Suppression gomeo
delfab
-
Destrio5 Messages postés 99820 Statut Modérateur -
Destrio5 Messages postés 99820 Statut Modérateur -
Bonjour,
Moi aussi j'ai des soucis avec "gomeo", pouvez-vous m'aider ?
Ci-dessous rapport combo fix
Merci beaucoup !!!!
ComboFix 11-04-22.03 - Delphine 23/04/2011 13:54:28.1.2 - x86
Microsoft® Windows Vista(TM) Édition Familiale Premium 6.0.6001.1.1252.33.1036.18.1791.954 [GMT 2:00]
Lancé depuis: c:\users\Delphine\Downloads\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {C37D8F93-0602-E43C-40AA-47DAD597F308}
SP: avast! Antivirus *Disabled/Updated* {781C6E77-2038-EBB2-7A1A-7CA8AE10B9B5}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\SysWoW32
c:\programdata\SysWoW32\_u1310538825v0
c:\programdata\SysWoW32\_u1310538825v1
c:\programdata\SysWoW32\_u1310538825v2
c:\programdata\SysWoW32\_u1310538825v3
c:\programdata\SysWoW32\_u1310538825v4
c:\programdata\SysWoW32\_u1310538825v5
c:\programdata\SysWoW32\_u1310538825v6
c:\programdata\SysWoW32\_u1310538825v7
c:\programdata\SysWoW32\mu1310538825v4
c:\programdata\SysWoW32\mu1310538825v4.kwd
c:\programdata\SysWoW32\mu1310538825v5
c:\programdata\SysWoW32\mu1310538825v5.kwd
c:\programdata\SysWoW32\mu1310538825v6
c:\programdata\SysWoW32\mu1310538825v6.kwd
c:\programdata\SysWoW32\mu1310538825v7
c:\programdata\SysWoW32\mu1310538825v7.kwd
c:\programdata\SysWoW32\wu1310538825v0
c:\programdata\SysWoW32\wu1310538825v0.kwd
c:\programdata\SysWoW32\wu1310538825v1
c:\programdata\SysWoW32\wu1310538825v1.kwd
c:\programdata\SysWoW32\wu1310538825v2
c:\programdata\SysWoW32\wu1310538825v2.kwd
c:\programdata\SysWoW32\wu1310538825v3
c:\programdata\SysWoW32\wu1310538825v3.kwd
c:\programdata\unrar.exe
c:\users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\g9ujqmxd.default\extensions\{d7718b75-b201-45fe-a76b-b30ff8839829}
c:\users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\g9ujqmxd.default\extensions\{d7718b75-b201-45fe-a76b-b30ff8839829}\chrome.manifest
c:\users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\g9ujqmxd.default\extensions\{d7718b75-b201-45fe-a76b-b30ff8839829}\chrome\xulcache.jar
c:\users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\g9ujqmxd.default\extensions\{d7718b75-b201-45fe-a76b-b30ff8839829}\defaults\preferences\xulcache.js
c:\users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\g9ujqmxd.default\extensions\{d7718b75-b201-45fe-a76b-b30ff8839829}\install.rdf
c:\users\Delphine\AppData\Roaming\Mozilla\Firefox\Profiles\vde3w77b.default\extensions\{d7718b75-b201-45fe-a76b-b30ff8839829}
c:\users\Delphine\AppData\Roaming\Mozilla\Firefox\Profiles\vde3w77b.default\extensions\{d7718b75-b201-45fe-a76b-b30ff8839829}\chrome.manifest
c:\users\Delphine\AppData\Roaming\Mozilla\Firefox\Profiles\vde3w77b.default\extensions\{d7718b75-b201-45fe-a76b-b30ff8839829}\chrome\xulcache.jar
c:\users\Delphine\AppData\Roaming\Mozilla\Firefox\Profiles\vde3w77b.default\extensions\{d7718b75-b201-45fe-a76b-b30ff8839829}\defaults\preferences\xulcache.js
c:\users\Delphine\AppData\Roaming\Mozilla\Firefox\Profiles\vde3w77b.default\extensions\{d7718b75-b201-45fe-a76b-b30ff8839829}\install.rdf
c:\users\Delphine\RE_KO-PACK.exe
.
.
((((((((((((((((((((((((((((( Fichiers créés du 2011-03-23 au 2011-04-23 ))))))))))))))))))))))))))))))))))))
.
.
2011-04-23 12:09 . 2011-04-23 12:09 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-04-23 12:09 . 2011-04-23 12:09 -------- d-----w- c:\users\Bruce\AppData\Local\temp
2011-04-23 11:41 . 2011-04-23 11:41 -------- d-----w- c:\program files\BabylonToolbar
2011-04-23 11:17 . 2011-04-23 11:39 -------- d-----w- c:\program files\Ad-Remover
2011-04-22 17:01 . 2011-04-11 07:04 7071056 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{1372EB46-6A35-40C9-A5BC-3507C244480F}\mpengine.dll
2011-04-18 16:00 . 2011-04-18 16:00 -------- d-----w- c:\users\Bruce\AppData\Local\PCTUTO
2011-04-13 11:23 . 2011-03-03 12:53 2040832 ----a-w- c:\windows\system32\win32k.sys
2011-04-13 11:23 . 2011-02-16 15:29 34304 ----a-w- c:\windows\system32\atmlib.dll
2011-04-13 11:23 . 2011-02-16 13:24 292864 ----a-w- c:\windows\system32\atmfd.dll
2011-04-13 11:23 . 2011-02-22 12:52 213504 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2011-04-13 11:23 . 2011-02-22 12:52 79360 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys
2011-04-13 11:23 . 2011-02-22 12:51 105984 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2011-04-13 11:23 . 2011-02-22 12:51 69632 ----a-w- c:\windows\system32\drivers\bowser.sys
2011-04-13 11:21 . 2011-03-03 10:49 2409784 ----a-w- c:\program files\Windows Mail\OESpamFilter.dat
2011-04-12 16:01 . 2011-04-12 16:01 -------- d-----w- c:\users\Bruce\AppData\Roaming\Malwarebytes
2011-04-11 19:42 . 2011-04-11 19:42 -------- d-----w- c:\users\Delphine\AppData\Roaming\Malwarebytes
2011-04-11 19:42 . 2011-04-11 19:42 -------- d-----w- c:\programdata\Malwarebytes
2011-04-10 14:42 . 2011-04-10 14:43 -------- d-sh--w- c:\programdata\8955FD7437AE0CE882A73374F87F57AD
2011-04-08 11:28 . 2011-04-08 11:28 41872 ----a-w- c:\windows\system32\xfcodec.dll
2011-04-07 16:24 . 2011-04-07 16:24 -------- d-----w- c:\users\Bruce\.thumbnails
2011-04-07 16:21 . 2011-04-11 16:10 -------- d-----w- c:\users\Bruce\AppData\Local\Adobe
2011-04-06 11:28 . 2011-04-13 12:01 -------- d-----w- c:\users\Bruce\AppData\Roaming\gtk-2.0
2011-04-05 16:55 . 2011-04-13 12:01 -------- d-----w- c:\users\Bruce\.gimp-2.6
2011-04-05 16:55 . 2011-04-05 16:55 -------- d-----w- c:\users\Bruce\.gegl-0.0
2011-04-05 16:06 . 2011-04-05 16:06 -------- d-----w- c:\users\Bruce\AppData\Roaming\OFFICEOne7
2011-03-30 12:09 . 2011-04-22 14:36 -------- d-----w- c:\users\Bruce\AppData\Roaming\skypePM
2011-03-30 11:51 . 2011-03-30 11:51 -------- d-----w- c:\users\Bruce\AppData\Roaming\vlc
2011-03-30 11:51 . 2011-04-22 16:53 -------- d-----w- c:\users\Bruce\AppData\Roaming\Skype
2011-03-30 11:49 . 2011-03-30 11:54 -------- d-----w- c:\users\Bruce\AppData\Roaming\Creative
2011-03-30 11:42 . 2011-04-22 15:41 -------- d-----w- c:\users\Bruce\AppData\Roaming\Xfire
.
.
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-03-19 17:52 . 2011-03-19 17:52 25280 ----a-w- c:\windows\system32\drivers\hamachi.sys
2011-02-25 10:04 . 2011-02-25 10:04 653576 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2011-02-02 16:11 . 2009-10-02 15:52 222080 ------w- c:\windows\system32\MpSigStub.exe
2011-03-18 17:58 . 2011-04-22 12:01 142296 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
2008-09-28 09:45 . 2008-09-28 09:45 122880 ----a-w- c:\program files\mozilla firefox\components\GoogleDesktopMozilla.dll
.
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2008-01-19 1233920]
"SmpcSys"="c:\program files\Packard Bell\SetUpMyPC\SmpSys.exe" [2006-10-23 1092152]
"CTSyncU.exe"="c:\program files\Creative\Sync Manager Unicode\CTSyncU.exe" [2006-08-07 700416]
"Connexion SFR 9props.exe"="c:\program files\Neuf\Kit\9props.exe" [2009-06-20 955712]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-19 125952]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-19 202240]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2010-04-16 3872080]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2006-11-22 815104]
"RtHDVCpl"="RtHDVCpl.exe" [2006-12-01 4186112]
"SunJavaUpdateSched"="c:\program files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 144784]
"SSBkgdUpdate"="c:\program files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2006-10-25 210472]
"PaperPort PTD"="c:\program files\ScanSoft\PaperPort\pptd40nt.exe" [2007-10-11 29984]
"IndexSearch"="c:\program files\ScanSoft\PaperPort\IndexSearch.exe" [2007-10-11 46368]
"PPort11reminder"="c:\program files\ScanSoft\PaperPort\Ereg\Ereg.exe" [2007-08-31 328992]
"BrMfcWnd"="c:\program files\Brother\Brmfcmon\BrMfcWnd.exe" [2008-02-19 1089536]
"ControlCenter3"="c:\program files\Brother\ControlCenter3\brctrcen.exe" [2007-12-21 86016]
"avast5"="c:\progra~1\ALWILS~1\Avast5\avastUI.exe" [2010-06-28 2837864]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-10-03 35696]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2009-09-04 935288]
"WPCUMI"="c:\windows\system32\WpcUmi.exe" [2006-11-02 176128]
"BabylonToolbar"="c:\program files\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbarsrv.exe" [2010-11-07 286720]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
OFFICE One Startup v7.lnk - c:\program files\OFFICE One v7\OFFICE One Startup v7\oostartupv7.exe [2007-5-25 713728]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ccApp]
2006-10-24 21:08 107112 ----a-w- c:\program files\Common Files\Symantec Shared\ccApp.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HostManager]
2006-11-14 13:55 50736 ----a-w- c:\program files\Common Files\aol\1180080098\ee\aolsoftware.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]
2010-04-16 21:12 3872080 ----a-w- c:\program files\Windows Live\Messenger\msnmsgr.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\osCheck]
2006-10-26 23:18 22696 ----a-w- c:\program files\Norton Internet Security\osCheck.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RoxWatchTray]
2007-01-11 09:40 232184 ----a-w- c:\program files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC]
2006-11-10 10:35 90112 ----a-w- c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
2005-10-17 09:05 1249280 ----a-w- c:\program files\Steam\Steam.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\toolbar_eula_launcher]
2007-02-20 16:20 28672 ----a-w- c:\program files\Packard Bell\GOOGLE_EULA\EULALauncher.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 gupdate;Service Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-08-31 135664]
R3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des [2010-08-15 3700176]
R3 WPFFontCache_v0400;Cache de police de Windows Presentation Foundation 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S1 aswSP;aswSP; [x]
S1 IDSvix86;Symantec Intrusion Prevention Driver;c:\progra~2\Symantec\DEFINI~1\SymcData\idsdefs\20071120.002\IDSvix86.sys [2007-11-06 180272]
S2 Akamai;Akamai NetSession Interface;c:\windows\System32\svchost.exe [2008-01-19 21504]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2010-06-28 50256]
S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2007-09-21 112688]
S3 SYMNDISV;SYMNDISV;c:\windows\System32\Drivers\SYMNDISV.SYS [2007-10-30 37936]
.
.
--- Autres Services/Pilotes en mémoire ---
.
*NewlyCreated* - COMHOST
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
Akamai REG_MULTI_SZ Akamai
.
Contenu du dossier 'Tâches planifiées'
.
2011-04-23 c:\windows\Tasks\Extension de garantie.job
- c:\program files\Packard Bell\SetupmyPC\PBCarNot.exe [2007-05-25 16:38]
.
2011-04-23 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-08-31 18:55]
.
2011-04-23 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-08-31 18:55]
.
2011-03-25 c:\windows\Tasks\Norton Internet Security - Analyse système complète - Delphine.job
- c:\progra~1\NORTON~1\NORTON~1\Navw32.exe [2006-11-07 17:48]
.
2011-04-23 c:\windows\Tasks\Recovery DVD Creator.job
- c:\program files\Packard Bell\SetupMyPc\MCDCheck.exe [2007-05-25 16:34]
.
2011-04-23 c:\windows\Tasks\User_Feed_Synchronization-{C957BFFC-A4E6-42AE-8661-7F8690098BE3}.job
- c:\windows\system32\msfeedssync.exe [2009-11-22 07:33]
.
2011-04-23 c:\windows\Tasks\User_Feed_Synchronization-{E5782471-F045-4DC8-85AF-03E5C0CE2005}.job
- c:\windows\system32\msfeedssync.exe [2009-11-22 07:33]
.
.
------- Examen supplémentaire -------
.
IE: &D&ownload &with BitComet - c:\program files\BitComet\BitComet.exe/AddLink.htm
IE: &D&ownload all video with BitComet - c:\program files\BitComet\BitComet.exe/AddVideo.htm
IE: &D&ownload all with BitComet - c:\program files\BitComet\BitComet.exe/AddAllLink.htm
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll/cmsidewiki.html
LSP: c:\windows\system32\wpclsp.dll
Trusted Zone: gouv.fr\www.impots
TCP: {AD83399A-834A-4A76-962D-E24038866728} = 192.168.1.1
FF - ProfilePath - c:\users\Delphine\AppData\Roaming\Mozilla\Firefox\Profiles\vde3w77b.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2304157&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - XfireXO Customized Web Search
FF - prefs.js: browser.startup.homepage - hxxp://search.conduit.com/?ctid=CT2304157&SearchSource=13
FF - prefs.js: keyword.URL - hxxp://search.live.com/results.aspx?mkt=fr-FR&FORM=MIMWA5&q=
.
- - - - ORPHELINS SUPPRIMES - - - -
.
HKU-Default-Run-Picasa Media Detector - c:\program files\Picasa2\PicasaMediaDetector.exe
MSConfigStartUp-Adobe Photo Downloader - c:\program files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe
MSConfigStartUp-swg - c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
HKLM_ActiveSetup-ccc-core-static - msiexec
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-04-23 14:10
Windows 6.0.6001 Service Pack 1 NTFS
.
Recherche de processus cachés ...
.
Recherche d'éléments en démarrage automatique cachés ...
.
Recherche de fichiers cachés ...
.
Scan terminé avec succès
Fichiers cachés: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Heure de fin: 2011-04-23 14:16:42
ComboFix-quarantined-files.txt 2011-04-23 12:16
.
Avant-CF: 60 824 240 128 octets libres
Après-CF: 60 923 813 888 octets libres
.
Current=1 Default=1 Failed=0 LastKnownGood=10 Sets=1,2,3,4,5,6,7,8,9,10
- - End Of File - - 273E4FD9439BDD76C09D75EEE357F950
Moi aussi j'ai des soucis avec "gomeo", pouvez-vous m'aider ?
Ci-dessous rapport combo fix
Merci beaucoup !!!!
ComboFix 11-04-22.03 - Delphine 23/04/2011 13:54:28.1.2 - x86
Microsoft® Windows Vista(TM) Édition Familiale Premium 6.0.6001.1.1252.33.1036.18.1791.954 [GMT 2:00]
Lancé depuis: c:\users\Delphine\Downloads\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {C37D8F93-0602-E43C-40AA-47DAD597F308}
SP: avast! Antivirus *Disabled/Updated* {781C6E77-2038-EBB2-7A1A-7CA8AE10B9B5}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\SysWoW32
c:\programdata\SysWoW32\_u1310538825v0
c:\programdata\SysWoW32\_u1310538825v1
c:\programdata\SysWoW32\_u1310538825v2
c:\programdata\SysWoW32\_u1310538825v3
c:\programdata\SysWoW32\_u1310538825v4
c:\programdata\SysWoW32\_u1310538825v5
c:\programdata\SysWoW32\_u1310538825v6
c:\programdata\SysWoW32\_u1310538825v7
c:\programdata\SysWoW32\mu1310538825v4
c:\programdata\SysWoW32\mu1310538825v4.kwd
c:\programdata\SysWoW32\mu1310538825v5
c:\programdata\SysWoW32\mu1310538825v5.kwd
c:\programdata\SysWoW32\mu1310538825v6
c:\programdata\SysWoW32\mu1310538825v6.kwd
c:\programdata\SysWoW32\mu1310538825v7
c:\programdata\SysWoW32\mu1310538825v7.kwd
c:\programdata\SysWoW32\wu1310538825v0
c:\programdata\SysWoW32\wu1310538825v0.kwd
c:\programdata\SysWoW32\wu1310538825v1
c:\programdata\SysWoW32\wu1310538825v1.kwd
c:\programdata\SysWoW32\wu1310538825v2
c:\programdata\SysWoW32\wu1310538825v2.kwd
c:\programdata\SysWoW32\wu1310538825v3
c:\programdata\SysWoW32\wu1310538825v3.kwd
c:\programdata\unrar.exe
c:\users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\g9ujqmxd.default\extensions\{d7718b75-b201-45fe-a76b-b30ff8839829}
c:\users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\g9ujqmxd.default\extensions\{d7718b75-b201-45fe-a76b-b30ff8839829}\chrome.manifest
c:\users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\g9ujqmxd.default\extensions\{d7718b75-b201-45fe-a76b-b30ff8839829}\chrome\xulcache.jar
c:\users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\g9ujqmxd.default\extensions\{d7718b75-b201-45fe-a76b-b30ff8839829}\defaults\preferences\xulcache.js
c:\users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\g9ujqmxd.default\extensions\{d7718b75-b201-45fe-a76b-b30ff8839829}\install.rdf
c:\users\Delphine\AppData\Roaming\Mozilla\Firefox\Profiles\vde3w77b.default\extensions\{d7718b75-b201-45fe-a76b-b30ff8839829}
c:\users\Delphine\AppData\Roaming\Mozilla\Firefox\Profiles\vde3w77b.default\extensions\{d7718b75-b201-45fe-a76b-b30ff8839829}\chrome.manifest
c:\users\Delphine\AppData\Roaming\Mozilla\Firefox\Profiles\vde3w77b.default\extensions\{d7718b75-b201-45fe-a76b-b30ff8839829}\chrome\xulcache.jar
c:\users\Delphine\AppData\Roaming\Mozilla\Firefox\Profiles\vde3w77b.default\extensions\{d7718b75-b201-45fe-a76b-b30ff8839829}\defaults\preferences\xulcache.js
c:\users\Delphine\AppData\Roaming\Mozilla\Firefox\Profiles\vde3w77b.default\extensions\{d7718b75-b201-45fe-a76b-b30ff8839829}\install.rdf
c:\users\Delphine\RE_KO-PACK.exe
.
.
((((((((((((((((((((((((((((( Fichiers créés du 2011-03-23 au 2011-04-23 ))))))))))))))))))))))))))))))))))))
.
.
2011-04-23 12:09 . 2011-04-23 12:09 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-04-23 12:09 . 2011-04-23 12:09 -------- d-----w- c:\users\Bruce\AppData\Local\temp
2011-04-23 11:41 . 2011-04-23 11:41 -------- d-----w- c:\program files\BabylonToolbar
2011-04-23 11:17 . 2011-04-23 11:39 -------- d-----w- c:\program files\Ad-Remover
2011-04-22 17:01 . 2011-04-11 07:04 7071056 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{1372EB46-6A35-40C9-A5BC-3507C244480F}\mpengine.dll
2011-04-18 16:00 . 2011-04-18 16:00 -------- d-----w- c:\users\Bruce\AppData\Local\PCTUTO
2011-04-13 11:23 . 2011-03-03 12:53 2040832 ----a-w- c:\windows\system32\win32k.sys
2011-04-13 11:23 . 2011-02-16 15:29 34304 ----a-w- c:\windows\system32\atmlib.dll
2011-04-13 11:23 . 2011-02-16 13:24 292864 ----a-w- c:\windows\system32\atmfd.dll
2011-04-13 11:23 . 2011-02-22 12:52 213504 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2011-04-13 11:23 . 2011-02-22 12:52 79360 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys
2011-04-13 11:23 . 2011-02-22 12:51 105984 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2011-04-13 11:23 . 2011-02-22 12:51 69632 ----a-w- c:\windows\system32\drivers\bowser.sys
2011-04-13 11:21 . 2011-03-03 10:49 2409784 ----a-w- c:\program files\Windows Mail\OESpamFilter.dat
2011-04-12 16:01 . 2011-04-12 16:01 -------- d-----w- c:\users\Bruce\AppData\Roaming\Malwarebytes
2011-04-11 19:42 . 2011-04-11 19:42 -------- d-----w- c:\users\Delphine\AppData\Roaming\Malwarebytes
2011-04-11 19:42 . 2011-04-11 19:42 -------- d-----w- c:\programdata\Malwarebytes
2011-04-10 14:42 . 2011-04-10 14:43 -------- d-sh--w- c:\programdata\8955FD7437AE0CE882A73374F87F57AD
2011-04-08 11:28 . 2011-04-08 11:28 41872 ----a-w- c:\windows\system32\xfcodec.dll
2011-04-07 16:24 . 2011-04-07 16:24 -------- d-----w- c:\users\Bruce\.thumbnails
2011-04-07 16:21 . 2011-04-11 16:10 -------- d-----w- c:\users\Bruce\AppData\Local\Adobe
2011-04-06 11:28 . 2011-04-13 12:01 -------- d-----w- c:\users\Bruce\AppData\Roaming\gtk-2.0
2011-04-05 16:55 . 2011-04-13 12:01 -------- d-----w- c:\users\Bruce\.gimp-2.6
2011-04-05 16:55 . 2011-04-05 16:55 -------- d-----w- c:\users\Bruce\.gegl-0.0
2011-04-05 16:06 . 2011-04-05 16:06 -------- d-----w- c:\users\Bruce\AppData\Roaming\OFFICEOne7
2011-03-30 12:09 . 2011-04-22 14:36 -------- d-----w- c:\users\Bruce\AppData\Roaming\skypePM
2011-03-30 11:51 . 2011-03-30 11:51 -------- d-----w- c:\users\Bruce\AppData\Roaming\vlc
2011-03-30 11:51 . 2011-04-22 16:53 -------- d-----w- c:\users\Bruce\AppData\Roaming\Skype
2011-03-30 11:49 . 2011-03-30 11:54 -------- d-----w- c:\users\Bruce\AppData\Roaming\Creative
2011-03-30 11:42 . 2011-04-22 15:41 -------- d-----w- c:\users\Bruce\AppData\Roaming\Xfire
.
.
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-03-19 17:52 . 2011-03-19 17:52 25280 ----a-w- c:\windows\system32\drivers\hamachi.sys
2011-02-25 10:04 . 2011-02-25 10:04 653576 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2011-02-02 16:11 . 2009-10-02 15:52 222080 ------w- c:\windows\system32\MpSigStub.exe
2011-03-18 17:58 . 2011-04-22 12:01 142296 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
2008-09-28 09:45 . 2008-09-28 09:45 122880 ----a-w- c:\program files\mozilla firefox\components\GoogleDesktopMozilla.dll
.
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2008-01-19 1233920]
"SmpcSys"="c:\program files\Packard Bell\SetUpMyPC\SmpSys.exe" [2006-10-23 1092152]
"CTSyncU.exe"="c:\program files\Creative\Sync Manager Unicode\CTSyncU.exe" [2006-08-07 700416]
"Connexion SFR 9props.exe"="c:\program files\Neuf\Kit\9props.exe" [2009-06-20 955712]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-19 125952]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-19 202240]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2010-04-16 3872080]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2006-11-22 815104]
"RtHDVCpl"="RtHDVCpl.exe" [2006-12-01 4186112]
"SunJavaUpdateSched"="c:\program files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 144784]
"SSBkgdUpdate"="c:\program files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2006-10-25 210472]
"PaperPort PTD"="c:\program files\ScanSoft\PaperPort\pptd40nt.exe" [2007-10-11 29984]
"IndexSearch"="c:\program files\ScanSoft\PaperPort\IndexSearch.exe" [2007-10-11 46368]
"PPort11reminder"="c:\program files\ScanSoft\PaperPort\Ereg\Ereg.exe" [2007-08-31 328992]
"BrMfcWnd"="c:\program files\Brother\Brmfcmon\BrMfcWnd.exe" [2008-02-19 1089536]
"ControlCenter3"="c:\program files\Brother\ControlCenter3\brctrcen.exe" [2007-12-21 86016]
"avast5"="c:\progra~1\ALWILS~1\Avast5\avastUI.exe" [2010-06-28 2837864]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-10-03 35696]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2009-09-04 935288]
"WPCUMI"="c:\windows\system32\WpcUmi.exe" [2006-11-02 176128]
"BabylonToolbar"="c:\program files\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbarsrv.exe" [2010-11-07 286720]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
OFFICE One Startup v7.lnk - c:\program files\OFFICE One v7\OFFICE One Startup v7\oostartupv7.exe [2007-5-25 713728]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ccApp]
2006-10-24 21:08 107112 ----a-w- c:\program files\Common Files\Symantec Shared\ccApp.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HostManager]
2006-11-14 13:55 50736 ----a-w- c:\program files\Common Files\aol\1180080098\ee\aolsoftware.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]
2010-04-16 21:12 3872080 ----a-w- c:\program files\Windows Live\Messenger\msnmsgr.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\osCheck]
2006-10-26 23:18 22696 ----a-w- c:\program files\Norton Internet Security\osCheck.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RoxWatchTray]
2007-01-11 09:40 232184 ----a-w- c:\program files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC]
2006-11-10 10:35 90112 ----a-w- c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
2005-10-17 09:05 1249280 ----a-w- c:\program files\Steam\Steam.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\toolbar_eula_launcher]
2007-02-20 16:20 28672 ----a-w- c:\program files\Packard Bell\GOOGLE_EULA\EULALauncher.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 gupdate;Service Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-08-31 135664]
R3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des [2010-08-15 3700176]
R3 WPFFontCache_v0400;Cache de police de Windows Presentation Foundation 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S1 aswSP;aswSP; [x]
S1 IDSvix86;Symantec Intrusion Prevention Driver;c:\progra~2\Symantec\DEFINI~1\SymcData\idsdefs\20071120.002\IDSvix86.sys [2007-11-06 180272]
S2 Akamai;Akamai NetSession Interface;c:\windows\System32\svchost.exe [2008-01-19 21504]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2010-06-28 50256]
S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2007-09-21 112688]
S3 SYMNDISV;SYMNDISV;c:\windows\System32\Drivers\SYMNDISV.SYS [2007-10-30 37936]
.
.
--- Autres Services/Pilotes en mémoire ---
.
*NewlyCreated* - COMHOST
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
Akamai REG_MULTI_SZ Akamai
.
Contenu du dossier 'Tâches planifiées'
.
2011-04-23 c:\windows\Tasks\Extension de garantie.job
- c:\program files\Packard Bell\SetupmyPC\PBCarNot.exe [2007-05-25 16:38]
.
2011-04-23 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-08-31 18:55]
.
2011-04-23 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-08-31 18:55]
.
2011-03-25 c:\windows\Tasks\Norton Internet Security - Analyse système complète - Delphine.job
- c:\progra~1\NORTON~1\NORTON~1\Navw32.exe [2006-11-07 17:48]
.
2011-04-23 c:\windows\Tasks\Recovery DVD Creator.job
- c:\program files\Packard Bell\SetupMyPc\MCDCheck.exe [2007-05-25 16:34]
.
2011-04-23 c:\windows\Tasks\User_Feed_Synchronization-{C957BFFC-A4E6-42AE-8661-7F8690098BE3}.job
- c:\windows\system32\msfeedssync.exe [2009-11-22 07:33]
.
2011-04-23 c:\windows\Tasks\User_Feed_Synchronization-{E5782471-F045-4DC8-85AF-03E5C0CE2005}.job
- c:\windows\system32\msfeedssync.exe [2009-11-22 07:33]
.
.
------- Examen supplémentaire -------
.
IE: &D&ownload &with BitComet - c:\program files\BitComet\BitComet.exe/AddLink.htm
IE: &D&ownload all video with BitComet - c:\program files\BitComet\BitComet.exe/AddVideo.htm
IE: &D&ownload all with BitComet - c:\program files\BitComet\BitComet.exe/AddAllLink.htm
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll/cmsidewiki.html
LSP: c:\windows\system32\wpclsp.dll
Trusted Zone: gouv.fr\www.impots
TCP: {AD83399A-834A-4A76-962D-E24038866728} = 192.168.1.1
FF - ProfilePath - c:\users\Delphine\AppData\Roaming\Mozilla\Firefox\Profiles\vde3w77b.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2304157&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - XfireXO Customized Web Search
FF - prefs.js: browser.startup.homepage - hxxp://search.conduit.com/?ctid=CT2304157&SearchSource=13
FF - prefs.js: keyword.URL - hxxp://search.live.com/results.aspx?mkt=fr-FR&FORM=MIMWA5&q=
.
- - - - ORPHELINS SUPPRIMES - - - -
.
HKU-Default-Run-Picasa Media Detector - c:\program files\Picasa2\PicasaMediaDetector.exe
MSConfigStartUp-Adobe Photo Downloader - c:\program files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe
MSConfigStartUp-swg - c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
HKLM_ActiveSetup-ccc-core-static - msiexec
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-04-23 14:10
Windows 6.0.6001 Service Pack 1 NTFS
.
Recherche de processus cachés ...
.
Recherche d'éléments en démarrage automatique cachés ...
.
Recherche de fichiers cachés ...
.
Scan terminé avec succès
Fichiers cachés: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Heure de fin: 2011-04-23 14:16:42
ComboFix-quarantined-files.txt 2011-04-23 12:16
.
Avant-CF: 60 824 240 128 octets libres
Après-CF: 60 923 813 888 octets libres
.
Current=1 Default=1 Failed=0 LastKnownGood=10 Sets=1,2,3,4,5,6,7,8,9,10
- - End Of File - - 273E4FD9439BDD76C09D75EEE357F950
A voir également:
- Suppression gomeo
- Forcer suppression fichier - Guide
- Suppression compte gmail - Guide
- Suppression facebook - Guide
- Suppression compte google - Guide
- Suppression page word - Guide
1 réponse
Bonjour,
--> Fais un scan avec TDSSKiller et poste le rapport :
https://forum.malekal.com/viewtopic.php?t=28637&start=
--> Fais un scan avec TDSSKiller et poste le rapport :
https://forum.malekal.com/viewtopic.php?t=28637&start=
