Voilà. je n'ai pas pu scanner avec antivir en mode sans echec mais j'ai réussi à faire combofix et voici ce qu'il me dit :
ComboFix 08-05-09.1 - Licorne 2008-05-12 11:50:33.3 - NTFSx86 MINIMAL
Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.315 [GMT 2:00]
Endroit: C:\Documents and Settings\Licorne\Mes documents\Downloads\ComboFix.exe
[color=red][b]AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !!/b/color
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
---- Previous Run -------
.
C:\WINDOWS\system32\stera.log
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Legacy_FOPN
-------\Legacy_VSPF
-------\Legacy_VSPF_HK
((((((((((((((((((((((((((((( Fichiers créés 2008-04-12 to 2008-05-12 ))))))))))))))))))))))))))))))))))))
.
2008-05-12 11:43 . 268,435,456 C:\WINDOWS\system32\temppf.sys
2008-05-12 10:42 . 2008-05-12 10:42 54,156 --ah-c--- C:\WINDOWS\QTFont.qfn
2008-05-12 10:42 . 2008-05-12 10:42 1,409 --a--c--- C:\WINDOWS\QTFont.for
2008-05-12 09:31 . 2008-05-12 09:31 <REP> d----c--- C:\Program Files\Avira
2008-05-12 09:31 . 2008-05-12 09:31 <REP> d----c--- C:\Documents and Settings\All Users\Application Data\Avira
2008-05-11 15:40 . 2008-05-11 15:40 35,623,805 --a--c--- C:\WINDOWS\VPTNFILE.269
2008-05-11 15:38 . 2008-05-11 15:40 <REP> d----c--- C:\WINDOWS\AU_Temp
2008-05-11 10:03 . 2008-05-11 10:03 <REP> d----c--- C:\Program Files\Sun
2008-05-08 21:29 . 2008-05-11 19:33 90,112 --a------ C:\WINDOWS\DUMP7658.tmp
2008-05-04 09:46 . 2008-05-04 09:46 35,276,121 --a--c--- C:\WINDOWS\VPTNFILE.253
2008-05-03 19:40 . 2008-05-03 19:40 <REP> d----c--- C:\Documents and Settings\LocalService\Bureau
2008-05-03 14:01 . 2008-05-03 14:01 <REP> d----c--- C:\WINDOWS\system32\FxsTmp
2008-05-03 13:57 . 2008-05-03 13:57 <REP> d--h-c--- C:\Documents and Settings\Administrateur\Voisinage d'impression
2008-05-03 13:57 . 2008-05-03 13:57 <REP> dr---c--- C:\Documents and Settings\Administrateur\Menu Démarrer
2008-05-03 13:57 . 2008-05-03 13:57 <REP> d----c--- C:\Documents and Settings\Administrateur\Bureau
2008-04-28 11:38 . 2008-04-29 10:14 1,374 --a--c--- C:\WINDOWS\imsins.BAK
2008-04-26 09:15 . 2008-04-26 09:13 691,545 --a--c--- C:\WINDOWS\unins000.exe
2008-04-26 09:15 . 2005-03-11 19:42 59,392 --a--c--- C:\WINDOWS\isxdl.dll
2008-04-26 09:15 . 2008-04-26 09:15 2,557 --a--c--- C:\WINDOWS\unins000.dat
2008-04-23 13:28 . 2008-05-03 13:57 <REP> d----c--- C:\Program Files\a-squared Free
2008-04-23 12:20 . 2008-05-03 13:55 <REP> d--h-c--- C:\Documents and Settings\Administrateur\Modèles
2008-04-23 12:20 . 2008-05-03 13:55 <REP> d----c--- C:\Documents and Settings\Administrateur
2008-04-23 12:20 . 2008-05-12 11:43 1,024 --ah----- C:\Documents and Settings\Administrateur\ntuser.dat.LOG
2008-04-23 12:10 . 2007-01-18 14:00 3,968 --a--c--- C:\WINDOWS\system32\drivers\AvgArCln.sys
2008-04-21 13:48 . 2008-04-21 13:48 <REP> d----c--- C:\Program Files\FNet
2008-04-21 13:48 . 2008-04-21 13:48 <REP> d----c--- C:\Documents and Settings\All Users\Application Data\FNetOTB
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-05-12 08:45 --------- dc----w C:\Documents and Settings\Licorne\Application Data\Free Download Manager
2008-05-11 13:40 91,744 -c--a-w C:\WINDOWS\BPMNT.dll
2008-05-11 13:40 1,213,784 -c--a-w C:\WINDOWS\vsapi32.dll
2008-05-11 08:38 162,816 -c--a-w C:\WINDOWS\Internet Logs\xDB2E.tmp
2008-05-11 08:08 10,240 -csha-w C:\Program Files\Thumbs.db
2008-05-11 08:01 --------- dc----w C:\Program Files\Java
2008-05-10 19:25 --------- dc----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-05-10 17:22 --------- dc----w C:\Program Files\Spybot - Search & Destroy
2008-05-04 07:47 71,749 -c--a-w C:\WINDOWS\hcextoutput.dll
2008-05-04 07:47 333,576 -c--a-w C:\WINDOWS\tsc.exe
2008-05-03 11:58 --------- dc----w C:\Program Files\Macrogaming
2008-04-30 19:29 --------- dc----w C:\Program Files\Calendrier
2008-04-28 15:25 --------- dc----w C:\Program Files\Free Download Manager
2008-04-28 11:31 69,632 -c--a-w C:\WINDOWS\Internet Logs\xDB2C.tmp
2008-04-28 11:07 4,569,600 -c--a-w C:\WINDOWS\Internet Logs\xDB2D.tmp
2008-04-28 09:36 --------- dc----w C:\Program Files\EquiSoins1.4
2008-04-22 16:49 294,912 -c--a-w C:\WINDOWS\Internet Logs\xDB2B.tmp
2008-04-22 14:41 69,689 -c--a-w C:\WINDOWS\UNZIP.DLL
2008-04-22 14:41 507,904 -c--a-w C:\WINDOWS\TMUPDATE.DLL
2008-04-22 14:41 286,720 -c--a-w C:\WINDOWS\PATCH.EXE
2008-04-13 10:48 --------- dc----w C:\Program Files\DivX
2008-03-31 21:25 831,488 -c--a-w C:\WINDOWS\system32\divx_xx0a.dll
2008-03-31 21:25 823,296 -c--a-w C:\WINDOWS\system32\divx_xx0c.dll
2008-03-31 21:25 823,296 -c--a-w C:\WINDOWS\system32\divx_xx07.dll
2008-03-31 21:25 802,816 -c--a-w C:\WINDOWS\system32\divx_xx11.dll
2008-03-31 21:25 682,496 -c--a-w C:\WINDOWS\system32\DivX.dll
2008-03-31 21:25 161,096 -c--a-w C:\WINDOWS\system32\DivXCodecVersionChecker.exe
2008-03-31 12:16 --------- dc----w C:\Program Files\TransBar
2008-03-26 13:08 --------- dc----w C:\Program Files\Microsoft ActiveSync
2008-03-26 13:04 --------- dc----w C:\Program Files\IGN
2008-03-21 20:30 524,288 -c--a-w C:\WINDOWS\system32\DivXsm.exe
2008-03-21 20:30 3,596,288 -c--a-w C:\WINDOWS\system32\qt-dx331.dll
2008-03-21 20:30 200,704 -c--a-w C:\WINDOWS\system32\ssldivx.dll
2008-03-21 20:30 1,044,480 -c--a-w C:\WINDOWS\system32\libdivx.dll
2008-03-21 20:28 81,920 -c--a-w C:\WINDOWS\system32\dpl100.dll
2008-03-21 20:28 593,920 -c--a-w C:\WINDOWS\system32\dpuGUI11.dll
2008-03-21 20:28 57,344 -c--a-w C:\WINDOWS\system32\dpv11.dll
2008-03-21 20:28 53,248 -c--a-w C:\WINDOWS\system32\dpuGUI10.dll
2008-03-21 20:28 344,064 -c--a-w C:\WINDOWS\system32\dpus11.dll
2008-03-21 20:28 294,912 -c--a-w C:\WINDOWS\system32\dpu11.dll
2008-03-21 20:28 294,912 -c--a-w C:\WINDOWS\system32\dpu10.dll
2008-03-21 20:28 196,608 -c--a-w C:\WINDOWS\system32\dtu100.dll
2008-03-21 20:28 12,288 -c--a-w C:\WINDOWS\system32\DivXWMPExtType.dll
2008-03-20 08:09 1,845,376 -c--a-w C:\WINDOWS\system32\win32k.sys
2008-03-12 18:17 --------- dc----w C:\Documents and Settings\Licorne\Application Data\Calendrier Xtra
2008-03-12 17:49 --------- dc----w C:\Program Files\DivXMachine II
2008-03-11 12:34 87,552 -c--a-w C:\WINDOWS\Internet Logs\xDB2A.tmp
2008-03-07 16:25 839,168 -c--a-w C:\WINDOWS\Internet Logs\xDB29.tmp
2008-03-01 12:58 826,368 -c--a-w C:\WINDOWS\system32\wininet.dll
2008-02-29 11:13 23,809,932 -c--a-w C:\WINDOWS\Internet Logs\vsmon_on_demand_2008_02_29_03_58_12_full.dmp.zip
2008-02-20 06:51 282,624 -c--a-w C:\WINDOWS\system32\gdi32.dll
2008-02-20 05:35 45,568 -c--a-w C:\WINDOWS\system32\dnsrslvr.dll
2006-03-23 18:11 1,228 -c--a-w C:\Program Files\INSTALL.LOG
2002-08-27 16:40 55,313 -c--a-w C:\Program Files\viewsonicinstruct_xp.pdf
2001-11-23 04:08 712,704 -c--a-w C:\WINDOWS\inf\OTHER\AUDIO3D.DLL
2004-07-03 19:09 140,800 -c--a-w C:\Program Files\mozilla firefox\plugins\al2np.dll
2006-05-06 16:42 7,260,160 -c--a-w C:\Program Files\mozilla firefox\plugins\libvlc.dll
2006-06-21 09:21 56 -csh--r C:\WINDOWS\system32\C6CA6E5026.sys
2007-01-10 11:09 13,146 -csha-w C:\WINDOWS\system32\KGyGaAvL.sys
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-20 01:09 15360]
"Convertisseur Euro"="D:\euro.exe" [ ]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe" [2005-10-28 17:25 94208]
"MsnMsgr"="C:\Program Files\MSN Messenger\MsnMsgr.exe" [2007-01-19 12:55 5674352]
"BitTorrent"="C:\Program Files\BitTorrent\bittorrent.exe" [ ]
"Free Download Manager"="C:\Program Files\Free Download Manager\fdm.exe" [2006-04-29 11:22 1990703]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-06-25 22:03 68856]
"OrangePlayer"="c:\program files\orange\player orange\Orange Player.exe" [2007-05-09 04:55 45056]
"Cld2000.exe"="C:\Program Files\Calendrier\Cld2000.exe" [2007-10-29 21:59 3082752]
"H/PC Connection Agent"="C:\Program Files\Microsoft ActiveSync\wcescomm.exe" [2006-06-26 22:45 1211176]
"SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [2008-01-28 11:43 2097488]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Cmaudio"="cmicnfg.cpl" []
"Vade Retro Outlook Express"="C:\PROGRA~1\GOTOSO~1\VADERE~1\Vaderetro_oe.exe" [2006-02-16 16:46 295936]
"Vaderetro Outlook"="C:\PROGRA~1\GOTOSO~1\VADERE~1\VrMoRegister.exe" [2006-07-22 12:59 44544]
"NeroFilterCheck"="C:\WINDOWS\System32\NeroCheck.exe" [2001-07-09 11:50 155648]
"TkBellExe"="C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" [2007-01-03 20:46 185896]
"USB2Check"="C:\WINDOWS\system32\PCLECoInst.dll" [2005-12-21 11:14 73728]
"ZoneAlarm Client"="C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" [2007-03-09 01:02 919280]
"Windows Defender"="C:\Program Files\Windows Defender\MSASCui.exe" [2006-11-03 18:20 866584]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 04:25 144784]
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2007-12-11 11:56 286720]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2007-12-11 13:10 267048]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 23:16 39792]
"OTB"="C:\Program Files\FNet\OTB\OTB.exe" [2007-08-15 09:03 544768]
"avgnt"="C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-02-12 10:06 262401]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2004-08-20 01:09 15360]
"DWQueuedReporting"="c:\PROGRA~1\FICHIE~1\MICROS~1\DW\dwtrig20.exe" [2007-03-13 15:38 39264]
C:\Documents and Settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
Activer l'ensemble clavier et souris sans fil Labtec.lnk - C:\Program Files\Ensemble clavier et souris sans fil Labtec\MagicKey.exe [2006-01-15 19:07:13 258048]
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office\OSA9.EXE [1999-02-18 06:05:56 65588]
Sagem - Utilitaire r‚seau pour Cl‚ USB Wi-Fi 802.11g.lnk - C:\Program Files\SAGEM Wi-Fi USB 802.11g\WLANUTL.exe [2006-02-25 10:57:43 679936]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"UIHost"="TopThemesLogonUI.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"vidc.fvfw"= ffvfw.dll
"msacm.avis"= ffvfw.dll
"VIDC.ACDV"= ACDV.dll
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ZoneLabsFirewall]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\Messenger\\msmsgs.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
"C:\\Program Files\\MSN Messenger\\livecall.exe"=
"C:\\Program Files\\iTunes\\iTunes.exe"=
"C:\Program Files\Microsoft ActiveSync\rapimgr.exe"= C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager
"C:\Program Files\Microsoft ActiveSync\wcescomm.exe"= C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager
"C:\Program Files\Microsoft ActiveSync\WCESMgr.exe"= C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service
R1 FNetDevi;FNetDevi;C:\Program Files\FNet\OTB\FNetDevi.sys [2007-02-28 16:28]
R1 kbfilter;Keyboard Filter Driver;C:\WINDOWS\system32\drivers\kbfilter.sys [2003-03-27 14:55]
R1 moufiltr;Mouse Filter Driver;C:\WINDOWS\system32\drivers\moufiltr.sys [2003-01-23 15:29]
S3 DTVFW;LITE-ON DVB-T USB adapter firmware;C:\WINDOWS\system32\DRIVERS\dtvfw.sys [2005-05-12 12:16]
S3 PentaxUsb;PENTAX Optio E10 on USB;C:\WINDOWS\system32\DRIVERS\CoachUsb.sys [2004-11-24 14:34]
S3 PentaxVc;PENTAX Optio E10 Video Capture;C:\WINDOWS\system32\DRIVERS\CoachVc.sys [2004-11-24 14:36]
S3 usbdtv;LITE-ON DVB-T (PID=F001) receiver;C:\WINDOWS\system32\Drivers\usbdtv.sys [2005-06-07 11:37]
S3 WlanUIG;Sagem 802.11g Wireless LAN USB Adapter Driver;C:\WINDOWS\system32\DRIVERS\WlanUIG.sys [2004-09-03 00:18]
.
Contenu du dossier 'Scheduled Tasks/Tâches planifiées'
"2008-05-12 09:47:26 C:\WINDOWS\Tasks\MP Scheduled Scan.job"
- C:\Program Files\Windows Defender\MpCmdRun.exe
.
**************************************************************************
catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-05-12 11:54:27
Windows 5.1.2600 Service Pack 2 NTFS
Balayage processus cachés ...
Balayage caché autostart entries ...
Balayage des fichiers cachés ...
Scan terminé avec succès
Les fichiers cachés: 0
**************************************************************************
.
Temps d'accomplissement: 2008-05-12 12:00:53
ComboFix-quarantined-files.txt 2008-05-12 10:00:17
Pre-Run: 83,479,523,840 octets libres
Post-Run: 83,472,073,728 octets libres
197 --- E O F --- 2008-05-10 16:03:14
qu'est ce qu'il se passe ?
qu'est ce que je dois supprimer ?
merci à tous pour votre aide
Lili
"support déconnecté" "reconnecter le cable reseau"
