Aller au contenu

golfbird

Membres
 Afficher le profil  Afficher son activité

  • Compteur de contenus

    1

  • Inscription

  • Dernière visite

 Type de contenu 

Tout ce qui a été posté par golfbird

  1. golfbird
    Bonjour, Ayant une infection que je ne peux éradiquer avec mon antivirus et autres antimalwares j'ai utilisé combofix et ai obtenu le rapport suivant. Quelqu'un pourrait il m'éclairer sur la marche à suivre ? Merci Microsoft Windows 7 Édition Familiale Premium 6.1.7600.0.1252.33.1036.18.3071.2061 [GMT 2:00] Lancé depuis: c:\users\Beaufranc\Desktop\ComboFix.exe . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . c:\program files\Common Files\Real\Update_OB\lang\faust_fr.dll c:\program files\Common Files\Real\Update_OB\lang\rpsearch_fr.dll c:\program files\Real\RealPlayer\converter\rnuninst_fr.dll c:\program files\Real\RealPlayer\lang\cdplay_fr.dll c:\program files\Real\RealPlayer\lang\dbcomp_fr.dll c:\program files\Real\RealPlayer\lang\embed_fr.dll c:\program files\Real\RealPlayer\lang\gemctl_fr.dll c:\program files\Real\RealPlayer\lang\mydevices_fr.dll c:\program files\Real\RealPlayer\lang\pngui_fr.dll c:\program files\Real\RealPlayer\lang\rjctl_fr.dll c:\program files\Real\RealPlayer\lang\rjdlg_fr.dll c:\program files\Real\RealPlayer\lang\rjeq_fr.dll c:\program files\Real\RealPlayer\lang\rjfade_fr.dll c:\program files\Real\RealPlayer\lang\rjmisc_fr.dll c:\program files\Real\RealPlayer\lang\rjprog_fr.dll c:\program files\Real\RealPlayer\lang\rjres_fr.dll c:\program files\Real\RealPlayer\lang\rjskin_fr.dll c:\program files\Real\RealPlayer\lang\rjviz_fr.dll c:\program files\Real\RealPlayer\lang\rjwma_fr.dll c:\program files\Real\RealPlayer\lang\rnuninst_fr.dll c:\program files\Real\RealPlayer\lang\rpapp_fr.dll c:\program files\Real\RealPlayer\lang\rpbgr_fr.dll c:\program files\Real\RealPlayer\lang\rpbrp_fr.dll c:\program files\Real\RealPlayer\lang\rpclsvc_fr.dll c:\program files\Real\RealPlayer\lang\rpclutil_fr.dll c:\program files\Real\RealPlayer\lang\rpdemand_fr.dll c:\program files\Real\RealPlayer\lang\rpdsplyr_fr.dll c:\program files\Real\RealPlayer\lang\rpext_fr.dll c:\program files\Real\RealPlayer\lang\rpgutil_fr.dll c:\program files\Real\RealPlayer\lang\rpmnpane_fr.dll c:\program files\Real\RealPlayer\lang\rpplylst_fr.dll c:\program files\Real\RealPlayer\lang\rpsearch_fr.dll c:\program files\Real\RealPlayer\lang\rpwebctl_fr.dll c:\program files\Real\RealPlayer\lang\systray_fr.dll c:\program files\Real\RealPlayer\lang\tcdinfo_fr.dll c:\program files\Real\RealPlayer\lang\tclsvc_fr.dll c:\program files\Real\RealPlayer\lang\tdwnmgr_fr.dll c:\program files\Real\RealPlayer\lang\tearm_fr.dll c:\program files\Real\RealPlayer\lang\teasdk_fr.dll c:\program files\Real\RealPlayer\lang\tmdedit_fr.dll c:\program files\Real\RealPlayer\lang\tmp3_fr.dll c:\program files\Real\RealPlayer\lang\twave_fr.dll c:\program files\Real\RealPlayer\lang\upgrdhlp_fr.dll c:\program files\Real\RealPlayer\lang\upgrdlib_fr.dll c:\users\Beaufranc\AppData\Roaming\BITS c:\users\Beaufranc\AppData\Roaming\BITS\BITS.ini c:\users\Beaufranc\AppData\Roaming\BITS\DHTTable.dat c:\users\Beaufranc\AppData\Roaming\BITS\ProxyList.ini c:\users\Beaufranc\AppData\Roaming\BITS\UPnP.ini c:\users\Beaufranc\AppData\Roaming\FlashGetBHO c:\users\Beaufranc\AppData\Roaming\FlashGetBHO\GetAllUrl.htm c:\users\Beaufranc\AppData\Roaming\FlashGetBHO\GetUrl.htm c:\windows\system32\secushr.dat c:\windows\system32\secustat.dat D:\resycled E:\resycled F:\resycled . ((((((((((((((((((((((((((((( Fichiers créés du 2010-05-24 au 2010-06-24 )))))))))))))))))))))))))))))))))))) . 2010-06-24 09:31 . 2010-06-24 09:31 -------- d-----w- c:\users\Beaufranc\AppData\Local\temp 2010-06-24 09:31 . 2010-06-24 09:31 -------- d-----w- c:\users\Default\AppData\Local\temp 2010-06-23 13:08 . 2010-06-23 13:08 -------- d-----w- c:\users\Beaufranc\AppData\Roaming\Malwarebytes 2010-06-23 13:08 . 2010-04-29 13:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2010-06-23 13:08 . 2010-06-23 13:08 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2010-06-23 13:08 . 2010-06-23 13:08 -------- d-----w- c:\programdata\Malwarebytes 2010-06-23 13:08 . 2010-04-29 13:39 20952 ----a-w- c:\windows\system32\drivers\mbam.sys 2010-06-17 14:41 . 2010-06-17 14:41 -------- d-----w- c:\users\Beaufranc\AppData\Roaming\Uniblue 2010-06-14 13:42 . 2010-06-14 13:42 3648 ------w- C:\bootsqm.dat 2010-06-09 06:29 . 2010-05-21 05:18 977920 ----a-w- c:\windows\system32\wininet.dll 2010-06-09 06:29 . 2010-03-05 07:42 67584 ----a-w- c:\windows\system32\asycfilt.dll 2010-06-09 06:29 . 2010-05-01 14:49 2326528 ----a-w- c:\windows\system32\win32k.sys 2010-06-09 06:29 . 2010-05-27 07:24 34304 ----a-w- c:\windows\system32\atmlib.dll 2010-06-09 06:29 . 2010-05-27 03:49 293888 ----a-w- c:\windows\system32\atmfd.dll 2010-05-29 23:51 . 2010-04-23 07:13 2048 ----a-w- c:\windows\system32\tzres.dll . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2010-06-23 09:35 . 2009-12-19 13:03 -------- d-----w- c:\users\Beaufranc\AppData\Roaming\FileZilla 2010-06-23 09:16 . 2009-07-14 08:39 695004 ----a-w- c:\windows\system32\perfh00C.dat 2010-06-23 09:16 . 2009-07-14 08:39 127684 ----a-w- c:\windows\system32\perfc00C.dat 2010-06-19 21:10 . 2009-12-19 13:03 -------- d-----w- c:\program files\FileZilla FTP Client 2010-06-09 21:24 . 2010-06-09 21:24 16 ----a-w- c:\users\Beaufranc\AppData\Roaming\ohipmn.dat 2010-06-09 06:34 . 2009-12-21 08:52 -------- d-----w- c:\program files\Microsoft Silverlight 2010-06-07 07:01 . 2010-01-22 21:34 -------- d-----w- c:\users\Beaufranc\AppData\Roaming\XnView 2010-05-29 23:54 . 2010-01-22 10:59 -------- d-----w- c:\program files\TuneUp Utilities 2010 2010-05-28 20:49 . 2010-05-06 11:46 -------- d-----w- c:\program files\Glary Utilities 2010-05-11 21:56 . 2009-07-14 02:37 -------- d-----w- c:\program files\Windows Mail 2010-05-09 09:56 . 2010-05-09 09:56 49152 ----a-w- c:\programdata\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext\Components\nprpffbrowserrecordext.dll 2010-05-09 09:56 . 2010-05-09 09:56 45056 ----a-w- c:\programdata\Real\RealPlayer\BrowserRecordPlugin\ThinShims\rpnpshimwmp.dll 2010-05-09 09:56 . 2010-05-09 09:56 45056 ----a-w- c:\programdata\Real\RealPlayer\BrowserRecordPlugin\ThinShims\rpnpshimswf.dll 2010-05-09 09:56 . 2010-05-09 09:56 45056 ----a-w- c:\programdata\Real\RealPlayer\BrowserRecordPlugin\ThinShims\rpnpshimrp.dll 2010-05-09 09:56 . 2010-05-09 09:56 45056 ----a-w- c:\programdata\Real\RealPlayer\BrowserRecordPlugin\ThinShims\rpnpshimqt.dll 2010-05-09 09:56 . 2010-05-09 09:56 40960 ----a-w- c:\programdata\Real\RealPlayer\BrowserRecordPlugin\Chrome\Hook\rpchromebrowserrecordhelper.dll 2010-05-09 09:56 . 2010-05-09 09:56 308808 ----a-w- c:\programdata\Real\RealPlayer\BrowserRecordPlugin\Common\rpmainbrowserrecordplugin.dll 2010-05-09 09:56 . 2010-05-09 09:56 14848 ----a-w- c:\programdata\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll 2010-05-09 09:56 . 2010-05-09 09:56 341600 ----a-w- c:\programdata\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll 2010-05-09 09:56 . 2010-05-09 09:55 -------- d-----w- c:\program files\Common Files\Real 2010-05-09 09:56 . 2010-05-09 09:55 -------- d-----w- c:\program files\Real 2010-05-09 09:55 . 2010-05-09 09:55 -------- d-----w- c:\program files\Common Files\xing shared 2010-05-09 09:55 . 2003-03-18 18:14 499712 ----a-w- c:\windows\system32\msvcp71.dll 2010-05-09 09:55 . 2003-02-21 02:42 348160 ----a-w- c:\windows\system32\msvcr71.dll 2010-05-07 16:07 . 2010-01-22 11:00 30536 ----a-w- c:\windows\system32\TURegOpt.exe 2010-05-07 16:01 . 2010-01-22 11:00 21320 ----a-w- c:\windows\system32\authuitu.dll 2010-05-07 16:01 . 2010-01-22 11:00 30024 ----a-w- c:\windows\system32\uxtuneup.dll 2010-05-06 11:35 . 2010-05-06 11:35 639296 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll 2010-04-27 06:32 . 2010-01-25 10:01 -------- d-----w- c:\programdata\NVIDIA 2010-04-26 10:39 . 2010-04-26 10:38 -------- d-----w- c:\program files\NVIDIA Corporation 2010-04-26 10:38 . 2009-12-28 13:22 -------- d-----w- c:\program files\AGEIA Technologies 2010-04-22 13:42 . 2010-04-22 13:42 3584 ----a-r- c:\users\Beaufranc\AppData\Roaming\Microsoft\Installer\{121634B0-2F4B-11D3-ADA3-00C04F52DD52}\Icon386ED4E3.exe 2010-04-20 14:35 . 2010-01-22 11:00 30024 ----a-w- c:\windows\system32\uxtFDE4.tmp 2010-04-05 06:28 . 2009-07-24 10:26 291352 ----a-w- c:\windows\system32\drivers\bdfsfltr.sys 2009-06-10 21:26 . 2009-07-14 02:04 9633792 --sha-r- c:\windows\Fonts\StaticCache.dat 2010-01-20 22:53 . 2010-01-20 22:41 952 --sha-w- c:\windows\System32\KGyGaAvL.sys 2009-07-14 01:14 . 2009-07-13 23:42 396800 --sha-w- c:\windows\winsxs\x86_microsoft-windows-mail-app_31bf3856ad364e35_6.1.7600.16385_none_f12e83abb108c86c\WinMail.exe . ((((((((((((((((((((((((((((((((( Points de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés REGEDIT4 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "BDAgent"="c:\program files\BitDefender\BitDefender 2010\bdagent.exe" [2010-04-05 1123360] "BitDefender Antiphishing Helper"="c:\program files\BitDefender\BitDefender 2010\IEShow.exe" [2009-10-19 71152] "RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2010-01-19 8452640] "Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2010-04-29 437584] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) "ConsentPromptBehaviorAdmin"= 0 (0x0) "EnableLUA"= 0 (0x0) "PromptOnSecureDesktop"= 0 (0x0) [HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Microsoft Office.lnk] backup=c:\windows\pss\Microsoft Office.lnk.CommonStartup backupExtension=.CommonStartup [HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Mémento.lnk] backup=c:\windows\pss\Mémento.lnk.CommonStartup backupExtension=.CommonStartup [HKLM\~\startupfolder\C:^Users^Beaufranc^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^PopTray.lnk] backup=c:\windows\pss\PopTray.lnk.Startup backupExtension=.Startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM] 2010-03-24 18:17 952768 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher] 2010-04-04 05:42 36272 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FaxCenterServer] 2007-06-11 13:55 316336 ----a-w- c:\program files\Lexmark Fax Solutions\fm3032.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\lxdeamon] 2007-06-01 08:06 20480 ----a-w- c:\program files\Lexmark 4800 Series\lxdeamon.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\lxdemon.exe] 2007-06-11 13:53 455600 ----a-w- c:\program files\Lexmark 4800 Series\lxdemon.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl] 2010-01-19 18:10 8452640 ------w- c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] 2010-02-18 09:43 248040 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg] 2010-02-20 15:40 39408 ----a-w- c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe] 2010-05-09 09:55 202256 ----a-w- c:\program files\Common Files\Real\Update_OB\realsched.exe R2 gupdate;Service Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-02-20 135664] R2 lxdeCATSCustConnectService;lxdeCATSCustConnectService;c:\windows\system32\spool\DRIVERS\W32X86\3\\lxdeserv.exe [2007-05-29 99248] R3 Arrakis3;BitDefender Serveur Arrakis;c:\program files\Common Files\BitDefender\BitDefender Arrakis Server\bin\arrakis3.exe [2009-10-19 183880] R3 BDFM;BDFM;c:\windows\system32\DRIVERS\bdfm.sys [2010-02-11 153448] S1 bdfwfpf;bdfwfpf;c:\program files\Common Files\BitDefender\BitDefender Firewall\bdfwfpf.sys [2010-05-06 79952] S2 lxde_device;lxde_device;c:\windows\system32\lxdecoms.exe [2007-05-29 598960] S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [2010-04-29 304464] S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe [2010-05-07 1051976] S3 acpials;Filtre du capteur de lumière ambiante;c:\windows\system32\DRIVERS\acpials.sys [2009-07-13 7680] S3 ATSwpWDF;AuthenTec TruePrint USB WBF WDF Driver;c:\windows\system32\Drivers\ATSwpWDF.sys [2009-12-03 625224] S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2010-04-29 20952] S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [2010-04-29 38224] S3 netw5v32;Pilote de carte de liaison WiFi sans fil Intel® 5000 Series pour Windows Vista 32 bits;c:\windows\system32\DRIVERS\netw5v32.sys [2009-07-13 4231168] S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda32v.sys [2010-01-28 68200] S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2009-08-19 189440] S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys [2009-10-14 10064] --- Autres Services/Pilotes en mémoire --- *NewlyCreated* - 26AAE74F *NewlyCreated* - 6EA57AD0 *NewlyCreated* - MBAMPROTECTOR *NewlyCreated* - MBAMSWISSARMY *Deregistered* - 26aae74f *Deregistered* - 6ea57ad0 [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] bdx REG_MULTI_SZ scan HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs UxTuneUp . Contenu du dossier 'Tâches planifiées' 2010-06-23 c:\windows\Tasks\GlaryInitialize.job - c:\program files\Glary Utilities\initialize.exe [2010-05-06 08:01] 2010-06-23 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-02-20 15:57] 2010-06-24 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-02-20 15:57] . . ------- Examen supplémentaire ------- . uStart Page = file:///C:/Users/Beaufranc/Documents/Mes%20sites%20Web/D%E9marrageIE/index.htm IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html IE: Télécharger en utilisant Download &Express - c:\program files\Download Express\Add_Url.htm Trusted Zone: kuaiche.com\software Name-Space Handler: ftp\HIEClickCatcher - {E131C96E-4DDB-11D4-84B8-008048B33DEA} - c:\progra~1\DOWNLO~1\mdpph.dll Name-Space Handler: http\HIEClickCatcher - {E131C96E-4DDB-11D4-84B8-008048B33DEA} - c:\progra~1\DOWNLO~1\mdpph.dll Name-Space Handler: https\HIEClickCatcher - {E131C96E-4DDB-11D4-84B8-008048B33DEA} - c:\progra~1\DOWNLO~1\mdpph.dll DPF: {04CB5B64-5915-4629-B869-8945CEBADD21} - hxxps://static.impots.gouv.fr/abos/static/securite/certdgi1.cab FF - ProfilePath - c:\users\Beaufranc\AppData\Roaming\Mozilla\Firefox\Profiles\tbgvtxjb.default\ FF - prefs.js: browser.startup.homepage - c:\\Users\\Beaufranc\\Documents\\Mes sites Web\\DémarrageIE\\index.htm FF - plugin: c:\program files\Google\Update\1.2.183.29\npGoogleOneClick8.dll FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll FF - plugin: c:\programdata\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll ---- PARAMETRES FIREFOX ---- FF - user.js: network.http.max-persistent-connections-per-server - 4 FF - user.js: nglayout.initialpaint.delay - 600 FF - user.js: content.notify.interval - 600000 FF - user.js: content.max.tokenizing.time - 1800000 FF - user.js: content.switch.threshold - 600000 d:\program files\FireFox\greprefs\all.js - pref("ui.use_native_colors", true); d:\program files\FireFox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false); d:\program files\FireFox\greprefs\all.js - pref("svg.smil.enabled", false); d:\program files\FireFox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties"); d:\program files\FireFox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties"); d:\program files\FireFox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false); . - - - - ORPHELINS SUPPRIMES - - - - Toolbar-Locked - (no file) MSConfigStartUp-SpybotSD TeaTimer - c:\program files\Spybot - Search & Destroy\TeaTimer.exe . --------------------- CLES DE REGISTRE BLOQUEES --------------------- [HKEY_USERS\S-1-5-21-2936227520-3949034871-3895078191-1000_Classes\CLSID\{5ED60779-4DE2-4E07-B862-974CA4FF2E9C}] @Denied: (Full) (Everyone) @Allowed: (Read) (RestrictedCode) "scansk"=hex(0):a7,c1,29,6e,fa,63,a3,0f,3c,36,a2,2f,23,2a,9b,97,de,46,f4,6c,80, 8e,c8,52,b4,de,86,66,df,62,09,ef,86,9b,f0,9d,92,37,b7,fb,00,00,00,00,00,00,\ [HKEY_USERS\S-1-5-21-2936227520-3949034871-3895078191-1000_Classes\CLSID\{7B8E9164-324D-4A2E-A46D-0165FB2000EC}] @Denied: (Full) (Everyone) "scansk"=hex(0):7a,9b,c5,42,e3,f7,d5,2e,83,b5,eb,63,e4,4e,0a,a7,f9,c5,0a,a1,c5, 1e,da,47,56,6d,82,70,ff,52,b5,e0,56,03,0d,c5,e9,cc,13,3e,00,00,00,00,00,00,\ [HKEY_USERS\S-1-5-21-2936227520-3949034871-3895078191-1000_Classes\CLSID\{ac31aad2-4205-4c89-817a-5e2fab0ede2b}] @Denied: (Full) (Everyone) @Allowed: (Read) (RestrictedCode) "Model"=dword:0000005d "Therad"=dword:00000001 "MData"=hex(0):73,d5,cf,b8,a4,07,89,80,31,e4,35,6b,2a,ca,fe,43,b6,1f,81,1f,5a, 1b,4d,36,46,8f,3c,f2,5c,68,ee,21,46,8f,3c,f2,5c,68,ee,21,46,8f,3c,f2,5c,68,\ [HKEY_USERS\S-1-5-21-2936227520-3949034871-3895078191-1000_Classes\CLSID\{ee55b6aa-67ba-4e02-8817-bfebb5f80eb2}] @Denied: (Full) (Everyone) @Allowed: (Read) (RestrictedCode) "Model"=dword:00000027 "Therad"=dword:00000014 [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10h_ActiveX.exe,-101" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation] "Enabled"=dword:00000001 [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32] @="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10h_ActiveX.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}] @Denied: (A 2) (Everyone) @="IFlashBroker4" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . Heure de fin: 2010-06-24 11:34:03 ComboFix-quarantined-files.txt 2010-06-24 09:34 Avant-CF: 131 429 048 320 octets libres Après-CF: 131 171 315 712 octets libres - - End Of File - - B7E47FDFAC6C6CEB030269AE3DC6C67F
×
×
  • Créer...