Au secours ,je ne peu plus accèder a mon antivirus!

Bonjour,

Télécharge Malwarebytes' Anti-Malware (MBAM) sur ton Bureau.

Double-clique sur le fichier téléchargé pour lancer le processus d'installation.

Dans l'onglet Mise à jour, clique sur le bouton Recherche de mise à jour : si le pare-feu demande l'autorisation à MBAM de se connecter à Internet, accepte.

Une fois la mise à jour terminée, rends-toi dans l'onglet Recherche.

Sélectionne Exécuter un examen rapide.

Clique sur Rechercher. L'analyse démarre.

A la fin de l'analyse, un message s'affiche :

Citation :

L'examen s'est terminé normalement. Cliquez sur 'Afficher les résultats' pour afficher tous les objets trouvés.

Clique sur OK pour poursuivre. Si MBAM n'a rien trouvé, il te le dira aussi.

Ferme tes navigateurs.

Si des malwares ont été détectés, clique sur Afficher les résultats.

Sélectionne tout (ou laisse coché) et clique sur Supprimer la sélection, MBAM va détruire les fichiers et clés de registre infectés et en mettre une copie dans la quarantaine.

MBAM va ouvrir le Bloc-notes et y copier le rapport d'analyse. Copie-colle ce rapport dans ta prochaine réponse.

J'ai finalement réussi à l'installer mais pas a le faire fonctionner, le processus apparait mbam.exe mais rien n'apparait sur mon écran.

[#ff0000]/!\ Désactive tes protections résidentes (Antivirus, etc...) /!\[/#f]

Télécharge ComboFix ([#ff0000]sUBs[/#f]) sur ton Bureau.

Double-clique sur ComboFix.exe (le .exe n'est pas forcément visible) afin de le lancer.

Il va te demander d'installer la console de récupération : accepte.

Lorsque la recherche sera terminée, un rapport apparaîtra. Poste ce rapport (C:\Combofix.txt) dans ta prochaine réponse.

Pour t'aider : Un guide et un tutoriel sur l'utilisation de ComboFix

Si ComboFix ne se lance pas, renomme-le en KillRootkit puis relance-le.

et si il ne se lance toujours pas?
et puis a tu une idée de ce que c,est que ca C:\32788R22FWJFW? surtout ce fichier Kill-All.cmd

Télécharge Gmer sur ton Bureau.

Extrais l'archive (Clic droit > Extraire) puis renomme gmer.exe en IDN.exe (Le .exe n'est pas forcément visible).

Double-clique sur IDN.exe.

Onglet "Rootkit/Malware", clique sur "Scan" puis patiente.

En fin de traitement, clique sur "Save..." et enregistre sur ton Bureau "gmer.txt".

Double-clique sur "gmer.txt", le rapport apparaît, poste-le.

Bon, alors finalement combofix a fonctionné voici le rapport

ComboFix 10-01-12.04 - xp cocoon sp2 2010-01-13 7:35.2.1 - x86
Microsoft Windows XP Professionnel 5.1.2600.3.1252.33.1036.18.1023.564 [GMT -5:00]
Lancé depuis: c:\documents and settings\xp cocoon sp2\Bureau\ComboFix.exe
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
---- Exécution préalable -------
.
c:\data\cmdline.cfg
c:\program files\INSTALL.LOG
c:\windows\system32\drivers\H8SRTqlrmlkhyiq.sys
c:\windows\system32\H8SRTarndybrtrp.dat
c:\windows\system32\H8SRTbhwqbuvrfv.dll
c:\windows\system32\h8srtkrl32mainweq.dll
c:\windows\system32\H8SRTsgalxrqaim.dll
c:\windows\system32\h8srtshsyst.dll
c:\windows\system32\H8SRTutptxjxfnq.dll
c:\windows\system32\H8SRTvykcnrmobm.dll
c:\windows\system32\meeg32i.dll
c:\windows\system32\SIntf16.dll

.
((((((((((((((((((((((((((((((((((((((( Pilotes/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Service_H8SRTd.sys
-------\Legacy_H8SRTd.sys
-------\Legacy_APPLE_MOBILE_DEVICE
-------\Service_Apple Mobile Device


((((((((((((((((((((((((((((( Fichiers créés du 2009-12-13 au 2010-01-13 ))))))))))))))))))))))))))))))))))))
.

2010-01-13 12:11 . 2010-01-13 12:33 -------- d-----w- C:\KillRootkit
2010-01-13 03:44 . 2010-01-13 03:44 5919 ----a-w- c:\documents and settings\All Users\Application Data\SecTaskMan\icn_A8FEF78679584b0438C292E73A3F8571.dll
2010-01-13 02:35 . 2010-01-13 02:35 -------- d-----w- c:\documents and settings\xp cocoon sp2\Application Data\Videotron
2010-01-13 02:35 . 2010-01-13 02:35 -------- d-----w- c:\documents and settings\All Users\Application Data\Radialpoint
2010-01-13 02:35 . 2010-01-13 02:35 -------- d-----w- c:\documents and settings\All Users\Application Data\Videotron
2010-01-11 21:24 . 2010-01-11 22:05 -------- d-----w- c:\documents and settings\xp cocoon sp2\Local Settings\Application Data\xldqga
2010-01-09 15:55 . 2010-01-09 15:55 -------- d-----w- C:\VundoFix Backups
2010-01-09 01:20 . 2010-01-09 01:20 -------- d-----w- c:\documents and settings\xp cocoon sp2\Application Data\Malwarebytes
2010-01-09 01:20 . 2010-01-09 01:20 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2009-12-30 19:39 . 2009-12-30 19:39 -------- d-----w- c:\documents and settings\xp cocoon sp2\Application Data\Logitech
2009-12-30 19:39 . 2009-12-30 19:39 53248 ----a-r- c:\documents and settings\xp cocoon sp2\Application Data\Microsoft\Installer\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}\ARPPRODUCTICON.exe
2009-12-30 19:34 . 2008-01-09 17:26 301656 ----a-w- c:\windows\system32\BtCoreIf.dll
2009-12-30 19:34 . 2008-01-09 17:28 76304 ----a-w- c:\windows\system32\KemXML.dll
2009-12-30 19:34 . 2008-01-09 17:28 117264 ----a-w- c:\windows\system32\KemWnd.dll
2009-12-30 19:34 . 2008-01-09 17:28 141840 ----a-w- c:\windows\system32\KemUtil.dll
2009-12-30 19:34 . 2008-01-09 17:27 170512 ----a-w- c:\windows\system32\kemutb.dll
2009-12-30 19:34 . 2009-12-30 19:34 -------- d-----w- c:\documents and settings\All Users\Application Data\Logitech
2009-12-30 19:33 . 2009-12-30 19:35 -------- d-----w- c:\program files\Fichiers communs\Logishrd
2009-12-30 19:33 . 2009-12-30 19:33 -------- d-----w- c:\program files\Logitech
2009-12-30 19:33 . 2009-12-30 19:33 -------- d-----w- c:\documents and settings\All Users\Application Data\LogiShrd
2009-12-28 18:50 . 2009-12-28 18:51 60696384 ----a-w- c:\documents and settings\All Users\Application Data\Sony Corporation\AutoUpdateClient\CT\ContentTransferSetup.exe
2009-12-28 18:50 . 2009-12-28 18:50 -------- d-----w- c:\documents and settings\All Users\Application Data\Sony Corporation
2009-12-28 18:50 . 2009-12-28 18:50 -------- d-----w- c:\documents and settings\xp cocoon sp2\Application Data\Sony Corporation
2009-12-28 18:49 . 2009-12-28 18:49 -------- d-----w- c:\program files\Fichiers communs\Sony Shared
2009-12-28 18:47 . 2009-12-28 18:55 -------- d-----w- c:\documents and settings\xp cocoon sp2\Local Settings\Application Data\Downloaded Installations
2009-12-28 18:44 . 2009-12-28 18:49 -------- d-----w- c:\program files\Sony
2009-12-23 20:53 . 2009-12-23 20:53 -------- d-----w- c:\documents and settings\xp cocoon sp2\Application Data\VirtualStore

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-01-13 12:33 . 2008-11-10 01:18 -------- d-----w- c:\program files\DNA
2010-01-13 12:33 . 2008-11-10 01:18 -------- d-----w- c:\documents and settings\xp cocoon sp2\Application Data\DNA
2010-01-13 12:32 . 2008-01-26 21:21 -------- d-----w- c:\program files\lg_fwupdate
2010-01-13 12:06 . 2008-11-29 23:18 -------- d-----w- c:\program files\ma-config.com
2010-01-13 12:06 . 2008-11-29 23:18 -------- d-----w- c:\documents and settings\All Users\Application Data\ma-config.com
2010-01-13 05:44 . 2008-02-13 13:39 44239 ----a-w- C:\sound32.dll
2010-01-13 03:55 . 2010-01-13 03:44 -------- d-----w- c:\program files\Security Task Manager
2010-01-13 03:54 . 2010-01-13 03:44 -------- d-----w- c:\documents and settings\All Users\Application Data\SecTaskMan
2010-01-13 03:44 . 2010-01-13 03:44 424 ----a-w- c:\documents and settings\All Users\Application Data\SecTaskMan\icn_9FF96681EF8Ca704F9076E4798B6D14B.dll
2010-01-12 22:04 . 2008-02-25 21:26 -------- d-----w- c:\documents and settings\xp cocoon sp2\Application Data\uTorrent
2010-01-07 00:27 . 2008-10-26 22:31 -------- d-----w- c:\program files\Druide
2010-01-04 01:57 . 2008-07-14 15:27 -------- d-----w- c:\documents and settings\xp cocoon sp2\Application Data\ZoomBrowser EX
2010-01-04 01:57 . 2008-07-14 15:29 -------- d-----w- c:\documents and settings\xp cocoon sp2\Application Data\CameraWindowDC
2009-12-30 19:39 . 2009-07-29 21:28 -------- d-----w- c:\program files\common files
2009-12-30 19:36 . 2009-12-30 19:36 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_LMouFilt_01005.Wdf
2009-12-30 19:36 . 2009-12-30 19:36 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_LHidFilt_01005.Wdf
2009-12-30 19:36 . 2009-12-30 19:36 0 ---ha-w- c:\windows\system32\drivers\MsftWdf_Kernel_01005_Coinstaller_Critical.Wdf
2009-12-30 19:33 . 2008-01-26 21:18 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-12-30 19:30 . 2009-10-25 00:59 -------- d-----w- c:\documents and settings\xp cocoon sp2\Application Data\vlc
2009-12-27 22:59 . 2008-01-26 21:21 16384 ----a-w- c:\windows\system32\lgfwunis.exe
2009-12-26 17:14 . 2008-01-26 20:57 -------- d-----w- c:\documents and settings\xp cocoon sp2\Application Data\AdobeUM
2009-12-18 22:34 . 2008-02-03 23:31 -------- d-----w- c:\documents and settings\xp cocoon sp2\Application Data\Apple Computer
2009-12-14 00:58 . 2008-05-11 02:46 -------- d-----w- c:\program files\Microsoft Games
2009-12-13 18:33 . 2009-12-13 18:00 -------- d-----w- c:\documents and settings\xp cocoon sp2\Application Data\Mount&Blade
2009-12-12 21:21 . 2009-12-12 21:21 138240 ----a-w- c:\documents and settings\xp cocoon sp2\Application Data\SystemRequirementsLab\SRLProxy_srl_4_1_14_0_d.dll
2009-12-12 21:21 . 2009-12-12 21:21 138240 ----a-w- c:\documents and settings\xp cocoon sp2\Application Data\SystemRequirementsLab\SRLProxy_srl_4_1_14_0_c.dll
2009-12-12 21:21 . 2009-12-12 21:21 138240 ----a-w- c:\documents and settings\xp cocoon sp2\Application Data\SystemRequirementsLab\SRLProxy_srl_4_1_14_0_b.dll
2009-12-12 21:21 . 2009-12-12 21:21 138240 ----a-w- c:\documents and settings\xp cocoon sp2\Application Data\SystemRequirementsLab\SRLProxy_srl_4_1_14_0_a.dll
2009-12-12 21:21 . 2009-12-12 21:21 -------- d-----w- c:\documents and settings\xp cocoon sp2\Application Data\SystemRequirementsLab
2009-12-10 17:28 . 2001-08-28 14:00 86074 ----a-w- c:\windows\system32\perfc00C.dat
2009-12-10 17:28 . 2001-08-28 14:00 513046 ----a-w- c:\windows\system32\perfh00C.dat
2009-12-09 23:17 . 2009-12-09 23:17 249856 ------w- c:\windows\Setup1.exe
2009-12-09 23:17 . 2009-12-09 23:17 73216 ----a-w- c:\windows\ST6UNST.EXE
2009-12-09 21:51 . 2009-04-10 22:15 43520 ----a-w- c:\windows\system32\CmdLineExt03.dll
2009-12-09 21:49 . 2008-03-14 13:08 21840 ----atw- c:\windows\system32\SIntfNT.dll
2009-12-09 21:49 . 2008-03-14 13:08 17212 ----atw- c:\windows\system32\SIntf32.dll
2009-12-07 01:12 . 2009-12-07 01:12 -------- d-----w- c:\program files\Sector69
2009-12-03 01:25 . 2008-09-22 00:39 98304 ----a-w- c:\windows\system32CmdLineExt.dll
2009-12-02 03:00 . 2008-01-26 21:35 88 ----a-w- c:\windows\dun.bat
2009-11-28 15:52 . 2009-08-01 22:52 -------- d-----w- c:\documents and settings\All Users\Application Data\NOS
2009-11-28 05:19 . 2009-11-28 05:19 -------- d-----w- c:\program files\NovaLogic
2009-11-27 04:12 . 2009-11-27 04:12 -------- d-----w- c:\documents and settings\All Users\Application Data\ATI
2009-11-27 04:08 . 2008-07-02 15:13 -------- d-----w- c:\program files\ATI Technologies
2009-11-27 03:56 . 2008-07-02 15:24 -------- d-----w- c:\documents and settings\xp cocoon sp2\Application Data\ATI
2009-11-25 02:26 . 2008-09-09 23:31 -------- d-----w- c:\documents and settings\xp cocoon sp2\Application Data\HP
2009-11-25 02:26 . 2008-09-09 23:13 -------- d-----w- c:\documents and settings\All Users\Application Data\HP
2009-11-21 15:59 . 2010-01-12 21:38 1206508 ----a-w- c:\windows\AppPatch\SET66.tmp
2009-11-21 15:58 . 2010-01-12 21:38 471552 ----a-w- c:\windows\AppPatch\SET67.tmp
2009-11-21 15:58 . 2004-08-19 16:09 471552 ----a-w- c:\windows\AppPatch\aclayers.dll
2009-11-20 01:20 . 2009-11-20 01:20 -------- d-----w- c:\documents and settings\xp cocoon sp2\Application Data\SEGA
2009-11-18 22:25 . 2009-11-18 22:25 -------- d-----w- c:\program files\Alwil Software
2009-11-18 22:14 . 2008-01-27 16:02 -------- d-----w- c:\program files\Fichiers communs\Symantec Shared
2009-11-16 21:03 . 2008-07-19 21:33 -------- d-----w- c:\program files\Spybot - Search & Destroy
2009-11-08 17:20 . 2009-11-08 17:20 82888 ----a-w- c:\windows\system32\GDIPFONTCACHEV1.DAT
2009-11-02 19:39 . 2009-11-02 19:39 79144 ----a-w- c:\documents and settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 9.0.2.25\SetupAdmin.exe
2009-10-29 07:42 . 2006-05-10 07:24 916480 ----a-w- c:\windows\system32\wininet.dll
2009-10-21 05:39 . 2004-08-19 16:09 75776 ----a-w- c:\windows\system32\strmfilt.dll
2009-10-21 05:39 . 2004-08-19 16:09 25088 ----a-w- c:\windows\system32\httpapi.dll
2009-10-20 16:20 . 2006-06-20 22:03 265728 ----a-w- c:\windows\system32\drivers\http.sys
2009-10-15 16:32 . 2006-06-20 22:13 81920 ----a-w- c:\windows\system32\fontsub.dll
2009-10-15 16:32 . 2006-06-20 22:13 119808 ----a-w- c:\windows\system32\t2embed.dll
2004-07-22 15:51 . 2004-07-22 15:51 3432656 ----a-w- c:\program files\ManagedDX.CAB
2004-07-20 03:58 . 2004-07-20 03:58 1156363 ----a-w- c:\program files\BDANT.cab
2004-07-20 03:53 . 2004-07-20 03:53 976020 ----a-w- c:\program files\BDAXP.cab
2004-07-09 19:17 . 2004-07-09 19:17 13265040 ----a-w- c:\program files\dxnt.cab
2004-07-09 14:13 . 2004-07-09 14:13 15493481 ----a-w- c:\program files\DirectX.cab
2004-07-09 14:13 . 2004-07-09 14:13 703080 ----a-w- c:\program files\BDA.cab
2004-07-09 09:08 . 2004-07-09 09:08 472576 ----a-w- c:\program files\dxsetup.exe
2004-07-09 09:08 . 2004-07-09 09:08 2242560 ----a-w- c:\program files\dsetup32.dll
2004-07-09 08:03 . 2004-07-09 08:03 62976 ----a-w- c:\program files\DSETUP.dll
2003-12-18 15:33 . 2009-04-03 01:58 20102 ----a-w- c:\program files\Readme.txt
2003-09-03 11:46 . 2009-04-03 01:58 10960 ----a-w- c:\program files\EULA.txt
2009-05-01 21:02 . 2009-05-01 21:02 1044480 ----a-w- c:\program files\mozilla firefox\plugins\libdivx.dll
2009-05-01 21:02 . 2009-05-01 21:02 200704 ----a-w- c:\program files\mozilla firefox\plugins\ssldivx.dll
.

((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-03-09 68856]
"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-07-26 3883856]
"Gestionnaire Antidote.exe"="c:\program files\Druide\Antidote\Gestionnaire Antidote.exe" [2007-09-24 533944]
"BitTorrent DNA"="c:\program files\DNA\btdna.exe" [2009-12-14 323392]
"combo"="c:\documents and settings\xp cocoon sp2\Bureau\ComboFix.exe" [2010-01-13 3821782]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"Shockwave Updater"="c:\windows\system32\Adobe\Shockwave 11\SwHelper_1150595.exe" [2009-03-19 460216]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"tofepuzeri"="C:\" [X]
"RemoteControl"="c:\program files\CyberLink\PowerDVD\PDVDServ.exe" [2006-11-23 56928]
"LanguageShortcut"="c:\program files\CyberLink\PowerDVD\Language\Language.exe" [2006-12-06 54832]
"LGODDFU"="c:\program files\lg_fwupdate\fwupdate.exe" [2009-12-27 557056]
"NeroFilterCheck"="c:\program files\Fichiers communs\Ahead\Lib\NeroCheck.exe" [2006-01-12 155648]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2007-10-15 49152]
"hpqSRMon"="c:\program files\HP\Digital Imaging\bin\hpqSRMon.exe" [2007-08-22 80896]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2009-09-05 417792]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-10-29 141600]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-09-30 61440]
"ContentTransferWMDetector.exe"="c:\program files\Sony\Content Transfer\ContentTransferWMDetector.exe" [2009-11-19 583016]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

c:\documents and settings\xp cocoon sp2\Menu D‚marrer\Programmes\D‚marrage\
Logitech . Enregistrement du produit.lnk - c:\program files\common files\LogiShrd\eReg\Common\eReg.exe [2009-4-8 517384]

c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2008-3-25 214360]
Lancement rapide d'Adobe Reader.lnk - c:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2008-4-23 29696]
Logitech SetPoint.lnk - c:\program files\Logitech\SetPoint\SetPoint.exe [2009-12-30 789008]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"SynchronousMachineGroupPolicy"= 0 (0x0)
"SynchronousUserGroupPolicy"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoSimpleStartMenu"= 0 (0x0)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoStrCmpLogical"= 1 (0x1)
"NoResolveTrack"= 0 (0x0)
"NoSMMyPictures"= 0 (0x0)
"MaxRecentDocs"= 15 (0xf)
"MemCheckBoxInRunDlg"= 1 (0x1)
"NoSMBalloonTip"= 0 (0x0)
"DisallowCpl"= 1 (0x1)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LBTWlgn]
2008-01-09 17:30 72208 ----a-w- c:\program files\Fichiers communs\Logishrd\Bluetooth\LBTWLgn.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SymEFA.sys]
@=""

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup]
@=""

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Messenger\\Msmsgs.exe"=
"c:\\WINDOWS\\pchealth\\helpctr\\binaries\\helpctr.exe"=
"d:\\freespace2\\FS2.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\java.exe"=
"d:\\freespace2\\fs2_open_3_6_10.exe"=
"c:\\Program Files\\DNA\\btdna.exe"=

S3 cpuz130;cpuz130;\??\c:\docume~1\XPCOCO~1\LOCALS~1\Temp\cpuz130\cpuz_x32.sys --> c:\docume~1\XPCOCO~1\LOCALS~1\Temp\cpuz130\cpuz_x32.sys [?]
S3 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [2007-11-06 34064]
S4 FVDSCSI;FVDSCSI;c:\windows\system32\DRIVERS\fvdscsi.sys --> c:\windows\system32\DRIVERS\fvdscsi.sys [?]
S4 sptd;sptd;c:\windows\system32\drivers\sptd.sys [2008-03-16 717296]
S4 XDva092;XDva092;\??\c:\windows\system32\XDva092.sys --> c:\windows\system32\XDva092.sys [?]
S4 XDva093;XDva093;\??\c:\windows\system32\XDva093.sys --> c:\windows\system32\XDva093.sys [?]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
Contenu du dossier 'Tâches planifiées'

2010-01-09 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 16:34]

2010-01-13 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-682003330-1958367476-1417001333-1003Core.job
- c:\documents and settings\xp cocoon sp2\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2009-12-02 03:11]

2010-01-13 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-682003330-1958367476-1417001333-1003UA.job
- c:\documents and settings\xp cocoon sp2\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2009-12-02 03:11]

2010-01-09 c:\windows\Tasks\OGALogon.job
- c:\windows\system32\OGAEXEC.exe [2009-08-03 19:07]

2009-12-01 c:\windows\Tasks\WGASetup.job
- c:\windows\system32\KB905474\wgasetup.exe [2009-05-06 02:18]
.
.
------- Examen supplémentaire -------
.
uStart Page = hxxp://www.google.ca/
uSearchURL,(Default) = hxxp://www.google.fr/search?q=%s
Handler: intu-ir2008 - {729D3592-92E7-4cbc-8E44-3C22B3F457B3} - c:\program files\ImpotRapide 2008\ic2008pp.dll
DPF: {C49134CC-B5EF-458C-A442-E8DFE7B4645F} - hxxp://www.yoyogames.com/downloads/activex/YoYo.cab
DPF: {F8C5C0F1-D884-43EB-A5A0-9E1C4A102FA8} - hxxps://secure.gopetslive.com/dev/GoPetsWeb.cab
FF - ProfilePath - c:\documents and settings\xp cocoon sp2\Application Data\Mozilla\Firefox\Profiles\jep3bt63.default\
FF - prefs.js: browser.startup.homepage - www.google.ca
FF - plugin: c:\documents and settings\xp cocoon sp2\Local Settings\Application Data\Google\Update\1.2.183.13\npGoogleOneClick8.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
.
- - - - ORPHELINS SUPPRIMES - - - -

BHO-{EB5CEE80-030A-4ED8-8E20-454E9C68380F} - (no file)
Notify-c001E0C2 - (no file)
AddRemove-HijackThis - c:\documents and settings\xp cocoon sp2\Local Settings\Temporary Internet Files\Content.IE5\AYBJJFRG\HijackThis.exe



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-01-13 07:41
Windows 5.1.2600 Service Pack 3 NTFS

Recherche de processus cachés ...

Recherche d'éléments en démarrage automatique cachés ...

Recherche de fichiers cachés ...

Scan terminé avec succès
Fichiers cachés: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet010\Services\ASFWHide]
"ImagePath"="\??\c:\docume~1\XPCOCO~1\LOCALS~1\Temp\ASFWHide"
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------

[HKEY_USERS\S-1-5-21-682003330-1958367476-1417001333-1003\Software\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)

[HKEY_USERS\S-1-5-21-682003330-1958367476-1417001333-1003\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:38,35,5c,80,22,96,ff,3e,d8,14,ca,53,93,a9,73,88,ae,6c,b6,90,f2,4b,ba,
ee,ef,a5,6b,f1,f4,9c,8c,3e,a8,24,11,b4,2a,f7,f5,7e,ac,7a,85,9c,11,7e,ec,8b,\
"??"=hex:8f,38,87,ab,37,16,a3,70,d8,a4,e5,27,7f,89,e7,4f

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\Ø•€|ÿÿÿÿ•€|é•9~*]
"C040110900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL"
.
--------------------- DLLs chargées dans les processus actifs ---------------------

- - - - - - - > 'winlogon.exe'(608)
c:\windows\system32\Ati2evxx.dll
c:\program files\fichiers communs\logishrd\bluetooth\LBTWlgn.dll
c:\program files\fichiers communs\logishrd\bluetooth\LBTServ.dll

- - - - - - - > 'explorer.exe'(2560)
c:\program files\Logitech\SetPoint\lgscroll.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
c:\windows\system32\eappprxy.dll
.
Heure de fin: 2010-01-13 07:44:17
ComboFix-quarantined-files.txt 2010-01-13 12:44

Avant-CF: 9 007 165 440 octets libres
Après-CF: 8 963 629 056 octets libres

Current=10 Default=10 Failed=9 LastKnownGood=11 Sets=,1,2,3,4,5,6,7,8,9,10,11
- - End Of File - - 5F1CAC643C50E007463B1AA9AD97EFA5

Tu peux faire un scan avec Malwarebytes' Anti-Malware.

voici le log

Malwarebytes' Anti-Malware 1.44
Version de la base de données: 3556
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

2010-01-13 16:44:32
mbam-log-2010-01-13 (16-44-32).txt

Type de recherche: Examen rapide
Eléments examinés: 111894
Temps écoulé: 5 minute(s), 3 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 0

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
(Aucun élément nuisible détecté)


mes navigateurs fonctionnent toujorus moyennement malgré tout.

/!\ Seul vincenth13 peut suivre cette procédure /!\

Désactive toute protection résidente (Antivirus...) !

---> Copie (CTRL+C) le texte se situant dans le cadre ci-dessous :


---> Ouvre le Bloc-notes : Démarrer > Tous les programmes > Accessoires > Bloc-notes.

- Colle (CTRL+V) le texte dans le Bloc-notes.
- Enregistre ce fichier dans : Bureau
- Nom du fichier : CFScript
- Type du fichier : tous les fichiers !!
- Clique sur Enregistrer.
- Quitte le Bloc-notes.

---> Fais un glisser/déposer de ce fichier CFScript sur le fichier ComboFix.exe comme sur la capture :

Cela va relancer Combofix : au message qui apparaît, accepte.

Patiente le temps du scan. Le Bureau va disparaître à plusieurs reprises : c'est normal !

Ne touche à rien tant que le scan n'est pas terminé.

Une fois le scan achevé, un rapport va s'afficher, copie/colle son contenu sur le forum.

Si le fichier ne s'ouvre pas, il se trouve ici : C:\ComboFix.txt

 

et voici le rapport


ComboFix 10-01-14.02 - xp cocoon sp2 2010-01-14 22:04:04.6.1 - x86
Microsoft Windows XP Professionnel 5.1.2600.3.1252.33.1036.18.1023.471 [GMT -5:00]
Lancé depuis: c:\documents and settings\xp cocoon sp2\Bureau\ComboFix.exe
Commutateurs utilisés :: c:\documents and settings\xp cocoon sp2\Bureau\CFScript.txt
AV: AntiVir Desktop *On-access scanning disabled* (Updated) {AD166499-45F9-482A-A743-FDD3350758C7}

FILE ::
"c:\windows\system32\XDva092.sys"
"c:\windows\system32\XDva093.sys"
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

.
((((((((((((((((((((((((((((((((((((((( Pilotes/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_XDVA092
-------\Legacy_XDVA093
-------\Service_XDva092
-------\Service_XDva093


((((((((((((((((((((((((((((( Fichiers créés du 2009-12-15 au 2010-01-15 ))))))))))))))))))))))))))))))))))))
.

2010-01-14 21:25 . 2010-01-14 21:34 -------- d-----w- C:\KillRootkit964K
2010-01-14 21:11 . 2010-01-14 21:22 -------- d-----w- C:\KillRootkit22398K
2010-01-13 22:21 . 2010-01-13 22:21 -------- d-----w- c:\documents and settings\Default User\Local Settings\Application Data\Adobe
2010-01-13 22:00 . 2010-01-13 22:00 -------- d-----w- c:\windows\LastGood.Tmp
2010-01-13 22:00 . 2009-11-25 16:19 56816 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2010-01-13 22:00 . 2009-03-30 14:32 96104 ----a-w- c:\windows\system32\drivers\avipbb.sys
2010-01-13 22:00 . 2009-02-13 16:28 22360 ----a-w- c:\windows\system32\drivers\avgntmgr.sys
2010-01-13 22:00 . 2009-02-13 16:17 45416 ----a-w- c:\windows\system32\drivers\avgntdd.sys
2010-01-13 22:00 . 2010-01-13 22:00 -------- d-----w- c:\program files\Avira
2010-01-13 22:00 . 2010-01-13 22:00 -------- d-----w- c:\documents and settings\All Users\Application Data\Avira
2010-01-13 21:38 . 2010-01-07 21:07 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-01-13 21:38 . 2010-01-13 21:38 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-01-13 21:38 . 2010-01-07 21:07 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-01-13 21:26 . 2010-01-13 21:36 -------- d-----w- C:\KillRootkit19389K
2010-01-13 12:11 . 2010-01-13 12:33 -------- d-----w- C:\KillRootkit
2010-01-13 03:44 . 2010-01-13 03:44 5919 ----a-w- c:\documents and settings\All Users\Application Data\SecTaskMan\icn_A8FEF78679584b0438C292E73A3F8571.dll
2010-01-13 02:35 . 2010-01-13 02:35 -------- d-----w- c:\documents and settings\xp cocoon sp2\Application Data\Videotron
2010-01-13 02:35 . 2010-01-13 02:35 -------- d-----w- c:\documents and settings\All Users\Application Data\Radialpoint
2010-01-13 02:35 . 2010-01-13 02:35 -------- d-----w- c:\documents and settings\All Users\Application Data\Videotron
2010-01-11 21:24 . 2010-01-11 22:05 -------- d-----w- c:\documents and settings\xp cocoon sp2\Local Settings\Application Data\xldqga
2010-01-09 15:55 . 2010-01-09 15:55 -------- d-----w- C:\VundoFix Backups
2010-01-09 01:20 . 2010-01-09 01:20 -------- d-----w- c:\documents and settings\xp cocoon sp2\Application Data\Malwarebytes
2010-01-09 01:20 . 2010-01-09 01:20 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2009-12-30 19:39 . 2009-12-30 19:39 -------- d-----w- c:\documents and settings\xp cocoon sp2\Application Data\Logitech
2009-12-30 19:39 . 2009-12-30 19:39 53248 ----a-r- c:\documents and settings\xp cocoon sp2\Application Data\Microsoft\Installer\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}\ARPPRODUCTICON.exe
2009-12-30 19:34 . 2008-01-09 17:26 301656 ----a-w- c:\windows\system32\BtCoreIf.dll
2009-12-30 19:34 . 2008-01-09 17:28 76304 ----a-w- c:\windows\system32\KemXML.dll
2009-12-30 19:34 . 2008-01-09 17:28 117264 ----a-w- c:\windows\system32\KemWnd.dll
2009-12-30 19:34 . 2008-01-09 17:28 141840 ----a-w- c:\windows\system32\KemUtil.dll
2009-12-30 19:34 . 2008-01-09 17:27 170512 ----a-w- c:\windows\system32\kemutb.dll
2009-12-30 19:34 . 2009-12-30 19:34 -------- d-----w- c:\documents and settings\All Users\Application Data\Logitech
2009-12-30 19:33 . 2009-12-30 19:35 -------- d-----w- c:\program files\Fichiers communs\Logishrd
2009-12-30 19:33 . 2009-12-30 19:33 -------- d-----w- c:\program files\Logitech
2009-12-30 19:33 . 2009-12-30 19:33 -------- d-----w- c:\documents and settings\All Users\Application Data\LogiShrd
2009-12-28 18:50 . 2009-12-28 18:51 60696384 ----a-w- c:\documents and settings\All Users\Application Data\Sony Corporation\AutoUpdateClient\CT\ContentTransferSetup.exe
2009-12-28 18:50 . 2009-12-28 18:50 -------- d-----w- c:\documents and settings\All Users\Application Data\Sony Corporation
2009-12-28 18:50 . 2009-12-28 18:50 -------- d-----w- c:\documents and settings\xp cocoon sp2\Application Data\Sony Corporation
2009-12-28 18:49 . 2009-12-28 18:49 -------- d-----w- c:\program files\Fichiers communs\Sony Shared
2009-12-28 18:47 . 2009-12-28 18:55 -------- d-----w- c:\documents and settings\xp cocoon sp2\Local Settings\Application Data\Downloaded Installations
2009-12-28 18:44 . 2009-12-28 18:49 -------- d-----w- c:\program files\Sony
2009-12-23 20:53 . 2009-12-23 20:53 -------- d-----w- c:\documents and settings\xp cocoon sp2\Application Data\VirtualStore

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-01-15 03:11 . 2008-01-26 21:21 -------- d-----w- c:\program files\lg_fwupdate
2010-01-15 03:03 . 2008-11-10 01:18 -------- d-----w- c:\documents and settings\xp cocoon sp2\Application Data\DNA
2010-01-15 02:04 . 2008-02-13 13:39 44239 ----a-w- C:\sound32.dll
2010-01-14 21:10 . 2009-08-01 22:52 -------- d-----w- c:\documents and settings\All Users\Application Data\NOS
2010-01-14 04:20 . 2008-02-25 21:26 -------- d-----w- c:\documents and settings\xp cocoon sp2\Application Data\uTorrent
2010-01-13 22:21 . 2008-01-25 02:00 -------- d-----w- c:\program files\Fichiers communs\Adobe
2010-01-13 12:33 . 2008-11-10 01:18 -------- d-----w- c:\program files\DNA
2010-01-13 12:06 . 2008-11-29 23:18 -------- d-----w- c:\program files\ma-config.com
2010-01-13 12:06 . 2008-11-29 23:18 -------- d-----w- c:\documents and settings\All Users\Application Data\ma-config.com
2010-01-13 03:55 . 2010-01-13 03:44 -------- d-----w- c:\program files\Security Task Manager
2010-01-13 03:54 . 2010-01-13 03:44 -------- d-----w- c:\documents and settings\All Users\Application Data\SecTaskMan
2010-01-13 03:44 . 2010-01-13 03:44 424 ----a-w- c:\documents and settings\All Users\Application Data\SecTaskMan\icn_9FF96681EF8Ca704F9076E4798B6D14B.dll
2010-01-07 00:27 . 2008-10-26 22:31 -------- d-----w- c:\program files\Druide
2010-01-04 01:57 . 2008-07-14 15:27 -------- d-----w- c:\documents and settings\xp cocoon sp2\Application Data\ZoomBrowser EX
2010-01-04 01:57 . 2008-07-14 15:29 -------- d-----w- c:\documents and settings\xp cocoon sp2\Application Data\CameraWindowDC
2009-12-30 19:39 . 2009-07-29 21:28 -------- d-----w- c:\program files\common files
2009-12-30 19:36 . 2009-12-30 19:36 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_LMouFilt_01005.Wdf
2009-12-30 19:36 . 2009-12-30 19:36 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_LHidFilt_01005.Wdf
2009-12-30 19:36 . 2009-12-30 19:36 0 ---ha-w- c:\windows\system32\drivers\MsftWdf_Kernel_01005_Coinstaller_Critical.Wdf
2009-12-30 19:33 . 2008-01-26 21:18 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-12-30 19:30 . 2009-10-25 00:59 -------- d-----w- c:\documents and settings\xp cocoon sp2\Application Data\vlc
2009-12-27 22:59 . 2008-01-26 21:21 16384 ----a-w- c:\windows\system32\lgfwunis.exe
2009-12-26 17:14 . 2008-01-26 20:57 -------- d-----w- c:\documents and settings\xp cocoon sp2\Application Data\AdobeUM
2009-12-18 22:34 . 2008-02-03 23:31 -------- d-----w- c:\documents and settings\xp cocoon sp2\Application Data\Apple Computer
2009-12-14 00:58 . 2008-05-11 02:46 -------- d-----w- c:\program files\Microsoft Games
2009-12-13 18:33 . 2009-12-13 18:00 -------- d-----w- c:\documents and settings\xp cocoon sp2\Application Data\Mount&Blade
2009-12-12 21:21 . 2009-12-12 21:21 138240 ----a-w- c:\documents and settings\xp cocoon sp2\Application Data\SystemRequirementsLab\SRLProxy_srl_4_1_14_0_d.dll
2009-12-12 21:21 . 2009-12-12 21:21 138240 ----a-w- c:\documents and settings\xp cocoon sp2\Application Data\SystemRequirementsLab\SRLProxy_srl_4_1_14_0_c.dll
2009-12-12 21:21 . 2009-12-12 21:21 138240 ----a-w- c:\documents and settings\xp cocoon sp2\Application Data\SystemRequirementsLab\SRLProxy_srl_4_1_14_0_b.dll
2009-12-12 21:21 . 2009-12-12 21:21 138240 ----a-w- c:\documents and settings\xp cocoon sp2\Application Data\SystemRequirementsLab\SRLProxy_srl_4_1_14_0_a.dll
2009-12-12 21:21 . 2009-12-12 21:21 -------- d-----w- c:\documents and settings\xp cocoon sp2\Application Data\SystemRequirementsLab
2009-12-10 17:28 . 2001-08-28 14:00 86074 ----a-w- c:\windows\system32\perfc00C.dat
2009-12-10 17:28 . 2001-08-28 14:00 513046 ----a-w- c:\windows\system32\perfh00C.dat
2009-12-09 23:17 . 2009-12-09 23:17 249856 ------w- c:\windows\Setup1.exe
2009-12-09 23:17 . 2009-12-09 23:17 73216 ----a-w- c:\windows\ST6UNST.EXE
2009-12-09 21:51 . 2009-04-10 22:15 43520 ----a-w- c:\windows\system32\CmdLineExt03.dll
2009-12-09 21:49 . 2008-03-14 13:08 21840 ----atw- c:\windows\system32\SIntfNT.dll
2009-12-09 21:49 . 2008-03-14 13:08 17212 ----atw- c:\windows\system32\SIntf32.dll
2009-12-07 01:12 . 2009-12-07 01:12 -------- d-----w- c:\program files\Sector69
2009-12-03 01:25 . 2008-09-22 00:39 98304 ----a-w- c:\windows\system32CmdLineExt.dll
2009-12-02 03:00 . 2008-01-26 21:35 88 ----a-w- c:\windows\dun.bat
2009-11-28 05:19 . 2009-11-28 05:19 -------- d-----w- c:\program files\NovaLogic
2009-11-27 04:12 . 2009-11-27 04:12 -------- d-----w- c:\documents and settings\All Users\Application Data\ATI
2009-11-27 04:08 . 2008-07-02 15:13 -------- d-----w- c:\program files\ATI Technologies
2009-11-27 03:56 . 2008-07-02 15:24 -------- d-----w- c:\documents and settings\xp cocoon sp2\Application Data\ATI
2009-11-25 02:26 . 2008-09-09 23:31 -------- d-----w- c:\documents and settings\xp cocoon sp2\Application Data\HP
2009-11-25 02:26 . 2008-09-09 23:13 -------- d-----w- c:\documents and settings\All Users\Application Data\HP
2009-11-21 15:59 . 2010-01-12 21:38 1206508 ----a-w- c:\windows\AppPatch\SET66.tmp
2009-11-21 15:58 . 2010-01-12 21:38 471552 ----a-w- c:\windows\AppPatch\SET67.tmp
2009-11-21 15:58 . 2004-08-19 16:09 471552 ----a-w- c:\windows\AppPatch\aclayers.dll
2009-11-20 01:20 . 2009-11-20 01:20 -------- d-----w- c:\documents and settings\xp cocoon sp2\Application Data\SEGA
2009-11-18 22:25 . 2009-11-18 22:25 -------- d-----w- c:\program files\Alwil Software
2009-11-18 22:14 . 2008-01-27 16:02 -------- d-----w- c:\program files\Fichiers communs\Symantec Shared
2009-11-16 21:03 . 2008-07-19 21:33 -------- d-----w- c:\program files\Spybot - Search & Destroy
2009-11-08 17:20 . 2009-11-08 17:20 82888 ----a-w- c:\windows\system32\GDIPFONTCACHEV1.DAT
2009-11-02 19:39 . 2009-11-02 19:39 79144 ----a-w- c:\documents and settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 9.0.2.25\SetupAdmin.exe
2009-10-29 07:42 . 2006-05-10 07:24 916480 ------w- c:\windows\system32\wininet.dll
2009-10-21 05:39 . 2004-08-19 16:09 75776 ----a-w- c:\windows\system32\strmfilt.dll
2009-10-21 05:39 . 2004-08-19 16:09 25088 ----a-w- c:\windows\system32\httpapi.dll
2009-10-20 16:20 . 2006-06-20 22:03 265728 ----a-w- c:\windows\system32\drivers\http.sys
2004-07-22 15:51 . 2004-07-22 15:51 3432656 ----a-w- c:\program files\ManagedDX.CAB
2004-07-20 03:58 . 2004-07-20 03:58 1156363 ----a-w- c:\program files\BDANT.cab
2004-07-20 03:53 . 2004-07-20 03:53 976020 ----a-w- c:\program files\BDAXP.cab
2004-07-09 19:17 . 2004-07-09 19:17 13265040 ----a-w- c:\program files\dxnt.cab
2004-07-09 14:13 . 2004-07-09 14:13 15493481 ----a-w- c:\program files\DirectX.cab
2004-07-09 14:13 . 2004-07-09 14:13 703080 ----a-w- c:\program files\BDA.cab
2004-07-09 09:08 . 2004-07-09 09:08 472576 ----a-w- c:\program files\dxsetup.exe
2004-07-09 09:08 . 2004-07-09 09:08 2242560 ----a-w- c:\program files\dsetup32.dll
2004-07-09 08:03 . 2004-07-09 08:03 62976 ----a-w- c:\program files\DSETUP.dll
2003-12-18 15:33 . 2009-04-03 01:58 20102 ----a-w- c:\program files\Readme.txt
2003-09-03 11:46 . 2009-04-03 01:58 10960 ----a-w- c:\program files\EULA.txt
2009-05-01 21:02 . 2009-05-01 21:02 1044480 ----a-w- c:\program files\mozilla firefox\plugins\libdivx.dll
2009-05-01 21:02 . 2009-05-01 21:02 200704 ----a-w- c:\program files\mozilla firefox\plugins\ssldivx.dll
.

((((((((((((((((((((((((((((( SnapShot@2010-01-13_12.41.13 )))))))))))))))))))))))))))))))))))))))))
.
+ 2008-07-29 13:05 . 2008-07-29 13:05 62976 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90rus.dll
+ 2008-07-29 13:05 . 2008-07-29 13:05 46080 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90kor.dll
+ 2008-07-29 13:05 . 2008-07-29 13:05 46592 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90jpn.dll
+ 2008-07-29 13:05 . 2008-07-29 13:05 64512 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90ita.dll
+ 2008-07-29 13:05 . 2008-07-29 13:05 66048 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90fra.dll
+ 2008-07-29 13:05 . 2008-07-29 13:05 65024 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90esp.dll
+ 2008-07-29 13:05 . 2008-07-29 13:05 65024 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90esn.dll
+ 2008-07-29 13:05 . 2008-07-29 13:05 56832 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90enu.dll
+ 2008-07-29 13:05 . 2008-07-29 13:05 66560 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90deu.dll
+ 2008-07-29 13:05 . 2008-07-29 13:05 39936 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90cht.dll
+ 2008-07-29 13:05 . 2008-07-29 13:05 38912 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90chs.dll
+ 2008-07-29 11:07 . 2008-07-29 11:07 59904 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_405b0943\mfcm90u.dll
+ 2008-07-29 11:07 . 2008-07-29 11:07 59904 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_405b0943\mfcm90.dll
+ 2010-01-13 22:00 . 2009-05-11 14:11 28520 c:\windows\system32\drivers\ssmdrv.sys
+ 2008-07-29 13:05 . 2008-07-29 13:05 655872 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_6f74963e\msvcr90.dll
+ 2008-07-29 13:05 . 2008-07-29 13:05 572928 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_6f74963e\msvcp90.dll
+ 2008-07-29 08:54 . 2008-07-29 08:54 225280 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_6f74963e\msvcm90.dll
+ 2008-07-29 13:05 . 2008-07-29 13:05 161784 c:\windows\WinSxS\x86_Microsoft.VC90.ATL_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_d01483b2\atl90.dll
+ 2010-01-13 21:59 . 2010-01-13 21:59 228352 c:\windows\Installer\2072499.msi
+ 2008-07-29 13:05 . 2008-07-29 13:05 3783672 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_405b0943\mfc90u.dll
+ 2008-07-29 13:05 . 2008-07-29 13:05 3768312 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_405b0943\mfc90.dll
+ 2010-01-13 22:21 . 2010-01-13 22:21 3968512 c:\windows\Installer\2194368.msi
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-03-09 68856]
"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-07-26 3883856]
"Gestionnaire Antidote.exe"="c:\program files\Druide\Antidote\Gestionnaire Antidote.exe" [2007-09-24 533944]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"Shockwave Updater"="c:\windows\system32\Adobe\Shockwave 11\SwHelper_1150595.exe" [2009-03-19 460216]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"tofepuzeri"="C:\" [X]
"RemoteControl"="c:\program files\CyberLink\PowerDVD\PDVDServ.exe" [2006-11-23 56928]
"LanguageShortcut"="c:\program files\CyberLink\PowerDVD\Language\Language.exe" [2006-12-06 54832]
"LGODDFU"="c:\program files\lg_fwupdate\fwupdate.exe" [2009-12-27 557056]
"NeroFilterCheck"="c:\program files\Fichiers communs\Ahead\Lib\NeroCheck.exe" [2006-01-12 155648]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2007-10-15 49152]
"hpqSRMon"="c:\program files\HP\Digital Imaging\bin\hpqSRMon.exe" [2007-08-22 80896]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2009-09-05 417792]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-10-29 141600]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-09-30 61440]
"ContentTransferWMDetector.exe"="c:\program files\Sony\Content Transfer\ContentTransferWMDetector.exe" [2009-11-19 583016]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-12-22 35760]
"Adobe ARM"="c:\program files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe" [2009-12-11 948672]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

c:\documents and settings\xp cocoon sp2\Menu D‚marrer\Programmes\D‚marrage\
Logitech . Enregistrement du produit.lnk - c:\program files\common files\LogiShrd\eReg\Common\eReg.exe [2009-4-8 517384]

c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2008-3-25 214360]
Logitech SetPoint.lnk - c:\program files\Logitech\SetPoint\SetPoint.exe [2009-12-30 789008]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"SynchronousMachineGroupPolicy"= 0 (0x0)
"SynchronousUserGroupPolicy"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoSimpleStartMenu"= 0 (0x0)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoStrCmpLogical"= 1 (0x1)
"NoResolveTrack"= 0 (0x0)
"NoSMMyPictures"= 0 (0x0)
"MaxRecentDocs"= 15 (0xf)
"MemCheckBoxInRunDlg"= 1 (0x1)
"NoSMBalloonTip"= 0 (0x0)
"DisallowCpl"= 1 (0x1)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\c001E0C2]
[BU]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LBTWlgn]
2008-01-09 17:30 72208 ----a-w- c:\program files\Fichiers communs\Logishrd\Bluetooth\LBTWLgn.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SymEFA.sys]
@=""

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup]
@=""

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Messenger\\Msmsgs.exe"=
"c:\\WINDOWS\\pchealth\\helpctr\\binaries\\helpctr.exe"=
"d:\\freespace2\\FS2.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\java.exe"=
"d:\\freespace2\\fs2_open_3_6_10.exe"=
"c:\\Program Files\\DNA\\btdna.exe"=

R2 AntiVirSchedulerService;Avira AntiVir Planificateur;c:\program files\Avira\AntiVir Desktop\sched.exe [2010-01-13 108289]
S3 cpuz130;cpuz130;\??\c:\docume~1\XPCOCO~1\LOCALS~1\Temp\cpuz130\cpuz_x32.sys --> c:\docume~1\XPCOCO~1\LOCALS~1\Temp\cpuz130\cpuz_x32.sys [?]
S3 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [2007-11-06 34064]
S4 FVDSCSI;FVDSCSI;c:\windows\system32\DRIVERS\fvdscsi.sys --> c:\windows\system32\DRIVERS\fvdscsi.sys [?]
S4 sptd;sptd;c:\windows\system32\drivers\sptd.sys [2008-03-16 717296]

--- Autres Services/Pilotes en mémoire ---

*NewlyCreated* - SSMDRV

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
Contenu du dossier 'Tâches planifiées'

2010-01-09 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 16:34]

2010-01-09 c:\windows\Tasks\OGALogon.job
- c:\windows\system32\OGAEXEC.exe [2009-08-03 19:07]

2009-12-01 c:\windows\Tasks\WGASetup.job
- c:\windows\system32\KB905474\wgasetup.exe [2009-05-06 02:18]
.
.
------- Examen supplémentaire -------
.
uStart Page = hxxp://www.google.ca/
uSearchURL,(Default) = hxxp://www.google.fr/search?q=%s
Handler: intu-ir2008 - {729D3592-92E7-4cbc-8E44-3C22B3F457B3} - c:\program files\ImpotRapide 2008\ic2008pp.dll
DPF: {C49134CC-B5EF-458C-A442-E8DFE7B4645F} - hxxp://www.yoyogames.com/downloads/activex/YoYo.cab
DPF: {F8C5C0F1-D884-43EB-A5A0-9E1C4A102FA8} - hxxps://secure.gopetslive.com/dev/GoPetsWeb.cab
FF - ProfilePath - c:\documents and settings\xp cocoon sp2\Application Data\Mozilla\Firefox\Profiles\jep3bt63.default\
FF - prefs.js: browser.startup.homepage - www.google.ca
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
.
- - - - ORPHELINS SUPPRIMES - - - -

BHO-{EB5CEE80-030A-4ED8-8E20-454E9C68380F} - (no file)



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-01-14 22:13
Windows 5.1.2600 Service Pack 3 NTFS

Recherche de processus cachés ...

Recherche d'éléments en démarrage automatique cachés ...

Recherche de fichiers cachés ...

Scan terminé avec succès
Fichiers cachés: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet010\Services\ASFWHide]
"ImagePath"="\??\c:\docume~1\XPCOCO~1\LOCALS~1\Temp\ASFWHide"
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------

[HKEY_USERS\S-1-5-21-682003330-1958367476-1417001333-1003\Software\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)

[HKEY_USERS\S-1-5-21-682003330-1958367476-1417001333-1003\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:38,35,5c,80,22,96,ff,3e,d8,14,ca,53,93,a9,73,88,ae,6c,b6,90,f2,4b,ba,
ee,ef,a5,6b,f1,f4,9c,8c,3e,a8,24,11,b4,2a,f7,f5,7e,ac,7a,85,9c,11,7e,ec,8b,\
"??"=hex:8f,38,87,ab,37,16,a3,70,d8,a4,e5,27,7f,89,e7,4f

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\Ø•€|ÿÿÿÿ•€|é•9~*]
"C040110900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL"
.
--------------------- DLLs chargées dans les processus actifs ---------------------

- - - - - - - > 'winlogon.exe'(608)
c:\windows\system32\Ati2evxx.dll
c:\program files\fichiers communs\logishrd\bluetooth\LBTWlgn.dll
c:\program files\fichiers communs\logishrd\bluetooth\LBTServ.dll

- - - - - - - > 'explorer.exe'(3636)
c:\program files\Logitech\SetPoint\lgscroll.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
c:\windows\system32\eappprxy.dll
.
------------------------ Autres processus actifs ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\windows\system32\Ati2evxx.exe
c:\program files\Avira\AntiVir Desktop\avguard.exe
c:\program files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
c:\windows\system32\devldr32.exe
c:\program files\Fichiers communs\Logishrd\KHAL2\KHALMNPR.EXE
c:\program files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Fichiers communs\Portrait Displays\Shared\DTSRVC.exe
c:\windows\system32\PnkBstrA.exe
c:\program files\CyberLink\Shared Files\RichVideo.exe
c:\program files\Windows Media Player\WMPNetwk.exe
c:\program files\Canon\CAL\CALMAIN.exe
c:\program files\iPod\bin\iPodService.exe
c:\windows\system32\wscntfy.exe
c:\program files\HP\Digital Imaging\bin\hpqSTE08.exe
c:\program files\HP\Digital Imaging\bin\hpqbam08.exe
c:\program files\HP\Digital Imaging\bin\hpqgpc01.exe
.
**************************************************************************
.
Heure de fin: 2010-01-14 22:16:55 - La machine a redémarré
ComboFix-quarantined-files.txt 2010-01-15 03:16
ComboFix2.txt 2010-01-14 21:34
ComboFix3.txt 2010-01-14 21:22
ComboFix4.txt 2010-01-13 21:36
ComboFix5.txt 2010-01-15 03:01

Avant-CF: 8 945 930 240 octets libres
Après-CF: 8 920 453 120 octets libres

Current=10 Default=10 Failed=9 LastKnownGood=11 Sets=,1,2,3,4,5,6,7,8,9,10,11
- - End Of File - - D9A9EC58A360ED8C04AA7680C4F14FBA

Des changements ?