Rapport de Combofix

pemecou · le 19 août 2010

Bonjour,

Voici le rapport de Combofix. Mon problème: Lorsque je suis sur google et que je clic sur un lien j'ai une page pornographie qui s'ouvre. je voudrais savoir si combofix à réglé le problème et tout les autres virus qui se trouve dans ma machine. Je vous remercie d'avance pour votre aide.

Salutation.

Rapport:

ComboFix 10-08-17.04 - Ountibi 18/08/2010 19:53:28.1.3 - x86

Microsoft Windows 7 Édition Intégrale 6.1.7600.0.1252.33.1036.18.3071.2049 [GMT -3:00]

Lancé depuis: c:\users\Ountibi\Desktop\ComboFix.exe

.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))

.

c:\programdata\api-ms-win-security-lsalookup-l1-1-032.dll

c:\programdata\D3DCompiler_3332.dll

c:\programdata\SysWoW32

c:\programdata\SysWoW32\wu1243529411v0

c:\programdata\unrar.exe

c:\users\Ountibi\AppData\Roaming\020000003a612942973C.manifest

c:\users\Ountibi\AppData\Roaming\020000003a612942973O.manifest

c:\users\Ountibi\AppData\Roaming\020000003a612942973P.manifest

c:\users\Ountibi\AppData\Roaming\020000003a612942973S.manifest

c:\users\Ountibi\AppData\Roaming\Mozilla\Firefox\Profiles\len0b5ya.default\extensions\{e59afa57-5cfe-4220-bac4-1e11829d1339}

c:\users\Ountibi\AppData\Roaming\Mozilla\Firefox\Profiles\len0b5ya.default\extensions\{e59afa57-5cfe-4220-bac4-1e11829d1339}\chrome.manifest

c:\users\Ountibi\AppData\Roaming\Mozilla\Firefox\Profiles\len0b5ya.default\extensions\{e59afa57-5cfe-4220-bac4-1e11829d1339}\chrome\xulcache.jar

c:\users\Ountibi\AppData\Roaming\Mozilla\Firefox\Profiles\len0b5ya.default\extensions\{e59afa57-5cfe-4220-bac4-1e11829d1339}\defaults\preferences\xulcache.js

c:\users\Ountibi\AppData\Roaming\Mozilla\Firefox\Profiles\len0b5ya.default\extensions\{e59afa57-5cfe-4220-bac4-1e11829d1339}\install.rdf

c:\users\Ountibi\AppData\Roaming\SystemProc

c:\users\Pemecou\AppData\Roaming\020000003a612942973C.manifest

c:\users\Pemecou\AppData\Roaming\020000003a612942973O.manifest

c:\users\Pemecou\AppData\Roaming\020000003a612942973P.manifest

c:\users\Pemecou\AppData\Roaming\020000003a612942973S.manifest

c:\users\Pemecou\AppData\Roaming\D4BB.tmp

c:\users\Pemecou\AppData\Roaming\Mozilla\Firefox\Profiles\xu4k7dtj.default\extensions\{e59afa57-5cfe-4220-bac4-1e11829d1339}

c:\users\Pemecou\AppData\Roaming\Mozilla\Firefox\Profiles\xu4k7dtj.default\extensions\{e59afa57-5cfe-4220-bac4-1e11829d1339}\chrome.manifest

c:\users\Pemecou\AppData\Roaming\Mozilla\Firefox\Profiles\xu4k7dtj.default\extensions\{e59afa57-5cfe-4220-bac4-1e11829d1339}\chrome\xulcache.jar

c:\users\Pemecou\AppData\Roaming\Mozilla\Firefox\Profiles\xu4k7dtj.default\extensions\{e59afa57-5cfe-4220-bac4-1e11829d1339}\defaults\preferences\xulcache.js

c:\users\Pemecou\AppData\Roaming\Mozilla\Firefox\Profiles\xu4k7dtj.default\extensions\{e59afa57-5cfe-4220-bac4-1e11829d1339}\install.rdf

c:\users\Pemecou\AppData\Roaming\SystemProc

c:\windows\system32\CERTCLI32.DLL

.

((((((((((((((((((((((((((((( Fichiers créés du 2010-07-18 au 2010-08-18 ))))))))))))))))))))))))))))))))))))

.

2010-08-18 21:47 . 2010-08-18 21:47 340456 ----a-w- c:\programdata\Kaspersky Lab\AVP9\Data\Updater\Temporary Files\rollback\patch\AutoPatches\kav9exec\9.0.0.736\avp.exe

2010-08-18 21:47 . 2010-08-18 21:47 170512 ----a-w- c:\programdata\Kaspersky Lab\AVP9\Data\Updater\Temporary Files\rollback\patch\AutoPatches\kav9exec\9.0.0.736\prloader.dll

2010-08-18 21:47 . 2010-08-18 21:47 170584 ----a-w- c:\programdata\Kaspersky Lab\AVP9\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav9exec\9.0.0.736\prloader.dll

2010-08-18 21:46 . 2010-08-18 21:46 340520 ----a-w- c:\programdata\Kaspersky Lab\AVP9\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav9exec\9.0.0.736\avp.exe

2010-08-17 19:11 . 2010-08-17 19:11 7424 ------w- C:\bootsqm.dat

2010-08-16 03:47 . 2010-08-16 03:47 -------- d-----w- c:\users\Pemecou\AppData\Roaming\ActiveState

2010-08-16 03:17 . 2010-08-16 03:17 -------- d-----w- c:\program files\Common Files\Java

2010-08-16 03:13 . 2010-08-16 21:50 -------- d-----w- c:\users\Ountibi\AppData\Roaming\ActiveState

2010-08-15 18:25 . 2010-08-15 18:25 -------- d-----w- c:\users\Pemecou\AppData\Roaming\KompoZer

2010-08-15 18:23 . 2010-08-15 18:23 -------- d-----w- c:\users\Ountibi\AppData\Roaming\KompoZer

2010-08-12 01:52 . 2010-06-14 06:12 1286016 ----a-w- c:\windows\system32\drivers\tcpip.sys

2010-08-12 01:52 . 2010-07-29 06:30 197632 ----a-w- c:\windows\system32\ir32_32.dll

2010-08-12 01:52 . 2010-07-29 06:30 82944 ----a-w- c:\windows\system32\iccvid.dll

2010-08-12 01:41 . 2010-06-19 06:23 37376 ----a-w- c:\windows\system32\rtutils.dll

2010-08-12 01:28 . 2010-06-08 06:02 1233920 ----a-w- c:\windows\system32\msxml3.dll

2010-08-12 01:28 . 2010-06-22 02:47 310784 ----a-w- c:\windows\system32\drivers\srv.sys

2010-08-12 01:28 . 2010-06-22 02:47 307200 ----a-w- c:\windows\system32\drivers\srv2.sys

2010-08-12 01:28 . 2010-06-22 02:47 113664 ----a-w- c:\windows\system32\drivers\srvnet.sys

2010-07-31 23:17 . 2010-08-04 03:13 -------- d-----w- c:\users\Pemecou\Vide

2010-07-30 02:11 . 2010-07-30 02:11 346112 ----a-w- c:\users\Pemecou\AppData\Roaming\Mozilla\Firefox\Profiles\xu4k7dtj.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\libraries\googletoolbar-ff3.dll

2010-07-30 02:11 . 2010-07-30 02:11 1496064 ----a-w- c:\users\Pemecou\AppData\Roaming\Mozilla\Firefox\Profiles\xu4k7dtj.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\frozen.dll

2010-07-30 02:11 . 2010-07-23 20:22 43008 ----a-w- c:\users\Pemecou\AppData\Roaming\Mozilla\Firefox\Profiles\xu4k7dtj.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\googletoolbarloader.dll

2010-07-30 02:11 . 2010-07-23 20:22 338944 ----a-w- c:\users\Pemecou\AppData\Roaming\Mozilla\Firefox\Profiles\xu4k7dtj.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\libraries\googletoolbar-ff2.dll

2010-07-28 11:43 . 2010-07-28 11:43 -------- d-----w- c:\programdata\578223614

2010-07-25 17:09 . 2010-07-26 00:40 -------- d-----w- c:\users\Pemecou\Shared

2010-07-25 17:09 . 2010-07-26 01:15 -------- d-----w- c:\users\Pemecou\Incomplete

2010-07-25 17:09 . 2010-07-25 21:32 -------- d-----w- c:\users\Pemecou\AppData\Roaming\LimeWire

2010-07-25 15:53 . 2010-07-26 15:12 -------- d-----w- c:\users\Ountibi\Incomplete

2010-07-25 15:53 . 2010-07-25 16:12 -------- d-----w- c:\users\Ountibi\AppData\Roaming\LimeWire

2010-07-25 15:53 . 2010-07-26 15:06 -------- d-----w- c:\users\Ountibi\Shared

2010-07-25 15:52 . 2010-07-25 15:53 -------- d-----w- c:\program files\360Share Pro

2010-07-25 14:20 . 2010-08-16 18:09 -------- d-----w- c:\program files\org.manager

2010-07-23 02:53 . 2010-07-23 02:57 -------- d-----w- c:\users\Pemecou\AppData\Roaming\SmartDraw

2010-07-23 02:52 . 2010-07-23 02:59 -------- d-----w- C:\SmartDraw 2010

2010-07-21 12:27 . 2008-08-21 07:17 453152 ----a-w- c:\windows\system32\nvuninst.exe

2010-07-21 12:27 . 2008-08-24 19:22 14208 ----a-w- c:\windows\system32\drivers\nvsmu.sys

2010-07-21 12:27 . 2008-08-21 07:17 122880 ----a-w- c:\windows\system32\NVCOSMU.DLL

.

(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))

.

2010-08-18 22:36 . 2009-12-19 23:16 -------- d-----w- c:\programdata\Kaspersky Lab

2010-08-18 22:25 . 2009-07-14 08:39 704242 ----a-w- c:\windows\system32\perfh00C.dat

2010-08-18 22:25 . 2009-07-14 08:39 130548 ----a-w- c:\windows\system32\perfc00C.dat

2010-08-16 18:09 . 2009-12-18 20:28 -------- d--h--w- c:\program files\InstallShield Installation Information

2010-08-16 17:49 . 2009-12-25 14:46 -------- d-----w- c:\users\Pemecou\AppData\Roaming\Skype

2010-08-16 11:11 . 2009-12-25 14:48 -------- d-----w- c:\users\Pemecou\AppData\Roaming\skypePM

2010-08-16 03:16 . 2010-06-15 10:46 -------- d-----w- c:\program files\Java

2010-08-12 10:57 . 2009-12-18 19:38 -------- d-----w- c:\programdata\Microsoft Help

2010-08-11 01:47 . 2009-12-30 22:28 -------- d-----w- c:\users\Pemecou\AppData\Roaming\vlc

2010-08-03 10:56 . 2009-12-20 23:18 -------- d-----w- c:\program files\CCleaner

2010-07-29 19:47 . 2009-12-19 23:17 97549 ----a-w- c:\windows\system32\drivers\klick.dat

2010-07-29 19:47 . 2009-12-19 23:17 113933 ----a-w- c:\windows\system32\drivers\klin.dat

2010-07-26 15:04 . 2010-07-26 15:04 0 ----a-w- c:\users\Ountibi\AppData\Roaming\3277.tmp

2010-07-25 17:05 . 2009-12-30 19:47 -------- d-----w- c:\users\Ountibi\AppData\Roaming\vlc

2010-07-25 16:17 . 2010-06-17 05:07 -------- d-----w- c:\program files\EDraw Max

2010-07-21 14:25 . 2010-02-25 22:34 -------- d-----w- c:\programdata\NVIDIA

2010-07-17 16:54 . 2009-12-30 23:23 -------- d-----w- c:\users\Pemecou\AppData\Roaming\dvdcss

2010-07-17 08:00 . 2010-06-15 10:46 423656 ----a-w- c:\windows\system32\deployJava1.dll

2010-07-09 18:57 . 2010-07-09 18:57 -------- d-----w- c:\users\Pemecou\AppData\Roaming\Macrovision

2010-07-07 15:29 . 2009-12-18 13:01 86504 ----a-w- c:\users\Ountibi\AppData\Local\GDIPFONTCACHEV1.DAT

2010-07-01 22:27 . 2009-12-22 11:26 86504 ----a-w- c:\users\Pemecou\AppData\Local\GDIPFONTCACHEV1.DAT

2010-07-01 22:23 . 2009-12-18 19:41 -------- d-----w- c:\program files\Microsoft Works

2010-07-01 22:23 . 2009-07-14 04:52 -------- d-----w- c:\program files\MSBuild

2010-07-01 16:52 . 2010-07-18 04:45 1496064 ----a-w- c:\users\Ountibi\AppData\Roaming\Mozilla\Firefox\Profiles\len0b5ya.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\frozen.dll

2010-07-01 16:51 . 2010-07-18 04:45 43008 ----a-w- c:\users\Ountibi\AppData\Roaming\Mozilla\Firefox\Profiles\len0b5ya.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\googletoolbarloader.dll

2010-07-01 16:51 . 2010-07-18 04:45 338944 ----a-w- c:\users\Ountibi\AppData\Roaming\Mozilla\Firefox\Profiles\len0b5ya.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\libraries\googletoolbar-ff2.dll

2010-07-01 16:51 . 2010-07-18 04:45 346112 ----a-w- c:\users\Ountibi\AppData\Roaming\Mozilla\Firefox\Profiles\len0b5ya.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\libraries\googletoolbar-ff3.dll

2010-06-30 06:25 . 2010-08-11 22:15 978432 ----a-w- c:\windows\system32\wininet.dll

2010-06-23 23:07 . 2009-12-18 19:40 -------- d-----w- c:\program files\Microsoft.NET

2010-06-19 06:33 . 2010-08-11 22:15 3955080 ----a-w- c:\windows\system32\ntkrnlpa.exe

2010-06-19 06:33 . 2010-08-11 22:15 3899784 ----a-w- c:\windows\system32\ntoskrnl.exe

2010-06-19 04:07 . 2010-08-11 22:15 2326016 ----a-w- c:\windows\system32\win32k.sys

2010-06-16 05:48 . 2010-08-11 22:15 224256 ----a-w- c:\windows\system32\schannel.dll

2010-06-15 12:23 . 2010-06-15 12:23 133720 ----a-w- c:\programdata\Kaspersky Lab\AVP9\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav9exec\9.0.0.736\mmpprtc.dll

2010-05-27 07:24 . 2010-06-15 09:48 34304 ----a-w- c:\windows\system32\atmlib.dll

2010-05-27 03:49 . 2010-06-15 09:48 293888 ----a-w- c:\windows\system32\atmfd.dll

2010-05-21 17:14 . 2009-12-18 21:54 221568 ------w- c:\windows\system32\MpSigStub.exe

2009-06-10 21:26 . 2009-07-14 02:04 9633792 --sha-r- c:\windows\Fonts\StaticCache.dat

2009-07-14 01:14 . 2009-07-13 23:42 396800 --sha-w- c:\windows\winsxs\x86_microsoft-windows-mail-app_31bf3856ad364e35_6.1.7600.16385_none_f12e83abb108c86c\WinMail.exe

.

((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))

.

*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-07-14 1173504]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"SSBkgdUpdate"="c:\program files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2003-10-14 155648]

"AVP"="c:\program files\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe" [2010-08-18 340520]

"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-06-20 35760]

"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-06-09 976832]

"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"Welcome Center"="c:\windows\system32\OobeFldr.dll" [2009-10-26 859648]

"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-07-14 1173504]

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\

Little transparency.exe [2009-9-9 402263]

RocketDock.lnk - c:\program files\RocketDock\RocketDock.exe [2009-10-28 495616]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorUser"= 0 (0x0)

"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]

"NoResolveTrack"= 1 (0x1)

"NoSMBalloonTip"= 1 (0x1)

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]

Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]

2010-06-09 08:06 976832 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]

2010-06-20 02:04 35760 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IndexSearch]

2004-03-10 14:39 40960 ----a-w- c:\program files\ScanSoft\PaperPort\IndexSearch.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Nuance OmniPage 17-reminder]

2008-11-03 14:02 54560 ----a-w- c:\program files\Nuance\OmniPage17\Ereg\Ereg.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PaperPort PTD]

2004-03-10 14:20 57393 ----a-w- c:\program files\ScanSoft\PaperPort\pptd40nt.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PDF5 Registry Controller]

2008-12-13 06:27 58656 ----a-w- c:\program files\Nuance\PDF Create 5\RegistryController.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PDFHook]

2009-04-10 12:52 1277952 ----a-w- c:\program files\Nuance\PDF Create 5\PdfCreate5Hook.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]

2009-10-09 16:11 25623336 ----a-r- c:\program files\Skype\Phone\Skype.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]

"DisableMonitoring"=dword:00000001

R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]

R2 gupdate1ca98429a3e2d30;Google Update Service (gupdate1ca98429a3e2d30);c:\program files\Google\Update\GoogleUpdate.exe [2010-01-18 135664]

R3 KMWDFILTERx86;HIDServiceDesc;c:\windows\system32\DRIVERS\KMWDFILTER.sys [2009-04-29 25088]

R3 WatAdminSvc;Service Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe [2010-02-25 1343400]

R4 sptd;sptd;c:\windows\system32\Drivers\sptd.sys [2009-12-18 722416]

S0 klbg;Kaspersky Lab Boot Guard Driver;c:\windows\system32\drivers\klbg.sys [2009-10-14 36880]

S1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;c:\windows\system32\DRIVERS\klim6.sys [2009-09-14 21520]

S3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\DRIVERS\klmouflt.sys [2009-10-02 19472]

.

Contenu du dossier 'Tâches planifiées'

2010-08-18 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files\Google\Update\GoogleUpdate.exe [2010-01-18 22:05]

2010-08-18 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files\Google\Update\GoogleUpdate.exe [2010-01-18 22:05]

.

------- Examen supplémentaire -------

.

uStart Page = hxxp://www.google.fr/

IE: Ajouter au fichier PDF existant - c:\program files\Nuance\PDF Create 5\Bin\ZeonIEFavClient.dll/ZeonIEAppend.HTML

IE: Ajouter le contenu des liens sélectionnés à un fichier PDF existant - c:\program files\Nuance\PDF Create 5\Bin\ZeonIEFavClient.dll/ZeonIEAppendSelLinks.HTML

IE: Ajouter le contenu du lien à un fichier PDF existant - c:\program files\Nuance\PDF Create 5\Bin\ZeonIEFavClient.dll/ZeonIEAppend.HTML

IE: Créer des fichiers PDF à partir des liens sélectionnés - c:\program files\Nuance\PDF Create 5\Bin\ZeonIEFavClient.dll/ZeonIECaptureSelLinks.HTML

IE: Créer fichier PDF - c:\program files\Nuance\PDF Create 5\Bin\ZeonIEFavClient.dll/ZeonIECapture.HTML

IE: Créer un fichier PDF depuis le contenu du lien - c:\program files\Nuance\PDF Create 5\Bin\ZeonIEFavClient.dll/ZeonIECapture.HTML

IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000

FF - ProfilePath - c:\users\Ountibi\AppData\Roaming\Mozilla\Firefox\Profiles\len0b5ya.default\

FF - prefs.js: browser.startup.homepage - hxxp://www.google.fr/

FF - component: c:\program files\Mozilla Firefox\extensions\{B13721C7-F507-4982-B2E5-502A71474FED}\components\NPComponent.dll

FF - component: c:\program files\Mozilla Firefox\extensions\linkfilter@kaspersky.ru\components\KavLinkFilter.dll

FF - component: c:\users\Ountibi\AppData\Roaming\Mozilla\Firefox\Profiles\len0b5ya.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\frozen.dll

FF - plugin: c:\program files\Google\Google Earth\plugin\npgeplugin.dll

FF - plugin: c:\program files\Google\Update\1.2.183.29\npGoogleOneClick8.dll

FF - plugin: c:\program files\Java\jre6\bin\new_plugin\npdeployJava1.dll

FF - plugin: c:\program files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll

FF - plugin: c:\program files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll

FF - plugin: c:\program files\Microsoft\Office Live\npOLW.dll

FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll

---- PARAMETRES FIREFOX ----

c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);

c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.lu", true);

c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.nu", true);

c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.nz", true);

c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);

c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--p1ai", true);

c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbayh7gpa", true);

c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.tel", true);

c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);

c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.proxy.type", 5);

c:\program files\Mozilla Firefox\greprefs\all.js - pref("dom.ipc.plugins.timeoutSecs", 45);

c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);

c:\program files\Mozilla Firefox\greprefs\all.js - pref("accelerometer.enabled", true);

c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);

c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "" );

c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);

c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);

c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties" );

c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties" );

c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);

c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.nptest.dll", true);

c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npswf32.dll", true);

c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npctrl.dll", true);

c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npqtplugin.dll", true);

c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);

.

- - - - ORPHELINS SUPPRIMES - - - -

BHO-{0DAF3CE5-E984-4CAD-AA4D-65D325D74583} - c:\windows\system32\certcli32.dll

HKCU-Run-OpAgent - OpAgent.exe

.

--------------------- CLES DE REGISTRE BLOQUEES ---------------------

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

Heure de fin: 2010-08-18 20:04:06

ComboFix-quarantined-files.txt 2010-08-18 23:04

Avant-CF: 82 186 256 384 octets libres

Après-CF: 82 955 812 864 octets libres

- - End Of File - - 917076C597B70D1AC9ED85EC4E964D65

Connexion

Pas encore inscrit ?

Rapport de Combofix

Messages recommandés

pemecou

Rejoindre la conversation

En ligne récemment 0 membre est en ligne

Zebulon

Outils en ligne

Naviguer