virus retapu-d c pas toi?? Résolu

Question

Bonjour,
bonjour, alors je suis infecté par le trojan retapu-d comme bcp de monde, donc j'ai essayé ce qui était proposé sur votre site: redémarrer en mode ss échec puis execution fichier MSNFIX.bat mais celui ci ne détecte rien^^(je suis pas sur qu'il fonctionne)
 
ainsi j'ai télécharger HijackThis v2.0.2 et voila le rapport:
 
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 09:52:13, on 20/01/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal
 
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
D:adio\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\cisvc.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\LEC\LogoMedia TranslateDotNet Server.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Microsoft SQL Server\MSSQL$VAIO_VEDB\Binn\sqlservr.exe
C:\WINDOWS\system32
vsvc32.exe
C:\Program Files\Parental Filter\ServiceEPCP.exe
C:\Program Files\Sony\vaio entertainment\VzTaskScheduler.exe
C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe
C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
c:\windows\system32\drivers\services.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe
C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
C:\Program Files\Sony\HotKey Utility\HKserv.exe
C:\Program Files\sony\vaio update 2\VAIOUpdt.exe
C:\Program Files\Sony\HotKey Utility\HKWnd.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\Sony\VAIO Zone Remote Commander\AvRmtCtr.exe
C:\Program Files\Utimaco\SafeGuard PrivateDisk\pdservice.exe
C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VMConsole.exe
C:\PROGRA~1\sony\SONICS~1\SsAAD.exe
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\Softwin\BitDefender9\bdoesrv.exe
C:\Program Files\Softwin\BitDefender9\bdnagent.exe
C:\Program Files\Softwin\BitDefender9\bdswitch.exe
D:\itunes\iTunesHelper.exe
D:\program files\TomTomHOME.exe
C:\Program Files\Picasa2\PicasaMediaDetector.exe
C:\Program Files\Windows Live\Contrôle parental\fssui.exe
C:\DOCUME~1\JEAN-Y~1\LOCALS~1\Temp\services.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\WINDOWS\system32\LVComS.exe
C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe
C:\Program Files\Sony\sonicstage mastering studio\audio filter\SSMSFilter.exe
C:\Program Files\Fritivi\fritivi_recorder.exe
C:\Program Files\Sony\vaio entertainment\VzTrayIcon.exe
C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe
C:\Program Files\Fichiers communs\Sony Shared\AVLib\SSScsiSV.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment\VzRs\VzRs.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe
C:\Program Files\Softwin\BitDefender9\vsserv.exe
c:\program files\softwin\bitdefender9\bdmcon.exe
C:\WINDOWS\system32\cidaemon.exe
D:adio\HijackThis.exe
 
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =  
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =  
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.club-vaio.com/fr
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Windows Live OneCare Family Safety Browser Helper - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Contrôle parental\fssbho.dll
O2 - BHO: (no name) - {64F56FC1-1272-44CD-BA6E-39723696E350} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: VGOIEBHO Helper - {B6FA00D9-86EC-4158-9488-D00DFF897E86} - C:\Program Files\21cn\VGO\VGOIEBHO.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - D:adio\Pluginseg\VeohToolbar.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [HKSERV.EXE] C:\Program Files\Sony\HotKey Utility\HKserv.exe
O4 - HKLM\..\Run: [VAIO Update 2] "C:\Program Files\sony\vaio update 2\VAIOUpdt.exe" /Stationary
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [VZRemoteCommander] C:\Program Files\Sony\VAIO Zone Remote Commander\AvRmtCtr.exe
O4 - HKLM\..\Run: [PDService.exe] C:\Program Files\Utimaco\SafeGuard PrivateDisk\pdservice.exe
O4 - HKLM\..\Run: [VMConsole.exe] "C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VMConsole.exe" /windowmin
O4 - HKLM\..\Run: [SsAAD.exe] C:\PROGRA~1\sony\SONICS~1\SsAAD.exe
O4 - HKLM\..\Run: [TVTunerLib] C:\Program Files\Fichiers communs\Sony Shared\TVTunerLib\TVTLInstTool.exe
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [BDMCon] "C:\Program Files\Softwin\BitDefender9\bdmcon.exe"
O4 - HKLM\..\Run: [BDOESRV] "C:\Program Files\Softwin\BitDefender9\bdoesrv.exe"
O4 - HKLM\..\Run: [BDNewsAgent] "c:\program files\softwin\bitdefender9\bdnagent.exe"
O4 - HKLM\..\Run: [BDSwitchAgent] "c:\program files\softwin\bitdefender9\bdswitch.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [iTunesHelper] "D:\itunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [TomTomHOME.exe] "d:\program files\TomTomHOME.exe" -s
O4 - HKLM\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [QuickTime Task] "D:\quicktime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [fssui] "C:\Program Files\Windows Live\Contrôle parental\fssui.exe" -autorun
O4 - HKLM\..\Run: [LOGGING_EPCP] "C:\Program Files\Parental Filter\LoggingEPCP.exe" start
O4 - HKLM\..\Run: [Flash Player2] C:\DOCUME~1\JEAN-Y~1\LOCALS~1\Temp\services.exe
O4 - HKLM\..\RunServices: [Windows Updater] WinUpdater.exe
O4 - HKLM\..\RunServices: [gpedfsdjzcyg] C:\WINDOWS\system32\gpedfsdjzcyg.exe
O4 - HKLM\..\RunServices: [z] C:\WINDOWS\system32\z.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - .DEFAULT User Startup: VAIO Launcher.lnk = C:\Program Files\Sony\VAIO Launcher\Launcher.exe (User 'Default user')
O4 - Startup: IMVU.lnk = D:adio\IMVU\IMVUClient.exe
O4 - Startup: VAIO Launcher.lnk = C:\Program Files\Sony\VAIO Launcher\Launcher.exe
O4 - Global Startup: Assistant d'Acrobat.lnk = C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe
O4 - Global Startup: Audio Filter.lnk = C:\Program Files\Sony\sonicstage mastering studio\audio filter\SSMSFilter.exe
O4 - Global Startup: Fritivi Recorder.lnk = C:\Program Files\Fritivi\fritivi_recorder.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Readereader_sl.exe
O4 - Global Startup: État de l'enregistrement.lnk = C:\Program Files\Sony\vaio entertainment\VzTrayIcon.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\Jean-Yves\Menu Démarrer\Programmes\IMVU\Run IMVU.lnk (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\program files\parental filter\hooklib.dll
O10 - Unknown file in Winsock LSP: c:\program files\parental filter\hooklib.dll
O10 - Unknown file in Winsock LSP: c:\program files\parental filter\hooklib.dll
O10 - Unknown file in Winsock LSP: c:\program files\parental filter\hooklib.dll
O10 - Unknown file in Winsock LSP: c:\program files\parental filter\hooklib.dll
O10 - Unknown file in Winsock LSP: c:\program files\parental filter\hooklib.dll
O10 - Unknown file in Winsock LSP: c:\program files\parental filter\hooklib.dll
O10 - Unknown file in Winsock LSP: c:\program files\parental filter\hooklib.dll
O10 - Unknown file in Winsock LSP: c:\program files\parental filter\hooklib.dll
O10 - Unknown file in Winsock LSP: c:\program files\parental filter\hooklib.dll
O10 - Unknown file in Winsock LSP: c:\program files\parental filter\hooklib.dll
O10 - Unknown file in Winsock LSP: c:\program files\parental filter\hooklib.dll
O10 - Unknown file in Winsock LSP: c:\program files\parental filter\hooklib.dll
O10 - Unknown file in Winsock LSP: c:\program files\parental filter\hooklib.dll
O10 - Unknown file in Winsock LSP: c:\program files\parental filter\hooklib.dll
O10 - Unknown file in Winsock LSP: c:\program files\parental filter\hooklib.dll
O10 - Unknown file in Winsock LSP: c:\program files\parental filter\hooklib.dll
O10 - Unknown file in Winsock LSP: c:\program files\parental filter\hooklib.dll
O10 - Unknown file in Winsock LSP: c:\program files\parental filter\hooklib.dll
O10 - Unknown file in Winsock LSP: c:\program files\parental filter\hooklib.dll
O16 - DPF: {084DAC27-6FA3-4F55-9005-033F2F102F5C} (ITPPDiagIE Class) - http://data.jeuxclassiques.com/npwwg.cab
O16 - DPF: {27527D31-447B-11D5-A46E-0001023B4289} (CoGSManager Class) - http://gamingzone.ubisoft.com/dev/ [...] anager.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/pr [...] NPUpld.cab
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.safety.live.com/re [...] se8460.cab
O16 - DPF: {7E980B9B-8AE5-466A-B6D6-DA8CF814E78A} (MJLauncherCtrl Class) - https://zone.msn.com/en/utility/handler404.aspx?404;http://zone.msn.com:80/bingame/luxr/d [...] uncher.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/ [...] loader.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://cdn2.zone.msn.com/binFramew [...] b34246.cab
O16 - DPF: {BD8667B7-38D8-4C77-B580-18C3E146372C} (Creative Toolbox Plug-in) - http://bmm.imgag.com/imgag/cp/install/crusher-fr.cab
O16 - DPF: {C45B1500-7B63-47C2-AB25-C28CB46AFDEE} (MediaBar) - http://sib1.od2.com/common/musicma [...] Plugin.CAB
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://helpx.adobe.com/shockwave/shockwave-end-of-life-faq.html [...] wflash.cab
O18 - Protocol: x-mem1n - {2AB77CF2-76FF-475C-9AB8-0332478CBDEB} - C:\Program Files\Parental Filter\wowctl.net.dll
O18 - Protocol: x-mem3n - {0F4413E7-5D3B-4B1A-8AA2-E2307F06B228} - C:\Program Files\Parental Filter\eztoolslib.net.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - D:adio\aawservice.exe
O23 - Service: Adobe Active File Monitor (AdobeActiveFileMonitor) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe
O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
O23 - Service: FileZilla Server FTP server (FileZilla Server) - Unknown owner - D:adio\FileZilla Server\FileZilla Server.exe (file missing)
O23 - Service: Generic Host Process for Win-32 Service - Unknown owner - C:\WINDOWS\svchost.exe (file missing)
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Image Converter video recording monitor for VAIO Entertainment - Sony Corporation - C:\Program Files\Sony\image converter 2\IcVzMon.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LEC TranslateDotNet Server - Language Engineering Corporation, LLC - C:\Program Files\LEC\LogoMedia TranslateDotNet Server.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - SOFTWIN S.R.L. - C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: NBService - Nero AG - D:\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32
vsvc32.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Photoshop Elements Device Connect (PhotoshopElementsDeviceConnect) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsDeviceConnect.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - NetGroup - Politecnico di Torino - C:\Program Files\WinPcappcapd.exe
O23 - Service: Parental Filter (ServiceEPCP) - Unknown owner - C:\Program Files\Parental Filter\ServiceEPCP.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SSScsiSV.exe
O23 - Service: MS Session Manager Subsystem (System Session Manager Subsystem) - Unknown owner - c:\windows\system32\drivers\etc\smss.exe (file missing)
O23 - Service: VAIO Entertainment Aggregation and Control Service - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment\VzRs\VzRs.exe
O23 - Service: VAIO Entertainment Task Scheduler - Sony Corporation - C:\Program Files\Sony\vaio entertainment\VzTaskScheduler.exe
O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe
O23 - Service: VAIO Media Integrated Server (VAIOMediaPlatform-IntegratedServer-AppServer) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe
O23 - Service: VAIO Media Integrated Server (HTTP) (VAIOMediaPlatform-IntegratedServer-HTTP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
O23 - Service: VAIO Media Integrated Server (UPnP) (VAIOMediaPlatform-IntegratedServer-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
O23 - Service: VAIO Media Gateway Server (VAIOMediaPlatform-Mobile-Gateway) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe
O23 - Service: VAIO Cooporated Initialisation (VCI) - Sony Corporation - C:\Program Files\Sony\VAIO Cooperated Initialisation\VCI_SVC.exe
O23 - Service: VAIO Entertainment UPnP Client Adapter (Vcsw) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - SOFTWIN S.R.L. - C:\Program Files\Softwin\BitDefender9\vsserv.exe
O23 - Service: VAIO Entertainment Database Service (VzCdbSvc) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
O23 - Service: VAIO Entertainment File Import Service (VzFw) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
O23 - Service: Windows Services Control - FileZilla Project - c:\windows\system32\drivers\services.exe
O23 - Service: BitDefender Communicator (XCOMM) - Softwin - C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe
 
-- 
End of file - 19886 bytes
 
 
merci vraiment bcp si vous pouvez m'aider, c vraiment très énervant
voilou ++

Pi_Xi · Answer

Bonjour,

1) Tout d'abord, tu n'as pas de pare-feu actif, télécharge et installe:

http://www.commentcamarche.net/telecharger/telecharger 206 kerio

2)  Télécharge MSNFix.zip sur ton bureau: http://sosvirus.changelog.fr/MSNFix.zip

    * Décompresse-le (clic droit << Extraire ici) et double-clique sur le fichier MSNFix.bat
    * Exécute l'option R
    * Si l'infection est détectée, exécute l'option N
    * Sauvegarde le rapport puis copie/colle-le ici, ainsi qu'un nouveau scan hijackthis fait en mode normal

antoine01000 · Answer

voilou : MSNFix 1.639-2  
 
C:\Documents and Settings\Jean-Yves\Bureau\MSNFix\MSNFix 
Fix exécuté le 22/01/2008 - 18:31:48,87 By Jean-Yves 
mode normal    
    
************************ Recherche les fichiers présents      
    
... C:\DOCUME~1\JEAN-Y~1\LOCALS~1\Temp\services.exe 
... C:\DOCUME~1\JEAN-Y~1\LOCALS~1\Temp\services.exe 
... C:\Documents and Settings\Jean-Yves\??????.exe 
... C:\WINDOWS\b???.exe 
... C:\WINDOWS\mrofinu*.exe 
... C:\WINDOWS\mrofinu*.exe.tmp 
... C:\WINDOWS\system32\drivers\services.exe 
... C:\WINDOWS\system32\microsoft\backup.ftp 
... C:\WINDOWS\system32\microsoft\backup.tftp 
 
************************ Recherche les dossiers présents       
 
... C:\Program Files\InetGet2\ 
 
 
 
 
************************ Suppression des fichiers       
    
/!\ ...  C:\DOCUME~1\JEAN-Y~1\LOCALS~1\Temp\services.exe   
/!\ ...  C:\DOCUME~1\JEAN-Y~1\LOCALS~1\Temp\services.exe   
/!\ ...  C:\Documents and Settings\Jean-Yves\??????.exe   
.. OK ... C:\WINDOWS\b???.exe  
.. OK ... C:\WINDOWS\mrofinu*.exe  
.. OK ... C:\WINDOWS\mrofinu*.exe.tmp  
/!\ ...  C:\WINDOWS\system32\drivers\services.exe   
.. OK ... C:\WINDOWS\system32\microsoft\backup.ftp  
.. OK ... C:\WINDOWS\system32\microsoft\backup.tftp  
 
 
************************ Suppression des dossiers       
 
/!\ ...  C:\Program Files\InetGet2\   
 
 
************************ Nettoyage du registre 
 
 
 
Les fichiers encore présents seront supprimés au prochain redémarrage 
 
 
************************ Suppression des fichiers       
    
.. OK ... C:\DOCUME~1\JEAN-Y~1\LOCALS~1\Temp\services.exe  
.. OK ... C:\DOCUME~1\JEAN-Y~1\LOCALS~1\Temp\services.exe  
.. OK ... C:\Documents and Settings\Jean-Yves\??????.exe  
.. OK ... C:\WINDOWS\system32\drivers\services.exe  
 
 
 
************************ Fichiers suspects 
 
/!\ ces fichiers nécessitent un avis expérimenté avant toute intervention 
 
[C:\44433.ZIP] 8E1CCAD6AC86AFDE4E895735EB4E22F7 
[C:\D_44433.ZIP] 3A39073613514D98974203B7117C8762 
[C:\meuhmeuhtv2.35.zip] D90AE1244835806C28FA693C62A56700 

 
  
Les fichiers et clés de registre supprimés ont été sauvegardés dans le fichier 22012008_18410550.zip
 
 
------------------------------------------------------------------------  
Auteur : !aur3n7                     Contact: https://www.ionos.fr/     
------------------------------------------------------------------------   
 
---------------------------------------------   END   --------------------------------------------- 
 



et voila le rapport de Hijackthi: 
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:48:41, on 22/01/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
D:adio\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\cisvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\svchost.exe
D:adio\parefeu\kpf4ss.exe
C:\Program Files\LEC\LogoMedia TranslateDotNet Server.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Microsoft SQL Server\MSSQL$VAIO_VEDB\Binn\sqlservr.exe
C:\WINDOWS\system32
vsvc32.exe
C:\Program Files\Parental Filter\ServiceEPCP.exe
C:\Program Files\Sony\vaio entertainment\VzTaskScheduler.exe
C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe
C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe
C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe
C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
C:\Program Files\Softwin\BitDefender9\vsserv.exe
C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe
D:adio\parefeu\kpf4gui.exe
C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment\VzRs\VzRs.exe
D:adio\parefeu\kpf4gui.exe
C:\Program Files\Sony\HotKey Utility\HKserv.exe
C:\Program Files\sony\vaio update 2\VAIOUpdt.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\Sony\VAIO Zone Remote Commander\AvRmtCtr.exe
C:\Program Files\Utimaco\SafeGuard PrivateDisk\pdservice.exe
C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VMConsole.exe
C:\PROGRA~1\sony\SONICS~1\SsAAD.exe
C:\Program Files\Sony\HotKey Utility\HKWnd.exe
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\Softwin\BitDefender9\bdmcon.exe
C:\Program Files\Softwin\BitDefender9\bdoesrv.exe
C:\Program Files\Softwin\BitDefender9\bdnagent.exe
C:\Program Files\Fichiers communs\Sony Shared\AVLib\SSScsiSV.exe
C:\Program Files\Softwin\BitDefender9\bdswitch.exe
D:\itunes\iTunesHelper.exe
C:\Program Files\Windows Live\Contrôle parental\fssui.exe
C:\Program Files\Parental Filter\LoggingEPCP.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\LVComS.exe
C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe
C:\Program Files\Sony\sonicstage mastering studio\audio filter\SSMSFilter.exe
C:\Program Files\Adobe\Acrobat 7.0\Readereader_sl.exe
C:\Program Files\Sony\vaio entertainment\VzTrayIcon.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\cidaemon.exe
D:adio\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.club-vaio.com/fr
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Windows Live OneCare Family Safety Browser Helper - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Contrôle parental\fssbho.dll
O2 - BHO: (no name) - {64F56FC1-1272-44CD-BA6E-39723696E350} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: VGOIEBHO Helper - {B6FA00D9-86EC-4158-9488-D00DFF897E86} - C:\Program Files\21cn\VGO\VGOIEBHO.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - D:adio\Pluginseg\VeohToolbar.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [HKSERV.EXE] C:\Program Files\Sony\HotKey Utility\HKserv.exe
O4 - HKLM\..\Run: [VAIO Update 2] "C:\Program Files\sony\vaio update 2\VAIOUpdt.exe" /Stationary
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [VZRemoteCommander] C:\Program Files\Sony\VAIO Zone Remote Commander\AvRmtCtr.exe
O4 - HKLM\..\Run: [PDService.exe] C:\Program Files\Utimaco\SafeGuard PrivateDisk\pdservice.exe
O4 - HKLM\..\Run: [VMConsole.exe] "C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VMConsole.exe" /windowmin
O4 - HKLM\..\Run: [SsAAD.exe] C:\PROGRA~1\sony\SONICS~1\SsAAD.exe
O4 - HKLM\..\Run: [TVTunerLib] C:\Program Files\Fichiers communs\Sony Shared\TVTunerLib\TVTLInstTool.exe
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [BDMCon] "C:\Program Files\Softwin\BitDefender9\bdmcon.exe"
O4 - HKLM\..\Run: [BDOESRV] "C:\Program Files\Softwin\BitDefender9\bdoesrv.exe"
O4 - HKLM\..\Run: [BDNewsAgent] "C:\Program Files\Softwin\BitDefender9\bdnagent.exe"
O4 - HKLM\..\Run: [BDSwitchAgent] "C:\Program Files\Softwin\BitDefender9\bdswitch.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [iTunesHelper] "D:\itunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [QuickTime Task] "D:\quicktime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [fssui] "C:\Program Files\Windows Live\Contrôle parental\fssui.exe" -autorun
O4 - HKLM\..\Run: [LOGGING_EPCP] "C:\Program Files\Parental Filter\LoggingEPCP.exe" start
O4 - HKLM\..\RunServices: [Windows Updater] WinUpdater.exe
O4 - HKLM\..\RunServices: [gpedfsdjzcyg] C:\WINDOWS\system32\gpedfsdjzcyg.exe
O4 - HKLM\..\RunServices: [z] C:\WINDOWS\system32\z.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - .DEFAULT User Startup: VAIO Launcher.lnk = C:\Program Files\Sony\VAIO Launcher\Launcher.exe (User 'Default user')
O4 - Startup: VAIO Launcher.lnk = C:\Program Files\Sony\VAIO Launcher\Launcher.exe
O4 - Global Startup: Assistant d'Acrobat.lnk = C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe
O4 - Global Startup: Audio Filter.lnk = C:\Program Files\Sony\sonicstage mastering studio\audio filter\SSMSFilter.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Readereader_sl.exe
O4 - Global Startup: État de l'enregistrement.lnk = C:\Program Files\Sony\vaio entertainment\VzTrayIcon.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\Jean-Yves\Menu Démarrer\Programmes\IMVU\Run IMVU.lnk (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\program files\parental filter\hooklib.dll
O10 - Unknown file in Winsock LSP: c:\program files\parental filter\hooklib.dll
O10 - Unknown file in Winsock LSP: c:\program files\parental filter\hooklib.dll
O10 - Unknown file in Winsock LSP: c:\program files\parental filter\hooklib.dll
O10 - Unknown file in Winsock LSP: c:\program files\parental filter\hooklib.dll
O10 - Unknown file in Winsock LSP: c:\program files\parental filter\hooklib.dll
O10 - Unknown file in Winsock LSP: c:\program files\parental filter\hooklib.dll
O10 - Unknown file in Winsock LSP: c:\program files\parental filter\hooklib.dll
O10 - Unknown file in Winsock LSP: c:\program files\parental filter\hooklib.dll
O10 - Unknown file in Winsock LSP: c:\program files\parental filter\hooklib.dll
O10 - Unknown file in Winsock LSP: c:\program files\parental filter\hooklib.dll
O10 - Unknown file in Winsock LSP: c:\program files\parental filter\hooklib.dll
O10 - Unknown file in Winsock LSP: c:\program files\parental filter\hooklib.dll
O10 - Unknown file in Winsock LSP: c:\program files\parental filter\hooklib.dll
O10 - Unknown file in Winsock LSP: c:\program files\parental filter\hooklib.dll
O10 - Unknown file in Winsock LSP: c:\program files\parental filter\hooklib.dll
O10 - Unknown file in Winsock LSP: c:\program files\parental filter\hooklib.dll
O10 - Unknown file in Winsock LSP: c:\program files\parental filter\hooklib.dll
O10 - Unknown file in Winsock LSP: c:\program files\parental filter\hooklib.dll
O10 - Unknown file in Winsock LSP: c:\program files\parental filter\hooklib.dll
O16 - DPF: {084DAC27-6FA3-4F55-9005-033F2F102F5C} (ITPPDiagIE Class) - http://data.jeuxclassiques.com/npwwg.cab
O16 - DPF: {27527D31-447B-11D5-A46E-0001023B4289} (CoGSManager Class) - http://gamingzone.ubisoft.com/dev/packages/GSManager.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/pr02/resources/MSNPUpld.cab
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.safety.live.com/resource/download/scanner/wlscbase8460.cab
O16 - DPF: {7E980B9B-8AE5-466A-B6D6-DA8CF814E78A} (MJLauncherCtrl Class) - http://zone.msn.com/bingame/luxr/default/mjolauncher.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://cdn2.zone.msn.com/binFramework/v10/ZIntro.cab34246.cab
O16 - DPF: {BD8667B7-38D8-4C77-B580-18C3E146372C} (Creative Toolbox Plug-in) - http://bmm.imgag.com/imgag/cp/install/crusher-fr.cab
O16 - DPF: {C45B1500-7B63-47C2-AB25-C28CB46AFDEE} (MediaBar) - http://sib1.od2.com/common/musicmanager/installation/MusicManagerPlugin.CAB
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: x-mem1n - {2AB77CF2-76FF-475C-9AB8-0332478CBDEB} - C:\Program Files\Parental Filter\wowctl.net.dll
O18 - Protocol: x-mem3n - {0F4413E7-5D3B-4B1A-8AA2-E2307F06B228} - C:\Program Files\Parental Filter\eztoolslib.net.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - D:adio\aawservice.exe
O23 - Service: Adobe Active File Monitor (AdobeActiveFileMonitor) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe
O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
O23 - Service: FileZilla Server FTP server (FileZilla Server) - Unknown owner - D:adio\FileZilla Server\FileZilla Server.exe (file missing)
O23 - Service: Generic Host Process for Win-32 Service - Unknown owner - C:\WINDOWS\svchost.exe (file missing)
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Image Converter video recording monitor for VAIO Entertainment - Sony Corporation - C:\Program Files\Sony\image converter 2\IcVzMon.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Sunbelt Kerio Personal Firewall 4 (KPF4) - Sunbelt Software - D:adio\parefeu\kpf4ss.exe
O23 - Service: LEC TranslateDotNet Server - Language Engineering Corporation, LLC - C:\Program Files\LEC\LogoMedia TranslateDotNet Server.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - SOFTWIN S.R.L. - C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: NBService - Nero AG - D:\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32
vsvc32.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Photoshop Elements Device Connect (PhotoshopElementsDeviceConnect) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsDeviceConnect.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - NetGroup - Politecnico di Torino - C:\Program Files\WinPcappcapd.exe
O23 - Service: Parental Filter (ServiceEPCP) - Unknown owner - C:\Program Files\Parental Filter\ServiceEPCP.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SSScsiSV.exe
O23 - Service: MS Session Manager Subsystem (System Session Manager Subsystem) - Unknown owner - c:\windows\system32\drivers\etc\smss.exe (file missing)
O23 - Service: VAIO Entertainment Aggregation and Control Service - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment\VzRs\VzRs.exe
O23 - Service: VAIO Entertainment Task Scheduler - Sony Corporation - C:\Program Files\Sony\vaio entertainment\VzTaskScheduler.exe
O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe
O23 - Service: VAIO Media Integrated Server (VAIOMediaPlatform-IntegratedServer-AppServer) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe
O23 - Service: VAIO Media Integrated Server (HTTP) (VAIOMediaPlatform-IntegratedServer-HTTP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
O23 - Service: VAIO Media Integrated Server (UPnP) (VAIOMediaPlatform-IntegratedServer-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
O23 - Service: VAIO Media Gateway Server (VAIOMediaPlatform-Mobile-Gateway) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe
O23 - Service: VAIO Cooporated Initialisation (VCI) - Sony Corporation - C:\Program Files\Sony\VAIO Cooperated Initialisation\VCI_SVC.exe
O23 - Service: VAIO Entertainment UPnP Client Adapter (Vcsw) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - SOFTWIN S.R.L. - C:\Program Files\Softwin\BitDefender9\vsserv.exe
O23 - Service: VAIO Entertainment Database Service (VzCdbSvc) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
O23 - Service: VAIO Entertainment File Import Service (VzFw) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
O23 - Service: Windows Services Control - Unknown owner - c:\windows\system32\drivers\services.exe (file missing)
O23 - Service: BitDefender Communicator (XCOMM) - Softwin - C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe

Pi_Xi · Answer

C'est pas fini ...

Télécharge SDFix: http://downloads.andymanchesta.com/RemovalTools/SDFix.exe

et sauvegarde-le sur ton Bureau.

Double clique sur SDFix.exe et choisis Install pour l'extraire dans un dossier dédié sur le Bureau.

Redémarre ton ordinateur en Mode sans Echec.

# Choisis ton compte, pas celui de l'Administrateur ou autre.

# Ouvre le dossier SDFix qui vient d'être créé dans le répertoire C:\ et double clique sur RunThis.bat pour lancer le script.

# Appuie sur Y pour commencer le processus de nettoyage.

# Il va supprimer les services et les Entrées du Registre de certains Trojans trouvés puis te demandera d'appuyer sur une touche pour redémarrer.

# Appuie sur une touche pour redémarrer le PC.

# Ton système sera plus long pour redémarrer que d'habitude car l'outil va continuer à s'exécuter et supprimer des fichiers.

# Après le chargement du Bureau, l'outil terminera son travail et affichera Finished.

# Appuie sur une touche pour finir l'exécution du script et charger les icônes de ton Bureau.

# Les icônes du Bureau affichées, le rapport SDFix s'ouvrira à l'écran et s'enregistrera aussi dans le dossier SDFix sous le nom Report.txt.

# Enfin, copie/colle le contenu du fichier Report.txt

antoine01000 · Answer

voila alors j'ai tout fait comme il faut
c pas un reproche mais c just pour que tu rajoutes ça qd tu sauveras la vie d'autres personnes^^: après que l'ordinateur demande de redémarrer(il est encore en mode sans échec) l'outi ne termine pas sont travail, donc pour cela il faut le redémarrer en mode normal
c pas un reproche loin de la! lol tu m'a sauvé!

bon alors le rapport: 
SDFix: Version 1.131

Run by Jean-Yves on 25/01/2008 at 16:46

Microsoft Windows XP [version 5.1.2600]

Running From: C:\DOCUME~1\JEAN-Y~1\Bureau\SDFix

Safe Mode:
Checking Services: 

Name:
Generic Host Process for Win-32 Service

Path:
"C:\WINDOWS\svchost.exe" 

Generic Host Process for Win-32 Service - Deleted



Restoring Windows Registry Values
Restoring Windows Default Hosts File

Rebooting...


Normal Mode:
Checking Files: 

Trojan Files Found:

C:\Program Files\Setup.exe  - Deleted



Folder C:\Program Files\InetGet2 - Removed


Removing Temp Files...

ADS Check:

C:\WINDOWS
No streams found. 

C:\WINDOWS\explorer.exe
No streams found.
 
C:\WINDOWS\system32
No streams found. 

C:\WINDOWS\system32\svchost.exe
No streams found.
 
C:\WINDOWS\system32
toskrnl.exe
No streams found.
 


                                 Final Check:

catchme 0.3.1344.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-01-25 17:02:38
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

IPC error: 2 Le fichier spécifié est introuvable.
scanning hidden services & system hive ...

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg]
"s1"=dword:a0813a94
"s2"=dword:25bf5d97
"h0"=dword:00000001

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04]
"h0"=dword:00000000
"ujdew"=hex:91,2e,c2,de,06,64,42,82,72,53,63,bd,67,b0,4f,30,74,7f,f5,f9,46,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04]
"h0"=dword:00000000
"ujdew"=hex:91,2e,c2,de,06,64,42,82,72,53,63,bd,67,b0,4f,30,74,7f,f5,f9,46,..

scanning hidden registry entries ...

scanning hidden files ...


scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 46


Remaining Services:
------------------



Authorized Application Key Export:

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"D:\BitTorrent\utorrent.exe"="D:\BitTorrent\utorrent.exe:*:Enabled:æTorrent"
"C:\Program Files\Fritivi\fritivi.exe"="C:\Program Files\Fritivi\fritivi.exe:*:Enabled:Fritivi"
"D:\radio\adsltv\adsltv.exe"="D:\radio\adsltv\adsltv.exe:*:Enabled:adsltv"
"D:\radio\TribalWeb\tribalweb.exe"="D:\radio\TribalWeb\tribalweb.exe:*:Enabled:tribalweb"
"D:\Program Files\wolf\ET.exe"="D:\Program Files\wolf\ET.exe:*:Enabled:ET"
"D:\radio\adsltv\vlc.exe"="D:\radio\adsltv\vlc.exe:*:Enabled:VLC media player"
"C:\Documents and Settings\Jean-Yves\Bureau\utorrent.exe"="C:\Documents and Settings\Jean-Yves\Bureau\utorrent.exe:*:Enabled:æTorrent"
"C:\Documents and Settings\SONY\Bureau\WoW-frFR-Installer-downloader.exe"="C:\Documents and Settings\SONY\Bureau\WoW-frFR-Installer-downloader.exe:*:Enabled:Blizzard Downloader"
"D:\radio\BitComet\BitComet.exe"="D:\radio\BitComet\BitComet.exe:*:Enabled:BitComet - a BitTorrent Client"
"D:\Program Files\TVAnts\Tvants.exe"="D:\Program Files\TVAnts\Tvants.exe:*:Enabled:TVAnts"
"D:\Azureus\Azureus.exe"="D:\Azureus\Azureus.exe:*:Enabled:Azureus"
"D:\radio\Nouveau dossier\PPMate\ppmate.exe"="D:\radio\Nouveau dossier\PPMate\ppmate.exe:*:Enabled:PPMate"
"D:\radio\Nouveau dossier\PPMate\ppmnet.exe"="D:\radio\Nouveau dossier\PPMate\ppmnet.exe:*:Enabled:PPMate"
"D:\radio\Nouveau dossier\PPLive\PPLive.exe"="D:\radio\Nouveau dossier\PPLive\PPLive.exe:*:Enabled:PPLive"
"C:\Program Files\BitTorrent_DNA\dna.exe"="C:\Program Files\BitTorrent_DNA\dna.exe:*:Enabled:DNA"
"C:\Documents and Settings\SONY\Application Data\SopCast\adv\SopAdver.exe"="C:\Documents and Settings\SONY\Application Data\SopCast\adv\SopAdver.exe:*:Enabled:SopCast Adver"
"D:\radio\SopCast\SopCast.exe"="D:\radio\SopCast\SopCast.exe:*:Enabled:SopCast Main Application"
"D:\radio\PPStream\PPStream.exe"="D:\radio\PPStream\PPStream.exe:*:Enabled:PPStream ????"
"D:\radio\TVUPlayer\TVUPlayer.exe"="D:\radio\TVUPlayer\TVUPlayer.exe:*:Enabled:TVU Player Component"
"C:\Program Files\Freeplayer\vlc\vlc.exe"="C:\Program Files\Freeplayer\vlc\vlc.exe:*:Enabled:VLC media player"
"D:\radio\Freeplayer\vlc\vlc.exe"="D:\radio\Freeplayer\vlc\vlc.exe:*:Enabled:VLC media player"
"C:\Program Files\UUSee\UUSeePlayer.exe"="C:\Program Files\UUSee\UUSeePlayer.exe:*:Enabled:UUPlayer"
"D:\radio\UUSeePlayer.exe"="D:\radio\UUSeePlayer.exe:*:Enabled:UUPlayer"
"C:\Documents and Settings\SONY\Bureau\UUSeePlayer.exe"="C:\Documents and Settings\SONY\Bureau\UUSeePlayer.exe:*:Enabled:UUPlayer"
"D:\radio\UURecorder.exe"="D:\radio\UURecorder.exe:*:Enabled:UURecorder"
"D:\TVUPlayer\TVUPlayer.exe"="D:\TVUPlayer\TVUPlayer.exe:*:Enabled:TVUPlayer Component"
"D:\radio\freeBrowser\vlc\vlc.exe"="D:\radio\freeBrowser\vlc\vlc.exe:*:Enabled:VLC media player"
"D:\radio\freeBrowser\freeBrowser\freeBrowser.exe"="D:\radio\freeBrowser\freeBrowser\freeBrowser.exe:*:Enabled:FreeBrowser"
"D:\radio\HomePlayer1.5.1.2\HomePlayer.exe"="D:\radio\HomePlayer1.5.1.2\HomePlayer.exe:*:Enabled:HomePlayer"
"C:\Documents and Settings\SONY\Local Settings\Temp\I1183818329\Windows\resource\jre\bin\javaw.exe"="C:\Documents and Settings\SONY\Local Settings\Temp\I1183818329\Windows\resource\jre\bin\javaw.exe:*:Enabled:javaw"
"D:\Program Files\cd permanent\el\monoposte\common\jre\bin\javaw.exe"="D:\Program Files\cd permanent\el\monoposte\common\jre\bin\javaw.exe:*:Enabled:javaw"
"D:\Program Files\cd permanent\el\monoposte\common\bd_service\bin\mysqld-opt.exe"="D:\Program Files\cd permanent\el\monoposte\common\bd_service\bin\mysqld-opt.exe:*:Enabled:mysqld-opt"
"C:\Documents and Settings\SONY\Local Settings\Temp\I1183884323\Windows\resource\jre\bin\javaw.exe"="C:\Documents and Settings\SONY\Local Settings\Temp\I1183884323\Windows\resource\jre\bin\javaw.exe:*:Enabled:javaw"
"C:\Documents and Settings\SONY\Local Settings\Temp\I1183886658\Windows\resource\jre\bin\javaw.exe"="C:\Documents and Settings\SONY\Local Settings\Temp\I1183886658\Windows\resource\jre\bin\javaw.exe:*:Enabled:javaw"
"C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:æTorrent"
"C:\Program Files\Mozilla Firefox\firefox.exe"="C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox"
"D:\NetXfer\NetTransport.exe"="D:\NetXfer\NetTransport.exe:*:Enabled:NetXfer Download Manager"
"D:\Program Files\LAMY FONCTION PUBLIQUE\LamyAccueil.exe"="D:\Program Files\LAMY FONCTION PUBLIQUE\LamyAccueil.exe:*:Enabled:LaunchAnywhere GUI"
"D:\Program Files\LAMY FONCTION PUBLIQUE\jre\bin\javaw.exe"="D:\Program Files\LAMY FONCTION PUBLIQUE\jre\bin\javaw.exe:*:Enabled:javaw"
"C:\Program Files\LamyCD\LamyAccueil.exe"="C:\Program Files\LamyCD\LamyAccueil.exe:*:Enabled:LaunchAnywhere GUI"
"C:\Program Files\LamyCD\jre\bin\javaw.exe"="C:\Program Files\LamyCD\jre\bin\javaw.exe:*:Enabled:javaw"
"D:\Program Files\lamy cd\jre\bin\javaw.exe"="D:\Program Files\lamy cd\jre\bin\javaw.exe:*:Enabled:javaw"
"C:\Documents and Settings\Jean-Yves\Bureau\incredimail_install.exe"="C:\Documents and Settings\Jean-Yves\Bureau\incredimail_install.exe:*:Enabled:IncrediMail Installer"
"C:\Program Files\IncrediMail\bin\ImApp.exe"="C:\Program Files\IncrediMail\bin\ImApp.exe:*:Enabled:IncrediMail"
"C:\Program Files\IncrediMail\bin\IncMail.exe"="C:\Program Files\IncrediMail\bin\IncMail.exe:*:Enabled:IncrediMail"
"C:\Program Files\IncrediMail\bin\ImpCnt.exe"="C:\Program Files\IncrediMail\bin\ImpCnt.exe:*:Enabled:IncrediMail"
"D:\itunes\iTunes.exe"="D:\itunes\iTunes.exe:*:Enabled:iTunes"
"D:\Program Files\PES5.exe"="D:\Program Files\PES5.exe:*:Enabled:pes5.exe"
"D:\radio\uusee\UUSeePlayer.exe"="D:\radio\uusee\UUSeePlayer.exe:*:Enabled:UUSEE"
"C:\Program Files\Internet Explorer\iexplore.exe"="C:\Program Files\Internet Explorer\iexplore.exe:*:Enabled:Internet Explorer"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\DOCUME~1\JEAN-Y~1\LOCALS~1\Temp\services.exe"="C:\DOCUME~1\JEAN-Y~1\LOCALS~1\Temp\services.exe:*:Enabled:Flash Player2"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"

Remaining Files:
---------------

File Backups: - C:\DOCUME~1\JEAN-Y~1\Bureau\SDFix\backups\backups.zip

Files with Hidden Attributes:

Wed 30 May 2007     5,375,800 A..H. --- "C:\Program Files\Picasa2\setup.exe"
Sat 21 Apr 2007             5 A.SH. --- "C:\WINDOWS\system32\ccfbeecf_d.dll"
Thu 26 Jan 2006            56 ..SHR --- "C:\WINDOWS\system32\F4986B42B9.sys"
Wed  3 May 2006       163,328 ..SHR --- "C:\WINDOWS\system32\flvDX.dll"
Thu 26 Jan 2006         1,682 A.SH. --- "C:\WINDOWS\system32\KGyGaAvL.sys"
Wed 21 Feb 2007        31,232 ..SHR --- "C:\WINDOWS\system32\msfDX.dll"
Thu  3 Aug 2006         4,348 A.SH. --- "C:\Documents and Settings\All Users\DRM\DRMv1.bak"
Tue  6 Feb 2007        39,424 A..H. --- "C:\Documents and Settings\Jean-Yves\Mes documents\~WRL0001.tmp"
Wed  4 Apr 2007       206,848 A..H. --- "C:\Documents and Settings\Jean-Yves\Mes documents\~WRL0002.tmp"
Sun 11 Mar 2007        57,344 A..H. --- "C:\Documents and Settings\Jean-Yves\Mes documents\~WRL0003.tmp"
Sat 21 Apr 2007        59,392 A..H. --- "C:\Documents and Settings\Jean-Yves\Mes documents\~WRL0004.tmp"
Tue  4 Jul 2006        22,528 A..H. --- "C:\Documents and Settings\Jean-Yves\Mes documents\~WRL0005.tmp"
Mon  2 Oct 2006        44,032 A..H. --- "C:\Documents and Settings\Jean-Yves\Mes documents\~WRL0006.tmp"
Mon 26 Mar 2007        54,272 A..H. --- "C:\Documents and Settings\Jean-Yves\Mes documents\~WRL0007.tmp"
Tue  5 Jun 2007       103,424 A..H. --- "C:\Documents and Settings\Jean-Yves\Mes documents\~WRL0008.tmp"
Fri  8 Jun 2007       336,384 A..H. --- "C:\Documents and Settings\Jean-Yves\Mes documents\~WRL0009.tmp"
Tue 12 Jun 2007       357,888 A..H. --- "C:\Documents and Settings\Jean-Yves\Mes documents\~WRL0010.tmp"
Wed 26 Sep 2007        48,640 A..H. --- "C:\Documents and Settings\Jean-Yves\Mes documents\~WRL0011.tmp"
Sat 27 Oct 2007       278,528 ...H. --- "C:\Documents and Settings\Jean-Yves\Mes documents\~WRL0012.tmp"
Mon 24 Dec 2007        41,984 ...H. --- "C:\Documents and Settings\Jean-Yves\Mes documents\~WRL0013.tmp"
Wed 16 Jan 2008     2,114,560 ...H. --- "C:\Documents and Settings\Jean-Yves\Mes documents\~WRL0014.tmp"
Tue  4 Jul 2006        45,056 A..H. --- "C:\Documents and Settings\Jean-Yves\Mes documents\~WRL0027.tmp"
Wed  1 Aug 2007       456,192 A..H. --- "C:\Documents and Settings\Jean-Yves\Mes documents\~WRL0147.tmp"
Wed  1 Aug 2007       456,192 A..H. --- "C:\Documents and Settings\Jean-Yves\Mes documents\~WRL0364.tmp"
Fri  4 May 2007        67,072 A..H. --- "C:\Documents and Settings\Jean-Yves\Mes documents\~WRL0391.tmp"
Wed 26 Sep 2007        52,736 A..H. --- "C:\Documents and Settings\Jean-Yves\Mes documents\~WRL0519.tmp"
Sun 21 Oct 2007       171,008 ...H. --- "C:\Documents and Settings\Jean-Yves\Mes documents\~WRL0551.tmp"
Sun 22 Jan 2006        45,056 A..H. --- "C:\Documents and Settings\Jean-Yves\Mes documents\~WRL0674.tmp"
Sun 28 Oct 2007       123,904 ...H. --- "C:\Documents and Settings\Jean-Yves\Mes documents\~WRL0757.tmp"
Wed  1 Aug 2007       456,192 A..H. --- "C:\Documents and Settings\Jean-Yves\Mes documents\~WRL0837.tmp"
Sat 28 Jul 2007        28,672 A..H. --- "C:\Documents and Settings\Jean-Yves\Mes documents\~WRL1094.tmp"
Sat 20 Oct 2007       173,056 ...H. --- "C:\Documents and Settings\Jean-Yves\Mes documents\~WRL1252.tmp"
Sun 22 Jan 2006        30,720 A..H. --- "C:\Documents and Settings\Jean-Yves\Mes documents\~WRL1344.tmp"
Sun 11 Feb 2007       176,128 A..H. --- "C:\Documents and Settings\Jean-Yves\Mes documents\~WRL1497.tmp"
Wed  1 Aug 2007        63,488 A..H. --- "C:\Documents and Settings\Jean-Yves\Mes documents\~WRL1502.tmp"
Tue 30 Oct 2007       122,880 ...H. --- "C:\Documents and Settings\Jean-Yves\Mes documents\~WRL1503.tmp"
Sun  5 Feb 2006        20,992 A..H. --- "C:\Documents and Settings\Jean-Yves\Mes documents\~WRL1576.tmp"
Sat 17 Nov 2007        24,064 ...H. --- "C:\Documents and Settings\Jean-Yves\Mes documents\~WRL1579.tmp"
Sun 10 Jun 2007       345,600 A..H. --- "C:\Documents and Settings\Jean-Yves\Mes documents\~WRL1661.tmp"
Sat 12 Jan 2008        46,080 ...H. --- "C:\Documents and Settings\Jean-Yves\Mes documents\~WRL1685.tmp"
Fri  4 Aug 2006        30,720 A..H. --- "C:\Documents and Settings\Jean-Yves\Mes documents\~WRL1778.tmp"
Sun 29 Feb 2004        35,840 A..H. --- "C:\Documents and Settings\Jean-Yves\Mes documents\~WRL1781.tmp"
Wed  6 Jun 2007        71,680 A..H. --- "C:\Documents and Settings\Jean-Yves\Mes documents\~WRL1793.tmp"
Sat 20 Oct 2007        71,168 ...H. --- "C:\Documents and Settings\Jean-Yves\Mes documents\~WRL1832.tmp"
Thu 11 Jan 2007        27,648 A..H. --- "C:\Documents and Settings\Jean-Yves\Mes documents\~WRL1898.tmp"
Wed 16 Jan 2008        25,088 ...H. --- "C:\Documents and Settings\Jean-Yves\Mes documents\~WRL2063.tmp"
Mon 23 Jul 2001        20,480 A..H. --- "C:\Documents and Settings\Jean-Yves\Mes documents\~WRL2095.tmp"
Wed 26 Sep 2007        34,304 A..H. --- "C:\Documents and Settings\Jean-Yves\Mes documents\~WRL2156.tmp"
Sat 17 Nov 2007        27,648 ...H. --- "C:\Documents and Settings\Jean-Yves\Mes documents\~WRL2168.tmp"
Tue  6 Feb 2007       235,008 A..H. --- "C:\Documents and Settings\Jean-Yves\Mes documents\~WRL2172.tmp"
Sat 17 Nov 2007        26,112 ...H. --- "C:\Documents and Settings\Jean-Yves\Mes documents\~WRL2215.tmp"
Sun 29 Feb 2004        29,184 A..H. --- "C:\Documents and Settings\Jean-Yves\Mes documents\~WRL2318.tmp"
Sat 12 Jan 2008        24,064 ...H. --- "C:\Documents and Settings\Jean-Yves\Mes documents\~WRL2434.tmp"
Sun 28 Oct 2007        52,736 ...H. --- "C:\Documents and Settings\Jean-Yves\Mes documents\~WRL2467.tmp"
Thu 11 Jan 2007        44,032 ...H. --- "C:\Documents and Settings\Jean-Yves\Mes documents\~WRL2508.tmp"
Tue  3 Jul 2007        71,168 A..H. --- "C:\Documents and Settings\Jean-Yves\Mes documents\~WRL2524.tmp"
Sun 21 Oct 2007       172,032 ...H. --- "C:\Documents and Settings\Jean-Yves\Mes documents\~WRL2657.tmp"
Sun 11 Feb 2007        26,624 A..H. --- "C:\Documents and Settings\Jean-Yves\Mes documents\~WRL2693.tmp"
Sun 10 Jun 2007       351,232 A..H. --- "C:\Documents and Settings\Jean-Yves\Mes documents\~WRL2708.tmp"
Wed  4 Oct 2006        33,792 A..H. --- "C:\Documents and Settings\Jean-Yves\Mes documents\~WRL2734.tmp"
Fri  3 Nov 2006        51,712 ...H. --- "C:\Documents and Settings\Jean-Yves\Mes documents\~WRL2812.tmp"
Sun 21 Oct 2007        71,168 ...H. --- "C:\Documents and Settings\Jean-Yves\Mes documents\~WRL2838.tmp"
Sat 12 Jan 2008        44,032 ...H. --- "C:\Documents and Settings\Jean-Yves\Mes documents\~WRL2872.tmp"
Tue 23 Oct 2007        70,656 ...H. --- "C:\Documents and Settings\Jean-Yves\Mes documents\~WRL2945.tmp"
Tue 13 Feb 2007        53,248 A..H. --- "C:\Documents and Settings\Jean-Yves\Mes documents\~WRL3022.tmp"
Wed  1 Aug 2007        70,656 A..H. --- "C:\Documents and Settings\Jean-Yves\Mes documents\~WRL3030.tmp"
Mon 25 Jun 2007        58,880 A..H. --- "C:\Documents and Settings\Jean-Yves\Mes documents\~WRL3062.tmp"
Wed 27 Sep 2006        26,624 A..H. --- "C:\Documents and Settings\Jean-Yves\Mes documents\~WRL3066.tmp"
Wed 16 Jan 2008        25,088 ...H. --- "C:\Documents and Settings\Jean-Yves\Mes documents\~WRL3174.tmp"
Tue 31 Jul 2007        32,256 A..H. --- "C:\Documents and Settings\Jean-Yves\Mes documents\~WRL3265.tmp"
Sun 21 Oct 2007       167,936 ...H. --- "C:\Documents and Settings\Jean-Yves\Mes documents\~WRL3310.tmp"
Wed 13 Dec 2006        53,760 A..H. --- "C:\Documents and Settings\Jean-Yves\Mes documents\~WRL3392.tmp"
Sun 22 Jul 2007       449,536 A..H. --- "C:\Documents and Settings\Jean-Yves\Mes documents\~WRL3408.tmp"
Sun 21 Oct 2007        72,192 ...H. --- "C:\Documents and Settings\Jean-Yves\Mes documents\~WRL3458.tmp"
Fri  4 Jan 2008        49,664 ...H. --- "C:\Documents and Settings\Jean-Yves\Mes documents\~WRL3564.tmp"
Sat 28 Jul 2007        30,208 A..H. --- "C:\Documents and Settings\Jean-Yves\Mes documents\~WRL3644.tmp"
Sun 10 Jun 2007       346,624 A..H. --- "C:\Documents and Settings\Jean-Yves\Mes documents\~WRL3665.tmp"
Sun 10 Jun 2007       336,896 A..H. --- "C:\Documents and Settings\Jean-Yves\Mes documents\~WRL3695.tmp"
Sun  5 Feb 2006        19,968 A..H. --- "C:\Documents and Settings\Jean-Yves\Mes documents\~WRL3712.tmp"
Wed  1 Aug 2007       456,192 A..H. --- "C:\Documents and Settings\Jean-Yves\Mes documents\~WRL3764.tmp"
Sat  2 Jun 2007        62,976 A..H. --- "C:\Documents and Settings\Jean-Yves\Mes documents\~WRL3848.tmp"
Sat 28 Jul 2007        36,352 A..H. --- "C:\Documents and Settings\Jean-Yves\Mes documents\~WRL3859.tmp"
Sun 28 Oct 2007        52,736 ...H. --- "C:\Documents and Settings\Jean-Yves\Mes documents\~WRL3929.tmp"
Thu 21 Dec 2006        25,088 A..H. --- "C:\Documents and Settings\SONY\Mes documents\~WRL2593.tmp"
Wed 20 Dec 2006             0 A.SH. --- "C:\Documents and Settings\All Users\DRM\Cache\Indiv01.tmp"
Sun 13 Jan 2008             0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\ad213d081e2675ef87a62c73b8abf209\BIT8A.tmp"

Finished! 


voilou
c finit^^?l

Pi_Xi · Answer

* Télécharge Combofix.exe sur ton Bureau: http://download.bleepingcomputer.com/sUBs/ComboFix.exe
   
Déconnecte-toi du net et désactive ton antivirus pour que Combofix puisse s'exécuter normalement
Double clique sur Combofix.exe
Mets le en langue française F
Tape sur la touche 1 (Yes) pour démarrer le scan
Lorsque le scan sera terminé, un rapport apparaîtra
Poste le rapport sauvegardé: C:\Combofix.txt

* Télécharge: http://www.commentcamarche.net/telecharger/telecharger 122 spybot

Installe-le, mets-le à jour puis lance un scan. Nettoye ce qu'il a trouvé.

* Après ces manip, poste un nouveau rapport HiJackThis stp.

Je repasse ce soir ^^

antoine01000 · Answer

lu

nn cque je voulé dire c que qd il demande de rdémarrér, il redémarre en mode ss échec et il ne peut finir l'action de SDfix donc pr ça fo le rallumer en mode normal

Voila le rapport de Combofix :

ComboFix 08-01-23.1C - Jean-Yves 2008-01-26 13:59:50.1 - NTFSx86
Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.375 [GMT 1:00]
Endroit: C:\Documents and Settings\Jean-Yves\Bureau\ComboFix.exe
* Création d'un nouveau point de restauration

[color=red][b]AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !![/b][/color]
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Documents and Settings\SONY\Application Data\inst.exe
C:\Program Files\uusee
C:\WINDOWS\system32\drivers\npf.sys
C:\WINDOWS\system32\packet.dll
C:\WINDOWS\system32\pthreadVC.dll
C:\WINDOWS\system32\wanpacket.dll
C:\WINDOWS\system32\wpcap.dll

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))

.
-------\LEGACY_NPF
-------\NPF

((((((((((((((((((((((((((((( Fichiers cr‚‚s 2007-12-26 to 2008-01-26 ))))))))))))))))))))))))))))))))))))
.

2008-01-26 13:57 . 2000-08-31 08:00 51,200 --a------ C:\WINDOWS\Nircmd.exe
2008-01-25 16:44 . 2008-01-25 16:44 <REP> d-------- C:\WINDOWS\ERUNT
2008-01-23 09:49 . 2008-01-26 10:30 1,167 --a------ C:\WINDOWS\system32\drivers\fwdrv.err
2008-01-20 09:18 . 2008-01-20 09:18 <REP> d--hs---- C:\found.000
2008-01-17 16:24 . 2008-01-17 16:24 <REP> d-------- C:\Program Files\Fichiers communs\Wise Installation Wizard
2008-01-14 19:22 . 2008-01-14 22:44 <REP> d-------- C:\Program Files\Parental Filter
2008-01-13 19:04 . 2008-01-13 19:04 118 --a------ C:\WINDOWS\system32\MRT.INI
2008-01-13 18:50 . 2008-01-13 18:50 <REP> d-------- C:\Program Files\Microsoft CAPICOM 2.1.0.2
2008-01-11 08:57 . 2007-10-17 13:53 43,816 --a------ C:\WINDOWS\system32\drivers\fssfltr.sys
2008-01-11 08:56 . 2008-01-11 08:56 <REP> d-------- C:\Program Files\Windows Live Toolbar
2008-01-11 08:53 . 2006-11-29 13:06 3,426,072 --a------ C:\WINDOWS\system32\d3dx9_32.dll
2008-01-11 08:52 . 2008-01-11 08:52 <REP> d-------- C:\Program Files\Microsoft SQL Server Compact Edition
2008-01-11 08:34 . 2007-07-30 19:19 271,224 --a------ C:\WINDOWS\system32\mucltui.dll
2008-01-11 08:34 . 2007-07-30 19:19 207,736 --a------ C:\WINDOWS\system32\muweb.dll
2008-01-11 08:34 . 2007-07-30 19:18 30,072 --a------ C:\WINDOWS\system32\mucltui.dll.mui
2008-01-11 08:28 . 2008-01-11 08:36 <REP> d--hsc--- C:\Program Files\Fichiers communs\WindowsLiveInstaller
2008-01-09 16:11 . 2008-01-09 16:11 104,863,744 --a------ C:\Arte - Urgan, enfant de l'Himalaya partie 3.avi
2008-01-08 19:19 . 2006-09-12 11:46 227,328 -r-hs---- C:\WINDOWS\system32\ac3DX.ax
2008-01-08 19:19 . 2006-03-10 21:48 169,472 -r-hs---- C:\WINDOWS\system32\MatroskaDX.ax
2008-01-08 19:19 . 2006-05-03 10:06 163,328 -r-hs---- C:\WINDOWS\system32\flvDX.dll
2008-01-08 19:19 . 2005-11-25 20:46 161,792 -r-hs---- C:\WINDOWS\system32\RealMediaDX.ax
2008-01-08 19:19 . 2006-01-12 23:23 123,904 -r-hs---- C:\WINDOWS\system32\AVCDX.ax
2008-01-08 19:19 . 2003-11-20 23:00 54,784 -r-hs---- C:\WINDOWS\system32\RLAPEDec.ax
2008-01-08 19:19 . 2004-04-26 23:00 37,888 -r-hs---- C:\WINDOWS\system32\RLMPCDec.ax
2008-01-08 19:19 . 2007-02-21 11:47 31,232 -r-hs---- C:\WINDOWS\system32\msfDX.dll
2008-01-08 19:19 . 2007-07-03 06:59 9,292 ---h----- C:\WINDOWS\super.chm

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-01-26 13:07 81,984 ----a-w C:\WINDOWS\system32\bdod.bin
2008-01-22 17:26 7,219 ----a-w C:\WINDOWS\system32\drivers\services.xml
2008-01-17 19:11 46,080 ----a-w C:\WINDOWS\system32\ftp.exe
2008-01-17 19:11 17,920 ----a-w C:\WINDOWS\system32\tftp.exe
2008-01-13 17:46 --------- d-----w C:\Program Files\Fichiers communs\Real
2008-01-11 07:57 --------- d-----w C:\Program Files\Windows Live
2008-01-11 07:41 --------- d-----w C:\Program Files\MSN Messenger
2007-12-23 21:24 --------- d-----w C:\Program Files\uTorrent
2007-12-20 20:54 --------- d--h--w C:\Program Files\InstallShield Installation Information
2007-12-14 10:32 12,632 ----a-w C:\WINDOWS\system32\lsdelete.exe
2007-11-29 22:30 200,704 ----a-w C:\WINDOWS\system32\ssldivx.dll
2007-11-29 22:30 1,044,480 ----a-w C:\WINDOWS\system32\libdivx.dll
2007-11-29 12:15 3,532 ----a-w C:\drmHeader.bin
2007-11-24 21:00 4,229,496 ----a-w C:\WINDOWS\system32\SpoonUninstall.exe
2007-11-23 16:43 3,414,150 ----a-w C:\WINDOWS\system32\exec1.exe
2007-11-23 16:43 1,242,410 ----a-w C:\WINDOWS\system32\exec2.exe
2007-11-07 09:28 728,576 ----a-w C:\WINDOWS\system32\lsasrv.dll
2007-10-29 22:43 1,293,824 ----a-w C:\WINDOWS\system32\quartz.dll
2005-09-09 17:55 7,155,864 ----a-w C:\Program Files\NGhost10.msi
2005-09-09 17:55 37,766,164 ----a-w C:\Program Files\Data1.cab
2005-09-09 17:55 35 ----a-w C:\Program Files\SCSSDist.ini
2004-05-06 14:28 28,771 ----a-w C:\Program Files\INSTALL.LOG
2004-03-20 12:54 86,016 ----a-w C:\WINDOWS\Prefetch\czero.exe
2007-04-21 10:37 5 --sha-w C:\WINDOWS\system32\ccfbeecf_d.dll
2006-01-26 18:42 56 --sh--r C:\WINDOWS\system32\F4986B42B9.sys
2006-05-03 09:06 163,328 --sh--r C:\WINDOWS\system32\flvDX.dll
2006-01-26 18:42 1,682 --sha-w C:\WINDOWS\system32\KGyGaAvL.sys
2007-02-21 10:47 31,232 --sh--r C:\WINDOWS\system32\msfDX.dll
.

((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les ‚l‚ments vides & les ‚l‚ments initiaux l‚gitimes ne sont pas list‚s

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{4f3ed5cd-0726-42a9-87f5-d13f3d2976ac}]
C:\Program Files\Windows Live\Contrôle parental\fssbho.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-05 13:00 15360]
"WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [2006-11-03 09:59 204288]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HKSERV.EXE"="C:\Program Files\Sony\HotKey Utility\HKserv.exe" [2004-10-16 21:48 122880]
"VAIO Update 2"="C:\Program Files\sony\vaio update 2\VAIOUpdt.exe" [2005-01-14 13:43 151552]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 01:11 132496]
"VZRemoteCommander"="C:\Program Files\Sony\VAIO Zone Remote Commander\AvRmtCtr.exe" [2005-01-31 10:10 192512]
"PDService.exe"="C:\Program Files\Utimaco\SafeGuard PrivateDisk\pdservice.exe" [2004-07-06 14:15 40960]
"VMConsole.exe"="C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VMConsole.exe" [2005-01-14 16:19 315392]
"SsAAD.exe"="C:\PROGRA~1\sony\SONICS~1\SsAAD.exe" [2005-01-24 19:58 81920]
"TVTunerLib"="C:\Program Files\Fichiers communs\Sony Shared\TVTunerLib\TVTLInstTool.exe" [2005-02-15 22:19 245760]
"LogitechVideoRepair"="C:\Program Files\Logitech\Video\ISStart.exe" [2004-02-12 16:57 188416]
"LogitechVideoTray"="C:\Program Files\Logitech\Video\LogiTray.exe" [2004-02-12 16:59 77824]
"BDMCon"="C:\Program Files\Softwin\BitDefender9\bdmcon.exe" [2006-04-28 10:26 372736]
"BDOESRV"="C:\Program Files\Softwin\BitDefender9\bdoesrv.exe" [2005-03-11 17:53 90112]
"BDNewsAgent"="C:\Program Files\Softwin\BitDefender9\bdnagent.exe" [2005-06-09 10:28 9728]
"BDSwitchAgent"="C:\Program Files\Softwin\BitDefender9\bdswitch.exe" [2005-04-06 13:09 33280]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2004-07-07 22:02 4136960]
"ISUSScheduler"="C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" [2005-02-16 16:15 81920]
"iTunesHelper"="D:\itunes\iTunesHelper.exe" [2006-10-30 09:36 256576]
"NeroFilterCheck"="C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe" [2007-03-01 14:57 153136]
"QuickTime Task"="D:\quicktime\qttask.exe" [2007-06-29 05:24 286720]
"fssui"="C:\Program Files\Windows Live\Contrôle parental\fssui.exe" [ ]
"LOGGING_EPCP"="C:\Program Files\Parental Filter\LoggingEPCP.exe" [2007-02-12 11:33 49152]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices]
"gpedfsdjzcyg"="C:\WINDOWS\system32\gpedfsdjzcyg.exe" [ ]
"z"="C:\WINDOWS\system32\z.exe" [ ]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-05 13:00 15360]

C:\Documents and Settings\SONY\Menu D‚marrer\Programmes\D‚marrage\
VAIO Launcher.lnk - C:\Program Files\Sony\VAIO Launcher\Launcher.exe [2005-03-23 10:47:18 778240]

C:\Documents and Settings\Jean-Yves\Menu D‚marrer\Programmes\D‚marrage\
VAIO Launcher.lnk - C:\Program Files\Sony\VAIO Launcher\Launcher.exe [2005-03-23 10:47:18 778240]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"DisableTaskMgr"= 1 (0x1)

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\New.net Startup]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WhenUSearch]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WhenUSearchWHSE]

R0 AFPAnsi;Alfa File Protector Ansi;C:\WINDOWS\system32\Drivers\AFPAnsi.sys [2005-06-04 14:54]
R1 bdftdif;BitDefender Firewall TDI Filter;C:\Program Files\Fichiers communs\Softwin\BitDefender Firewall\bdftdif.sys [2006-06-21 14:55]
R1 fwdrv;Firewall Driver;C:\WINDOWS\system32\drivers\fwdrv.sys [2007-03-16 09:56]
R1 khips;Kerio HIPS Driver;C:\WINDOWS\system32\drivers\khips.sys [2007-03-16 09:56]
R1 PrivateDisk;PrivateDisk;C:\WINDOWS\system32\Drivers\PrivateDiskM.sys [2004-07-06 14:07]
R2 fssfltr;FssFltr;C:\WINDOWS\system32\DRIVERS\fssfltr.sys [2007-10-17 13:53]
R2 fsssvc;Windows Live OneCare Contrôle parental;"C:\Program Files\Windows Live\Contrôle parental\fsssvc.exe" []
R2 MSSQL$VAIO_VEDB;MSSQL$VAIO_VEDB;C:\Program Files\Microsoft SQL Server\MSSQL$VAIO_VEDB\Binn\sqlservr.exe [2002-12-17 17:55]
R2 ServiceEPCP;Parental Filter;C:\Program Files\Parental Filter\ServiceEPCP.exe [2007-02-12 11:33]
R2 tansgt;tansgt;C:\WINDOWS\system32\drivers\tansgt.sys [2007-07-08 09:49]
R3 Bdfndisf;BitDefender Firewall NDIS Filter Service;C:\WINDOWS\system32\DRIVERS\bdfndisf.sys [2006-06-21 14:55]
S2 System Session Manager Subsystem;MS Session Manager Subsystem;c:\windows\system32\drivers\etc\smss.exe []
S2 Windows Services Control;Windows Services Control;c:\windows\system32\drivers\services.exe []
S3 AdobeActiveFileMonitor;Adobe Active File Monitor;C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe [2004-10-12 04:47]
S3 Boonty Games;Boonty Games;"C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe" [2006-02-12 11:29]
S3 fbxusb;Carte réseau virtuelle FreeBox USB;C:\WINDOWS\system32\DRIVERS\fbxusb32.sys [2004-10-20 14:23]
S3 Image Converter video recording monitor for VAIO Entertainment;Image Converter video recording monitor for VAIO Entertainment;C:\Program Files\Sony\image converter 2\IcVzMon.exe [2005-02-24 14:38]
S3 PhotoshopElementsDeviceConnect;Photoshop Elements Device Connect;C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsDeviceConnect.exe [2004-10-12 03:40]
S3 PTWDrv;PTW - Process monitoring driver;D:\radio\PC TimeWatch\PTWatch.sys []
S3 SQLAgent$VAIO_VEDB;SQLAgent$VAIO_VEDB;C:\Program Files\Microsoft SQL Server\MSSQL$VAIO_VEDB\Binn\sqlagent.EXE [2002-12-17 17:23]
S3 USBSTOR;Pilote de stockage de masse USB;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 23:08]

.
Contenu du dossier 'Scheduled Tasks/Tƒches planifi‚es'
"2007-09-04 13:18:40 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
"2008-01-11 07:56:43 C:\WINDOWS\Tasks\Vérifier les mises à jour de Windows Live Toolbar.job"

Et voila le rapport de hijackthis après une analyse de spybot :
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:01, on 2008-01-26
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
D:\radio\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\LEC\LogoMedia TranslateDotNet Server.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Microsoft SQL Server\MSSQL$VAIO_VEDB\Binn\sqlservr.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Parental Filter\ServiceEPCP.exe
C:\Program Files\Sony\vaio entertainment\VzTaskScheduler.exe
C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe
C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe
C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe
C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
C:\Program Files\Softwin\BitDefender9\vsserv.exe
C:\Program Files\Sony\HotKey Utility\HKserv.exe
C:\Program Files\sony\vaio update 2\VAIOUpdt.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\Sony\VAIO Zone Remote Commander\AvRmtCtr.exe
C:\Program Files\Utimaco\SafeGuard PrivateDisk\pdservice.exe
C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VMConsole.exe
C:\PROGRA~1\sony\SONICS~1\SsAAD.exe
C:\Program Files\Sony\HotKey Utility\HKWnd.exe
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\Softwin\BitDefender9\bdmcon.exe
C:\Program Files\Softwin\BitDefender9\bdoesrv.exe
C:\program files\softwin\bitdefender9\bdnagent.exe
C:\program files\softwin\bitdefender9\bdswitch.exe
D:\itunes\iTunesHelper.exe
C:\Program Files\Windows Live\Contrôle parental\fssui.exe
C:\Program Files\Parental Filter\LoggingEPCP.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\WINDOWS\system32\LVComS.exe
C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe
C:\Program Files\Fichiers communs\Sony Shared\AVLib\SSScsiSV.exe
C:\Program Files\Sony\sonicstage mastering studio\audio filter\SSMSFilter.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment\VzRs\VzRs.exe
C:\Program Files\Sony\vaio entertainment\VzTrayIcon.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE
D:\itunes\iTunes.exe
D:\radio\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.club-vaio.com/fr
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Windows Live OneCare Family Safety Browser Helper - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Contrôle parental\fssbho.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: VGOIEBHO Helper - {B6FA00D9-86EC-4158-9488-D00DFF897E86} - C:\Program Files\21cn\VGO\VGOIEBHO.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - D:\radio\Plugins\reg\VeohToolbar.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [HKSERV.EXE] C:\Program Files\Sony\HotKey Utility\HKserv.exe
O4 - HKLM\..\Run: [VAIO Update 2] "C:\Program Files\sony\vaio update 2\VAIOUpdt.exe" /Stationary
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [VZRemoteCommander] C:\Program Files\Sony\VAIO Zone Remote Commander\AvRmtCtr.exe
O4 - HKLM\..\Run: [PDService.exe] C:\Program Files\Utimaco\SafeGuard PrivateDisk\pdservice.exe
O4 - HKLM\..\Run: [VMConsole.exe] "C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VMConsole.exe" /windowmin
O4 - HKLM\..\Run: [SsAAD.exe] C:\PROGRA~1\sony\SONICS~1\SsAAD.exe
O4 - HKLM\..\Run: [TVTunerLib] C:\Program Files\Fichiers communs\Sony Shared\TVTunerLib\TVTLInstTool.exe
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [BDMCon] "C:\Program Files\Softwin\BitDefender9\bdmcon.exe"
O4 - HKLM\..\Run: [BDOESRV] "C:\Program Files\Softwin\BitDefender9\bdoesrv.exe"
O4 - HKLM\..\Run: [BDNewsAgent] "C:\Program Files\Softwin\BitDefender9\bdnagent.exe"
O4 - HKLM\..\Run: [BDSwitchAgent] "C:\Program Files\Softwin\BitDefender9\bdswitch.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [iTunesHelper] "D:\itunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [QuickTime Task] "D:\quicktime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [fssui] "C:\Program Files\Windows Live\Contrôle parental\fssui.exe" -autorun
O4 - HKLM\..\Run: [LOGGING_EPCP] "C:\Program Files\Parental Filter\LoggingEPCP.exe" start
O4 - HKLM\..\RunServices: [gpedfsdjzcyg] C:\WINDOWS\system32\gpedfsdjzcyg.exe
O4 - HKLM\..\RunServices: [z] C:\WINDOWS\system32\z.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - .DEFAULT User Startup: VAIO Launcher.lnk = C:\Program Files\Sony\VAIO Launcher\Launcher.exe (User 'Default user')
O4 - Startup: VAIO Launcher.lnk = C:\Program Files\Sony\VAIO Launcher\Launcher.exe
O4 - Global Startup: Assistant d'Acrobat.lnk = C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe
O4 - Global Startup: Audio Filter.lnk = C:\Program Files\Sony\sonicstage mastering studio\audio filter\SSMSFilter.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: État de l'enregistrement.lnk = C:\Program Files\Sony\vaio entertainment\VzTrayIcon.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\Jean-Yves\Menu Démarrer\Programmes\IMVU\Run IMVU.lnk (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\program files\parental filter\hooklib.dll
O10 - Unknown file in Winsock LSP: c:\program files\parental filter\hooklib.dll
O10 - Unknown file in Winsock LSP: c:\program files\parental filter\hooklib.dll
O10 - Unknown file in Winsock LSP: c:\program files\parental filter\hooklib.dll
O10 - Unknown file in Winsock LSP: c:\program files\parental filter\hooklib.dll
O10 - Unknown file in Winsock LSP: c:\program files\parental filter\hooklib.dll
O10 - Unknown file in Winsock LSP: c:\program files\parental filter\hooklib.dll
O10 - Unknown file in Winsock LSP: c:\program files\parental filter\hooklib.dll
O10 - Unknown file in Winsock LSP: c:\program files\parental filter\hooklib.dll
O10 - Unknown file in Winsock LSP: c:\program files\parental filter\hooklib.dll
O10 - Unknown file in Winsock LSP: c:\program files\parental filter\hooklib.dll
O10 - Unknown file in Winsock LSP: c:\program files\parental filter\hooklib.dll
O10 - Unknown file in Winsock LSP: c:\program files\parental filter\hooklib.dll
O10 - Unknown file in Winsock LSP: c:\program files\parental filter\hooklib.dll
O10 - Unknown file in Winsock LSP: c:\program files\parental filter\hooklib.dll
O10 - Unknown file in Winsock LSP: c:\program files\parental filter\hooklib.dll
O10 - Unknown file in Winsock LSP: c:\program files\parental filter\hooklib.dll
O10 - Unknown file in Winsock LSP: c:\program files\parental filter\hooklib.dll
O10 - Unknown file in Winsock LSP: c:\program files\parental filter\hooklib.dll
O10 - Unknown file in Winsock LSP: c:\program files\parental filter\hooklib.dll
O16 - DPF: {084DAC27-6FA3-4F55-9005-033F2F102F5C} (ITPPDiagIE Class) - http://data.jeuxclassiques.com/npwwg.cab
O16 - DPF: {27527D31-447B-11D5-A46E-0001023B4289} (CoGSManager Class) - http://gamingzone.ubisoft.com/dev/packages/GSManager.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/pr02/resources/MSNPUpld.cab
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.safety.live.com/resource/download/scanner/wlscbase8460.cab
O16 - DPF: {7E980B9B-8AE5-466A-B6D6-DA8CF814E78A} (MJLauncherCtrl Class) - http://zone.msn.com/bingame/luxr/default/mjolauncher.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://cdn2.zone.msn.com/binFramework/v10/ZIntro.cab34246.cab
O16 - DPF: {BD8667B7-38D8-4C77-B580-18C3E146372C} (Creative Toolbox Plug-in) - http://bmm.imgag.com/imgag/cp/install/crusher-fr.cab
O16 - DPF: {C45B1500-7B63-47C2-AB25-C28CB46AFDEE} (MediaBar) - http://sib1.od2.com/common/musicmanager/installation/MusicManagerPlugin.CAB
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: x-mem1n - {2AB77CF2-76FF-475C-9AB8-0332478CBDEB} - C:\Program Files\Parental Filter\wowctl.net.dll
O18 - Protocol: x-mem3n - {0F4413E7-5D3B-4B1A-8AA2-E2307F06B228} - C:\Program Files\Parental Filter\eztoolslib.net.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - D:\radio\aawservice.exe
O23 - Service: Adobe Active File Monitor (AdobeActiveFileMonitor) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe
O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
O23 - Service: FileZilla Server FTP server (FileZilla Server) - Unknown owner - D:\radio\FileZilla Server\FileZilla Server.exe (file missing)
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Image Converter video recording monitor for VAIO Entertainment - Sony Corporation - C:\Program Files\Sony\image converter 2\IcVzMon.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Sunbelt Kerio Personal Firewall 4 (KPF4) - Sunbelt Software - D:\radio\parefeu\kpf4ss.exe
O23 - Service: LEC TranslateDotNet Server - Language Engineering Corporation, LLC - C:\Program Files\LEC\LogoMedia TranslateDotNet Server.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - SOFTWIN S.R.L. - C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: NBService - Nero AG - D:\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Photoshop Elements Device Connect (PhotoshopElementsDeviceConnect) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsDeviceConnect.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - NetGroup - Politecnico di Torino - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: Parental Filter (ServiceEPCP) - Unknown owner - C:\Program Files\Parental Filter\ServiceEPCP.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SSScsiSV.exe
O23 - Service: MS Session Manager Subsystem (System Session Manager Subsystem) - Unknown owner - c:\windows\system32\drivers\etc\smss.exe (file missing)
O23 - Service: VAIO Entertainment Aggregation and Control Service - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment\VzRs\VzRs.exe
O23 - Service: VAIO Entertainment Task Scheduler - Sony Corporation - C:\Program Files\Sony\vaio entertainment\VzTaskScheduler.exe
O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe
O23 - Service: VAIO Media Integrated Server (VAIOMediaPlatform-IntegratedServer-AppServer) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe
O23 - Service: VAIO Media Integrated Server (HTTP) (VAIOMediaPlatform-IntegratedServer-HTTP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
O23 - Service: VAIO Media Integrated Server (UPnP) (VAIOMediaPlatform-IntegratedServer-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
O23 - Service: VAIO Media Gateway Server (VAIOMediaPlatform-Mobile-Gateway) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe
O23 - Service: VAIO Cooporated Initialisation (VCI) - Sony Corporation - C:\Program Files\Sony\VAIO Cooperated Initialisation\VCI_SVC.exe
O23 - Service: VAIO Entertainment UPnP Client Adapter (Vcsw) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - SOFTWIN S.R.L. - C:\Program Files\Softwin\BitDefender9\vsserv.exe
O23 - Service: VAIO Entertainment Database Service (VzCdbSvc) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
O23 - Service: VAIO Entertainment File Import Service (VzFw) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
O23 - Service: Windows Services Control - Unknown owner - c:\windows\system32\drivers\services.exe (file missing)
O23 - Service: BitDefender Communicator (XCOMM) - Softwin - C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe

Pi_Xi · Answer

Non non c'est pas fini du tout là !!

Et n'utilise pas ces outils sans l'avis d'un helper !

Pi_Xi · Answer

* Ouvre Hijackthis, choisis "do a scan only"

Coche la case devant les lignes:O4 - HKLM\..\RunServices: [gpedfsdjzcyg] C:\WINDOWS\system32\gpedfsdjzcyg.exe
O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\Jean-Yves\Menu Démarrer\Programmes\IMVU\Run IMVU.lnk (file missing)
O10 - Unknown file in Winsock LSP: c:\program files\parental filter\hooklib.dll
O16 - DPF: {084DAC27-6FA3-4F55-9005-033F2F102F5C} (ITPPDiagIE Class) - http://data.jeuxclassiques.com/npwwg.cab
O16 - DPF: {BD8667B7-38D8-4C77-B580-18C3E146372C} (Creative Toolbox Plug-in) - http://bmm.imgag.com/imgag/cp/install/crusher-fr.cab
O23 - Service: MS Session Manager Subsystem (System Session Manager Subsystem) - Unknown owner - c:\windows\system32\drivers\etc\smss.exe (file missing)
O23 - Service: Windows Services Control - Unknown owner - c:\windows\system32\drivers\services.exe (file missing)Ferme toutes les autres fenêtres actives et clique sur "Fix checked"

Pour les lignes 10, tu les fixent toutes !

* Puis supprime le fichier "gpedfsdjzcyg.exe" dans C:\WINDOWS\system32

Et forcément, si tu es un adepte du p2p, tu cherches les infections, surtout par les temps qui courent !

antoine01000 · Answer

alors il a pas réussi a supprimer les lignes commençant par 010
et il a pas trouver le fichier : gpedfsdjzcyg.exe


je te renvois rapport hijackthis

antoine01000 · Answer

je suis pas sur mais je crois que le pc na pas réussit à supprimer les fichiers parcque parental filter était en cours d'utilisiation

rapport hijackthis:
 Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:00, on 2008-01-29
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
D:adio\aawservice.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\LEC\LogoMedia TranslateDotNet Server.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Microsoft SQL Server\MSSQL$VAIO_VEDB\Binn\sqlservr.exe
C:\WINDOWS\system32
vsvc32.exe
C:\Program Files\Parental Filter\ServiceEPCP.exe
C:\Program Files\Sony\HotKey Utility\HKserv.exe
C:\Program Files\sony\vaio update 2\VAIOUpdt.exe
C:\Program Files\Sony\HotKey Utility\HKWnd.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\Sony\VAIO Zone Remote Commander\AvRmtCtr.exe
C:\Program Files\Sony\vaio entertainment\VzTaskScheduler.exe
C:\Program Files\Utimaco\SafeGuard PrivateDisk\pdservice.exe
C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VMConsole.exe
C:\PROGRA~1\sony\SONICS~1\SsAAD.exe
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\Softwin\BitDefender9\bdmcon.exe
C:\Program Files\Softwin\BitDefender9\bdoesrv.exe
C:\program files\softwin\bitdefender9\bdnagent.exe
C:\program files\softwin\bitdefender9\bdswitch.exe
D:\itunes\iTunesHelper.exe
C:\Program Files\Windows Live\Contrôle parental\fssui.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe
C:\Program Files\Sony\sonicstage mastering studio\audio filter\SSMSFilter.exe
C:\WINDOWS\system32\LVComS.exe
C:\Program Files\Sony\vaio entertainment\VzTrayIcon.exe
C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe
C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe
C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
C:\Program Files\Softwin\BitDefender9\vsserv.exe
C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment\VzRs\VzRs.exe
C:\Program Files\Fichiers communs\Sony Shared\AVLib\SSScsiSV.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
D:adio\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.club-vaio.com/fr
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Windows Live OneCare Family Safety Browser Helper - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Contrôle parental\fssbho.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: VGOIEBHO Helper - {B6FA00D9-86EC-4158-9488-D00DFF897E86} - C:\Program Files\21cn\VGO\VGOIEBHO.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - D:adio\Pluginseg\VeohToolbar.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [HKSERV.EXE] C:\Program Files\Sony\HotKey Utility\HKserv.exe
O4 - HKLM\..\Run: [VAIO Update 2] "C:\Program Files\sony\vaio update 2\VAIOUpdt.exe" /Stationary
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [VZRemoteCommander] C:\Program Files\Sony\VAIO Zone Remote Commander\AvRmtCtr.exe
O4 - HKLM\..\Run: [PDService.exe] C:\Program Files\Utimaco\SafeGuard PrivateDisk\pdservice.exe
O4 - HKLM\..\Run: [VMConsole.exe] "C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VMConsole.exe" /windowmin
O4 - HKLM\..\Run: [SsAAD.exe] C:\PROGRA~1\sony\SONICS~1\SsAAD.exe
O4 - HKLM\..\Run: [TVTunerLib] C:\Program Files\Fichiers communs\Sony Shared\TVTunerLib\TVTLInstTool.exe
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [BDMCon] "C:\Program Files\Softwin\BitDefender9\bdmcon.exe"
O4 - HKLM\..\Run: [BDOESRV] "C:\Program Files\Softwin\BitDefender9\bdoesrv.exe"
O4 - HKLM\..\Run: [BDNewsAgent] "C:\Program Files\Softwin\BitDefender9\bdnagent.exe"
O4 - HKLM\..\Run: [BDSwitchAgent] "C:\Program Files\Softwin\BitDefender9\bdswitch.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [iTunesHelper] "D:\itunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [fssui] "C:\Program Files\Windows Live\Contrôle parental\fssui.exe" -autorun
O4 - HKLM\..\Run: [LOGGING_EPCP] "C:\Program Files\Parental Filter\LoggingEPCP.exe" start
O4 - HKLM\..\RunServices: [z] C:\WINDOWS\system32\z.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - .DEFAULT User Startup: VAIO Launcher.lnk = C:\Program Files\Sony\VAIO Launcher\Launcher.exe (User 'Default user')
O4 - Startup: VAIO Launcher.lnk = C:\Program Files\Sony\VAIO Launcher\Launcher.exe
O4 - Global Startup: Assistant d'Acrobat.lnk = C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe
O4 - Global Startup: Audio Filter.lnk = C:\Program Files\Sony\sonicstage mastering studio\audio filter\SSMSFilter.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Readereader_sl.exe
O4 - Global Startup: État de l'enregistrement.lnk = C:\Program Files\Sony\vaio entertainment\VzTrayIcon.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\program files\parental filter\hooklib.dll
O10 - Unknown file in Winsock LSP: c:\program files\parental filter\hooklib.dll
O10 - Unknown file in Winsock LSP: c:\program files\parental filter\hooklib.dll
O10 - Unknown file in Winsock LSP: c:\program files\parental filter\hooklib.dll
O10 - Unknown file in Winsock LSP: c:\program files\parental filter\hooklib.dll
O10 - Unknown file in Winsock LSP: c:\program files\parental filter\hooklib.dll
O10 - Unknown file in Winsock LSP: c:\program files\parental filter\hooklib.dll
O10 - Unknown file in Winsock LSP: c:\program files\parental filter\hooklib.dll
O10 - Unknown file in Winsock LSP: c:\program files\parental filter\hooklib.dll
O10 - Unknown file in Winsock LSP: c:\program files\parental filter\hooklib.dll
O10 - Unknown file in Winsock LSP: c:\program files\parental filter\hooklib.dll
O10 - Unknown file in Winsock LSP: c:\program files\parental filter\hooklib.dll
O10 - Unknown file in Winsock LSP: c:\program files\parental filter\hooklib.dll
O10 - Unknown file in Winsock LSP: c:\program files\parental filter\hooklib.dll
O10 - Unknown file in Winsock LSP: c:\program files\parental filter\hooklib.dll
O10 - Unknown file in Winsock LSP: c:\program files\parental filter\hooklib.dll
O10 - Unknown file in Winsock LSP: c:\program files\parental filter\hooklib.dll
O10 - Unknown file in Winsock LSP: c:\program files\parental filter\hooklib.dll
O10 - Unknown file in Winsock LSP: c:\program files\parental filter\hooklib.dll
O10 - Unknown file in Winsock LSP: c:\program files\parental filter\hooklib.dll
O16 - DPF: {27527D31-447B-11D5-A46E-0001023B4289} (CoGSManager Class) - http://gamingzone.ubisoft.com/dev/packages/GSManager.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/pr02/resources/MSNPUpld.cab
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.safety.live.com/resource/download/scanner/wlscbase8460.cab
O16 - DPF: {7E980B9B-8AE5-466A-B6D6-DA8CF814E78A} (MJLauncherCtrl Class) - http://zone.msn.com/bingame/luxr/default/mjolauncher.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://cdn2.zone.msn.com/binFramework/v10/ZIntro.cab34246.cab
O16 - DPF: {C45B1500-7B63-47C2-AB25-C28CB46AFDEE} (MediaBar) - http://sib1.od2.com/common/musicmanager/installation/MusicManagerPlugin.CAB
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: x-mem1n - {2AB77CF2-76FF-475C-9AB8-0332478CBDEB} - C:\Program Files\Parental Filter\wowctl.net.dll
O18 - Protocol: x-mem3n - {0F4413E7-5D3B-4B1A-8AA2-E2307F06B228} - C:\Program Files\Parental Filter\eztoolslib.net.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - D:adio\aawservice.exe
O23 - Service: Adobe Active File Monitor (AdobeActiveFileMonitor) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe
O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
O23 - Service: FileZilla Server FTP server (FileZilla Server) - Unknown owner - D:adio\FileZilla Server\FileZilla Server.exe (file missing)
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Image Converter video recording monitor for VAIO Entertainment - Sony Corporation - C:\Program Files\Sony\image converter 2\IcVzMon.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Sunbelt Kerio Personal Firewall 4 (KPF4) - Unknown owner - D:adio\parefeu\kpf4ss.exe (file missing)
O23 - Service: LEC TranslateDotNet Server - Language Engineering Corporation, LLC - C:\Program Files\LEC\LogoMedia TranslateDotNet Server.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - SOFTWIN S.R.L. - C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: NBService - Nero AG - D:\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32
vsvc32.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Photoshop Elements Device Connect (PhotoshopElementsDeviceConnect) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsDeviceConnect.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - NetGroup - Politecnico di Torino - C:\Program Files\WinPcappcapd.exe
O23 - Service: Parental Filter (ServiceEPCP) - Unknown owner - C:\Program Files\Parental Filter\ServiceEPCP.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SSScsiSV.exe
O23 - Service: MS Session Manager Subsystem (System Session Manager Subsystem) - Unknown owner - c:\windows\system32\drivers\etc\smss.exe (file missing)
O23 - Service: VAIO Entertainment Aggregation and Control Service - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment\VzRs\VzRs.exe
O23 - Service: VAIO Entertainment Task Scheduler - Sony Corporation - C:\Program Files\Sony\vaio entertainment\VzTaskScheduler.exe
O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe
O23 - Service: VAIO Media Integrated Server (VAIOMediaPlatform-IntegratedServer-AppServer) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe
O23 - Service: VAIO Media Integrated Server (HTTP) (VAIOMediaPlatform-IntegratedServer-HTTP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
O23 - Service: VAIO Media Integrated Server (UPnP) (VAIOMediaPlatform-IntegratedServer-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
O23 - Service: VAIO Media Gateway Server (VAIOMediaPlatform-Mobile-Gateway) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe
O23 - Service: VAIO Cooporated Initialisation (VCI) - Sony Corporation - C:\Program Files\Sony\VAIO Cooperated Initialisation\VCI_SVC.exe
O23 - Service: VAIO Entertainment UPnP Client Adapter (Vcsw) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - SOFTWIN S.R.L. - C:\Program Files\Softwin\BitDefender9\vsserv.exe
O23 - Service: VAIO Entertainment Database Service (VzCdbSvc) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
O23 - Service: VAIO Entertainment File Import Service (VzFw) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
O23 - Service: BitDefender Communicator (XCOMM) - Softwin - C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe

Pi_Xi · Answer

Hello!

* Télécharge LSPFix sur ton Bureau: http://cexx.org/LSPFix.exe

Ouvre LSPFix

Ferme Internet Explorer et arrêter la connexion à Internet

Coche la case "I know what I'm doing"

Ne fais rien d'autre et clique sur "Finish".

* Puis poste un nouveau rapport HiJack stp.

antoine01000 · Answer

re

alors je te previens ton logiciel n'a rien bougé, ct marqué 0 en face de tt

voilou le rapport: 

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:29, on 2008-01-30
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
D:adio\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\LEC\LogoMedia TranslateDotNet Server.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Microsoft SQL Server\MSSQL$VAIO_VEDB\Binn\sqlservr.exe
C:\WINDOWS\system32
vsvc32.exe
C:\Program Files\Parental Filter\ServiceEPCP.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Sony\vaio entertainment\VzTaskScheduler.exe
C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe
C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe
C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe
C:\Program Files\Sony\HotKey Utility\HKserv.exe
C:\Program Files\sony\vaio update 2\VAIOUpdt.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\Sony\VAIO Zone Remote Commander\AvRmtCtr.exe
C:\Program Files\Sony\HotKey Utility\HKWnd.exe
C:\Program Files\Utimaco\SafeGuard PrivateDisk\pdservice.exe
C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VMConsole.exe
C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
C:\PROGRA~1\sony\SONICS~1\SsAAD.exe
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\Softwin\BitDefender9\bdmcon.exe
C:\Program Files\Softwin\BitDefender9\bdoesrv.exe
C:\Program Files\Softwin\BitDefender9\bdnagent.exe
C:\Program Files\Softwin\BitDefender9\bdswitch.exe
D:\itunes\iTunesHelper.exe
C:\Program Files\Windows Live\Contrôle parental\fssui.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe
C:\Program Files\Sony\sonicstage mastering studio\audio filter\SSMSFilter.exe
C:\Program Files\Sony\vaio entertainment\VzTrayIcon.exe
C:\WINDOWS\system32\LVComS.exe
C:\Program Files\Softwin\BitDefender9\vsserv.exe
C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe
C:\Program Files\Fichiers communs\Sony Shared\AVLib\SSScsiSV.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment\VzRs\VzRs.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\WINDOWS\system32\svchost.exe
D:adio\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.club-vaio.com/fr
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Windows Live OneCare Family Safety Browser Helper - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Contrôle parental\fssbho.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: VGOIEBHO Helper - {B6FA00D9-86EC-4158-9488-D00DFF897E86} - C:\Program Files\21cn\VGO\VGOIEBHO.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - D:adio\Pluginseg\VeohToolbar.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [HKSERV.EXE] C:\Program Files\Sony\HotKey Utility\HKserv.exe
O4 - HKLM\..\Run: [VAIO Update 2] "C:\Program Files\sony\vaio update 2\VAIOUpdt.exe" /Stationary
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [VZRemoteCommander] C:\Program Files\Sony\VAIO Zone Remote Commander\AvRmtCtr.exe
O4 - HKLM\..\Run: [PDService.exe] C:\Program Files\Utimaco\SafeGuard PrivateDisk\pdservice.exe
O4 - HKLM\..\Run: [VMConsole.exe] "C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VMConsole.exe" /windowmin
O4 - HKLM\..\Run: [SsAAD.exe] C:\PROGRA~1\sony\SONICS~1\SsAAD.exe
O4 - HKLM\..\Run: [TVTunerLib] C:\Program Files\Fichiers communs\Sony Shared\TVTunerLib\TVTLInstTool.exe
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [BDMCon] "C:\Program Files\Softwin\BitDefender9\bdmcon.exe"
O4 - HKLM\..\Run: [BDOESRV] "C:\Program Files\Softwin\BitDefender9\bdoesrv.exe"
O4 - HKLM\..\Run: [BDNewsAgent] "C:\Program Files\Softwin\BitDefender9\bdnagent.exe"
O4 - HKLM\..\Run: [BDSwitchAgent] "C:\Program Files\Softwin\BitDefender9\bdswitch.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [iTunesHelper] "D:\itunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [fssui] "C:\Program Files\Windows Live\Contrôle parental\fssui.exe" -autorun
O4 - HKLM\..\Run: [LOGGING_EPCP] "C:\Program Files\Parental Filter\LoggingEPCP.exe" start
O4 - HKLM\..\RunServices: [z] C:\WINDOWS\system32\z.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - .DEFAULT User Startup: VAIO Launcher.lnk = C:\Program Files\Sony\VAIO Launcher\Launcher.exe (User 'Default user')
O4 - Startup: VAIO Launcher.lnk = C:\Program Files\Sony\VAIO Launcher\Launcher.exe
O4 - Global Startup: Assistant d'Acrobat.lnk = C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe
O4 - Global Startup: Audio Filter.lnk = C:\Program Files\Sony\sonicstage mastering studio\audio filter\SSMSFilter.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Readereader_sl.exe
O4 - Global Startup: État de l'enregistrement.lnk = C:\Program Files\Sony\vaio entertainment\VzTrayIcon.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\program files\parental filter\hooklib.dll
O10 - Unknown file in Winsock LSP: c:\program files\parental filter\hooklib.dll
O10 - Unknown file in Winsock LSP: c:\program files\parental filter\hooklib.dll
O10 - Unknown file in Winsock LSP: c:\program files\parental filter\hooklib.dll
O10 - Unknown file in Winsock LSP: c:\program files\parental filter\hooklib.dll
O10 - Unknown file in Winsock LSP: c:\program files\parental filter\hooklib.dll
O10 - Unknown file in Winsock LSP: c:\program files\parental filter\hooklib.dll
O10 - Unknown file in Winsock LSP: c:\program files\parental filter\hooklib.dll
O10 - Unknown file in Winsock LSP: c:\program files\parental filter\hooklib.dll
O10 - Unknown file in Winsock LSP: c:\program files\parental filter\hooklib.dll
O10 - Unknown file in Winsock LSP: c:\program files\parental filter\hooklib.dll
O10 - Unknown file in Winsock LSP: c:\program files\parental filter\hooklib.dll
O10 - Unknown file in Winsock LSP: c:\program files\parental filter\hooklib.dll
O10 - Unknown file in Winsock LSP: c:\program files\parental filter\hooklib.dll
O10 - Unknown file in Winsock LSP: c:\program files\parental filter\hooklib.dll
O10 - Unknown file in Winsock LSP: c:\program files\parental filter\hooklib.dll
O10 - Unknown file in Winsock LSP: c:\program files\parental filter\hooklib.dll
O10 - Unknown file in Winsock LSP: c:\program files\parental filter\hooklib.dll
O10 - Unknown file in Winsock LSP: c:\program files\parental filter\hooklib.dll
O10 - Unknown file in Winsock LSP: c:\program files\parental filter\hooklib.dll
O16 - DPF: {27527D31-447B-11D5-A46E-0001023B4289} (CoGSManager Class) - http://gamingzone.ubisoft.com/dev/packages/GSManager.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/pr02/resources/MSNPUpld.cab
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.safety.live.com/resource/download/scanner/wlscbase8460.cab
O16 - DPF: {7E980B9B-8AE5-466A-B6D6-DA8CF814E78A} (MJLauncherCtrl Class) - http://zone.msn.com/bingame/luxr/default/mjolauncher.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://cdn2.zone.msn.com/binFramework/v10/ZIntro.cab34246.cab
O16 - DPF: {C45B1500-7B63-47C2-AB25-C28CB46AFDEE} (MediaBar) - http://sib1.od2.com/common/musicmanager/installation/MusicManagerPlugin.CAB
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: x-mem1n - {2AB77CF2-76FF-475C-9AB8-0332478CBDEB} - C:\Program Files\Parental Filter\wowctl.net.dll
O18 - Protocol: x-mem3n - {0F4413E7-5D3B-4B1A-8AA2-E2307F06B228} - C:\Program Files\Parental Filter\eztoolslib.net.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - D:adio\aawservice.exe
O23 - Service: Adobe Active File Monitor (AdobeActiveFileMonitor) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe
O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
O23 - Service: FileZilla Server FTP server (FileZilla Server) - Unknown owner - D:adio\FileZilla Server\FileZilla Server.exe (file missing)
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Image Converter video recording monitor for VAIO Entertainment - Sony Corporation - C:\Program Files\Sony\image converter 2\IcVzMon.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Sunbelt Kerio Personal Firewall 4 (KPF4) - Unknown owner - D:adio\parefeu\kpf4ss.exe (file missing)
O23 - Service: LEC TranslateDotNet Server - Language Engineering Corporation, LLC - C:\Program Files\LEC\LogoMedia TranslateDotNet Server.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - SOFTWIN S.R.L. - C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: NBService - Nero AG - D:\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32
vsvc32.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Photoshop Elements Device Connect (PhotoshopElementsDeviceConnect) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsDeviceConnect.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - NetGroup - Politecnico di Torino - C:\Program Files\WinPcappcapd.exe
O23 - Service: Parental Filter (ServiceEPCP) - Unknown owner - C:\Program Files\Parental Filter\ServiceEPCP.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SSScsiSV.exe
O23 - Service: MS Session Manager Subsystem (System Session Manager Subsystem) - Unknown owner - c:\windows\system32\drivers\etc\smss.exe (file missing)
O23 - Service: VAIO Entertainment Aggregation and Control Service - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment\VzRs\VzRs.exe
O23 - Service: VAIO Entertainment Task Scheduler - Sony Corporation - C:\Program Files\Sony\vaio entertainment\VzTaskScheduler.exe
O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe
O23 - Service: VAIO Media Integrated Server (VAIOMediaPlatform-IntegratedServer-AppServer) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe
O23 - Service: VAIO Media Integrated Server (HTTP) (VAIOMediaPlatform-IntegratedServer-HTTP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
O23 - Service: VAIO Media Integrated Server (UPnP) (VAIOMediaPlatform-IntegratedServer-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
O23 - Service: VAIO Media Gateway Server (VAIOMediaPlatform-Mobile-Gateway) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe
O23 - Service: VAIO Cooporated Initialisation (VCI) - Sony Corporation - C:\Program Files\Sony\VAIO Cooperated Initialisation\VCI_SVC.exe
O23 - Service: VAIO Entertainment UPnP Client Adapter (Vcsw) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - SOFTWIN S.R.L. - C:\Program Files\Softwin\BitDefender9\vsserv.exe
O23 - Service: VAIO Entertainment Database Service (VzCdbSvc) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
O23 - Service: VAIO Entertainment File Import Service (VzFw) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
O23 - Service: BitDefender Communicator (XCOMM) - Softwin - C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe

Le sioux · Answer

Bonsoir Antoine, Pi_Xi

Apparemment tes lignes O10 appartiennent a un contrôle parental  légitime  http://www.castlecops.com/lsp-287.html

Par contre , peux tu faire ceci :

Rends toi  sur VIRUS TOTAL  https://www.virustotal.com/gui/

* Clique sur  "parcourir" :  C:\WINDOWS\system32\z.exe

*  Recherche le fichier à analyser, puis clique ensuite sur "send".

Il faut patienter car tu es sur une file d'attente.
Le rapport ne sera complet que lorsque tu verras la mention "FINISHED"sur la droite.

Dépose le dans ta prochaine réponse.

Tuto : http://pageperso.aol.fr/loraline60/virus_total.htm

Note : Il est possible que tu es besoin d'avoir accès aux dossiers et fichiers cachés, pour cela  "Affiche les dossiers cachés" Aide toi de  B ) Afficher les dossiers cachés  ici   https://forum.pcastuces.com/sujet.asp?f=25&s=3902  si besoin

@ suivre.

antoine01000 · Answer

slt le sioux, bon g essayé et il trouve pas le fichier z.exe.
sinon dsl dêtre méchant^^ mé pr linstant c Pi-Xi qui maide, donc priorité à lui mais merci de m'aider le sioux!

Le sioux · Answer

Re

J'ai  oublié de te dire que c'est sur sa demande que je suis apparu ;-) 

Je te prépare un script pour ComboFix

@ suivre avec moi si tu le veux bien ;-)

Edit Connais tu et sais tu a quoi te serves ces programmes : 

C:\Program Files\Data1.cab
C:\Program Files\SCSSDist.ini

et C:\Program Files\NGhost10.msi  rapport avec Norton Ghost ?

Le sioux · Answer

Re

Commence par faire cela :

Démarrer / exécuter tapes services.msc

Navigue jusqu au Service:  MS Session Manager Subsystem

Clique droit sur la ligne du service en question MS Session Manager Subsystem  puis arrêter
Clique droit a nouveau  puis  propriétés et a type de Démarrage mettre sur désactivé puis valider par appliquer et ok 

Et réponds a mes questions en rapport avec ces programmes stp : 

C:\Program Files\Data1.cab
C:\Program Files\SCSSDist.ini
C:\Program Files\INSTALL.LOG
et C:\Program Files\NGhost10.msi    un rapport avec Norton Ghost ?

@ suivre.

antoine01000 · Answer

alors le fichier data1.cab je sais pas cque c mais dedans ya d fichier de microsof office windows et d fichier exe

le contenu du fichier SC SSDist.ini c :[ENHANCEDTRIALWARE]
ECOMCODE=USENG

Install.log je sais cque c, ça parle d'un logiciel à mon père
 
et NGhost c bien norton puisque ds propriété c marqué fabriqué par symantec, jutilise pas norton donc normalement on pe le supprimer

j'ai fait ce que tu m'a demandé g bien désactiver par contre g pas eu à mettre arrêter puisque ct déja fait

voila ++ merci de reprendre le flambeau de Pi-Xi et merci pixi de m'avoir supprimer mon vers msn( c pet être pas encore fini^^)

Le sioux · Answer

Bonjour Antoine

ComboFix avec CFScript : 

*  Sélectionne le texte suivant (en gras)  dans son intégralité 

Registry::
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices]
"gpedfsdjzcyg"=-
"z"=-
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"DisableTaskMgr"= 0 
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WhenUSearch]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WhenUSearchWHSE]

File::
C:\WINDOWS\system32\exec1.exe
C:\WINDOWS\system32\exec2.exe
C:\WINDOWS\system32\ccfbeecf_d.dll
C:\WINDOWS\system32\F4986B42B9.sys
C:\WINDOWS\system32\z.exe
C:\WINDOWS\system32\gpedfsdjzcyg.exe 
C:\windows\system32\drivers\etc\smss.exe

Folder::
C:\Program Files\SCSSDist.ini

* Copie le texte sélectionné (CTRL+C).
* Ouvre le bloc-notes (programme>Accessoires >bloc-notes).
* Colle le texte copié dans ce bloc-notes (CTRL+V).
* Sauvegarde ce fichier sous le nom de CFScript.txt

Déconnecte toi du net et désactive ton antivirus  pour que Combofix puisse s'exécuter normalement

Fais un glisser/déposer de ce fichier CFScript sur le fichier ComboFix.exe ( sur ton Bureau)

Comme ici  http://i261.photobucket.com/albums/ii49/Malekal_morte/CFScript.gif

* Une fenêtre bleue va apparaître: au message qui apparaît  Type 1 to continue, or 2 to abort , tape 1 puis valide.

* Patiente le temps du scan. Le Bureau va disparaître à plusieurs reprises : c'est normal!

Ne touche à rien tant que le scan n'est pas terminé. 

En fin de scan, il est possible que ComboFix ait besoin de redémarrer le PC pour finaliser la désinfection, laisses-le faire.

Une fois le scan achevé, un rapport va s'afficher : Poste son contenu et un nouveau rapport HijackThis

Réactive la protection en temps réel de ton Antivirus et de tes Antispywares, avant de te reconnecter à Internet.

(Si le fichier ne s'ouvre pas, il se trouve ici > C:\ComboFix.txt )

@ suivre

Le sioux · Answer

Bonjour  Antoine

Regarde au dessus , j'ai involontairement posté le message deux fois ...

@ suivre

antoine01000 · Answer

slt

voila le rapport Combofix:
ComboFix 08-01-23.1C - Jean-Yves 2008-02-04 12:48:36.2 - NTFSx86
Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.419 [GMT 1:00]
Endroit: C:\Documents and Settings\Jean-Yves\Bureau\ComboFix.exe
Command switches used :: C:\Documents and Settings\Jean-Yves\CFScript.txt
* Création d'un nouveau point de restauration

[color=red][b]AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !![/b][/color]

FILE
C:\WINDOWS\system32\ccfbeecf_d.dll
C:\windows\system32\drivers\etc\smss.exe
C:\WINDOWS\system32\exec1.exe
C:\WINDOWS\system32\exec2.exe
C:\WINDOWS\system32\F4986B42B9.sys
C:\WINDOWS\system32\gpedfsdjzcyg.exe
C:\WINDOWS\system32\z.exe
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Program Files\SCSSDist.ini\
C:\WINDOWS\system32\ccfbeecf_d.dll
C:\WINDOWS\system32\exec1.exe
C:\WINDOWS\system32\exec2.exe
C:\WINDOWS\system32\F4986B42B9.sys
.
---- Previous Run -------
.
C:\Documents and Settings\SONY\Application Data\inst.exe
C:\Program Files\uusee
C:\WINDOWS\system32\drivers\npf.sys
C:\WINDOWS\system32\packet.dll
C:\WINDOWS\system32\pthreadVC.dll
C:\WINDOWS\system32\wanpacket.dll
C:\WINDOWS\system32\wpcap.dll

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))

.
-------\LEGACY_NPF
-------\NPF

((((((((((((((((((((((((((((( Fichiers créés 2008-01-04 to 2008-02-04 ))))))))))))))))))))))))))))))))))))
.

2008-01-28 19:09 . 2008-01-28 19:09 <REP> d-------- C:\ppmaterecord
2008-01-26 13:57 . 2000-08-31 08:00 51,200 --a------ C:\WINDOWS\Nircmd.exe
2008-01-25 16:44 . 2008-01-25 16:44 <REP> d-------- C:\WINDOWS\ERUNT
2008-01-23 09:49 . 2008-02-04 08:14 819,109 --a------ C:\WINDOWS\system32\drivers\fwdrv.err
2008-01-20 09:18 . 2008-01-20 09:18 <REP> d--hs---- C:\found.000
2008-01-17 16:24 . 2008-01-17 16:24 <REP> d-------- C:\Program Files\Fichiers communs\Wise Installation Wizard
2008-01-14 19:22 . 2008-01-14 22:44 <REP> d-------- C:\Program Files\Parental Filter
2008-01-13 19:04 . 2008-01-13 19:04 118 --a------ C:\WINDOWS\system32\MRT.INI
2008-01-13 18:50 . 2008-01-13 18:50 <REP> d-------- C:\Program Files\Microsoft CAPICOM 2.1.0.2
2008-01-11 08:57 . 2007-10-17 13:53 43,816 --a------ C:\WINDOWS\system32\drivers\fssfltr.sys
2008-01-11 08:56 . 2008-01-11 08:56 <REP> d-------- C:\Program Files\Windows Live Toolbar
2008-01-11 08:53 . 2006-11-29 13:06 3,426,072 --a------ C:\WINDOWS\system32\d3dx9_32.dll
2008-01-11 08:52 . 2008-01-11 08:52 <REP> d-------- C:\Program Files\Microsoft SQL Server Compact Edition
2008-01-11 08:34 . 2007-07-30 19:19 271,224 --a------ C:\WINDOWS\system32\mucltui.dll
2008-01-11 08:34 . 2007-07-30 19:19 207,736 --a------ C:\WINDOWS\system32\muweb.dll
2008-01-11 08:34 . 2007-07-30 19:18 30,072 --a------ C:\WINDOWS\system32\mucltui.dll.mui
2008-01-11 08:28 . 2008-01-11 08:36 <REP> d--hsc--- C:\Program Files\Fichiers communs\WindowsLiveInstaller
2008-01-09 16:11 . 2008-01-09 16:11 104,863,744 --a------ C:\Arte - Urgan, enfant de l'Himalaya partie 3.avi

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-02-04 11:53 81,984 ----a-w C:\WINDOWS\system32\bdod.bin
2008-02-01 15:39 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-01-22 17:26 7,219 ----a-w C:\WINDOWS\system32\drivers\services.xml
2008-01-17 19:11 46,080 ----a-w C:\WINDOWS\system32\ftp.exe
2008-01-17 19:11 17,920 ----a-w C:\WINDOWS\system32\tftp.exe
2008-01-13 17:46 --------- d-----w C:\Program Files\Fichiers communs\Real
2008-01-11 07:57 --------- d-----w C:\Program Files\Windows Live
2008-01-11 07:41 --------- d-----w C:\Program Files\MSN Messenger
2007-12-23 21:24 --------- d-----w C:\Program Files\uTorrent
2007-12-14 10:32 12,632 ----a-w C:\WINDOWS\system32\lsdelete.exe
2007-11-29 22:30 200,704 ----a-w C:\WINDOWS\system32\ssldivx.dll
2007-11-29 22:30 1,044,480 ----a-w C:\WINDOWS\system32\libdivx.dll
2007-11-29 12:15 3,532 ----a-w C:\drmHeader.bin
2007-11-24 21:00 4,229,496 ----a-w C:\WINDOWS\system32\SpoonUninstall.exe
2007-11-07 09:28 728,576 ----a-w C:\WINDOWS\system32\lsasrv.dll
2005-09-09 17:55 7,155,864 ----a-w C:\Program Files\NGhost10.msi
2005-09-09 17:55 37,766,164 ----a-w C:\Program Files\Data1.cab
2005-09-09 17:55 35 ----a-w C:\Program Files\SCSSDist.ini
2004-05-06 14:28 28,771 ----a-w C:\Program Files\INSTALL.LOG
2004-03-20 12:54 86,016 ----a-w C:\WINDOWS\Prefetch\czero.exe
2006-01-26 18:42 1,682 --sha-w C:\WINDOWS\system32\KGyGaAvL.sys
.

((((((((((((((((((((((((((((( snapshot@2008-01-26_14.14.29.57 )))))))))))))))))))))))))))))))))))))))))
.
- 2008-01-26 12:58:25 1,429,504 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\[u]0[/u]0000001\NTUSER.DAT
+ 2008-02-04 11:47:10 1,429,504 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\[u]0[/u]0000001\NTUSER.DAT
- 2008-01-26 12:58:25 8,192 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\[u]0[/u]0000002\UsrClass.dat
+ 2008-02-04 11:47:10 8,192 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\[u]0[/u]0000002\UsrClass.dat
- 2008-01-26 12:58:25 1,425,408 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\[u]0[/u]0000003\NTUSER.DAT
+ 2008-02-04 11:47:10 1,425,408 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\[u]0[/u]0000003\NTUSER.DAT
- 2008-01-26 12:58:25 8,192 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\[u]0[/u]0000004\UsrClass.dat
+ 2008-02-04 11:47:10 8,192 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\[u]0[/u]0000004\UsrClass.dat
- 2008-01-26 12:58:25 8,761,344 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\[u]0[/u]0000005\ntuser.dat
+ 2008-02-04 11:47:10 8,810,496 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\[u]0[/u]0000005\ntuser.dat
- 2008-01-26 12:58:25 204,800 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\[u]0[/u]0000006\UsrClass.dat
+ 2008-02-04 11:47:11 204,800 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\[u]0[/u]0000006\UsrClass.dat
- 2008-01-03 14:57:32 16,384 ------w C:\WINDOWS\system32\config\systemprofile\Cookies\index.dat
+ 2008-02-03 12:08:53 16,384 ------w C:\WINDOWS\system32\config\systemprofile\Cookies\index.dat
- 2008-01-03 14:57:32 32,768 ------w C:\WINDOWS\system32\config\systemprofile\Local Settings\Historique\History.IE5\index.dat
+ 2008-02-03 12:08:53 32,768 ------w C:\WINDOWS\system32\config\systemprofile\Local Settings\Historique\History.IE5\index.dat
- 2008-01-03 14:57:32 32,768 ------w C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat
+ 2008-02-03 12:08:53 32,768 ------w C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat
+ 2008-02-04 11:11:52 16,384 ----atw C:\WINDOWS\Temp\Perflib_Perfdata_1d4.dat
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{4f3ed5cd-0726-42a9-87f5-d13f3d2976ac}]
2007-12-17 11:12 56360 --a------ C:\Program Files\Windows Live\Contrôle parental\fssbho.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-05 13:00 15360]
"Veoh"="D:\radio\VeohClient.exe" [2008-01-30 13:11 3497984]
"Update Service"="C:\Program Files\Fichiers communs\Teknum Systems\update.exe" [ ]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HKSERV.EXE"="C:\Program Files\Sony\HotKey Utility\HKserv.exe" [2004-10-16 21:48 122880]
"VAIO Update 2"="C:\Program Files\sony\vaio update 2\VAIOUpdt.exe" [2005-01-14 13:43 151552]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 01:11 132496]
"VZRemoteCommander"="C:\Program Files\Sony\VAIO Zone Remote Commander\AvRmtCtr.exe" [2005-01-31 10:10 192512]
"PDService.exe"="C:\Program Files\Utimaco\SafeGuard PrivateDisk\pdservice.exe" [2004-07-06 14:15 40960]
"VMConsole.exe"="C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VMConsole.exe" [2005-01-14 16:19 315392]
"SsAAD.exe"="C:\PROGRA~1\sony\SONICS~1\SsAAD.exe" [2005-01-24 19:58 81920]
"TVTunerLib"="C:\Program Files\Fichiers communs\Sony Shared\TVTunerLib\TVTLInstTool.exe" [2005-02-15 22:19 245760]
"LogitechVideoRepair"="C:\Program Files\Logitech\Video\ISStart.exe" [2004-02-12 16:57 188416]
"LogitechVideoTray"="C:\Program Files\Logitech\Video\LogiTray.exe" [2004-02-12 16:59 77824]
"BDMCon"="C:\Program Files\Softwin\BitDefender9\bdmcon.exe" [2006-04-28 10:26 372736]
"BDOESRV"="C:\Program Files\Softwin\BitDefender9\bdoesrv.exe" [2005-03-11 17:53 90112]
"BDNewsAgent"="C:\Program Files\Softwin\BitDefender9\bdnagent.exe" [2005-06-09 10:28 9728]
"BDSwitchAgent"="C:\Program Files\Softwin\BitDefender9\bdswitch.exe" [2005-04-06 13:09 33280]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2004-07-07 22:02 4136960]
"ISUSScheduler"="C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" [2005-02-16 16:15 81920]
"iTunesHelper"="D:\itunes\iTunesHelper.exe" [2006-10-30 09:36 256576]
"fssui"="C:\Program Files\Windows Live\Contrôle parental\fssui.exe" [2007-12-17 11:12 243240]
"LOGGING_EPCP"="C:\Program Files\Parental Filter\LoggingEPCP.exe" [2007-02-12 11:33 49152]
"QuickTime Task"="D:\quicktime\qttask.exe" [2007-06-29 05:24 286720]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-05 13:00 15360]

C:\Documents and Settings\SONY\Menu D‚marrer\Programmes\D‚marrage\
VAIO Launcher.lnk - C:\Program Files\Sony\VAIO Launcher\Launcher.exe [2005-03-23 10:47:18 778240]

C:\Documents and Settings\Jean-Yves\Menu D‚marrer\Programmes\D‚marrage\
VAIO Launcher.lnk - C:\Program Files\Sony\VAIO Launcher\Launcher.exe [2005-03-23 10:47:18 778240]

C:\Documents and Settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
Assistant d'Acrobat.lnk - C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe [2003-07-30 02:52:00 217195]
Audio Filter.lnk - C:\Program Files\Sony\sonicstage mastering studio\audio filter\SSMSFilter.exe [2005-03-23 10:53:37 3547136]
Lancement rapide d'Adobe Reader.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-09-24 07:05:26 29696]
tat de l'enregistrement.lnk - C:\Program Files\Sony\vaio entertainment\VzTrayIcon.exe [2005-03-23 10:46:44 299008]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\New.net Startup]

R0 AFPAnsi;Alfa File Protector Ansi;C:\WINDOWS\system32\Drivers\AFPAnsi.sys [2005-06-04 14:54]
R1 bdftdif;BitDefender Firewall TDI Filter;C:\Program Files\Fichiers communs\Softwin\BitDefender Firewall\bdftdif.sys [2006-06-21 14:55]
R1 fwdrv;Firewall Driver;C:\WINDOWS\system32\drivers\fwdrv.sys [2007-03-16 09:56]
R1 khips;Kerio HIPS Driver;C:\WINDOWS\system32\drivers\khips.sys [2007-03-16 09:56]
R1 PrivateDisk;PrivateDisk;C:\WINDOWS\system32\Drivers\PrivateDiskM.sys [2004-07-06 14:07]
R2 fssfltr;FssFltr;C:\WINDOWS\system32\DRIVERS\fssfltr.sys [2007-10-17 13:53]
R2 fsssvc;Windows Live OneCare Contrôle parental;"C:\Program Files\Windows Live\Contrôle parental\fsssvc.exe" [2007-12-17 11:13]
R2 MSSQL$VAIO_VEDB;MSSQL$VAIO_VEDB;C:\Program Files\Microsoft SQL Server\MSSQL$VAIO_VEDB\Binn\sqlservr.exe [2002-12-17 17:55]
R2 ServiceEPCP;Parental Filter;C:\Program Files\Parental Filter\ServiceEPCP.exe [2007-02-12 11:33]
R2 tansgt;tansgt;C:\WINDOWS\system32\drivers\tansgt.sys [2007-07-08 09:49]
R3 Bdfndisf;BitDefender Firewall NDIS Filter Service;C:\WINDOWS\system32\DRIVERS\bdfndisf.sys [2006-06-21 14:55]
S3 AdobeActiveFileMonitor;Adobe Active File Monitor;C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe [2004-10-12 04:47]
S3 Boonty Games;Boonty Games;"C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe" [2006-02-12 11:29]
S3 fbxusb;Carte réseau virtuelle FreeBox USB;C:\WINDOWS\system32\DRIVERS\fbxusb32.sys [2004-10-20 14:23]
S3 Image Converter video recording monitor for VAIO Entertainment;Image Converter video recording monitor for VAIO Entertainment;C:\Program Files\Sony\image converter 2\IcVzMon.exe [2005-02-24 14:38]
S3 PhotoshopElementsDeviceConnect;Photoshop Elements Device Connect;C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsDeviceConnect.exe [2004-10-12 03:40]
S3 PTWDrv;PTW - Process monitoring driver;D:\radio\PC TimeWatch\PTWatch.sys []
S3 SQLAgent$VAIO_VEDB;SQLAgent$VAIO_VEDB;C:\Program Files\Microsoft SQL Server\MSSQL$VAIO_VEDB\Binn\sqlagent.EXE [2002-12-17 17:23]
S3 USBSTOR;Pilote de stockage de masse USB;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 23:08]
S4 System Session Manager Subsystem;MS Session Manager Subsystem;c:\windows\system32\drivers\etc\smss.exe []
S4 Windows Services Control;Windows Services Control;c:\windows\system32\drivers\services.exe []

.
Contenu du dossier 'Scheduled Tasks/Tâches planifiées'
"2007-09-04 13:18:40 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
"2008-01-11 07:56:43 C:\WINDOWS\Tasks\Vérifier les mises à jour de Windows Live Toolbar.job"
- C:\Program Files\Windows Live Toolbar\MSNTBUP.EXE
.
**************************************************************************

catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-02-04 12:54:19
Windows 5.1.2600 Service Pack 2 NTFS

Balayage processus cachés ...

Balayage caché autostart entries ...

Balayage des fichiers cachés ...

Scan terminé avec succès
Les fichiers cachés: 0

**************************************************************************
.
--------------------- DLLs a chargé sous des processus courants ---------------------

PROCESS: C:\WINDOWS\system32\lsass.exe [5.01.2600.2180]
-> C:\Program Files\Parental Filter\hooklib.dll
.
Temps d'accomplissement: 2008-02-04 12:56:00
ComboFix-quarantined-files.txt 2008-02-04 11:55:54
.
2008-01-22 23:50:39 --- E O F ---

le rapport Hijackthis:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:01:12, on 04/02/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
D:\radio\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\LEC\LogoMedia TranslateDotNet Server.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Microsoft SQL Server\MSSQL$VAIO_VEDB\Binn\sqlservr.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Parental Filter\ServiceEPCP.exe
C:\Program Files\Sony\vaio entertainment\VzTaskScheduler.exe
C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe
C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
C:\Program Files\Sony\HotKey Utility\HKserv.exe
C:\Program Files\sony\vaio update 2\VAIOUpdt.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\Sony\VAIO Zone Remote Commander\AvRmtCtr.exe
C:\Program Files\Sony\HotKey Utility\HKWnd.exe
C:\Program Files\Utimaco\SafeGuard PrivateDisk\pdservice.exe
C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VMConsole.exe
C:\PROGRA~1\sony\SONICS~1\SsAAD.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
C:\Program Files\Softwin\BitDefender9\bdoesrv.exe
C:\program files\softwin\bitdefender9\bdnagent.exe
C:\program files\softwin\bitdefender9\bdswitch.exe
C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
D:\itunes\iTunesHelper.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe
C:\Program Files\Windows Live\Contrôle parental\fssui.exe
C:\Program Files\Parental Filter\LoggingEPCP.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe
C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe
C:\Program Files\Sony\sonicstage mastering studio\audio filter\SSMSFilter.exe
C:\WINDOWS\system32\LVComS.exe
C:\Program Files\Sony\vaio entertainment\VzTrayIcon.exe
C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
C:\Program Files\Softwin\BitDefender9\vsserv.exe
C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe
C:\Program Files\Fichiers communs\Sony Shared\AVLib\SSScsiSV.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment\VzRs\VzRs.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Softwin\BitDefender9\bdmcon.exe
C:\Program Files\Mozilla Firefox\firefox.exe
D:\radio\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.club-vaio.com/fr
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Windows Live OneCare Family Safety Browser Helper - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Contrôle parental\fssbho.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: VGOIEBHO Helper - {B6FA00D9-86EC-4158-9488-D00DFF897E86} - C:\Program Files\21cn\VGO\VGOIEBHO.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [HKSERV.EXE] C:\Program Files\Sony\HotKey Utility\HKserv.exe
O4 - HKLM\..\Run: [VAIO Update 2] "C:\Program Files\sony\vaio update 2\VAIOUpdt.exe" /Stationary
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [VZRemoteCommander] C:\Program Files\Sony\VAIO Zone Remote Commander\AvRmtCtr.exe
O4 - HKLM\..\Run: [PDService.exe] C:\Program Files\Utimaco\SafeGuard PrivateDisk\pdservice.exe
O4 - HKLM\..\Run: [VMConsole.exe] "C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VMConsole.exe" /windowmin
O4 - HKLM\..\Run: [SsAAD.exe] C:\PROGRA~1\sony\SONICS~1\SsAAD.exe
O4 - HKLM\..\Run: [TVTunerLib] C:\Program Files\Fichiers communs\Sony Shared\TVTunerLib\TVTLInstTool.exe
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [BDMCon] "C:\Program Files\Softwin\BitDefender9\bdmcon.exe"
O4 - HKLM\..\Run: [BDOESRV] "C:\Program Files\Softwin\BitDefender9\bdoesrv.exe"
O4 - HKLM\..\Run: [BDNewsAgent] "C:\Program Files\Softwin\BitDefender9\bdnagent.exe"
O4 - HKLM\..\Run: [BDSwitchAgent] "C:\Program Files\Softwin\BitDefender9\bdswitch.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [iTunesHelper] "D:\itunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [fssui] "C:\Program Files\Windows Live\Contrôle parental\fssui.exe" -autorun
O4 - HKLM\..\Run: [LOGGING_EPCP] "C:\Program Files\Parental Filter\LoggingEPCP.exe" start
O4 - HKLM\..\Run: [QuickTime Task] "D:\quicktime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Veoh] "D:\radio\VeohClient.exe" /VeohHide
O4 - HKCU\..\Run: [Update Service] "C:\Program Files\Fichiers communs\Teknum Systems\update.exe" /startup
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - .DEFAULT User Startup: VAIO Launcher.lnk = C:\Program Files\Sony\VAIO Launcher\Launcher.exe (User 'Default user')
O4 - Startup: VAIO Launcher.lnk = C:\Program Files\Sony\VAIO Launcher\Launcher.exe
O4 - Global Startup: Assistant d'Acrobat.lnk = C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe
O4 - Global Startup: Audio Filter.lnk = C:\Program Files\Sony\sonicstage mastering studio\audio filter\SSMSFilter.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: État de l'enregistrement.lnk = C:\Program Files\Sony\vaio entertainment\VzTrayIcon.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\program files\parental filter\hooklib.dll
O10 - Unknown file in Winsock LSP: c:\program files\parental filter\hooklib.dll
O10 - Unknown file in Winsock LSP: c:\program files\parental filter\hooklib.dll
O10 - Unknown file in Winsock LSP: c:\program files\parental filter\hooklib.dll
O10 - Unknown file in Winsock LSP: c:\program files\parental filter\hooklib.dll
O10 - Unknown file in Winsock LSP: c:\program files\parental filter\hooklib.dll
O10 - Unknown file in Winsock LSP: c:\program files\parental filter\hooklib.dll
O10 - Unknown file in Winsock LSP: c:\program files\parental filter\hooklib.dll
O10 - Unknown file in Winsock LSP: c:\program files\parental filter\hooklib.dll
O10 - Unknown file in Winsock LSP: c:\program files\parental filter\hooklib.dll
O10 - Unknown file in Winsock LSP: c:\program files\parental filter\hooklib.dll
O10 - Unknown file in Winsock LSP: c:\program files\parental filter\hooklib.dll
O10 - Unknown file in Winsock LSP: c:\program files\parental filter\hooklib.dll
O10 - Unknown file in Winsock LSP: c:\program files\parental filter\hooklib.dll
O10 - Unknown file in Winsock LSP: c:\program files\parental filter\hooklib.dll
O10 - Unknown file in Winsock LSP: c:\program files\parental filter\hooklib.dll
O10 - Unknown file in Winsock LSP: c:\program files\parental filter\hooklib.dll
O10 - Unknown file in Winsock LSP: c:\program files\parental filter\hooklib.dll
O10 - Unknown file in Winsock LSP: c:\program files\parental filter\hooklib.dll
O10 - Unknown file in Winsock LSP: c:\program files\parental filter\hooklib.dll
O16 - DPF: {27527D31-447B-11D5-A46E-0001023B4289} (CoGSManager Class) - http://gamingzone.ubisoft.com/dev/packages/GSManager.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/pr02/resources/MSNPUpld.cab
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.safety.live.com/resource/download/scanner/wlscbase8460.cab
O16 - DPF: {7E980B9B-8AE5-466A-B6D6-DA8CF814E78A} (MJLauncherCtrl Class) - http://zone.msn.com/bingame/luxr/default/mjolauncher.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://cdn2.zone.msn.com/binFramework/v10/ZIntro.cab34246.cab
O16 - DPF: {C45B1500-7B63-47C2-AB25-C28CB46AFDEE} (MediaBar) - http://sib1.od2.com/common/musicmanager/installation/MusicManagerPlugin.CAB
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: x-mem1n - {2AB77CF2-76FF-475C-9AB8-0332478CBDEB} - C:\Program Files\Parental Filter\wowctl.net.dll
O18 - Protocol: x-mem3n - {0F4413E7-5D3B-4B1A-8AA2-E2307F06B228} - C:\Program Files\Parental Filter\eztoolslib.net.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - D:\radio\aawservice.exe
O23 - Service: Adobe Active File Monitor (AdobeActiveFileMonitor) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe
O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
O23 - Service: FileZilla Server FTP server (FileZilla Server) - Unknown owner - D:\radio\FileZilla Server\FileZilla Server.exe (file missing)
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Image Converter video recording monitor for VAIO Entertainment - Sony Corporation - C:\Program Files\Sony\image converter 2\IcVzMon.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Sunbelt Kerio Personal Firewall 4 (KPF4) - Unknown owner - D:\radio\parefeu\kpf4ss.exe (file missing)
O23 - Service: LEC TranslateDotNet Server - Language Engineering Corporation, LLC - C:\Program Files\LEC\LogoMedia TranslateDotNet Server.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - SOFTWIN S.R.L. - C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: NBService - Nero AG - D:\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Photoshop Elements Device Connect (PhotoshopElementsDeviceConnect) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsDeviceConnect.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - NetGroup - Politecnico di Torino - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: Parental Filter (ServiceEPCP) - Unknown owner - C:\Program Files\Parental Filter\ServiceEPCP.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SSScsiSV.exe
O23 - Service: VAIO Entertainment Aggregation and Control Service - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment\VzRs\VzRs.exe
O23 - Service: VAIO Entertainment Task Scheduler - Sony Corporation - C:\Program Files\Sony\vaio entertainment\VzTaskScheduler.exe
O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe
O23 - Service: VAIO Media Integrated Server (VAIOMediaPlatform-IntegratedServer-AppServer) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe
O23 - Service: VAIO Media Integrated Server (HTTP) (VAIOMediaPlatform-IntegratedServer-HTTP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
O23 - Service: VAIO Media Integrated Server (UPnP) (VAIOMediaPlatform-IntegratedServer-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
O23 - Service: VAIO Media Gateway Server (VAIOMediaPlatform-Mobile-Gateway) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe
O23 - Service: VAIO Cooporated Initialisation (VCI) - Sony Corporation - C:\Program Files\Sony\VAIO Cooperated Initialisation\VCI_SVC.exe
O23 - Service: VAIO Entertainment UPnP Client Adapter (Vcsw) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - SOFTWIN S.R.L. - C:\Program Files\Softwin\BitDefender9\vsserv.exe
O23 - Service: VAIO Entertainment Database Service (VzCdbSvc) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
O23 - Service: VAIO Entertainment File Import Service (VzFw) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
O23 - Service: BitDefender Communicator (XCOMM) - Softwin - C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe

Le sioux · Answer

Bonjour Antoine

Bien joué, on continu

* Télécharge clean zip de Malekal_Morte http://www.malekal.com/download/clean.zip

* Décompresse-le sur ton bureau (clic droit / extraire tout), tu dois obtenir un dossier clean.
* Ouvre le dossier Clean qui se trouve sur ton Bureau.
* Double-clique sur clean.cmd.
Une fenêtre noire va apparaître,

choisis l'option 1

Puis poste le rapport qui se trouve ici C:\rapport_clean.txt

@ suivre.

antoine01000 · Answer

slt voila le rapport: ComboFix 08-01-23.1C - Jean-Yves 2008-02-04 12:48:36.2 - NTFSx86 Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.419 [GMT 1:00] Endroit: C:\Documents and Settings\Jean-Yves\Bureau\ComboFix.exe Command switches used :: C:\Documents and Settings\Jean-Yves\CFScript.txt * Création d'un nouveau point de restauration [color=red][b]AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !![/b][/color] FILE C:\WINDOWS\system32\ccfbeecf_d.dll C:\windows\system32\drivers\etc\smss.exe C:\WINDOWS\system32\exec1.exe C:\WINDOWS\system32\exec2.exe C:\WINDOWS\system32\F4986B42B9.sys C:\WINDOWS\system32\gpedfsdjzcyg.exe C:\WINDOWS\system32\z.exe . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . C:\Program Files\SCSSDist.ini\ C:\WINDOWS\system32\ccfbeecf_d.dll C:\WINDOWS\system32\exec1.exe C:\WINDOWS\system32\exec2.exe C:\WINDOWS\system32\F4986B42B9.sys . ---- Previous Run ------- . C:\Documents and Settings\SONY\Application Data\inst.exe C:\Program Files\uusee C:\WINDOWS\system32\drivers\npf.sys C:\WINDOWS\system32\packet.dll C:\WINDOWS\system32\pthreadVC.dll C:\WINDOWS\system32\wanpacket.dll C:\WINDOWS\system32\wpcap.dll . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\LEGACY_NPF -------\NPF ((((((((((((((((((((((((((((( Fichiers créés 2008-01-04 to 2008-02-04 )))))))))))))))))))))))))))))))))))) . 2008-01-28 19:09 . 2008-01-28 19:09 d-------- C:\ppmaterecord 2008-01-26 13:57 . 2000-08-31 08:00 51,200 --a------ C:\WINDOWS\Nircmd.exe 2008-01-25 16:44 . 2008-01-25 16:44 d-------- C:\WINDOWS\ERUNT 2008-01-23 09:49 . 2008-02-04 08:14 819,109 --a------ C:\WINDOWS\system32\drivers\fwdrv.err 2008-01-20 09:18 . 2008-01-20 09:18 d--hs---- C:\found.000 2008-01-17 16:24 . 2008-01-17 16:24 d-------- C:\Program Files\Fichiers communs\Wise Installation Wizard 2008-01-14 19:22 . 2008-01-14 22:44 d-------- C:\Program Files\Parental Filter 2008-01-13 19:04 . 2008-01-13 19:04 118 --a------ C:\WINDOWS\system32\MRT.INI 2008-01-13 18:50 . 2008-01-13 18:50 d-------- C:\Program Files\Microsoft CAPICOM 2.1.0.2 2008-01-11 08:57 . 2007-10-17 13:53 43,816 --a------ C:\WINDOWS\system32\drivers\fssfltr.sys 2008-01-11 08:56 . 2008-01-11 08:56 d-------- C:\Program Files\Windows Live Toolbar 2008-01-11 08:53 . 2006-11-29 13:06 3,426,072 --a------ C:\WINDOWS\system32\d3dx9_32.dll 2008-01-11 08:52 . 2008-01-11 08:52 d-------- C:\Program Files\Microsoft SQL Server Compact Edition 2008-01-11 08:34 . 2007-07-30 19:19 271,224 --a------ C:\WINDOWS\system32\mucltui.dll 2008-01-11 08:34 . 2007-07-30 19:19 207,736 --a------ C:\WINDOWS\system32\muweb.dll 2008-01-11 08:34 . 2007-07-30 19:18 30,072 --a------ C:\WINDOWS\system32\mucltui.dll.mui 2008-01-11 08:28 . 2008-01-11 08:36 d--hsc--- C:\Program Files\Fichiers communs\WindowsLiveInstaller 2008-01-09 16:11 . 2008-01-09 16:11 104,863,744 --a------ C:\Arte - Urgan, enfant de l'Himalaya partie 3.avi . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2008-02-04 11:53 81,984 ----a-w C:\WINDOWS\system32\bdod.bin 2008-02-01 15:39 --------- d--h--w C:\Program Files\InstallShield Installation Information 2008-01-22 17:26 7,219 ----a-w C:\WINDOWS\system32\drivers\services.xml 2008-01-17 19:11 46,080 ----a-w C:\WINDOWS\system32\ftp.exe 2008-01-17 19:11 17,920 ----a-w C:\WINDOWS\system32\tftp.exe 2008-01-13 17:46 --------- d-----w C:\Program Files\Fichiers communs\Real 2008-01-11 07:57 --------- d-----w C:\Program Files\Windows Live 2008-01-11 07:41 --------- d-----w C:\Program Files\MSN Messenger 2007-12-23 21:24 --------- d-----w C:\Program Files\uTorrent 2007-12-14 10:32 12,632 ----a-w C:\WINDOWS\system32\lsdelete.exe 2007-11-29 22:30 200,704 ----a-w C:\WINDOWS\system32\ssldivx.dll 2007-11-29 22:30 1,044,480 ----a-w C:\WINDOWS\system32\libdivx.dll 2007-11-29 12:15 3,532 ----a-w C:\drmHeader.bin 2007-11-24 21:00 4,229,496 ----a-w C:\WINDOWS\system32\SpoonUninstall.exe 2007-11-07 09:28 728,576 ----a-w C:\WINDOWS\system32\lsasrv.dll 2005-09-09 17:55 7,155,864 ----a-w C:\Program Files\NGhost10.msi 2005-09-09 17:55 37,766,164 ----a-w C:\Program Files\Data1.cab 2005-09-09 17:55 35 ----a-w C:\Program Files\SCSSDist.ini 2004-05-06 14:28 28,771 ----a-w C:\Program Files\INSTALL.LOG 2004-03-20 12:54 86,016 ----a-w C:\WINDOWS\Prefetch\czero.exe 2006-01-26 18:42 1,682 --sha-w C:\WINDOWS\system32\KGyGaAvL.sys . ((((((((((((((((((((((((((((( snapshot@2008-01-26_14.14.29.57 ))))))))))))))))))))))))))))))))))))))))) . - 2008-01-26 12:58:25 1,429,504 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\[u]0[/u]0000001\NTUSER.DAT + 2008-02-04 11:47:10 1,429,504 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\[u]0[/u]0000001\NTUSER.DAT - 2008-01-26 12:58:25 8,192 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\[u]0[/u]0000002\UsrClass.dat + 2008-02-04 11:47:10 8,192 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\[u]0[/u]0000002\UsrClass.dat - 2008-01-26 12:58:25 1,425,408 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\[u]0[/u]0000003\NTUSER.DAT + 2008-02-04 11:47:10 1,425,408 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\[u]0[/u]0000003\NTUSER.DAT - 2008-01-26 12:58:25 8,192 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\[u]0[/u]0000004\UsrClass.dat + 2008-02-04 11:47:10 8,192 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\[u]0[/u]0000004\UsrClass.dat - 2008-01-26 12:58:25 8,761,344 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\[u]0[/u]0000005\ntuser.dat + 2008-02-04 11:47:10 8,810,496 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\[u]0[/u]0000005\ntuser.dat - 2008-01-26 12:58:25 204,800 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\[u]0[/u]0000006\UsrClass.dat + 2008-02-04 11:47:11 204,800 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\[u]0[/u]0000006\UsrClass.dat - 2008-01-03 14:57:32 16,384 ------w C:\WINDOWS\system32\config\systemprofile\Cookies\index.dat + 2008-02-03 12:08:53 16,384 ------w C:\WINDOWS\system32\config\systemprofile\Cookies\index.dat - 2008-01-03 14:57:32 32,768 ------w C:\WINDOWS\system32\config\systemprofile\Local Settings\Historique\History.IE5\index.dat + 2008-02-03 12:08:53 32,768 ------w C:\WINDOWS\system32\config\systemprofile\Local Settings\Historique\History.IE5\index.dat - 2008-01-03 14:57:32 32,768 ------w C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat + 2008-02-03 12:08:53 32,768 ------w C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat + 2008-02-04 11:11:52 16,384 ----atw C:\WINDOWS\Temp\Perflib_Perfdata_1d4.dat . ((((((((((((((((((((((((((((((((( Point de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))) . . REGEDIT4 *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{4f3ed5cd-0726-42a9-87f5-d13f3d2976ac}] 2007-12-17 11:12 56360 --a------ C:\Program Files\Windows Live\Contrôle parental\fssbho.dll [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-05 13:00 15360] "Veoh"="D:\radio\VeohClient.exe" [2008-01-30 13:11 3497984] "Update Service"="C:\Program Files\Fichiers communs\Teknum Systems\update.exe" [ ] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "HKSERV.EXE"="C:\Program Files\Sony\HotKey Utility\HKserv.exe" [2004-10-16 21:48 122880] "VAIO Update 2"="C:\Program Files\sony\vaio update 2\VAIOUpdt.exe" [2005-01-14 13:43 151552] "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 01:11 132496] "VZRemoteCommander"="C:\Program Files\Sony\VAIO Zone Remote Commander\AvRmtCtr.exe" [2005-01-31 10:10 192512] "PDService.exe"="C:\Program Files\Utimaco\SafeGuard PrivateDisk\pdservice.exe" [2004-07-06 14:15 40960] "VMConsole.exe"="C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VMConsole.exe" [2005-01-14 16:19 315392] "SsAAD.exe"="C:\PROGRA~1\sony\SONICS~1\SsAAD.exe" [2005-01-24 19:58 81920] "TVTunerLib"="C:\Program Files\Fichiers communs\Sony Shared\TVTunerLib\TVTLInstTool.exe" [2005-02-15 22:19 245760] "LogitechVideoRepair"="C:\Program Files\Logitech\Video\ISStart.exe" [2004-02-12 16:57 188416] "LogitechVideoTray"="C:\Program Files\Logitech\Video\LogiTray.exe" [2004-02-12 16:59 77824] "BDMCon"="C:\Program Files\Softwin\BitDefender9\bdmcon.exe" [2006-04-28 10:26 372736] "BDOESRV"="C:\Program Files\Softwin\BitDefender9\bdoesrv.exe" [2005-03-11 17:53 90112] "BDNewsAgent"="C:\Program Files\Softwin\BitDefender9\bdnagent.exe" [2005-06-09 10:28 9728] "BDSwitchAgent"="C:\Program Files\Softwin\BitDefender9\bdswitch.exe" [2005-04-06 13:09 33280] "NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2004-07-07 22:02 4136960] "ISUSScheduler"="C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" [2005-02-16 16:15 81920] "iTunesHelper"="D:\itunes\iTunesHelper.exe" [2006-10-30 09:36 256576] "fssui"="C:\Program Files\Windows Live\Contrôle parental\fssui.exe" [2007-12-17 11:12 243240] "LOGGING_EPCP"="C:\Program Files\Parental Filter\LoggingEPCP.exe" [2007-02-12 11:33 49152] "QuickTime Task"="D:\quicktime\qttask.exe" [2007-06-29 05:24 286720] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-05 13:00 15360] C:\Documents and Settings\SONY\Menu D‚marrer\Programmes\D‚marrage\ VAIO Launcher.lnk - C:\Program Files\Sony\VAIO Launcher\Launcher.exe [2005-03-23 10:47:18 778240] C:\Documents and Settings\Jean-Yves\Menu D‚marrer\Programmes\D‚marrage\ VAIO Launcher.lnk - C:\Program Files\Sony\VAIO Launcher\Launcher.exe [2005-03-23 10:47:18 778240] C:\Documents and Settings\All Users\Menu D‚marrer\Programmes\D‚marrage\ Assistant d'Acrobat.lnk - C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe [2003-07-30 02:52:00 217195] Audio Filter.lnk - C:\Program Files\Sony\sonicstage mastering studio\audio filter\SSMSFilter.exe [2005-03-23 10:53:37 3547136] Lancement rapide d'Adobe Reader.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-09-24 07:05:26 29696] tat de l'enregistrement.lnk - C:\Program Files\Sony\vaio entertainment\VzTrayIcon.exe [2005-03-23 10:46:44 299008] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\New.net Startup] R0 AFPAnsi;Alfa File Protector Ansi;C:\WINDOWS\system32\Drivers\AFPAnsi.sys [2005-06-04 14:54] R1 bdftdif;BitDefender Firewall TDI Filter;C:\Program Files\Fichiers communs\Softwin\BitDefender Firewall\bdftdif.sys [2006-06-21 14:55] R1 fwdrv;Firewall Driver;C:\WINDOWS\system32\drivers\fwdrv.sys [2007-03-16 09:56] R1 khips;Kerio HIPS Driver;C:\WINDOWS\system32\drivers\khips.sys [2007-03-16 09:56] R1 PrivateDisk;PrivateDisk;C:\WINDOWS\system32\Drivers\PrivateDiskM.sys [2004-07-06 14:07] R2 fssfltr;FssFltr;C:\WINDOWS\system32\DRIVERS\fssfltr.sys [2007-10-17 13:53] R2 fsssvc;Windows Live OneCare Contrôle parental;"C:\Program Files\Windows Live\Contrôle parental\fsssvc.exe" [2007-12-17 11:13] R2 MSSQL$VAIO_VEDB;MSSQL$VAIO_VEDB;C:\Program Files\Microsoft SQL Server\MSSQL$VAIO_VEDB\Binn\sqlservr.exe [2002-12-17 17:55] R2 ServiceEPCP;Parental Filter;C:\Program Files\Parental Filter\ServiceEPCP.exe [2007-02-12 11:33] R2 tansgt;tansgt;C:\WINDOWS\system32\drivers\tansgt.sys [2007-07-08 09:49] R3 Bdfndisf;BitDefender Firewall NDIS Filter Service;C:\WINDOWS\system32\DRIVERS\bdfndisf.sys [2006-06-21 14:55] S3 AdobeActiveFileMonitor;Adobe Active File Monitor;C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe [2004-10-12 04:47] S3 Boonty Games;Boonty Games;"C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe" [2006-02-12 11:29] S3 fbxusb;Carte réseau virtuelle FreeBox USB;C:\WINDOWS\system32\DRIVERS\fbxusb32.sys [2004-10-20 14:23] S3 Image Converter video recording monitor for VAIO Entertainment;Image Converter video recording monitor for VAIO Entertainment;C:\Program Files\Sony\image converter 2\IcVzMon.exe [2005-02-24 14:38] S3 PhotoshopElementsDeviceConnect;Photoshop Elements Device Connect;C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsDeviceConnect.exe [2004-10-12 03:40] S3 PTWDrv;PTW - Process monitoring driver;D:\radio\PC TimeWatch\PTWatch.sys [] S3 SQLAgent$VAIO_VEDB;SQLAgent$VAIO_VEDB;C:\Program Files\Microsoft SQL Server\MSSQL$VAIO_VEDB\Binn\sqlagent.EXE [2002-12-17 17:23] S3 USBSTOR;Pilote de stockage de masse USB;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 23:08] S4 System Session Manager Subsystem;MS Session Manager Subsystem;c:\windows\system32\drivers\etc\smss.exe [] S4 Windows Services Control;Windows Services Control;c:\windows\system32\drivers\services.exe [] . Contenu du dossier 'Scheduled Tasks/Tâches planifiées' "2007-09-04 13:18:40 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job" - C:\Program Files\Apple Software Update\SoftwareUpdate.exe "2008-01-11 07:56:43 C:\WINDOWS\Tasks\Vérifier les mises à jour de Windows Live Toolbar.job" - C:\Program Files\Windows Live Toolbar\MSNTBUP.EXE . ************************************************************************** catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-02-04 12:54:19 Windows 5.1.2600 Service Pack 2 NTFS Balayage processus cachés ... Balayage caché autostart entries ... Balayage des fichiers cachés ... Scan terminé avec succès Les fichiers cachés: 0 ************************************************************************** . --------------------- DLLs a chargé sous des processus courants --------------------- PROCESS: C:\WINDOWS\system32\lsass.exe [5.01.2600.2180] -> C:\Program Files\Parental Filter\hooklib.dll . Temps d'accomplissement: 2008-02-04 12:56:00 ComboFix-quarantined-files.txt 2008-02-04 11:55:54 . 2008-01-22 23:50:39 --- E O F --- et lautre: Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 14:14:44, on 05/02/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16574) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe D:\radio\aawservice.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\LEC\LogoMedia TranslateDotNet Server.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE C:\Program Files\Microsoft SQL Server\MSSQL$VAIO_VEDB\Binn\sqlservr.exe C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\Parental Filter\ServiceEPCP.exe C:\Program Files\Sony\vaio entertainment\VzTaskScheduler.exe C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment\VzRs\VzRs.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Sony\HotKey Utility\HKserv.exe C:\Program Files\sony\vaio update 2\VAIOUpdt.exe C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe C:\Program Files\Sony\VAIO Zone Remote Commander\AvRmtCtr.exe C:\Program Files\Utimaco\SafeGuard PrivateDisk\pdservice.exe C:\Program Files\Sony\HotKey Utility\HKWnd.exe C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VMConsole.exe C:\PROGRA~1\sony\SONICS~1\SsAAD.exe C:\Program Files\Logitech\Video\LogiTray.exe C:\Program Files\Softwin\BitDefender9\bdoesrv.exe C:\Program Files\Softwin\BitDefender9\bdnagent.exe C:\Program Files\Softwin\BitDefender9\bdswitch.exe C:\Program Files\Fichiers communs\Sony Shared\AVLib\SSScsiSV.exe D:\itunes\iTunesHelper.exe C:\Program Files\Windows Live\Contrôle parental\fssui.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe C:\WINDOWS\system32\LVComS.exe C:\Program Files\Sony\sonicstage mastering studio\audio filter\SSMSFilter.exe C:\Program Files\Sony\vaio entertainment\VzTrayIcon.exe C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe C:\Program Files\Softwin\BitDefender9\vsserv.exe c:\program files\softwin\bitdefender9\bdmcon.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Windows Live\Messenger\usnsvc.exe C:\Program Files\Mozilla Firefox\firefox.exe D:\radio\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.club-vaio.com/fr R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: Windows Live OneCare Family Safety Browser Helper - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Contrôle parental\fssbho.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll O2 - BHO: VGOIEBHO Helper - {B6FA00D9-86EC-4158-9488-D00DFF897E86} - C:\Program Files\21cn\VGO\VGOIEBHO.dll O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O4 - HKLM\..\Run: [HKSERV.EXE] C:\Program Files\Sony\HotKey Utility\HKserv.exe O4 - HKLM\..\Run: [VAIO Update 2] "C:\Program Files\sony\vaio update 2\VAIOUpdt.exe" /Stationary O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" O4 - HKLM\..\Run: [VZRemoteCommander] C:\Program Files\Sony\VAIO Zone Remote Commander\AvRmtCtr.exe O4 - HKLM\..\Run: [PDService.exe] C:\Program Files\Utimaco\SafeGuard PrivateDisk\pdservice.exe O4 - HKLM\..\Run: [VMConsole.exe] "C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VMConsole.exe" /windowmin O4 - HKLM\..\Run: [SsAAD.exe] C:\PROGRA~1\sony\SONICS~1\SsAAD.exe O4 - HKLM\..\Run: [TVTunerLib] C:\Program Files\Fichiers communs\Sony Shared\TVTunerLib\TVTLInstTool.exe O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe O4 - HKLM\..\Run: [BDMCon] "C:\Program Files\Softwin\BitDefender9\bdmcon.exe" O4 - HKLM\..\Run: [BDOESRV] "C:\Program Files\Softwin\BitDefender9\bdoesrv.exe" O4 - HKLM\..\Run: [BDNewsAgent] "c:\program files\softwin\bitdefender9\bdnagent.exe" O4 - HKLM\..\Run: [BDSwitchAgent] "c:\program files\softwin\bitdefender9\bdswitch.exe" O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start O4 - HKLM\..\Run: [iTunesHelper] "D:\itunes\iTunesHelper.exe" O4 - HKLM\..\Run: [fssui] "C:\Program Files\Windows Live\Contrôle parental\fssui.exe" -autorun O4 - HKLM\..\Run: [LOGGING_EPCP] "C:\Program Files\Parental Filter\LoggingEPCP.exe" start O4 - HKLM\..\Run: [QuickTime Task] "D:\quicktime\qttask.exe" -atboottime O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [Update Service] "C:\Program Files\Fichiers communs\Teknum Systems\update.exe" /startup O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - .DEFAULT User Startup: VAIO Launcher.lnk = C:\Program Files\Sony\VAIO Launcher\Launcher.exe (User 'Default user') O4 - Startup: VAIO Launcher.lnk = C:\Program Files\Sony\VAIO Launcher\Launcher.exe O4 - Global Startup: Assistant d'Acrobat.lnk = C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe O4 - Global Startup: Audio Filter.lnk = C:\Program Files\Sony\sonicstage mastering studio\audio filter\SSMSFilter.exe O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: État de l'enregistrement.lnk = C:\Program Files\Sony\vaio entertainment\VzTrayIcon.exe O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O10 - Unknown file in Winsock LSP: c:\program files\parental filter\hooklib.dll O10 - Unknown file in Winsock LSP: c:\program files\parental filter\hooklib.dll O10 - Unknown file in Winsock LSP: c:\program files\parental filter\hooklib.dll O10 - Unknown file in Winsock LSP: c:\program files\parental filter\hooklib.dll O10 - Unknown file in Winsock LSP: c:\program files\parental filter\hooklib.dll O10 - Unknown file in Winsock LSP: c:\program files\parental filter\hooklib.dll O10 - Unknown file in Winsock LSP: c:\program files\parental filter\hooklib.dll O10 - Unknown file in Winsock LSP: c:\program files\parental filter\hooklib.dll O10 - Unknown file in Winsock LSP: c:\program files\parental filter\hooklib.dll O10 - Unknown file in Winsock LSP: c:\program files\parental filter\hooklib.dll O10 - Unknown file in Winsock LSP: c:\program files\parental filter\hooklib.dll O10 - Unknown file in Winsock LSP: c:\program files\parental filter\hooklib.dll O10 - Unknown file in Winsock LSP: c:\program files\parental filter\hooklib.dll O10 - Unknown file in Winsock LSP: c:\program files\parental filter\hooklib.dll O10 - Unknown file in Winsock LSP: c:\program files\parental filter\hooklib.dll O10 - Unknown file in Winsock LSP: c:\program files\parental filter\hooklib.dll O10 - Unknown file in Winsock LSP: c:\program files\parental filter\hooklib.dll O10 - Unknown file in Winsock LSP: c:\program files\parental filter\hooklib.dll O10 - Unknown file in Winsock LSP: c:\program files\parental filter\hooklib.dll O10 - Unknown file in Winsock LSP: c:\program files\parental filter\hooklib.dll O16 - DPF: {27527D31-447B-11D5-A46E-0001023B4289} (CoGSManager Class) - http://gamingzone.ubisoft.com/dev/packages/GSManager.cab O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/pr02/resources/MSNPUpld.cab O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.safety.live.com/resource/download/scanner/wlscbase8460.cab O16 - DPF: {7E980B9B-8AE5-466A-B6D6-DA8CF814E78A} (MJLauncherCtrl Class) - http://zone.msn.com/bingame/luxr/default/mjolauncher.cab O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://cdn2.zone.msn.com/binFramework/v10/ZIntro.cab34246.cab O16 - DPF: {C45B1500-7B63-47C2-AB25-C28CB46AFDEE} (MediaBar) - http://sib1.od2.com/common/musicmanager/installation/MusicManagerPlugin.CAB O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O18 - Protocol: x-mem1n - {2AB77CF2-76FF-475C-9AB8-0332478CBDEB} - C:\Program Files\Parental Filter\wowctl.net.dll O18 - Protocol: x-mem3n - {0F4413E7-5D3B-4B1A-8AA2-E2307F06B228} - C:\Program Files\Parental Filter\eztoolslib.net.dll O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - D:\radio\aawservice.exe O23 - Service: Adobe Active File Monitor (AdobeActiveFileMonitor) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe O23 - Service: FileZilla Server FTP server (FileZilla Server) - Unknown owner - D:\radio\FileZilla Server\FileZilla Server.exe (file missing) O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: Image Converter video recording monitor for VAIO Entertainment - Sony Corporation - C:\Program Files\Sony\image converter 2\IcVzMon.exe O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Sunbelt Kerio Personal Firewall 4 (KPF4) - Unknown owner - D:\radio\parefeu\kpf4ss.exe (file missing) O23 - Service: LEC TranslateDotNet Server - Language Engineering Corporation, LLC - C:\Program Files\LEC\LogoMedia TranslateDotNet Server.exe O23 - Service: BitDefender Desktop Update Service (LIVESRV) - SOFTWIN S.R.L. - C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\MSCSPTISRV.exe O23 - Service: NBService - Nero AG - D:\Nero 7\Nero BackItUp\NBService.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\PACSPTISVR.exe O23 - Service: Photoshop Elements Device Connect (PhotoshopElementsDeviceConnect) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsDeviceConnect.exe O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - NetGroup - Politecnico di Torino - C:\Program Files\WinPcap\rpcapd.exe O23 - Service: Parental Filter (ServiceEPCP) - Unknown owner - C:\Program Files\Parental Filter\ServiceEPCP.exe O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SSScsiSV.exe O23 - Service: VAIO Entertainment Aggregation and Control Service - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment\VzRs\VzRs.exe O23 - Service: VAIO Entertainment Task Scheduler - Sony Corporation - C:\Program Files\Sony\vaio entertainment\VzTaskScheduler.exe O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe O23 - Service: VAIO Media Integrated Server (VAIOMediaPlatform-IntegratedServer-AppServer) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe O23 - Service: VAIO Media Integrated Server (HTTP) (VAIOMediaPlatform-IntegratedServer-HTTP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe O23 - Service: VAIO Media Integrated Server (UPnP) (VAIOMediaPlatform-IntegratedServer-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe O23 - Service: VAIO Media Gateway Server (VAIOMediaPlatform-Mobile-Gateway) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe O23 - Service: VAIO Cooporated Initialisation (VCI) - Sony Corporation - C:\Program Files\Sony\VAIO Cooperated Initialisation\VCI_SVC.exe O23 - Service: VAIO Entertainment UPnP Client Adapter (Vcsw) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe O23 - Service: BitDefender Virus Shield (VSSERV) - SOFTWIN S.R.L. - C:\Program Files\Softwin\BitDefender9\vsserv.exe O23 - Service: VAIO Entertainment Database Service (VzCdbSvc) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe O23 - Service: VAIO Entertainment File Import Service (VzFw) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe O23 - Service: BitDefender Communicator (XCOMM) - Softwin - C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe

antoine01000 · Answer

^^dsl g posté 2 fois le même rapport

voila de nouveau un rapport^^: 
 05/02/2008 a 14:20:30,54 
 
*** Recherche des fichiers dans C: 
 
*** Recherche des fichiers dans C:\WINDOWS\ 
 
*** Recherche des fichiers dans C:\WINDOWS\system32 
C:\WINDOWS\system32\bdod.bin FOUND 
C:\WINDOWS\system32\SpoonUninstall.exe FOUND 


++

Le sioux · Answer

Hello Antoine

On continu le nettoyage :

Je te conseille d'enregistrer la page en format HTLM afin d’appliquer la procédure comme il faut, pour cela : 
* Avec Firefox
- clique sur le menu Fichier (en haut à gauche), puis choisis Enregistrer sous...
- dans la boîte de dialogue Enregistrer sous, pour le champ "Enregistrer dans" (en haut), clique sur la flèche de la "liste déroulante" et choisis Bureau; pour le champ "Type", laisse Page Web complète; pour le champ "Nom du fichier", saisis Discussion en cours; termine en cliquant sur Enregistrer
* Avec Internet Explorer 7, presse la touche Alt pour faire apparaître le menu et suis les mêmes instructions qu’avec FireFox.
Pour afficher la page (après redémarrage), double-clique sur "Discussion en cours.htm" situé sur le Bureau..
Tu n'auras pas accès à Internet à partir du moment ou te redémarreras en mode sans échec.

Il faut exécuter toutes les étapes, sans interruption, dans l'ordre exact indiqué ci-dessous.
Si un élément te paraît obscur, demande des explications avant de commencer la désinfection

1) Télécharge

--  CCleaner
https://www.ccleaner.com/ccleaner/download
Choisi de préférence la version SLIM-No Toolbar.
Installe-le en prenant soin de décocher les diverses options dont la barre Yahoo et la mise à jour.
Lance CCleaner puis Clique sur "Options", "Avancé" et décoche la case "Effacer uniquement les fichiers, du dossier Temp de Windows, plus vieux que 48 heures".
 Pour les autres paramètres, laisse-le avec ses réglages par défaut.
Ferme le programme pour l’instant.

--la version d'essai d'AVG Anti-Spyware 7.5 depuis http://www.grisoft.com/doc/downloads-products/ww/crp/0?prd=triasw
Installe la puis...Lancer AVG Anti-Spyware.
Clique sur le menu Mise à jour.
Dans le paragraphe Mise à jour manuelle, cliquer sur le bouton Commencer la mise à jour.
Attends la fin de cette mise à jour puis ferme le programme.
Ne pas lancer d'analyse maintenant

2) Redémarre en mode sans échec

Regarde ici si besoin avant ici  : http://pageperso.aol.fr/loraline60/mode_sans_echec.htm
Au redémarrage de l'ordinateur, une fois le chargement du BIOS terminé, il y a un écran noir qui apparaît rapidement, appuie sur la touche [F8]  (ou [F5]  sur certains pc) jusqu'à l'affichage du menu des options avancées de Windows.
Sélectionner "Mode sans échec" et appuie sur  [Entrée] 
Il faudra choisir ta session habituelle, pas le compte "Administrateur" ou une autre. 

Ouvre le fichier HTLM sauvegardé sur le Bureau afin de suivre les instructions comme il faut.

3) Cleanzip

* Ouvre le dossier Clean qui se trouve sur ton bureau.
* Double-clique sur clean.cmd.
* Une fenêtre noire va apparaître, choisis l'option 2.

Laisse finir son travail puis ferme le .

4) Lance AVG Anti-Spyware 7.5

--Réglages

Clique sur le menu Analyse (de la barre d'outils).
Clique sur l'onglet Paramètres.
Dans Comment réagir? clique sur Actions recommandées et choisir Quarantaine.
Dans Comment faire l'analyse ? et dans Programmes potentiellement dangereux, vérifier que toutes les cases soient cochées.
Dans Rapports cocher "générer un rapport après chaque analyse"

-- Scan
Dans l'onglet Analyse
Clique sur Analyse complète du système.
Important : Ne pas ouvrir de fenêtre, ne pas lancer de programme pendant l'exécution de AVG Anti-Spyware, car cela pourrait interférer avec le processus de recherche.
Tres important : A la fin de l'analyse, clique sur " Appliquer toutes les actions"
Ensuite.
Cliquer sur "Enregistrer le rapport". Ceci génère un rapport en fichier texte qui se trouve dans le dossier Reports du dossier d'AVG Anti-Spyware.( C:\Programfiles\Grisoft\AVG Antispyware 7.5\Reports)
 
Puis ferme AVG Anti-Spyware.

5) Suppression de fichiers inutiles avec CCleaner

Lance CCleaner en double-cliquant sur son raccourci sur le bureau.
Puis dans le menu Nettoyeur
Clique sur Analyse (laisser travailler cela peut durer longtemps la 1ere fois)
Clique sur le bouton Lancer le nettoyage.
Clique une seconde fois sur le bouton Lancer le nettoyage puis ferme CCleaner.

6) Rapports

Fais redémarrer le PC en mode normal puis poste en réponse :
* Un nouveau rapport HijackThis 
*  Le rapport d AVG antispyware 7.5 situé ici C:\Programfiles\Grisoft\AVG Antispyware 7.5\Reports 
* Le rapport de  Cleanzip qui se trouve ici C:\rapport_clean.txt

Bon courage

 @+

antoine01000 · Answer

salut 
rapport hijackthis:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:45:58, on 06/02/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
D:adio\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
D:adio\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\LEC\LogoMedia TranslateDotNet Server.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Microsoft SQL Server\MSSQL$VAIO_VEDB\Binn\sqlservr.exe
C:\WINDOWS\system32
vsvc32.exe
C:\Program Files\Parental Filter\ServiceEPCP.exe
C:\Program Files\Sony\vaio entertainment\VzTaskScheduler.exe
C:\Program Files\Sony\HotKey Utility\HKserv.exe
C:\Program Files\sony\vaio update 2\VAIOUpdt.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\Sony\VAIO Zone Remote Commander\AvRmtCtr.exe
C:\Program Files\Sony\HotKey Utility\HKWnd.exe
C:\Program Files\Utimaco\SafeGuard PrivateDisk\pdservice.exe
C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe
C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VMConsole.exe
C:\PROGRA~1\sony\SONICS~1\SsAAD.exe
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\Softwin\BitDefender9\bdmcon.exe
C:\Program Files\Softwin\BitDefender9\bdoesrv.exe
C:\program files\softwin\bitdefender9\bdnagent.exe
C:\program files\softwin\bitdefender9\bdswitch.exe
D:\itunes\iTunesHelper.exe
C:\Program Files\Windows Live\Contrôle parental\fssui.exe
C:\Program Files\Parental Filter\LoggingEPCP.exe
C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
D:adio\AVG Anti-Spyware 7.5\avgas.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\LVComS.exe
C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe
C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
C:\Program Files\Sony\sonicstage mastering studio\audio filter\SSMSFilter.exe
C:\Program Files\Adobe\Acrobat 7.0\Readereader_sl.exe
C:\Program Files\Sony\vaio entertainment\VzTrayIcon.exe
C:\Program Files\Sony\VAIO Launcher\Launcher.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe
C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe
C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Softwin\BitDefender9\vsserv.exe
C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment\VzRs\VzRs.exe
C:\Program Files\Fichiers communs\Sony Shared\AVLib\SSScsiSV.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
D:adio\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.club-vaio.com/fr
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Windows Live OneCare Family Safety Browser Helper - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Contrôle parental\fssbho.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: VGOIEBHO Helper - {B6FA00D9-86EC-4158-9488-D00DFF897E86} - C:\Program Files\21cn\VGO\VGOIEBHO.dll (file missing)
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [HKSERV.EXE] C:\Program Files\Sony\HotKey Utility\HKserv.exe
O4 - HKLM\..\Run: [VAIO Update 2] "C:\Program Files\sony\vaio update 2\VAIOUpdt.exe" /Stationary
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [VZRemoteCommander] C:\Program Files\Sony\VAIO Zone Remote Commander\AvRmtCtr.exe
O4 - HKLM\..\Run: [PDService.exe] C:\Program Files\Utimaco\SafeGuard PrivateDisk\pdservice.exe
O4 - HKLM\..\Run: [VMConsole.exe] "C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VMConsole.exe" /windowmin
O4 - HKLM\..\Run: [SsAAD.exe] C:\PROGRA~1\sony\SONICS~1\SsAAD.exe
O4 - HKLM\..\Run: [TVTunerLib] C:\Program Files\Fichiers communs\Sony Shared\TVTunerLib\TVTLInstTool.exe
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [BDMCon] "C:\Program Files\Softwin\BitDefender9\bdmcon.exe"
O4 - HKLM\..\Run: [BDOESRV] "C:\Program Files\Softwin\BitDefender9\bdoesrv.exe"
O4 - HKLM\..\Run: [BDNewsAgent] "C:\Program Files\Softwin\BitDefender9\bdnagent.exe"
O4 - HKLM\..\Run: [BDSwitchAgent] "C:\Program Files\Softwin\BitDefender9\bdswitch.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [iTunesHelper] "D:\itunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [fssui] "C:\Program Files\Windows Live\Contrôle parental\fssui.exe" -autorun
O4 - HKLM\..\Run: [LOGGING_EPCP] "C:\Program Files\Parental Filter\LoggingEPCP.exe" start
O4 - HKLM\..\Run: [QuickTime Task] "D:\quicktime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "D:adio\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Update Service] "C:\Program Files\Fichiers communs\Teknum Systems\update.exe" /startup
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - .DEFAULT User Startup: VAIO Launcher.lnk = C:\Program Files\Sony\VAIO Launcher\Launcher.exe (User 'Default user')
O4 - Startup: VAIO Launcher.lnk = C:\Program Files\Sony\VAIO Launcher\Launcher.exe
O4 - Global Startup: Assistant d'Acrobat.lnk = C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe
O4 - Global Startup: Audio Filter.lnk = C:\Program Files\Sony\sonicstage mastering studio\audio filter\SSMSFilter.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Readereader_sl.exe
O4 - Global Startup: État de l'enregistrement.lnk = C:\Program Files\Sony\vaio entertainment\VzTrayIcon.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\program files\parental filter\hooklib.dll
O10 - Unknown file in Winsock LSP: c:\program files\parental filter\hooklib.dll
O10 - Unknown file in Winsock LSP: c:\program files\parental filter\hooklib.dll
O10 - Unknown file in Winsock LSP: c:\program files\parental filter\hooklib.dll
O10 - Unknown file in Winsock LSP: c:\program files\parental filter\hooklib.dll
O10 - Unknown file in Winsock LSP: c:\program files\parental filter\hooklib.dll
O10 - Unknown file in Winsock LSP: c:\program files\parental filter\hooklib.dll
O10 - Unknown file in Winsock LSP: c:\program files\parental filter\hooklib.dll
O10 - Unknown file in Winsock LSP: c:\program files\parental filter\hooklib.dll
O10 - Unknown file in Winsock LSP: c:\program files\parental filter\hooklib.dll
O10 - Unknown file in Winsock LSP: c:\program files\parental filter\hooklib.dll
O10 - Unknown file in Winsock LSP: c:\program files\parental filter\hooklib.dll
O10 - Unknown file in Winsock LSP: c:\program files\parental filter\hooklib.dll
O10 - Unknown file in Winsock LSP: c:\program files\parental filter\hooklib.dll
O10 - Unknown file in Winsock LSP: c:\program files\parental filter\hooklib.dll
O10 - Unknown file in Winsock LSP: c:\program files\parental filter\hooklib.dll
O10 - Unknown file in Winsock LSP: c:\program files\parental filter\hooklib.dll
O10 - Unknown file in Winsock LSP: c:\program files\parental filter\hooklib.dll
O10 - Unknown file in Winsock LSP: c:\program files\parental filter\hooklib.dll
O10 - Unknown file in Winsock LSP: c:\program files\parental filter\hooklib.dll
O16 - DPF: {27527D31-447B-11D5-A46E-0001023B4289} (CoGSManager Class) - http://gamingzone.ubisoft.com/dev/packages/GSManager.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/pr02/resources/MSNPUpld.cab
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.safety.live.com/resource/download/scanner/wlscbase8460.cab
O16 - DPF: {7E980B9B-8AE5-466A-B6D6-DA8CF814E78A} (MJLauncherCtrl Class) - http://zone.msn.com/bingame/luxr/default/mjolauncher.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://cdn2.zone.msn.com/binFramework/v10/ZIntro.cab34246.cab
O16 - DPF: {C45B1500-7B63-47C2-AB25-C28CB46AFDEE} (MediaBar) - http://sib1.od2.com/common/musicmanager/installation/MusicManagerPlugin.CAB
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: x-mem1n - {2AB77CF2-76FF-475C-9AB8-0332478CBDEB} - C:\Program Files\Parental Filter\wowctl.net.dll
O18 - Protocol: x-mem3n - {0F4413E7-5D3B-4B1A-8AA2-E2307F06B228} - C:\Program Files\Parental Filter\eztoolslib.net.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - D:adio\aawservice.exe
O23 - Service: Adobe Active File Monitor (AdobeActiveFileMonitor) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - D:adio\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
O23 - Service: FileZilla Server FTP server (FileZilla Server) - Unknown owner - D:adio\FileZilla Server\FileZilla Server.exe (file missing)
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Image Converter video recording monitor for VAIO Entertainment - Sony Corporation - C:\Program Files\Sony\image converter 2\IcVzMon.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Sunbelt Kerio Personal Firewall 4 (KPF4) - Unknown owner - D:adio\parefeu\kpf4ss.exe (file missing)
O23 - Service: LEC TranslateDotNet Server - Language Engineering Corporation, LLC - C:\Program Files\LEC\LogoMedia TranslateDotNet Server.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - SOFTWIN S.R.L. - C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: NBService - Nero AG - D:\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32
vsvc32.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Photoshop Elements Device Connect (PhotoshopElementsDeviceConnect) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsDeviceConnect.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - NetGroup - Politecnico di Torino - C:\Program Files\WinPcappcapd.exe
O23 - Service: Parental Filter (ServiceEPCP) - Unknown owner - C:\Program Files\Parental Filter\ServiceEPCP.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SSScsiSV.exe
O23 - Service: VAIO Entertainment Aggregation and Control Service - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment\VzRs\VzRs.exe
O23 - Service: VAIO Entertainment Task Scheduler - Sony Corporation - C:\Program Files\Sony\vaio entertainment\VzTaskScheduler.exe
O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe
O23 - Service: VAIO Media Integrated Server (VAIOMediaPlatform-IntegratedServer-AppServer) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe
O23 - Service: VAIO Media Integrated Server (HTTP) (VAIOMediaPlatform-IntegratedServer-HTTP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
O23 - Service: VAIO Media Integrated Server (UPnP) (VAIOMediaPlatform-IntegratedServer-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
O23 - Service: VAIO Media Gateway Server (VAIOMediaPlatform-Mobile-Gateway) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe
O23 - Service: VAIO Cooporated Initialisation (VCI) - Sony Corporation - C:\Program Files\Sony\VAIO Cooperated Initialisation\VCI_SVC.exe
O23 - Service: VAIO Entertainment UPnP Client Adapter (Vcsw) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - SOFTWIN S.R.L. - C:\Program Files\Softwin\BitDefender9\vsserv.exe
O23 - Service: VAIO Entertainment Database Service (VzCdbSvc) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
O23 - Service: VAIO Entertainment File Import Service (VzFw) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
O23 - Service: BitDefender Communicator (XCOMM) - Softwin - C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe

Le sioux · Answer

Bonsoir Antoine

1/ Vide la quarantaine d'AVG Antispyware

Double-clique sur le raccourci d'AVG Antispyware 7.5 présent sur ton Bureau afin de le lancer, puis clique sur "Infections", clique sur "Tout sélectionner" puis sur "Supprimer définitivement".
Ferme AVG Antispyware.

2/ Si AVG t'a ttrouvé des cookies, c est qu'il  te faut mieux gerer ceux ci

-- Avec I.E outils/options/ onglet confidentialité/avancés/
*Cocher ignorer gestion automatique des cookies
*Cocher accepter cookies interne et refuser cookies tierce puis appliquer et ok

-- Avec Firefox outils/options/vie privée
*conserver les cookies --> jusqu a la fermeture de Firefox sur PC Astuces">Firefox
*dans paramètres , cocher cookies
*puis cocher "toujours effacer mes informations personnelles a la fermeture de Firefox puis valider par ok
Sinon, pour FF, il y a des extensions pour cela (au moins 4 a C) --> https://www.hugedomains.com/domain_profile.cfm?d=geckozone&e=org#C

Passer CCleaner régulièrement, fonction nettoyeur


Cookies (biscuit)
Un cookie est un enregistrement d'informations par le serveur dans un fichier texte situé sur l'ordinateur client.
Il se compose d'un ensemble de variables que le client et le serveur s'échangent lors de transactions HTTP,ce qui permet d'éviter de se connecter à nouveau sur un forum par exemple ,ou d'aller directement sur la page d'un site, etc......
Sans problème quand ils sont utilisés par des "entités",ils peuvent se révéler trés dangereux mal employés.
En effet, ils peuvent stocker une multitudes de renseignements, qui récoltés par un spyware, permet de se connecter au service Web sous le compte de l'utilisateur.
extrait  de   https://forum.pcastuces.com/sujet.asp?f=25&s=14911   gigrionne

3/ On va supprimer toutes les traces des logiciels que nous avons utilisés qui traitent des infections spécifiques et ceci grâce a  ToolsCleaner  de A.Rothstein 

Télécharge le  http://a-rothstein.changelog.fr/TC/ToolsCleaner2.exe sur ton Bureau. 
* Double-clique sur ToolsCleaner2.bat et laisse le travailler
* Clique sur Recherche et laisse le scan se terminer. 
* Clique sur Suppression pour finaliser. 
* Tu peux, si tu le souhaites, te servir des Options facultatives. 
* Clique sur Quitter, pour que le rapport puisse se créer.

-->  Poste moi Le rapport de ToolsCleaner  ( qui se trouve à la racine de ton disque dur (C:\TCleaner.txt )

@ suivre.

antoine01000 · Answer

lu
voila le rapport :

-->- Recherche: 

C:\Combofix: trouvé !
C:\Qoobox: trouvé !
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HijackThis: trouvé !
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HijackThis\HijackThis.lnk: trouvé !
C:\Documents and Settings\Jean-Yves\Bureau\ComboFix.exe: trouvé !
C:\Documents and Settings\Jean-Yves\Bureau\clean\clean	ar.exe: trouvé !
C:\Documents and Settings\Jean-Yves\Bureau\clean\cleanemove.reg: trouvé !
C:\Documents and Settings\Jean-Yves\Bureau\clean\clean\pskill.exe: trouvé !
C:\Documents and Settings\Jean-Yves\Bureau\clean\clean\LFiles.exe: trouvé !
C:\Documents and Settings\Jean-Yves\Bureau\clean\clean\gzip.exe: trouvé !
C:\Documents and Settings\Jean-Yves\Bureau\clean\clean\delsiri.cmd: trouvé !
C:\Documents and Settings\Jean-Yves\Bureau\clean\clean\delr.cmd: trouvé !
C:\Documents and Settings\Jean-Yves\Bureau\clean\clean\del3.cmd: trouvé !
C:\Documents and Settings\Jean-Yves\Bureau\clean\clean\del2.cmd: trouvé !
C:\Documents and Settings\Jean-Yves\Bureau\clean\clean\clean.cmd: trouvé !
C:\Documents and Settings\Jean-Yves\Bureau\clean\clean\cherche.cmd: trouvé !
C:\Documents and Settings\Jean-Yves\Recent\HijackThis.lnk: trouvé !
C:\QooBox\Quarantine\C\Combofix: trouvé !


Restauration annulée !
---------------------------------
-->- Suppression: 
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HijackThis\HijackThis.lnk: supprimé !
C:\Documents and Settings\Jean-Yves\Bureau\ComboFix.exe: supprimé !
C:\Documents and Settings\Jean-Yves\Bureau\clean\clean	ar.exe: supprimé !
C:\Documents and Settings\Jean-Yves\Bureau\clean\cleanemove.reg: supprimé !
C:\Documents and Settings\Jean-Yves\Bureau\clean\clean\pskill.exe: supprimé !
C:\Documents and Settings\Jean-Yves\Bureau\clean\clean\LFiles.exe: supprimé !
C:\Documents and Settings\Jean-Yves\Bureau\clean\clean\gzip.exe: supprimé !
C:\Documents and Settings\Jean-Yves\Bureau\clean\clean\delsiri.cmd: supprimé !
C:\Documents and Settings\Jean-Yves\Bureau\clean\clean\delr.cmd: supprimé !
C:\Documents and Settings\Jean-Yves\Bureau\clean\clean\del3.cmd: supprimé !
C:\Documents and Settings\Jean-Yves\Bureau\clean\clean\del2.cmd: supprimé !
C:\Documents and Settings\Jean-Yves\Bureau\clean\clean\clean.cmd: supprimé !
C:\Documents and Settings\Jean-Yves\Bureau\clean\clean\cherche.cmd: supprimé !
C:\Documents and Settings\Jean-Yves\Recent\HijackThis.lnk: supprimé !
C:\Combofix: supprimé !
C:\Qoobox: supprimé !
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HijackThis: supprimé !

Restauration annulée !
Point de restauration crée !

Le sioux · Answer

Bonsoir Antoine Dernier effort, avec un controle ultime : Scan en ligne chez Bitdefender * Fais un scan antivirus en ligne https://www.bitdefender.fr/ avec IE et copie colle le résultat ici * En bas, à gauche de la fenêtre, clique sur BitDefender SCAN ONLINE * Dans la nouvelle fenêtre, clique sur I agree * La fenêtre change encore, clique sur Click here to scan * Les signatures se chargent, etc. Aide toi de ce Tuto (merci Morgane) http://pageperso.aol.fr/loraline60/bitdefender_scan.htm Poste en réponse le rapport de scan qui se trouve ici C:\windows\bdoscan8\scanres.txt ou scanres.html @ suivre car il restera des conseils de sécurité à appliquer.

antoine01000 · Answer

slt
  comme ta pu ss doute le remarquer g le logiciel bitdefender, tu préfères pas que je tenvoie le rapport de bitdefender installé sur mon PC?
++

antoine01000 · Answer

voila le rapport bitdefender de mon pc:


//-----------------------------------------------------------------
//
//	Product: BitDefender 9 Internet Security
//	Version: 9.0
//
//	Créé le: 	08/02/2008	18:32:25
//
//-----------------------------------------------------------------


Statistiques

Chemin cible: 	C:\
		D:\
Dossiers	 : 13615
Fichiers	 :  335545
Archives	: 202 
Fichiers empaquetés	 : 7708
Virus trouvés 	 : 0
Fichiers infectés 	 : 0
Alertes 	 : 0
Fichiers suspects 	 : 0
Fichiers désinfectés 	 : 0
Fichiers effacés 	 : 0
Fichiers copiés 	 : 0
Fichiers déplacés	: 0
Fichiers renommés 	 : 0
Erreurs I/O 	 : 58
Temps d'analyse 	 := 01:05:00
Fichiers/seconde 	 :86

Définitions virus 	: 979785
Plugins d'analyse	: 16
Plugins archives	: 41
Plug-ins décompression	: 7
Plug-ins messagerie	: 6
Plug-ins système	: 5

Options d'analyse

Détection
[X] Analyser le secteur de boot
[ ] Analyser les archives
[X] Analyser les fichiers en paquets
[X] Analyser la messagerie

Masque fichiers
[ ] Programmes
[X] Tous les fichiers
[ ] Extensions définies par l'utilisateur: 
[ ] Exclure les extensions: ;

Action

Objets infectés
[ ] Ignorer
[ ] Désinfecter
[X] Effacer
[ ] Copier
[ ] Déplacer dans le dossier infectés
[ ] Renommer
[ ] Demander l'action

Seconde action
[ ] Ignorer
[X] Effacer
[ ] Copier
[ ] Déplacer dans le dossier infectés
[ ] Renommer
[ ] Demander l'action

Options d'analyse
[X] Activer les alertes
[X] Activer l'heuristique
[ ] Afficher tous les fichiers dans le journal
[X] Fichier journal : Logs\vscan_1202491945.log

Le sioux · Answer

Bonsoir Antoine J'aurai préféré le scan en ligne ... Ok, si tout est bon alors, on peut conclure : ========================================================================= -- Pour CCleaner ----> Tu peux par contre, garder et utiliser CCleaner fonction "Nettoyeur" sans modération , reccoche seulement dans avancés "Ne pas effacer fichiers...48h" un petit complément d’info sur celui-ci : http://perso.orange.fr/jesses/Docs/Logiciels/CCleaner.htm (Attention toutefois à l'utilisation de la fonction Erreur , sauvegarder les changements faits dans le Registre par sécurité.) --Pour AVG AS ---> Au bout des 30 jours d'essais , AVG Anti-Spyware restera utilisable sans limitation de durée, mais avec deux restrictions : *- pas de surveillance en temps réel *- pas de mise à jour automatique en ligne. Il restera un bon scan passif avec lequel tu pourras effectuer un nettoyage hebdomadaire, sans oublier de faire une mise à jour manuelle avant d'exécuter l’analyse . ========================================================================= Je vais te donner plusieurs conseils par ordre de priorité, prends le temps de lire et d’exécuter cela à ton rythme, ne "t’abrutis" pas à tout faire d'un coup, quitte a y revenir par a coups et suivre ainsi petit à petit les différentes instructions. ========================================================================= => Maintenant que ton PC n'est plus infecté, désactive ta "Restauration du système" puis réactive la, ce qui créera un point de restauration sain * Désactivation : Cliquer droit sur le "Poste de travail" > Propriétés > onglet "Restauration du système" > cocher la case "Désactiver la Restauration du système sur tous les lecteurs" > Appliquer patiente jusqu’a ce que cela soit marqué "désactivé" puis Ok. * Activation : Suivre le même chemin ; décocher la case "Désactiver la Restauration du système sur tous les lecteurs" > Appliquer attends que cela soit à nouveau sur "surveillance" puis Ok. Redémarrer l'ordinateur.. ========================================================================= => Il te faut impérativement tenir à jour régulièrement Windows ainsi qu’ Internet Explorer : Via Internet Explorer, rends toi sur Microsoft Update http://www.update.microsoft.com/windowsupdate/v6/default.aspx Effectue toutes les mise à jour critiques proposées. Tu seras obligé de faire redémarrer ton PC et de retourner à la fonction de mise à jour jusqu'à ce qu'il n'y ait plus rien de signalé. Mettez à jour Internet Explorer s'il est en version 6, même si vous ne l'utilisez pas. Gratuit et même pour les systèmes Windows non authentiques, ça se passe ici : https://support.microsoft.com/en-us/office/internet-explorer-help-23360e49-9cd3-4dda-ba52-705336cc0de2?ui=en-US&rs=en-001&ad=US => Il faut mettre a jour la console Java régulièrement aussi : Rends toi sur https://www.java.com/fr/download/manual.jsp et télécharge la dernière version (si ta version actuelle n'est pas à jour) ou ici https://filehippo.com/download_jre_32/?ex=CORE-116.0 Après avoir installé la dernière version, désinstalle les anciennes versions (de java) afin d’éliminer les failles de sécurité présentes dans ces anciennes versions. via Démarrer / paramètres / panneau de config / et dans ajout/suppression de programme navigue jusqu'aux anciennes versions de la console java qui s'y trouvent, puis supprimer, suis les invites de commandes dans la boite de dialogue qui va s'ouvrir afin d'amener la désinstallation à son terme. Fais cela pour chacune d'elles, une à une, fais redémarrer ton PC quand cela te sera demandé . Retourne ensuite chez Java ci-dessus et clique sur le bouton "Vérifier l'installation" pour t'assurer que tout est en ordre. ========================================================================= => Installe un pare-feu pour remplacer celui de Windows qui est insuffisant : Regarde celui-ci en gratuit : * ComodoFirewallPro 2.4 http://www.personalfirewall.comodo.com/ Version 2.4 en français en bas de page ici http://www.personalfirewall.comodo.com/download_firewall.html Comodo Firewall Pro − French Version 2.4 Option 1 Download French Version of Comodo Firewall Pro 2.4 (Size: 8.48 MB) - Tuto https://infomars.fr/forum/index.php?s=908072e48ff7cf0359366440cb26c93f&showtopic=389 http://www.nordicnature.net/tutorials/comodo/cf24wiz.htm Attention ce pare-feu existe aussi en version 3.0 mais en version anglaise uniquement et plus difficile à paramétrer Tuto pour la version 3.0https://infomars.fr/forum/index.php?showtopic=1225 Tu peux constater son efficacité en regardant son résultat aux tests firewall: http://www.matousec.com/index.html => Un complément au pare-feu pour fermer les ports risqués (dangereux, s’ils restent ouverts) : ZebProtect (application ne nécessitant pas d’installation à lancer et paramétrer une unique fois) http://telechargement.zebulon.fr/123.html -Tuto https://www.zebulon.fr/dossiers/autres/40-zebprotect.html ========================================================================= => Pour sécuriser ta navigation -- Un programme incontournable : SpyBot-Search & Destroy 1.5 (scan passif + protection préventive avec ses 2 résidents, ses vaccinations et sa liste Hosts ) https://www.safer-networking.org/ -démo d’utilisation http://perso.orange.fr/rginformatique/section%20virus/demo%20spybot.htm -Tuto : https://www.malekal.com/spybot-search-destroy-proteger-desinfecter-pc-virus/ http://perso.orange.fr/jesses/Docs/Logiciels/Spybot.htm -- Tutorial pour sécuriser FireFox : https://forum.zebulon.fr/topic/69628-s%C3%A9curiser-un-peu-plus-firefox/ --Comportement à adopter http://assiste.com.free.fr/p/abc/a/safe_cex.html ========================================================================= => Afin d’éviter les autres failles de sécurité des différents programmes présents sur ton PC : Vérifie tes mises à jours des différents softs régulièrement ici et mets à jour ce qui ne l’est pas. https://www.flexera.com/products/operations/software-vulnerability-management.html -Tuto https://www.malekal.com/tester-la-vulnerabilite-de-son-systeme-2/ -Autre possibilité, t'abonner gratuitement a "la lettre hebdomadaire de secuser.com" ici http://www.secuser.com/ a gauche en bas de page. ========================================================================= => Pour améliorer la sécurité de ton PC prends quelques instants pour lire Sécuriser son PC +WIFI (versions "hot" & "light") de Philae https://forum.pcastuces.com/default.asp https://www.malekal.com/fichiers/projetantimalwares/prevention-protection.pdf (téléchargeable en Pdf) => Rappel sur les principales causes d'infection : * L'utilisation de cracks ou keygens est à proscrire, de même que le surf sur les sites de téléchargement de ceux-ci : Les dangers des cracks : http://forum.malekal.com/ftopic893.php Le crack dans toute sa splendeur, journal d'une infection attendue : https://forum.zebulon.fr/topic/93281-pr%C3%A9vention-le-crack-dans-toute-sa-splendeur/ * Le P2P ( l'utilisation de logiciels comme eMule, Sharazaa, LimeWire, Bit torrent ): Les conséquences du P2P : https://forum.zebulon.fr/topic/85544-pr%C3%A9vention-le-p2p-et-ses-cons%C3%A9quences/ Pourquoi éviter le P2P : http://www.speedweb1.org/forum-tesgaz/viewtopic.php?t=1793 https://lexpansion.lexpress.fr/actualite-economique/ * Prévention sur deux autres types d'infection d'actualité : MSN prévention : https://forum.zebulon.fr/topic/130590-infection-par-msn-ou-wlm/ Infection par supports amovibles (clefs usb, flash, DD externes ..) https://forum.zebulon.fr/topic/131959-infections-par-supports-amovibles/ https://forum.malekal.com/viewtopic.php?f=45&t=5544 ========================================================================= => Pour optimiser un peu ton PC * Pense à lancer une défragmentation. Tuto : http://www.linternaute.com/hightech/nettoyagepc/nettoyagepc1.shtml * Gère tes services grâce à ces 2 liens http://speedweb1.free.fr/frames2.php?page=service3 et http://speedweb1.free.fr/frames2.php?page=service4 * Utilise Zeb Utility de Sebdraluorg une application ne nécessitant pas d’installation, pour optimiser un poil ton pc. (merci a l ami Zebulon) Téléchargement : https://www.zebulon.fr/telechargements/utilitaires/optimisation/zeb-utility.html Tuto : https://www.zebulon.fr/dossiers/autres/58-zebutility.html * Utilise Ccleaner fonction nettoyeur de manière journalière. ========================================================================= Voila, content d'avoir pu t'aider. Salut.

antoine01000 · Answer

oua! ok! g de la lecture,si une analyse de bitdefender dit que g un virus mais qu'il ne peut le supprimer estcque je dois faire l'analyse en mode ss échec?

++

Le sioux · Answer

Bonjour Antoine

Ouaips, tenter de le supprimer en mode sans échec est une 1ere bonne intention.

Partage avec ceux qui t'entourent ce que tu as pu apprendre au cours de cette expérience, aide-les à sécuriser leurs PCs, à mettre leurs logiciels à jours et à mettre en place des mesures préventives et une attitude de surf "saine" pour éviter les problèmes.
C'est tellement mieux un PC qui fonctionne bien !

Salut, bonne lectures et bon surf.

antoine01000 · Answer

merci bcp le sioux et Pi-Xi

à la propchaine

Virus retapu-d c pas toi??

34 réponses

Votre réponse

Discussions similaires

Newsletters