clé USB infectée(résolu)

bonjour,
j'ai ma clefs usb infectée, en effet j'ai un fichier musique dedans et dans celui ci un fichier musique étrangère avec une chanson dedans( la seule que je n'ai pas pu effacé) quand je l'efface et qu'ensuite je veux effacé le fichier qui est censé etre vide eh bien la chanson a réapparu!!
quelqu'un aurait il une solution?
merci d'avance

salut

Télécharge : http://www.techsupportforum.com/sectools/sUBs/Flash_Disinfector.exe

Si ton antivirus fait une alerte, ignore la.
Branche ton disque amovible.
Lance Flash_Disinfector.exe.

bonjour je viens de faire ce que tu m'as dis mais je ne peux toujours pas effacer le fichier! ca me dit le fichier n'est pas vide!
une autre solution stp merci

fait un scan de ton poste de travail et de ta clef avec ton antivirus et poste le rapport

bonjour voici un scan de mon poste de travail



AntiVir PersonalEdition Classic
Report file date: mardi 1 avril 2008 09:34

Scanning for 1172298 virus strains and unwanted programs.

Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform: Windows XP
Windows version: (Service Pack 2) [5.1.2600]
Username: SYSTEM
Computer name: 729405660236

Version information:
BUILD.DAT : 270 15603 Bytes 19/09/2007 13:32:00
AVSCAN.EXE : 7.0.6.1 290856 Bytes 23/08/2007 13:16:29
AVSCAN.DLL : 7.0.6.0 49192 Bytes 16/08/2007 12:23:51
LUKE.DLL : 7.0.5.3 147496 Bytes 14/08/2007 15:32:47
LUKERES.DLL : 7.0.6.1 10280 Bytes 21/08/2007 12:35:20
ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 18/07/2007 14:27:15
ANTIVIR1.VDF : 7.0.3.2 5447168 Bytes 07/03/2008 20:17:47
ANTIVIR2.VDF : 7.0.3.85 434176 Bytes 27/03/2008 18:04:18
ANTIVIR3.VDF : 7.0.3.97 56320 Bytes 31/03/2008 15:00:47
AVEWIN32.DLL : 7.6.0.78 3408384 Bytes 29/03/2008 15:21:22
AVWINLL.DLL : 1.0.0.7 14376 Bytes 26/02/2007 10:36:26
AVPREF.DLL : 7.0.2.2 25640 Bytes 18/07/2007 07:39:17
AVREP.DLL : 7.0.0.1 155688 Bytes 16/04/2007 13:16:24
AVPACK32.DLL : 7.6.0.3 360488 Bytes 16/01/2008 13:39:51
AVREG.DLL : 7.0.1.6 30760 Bytes 18/07/2007 07:17:06
AVARKT.DLL : 1.0.0.20 278568 Bytes 28/08/2007 12:26:33
AVEVTLOG.DLL : 7.0.0.20 86056 Bytes 18/07/2007 07:10:18
NETNT.DLL : 7.0.0.0 7720 Bytes 08/03/2007 11:09:42
RCIMAGE.DLL : 7.0.1.30 2342952 Bytes 07/08/2007 12:38:13
RCTEXT.DLL : 7.0.62.0 86056 Bytes 21/08/2007 12:50:37
SQLITE3.DLL : 3.3.17.1 339968 Bytes 23/07/2007 09:37:21

Configuration settings for the scan:
Jobname..........................: Complete system scan
Configuration file...............: c:\program files\avira\antivir personaledition classic\sysscan.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: off
Scan boot sector.................: on
Boot sectors.....................: C:,
Scan memory......................: on
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: off
Scan all files...................: Intelligent file selection
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Macro heuristic..................: on
File heuristic...................: medium

Start of the scan: mardi 1 avril 2008 09:34

The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'usnsvc.exe' - '1' Module(s) have been scanned
Scan process 'alg.exe' - '1' Module(s) have been scanned
Scan process 'CLSched.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'slmdmsr.exe' - '1' Module(s) have been scanned
Scan process 'CLMLService.exe' - '1' Module(s) have been scanned
Scan process 'HidService.exe' - '1' Module(s) have been scanned
Scan process 'CLMLServer.exe' - '1' Module(s) have been scanned
Scan process 'CLCapSvc.exe' - '1' Module(s) have been scanned
Scan process 'AOLacsd.exe' - '1' Module(s) have been scanned
Scan process 'sched.exe' - '1' Module(s) have been scanned
Scan process 'ctfmon.exe' - '1' Module(s) have been scanned
Scan process 'msnmsgr.exe' - '1' Module(s) have been scanned
Scan process 'realplay.exe' - '1' Module(s) have been scanned
Scan process 'avgnt.exe' - '1' Module(s) have been scanned
Scan process 'qttask.exe' - '1' Module(s) have been scanned
Scan process 'CamTray.exe' - '1' Module(s) have been scanned
Scan process 'PCMService.exe' - '1' Module(s) have been scanned
Scan process 'jusched.exe' - '1' Module(s) have been scanned
Scan process 'SOUNDMAN.EXE' - '1' Module(s) have been scanned
Scan process 'Icon.exe' - '1' Module(s) have been scanned
Scan process 'STDSB.exe' - '1' Module(s) have been scanned
Scan process 'VTTrayp.exe' - '1' Module(s) have been scanned
Scan process 'VTTimer.exe' - '1' Module(s) have been scanned
Scan process 'SynTPEnh.exe' - '1' Module(s) have been scanned
Scan process 'SynTPLpr.exe' - '1' Module(s) have been scanned
Scan process 'avguard.exe' - '1' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'spoolsv.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
40 processes with 40 modules were scanned

Start scanning boot sectors:
Boot sector 'C:\'
[NOTE] No virus was found!

Starting to scan the registry.
The registry was scanned ( '31' files ).


Starting the file scan:

Begin scan in 'C:\' <HDD>
C:\hiberfil.sys
[WARNING] The file could not be opened!
C:\pagefile.sys
[WARNING] The file could not be opened!


End of the scan: mardi 1 avril 2008 10:32
Used time: 57:54 min

The scan has been done completely.

4860 Scanning directories
251651 Files were scanned
0 viruses and/or unwanted programs were found
0 Files were classified as suspicious:
0 files were deleted
0 files were repaired
0 files were moved to quarantine
0 files were renamed
2 Files cannot be scanned
251651 Files not concerned
8160 Archives were scanned
2 Warnings
0 Notes

et voici le scan de ma clé usb, il m'a indiqué deux virus

AntiVir PersonalEdition Classic
Report file date: mardi 1 avril 2008 12:02

Scanning for 1172298 virus strains and unwanted programs.

Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform: Windows XP
Windows version: (Service Pack 2) [5.1.2600]
Username: angy
Computer name: 729405660236

Version information:
BUILD.DAT : 270 15603 Bytes 19/09/2007 13:32:00
AVSCAN.EXE : 7.0.6.1 290856 Bytes 23/08/2007 13:16:29
AVSCAN.DLL : 7.0.6.0 49192 Bytes 16/08/2007 12:23:51
LUKE.DLL : 7.0.5.3 147496 Bytes 14/08/2007 15:32:47
LUKERES.DLL : 7.0.6.1 10280 Bytes 21/08/2007 12:35:20
ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 18/07/2007 14:27:15
ANTIVIR1.VDF : 7.0.3.2 5447168 Bytes 07/03/2008 20:17:47
ANTIVIR2.VDF : 7.0.3.85 434176 Bytes 27/03/2008 18:04:18
ANTIVIR3.VDF : 7.0.3.97 56320 Bytes 31/03/2008 15:00:47
AVEWIN32.DLL : 7.6.0.78 3408384 Bytes 29/03/2008 15:21:22
AVWINLL.DLL : 1.0.0.7 14376 Bytes 26/02/2007 10:36:26
AVPREF.DLL : 7.0.2.2 25640 Bytes 18/07/2007 07:39:17
AVREP.DLL : 7.0.0.1 155688 Bytes 16/04/2007 13:16:24
AVPACK32.DLL : 7.6.0.3 360488 Bytes 16/01/2008 13:39:51
AVREG.DLL : 7.0.1.6 30760 Bytes 18/07/2007 07:17:06
AVARKT.DLL : 1.0.0.20 278568 Bytes 28/08/2007 12:26:33
AVEVTLOG.DLL : 7.0.0.20 86056 Bytes 18/07/2007 07:10:18
NETNT.DLL : 7.0.0.0 7720 Bytes 08/03/2007 11:09:42
RCIMAGE.DLL : 7.0.1.30 2342952 Bytes 07/08/2007 12:38:13
RCTEXT.DLL : 7.0.62.0 86056 Bytes 21/08/2007 12:50:37
SQLITE3.DLL : 3.3.17.1 339968 Bytes 23/07/2007 09:37:21

Configuration settings for the scan:
Jobname..........................: ShlExt
Configuration file...............: C:\DOCUME~1\angy\LOCALS~1\Temp\19e622db.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: off
Scan boot sector.................: on
Boot sectors.....................: E:,
Scan memory......................: on
Process scan.....................: off
Scan registry....................: off
Search for rootkits..............: off
Scan all files...................: Intelligent file selection
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Macro heuristic..................: on
File heuristic...................: medium

Start of the scan: mardi 1 avril 2008 12:02

Starting the file scan:

Begin scan in 'E:\' <ANGY>
E:\RECYCLER\RECYCLER\autorun.0xe
[DETECTION] Contains a detection pattern of the (dangerous) backdoor program BDS/Pcclient.WI Backdoor server programs
[INFO] The file was moved to '48660953.qua'!
E:\RECYCLER\RECYCLER\autorun.exe
[DETECTION] Contains a detection pattern of the (dangerous) backdoor program BDS/Pcclient.WI Backdoor server programs
[INFO] The file was moved to '48660957.qua'!


End of the scan: mardi 1 avril 2008 12:05
Used time: 02:38 min

The scan has been done completely.

72 Scanning directories
1580 Files were scanned
2 viruses and/or unwanted programs were found
0 Files were classified as suspicious:
0 files were deleted
0 files were repaired
2 files were moved to quarantine
0 files were renamed
0 Files cannot be scanned
1578 Files not concerned
4 Archives were scanned
0 Warnings
0 Notes

je les ai mis en quarantaine mais ce n'est pas pour autant que j'arrive à effacer le dossier
merci beaucoup pour ton aide

Désactive toute protection résidente ! (Antivirus, antispywares..)
Télécharge ComboFix (créé par sUBs) sur ton Bureau

Démarre en mode sans echec

met ta clef

Double clique combofix.exe.

Tape sur la touche Y (Yes) pour démarrer le scan.

Lorsque le scan sera complété, un rapport apparaîtra. Copie/colle ce rapport dans ta prochaine réponse,et nouveau rapport hijackthis

NOTE : Le rapport se trouve également ici : C:\Combofix.txt

tuto ici

rebonjour je ne suis pas très experte en informatique, donc si j'ai bien compris je dois désactiver mon antivir et est ce que Spybot est un antispyares? ensuite qu'est ce que cela signifie "mode sans échec"?
merci
a bientot

oui desactive tous spybot et antivir
et le mode sans echec je t invite a regarder le lien
http://bibou0007.com/astuces-windows-f80/demarrer-en-mode-sans-echec-avec-xp-(...)

bonjour voici le rapport

ComboFix 08-04-01.2 - angy 2008-04-02 18:24:52.1 - NTFSx86
Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.606 [GMT 2:00]
Endroit: C:\Documents and Settings\angy\Bureau\ComboFix.exe
* Création d'un nouveau point de restauration
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\WINDOWS\system32\drivers\Icon.exe

.
((((((((((((((((((((((((((((( Fichiers cr‚‚s 2008-03-02 to 2008-04-02 ))))))))))))))))))))))))))))))))))))
.

2008-03-04 15:06 . 2008-03-04 15:06 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Yahoo! Companion
2008-03-03 21:21 . 2008-03-03 21:22 <REP> d-------- C:\WINDOWS\AU_Temp
2008-03-03 20:37 . 2008-03-03 20:37 <REP> d-------- C:\WINDOWS\report
2008-03-03 20:37 . 2008-03-03 21:21 <REP> d-------- C:\WINDOWS\AU_Backup
2008-03-03 20:37 . 2008-03-03 20:37 35,382,261 --a------ C:\WINDOWS\VPTNFILE.133
2008-03-03 20:37 . 2008-03-03 20:37 1,922,894 --a------ C:\WINDOWS\tsc.ptn
2008-03-03 20:37 . 2008-03-03 21:22 1,163,344 --a------ C:\WINDOWS\vsapi32.dll
2008-03-03 20:37 . 2008-03-03 20:37 267,845 --a------ C:\WINDOWS\tsc.exe
2008-03-03 20:37 . 2008-03-03 21:21 86,094 --a------ C:\WINDOWS\BPMNT.dll
2008-03-03 20:37 . 2008-03-03 20:37 71,749 --a------ C:\WINDOWS\hcextoutput.dll
2008-03-03 20:37 . 2008-03-03 21:20 823 --a------ C:\WINDOWS\tsc.ini
2008-03-03 20:34 . 2008-03-03 20:34 <REP> d-------- C:\WINDOWS\AU_Log
2008-03-03 20:34 . 2008-03-03 20:34 507,904 --a------ C:\WINDOWS\TMUPDATE.DLL
2008-03-03 20:34 . 2008-03-03 20:34 286,720 --a------ C:\WINDOWS\PATCH.EXE
2008-03-03 20:34 . 2008-03-03 20:34 69,689 --a------ C:\WINDOWS\UNZIP.DLL
2008-03-03 20:34 . 2008-03-03 21:21 170 --a------ C:\WINDOWS\GetServer.ini

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-04-01 17:03 --------- d-----w C:\Documents and Settings\angy\Application Data\MiniLyrics
2008-04-01 15:12 --------- d-----w C:\Program Files\Windows Live Safety Center
2008-03-30 20:26 --------- d-----w C:\Program Files\Messenger Plus! Live
2008-03-14 08:03 --------- d-----w C:\Program Files\Java
2008-03-11 20:07 --------- d-----w C:\Documents and Settings\All Users\Application Data\Microsoft Help
2008-03-04 12:47 --------- d-----w C:\Program Files\Yahoo!
2008-03-01 21:55 --------- d-----w C:\Program Files\Minilyrics
2008-03-01 21:21 --------- d-----w C:\Documents and Settings\All Users\Application Data\QuickTime
2008-02-28 15:08 --------- d-----w C:\Program Files\Windows Live
2008-02-11 18:55 --------- d-----w C:\Program Files\Google
2008-02-11 12:56 --------- d-----w C:\Program Files\Elaborate Bytes
2008-02-11 12:17 --------- d-----w C:\Program Files\tradutor
2008-02-10 23:02 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-02-10 23:00 --------- d-----w C:\Program Files\Spybot - Search & Destroy
2008-02-10 22:22 --------- d-----w C:\Program Files\AOL 9.0
2008-02-10 00:18 --------- d-----w C:\Program Files\Fichiers communs\Adobe
2008-02-01 10:17 587,264 ----a-w C:\WINDOWS\WLXPGSS.SCR
2008-01-20 19:53 49,816 ----a-w C:\Documents and Settings\angy\Application Data\GDIPFONTCACHEV1.DAT
.

((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les ‚l‚ments vides & les ‚l‚ments initiaux l‚gitimes ne sont pas list‚s

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{4E7BD74F-2B8D-469E-A0E8-ED6AB685FA7D}]
2004-03-17 12:22 820736 --a------ C:\WINDOWS\system32\pbfrv2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{4E7BD74F-2B8D-469E-A0E8-ED6AB685FA7D}"= "C:\WINDOWS\system32\pbfrv2.dll" [2004-03-17 12:22 820736]

[HKEY_CLASSES_ROOT\clsid\{4e7bd74f-2b8d-469e-a0e8-ed6ab685fa7d}]
[HKEY_CLASSES_ROOT\pbfrv2.PBFRV2]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
"{4E7BD74F-2B8D-469E-A0E8-ED6AB685FA7D}"= C:\WINDOWS\system32\pbfrv2.dll [2004-03-17 12:22 820736]

[HKEY_CLASSES_ROOT\clsid\{4e7bd74f-2b8d-469e-a0e8-ed6ab685fa7d}]
[HKEY_CLASSES_ROOT\pbfrv2.PBFRV2]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.exe" [2007-10-18 12:34 5724184]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-05 14:00 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IMJPMIG8.1"="C:\WINDOWS\IME\imjp8_1\IMJPMIG.exe" [2004-08-05 14:00 208952]
"PHIME2002ASync"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe" [2004-08-05 14:00 455168]
"PHIME2002A"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe" [2004-08-05 14:00 455168]
"SynTPLpr"="C:\Program Files\Synaptics\SynTP\SynTPLpr.exe" [2005-03-10 18:44 98394]
"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [2005-03-10 18:43 688218]
"VTTimer"="VTTimer.exe" [2005-03-08 03:33 53248 C:\WINDOWS\system32\VTTimer.exe]
"VTTrayp"="VTtrayp.exe" [2005-09-14 13:47 167936 C:\WINDOWS\system32\VTTrayp.exe]
"STDSB"="C:\WINDOWS\system32\drivers\STDSB.exe" [2003-12-17 16:50 28672]
"SoundMan"="SOUNDMAN.EXE" [2005-08-17 18:39 90112 C:\WINDOWS\SOUNDMAN.EXE]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 05:25 144784]
"PCMService"="c:\Apps\Powercinema\PCMService.exe" [2005-05-11 13:48 127118]
"Creative WebCam Tray"="C:\Program Files\Creative\Shared Files\CAMTRAY.EXE" [2004-07-30 11:04 245760]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2006-08-24 16:46 98304]
"avgnt"="C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2007-12-20 00:02 249896]
"RealTray"="C:\Program Files\Real\RealPlayer\RealPlay.exe" [2006-08-24 16:46 26112]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 23:16 39792]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-05 14:00 15360]

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%ProgramFiles%\\AOL 9.0\\aol.exe"=
"%ProgramFiles%\\UBISOFT\\Splinter Cell Pandora Tomorrow\\logo_ubi.exe"=
"%ProgramFiles%\\UBISOFT\\Splinter Cell Pandora Tomorrow\\pandora.exe"=
"%windir%\\system32\\sessmgr.exe"=
"C:\\APPS\\Inventime\\my.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Program Files\\Ares\\Ares.exe"=
"C:\\APPS\\skype\\phone\\Skype.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=

R2 MTC0007_STDSB;Scroll Bar Driver;C:\WINDOWS\system32\drivers\STDSB.sys [2005-08-25 15:00]
R3 USBSTOR;Pilote de stockage de masse USB;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 23:08]
S2 STDSB;STDSB;C:\WINDOWS\system32\DRIVERS\STDSB.sys [2005-08-25 15:00]
S3 V0090VID;Creative WebCam Vista Plus;C:\WINDOWS\system32\DRIVERS\V0090Vid.sys [2005-04-14 03:00]

.
**************************************************************************

catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-04-02 18:29:01
Windows 5.1.2600 Service Pack 2 NTFS

Balayage processus cach‚s ...

Balayage cach‚ autostart entries ...

Balayage des fichiers cach‚s ...

Scan termin‚ avec succŠs
Les fichiers cach‚s: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\MySqlInventime]
"ImagePath"="c:\mysql\bin\mysqld-max-nt MySqlInventime"
.
------------------------ Other Running Processes ------------------------
.
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLService.exe
c:\APPS\HIDSERVICE\HIDSERVICE.exe
C:\WINDOWS\system32\slmdmsr.exe
c:\APPS\Powercinema\Kernel\TV\CLSched.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
.
**************************************************************************
.
Temps d'accomplissement: 2008-04-02 18:32:22 - machine was rebooted
ComboFix-quarantined-files.txt 2008-04-02 16:32:05
Pre-Run: 38,233,055,232 octets libres
Post-Run: 38,222,016,512 octets libres
.
2008-03-11 20:07:04 --- E O F ---

bonjour c'est encore moi je l'ai fait sans mode échec car je n'arrive pas a le mettre sans échec car j'ai appuyé sur F8 et il m'apparait un tit cadre avec soit flopper ou floppy je ne sais plus, hardisck, et deux autres truc!
merci

re le cadre qui apparait quand j'appuie sur F8 c boot device je crois
voila
désolé de ne pas m'y connaitre trop

essaye f5

bonjour
voici ca a marché c'était bien F5
ComboFix 08-04-03.3 - angy 2008-04-03 19:20:49.1 - NTFSx86 MINIMAL
Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.762 [GMT 2:00]
Endroit: C:\Documents and Settings\angy\Bureau\ComboFix.exe
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\WINDOWS\system32\drivers\Icon.exe

.
((((((((((((((((((((((((((((( Fichiers créés 2008-03-03 to 2008-04-03 ))))))))))))))))))))))))))))))))))))
.

2008-04-03 19:14 . 2007-09-24 02:36 <REP> d--h----- C:\Documents and Settings\Administrateur\Voisinage réseau
2008-04-03 19:14 . 2007-09-24 02:36 <REP> d--h----- C:\Documents and Settings\Administrateur\Voisinage d'impression
2008-04-03 19:14 . 2007-09-24 02:39 <REP> d--h----- C:\Documents and Settings\Administrateur\Modèles
2008-04-03 19:14 . 2007-09-24 02:39 <REP> dr------- C:\Documents and Settings\Administrateur\Mes documents
2008-04-03 19:14 . 2007-09-24 02:39 <REP> dr------- C:\Documents and Settings\Administrateur\Menu Démarrer
2008-04-03 19:14 . 2007-09-24 02:39 <REP> dr------- C:\Documents and Settings\Administrateur\Favoris
2008-04-03 19:14 . 2007-09-24 02:36 <REP> dr------- C:\Documents and Settings\Administrateur\Bureau
2008-04-03 19:14 . 2007-09-24 02:36 <REP> d-------- C:\Documents and Settings\Administrateur\Application Data\You've Got Pictures Screensaver
2008-04-03 19:14 . 2007-09-24 02:36 <REP> d-------- C:\Documents and Settings\Administrateur\Application Data\Symantec
2008-04-03 16:44 . 2008-04-03 19:11 <REP> d-------- C:\Documents and Settings\angy\Application Data\OpenOffice.org2
2008-04-03 16:42 . 2008-04-03 16:42 <REP> d-------- C:\Program Files\OpenOffice.org 2.4
2008-03-04 15:06 . 2008-03-04 15:06 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Yahoo! Companion
2008-03-03 21:21 . 2008-03-03 21:22 <REP> d-------- C:\WINDOWS\AU_Temp
2008-03-03 20:37 . 2008-03-03 20:37 <REP> d-------- C:\WINDOWS\report
2008-03-03 20:37 . 2008-03-03 21:21 <REP> d-------- C:\WINDOWS\AU_Backup
2008-03-03 20:37 . 2008-03-03 20:37 35,382,261 --a------ C:\WINDOWS\VPTNFILE.133
2008-03-03 20:37 . 2008-03-03 20:37 1,922,894 --a------ C:\WINDOWS\tsc.ptn
2008-03-03 20:37 . 2008-03-03 21:22 1,163,344 --a------ C:\WINDOWS\vsapi32.dll
2008-03-03 20:37 . 2008-03-03 20:37 267,845 --a------ C:\WINDOWS\tsc.exe
2008-03-03 20:37 . 2008-03-03 21:21 86,094 --a------ C:\WINDOWS\BPMNT.dll
2008-03-03 20:37 . 2008-03-03 20:37 71,749 --a------ C:\WINDOWS\hcextoutput.dll
2008-03-03 20:37 . 2008-03-03 21:20 823 --a------ C:\WINDOWS\tsc.ini
2008-03-03 20:34 . 2008-03-03 20:34 <REP> d-------- C:\WINDOWS\AU_Log
2008-03-03 20:34 . 2008-03-03 20:34 507,904 --a------ C:\WINDOWS\TMUPDATE.DLL
2008-03-03 20:34 . 2008-03-03 20:34 286,720 --a------ C:\WINDOWS\PATCH.EXE
2008-03-03 20:34 . 2008-03-03 20:34 69,689 --a------ C:\WINDOWS\UNZIP.DLL
2008-03-03 20:34 . 2008-03-03 21:21 170 --a------ C:\WINDOWS\GetServer.ini

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-04-03 14:41 --------- d-----w C:\Program Files\Java
2008-04-01 17:03 --------- d-----w C:\Documents and Settings\angy\Application Data\MiniLyrics
2008-04-01 15:12 --------- d-----w C:\Program Files\Windows Live Safety Center
2008-03-30 20:26 --------- d-----w C:\Program Files\Messenger Plus! Live
2008-03-11 20:07 --------- d-----w C:\Documents and Settings\All Users\Application Data\Microsoft Help
2008-03-04 12:47 --------- d-----w C:\Program Files\Yahoo!
2008-03-01 21:55 --------- d-----w C:\Program Files\Minilyrics
2008-03-01 21:21 --------- d-----w C:\Documents and Settings\All Users\Application Data\QuickTime
2008-02-28 15:08 --------- d-----w C:\Program Files\Windows Live
2008-02-11 18:55 --------- d-----w C:\Program Files\Google
2008-02-11 12:56 --------- d-----w C:\Program Files\Elaborate Bytes
2008-02-11 12:17 --------- d-----w C:\Program Files\tradutor
2008-02-10 23:02 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-02-10 23:00 --------- d-----w C:\Program Files\Spybot - Search & Destroy
2008-02-10 22:22 --------- d-----w C:\Program Files\AOL 9.0
2008-02-10 00:18 --------- d-----w C:\Program Files\Fichiers communs\Adobe
2008-02-01 10:17 587,264 ----a-w C:\WINDOWS\WLXPGSS.SCR
2008-01-20 19:53 49,816 ----a-w C:\Documents and Settings\angy\Application Data\GDIPFONTCACHEV1.DAT
2008-01-11 05:36 44,544 ----a-w C:\WINDOWS\system32\dllcache\pngfilt.dll
.

((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{4E7BD74F-2B8D-469E-A0E8-ED6AB685FA7D}]
2004-03-17 12:22 820736 --a------ C:\WINDOWS\system32\pbfrv2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{4E7BD74F-2B8D-469E-A0E8-ED6AB685FA7D}"= "C:\WINDOWS\system32\pbfrv2.dll" [2004-03-17 12:22 820736]

[HKEY_CLASSES_ROOT\clsid\{4e7bd74f-2b8d-469e-a0e8-ed6ab685fa7d}]
[HKEY_CLASSES_ROOT\pbfrv2.PBFRV2]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
"{4E7BD74F-2B8D-469E-A0E8-ED6AB685FA7D}"= C:\WINDOWS\system32\pbfrv2.dll [2004-03-17 12:22 820736]

[HKEY_CLASSES_ROOT\clsid\{4e7bd74f-2b8d-469e-a0e8-ed6ab685fa7d}]
[HKEY_CLASSES_ROOT\pbfrv2.PBFRV2]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.exe" [2007-10-18 12:34 5724184]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-05 14:00 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IMJPMIG8.1"="C:\WINDOWS\IME\imjp8_1\IMJPMIG.exe" [2004-08-05 14:00 208952]
"PHIME2002ASync"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe" [2004-08-05 14:00 455168]
"PHIME2002A"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe" [2004-08-05 14:00 455168]
"SynTPLpr"="C:\Program Files\Synaptics\SynTP\SynTPLpr.exe" [2005-03-10 18:44 98394]
"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [2005-03-10 18:43 688218]
"VTTimer"="VTTimer.exe" [2005-03-08 03:33 53248 C:\WINDOWS\system32\VTTimer.exe]
"VTTrayp"="VTtrayp.exe" [2005-09-14 13:47 167936 C:\WINDOWS\system32\VTTrayp.exe]
"STDSB"="C:\WINDOWS\system32\drivers\STDSB.exe" [2003-12-17 16:50 28672]
"SoundMan"="SOUNDMAN.EXE" [2005-08-17 18:39 90112 C:\WINDOWS\SOUNDMAN.EXE]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 05:25 144784]
"PCMService"="c:\Apps\Powercinema\PCMService.exe" [2005-05-11 13:48 127118]
"Creative WebCam Tray"="C:\Program Files\Creative\Shared Files\CAMTRAY.EXE" [2004-07-30 11:04 245760]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2006-08-24 16:46 98304]
"avgnt"="C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2007-12-20 00:02 249896]
"RealTray"="C:\Program Files\Real\RealPlayer\RealPlay.exe" [2006-08-24 16:46 26112]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 23:16 39792]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-05 14:00 15360]

C:\Documents and Settings\angy\Menu D‚marrer\Programmes\D‚marrage\
OpenOffice.org 2.4.lnk - C:\Program Files\OpenOffice.org 2.4\program\quickstart.exe [2008-01-21 15:41:28 393216]

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%ProgramFiles%\\AOL 9.0\\aol.exe"=
"%ProgramFiles%\\UBISOFT\\Splinter Cell Pandora Tomorrow\\logo_ubi.exe"=
"%ProgramFiles%\\UBISOFT\\Splinter Cell Pandora Tomorrow\\pandora.exe"=
"%windir%\\system32\\sessmgr.exe"=
"C:\\APPS\\Inventime\\my.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Program Files\\Ares\\Ares.exe"=
"C:\\APPS\\skype\\phone\\Skype.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=

R2 MTC0007_STDSB;Scroll Bar Driver;C:\WINDOWS\system32\drivers\STDSB.sys [2005-08-25 15:00]
R3 USBSTOR;Pilote de stockage de masse USB;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 23:08]
S2 STDSB;STDSB;C:\WINDOWS\system32\DRIVERS\STDSB.sys [2005-08-25 15:00]
S3 V0090VID;Creative WebCam Vista Plus;C:\WINDOWS\system32\DRIVERS\V0090Vid.sys [2005-04-14 03:00]

*Newly Created Service* - SERIAL
*Newly Created Service* - STDSB
.
**************************************************************************

catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-04-03 19:22:56
Windows 5.1.2600 Service Pack 2 NTFS

Balayage processus cachés ...

Balayage caché autostart entries ...

Balayage des fichiers cachés ...

Scan terminé avec succès
Les fichiers cachés: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\MySqlInventime]
"ImagePath"="c:\mysql\bin\mysqld-max-nt MySqlInventime"
.
Temps d'accomplissement: 2008-04-03 19:23:46
ComboFix-quarantined-files.txt 2008-04-03 17:23:31
Pre-Run: 38,604,226,560 octets libres
Post-Run: 38,591,844,352 octets libres
.
2008-03-11 20:07:04 --- E O F ---

maintenant arrive tu a le supprimer?

bonjour non je narrive pas a la supprimer:(

une autre petite question est ce que le Combifix je l'efface apres ca? merci

oué supprime combofix!!

essaye comme ceci tu met ta clef et supprime le avec ca!
http://bibou0007.com/nettoyeurs-et-optimiseurs-f79/tutorial-delete-doctor-t85(...)

comment je le supprine le combofix je supprime le dossier?
oki je vais essayer ca
merci

oué tu supprime le dossier de toute facon on feras le nettoyage a la fin!

bonjour alors je viens de la faire il me delete succesfull
mais la chanson effacé réaparé
et jai un truc qui apparait attention: Use dos short name: deletedr.exe- fichier endommagé. le fichier ou le répertoire /ma musique/musique etrangere/ à5-mika grace kellY (3)(3) mp3 est endomagé et illisible
exécuter l'utilitaire CHKDSK
voila

essaye de la supprimer simplement en mode sans echec!!

bonjour
aucun changement ca ne fonctionne aps

bonjour tres cher Bibou
je suis parvenue à l'effacer
j'ai branché ma clé usb sur l'ordi de ma coloc et le Norton me l'a effacé!!donc c'est cool

cool
Norton ???
met resolu a ton titre en editant ton premier message merci
a+