\AppData\Roaming\96E3.tmp.vir une variante de Win32/Injector.JLT cheval de troie nettoyé par suppression - mis en quarantaine
C:\UsbFix\Quarantine\C\Users\SONY\AppData\Roaming\9859.tmp.vir une variante de Win32/Injector.JLT cheval de troie nettoyé par suppression - mis en quarantaine
C:\UsbFix\Quarantine\C\Users\SONY\AppData\Roaming\A20B.tmp.vir IRC/SdBot cheval de troie nettoyé par suppression - mis en quarantaine
C:\UsbFix\Quarantine\C\Users\SONY\AppData\Roaming\AB3E.tmp.vir une variante de Win32/Injector.JLT cheval de troie nettoyé par suppression - mis en quarantaine
C:\UsbFix\Quarantine\C\Users\SONY\AppData\Roaming\B6B5.tmp.vir IRC/SdBot cheval de troie nettoyé par suppression - mis en quarantaine
C:\UsbFix\Quarantine\C\Users\SONY\AppData\Roaming\BD39.tmp.vir IRC/SdBot cheval de troie nettoyé par suppression - mis en quarantaine
C:\UsbFix\Quarantine\C\Users\SONY\AppData\Roaming\C7B7.tmp.vir une variante de Win32/Injector.JLT cheval de troie nettoyé par suppression - mis en quarantaine
C:\UsbFix\Quarantine\C\Users\SONY\AppData\Roaming\D436.tmp.vir une variante de Win32/Injector.JLT cheval de troie nettoyé par suppression - mis en quarantaine
C:\UsbFix\Quarantine\H\autorun.inf.vir INF/Autorun.gen cheval de troie nettoyé par suppression - mis en quarantaine
C:\UsbFix\Quarantine\H\RECYCLER.lnk.vir Win32/Dorkbot.D ver nettoyé par suppression - mis en quarantaine
C:\Users\SONY\Desktop\RK_Quarantine\A8AD.tmp.vir une variante de Win32/Kryptik.TJK cheval de troie nettoyé par suppression - mis en quarantaine
C:\Users\SONY\Downloads\fdminst.exe Win32/OpenCandy application supprimé - mis en quarantaine
C:\Downloads\Software\SoftonicDownloader_pour_magical-jelly-bean-keyfinder.exe une variante de Win32/SoftonicDownloader.A application nettoyé par suppression - mis en quarantaine
C:\Downloads\Software\SoftonicDownloader_pour_produkey.exe une variante de Win32/SoftonicDownloader.A application nettoyé par suppression - mis en quarantaine
C:\Kill'em\Quarantine\QUE1238.tmp.kill'em une variante de Win32/Adware.OneStep.R application supprimé - mis en quarantaine
C:\Kill'em\Quarantine\QUE1812.tmp.kill'em une variante de Win32/Adware.OneStep.R application supprimé - mis en quarantaine
C:\Kill'em\Quarantine\QUE188E.tmp.kill'em une variante de Win32/Adware.OneStep.T application supprimé - mis en quarantaine
C:\Kill'em\Quarantine\QUE256A.tmp.kill'em une variante de Win32/Adware.OneStep.AB application supprimé - mis en quarantaine
C:\Kill'em\Quarantine\QUE3F60.tmp.kill'em une variante de Win32/Adware.OneStep.T application supprimé - mis en quarantaine
C:\Kill'em\Quarantine\QUEA1B7.tmp.kill'em une variante de Win32/Adware.OneStep.X application supprimé - mis en quarantaine
C:\Kill'em\Quarantine\QUEB412.tmp.kill'em menaces multiples supprimé - mis en quarantaine
C:\Kill'em\Quarantine\QUEBD2.tmp.kill'em une variante de Win32/Adware.OneStep.T application supprimé - mis en quarantaine
C:\Kill'em\Quarantine\QUED088.tmp.kill'em menaces multiples supprimé - mis en quarantaine
C:\Kill'em\Quarantine\QUEFEF6.tmp.kill'em une variante de Win32/Adware.OneStep.T application supprimé - mis en quarantaine
C:\Program Files (x86)\Ad-Remover\Quarantine\C\Program Files (x86)\QueryExplorer\queryexplorer.exe.vir une variante de Win32/Adware.OneStep.AI application nettoyé par suppression - mis en quarantaine
C:\Program Files (x86)\Ad-Remover\Quarantine\C\ProgramData\QueryExplorer\queryexplorer197.exe.vir une variante de Win32/Adware.OneStep.AI application nettoyé par suppression - mis en quarantaine
C:\Qoobox\Quarantine\C\Users\SONY\AppData\Roaming\2B24.tmp.vir une variante de Win32/Kryptik.TJK cheval de troie nettoyé par suppression - mis en quarantaine
C:\Qoobox\Quarantine\C\Users\SONY\AppData\Roaming\3E19.tmp.vir Win32/Lethic.AA cheval de troie nettoyé par suppression - mis en quarantaine
C:\Qoobox\Quarantine\C\Users\SONY\AppData\Roaming\4BD0.tmp.vir IRC/SdBot cheval de troie nettoyé par suppression - mis en quarantaine
C:\Qoobox\Quarantine\C\Users\SONY\AppData\Roaming\535D.tmp.vir une variante de Win32/Kryptik.TJK cheval de troie nettoyé par suppression - mis en quarantaine
C:\Qoobox\Quarantine\C\Users\SONY\AppData\Roaming\7C40.tmp.vir une variante de Win32/Kryptik.TJK cheval de troie nettoyé par suppression - mis en quarantaine
C:\Qoobox\Quarantine\C\Users\SONY\AppData\Roaming\A8AD.tmp.vir une variante de Win32/Kryptik.TJK cheval de troie nettoyé par suppression - mis en quarantaine
C:\Qoobox\Quarantine\C\Users\SONY\AppData\Roaming\AE29.tmp.vir une variante de Win32/Kryptik.TJK cheval de troie nettoyé par suppression - mis en quarantaine
C:\Qoobox\Quarantine\C\Users\SONY\AppData\Roaming\Aofafa.exe.vir Win32/Dorkbot.A ver nettoyé par suppression - mis en quarantaine
C:\Qoobox\Quarantine\C\Users\SONY\AppData\Roaming\C51.tmp.vir IRC/SdBot cheval de troie nettoyé par suppression - mis en quarantaine
C:\Qoobox\Quarantine\C\Users\SONY\AppData\Roaming\F5B3.tmp.vir une variante de Win32/Kryptik.TJK cheval de troie nettoyé par suppression - mis en quarantaine
C:\Qoobox\Quarantine\C\Users\SONY\AppData\Roaming\FF45.tmp.vir Win32/Lethic.AA cheval de troie nettoyé par suppression - mis en quarantaine
C:\UsbFix\Quarantine\C\Users\SONY\AppData\Roaming\3F12.tmp.vir une variante de Win32/Injector.JLT cheval de troie nettoyé par suppression - mis en quarantaine
C:\UsbFix\Quarantine\C\Users\SONY\AppData\Roaming\4762.tmp.vir Win32/Lethic.AA cheval de troie nettoyé par suppression - mis en quarantaine
C:\UsbFix\Quarantine\C\Users\SONY\AppData\Roaming\55C4.tmp.vir IRC/SdBot cheval de troie nettoyé par suppression - mis en quarantaine
C:\UsbFix\Quarantine\C\Users\SONY\AppData\Roaming\6A86.tmp.vir Win32/Lethic.AA cheval de troie nettoyé par suppression - mis en quarantaine
C:\UsbFix\Quarantine\C\Users\SONY\AppData\Roaming\7A5F.tmp.vir IRC/SdBot cheval de troie nettoyé par suppression - mis en quarantaine
C:\UsbFix\Quarantine\C\Users\SONY\AppData\Roaming\8AA3.tmp.vir Win32/Lethic.AA cheval de troie nettoyé par suppression - mis en quarantaine
C:\UsbFix\Quarantine\C\Users\SONY\AppData\Roaming\96E3.tmp.vir une variante de Win32/Injector.JLT cheval de troie nettoyé par suppression - mis en quarantaine
C:\UsbFix\Quarantine\C\Users\SONY\AppData\Roaming\9859.tmp.vir une variante de Win32/Injector.JLT cheval de troie nettoyé par suppression - mis en quarantaine
C:\UsbFix\Quarantine\C\Users\SONY\AppData\Roaming\A20B.tmp.vir IRC/SdBot cheval de troie nettoyé par suppression - mis en quarantaine
C:\UsbFix\Quarantine\C\Users\SONY\AppData\Roaming\AB3E.tmp.vir une variante de Win32/Injector.JLT cheval de troie nettoyé par suppression - mis en quarantaine
C:\UsbFix\Quarantine\C\Users\SONY\AppData\Roaming\B6B5.tmp.vir IRC/SdBot cheval de troie nettoyé par suppression - mis en quarantaine
C:\UsbFix\Quarantine\C\Users\SONY\AppData\Roaming\BD39.tmp.vir IRC/SdBot cheval de troie nettoyé par suppression - mis en quarantaine
C:\UsbFix\Quarantine\C\Users\SONY\AppData\Roaming\C7B7.tmp.vir une variante de Win32/Injector.JLT cheval de troie nettoyé par suppression - mis en quarantaine
C:\UsbFix\Quarantine\C\Users\SONY\AppData\Roaming\D436.tmp.vir une variante de Win32/Injector.JLT cheval de troie nettoyé par suppression - mis en quarantaine
C:\UsbFix\Quarantine\H\autorun.inf.vir INF/Autorun.gen cheval de troie nettoyé par suppression - mis en quarantaine
C:\UsbFix\Quarantine\H\RECYCLER.lnk.vir Win32/Dorkbot.D ver nettoyé par suppression - mis en quarantaine
C:\Users\SONY\Desktop\RK_Quarantine\A8AD.tmp.vir une variante de Win32/Kryptik.TJK cheval de troie nettoyé par suppression - mis en quarantaine
C:\Users\SONY\Downloads\fdminst.exe Win32/OpenCandy application supprimé - mis en quarantaine
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
# DelFix v8.5 - Rapport créé le 02/10/2011 à 11:56:17
# Mis à jour le 25/09/11 à 11h par Xplode
# Système d'exploitation : Windows 7 Home Premium Service Pack 1 (64 bits)
# Nom d'utilisateur : SONY - SONY-VAIO (Administrateur)
# Exécuté depuis : C:\Users\SONY\Desktop\delfix0.exe
# Option [Suppression]
~~~~~~ Dossiers(s) ~~~~~~
Supprimé : C:\Qoobox
Supprimé : C:\USBFix
Supprimé : C:\Kill'em
Supprimé : C:\ZHP
Supprimé : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP
Supprimé : C:\Users\SONY\Desktop\RK_Quarantine
Supprimé : C:\Program Files (x86)\Ad-Remover
Supprimé : C:\Program Files (x86)\ZHPDiag
~~~~~~ Fichier(s) ~~~~~~
Supprimé : C:\Users\SONY\Desktop\SISIMO.exe <-- Combofix
Supprimé : C:\Ad-Report-CLEAN[1].txt
Supprimé : C:\ComboFix.txt
Supprimé : C:\PhysicalDisk0_MBR.bin
Supprimé : C:\UsbFix.txt
Supprimé : C:\UsbFix_Upload_Me_SONY-VAIO.zip
Supprimé : C:\Users\SONY\Desktop\Ad-Remover.lnk
Supprimé : C:\Users\SONY\Desktop\esetsmartinstaller_fra.exe
Supprimé : C:\Users\SONY\Desktop\Pre_scan.exe
Supprimé : C:\Users\SONY\Desktop\Pre_Scan_30_09_2011_23_51_46.txt
Supprimé : C:\Users\SONY\Desktop\RKreport[1].txt
Supprimé : C:\Users\SONY\Desktop\RKreport[2].txt
Supprimé : C:\Users\SONY\Desktop\ZHPDiag.txt
Supprimé : C:\Users\SONY\Desktop\ZHPFixReport.txt
Supprimé : C:\Users\Public\Desktop\ZHPDiag.lnk
Supprimé : C:\Users\Public\Desktop\ZHPFix.lnk
Supprimé : C:\Users\Public\Desktop\MBRCheck.lnk
Supprimé : C:\Windows\grep.exe
Supprimé : C:\Windows\PEV.exe
Supprimé : C:\Windows\NIRCMD.exe
Supprimé : C:\Windows\MBR.exe
Supprimé : C:\Windows\SED.exe
Supprimé : C:\Windows\SWREG.exe
Supprimé : C:\Windows\SWSC.exe
Supprimé : C:\Windows\SWXCACLS.exe
Supprimé : C:\Windows\Zip.exe
~~~~~~ Registre ~~~~~~
Clé Supprimée : HKCU\Software\Ad-Remover
Clé Supprimée : HKCU\Software\g3n-h@ckm@n
Clé Supprimée : HKCU\Software\USBFix
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Ad-Remover
Clé Supprimée : HKLM\SOFTWARE\Swearware
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\USBFix
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ZHPDiag_is1
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\combofix.exe
~~~~~~ Autres ~~~~~~
Désinstallé : ESET Online Scanner
-> Prefetch Vidé
*************************
DelFix[S1].txt - [2394 octets] - [02/10/2011 11:56:17]
########## EOF - C:\DelFix[S1].txt - [2518 octets] ##########
# Mis à jour le 25/09/11 à 11h par Xplode
# Système d'exploitation : Windows 7 Home Premium Service Pack 1 (64 bits)
# Nom d'utilisateur : SONY - SONY-VAIO (Administrateur)
# Exécuté depuis : C:\Users\SONY\Desktop\delfix0.exe
# Option [Suppression]
~~~~~~ Dossiers(s) ~~~~~~
Supprimé : C:\Qoobox
Supprimé : C:\USBFix
Supprimé : C:\Kill'em
Supprimé : C:\ZHP
Supprimé : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP
Supprimé : C:\Users\SONY\Desktop\RK_Quarantine
Supprimé : C:\Program Files (x86)\Ad-Remover
Supprimé : C:\Program Files (x86)\ZHPDiag
~~~~~~ Fichier(s) ~~~~~~
Supprimé : C:\Users\SONY\Desktop\SISIMO.exe <-- Combofix
Supprimé : C:\Ad-Report-CLEAN[1].txt
Supprimé : C:\ComboFix.txt
Supprimé : C:\PhysicalDisk0_MBR.bin
Supprimé : C:\UsbFix.txt
Supprimé : C:\UsbFix_Upload_Me_SONY-VAIO.zip
Supprimé : C:\Users\SONY\Desktop\Ad-Remover.lnk
Supprimé : C:\Users\SONY\Desktop\esetsmartinstaller_fra.exe
Supprimé : C:\Users\SONY\Desktop\Pre_scan.exe
Supprimé : C:\Users\SONY\Desktop\Pre_Scan_30_09_2011_23_51_46.txt
Supprimé : C:\Users\SONY\Desktop\RKreport[1].txt
Supprimé : C:\Users\SONY\Desktop\RKreport[2].txt
Supprimé : C:\Users\SONY\Desktop\ZHPDiag.txt
Supprimé : C:\Users\SONY\Desktop\ZHPFixReport.txt
Supprimé : C:\Users\Public\Desktop\ZHPDiag.lnk
Supprimé : C:\Users\Public\Desktop\ZHPFix.lnk
Supprimé : C:\Users\Public\Desktop\MBRCheck.lnk
Supprimé : C:\Windows\grep.exe
Supprimé : C:\Windows\PEV.exe
Supprimé : C:\Windows\NIRCMD.exe
Supprimé : C:\Windows\MBR.exe
Supprimé : C:\Windows\SED.exe
Supprimé : C:\Windows\SWREG.exe
Supprimé : C:\Windows\SWSC.exe
Supprimé : C:\Windows\SWXCACLS.exe
Supprimé : C:\Windows\Zip.exe
~~~~~~ Registre ~~~~~~
Clé Supprimée : HKCU\Software\Ad-Remover
Clé Supprimée : HKCU\Software\g3n-h@ckm@n
Clé Supprimée : HKCU\Software\USBFix
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Ad-Remover
Clé Supprimée : HKLM\SOFTWARE\Swearware
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\USBFix
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ZHPDiag_is1
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\combofix.exe
~~~~~~ Autres ~~~~~~
Désinstallé : ESET Online Scanner
-> Prefetch Vidé
*************************
DelFix[S1].txt - [2394 octets] - [02/10/2011 11:56:17]
########## EOF - C:\DelFix[S1].txt - [2518 octets] ##########
