Demande aide rapport hitjackies

oui sans probleme ccm.exe

Voici le rapport
VundoFix V7.0.6

Scan started at 21:49:35 22/07/2008

Listing files found while scanning....

No infected files were found.


Beginning removal...

VundoFix V7.0.6

Scan started at 22:12:10 22/07/2008

Listing files found while scanning....

No infected files were found.


Beginning removal...

Cela voudrais ire qu'il n'y a plus rien>> le scan a indique qu'il n'y avait pas d'infection >>aucun dossier je n'ai supprimé et le pc ne s'est pas éteint !!je vais le rédemarrer tout de meme>>

* Après avoir cliqué "YES", le Bureau disparaîtra un moment lors de la suppression des fichiers. * Une nouvelle invite de commande annoncera que le PC devra s'éteindre ("shutdown"). Cliquer sur OK , puis laisser le redémarrer.
cecine s'est pas produit
* Le contenu du rapport est situé dans C:\vundofix.txt, poste le stp

A++

Winny et merci pour tout
Qui peux le + peux le -
 

a demain
Winny

hello
Green Day es tu la?
je suis de retour
tu penses quoi de mon log Malwaresbytes ??

Salut
en mode sans echec ou normal

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:55:41, on 23/07/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\vphc700.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Philips\SPC 700NC PC Camera\TrayMin.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsDeviceConnect.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\system32\spupdsvc.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spnpinst.exe
C:\WINDOWS\system32\Sysocmgr.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.orange.fr/portail
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://home.sweetim.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: LF3_BHO Class - {43D29D14-460E-4F3A-9037-E60F11EF12F0} - C:\WINDOWS\system32\LightFrame3IECOM.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [phc700] C:\WINDOWS\vphc700.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Policies\Explorer\Run: [NT Printing Services] ftps.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: TrayMin.lnk = ?
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: (no name) - Cmdmapping - (no file) (HKCU)
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} (ewidoOnlineScan Control) - http://download.ewido.net/ewidoOnlineScan.cab
O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://cid-6a34920cb09b87ed.spaces.live.com/PhotoUpload/MsnPUpld.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{D765C2EE-1343-45FB-B63F-B3A189F55F9A}: NameServer = 192.168.1.1
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Adobe Active File Monitor (AdobeActiveFileMonitor) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG Firewall (AVGFwSrv) - Unknown owner - C:\PROGRA~1\Grisoft\AVG7\avgfwsrv.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: PACSPTISVR - Unknown owner - C:\Program Files\Fichiers communs\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Photoshop Elements Device Connect (PhotoshopElementsDeviceConnect) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsDeviceConnect.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe

Hi
et la d'apres le rapport que vois tu ?
est que je dois appuyer sur la touche fix maintenant
je n'ai pas refermer hitjackies

hi
Salut je suis de retour mais j'ai un probleme dans SDFIX
je ne trouve pas run this .cmd
a l'aide --
Winny et merci pour tout
Qui peux le + peux le -
 

Hi
quand je glisse le fichier texte sur combofix
le programme demande si je veux l'executer > c normal??
--et je n'est pas option qui s'affiche !!
Winny et merci pour tout
Qui peux le + peux le -
 

Alors le voila ComboFix 08-07-21.2 - Claude 2008-07-24 21:10:36.3 - NTFSx86
Endroit: C:\Documents and Settings\Claude\Bureau\ComboFix.exe
Command switches used :: C:\Documents and Settings\Claude\Bureau\CFScript.txt
* Création d'un nouveau point de restauration

[color=red][b]AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !![/b][/color]

FILE ::
C:\Documents and Settings\Claude\2026.bat
C:\temp\lsenpR3.exe
C:\temp\zpv201
C:\WINDOWS\system32\aumsDK18
C:\WINDOWS\system32\aumsDK18\aumsDK18­2328.exe
C:\WINDOWS\system32\BP3
C:\WINDOWS\system32\circ
C:\WINDOWS\system32\ind
C:\WINDOWS\system32\rar.exe
C:\WINDOWS\system32\shel
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Documents and Settings\Claude\2026.bat
C:\temp\lsenpR3.exe
C:\WINDOWS\system32\rar.exe

.
((((((((((((((((((((((((((((( Fichiers créés 2008-06-24 to 2008-07-24 ))))))))))))))))))))))))))))))))))))
.

2009-07-16 19:10 . 2004-08-30 21:00 1,069,056 --a------ C:\WINDOWS\system32\gpedits.exe
2009-07-16 19:10 . 2009-07-16 19:10 52,224 --a------ C:\WINDOWS\system32\ftps.exe
2009-07-16 19:10 . 2009-07-16 19:10 7,680 --a------ C:\WINDOWS\system32\chkdskss.exe
2009-07-16 19:10 . 2009-07-16 19:10 7,680 --a------ C:\WINDOWS\system32\chkdsks.exe
2009-07-16 19:10 . 2008-07-24 19:33 157 --a------ C:\WINDOWS\system32\Monitored3.dat
2008-07-24 19:44 . 2008-07-24 19:45 <REP> d-------- C:\WINDOWS\ERUNT
2008-07-24 19:18 . 2008-07-24 19:56 <REP> d-------- C:\Program Files\SDFix
2008-07-24 19:14 . 2008-07-24 01:27 <REP> d-------- C:\SDFix
2008-07-23 20:55 . 2008-07-23 20:57 <REP> d-------- C:\Program Files\SpywareBlaster
2008-07-22 21:49 . 2008-07-22 21:49 <REP> d-------- C:\VundoFix Backups
2008-07-22 20:30 . 2008-07-22 20:30 <REP> d-------- C:\Program Files\Trend Micro
2008-07-20 19:53 . 2008-07-20 20:21 38,472 --a------ C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2008-07-17 21:28 . 2008-07-17 21:28 <REP> d-------- C:\Program Files\Fichiers communs\Wise Installation Wizard
2008-07-17 20:24 . 2008-07-21 21:40 <REP> d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-07-17 20:24 . 2008-07-17 20:24 <REP> d-------- C:\Documents and Settings\Claude\Application Data\Malwarebytes
2008-07-17 20:24 . 2008-07-17 20:24 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-07-17 20:24 . 2008-07-20 20:21 17,144 --a------ C:\WINDOWS\system32\drivers\mbam.sys
2008-07-17 19:04 . 2008-07-17 19:04 <REP> d-------- C:\WINDOWS\system32\shel
2008-07-17 19:04 . 2008-07-17 19:04 <REP> d-------- C:\WINDOWS\system32\ind
2008-07-17 19:04 . 2008-07-17 19:04 <REP> d-------- C:\WINDOWS\system32\circ
2008-07-17 19:04 . 2008-07-17 19:04 <REP> d-------- C:\WINDOWS\system32\BP3
2008-07-17 19:03 . 2008-07-17 19:03 <REP> d-------- C:\WINDOWS\system32\aumsDK18
2008-07-17 19:03 . 2008-07-17 19:03 <REP> d-------- C:\temp\zpv201
2008-07-16 19:09 . 2008-07-22 21:16 <REP> d-a------ C:\Documents and Settings\All Users\Application Data\TEMP
2008-07-16 04:49 . 2008-07-16 04:49 32,768 --a------ C:\WINDOWS\system32\aumsDK18\aumsDK182328.exe

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-07-20 17:22 --------- d-----w C:\Program Files\eMule
2008-07-20 17:08 --------- d-----w C:\Program Files\Yahoo!
2008-07-19 17:15 --------- d-----w C:\Documents and Settings\Claude\Application Data\LimeWire
2008-07-19 11:10 --------- d-----w C:\Documents and Settings\Claude\Application Data\AVG7
2008-07-17 20:46 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-07-17 20:02 --------- d-----w C:\Program Files\QuickTime
2008-07-17 20:00 --------- d-----w C:\Documents and Settings\Claude\Application Data\Skype
2008-07-17 19:28 --------- d-----w C:\Program Files\Lavasoft
2008-07-17 19:27 --------- d-----w C:\Documents and Settings\All Users\Application Data\Lavasoft
2008-07-12 07:05 --------- d-----w C:\Program Files\Spybot - Search & Destroy
2008-07-12 06:39 --------- d-----w C:\Program Files\Java
2008-06-20 17:41 247,808 ----a-w C:\WINDOWS\system32\mswsock.dll
2008-06-20 10:45 360,320 ----a-w C:\WINDOWS\system32\drivers\tcpip.sys
2008-06-20 10:44 138,368 ----a-w C:\WINDOWS\system32\drivers\afd.sys
2008-06-20 09:52 225,920 ----a-w C:\WINDOWS\system32\drivers\tcpip6.sys
2008-06-19 19:26 --------- d-----w C:\Program Files\Windows Media Connect 2
2008-06-19 05:37 --------- d-----w C:\Documents and Settings\Claude\Application Data\U3
2008-06-18 19:26 --------- d-----w C:\Program Files\Fichiers communs\Adobe
2008-06-18 19:25 --------- d-----w C:\Documents and Settings\Claude\Application Data\AdobeUM
2008-06-18 19:19 --------- d-----w C:\Program Files\Sony
2008-06-18 18:58 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-06-18 18:58 --------- d-----w C:\Program Files\Fichiers communs\Sony Shared
2008-06-18 18:55 --------- d-----w C:\Program Files\Common Files
2008-06-14 17:59 272,768 ------w C:\WINDOWS\system32\drivers\bthport.sys
2008-06-13 19:20 --------- d-----w C:\Program Files\Elaborate Bytes
2008-06-13 19:19 --------- d-----w C:\Program Files\SlySoft
2008-06-13 18:44 --------- d-----w C:\Documents and Settings\All Users\Application Data\SlySoft
2008-06-08 16:25 --------- d-----w C:\Program Files\DivX
2008-06-07 15:47 --------- d-----w C:\Program Files\ATI Technologies
2008-06-07 15:44 --------- d-----w C:\Documents and Settings\Claude\Application Data\InterTrust
2008-05-31 16:19 --------- d-----w C:\Program Files\Blitzkrieg Rolling Thunder
2008-05-31 16:08 --------- d-----w C:\Program Files\Blitzkrieg Burning Horizon
2008-05-31 16:00 43,520 ----a-w C:\WINDOWS\system32\CmdLineExt03.dll
2008-05-30 23:22 823,296 ----a-w C:\WINDOWS\system32\divx_xx0c.dll
2008-05-30 23:22 823,296 ----a-w C:\WINDOWS\system32\divx_xx07.dll
2008-05-30 23:22 815,104 ----a-w C:\WINDOWS\system32\divx_xx0a.dll
2008-05-30 23:22 802,816 ----a-w C:\WINDOWS\system32\divx_xx11.dll
2008-05-30 23:22 683,520 ----a-w C:\WINDOWS\system32\DivX.dll
2008-05-30 23:22 593,920 ----a-w C:\WINDOWS\system32\dpuGUI11.dll
2008-05-30 23:22 57,344 ----a-w C:\WINDOWS\system32\dpv11.dll
2008-05-30 23:22 53,248 ----a-w C:\WINDOWS\system32\dpuGUI10.dll
2008-05-30 23:22 344,064 ----a-w C:\WINDOWS\system32\dpus11.dll
2008-05-30 23:22 294,912 ----a-w C:\WINDOWS\system32\dpu11.dll
2008-05-30 23:22 294,912 ----a-w C:\WINDOWS\system32\dpu10.dll
2008-05-29 16:15 --------- d-----w C:\Documents and Settings\Claude\Application Data\TaoUSign
2008-05-25 16:42 --------- d-----w C:\Program Files\LimeWire
2008-05-22 22:22 524,288 ----a-w C:\WINDOWS\system32\DivXsm.exe
2008-05-22 22:22 3,596,288 ----a-w C:\WINDOWS\system32\qt-dx331.dll
2008-05-22 22:20 200,704 ----a-w C:\WINDOWS\system32\ssldivx.dll
2008-05-22 22:20 1,044,480 ----a-w C:\WINDOWS\system32\libdivx.dll
2008-05-22 22:19 81,920 ----a-w C:\WINDOWS\system32\dpl100.dll
2008-05-22 22:19 196,608 ----a-w C:\WINDOWS\system32\dtu100.dll
2008-05-22 22:19 161,096 ----a-w C:\WINDOWS\system32\DivXCodecVersionChecker.exe
2008-05-22 22:18 12,288 ----a-w C:\WINDOWS\system32\DivXWMPExtType.dll
2008-05-16 09:58 12,632 ----a-w C:\WINDOWS\system32\lsdelete.exe
2008-05-07 05:15 1,293,824 ----a-w C:\WINDOWS\system32\quartz.dll
2002-03-25 15:33 42,496 -c----w C:\Program Files\whatsnew.doc
2002-02-08 12:16 147,456 -c----w C:\Program Files\hpmmKbd.ex_
2002-02-08 12:09 147,456 -c----w C:\Program Files\hphlpkbd.ex_
2002-02-04 15:20 6,672 -c----w C:\Program Files\HPExtKbd.inf
2002-02-04 14:49 49,152 -c----w C:\Program Files\hpmsgled.dl_
2002-02-04 14:49 49,152 -c----w C:\Program Files\hpmapild.dl_
2001-03-28 11:02 122,880 -c--a-w C:\WINDOWS\inf\Agfa\message.exe
2000-06-29 08:05 442,368 -c----w C:\Program Files\hpkbdext.dl_
2000-02-23 17:31 3,961 -c----w C:\Program Files\hpkbduni.dat
1999-09-29 07:40 15,924 -c----w C:\Program Files\hpmmkbd.sy_
1999-06-09 12:22 10,169 -c----w C:\Program Files\hpkbdko.hl_
1999-06-09 12:01 10,038 -c----w C:\Program Files\hpkbdja.hl_
1999-06-09 11:42 9,874 -c----w C:\Program Files\hpkbdta.hl_
1999-06-09 11:22 9,946 -c----w C:\Program Files\hpkbdsw.hl_
1999-06-09 11:21 10,645 -c----w C:\Program Files\hpkbdru.hl_
1999-06-09 11:21 10,172 -c----w C:\Program Files\hpkbdpo.hl_
1999-06-09 11:21 10,137 -c----w C:\Program Files\hpkbdsp.hl_
1999-06-09 11:11 10,269 -c----w C:\Program Files\hpkbdge.hl_
1999-06-09 11:11 10,184 -c----w C:\Program Files\hpkbdit.hl_
1999-06-09 11:11 10,012 -c----w C:\Program Files\hpkbdno.hl_
1999-06-09 11:06 10,210 -c----w C:\Program Files\hpkbdfr.hl_
1999-06-09 11:05 10,131 -c----w C:\Program Files\hpkbddu.hl_
1999-06-09 11:05 10,097 -c----w C:\Program Files\hpkbdfi.hl_
1999-06-09 11:05 10,000 -c----w C:\Program Files\hpkbden.hl_
1999-06-09 10:57 10,316 -c----w C:\Program Files\hpkbdch.hl_
1999-06-09 10:46 9,904 -c----w C:\Program Files\hpkbdda.hl_
2005-05-29 19:53 56 -csh--r C:\WINDOWS\system32\6B585B661A.sys
2005-06-21 06:01 56 -csh--r C:\WINDOWS\system32\B2AE98CBE1.sys
.

((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2004-10-13 18:24 1694208]
"msnmsgr"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [2007-10-18 12:34 5724184]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-20 01:09 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 11:50 155648]
"AVG7_CC"="C:\PROGRA~1\Grisoft\AVG7\avgcc.exe" [2008-04-21 18:48 579584]
"phc700"="C:\WINDOWS\vphc700.exe" [2005-02-14 16:26 339968]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 04:27 144784]
"ATIPTA"="C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2003-06-05 12:35 335872]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2004-08-20 01:09 15360]
"AVG7_Run"="C:\PROGRA~1\Grisoft\AVG7\avgw.exe" [2007-10-31 21:20 219136]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"msacm.g723"= g723.acm
"vidc.xvid"= xvid.dll
"VIDC.ACDV"= ACDV.dll

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\Messenger\\msmsgs.exe"=
"C:\\Program Files\\Yahoo!\\Messenger\\YServer.exe"=
"C:\\Program Files\\Yahoo!\\Messenger\\YPager.exe"=
"C:\\Program Files\\Nival Interactive\\Blitzkrieg\\Run\\Game.exe"=
"C:\\WINDOWS\\system32\\rtcshare.exe"=
"C:\\Program Files\\NetMeeting\\conf.exe"=
"C:\\WINDOWS\\system32\\svchost.exe"=
"C:\\Program Files\\Grisoft\\AVG7\\avginet.exe"=
"C:\\Program Files\\Mio DigiWalker\\Mio Transfer.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"C:\\Program Files\\Blitzkrieg Rolling Thunder\\Run\\game.exe"=
"C:\\Program Files\\LimeWire\\LimeWire.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"4662:TCP"= 4662:TCP:emule_TCP
"4672:UDP"= 4672:UDP:emule_UDP
"10742:TCP"= 10742:TCP:limewire_TCP
"10742:UDP"= 10742:UDP:limewire_UDP

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\G]
\Shell\AutoRun\command - G:\LaunchU3.exe -a

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{795a3294-3b05-11dd-98c6-000c6effb399}]
\Shell\AutoRun\command - G:\LaunchU3.exe -a
.
Contenu du dossier 'Scheduled Tasks/Tâches planifiées'
"2009-07-16 17:10:21 C:\WINDOWS\Tasks\User_Feed_Synchronization-{6085727B-26DE-4166-A0BD-C2DAF19C9494}.job"
- C:\WINDOWS\system32\msfeedssync.exe
.
**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-07-24 21:12:59
Windows 5.1.2600 Service Pack 2 NTFS

Balayage processus cachés ...

Balayage caché autostart entries ...

Balayage des fichiers cachés ...

Scan terminé avec succès
Les fichiers cachés: 0

**************************************************************************
.
Temps d'accomplissement: 2008-07-24 21:15:39
ComboFix-quarantined-files.txt 2008-07-24 19:15:22
ComboFix2.txt 2008-07-23 17:31:10
ComboFix3.txt 2008-07-22 19:32:44

Pre-Run: 34,269,966,336 octets libres
Post-Run: 34,277,486,592 octets libres

207 --- E O F --- 2008-07-18 16:59:26