Eddy aide-moi, surement une infection !

--------------------\\ Lop S&D 4.2.5-0 XP/Vista


"C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
Option : [1] ( 09/08/2010|17:08 )

[ UAC => 0 ]

--------------------\\ Listing des dossiers dans Local

[16/05/2010|14:25] C:\Users\claudius\AppData\Local\Adobe
[17/03/2009|16:44] C:\Users\claudius\AppData\Local\app.settings.xml
[13/02/2009|14:35] C:\Users\claudius\AppData\Local\Apple
[04/11/2009|12:05] C:\Users\claudius\AppData\Local\Apple Computer
[13/02/2009|13:02] C:\Users\claudius\AppData\Local\Application Data
[06/10/2009|04:43] C:\Users\claudius\AppData\Local\ArcSoft
[26/02/2009|18:53] C:\Users\claudius\AppData\Local\Canon Easy-PhotoPrint EX
[20/05/2009|15:24] C:\Users\claudius\AppData\Local\Corner-A
[04/08/2010|08:44] C:\Users\claudius\AppData\Local\d3d9caps.dat
[09/08/2010|17:05] C:\Users\claudius\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[28/07/2010|17:43] C:\Users\claudius\AppData\Local\Downloaded Installations
[13/02/2009|15:25] C:\Users\claudius\AppData\Local\Flock
[27/03/2010|09:37] C:\Users\claudius\AppData\Local\GDIPFONTCACHEV1.DAT
[13/06/2010|11:57] C:\Users\claudius\AppData\Local\GLFFDE0.tmp
[01/05/2010|16:24] C:\Users\claudius\AppData\Local\Google
[13/02/2009|13:02] C:\Users\claudius\AppData\Local\Historique
[09/08/2010|15:01] C:\Users\claudius\AppData\Local\IconCache.db
[13/02/2009|14:55] C:\Users\claudius\AppData\Local\K-Meleon
[06/10/2009|04:48] C:\Users\claudius\AppData\Local\KodakGallery
[02/07/2010|13:45] C:\Users\claudius\AppData\Local\Microsoft
[25/04/2009|15:34] C:\Users\claudius\AppData\Local\Microsoft Games
[15/12/2009|22:01] C:\Users\claudius\AppData\Local\Mozilla
[13/02/2009|14:29] C:\Users\claudius\AppData\Local\Opera
[15/07/2009|22:40] C:\Users\claudius\AppData\Local\RapidShareDownloader
[18/02/2009|19:24] C:\Users\claudius\AppData\Local\Scansoft
[05/05/2009|16:11] C:\Users\claudius\AppData\Local\Sothink
[09/08/2010|17:05] C:\Users\claudius\AppData\Local\Temp
[13/02/2009|13:02] C:\Users\claudius\AppData\Local\Temporary Internet Files
[04/11/2009|12:06] C:\Users\claudius\AppData\Local\The Video Diary
[29/07/2009|21:13] C:\Users\claudius\AppData\Local\VirtualStore
[19/02/2010|19:48] C:\Users\claudius\AppData\Local\Votre Opinion
[16/03/2009|14:27] C:\Users\claudius\AppData\Local\Wapiti Project
[16/03/2009|14:30] C:\Users\claudius\AppData\Local\Wapiti_Project
[28/06/2010|15:55] C:\Users\claudius\AppData\Local\Yahoo

--------------------\\ Tâches planifiées dans C:\Windows\tasks

[09/08/2010 16:33][--a------] C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1486186306-353780486-3863553046-1000UA.job
[09/08/2010 08:33][--a------] C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1486186306-353780486-3863553046-1000Core.job
[09/08/2010 15:15][--a------] C:\Windows\tasks\GlaryInitialize.job
[08/08/2010 17:15][--ah-----] C:\Windows\tasks\User_Feed_Synchronization-{59A6C1EF-E44F-4ADC-AB2C-037AF3ED59A0}.job
[09/08/2010 15:15][--ah-----] C:\Windows\tasks\SA.DAT
[08/08/2010 11:33][--a------] C:\Windows\tasks\SCHEDLGU.TXT

--------------------\\ Listing des dossiers dans C:\ProgramData

[13/11/2009|14:32] C:\ProgramData\{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}
[22/05/2010|16:02] C:\ProgramData\Adobe
[04/08/2010|22:10] C:\ProgramData\Alwil Software
[19/05/2009|22:04] C:\ProgramData\Apple Computer
[02/11/2006|15:02] C:\ProgramData\Application Data
[06/10/2009|04:43] C:\ProgramData\ArcSoft
[18/06/2009|19:26] C:\ProgramData\Avanquest
[04/05/2009|19:23] C:\ProgramData\Avira
[13/02/2009|12:52] C:\ProgramData\Bureau
[01/10/2009|13:28] C:\ProgramData\BVRP Software
[16/02/2009|11:05] C:\ProgramData\CanonBJ
[13/10/2009|16:03] C:\ProgramData\CheckPoint
[02/02/2010|19:36] C:\ProgramData\DAEMON Tools Lite
[17/06/2010|15:22] C:\ProgramData\DAEMON Tools Pro
[02/11/2006|15:02] C:\ProgramData\Desktop
[09/07/2010|21:26] C:\ProgramData\DivX
[02/11/2006|15:02] C:\ProgramData\Documents
[13/02/2009|12:52] C:\ProgramData\Favoris
[02/11/2006|15:02] C:\ProgramData\Favorites
[27/07/2010|14:28] C:\ProgramData\F-Secure
[18/10/2009|15:47] C:\ProgramData\Hitman Pro
[16/02/2009|11:16] C:\ProgramData\InstallShield
[06/10/2009|13:09] C:\ProgramData\Kodak
[30/10/2009|15:11] C:\ProgramData\Lavasoft
[14/02/2009|16:41] C:\ProgramData\Malwarebytes
[07/03/2010|21:39] C:\ProgramData\McAfee
[13/02/2009|12:52] C:\ProgramData\Menu D‚marrer
[30/04/2010|22:14] C:\ProgramData\MGS
[13/05/2010|20:18] C:\ProgramData\Microsoft
[13/02/2009|12:52] C:\ProgramData\ModŠles
[08/03/2010|16:27] C:\ProgramData\NOS
[05/08/2010|10:54] C:\ProgramData\ntuser.pol
[05/01/2010|20:06] C:\ProgramData\OnlineArmor
[16/02/2009|11:16] C:\ProgramData\ScanSoft
[28/07/2010|18:21] C:\ProgramData\ScreenVCR
[05/08/2010|16:32] C:\ProgramData\Spybot - Search & Destroy
[09/08/2010|15:19] C:\ProgramData\Spyware Terminator
[02/11/2006|15:02] C:\ProgramData\Start Menu
[26/03/2010|15:25] C:\ProgramData\Sun
[16/10/2009|11:13] C:\ProgramData\SUPERAntiSpyware.com
[16/06/2010|17:02] C:\ProgramData\TEMP
[02/11/2006|15:02] C:\ProgramData\Templates
[13/11/2009|14:35] C:\ProgramData\TuneUp Software
[24/06/2010|15:13] C:\ProgramData\Web Page Maker
[09/08/2009|11:00] C:\ProgramData\Windows Genuine Advantage
[14/07/2009|09:57] C:\ProgramData\WindowsSearch

--------------------\\ Listing des dossiers dans C:\Program Files

[10/01/2010|13:17] C:\Program Files\360desktop
[14/05/2010|15:08] C:\Program Files\3D Text
[22/05/2010|16:01] C:\Program Files\Adobe
[04/11/2009|19:47] C:\Program Files\AllMedia Grabber
[04/08/2010|22:10] C:\Program Files\Alwil Software
[20/07/2010|14:37] C:\Program Files\Aneesoft
[20/03/2010|22:51] C:\Program Files\Argente Software
[30/07/2010|17:27] C:\Program Files\Artensoft Photo Mosaic Wizard
[26/02/2009|18:29] C:\Program Files\ArzooSoft Solutions
[17/10/2009|16:31] C:\Program Files\Auslogics
[04/05/2009|19:23] C:\Program Files\Avira
[24/02/2009|15:46] C:\Program Files\Bonjour
[13/05/2009|12:24] C:\Program Files\Canon
[16/02/2009|11:02] C:\Program Files\CanonBJ
[01/08/2010|21:11] C:\Program Files\CCleaner
[09/07/2010|21:23] C:\Program Files\Common Files
[20/05/2009|15:16] C:\Program Files\Corner-A
[17/06/2010|15:24] C:\Program Files\DAEMON Tools Pro
[09/07/2010|21:25] C:\Program Files\DivX
[15/04/2010|14:51] C:\Program Files\EASEUS
[07/02/2010|15:10] C:\Program Files\Elaborate Bytes
[16/06/2010|17:10] C:\Program Files\EvJOSoft
[13/02/2009|12:52] C:\Program Files\Fichiers communs [C:\Program Files\Common Files]
[11/03/2009|16:25] C:\Program Files\Flock
[22/05/2010|09:57] C:\Program Files\Foxit Software
[01/08/2010|21:25] C:\Program Files\G Data
[12/07/2010|22:10] C:\Program Files\Glary Utilities
[14/05/2010|16:37] C:\Program Files\Hercules
[12/07/2010|15:07] C:\Program Files\Inpaint
[14/05/2010|16:37] C:\Program Files\InstallShield Installation Information
[27/10/2009|17:47] C:\Program Files\Internet Explorer
[10/04/2009|15:14] C:\Program Files\iSpring
[31/05/2010|16:13] C:\Program Files\iToolSoft Software
[05/08/2010|09:24] C:\Program Files\Java
[08/08/2010|23:56] C:\Program Files\JkDefrag
[26/03/2010|15:48] C:\Program Files\JRE
[11/03/2010|15:59] C:\Program Files\K-Meleon
[06/10/2009|13:12] C:\Program Files\Kodak
[25/03/2010|16:05] C:\Program Files\MagicScore Music Software
[04/08/2010|20:39] C:\Program Files\Malwarebytes' Anti-Malware
[21/02/2009|04:03] C:\Program Files\Microsoft CAPICOM 2.1.0.2
[02/11/2006|14:37] C:\Program Files\Microsoft Games
[06/06/2010|13:51] C:\Program Files\Microsoft Silverlight
[26/06/2010|08:15] C:\Program Files\Microsoft.NET
[24/02/2009|16:59] C:\Program Files\MIDI to MP3 Converter
[13/06/2009|13:26] C:\Program Files\Morpheus Photo Morpher
[12/03/2010|12:35] C:\Program Files\Movie Maker
[02/08/2010|22:17] C:\Program Files\Mozilla Firefox
[13/02/2009|14:49] C:\Program Files\mozilla.org
[02/11/2006|14:37] C:\Program Files\MSBuild
[25/11/2009|20:00] C:\Program Files\MSXML 4.0
[16/07/2009|18:42] C:\Program Files\Multiplication
[26/05/2009|09:00] C:\Program Files\MySurvey Messenger
[07/03/2010|21:36] C:\Program Files\NOS
[05/08/2010|15:54] C:\Program Files\NXPowerLite
[30/03/2009|15:08] C:\Program Files\Olivetti
[26/03/2010|16:41] C:\Program Files\OpenOffice.org 3
[11/07/2010|18:14] C:\Program Files\Opera
[24/07/2009|14:37] C:\Program Files\PDF to Word 3
[16/02/2009|13:06] C:\Program Files\PhotoFiltre
[21/03/2009|15:07] C:\Program Files\png2icon
[22/08/2009|16:04] C:\Program Files\Pointstone
[08/04/2010|14:35] C:\Program Files\PPTminimizer
[07/07/2009|11:33] C:\Program Files\QuickTime
[02/11/2006|14:37] C:\Program Files\Reference Assemblies
[25/08/2009|11:40] C:\Program Files\Safari
[16/02/2009|11:15] C:\Program Files\ScanSoft
[11/03/2010|15:59] C:\Program Files\SeaMonkey
[13/05/2009|11:11] C:\Program Files\ShellLess
[16/06/2010|16:42] C:\Program Files\SocuSoft Web Video Player
[05/08/2010|19:03] C:\Program Files\Spybot - Search & Destroy
[09/08/2010|07:57] C:\Program Files\Spyware Terminator
[13/05/2009|12:11] C:\Program Files\Systweak
[06/12/2009|20:39] C:\Program Files\Tall Emu
[07/08/2010|09:58] C:\Program Files\TeamViewer
[28/07/2010|18:11] C:\Program Files\TotalScreenRecorder_Gold
[16/12/2009|23:25] C:\Program Files\TuneUp Utilities 2010
[02/11/2006|15:01] C:\Program Files\Uninstall Information
[19/02/2010|19:48] C:\Program Files\Votre Opinion
[13/02/2009|15:42] C:\Program Files\VS Revo Group
[27/05/2010|12:23] C:\Program Files\VSO
[19/09/2009|15:21] C:\Program Files\Windows Calendar
[19/09/2009|15:21] C:\Program Files\Windows Collaboration
[19/09/2009|15:21] C:\Program Files\Windows Defender
[19/09/2009|15:21] C:\Program Files\Windows Journal
[19/02/2009|21:09] C:\Program Files\Windows Live
[15/07/2010|07:52] C:\Program Files\Windows Mail
[29/10/2009|04:15] C:\Program Files\Windows Media Player
[13/02/2009|12:52] C:\Program Files\Windows NT
[19/09/2009|15:21] C:\Program Files\Windows Photo Gallery
[17/11/2009|21:02] C:\Program Files\Windows Portable Devices
[13/11/2009|14:38] C:\Program Files\Windows Sidebar
[15/07/2009|22:32] C:\Program Files\WinRAR
[15/01/2010|21:15] C:\Program Files\Winstep
[29/06/2010|16:04] C:\Program Files\Wondershare
[11/07/2010|08:45] C:\Program Files\Yahoo!
[07/08/2010|10:52] C:\Program Files\ZHPDiag
[22/04/2009|22:26] C:\Program Files\Zoner

--------------------\\ Listing des dossiers dans C:\Program Files\Common Files

[22/05/2010|16:02] C:\Program Files\Common Files\Adobe
[24/02/2009|20:09] C:\Program Files\Common Files\Apple
[16/02/2009|11:13] C:\Program Files\Common Files\CANON
[09/07/2010|21:21] C:\Program Files\Common Files\DivX Shared
[07/10/2009|22:16] C:\Program Files\Common Files\InstallShield
[10/04/2009|15:14] C:\Program Files\Common Files\iSpring Solutions
[05/08/2010|09:24] C:\Program Files\Common Files\Java
[02/10/2009|11:00] C:\Program Files\Common Files\microsoft shared
[09/07/2010|21:23] C:\Program Files\Common Files\PX Storage Engine
[16/02/2009|11:15] C:\Program Files\Common Files\ScanSoft Shared
[02/11/2006|13:18] C:\Program Files\Common Files\Services
[16/06/2010|17:04] C:\Program Files\Common Files\SourceTec
[02/11/2006|13:18] C:\Program Files\Common Files\SpeechEngines
[19/09/2009|15:21] C:\Program Files\Common Files\System
[19/02/2009|21:02] C:\Program Files\Common Files\Windows Live

--------------------\\ Process

( 58 Processes )

... OK !

--------------------\\ Recherche avec S_Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Recherche de Fichiers / Dossiers Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Verification du Registre

..... OK !

--------------------\\ Verification du fichier Hosts

Fichier Hosts PROPRE


--------------------\\ Recherche de fichiers avec Catchme

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, [Vous devez être inscrit et connecté pour voir ce lien]
Rootkit scan 2010-08-09 15:34:25
Windows 6.0.6002 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden files ...
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, [Vous devez être inscrit et connecté pour voir ce lien]
Rootkit scan 2010-08-09 15:50:05
Windows 6.0.6002 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden files ...
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, [Vous devez être inscrit et connecté pour voir ce lien]
Rootkit scan 2010-08-09 17:10:31
Windows 6.0.6002 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 1

--------------------\\ Recherche d'autres infections

--------------------\\ Cracks & Keygens ..

C:\Users\claudius\Documents\CORSICA\xxxxx CLEF WEP SOUS XP.pdf


[F][D]-> C:\Users\claudius\AppData\Local\Temp
[F][D]-> C:\Users\claudius\AppData\Roaming\MICROS~1\Windows\Cookies
[F][D]-> C:\Users\claudius\AppData\Local\MICROS~1\Windows\TEMPOR~1\content.IE5
[F][D]-> C:\$Recycle.Bin

1 - "C:\Lop SD\LopR_1.txt" - 09/08/2010|14:55 - Option : [1]
2 - "C:\Lop SD\LopR_2.txt" - 09/08/2010|18:13 - Option : [1]

--------------------\\ Fin du rapport a 18:13:51
[ UAC => 1 ]

KASPERSKY ONLINE SCANNER 7.0: scan report 
Tuesday, August 10, 2010
Operating system: Microsoft Windows Vista Home Premium Edition, 32-bit Service Pack 2 (build 6002)
Kaspersky Online Scanner version: 7.0.26.13
Last database update: Monday, August 09, 2010 22:46:56
Records in database: 4131474

Scan settings
scan using the following database extended
Scan archives yes
Scan e-mail databases yes

Scan area My Computer
C:\
D:\
E:\

Scan statistics
Objects scanned 142404
Threats found 2
Infected objects found 3
Suspicious objects found 0
Scan duration 05:28:36

File name Threat Threats count
C:\Users\claudius\AppData\Roaming\Asterisks Password Viewer\install\disk1.cab Infected: not-a-virus:PSWTool.Win32.Pwdspyhk.k 1

C:\Users\claudius\Downloads\is360setup.exe Infected: Virus.Win32.Induc.a 2

Selected area has been scanned.

KASPERSKY ONLINE SCANNER 7.0: scan report
Tuesday, August 10, 2010
Operating system: Microsoft Windows Vista Home Premium Edition, 32-bit Service Pack 2 (build 6002)
Kaspersky Online Scanner version: 7.0.26.13
Last database update: Tuesday, August 10, 2010 08:52:02
Records in database: 4131149

Scan settings
scan using the following database extended
Scan archives yes
Scan e-mail databases yes

Scan area Critical areas
C:\Program Files
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
C:\Users\claudius\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
C:\Windows

Scan statistics
Objects scanned 101385
Threats found 0
Infected objects found 0
Suspicious objects found 0
Scan duration 03:22:42

No threats found. Scanned area is clean.
Selected area has been scanned.

ComboFix 10-08-10.03 - claudius 11/08/2010 5:48.1.2 - x86
Microsoft Windows Vista Édition Familiale Premium 6.0.6002.2.1252.33.1036.18.2038.1221 [GMT 2]
Lancé depuis: c:\users\claudius\Desktop\ComboFix.exe
SP: Spyware Terminator *disabled* (Updated) {55EE49A8-16BE-4601-BBE6-607B7F7317DE}
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\users\claudius\AppData\Roaming\.#

.
((((((((((((((((((((((((((((( Fichiers créés du 2010-07-11 au 2010-08-11 ))))))))))))))))))))))))))))))))))))
.

2010-08-11 04:12 . 2010-08-11 04:12 -------- d-----w- c:\users\Default\AppData\Local\temp
2010-08-09 12:43 . 2010-08-09 16:13 -------- d-----w- C:\Lop SD
2010-08-07 07:59 . 2010-08-07 09:40 -------- d-----w- c:\users\claudius\AppData\Roaming\TeamViewer
2010-08-07 07:58 . 2010-08-07 07:58 -------- d-----w- c:\program files\TeamViewer
2010-08-04 20:13 . 2010-06-28 20:32 17744 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2010-08-04 20:13 . 2010-06-28 20:37 165456 ----a-w- c:\windows\system32\drivers\aswSP.sys
2010-08-04 20:13 . 2010-06-28 20:33 23376 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2010-08-04 20:13 . 2010-06-28 20:37 46672 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2010-08-04 20:13 . 2010-06-28 20:32 50256 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2010-08-04 20:11 . 2010-06-28 20:57 38848 ----a-w- c:\windows\avastSS.scr
2010-08-04 20:11 . 2010-06-28 20:57 165032 ----a-w- c:\windows\system32\aswBoot.exe
2010-08-04 20:10 . 2010-08-04 20:10 -------- d-----w- c:\programdata\Alwil Software
2010-08-04 20:10 . 2010-08-04 20:10 -------- d-----w- c:\program files\Alwil Software
2010-08-04 16:47 . 2010-08-07 08:52 -------- d-----w- c:\program files\ZHPDiag
2010-07-31 12:47 . 2008-08-26 15:49 110592 ----a-w- c:\users\claudius\AppData\Roaming\U3\temp\cleanup.exe
2010-07-30 20:00 . 2009-03-23 10:04 3547136 ---ha-w- c:\users\claudius\AppData\Roaming\U3\temp\Launchpad Removal.exe
2010-07-30 19:58 . 2010-07-31 12:57 -------- d-----w- c:\users\claudius\AppData\Roaming\U3
2010-07-30 15:27 . 2010-07-30 15:27 -------- d-----w- c:\program files\Artensoft Photo Mosaic Wizard
2010-07-28 16:12 . 2010-07-28 16:21 -------- d-----w- c:\programdata\ScreenVCR
2010-07-28 16:11 . 2010-07-28 16:11 -------- d-----w- c:\program files\TotalScreenRecorder_Gold
2010-07-28 15:46 . 2010-08-01 19:25 -------- d-----w- c:\program files\G Data
2010-07-28 15:43 . 2010-07-28 15:43 -------- d-----w- c:\users\claudius\AppData\Local\Downloaded Installations
2010-07-27 17:02 . 2010-07-17 03:00 423656 ----a-w- c:\windows\system32\deployJava1.dll
2010-07-27 12:28 . 2010-07-27 12:28 -------- d-----w- c:\programdata\F-Secure
2010-07-20 12:37 . 2010-07-20 12:37 -------- d-----w- c:\program files\Aneesoft
2010-07-12 13:07 . 2010-07-12 13:07 -------- d-----w- c:\program files\Inpaint

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-08-10 20:39 . 2009-10-04 00:12 -------- d-----w- c:\programdata\Spyware Terminator
2010-08-10 20:31 . 2009-10-04 00:12 -------- d-----w- c:\program files\Spyware Terminator
2010-08-10 20:31 . 2009-10-04 00:12 -------- d-----w- c:\users\claudius\AppData\Roaming\Spyware Terminator
2010-08-09 06:46 . 2009-02-13 13:01 -------- d-----w- c:\users\claudius\AppData\Roaming\MxBoost
2010-08-08 21:56 . 2009-07-28 19:14 -------- d-----w- c:\program files\JkDefrag
2010-08-05 17:03 . 2009-06-19 13:26 -------- d-----w- c:\program files\Spybot - Search & Destroy
2010-08-05 14:32 . 2009-06-19 13:26 -------- d-----w- c:\programdata\Spybot - Search & Destroy
2010-08-05 13:54 . 2010-06-18 13:08 -------- d-----w- c:\program files\NXPowerLite
2010-08-05 07:24 . 2009-02-19 19:50 -------- d-----w- c:\program files\Common Files\Java
2010-08-05 07:24 . 2009-02-19 19:50 -------- d-----w- c:\program files\Java
2010-08-04 18:39 . 2009-02-14 14:41 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-08-04 06:44 . 2009-04-20 07:45 1356 ----a-w- c:\users\claudius\AppData\Local\d3d9caps.dat
2010-08-03 05:18 . 2010-01-07 19:04 1 ----a-w- c:\users\claudius\AppData\Roaming\OpenOffice.org\3\user\uno_packages\cache\stamp.sys
2010-08-02 20:46 . 2006-11-02 15:48 679042 ----a-w- c:\windows\system32\perfh00C.dat
2010-08-02 20:46 . 2006-11-02 15:48 126626 ----a-w- c:\windows\system32\perfc00C.dat
2010-08-01 19:31 . 2010-06-24 13:13 -------- d-----w- c:\users\claudius\AppData\Roaming\Web Page Maker
2010-08-01 19:11 . 2009-02-14 14:23 -------- d-----w- c:\program files\CCleaner
2010-07-28 16:13 . 2010-07-09 19:24 -------- d-----w- c:\users\claudius\AppData\Roaming\DivX
2010-07-15 05:52 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail
2010-07-12 20:10 . 2009-02-13 14:41 -------- d-----w- c:\program files\Glary Utilities
2010-07-12 03:40 . 2010-07-12 03:40 673280 ----a-w- c:\windows\is-QJBQT.exe
2010-07-11 16:14 . 2009-02-13 12:29 -------- d-----w- c:\program files\Opera
2010-07-11 06:45 . 2010-06-19 16:58 -------- d-----w- c:\program files\Yahoo!
2010-07-09 19:26 . 2010-07-09 19:26 57344 ----a-w- c:\programdata\DivX\RunAsUser\RUNASUSERPROCESS.dll
2010-07-09 19:26 . 2010-07-09 19:15 -------- d-----w- c:\programdata\DivX
2010-07-09 19:25 . 2010-07-09 19:25 56765 ----a-w- c:\programdata\DivX\DivXPlusShortcuts\Uninstaller.exe
2010-07-09 19:25 . 2010-07-09 19:16 -------- d-----w- c:\program files\DivX
2010-07-09 19:25 . 2010-07-09 19:25 56997 ----a-w- c:\programdata\DivX\WebPlayer\Uninstaller.exe
2010-07-09 19:25 . 2010-07-09 19:25 53600 ----a-w- c:\programdata\DivX\Update\Uninstaller.exe
2010-07-09 19:25 . 2010-07-09 19:25 57715 ----a-w- c:\programdata\DivX\Player\Uninstaller.exe
2010-07-09 19:23 . 2010-07-09 19:23 84054 ----a-w- c:\programdata\DivX\TransferWizard\Uninstaller.exe
2010-07-09 19:23 . 2010-07-09 19:23 -------- d-----w- c:\program files\Common Files\PX Storage Engine
2010-07-09 19:23 . 2010-07-09 19:23 57054 ----a-w- c:\programdata\DivX\DSDesktopComponents\Uninstaller.exe
2010-07-09 19:23 . 2010-07-09 19:23 54166 ----a-w- c:\programdata\DivX\DSAVCDecoder\Uninstaller.exe
2010-07-09 19:23 . 2010-07-09 19:23 57532 ----a-w- c:\programdata\DivX\DSASPDecoder\Uninstaller.exe
2010-07-09 19:23 . 2010-07-09 19:23 56458 ----a-w- c:\programdata\DivX\DivXDecoderShortcut\Uninstaller.exe
2010-07-09 19:23 . 2010-07-09 19:23 54174 ----a-w- c:\programdata\DivX\DSAACDecoder\Uninstaller.exe
2010-07-09 19:22 . 2010-07-09 19:22 54153 ----a-w- c:\programdata\DivX\DFXPlugin\Uninstaller.exe
2010-07-09 19:22 . 2010-07-09 19:22 54128 ----a-w- c:\programdata\DivX\Converter\Uninstaller.exe
2010-07-09 19:22 . 2010-07-09 19:22 54644 ----a-w- c:\programdata\DivX\TranscodeEngine\Uninstaller.exe
2010-07-09 19:21 . 2010-07-09 19:21 54101 ----a-w- c:\programdata\DivX\MPEG2Plugin\Uninstaller.exe
2010-07-09 19:21 . 2010-07-09 19:21 57409 ----a-w- c:\programdata\DivX\ControlPanel\Uninstaller.exe
2010-07-09 19:21 . 2010-07-09 19:21 52963 ----a-w- c:\programdata\DivX\MSVC80CRTRedist\Uninstaller.exe
2010-07-09 19:21 . 2010-07-09 19:20 -------- d-----w- c:\program files\Common Files\DivX Shared
2010-07-09 19:21 . 2010-07-09 19:21 54073 ----a-w- c:\programdata\DivX\Qt4.5\Uninstaller.exe
2010-07-09 19:20 . 2010-07-09 19:20 56969 ----a-w- c:\programdata\DivX\ASPEncoder\Uninstaller.exe
2010-07-09 19:15 . 2010-07-09 19:25 1062184 ----a-w- c:\programdata\DivX\Setup\Resource.dll
2010-07-09 19:14 . 2010-07-09 19:25 895256 ----a-w- c:\programdata\DivX\Setup\DivXSetup.exe
2010-06-29 14:08 . 2010-06-29 14:07 -------- d-----w- c:\users\claudius\AppData\Roaming\DemoCreator
2010-06-29 14:04 . 2009-02-24 15:17 -------- d-----w- c:\program files\Wondershare
2010-06-26 06:15 . 2010-06-26 06:15 -------- d-----w- c:\program files\Microsoft.NET
2010-06-24 13:13 . 2010-06-24 13:13 -------- d-----w- c:\programdata\Web Page Maker
2010-06-19 17:22 . 2010-06-19 17:13 -------- d-----w- c:\users\claudius\AppData\Roaming\Yahoo!
2010-06-17 13:24 . 2010-06-17 13:23 -------- d-----w- c:\program files\DAEMON Tools Pro
2010-06-17 13:24 . 2010-02-02 17:39 697328 ----a-w- c:\windows\system32\drivers\sptd.sys
2010-06-17 13:22 . 2010-06-17 13:21 -------- d-----w- c:\programdata\DAEMON Tools Pro
2010-06-17 13:21 . 2010-06-17 13:21 -------- d-----w- c:\users\claudius\AppData\Roaming\DAEMON Tools Pro
2010-06-16 15:10 . 2009-05-30 12:55 -------- d-----w- c:\program files\EvJOSoft
2010-06-16 15:08 . 2009-12-17 14:14 -------- d-----w- c:\users\claudius\AppData\Roaming\FILEminimizerPictures
2010-06-16 15:04 . 2009-03-23 12:35 -------- d-----w- c:\program files\Common Files\SourceTec
2010-06-16 14:42 . 2010-03-31 12:17 -------- d-----w- c:\program files\SocuSoft Web Video Player
2010-06-16 14:15 . 2010-05-27 19:48 -------- d-----w- c:\users\claudius\AppData\Roaming\IrfanView
2010-06-13 09:57 . 2010-06-13 09:57 591 ----a-w- c:\users\claudius\AppData\Local\GLFFDE0.tmp
2010-06-12 19:07 . 2010-06-12 19:07 673280 ----a-w- c:\windows\is-FJSG9.exe
2010-06-11 14:51 . 2010-06-11 14:51 3055600 ----a-w- c:\users\claudius\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll
2010-06-11 14:36 . 2010-06-11 14:36 275952 ----a-w- c:\users\claudius\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
2010-05-26 17:06 . 2010-06-09 08:29 34304 ----a-w- c:\windows\system32\atmlib.dll
2010-05-26 14:47 . 2010-06-09 08:29 289792 ----a-w- c:\windows\system32\atmfd.dll
2010-05-21 12:14 . 2009-10-03 06:17 221568 ------w- c:\windows\system32\MpSigStub.exe
2010-05-16 11:46 . 2010-05-16 11:46 673280 ----a-w- c:\windows\is-CU65G.exe
2007-02-24 04:28 . 2007-02-24 04:28 8192 --sha-w- c:\windows\Users\Default\NTUSER.DAT
.

((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DummyIconOverlay]
@="{B8A03725-03B9-485F-BB22-E848799D4C2A}"
[HKEY_CLASSES_ROOT\CLSID\{B8A03725-03B9-485F-BB22-E848799D4C2A}]
2010-02-19 18:10 72704 ----a-w- c:\users\claudius\AppData\Local\Votre Opinion\PanelApp\pahelper_1401.2010.0128.1601.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-07-26 3883856]
"Google Update"="c:\users\claudius\AppData\Local\Google\Update\GoogleUpdate.exe" [2009-02-13 133104]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1233920]
"SpywareTerminatorUpdate"="c:\program files\Spyware Terminator\SpywareTerminatorUpdate.exe" [2009-10-04 3055616]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153]
"SpywareTerminator"="c:\program files\Spyware Terminator\SpywareTerminatorShield.exe" [2009-10-04 2171904]
"@OnlineArmor GUI"="c:\program files\Tall Emu\Online Armor\oaui.exe" [2009-11-26 6621384]
"snpstd"="c:\windows\vsnpstd.exe" [2004-06-10 286720]
"XtrCtrlExEmotion"="c:\program files\Hercules\Dualpix Emotion\XtrCtrlEx.exe" [2009-10-19 3261736]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-12-21 35760]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2009-12-11 948672]
"DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2010-06-03 1144104]
"avast5"="c:\progra~1\ALWILS~1\Avast5\avastUI.exe" [2010-06-28 2837864]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"FilterAdministratorToken"= 1 (0x1)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"EnableShellExecuteHooks"= 1 (0x1)

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{4F07DA45-8170-4859-9B5F-037EF2970034}"= "c:\progra~1\TALLEM~1\ONLINE~1\oaevent.dll" [2009-11-26 923336]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0sasnative32

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKLM\~\startupfolder\C:^Users^claudius^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^K-Meleon Loader.lnk]
backup=c:\windows\pss\K-Meleon Loader.lnk.Startup
backupExtension=.Startup
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LowerCaseSwitcher

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
2009-07-26 14:44 3883856 ----a-w- c:\program files\Windows Live\Messenger\msnmsgr.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PanelApp]
2009-12-30 10:03 31232 ----a-w- c:\users\claudius\AppData\Local\Votre Opinion\PanelApp\PanelApp.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SeaMonkey Quick Launch]
2008-07-02 17:45 106496 ----a-w- c:\program files\mozilla.org\SeaMonkey\seamonkey.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpywareTerminatorUpdate]
2009-10-04 00:13 3055616 ----a-w- c:\program files\Spyware Terminator\SpywareTerminatorUpdate.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2010-05-14 09:44 248552 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"Google Update"="c:\users\claudius\AppData\Local\Google\Update\GoogleUpdate.exe" /c

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"FirewallOverride"=dword:00000001
"VistaSp2"=hex(b):43,fb,82,07,2d,39,ca,01

R0 Lbd;Lbd;c:\windows\system32\DRIVERS\Lbd.sys [x]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 SCRCAMHRDRV;ScreenCamera HR;c:\windows\system32\DRIVERS\SCRCAMHRDRV.sys [2009-03-27 234304]
R3 DrmRAudio;DrmRAudio;c:\windows\system32\drivers\DrmRAudio.sys [2009-07-15 23096]
R3 epmntdrv;epmntdrv;c:\windows\system32\epmntdrv.sys [2010-02-23 14216]
R3 EuGdiDrv;EuGdiDrv;c:\windows\system32\EuGdiDrv.sys [2010-02-23 8456]
R3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\DRIVERS\MpNWMon.sys [2009-06-18 42480]
R3 PanelSvc;PanelSvc;c:\program files\Votre Opinion\PanelApp\PanelSvc.exe [2009-12-30 91136]
R3 WPFFontCache_v0400;Cache de police de Windows Presentation Foundation 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
R3 WsAudioDevice_383;WsAudioDevice_383;c:\windows\system32\drivers\WsAudioDevice_383.sys [2008-11-19 16640]
R4 sptd;sptd;c:\windows\system32\Drivers\sptd.sys [2010-06-17 697328]
S1 aswSP;aswSP; [x]
S1 OADevice;OADriver;c:\windows\system32\drivers\OADriver.sys [2009-11-25 221264]
S1 OAmon;OAmon;c:\windows\system32\drivers\OAmon.sys [2009-11-25 24656]
S1 sp_rsdrv2;Spyware Terminator Driver 2;c:\windows\system32\drivers\sp_rsdrv2.sys [2009-10-04 142592]
S2 AntiVirSchedulerService;Avira AntiVir Planificateur;c:\program files\Avira\AntiVir Desktop\sched.exe [2009-07-13 108289]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2010-06-28 50256]
S2 OAcat;Online Armor Helper Service;c:\program files\Tall Emu\Online Armor\OAcat.exe [2009-11-26 1282248]
S2 olMntrService;olMntrService;c:\program files\Olivetti\ANY_WAY\olMntrService.exe [2006-09-22 86016]
S2 SvcOnlineArmor;Online Armor;c:\program files\Tall Emu\Online Armor\oasrv.exe [2009-11-26 3291848]
S2 TeamViewer5;TeamViewer 5;c:\program files\TeamViewer\Version5\TeamViewer_Service.exe [2010-07-06 173352]
S3 hxctlflt;hxctlflt;c:\windows\system32\Drivers\hxctlflt.sys [2009-02-08 99968]
S3 OAnet;OnlineArmor Service;c:\windows\system32\DRIVERS\oanet.sys [2009-11-25 30800]


[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
getPlusHelper REG_MULTI_SZ getPlusHelper

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
Contenu du dossier 'Tâches planifiées'

2010-08-11 c:\windows\Tasks\GlaryInitialize.job
- c:\program files\Glary Utilities\initialize.exe [2009-02-13 09:14]

2010-08-10 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1486186306-353780486-3863553046-1000Core.job
- c:\users\claudius\AppData\Local\Google\Update\GoogleUpdate.exe [2009-02-13 12:09]

2010-08-11 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1486186306-353780486-3863553046-1000UA.job
- c:\users\claudius\AppData\Local\Google\Update\GoogleUpdate.exe [2009-02-13 12:09]

2010-08-10 c:\windows\Tasks\User_Feed_Synchronization-{59A6C1EF-E44F-4ADC-AB2C-037AF3ED59A0}.job
- c:\windows\system32\msfeedssync.exe [2009-02-17 07:33]
.
.
------- Examen supplémentaire -------
.
uInternet Settings,ProxyOverride = *.local
FF - ProfilePath - c:\users\claudius\AppData\Roaming\Mozilla\Firefox\Profiles\5fqaot2o.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - [Vous devez être inscrit et connecté pour voir ce lien]
FF - component: c:\users\claudius\AppData\Local\Votre Opinion\PanelApp\ff\components\FFoxAddinStub.dll
FF - component: c:\users\claudius\AppData\Roaming\Mozilla\Firefox\Profiles\5fqaot2o.default\extensions\{0b457cAA-602d-484a-8fe7-c1d894a011ba}\platform\WINNT_x86-msvc\components\SSSLauncher.dll
FF - plugin: c:\program files\DivX\DivX Plus Web Player\npdivx32.dll
FF - plugin: c:\program files\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npFoxitReaderPlugin.dll
FF - plugin: c:\program files\Opera\program\plugins\np_gp.dll
FF - plugin: c:\program files\Opera\program\plugins\npFoxitReaderPlugin.dll
FF - plugin: c:\users\claudius\AppData\Local\Google\Update\1.2.183.29\npGoogleOneClick8.dll
FF - plugin: c:\users\claudius\AppData\Roaming\Mozilla\Firefox\Profiles\5fqaot2o.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}\plugins\np_gp.dll
FF - plugin: c:\users\claudius\AppData\Roaming\Mozilla\Firefox\Profiles\5fqaot2o.default\extensions\npfax@microgaming.co.uk\platform\WINNT_x86-msvc\plugins\npfax.dll
FF - plugin: c:\users\claudius\AppData\Roaming\Mozilla\plugins\np-mswmp.dll
FF - plugin: c:\users\claudius\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
FF - plugin: c:\users\claudius\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- PARAMETRES FIREFOX ----
FF - user.js: browser.cache.memory.capacity - 65536
FF - user.js: browser.chrome.favicons - fales
FF - user.js: browser.display.show_image_placeholders - true
FF - user.js: browser.turbo.enabled - true
FF - user.js: browser.urlbar.autocomplete.enabled - true
FF - user.js: browser.urlbar.autofill - true
FF - user.js: content.interrupt.parsing - true
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.notify.backoffcount - 5
FF - user.js: content.notify.interval - 600000
FF - user.js: content.notify.ontimer - true
FF - user.js: content.switch.threshold - 600000
FF - user.js: network.http.max-connections - 48
FF - user.js: network.http.max-connections-per-server - 8
FF - user.js: network.http.max-persistent-connections-per-proxy - 16
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: network.http.pipelining - true
FF - user.js: network.http.pipelining.firstrequest - true
FF - user.js: network.http.pipelining.maxrequests - 8
FF - user.js: network.http.proxy.pipelining - true
FF - user.js: network.http.request.max-start-delay - 0
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: plugin.expose_full_path - true
FF - user.js: ui.submenuDelay - 0
FF - user.js: yahoo.homepage.dontask - true
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.lu", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.nu", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.nz", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--p1ai", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbayh7gpa", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.tel", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.proxy.type", 5);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.buffer.cache.count", 24);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.buffer.cache.size", 4096);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("dom.ipc.plugins.timeoutSecs", 45);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("accelerometer.enabled", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.nptest.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npswf32.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npctrl.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npqtplugin.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
.
- - - - ORPHELINS SUPPRIMES - - - -

SafeBoot-MsMpSvc



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, [Vous devez être inscrit et connecté pour voir ce lien]
Rootkit scan 2010-08-11 06:12
Windows 6.0.6002 Service Pack 2 NTFS

Recherche de processus cachés ...

Recherche d'éléments en démarrage automatique cachés ...

Recherche de fichiers cachés ...

Scan terminé avec succès
Fichiers cachés: 0

**************************************************************************
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------

[HKEY_USERS\S-1-5-21-1486186306-353780486-3863553046-1000\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{3152939E-0ECE-DA3A-28DD-D1470560508C}*]
"nabehlakkpkgpfjoclekgploibpo"=hex:6a,61,6f,64,69,67,6a,6d,64,6b,6f,6a,6b,68,
6e,65,67,66,62,65,00,00
"mapjbndfaaghnmebdnpcelnfkp"=hex:6a,61,68,64,6c,66,64,61,65,69,6e,67,70,61,65,
61,62,6d,65,6a,00,00
"hanjhomcdcdjmeoa"=hex:61,62,63,6b,67,63,6c,61,69,63,6e,63,69,6c,67,67,64,6c,
6b,68,66,6b,6d,6f,65,6b,6d,69,65,66,6a,6c,6d,6a,00,77
"hanjhomcgcimoedh"=hex:6f,61,6c,65,65,6e,6a,6d,6e,63,64,61,6e,65,6f,6d,6e,64,
67,6f,62,6c,64,65,6b,6c,6f,6c,69,61,00,6c

[HKEY_USERS\S-1-5-21-1486186306-353780486-3863553046-1000\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{B374082C-497D-F92D-6069-6A0558B44258}*]
"fbakfjekglpjfadopomedfdbkhagckhoapiakhjeffef"=hex:64,62,6b,62,63,6e,6e,6b,69,
70,6e,62,69,6c,63,61,61,67,6e,68,6c,6c,67,6b,69,65,64,65,63,6f,61,62,66,67,\

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
--------------------- DLLs chargées dans les processus actifs ---------------------

- - - - - - - > 'Explorer.exe'(3248)
c:\program files\Tall Emu\Online Armor\OAwatch.dll
.
Heure de fin: 2010-08-11 06:22:31
ComboFix-quarantined-files.txt 2010-08-11 04:22

Avant-CF: 48 471 154 688 octets libres
Après-CF: 48 556 851 200 octets libres

- - End Of File - - B0B626E3FCD3AE78DA4860E229D07FF1

Rapport de ZHPFix v1.12.3133 par Nicolas Coolman, Update du 02/08/2010
Fichier d'export Registre : C:\ZHPExportRegistry-11-08-2010-15-27-32.txt
Run by claudius at 11/08/2010 15:27:32
Web site : [Vous devez être inscrit et connecté pour voir ce lien]
Contact : [Vous devez être inscrit et connecté pour voir ce lien]

========== Elément(s) de donnée du Registre ==========
O69 - SBI: SearchScopes [HKCU] {8A96AF9E-4074-43b7-BEA3-87217BDA74C8} [DefaultScope] - (Web Search) - [Vous devez être inscrit et connecté pour voir ce lien] => Donnée supprimée avec succès


========== Récapitulatif ==========
1 : Elément(s) de donnée du Registre


End of the scan

This log file is located at C:\rkill.log.
Please post this only if requested to by the person helping you.
Otherwise you can close this log when you wish.
Ran as claudius on 11/08/2010 at 20:48:43.


Processes terminated by Rkill or while it was running:


C:\Users\claudius\AppData\Local\Google\Update\1.2.183.29\GoogleCrashHandler.exe
C:\Users\claudius\Desktop\rkill.exe


Rkill completed on 11/08/2010 at 20:51:23.