Aller au contenu

mead

Membres
 Afficher le profil  Afficher son activité

  • Compteur de contenus

    1

  • Inscription

  • Dernière visite

Autres informations

  • Mes langues
    français

mead's Achievements

Junior Member

Junior Member (3/12)

0

Réputation sur la communauté

  1. mead
    Bonjour, je ne sais pas si c'est ici qu'il faut coller le rapport de COMBOFIX. Si quelqu'un peut m'aider pour l'analyser. MERCI... ComboFix 09-04-01.01 - Nouche 2009-04-02 17:19:21.1 - NTFSx86 Microsoft Windows XP Édition familiale 5.1.2600.3.1252.1.1036.18.767.387 [GMT 2:00] Lancé depuis: c:\documents and settings\Nouche\Bureau\ComboFix.exe AV: Kaspersky Anti-Virus *On-access scanning disabled* (Updated) * Un nouveau point de restauration a été créé (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) c:\documents and settings\Nouche\Application Data\FunWebProducts c:\program files\FunWebProducts c:\program files\FunWebProducts\ScreenSaver\Images\-0-ADF0975.urr c:\program files\FunWebProducts\ScreenSaver\Images\24D42529.urr c:\program files\mailskinner c:\program files\mailskinner\anim_0.gif c:\program files\mailskinner\anim_help.gif c:\program files\MyWebSearch c:\program files\MyWebSearch\bar\History\search2 c:\program files\MyWebSearch\bar\Settings\s_pid.dat c:\program files\MyWebSearch\bar\Settings\setting2.htm c:\program files\MyWebSearch\bar\Settings\settings.dat c:\program files\QUAD Utilities c:\windows\IE4 Error Log.txt c:\windows\msskinner c:\windows\msskinner\msbackup.dat c:\windows\pack.epk ((((((((((((((((((((((((((((((((((((((( Pilotes/Services ))))))))))))))))))))))))))))))))))))))))))))))))) -------\Service_Passthru ((((((((((((((((((((((((((((( Fichiers créés du 2009-03-02 au 2009-04-02 )))))))))))))))))))))))))))))))))))) 2009-04-02 17:10 . 2006-03-03 00:42 73,728 --a------ C:\pv.exe 2009-03-28 20:32 . 2009-03-28 20:49 101,287 --a------ c:\windows\system32\drivers\klin.dat 2009-03-28 20:32 . 2009-03-28 20:49 89,601 --a------ c:\windows\system32\drivers\klick.dat 2009-03-28 20:30 . 2009-03-28 20:30 <REP> d-------- c:\program files\Kaspersky Lab 2009-03-28 20:30 . 2009-04-02 17:31 <REP> d-------- c:\documents and settings\All Users.WINDOWS\Application Data\Kaspersky Lab 2009-03-28 20:30 . 2009-04-02 17:27 7,816,736 --ahs---- c:\windows\system32\drivers\fidbox.dat 2009-03-28 20:30 . 2009-04-02 17:27 581,664 --ahs---- c:\windows\system32\drivers\fidbox2.dat 2009-03-28 20:30 . 2009-04-02 17:27 62,148 --ahs---- c:\windows\system32\drivers\fidbox.idx 2009-03-28 20:30 . 2009-04-02 17:27 3,068 --ahs---- c:\windows\system32\drivers\fidbox2.idx 2009-03-28 20:19 . 2009-03-28 20:19 <REP> d-------- c:\documents and settings\All Users.WINDOWS\Application Data\Kaspersky Lab Setup Files 2009-03-28 19:39 . 2009-03-28 20:00 <REP> d-a------ c:\documents and settings\All Users.WINDOWS\Application Data\TEMP 2009-03-27 23:56 . 2009-03-27 23:56 <REP> d-------- c:\program files\Trend Micro 2009-03-21 23:37 . 2009-03-29 08:51 <REP> d-------- c:\documents and settings\Sabba.CF-SABBA\Tracing 2009-03-18 00:26 . 2009-04-02 17:32 <REP> d-------- c:\documents and settings\Nouche\Tracing 2009-03-18 00:23 . 2009-03-20 23:32 <REP> d-------- c:\program files\Microsoft Silverlight 2009-03-18 00:21 . 2009-02-06 19:08 55,152 --a------ c:\windows\system32\drivers\fssfltr_tdi.sys 2009-03-18 00:20 . 2009-03-18 00:20 <REP> d-------- c:\program files\Microsoft Sync Framework 2009-03-18 00:07 . 2009-03-18 00:23 <REP> d-------- c:\program files\Microsoft 2009-03-18 00:06 . 2009-03-18 00:06 <REP> d-------- c:\program files\Windows Live SkyDrive 2009-03-17 23:55 . 2009-03-17 23:55 <REP> d-------- c:\program files\Fichiers communs\Windows Live (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) 2009-04-02 15:28 0 ----a-w c:\windows\system32\drivers\lvuvc.hs 2009-04-02 15:28 0 ----a-w c:\windows\system32\drivers\logiflt.iad 2009-04-02 06:40 --------- d-----w c:\program files\Google 2009-03-28 18:49 33,808 ----a-w c:\windows\system32\drivers\klbg.sys 2009-03-27 22:12 34,016 ----a-w c:\windows\system32\drivers\fhcqgyzg.sys 2009-03-21 22:21 --------- d-----w c:\documents and settings\Sabba.CF-SABBA\Application Data\OpenOffice.org2 2009-03-19 20:23 35,520 -c--a-w c:\documents and settings\Nouche\Application Data\GDIPFONTCACHEV1.DAT 2009-03-17 22:21 --------- d-----w c:\program files\Windows Live 2009-03-17 22:07 --------- d-----w c:\documents and settings\All Users.WINDOWS\Application Data\WindowsLiveInstaller 2009-02-28 23:37 46,080 ----a-w c:\windows\system32\drivers\ndisio.sys 2009-02-28 19:51 35,520 -c--a-w c:\documents and settings\Sabba.CF-SABBA\Application Data\GDIPFONTCACHEV1.DAT 2009-02-26 09:55 --------- d-----w c:\program files\MSBuild 2009-02-26 09:40 --------- d-----w c:\program files\Reference Assemblies 2009-02-14 15:34 --------- d-----w c:\program files\ma-config.com 2009-02-14 15:34 --------- d-----w c:\documents and settings\Sabba.CF-SABBA\Application Data\ma-config.com 2009-02-07 23:56 --------- d--h--w c:\program files\InstallShield Installation Information 2009-02-07 23:56 --------- d-----w c:\documents and settings\All Users.WINDOWS\Application Data\BVRP Software 2009-02-07 23:55 --------- d-----w c:\program files\Common Files 2009-02-06 18:39 308,600 ----a-w c:\windows\WLXPGSS.SCR 2009-02-04 20:05 --------- d-----w c:\program files\Fichiers communs\LogiShrd 2009-02-04 19:57 --------- d-----w c:\program files\Logitech 2009-02-04 19:57 --------- d-----w c:\documents and settings\All Users.WINDOWS\Application Data\Logishrd 2005-02-23 15:18 55,024 -c--a-w c:\documents and settings\SABBA\Application Data\GDIPFONTCACHEV1.DAT 2008-10-12 17:13 32,768 -csha-w c:\windows\system32\config\systemprofile\Local Settings\Historique\History.IE5\MSHist012008101220081013\index.dat ((((((((((((((((((((((((((((((((( Points de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))) *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés REGEDIT4 [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks] "{EEE6C35D-6118-11DC-9C72-001320C79847}"= "c:\program files\SweetIM\Toolbars\Internet Explorer\mgHelper.dll" [2008-03-27 173368] [HKEY_CLASSES_ROOT\clsid\{eee6c35d-6118-11dc-9c72-001320c79847}] [HKEY_CLASSES_ROOT\SweetIM_URLSearchHook.ToolbarURLSearchHook.1] [HKEY_CLASSES_ROOT\TypeLib\{EEE6C35F-6118-11DC-9C72-001320C79847}] [HKEY_CLASSES_ROOT\SweetIM_URLSearchHook.ToolbarURLSearchHook] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360] "msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-02-06 3885408] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "WorksFUD"="c:\program files\Microsoft Works\wkfud.exe" [2000-07-12 24576] "NeroCheck"="c:\windows\system32\NeroCheck.exe" [2002-10-08 155648] "Microsoft Works Update Detection"="c:\program files\Microsoft Works\WkDetect.exe" [2000-08-04 28739] "InCD"="c:\program files\Ahead\InCD\InCD.exe" [2003-02-12 1232896] "QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2007-02-16 282624] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-10-22 7700480] "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2006-10-22 86016] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 39792] "AVP"="c:\program files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe" [2009-03-28 206088] "PCTVOICE"="pctspk.exe" [2001-09-07 c:\windows\system32\pctspk.exe] "nwiz"="nwiz.exe" [2006-10-22 c:\windows\system32\nwiz.exe] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-14 15360] c:\documents and settings\All Users.WINDOWS\Menu D‚marrer\Programmes\D‚marrage\ Logitech Desktop Messenger.lnk - c:\program files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe [2008-10-09 66864] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\fhcqgyzg.sys] @="Driver" [HKLM\~\startupfolder\C:^Documents and Settings^All Users.WINDOWS^Menu Démarrer^Programmes^Démarrage^BlueSoleil.lnk] path=c:\documents and settings\All Users.WINDOWS\Menu Démarrer\Programmes\Démarrage\BlueSoleil.lnk backup=c:\windows\pss\BlueSoleil.lnkCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^All Users.WINDOWS^Menu Démarrer^Programmes^Démarrage^Lancement rapide d'Adobe Reader.lnk] path=c:\documents and settings\All Users.WINDOWS\Menu Démarrer\Programmes\Démarrage\Lancement rapide d'Adobe Reader.lnk backup=c:\windows\pss\Lancement rapide d'Adobe Reader.lnkCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^All Users.WINDOWS^Menu Démarrer^Programmes^Démarrage^Microsoft Office.lnk] path=c:\documents and settings\All Users.WINDOWS\Menu Démarrer\Programmes\Démarrage\Microsoft Office.lnk backup=c:\windows\pss\Microsoft Office.lnkCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^All Users.WINDOWS^Menu Démarrer^Programmes^Démarrage^Rappels du Calendrier Microsoft Works.lnk] path=c:\documents and settings\All Users.WINDOWS\Menu Démarrer\Programmes\Démarrage\Rappels du Calendrier Microsoft Works.lnk backup=c:\windows\pss\Rappels du Calendrier Microsoft Works.lnkCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^Nouche^Menu Démarrer^Programmes^Démarrage^dcu.lnk] path=c:\documents and settings\Nouche\Menu Démarrer\Programmes\Démarrage\dcu.lnk backup=c:\windows\pss\dcu.lnkStartup [HKLM\~\startupfolder\C:^Documents and Settings^Nouche^Menu Démarrer^Programmes^Démarrage^reminder.lnk] path=c:\documents and settings\Nouche\Menu Démarrer\Programmes\Démarrage\reminder.lnk backup=c:\windows\pss\reminder.lnkStartup [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus] "DisableMonitoring"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\Messenger\\msmsgs.exe"= "c:\\WINDOWS\\system32\\fxsclnt.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Program Files\\IVT Corporation\\BlueSoleil\\BlueSoleil.exe"= "c:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"= "c:\\Program Files\\Digital Media Center\\DigitalMediaCenter.exe"= "c:\\Program Files\\Digital Media Center\\DMGateway.exe"= "c:\\Program Files\\Digital Media Center\\DMRecord.exe"= "c:\\Program Files\\Digital Media Center\\AppServer.exe"= "c:\\Program Files\\Digital Media Center\\httpd\\bin\\httpd.exe"= "c:\\Program Files\\Digital Media Center\\VLC\\vlc.exe"= "c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"= "c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= R0 BsStor;InCD Storage Helper Driver;c:\windows\system32\drivers\bsstor.sys [2006-09-02 9344] R0 klbg;Kaspersky Lab Boot Guard Driver;c:\windows\system32\drivers\klbg.sys [2008-01-29 33808] R2 BsUDF;InCD UDF Driver;c:\windows\system32\drivers\bsudf.sys [2006-09-02 389504] R2 Digital Media Gateway;Digital Media Gateway;c:\program files\Digital Media Center\DMGateway.exe [2008-01-14 8940177] R2 DigitalMediaHTTPd;Digital Media HTTPd;c:\program files\Digital Media Center\httpd\bin\httpd.exe [2007-09-21 17408] R2 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr_tdi.sys [2009-03-18 55152] R2 SeaPort;SeaPort;c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-01-14 226656] R3 fbxusb;Carte réseau virtuelle FreeBox USB;c:\windows\system32\drivers\fbxusb32.sys [2005-07-20 21344] R3 klim5;Kaspersky Anti-Virus NDIS Filter;c:\windows\system32\drivers\klim5.sys [2008-04-30 24592] S0 fhcqgyzg;fhcqgyzg;c:\windows\system32\drivers\fhcqgyzg.sys [2009-03-01 34016] S2 gupdate1c9897da9c924be;Google Update Service (gupdate1c9897da9c924be);c:\program files\Google\Update\GoogleUpdate.exe [2009-02-08 133104] S3 bchgxzfi;bchgxzfi;\??\c:\windows\System32\Drivers\bchgxzfi.sys --> c:\windows\System32\Drivers\bchgxzfi.sys [?] S3 bimcqwdb;bimcqwdb;\??\c:\windows\System32\Drivers\bimcqwdb.sys --> c:\windows\System32\Drivers\bimcqwdb.sys [?] S3 ccgnckrt;ccgnckrt;\??\c:\windows\System32\Drivers\ccgnckrt.sys --> c:\windows\System32\Drivers\ccgnckrt.sys [?] S3 dlecpscf;dlecpscf;\??\c:\windows\System32\Drivers\dlecpscf.sys --> c:\windows\System32\Drivers\dlecpscf.sys [?] S3 fophctni;fophctni;\??\c:\windows\System32\Drivers\fophctni.sys --> c:\windows\System32\Drivers\fophctni.sys [?] S3 fsssvc;Windows Live Contrôle parental;c:\program files\Windows Live\Family Safety\fsssvc.exe [2009-02-06 533360] S3 gavwnnqs;gavwnnqs;\??\c:\windows\System32\Drivers\gavwnnqs.sys --> c:\windows\System32\Drivers\gavwnnqs.sys [?] S3 gljhgnwy;gljhgnwy;\??\c:\windows\System32\Drivers\gljhgnwy.sys --> c:\windows\System32\Drivers\gljhgnwy.sys [?] S3 gydzahbm;gydzahbm;\??\c:\windows\System32\Drivers\gydzahbm.sys --> c:\windows\System32\Drivers\gydzahbm.sys [?] S3 inwcmbjm;inwcmbjm;\??\c:\windows\System32\Drivers\inwcmbjm.sys --> c:\windows\System32\Drivers\inwcmbjm.sys [?] S3 iosxbvxt;iosxbvxt;\??\c:\windows\System32\Drivers\iosxbvxt.sys --> c:\windows\System32\Drivers\iosxbvxt.sys [?] S3 jyrwfiin;jyrwfiin;\??\c:\windows\System32\Drivers\jyrwfiin.sys --> c:\windows\System32\Drivers\jyrwfiin.sys [?] S3 kfiulmju;kfiulmju;\??\c:\windows\System32\Drivers\kfiulmju.sys --> c:\windows\System32\Drivers\kfiulmju.sys [?] S3 llxvoydd;llxvoydd;\??\c:\windows\System32\Drivers\llxvoydd.sys --> c:\windows\System32\Drivers\llxvoydd.sys [?] S3 lqhhbapt;lqhhbapt;\??\c:\windows\System32\Drivers\lqhhbapt.sys --> c:\windows\System32\Drivers\lqhhbapt.sys [?] S3 nxrebods;nxrebods;\??\c:\windows\System32\Drivers\nxrebods.sys --> c:\windows\System32\Drivers\nxrebods.sys [?] S3 plzbwjtl;plzbwjtl;\??\c:\windows\System32\Drivers\plzbwjtl.sys --> c:\windows\System32\Drivers\plzbwjtl.sys [?] S3 qsqpelta;qsqpelta;\??\c:\windows\System32\Drivers\qsqpelta.sys --> c:\windows\System32\Drivers\qsqpelta.sys [?] S3 shhvomit;shhvomit;\??\c:\windows\System32\Drivers\shhvomit.sys --> c:\windows\System32\Drivers\shhvomit.sys [?] S3 swrfrphw;swrfrphw;\??\c:\windows\System32\Drivers\swrfrphw.sys --> c:\windows\System32\Drivers\swrfrphw.sys [?] S3 sysvydzr;sysvydzr;\??\c:\windows\System32\Drivers\sysvydzr.sys --> c:\windows\System32\Drivers\sysvydzr.sys [?] S3 uscvavyt;uscvavyt;\??\c:\windows\System32\Drivers\uscvavyt.sys --> c:\windows\System32\Drivers\uscvavyt.sys [?] S3 veeifsvo;veeifsvo;\??\c:\windows\System32\Drivers\veeifsvo.sys --> c:\windows\System32\Drivers\veeifsvo.sys [?] S3 vrjhnuaq;vrjhnuaq;\??\c:\windows\System32\Drivers\vrjhnuaq.sys --> c:\windows\System32\Drivers\vrjhnuaq.sys [?] S3 vyfgbpwy;vyfgbpwy;\??\c:\windows\System32\Drivers\vyfgbpwy.sys --> c:\windows\System32\Drivers\vyfgbpwy.sys [?] S3 xrfufqyi;xrfufqyi;\??\c:\windows\System32\Drivers\xrfufqyi.sys --> c:\windows\System32\Drivers\xrfufqyi.sys [?] S3 yapxlhdg;yapxlhdg;\??\c:\windows\System32\Drivers\yapxlhdg.sys --> c:\windows\System32\Drivers\yapxlhdg.sys [?] S3 ykntybwv;ykntybwv;\??\c:\windows\System32\Drivers\ykntybwv.sys --> c:\windows\System32\Drivers\ykntybwv.sys [?] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{baf8152c-bacc-11dc-8cfc-0007cb0000ff}] \Shell\AutoRun\command - F:\AutoTransfer.exe Contenu du dossier 'Tâches planifiées' 2008-10-28 c:\windows\Tasks\AppleSoftwareUpdate.job - c:\program files\Apple Software Update\SoftwareUpdate.exe [2006-10-10 17:13] 2009-04-02 c:\windows\Tasks\GoogleUpdateTaskMachine.job - c:\program files\Google\Update\GoogleUpdate.exe [2009-02-08 01:41] 2009-04-02 c:\windows\Tasks\User_Feed_Synchronization-{986C0A72-F7EF-4DEA-B0CD-689312CA55CF}.job - c:\windows\system32\msfeedssync.exe [2006-10-17 12:58] - - - - ORPHELINS SUPPRIMES - - - - WebBrowser-{EEE6C35B-6118-11DC-9C72-001320C79847} - c:\program files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll SafeBoot-OneCareMP MSConfigStartUp-SweetIM - c:\program files\Macrogaming\SweetIM\SweetIM.exe MSConfigStartUp-swg - c:\program files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe ------- Examen supplémentaire ------- IE: &Every Toolbar Search - c:\progra~1\EVERYT~1.1\everycom.dll/GoRSDN.dll.htm IE: &Search - http://edits.mywebsearch.com/toolbaredits/...?p=ZNxmk570YYFR (http://edits.mywebsearch.com/toolbaredits/...?p=ZNxmk570YYFR) IE: Convertir en Adobe PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html IE: Convertir en un fichier PDF existant - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html IE: Convertir la cible du lien en Adobe PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html IE: Convertir la cible du lien en un fichier PDF existant - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html IE: Convertir la sélection en Adobe PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html IE: Convertir la sélection en un fichier PDF existant - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html IE: Convertir les liens sélectionnés en fichier Adobe PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html IE: Convertir les liens sélectionnés en un fichier PDF existant - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~3\Office10\EXCEL.EXE/3000 Handler: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - c:\program files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll ************************************************************************** catchme 0.3.1375 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net (http://www.gmer.net) Rootkit scan 2009-04-02 17:32:48 Windows 5.1.2600 Service Pack 3 NTFS Recherche de processus cachés ... Recherche d'éléments en démarrage automatique cachés ... Recherche de fichiers cachés ... Scan terminé avec succès Fichiers cachés: 0 ************************************************************************** --------------------- CLES DE REGISTRE BLOQUEES --------------------- [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{2b2f2974-1b4e-49dc-ae30-027b3e97ca37}] @Denied: (Full) (Everyone) "Model"=dword:00000012 "Therad"=dword:00000016 [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{5ED60779-4DE2-4E07-B862-974CA4FF2E9C}] @Denied: (Full) (Everyone) "scansk"=hex(0):7e,e4,c4,0f,f0,34,38,78,e6,e5,31,ea,62,2c,06,c1,ba,8a,09,a9,c6, 63,64,5d,17,27,c5,35,96,21,da,19,1d,3e,51,e7,9b,3a,dc,dc,00,00,00,00,00,00,\ ------------------------ Autres processus actifs ------------------------ c:\program files\IVT Corporation\BlueSoleil\BTNtService.exe c:\program files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe c:\windows\system32\nvsvc32.exe c:\windows\system32\snmp.exe c:\windows\system32\fxssvc.exe c:\windows\system32\wscntfy.exe ************************************************************************** Heure de fin: 2009-04-02 17:51:50 - La machine a redémarré ComboFix-quarantined-files.txt 2009-04-02 15:51:43 Avant-CF: 30 935 633 920 octets libres Après-CF: 32,722,644,992 octets libres WindowsXP-KB310994-SP2-Home-BootDisk-FRA.exe [boot loader] timeout=2 default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS [operating systems] c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP ?dition familiale" /fastdetect /NoExecute=OptIn 261 --- E O F --- 2009-03-19 17:51:02
×
×
  • Créer...