ComboFix 11-06-17.04 - Accueil 20/06/2011   9:35.1.1 - x86
Microsoft Windows XP dition familiale  5.1.2600.3.1252.33.1036.18.1022.573 [GMT 2:00]
Lanc depuis: c:\documents and settings\Accueil\Mes documents\Tlchargements\ComboFix.exe
AV: BitDefender Antivirus *Disabled/Updated* {6C4BB89C-B0ED-4F41-A29C-4373888923BB}
AV: Microsoft Security Essentials *Disabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}
FW: BitDefender Pare-feu *Disabled* {4055920F-2E99-48A8-A270-4243D2B8F242}
.
.
((((((((((((((((((((((((((((((((((((   Autres suppressions   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\Accueil\Application Data\OfferBox
c:\documents and settings\Accueil\Application Data\OfferBox\config.xml
c:\documents and settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat
c:\documents and settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat
.
----- BITS: Il y a peut-tre des sites infects -----
.
hxxp://au.download.wind
.
(((((((((((((((((((((((((((((   Fichiers crs du 2011-05-20 au 2011-06-20  ))))))))))))))))))))))))))))))))))))
.
.
2011-06-20 06:53 . 2011-06-20 06:53	28752	----a-w-	c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{A17D1298-B997-40B8-BE65-4486E6420C28}\MpKslcbd9cf49.sys
2011-06-19 20:00 . 2011-06-19 20:00	28752	----a-w-	c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{A17D1298-B997-40B8-BE65-4486E6420C28}\MpKsl10eb0043.sys
2011-06-19 19:54 . 2011-06-19 19:54	28752	----a-w-	c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{A17D1298-B997-40B8-BE65-4486E6420C28}\MpKsl5c588189.sys
2011-06-19 18:33 . 2011-06-19 18:33	28752	----a-w-	c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{A17D1298-B997-40B8-BE65-4486E6420C28}\MpKslc40be1ac.sys
2011-06-19 18:27 . 2011-06-19 18:27	28752	----a-w-	c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{A17D1298-B997-40B8-BE65-4486E6420C28}\MpKsl44e955e2.sys
2011-06-19 17:25 . 2011-06-19 17:25	28752	----a-w-	c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{A17D1298-B997-40B8-BE65-4486E6420C28}\MpKsl1383b918.sys
2011-06-19 15:26 . 2011-06-19 15:26	28752	----a-w-	c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{A17D1298-B997-40B8-BE65-4486E6420C28}\MpKsl9a46be98.sys
2011-06-19 15:22 . 2011-06-19 15:22	28752	----a-w-	c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{A17D1298-B997-40B8-BE65-4486E6420C28}\MpKsl7e8ddab9.sys
2011-06-19 14:14 . 2011-06-19 14:14	28752	----a-w-	c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{A17D1298-B997-40B8-BE65-4486E6420C28}\MpKslc3e3c8e0.sys
2011-06-19 14:05 . 2011-06-19 14:05	28752	----a-w-	c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{A17D1298-B997-40B8-BE65-4486E6420C28}\MpKslebb08828.sys
2011-06-19 14:00 . 2011-06-19 14:00	28752	----a-w-	c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{A17D1298-B997-40B8-BE65-4486E6420C28}\MpKsl794763d2.sys
2011-06-19 12:51 . 2011-06-19 15:02	7168	----a-w-	c:\windows\system32\drivers\ute3mjk3.sys
2011-06-19 12:38 . 2011-06-19 12:38	28752	----a-w-	c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{A17D1298-B997-40B8-BE65-4486E6420C28}\MpKsl3cec93f7.sys
2011-06-19 12:34 . 2011-06-19 12:34	28752	----a-w-	c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{A17D1298-B997-40B8-BE65-4486E6420C28}\MpKsl540d26f3.sys
2011-06-19 12:28 . 2011-06-19 12:28	28752	----a-w-	c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{A17D1298-B997-40B8-BE65-4486E6420C28}\MpKsl6b34b7ce.sys
2011-06-19 12:14 . 2011-06-19 12:14	28752	----a-w-	c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{A17D1298-B997-40B8-BE65-4486E6420C28}\MpKslaa770c1e.sys
2011-06-19 12:02 . 2011-06-19 12:02	28752	----a-w-	c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{A17D1298-B997-40B8-BE65-4486E6420C28}\MpKslf402e760.sys
2011-06-19 11:59 . 2011-05-09 11:46	6962000	----a-w-	c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{A17D1298-B997-40B8-BE65-4486E6420C28}\mpengine.dll
2011-06-18 20:47 . 2011-06-18 20:47	565923	----a-w-	c:\windows\system32\bda8B.tmp
2011-06-18 17:17 . 2011-06-18 17:17	--------	d-----w-	c:\documents and settings\Accueil\Application Data\Malwarebytes
2011-06-18 17:17 . 2011-06-18 17:17	--------	d-----w-	c:\documents and settings\All Users\Application Data\Malwarebytes
2011-06-18 17:17 . 2011-06-19 18:27	--------	d-----w-	c:\program files\Malwarebytes' Anti-Malware
2011-06-18 12:53 . 2011-06-18 12:53	--------	d-----w-	c:\documents and settings\Accueil\Local Settings\Application Data\Help
2011-06-18 11:11 . 2011-05-09 11:46	6962000	----a-w-	c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2011-06-17 10:40 . 2010-10-19 20:51	222080	------w-	c:\windows\system32\MpSigStub.exe
2011-06-17 10:00 . 2011-06-17 10:58	2408	----a-w-	c:\windows\system32\ASOROSet.bin
2011-06-17 09:35 . 2011-06-17 09:37	--------	d-----w-	c:\program files\Microsoft Security Client
2011-06-17 09:25 . 2011-06-17 13:36	--------	d-----w-	c:\documents and settings\Accueil\Application Data\Systweak
2011-06-17 09:24 . 2011-05-27 15:51	17280	----a-w-	c:\windows\system32\roboot.exe
2011-06-17 09:23 . 2011-06-17 09:23	--------	d-----w-	c:\documents and settings\All Users\Application Data\{AB2D8F2E-F7AD-4446-A11A-50D846B2CF2A}
2011-06-17 09:19 . 2011-06-17 09:23	--------	dc----w-	c:\documents and settings\All Users\Application Data\~0
2011-06-17 09:18 . 2011-06-17 09:18	--------	d-----w-	c:\documents and settings\Accueil\Local Settings\Application Data\PackageAware
2011-06-16 16:45 . 2011-04-14 16:47	142296	----a-w-	c:\program files\Mozilla Firefox\components\browsercomps.dll
2011-06-16 16:44 . 2011-04-14 16:47	781272	----a-w-	c:\program files\Mozilla Firefox\mozsqlite3.dll
2011-06-16 16:44 . 2011-04-14 16:47	465880	----a-w-	c:\program files\Mozilla Firefox\libGLESv2.dll
2011-06-16 16:44 . 2011-04-14 16:47	1874904	----a-w-	c:\program files\Mozilla Firefox\mozjs.dll
2011-06-16 16:44 . 2011-04-14 16:47	15832	----a-w-	c:\program files\Mozilla Firefox\mozalloc.dll
2011-06-16 16:44 . 2011-04-14 16:47	89048	----a-w-	c:\program files\Mozilla Firefox\libEGL.dll
2011-06-16 16:44 . 2010-01-01 08:00	1892184	----a-w-	c:\program files\Mozilla Firefox\d3dx9_42.dll
2011-06-16 16:44 . 2010-01-01 08:00	1974616	----a-w-	c:\program files\Mozilla Firefox\D3DCompiler_42.dll
2011-06-16 15:31 . 2011-06-16 15:31	--------	d-----w-	c:\documents and settings\Default User\Local Settings\Application Data\Microsoft Help
2011-06-16 13:39 . 2011-06-16 13:39	--------	d-----w-	c:\program files\Microsoft.NET
2011-06-16 13:22 . 2011-06-16 13:22	--------	d-----w-	c:\program files\Microsoft Visual Studio 8
2011-06-16 13:19 . 2011-06-16 13:40	--------	d-----w-	c:\windows\SHELLNEW
2011-06-16 13:19 . 2011-06-16 13:19	--------	d-----w-	c:\documents and settings\Accueil\Local Settings\Application Data\Microsoft Help
2011-06-16 13:18 . 2011-06-16 15:31	--------	d-----w-	c:\documents and settings\All Users\Application Data\Microsoft Help
2011-06-16 13:17 . 2011-06-16 13:17	--------	d-----r-	C:\MSOCache
2011-06-15 19:18 . 2011-06-19 09:08	--------	d-----w-	c:\documents and settings\All Users\Application Data\Skype Extras
2011-06-15 19:17 . 2011-06-15 19:17	--------	d-----w-	c:\program files\Fichiers communs\Skype
2011-06-15 18:38 . 2011-04-21 13:37	105472	-c----w-	c:\windows\system32\dllcache\mup.sys
2011-06-15 18:34 . 2011-06-15 18:39	--------	d-----w-	c:\documents and settings\NetworkService\Local Settings\Application Data\Temp
2011-06-07 10:35 . 2011-06-07 10:35	103864	----a-w-	c:\program files\Mozilla Firefox\plugins\nppdf32.dll
2011-06-07 10:35 . 2011-06-07 10:35	103864	----a-w-	c:\program files\Internet Explorer\Plugins\nppdf32.dll
.
.
.
((((((((((((((((((((((((((((((((((   Compte-rendu de Find3M   ))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-05-02 15:31 . 2010-02-06 14:21	692736	----a-w-	c:\windows\system32\inetcomm.dll
2011-04-29 16:19 . 2006-03-02 12:00	456320	----a-w-	c:\windows\system32\drivers\mrxsmb.sys
2011-04-25 16:06 . 2006-03-02 12:00	916480	----a-w-	c:\windows\system32\wininet.dll
2011-04-25 16:06 . 2006-03-02 12:00	43520	----a-w-	c:\windows\system32\licmgr10.dll
2011-04-25 16:06 . 2006-03-02 12:00	1469440	------w-	c:\windows\system32\inetcpl.cpl
2011-04-25 12:01 . 2006-03-02 12:00	385024	----a-w-	c:\windows\system32\html.iec
2011-04-21 13:37 . 2006-03-02 12:00	105472	----a-w-	c:\windows\system32\drivers\mup.sys
2011-03-28 08:09 . 2011-03-28 08:09	40960	----a-w-	c:\windows\_dsC.tmp
2009-07-31 11:07 . 2010-07-17 13:51	208896	----a-w-	c:\program files\DjVuViewer.exe
2009-07-31 11:07 . 2010-07-17 13:51	372736	----a-w-	c:\program files\djvu0409.dll
2009-07-31 11:07 . 2010-07-17 13:51	667648	----a-w-	c:\program files\DjVuCntl.dll
2009-07-31 11:06 . 2010-07-17 13:51	1654784	----a-w-	c:\program files\npdjvu.dll
2000-12-08 08:42 . 2010-07-17 13:44	2154496	------w-	c:\program files\DjVuSolo.exe
2011-04-14 16:47 . 2011-06-16 16:45	142296	----a-w-	c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((   Points de chargement Reg   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les lments vides & les lments initiaux lgitimes ne sont pas lists 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{9BFBA68E-E21B-458E-AE12-FE85E903D2C1}]
2010-08-31 16:15	257384	----a-w-	c:\program files\AlterGeo\AlterGeo Magic Scanner\2.8.8.615\AlterGeo.BrowserPlugin.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe" [2007-06-27 152872]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2010-02-08 39408]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2010-04-16 3872080]
"WebCallDirect"="c:\program files\WebCallDirect.com\WebCallDirect\WebCallDirect.exe" [2010-12-21 13053240]
"BudgetSip"="c:\program files\BudgetSip.com\BudgetSip\BudgetSip.exe" [2010-11-09 11739440]
"12Voip"="c:\program files\12Voip.com\12Voip\12Voip.exe" [2010-12-18 12898088]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2011-05-26 15147400]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SoundMan"="SOUNDMAN.EXE" [2005-05-17 77824]
"AGRSMMSG"="AGRSMMSG.exe" [2004-06-29 88363]
"NeroFilterCheck"="c:\program files\Fichiers communs\Ahead\Lib\NeroCheck.exe" [2007-03-01 153136]
"InCD"="c:\program files\Ahead\InCD\InCD.exe" [2005-01-03 1385472]
"OpwareSE2"="c:\program files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe" [2003-05-08 49152]
"Lingvo Launcher"="c:\program files\ABBYY Lingvo x3\LvAgent.exe" [2008-07-16 1029408]
"BDAgent"="c:\program files\BitDefender\BitDefender 2010\bdagent.exe" [2011-06-15 1198048]
"BitDefender Antiphishing Helper"="c:\program files\BitDefender\BitDefender 2010\IEShow.exe" [2009-10-19 71152]
"DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2010-09-01 1164584]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-06-08 37296]
"Adobe ARM"="c:\program files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe" [2011-03-30 937920]
"Guard.Mail.ru.gui"="c:\program files\Mail.Ru\Guard\GuardMailRu.exe" [2011-01-28 1041088]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-11-29 421888]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2011-03-01 421160]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2010-11-30 997408]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
c:\documents and settings\Accueil\Menu Dmarrer\Programmes\Dmarrage\
OpenOffice.org 3.1.lnk - c:\program files\OpenOffice.org 3\program\quickstart.exe [2009-4-16 384000]
setup_9.0.0.722_24.02.2010_00-06.lnk - c:\documents and settings\Accueil\Bureau\Virus Removal Tool\setup_9.0.0.722_24.02.2010_00-06\startup.exe [N/A]
_uninst_setup_9.0.0.722_09.01.2011_10-39.exe.lnk - c:\documents and settings\Accueil\Local Settings\Temp\_uninst_setup_9.0.0.722_09.01.2011_10-39.exe.bat [N/A]
_uninst_setup_9.0.0.722_10.12.2010_10-22.exe.lnk - c:\documents and settings\Accueil\Local Settings\Temp\_uninst_setup_9.0.0.722_10.12.2010_10-22.exe.bat [N/A]
_uninst_setup_9.0.0.722_13.09.2010_12-24.exe.lnk - c:\documents and settings\Accueil\Local Settings\Temp\_uninst_setup_9.0.0.722_13.09.2010_12-24.exe.bat [N/A]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\12Voip.com\\12Voip\\12Voip.exe"=
"c:\\Program Files\\NetAppel.com\\NetAppel\\NetAppel.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\VoipZoom.com\\VoipZoom\\VoipZoom.exe"=
"c:\\Program Files\\WebCallDirect.com\\WebCallDirect\\WebCallDirect.exe"=
"c:\\Program Files\\JustVoip.com\\JustVoip\\JustVoip.exe"=
"c:\\Program Files\\BudgetSip.com\\BudgetSip\\BudgetSip.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\Google\\Google Earth\\plugin\\geplugin.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
.
R0 80692522;80692522 Boot Guard Driver;c:\windows\system32\drivers\80692522.sys [09/01/2011 12:21 37392]
R0 83556002;83556002 Boot Guard Driver;c:\windows\system32\drivers\83556002.sys [24/02/2010 01:55 37392]
R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [22/02/2010 22:09 691696]
R1 80692521;80692521;c:\windows\system32\drivers\80692521.sys [09/01/2011 12:21 128016]
R1 83556001;83556001;c:\windows\system32\drivers\83556001.sys [24/02/2010 01:55 128016]
R1 MpKsl1383b918;MpKsl1383b918;c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{A17D1298-B997-40B8-BE65-4486E6420C28}\MpKsl1383b918.sys [19/06/2011 19:25 28752]
R1 MpKsl3cec93f7;MpKsl3cec93f7;c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{A17D1298-B997-40B8-BE65-4486E6420C28}\MpKsl3cec93f7.sys [19/06/2011 14:38 28752]
R1 MpKsl44e955e2;MpKsl44e955e2;c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{A17D1298-B997-40B8-BE65-4486E6420C28}\MpKsl44e955e2.sys [19/06/2011 20:27 28752]
R1 MpKsl540d26f3;MpKsl540d26f3;c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{A17D1298-B997-40B8-BE65-4486E6420C28}\MpKsl540d26f3.sys [19/06/2011 14:34 28752]
R1 MpKsl5c588189;MpKsl5c588189;c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{A17D1298-B997-40B8-BE65-4486E6420C28}\MpKsl5c588189.sys [19/06/2011 21:54 28752]
R1 MpKsl6b34b7ce;MpKsl6b34b7ce;c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{A17D1298-B997-40B8-BE65-4486E6420C28}\MpKsl6b34b7ce.sys [19/06/2011 14:28 28752]
R1 MpKsl794763d2;MpKsl794763d2;c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{A17D1298-B997-40B8-BE65-4486E6420C28}\MpKsl794763d2.sys [19/06/2011 16:00 28752]
R1 MpKsl7e8ddab9;MpKsl7e8ddab9;c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{A17D1298-B997-40B8-BE65-4486E6420C28}\MpKsl7e8ddab9.sys [19/06/2011 17:22 28752]
R1 MpKsl9a46be98;MpKsl9a46be98;c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{A17D1298-B997-40B8-BE65-4486E6420C28}\MpKsl9a46be98.sys [19/06/2011 17:26 28752]
R1 MpKslaa770c1e;MpKslaa770c1e;c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{A17D1298-B997-40B8-BE65-4486E6420C28}\MpKslaa770c1e.sys [19/06/2011 14:14 28752]
R1 MpKslc3e3c8e0;MpKslc3e3c8e0;c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{A17D1298-B997-40B8-BE65-4486E6420C28}\MpKslc3e3c8e0.sys [19/06/2011 16:14 28752]
R1 MpKslc40be1ac;MpKslc40be1ac;c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{A17D1298-B997-40B8-BE65-4486E6420C28}\MpKslc40be1ac.sys [19/06/2011 20:33 28752]
R1 MpKslcbd9cf49;MpKslcbd9cf49;c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{A17D1298-B997-40B8-BE65-4486E6420C28}\MpKslcbd9cf49.sys [20/06/2011 08:53 28752]
R1 MpKslebb08828;MpKslebb08828;c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{A17D1298-B997-40B8-BE65-4486E6420C28}\MpKslebb08828.sys [19/06/2011 16:05 28752]
R1 MpKslf402e760;MpKslf402e760;c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{A17D1298-B997-40B8-BE65-4486E6420C28}\MpKslf402e760.sys [19/06/2011 14:02 28752]
R1 setup_9.0.0.722_24.02.2010_00-06drv;setup_9.0.0.722_24.02.2010_00-06drv;c:\windows\system32\drivers\8355600.sys [24/02/2010 01:55 315408]
R2 ABBYY.Licensing.Lingvo.Desktop.14.0;ABBYY Lingvo x3 Licensing Service;c:\program files\Fichiers communs\ABBYY\Lingvo\14.0\Licensing\NetworkLicenseServer.exe [14/07/2008 18:10 808224]
R2 BDVEDISK;BDVEDISK;c:\program files\BitDefender\BitDefender 2010\bdvedisk.sys [19/01/2010 19:32 85128]
R3 bdfm;BDFM;c:\windows\system32\drivers\bdfm.sys [03/02/2010 13:57 153448]
R3 Bdfndisf;BitDefender Firewall NDIS Filter Service;c:\windows\system32\drivers\bdfndisf.sys [04/01/2010 19:41 111312]
S1 MpKsl108a1ba8;MpKsl108a1ba8;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{285979F1-33F8-4D7A-816D-34E418EFD5C6}\MpKsl108a1ba8.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{285979F1-33F8-4D7A-816D-34E418EFD5C6}\MpKsl108a1ba8.sys [?]
S1 MpKsl10eb0043;MpKsl10eb0043;c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{A17D1298-B997-40B8-BE65-4486E6420C28}\MpKsl10eb0043.sys [19/06/2011 22:00 28752]
S1 MpKsl2e551c5d;MpKsl2e551c5d;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{485683AB-0254-4D32-94F6-FE838D3D6994}\MpKsl2e551c5d.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{485683AB-0254-4D32-94F6-FE838D3D6994}\MpKsl2e551c5d.sys [?]
S1 MpKsl3fd34714;MpKsl3fd34714;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{285979F1-33F8-4D7A-816D-34E418EFD5C6}\MpKsl3fd34714.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{285979F1-33F8-4D7A-816D-34E418EFD5C6}\MpKsl3fd34714.sys [?]
S1 MpKsl5e88d6d7;MpKsl5e88d6d7;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{285979F1-33F8-4D7A-816D-34E418EFD5C6}\MpKsl5e88d6d7.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{285979F1-33F8-4D7A-816D-34E418EFD5C6}\MpKsl5e88d6d7.sys [?]
S1 MpKslb7218639;MpKslb7218639;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{485683AB-0254-4D32-94F6-FE838D3D6994}\MpKslb7218639.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{485683AB-0254-4D32-94F6-FE838D3D6994}\MpKslb7218639.sys [?]
S2 Guard.Mail.ru;Guard.Mail.ru;c:\program files\Mail.Ru\Guard\GuardMailRu.exe [18/12/2010 12:19 1041088]
S2 gupdate;Service Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [10/02/2010 10:50 135664]
S3 Arrakis3;BitDefender Serveur Arrakis;c:\program files\Fichiers communs\BitDefender\BitDefender Arrakis Server\bin\arrakis3.exe [19/10/2009 17:06 183880]
S3 SG760_XP;SAGEM 802.11g XG760 1211 Driver;c:\windows\system32\drivers\WlanUZXP.sys [12/05/2005 17:24 260608]
.
--- Autres Services/Pilotes en mmoire ---
.
*NewlyCreated* - MPKSLCBD9CF49
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bdx	REG_MULTI_SZ   	scan
.
Contenu du dossier 'Tches planifies'
.
2011-03-05 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 10:34]
.
2011-06-20 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-10 08:50]
.
2011-06-19 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-10 08:50]
.
2011-06-20 c:\windows\Tasks\MP Scheduled Scan.job
- c:\program files\Microsoft Security Client\Antimalware\MpCmdRun.exe [2010-11-11 10:26]
.
2011-06-20 c:\windows\Tasks\MpIdleTask.job
- c:\program files\Microsoft Security Client\Antimalware\MpCmdRun.exe [2010-11-11 10:26]
.
.
------- Examen supplmentaire -------
.
uStart Page = about:blank
mStart Page = about:blank
uInternet Settings,ProxyOverride = *.local
IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
IE: Easy-WebPrint Ajouter  la liste d'impressions - c:\program files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
IE: Easy-WebPrint Impression rapide - c:\program files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
IE: Easy-WebPrint Imprimer - c:\program files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
IE: Easy-WebPrint Prvisualiser - c:\program files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll/cmsidewiki.html
IE: Recherche sur eBay - c:\program files\eBay\eBay Toolbar2\eBayTb.dll/RCSearch.html
IE: Translate with ABBYY Lingvo x&3 - c:\program files\ABBYY Lingvo x3\Lingvo.exe/3000
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\documents and settings\Accueil\Application Data\Mozilla\Firefox\Profiles\0e6gdmfa.default\
FF - prefs.js: browser.search.defaulturl - hxxp://go.mail.ru/search?fr=fftb&utf8in&q=
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.orange.fr/portail
FF - prefs.js: keyword.URL - hxxp://go.mail.ru/search?utf8in=1&fr=fftbUFix&q=
FF - user.js: yahoo.homepage.dontask - true
.
- - - - ORPHELINS SUPPRIMES - - - -
.
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
AddRemove-{09FF4DB8-7DE9-4D47-B7DB-915DB7D9A8CA} - c:\documents and settings\All Users\Application Data\{AB2D8F2E-F7AD-4446-A11A-50D846B2CF2A}\bm_installer.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-06-20 09:40
Windows 5.1.2600 Service Pack 3 NTFS
.
Recherche de processus cachs ... 
.
Recherche d'lments en dmarrage automatique cachs ... 
.
Recherche de fichiers cachs ... 
.
Scan termin avec succs
Fichiers cachs: 0
.
**************************************************************************
.
Heure de fin: 2011-06-20  09:42:56
ComboFix-quarantined-files.txt  2011-06-20 07:42
.
Avant-CF: 78530117632 octets libres
Aprs-CF: 78964162560 octets libres
.
WindowsXP-KB310994-SP2-Home-BootDisk-FRA.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP dition familiale" /noexecute=optin /fastdetect
.
- - End Of File - - 002C17754CA627FC6562FBA612661D30
