ComboFix 08-03-29.1 - Sofian 2008-03-29 19:44:47.1 - NTFSx86 Microsoft Windows XP Professionnel 5.1.2600.2.1252.1.1036.18.109 [GMT 1:00] Endroit: C:\Documents and Settings\Sofian.OUAHCHI\Mes documents\My Completed Downloads\ComboFix.exe * Création d'un nouveau point de restauration [color=red][b]AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !![/b][/color] . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . C:\WINDOWS\system32\atmpvcn.dll . ((((((((((((((((((((((((((((( Fichiers créés 2008-02-28 to 2008-03-29 )))))))))))))))))))))))))))))))))))) . 2008-03-29 19:28 . 2008-03-29 19:28 d-------- C:\WINDOWS\LastGood 2008-03-29 14:09 . 2008-03-29 14:09 d-------- C:\Program Files\CCleaner 2008-03-29 13:51 . 2008-03-29 13:51 5,250,112 --a------ C:\My Music50 Cent - Like A Pimp.mp3 2008-03-29 12:57 . 2008-03-29 13:02 d-------- C:\Documents and Settings\Sofian.OUAHCHI\Contacts 2008-03-29 10:28 . 2007-07-30 19:19 271,224 --a------ C:\WINDOWS\system32\mucltui.dll 2008-03-29 10:28 . 2007-07-30 19:19 207,736 --a------ C:\WINDOWS\system32\muweb.dll 2008-03-29 10:28 . 2007-07-30 19:18 30,072 --a------ C:\WINDOWS\system32\mucltui.dll.mui 2008-03-28 20:18 . 2008-03-28 20:18 3,488,832 --a------ C:\My MusicMicheal Jackson - You Are Not Alone.mp3 2008-03-28 20:12 . 2008-03-28 20:12 d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\Hagel Technologies 2008-03-28 20:10 . 2008-03-28 20:12 d-------- C:\Program Files\DAP 2008-03-28 20:10 . 2008-03-28 20:10 479,298 --a------ C:\WINDOWS\system32\wbocx.ocx 2008-03-28 20:10 . 2008-03-28 20:10 172,032 --a------ C:\WINDOWS\system32\AniGIF.ocx 2008-03-28 20:10 . 2008-03-28 20:10 50,688 --a------ C:\WINDOWS\system32\wbhelp2.dll 2008-03-28 19:58 . 2002-01-05 15:37 344,064 --a------ C:\WINDOWS\system32\Msvcr70.dll 2008-03-28 19:57 . 2008-03-28 20:01 d-------- C:\Program Files\Arial Audio Converter 2008-03-28 17:25 . 2008-03-29 12:53 d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\WLInstaller 2008-03-28 16:50 . 2008-03-28 16:50 d-------- C:\Program Files\Skyhook Wireless 2008-03-28 16:50 . 2008-03-28 16:50 12,416 --a------ C:\WINDOWS\system32\drivers\wpsnuio.sys 2008-03-28 15:46 . 2008-03-28 15:46 d-------- C:\Program Files\Microsoft ActiveSync 2008-03-28 15:46 . 2005-10-21 02:47 30,592 --------- C:\WINDOWS\system32\drivers\rndismpx.sys 2008-03-28 15:46 . 2005-10-21 02:47 12,800 --------- C:\WINDOWS\system32\drivers\usb8023x.sys 2008-03-28 15:08 . 2008-03-28 15:08 d-------- C:\Program Files\Trend Micro 2008-03-27 22:06 . 2008-03-29 13:52 54,156 --ah----- C:\WINDOWS\QTFont.qfn 2008-03-27 22:06 . 2008-03-27 22:06 1,409 --a------ C:\WINDOWS\QTFont.for 2008-03-27 22:03 . 2008-03-27 22:03 d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\Apple Computer 2008-03-27 18:04 . 2008-03-27 18:05 d-------- C:\WINDOWS\UbiSoft 2008-03-27 16:59 . 2008-03-29 19:48 1,773,600 --ahs---- C:\WINDOWS\system32\drivers\fidbox.dat 2008-03-27 16:59 . 2008-03-29 15:08 18,908 --ahs---- C:\WINDOWS\system32\drivers\fidbox.idx 2008-03-27 13:56 . 2008-03-27 13:56 d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\MailFrontier 2008-03-27 13:56 . 2008-03-13 23:11 75,248 --a------ C:\WINDOWS\zllsputility.exe 2008-03-27 13:56 . 2008-03-27 14:17 4,212 ---h----- C:\WINDOWS\system32\zllictbl.dat 2008-03-27 13:55 . 2008-03-27 13:55 d-------- C:\Program Files\Zone Labs 2008-03-27 13:54 . 2008-03-29 19:37 d-------- C:\WINDOWS\Internet Logs 2008-03-27 13:40 . 2008-03-28 16:23 d-------- C:\Program Files\Online TV Player 2008-03-27 13:40 . 2008-03-27 13:40 0 --a------ C:\WINDOWS\system32\810429tv2.jun 2008-03-27 12:53 . 2008-03-27 13:00 d-------- C:\Program Files\AVI to MPEG Converter 2008-03-27 12:53 . 2003-10-17 00:00 3,423,744 --a------ C:\WINDOWS\system32\libfilefmt-1.1.0.dll 2008-03-27 12:53 . 2003-10-17 00:00 706,048 --a------ C:\WINDOWS\system32\libmcl-3.1.1.dll 2008-03-27 12:53 . 2003-10-17 00:00 20,480 --a------ C:\WINDOWS\system32\libavi-dd-1.2.0.dll 2008-03-27 12:46 . 2007-05-07 12:58 618,496 --a------ C:\WINDOWS\system32\MSSTTFTTM.ocx 2008-03-27 12:46 . 2001-11-06 08:57 233,472 --a------ C:\WINDOWS\system32\Msdsn.ocx 2008-03-27 12:46 . 1998-06-24 01:00 209,192 --a------ C:\WINDOWS\system32\tabctl32.ocx 2008-03-27 12:46 . 2007-07-03 01:29 118,784 --a------ C:\WINDOWS\system32\Msstdfmt.dll 2008-03-27 12:46 . 1998-06-24 01:00 118,064 --a------ C:\WINDOWS\system32\MSADODC.ocx 2008-03-27 12:46 . 2006-03-17 14:08 98,304 --a------ C:\WINDOWS\system32\Msdxm11.ocx 2008-03-26 20:28 . 2008-03-26 20:28 867 --a------ C:\WINDOWS\apac.ini 2008-03-26 19:37 . 2008-03-27 12:57 d-------- C:\Program Files\ACE Mega CoDecS Pack 2008-03-26 19:31 . 2000-08-23 17:00 33,280 --a------ C:\WINDOWS\system32\HUFFYUV.DLL 2008-03-26 16:40 . 2008-03-26 16:41 d-------- C:\Documents and Settings\Sofian.OUAHCHI\Application Data\Media Player Classic 2008-03-26 16:35 . 2008-03-27 14:53 d-------- C:\Program Files\VideoLAN 2008-03-26 14:35 . 2008-03-26 16:19 d-------- C:\Program Files\AviSynth 2.5 2008-03-26 14:22 . 2008-03-27 16:59 d-------- C:\Program Files\WinZix 2008-03-26 12:26 . 2001-09-28 13:00 88,064 --a------ C:\WINDOWS\system32\atkctr.dll 2008-03-25 20:54 . 2008-03-27 14:52 d-------- C:\Program Files\DivoCodec 2008-03-25 20:54 . 2008-03-27 14:52 d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\up hold blue delete 2008-03-25 20:52 . 2008-03-28 15:42 d-------- C:\Program Files\3wPlayer 2008-03-25 18:40 . 2001-09-28 13:00 88,064 --a------ C:\WINDOWS\system32\cmpbk3.dll 2008-03-25 17:31 . 2008-03-25 17:31 17,408 --a------ C:\psapi.dll 2008-03-24 18:04 . 2008-03-24 18:04 d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\Nokia 2008-03-23 10:52 . 2008-03-29 13:57 69 --a------ C:\WINDOWS\NeroDigital.ini 2008-03-23 09:23 . 2008-03-23 09:23 d-------- C:\Documents and Settings\Sofian.OUAHCHI\Application Data\Ahead 2008-03-23 09:19 . 2008-03-23 09:19 d-------- C:\Program Files\Nero 2008-03-23 09:19 . 2008-03-23 09:33 d-------- C:\Program Files\Fichiers communs\Ahead 2008-03-22 10:33 . 2008-03-22 10:33 d-------- C:\Program Files\VoipBuster.com 2008-03-22 10:33 . 2008-03-22 10:37 d-------- C:\Documents and Settings\Sofian.OUAHCHI\Application Data\VoipBuster 2008-03-16 16:36 . 2008-03-16 16:36 d-------- C:\Program Files\SlySoft 2008-03-16 10:22 . 2008-03-22 19:14 26 --a------ C:\WINDOWS\dvdSanta.INI 2008-03-16 10:06 . 2008-03-16 10:06 d-------- C:\TempDVD 2008-03-16 10:06 . 2008-03-22 19:05 d-------- C:\Program Files\dvdSanta 2008-03-16 10:06 . 2008-03-22 19:05 d-------- C:\dvdsanta 2008-03-16 10:06 . 2006-10-28 11:11 516,096 --a------ C:\WINDOWS\system32\ac3filter.ax 2008-03-16 10:06 . 2004-01-10 18:02 258,048 --a------ C:\WINDOWS\system32\GplMpgDec.ax 2008-03-16 10:06 . 2004-03-26 16:32 116,224 --a------ C:\WINDOWS\system32\rmalt.ax 2008-03-16 10:06 . 2004-04-30 21:46 28,672 --a------ C:\WINDOWS\system32\qtalt.ax 2008-03-15 22:32 . 2008-03-27 22:05 d-------- C:\Program Files\QuickTime Alternative 2008-03-15 22:32 . 2002-12-20 12:40 675,328 --a------ C:\WINDOWS\system32\ir50_32.qtx 2008-03-15 22:32 . 2004-10-27 13:01 360,504 --a------ C:\WINDOWS\system32\QTPlugin.ocx 2008-03-15 22:32 . 2004-01-12 17:57 86,016 --a------ C:\WINDOWS\system32\QuickTime.ax 2008-03-15 22:03 . 2008-03-15 22:32 d-------- C:\Program Files\Media Player Classic 2008-03-15 21:08 . 2008-03-15 21:08 d-------- C:\Program Files\WinAVI Video Converter 2008-03-14 23:07 . 2008-03-25 16:11 d-------- C:\Program Files\AdVantage 2008-03-14 23:06 . 2008-03-16 13:14 d-------- C:\Program Files\Webteh 2008-03-14 23:06 . 2008-03-16 13:36 d-------- C:\Documents and Settings\Sofian.OUAHCHI\Application Data\BSplayer Pro 2008-03-14 23:06 . 2008-03-21 16:27 d-------- C:\Documents and Settings\Sofian.OUAHCHI\Application Data\BSplayer 2008-03-14 22:58 . 2008-03-15 18:56 d-------- C:\Program Files\Gabest 2008-03-14 22:32 . 2008-03-15 09:23 d-------- C:\Documents and Settings\Sofian.OUAHCHI\Application Data\Pegasys Inc 2008-03-14 22:15 . 2008-03-26 16:37 d-------- C:\Program Files\ffdshow 2008-03-14 22:10 . 2008-03-14 22:41 d-------- C:\Program Files\DivX 2008-03-14 22:07 . 2008-03-14 22:07 d-------- C:\Documents and Settings\Sofian.OUAHCHI\Application Data\Apple Computer 2008-03-14 21:49 . 2001-09-28 13:00 88,064 --a------ C:\WINDOWS\system32\avica.dll 2008-03-14 21:47 . 2008-03-14 19:19 253,952 --a------ C:\WINDOWS\drnpfdxkfw.dll 2008-03-14 21:47 . 2008-03-14 19:19 241,664 --a------ C:\WINDOWS\altvxvm.dll 2008-03-14 21:47 . 2008-03-14 19:19 204,800 --a------ C:\WINDOWS\etlrlws.dll 2008-03-14 21:47 . 2008-03-14 19:19 94,208 --a------ C:\WINDOWS\fmsxwqs.exe 2008-03-14 21:47 . 2008-03-14 21:47 16,492 -r-hs---- C:\Program Files\tmp0.exe 2008-03-14 21:32 . 2008-03-14 21:32 d-------- C:\Program Files\Apple Software Update 2008-03-14 21:32 . 2008-03-14 21:32 d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\Apple 2008-03-14 21:16 . 2008-03-14 21:18 d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\Smith Micro 2008-03-04 19:03 . 2008-03-04 19:03 d-------- C:\Documents and Settings\Sofian.OUAHCHI\Application Data\BearShare 2008-03-01 13:26 . 2008-03-01 13:26 84 --a------ C:\WINDOWS\netdet.ini . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2008-03-29 18:39 --------- d---a-w C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP 2008-03-29 18:25 --------- d-----w C:\Documents and Settings\Sofian.OUAHCHI\Application Data\OpenOffice.org2 2008-03-29 14:08 1,449,472 ----a-w C:\WINDOWS\Internet Logs\xDB4.tmp 2008-03-29 14:08 1,127,424 ----a-w C:\WINDOWS\Internet Logs\xDB3.tmp 2008-03-29 12:45 --------- d-----w C:\Program Files\Mozilla Thunderbird 2008-03-29 12:36 --------- d-----w C:\Program Files\Messenger Plus! Live 2008-03-29 10:52 --------- d-----w C:\Documents and Settings\Sofian.OUAHCHI\Application Data\uTorrent 2008-03-29 10:50 --------- d-----w C:\Program Files\uTorrent 2008-03-28 21:19 1,435,136 ----a-w C:\WINDOWS\Internet Logs\xDB2.tmp 2008-03-27 21:16 1,365,504 ----a-w C:\WINDOWS\Internet Logs\xDB1.tmp 2008-03-27 12:40 --------- d-----w C:\Program Files\Common Files 2008-03-26 15:51 --------- d--h--w C:\Program Files\InstallShield Installation Information 2008-03-26 15:17 --------- d-----w C:\Program Files\Fichiers communs\InstallShield 2008-03-24 17:03 --------- d-----w C:\Program Files\Nokia 2008-03-24 17:03 --------- d-----w C:\Program Files\Fichiers communs\Nokia 2008-03-24 17:02 --------- d-----w C:\Documents and Settings\All Users.WINDOWS\Application Data\Installations 2008-03-23 10:15 --------- d-----w C:\Program Files\Google 2008-03-22 08:49 --------- d-----w C:\Documents and Settings\Sofian.OUAHCHI\Application Data\WebCallDirect 2008-03-13 22:11 1,086,952 ----a-w C:\WINDOWS\system32\zpeng24.dll 2008-03-06 19:59 --------- d-----w C:\Documents and Settings\Sofian.OUAHCHI\Application Data\Image Zone Express 2008-03-04 17:02 --------- d-----w C:\Program Files\Spyware Doctor 2008-02-26 19:21 --------- d-----w C:\Program Files\Real 2008-02-26 19:18 --------- d-----w C:\Program Files\Fichiers communs\AVSMedia 2008-02-26 19:18 --------- d-----w C:\Program Files\AVSMedia 2008-02-23 15:10 --------- d-----w C:\Documents and Settings\All Users.WINDOWS\Application Data\Lavasoft 2008-02-23 15:09 12,632 ----a-w C:\WINDOWS\system32\lsdelete.exe 2008-02-23 13:24 --------- d-----w C:\Program Files\Fichiers communs\Wise Installation Wizard 2008-02-23 10:09 --------- d-----w C:\Program Files\BearShare 2008-02-22 23:06 --------- d-----w C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy 2008-02-22 22:53 --------- d-----w C:\Program Files\Spybot - Search & Destroy 2008-02-22 20:17 --------- d-----w C:\Documents and Settings\Sofian.OUAHCHI\Application Data\PC Suite 2008-02-22 20:17 --------- d-----w C:\Documents and Settings\Sofian.OUAHCHI\Application Data\Nokia 2008-02-22 20:16 --------- d-----w C:\Documents and Settings\All Users.WINDOWS\Application Data\PC Suite 2008-02-22 20:15 --------- d-----w C:\Program Files\DIFX 2008-02-22 20:14 --------- d-----w C:\Program Files\Fichiers communs\PCSuite 2008-02-22 20:13 --------- d-----w C:\Program Files\PC Connectivity Solution 2008-02-22 20:03 --------- d-----w C:\Program Files\BearShare Applications 2008-02-21 02:03 156,992 ----a-w C:\WINDOWS\system32\DivXCodecVersionChecker.exe 2008-02-19 20:29 --------- d-----w C:\Program Files\WebcamMax 2008-02-15 20:49 46,147 ----a-w C:\WINDOWS\BricoPackUninst.cmd 2008-02-15 20:49 219,648 ----a-w C:\WINDOWS\system32\uxtheme.dll 2008-02-15 20:29 --------- d-----w C:\Program Files\RocketDock 2008-02-13 16:11 --------- d-----w C:\Program Files\AutoHotkey 2008-02-10 11:14 --------- d-----w C:\Program Files\Fichiers communs\PC Tools 2008-02-10 11:12 --------- d-----w C:\Documents and Settings\Sofian.OUAHCHI\Application Data\PC Tools 2008-02-10 11:12 --------- d-----w C:\Documents and Settings\All Users.WINDOWS\Application Data\PC Tools 2008-02-09 16:35 --------- d-----w C:\Documents and Settings\Sofian.OUAHCHI\Application Data\BitTorrent 2008-02-09 13:00 --------- d-----w C:\Documents and Settings\All Users.WINDOWS\Application Data\Kaspersky Lab Setup Files 2008-02-08 21:52 --------- d-----w C:\Program Files\MSXML 4.0 2008-02-08 17:31 --------- d-----w C:\Documents and Settings\Sofian.OUAHCHI\Application Data\HP 2008-02-08 13:28 --------- d-----w C:\Program Files\Mozilla Sunbird 2008-02-08 13:12 --------- d-----w C:\Documents and Settings\Sofian.OUAHCHI\Application Data\Thunderbird 2008-02-07 19:06 --------- d-----w C:\Program Files\OpenOffice.org 2.3 2008-02-07 12:27 --------- d-----w C:\Documents and Settings\All Users.WINDOWS\Application Data\HP 2008-02-06 20:45 --------- d-----w C:\Program Files\GameShadow 2008-02-06 14:15 98,304 ----a-w C:\WINDOWS\system32\CmdLineExt.dll 2008-02-05 21:59 --------- d-----w C:\Program Files\LClock 2008-02-04 18:39 --------- d-----w C:\Program Files\Java 2008-02-04 17:49 --------- d-----w C:\Documents and Settings\Sofian.OUAHCHI\Application Data\Styler 2008-02-04 17:32 --------- d-----w C:\Program Files\VisualTooltip 2008-02-04 17:32 --------- d-----w C:\Program Files\Vista Sidebar 2008-02-04 17:32 --------- d-----w C:\Program Files\Styler 2008-02-04 17:32 --------- d-----w C:\Documents and Settings\Sofian.OUAHCHI\Application Data\Stardock 2008-02-04 16:51 --------- d-----w C:\Documents and Settings\Sofian.OUAHCHI\Application Data\Talkback 2008-02-04 14:42 --------- d-----w C:\Program Files\Lavasoft 2008-02-04 14:31 --------- d-----w C:\Program Files\Quick View Plus 2008-02-04 14:31 --------- d-----w C:\Program Files\Fichiers communs\InstallShield Shared 2008-02-02 18:59 --------- d-----w C:\Documents and Settings\Sofian\Application Data\OpenOffice.org2 2008-02-01 22:58 --------- d-----w C:\Program Files\ESET 2007-12-27 10:00 77,824 ----a-w C:\Program Files\mozilla firefox\plugins\QVPLUG32.DLL . ((((((((((((((((((((((((((((((((( Point de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))) . . REGEDIT4 *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "H/PC Connection Agent"="C:\Program Files\Microsoft ActiveSync\Wcescomm.exe" [2006-11-13 18:34 1289000] "DU Meter"="C:\WINDOWS\system32\DUMeter.exe" [ ] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IMJPMIG8.1"="C:\WINDOWS\IME\imjp8_1\IMJPMIG.exe" [2004-08-03 21:32 208952] "PHIME2002ASync"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe" [2004-08-03 21:32 455168] "PHIME2002A"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe" [2004-08-03 21:32 455168] "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-05-11 04:06 40048] "avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-12-04 15:00 79224] "IgfxTray"="C:\WINDOWS\system32\igfxtray.exe" [2004-02-10 11:55 155648] "HotKeysCmds"="C:\WINDOWS\system32\hkcmd.exe" [2004-02-10 11:51 118784] "LClock"="C:\Program Files\LClock\LClock.exe" [2004-09-20 01:27 65536] "Vista Sidebar"="C:\Program Files\Vista Sidebar\sidebar.exe" [2006-12-25 08:14 6083072] "VisualTooltip"="C:\Program Files\VisualTooltip\VisualToolTip.exe" [2006-10-06 09:21 942080] "Styler"="C:\Program Files\Styler\Styler.exe" [2006-05-03 10:48 307200] "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 01:11 132496] "Ad-Watch"="C:\Program Files\Lavasoft\Ad-Aware 2007\Ad-Watch2007.exe" [2007-08-28 18:03 4579328] "HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [2005-05-12 00:12 49152] "MSPY2002"="C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe" [2004-08-03 21:31 59392] "SoundMan"="SOUNDMAN.EXE" [2004-02-26 17:53 65024 C:\WINDOWS\SOUNDMAN.EXE] "WebcamMaxMoniter"="C:\Program Files\WebcamMax\CAMTHINS.exe" [2006-07-20 14:25 73728] "TkBellExe"="C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" [2008-02-26 20:20 185896] "CloneCDTray"="C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe" [2005-05-19 14:47 57344] "NeroFilterCheck"="C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe" [2006-01-12 16:40 155648] "ZoneAlarm Client"="C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" [2008-03-13 23:11 919016] "QuickTime Task"="C:\Program Files\QuickTime Alternative\QTTask.exe" [2008-01-31 23:13 385024] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-19 15:09 15360] "Nokia.PCSync"="C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" [2007-11-07 17:35 1294336] C:\Documents and Settings\Administrateur\Menu D‚marrer\Programmes\D‚marrage\ OpenOffice.org 2.3 .lnk - C:\Program Files\OpenOffice.org 2.3\program\quickstart.exe [2007-08-17 21:57:56 393216] C:\Documents and Settings\Sofian\Menu D‚marrer\Programmes\D‚marrage\ OpenOffice.org 2.3 .lnk - C:\Program Files\OpenOffice.org 2.3\program\quickstart.exe [2007-08-17 21:57:56 393216] C:\Documents and Settings\Sofian.OUAHCHI\Menu D‚marrer\Programmes\D‚marrage\ OpenOffice.org 2.3 .lnk - C:\Program Files\OpenOffice.org 2.3\program\quickstart.exe [2007-08-17 21:57:56 393216] C:\Documents and Settings\All Users.WINDOWS\Menu D‚marrer\Programmes\D‚marrage\ HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [2005-05-12 00:23:26 282624] [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ZoneLabsFirewall] "DisableMonitoring"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "C:\\Program Files\\uTorrent\\uTorrent.exe"= "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"= "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"= "C:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"= "C:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"= "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"= "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"= "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"= "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"= "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"= "C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"= "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"= "C:\\Documents and Settings\\All Users.WINDOWS\\Application Data\\Kaspersky Lab Setup Files\\Kaspersky Anti-Virus 7.0.1.321\\English\\setup.exe"= "C:\\Program Files\\WebCallDirect.com\\WebCallDirect\\WebCallDirect.exe"= "C:\\Program Files\\BearShare Applications\\BearShare\\BearShare.exe"= "C:\\WINDOWS\\system32\\dpvsetup.exe"= "C:\\WINDOWS\\system32\\rundll32.exe"= "C:\\Program Files\\Messenger\\msmsgs.exe"= "C:\\Program Files\\VoipBuster.com\\VoipBuster\\VoipBuster.exe"= "C:\\Program Files\\Fichiers communs\\Nokia\\Service Layer\\A\\nsl_host_process.exe"= "C:\\Program Files\\Nokia\\Nokia Software Updater\\nsu_ui_client.exe"= "C:\\WINDOWS\\system32\\ZoneLabs\\vsmon.exe"= "C:\Program Files\Microsoft ActiveSync\rapimgr.exe"= C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"= C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager "C:\Program Files\Microsoft ActiveSync\WCESMgr.exe"= C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application "C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"= [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service R1 pctfw2;pctfw2;C:\WINDOWS\system32\drivers\pctfw2.sys [2007-12-10 14:53] R2 CamthWDM;WebcamMax, WDM Video Capture;C:\WINDOWS\system32\DRIVERS\CamthWDM.sys [2006-07-03 07:39] . Contenu du dossier 'Scheduled Tasks/Tâches planifiées' "2008-03-14 20:32:15 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job" - C:\Program Files\Apple Software Update\SoftwareUpdate.exe . ************************************************************************** catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-03-29 19:48:31 Windows 5.1.2600 Service Pack 2 NTFS Balayage processus cachés ... Balayage caché autostart entries ... Balayage des fichiers cachés ... Scan terminé avec succès Les fichiers cachés: 0 ************************************************************************** . Temps d'accomplissement: 2008-03-29 19:49:51 ComboFix-quarantined-files.txt 2008-03-29 18:49:32 Pre-Run: 9,531,273,216 octets libres Post-Run: 9,518,280,704 octets libres . 2008-03-29 14:07:59 --- E O F ---