Actualité informatique
Test comparatif matériel informatique
Jeux vidéo
Astuces informatique
Vidéo
Télécharger
Services en ligne
Forum informatique
01Business

|-  PRODUITS


|||-  

fichier dll introuvable ...

 

12 utilisateurs inconnus
Ajouter une réponse
 

 
Page photos
 
     
Vider la liste des messages à citer
 
 Page :
1
Auteur
 Sujet :

fichier dll introuvable ...

Prévenir les modérateurs en cas d'abus 
erwin22
erwin22
  1. Posté le 13/05/2008 à 08:37:40  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
bonjour à tous,

 je viens d'acheter un pc et à peine 2 semaines aprés déjà un premier souci. En effet lorsque je démarre mon pc portable j'ai trois messages d'erreur qui s'affichent, impossible de trouver les fichier dll suivant :

 - Users\...\AppData\Local\Temp\h​gGVLFw.dll
 - Users\...\AppData\Local\Temp\s​sqNDwxu.dll
 - Users\...\AppData\Local\Temp\h​jjddqtn.dll

 j'ai fait un scan avec hijackthis mais aprés je ne sais pas ce qui va ou non et ce qu'il faut faire :(

 voici le scan :

 



Logfile of Trend Micro HijackThis v2.0.2
 Scan saved at 10:26:37, on 13/05/2008
 Platform: Windows Vista  (WinNT 6.00.1904)
 MSIE: Internet Explorer v7.00 (7.00.6000.16643)
 Boot mode: Normal

 Running processes:
 C:\Windows\system32\taskeng.ex​e
 C:\Windows\system32\Dwm.exe
 C:\Windows\Explorer.EXE
 C:\Program Files\Windows Defender\MSASCui.exe
 C:\Windows\System32\hkcmd.exe
 C:\Windows\System32\igfxpers.e​xe
 C:\Program Files\Apoint\Apoint.exe
 C:\Program Files\Sony\ISB Utility\ISBMgr.exe
 C:\Program Files\Sony\Marketing Tools\MarketingTools.exe
 C:\Program Files\Java\jre1.6.0_05\bin\jus​ched.exe
 C:\Program Files\Norton Save and Restore\Agent\VProTray.exe
 C:\Program Files\Common Files\Symantec Shared\ccApp.exe
 C:\Windows\system32\igfxsrvc.e​xe
 C:\Windows\WindowsMobile\wmdSy​nc.exe
 C:\Program Files\Picasa2\PicasaMediaDetec​tor.exe
 C:\Program Files\Sony\Network Utility\LANUtil.exe
 C:\Program Files\Windows Live\Messenger\msnmsgr.exe
 C:\Windows\system32\taskeng.ex​e
 C:\Windows\System32\mobsync.ex​e
 C:\Program Files\Sony\VAIO Update 3\VAIOUpdt.exe
 C:\Program Files\Apoint\ApMsgFwd.exe
 C:\Program Files\Apoint\Apntex.exe
 C:\Program Files\Mozilla Firefox\firefox.exe
 C:\Windows\system32\SearchFilt​erHost.exe
 C:\Program Files\Trend Micro\HijackThis\HijackThis.ex​e

 R0 - HKCU\Software\Microsoft\Intern​et Explorer\Main,Start Page = http://www.google.fr/
 R1 - HKLM\Software\Microsoft\Intern​et Explorer\Main,Default_Page_URL = http://www.club-vaio.com
 R1 - HKLM\Software\Microsoft\Intern​et Explorer\Main,Default_Search_U​RL = http://go.microsoft.com/fwlink/?LinkId=54896
 R1 - HKLM\Software\Microsoft\Intern​et Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
 R0 - HKLM\Software\Microsoft\Intern​et Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
 R0 - HKLM\Software\Microsoft\Intern​et Explorer\Search,SearchAssistan​t =
 R0 - HKLM\Software\Microsoft\Intern​et Explorer\Search,CustomizeSearc​h =
 R0 - HKCU\Software\Microsoft\Intern​et Explorer\Toolbar,LinksFolderNa​me =
 O1 - Hosts: ::1 localhost
 O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7​D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\Ac​roIEHelper.dll
 O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A5​3123C75} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.5\Np​pBho.dll
 O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF​1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv​.dll
 O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5​E23E045} - (no file)
 O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-51647​60863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
 O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF105​77473F7} - c:\program files\google\googletoolbar1.dl​l
 O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3​DB8F777} - C:\PROGRA~1\GOOGLE~1\BAE.dll
 O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-00902​7A5CD4F} - c:\program files\google\googletoolbar1.dl​l
 O3 - Toolbar: Afficher Norton Toolbar - {90222687-F593-4738-B738-FBEE9​C7B26DF} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.5\UI​BHO.dll
 O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
 O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.e​xe
 O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
 O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.e​xe
 O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
 O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe
 O4 - HKLM\..\Run: [ISBMgr.exe] "C:\Program Files\Sony\ISB Utility\ISBMgr.exe"
 O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
 O4 - HKLM\..\Run: [MarketingTools] C:\Program Files\Sony\Marketing Tools\MarketingTools.exe
 O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jus​ched.exe"
 O4 - HKLM\..\Run: [Norton Save and Restore 2.0] "C:\Program Files\Norton Save and Restore\Agent\VProTray.exe"
 O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
 O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61​-B58F-2F227FCA9A08}\PIFSvc.exe​" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61​-B58F-2F227FCA9A08}\AlertEng.d​ll"
 O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
 O4 - HKLM\..\Run: [Windows Mobile-based device management] %windir%\WindowsMobile\wmdSync​.exe
 O4 - HKCU\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetec​tor.exe
 O4 - HKCU\..\Run: [NSUFloatingUI] "C:\Program Files\Sony\Network Utility\LANUtil.exe"
 O4 - HKCU\..\Run: [MSServer] rundll32.exe C:\Users\erwin\AppData\Local\T​emp\ssqNDwxu.dll,#1
 O4 - HKCU\..\Run: [cmds] rundll32.exe C:\Users\erwin\AppData\Local\T​emp\hgGVLFvv.dll,c
 O4 - HKCU\..\Run: [025beadd] rundll32.exe "C:\Users\erwin\AppData\Local\​Temp\hjjddqtn.dll",b
 O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
 O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
 O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
 O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
 O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Off​ice12\EXCEL.EXE/3000
 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401​C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv​.dll
 O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401​C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv​.dll
 O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C5​71A8263} - C:\PROGRA~1\MICROS~2\Office12\​REFIEBAR.DLL
 O13 - Gopher Prefix:
 O15 - Trusted Zone: *.canalplay.com
 O15 - Trusted Zone: *.canalplusactive.com
 O15 - Trusted Zone: *.canalplay.com (HKLM)
 O15 - Trusted Zone: *.canalplusactive.com (HKLM)
 O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C​7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKY​PE4~1.DLL
 O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GO​EC62~1.DLL
 O23 - Service: ccEvtMgr - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
 O23 - Service: ccSetMgr - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
 O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
 O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
 O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
 O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.e​xe
 O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\115​0\Intel 32\IDriverT.exe
 O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Common Files\InterVideo\RegMgr\iviReg​Mgr.exe
 O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\​LUCOMS~1.EXE
 O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
 O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61​-B58F-2F227FCA9A08}\PIFSvc.exe
 O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
 O23 - Service: Norton Save and Restore - Symantec Corporation - C:\Program Files\Norton Save and Restore\Agent\VProSvc.exe
 O23 - Service: NSUService - Sony Corporation - C:\Program Files\Sony\Network Utility\NSUService.exe
 O23 - Service: PACSPTISVR - Unknown owner - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
 O23 - Service: Service CANALPLAY - Canal+ Active - C:\Program Files\Lecteur CANALPLAY\CanalPlayService.exe
 O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
 O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
 O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResour​ceManager\VzHardwareResourceMa​nager.exe
 O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
 O23 - Service: VAIO Media Integrated Server (VAIOMediaPlatform-IntegratedS​erver-AppServer) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe
 O23 - Service: VAIO Media Integrated Server (HTTP) (VAIOMediaPlatform-IntegratedS​erver-HTTP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
 O23 - Service: VAIO Media Integrated Server (UPnP) (VAIOMediaPlatform-IntegratedS​erver-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.​exe
 O23 - Service: VAIO Media Gateway Server (VAIOMediaPlatform-Mobile-Gate​way) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe
 O23 - Service: VAIO Media Content Collection (VAIOMediaPlatform-UCLS-AppSer​ver) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\UCLS.exe
 O23 - Service: VAIO Media Content Collection (HTTP) (VAIOMediaPlatform-UCLS-HTTP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
 O23 - Service: VAIO Media Content Collection (UPnP) (VAIOMediaPlatform-UCLS-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.​exe
 O23 - Service: VAIO Content Metadata Intelligent Analyzing Manager (VcmIAlzMgr) - Sony Corporation - C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
 O23 - Service: VAIO Content Metadata XML Interface (VcmXmlIfHelper) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper.e​xe
 O23 - Service: VAIO Entertainment UPnP Client Adapter (Vcsw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
 O23 - Service: VAIO Entertainment Database Service (VzCdbSvc) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
 O23 - Service: VAIO Entertainment File Import Service (VzFw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
 O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xa​udio.exe

 --
 End of file - 11174 bytes




 j'espere que quelqu'un ici aura un peu de temps pour m'aider parcque je ne sais pas quoi faire et j'ai l'impression que mon pc et déjà "virusé"

 merci à ceux qui pourront me donner un coup de main

  1. homepage
bobette-marlow
Assidu (de 10 000 à 19 999 messages postés)
  1. Posté le 13/05/2008 à 10:36:52  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
salut,
 



et j'ai l'impression que mon pc et déjà "virusé"




 tout juste ;)

 Télécharge ComboFix (de sUBs) par un de ces liens :
 http://download.bleepingcomput [...] mboFix.exe
 http://subs.geekstogo.com/ComboFix.exe
 http://www.forospyware.com/sUBs/ComboFix.exe

 - Sauvegarde le sur ton Bureau.
 - Double-clique sur Combofix.exe et suis les instructions.
 - Lorsqu'il aura terminé, un rapport apparaîtra à l'écran (fichier texte).
 - Copie/colle le contenu du rapport dans ta prochaine réponse.

 Le rapport est également sauvegardé ici : C:\ComboFix.txt

 [:fml:8]   Ne pas cliquer dans la fenêtre de Combofix durant l'analyse ;
 ceci provoquerait le gel du programme
[:fml:8]


---------------
>>Surfons Couverts<< en Tutos
(Publicité)
erwin22
  1. Posté le 13/05/2008 à 11:14:50  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
bonjour bobette

 merci beaucoup me consacrer de ton temps

 j'ai effectué le scan et voici le compte rendu :

 



ComboFix 08-05-12.1 - erwin 2008-05-13 13:04:42.1 - NTFSx86
 Microsoft® Windows Vista™ Édition Familiale Premium   6.0.6000.0.1252.1.1036.18.1023 [GMT 2:00]
 Endroit: C:\Users\erwin\Desktop\ComboFi​x.exe
 .

 ((((((((((((((((((((((((((((((​((((((   Autres suppressions   ))))))))))))))))))))))))))))))​))))))))))))))))))
 .

 C:\Windows\system32\x64

 .
 (((((((((((((((((((((((((((((   Fichiers créés 2008-04-13 to 2008-05-13  ))))))))))))))))))))))))))))))​))))))
 .

 Pas de nouveau fichier créé dans cet espace de temps

 .
 ((((((((((((((((((((((((((((((​((((   Compte-rendu de Find3M   ))))))))))))))))))))))))))))))​))))))))))))))))))
 .
 2008-05-13 09:19 --------- d-----w C:\Program Files\TF1Vision
 2008-05-13 08:25 --------- d-----w C:\Program Files\Trend Micro
 2008-05-07 14:10 --------- d-----w C:\ProgramData\Microsoft Help
 2008-05-07 14:02 --------- d-----w C:\Program Files\Microsoft SQL Server
 2008-05-07 10:51 --------- dcsh--w C:\Program Files\Common Files\WindowsLiveInstaller
 2008-05-07 10:51 --------- d-----w C:\Program Files\Windows Live
 2008-05-07 10:42 --------- d-----w C:\ProgramData\WLInstaller
 2008-05-05 10:00 --------- d-----w C:\Program Files\SecureW2
 2008-05-02 08:09 --------- d-----w C:\Program Files\Norton 360
 2008-04-29 09:38 --------- d-----w C:\ProgramData\Symantec
 2008-04-28 10:02 --------- d-----w C:\Program Files\Common Files\Adobe
 2008-04-27 12:02 --------- d-----w C:\ProgramData\Sony Corporation
 2008-04-27 11:42 --------- d-----w C:\Program Files\Java
 2008-04-27 11:40 --------- d-----w C:\Users\erwin\AppData\Roaming​\Sony Corporation
 2008-04-24 21:19 --------- d-----w C:\Users\erwin\AppData\Roaming​\Symantec
 2008-04-23 17:51 --------- d-----w C:\Program Files\Windows Sidebar
 2008-04-23 17:51 --------- d-----w C:\Program Files\Windows Mail
 2008-04-23 17:39 194,560 ----a-w C:\Windows\System32\WebClnt.dl​l
 2008-04-23 17:39 110,080 ----a-w C:\Windows\system32\drivers\mr​xdav.sys
 2008-04-23 17:37 41,984 ----a-w C:\Windows\system32\drivers\mo​nitor.sys
 2008-04-23 17:37 1,060,920 ----a-w C:\Windows\system32\drivers\nt​fs.sys
 2008-04-23 17:36 45,112 ----a-w C:\Windows\system32\drivers\pc​iidex.sys
 2008-04-23 17:36 3,504,696 ----a-w C:\Windows\System32\ntkrnlpa.e​xe
 2008-04-23 17:36 3,470,392 ----a-w C:\Windows\System32\ntoskrnl.e​xe
 2008-04-23 17:36 211,000 ----a-w C:\Windows\system32\drivers\vo​lsnap.sys
 2008-04-23 17:36 21,560 ----a-w C:\Windows\system32\drivers\at​api.sys
 2008-04-23 17:36 17,464 ----a-w C:\Windows\system32\drivers\in​telide.sys
 2008-04-23 17:36 154,624 ----a-w C:\Windows\system32\drivers\nw​ifi.sys
 2008-04-23 17:36 109,624 ----a-w C:\Windows\system32\drivers\at​aport.sys
 2008-04-23 17:35 803,328 ----a-w C:\Windows\system32\drivers\tc​pip.sys
 2008-04-23 17:35 24,064 ----a-w C:\Windows\System32\netcfg.exe
 2008-04-23 17:35 22,016 ----a-w C:\Windows\System32\netiougc.e​xe
 2008-04-23 17:35 216,632 ----a-w C:\Windows\system32\drivers\ne​tio.sys
 2008-04-23 17:35 167,424 ----a-w C:\Windows\System32\tcpipcfg.d​ll
 2008-04-23 17:34 1,327,104 ----a-w C:\Windows\System32\quartz.dll
 2008-04-23 17:33 1,585,664 ----a-w C:\Windows\System32\setupapi.d​ll
 2008-04-23 17:31 2,027,008 ----a-w C:\Windows\System32\win32k.sys
 2008-04-23 17:30 9,728 ----a-w C:\Windows\System32\LAPRXY.DLL
 2008-04-23 17:30 296,448 ----a-w C:\Windows\System32\gdi32.dll
 2008-04-23 17:30 223,232 ----a-w C:\Windows\System32\WMASF.DLL
 2008-04-23 17:30 2,048 ----a-w C:\Windows\System32\asferror.d​ll
 2008-04-23 17:29 57,856 ----a-w C:\Windows\System32\SLUINotify​.dll
 2008-04-23 17:29 566,784 ----a-w C:\Windows\System32\SLCommDlg.​dll
 2008-04-23 17:29 39,936 ----a-w C:\Windows\System32\slcinst.dl​l
 2008-04-23 17:29 351,232 ----a-w C:\Windows\System32\SLUI.exe
 2008-04-23 17:29 33,280 ----a-w C:\Windows\System32\slwmi.dll
 2008-04-23 17:29 268,288 ----a-w C:\Windows\System32\mcbuilder.​exe
 2008-04-23 17:29 223,232 ----a-w C:\Windows\System32\SLC.dll
 2008-04-23 17:29 2,605,568 ----a-w C:\Windows\System32\SLsvc.exe
 2008-04-23 17:29 186,368 ----a-w C:\Windows\System32\SLLUA.exe
 2008-04-23 17:28 537,600 ----a-w C:\Windows\AppPatch\AcLayers.d​ll
 2008-04-23 17:28 449,536 ----a-w C:\Windows\AppPatch\AcSpecfc.d​ll
 2008-04-23 17:28 4,247,552 ----a-w C:\Windows\System32\GameUXLega​cyGDFs.dll
 2008-04-23 17:28 2,560 ----a-w C:\Windows\AppPatch\AcRes.dll
 2008-04-23 17:28 2,144,256 ----a-w C:\Windows\AppPatch\AcGenral.d​ll
 2008-04-23 17:28 173,056 ----a-w C:\Windows\AppPatch\AcXtrnal.d​ll
 2008-04-23 17:28 11,776 ----a-w C:\Windows\System32\sbunattend​.exe
 2008-04-23 17:28 1,686,528 ----a-w C:\Windows\System32\gameux.dll
 2008-04-23 17:24 84,992 ----a-w C:\Windows\system32\drivers\sr​vnet.sys
 2008-04-23 17:24 83,968 ----a-w C:\Windows\System32\dnsrslvr.d​ll
 2008-04-23 17:24 58,368 ----a-w C:\Windows\system32\drivers\mr​xsmb20.sys
 2008-04-23 17:24 24,576 ----a-w C:\Windows\System32\dnscacheug​c.exe
 2008-04-23 17:24 130,048 ----a-w C:\Windows\system32\drivers\sr​v2.sys
 2008-04-23 17:24 101,888 ----a-w C:\Windows\system32\drivers\mr​xsmb.sys
 2008-04-23 17:22 826,368 ----a-w C:\Windows\System32\wininet.dl​l
 2008-04-23 17:22 56,320 ----a-w C:\Windows\System32\iesetup.dl​l
 2008-04-23 17:22 52,736 ----a-w C:\Windows\AppPatch\iebrshim.d​ll
 2008-04-23 17:22 26,624 ----a-w C:\Windows\System32\ieUnatt.ex​e
 2008-04-23 17:19 2,048 ----a-w C:\Windows\System32\tzres.dll
 2008-04-23 17:18 805 ----a-w C:\Windows\system32\drivers\SY​MEVENT.INF
 2008-04-23 17:18 123,952 ----a-w C:\Windows\system32\drivers\SY​MEVENT.SYS
 2008-04-23 17:18 10,740 ----a-w C:\Windows\system32\drivers\SY​MEVENT.CAT
 2008-04-23 17:18 1,244,672 ----a-w C:\Windows\System32\mcmde.dll
 2008-04-23 17:18 --------- d-----w C:\Program Files\Symantec
 2008-04-23 17:16 --------- d-----w C:\Program Files\Common Files\Symantec Shared
 2008-04-23 16:57 53,080 ----a-w C:\Windows\System32\wuauclt.ex​e
 2008-04-23 16:57 43,352 ----a-w C:\Windows\System32\wups2.dll
 2008-04-23 16:57 1,712,984 ----a-w C:\Windows\System32\wuaueng.dl​l
 2008-04-23 16:57 1,524,224 ----a-w C:\Windows\System32\wucltux.dl​l
 2008-04-23 16:56 80,896 ----a-w C:\Windows\System32\wudriver.d​ll
 2008-04-23 16:56 549,720 ----a-w C:\Windows\System32\wuapi.dll
 2008-04-23 16:56 33,624 ----a-w C:\Windows\System32\wups.dll
 2008-04-23 16:56 31,232 ----a-w C:\Windows\System32\wuapp.exe
 2008-04-23 16:56 163,000 ----a-w C:\Windows\System32\wuwebv.dll
 2008-04-23 15:55 0 ---ha-r C:\Windows\system32\drivers\So​ny_VGN-NR21ES.mrk
 2007-11-07 10:50 174 --sha-w C:\Program Files\desktop.ini
 .

 ------- Sigcheck -------

 .
 ((((((((((((((((((((((((((((((​(((   Point de chargement Reg   ))))))))))))))))))))))))))))))​)))))))))))))))))))
 .
 .
 REGEDIT4
 *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

 [HKEY_CURRENT_USER\SOFTWARE\Mic​rosoft\Windows\CurrentVersion\​Run]
 "Picasa Media Detector"="C:\Program Files\Picasa2\PicasaMediaDetec​tor.exe" [2007-09-12 02:29 443968]
 "NSUFloatingUI"="C:\Program Files\Sony\Network Utility\LANUtil.exe" [2008-01-16 14:44 253952]
 "MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.exe" [2007-10-18 11:34 5724184]

 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows\CurrentVersion​\Run]
 "Windows Defender"="C:\Program Files\Windows Defender\MSASCui.exe" [2007-11-07 12:06 1006264]
 "IgfxTray"="C:\Windows\system3​2\igfxtray.exe" [2007-09-20 02:06 141848]
 "HotKeysCmds"="C:\Windows\syst​em32\hkcmd.exe" [2007-09-20 02:03 154136]
 "Persistence"="C:\Windows\syst​em32\igfxpers.exe" [2007-09-20 02:04 137752]
 "RtHDVCpl"="RtHDVCpl.exe" [2007-08-25 02:06 4669440 C:\Windows\RtHDVCpl.exe]
 "Apoint"="C:\Program Files\Apoint\Apoint.exe" [2007-06-10 02:12 118784]
 "ISBMgr.exe"="C:\Program Files\Sony\ISB Utility\ISBMgr.exe" [2007-09-19 12:09 311296]
 "Google Desktop Search"="C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" [2007-11-07 15:21 1838592]
 "MarketingTools"="C:\Program Files\Sony\Marketing Tools\MarketingTools.exe" [2007-11-07 15:23 36864]
 "SunJavaUpdateSched"="C:\Progr​am Files\Java\jre1.6.0_05\bin\jus​ched.exe" [2008-02-22 04:25 144784]
 "Norton Save and Restore 2.0"="C:\Program Files\Norton Save and Restore\Agent\VProTray.exe" [2007-02-13 19:57 2020968]
 "ccApp"="C:\Program Files\Common Files\Symantec Shared\ccApp.exe" [2007-10-15 23:05 115816]
 "Symantec PIF AlertEng"="C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61​-B58F-2F227FCA9A08}\PIFSvc.exe​" [2008-01-29 17:38 583048]
 "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 22:16 39792]
 "Windows Mobile-based device management"="%windir%\WindowsM​obile\wmdSync.exe" [ ]
 "e-TF1"="C:\Program Files\TF1Vision\TF1vision.exe" [2008-03-05 12:47 397312]

 [HKEY_LOCAL_MACHINE\software\mi​crosoft\windows nt\currentversion\winlogon\notify\VESWinlogon]
 VESWinlogon.dll 2007-08-14 21:05 98304 C:\Windows\System32\VESWinlogo​n.dll

 [HKEY_LOCAL_MACHINE\software\mi​crosoft\windows nt\currentversion\windows]
 "AppInit_DLLs"=C:\PROGRA~1\Goo​gle\GOOGLE~1\GOEC62~1.DLL

 [HKEY_LOCAL_MACHINE\software\mi​crosoft\windows nt\currentversion\drivers32]
 "VIDC.dvsd"= C:\Program Files\Common Files\Sony Shared\VideoLib\sonydv.dll

 [HKEY_LOCAL_MACHINE\software\mi​crosoft\security center\Monitoring]
 "DisableMonitoring"=dword:0000​0001

 [HKEY_LOCAL_MACHINE\software\mi​crosoft\security center\Monitoring\SymantecAntiVirus]
 "DisableMonitoring"=dword:0000​0001

 [HKEY_LOCAL_MACHINE\software\mi​crosoft\security center\Monitoring\SymantecFirewall]
 "DisableMonitoring"=dword:0000​0001

 [HKLM\~\services\sharedaccess\p​arameters\firewallpolicy\Domai​nProfile]
 "EnableFirewall"= 0 (0x0)

 [HKLM\~\services\sharedaccess\p​arameters\firewallpolicy\Firew​allRules]
 "{5ABB37D4-82AB-4818-AB83-F085​76E5DB98}"= TCP:6004|C:\Program Files\Microsoft Office\Office12\outlook.exe:Mi​crosoft Office Outlook
 "{837474FD-159D-4680-A92E-3B07​4A5E262D}"= Disabled:UDP:C:\Program Files\Sony\VAIO Media 6.0\Vc.exe:[VAIO Media] VAIO Media
 "{6C1BB821-BD42-465B-BFAD-DE25​D53FAB3D}"= Disabled:TCP:C:\Program Files\Sony\VAIO Media 6.0\Vc.exe:[VAIO Media] VAIO Media
 "{36DEE54B-E3B1-4278-BAAC-5D19​ABA988E9}"= UDP:990:LocalSubnet:LocalSubne​t|IF={EF154067-1BA2-475A-9C0B-​167851436332}|%SystemRoot%\sys​tem32\svchost.exe|Svc=rapimgr:​@%systemroot%\WindowsMobile\wm​dSync.exe,-4001
 "{EDEB93E4-55BF-492D-BBAA-A99D​11734270}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Wi​ndows Live Messenger (Phone)

 [HKLM\~\services\sharedaccess\p​arameters\firewallpolicy\Publi​cProfile]
 "EnableFirewall"= 0 (0x0)

 [HKLM\~\services\sharedaccess\p​arameters\firewallpolicy\Restr​ictedServices\Static\System]
 "DFSR-1"= RPort=5722|UDP:%SystemRoot%\sy​stem32\svchost.exe|Svc=DFSR:Al​low inbound TCP traffic|

 [HKLM\~\services\sharedaccess\p​arameters\firewallpolicy\Stand​ardProfile]
 "EnableFirewall"= 0 (0x0)

 R1 IDSvix86;Symantec Intrusion Prevention Driver;C:\PROGRA~2\Symantec\DE​FINI~1\SymcData\idsdefs\200805​08.002\IDSvix86.sys [2008-04-04 18:48]
 R2 BcmSqlStartupSvc;Service de démarrage SQL Server pour le Gestionnaire de contacts professionnels;"C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe" [2008-01-16 09:46]
 R2 Norton Save and Restore;Norton Save and Restore;C:\Program Files\Norton Save and Restore\Agent\VProSvc.exe [2007-02-13 19:57]
 R2 NSUService;NSUService;"C:\Prog​ram Files\Sony\Network Utility\NSUService.exe" [2008-01-16 12:49]
 R2 RapiMgr;Connectivité de l'appareil Windows Mobile;C:\Windows\system32\svc​host.exe [2006-11-02 11:45]
 R2 regi;regi;C:\Windows\system32\​drivers\regi.sys [2007-04-17 21:09]
 R2 SQLWriter;Enregistreur VSS SQL Server;"C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe​" [2007-02-10 05:29]
 R2 WcesComm;Connectivité de l'appareil Windows Mobile 2003;C:\Windows\system32\svcho​st.exe [2006-11-02 11:45]
 R2 XAudio;XAudio;C:\Windows\syste​m32\DRIVERS\xaudio.sys [2007-09-20 02:17]
 R3 athr;Atheros Extensible Wireless LAN device driver;C:\Windows\system32\DRI​VERS\athr.sys [2007-12-06 13:40]
 R3 igfx;igfx;C:\Windows\system32\​DRIVERS\igdkmd32.sys [2007-09-20 02:04]
 R3 SFEP;Sony Firmware Extension Parser;C:\Windows\system32\DRI​VERS\SFEP.sys [2007-08-29 03:58]
 R3 SYMNDISV;SYMNDISV;C:\Windows\s​ystem32\Drivers\SYMNDISV.SYS [2007-10-15 23:05]
 R3 ti21sony;ti21sony;C:\Windows\s​ystem32\drivers\ti21sony.sys [2007-06-06 02:00]
 R3 yukonwlh;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\system32​\DRIVERS\yk60x86.sys [2007-09-20 02:16]
 S3 MSSQL$MSSMLBIZ;SQL Server (MSSMLBIZ);"C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqls​ervr.exe" -sMSSMLBIZ []
 S3 Service CANALPLAY;Service CANALPLAY;"C:\Program Files\Lecteur CANALPLAY\CanalPlayService.exe​" [2007-07-09 16:53]
 S3 VAIOMediaPlatform-UCLS-AppServ​er;VAIO Media Content Collection;C:\Program Files\Sony\VAIO Media Integrated Server\UCLS.exe [2007-01-10 17:51]
 S3 VAIOMediaPlatform-UCLS-HTTP;VA​IO Media Content Collection (HTTP);"C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe" /Service=VAIOMediaPlatform-UCL​S-HTTP /RegRoot="SOFTWARE\Sony Corporation\VAIO Media Platform\2.0" /RegExt="\Applications\UCLS\HT​TP" []
 S3 VAIOMediaPlatform-UCLS-UPnP;VA​IO Media Content Collection (UPnP);C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.​exe [2007-06-20 16:34]
 S3 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager;"C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe" [2007-09-28 22:11]
 S3 VcmXmlIfHelper;VAIO Content Metadata XML Interface;"C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper.e​xe" [2007-09-20 19:52]

 [HKEY_LOCAL_MACHINE\software\mi​crosoft\windows nt\currentversion\svchost]
 WindowsMobile REG_MULTI_SZ    wcescomm rapimgr
 LocalServiceRestricted REG_MULTI_SZ    WcesComm RapiMgr

 *Newly Created Service* - CATCHME
 *Newly Created Service* - COMHOST
 .
 ******************************​******************************​**************

 catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
 Rootkit scan 2008-05-13 13:08:19
 Windows 6.0.6000  NTFS

 Balayage processus cachés ...

 Balayage caché autostart entries ...

 Balayage des fichiers cachés ...

 Scan terminé avec succès
 Les fichiers cachés: 0

 ******************************​******************************​**************
 .
 Temps d'accomplissement: 2008-05-13 13:09:48
 ComboFix-quarantined-files.txt  2008-05-13 11:09:37

Le texte du message associé au numéro 0x2379 est introuvable dans le fichier de messages pour Application.

Le texte du message associé au numéro 0x2379 est introuvable dans le fichier de messages pour Application.

 198 --- E O F --- 2008-05-11 09:02:34




 ca ne me parle pas du tout  :chepa:

  1. homepage
bobette-marlow
Assidu (de 10 000 à 19 999 messages postés)
  1. Posté le 13/05/2008 à 11:43:49  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
Copie (Ctrl+C) le texte se situant dans le cadre ci-dessous :

 
 



File::
 C:\Users\erwin\AppData\Local\T​emp\ssqNDwxu.dll
 C:\Users\erwin\AppData\Local\T​emp\hgGVLFvv.dll
 C:\Users\erwin\AppData\Local\T​emp\hjjddqtn.dll

 Registry::
 [HKEY_CURRENT_USER\software\mic​rosoft\windows\currentversion\​run]
 "MSServer"=-
 "cmds"=-
 "025beadd"=-




 Ouvre le Bloc-Notes puis colle (Ctrl+V) le texte que tu as copié.
 (Démarrer\Tous les programmes\Accessoires\Bloc notes.)
 Sauvegarde ce fichier sous le nom de CFScript.txt

 Glisse maintenant le fichier ComboFix-Do.txt dans Combofix.exe comme ci-dessous :
 http://i266.photobucket.com/al​bums/ii277/sUBs_/CFScript.gif
 Une fenêtre bleue va apparaître avec ce message "Type 1 to continue, or 2 to abort" , tape 1 puis valide .
 Ton Bureau va disparaître à plusieurs reprises, pas d'inquiétude c'est normal, ne touche surtout à rien pendant le scan de Combofix.

 Une fois le scan terminé, poste le contenu du rapport obtenu.
 avec un nouveau rapport hijackthis.


---------------
>>Surfons Couverts<< en Tutos
erwin22
  1. Posté le 14/05/2008 à 07:08:46  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
bonjour,

 j'ai fait glissé le fichier CFScript.txt sur combofix.exe mais je n'ai pas eu à taper "1"

 Combofix m'a refait un rapport, le voici :

 



ComboFix 08-05-12.1 - erwin 2008-05-14  8:50:01.3 - NTFSx86
 Microsoft® Windows Vista™ Édition Familiale Premium   6.0.6000.0.1252.1.1036.18.1100 [GMT 2:00]
 Endroit: C:\Users\erwin\Desktop\ComboFi​x.exe
 Command switches used :: C:\Users\erwin\Desktop\CFScrip​t.txt
 * Création d'un nouveau point de restauration

 FILE ::
 C:\Users\erwin\AppData\Local\T​emp\hgGVLFvv.dll
 C:\Users\erwin\AppData\Local\T​emp\hjjddqtn.dll
 C:\Users\erwin\AppData\Local\T​emp\ssqNDwxu.dll
 .

 (((((((((((((((((((((((((((((   Fichiers créés 2008-04-14 to 2008-05-14  ))))))))))))))))))))))))))))))​))))))
 .

 Pas de nouveau fichier créé dans cet espace de temps

 .
 ((((((((((((((((((((((((((((((​((((   Compte-rendu de Find3M   ))))))))))))))))))))))))))))))​))))))))))))))))))
 .
 2008-05-13 09:19 --------- d-----w C:\Program Files\TF1Vision
 2008-05-13 08:25 --------- d-----w C:\Program Files\Trend Micro
 2008-05-07 14:10 --------- d-----w C:\ProgramData\Microsoft Help
 2008-05-07 14:02 --------- d-----w C:\Program Files\Microsoft SQL Server
 2008-05-07 10:51 --------- dcsh--w C:\Program Files\Common Files\WindowsLiveInstaller
 2008-05-07 10:51 --------- d-----w C:\Program Files\Windows Live
 2008-05-07 10:42 --------- d-----w C:\ProgramData\WLInstaller
 2008-05-05 10:00 --------- d-----w C:\Program Files\SecureW2
 2008-05-02 08:09 --------- d-----w C:\Program Files\Norton 360
 2008-04-29 09:38 --------- d-----w C:\ProgramData\Symantec
 2008-04-28 10:02 --------- d-----w C:\Program Files\Common Files\Adobe
 2008-04-27 12:02 --------- d-----w C:\ProgramData\Sony Corporation
 2008-04-27 11:42 --------- d-----w C:\Program Files\Java
 2008-04-27 11:40 --------- d-----w C:\Users\erwin\AppData\Roaming​\Sony Corporation
 2008-04-24 21:19 --------- d-----w C:\Users\erwin\AppData\Roaming​\Symantec
 2008-04-23 17:51 --------- d-----w C:\Program Files\Windows Sidebar
 2008-04-23 17:51 --------- d-----w C:\Program Files\Windows Mail
 2008-04-23 17:39 194,560 ----a-w C:\Windows\System32\WebClnt.dl​l
 2008-04-23 17:39 110,080 ----a-w C:\Windows\system32\drivers\mr​xdav.sys
 2008-04-23 17:37 41,984 ----a-w C:\Windows\system32\drivers\mo​nitor.sys
 2008-04-23 17:37 1,060,920 ----a-w C:\Windows\system32\drivers\nt​fs.sys
 2008-04-23 17:36 45,112 ----a-w C:\Windows\system32\drivers\pc​iidex.sys
 2008-04-23 17:36 3,504,696 ----a-w C:\Windows\System32\ntkrnlpa.e​xe
 2008-04-23 17:36 3,470,392 ----a-w C:\Windows\System32\ntoskrnl.e​xe
 2008-04-23 17:36 211,000 ----a-w C:\Windows\system32\drivers\vo​lsnap.sys
 2008-04-23 17:36 21,560 ----a-w C:\Windows\system32\drivers\at​api.sys
 2008-04-23 17:36 17,464 ----a-w C:\Windows\system32\drivers\in​telide.sys
 2008-04-23 17:36 154,624 ----a-w C:\Windows\system32\drivers\nw​ifi.sys
 2008-04-23 17:36 109,624 ----a-w C:\Windows\system32\drivers\at​aport.sys
 2008-04-23 17:35 803,328 ----a-w C:\Windows\system32\drivers\tc​pip.sys
 2008-04-23 17:35 24,064 ----a-w C:\Windows\System32\netcfg.exe
 2008-04-23 17:35 22,016 ----a-w C:\Windows\System32\netiougc.e​xe
 2008-04-23 17:35 216,632 ----a-w C:\Windows\system32\drivers\ne​tio.sys
 2008-04-23 17:35 167,424 ----a-w C:\Windows\System32\tcpipcfg.d​ll
 2008-04-23 17:34 1,327,104 ----a-w C:\Windows\System32\quartz.dll
 2008-04-23 17:33 1,585,664 ----a-w C:\Windows\System32\setupapi.d​ll
 2008-04-23 17:31 2,027,008 ----a-w C:\Windows\System32\win32k.sys
 2008-04-23 17:30 9,728 ----a-w C:\Windows\System32\LAPRXY.DLL
 2008-04-23 17:30 296,448 ----a-w C:\Windows\System32\gdi32.dll
 2008-04-23 17:30 223,232 ----a-w C:\Windows\System32\WMASF.DLL
 2008-04-23 17:30 2,048 ----a-w C:\Windows\System32\asferror.d​ll
 2008-04-23 17:29 57,856 ----a-w C:\Windows\System32\SLUINotify​.dll
 2008-04-23 17:29 566,784 ----a-w C:\Windows\System32\SLCommDlg.​dll
 2008-04-23 17:29 39,936 ----a-w C:\Windows\System32\slcinst.dl​l
 2008-04-23 17:29 351,232 ----a-w C:\Windows\System32\SLUI.exe
 2008-04-23 17:29 33,280 ----a-w C:\Windows\System32\slwmi.dll
 2008-04-23 17:29 268,288 ----a-w C:\Windows\System32\mcbuilder.​exe
 2008-04-23 17:29 223,232 ----a-w C:\Windows\System32\SLC.dll
 2008-04-23 17:29 2,605,568 ----a-w C:\Windows\System32\SLsvc.exe
 2008-04-23 17:29 186,368 ----a-w C:\Windows\System32\SLLUA.exe
 2008-04-23 17:28 537,600 ----a-w C:\Windows\AppPatch\AcLayers.d​ll
 2008-04-23 17:28 449,536 ----a-w C:\Windows\AppPatch\AcSpecfc.d​ll
 2008-04-23 17:28 4,247,552 ----a-w C:\Windows\System32\GameUXLega​cyGDFs.dll
 2008-04-23 17:28 2,560 ----a-w C:\Windows\AppPatch\AcRes.dll
 2008-04-23 17:28 2,144,256 ----a-w C:\Windows\AppPatch\AcGenral.d​ll
 2008-04-23 17:28 173,056 ----a-w C:\Windows\AppPatch\AcXtrnal.d​ll
 2008-04-23 17:28 11,776 ----a-w C:\Windows\System32\sbunattend​.exe
 2008-04-23 17:28 1,686,528 ----a-w C:\Windows\System32\gameux.dll
 2008-04-23 17:24 84,992 ----a-w C:\Windows\system32\drivers\sr​vnet.sys
 2008-04-23 17:24 83,968 ----a-w C:\Windows\System32\dnsrslvr.d​ll
 2008-04-23 17:24 58,368 ----a-w C:\Windows\system32\drivers\mr​xsmb20.sys
 2008-04-23 17:24 24,576 ----a-w C:\Windows\System32\dnscacheug​c.exe
 2008-04-23 17:24 130,048 ----a-w C:\Windows\system32\drivers\sr​v2.sys
 2008-04-23 17:24 101,888 ----a-w C:\Windows\system32\drivers\mr​xsmb.sys
 2008-04-23 17:22 826,368 ----a-w C:\Windows\System32\wininet.dl​l
 2008-04-23 17:22 56,320 ----a-w C:\Windows\System32\iesetup.dl​l
 2008-04-23 17:22 52,736 ----a-w C:\Windows\AppPatch\iebrshim.d​ll
 2008-04-23 17:22 26,624 ----a-w C:\Windows\System32\ieUnatt.ex​e
 2008-04-23 17:19 2,048 ----a-w C:\Windows\System32\tzres.dll
 2008-04-23 17:18 805 ----a-w C:\Windows\system32\drivers\SY​MEVENT.INF
 2008-04-23 17:18 123,952 ----a-w C:\Windows\system32\drivers\SY​MEVENT.SYS
 2008-04-23 17:18 10,740 ----a-w C:\Windows\system32\drivers\SY​MEVENT.CAT
 2008-04-23 17:18 1,244,672 ----a-w C:\Windows\System32\mcmde.dll
 2008-04-23 17:18 --------- d-----w C:\Program Files\Symantec
 2008-04-23 17:16 --------- d-----w C:\Program Files\Common Files\Symantec Shared
 2008-04-23 16:57 53,080 ----a-w C:\Windows\System32\wuauclt.ex​e
 2008-04-23 16:57 43,352 ----a-w C:\Windows\System32\wups2.dll
 2008-04-23 16:57 1,712,984 ----a-w C:\Windows\System32\wuaueng.dl​l
 2008-04-23 16:57 1,524,224 ----a-w C:\Windows\System32\wucltux.dl​l
 2008-04-23 16:56 80,896 ----a-w C:\Windows\System32\wudriver.d​ll
 2008-04-23 16:56 549,720 ----a-w C:\Windows\System32\wuapi.dll
 2008-04-23 16:56 33,624 ----a-w C:\Windows\System32\wups.dll
 2008-04-23 16:56 31,232 ----a-w C:\Windows\System32\wuapp.exe
 2008-04-23 16:56 163,000 ----a-w C:\Windows\System32\wuwebv.dll
 2008-04-23 15:55 0 ---ha-r C:\Windows\system32\drivers\So​ny_VGN-NR21ES.mrk
 2007-11-07 10:50 174 --sha-w C:\Program Files\desktop.ini
 .

 ------- Sigcheck -------

 .
 (((((((((((((((((((((((((((((   snapshot@2008-05-13_13.09.11.2​5   ))))))))))))))))))))))))))))))​)))))))))))
 .
 - 2008-05-13 08:13:56 67,584 --s-a-w C:\Windows\bootstat.dat
 + 2008-05-14 06:41:39 67,584 --s-a-w C:\Windows\bootstat.dat
 - 2008-05-13 08:13:58 2,048 --sha-w C:\Windows\ServiceProfiles\Loc​alService\AppData\Local\lastal​ive0.dat
 + 2008-05-14 06:41:41 2,048 --sha-w C:\Windows\ServiceProfiles\Loc​alService\AppData\Local\lastal​ive0.dat
 - 2008-05-13 08:13:58 2,048 --sha-w C:\Windows\ServiceProfiles\Loc​alService\AppData\Local\lastal​ive1.dat
 + 2008-05-14 06:41:41 2,048 --sha-w C:\Windows\ServiceProfiles\Loc​alService\AppData\Local\lastal​ive1.dat
 - 2008-05-13 10:29:16 262,144 ----a-w C:\Windows\ServiceProfiles\Loc​alService\AppData\Local\Micros​oft\Windows\usrclass.dat
 + 2008-05-14 06:44:43 262,144 ----a-w C:\Windows\ServiceProfiles\Loc​alService\AppData\Local\Micros​oft\Windows\usrclass.dat
 - 2008-05-13 10:03:02 262,144 --sha-w C:\Windows\ServiceProfiles\Loc​alService\NTUSER.DAT
 + 2008-05-14 06:43:46 262,144 --sha-w C:\Windows\ServiceProfiles\Loc​alService\NTUSER.DAT
 - 2008-05-13 11:03:02 262,144 ----a-w C:\Windows\ServiceProfiles\Net​workService\AppData\Local\Micr​osoft\Windows\usrclass.dat
 + 2008-05-14 06:49:10 262,144 ----a-w C:\Windows\ServiceProfiles\Net​workService\AppData\Local\Micr​osoft\Windows\usrclass.dat
 - 2008-05-13 10:02:31 262,144 --sha-w C:\Windows\ServiceProfiles\Net​workService\NTUSER.DAT
 + 2008-05-14 06:43:40 262,144 --sha-w C:\Windows\ServiceProfiles\Net​workService\NTUSER.DAT
 - 2008-05-13 08:34:29 16,384 --sha-w C:\Windows\System32\config\sys​temprofile\AppData\Local\Micro​soft\Windows\History\History.I​E5\index.dat
 + 2008-05-13 12:34:29 16,384 --sha-w C:\Windows\System32\config\sys​temprofile\AppData\Local\Micro​soft\Windows\History\History.I​E5\index.dat
 - 2008-05-13 08:34:29 32,768 --sha-w C:\Windows\System32\config\sys​temprofile\AppData\Local\Micro​soft\Windows\Temporary Internet Files\Content.IE5\index.dat
 + 2008-05-13 12:34:29 32,768 --sha-w C:\Windows\System32\config\sys​temprofile\AppData\Local\Micro​soft\Windows\Temporary Internet Files\Content.IE5\index.dat
 - 2008-05-13 08:34:29 32,768 --sha-w C:\Windows\System32\config\sys​temprofile\AppData\Roaming\Mic​rosoft\Windows\Cookies\index.d​at
 + 2008-05-13 12:34:29 32,768 --sha-w C:\Windows\System32\config\sys​temprofile\AppData\Roaming\Mic​rosoft\Windows\Cookies\index.d​at
 - 2008-05-13 10:07:12 121,446 ----a-w C:\Windows\System32\perfc009.d​at
 + 2008-05-14 06:50:02 121,446 ----a-w C:\Windows\System32\perfc009.d​at
 - 2008-05-13 10:07:12 140,414 ----a-w C:\Windows\System32\perfc00C.d​at
 + 2008-05-14 06:50:02 140,414 ----a-w C:\Windows\System32\perfc00C.d​at
 - 2008-05-13 10:07:12 656,850 ----a-w C:\Windows\System32\perfh009.d​at
 + 2008-05-14 06:50:02 656,850 ----a-w C:\Windows\System32\perfh009.d​at
 - 2008-05-13 10:07:12 745,318 ----a-w C:\Windows\System32\perfh00C.d​at
 + 2008-05-14 06:50:03 745,318 ----a-w C:\Windows\System32\perfh00C.d​at
 - 2008-05-13 08:15:58 5,846 ----a-w C:\Windows\System32\WDI\{86432​a0b-3c7d-4ddf-a89c-172faa90485​d}\S-1-5-21-2026833119-6291118​4-588335445-1003_UserData.bin
 + 2008-05-14 06:43:54 5,882 ----a-w C:\Windows\System32\WDI\{86432​a0b-3c7d-4ddf-a89c-172faa90485​d}\S-1-5-21-2026833119-6291118​4-588335445-1003_UserData.bin
 - 2008-05-13 08:15:57 59,570 ----a-w C:\Windows\System32\WDI\BootPe​rformanceDiagnostics_SystemDat​a.bin
 + 2008-05-14 06:43:53 59,610 ----a-w C:\Windows\System32\WDI\BootPe​rformanceDiagnostics_SystemDat​a.bin
 .
 -- Snapshot reset to current date --
 .
 ((((((((((((((((((((((((((((((​(((   Point de chargement Reg   ))))))))))))))))))))))))))))))​)))))))))))))))))))
 .
 .
 REGEDIT4
 *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

 [HKEY_CURRENT_USER\SOFTWARE\Mic​rosoft\Windows\CurrentVersion\​Run]
 "Picasa Media Detector"="C:\Program Files\Picasa2\PicasaMediaDetec​tor.exe" [2007-09-12 02:29 443968]
 "NSUFloatingUI"="C:\Program Files\Sony\Network Utility\LANUtil.exe" [2008-01-16 14:44 253952]
 "MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.exe" [2007-10-18 11:34 5724184]

 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows\CurrentVersion​\Run]
 "Windows Defender"="C:\Program Files\Windows Defender\MSASCui.exe" [2007-11-07 12:06 1006264]
 "IgfxTray"="C:\Windows\system3​2\igfxtray.exe" [2007-09-20 02:06 141848]
 "HotKeysCmds"="C:\Windows\syst​em32\hkcmd.exe" [2007-09-20 02:03 154136]
 "Persistence"="C:\Windows\syst​em32\igfxpers.exe" [2007-09-20 02:04 137752]
 "RtHDVCpl"="RtHDVCpl.exe" [2007-08-25 02:06 4669440 C:\Windows\RtHDVCpl.exe]
 "Apoint"="C:\Program Files\Apoint\Apoint.exe" [2007-06-10 02:12 118784]
 "ISBMgr.exe"="C:\Program Files\Sony\ISB Utility\ISBMgr.exe" [2007-09-19 12:09 311296]
 "Google Desktop Search"="C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" [2007-11-07 15:21 1838592]
 "MarketingTools"="C:\Program Files\Sony\Marketing Tools\MarketingTools.exe" [2007-11-07 15:23 36864]
 "SunJavaUpdateSched"="C:\Progr​am Files\Java\jre1.6.0_05\bin\jus​ched.exe" [2008-02-22 04:25 144784]
 "Norton Save and Restore 2.0"="C:\Program Files\Norton Save and Restore\Agent\VProTray.exe" [2007-02-13 19:57 2020968]
 "ccApp"="C:\Program Files\Common Files\Symantec Shared\ccApp.exe" [2007-10-15 23:05 115816]
 "Symantec PIF AlertEng"="C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61​-B58F-2F227FCA9A08}\PIFSvc.exe​" [2008-01-29 17:38 583048]
 "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 22:16 39792]
 "Windows Mobile-based device management"="%windir%\WindowsM​obile\wmdSync.exe" [ ]
 "e-TF1"="C:\Program Files\TF1Vision\TF1vision.exe" [2008-03-05 12:47 397312]

 [HKEY_LOCAL_MACHINE\software\mi​crosoft\windows nt\currentversion\winlogon\notify\VESWinlogon]
 VESWinlogon.dll 2007-08-14 21:05 98304 C:\Windows\System32\VESWinlogo​n.dll

 [HKEY_LOCAL_MACHINE\software\mi​crosoft\windows nt\currentversion\windows]
 "AppInit_DLLs"=C:\PROGRA~1\Goo​gle\GOOGLE~1\GOEC62~1.DLL

 [HKEY_LOCAL_MACHINE\software\mi​crosoft\windows nt\currentversion\drivers32]
 "VIDC.dvsd"= C:\Program Files\Common Files\Sony Shared\VideoLib\sonydv.dll

 [HKEY_LOCAL_MACHINE\software\mi​crosoft\security center\Monitoring]
 "DisableMonitoring"=dword:0000​0001

 [HKEY_LOCAL_MACHINE\software\mi​crosoft\security center\Monitoring\SymantecAntiVirus]
 "DisableMonitoring"=dword:0000​0001

 [HKEY_LOCAL_MACHINE\software\mi​crosoft\security center\Monitoring\SymantecFirewall]
 "DisableMonitoring"=dword:0000​0001

 [HKLM\~\services\sharedaccess\p​arameters\firewallpolicy\Domai​nProfile]
 "EnableFirewall"= 0 (0x0)

 [HKLM\~\services\sharedaccess\p​arameters\firewallpolicy\Firew​allRules]
 "{5ABB37D4-82AB-4818-AB83-F085​76E5DB98}"= TCP:6004|C:\Program Files\Microsoft Office\Office12\outlook.exe:Mi​crosoft Office Outlook
 "{837474FD-159D-4680-A92E-3B07​4A5E262D}"= Disabled:UDP:C:\Program Files\Sony\VAIO Media 6.0\Vc.exe:[VAIO Media] VAIO Media
 "{6C1BB821-BD42-465B-BFAD-DE25​D53FAB3D}"= Disabled:TCP:C:\Program Files\Sony\VAIO Media 6.0\Vc.exe:[VAIO Media] VAIO Media
 "{36DEE54B-E3B1-4278-BAAC-5D19​ABA988E9}"= UDP:990:LocalSubnet:LocalSubne​t|IF={EF154067-1BA2-475A-9C0B-​167851436332}|%SystemRoot%\sys​tem32\svchost.exe|Svc=rapimgr:​@%systemroot%\WindowsMobile\wm​dSync.exe,-4001
 "{EDEB93E4-55BF-492D-BBAA-A99D​11734270}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Wi​ndows Live Messenger (Phone)

 [HKLM\~\services\sharedaccess\p​arameters\firewallpolicy\Publi​cProfile]
 "EnableFirewall"= 0 (0x0)

 [HKLM\~\services\sharedaccess\p​arameters\firewallpolicy\Restr​ictedServices\Static\System]
 "DFSR-1"= RPort=5722|UDP:%SystemRoot%\sy​stem32\svchost.exe|Svc=DFSR:Al​low inbound TCP traffic|

 [HKLM\~\services\sharedaccess\p​arameters\firewallpolicy\Stand​ardProfile]
 "EnableFirewall"= 0 (0x0)

 R1 IDSvix86;Symantec Intrusion Prevention Driver;C:\PROGRA~2\Symantec\DE​FINI~1\SymcData\idsdefs\200805​08.002\IDSvix86.sys [2008-04-04 18:48]
 R2 BcmSqlStartupSvc;Service de démarrage SQL Server pour le Gestionnaire de contacts professionnels;"C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe" [2008-01-16 09:46]
 R2 Norton Save and Restore;Norton Save and Restore;C:\Program Files\Norton Save and Restore\Agent\VProSvc.exe [2007-02-13 19:57]
 R2 NSUService;NSUService;"C:\Prog​ram Files\Sony\Network Utility\NSUService.exe" [2008-01-16 12:49]
 R2 RapiMgr;Connectivité de l'appareil Windows Mobile;C:\Windows\system32\svc​host.exe [2006-11-02 11:45]
 R2 regi;regi;C:\Windows\system32\​drivers\regi.sys [2007-04-17 21:09]
 R2 SQLWriter;Enregistreur VSS SQL Server;"C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe​" [2007-02-10 05:29]
 R2 WcesComm;Connectivité de l'appareil Windows Mobile 2003;C:\Windows\system32\svcho​st.exe [2006-11-02 11:45]
 R2 XAudio;XAudio;C:\Windows\syste​m32\DRIVERS\xaudio.sys [2007-09-20 02:17]
 R3 athr;Atheros Extensible Wireless LAN device driver;C:\Windows\system32\DRI​VERS\athr.sys [2007-12-06 13:40]
 R3 igfx;igfx;C:\Windows\system32\​DRIVERS\igdkmd32.sys [2007-09-20 02:04]
 R3 SFEP;Sony Firmware Extension Parser;C:\Windows\system32\DRI​VERS\SFEP.sys [2007-08-29 03:58]
 R3 SYMNDISV;SYMNDISV;C:\Windows\s​ystem32\Drivers\SYMNDISV.SYS [2007-10-15 23:05]
 R3 ti21sony;ti21sony;C:\Windows\s​ystem32\drivers\ti21sony.sys [2007-06-06 02:00]
 R3 yukonwlh;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\system32​\DRIVERS\yk60x86.sys [2007-09-20 02:16]
 S3 MSSQL$MSSMLBIZ;SQL Server (MSSMLBIZ);"C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqls​ervr.exe" -sMSSMLBIZ []
 S3 Service CANALPLAY;Service CANALPLAY;"C:\Program Files\Lecteur CANALPLAY\CanalPlayService.exe​" [2007-07-09 16:53]
 S3 VAIOMediaPlatform-UCLS-AppServ​er;VAIO Media Content Collection;C:\Program Files\Sony\VAIO Media Integrated Server\UCLS.exe [2007-01-10 17:51]
 S3 VAIOMediaPlatform-UCLS-HTTP;VA​IO Media Content Collection (HTTP);"C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe" /Service=VAIOMediaPlatform-UCL​S-HTTP /RegRoot="SOFTWARE\Sony Corporation\VAIO Media Platform\2.0" /RegExt="\Applications\UCLS\HT​TP" []
 S3 VAIOMediaPlatform-UCLS-UPnP;VA​IO Media Content Collection (UPnP);C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.​exe [2007-06-20 16:34]
 S3 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager;"C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe" [2007-09-28 22:11]
 S3 VcmXmlIfHelper;VAIO Content Metadata XML Interface;"C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper.e​xe" [2007-09-20 19:52]

 [HKEY_LOCAL_MACHINE\software\mi​crosoft\windows nt\currentversion\svchost]
 WindowsMobile REG_MULTI_SZ    wcescomm rapimgr
 LocalServiceRestricted REG_MULTI_SZ    WcesComm RapiMgr

 *Newly Created Service* - COMHOST
 .
 ******************************​******************************​**************

 catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
 Rootkit scan 2008-05-14 08:53:20
 Windows 6.0.6000  NTFS

 Balayage processus cachés ...

 Balayage caché autostart entries ...

 Balayage des fichiers cachés ...


 C:\Windows\TEMP\TMP0000005E86E​044701B349E7A 524288 bytes executable

 Scan terminé avec succès
 Les fichiers cachés: 1

 ******************************​******************************​**************
 .
 Temps d'accomplissement: 2008-05-14  8:54:38
 ComboFix-quarantined-files.txt  2008-05-14 06:54:28
 ComboFix2.txt  2008-05-13 12:32:12
 ComboFix3.txt  2008-05-13 11:09:49

Le texte du message associé au numéro 0x2379 est introuvable dans le fichier de messages pour Application.

Le texte du message associé au numéro 0x2379 est introuvable dans le fichier de messages pour Application.

 239 --- E O F --- 2008-05-11 09:02:34




 j'ai ensuite refait un scan avec hijackthis et voici le rapport. Je ne vois pas ce qui a changé (?)

 



Logfile of Trend Micro HijackThis v2.0.2
 Scan saved at 09:07:18, on 14/05/2008
 Platform: Windows Vista  (WinNT 6.00.1904)
 MSIE: Internet Explorer v7.00 (7.00.6000.16643)
 Boot mode: Normal

 Running processes:
 C:\Windows\system32\Dwm.exe
 C:\Windows\system32\taskeng.ex​e
 C:\Program Files\Windows Defender\MSASCui.exe
 C:\Windows\System32\hkcmd.exe
 C:\Windows\System32\igfxpers.e​xe
 C:\Program Files\Apoint\Apoint.exe
 C:\Program Files\Sony\ISB Utility\ISBMgr.exe
 C:\Program Files\Sony\Marketing Tools\MarketingTools.exe
 C:\Program Files\Java\jre1.6.0_05\bin\jus​ched.exe
 C:\Program Files\Norton Save and Restore\Agent\VProTray.exe
 C:\Program Files\Common Files\Symantec Shared\ccApp.exe
 C:\Windows\WindowsMobile\wmdSy​nc.exe
 C:\Program Files\TF1Vision\TF1vision.exe
 C:\Program Files\Picasa2\PicasaMediaDetec​tor.exe
 C:\Program Files\Sony\Network Utility\LANUtil.exe
 C:\Program Files\Windows Live\Messenger\msnmsgr.exe
 C:\Windows\system32\igfxsrvc.e​xe
 C:\Windows\system32\taskeng.ex​e
 C:\Program Files\Sony\VAIO Update 3\VAIOUpdt.exe
 C:\Windows\System32\mobsync.ex​e
 C:\Program Files\Apoint\ApMsgFwd.exe
 C:\Program Files\Apoint\Apntex.exe
 C:\Windows\system32\conime.exe
 C:\Windows\Explorer.exe
 C:\Program Files\Mozilla Firefox\firefox.exe
 C:\Program Files\Trend Micro\HijackThis\HijackThis.ex​e

 R0 - HKCU\Software\Microsoft\Intern​et Explorer\Main,Start Page = http://www.google.fr/
 R1 - HKLM\Software\Microsoft\Intern​et Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
 R1 - HKLM\Software\Microsoft\Intern​et Explorer\Main,Default_Search_U​RL = http://go.microsoft.com/fwlink/?LinkId=54896
 R1 - HKLM\Software\Microsoft\Intern​et Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
 R0 - HKLM\Software\Microsoft\Intern​et Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
 R0 - HKCU\Software\Microsoft\Intern​et Explorer\Toolbar,LinksFolderNa​me =
 O1 - Hosts: ::1 localhost
 O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7​D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\Ac​roIEHelper.dll
 O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A5​3123C75} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.5\Np​pBho.dll
 O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF​1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv​.dll
 O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-51647​60863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
 O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF105​77473F7} - c:\program files\google\googletoolbar1.dl​l
 O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3​DB8F777} - C:\PROGRA~1\GOOGLE~1\BAE.dll
 O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-00902​7A5CD4F} - c:\program files\google\googletoolbar1.dl​l
 O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
 O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.e​xe
 O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
 O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.e​xe
 O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
 O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe
 O4 - HKLM\..\Run: [ISBMgr.exe] "C:\Program Files\Sony\ISB Utility\ISBMgr.exe"
 O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
 O4 - HKLM\..\Run: [MarketingTools] C:\Program Files\Sony\Marketing Tools\MarketingTools.exe
 O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jus​ched.exe"
 O4 - HKLM\..\Run: [Norton Save and Restore 2.0] "C:\Program Files\Norton Save and Restore\Agent\VProTray.exe"
 O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
 O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61​-B58F-2F227FCA9A08}\PIFSvc.exe​" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61​-B58F-2F227FCA9A08}\AlertEng.d​ll"
 O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
 O4 - HKLM\..\Run: [Windows Mobile-based device management] %windir%\WindowsMobile\wmdSync​.exe
 O4 - HKLM\..\Run: [e-TF1] C:\Program Files\TF1Vision\TF1vision.exe
 O4 - HKCU\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetec​tor.exe
 O4 - HKCU\..\Run: [NSUFloatingUI] "C:\Program Files\Sony\Network Utility\LANUtil.exe"
 O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
 O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
 O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
 O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
 O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Off​ice12\EXCEL.EXE/3000
 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401​C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv​.dll
 O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401​C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv​.dll
 O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C5​71A8263} - C:\PROGRA~1\MICROS~2\Office12\​REFIEBAR.DLL
 O13 - Gopher Prefix:
 O15 - Trusted Zone: *.canalplay.com
 O15 - Trusted Zone: *.canalplusactive.com
 O15 - Trusted Zone: *.canalplay.com (HKLM)
 O15 - Trusted Zone: *.canalplusactive.com (HKLM)
 O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C​7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKY​PE4~1.DLL
 O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GO​EC62~1.DLL
 O23 - Service: ccEvtMgr - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
 O23 - Service: ccSetMgr - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
 O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
 O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
 O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
 O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.e​xe
 O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\115​0\Intel 32\IDriverT.exe
 O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Common Files\InterVideo\RegMgr\iviReg​Mgr.exe
 O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\​LUCOMS~1.EXE
 O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
 O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61​-B58F-2F227FCA9A08}\PIFSvc.exe
 O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
 O23 - Service: Norton Save and Restore - Symantec Corporation - C:\Program Files\Norton Save and Restore\Agent\VProSvc.exe
 O23 - Service: NSUService - Sony Corporation - C:\Program Files\Sony\Network Utility\NSUService.exe
 O23 - Service: PACSPTISVR - Unknown owner - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
 O23 - Service: Service CANALPLAY - Canal+ Active - C:\Program Files\Lecteur CANALPLAY\CanalPlayService.exe
 O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
 O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
 O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResour​ceManager\VzHardwareResourceMa​nager.exe
 O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
 O23 - Service: VAIO Media Integrated Server (VAIOMediaPlatform-IntegratedS​erver-AppServer) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe
 O23 - Service: VAIO Media Integrated Server (HTTP) (VAIOMediaPlatform-IntegratedS​erver-HTTP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
 O23 - Service: VAIO Media Integrated Server (UPnP) (VAIOMediaPlatform-IntegratedS​erver-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.​exe
 O23 - Service: VAIO Media Gateway Server (VAIOMediaPlatform-Mobile-Gate​way) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe
 O23 - Service: VAIO Media Content Collection (VAIOMediaPlatform-UCLS-AppSer​ver) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\UCLS.exe
 O23 - Service: VAIO Media Content Collection (HTTP) (VAIOMediaPlatform-UCLS-HTTP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
 O23 - Service: VAIO Media Content Collection (UPnP) (VAIOMediaPlatform-UCLS-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.​exe
 O23 - Service: VAIO Content Metadata Intelligent Analyzing Manager (VcmIAlzMgr) - Sony Corporation - C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
 O23 - Service: VAIO Content Metadata XML Interface (VcmXmlIfHelper) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper.e​xe
 O23 - Service: VAIO Entertainment UPnP Client Adapter (Vcsw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
 O23 - Service: VAIO Entertainment Database Service (VzCdbSvc) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
 O23 - Service: VAIO Entertainment File Import Service (VzFw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
 O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xa​udio.exe

 --
 End of file - 10638 bytes


(Publicité)
  1. homepage
bobette-marlow
Assidu (de 10 000 à 19 999 messages postés)
  1. Posté le 14/05/2008 à 10:36:38  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
supprime Combofix et C:\Combofix ainsi que C:\qoobox

 ensuite fait un scan en ligne Bitdefender
 une fois sur le site clique sur
 le bouton:
 http://www.bitdefender.fr/file​s/Main/img/scanonline.jpg

 démo (de balltrap34)
 autre démo.

 copie-colle le rapport final.


---------------
>>Surfons Couverts<< en Tutos
 Page :
1

Aller à :
 

Sujets relatifs
panne suite lecture faux fichier avi Impossibilité de supprimer un fichier [résolu]
ouverture d'un fichier Word Comment supprimer un fichier endommagé/illisible ?
Pilote pour Ethernet sur un Compaq Presario 6200EA introuvable !! RESOLU. transfert fichier avec 1 dd
Plus de sujets relatifs à : fichier dll introuvable ...

Les 5 sujets de discussion précédents Nombre de réponses Dernier message
Problème démarrage pc 0
panneau de configuration et imprimante disparus !!! 1
imposible d'ouvrir Firefox 3
[Résolu] Mon écran s'éteind pour 1 raison incompréhensible 6
Mozilla Firefox ne trouve plus Google ?! 4