Aller au contenu

Diwana

Membres
  • Compteur de contenus

    33
  • Inscription

  • Dernière visite

Contact Methods

  • Website URL
    http://
  • ICQ
    0

Profile Information

  • Localisation
    Fort de France Martinique

Diwana's Achievements

Member

Member (4/12)

0

Réputation sur la communauté

  1. Aloa bon, ça n'a rien changé du tout...Me reste plus qu'a reformater Merci beaucoup de ton aide, c'est vachement cool de prendre du temps pour de pauvres hères perdus dans les méandres de l'informatique... Bye
  2. Loadlibrary "diwana.dll": L'acces a cet emplacement de la mémoire n'est pas valide......voila la réponse de Gmer.exe que j'ai renommé en diwana, déconnectée d'internet qui plus est....Toujours pas de restauration système possible ( vous n'avez pas les privilèges...blablabeurk...) Et si je reformatais?
  3. Aloa C'est bien marqué "successfull"...mais Black light refuse toujours de s'executer...pffff...je te donne du fil à retordre, hein? merci encore de me venir en aide
  4. Je suis tes directives, mais au bout d'une minute et plus encore, ce programme ne revient plus!!! J'ai attendu plus de 5 minutes pourtant...ouinnnnn j'ai redémarré...ça marche toujours pas...je suis damnée!!!
  5. aloa Voici le rapport de Silentrunners qui a bien voulu s'executer aprés l'installation de windows script: "Silent Runners.vbs", revision R50, http://www.silentrunners.org/ Operating System: Windows XP SP2 Output limited to non-default values, except where indicated by "{++}" Startup items buried in registry: --------------------------------- HKCU\Software\Microsoft\Windows\CurrentVersion\Run\ {++} "TVAgent WiFi" = "C:\Program Files\Kit ADSL\Wizard\Agent_WiFi.exe" ["n9uf telecom"] "MsnMsgr" = ""C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background" [MS] "AMonitor" = "C:\Program Files\Tiny Firewall Pro\amon.exe" ["Tiny Software, Inc."] HKLM\Software\Microsoft\Windows\CurrentVersion\Run\ {++} "Broadcom Wireless Manager UI" = "C:\WINDOWS\system32\WLTRAY" ["Broadcom Corporation"] "SoundMan" = "SOUNDMAN.EXE" ["Realtek Semiconductor Corp."] "SynTPLpr" = "C:\Program Files\Synaptics\SynTP\SynTPLpr.exe" ["Synaptics, Inc."] "AGRSMMSG" = "AGRSMMSG.exe" ["Agere Systems"] "SiSPower" = "Rundll32.exe SiSPower.dll,ModeAgent" [MS] HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}\(Default) = (no title provided) -> {HKLM...CLSID} = "Adobe PDF Reader Link Helper" \InProcServer32\(Default) = "C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll" ["Adobe Systems Incorporated"] {761497BB-D6F0-462C-B6EB-D4DAF1D92D43}\(Default) = (no title provided) -> {HKLM...CLSID} = "SSVHelper Class" \InProcServer32\(Default) = "C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll" ["Sun Microsystems, Inc."] {9030D464-4C02-4ABF-8ECC-5164760863C6}\(Default) = (no title provided) -> {HKLM...CLSID} = "Windows Live Sign-in Helper" \InProcServer32\(Default) = "C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll" [MS] {B930BA63-9E5A-11D3-A288-0000E80E2EDE}\(Default) = (no title provided) -> {HKLM...CLSID} = "IECatcher Class" \InProcServer32\(Default) = "C:\Program Files\Mass Downloader\MDHELPER.DLL" [empty string] HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\ "{42071714-76d4-11d1-8b24-00a0c9068ff3}" = "Extension Affichage Panorama du Panneau de configuration" -> {HKLM...CLSID} = "Extension Affichage Panorama du Panneau de configuration" \InProcServer32\(Default) = "deskpan.dll" [file not found] "{88895560-9AA2-1069-930E-00AA0030EBC8}" = "Extension icône HyperTerminal" -> {HKLM...CLSID} = "HyperTerminal Icon Ext" \InProcServer32\(Default) = "C:\WINDOWS\system32\hticons.dll" ["Hilgraeve, Inc."] "{3028902F-6374-48b2-8DC6-9725E775B926}" = "IE Microsoft AutoComplete" -> {HKLM...CLSID} = "IE Microsoft AutoComplete" \InProcServer32\(Default) = "C:\WINDOWS\system32\browseui.dll" [MS] "{EFA24E62-B078-11d0-89E4-00C04FC9E26E}" = "History Band" -> {HKLM...CLSID} = "History Band" \InProcServer32\(Default) = "C:\WINDOWS\system32\shdocvw.dll" [MS] "{cc86590a-b60a-48e6-996b-41d25ed39a1e}" = "Portable Media Devices Menu" -> {HKLM...CLSID} = "Portable Media Devices Menu" \InProcServer32\(Default) = "C:\WINDOWS\system32\Audiodev.dll" [MS] "{2F603045-309F-11CF-9774-0020AFD0CFF6}" = "Synaptics Control Panel" -> {HKLM...CLSID} = (no title provided) \InProcServer32\(Default) = "C:\Program Files\Synaptics\SynTP\SynTPCpl.dll" ["Synaptics, Inc."] "{FC9FB64A-1EB2-4CCF-AF5E-1A497A9B5C2D}" = "Messenger Sharing Folders" -> {HKLM...CLSID} = "Mes dossiers de partage" \InProcServer32\(Default) = "C:\Program Files\MSN Messenger\fsshext.8.1.0178.00.dll" [MS] "{B41DB860-8EE4-11D2-9906-E49FADC173CA}" = "WinRAR shell extension" -> {HKLM...CLSID} = "WinRAR" \InProcServer32\(Default) = "C:\Program Files\WinRAR\rarext.dll" [null data] "{00020D75-0000-0000-C000-000000000046}" = "Microsoft Office Outlook Desktop Icon Handler" -> {HKLM...CLSID} = "Microsoft Office Outlook" \InProcServer32\(Default) = "C:\PROGRA~1\MICROS~2\OFFICE11\MLSHEXT.DLL" [MS] "{0006F045-0000-0000-C000-000000000046}" = "Microsoft Office Outlook Custom Icon Handler" -> {HKLM...CLSID} = "Outlook File Icon Extension" \InProcServer32\(Default) = "C:\PROGRA~1\MICROS~2\OFFICE11\OLKFSTUB.DLL" [MS] "{42042206-2D85-11D3-8CFF-005004838597}" = "Microsoft Office HTML Icon Handler" -> {HKLM...CLSID} = (no title provided) \InProcServer32\(Default) = "C:\Program Files\Microsoft Office\OFFICE11\msohev.dll" [MS] "{F0CB00CD-5A07-4D91-97F5-A8C92CDA93E4}" = "Shell Extensions for RealOne Player" -> {HKLM...CLSID} = "RealOne Player Context Menu Class" \InProcServer32\(Default) = "C:\Program Files\Real\RealPlayer\rpshell.dll" ["RealNetworks, Inc."] "{32020A01-506E-484D-A2A8-BE3CF17601C3}" = "AlcoholShellEx" -> {HKLM...CLSID} = "AlcoholShellEx" \InProcServer32\(Default) = "C:\PROGRA~1\ALCOHO~1\ALCOHO~1\AXShlEx.dll" ["Alcohol Soft Development Team"] "{8D1636FD-CA49-4B4E-90E4-0A20E03A15E8}" = "jetAudio" -> {HKLM...CLSID} = "JetFlExt" \InProcServer32\(Default) = "C:\Program Files\JetAudio\JetFlExt.dll" ["JetAudio, Inc."] HKLM\Software\Microsoft\Windows NT\CurrentVersion\Windows\ <<!>> "AppInit_DLLs" = "UmxSbxExw.dll" ["Tiny Software Inc."] HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ <<!>> PFW\DLLName = "UmxWnp.Dll" ["Tiny Software Inc."] HKLM\Software\Classes\PROTOCOLS\Filter\ <<!>> text/xml\CLSID = "{807553E5-5146-11D5-A672-00B0D022E945}" -> {HKLM...CLSID} = (no title provided) \InProcServer32\(Default) = "C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE11\MSOXMLMF.DLL" [MS] HKLM\Software\Classes\Folder\shellex\ColumnHandlers\ {F9DB5320-233E-11D1-9F84-707F02C10627}\(Default) = "PDF Column Info" -> {HKLM...CLSID} = "PDF Shell Extension" \InProcServer32\(Default) = "C:\Program Files\Adobe\Acrobat 7.0\ActiveX\PDFShell.dll" ["Adobe Systems, Inc."] HKLM\Software\Classes\*\shellex\ContextMenuHandlers\ WinRAR\(Default) = "{B41DB860-8EE4-11D2-9906-E49FADC173CA}" -> {HKLM...CLSID} = "WinRAR" \InProcServer32\(Default) = "C:\Program Files\WinRAR\rarext.dll" [null data] HKLM\Software\Classes\Directory\shellex\ContextMenuHandlers\ jetAudio\(Default) = "{8D1636FD-CA49-4B4E-90E4-0A20E03A15E8}" -> {HKLM...CLSID} = "JetFlExt" \InProcServer32\(Default) = "C:\Program Files\JetAudio\JetFlExt.dll" ["JetAudio, Inc."] WinRAR\(Default) = "{B41DB860-8EE4-11D2-9906-E49FADC173CA}" -> {HKLM...CLSID} = "WinRAR" \InProcServer32\(Default) = "C:\Program Files\WinRAR\rarext.dll" [null data] HKLM\Software\Classes\Folder\shellex\ContextMenuHandlers\ jetAudio\(Default) = "{8D1636FD-CA49-4B4E-90E4-0A20E03A15E8}" -> {HKLM...CLSID} = "JetFlExt" \InProcServer32\(Default) = "C:\Program Files\JetAudio\JetFlExt.dll" ["JetAudio, Inc."] WinRAR\(Default) = "{B41DB860-8EE4-11D2-9906-E49FADC173CA}" -> {HKLM...CLSID} = "WinRAR" \InProcServer32\(Default) = "C:\Program Files\WinRAR\rarext.dll" [null data] Group Policies {GPedit.msc branch and setting}: ----------------------------------------------- Note: detected settings may not have any effect. HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Associations\ "LowRiskFileTypes" = (REG_SZ) .zip;.rar;.nfo;.txt;.exe;.bat;.com;.cmd;.reg;.msi;.htm;.html;.gif;.bmp;.jpg;.avi;.mpg;.mpeg;.mov;.mp3;.m3u;.wav; {unrecognized setting} HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Attachments\ "SaveZoneInformation" = (REG_DWORD) hex:0x00000001 {unrecognized setting} "HideZoneInfoOnProperties" = (REG_DWORD) hex:0x00000001 {unrecognized setting} HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\ "CDRAutoRun" = (REG_DWORD) hex:0x00000001 {unrecognized setting} "NoStrCmpLogical" = (REG_DWORD) hex:0x00000000 {unrecognized setting} "NoSaveSettings" = (REG_DWORD) hex:0x00000000 {User Configuration|Administrative Templates|Desktop| Don't save settings at exit} "NoTrayItemsDisplay" = (REG_DWORD) hex:0x00000000 {User Configuration|Administrative Templates|Start Menu and Taskbar| Hide the notification area} "NoToolbarsOnTaskbar" = (REG_DWORD) hex:0x00000000 {unrecognized setting} "NoResolveTrack" = (REG_DWORD) hex:0x00000000 {unrecognized setting} "NoResolveSearch" = (REG_DWORD) hex:0x00000000 {unrecognized setting} "NoNetworkConnections" = (REG_DWORD) hex:0x00000000 {User Configuration|Administrative Templates|Start Menu and Taskbar| Remove Network Connections from Start Menu} "NoRun" = (REG_DWORD) hex:0x00000000 {unrecognized setting} "NoControlPanel" = (REG_DWORD) hex:0x00000000 {unrecognized setting} "NoSMHelp" = (REG_DWORD) hex:0x00000000 {User Configuration|Administrative Templates|Start Menu and Taskbar| Remove Help menu from Start Menu} "NoRecentDocsMenu" = (REG_DWORD) hex:0x00000000 {unrecognized setting} "NoFind" = (REG_DWORD) hex:0x00000000 {unrecognized setting} "NoSMMyPictures" = (REG_DWORD) hex:0x00000000 {User Configuration|Administrative Templates|Start Menu and Taskbar| Remove My Pictures icon from Start Menu} "NoRecentDocsHistory" = (REG_DWORD) hex:0x00000000 {unrecognized setting} "NoStartMenuMFUprogramsList" = (REG_DWORD) hex:0x00000000 {unrecognized setting} "NoUserNameInStartMenu" = (REG_DWORD) hex:0x00000000 {unrecognized setting} "NoStartMenuMorePrograms" = (REG_DWORD) hex:0x00000000 {User Configuration|Administrative Templates|Start Menu and Taskbar| Remove All Programs list from the Start menu} "ClearRecentDocsOnExit" = (REG_DWORD) hex:0x00000000 {unrecognized setting} "NoInstrumentation" = (REG_DWORD) hex:0x00000000 {unrecognized setting} "NoCDBurning" = (REG_DWORD) hex:0x00000001 {unrecognized setting} "NoSMBalloonTip" = (REG_DWORD) hex:0x00000000 {unrecognized setting} "DisallowCpl" = (REG_DWORD) hex:0x00000001 {User Configuration|Administrative Templates|Control Panel| Hide specified control panel applets / items} "NoLowDiskSpaceChecks" = (REG_DWORD) hex:0x00000001 {unrecognized setting} HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\ "CDRAutoRun" = (REG_DWORD) hex:0x00000001 {unrecognized setting} "NoRemoteRecursiveEvents" = (REG_DWORD) hex:0x00000001 {unrecognized setting} "ForceClassicControlPanel" = (REG_DWORD) hex:0x00000001 {unrecognized setting} "NoSimpleStartMenu" = (REG_DWORD) hex:0x00000000 {unrecognized setting} HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowCpl\ "1" = (REG_SZ) Polices {unrecognized setting} HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System\ "shutdownwithoutlogon" = (REG_DWORD) hex:0x00000001 {Computer Configuration|Windows Settings|Security Settings|Local Policies|Security Options| Shutdown: Allow system to be shut down without having to log on} "undockwithoutlogon" = (REG_DWORD) hex:0x00000001 {Computer Configuration|Windows Settings|Security Settings|Local Policies|Security Options| Devices: Allow undock without having to log on} "SynchronousMachineGroupPolicy" = (REG_DWORD) hex:0x00000000 {unrecognized setting} "SynchronousUserGroupPolicy" = (REG_DWORD) hex:0x00000000 {unrecognized setting} Active Desktop and Wallpaper: ----------------------------- Active Desktop may be disabled at this entry: HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellState Displayed if Active Desktop enabled and wallpaper not set by Group Policy: HKCU\Software\Microsoft\Internet Explorer\Desktop\General\ "Wallpaper" = "C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Wallpaper1.bmp" Displayed if Active Desktop disabled and wallpaper not set by Group Policy: HKCU\Control Panel\Desktop\ "Wallpaper" = "C:\Documents and Settings\Diwaworld\Local Settings\Application Data\Microsoft\Wallpaper1.bmp" Startup items in "Diwaworld" & "All Users" startup folders: ----------------------------------------------------------- C:\Documents and Settings\Diwaworld\Menu Démarrer\Programmes\Démarrage "Rainlendar" -> shortcut to: "C:\Program Files\Rainlendar\Rainlendar.exe" ["Rainy"] C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage "Utility Tray" -> shortcut to: "C:\WINDOWS\system32\sistray.exe" ["Silicon Integrated Systems Corporation"] Winsock2 Service Provider DLLs: ------------------------------- Namespace Service Providers HKLM\System\CurrentControlSet\Services\Winsock2\Parameters\NameSpace_Catalog5\Catalog_Entries\ {++} 000000000001\LibraryPath = "%SystemRoot%\System32\mswsock.dll" [MS] 000000000002\LibraryPath = "%SystemRoot%\System32\winrnr.dll" [MS] 000000000003\LibraryPath = "%SystemRoot%\System32\mswsock.dll" [MS] Transport Service Providers HKLM\System\CurrentControlSet\Services\Winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\ {++} 0000000000##\PackedCatalogItem (contains) DLL [Company Name], (at) ## range: %SystemRoot%\system32\mswsock.dll [MS], 01 - 03, 06 - 13 %SystemRoot%\system32\rsvpsp.dll [MS], 04 - 05 Toolbars, Explorer Bars, Extensions: ------------------------------------ Toolbars HKLM\Software\Microsoft\Internet Explorer\Toolbar\ "{327C2873-E90D-4C37-AA9D-10AC9BABA46C}" = "Easy-WebPrint" -> {HKLM...CLSID} = "Easy-WebPrint" \InProcServer32\(Default) = "C:\Program Files\Canon\Easy-WebPrint\Toolband.dll" [null data] Explorer Bars HKLM\Software\Microsoft\Internet Explorer\Explorer Bars\ HKLM\Software\Classes\CLSID\{03C1C47F-0538-4645-8372-D3109B9FC636}\(Default) = "Easy-WebPrint" Implemented Categories\{00021493-0000-0000-C000-000000000046}\ [vertical bar] InProcServer32\(Default) = "C:\Program Files\Canon\Easy-WebPrint\Toolband.dll" [null data] HKLM\Software\Classes\CLSID\{FF059E31-CC5A-4E2E-BF3B-96E929D65503}\(Default) = "&Rechercher" Implemented Categories\{00021493-0000-0000-C000-000000000046}\ [vertical bar] InProcServer32\(Default) = "C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL" [MS] Extensions (Tools menu items, main toolbar menu buttons) HKLM\Software\Microsoft\Internet Explorer\Extensions\ {08B0E5C0-4FCB-11CF-AAA5-00401C608501}\ "MenuText" = "Console Java (Sun)" "CLSIDExtension" = "{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBC}" -> {HKCU...CLSID} = "Java Plug-in" \InProcServer32\(Default) = "C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll" ["Sun Microsystems, Inc."] -> {HKLM...CLSID} = "Java Plug-in 1.5.0_06" \InProcServer32\(Default) = "C:\Program Files\Java\jre1.5.0_06\bin\npjpi150_06.dll" ["Sun Microsystems, Inc."] {0FD01980-CCCB-11D3-80D4-0000E80E2EDE}\ "ButtonText" = "Mass Downloader" "MenuText" = "&Mass Downloader" "Exec" = "C:\Program Files\Mass Downloader\massdown.exe" [file not found] {85D1F590-48F4-11D9-9669-0800200C9A66}\ "MenuText" = "Uninstall BitDefender Online Scanner v8" "Exec" = "%windir%\bdoscandel.exe" [null data] {92780B25-18CC-41C8-B9BE-3C9C571A8263}\ "ButtonText" = "Recherche" {A0E6D3BD-A661-447D-8634-0751467857F3}\ "ButtonText" = "Diminuer la page" "Script" = "C:\Program Files\UTILS\EasyRead\ZoomOut.js" [file not found] {AEBB571B-4C48-438D-808D-999F168CDECE}\ "ButtonText" = "Agrandir la page" "Script" = "C:\Program Files\UTILS\EasyRead\ZoomIn.js" [file not found] Miscellaneous IE Hijack Points ------------------------------ C:\WINDOWS\INF\IERESET.INF (used to "Reset Web Settings") Added lines (compared with English-language version): [strings]: SAFESITE_VALUE="http://home.microsoft.com/intl/fr/" Missing lines (compared with English-language version): [strings]: 1 line Running Services (Display Name, Service Name, Path {Service DLL}): ------------------------------------------------------------------ Acronis Scheduler2 Service, AcrSch2Svc, ""C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe"" ["Acronis"] FW Configuration Interpreter, UmxCfg, ""C:\Program Files\Fichiers communs\PFShared\UmxCfg.exe"" ["Tiny Software, Inc."] FW Live Update, UmxLU, ""C:\Program Files\Fichiers communs\PFShared\umxlu.exe"" ["Tiny Software, Inc."] FW Policy Manager, UmxPol, ""C:\Program Files\Fichiers communs\PFShared\UmxPol.exe"" ["Tiny Software Inc."] FW User-Mode Helper, UmxFwHlp, ""C:\Program Files\Tiny Firewall Pro\UmxFwHlp.exe"" ["Tiny Software, Inc."] StarWind iSCSI Service, StarWindService, "C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe" ["Rocket Division Software"] Windows User Mode Driver Framework, UMWdf, "C:\WINDOWS\system32\wdfmgr.exe" [MS] Print Monitors: --------------- HKLM\System\CurrentControlSet\Control\Print\Monitors\ Microsoft Document Imaging Writer Monitor\Driver = "mdimon.dll" [MS] ---------- <<!>>: Suspicious data at a malware launch point. + This report excludes default entries except where indicated. + To see *everywhere* the script checks and *everything* it finds, launch it from a command prompt or a shortcut with the -all parameter. + To search all directories of local fixed drives for DESKTOP.INI DLL launch points, use the -supp parameter or answer "No" at the first message box and "Yes" at the second message box. ---------- (total run time: 71 seconds, including 18 seconds for message boxes)
  6. Voici le rapport de Escan antivirus... File C:\WINDOWS\system32\cmdow.exe tagged as not-a-virus:RiskTool.Win32.HideWindows. No Action Taken. File C:\WINDOWS\system32\cmdow.exe tagged as not-a-virus:RiskTool.Win32.HideWindows. No Action Taken. File C:\System Volume Information\_restore{6741C34F-8CCC-4775-8A74-E72D0A9F60C4}\RP0\A0000004.exe tagged as not-a-virus:RiskTool.Win32.HideWindows. No Action Taken.
  7. Aloa Pour l'instant, ça marche, le scan est en cours en mode sans echec Je te poste le rapport quand il sera terminé
  8. Non, je me souviens pas... Han, merci, c'est super sympa!
  9. Tadammmmmmmmmmm... et non, il ne s'execute pas...pas de message d'erreur...rien, nada, walou...un grand silence!!!!!!!!!!!!!!!
  10. oui, jel'ai...c'est un exe...c'est grave, docteur?
  11. POur silentrunners: " impossible de trouver le moteur de script " vbscript" pour le script " c:/DOCUME....blabla...local...blabla....Temp/Rar.... Ohhhhhhh...wahhhhhhhh...lookbat fonctionne!!! the rapport: ! REG.EXE VERSION 3.0 HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Environment ComSpec REG_EXPAND_SZ %SystemRoot%\system32\cmd.exe Path REG_EXPAND_SZ %SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\Fichiers communs\Adobe\AGL;C:\Program Files\QuickTime\QTSystem\ windir REG_EXPAND_SZ %SystemRoot% FP_NO_HOST_CHECK REG_SZ NO OS REG_SZ Windows_NT PROCESSOR_ARCHITECTURE REG_SZ x86 PROCESSOR_LEVEL REG_SZ 15 PROCESSOR_IDENTIFIER REG_SZ x86 Family 15 Model 28 Stepping 0, AuthenticAMD PROCESSOR_REVISION REG_SZ 1c00 NUMBER_OF_PROCESSORS REG_SZ 1 TEMP REG_EXPAND_SZ %SystemRoot%\TEMP TMP REG_EXPAND_SZ %SystemRoot%\TEMP PATHEXT REG_SZ .COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH CLASSPATH REG_EXPAND_SZ .;C:\Program Files\Java\jre1.5.0_06\lib\ext\QTJava.zip QTJAVA REG_EXPAND_SZ C:\Program Files\Java\jre1.5.0_06\lib\ext\QTJava.zip
  12. Il marche pas non plus, j'ai un message: 'impossible...blablabla..." Spadrole pourtant!!!! C'est nerveux...
  13. Combofix refuse également de s'executer...sni snif
×
×
  • Créer...