Aller au contenu

dongonchalves

Membres
 Afficher le profil  Afficher son activité

  • Compteur de contenus

    1

  • Inscription

  • Dernière visite

 Type de contenu 

Tout ce qui a été posté par dongonchalves

  1. dongonchalves
    Je ne trouve pas comment envoyer le log en pièce jointe, donc je vous en fait un copier/coller, Si vous pouviez m'aider à savoir si tout est bien désinfecté, ou si non, savoir ce qu'il me reste à faire. En vous remerciant d'avance,... bonne journéeà vous tous. ComboFix 09-09-18.02 - PEREIRA 20/09/2009 14:17.1.1 - NTFSx86 Microsoft Windows XP Édition familiale 5.1.2600.3.1252.33.1036.18.447.238 [GMT 2:00] Lancé depuis: c:\documents and settings\PEREIRA\Bureau\ComboFix.exe AV: ESET Smart Security 4.0 *On-access scanning disabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0} AV: Norton Internet Security *On-access scanning disabled* (Updated) {E10A9785-9598-4754-B552-92431C1C35F8} FW: ESET Personal firewall *disabled* {E5E70D32-0101-4340-86A3-A7B0F1C8FFE0} FW: Norton Internet Security *disabled* {7C21A4C9-F61F-4AC4-B722-A6E19C16F220} . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . c:\documents and settings\PEREIRA\Application Data\.# c:\documents and settings\PEREIRA\Application Data\.#\MBX@624@394180.### c:\documents and settings\PEREIRA\Application Data\.#\MBX@624@3941B0.### c:\documents and settings\PEREIRA\Application Data\.#\MBX@624@3941E0.### c:\documents and settings\PEREIRA\Application Data\.#\MBX@8C@394180.### c:\documents and settings\PEREIRA\Application Data\.#\MBX@8C@3941B0.### c:\documents and settings\PEREIRA\Application Data\.#\MBX@8C@3941E0.### c:\documents and settings\PEREIRA\Application Data\.#\MBX@A64@394180.### c:\documents and settings\PEREIRA\Application Data\.#\MBX@A64@3941B0.### c:\documents and settings\PEREIRA\Application Data\.#\MBX@A64@3941E0.### c:\documents and settings\PEREIRA\Application Data\.#\MBX@EFC@394180.### c:\documents and settings\PEREIRA\Application Data\.#\MBX@EFC@3941B0.### c:\documents and settings\PEREIRA\Application Data\.#\MBX@EFC@3941E0.### c:\documents and settings\PEREIRA\Application Data\.#\MBX@F30@394180.### c:\documents and settings\PEREIRA\Application Data\.#\MBX@F30@3941B0.### c:\documents and settings\PEREIRA\Application Data\.#\MBX@F30@3941E0.### c:\documents and settings\PEREIRA\Application Data\MessengerSkinner c:\documents and settings\PEREIRA\Application Data\MessengerSkinner\Userdata\languages_v2.xml c:\documents and settings\PEREIRA\Application Data\MessengerSkinner\Userdata\pack1.cab c:\documents and settings\PEREIRA\new.txt c:\program files\QUAD Utilities c:\recycler\S-1-5-21-4001650603-3033728187-3901433188-1003 c:\windows\Installer\13ef612.msp c:\windows\Installer\142ab72.msp c:\windows\Installer\142ab73.msp c:\windows\Installer\142ab74.msp c:\windows\Installer\142ab75.msp c:\windows\Installer\142ab76.msp c:\windows\Installer\142ab77.msp c:\windows\Installer\142ab78.msp c:\windows\Installer\142ab79.msp c:\windows\Installer\142ab7a.msp c:\windows\Installer\149bc47.msp c:\windows\Installer\149bc48.msp c:\windows\Installer\149bc49.msp c:\windows\Installer\149bc4a.msp c:\windows\Installer\149bc4b.msp c:\windows\Installer\149bc4c.msp c:\windows\Installer\149bc4d.msp c:\windows\Installer\149bc4e.msp c:\windows\Installer\149bc4f.msp c:\windows\Installer\149bc50.msp c:\windows\Installer\14c9e5d.msp c:\windows\Installer\14c9e68.msp c:\windows\Installer\14c9e74.msp c:\windows\Installer\260e118.msp c:\windows\Installer\260e119.msp c:\windows\Installer\260e11a.msp c:\windows\Installer\260e11b.msp c:\windows\Installer\260e11c.msp c:\windows\Installer\2f63b3.msp c:\windows\Installer\2f63b4.msp c:\windows\Installer\2f63b5.msp c:\windows\Installer\2f63b6.msp c:\windows\Installer\2f63b7.msp c:\windows\Installer\2f63b8.msp c:\windows\Installer\2f63b9.msp c:\windows\Installer\2f63ba.msp c:\windows\Installer\2f63bb.msp c:\windows\Installer\3410d32.msp c:\windows\Installer\3410d3b.msp c:\windows\Installer\3410d44.msp c:\windows\Installer\3410d4e.msp c:\windows\Installer\3410d57.msp c:\windows\Installer\3410d61.msp c:\windows\Installer\3410d6a.msp c:\windows\Installer\3410d73.msp c:\windows\Installer\35c47a6.msp c:\windows\Installer\37791dc.msp c:\windows\Installer\3a27c2.msp c:\windows\Installer\3a27c3.msp c:\windows\Installer\3a27c4.msp c:\windows\Installer\3a27c5.msp c:\windows\Installer\3a27c6.msp c:\windows\Installer\3a27c7.msp c:\windows\Installer\3a27c8.msp c:\windows\Installer\3a27c9.msp c:\windows\Installer\3a27ca.msp c:\windows\Installer\3a27cb.msp c:\windows\Installer\4fde02.msp c:\windows\Installer\4fde0b.msp c:\windows\Installer\4fde15.msp c:\windows\Installer\4fde1e.msp c:\windows\Installer\4fde31.msp c:\windows\Installer\4fde3b.msp c:\windows\Installer\4fde44.msp c:\windows\Installer\4fde4d.msp c:\windows\Installer\4fde56.msp c:\windows\Installer\619aec.msp c:\windows\Installer\664a4.msp c:\windows\Installer\6ef13.msp c:\windows\pack.epk c:\windows\system32\_000007_.tmp.dll c:\windows\system32\_000008_.tmp.dll c:\windows\system32\_000009_.tmp.dll c:\windows\system32\drivers\eicon.txt c:\windows\system32\win.ini E:\AUTORUN.INF . ((((((((((((((((((((((((((((( Fichiers créés du 2009-08-20 au 2009-09-20 )))))))))))))))))))))))))))))))))))) . 2009-09-19 16:58 . 2009-09-19 16:58 -------- d-----w- c:\documents and settings\PEREIRA\Application Data\ESET 2009-09-19 16:55 . 2009-09-19 16:55 -------- d-----w- c:\program files\ESET 2009-09-19 16:55 . 2009-09-19 16:55 -------- d-----w- c:\documents and settings\All Users\Application Data\ESET 2009-09-19 12:48 . 2009-09-19 12:48 -------- d-----w- c:\documents and settings\PEREIRA\Application Data\Canneverbe_Limited 2009-09-19 12:48 . 2009-09-19 12:48 -------- d-----w- c:\documents and settings\All Users\Application Data\Canneverbe Limited 2009-09-19 12:48 . 2009-09-19 12:48 -------- d-----w- c:\program files\CDBurnerXP 2009-09-18 18:27 . 2009-09-19 13:18 664 ----a-w- c:\windows\system32\d3d9caps.dat 2009-09-16 15:43 . 2001-08-23 15:47 5632 ----a-w- c:\windows\system32\ptpusb.dll 2009-09-16 15:43 . 2008-04-14 02:33 159232 ----a-w- c:\windows\system32\ptpusd.dll 2009-09-13 11:16 . 2009-09-13 11:17 -------- d--h--w- c:\windows\ie8 2009-09-13 07:32 . 2009-09-13 11:16 -------- d-----w- C:\ee4df3e869c8cf225c0698e5191e35 2009-09-10 20:45 . 2009-09-10 20:45 -------- d-----w- c:\documents and settings\Administrateur.ORDIPEREIRA\IECompatCache 2009-09-10 20:37 . 2009-09-13 22:40 -------- d-----w- c:\documents and settings\Administrateur.ORDIPEREIRA\Tracing 2009-09-09 20:00 . 2009-09-09 20:00 -------- d-sh--w- c:\documents and settings\Administrateur.ORDIPEREIRA\PrivacIE 2009-09-09 09:56 . 2009-09-09 09:56 -------- d-----w- c:\windows\system32\wbem\Repository 2009-09-09 09:55 . 2009-09-09 09:55 -------- d-----w- c:\documents and settings\PEREIRA\Local Settings\Application Data\PC_Drivers_Headquarters 2009-09-09 09:52 . 2009-09-09 09:52 -------- d-----w- C:\i386 2009-09-09 09:52 . 2009-09-17 18:32 -------- d-----w- C:\1a73da58bfa72de9b4527d 2009-09-09 06:58 . 2009-06-21 21:47 153088 ------w- c:\windows\system32\dllcache\triedit.dll 2009-09-08 21:05 . 2009-09-08 21:05 -------- d-----w- c:\documents and settings\Administrateur\PrivacIE 2009-09-08 21:05 . 2009-09-08 21:05 -------- d-----w- c:\documents and settings\Administrateur\IETldCache 2009-08-29 23:52 . 2009-08-29 23:52 -------- d-----w- c:\documents and settings\All Users\Application Data\PC Drivers HeadQuarters 2009-08-29 23:52 . 2009-08-29 23:52 -------- d-----w- c:\program files\PC Drivers HeadQuarters 2009-08-29 23:51 . 2009-08-29 23:51 -------- d-----w- c:\documents and settings\PEREIRA\Local Settings\Application Data\Downloaded Installations 2009-08-29 23:49 . 2009-09-09 09:18 -------- d-----w- c:\documents and settings\PEREIRA\Application Data\GetRightToGo 2009-08-29 23:44 . 2009-08-29 23:44 -------- d-----w- c:\documents and settings\PEREIRA\Application Data\Uniblue 2009-08-21 19:42 . 2008-07-06 12:06 89088 ------w- c:\windows\system32\dllcache\filterpipelineprintproc.dll 2009-08-21 19:42 . 2008-07-06 12:06 575488 ------w- c:\windows\system32\xpsshhdr.dll 2009-08-21 19:42 . 2008-07-06 12:06 575488 ------w- c:\windows\system32\dllcache\xpsshhdr.dll 2009-08-21 19:42 . 2008-07-06 12:06 117760 ------w- c:\windows\system32\prntvpt.dll 2009-08-21 19:42 . 2008-07-06 10:50 597504 ------w- c:\windows\system32\dllcache\printfilterpipelinesvc.exe 2009-08-21 19:42 . 2008-07-06 12:06 1676288 ------w- c:\windows\system32\xpssvcs.dll 2009-08-21 19:42 . 2008-07-06 12:06 1676288 ------w- c:\windows\system32\dllcache\xpssvcs.dll 2009-08-21 16:35 . 2009-07-03 16:57 12800 ------w- c:\windows\system32\dllcache\xpshims.dll 2009-08-21 16:34 . 2009-07-03 16:57 246272 ------w- c:\windows\system32\dllcache\ieproxy.dll 2009-08-21 16:33 . 2009-07-01 07:08 101376 ------w- c:\windows\system32\dllcache\iecompat.dll 2009-08-21 16:30 . 2009-06-29 15:57 78336 ----a-w- c:\windows\system32\dllcache\ieencode.dll . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2009-12-18 17:47 . 2007-05-10 09:59 -------- d-----w- c:\program files\Java 2009-09-19 17:21 . 2004-08-16 15:41 657422 ----a-w- c:\windows\system32\perfh00C.dat 2009-09-19 17:21 . 2004-08-16 15:41 134750 ----a-w- c:\windows\system32\perfc00C.dat 2009-09-19 08:17 . 2007-05-10 12:20 -------- d-----w- c:\documents and settings\PEREIRA\Application Data\OpenOffice.org2 2009-09-18 22:25 . 2009-02-07 15:23 -------- d-----w- c:\program files\Pogo FR 2009-09-16 18:12 . 2008-01-26 19:10 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP 2009-09-15 17:29 . 2007-05-10 10:33 -------- d-----w- c:\documents and settings\PEREIRA\Application Data\Skype 2009-09-15 14:08 . 2008-03-27 17:21 -------- d-----w- c:\documents and settings\PEREIRA\Application Data\skypePM 2009-09-09 17:02 . 2009-02-24 09:11 -------- d-----w- c:\program files\Microsoft Silverlight 2009-09-09 09:56 . 2008-07-25 16:33 -------- d-----w- c:\program files\FreeGamePick.com 2009-09-09 09:55 . 2007-07-03 17:19 -------- d-----w- c:\program files\Windows Live Safety Center 2009-09-09 09:49 . 2007-05-17 18:58 -------- d-----w- c:\program files\epson 2009-09-09 09:48 . 2007-05-10 09:55 -------- d--h--w- c:\program files\InstallShield Installation Information 2009-09-09 09:48 . 2009-02-15 14:59 -------- d-----w- c:\program files\Zylom Games 2009-09-09 09:48 . 2009-02-06 16:21 -------- d-----w- c:\documents and settings\PEREIRA\Application Data\Zylom 2009-09-09 09:47 . 2009-01-10 09:11 -------- d-----w- c:\documents and settings\All Users\Application Data\Apple Computer 2009-09-09 09:47 . 2007-05-10 10:04 -------- d-----w- c:\program files\QuickTime 2009-09-09 09:18 . 2008-10-29 09:41 -------- d-----w- c:\documents and settings\All Users\Application Data\NOS 2009-09-08 21:32 . 2007-05-23 16:31 -------- d-----w- c:\program files\Web Publish 2009-09-08 19:38 . 2007-05-10 10:25 64400 ----a-w- c:\documents and settings\PEREIRA\Local Settings\Application Data\GDIPFONTCACHEV1.DAT 2009-09-08 11:07 . 2009-08-01 20:12 -------- d-----w- c:\documents and settings\PEREIRA\Application Data\BitTorrent 2009-08-08 06:52 . 2009-08-08 06:52 -------- d-----w- c:\program files\MSBuild 2009-08-08 06:51 . 2009-08-08 06:51 -------- d-----w- c:\program files\Reference Assemblies 2009-08-05 09:00 . 2004-08-16 15:40 205312 ----a-w- c:\windows\system32\mswebdvd.dll 2009-07-29 04:35 . 2004-08-16 15:41 119808 ----a-w- c:\windows\system32\t2embed.dll 2009-07-29 04:35 . 2004-08-16 15:40 81920 ----a-w- c:\windows\system32\fontsub.dll 2009-07-19 13:29 . 2009-08-21 16:30 3597824 ----a-w- c:\windows\system32\SETBE.tmp 2009-07-19 13:29 . 2009-08-21 16:30 3597824 ----a-w- c:\windows\system32\SET91.tmp 2009-07-19 13:29 . 2009-08-21 16:30 3597824 ----a-w- c:\windows\system32\SET5E.tmp 2009-07-19 13:29 . 2009-08-21 16:30 3597824 ----a-w- c:\windows\system32\SET24.tmp 2009-07-19 13:29 . 2009-07-19 13:29 3597824 ----a-w- c:\windows\system32\SET4C.tmp 2009-07-19 13:29 . 2009-08-21 16:30 6067200 ----a-w- c:\windows\system32\SETAD.tmp 2009-07-19 13:29 . 2009-08-21 16:30 6067200 ----a-w- c:\windows\system32\SET80.tmp 2009-07-19 13:29 . 2009-08-21 16:30 6067200 ----a-w- c:\windows\system32\SET42.tmp 2009-07-19 13:29 . 2009-08-21 16:30 6067200 ----a-w- c:\windows\system32\SET13.tmp 2009-07-19 13:29 . 2009-07-19 13:29 6067200 ----a-w- c:\windows\system32\SET54.tmp 2009-07-17 19:03 . 2009-07-17 19:03 58880 ----a-w- c:\windows\system32\SET3F.tmp 2009-07-17 19:03 . 2004-08-16 15:39 58880 ----a-w- c:\windows\system32\atl.dll 2009-07-17 19:03 . 2004-08-16 15:39 58880 ----a-w- c:\windows\system32\atl(2)(2).dll 2009-07-13 21:43 . 2004-08-16 15:41 286208 ----a-w- c:\windows\system32\wmpdxm.dll 2009-07-13 21:43 . 2004-08-16 15:41 10841088 ----a-w- c:\windows\system32\wmp(2)(2).dll 2009-07-03 16:57 . 2004-08-16 15:41 915456 ------w- c:\windows\system32\wininet.dll 2009-06-29 11:07 . 2009-08-21 16:30 70656 ----a-w- c:\windows\system32\SETD.tmp 2009-06-29 11:07 . 2009-08-21 16:30 70656 ----a-w- c:\windows\system32\SETA7.tmp 2009-06-29 11:07 . 2009-08-21 16:30 70656 ----a-w- c:\windows\system32\SET7A.tmp 2009-06-29 11:07 . 2009-08-21 16:30 70656 ----a-w- c:\windows\system32\SET3B.tmp 2009-06-29 08:33 . 2009-08-21 16:30 161792 ----a-w- c:\windows\system32\SETAA.tmp 2009-06-29 08:33 . 2009-08-21 16:30 161792 ----a-w- c:\windows\system32\SET7D.tmp 2009-06-29 08:33 . 2009-08-21 16:30 161792 ----a-w- c:\windows\system32\SET3E.tmp 2009-06-29 08:33 . 2009-08-21 16:30 161792 ----a-w- c:\windows\system32\SET10.tmp 2009-06-25 08:26 . 2004-08-16 15:41 54272 ----a-w- c:\windows\system32\wdigest.dll 2009-06-25 08:26 . 2004-08-16 15:41 56832 ----a-w- c:\windows\system32\secur32.dll 2009-06-25 08:26 . 2004-08-16 15:41 147456 ----a-w- c:\windows\system32\schannel.dll 2009-06-25 08:26 . 2004-08-16 15:40 136192 ----a-w- c:\windows\system32\msv1_0.dll 2009-06-25 08:26 . 2004-08-16 15:40 736768 ----a-w- c:\windows\system32\lsasrv.dll 2009-06-25 08:26 . 2004-08-16 15:40 301568 ----a-w- c:\windows\system32\kerberos.dll 2009-06-24 11:18 . 2004-08-16 15:40 92928 ----a-w- c:\windows\system32\drivers\ksecdd.sys 2008-04-23 20:54 . 2008-04-23 20:54 0 -c--a-w- c:\program files\temp01 . ((((((((((((((((((((((((((((((((( Points de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-02-06 3885408] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "PCMService"="c:\apps\Powercinema\PCMService.exe" [2005-05-11 127118] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696] "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-03-09 148888] "egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2009-02-13 2046120] "SoundMan"="SOUNDMAN.EXE" - c:\windows\SOUNDMAN.EXE [2005-08-17 90112] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360] [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Logitech Desktop Messenger.lnk] path=c:\documents and settings\All Users\Menu Démarrer\Programmes\Démarrage\Logitech Desktop Messenger.lnk backup=c:\windows\pss\Logitech Desktop Messenger.lnkCommon Startup [HKEY_LOCAL_MACHINE\software\microsoft\security center] "AntiVirusOverride"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall] "DisableMonitoring"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%ProgramFiles%\\AOL 9.0\\aol.exe"= "%ProgramFiles%\\UBISOFT\\Splinter Cell Pandora Tomorrow\\logo_ubi.exe"= "%ProgramFiles%\\UBISOFT\\Splinter Cell Pandora Tomorrow\\pandora.exe"= "%windir%\\system32\\sessmgr.exe"= "c:\\APPS\\Inventime\\my.exe"= "c:\\Program Files\\AOL 9.0\\waol.exe"= "c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"= "c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\WINDOWS\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Program Files\\Messenger\\msmsgs.exe"= R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [13/02/2009 13:07 106208] R2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\ekrn.exe [13/02/2009 13:07 727720] R2 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr_tdi.sys [24/02/2009 11:10 55152] R2 MTC0007_STDSB;Scroll Bar Driver;c:\windows\system32\drivers\STDSB.sys [10/05/2007 11:52 11279] S2 STDSB;STDSB;c:\windows\system32\drivers\STDSB.sys [10/05/2007 11:52 11279] S3 fsssvc;Windows Live Contrôle parental;c:\program files\Windows Live\Family Safety\fsssvc.exe [06/02/2009 19:08 533360] [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}] "c:\windows\system32\rundll32.exe" "c:\windows\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP . Contenu du dossier 'Tâches planifiées' 2009-09-10 c:\windows\Tasks\AppleSoftwareUpdate.job - c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 11:34] 2007-05-10 c:\windows\Tasks\Rappel d'enregistrement 1.job - c:\windows\system32\OOBE\oobebaln.exe [2004-08-16 02:34] 2009-09-20 c:\windows\Tasks\Scheduled Update for Ask Toolbar.job - c:\program files\Ask.com\UpdateTask.exe [2009-02-26 09:25] 2009-09-20 c:\windows\Tasks\User_Feed_Synchronization-{94F7684D-54CD-4299-9DBF-472EE9CDC66D}.job - c:\windows\system32\msfeedssync.exe [2006-10-17 02:31] . . ------- Examen supplémentaire ------- . uStart Page = hxxp://www.google.fr/ uSearchURL,(Default) = hxxp://g.msn.fr/0SEFRFR/SAOS01?FORM=TOOLBR FF - ProfilePath - c:\documents and settings\PEREIRA\Application Data\Mozilla\Firefox\Profiles\naf1n5h3.default\ FF - prefs.js: browser.search.selectedEngine - Live Search FF - prefs.js: browser.startup.homepage - hxxp://www.ask.com/?o=14393&l=dis FF - prefs.js: keyword.URL - hxxp://search.live.com/results.aspx?mkt=fr-FR&FORM=MIMWA5&q= FF - prefs.js: network.proxy.type - 4 FF - plugin: c:\documents and settings\All Users\Application Data\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll FF - plugin: c:\program files\Google\Picasa3\npPicasa3.dll FF - plugin: c:\program files\Mozilla Firefox\plugins\npqtplugin8.dll FF - plugin: c:\program files\Mozilla Firefox\plugins\npzylomgamesplayer.dll FF - plugin: c:\program files\QuickTime\Plugins\npqtplugin8.dll FF - plugin: c:\program files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll ---- PARAMETRES FIREFOX ---- c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".com.br"); . - - - - ORPHELINS SUPPRIMES - - - - Toolbar-Locked - (no file) ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2009-09-20 14:28 Windows 5.1.2600 Service Pack 3 NTFS Recherche de processus cachés ... Recherche d'éléments en démarrage automatique cachés ... Recherche de fichiers cachés ... Scan terminé avec succès Fichiers cachés: 0 ************************************************************************** [HKEY_LOCAL_MACHINE\System\ControlSet001\Services\MySqlInventime] "ImagePath"="c:\mysql\bin\mysqld-max-nt MySqlInventime" . --------------------- CLES DE REGISTRE BLOQUEES --------------------- [HKEY_USERS\S-1-5-21-2502096752-3908325686-1352510689-1006\Software\Microsoft\SystemCertificates\AddressBook*] @Allowed: (Read) (RestrictedCode) @Allowed: (Read) (RestrictedCode) [HKEY_USERS\S-1-5-21-2502096752-3908325686-1352510689-1006\Software\Policies\Microsoft\SystemCertificates\AddressBook*] @Allowed: (Read) (S-1-5-21-2502096752-3908325686-1352510689-1006) @Allowed: (Read) (S-1-5-21-2502096752-3908325686-1352510689-1006) @Allowed: (Read) (RestrictedCode) @Allowed: (Read) (RestrictedCode) [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10c.exe,-101" [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\Elevation] "Enabled"=dword:00000001 [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\LocalServer32] @="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10c.exe" [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" [HKEY_LOCAL_MACHINE\software\Classes\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}] @Denied: (A 2) (Everyone) @="IFlashBroker3" [HKEY_LOCAL_MACHINE\software\Classes\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" [HKEY_LOCAL_MACHINE\software\Classes\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . Heure de fin: 2009-09-20 14:31 ComboFix-quarantined-files.txt 2009-09-20 12:31 Avant-CF: 54 385 885 184 octets libres Après-CF: 54 641 221 632 octets libres 334 --- E O F --- 2009-09-13 15:46
×
×
  • Créer...