Aller au contenu

charlaire

Membres
 Afficher le profil  Afficher son activité

  • Compteur de contenus

    1

  • Inscription

  • Dernière visite

Autres informations

  • Mes langues
    français

charlaire's Achievements

Junior Member

Junior Member (3/12)

-1

Réputation sur la communauté

  1. charlaire
    Bonjour, Il y a quelques jours, une alerte d' avira antivir me signale : "Dans le fichier 'C:\Windows\Temp\3b2b7ebf.tmp' un virus ou un programme indésirable 'TR/Ransom.Digitala.aqf' [trojan] a été détecté. Action exécutée : Refuser l'accès". suivie d'une 2eme alerte : "Dans le fichier 'C:\Windows\Temp\90663b91.tmp' un virus ou un programme indésirable 'TR/Ransom.Digitala.arp' [trojan] a été détecté. Action exécutée : Refuser l'accès". J'ai redémarré le PC, mais rebelote dés que je lance une page internet. donc j'ai fait une analyse compléte qui a repris les mêmes alertes, puis j'ai fait une analyse avec : ccleaner, spybot, malwarebyte, et AVG anti-antispyware : aucun ne signale de probléme, j'ai fait une analyse en ligne RAS. J'ai fait des recherches sur google, j'ai trouvé des solutions pour des particuliers, mais il faut passer par un rapport hijackis...mais le changement sur le registre ne correspond pas à mon probléme. J'ai essayé de restaurer à une date antérieure ça ne change pas les choses (mais peut-être n'ai-je pas fait comme il faut). J'ai essayé en supprimer le dossier temporaires dans windows/temp... Mais aucune de mes manipulations ne me débarrasse de ce trojan. J'ai suivi les conseils d'un forum "les delliens", qui m'a demandé de faire combofix, je leur ai envoyé mon rapport mais malheureusement ils séchent. Pourriez-vous me dire ce que vous en pensez ? ComboFix 10-07-15.03 - Sand 16/07/2010 18:32:28.1.2 - x86 Microsoft® Windows Vista™ Édition Familiale Premium 6.0.6002.2.1252.33.1036.18.3066.1971 [GMT 2:00] Lancé depuis: c:\users\Sand\Desktop\ComboFix.exe SP: AVG Anti-Spyware *disabled* (Outdated) {48F2E28D-ED66-4646-9C11-B3055B0AF604} SP: Spybot - Search and Destroy *disabled* (Outdated) {ED588FAF-1B8F-43B4-ACA8-8E3C85DADBE9} SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46} . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . c:\system volume information\SystemRestore c:\system volume information\SystemRestore\FRStaging\Windows\bthservsdp.dat c:\system volume information\SystemRestore\FRStaging\Windows\inf\drvindex.dat c:\system volume information\SystemRestore\FRStaging\Windows\inf\INFCACHE.1 c:\system volume information\SystemRestore\FRStaging\Windows\inf\infpub.dat c:\system volume information\SystemRestore\FRStaging\Windows\inf\infstor.dat c:\system volume information\SystemRestore\FRStaging\Windows\inf\infstrng.dat c:\system volume information\SystemRestore\FRStaging\Windows\inf\WmiApRpl\0009\WmiApRpl.ini c:\system volume information\SystemRestore\FRStaging\Windows\inf\WmiApRpl\000C\WmiApRpl.ini c:\system volume information\SystemRestore\FRStaging\Windows\inf\WmiApRpl\WmiApRpl.h c:\system volume information\SystemRestore\FRStaging\Windows\System32\catroot2\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}\catdb c:\system volume information\SystemRestore\FRStaging\Windows\System32\catroot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb c:\system volume information\SystemRestore\FRStaging\Windows\System32\catroot2\edb.chk c:\users\Sand\AppData\Roaming\.# c:\windows\system32\st326047.dll . ((((((((((((((((((((((((((((( Fichiers créés du 2010-06-16 au 2010-07-16 )))))))))))))))))))))))))))))))))))) . 2010-07-15 16:27 . 2010-07-15 16:27 95232 ----a-w- c:\programdata\Installations\{225DB4AA-3CFF-47E8-B3C8-6DAD713E986E}\Installer\CommonCustomActions\pcswpcsi.exe 2010-07-15 16:27 . 2010-07-15 16:27 8192 ----a-w- c:\programdata\Installations\{225DB4AA-3CFF-47E8-B3C8-6DAD713E986E}\Installer\CommonCustomActions\UninstCCD.exe 2010-07-15 16:27 . 2010-07-15 16:27 61440 ----a-w- c:\programdata\Installations\{225DB4AA-3CFF-47E8-B3C8-6DAD713E986E}\Installer\CommonCustomActions\UninstPCSFEMsi.exe 2010-07-15 16:27 . 2010-07-15 16:27 10240 ----a-w- c:\programdata\Installations\{225DB4AA-3CFF-47E8-B3C8-6DAD713E986E}\Installer\CommonCustomActions\UninstPCS.exe 2010-07-14 19:52 . 2010-07-14 20:01 -------- d-----w- c:\programdata\PC Tools 2010-07-14 19:49 . 2010-07-14 19:52 -------- d-----w- c:\users\Sand\AppData\Roaming\GetRightToGo 2010-07-14 11:36 . 2010-07-14 15:09 -------- d-----w- c:\windows\system32\MpEngineStore 2010-06-24 19:31 . 2010-06-24 19:31 -------- d-----w- c:\program files\Microsoft.NET 2010-06-22 20:19 . 2009-11-08 08:55 99176 ----a-w- c:\windows\system32\PresentationHostProxy.dll 2010-06-22 20:19 . 2009-11-08 08:55 49472 ----a-w- c:\windows\system32\netfxperf.dll 2010-06-22 20:19 . 2009-11-08 08:55 297808 ----a-w- c:\windows\system32\mscoree.dll 2010-06-22 20:19 . 2009-11-08 08:55 295264 ----a-w- c:\windows\system32\PresentationHost.exe 2010-06-22 20:19 . 2009-11-08 08:55 1130824 ----a-w- c:\windows\system32\dfshim.dll 2010-06-22 18:48 . 2010-04-16 16:43 28672 ----a-w- c:\windows\system32\Apphlpdm.dll 2010-06-22 18:48 . 2010-04-16 14:39 4240384 ----a-w- c:\windows\system32\GameUXLegacyGDFs.dll . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2010-07-16 16:22 . 2009-12-30 10:16 -------- d-----w- c:\programdata\Spybot - Search & Destroy 2010-07-15 20:35 . 2008-11-25 10:21 12 ----a-w- c:\windows\bthservsdp.dat 2010-07-15 19:32 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail 2010-07-15 16:27 . 2010-02-06 15:07 -------- d-----w- c:\programdata\Installations 2010-07-14 20:26 . 2008-01-21 08:40 679042 ----a-w- c:\windows\system32\perfh00C.dat 2010-07-14 20:26 . 2008-01-21 08:40 126626 ----a-w- c:\windows\system32\perfc00C.dat 2010-07-14 15:35 . 2010-05-14 21:08 -------- d-----w- c:\users\Sand\AppData\Roaming\vlc 2010-06-09 09:42 . 2010-06-09 09:42 653576 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll 2010-06-03 20:41 . 2009-04-18 08:33 6944 ----a-w- c:\users\Sand\AppData\Local\d3d9caps.dat 2010-05-29 16:00 . 2009-04-05 15:12 19380 ----a-w- c:\users\Sand\AppData\Roaming\wklnhst.dat 2010-05-26 17:06 . 2010-06-14 15:32 34304 ----a-w- c:\windows\system32\atmlib.dll 2010-05-26 14:47 . 2010-06-14 15:32 289792 ----a-w- c:\windows\system32\atmfd.dll 2010-05-21 12:14 . 2009-10-02 18:45 221568 ------w- c:\windows\system32\MpSigStub.exe 2010-05-15 15:38 . 2010-05-15 15:39 411368 ----a-w- c:\windows\system32\deployJava1.dll 2010-05-04 05:59 . 2010-06-14 15:39 916480 ----a-w- c:\windows\system32\wininet.dll 2010-05-04 05:55 . 2010-06-14 15:39 71680 ----a-w- c:\windows\system32\iesetup.dll 2010-05-04 05:55 . 2010-06-14 15:39 109056 ----a-w- c:\windows\system32\iesysprep.dll 2010-05-04 04:31 . 2010-06-14 15:39 133632 ----a-w- c:\windows\system32\ieUnatt.exe 2010-05-01 14:13 . 2010-06-14 15:30 2037248 ----a-w- c:\windows\system32\win32k.sys 2010-04-23 14:13 . 2010-05-26 08:15 2048 ----a-w- c:\windows\system32\tzres.dll 2008-11-25 10:31 . 2008-11-25 10:31 74 --sha-r- c:\windows\CT4CET.bin 2008-11-25 18:44 . 2008-11-25 18:43 8192 --sha-w- c:\windows\Users\Default\NTUSER.DAT . ((((((((((((((((((((((((((((((((( Points de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés REGEDIT4 [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{0F6E720A-1A6B-40E1-A294-1D4D19F156C8}] 2009-10-15 08:53 165184 ----a-w- c:\program files\SFR\Kit\SFRNavErrorHelper.dll [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 125952] "Connexion SFR 9props.exe"="c:\program files\SFR\Kit\9props.exe" [2009-10-15 959808] "WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-21 202240] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2008-01-21 1008184] "Apoint"="c:\program files\DellTPad\Apoint.exe" [2008-08-25 200704] "StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2008-01-21 61440] "WheelMouse"="c:\advanc~1\wh_exec.exe" [2007-03-11 86016] "SysTrayApp"="c:\program files\IDT\WDM\sttray.exe" [2008-08-25 442460] "PCMService"="c:\program files\Dell\MediaDirect\PCMService.exe" [2008-07-04 132392] "dellsupportcenter"="c:\program files\Dell Support Center\bin\sprtcmd.exe" [2008-10-04 206064] "!AVG Anti-Spyware"="c:\program files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [2007-06-11 6731312] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-06-09 976832] "avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-02-18 248040] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-06-20 35760] c:\users\Invit‚\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ Dell Dock.lnk - c:\program files\Dell\DellDock\DellDock.exe [2008-9-23 1295656] c:\users\Sand\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ Dell Dock.lnk - c:\program files\Dell\DellDock\DellDock.exe [2008-9-23 1295656] c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2008-6-5 752168] QuickSet.lnk - c:\program files\Dell\QuickSet\quickset.exe [2008-7-31 1616976] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableUIADesktopToggle"= 0 (0x0) [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\GoToAssist] 2008-11-25 10:38 10536 ----a-w- c:\program files\Citrix\GoToAssist\514\g2awinlogon.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows] "AppInit_DLLs"=c:\progra~1\Google\GOOGLE~3\GoogleDesktopNetwork3.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AVG Anti-Spyware Guard] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] @="Driver" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend] @="Service" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaMServer] c:\program files\Common Files\Nokia\MPlatform\NokiaMServer [X] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher] 2010-06-20 02:04 35760 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Dell Webcam Central] 2008-06-03 14:54 446635 ----a-w- c:\program files\Dell Webcam\Dell Webcam Central\WebcamDell.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Desktop Search] 2009-12-08 18:57 30192 ----a-w- c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SightSpeed] 2008-08-15 21:03 4812664 ----a-w- c:\program files\Dell Video Chat\DellVideoChat.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomTomHOME.exe] 2010-05-07 12:36 247144 ----a-w- c:\program files\TomTom HOME 2\TomTomHOMERunner.exe [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc] "VistaSp2"=hex(b):4f,f8,42,f6,70,30,ca,01 R0 TfFsMon;TfFsMon;c:\windows\system32\drivers\TfFsMon.sys [x] R0 TfSysMon;TfSysMon;c:\windows\system32\drivers\TfSysMon.sys [x] R1 xdovzsps;xdovzsps;c:\windows\system32\drivers\xdovzsps.sys [x] R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] R3 CnxEtP;ZTE ZXDSL852 Adapter Filter Driver;c:\windows\system32\DRIVERS\CnxEtP.sys [x] R3 CnxEtU;ZTE ZXDSL852 Interface Device Driver;c:\windows\system32\DRIVERS\CnxEtU.sys [x] R3 CnxTgNW;ZTE ZXDSL852 WAN PPPoA Adapter Driver;c:\windows\system32\DRIVERS\CnxTgNW.sys [x] R3 GoogleDesktopManager-110309-193829;Google Desktop Manager 5.9.911.3589;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [2009-12-08 30192] R3 TfNetMon;TfNetMon;c:\windows\system32\drivers\TfNetMon.sys [x] R3 WPFFontCache_v0400;Cache de police de Windows Presentation Foundation 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504] S2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt.inf_2ba5baa4\aestsrv.exe [2008-08-25 73728] S2 AntiVirSchedulerService;Avira AntiVir Planificateur;c:\program files\Avira\AntiVir Desktop\sched.exe [2009-05-13 108289] S2 DockLoginService;Dock Login Service;c:\program files\Dell\DellDock\DockLogin.exe [2008-09-23 155648] S2 SBSDWSCService;SBSD Security Center Service;c:\program files\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368] S2 TomTomHOMEService;TomTomHOMEService;c:\program files\TomTom HOME 2\TomTomHOMEService.exe [2010-05-07 92008] S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2008-06-16 29736] S3 itecir;ITECIR Infrared Receiver;c:\windows\system32\DRIVERS\itecir.sys [2008-08-25 54784] S3 k57nd60x;Broadcom NetLink Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60x.sys [2008-08-25 203264] S3 NETw5v32;Pilote de carte Intel® Wireless WiFi Link pour Windows Vista 32 bits ;c:\windows\system32\DRIVERS\NETw5v32.sys [2008-07-04 3663360] S3 OA001Ufd;Creative Camera OA001 Upper Filter Driver;c:\windows\system32\DRIVERS\OA001Ufd.sys [2009-03-06 133632] S3 OA001Vid;Creative Camera OA001 Function Driver;c:\windows\system32\DRIVERS\OA001Vid.sys [2009-03-08 280096] S3 whfltr2k;WheelMouse USB Lower Filter Driver;c:\windows\system32\DRIVERS\whfltr2k.sys [2007-01-25 6784] --- Autres Services/Pilotes en mémoire --- *Deregistered* - lxwaq *Deregistered* - tescsx [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] bthsvcs REG_MULTI_SZ BthServ LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache . Contenu du dossier 'Tâches planifiées' 2010-07-15 c:\windows\Tasks\Spybot - Search & Destroy - Scheduled Task.job - c:\program files\Spybot - Search & Destroy\SpybotSD.exe [2009-12-30 14:31] 2010-07-16 c:\windows\Tasks\User_Feed_Synchronization-{07B1D66E-69A3-4D78-BCFF-A4571AB5CEF8}.job - c:\windows\system32\msfeedssync.exe [2010-06-14 04:30] . . ------- Examen supplémentaire ------- . uStart Page = hxxp://www.sfr.fr/kit/adsl/ uSearchURL,(Default) = hxxp://www.google.com/search/?q=%s IE: Envoyer au périphérique &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm IE: Envoyer l'&image au périphérique Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm FF - ProfilePath - c:\users\Sand\AppData\Roaming\Mozilla\Firefox\Profiles\m7c2vd9e.default\ FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2405725&SearchSource=3&q={searchTerms} FF - prefs.js: browser.startup.homepage - hxxp://search.conduit.com/?ctid=CT2405725&SearchSource=13 FF - plugin: c:\program files\Java\jre6\bin\new_plugin\npdeployJava1.dll FF - plugin: c:\program files\Mozilla Firefox\plugins\npFoxitReaderPlugin.dll FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ ---- PARAMETRES FIREFOX ---- c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.lu", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.nu", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.nz", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--p1ai", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbayh7gpa", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.tel", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.proxy.type", 5); c:\program files\Mozilla Firefox\greprefs\all.js - pref("dom.ipc.plugins.timeoutSecs", 45); c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false); c:\program files\Mozilla Firefox\greprefs\all.js - pref("accelerometer.enabled", true); c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true); c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", ""); c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false); c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties"); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties"); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.nptest.dll", true); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npswf32.dll", true); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npctrl.dll", true); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npqtplugin.dll", true); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false); . - - - - ORPHELINS SUPPRIMES - - - - SafeBoot-AVG Anti-Spyware Driver MSConfigStartUp-ISW - c:\program files\CheckPoint\ZAForceField\ForceField.exe MSConfigStartUp-NokiaMusic FastStart - c:\program files\Nokia\Ovi Player\NokiaOviPlayer.exe ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2010-07-16 18:40 Windows 6.0.6002 Service Pack 2 NTFS Recherche de processus cachés ... Recherche d'éléments en démarrage automatique cachés ... Recherche de fichiers cachés ... Scan terminé avec succès Fichiers cachés: 0 ************************************************************************** [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\lxwaq] -- [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\tescsx] . --------------------- CLES DE REGISTRE BLOQUEES --------------------- [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . Heure de fin: 2010-07-16 18:43:49 ComboFix-quarantined-files.txt 2010-07-16 16:43 Avant-CF: 215 298 510 848 octets libres Après-CF: 214 488 924 160 octets libres Current=1 Default=1 Failed=0 LastKnownGood=45 Sets=1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44,45 - - End Of File - - CA1F7AFC05D3D053F85FCA9E3FC0F7C3
×
×
  • Créer...