Vundo 4

Bonjour voici comme vous me l'avez demandé le rapport de combofix

ComboFix 11-05-11.01 - Guy 11/05/2011 20:30:06.3.2 - x86
Microsoft Windows XP Édition familiale 5.1.2600.3.1252.33.1036.18.2030.950 [GMT -4:00]
Lancé depuis: c:\documents and settings\Guy\Mes documents\Téléchargements\guy.exe.exe
AV: Services de sécurité Internet de Bell Antivirus *Disabled/Updated* {5B5A3BD7-8573-4672-AEA8-C9BB713B6755}
FW: Services de sécurité Internet de Bell Coupe-feu *Disabled* {80593BF4-D969-4EC5-ADAE-A22F2DFC7A22}
.
.
((((((((((((((((((((((((((((( Fichiers créés du 2011-04-12 au 2011-05-12 ))))))))))))))))))))))))))))))))))))
.
.
2011-05-11 18:47 . 2011-05-11 18:48 -------- dc-h--w- c:\windows\ie8
2011-05-11 18:28 . 1998-11-13 15:54 306688 ----a-w- c:\windows\IsUn0404.exe
2011-05-09 00:00 . 2011-05-09 00:02 -------- d-----w- c:\program files\Toolbar Uninstaller
2011-05-08 23:57 . 2011-05-08 23:57 -------- d-----w- c:\documents and settings\Guy\Local Settings\Application Data\Softonic_France
2011-04-29 18:43 . 2011-04-14 16:47 142296 ----a-w- c:\program files\Mozilla Firefox\components\browsercomps.dll
2011-04-29 18:43 . 2011-04-14 16:47 89048 ----a-w- c:\program files\Mozilla Firefox\libEGL.dll
2011-04-29 18:43 . 2011-04-14 16:47 781272 ----a-w- c:\program files\Mozilla Firefox\mozsqlite3.dll
2011-04-29 18:43 . 2011-04-14 16:47 465880 ----a-w- c:\program files\Mozilla Firefox\libGLESv2.dll
2011-04-29 18:43 . 2011-04-14 16:47 1874904 ----a-w- c:\program files\Mozilla Firefox\mozjs.dll
2011-04-29 18:43 . 2011-04-14 16:47 15832 ----a-w- c:\program files\Mozilla Firefox\mozalloc.dll
2011-04-29 18:43 . 2010-01-01 08:00 1974616 ----a-w- c:\program files\Mozilla Firefox\D3DCompiler_42.dll
2011-04-29 18:43 . 2010-01-01 08:00 1892184 ----a-w- c:\program files\Mozilla Firefox\d3dx9_42.dll
2011-04-24 22:26 . 2011-04-24 22:26 -------- d-----w- c:\documents and settings\Guy\Application Data\SUPERAntiSpyware.com
2011-04-24 22:26 . 2011-04-24 22:26 -------- d-----w- c:\documents and settings\All Users\Application Data\SUPERAntiSpyware.com
2011-04-24 22:26 . 2011-05-11 16:15 -------- d-----w- c:\program files\SUPERAntiSpyware
2011-04-23 04:24 . 2011-04-23 04:24 -------- d-----w- c:\program files\Fichiers communs\Java
2011-04-23 04:24 . 2011-04-23 04:23 73728 ----a-w- c:\windows\system32\javacpl.cpl
2011-04-23 04:22 . 2011-04-23 04:22 7118 ----a-w- c:\windows\system32\PerfStringBackup.TMP
2011-04-23 04:15 . 2011-04-23 04:15 -------- d-----w- c:\windows\system32\wbem\Repository
2011-04-23 03:31 . 2011-04-23 04:15 -------- d-----w- c:\program files\Windows Installer Clean Up
2011-04-18 22:36 . 2011-04-18 22:36 -------- d-----w- c:\program files\iPod
2011-04-18 22:33 . 2011-04-18 22:33 -------- d-----w- c:\program files\Bonjour
2011-04-16 13:18 . 2011-04-18 01:10 -------- d-----w- c:\program files\PokerStars
2011-04-14 07:39 . 2011-04-14 07:39 103864 ----a-w- c:\program files\Mozilla Firefox\plugins\nppdf32.dll
2011-04-14 07:39 . 2011-04-14 07:39 103864 ----a-w- c:\program files\Internet Explorer\Plugins\nppdf32.dll
2011-04-14 07:15 . 2011-04-14 07:15 -------- d-----w- c:\program files\Microprose
2011-04-14 07:15 . 2000-01-04 10:39 212992 ----a-w- c:\program files\Fichiers communs\InstallShield\Engine\6\Intel 32\ILog.dll
.
.
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-05-11 18:43 . 2010-11-04 02:29 86576 ----a-w- c:\documents and settings\Guy\Application Data\Microsoft\Services Windows Live\Raccourci Galerie de Photos Windows Live.exe
2011-05-11 18:43 . 2010-11-04 02:29 132672 ----a-w- c:\documents and settings\Guy\Application Data\Microsoft\Services Windows Live\Raccourci Windows Live Messenger.exe
2011-05-11 18:43 . 2010-11-04 02:29 392728 ----a-w- c:\documents and settings\Guy\Application Data\Microsoft\Services Windows Live\Services Windows Live.dll
2011-04-23 04:23 . 2010-06-10 18:44 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-04-06 20:20 . 2011-04-06 20:20 91424 ----a-w- c:\windows\system32\dnssd.dll
2011-04-06 20:20 . 2011-04-06 20:20 75040 ----a-w- c:\windows\system32\jdns_sd.dll
2011-04-06 20:20 . 2011-04-06 20:20 197920 ----a-w- c:\windows\system32\dnssdX.dll
2011-04-06 20:20 . 2011-04-06 20:20 107808 ----a-w- c:\windows\system32\dns-sd.exe
2011-03-16 00:23 . 2011-03-16 00:23 97280 ----a-r- c:\documents and settings\Guy\Application Data\Microsoft\Installer\{A474EA56-5DBD-4181-8230-806A4762EA7F}\IconA474EA561.exe
2011-03-07 05:33 . 2010-03-25 03:45 692736 ----a-w- c:\windows\system32\inetcomm.dll
2011-03-05 17:39 . 2011-03-05 17:39 323624 ----a-w- c:\windows\system32\wiaaut.dll
2011-03-03 13:53 . 2006-03-02 12:00 1858048 ----a-w- c:\windows\system32\win32k.sys
2011-02-28 20:15 . 2011-02-28 20:15 53192 ----a-w- c:\windows\system32\drivers\rp_skt32.sys
2011-02-28 20:15 . 2011-02-28 20:15 48384 ----a-w- c:\windows\system32\drivers\rp_pkt32.sys
2011-02-22 23:05 . 2006-03-02 12:00 916480 ----a-w- c:\windows\system32\wininet.dll
2011-02-22 23:05 . 2006-03-02 12:00 43520 ------w- c:\windows\system32\licmgr10.dll
2011-02-22 23:05 . 2006-03-02 12:00 1469440 ------w- c:\windows\system32\inetcpl.cpl
2011-02-22 11:42 . 2006-03-02 12:00 385024 ------w- c:\windows\system32\html.iec
2011-02-18 20:36 . 2010-03-25 22:56 41984 ----a-w- c:\windows\system32\drivers\usbaapl.sys
2011-02-18 20:36 . 2010-03-25 22:56 4184352 ----a-w- c:\windows\system32\usbaaplrc.dll
2011-02-17 13:18 . 2006-03-02 12:00 455936 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2011-02-17 13:18 . 2006-03-02 12:00 357888 ----a-w- c:\windows\system32\drivers\srv.sys
2011-02-17 12:54 . 2008-05-05 12:25 5632 ----a-w- c:\windows\system32\xpsp4res.dll
2011-02-15 12:56 . 2006-03-02 12:00 290432 ----a-w- c:\windows\system32\atmfd.dll
2011-02-11 14:44 . 2008-04-14 02:34 239104 ----a-w- c:\windows\system32\fxscover.exe
2010-11-02 01:41 . 2010-11-02 00:35 463152 ----a-w- c:\program files\SETUP.EXE;1
2011-04-14 16:47 . 2011-04-29 18:43 142296 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((( SnapShot_2011-05-09_00.21.40 )))))))))))))))))))))))))))))))))))))))))
.
+ 2011-05-11 18:58 . 2011-05-11 18:58 16384 c:\windows\Temp\Perflib_Perfdata_8a0.dat
+ 2006-03-02 12:00 . 2009-03-08 08:31 46592 c:\windows\system32\pngfilt.dll
+ 2006-03-02 12:00 . 2009-03-08 08:31 48128 c:\windows\system32\mshtmler.dll
+ 2006-03-02 12:00 . 2011-02-22 23:05 66560 c:\windows\system32\mshtmled.dll
+ 2006-03-02 12:00 . 2009-03-08 08:31 45568 c:\windows\system32\mshta.exe
+ 2009-03-08 08:31 . 2009-03-08 08:31 13312 c:\windows\system32\msfeedssync.exe
+ 2009-03-08 08:31 . 2011-02-22 23:05 55296 c:\windows\system32\msfeedsbs.dll
+ 2006-03-02 12:00 . 2011-02-22 23:05 25600 c:\windows\system32\jsproxy.dll
+ 2006-03-02 12:00 . 2009-03-08 08:32 94720 c:\windows\system32\inseng.dll
+ 2006-03-02 12:00 . 2009-03-08 08:31 34816 c:\windows\system32\imgutil.dll
+ 2006-03-02 12:00 . 2009-03-08 08:32 71680 c:\windows\system32\iesetup.dll
+ 2006-03-02 12:00 . 2009-03-08 08:32 55808 c:\windows\system32\iernonce.dll
+ 2009-03-08 08:31 . 2009-03-08 08:31 59904 c:\windows\system32\icardie.dll
- 2010-03-25 05:29 . 2010-12-20 23:53 12800 c:\windows\system32\dllcache\xpshims.dll
+ 2010-03-25 05:29 . 2011-02-22 23:05 12800 c:\windows\system32\dllcache\xpshims.dll
+ 2006-03-02 12:00 . 2009-03-08 08:31 46592 c:\windows\system32\dllcache\pngfilt.dll
+ 2006-03-02 12:00 . 2009-03-08 08:31 48128 c:\windows\system32\dllcache\mshtmler.dll
+ 2006-03-02 12:00 . 2011-02-22 23:05 66560 c:\windows\system32\dllcache\mshtmled.dll
+ 2006-03-02 12:00 . 2009-03-08 08:31 45568 c:\windows\system32\dllcache\mshta.exe
+ 2010-03-25 05:29 . 2011-02-22 23:05 55296 c:\windows\system32\dllcache\msfeedsbs.dll
- 2010-03-25 05:29 . 2010-12-20 23:53 55296 c:\windows\system32\dllcache\msfeedsbs.dll
+ 2006-03-02 12:00 . 2011-02-22 23:05 43520 c:\windows\system32\dllcache\licmgr10.dll
+ 2006-03-02 12:00 . 2011-02-22 23:05 25600 c:\windows\system32\dllcache\jsproxy.dll
+ 2006-03-02 12:00 . 2009-03-08 08:32 94720 c:\windows\system32\dllcache\inseng.dll
+ 2006-03-02 12:00 . 2009-03-08 08:31 34816 c:\windows\system32\dllcache\imgutil.dll
+ 2006-03-02 12:00 . 2009-03-08 08:32 71680 c:\windows\system32\dllcache\iesetup.dll
+ 2006-03-02 12:00 . 2009-03-08 08:32 55808 c:\windows\system32\dllcache\iernonce.dll
+ 2010-03-25 03:45 . 2009-03-08 08:24 68608 c:\windows\system32\dllcache\hmmapi.dll
+ 2006-03-02 12:00 . 2009-03-08 08:33 18944 c:\windows\system32\dllcache\corpol.dll
+ 2006-03-02 12:00 . 2009-03-08 08:32 72704 c:\windows\system32\dllcache\admparse.dll
+ 2006-03-02 12:00 . 2009-03-08 08:33 18944 c:\windows\system32\corpol.dll
+ 2006-03-02 12:00 . 2009-03-08 08:32 72704 c:\windows\system32\admparse.dll
+ 2010-11-08 20:20 . 2011-05-11 15:52 35088 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\oisicon.exe
- 2010-11-08 20:20 . 2011-04-15 07:19 35088 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\oisicon.exe
- 2010-11-08 20:20 . 2011-04-15 07:19 18704 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\mspicons.exe
+ 2010-11-08 20:20 . 2011-05-11 15:52 18704 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\mspicons.exe
+ 2010-11-08 20:20 . 2011-05-11 15:52 20240 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\cagicon.exe
- 2010-11-08 20:20 . 2011-04-15 07:19 20240 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\cagicon.exe
+ 2011-05-11 18:49 . 2009-03-08 08:33 12288 c:\windows\ie8updates\KB982381-IE8\xpshims.dll
+ 2011-05-11 18:49 . 2008-07-08 13:03 18296 c:\windows\ie8updates\KB982381-IE8\spmsg.dll
+ 2011-05-11 18:49 . 2008-07-08 13:03 26488 c:\windows\ie8updates\KB982381-IE8\spcustom.dll
+ 2011-05-11 18:49 . 2009-03-08 08:31 55296 c:\windows\ie8updates\KB982381-IE8\msfeedsbs.dll
+ 2011-05-11 18:49 . 2009-03-08 08:33 25600 c:\windows\ie8updates\KB982381-IE8\jsproxy.dll
+ 2011-05-11 18:50 . 2010-12-20 23:53 12800 c:\windows\ie8updates\KB2497640-IE8\xpshims.dll
+ 2011-05-11 18:50 . 2010-12-20 23:53 66560 c:\windows\ie8updates\KB2497640-IE8\mshtmled.dll
+ 2011-05-11 18:50 . 2010-12-20 23:53 55296 c:\windows\ie8updates\KB2497640-IE8\msfeedsbs.dll
+ 2011-05-11 18:50 . 2010-12-20 23:53 43520 c:\windows\ie8updates\KB2497640-IE8\licmgr10.dll
+ 2011-05-11 18:50 . 2010-12-20 23:53 25600 c:\windows\ie8updates\KB2497640-IE8\jsproxy.dll
+ 2011-05-11 18:50 . 2010-05-06 10:33 12800 c:\windows\ie8updates\KB2482017-IE8\xpshims.dll
+ 2011-05-11 18:50 . 2010-07-05 13:17 18296 c:\windows\ie8updates\KB2482017-IE8\spmsg.dll
+ 2011-05-11 18:50 . 2010-07-05 13:17 26488 c:\windows\ie8updates\KB2482017-IE8\spcustom.dll
+ 2011-05-11 18:50 . 2009-03-08 08:31 66560 c:\windows\ie8updates\KB2482017-IE8\mshtmled.dll
+ 2011-05-11 18:50 . 2010-05-06 10:33 55296 c:\windows\ie8updates\KB2482017-IE8\msfeedsbs.dll
+ 2011-05-11 18:50 . 2009-03-08 08:34 43008 c:\windows\ie8updates\KB2482017-IE8\licmgr10.dll
+ 2011-05-11 18:50 . 2010-05-06 10:33 25600 c:\windows\ie8updates\KB2482017-IE8\jsproxy.dll
+ 2011-05-11 18:47 . 2006-03-02 12:00 37888 c:\windows\ie8\url.dll
+ 2011-05-11 18:47 . 2009-03-08 20:14 58448 c:\windows\ie8\spuninst\iecustom.dll
+ 2011-05-11 18:47 . 2009-12-22 05:41 39424 c:\windows\ie8\pngfilt.dll
+ 2011-05-11 18:47 . 2006-03-02 12:00 97280 c:\windows\ie8\occache.dll
+ 2011-05-11 18:47 . 2006-03-02 12:00 57344 c:\windows\ie8\mshtmler.dll
+ 2011-05-11 18:47 . 2006-03-02 12:00 29184 c:\windows\ie8\mshta.exe
+ 2011-05-11 18:47 . 2006-03-02 12:00 22528 c:\windows\ie8\licmgr10.dll
+ 2011-05-11 18:47 . 2009-12-22 05:41 16384 c:\windows\ie8\jsproxy.dll
+ 2011-05-11 18:47 . 2009-12-22 05:41 96768 c:\windows\ie8\inseng.dll
+ 2011-05-11 18:47 . 2006-03-02 12:00 35840 c:\windows\ie8\imgutil.dll
+ 2011-05-11 18:47 . 2006-03-02 12:00 93184 c:\windows\ie8\iexplore.exe
+ 2011-05-11 18:47 . 2006-03-02 12:00 63488 c:\windows\ie8\iesetup.dll
+ 2011-05-11 18:47 . 2006-03-02 12:00 49152 c:\windows\ie8\iernonce.dll
+ 2011-05-11 18:47 . 2010-04-16 16:07 81920 c:\windows\ie8\ieencode.dll
+ 2011-05-11 18:47 . 2006-03-02 12:00 34304 c:\windows\ie8\ie4uinit.exe
+ 2011-05-11 18:47 . 2006-03-02 12:00 38912 c:\windows\ie8\hmmapi.dll
+ 2011-05-11 18:47 . 2006-03-02 12:00 35328 c:\windows\ie8\corpol.dll
+ 2011-05-11 18:47 . 2006-03-02 12:00 61440 c:\windows\ie8\admparse.dll
+ 2010-03-25 05:29 . 2010-10-18 11:10 7680 c:\windows\system32\dllcache\iecompat.dll
+ 2011-05-11 18:49 . 2009-03-08 08:35 2048 c:\windows\ie8updates\KB2447568-IE8\iecompat.dll
+ 2009-03-08 08:34 . 2009-03-08 08:34 208384 c:\windows\system32\WinFXDocObj.exe
+ 2006-03-02 12:00 . 2009-03-08 08:34 236544 c:\windows\system32\webcheck.dll
+ 2006-03-02 12:00 . 2009-03-08 08:33 420352 c:\windows\system32\vbscript.dll
+ 2006-03-02 12:00 . 2009-03-08 08:34 105984 c:\windows\system32\url.dll
+ 2006-03-02 12:00 . 2011-02-22 23:05 206848 c:\windows\system32\occache.dll
+ 2006-03-02 12:00 . 2011-02-22 23:05 611840 c:\windows\system32\mstime.dll
+ 2006-03-02 12:00 . 2009-03-08 08:34 193536 c:\windows\system32\msrating.dll
+ 2006-03-02 12:00 . 2009-03-08 08:22 156160 c:\windows\system32\msls31.dll
+ 2009-03-08 08:32 . 2011-02-22 23:05 602112 c:\windows\system32\msfeeds.dll
+ 2006-03-02 12:00 . 2009-03-08 08:33 726528 c:\windows\system32\jscript.dll
+ 2009-03-08 08:22 . 2009-03-08 08:22 164352 c:\windows\system32\ieui.dll
+ 2006-03-02 12:00 . 2011-02-22 23:05 184320 c:\windows\system32\iepeers.dll
+ 2006-03-02 12:00 . 2011-02-22 23:05 387584 c:\windows\system32\iedkcs32.dll
+ 2009-03-08 08:11 . 2009-03-08 08:11 445952 c:\windows\system32\ieapfltr.dll
+ 2006-03-02 12:00 . 2009-03-08 08:32 163840 c:\windows\system32\ieakui.dll
+ 2006-03-02 12:00 . 2009-03-08 08:33 229376 c:\windows\system32\ieaksie.dll
+ 2006-03-02 12:00 . 2009-03-08 08:33 125952 c:\windows\system32\ieakeng.dll
+ 2006-03-02 12:00 . 2011-02-18 11:49 173568 c:\windows\system32\ie4uinit.exe
+ 2006-03-02 12:00 . 2009-03-08 08:31 216064 c:\windows\system32\dxtrans.dll
+ 2006-03-02 12:00 . 2009-03-08 08:31 348160 c:\windows\system32\dxtmsft.dll
+ 2006-03-02 12:00 . 2011-02-22 23:05 916480 c:\windows\system32\dllcache\wininet.dll
+ 2006-03-02 12:00 . 2009-03-08 08:34 236544 c:\windows\system32\dllcache\webcheck.dll
+ 2010-03-25 03:46 . 2009-03-08 08:33 759296 c:\windows\system32\dllcache\VGX.dll
+ 2006-03-02 12:00 . 2009-03-08 08:33 420352 c:\windows\system32\dllcache\vbscript.dll
+ 2006-03-02 12:00 . 2009-03-08 08:34 105984 c:\windows\system32\dllcache\url.dll
+ 2009-01-07 22:20 . 2009-01-07 22:20 134144 c:\windows\system32\dllcache\sqmapi.dll
+ 2006-03-02 12:00 . 2011-02-22 23:05 206848 c:\windows\system32\dllcache\occache.dll
+ 2006-03-02 12:00 . 2011-02-22 23:05 611840 c:\windows\system32\dllcache\mstime.dll
+ 2006-03-02 12:00 . 2009-03-08 08:34 193536 c:\windows\system32\dllcache\msrating.dll
+ 2006-03-02 12:00 . 2009-03-08 08:22 156160 c:\windows\system32\dllcache\msls31.dll
- 2010-03-25 05:29 . 2010-12-20 23:53 602112 c:\windows\system32\dllcache\msfeeds.dll
+ 2010-03-25 05:29 . 2011-02-22 23:05 602112 c:\windows\system32\dllcache\msfeeds.dll
+ 2006-03-02 12:00 . 2009-03-08 08:33 726528 c:\windows\system32\dllcache\jscript.dll
+ 2010-03-25 03:45 . 2009-03-08 18:09 638816 c:\windows\system32\dllcache\iexplore.exe
- 2010-03-25 05:29 . 2010-12-20 23:53 247808 c:\windows\system32\dllcache\ieproxy.dll
+ 2010-03-25 05:29 . 2011-02-22 23:05 247808 c:\windows\system32\dllcache\ieproxy.dll
+ 2006-03-02 12:00 . 2011-02-22 23:05 184320 c:\windows\system32\dllcache\iepeers.dll
- 2010-06-11 17:52 . 2010-12-20 23:53 743424 c:\windows\system32\dllcache\iedvtool.dll
+ 2010-06-11 17:52 . 2011-02-22 23:05 743424 c:\windows\system32\dllcache\iedvtool.dll
+ 2006-03-02 12:00 . 2011-02-22 23:05 387584 c:\windows\system32\dllcache\iedkcs32.dll
+ 2006-03-02 12:00 . 2009-03-08 08:32 163840 c:\windows\system32\dllcache\ieakui.dll
+ 2006-03-02 12:00 . 2009-03-08 08:33 229376 c:\windows\system32\dllcache\ieaksie.dll
+ 2006-03-02 12:00 . 2009-03-08 08:33 125952 c:\windows\system32\dllcache\ieakeng.dll
+ 2006-03-02 12:00 . 2011-02-18 11:49 173568 c:\windows\system32\dllcache\ie4uinit.exe
+ 2006-03-02 12:00 . 2009-03-08 08:31 216064 c:\windows\system32\dllcache\dxtrans.dll
+ 2006-03-02 12:00 . 2009-03-08 08:31 348160 c:\windows\system32\dllcache\dxtmsft.dll
+ 2006-03-02 12:00 . 2009-03-08 08:32 128512 c:\windows\system32\dllcache\advpack.dll
+ 2006-03-02 12:00 . 2009-03-08 08:32 128512 c:\windows\system32\advpack.dll
+ 2010-11-08 20:20 . 2011-05-11 15:52 888080 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\wordicon.exe
- 2010-11-08 20:20 . 2011-04-15 07:19 888080 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\wordicon.exe
- 2010-11-08 20:20 . 2011-04-15 07:19 272648 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pubs.exe
+ 2010-11-08 20:20 . 2011-05-11 15:52 272648 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pubs.exe
+ 2010-11-08 20:20 . 2011-05-11 15:52 922384 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pptico.exe
- 2010-11-08 20:20 . 2011-04-15 07:19 922384 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pptico.exe
- 2010-11-08 20:20 . 2011-04-15 07:19 845584 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\outicon.exe
+ 2010-11-08 20:20 . 2011-05-11 15:52 845584 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\outicon.exe
+ 2010-11-08 20:20 . 2011-05-11 15:52 217864 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\misc.exe
- 2010-11-08 20:20 . 2011-04-15 07:19 217864 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\misc.exe
- 2010-11-08 20:20 . 2011-04-15 07:19 184080 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\joticon.exe
+ 2010-11-08 20:20 . 2011-05-11 15:52 184080 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\joticon.exe
+ 2010-11-08 20:20 . 2011-05-11 15:52 159504 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\inficon.exe
- 2010-11-08 20:20 . 2011-04-15 07:19 159504 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\inficon.exe
+ 2011-05-11 18:49 . 2009-03-08 08:34 914944 c:\windows\ie8updates\KB982381-IE8\wininet.dll
+ 2011-05-11 18:49 . 2010-02-22 14:25 406392 c:\windows\ie8updates\KB982381-IE8\updspapi.dll
+ 2011-05-11 18:49 . 2009-05-26 11:40 767352 c:\windows\ie8updates\KB982381-IE8\update.exe
+ 2011-05-11 18:49 . 2010-02-22 14:25 406392 c:\windows\ie8updates\KB982381-IE8\spuninst\updspapi.dll
+ 2011-05-11 18:49 . 2008-07-08 13:03 234872 c:\windows\ie8updates\KB982381-IE8\spuninst\spuninst.exe
+ 2011-05-11 18:49 . 2008-07-08 13:03 234872 c:\windows\ie8updates\KB982381-IE8\spuninst.exe
+ 2011-05-11 18:49 . 2009-03-08 08:34 109568 c:\windows\ie8updates\KB982381-IE8\occache.dll
+ 2011-05-11 18:49 . 2009-03-08 08:32 611840 c:\windows\ie8updates\KB982381-IE8\mstime.dll
+ 2011-05-11 18:49 . 2009-03-08 08:32 594432 c:\windows\ie8updates\KB982381-IE8\msfeeds.dll
+ 2011-05-11 18:49 . 2009-03-08 08:33 246784 c:\windows\ie8updates\KB982381-IE8\ieproxy.dll
+ 2011-05-11 18:49 . 2009-03-08 08:31 183808 c:\windows\ie8updates\KB982381-IE8\iepeers.dll
+ 2011-05-11 18:49 . 2009-03-08 08:35 742912 c:\windows\ie8updates\KB982381-IE8\iedvtool.dll
+ 2011-05-11 18:49 . 2009-03-08 18:09 391536 c:\windows\ie8updates\KB982381-IE8\iedkcs32.dll
+ 2011-05-11 18:49 . 2009-03-08 08:32 173056 c:\windows\ie8updates\KB982381-IE8\ie4uinit.exe
+ 2011-05-11 18:50 . 2010-12-20 23:53 916480 c:\windows\ie8updates\KB2497640-IE8\wininet.dll
+ 2011-05-11 18:50 . 2010-07-05 13:17 406392 c:\windows\ie8updates\KB2497640-IE8\spuninst\updspapi.dll
+ 2011-05-11 18:50 . 2010-07-05 13:17 234872 c:\windows\ie8updates\KB2497640-IE8\spuninst\spuninst.exe
+ 2011-05-11 18:50 . 2010-12-20 23:53 206848 c:\windows\ie8updates\KB2497640-IE8\occache.dll
+ 2011-05-11 18:50 . 2010-12-20 23:53 611840 c:\windows\ie8updates\KB2497640-IE8\mstime.dll
+ 2011-05-11 18:50 . 2010-12-20 23:53 602112 c:\windows\ie8updates\KB2497640-IE8\msfeeds.dll
+ 2011-05-11 18:50 . 2010-12-20 23:53 247808 c:\windows\ie8updates\KB2497640-IE8\ieproxy.dll
+ 2011-05-11 18:50 . 2010-12-20 23:53 184320 c:\windows\ie8updates\KB2497640-IE8\iepeers.dll
+ 2011-05-11 18:50 . 2010-12-20 23:53 743424 c:\windows\ie8updates\KB2497640-IE8\iedvtool.dll
+ 2011-05-11 18:50 . 2010-12-20 23:53 387584 c:\windows\ie8updates\KB2497640-IE8\iedkcs32.dll
+ 2011-05-11 18:50 . 2010-12-20 12:55 173568 c:\windows\ie8updates\KB2497640-IE8\ie4uinit.exe
+ 2011-05-11 18:50 . 2010-05-06 10:33 916480 c:\windows\ie8updates\KB2482017-IE8\wininet.dll
+ 2011-05-11 18:50 . 2010-07-05 13:17 406392 c:\windows\ie8updates\KB2482017-IE8\updspapi.dll
+ 2011-05-11 18:50 . 2010-07-05 13:17 767352 c:\windows\ie8updates\KB2482017-IE8\update.exe
+ 2011-05-11 18:50 . 2010-07-05 13:17 406392 c:\windows\ie8updates\KB2482017-IE8\spuninst\updspapi.dll
+ 2011-05-11 18:50 . 2010-07-05 13:17 234872 c:\windows\ie8updates\KB2482017-IE8\spuninst\spuninst.exe
+ 2011-05-11 18:50 . 2010-07-05 13:17 234872 c:\windows\ie8updates\KB2482017-IE8\spuninst.exe
+ 2011-05-11 18:50 . 2010-05-06 10:33 206848 c:\windows\ie8updates\KB2482017-IE8\occache.dll
+ 2011-05-11 18:50 . 2010-05-06 10:33 611840 c:\windows\ie8updates\KB2482017-IE8\mstime.dll
+ 2011-05-11 18:50 . 2010-05-06 10:33 599040 c:\windows\ie8updates\KB2482017-IE8\msfeeds.dll
+ 2011-05-11 18:50 . 2010-05-06 10:33 247808 c:\windows\ie8updates\KB2482017-IE8\ieproxy.dll
+ 2011-05-11 18:50 . 2010-05-06 10:33 184320 c:\windows\ie8updates\KB2482017-IE8\iepeers.dll
+ 2011-05-11 18:50 . 2010-05-06 10:33 743424 c:\windows\ie8updates\KB2482017-IE8\iedvtool.dll
+ 2011-05-11 18:50 . 2010-05-06 10:33 387584 c:\windows\ie8updates\KB2482017-IE8\iedkcs32.dll
+ 2011-05-11 18:50 . 2010-05-05 13:30 173056 c:\windows\ie8updates\KB2482017-IE8\ie4uinit.exe
+ 2011-05-11 18:49 . 2010-02-22 14:25 406392 c:\windows\ie8updates\KB2447568-IE8\spuninst\updspapi.dll
+ 2011-05-11 18:49 . 2010-02-22 14:25 234872 c:\windows\ie8updates\KB2447568-IE8\spuninst\spuninst.exe
+ 2011-05-11 18:47 . 2010-04-16 16:07 671232 c:\windows\ie8\wininet.dll
+ 2011-05-11 18:47 . 2006-03-02 12:00 281600 c:\windows\ie8\webcheck.dll
+ 2011-05-11 18:47 . 2006-03-02 12:00 848384 c:\windows\ie8\vgx.dll
+ 2011-05-11 18:47 . 2011-03-04 06:45 434176 c:\windows\ie8\vbscript.dll
+ 2011-05-11 18:47 . 2010-04-16 16:07 628736 c:\windows\ie8\urlmon.dll
+ 2011-05-11 18:47 . 2009-01-07 22:21 406048 c:\windows\ie8\spuninst\updspapi.dll
+ 2011-05-11 18:47 . 2009-01-07 22:21 235040 c:\windows\ie8\spuninst\spuninst.exe
+ 2011-05-11 18:47 . 2009-12-22 05:41 532480 c:\windows\ie8\mstime.dll
+ 2011-05-11 18:47 . 2009-12-22 05:41 146432 c:\windows\ie8\msrating.dll
+ 2011-05-11 18:47 . 2006-03-02 12:00 146432 c:\windows\ie8\msls31.dll
+ 2011-05-11 18:47 . 2009-12-22 05:41 449024 c:\windows\ie8\mshtmled.dll
+ 2011-05-11 18:47 . 2011-03-04 06:45 512000 c:\windows\ie8\jscript.dll
+ 2011-05-11 18:47 . 2010-04-16 16:07 251904 c:\windows\ie8\iepeers.dll
+ 2011-05-11 18:47 . 2006-03-02 12:00 323584 c:\windows\ie8\iedkcs32.dll
+ 2011-05-11 18:47 . 2006-03-02 12:00 245760 c:\windows\ie8\ieakui.dll
+ 2011-05-11 18:47 . 2006-03-02 12:00 221696 c:\windows\ie8\ieaksie.dll
+ 2011-05-11 18:47 . 2006-03-02 12:00 139264 c:\windows\ie8\ieakeng.dll
+ 2011-05-11 18:47 . 2009-12-22 05:41 205312 c:\windows\ie8\dxtrans.dll
+ 2011-05-11 18:47 . 2009-12-22 05:41 357888 c:\windows\ie8\dxtmsft.dll
+ 2011-05-11 18:47 . 2006-03-02 12:00 101888 c:\windows\ie8\advpack.dll
+ 2006-03-02 12:00 . 2011-02-22 23:05 1210880 c:\windows\system32\urlmon.dll
+ 2006-03-02 12:00 . 2011-02-22 23:05 5962240 c:\windows\system32\mshtml.dll
+ 2009-03-08 08:32 . 2011-02-22 23:05 1991680 c:\windows\system32\iertutil.dll
+ 2009-02-07 01:07 . 2009-02-07 01:07 3698584 c:\windows\system32\ieapfltr.dat
+ 2006-03-02 12:00 . 2011-02-22 23:05 1210880 c:\windows\system32\dllcache\urlmon.dll
+ 2006-03-02 12:00 . 2011-02-22 23:05 5962240 c:\windows\system32\dllcache\mshtml.dll
- 2010-03-25 05:29 . 2010-12-20 23:53 1991680 c:\windows\system32\dllcache\iertutil.dll
+ 2010-03-25 05:29 . 2011-02-22 23:05 1991680 c:\windows\system32\dllcache\iertutil.dll
+ 2011-04-29 16:27 . 2011-04-29 16:27 4158464 c:\windows\Installer\146f1a3a.msp
+ 2011-04-28 09:42 . 2011-04-28 09:42 4990976 c:\windows\Installer\146f1a22.msp
+ 2010-11-08 20:20 . 2011-05-11 15:52 1172240 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\xlicons.exe
- 2010-11-08 20:20 . 2011-04-15 07:19 1172240 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\xlicons.exe
- 2010-11-08 20:20 . 2011-04-15 07:19 1165584 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\accicons.exe
+ 2010-11-08 20:20 . 2011-05-11 15:52 1165584 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\accicons.exe
+ 2011-05-11 18:49 . 2009-03-08 08:34 1206784 c:\windows\ie8updates\KB982381-IE8\urlmon.dll
+ 2011-05-11 18:49 . 2009-03-08 08:41 5937152 c:\windows\ie8updates\KB982381-IE8\mshtml.dll
+ 2011-05-11 18:49 . 2009-03-08 08:32 1985024 c:\windows\ie8updates\KB982381-IE8\iertutil.dll
+ 2011-05-11 18:50 . 2010-12-20 23:53 1210880 c:\windows\ie8updates\KB2497640-IE8\urlmon.dll
+ 2011-05-11 18:50 . 2010-12-20 23:53 5961216 c:\windows\ie8updates\KB2497640-IE8\mshtml.dll
+ 2011-05-11 18:50 . 2010-12-20 23:53 1991680 c:\windows\ie8updates\KB2497640-IE8\iertutil.dll
+ 2011-05-11 18:50 . 2010-05-06 10:33 1209344 c:\windows\ie8updates\KB2482017-IE8\urlmon.dll
+ 2011-05-11 18:50 . 2010-05-06 10:33 5950976 c:\windows\ie8updates\KB2482017-IE8\mshtml.dll
+ 2011-05-11 18:50 . 2010-05-06 10:33 1985536 c:\windows\ie8updates\KB2482017-IE8\iertutil.dll
+ 2011-05-11 18:47 . 2010-04-16 16:07 3094016 c:\windows\ie8\mshtml.dll
+ 2010-03-25 05:17 . 2011-05-11 15:50 42829768 c:\windows\system32\MRT.exe
+ 2009-03-08 08:39 . 2011-02-22 23:05 11080704 c:\windows\system32\ieframe.dll
- 2010-03-25 05:29 . 2010-12-21 10:23 11080704 c:\windows\system32\dllcache\ieframe.dll
+ 2010-03-25 05:29 . 2011-02-22 23:05 11080704 c:\windows\system32\dllcache\ieframe.dll
+ 2011-04-22 23:41 . 2011-04-22 23:41 11507712 c:\windows\Installer\146f1a56.msp
+ 2011-05-11 18:49 . 2009-03-08 08:39 11063808 c:\windows\ie8updates\KB982381-IE8\ieframe.dll
+ 2011-05-11 18:50 . 2010-12-21 09:23 11080704 c:\windows\ie8updates\KB2497640-IE8\ieframe.dll
+ 2011-05-11 18:50 . 2010-05-06 10:33 11076096 c:\windows\ie8updates\KB2482017-IE8\ieframe.dll
.
-- Instantané actualisé --
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\VaultIcon1]
@="{B976888E-DC7B-456C-A62F-44EA07ED231F}"
[HKEY_CLASSES_ROOT\CLSID\{B976888E-DC7B-456C-A62F-44EA07ED231F}]
2010-01-17 22:50 503808 ----a-w- c:\program files\Gestionnaire de sauvegarde du Coffre-fort personnel\VaultClientMenu.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2010-04-17 3872080]
"googletalk"="c:\program files\Google\Google Talk\googletalk.exe" [2007-11-21 3297280]
"cdloader"="c:\documents and settings\Guy\Application Data\mjusbsp\cdloader2.exe" [2010-12-03 50592]
"SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2011-05-11 2424192]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Logitech Utility"="Logi_MwX.Exe" [2003-12-11 20992]
"BellCanada_McciTrayApp"="c:\program files\BellCanada\McciTrayApp.exe" [2010-01-19 1565696]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]
"PaperPort PTD"="c:\program files\ScanSoft\PaperPort\pptd40nt.exe" [2007-01-30 30248]
"IndexSearch"="c:\program files\ScanSoft\PaperPort\IndexSearch.exe" [2007-01-30 46632]
"PPort11reminder"="c:\program files\ScanSoft\PaperPort\Ereg\Ereg.exe" [2007-02-01 255528]
"BrMfcWnd"="c:\program files\Brother\Brmfcmon\BrMfcWnd.exe" [2007-03-23 663552]
"ControlCenter3"="c:\program files\Brother\ControlCenter3\brctrcen.exe" [2007-01-26 65536]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2011-01-08 111208]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2011-01-08 13880424]
"nwiz"="c:\program files\NVIDIA Corporation\nView\nwiz.exe" [2010-11-04 1753192]
"BISA.exe"="c:\program files\Bell\Internet Service Advisor\BISA.exe" [2011-01-06 4318520]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-01-31 35760]
"SigmatelSysTrayApp"="sttray.exe" [2000-01-01 405504]
"vspdfprsrv.exe"="c:\program files\Visagesoft\eXPert PDF\vspdfprsrv.exe" [2006-05-04 998912]
"SSBkgdUpdate"="c:\program files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2006-10-25 210472]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-11-29 421888]
"SunJavaUpdateSched"="c:\program files\Fichiers communs\Java\Java Update\jusched.exe" [2010-10-29 249064]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ PDBoot.exe\0autocheck PDBoot.exe\0autocheck autochk *
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Radialpoint Security Services]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ServicepointService]
@="Service"
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Assistant de traduction IdiomaX.lnk]
path=c:\documents and settings\All Users\Menu Démarrer\Programmes\Démarrage\Assistant de traduction IdiomaX.lnk
backup=c:\windows\pss\Assistant de traduction IdiomaX.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^Guy^Menu Démarrer^Programmes^Démarrage^Notification de cadeaux MSN.lnk]
path=c:\documents and settings\Guy\Menu Démarrer\Programmes\Démarrage\Notification de cadeaux MSN.lnk
backup=c:\windows\pss\Notification de cadeaux MSN.lnkStartup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2010-09-21 04:07 932288 ----a-r- c:\program files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AppleSyncNotifier]
2010-09-22 04:28 47904 ----a-w- c:\program files\Fichiers communs\Apple\Mobile Device Support\AppleSyncNotifier.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2011-04-14 15:32 421160 ----a-w- D:\iTunesHelper.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SlimDrivers]
2011-04-01 12:44 23742304 ----a-w- c:\program files\SlimDrivers\SlimDrivers.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Spark]
2007-11-14 17:55 434176 ----a-w- c:\program files\Spark\Spark.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"NMSAccess"=2 (0x2)
"gusvc"=3 (0x3)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\CCP\\EVE\\bin\\ExeFile.exe"=
"c:\\Program Files\\CCP\\EVE Sisi\\bin\\ExeFile.exe"=
"c:\\Program Files\\Ventrilo\\Ventrilo.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\javaw.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\javaws.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\BitTorrent\\bittorrent.exe"=
"c:\\WINDOWS\\system32\\fxsclnt.exe"=
"c:\\Program Files\\Bell\\Internet Service Advisor\\ServicepointService.exe"=
"c:\\Program Files\\Google\\Google Talk\\googletalk.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"d:\\iTunes.exe"=
"c:\\Documents and Settings\\Guy\\Application Data\\mjusbsp\\magicJack.exe"=
.
R0 mv61xx;mv61xx;c:\windows\system32\drivers\mv61xx.sys [12/10/2009 05:23 155688]
R0 RadialpointIDSEH;RadialpointIDSEH;c:\windows\system32\drivers\AVGIDSEH.sys [28/02/2011 16:16 25608]
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [17/02/2010 14:25 12872]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [10/05/2010 14:41 67656]
R2 cvhsvc;Client Virtualization Handler;c:\program files\Fichiers communs\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [26/09/2009 07:35 819600]
R2 Radialpoint Security Services;Services de sécurité Internet de Bell;c:\program files\Bell\Services de sécurité Internet de Bell\RpsSecurityAwareR.exe [18/01/2010 17:13 165408]
R2 RadialpointIDSAgent;RadialpointIDSAgent;c:\program files\Bell\Services de sécurité Internet de Bell\AVG\Identity Protection\agent\bin\AVGIDSAgent.exe [28/02/2011 16:16 5832712]
R2 ServicepointService;ServicepointService;c:\program files\Bell\Internet Service Advisor\ServicepointService.exe [28/02/2011 16:08 689464]
R2 sftlist;Application Virtualization Client;c:\program files\Microsoft Application Virtualization Client\sftlist.exe [23/09/2009 15:04 447832]
R2 VaultClientSRV;Gestionnaire de sauvegarde du Coffre-fort personnel : Service;c:\program files\Gestionnaire de sauvegarde du Coffre-fort personnel\VaultClientSRV.exe [17/01/2010 18:50 1051728]
R2 VaultClientUpgrade;Gestionnaire de sauvegarde du Coffre-fort personnel : Service de mise à niveau;c:\program files\Gestionnaire de sauvegarde du Coffre-fort personnel\VaultClientUpgrade.exe [17/01/2010 18:50 56400]
R3 RadialpointIDSDriver;RadialpointIDSDriver;c:\program files\Bell\Services de sécurité Internet de Bell\AVG\Identity Protection\agent\drivers\AVGIDSDriver.sys [28/02/2011 16:16 122376]
R3 RadialpointIDSFilter;RadialpointIDSFilter;c:\program files\Bell\Services de sécurité Internet de Bell\AVG\Identity Protection\agent\drivers\AVGIDSfilter.sys [28/02/2011 16:16 30216]
R3 RadialpointIDSShim;RadialpointIDSShim;c:\program files\Bell\Services de sécurité Internet de Bell\AVG\Identity Protection\agent\drivers\AVGIDSShim.sys [28/02/2011 16:16 25736]
R3 sftfs;sftfs;c:\program files\Microsoft Application Virtualization Client\drivers\SftFSXP.sys [23/09/2009 15:04 543064]
R3 sftplay;sftplay;c:\program files\Microsoft Application Virtualization Client\drivers\sftplayxp.sys [23/09/2009 15:04 190312]
R3 Sftredir;Sftredir;c:\windows\system32\drivers\Sftredirxp.sys [23/09/2009 15:05 21864]
R3 sftvol;sftvol;c:\program files\Microsoft Application Virtualization Client\drivers\SftVolXP.sys [23/09/2009 15:04 14680]
R3 sftvsa;Application Virtualization Service Agent;c:\program files\Microsoft Application Virtualization Client\sftvsa.exe [23/09/2009 15:04 203608]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [18/03/2010 14:16 130384]
S3 BvrpKrnl;BvrpKrnl;c:\program files\WinFax eXPert\BVRPKrnl.exe --> c:\program files\WinFax eXPert\BVRPKrnl.exe [?]
S3 cpudrv;cpudrv;c:\program files\SystemRequirementsLab\cpudrv.sys [18/12/2009 10:58 11336]
S3 esgiguard;esgiguard;\??\c:\program files\Enigma Software Group\SpyHunter\esgiguard.sys --> c:\program files\Enigma Software Group\SpyHunter\esgiguard.sys [?]
S3 maconfservice;Ma-Config Service;c:\program files\ma-config.com\maconfservice.exe [24/01/2011 15:49 310640]
S3 nosGetPlusHelper;getPlus(R) Helper 3004;c:\windows\System32\svchost.exe -k nosGetPlusHelper [02/03/2006 08:00 14336]
S3 osppsvc;Office Software Protection Platform;"c:\program files\Fichiers communs\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE" --> c:\program files\Fichiers communs\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [?]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [18/03/2010 14:16 753504]
.
--- Autres Services/Pilotes en mémoire ---
.
*NewlyCreated* - 059C4EC1
*NewlyCreated* - ACEF6A20
*Deregistered* - 059c4ec1
*Deregistered* - acef6a20
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
nosGetPlusHelper REG_MULTI_SZ nosGetPlusHelper
bdx REG_MULTI_SZ scan sysagent
.
Contenu du dossier 'Tâches planifiées'
.
2011-05-09 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 16:34]
.
.
------- Examen supplémentaire -------
.
uStart Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT2500339
uInternet Settings,ProxyOverride = *.local
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: &Envoyer à OneNote - c:\progra~1\MICROS~4\Office14\ONBttnIE.dll/105
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~4\Office12\EXCEL.EXE/3000
IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~4\Office14\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll/cmsidewiki.html
FF - ProfilePath - c:\documents and settings\Guy\Application Data\Mozilla\Firefox\Profiles\ji50v4hv.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2542115&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.startup.homepage - hxxp://www.google.ca
FF - prefs.js: keyword.URL - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CTXXXX&q=
FF - prefs.js: network.proxy.type - 0
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-05-11 20:38
Windows 5.1.2600 Service Pack 3 NTFS
.
Recherche de processus cachés ...
.
Recherche d'éléments en démarrage automatique cachés ...
.
Recherche de fichiers cachés ...
.
Scan terminé avec succès
Fichiers cachés: 0
.
**************************************************************************
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10k_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10k_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
--------------------- DLLs chargées dans les processus actifs ---------------------
.
- - - - - - - > 'explorer.exe'(5888)
c:\program files\Logitech\MouseWare\System\LgWndHk.dll
c:\program files\Gestionnaire de sauvegarde du Coffre-fort personnel\VaultClientMenu.dll
c:\program files\Gestionnaire de sauvegarde du Coffre-fort personnel\LIBEXPAT.dll
c:\program files\Gestionnaire de sauvegarde du Coffre-fort personnel\VaultClientCOM.dll
c:\program files\Fichiers communs\Logitech\Scrolling\LgMsgHk.dll
c:\windows\system32\eappprxy.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
Heure de fin: 2011-05-11 20:40:37
ComboFix-quarantined-files.txt 2011-05-12 00:40
.
Avant-CF: 422 537 277 440 octets libres
Après-CF: 422 582 845 440 octets libres
.
- - End Of File - - C953EB20A32F100C6060A3941103AC5B

Bonjour et merci pour votre aide
voici le dernier rapport de combofixe

ComboFix 11-05-11.04 - Guy 12/05/2011 18:24:57.3.2 - x86
Microsoft Windows XP Édition familiale 5.1.2600.3.1252.33.1036.18.2030.1483 [GMT -4:00]
Lancé depuis: c:\documents and settings\Guy\Bureau\guy.exe.exe
Commutateurs utilisés :: c:\documents and settings\Guy\Bureau\CFScript.txt
AV: Services de sécurité Internet de Bell Antivirus *Disabled/Outdated* {5B5A3BD7-8573-4672-AEA8-C9BB713B6755}
FW: Services de sécurité Internet de Bell Coupe-feu *Disabled* {80593BF4-D969-4EC5-ADAE-A22F2DFC7A22}
.
FILE ::
"c:\program files\SETUP.EXE"
.
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\RECYCLER(2)
c:\recycler(2)\S-1-5-21-725345543-1085031214-839522115-1004(2)\Dc10.m4a
c:\recycler(2)\S-1-5-21-725345543-1085031214-839522115-1004(2)\Dc11.m4a
c:\recycler(2)\S-1-5-21-725345543-1085031214-839522115-1004(2)\Dc12.m4a
c:\recycler(2)\S-1-5-21-725345543-1085031214-839522115-1004(2)\Dc13.m4a
c:\recycler(2)\S-1-5-21-725345543-1085031214-839522115-1004(2)\Dc14.m4a
c:\recycler(2)\S-1-5-21-725345543-1085031214-839522115-1004(2)\Dc15.m4a
c:\recycler(2)\S-1-5-21-725345543-1085031214-839522115-1004(2)\Dc16.m4a
c:\recycler(2)\S-1-5-21-725345543-1085031214-839522115-1004(2)\Dc2.text
c:\recycler(2)\S-1-5-21-725345543-1085031214-839522115-1004(2)\Dc6.m4a
c:\recycler(2)\S-1-5-21-725345543-1085031214-839522115-1004(2)\Dc7.m4a
c:\recycler(2)\S-1-5-21-725345543-1085031214-839522115-1004(2)\Dc8.m4a
c:\recycler(2)\S-1-5-21-725345543-1085031214-839522115-1004(2)\Dc9.m4a
c:\recycler(2)\S-1-5-21-725345543-1085031214-839522115-1004(2)\INFO2
.
.
((((((((((((((((((((((((((((( Fichiers créés du 2011-04-12 au 2011-05-12 ))))))))))))))))))))))))))))))))))))
.
.
2011-05-12 21:16 . 2011-05-12 21:16 -------- d-----w- c:\windows\system32\wbem\Repository
2011-05-12 21:15 . 2011-05-12 21:15 -------- d-----w- c:\documents and settings\Guy\Local Settings\Application Data\Conduit
2011-05-12 21:15 . 2011-05-12 21:15 -------- d-----w- c:\program files\Softonic_France
2011-05-12 21:13 . 2011-05-12 21:13 -------- d-----w- c:\program files\Conduit
2011-05-12 13:31 . 2011-05-12 21:11 -------- d-----w- C:\32788R22FWJFW(2)
2011-05-11 18:47 . 2011-05-12 21:13 -------- dc----w- c:\windows\ie8
2011-05-09 00:00 . 2011-05-12 21:15 -------- d-----w- c:\program files\Toolbar Uninstaller
2011-04-29 18:43 . 2011-04-14 16:47 142296 ----a-w- c:\program files\Mozilla Firefox\components\browsercomps.dll
2011-04-29 18:43 . 2011-04-14 16:47 89048 ----a-w- c:\program files\Mozilla Firefox\libEGL.dll
2011-04-29 18:43 . 2011-04-14 16:47 781272 ----a-w- c:\program files\Mozilla Firefox\mozsqlite3.dll
2011-04-29 18:43 . 2011-04-14 16:47 465880 ----a-w- c:\program files\Mozilla Firefox\libGLESv2.dll
2011-04-29 18:43 . 2011-04-14 16:47 1874904 ----a-w- c:\program files\Mozilla Firefox\mozjs.dll
2011-04-29 18:43 . 2011-04-14 16:47 15832 ----a-w- c:\program files\Mozilla Firefox\mozalloc.dll
2011-04-29 18:43 . 2010-01-01 08:00 1974616 ----a-w- c:\program files\Mozilla Firefox\D3DCompiler_42.dll
2011-04-29 18:43 . 2010-01-01 08:00 1892184 ----a-w- c:\program files\Mozilla Firefox\d3dx9_42.dll
2011-04-24 22:26 . 2011-04-24 22:26 -------- d-----w- c:\documents and settings\Guy\Application Data\SUPERAntiSpyware.com
2011-04-24 22:26 . 2011-04-24 22:26 -------- d-----w- c:\documents and settings\All Users\Application Data\SUPERAntiSpyware.com
2011-04-24 22:26 . 2011-05-12 21:13 -------- d-----w- c:\program files\SUPERAntiSpyware
2011-04-23 04:24 . 2011-04-23 04:24 -------- d-----w- c:\program files\Fichiers communs\Java
2011-04-23 04:24 . 2011-04-23 04:23 73728 ----a-w- c:\windows\system32\javacpl.cpl
2011-04-23 04:22 . 2011-04-23 04:22 7118 ----a-w- c:\windows\system32\PerfStringBackup.TMP
2011-04-23 03:31 . 2011-04-23 04:15 -------- d-----w- c:\program files\Windows Installer Clean Up
2011-04-18 22:36 . 2011-04-18 22:36 -------- d-----w- c:\program files\iPod
2011-04-18 22:33 . 2011-04-18 22:33 -------- d-----w- c:\program files\Bonjour
2011-04-16 13:18 . 2011-04-18 01:10 -------- d-----w- c:\program files\PokerStars
2011-04-14 07:39 . 2011-04-14 07:39 103864 ----a-w- c:\program files\Mozilla Firefox\plugins\nppdf32.dll
2011-04-14 07:39 . 2011-04-14 07:39 103864 ----a-w- c:\program files\Internet Explorer\Plugins\nppdf32.dll
2011-04-14 07:15 . 2011-04-14 07:15 -------- d-----w- c:\program files\Microprose
2011-04-14 07:15 . 2000-01-04 10:39 212992 ----a-w- c:\program files\Fichiers communs\InstallShield\Engine\6\Intel 32\ILog.dll
.
.
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-04-23 04:23 . 2010-06-10 18:44 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-04-06 20:20 . 2011-04-06 20:20 91424 ----a-w- c:\windows\system32\dnssd.dll
2011-04-06 20:20 . 2011-04-06 20:20 75040 ----a-w- c:\windows\system32\jdns_sd.dll
2011-04-06 20:20 . 2011-04-06 20:20 197920 ----a-w- c:\windows\system32\dnssdX.dll
2011-04-06 20:20 . 2011-04-06 20:20 107808 ----a-w- c:\windows\system32\dns-sd.exe
2011-03-16 00:23 . 2011-03-16 00:23 97280 ----a-r- c:\documents and settings\Guy\Application Data\Microsoft\Installer\{A474EA56-5DBD-4181-8230-806A4762EA7F}\IconA474EA561.exe
2011-03-07 05:33 . 2010-03-25 03:45 692736 ----a-w- c:\windows\system32\inetcomm.dll
2011-03-05 17:39 . 2011-03-05 17:39 323624 ----a-w- c:\windows\system32\wiaaut.dll
2011-03-04 06:45 . 2006-03-02 12:00 434176 ----a-w- c:\windows\system32\vbscript.dll
2011-03-03 13:53 . 2006-03-02 12:00 1858048 ----a-w- c:\windows\system32\win32k.sys
2011-02-28 20:15 . 2011-02-28 20:15 53192 ----a-w- c:\windows\system32\drivers\rp_skt32.sys
2011-02-28 20:15 . 2011-02-28 20:15 48384 ----a-w- c:\windows\system32\drivers\rp_pkt32.sys
2011-02-22 11:42 . 2006-03-02 12:00 385024 ------w- c:\windows\system32\html.iec
2011-02-18 20:36 . 2010-03-25 22:56 41984 ----a-w- c:\windows\system32\drivers\usbaapl.sys
2011-02-18 20:36 . 2010-03-25 22:56 4184352 ----a-w- c:\windows\system32\usbaaplrc.dll
2011-02-17 13:18 . 2006-03-02 12:00 455936 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2011-02-17 13:18 . 2006-03-02 12:00 357888 ----a-w- c:\windows\system32\drivers\srv.sys
2011-02-17 12:54 . 2008-05-05 12:25 5632 ----a-w- c:\windows\system32\xpsp4res.dll
2011-02-15 12:56 . 2006-03-02 12:00 290432 ----a-w- c:\windows\system32\atmfd.dll
2010-11-02 01:41 . 2010-11-02 00:35 463152 ----a-w- c:\program files\SETUP.EXE;1
2011-04-14 16:47 . 2011-04-29 18:43 142296 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{4daac69c-cba7-45e2-9bc8-1044483d3352}"= "c:\program files\Softonic_France\tbSoft.dll" [2010-11-14 3913000]
.
[HKEY_CLASSES_ROOT\clsid\{4daac69c-cba7-45e2-9bc8-1044483d3352}]
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
2010-11-14 01:58 3913000 ----a-w- c:\program files\ConduitEngine\ConduitEngine.dll
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{4daac69c-cba7-45e2-9bc8-1044483d3352}]
2010-11-14 01:58 3913000 ----a-w- c:\program files\Softonic_France\tbSoft.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{4daac69c-cba7-45e2-9bc8-1044483d3352}"= "c:\program files\Softonic_France\tbSoft.dll" [2010-11-14 3913000]
"{30F9B915-B755-4826-820B-08FBA6BD249D}"= "c:\program files\ConduitEngine\ConduitEngine.dll" [2010-11-14 3913000]
.
[HKEY_CLASSES_ROOT\clsid\{4daac69c-cba7-45e2-9bc8-1044483d3352}]
.
[HKEY_CLASSES_ROOT\clsid\{30f9b915-b755-4826-820b-08fba6bd249d}]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\VaultIcon1]
@="{B976888E-DC7B-456C-A62F-44EA07ED231F}"
[HKEY_CLASSES_ROOT\CLSID\{B976888E-DC7B-456C-A62F-44EA07ED231F}]
2010-01-17 22:50 503808 ----a-w- c:\program files\Gestionnaire de sauvegarde du Coffre-fort personnel\VaultClientMenu.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2010-04-17 3872080]
"googletalk"="c:\program files\Google\Google Talk\googletalk.exe" [2007-11-21 3297280]
"SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2011-04-20 2423752]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Logitech Utility"="Logi_MwX.Exe" [2003-12-11 20992]
"BellCanada_McciTrayApp"="c:\program files\BellCanada\McciTrayApp.exe" [2010-01-19 1565696]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]
"PPort11reminder"="c:\program files\ScanSoft\PaperPort\Ereg\Ereg.exe" [2007-02-01 255528]
"BrMfcWnd"="c:\program files\Brother\Brmfcmon\BrMfcWnd.exe" [2007-03-23 663552]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2011-01-08 111208]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2011-01-08 13880424]
"BISA.exe"="c:\program files\Bell\Internet Service Advisor\BISA.exe" [2011-01-06 4318520]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-01-31 35760]
"SigmatelSysTrayApp"="sttray.exe" [2000-01-01 405504]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ PDBoot.exe\0autocheck PDBoot.exe\0autocheck autochk *
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Radialpoint Security Services]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ServicepointService]
@="Service"
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Assistant de traduction IdiomaX.lnk]
path=c:\documents and settings\All Users\Menu Démarrer\Programmes\Démarrage\Assistant de traduction IdiomaX.lnk
backup=c:\windows\pss\Assistant de traduction IdiomaX.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^Guy^Menu Démarrer^Programmes^Démarrage^Notification de cadeaux MSN.lnk]
path=c:\documents and settings\Guy\Menu Démarrer\Programmes\Démarrage\Notification de cadeaux MSN.lnk
backup=c:\windows\pss\Notification de cadeaux MSN.lnkStartup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2010-09-21 04:07 932288 ----a-r- c:\program files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AppleSyncNotifier]
2010-09-22 04:28 47904 ----a-w- c:\program files\Fichiers communs\Apple\Mobile Device Support\AppleSyncNotifier.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2011-04-14 15:32 421160 ----a-w- D:\iTunesHelper.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SlimDrivers]
2011-04-01 12:44 23742304 ----a-w- c:\program files\SlimDrivers\SlimDrivers.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Spark]
2007-11-14 17:55 434176 ----a-w- c:\program files\Spark\Spark.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"NMSAccess"=2 (0x2)
"gusvc"=3 (0x3)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\CCP\\EVE\\bin\\ExeFile.exe"=
"c:\\Program Files\\CCP\\EVE Sisi\\bin\\ExeFile.exe"=
"c:\\Program Files\\Ventrilo\\Ventrilo.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\javaw.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\javaws.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\BitTorrent\\bittorrent.exe"=
"c:\\WINDOWS\\system32\\fxsclnt.exe"=
"c:\\Program Files\\Bell\\Internet Service Advisor\\ServicepointService.exe"=
"c:\\Program Files\\Google\\Google Talk\\googletalk.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"d:\\iTunes.exe"=
.
R0 mv61xx;mv61xx;c:\windows\system32\drivers\mv61xx.sys [12/10/2009 05:23 155688]
R0 RadialpointIDSEH;RadialpointIDSEH;c:\windows\system32\drivers\AVGIDSEH.sys [28/02/2011 16:16 25608]
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [17/02/2010 14:25 12872]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [10/05/2010 14:41 67656]
R2 cvhsvc;Client Virtualization Handler;c:\program files\Fichiers communs\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [26/09/2009 07:35 819600]
R2 Radialpoint Security Services;Services de sécurité Internet de Bell;c:\program files\Bell\Services de sécurité Internet de Bell\RpsSecurityAwareR.exe [18/01/2010 17:13 165408]
R2 RadialpointIDSAgent;RadialpointIDSAgent;c:\program files\Bell\Services de sécurité Internet de Bell\AVG\Identity Protection\agent\bin\AVGIDSAgent.exe [28/02/2011 16:16 5832712]
R2 ServicepointService;ServicepointService;c:\program files\Bell\Internet Service Advisor\ServicepointService.exe [28/02/2011 16:08 689464]
R2 sftlist;Application Virtualization Client;c:\program files\Microsoft Application Virtualization Client\sftlist.exe [23/09/2009 15:04 447832]
R2 VaultClientSRV;Gestionnaire de sauvegarde du Coffre-fort personnel : Service;c:\program files\Gestionnaire de sauvegarde du Coffre-fort personnel\VaultClientSRV.exe [17/01/2010 18:50 1051728]
R2 VaultClientUpgrade;Gestionnaire de sauvegarde du Coffre-fort personnel : Service de mise à niveau;c:\program files\Gestionnaire de sauvegarde du Coffre-fort personnel\VaultClientUpgrade.exe [17/01/2010 18:50 56400]
R3 RadialpointIDSDriver;RadialpointIDSDriver;c:\program files\Bell\Services de sécurité Internet de Bell\AVG\Identity Protection\agent\drivers\AVGIDSDriver.sys [28/02/2011 16:16 122376]
R3 RadialpointIDSFilter;RadialpointIDSFilter;c:\program files\Bell\Services de sécurité Internet de Bell\AVG\Identity Protection\agent\drivers\AVGIDSfilter.sys [28/02/2011 16:16 30216]
R3 RadialpointIDSShim;RadialpointIDSShim;c:\program files\Bell\Services de sécurité Internet de Bell\AVG\Identity Protection\agent\drivers\AVGIDSShim.sys [28/02/2011 16:16 25736]
R3 sftfs;sftfs;c:\program files\Microsoft Application Virtualization Client\drivers\SftFSXP.sys [23/09/2009 15:04 543064]
R3 sftplay;sftplay;c:\program files\Microsoft Application Virtualization Client\drivers\sftplayxp.sys [23/09/2009 15:04 190312]
R3 Sftredir;Sftredir;c:\windows\system32\drivers\Sftredirxp.sys [23/09/2009 15:05 21864]
R3 sftvol;sftvol;c:\program files\Microsoft Application Virtualization Client\drivers\SftVolXP.sys [23/09/2009 15:04 14680]
R3 sftvsa;Application Virtualization Service Agent;c:\program files\Microsoft Application Virtualization Client\sftvsa.exe [23/09/2009 15:04 203608]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [18/03/2010 14:16 130384]
S3 BvrpKrnl;BvrpKrnl;c:\program files\WinFax eXPert\BVRPKrnl.exe --> c:\program files\WinFax eXPert\BVRPKrnl.exe [?]
S3 cpudrv;cpudrv;c:\program files\SystemRequirementsLab\cpudrv.sys [18/12/2009 10:58 11336]
S3 esgiguard;esgiguard;\??\c:\program files\Enigma Software Group\SpyHunter\esgiguard.sys --> c:\program files\Enigma Software Group\SpyHunter\esgiguard.sys [?]
S3 maconfservice;Ma-Config Service;c:\program files\ma-config.com\maconfservice.exe [24/01/2011 15:49 310640]
S3 nosGetPlusHelper;getPlus(R) Helper 3004;c:\windows\System32\svchost.exe -k nosGetPlusHelper [02/03/2006 08:00 14336]
S3 osppsvc;Office Software Protection Platform;"c:\program files\Fichiers communs\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE" --> c:\program files\Fichiers communs\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [?]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [18/03/2010 14:16 753504]
.
--- Autres Services/Pilotes en mémoire ---
.
*NewlyCreated* - 0DB96EAC
*NewlyCreated* - 6F49B112
*Deregistered* - 0db96eac
*Deregistered* - 6f49b112
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
nosGetPlusHelper REG_MULTI_SZ nosGetPlusHelper
bdx REG_MULTI_SZ scan sysagent
.
Contenu du dossier 'Tâches planifiées'
.
2011-05-09 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 16:34]
.
.
------- Examen supplémentaire -------
.
mStart Page = about:blank
uInternet Settings,ProxyOverride = *.local
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: &Envoyer à OneNote - c:\progra~1\MICROS~4\Office14\ONBttnIE.dll/105
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~4\Office12\EXCEL.EXE/3000
IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~4\Office14\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll/cmsidewiki.html
FF - ProfilePath - c:\documents and settings\Guy\Application Data\Mozilla\Firefox\Profiles\ji50v4hv.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2542115&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.startup.homepage - hxxp://www.google.ca
FF - prefs.js: keyword.URL - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CTXXXX&q=
FF - prefs.js: network.proxy.type - 0
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-05-12 18:36
Windows 5.1.2600 Service Pack 3 NTFS
.
Recherche de processus cachés ...
.
Recherche d'éléments en démarrage automatique cachés ...
.
Recherche de fichiers cachés ...
.
Scan terminé avec succès
Fichiers cachés: 0
.
**************************************************************************
.
--------------------- DLLs chargées dans les processus actifs ---------------------
.
- - - - - - - > 'explorer.exe'(3564)
c:\program files\Logitech\MouseWare\System\LgWndHk.dll
c:\program files\Gestionnaire de sauvegarde du Coffre-fort personnel\VaultClientMenu.dll
c:\program files\Gestionnaire de sauvegarde du Coffre-fort personnel\LIBEXPAT.dll
c:\program files\Gestionnaire de sauvegarde du Coffre-fort personnel\VaultClientCOM.dll
c:\program files\Fichiers communs\Logitech\Scrolling\LgMsgHk.dll
c:\windows\system32\eappprxy.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Autres processus actifs ------------------------
.
c:\windows\system32\nvsvc32.exe
c:\program files\Bell\Services de sécurité Internet de Bell\Fws.exe
c:\program files\Bell\Services de sécurité Internet de Bell\rps.exe
c:\windows\system32\RUNDLL32.EXE
c:\windows\sttray.exe
c:\program files\Logitech\MouseWare\system\em_exec.exe
c:\program files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Common Files\Motive\McciCMService.exe
c:\program files\Brother\Brmfcmon\BrMfcmon.exe
c:\windows\system32\PSIService.exe
c:\windows\system32\STacSV.exe
c:\windows\system32\wscntfy.exe
c:\windows\system32\wbem\wmiapsrv.exe
c:\program files\Bell\Internet Service Advisor\BISAComHandler.exe
c:\program files\Bell\Services de sécurité Internet de Bell\AVG\Identity Protection\agent\Bin\AVGIDSMonitor.exe
.
**************************************************************************
.
Heure de fin: 2011-05-12 18:40:19 - La machine a redémarré
ComboFix-quarantined-files.txt 2011-05-12 22:40
ComboFix2.txt 2011-05-12 21:45
ComboFix3.txt 2011-05-12 00:40
.
Avant-CF: 421 709 840 384 octets libres
Après-CF: 421 702 320 128 octets libres
.
- - End Of File - - 7E0133AFBF0E9BCDDD02743FFB9E3D03

Bonjour
voici le rapport

======= RAPPORT D'AD-REMOVER 2.0.0.2,G | UNIQUEMENT XP/VISTA/7 =======

Mis à jour par TeamXscript le 12/04/11
Contact: AdRemover[DOT]contact[AT]gmail[DOT]com
Site web: http://www.teamxscript.org

C:\Program Files\Ad-Remover\main.exe (CLEAN [1]) -> Lancé à 18:54:09 le 12/05/2011, Mode normal

Microsoft Windows XP Édition familiale Service Pack 3 (X86)
Guy@GUY-BC9AF59CE6E ( )

============== ACTION(S) ==============


Fichier supprimé: C:\WINDOWS\system32\ConduitEngine.tmp
Dossier supprimé: C:\Documents and Settings\Guy\Application Data\Mozilla\FireFox\Profiles\ji50v4hv.default\conduit
Dossier supprimé: C:\Documents and Settings\Guy\Application Data\Mozilla\FireFox\Profiles\ji50v4hv.default\ConduitEngine
Dossier supprimé: C:\Documents and Settings\Guy\Application Data\Mozilla\FireFox\Profiles\ji50v4hv.default\extensions\engine@conduit.com
Dossier supprimé: C:\Documents and Settings\Guy\Local Settings\Application Data\Conduit
Dossier supprimé: C:\Program Files\Conduit
Dossier supprimé: C:\Documents and Settings\Guy\Local Settings\Application Data\ConduitEngine
Dossier supprimé: C:\Program Files\ConduitEngine
Dossier supprimé: C:\Documents and Settings\Guy\Application Data\CrazyLoader
Dossier supprimé: C:\Documents and Settings\Guy\Application Data\OpenCandy
Dossier supprimé: C:\Documents and Settings\Guy\Application Data\pdfforge

(!) -- Fichiers temporaires supprimés.


-- Fichier ouvert: C:\Documents and Settings\Guy\Application Data\Mozilla\FireFox\Profiles\ji50v4hv.default\Prefs.js --
Ligne supprimée: user_pref("CommunityToolbar.CantToolbarBeEngineOwner", "");
Ligne supprimée: user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/909619/905414/CA", "\"0\"")...
Ligne supprimée: user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/935078/930862/CA", "\"0\"")...
Ligne supprimée: user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2542115", ...
Ligne supprimée: user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&lo...
Ligne supprimée: user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&loc...
Ligne supprimée: user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&lo...
Ligne supprimée: user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&local...
Ligne supprimée: user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\...
Ligne supprimée: user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.engine.conduit-services.com/DLG.pkg?ver=3.3.3...
Ligne supprimée: user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.3....
Ligne supprimée: user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT2542115",...
Ligne supprimée: user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=0", "63...
Ligne supprimée: user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=1/11/20...
Ligne supprimée: user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=2/17/20...
Ligne supprimée: user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=2/22/20...
Ligne supprimée: user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=3/13/20...
Ligne supprimée: user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.search.conduit.com/root/CT2542115/CT2542115...
Ligne supprimée: user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=fr-fr", "\"...
Ligne supprimée: user_pref("CommunityToolbar.EngineOwner", "ConduitEngine");
Ligne supprimée: user_pref("CommunityToolbar.EngineOwnerGuid", "engine@conduit.com");
Ligne supprimée: user_pref("CommunityToolbar.EngineOwnerToolbarId", "conduitengine");
Ligne supprimée: user_pref("CommunityToolbar.IsEngineShown", true);
Ligne supprimée: user_pref("CommunityToolbar.IsMyStuffImportedToEngine", true);
Ligne supprimée: user_pref("CommunityToolbar.OriginalEngineOwner", "ConduitEngine");
Ligne supprimée: user_pref("CommunityToolbar.OriginalEngineOwnerGuid", "engine@conduit.com");
Ligne supprimée: user_pref("CommunityToolbar.OriginalEngineOwnerToolbarId", "conduitengine");
Ligne supprimée: user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "chrome://browser-region/locale/region.pr...
Ligne supprimée: user_pref("CommunityToolbar.ToolbarsList", "ConduitEngine");
Ligne supprimée: user_pref("CommunityToolbar.ToolbarsList2", "ConduitEngine");
Ligne supprimée: user_pref("CommunityToolbar.alert.alertDialogsGetterLastCheckTime", "Fri Apr 29 2011 14:44:20 GMT-04...
Ligne supprimée: user_pref("CommunityToolbar.alert.alertEnabled", true);
Ligne supprimée: user_pref("CommunityToolbar.alert.alertInfoInterval", 60);
Ligne supprimée: user_pref("CommunityToolbar.alert.alertInfoLastCheckTime", "Sun May 08 2011 19:50:50 GMT-0400");
Ligne supprimée: user_pref("CommunityToolbar.alert.clientsServerUrl", "hxxp://alert.client.conduit.com");
Ligne supprimée: user_pref("CommunityToolbar.alert.locale", "en");
Ligne supprimée: user_pref("CommunityToolbar.alert.loginIntervalMin", 1440);
Ligne supprimée: user_pref("CommunityToolbar.alert.loginLastCheckTime", "Sun May 08 2011 18:44:55 GMT-0400");
Ligne supprimée: user_pref("CommunityToolbar.alert.loginLastUpdateTime", "1303303927");
Ligne supprimée: user_pref("CommunityToolbar.alert.messageShowTimeSec", 20);
Ligne supprimée: user_pref("CommunityToolbar.alert.servicesServerUrl", "hxxp://alert.services.conduit.com");
Ligne supprimée: user_pref("CommunityToolbar.alert.showTrayIcon", false);
Ligne supprimée: user_pref("CommunityToolbar.alert.userCloseIntervalMin", 300);
Ligne supprimée: user_pref("CommunityToolbar.alert.userId", "8f0db624-b510-4107-8c84-470743f0dcfe");
Ligne supprimée: user_pref("CommunityToolbar.globalUserId", "106bfbe9-5562-4535-8f79-6be90a0e4a59");
Ligne supprimée: user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true);
Ligne supprimée: user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);
Ligne supprimée: user_pref("CommunityToolbar.keywordURLSelectedCTID", "CT2542115");
Ligne supprimée: user_pref("ConduitEngine.AppTrackingLastCheckTime", "Tue May 03 2011 23:15:49 GMT-0400");
Ligne supprimée: user_pref("ConduitEngine.CTID", "ConduitEngine");
Ligne supprimée: user_pref("ConduitEngine.CommunitiesChangesLastCheckTime", "0");
Ligne supprimée: user_pref("ConduitEngine.DialogsGetterLastCheckTime", "Sun May 08 2011 16:28:47 GMT-0400");
Ligne supprimée: user_pref("ConduitEngine.FirstServerDate", "01/26/2011 22");
Ligne supprimée: user_pref("ConduitEngine.FirstTime", true);
Ligne supprimée: user_pref("ConduitEngine.FirstTimeFF3", true);
Ligne supprimée: user_pref("ConduitEngine.FixPageNotFoundErrors", false);
Ligne supprimée: user_pref("ConduitEngine.GroupingInvalidateCache", false);
Ligne supprimée: user_pref("ConduitEngine.GroupingLastCheckTime", "0");
Ligne supprimée: user_pref("ConduitEngine.GroupingLastServerUpdateTime", "0");
Ligne supprimée: user_pref("ConduitEngine.HasUserGlobalKeys", true);
Ligne supprimée: user_pref("ConduitEngine.Initialize", true);
Ligne supprimée: user_pref("ConduitEngine.InitializeCommonPrefs", true);
Ligne supprimée: user_pref("ConduitEngine.InstallationType", "UnknownIntegration");
Ligne supprimée: user_pref("ConduitEngine.InstalledDate", "Wed Jan 26 2011 14:59:34 GMT-0500 (Est)");
Ligne supprimée: user_pref("ConduitEngine.InvalidateCache", false);
Ligne supprimée: user_pref("ConduitEngine.IsMulticommunity", false);
Ligne supprimée: user_pref("ConduitEngine.IsOpenThankYouPage", false);
Ligne supprimée: user_pref("ConduitEngine.IsOpenUninstallPage", false);
Ligne supprimée: user_pref("ConduitEngine.LanguagePackLastCheckTime", "Sun May 08 2011 14:16:54 GMT-0400");
Ligne supprimée: user_pref("ConduitEngine.LastLogin_3.2.5.2", "Fri Apr 29 2011 14:40:57 GMT-0400");
Ligne supprimée: user_pref("ConduitEngine.LastLogin_3.3.3.2", "Sun May 08 2011 19:28:47 GMT-0400");
Ligne supprimée: user_pref("ConduitEngine.RadioLastCheckTime", "0");
Ligne supprimée: user_pref("ConduitEngine.RadioLastUpdateIPServer", "0");
Ligne supprimée: user_pref("ConduitEngine.RadioLastUpdateServer", "0");
Ligne supprimée: user_pref("ConduitEngine.SearchFromAddressBarIsInit", true);
Ligne supprimée: user_pref("ConduitEngine.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=C...
Ligne supprimée: user_pref("ConduitEngine.SettingsLastCheckTime", "Sun May 08 2011 19:28:47 GMT-0400");
Ligne supprimée: user_pref("ConduitEngine.UserID", "UN42623918106907066");
Ligne supprimée: user_pref("ConduitEngine.engineLocale", "fr");
Ligne supprimée: user_pref("ConduitEngine.enngineContextMenuLastCheckTime", "Sun May 08 2011 14:16:54 GMT-0400");
Ligne supprimée: user_pref("ConduitEngine.globalFirstTimeInfoLastCheckTime", "Sun May 08 2011 18:09:56 GMT-0400");
Ligne supprimée: user_pref("ConduitEngine.initDone", true);
Ligne supprimée: user_pref("ConduitEngine.isAppTrackingManagerOn", true);
Ligne supprimée: user_pref("ConduitEngine.usagesFlag", 2);
Ligne supprimée: user_pref("browser.search.defaulturl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2542115&Sea...
Ligne supprimée: user_pref("keyword.URL", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CTXXXX&q=");
-- Fichier Fermé --


Clé supprimée: HKLM\Software\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D}
Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}
Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{30F9B915-B755-4826-820B-08FBA6BD249D}
Clé supprimée: HKLM\Software\Classes\CLSID\{4BB1E961-A8CE-4C40-B750-DA81140ABF80}
Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{4BB1E961-A8CE-4C40-B750-DA81140ABF80}
Clé supprimée: HKLM\Software\Classes\CLSID\{BF92A10B-D056-4BCF-8ED6-EFDC2C10CB1B}
Clé supprimée: HKLM\Software\Classes\Conduit.Engine
Clé supprimée: HKLM\Software\Classes\GenericAskToolbar.ToolbarWnd
Clé supprimée: HKLM\Software\Classes\GenericAskToolbar.ToolbarWnd.1
Clé supprimée: HKLM\Software\Classes\Toolbar.CT2304564
Clé supprimée: HKLM\Software\Classes\Toolbar.CT2500339
Clé supprimée: HKLM\Software\Classes\Toolbar.CT2542115
Clé supprimée: HKLM\Software\Classes\Toolbar.CT2849852
Clé supprimée: HKLM\Software\Classes\AppID\GenericAskToolbar.DLL
Clé supprimée: HKLM\Software\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Clé supprimée: HKLM\Software\Conduit
Clé supprimée: HKLM\Software\conduitEngine
Clé supprimée: HKCU\Software\Conduit
Clé supprimée: HKCU\Software\conduitEngine
Clé supprimée: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}
Clé supprimée: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
Clé supprimée: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8FE95B63-74FD-45DA-94BA-E0BA49CA66C3}
Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\conduitEngine
Clé supprimée: HKLM\Software\Microsoft\Internet Explorer\Extensions\{3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF}

Valeur supprimée: HKLM\Software\Microsoft\Internet Explorer\Toolbar|{30F9B915-B755-4826-820B-08FBA6BD249D}


============== SCAN ADDITIONNEL ==============

**** Mozilla Firefox Version [4.0.1 (fr)] ****

HKLM_MozillaPlugins\@Motive.com/NpMotive,version=1.0 (x)
HKLM_MozillaPlugins\@radialpoint.com/SPA,version=1 (x)
Searchplugins\babylon.xml (hxxp://search.babylon.com/web/{searchTerms})
Searchplugins\bing.xml ( hxxp://www.bing.com/search)
Components\browsercomps.dll (Mozilla Foundation)

-- C:\Documents and Settings\Guy\Application Data\Mozilla\FireFox\Profiles\ji50v4hv.default --
Extensions\ffxtlbr@babylon.com (Babylon)
Extensions\{4daac69c-cba7-45e2-9bc8-1044483d3352}(2) (Softonic_France Community Toolbar)
Extensions\{5df95da0-850e-4d17-ad9f-6087ed193ac0}-trash (?)
Prefs.js - browser.download.lastDir, C:\\Documents and Settings\\Guy\\Bureau
Prefs.js - browser.startup.homepage, hxxp://www.google.ca
Prefs.js - browser.startup.homepage_override.buildID, 20110413222027
Prefs.js - browser.startup.homepage_override.mstone, rv:2.0.1

========================================

**** Internet Explorer Version [6.0.2900.2180] ****

HKCU_Main|Default_Page_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
HKCU_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU_Main|Search bar - hxxp://go.microsoft.com/fwlink/?linkid=54896
HKCU_Main|Start Page - hxxp://fr.msn.com/
HKLM_Main|Default_Page_URL - hxxp://go.microsoft.com/fwlink/?LinkId=54896
HKLM_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM_Main|Search bar - hxxp://search.msn.com/spbasic.htm
HKLM_Main|Search Page - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM_Main|Start Page - hxxp://fr.msn.com/
HKCU_URLSearchHooks|{4daac69c-cba7-45e2-9bc8-1044483d3352} - "Softonic_France Toolbar" (C:\Program Files\Softonic_France\prxtbSof0.dll)
HKCU_Toolbar\WebBrowser|{4DAAC69C-CBA7-45E2-9BC8-1044483D3352} (C:\Program Files\Softonic_France\prxtbSof0.dll)
HKLM_Toolbar|{4daac69c-cba7-45e2-9bc8-1044483d3352} (C:\Program Files\Softonic_France\prxtbSof0.dll)
HKLM_ElevationPolicy\6513c96e-9b97-453a-a90a-e7b70e04394d - C:\Program Files\Discover_USA\Discover_USAToolbarHelper.exe (x)
HKLM_ElevationPolicy\74934f48-2329-4d71-b8a3-8837d78dd778 - C:\Program Files\Discover_USA\Discover_USAToolbarHelper.exe (x)
HKLM_ElevationPolicy\c9cf3c0f-bb4b-4ad8-a675-74e2255ff890 - C:\Program Files\Avanquest_FR\Avanquest_FRToolbarHelper.exe (x)
HKLM_ElevationPolicy\{4181C878-6A35-406d-8D1B-030C80F8DDAE} - C:\Program Files\Bell\Internet Service Advisor\BISAComHandler.exe (Radialpoint Inc.)
HKLM_ElevationPolicy\{9EDB5AE6-327F-49C1-8C9F-E805859CD52F} - C:\Documents and Settings\Guy\Local Settings\Application Data\Conduit\CT2542115\Softonic_FranceAutoUpdaterHelper.exe (x)
HKLM_ElevationPolicy\{F9F9EFDD-8B1F-4D2F-AF13-D7A6CCF1E4C1} - C:\Program Files\Common Files\Motive\McciControlHost.exe (Alcatel-Lucent)
HKLM_Extensions\{e2e2dd38-d088-4134-82b7-f2ba38496583} - "?" (?)
BHO\{4daac69c-cba7-45e2-9bc8-1044483d3352} - "Softonic_France Toolbar" (C:\Program Files\Softonic_France\prxtbSof0.dll)
BHO\{5C255C8A-E604-49b4-9D64-90988571CECB} (?)
BHO\{B4F3A835-0E21-4959-BA22-42B3008E02FF} (?)
BHO\{bf00e119-21a3-4fd1-b178-3b8537e75c92} - "IeMonitorBho Class" (C:\Program Files\Megaupload\Mega Manager\MegaIEMn.dll)

========================================

C:\Program Files\Ad-Remover\Quarantine: 131 Fichier(s)
C:\Program Files\Ad-Remover\Backup: 14 Fichier(s)

C:\Ad-Report-CLEAN[1].txt - 12/05/2011 18:54:46 (15185 Octet(s))

Fin à: 18:55:28, 12/05/2011

============== E.O.F ==============

Merci beaucoup pour votre aide voici le premier rapport
http://www.cijoint.fr/cjlink.php?file=cj201105/cijWrzViSA.txt

voici le deuxième
http://www.cijoint.fr/cjlink.php?file=cj201105/cijWrzViSA.txt
merci

incapable de lancer pre_script

.line error 1042 file c document and setting\guy\bureau±pre_script.exe

error variable used without being declared

bonsoir j'ai remis mon anti virus on en attendant d'autre instruction il a trouvé un trojan dans le pre_Script et la mis en quarantaine .

Bonjour premièrement je suis désolé j'essaie de faire exactement ce que vous me dites

j'ai copié comme demandé le texte en caractère gras mais je ne suis pas sure quoi faire après
j'ai recommencé pré-scan plusieurs fois et ca me donne toujours un message d'erreur ligne 1042 si vous pouviez me dire quoi faire ce serais grandement apprécié

merci