Naviguer sur internet

OComboFix 08-02-15.2 - BENMANSOUR 2008-02-15 20:00:02.3 - NTFSx86
Microsoft Windows XP Edition familiale 5.1.2600.2.1256.213.1036.18.570 [GMT 1:00]
Endroit: C:\Documents and Settings\BENMANSOUR\Bureau\ComboFix.exe
Command switches used :: C:\Documents and Settings\BENMANSOUR\Bureau\CFScript.txt..txt
* Création d'un nouveau point de restauration

[color=red][b]AVERTISSEMENT - LA CONSOLE DE RةCUPةRATION N'EST PAS INSTALLةE SUR CETTE MACHINE !![/b][/color]
.

((((((((((((((((((((((((((((( Fichiers créés 2008-01-15 to 2008-02-15 ))))))))))))))))))))))))))))))))))))
.

2008-02-15 17:03 . 2008-02-15 17:18 <REP> d-------- C:\Program Files\WinAce
2008-02-15 11:25 . 2008-02-15 11:25 <REP> d-------- C:\Program Files\Azkary
2008-02-15 11:24 . 2008-02-15 11:24 <REP> d-------- C:\WINDOWS\Downloaded Installations
2008-02-15 10:31 . 2008-02-15 10:31 0 --a------ C:\osy3.sys
2008-02-15 10:26 . 2008-02-15 10:26 <REP> d-------- C:\Documents and Settings\All Users\Application Data\RoboForm
2008-02-15 10:25 . 2008-02-15 10:25 <REP> d-------- C:\Program Files\Siber Systems
2008-02-14 23:09 . 2008-02-14 23:14 <REP> d-------- C:\Program Files\BHODemon 2
2008-02-14 23:03 . 2008-02-14 23:03 230,400 --a------ C:\WINDOWS\AcroIEHelper.dll
2008-02-14 21:40 . 2008-02-14 21:40 <REP> d-------- C:\WINDOWS\speech
2008-02-14 21:40 . 2008-02-14 21:40 <REP> d-------- C:\WINDOWS\lhsp
2008-02-14 17:04 . 2008-02-14 17:11 <REP> d-------- C:\Rummy Royal
2008-02-14 17:04 . 2008-02-14 17:04 <REP> d-------- C:\Documents and Settings\BENMANSOUR\Application Data\GibbHill Properties Ltd
2008-02-13 22:43 . 2008-02-13 22:43 50 --a------ C:\WINDOWS\cdplayer.ini
2008-02-13 18:06 . 2008-02-13 18:06 <REP> d-------- C:\Program Files\SATVOD
2008-02-13 18:06 . 2008-02-13 18:06 <REP> d-------- C:\Documents and Settings\BENMANSOUR\Application Data\MoviesApp
2008-02-13 16:50 . 2008-02-13 18:10 <REP> d-------- C:\Program Files\Online_TV
2008-02-12 18:01 . 2008-02-12 18:01 <REP> d-------- C:\Program Files\Ontrack
2008-02-11 22:22 . 2008-02-11 22:29 <REP> d-------- C:\Program Files\AlThkir
2008-02-11 22:16 . 2008-02-11 22:16 <REP> d-------- C:\Program Files\NamesofAllah
2008-02-11 22:16 . 2004-09-29 21:31 228,864 --a------ C:\WINDOWS\NamesofAllah.scr
2008-02-11 17:55 . 2008-02-11 17:55 <REP> d-------- C:\Documents and Settings\BENMANSOUR\Application Data\Ashampoo
2008-02-10 21:32 . 2008-02-10 21:35 <REP> d-------- C:\Documents and Settings\BENMANSOUR\Application Data\Ahead
2008-02-10 21:24 . 2008-02-10 21:24 0 --a------ C:\WINDOWS\Irremote.ini
2008-02-08 19:05 . 2008-02-08 19:05 <REP> d-------- C:\Documents and Settings\BENMANSOUR\Application Data\vlc
2008-02-08 18:45 . 2008-02-08 18:45 <REP> d-------- C:\Program Files\Real
2008-02-08 18:45 . 2008-02-08 18:45 <REP> d-------- C:\Program Files\Fichiers communs\xing shared
2008-02-08 18:45 . 2008-02-08 18:45 <REP> d-------- C:\Program Files\Fichiers communs\Real
2008-02-08 17:19 . 2008-02-08 17:19 229,888 --a------ C:\WINDOWS\sysvol32.dll
2008-02-08 17:19 . 2008-02-14 23:03 50 --a------ C:\tmp.bat
2008-02-01 15:52 . 2008-02-01 15:52 <REP> d-------- C:\Program Files\KaonCDH
2008-02-01 15:52 . 2004-03-09 00:00 662,288 --a------ C:\WINDOWS\system32\mscomct2.ocx
2008-02-01 15:52 . 2004-03-09 00:00 224,016 --a------ C:\WINDOWS\system32\Tabctl32.ocx
2008-02-01 15:52 . 2004-03-09 00:00 212,240 --a------ C:\WINDOWS\system32\richtx32.ocx
2008-02-01 15:52 . 1996-06-13 22:24 53,760 --a------ C:\WINDOWS\system32\zlibtool.ocx
2008-02-01 15:52 . 1998-03-26 01:12 53,248 --a------ C:\WINDOWS\system32\zlib.dll
2008-02-01 15:52 . 2004-12-07 22:24 36,864 --a------ C:\WINDOWS\system32\compressZIt.ocx
2008-01-31 22:42 . 2008-02-14 23:17 <REP> d-------- C:\Program Files\LimeWire Turbo
2008-01-31 22:42 . 2008-02-06 14:01 <REP> d-------- C:\Documents and Settings\BENMANSOUR\Application Data\LimeWireTurbo
2008-01-30 16:51 . 2008-01-30 16:51 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Apple
2008-01-28 18:09 . 2008-01-28 18:09 <REP> d-------- C:\Program Files\Fichiers communs\COWON
2008-01-28 18:07 . 2008-02-13 23:00 <REP> d-------- C:\Program Files\JetAudio
2008-01-28 18:07 . 2008-01-28 18:07 <REP> d-------- C:\Documents and Settings\BENMANSOUR\Application Data\COWON
2008-01-25 22:45 . 2008-01-29 20:52 <REP> d-------- C:\Program Files\BitComet
2008-01-25 22:45 . 2008-01-25 23:29 <REP> d-------- C:\Downloads
2008-01-24 21:25 . 2008-01-24 21:25 334 --a------ C:\WINDOWS\ST6UNST.003
2008-01-24 21:24 . 2008-01-24 21:24 334 --a------ C:\WINDOWS\ST6UNST.002
2008-01-24 17:38 . 2008-02-13 22:26 <REP> d-------- C:\Program Files\DaemonTools_WhenUSave_Installer
2008-01-24 17:34 . 2008-01-24 17:34 639,224 --a------ C:\WINDOWS\system32\drivers\sptd.sys
2008-01-24 08:22 . 2008-01-24 08:23 <REP> d-------- C:\WINDOWS\system32\drivers\myrmbin
2008-01-24 08:22 . 2008-01-24 08:23 <REP> d-------- C:\Program Files\MyVideoConverter
2008-01-22 18:54 . 2008-01-22 18:54 <REP> d-------- C:\Documents and Settings\All Users\Application Data\ashampoo
2008-01-17 17:31 . 2005-07-12 14:12 86,016 --a------ C:\WINDOWS\removeark.exe
2008-01-17 17:31 . 2005-09-02 17:49 28,928 --a------ C:\WINDOWS\system32\drivers\usb2vcom.sys
2008-01-15 23:13 . 2008-01-15 23:13 <REP> d-------- C:\Program Files\Alwil Software
2008-01-15 23:13 . 2003-03-18 21:20 1,060,864 --a------ C:\WINDOWS\system32\MFC71.dll
2008-01-15 23:13 . 2007-12-04 14:04 837,496 --a------ C:\WINDOWS\system32\aswBoot.exe
2008-01-15 23:13 . 2004-01-09 10:13 380,928 --a------ C:\WINDOWS\system32\actskin4.ocx
2008-01-15 23:13 . 2007-12-04 13:54 95,608 --a------ C:\WINDOWS\system32\AvastSS.scr
2008-01-15 23:13 . 2007-12-04 15:55 94,544 --a------ C:\WINDOWS\system32\drivers\aswmon2.sys
2008-01-15 23:13 . 2007-12-04 15:56 93,264 --a------ C:\WINDOWS\system32\drivers\aswmon.sys
2008-01-15 23:13 . 2007-12-04 15:51 42,912 --a------ C:\WINDOWS\system32\drivers\aswTdi.sys
2008-01-15 23:13 . 2007-12-04 15:49 26,624 --a------ C:\WINDOWS\system32\drivers\aavmker4.sys
2008-01-15 23:13 . 2007-12-04 15:53 23,152 --a------ C:\WINDOWS\system32\drivers\aswRdr.sys
2008-01-15 17:56 . 2008-01-15 17:56 <REP> d-------- C:\Documents and Settings\LocalService\Application Data\AVG7
2008-01-15 17:53 . 2008-01-15 22:32 <REP> d-------- C:\Documents and Settings\BENMANSOUR\Application Data\AVG7
2008-01-15 17:53 . 2008-01-15 23:08 <REP> d-------- C:\Documents and Settings\All Users\Application Data\avg7
2008-01-15 17:53 . 2008-01-15 17:53 499,712 --a------ C:\WINDOWS\system32\msvcp71.dll
2008-01-15 17:53 . 2008-01-15 17:53 348,160 --a------ C:\WINDOWS\system32\msvcr71.dll
2008-01-15 17:36 . 2008-01-15 17:36 0 --a------ C:\WINDOWS\system32\drivers\wnmsav.dat

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-02-15 18:59 --------- d-----w C:\Documents and Settings\BENMANSOUR\Application Data\Skype
2008-02-15 17:56 --------- d-----w C:\Program Files\Mozilla Firefox 3 Beta 1
2008-02-15 17:06 --------- d-----w C:\Documents and Settings\BENMANSOUR\Application Data\skypePM
2008-02-15 17:04 --------- d---a-w C:\Documents and Settings\All Users\Application Data\TEMP
2008-02-14 21:26 --------- d-----w C:\Documents and Settings\BENMANSOUR\Application Data\Azureus
2008-02-14 15:54 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-02-10 20:32 --------- d-----w C:\Program Files\Fichiers communs\Ahead
2008-02-10 20:26 --------- d-----w C:\Program Files\Fichiers communs\Nero
2008-02-10 20:26 --------- d-----w C:\Documents and Settings\All Users\Application Data\Nero
2008-01-31 22:19 --------- d-----w C:\Documents and Settings\BENMANSOUR\Application Data\LimeWire
2008-01-30 15:51 --------- d-----w C:\Program Files\Apple Software Update
2008-01-28 16:50 --------- d-----w C:\Program Files\speed-bit
2008-01-26 08:21 --------- d-----w C:\Program Files\Opera
2008-01-24 21:30 --------- d-----w C:\Program Files\Monkey's Audio
2008-01-15 22:06 --------- d-----w C:\Documents and Settings\All Users\Application Data\Grisoft
2008-01-15 16:45 --------- d-----w C:\Program Files\Fichiers communs\Panda Software
2008-01-13 20:07 --------- d-----w C:\Documents and Settings\BENMANSOUR\Application Data\Apple Computer
2008-01-13 20:04 --------- d-----w C:\Program Files\QuickTime
2008-01-13 20:03 --------- d-----w C:\Documents and Settings\All Users\Application Data\Apple Computer
2008-01-11 21:00 --------- d-----w C:\Program Files\Azureus Ultra Accelerator
2008-01-11 20:55 --------- d-----w C:\Program Files\Conduit
2008-01-11 20:55 --------- d-----w C:\Program Files\Best_Security_Tips
2008-01-10 20:15 --------- d-----w C:\Documents and Settings\All Users\Application Data\Azureus
2008-01-09 17:19 --------- d-----w C:\Documents and Settings\BENMANSOUR\Application Data\Thinstall
2008-01-09 13:35 --------- d-----w C:\Program Files\DAP
2008-01-09 10:22 --------- d-----w C:\Documents and Settings\All Users\Application Data\Microsoft Help
2008-01-09 10:21 --------- d-----w C:\Program Files\Winamp
2008-01-09 09:23 --------- d-----w C:\Program Files\CCleaner
2008-01-09 09:17 --------- d-----w C:\Program Files\Trend Micro
2008-01-08 17:15 --------- d-----w C:\Program Files\MSXML 4.0
2008-01-07 17:27 --------- d-----w C:\Documents and Settings\BENMANSOUR\Application Data\NeroDigital™
2008-01-07 17:05 --------- d-----w C:\Program Files\GeoVid
2008-01-07 16:57 --------- d-----w C:\Documents and Settings\BENMANSOUR\Application Data\DivX
2008-01-07 16:03 --------- d-----w C:\Documents and Settings\BENMANSOUR\Application Data\Nero
2008-01-07 16:01 --------- d-----w C:\Program Files\Nero
2008-01-06 12:56 --------- d-----w C:\Program Files\Microsoft Works
2008-01-06 12:55 --------- d-----w C:\Program Files\MSBuild
2008-01-06 12:55 --------- d-----w C:\Program Files\Microsoft.NET
2008-01-06 12:42 --------- d-----w C:\Program Files\DivX
2008-01-05 21:36 737,280 ----a-w C:\WINDOWS\iun6002.exe
2008-01-05 21:36 --------- d-----w C:\Program Files\Athan
2008-01-05 21:29 --------- d-----w C:\Documents and Settings\All Users\Application Data\Yahoo! Companion
2008-01-05 21:18 50,688 ----a-w C:\WINDOWS\system32\wbhelp2.dll
2008-01-05 21:13 --------- d-----w C:\Program Files\Windows Media Connect 2
2008-01-05 21:13 --------- d-----w C:\Program Files\VideoLAN
2008-01-05 21:04 --------- d-----w C:\Program Files\Fichiers communs\snpstd3
2008-01-05 20:55 --------- d-----w C:\Documents and Settings\All Users\Application Data\Yahoo!
2008-01-05 20:52 --------- d-----w C:\Program Files\Yahoo!
2008-01-05 20:40 32 ----a-w C:\Documents and Settings\All Users\Application Data\ezsid.dat
2008-01-05 20:36 --------- d-----w C:\Program Files\Skype
2008-01-05 20:36 --------- d-----w C:\Program Files\Google
2008-01-05 20:36 --------- d-----w C:\Program Files\Fichiers communs\Skype
2008-01-05 20:36 --------- d-----w C:\Documents and Settings\All Users\Application Data\Skype
2008-01-05 17:44 9,388 ----a-w C:\WINDOWS\system32\drivers\iaStor.PNF
2008-01-05 17:44 7,280 ----a-w C:\WINDOWS\system32\drivers\viamraid.PNF
2008-01-05 17:44 63,240 ----a-w C:\WINDOWS\system32\drivers\Si3112r.PNF
2008-01-05 17:44 6,984 ----a-w C:\WINDOWS\system32\drivers\SiSRaid.PNF
2008-01-05 17:44 12,432 ----a-w C:\WINDOWS\system32\drivers\adpu320.PNF
2008-01-05 17:44 12,204 ----a-w C:\WINDOWS\system32\drivers\nvraid.PNF
2008-01-05 17:44 10,828 ----a-w C:\WINDOWS\system32\drivers\iaAHCI.PNF
2008-01-05 17:44 --------- d-----w C:\Program Files\Fichiers communs\SpeechEngines
2008-01-05 17:44 --------- d-----w C:\Program Files\Fichiers communs\ODBC
2008-01-05 17:27 --------- d-----w C:\Program Files\Launch Manager
2008-01-05 17:26 --------- d-----w C:\Documents and Settings\All Users\Application Data\sentinel
2008-01-05 17:24 5,884 ----a-w C:\WINDOWS\system32\drivers\net_m32.PNF
2008-01-05 17:24 20,376 ----a-w C:\WINDOWS\system32\drivers\INFCACHE.1
2008-01-05 17:24 --------- d-----w C:\Program Files\Panda Security
2008-01-05 17:24 --------- d-----w C:\Documents and Settings\All Users\Application Data\Backup
2008-01-05 17:20 --------- d-----w C:\Program Files\ZTE ZXDSL 852
2008-01-05 17:18 --------- d-----w C:\Program Files\Marvell
2008-01-05 17:18 --------- d-----w C:\Program Files\Fichiers communs\InstallShield
2008-01-05 17:17 --------- d-----w C:\Program Files\Synaptics
2008-01-05 17:17 --------- d-----w C:\Program Files\Realtek
2008-01-05 17:16 --------- d-----w C:\Program Files\Intel
2008-01-05 17:07 --------- d-----w C:\Program Files\microsoft frontpage
2008-01-05 17:06 --------- d-----w C:\Program Files\Java
2008-01-05 17:06 --------- d-----w C:\Program Files\Fichiers communs\Java
2008-01-05 17:01 --------- d-----w C:\Program Files\Services en ligne
2008-01-05 17:00 --------- d-----w C:\Program Files\Fichiers communs\MSSoap
2007-12-18 09:51 179,584 ----a-w C:\WINDOWS\system32\drivers\mrxdav.sys
2007-12-11 19:46 524,288 ----a-w C:\WINDOWS\system32\DivXsm.exe
2007-12-11 19:46 3,596,288 ----a-w C:\WINDOWS\system32\qt-dx331.dll
2007-12-11 19:46 129,784 ------w C:\WINDOWS\system32\pxafs.dll
2007-12-11 19:46 120,056 ------w C:\WINDOWS\system32\pxcpyi64.exe
2007-12-11 19:46 118,520 ------w C:\WINDOWS\system32\pxinsi64.exe
2007-12-11 19:45 200,704 ----a-w C:\WINDOWS\system32\ssldivx.dll
2007-12-11 19:45 1,044,480 ----a-w C:\WINDOWS\system32\libdivx.dll
2007-12-11 19:44 823,296 ----a-w C:\WINDOWS\system32\divx_xx0c.dll
2007-12-11 19:44 823,296 ----a-w C:\WINDOWS\system32\divx_xx07.dll
2007-12-11 19:44 81,920 ----a-w C:\WINDOWS\system32\dpl100.dll
2007-12-11 19:44 802,816 ----a-w C:\WINDOWS\system32\divx_xx11.dll
2007-12-11 19:44 682,496 ----a-w C:\WINDOWS\system32\DivX.dll
2007-12-11 19:44 593,920 ----a-w C:\WINDOWS\system32\dpuGUI11.dll
2007-12-11 19:44 57,344 ----a-w C:\WINDOWS\system32\dpv11.dll
2007-12-11 19:44 53,248 ----a-w C:\WINDOWS\system32\dpuGUI10.dll
2007-12-11 19:44 344,064 ----a-w C:\WINDOWS\system32\dpus11.dll
2007-12-11 19:44 294,912 ----a-w C:\WINDOWS\system32\dpu11.dll
2007-12-11 19:44 294,912 ----a-w C:\WINDOWS\system32\dpu10.dll
2007-12-11 19:44 196,608 ----a-w C:\WINDOWS\system32\dtu100.dll
2007-12-11 19:44 156,992 ----a-w C:\WINDOWS\system32\DivXCodecVersionChecker.exe
.

((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{2ba521ac-b9b9-4433-ba45-dba2f02cba5a}]
2008-01-28 17:54 1502232 --a------ C:\Program Files\speed-bit\tbspe1.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{358A14C3-CB2F-4366-9A6C-1AEB63F0B036}]
2008-02-14 23:03 230400 --a------ C:\WINDOWS\AcroIEHelper.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{da30eff8-ccc6-4162-a20d-67402a26a215}]
2007-12-19 15:53 1514520 --a------ C:\Program Files\Best_Security_Tips\tbBest.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11D4-9B18-009027A5CD4F}
{EF99BD32-C1FB-11D2-892F-0090271D4F88}
{2BA521AC-B9B9-4433-BA45-DBA2F02CBA5A}
{DA30EFF8-CCC6-4162-A20D-67402A26A215}
{BC4FFE41-DE9F-46FA-B455-AAD49B9F9938}
{40D1C3A7-4FFB-4443-B3A0-A64B2DF7FC3B}

[HKEY_CLASSES_ROOT\clsid\{2ba521ac-b9b9-4433-ba45-dba2f02cba5a}]

[HKEY_CLASSES_ROOT\clsid\{da30eff8-ccc6-4162-a20d-67402a26a215}]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
"{2BA521AC-B9B9-4433-BA45-DBA2F02CBA5A}"= C:\Program Files\speed-bit\tbspe1.dll [2008-01-28 17:54 1502232]
"{DA30EFF8-CCC6-4162-A20D-67402A26A215}"= C:\Program Files\Best_Security_Tips\tbBest.dll [2007-12-19 15:53 1514520]

[HKEY_CLASSES_ROOT\clsid\{2ba521ac-b9b9-4433-ba45-dba2f02cba5a}]

[HKEY_CLASSES_ROOT\clsid\{da30eff8-ccc6-4162-a20d-67402a26a215}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-05 13:00 15360]
"Skype"="C:\Program Files\Skype\Phone\Skype.exe" [2008-02-01 17:22 21898024]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-01-15 03:39 68856]
"Yahoo! Pager"="~C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" [ ]
"ares"="C:\Program Files\Ares\Ares.exe" [ ]
"eMuleAutoStart"="D:\eMule\emule.exe" [2007-05-13 15:57 5308416]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe" [2005-11-10 13:03 36975]
"LaunchAp"="C:\Program Files\Launch Manager\LaunchAp.exe" [2005-07-25 13:36 32768]
"HotkeyApp"="C:\Program Files\Launch Manager\HotkeyApp.exe" [2006-04-19 17:03 65536]
"Wbutton"="C:\Program Files\Launch Manager\Wbutton.exe" [2006-05-04 10:34 86016]
"igfxtray"="C:\WINDOWS\system32\igfxtray.exe" [2006-03-23 12:17 94208]
"igfxhkcmd"="C:\WINDOWS\system32\hkcmd.exe" [2006-03-23 12:13 77824]
"igfxpers"="C:\WINDOWS\system32\igfxpers.exe" [2006-03-23 12:17 118784]
"RTHDCPL"="RTHDCPL.EXE" [2006-07-21 16:56 16261632 C:\WINDOWS\RTHDCPL.exe]
"SkyTel"="SkyTel.EXE" [2006-05-16 18:04 2879488 C:\WINDOWS\SkyTel.exe]
"SMSERIAL"="sm56hlpr.exe" [2006-01-20 12:34 544768 C:\WINDOWS\sm56hlpr.exe]
"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [2006-04-21 15:16 761946]
"AdslTaskBar"="stmctrl.dll" [2006-06-02 09:01 151552 C:\WINDOWS\system32\stmctrl.dll]
"CtrlVol"="C:\Program Files\Launch Manager\CtrlVol.exe" [ ]
"CameraFixer"="C:\WINDOWS\CameraFixer.exe" [2005-10-03 11:23 20480]
"tsnpstd3"="C:\WINDOWS\tsnpstd3.exe" [2005-10-27 13:06 90112]
"snpstd3"="C:\WINDOWS\vsnpstd3.exe" [2005-09-05 15:55 339968]
"DownloadAccelerator"="C:\Program Files\DAP\DAP.exe" [2008-01-09 14:35 4376328]
"Athan"="C:\Program Files\Athan\Athan.exe" [2007-09-06 20:25 1003520]
"GrooveMonitor"="C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-27 00:47 31016]
"IMJPMIG8.1"="C:\WINDOWS\IME\imjp8_1\IMJPMIG.exe" [2004-08-05 13:00 208952]
"IMEKRMIG6.1"="C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE" [2004-08-05 13:00 44032]
"MSPY2002"="C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe" [2004-08-05 13:00 59392]
"PHIME2002ASync"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe" [2004-08-05 13:00 455168]
"PHIME2002A"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe" [2004-08-05 13:00 455168]
"NBKeyScan"="C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [ ]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2006-09-01 15:57 282624]
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-12-04 14:00 79224]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2004-08-05 13:00 110592 C:\WINDOWS\system32\bthprops.cpl]
"TkBellExe"="C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" [2008-02-08 18:45 185784]
"NeroFilterCheck"="C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe" [2006-01-12 16:40 155648]
"Azkary"="C:\Program Files\Azkary\Azkary" [ ]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-05 13:00 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
C:\Program Files\Fichiers communs\Nero\Lib\NeroCheck.exe

R1 Hotkey;Hotkey;C:\WINDOWS\system32\drivers\Hotkey.sys [2003-04-28 11:27]
R3 Stmatm;ATM/ADSL miniport;C:\WINDOWS\system32\DRIVERS\stmatm.sys [2003-08-12 12:51]
R3 TaurusUsb;ADSL Modem USB Service;C:\WINDOWS\system32\DRIVERS\torususb.sys [2006-09-13 15:04]
S1 Wbutton;Wbutton;C:\WINDOWS\system32\drivers\Wbutton.sys []
S3 NETIMFLT;PANDA NDIS IM Filter Miniport;C:\WINDOWS\system32\DRIVERS\netimflt.sys []
S3 usb2vcom;USB to Serial Bridge Controller;C:\WINDOWS\system32\Drivers\usb2vcom.sys [2005-09-02 17:49]

.
Contenu du dossier 'Scheduled Tasks/Tâches planifiées'
"2008-02-14 19:09:02 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
.
**************************************************************************

catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-02-15 20:00:37
Windows 5.1.2600 Service Pack 2 NTFS

Balayage processus cachés ...

Balayage caché autostart entries ...

Balayage des fichiers cachés ...

Scan terminé avec succès
Les fichiers cachés: 0

**************************************************************************
.
Temps d'accomplissement: 2008-02-15 20:01:29
ComboFix-quarantined-files.txt 2008-02-15 19:01:15
ComboFix2.txt 2008-02-15 18:51:53
ComboFix3.txt 2008-02-15 13:40:20
.
2008-02-13 12:03:07 --- E O F ---
OUI JE SUIT DE RELIGION MUSULMANE ET VOUS?
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:05:06, on 15/02/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\Launch Manager\LaunchAp.exe
C:\Program Files\Launch Manager\HotkeyApp.exe
C:\Program Files\Launch Manager\Wbutton.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\sm56hlpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\CameraFixer.exe
C:\WINDOWS\tsnpstd3.exe
C:\WINDOWS\vsnpstd3.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\DAP\DAP.EXE
C:\Program Files\Athan\Athan.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Launch Manager\WLBTTray.exe
C:\Program Files\Azkary\Azkary.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\notepad.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://home.sweetim.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://fr.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://fr.rd.yahoo.com/customize/ie/defaults/su/msgr8/*https://fr.search.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://fr.rd.yahoo.com/customize/ie/defaults/sp/msgr8/*https://fr.search.yahoo.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://home.sweetim.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://fr.rd.yahoo.com/customize/ie/defaults/su/msgr8/*https://fr.search.yahoo.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
R3 - URLSearchHook: speed-bit Toolbar - {2ba521ac-b9b9-4433-ba45-dba2f02cba5a} - C:\Program Files\speed-bit\tbspe1.dll
R3 - URLSearchHook: Best Security Tips Toolbar - {da30eff8-ccc6-4162-a20d-67402a26a215} - C:\Program Files\Best_Security_Tips\tbBest.dll
R3 - URLSearchHook: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll (file missing)
R3 - URLSearchHook: Online_TV toolbar - {40d1c3a7-4ffb-4443-b3a0-a64b2df7fc3b} - C:\Program Files\Online_TV\tbOnl0.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: SWEETIE - {1A0AADCD-3A72-4b5f-900F-E3BB5A838E2A} - C:\PROGRA~1\MACROG~1\SWEETI~1\toolbar.dll (file missing)
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: speed-bit Toolbar - {2ba521ac-b9b9-4433-ba45-dba2f02cba5a} - C:\Program Files\speed-bit\tbspe1.dll
O2 - BHO: Adobe PDF Reader Link Helper - {358A14C3-CB2F-4366-9A6C-1AEB63F0B036} - C:\WINDOWS\AcroIEHelper.dll
O2 - BHO: Online_TV toolbar - {40d1c3a7-4ffb-4443-b3a0-a64b2df7fc3b} - C:\Program Files\Online_TV\tbOnl0.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: Best Security Tips Toolbar - {da30eff8-ccc6-4162-a20d-67402a26a215} - C:\Program Files\Best_Security_Tips\tbBest.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O3 - Toolbar: speed-bit Toolbar - {2ba521ac-b9b9-4433-ba45-dba2f02cba5a} - C:\Program Files\speed-bit\tbspe1.dll
O3 - Toolbar: Best Security Tips Toolbar - {da30eff8-ccc6-4162-a20d-67402a26a215} - C:\Program Files\Best_Security_Tips\tbBest.dll
O3 - Toolbar: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll (file missing)
O3 - Toolbar: Online_TV toolbar - {40d1c3a7-4ffb-4443-b3a0-a64b2df7fc3b} - C:\Program Files\Online_TV\tbOnl0.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [LaunchAp] "C:\Program Files\Launch Manager\LaunchAp.exe"
O4 - HKLM\..\Run: [HotkeyApp] "C:\Program Files\Launch Manager\HotkeyApp.exe"
O4 - HKLM\..\Run: [Wbutton] "C:\Program Files\Launch Manager\Wbutton.exe"
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [SMSERIAL] sm56hlpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [AdslTaskBar] rundll32.exe stmctrl.dll,TaskBar
O4 - HKLM\..\Run: [CtrlVol] C:\Program Files\Launch Manager\CtrlVol.exe
O4 - HKLM\..\Run: [CameraFixer] C:\WINDOWS\CameraFixer.exe
O4 - HKLM\..\Run: [tsnpstd3] C:\WINDOWS\tsnpstd3.exe
O4 - HKLM\..\Run: [snpstd3] C:\WINDOWS\vsnpstd3.exe
O4 - HKLM\..\Run: [DownloadAccelerator] "C:\Program Files\DAP\DAP.EXE" /STARTUP
O4 - HKLM\..\Run: [Athan] C:\Program Files\Athan\Athan.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [IMEKRMIG6.1] C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [Azkary] C:\Program Files\Azkary\Azkary
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Yahoo! Pager] ~"C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKCU\..\Run: [ares] "C:\Program Files\Ares\Ares.exe" -h
O4 - HKCU\..\Run: [eMuleAutoStart] D:\eMule\emule.exe -AutoStart
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RESEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Azureus Ultra Accelerator.lnk = C:\Program Files\Azureus Ultra Accelerator\Azureus Ultra Accelerator.exe
O4 - Startup: Personal Player.lnk = C:\Program Files\Web Hottest Videos Personal Player\cle d'activation microsoft office 2007 Web hottest videos personal player.exe
O4 - Global Startup: Bilal.lnk = C:\Program Files\Prayer\Prayer.exe
O8 - Extra context menu item: &Clean Traces - C:\Program Files\DAP\Privacy Package\dapcleanerie.htm
O8 - Extra context menu item: &Download with &DAP - C:\Program Files\DAP\dapextie.htm
O8 - Extra context menu item: Download &all with DAP - C:\Program Files\DAP\dapextie2.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O17 - HKLM\System\CCS\Services\Tcpip\..\{A883CB03-D5CA-400C-A590-898996C58CA7}: NameServer = 208.67.222.222 193.55.10.102
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe