Virus vereux sur Windows Live tres tenace !!

Bonjour,

Supprime ta version de MSNFix puis recommence.

bonjour,
je viens de re-telecharger MSNFix 1.676 (01.net) sur le bureau , ensuite installer et tjours cette fenetre bleue (MSNFix=Language dans le cadre).
Quelque soit ce que je clique ou tape ou presse rien ne se passe!
Que faire ?
Apres un scann de Avast, j'ai ceci dans la zone de quarantaine;
A003185.exe C:\VolumeInformation\_restore[B7Affc1a- etc....
dwlfqm.exe C:\Documents and settings\ etc...
jhyyrg.exe C:\WINDOWS\systeme32
Puis-je detruire a partir de Avast ?

Encore merci de votre aide !
Cordialement.

pleyadier

Re,

La procédure est la suivante :
(pour choisir une option il faut taper sur la lettre puis valider avec entrée)

Bonjour !

J'ai tres exactement fait les choses suivantes :
Télécharge MSNFix.zip (!aur3n7) sur ton Bureau.
Décompresse-le sur ton bureau (Clique-Droit/Extraire tout).

Ouvre le dossier MSNFix puis double-clique sur MSNFix.bat.
- Exécute l'option R.

Et a partir d' ici rien ne va plus !!! Je presse "Enter" mais rien ne se passe a part que ca me vire la fenetre de Internet Explorer, il y a juste cette fenetre bleue qui reste !!!
J'ai attendu un bon quart d'heure avant de la refermer et rouvrir IE pour poster cette reponse.
Que faire ?
Merci, et toujours cordialement.

pleyadier

Le programme tue l'explorer temporairement pour mieux agir.
Patiente encore un peu pour voir. Mais avant, tu as combien d'antivirus ?

Bonjour!

Il y a Norton360symantec que j'ai desactiver et remplace par avast. Au moins avec celui-ci je sais comment scanner l'ordi .
J'ai garder "HijackThis" pres a l'emploi, si j'atteins ce stade !
(je rappelle que je suis nul et suis sur l'ordi d'une amie, pas sur le mien qui est encore sain mais a Paris: je suis en Chine encore quelques jours et ce serait sympa que je reparte en lui laissant son ordi dans l'etat ou elle me l'a prete )
Explorer fonctionne presque aussi rapidement que normal, lorsque je clique droit sur le raccourci et fait "Start Without Add-on"

Merci Docteur de vos consultations a distance!

Cordialement.

pleyadier

Tu as retenter un scan MSNFix ?

[#ff0000]Désactive tes protections résidentes (antivirus, Spybot...) ![/#f]

Télécharge Combofix ([#ff0000]sUBs[/#f]) sur ton Bureau.

Double clique sur combofix.exe afin de le lancer.

Tape sur la touche 1 (Yes) pour démarrer le scan.

Lorsque le scan sera complété, un rapport apparaîtra. Poste ce rapport dans ta prochaine réponse.

Bonjour !

J'ai tout desactive: Firewall, Norton, Avast, Automatic Update...,
desinstalle Windows Live Messenger, passer Ccleaner et defragmente.

Refais MSNFix = suis pas arrive plus loin que les autres fois.

Refais Combofix 2 fois et voici le rapport :

ComboFix 08-03-07.1 - pascale 2008-03-12 19:11:28.5 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.556 [GMT 8:00]
Running from: C:\Documents and Settings\pascale\Desktop\ComboFix.exe

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

((((((((((((((((((((((((( Files Created from 2008-02-12 to 2008-03-12 )))))))))))))))))))))))))))))))
.

2008-03-10 05:15 . 2008-03-10 05:15 244 --ah----- C:\sqmnoopt03.sqm
2008-03-10 05:15 . 2008-03-10 05:15 232 --ah----- C:\sqmdata03.sqm
2008-03-10 05:11 . 2008-03-10 05:11 244 --ah----- C:\sqmnoopt02.sqm
2008-03-10 05:11 . 2008-03-10 05:11 232 --ah----- C:\sqmdata02.sqm
2008-03-10 05:09 . 2008-03-10 05:09 244 --ah----- C:\sqmnoopt01.sqm
2008-03-10 05:09 . 2008-03-10 05:09 232 --ah----- C:\sqmdata01.sqm
2008-03-10 05:00 . 2008-03-10 05:00 244 --ah----- C:\sqmnoopt00.sqm
2008-03-10 05:00 . 2008-03-10 05:00 232 --ah----- C:\sqmdata00.sqm
2008-03-07 22:03 . 2006-07-28 09:30 236,824 --a------ C:\WINDOWS\system32\xactengine2_3.dll
2008-03-07 22:03 . 2006-07-28 09:30 62,744 --a------ C:\WINDOWS\system32\xinput1_2.dll
2008-03-07 22:02 . 2005-05-26 15:34 2,297,552 --a------ C:\WINDOWS\system32\d3dx9_26.dll
2008-03-07 21:59 . 2008-03-07 21:59 <DIR> d-------- C:\WINDOWS\system32\DLA
2008-03-07 21:59 . 2008-03-07 21:59 <DIR> d-------- C:\Program Files\Sonic
2008-03-07 21:59 . 2006-06-13 05:20 94,263 --a------ C:\WINDOWS\DLA.EXE
2008-03-07 21:59 . 2006-06-12 03:30 89,264 --a------ C:\WINDOWS\system32\drivers\DRVMCDB.SYS
2008-03-07 21:59 . 2006-06-13 05:20 61,500 --a------ C:\WINDOWS\system32\DLAAPI_W.DLL
2008-03-07 21:59 . 2006-03-17 05:20 40,544 --a------ C:\WINDOWS\system32\drivers\DRVNDDM.SYS
2008-03-07 21:59 . 2006-03-17 08:34 22,684 --a------ C:\WINDOWS\system32\drivers\DLARTL_N.SYS
2008-03-07 21:59 . 2006-03-17 08:35 5,660 --a------ C:\WINDOWS\system32\drivers\DLACDBHM.SYS
2008-03-07 21:58 . 2008-03-07 21:58 <DIR> d-------- C:\Drivers
2008-03-07 21:58 . 2006-10-30 13:46 299,923 --a------ C:\WINDOWS\system32\drivers\sonyhcs.sys
2008-03-07 21:58 . 2006-10-30 13:46 102,220 --a------ C:\WINDOWS\system32\drivers\sonypvs1.sys
2008-03-07 21:58 . 2006-10-30 13:46 53,248 --a------ C:\WINDOWS\system32\SONYHCY.DLL
2008-03-07 21:58 . 2006-10-30 13:46 38,739 --a------ C:\WINDOWS\system32\drivers\sonyhcc.sys
2008-03-07 21:58 . 2006-10-30 13:46 6,097 --a------ C:\WINDOWS\system32\drivers\sonyhcb.sys
2008-03-07 21:58 . 2006-10-30 13:46 3,654 --a------ C:\WINDOWS\system32\drivers\Sonyhcp.dll
2008-03-07 21:32 . 2008-03-07 21:32 <DIR> d-------- C:\Documents and Settings\pascale\Application Data\InstallShield
2008-03-04 05:41 . 2008-03-04 05:41 <DIR> d-------- C:\Program Files\Trend Micro
2008-03-04 02:45 . 2008-03-04 02:45 <DIR> d-------- C:\Program Files\Alwil Software
2008-03-04 02:45 . 2007-12-04 21:04 837,496 --a------ C:\WINDOWS\system32\aswBoot.exe
2008-03-04 02:45 . 2004-01-09 17:13 380,928 --a------ C:\WINDOWS\system32\actskin4.ocx
2008-03-04 02:45 . 2007-12-04 20:54 95,608 --a------ C:\WINDOWS\system32\AvastSS.scr
2008-03-04 02:45 . 2007-12-04 22:55 94,544 --a------ C:\WINDOWS\system32\drivers\aswmon2.sys
2008-03-04 02:45 . 2007-12-04 22:56 93,264 --a------ C:\WINDOWS\system32\drivers\aswmon.sys
2008-03-04 02:45 . 2007-12-04 22:51 42,912 --a------ C:\WINDOWS\system32\drivers\aswTdi.sys
2008-03-04 02:45 . 2007-12-04 22:49 26,624 --a------ C:\WINDOWS\system32\drivers\aavmker4.sys
2008-03-04 02:45 . 2007-12-04 22:53 23,152 --a------ C:\WINDOWS\system32\drivers\aswRdr.sys
2008-03-03 11:06 . 2008-03-03 11:06 <DIR> d-------- C:\Program Files\OpenOffice.org 2.3
2008-03-03 11:04 . 2007-09-24 23:31 69,632 --a------ C:\WINDOWS\system32\javacpl.cpl
2008-03-02 22:07 . 2004-08-04 00:56 90,624 --a------ C:\WINDOWS\system32\kswdmcap.ax
2008-03-02 21:14 . 2001-08-17 14:02 9,600 --a------ C:\WINDOWS\system32\drivers\hidusb.sys
2008-03-02 21:14 . 2001-08-17 14:02 9,600 --a--c--- C:\WINDOWS\system32\dllcache\hidusb.sys
2008-03-01 17:40 . 2008-03-01 17:40 <DIR> d-------- C:\Program Files\AnfyTeam
2008-02-24 02:17 . 2008-02-24 02:17 <DIR> d-------- C:\Program Files\PDFCreator Toolbar
2008-02-24 02:17 . 2004-03-09 00:00 662,288 --a------ C:\WINDOWS\system32\MSCOMCT2.OCX
2008-02-24 02:17 . 2008-02-24 02:17 253,116 --a------ C:\WINDOWS\PDFCreator_Toolbar_Uninstaller_9546.exe
2008-02-24 02:17 . 2005-10-15 12:32 196,608 --a------ C:\WINDOWS\system32\pdfcmnnt.dll
2008-02-24 02:17 . 1998-06-24 00:00 137,000 --a------ C:\WINDOWS\system32\MSMAPI32.OCX
2008-02-24 02:17 . 2008-02-24 02:17 14,290 --a------ C:\Program Files\settings.dat
2008-02-24 02:16 . 2008-02-24 02:18 <DIR> d-------- C:\Program Files\PDFCreator
2008-02-24 02:16 . 1998-07-13 01:08 141,312 --a------ C:\WINDOWS\system32\MSCMCFR.DLL
2008-02-24 02:16 . 1998-07-13 01:08 119,568 --a------ C:\WINDOWS\system32\VB6FR.DLL
2008-02-24 02:16 . 1998-07-13 01:08 59,904 --a------ C:\WINDOWS\system32\MSCC2FR.DLL
2008-02-24 02:16 . 1998-07-06 00:00 23,552 --a------ C:\WINDOWS\system32\MSMPIDE.DLL
2008-02-23 02:56 . 2008-02-23 02:57 <DIR> d-------- C:\Program Files\iTunes
2008-02-23 02:56 . 2008-02-23 02:56 <DIR> d-------- C:\Program Files\iPod
2008-02-21 15:27 . 2008-02-21 15:36 <DIR> d-------- C:\WINDOWS\system32\NtmsData
2008-02-15 16:13 . 2008-02-15 16:13 1,409 --a------ C:\WINDOWS\system32\PGTEXTJE.FOT
2008-02-15 16:13 . 2008-02-15 16:13 1,409 --a------ C:\WINDOWS\system32\PGTEXTJ_.FOT
2008-02-15 16:13 . 2008-02-15 16:13 1,409 --a------ C:\WINDOWS\system32\PGTEXT.FOT
2008-02-15 16:13 . 2008-02-15 16:13 1,409 --a------ C:\WINDOWS\system32\PGChords.FOT

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-03-12 10:33 --------- d-----w C:\Documents and Settings\All Users\Application Data\Symantec
2008-03-12 10:11 --------- d-----w C:\Program Files\Windows Live
2008-03-12 10:05 --------- d-----w C:\Program Files\Common Files\Symantec Shared
2008-03-11 00:08 --------- d-----w C:\Documents and Settings\pascale\Application Data\Skype
2008-03-07 14:15 --------- d-----w C:\Documents and Settings\pascale\Application Data\Sony Corporation
2008-03-07 14:03 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-03-07 13:39 --------- d-----w C:\Program Files\Sony
2008-03-03 03:04 --------- d-----w C:\Program Files\Java
2008-03-01 05:51 --------- d-----w C:\Documents and Settings\All Users\Application Data\WLInstaller
2008-02-09 17:26 --------- d-----w C:\Program Files\PowerTracks DirectX Plugins
2008-02-09 03:29 --------- d-----w C:\Program Files\QuickTime
2008-02-09 03:29 --------- d-----w C:\Program Files\Bonjour
2008-02-09 03:26 --------- d-----w C:\Program Files\Common Files\Apple
2008-02-09 03:26 --------- d-----w C:\Program Files\Apple Software Update
2008-02-09 03:26 --------- d-----w C:\Documents and Settings\All Users\Application Data\Apple
2008-02-09 02:32 --------- d-----w C:\Program Files\IObit
2008-02-08 12:42 --------- dcsh--w C:\Program Files\Common Files\WindowsLiveInstaller
2008-02-08 11:18 --------- d-----w C:\Program Files\FLV Player
2008-02-08 11:16 --------- d-----w C:\Documents and Settings\pascale\Application Data\vlc
2008-02-08 11:15 --------- d-----w C:\Program Files\Google
2008-02-08 11:14 --------- d-----w C:\Program Files\VideoLAN
2008-01-20 23:32 --------- d-----w C:\Program Files\Norton 360
2008-01-15 08:54 10,537 ----a-w C:\WINDOWS\system32\drivers\COH_Mon.cat
2008-01-15 04:28 706 ----a-w C:\WINDOWS\system32\drivers\COH_Mon.inf
2008-01-12 17:32 23,904 ----a-w C:\WINDOWS\system32\drivers\COH_Mon.sys
2007-03-20 13:53 184 ----a-w C:\Documents and Settings\pascale\Application Data\wklnhst.dat
.

((((((((((((((((((((((((((((( snapshot@2008-03-08_ 4.29.31.01 )))))))))))))))))))))))))))))))))))))))))
.
+ 2008-03-12 08:08:13 4,162 ----a-w C:\WINDOWS\SoftwareDistribution\EventCache\{C734A801-F721-49A9-889D-72E86B4F682C}.bin
+ 2008-03-12 11:16:25 16,384 ----atw C:\WINDOWS\Temp\Perflib_Perfdata_244.dat
+ 2008-03-12 11:16:15 16,384 ----atw C:\WINDOWS\Temp\Perflib_Perfdata_7cc.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{F0F8C2B1-A911-4b4e-B2AE-89B82DC81F15}]
2006-03-03 07:46 94208 --a------ C:\Program Files\SonySA\SrchAs\sySrcAs.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe" [2007-12-18 23:28 171448]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2006-02-28 20:00 15360]
"msnmsgr"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [ ]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Apoint"="C:\Program Files\Apoint\Apoint.exe" [2004-11-18 11:47 118784]
"SonyPowerCfg"="C:\Program Files\Sony\VAIO Power Management\SPMgr.exe" [2006-03-10 11:58 217088]
"VAIO Update 2"="C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe" [2005-10-12 12:36 151552]
"IntelZeroConfig"="C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe" [2006-08-02 15:38 802816]
"Biomenu"="C:\Program Files\Protector Suite QL\menusw.exe" [2006-02-23 09:10 1354240]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2008-01-31 23:13 385024]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 01:11 132496]
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-12-04 21:00 79224]
"DLA"="C:\WINDOWS\System32\DLA\DLACTRLW.EXE" [2006-06-13 05:20 127036]

C:\Documents and Settings\pascale\Start Menu\Programs\Startup\
Outil de d‚tection de support Picture Motion Browser.lnk - C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe [2008-03-07 21:40:18 368640]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\psfus]
fusstub.dll 2006-02-23 09:11 39936 C:\WINDOWS\system32\fusstub.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\VESWinlogon]
VESWinlogon.dll 2006-03-10 05:51 73728 C:\WINDOWS\system32\VESWinlogon.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Authentication Packages REG_MULTI_SZ msv1_0 nwprovau

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\DISC\\DISCover.exe"=
"C:\\Program Files\\DISC\\DiscStreamHub.exe"=
"C:\\Program Files\\DISC\\myFTP.exe"=
"C:\\Program Files\\Sony\\VAIO Media 5.0\\Vc.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Program Files\\Messenger\\msmsgs.exe"=
"C:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"C:\\Program Files\\iTunes\\iTunes.exe"=
"C:\\DOCUME~1\\pascale\\LOCALS~1\\Temp\\services.exe"=
"C:\\Program Files\\Skype\\Phone\\Skype.exe"=

R0 shpf;Sony HDD Protection Filter Driver;C:\WINDOWS\system32\DRIVERS\shpf.sys [2005-11-22 06:06]
R2 FdRedir;FdRedir;C:\Program Files\Common Files\Protector Suite QL\Drivers\FdRedir.sys [2006-02-23 09:13]
R2 FileDisk2;FileDisk Protector Kernel Driver;C:\Program Files\Common Files\Protector Suite QL\Drivers\filedisk.sys [2006-02-23 09:13]
R2 UxTuneUp;Extension de conception TuneUp;C:\WINDOWS\System32\svchost.exe [2006-02-28 20:00]
R3 IFXTPM;IFXTPM;C:\WINDOWS\system32\DRIVERS\IFXTPM.SYS [2005-10-22 03:19]
R3 NWADI;NWADI Bus Enumerator;C:\WINDOWS\system32\DRIVERS\NWADIenum.sys [2006-06-09 09:30]
R3 SPI;Sony Programmable I/O Control Device;C:\WINDOWS\system32\DRIVERS\SonyPI.sys [2003-06-19 08:12]
R3 TcUsb;TC USB Kernel Driver;C:\WINDOWS\system32\Drivers\tcusb.sys [2006-02-23 09:05]
R3 ti21sony;ti21sony;C:\WINDOWS\system32\drivers\ti21sony.sys [2006-02-22 10:32]
S3 Image Converter video recording monitor for VAIO Entertainment;Image Converter video recording monitor for VAIO Entertainment;C:\Program Files\Sony\Image Converter 2\IcVzMon.exe [2005-07-15 10:10]
S3 NWUSBPort2;Novatel Wireless USB Status2 Port Driver;C:\WINDOWS\system32\DRIVERS\nwusbser2.sys [2006-06-09 09:30]
S3 PCASp50;PCASp50 NDIS Protocol Driver;C:\WINDOWS\system32\Drivers\PCASp50.sys [2006-08-05 03:34]

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp

*Newly Created Service* - COMHOST
.
Contents of the 'Scheduled Tasks' folder
"2008-02-09 03:27:10 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
"2008-03-07 09:17:19 C:\WINDOWS\Tasks\Maintenance en 1 clic.job"
- C:\Program Files\TuneUp Utilities 2007\SystemOptimizer.exe
.
**************************************************************************

catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-03-12 19:17:21
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

? [2924]

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
------------------------ Other Running Processes ------------------------
.
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTBCM\Binn\sqlservr.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
C:\Program Files\Sony\SmartWi Connection Utility\SmartWiService.exe
C:\WINDOWS\system32\igfxext.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Apoint\Apntex.exe
.
**************************************************************************
.
Completion time: 2008-03-12 19:19:57 - machine was rebooted
ComboFix-quarantined-files.txt 2008-03-12 11:19:53
ComboFix2.txt 2008-03-12 09:10:21
ComboFix3.txt 2008-03-07 20:29:50
.
2008-03-07 12:08:05 --- E O F ---

Naturellement je n'ai aucune idee de ce que ca veut dire .

Est ce que je peux reinstaller Windows Live Messenger .

Que dois-je faire d'autre pour me debarrasser de ce virus???

Merci encore de votre aide!

Tres cordialement.

pleyadier

Bonjour !

J'ai tout desactive: Firewall, Norton, Avast, Automatic Update...,
desinstalle Windows Live Messenger, passer Ccleaner et defragmente.

Refais MSNFix = suis pas arrive plus loin que les autres fois.

Refais Combofix 2 fois et voici le rapport :

ComboFix 08-03-07.1 - pascale 2008-03-12 19:11:28.5 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.556 [GMT 8:00]
Running from: C:\Documents and Settings\pascale\Desktop\ComboFix.exe

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

((((((((((((((((((((((((( Files Created from 2008-02-12 to 2008-03-12 )))))))))))))))))))))))))))))))
.

2008-03-10 05:15 . 2008-03-10 05:15 244 --ah----- C:\sqmnoopt03.sqm
2008-03-10 05:15 . 2008-03-10 05:15 232 --ah----- C:\sqmdata03.sqm
2008-03-10 05:11 . 2008-03-10 05:11 244 --ah----- C:\sqmnoopt02.sqm
2008-03-10 05:11 . 2008-03-10 05:11 232 --ah----- C:\sqmdata02.sqm
2008-03-10 05:09 . 2008-03-10 05:09 244 --ah----- C:\sqmnoopt01.sqm
2008-03-10 05:09 . 2008-03-10 05:09 232 --ah----- C:\sqmdata01.sqm
2008-03-10 05:00 . 2008-03-10 05:00 244 --ah----- C:\sqmnoopt00.sqm
2008-03-10 05:00 . 2008-03-10 05:00 232 --ah----- C:\sqmdata00.sqm
2008-03-07 22:03 . 2006-07-28 09:30 236,824 --a------ C:\WINDOWS\system32\xactengine2_3.dll
2008-03-07 22:03 . 2006-07-28 09:30 62,744 --a------ C:\WINDOWS\system32\xinput1_2.dll
2008-03-07 22:02 . 2005-05-26 15:34 2,297,552 --a------ C:\WINDOWS\system32\d3dx9_26.dll
2008-03-07 21:59 . 2008-03-07 21:59 <DIR> d-------- C:\WINDOWS\system32\DLA
2008-03-07 21:59 . 2008-03-07 21:59 <DIR> d-------- C:\Program Files\Sonic
2008-03-07 21:59 . 2006-06-13 05:20 94,263 --a------ C:\WINDOWS\DLA.EXE
2008-03-07 21:59 . 2006-06-12 03:30 89,264 --a------ C:\WINDOWS\system32\drivers\DRVMCDB.SYS
2008-03-07 21:59 . 2006-06-13 05:20 61,500 --a------ C:\WINDOWS\system32\DLAAPI_W.DLL
2008-03-07 21:59 . 2006-03-17 05:20 40,544 --a------ C:\WINDOWS\system32\drivers\DRVNDDM.SYS
2008-03-07 21:59 . 2006-03-17 08:34 22,684 --a------ C:\WINDOWS\system32\drivers\DLARTL_N.SYS
2008-03-07 21:59 . 2006-03-17 08:35 5,660 --a------ C:\WINDOWS\system32\drivers\DLACDBHM.SYS
2008-03-07 21:58 . 2008-03-07 21:58 <DIR> d-------- C:\Drivers
2008-03-07 21:58 . 2006-10-30 13:46 299,923 --a------ C:\WINDOWS\system32\drivers\sonyhcs.sys
2008-03-07 21:58 . 2006-10-30 13:46 102,220 --a------ C:\WINDOWS\system32\drivers\sonypvs1.sys
2008-03-07 21:58 . 2006-10-30 13:46 53,248 --a------ C:\WINDOWS\system32\SONYHCY.DLL
2008-03-07 21:58 . 2006-10-30 13:46 38,739 --a------ C:\WINDOWS\system32\drivers\sonyhcc.sys
2008-03-07 21:58 . 2006-10-30 13:46 6,097 --a------ C:\WINDOWS\system32\drivers\sonyhcb.sys
2008-03-07 21:58 . 2006-10-30 13:46 3,654 --a------ C:\WINDOWS\system32\drivers\Sonyhcp.dll
2008-03-07 21:32 . 2008-03-07 21:32 <DIR> d-------- C:\Documents and Settings\pascale\Application Data\InstallShield
2008-03-04 05:41 . 2008-03-04 05:41 <DIR> d-------- C:\Program Files\Trend Micro
2008-03-04 02:45 . 2008-03-04 02:45 <DIR> d-------- C:\Program Files\Alwil Software
2008-03-04 02:45 . 2007-12-04 21:04 837,496 --a------ C:\WINDOWS\system32\aswBoot.exe
2008-03-04 02:45 . 2004-01-09 17:13 380,928 --a------ C:\WINDOWS\system32\actskin4.ocx
2008-03-04 02:45 . 2007-12-04 20:54 95,608 --a------ C:\WINDOWS\system32\AvastSS.scr
2008-03-04 02:45 . 2007-12-04 22:55 94,544 --a------ C:\WINDOWS\system32\drivers\aswmon2.sys
2008-03-04 02:45 . 2007-12-04 22:56 93,264 --a------ C:\WINDOWS\system32\drivers\aswmon.sys
2008-03-04 02:45 . 2007-12-04 22:51 42,912 --a------ C:\WINDOWS\system32\drivers\aswTdi.sys
2008-03-04 02:45 . 2007-12-04 22:49 26,624 --a------ C:\WINDOWS\system32\drivers\aavmker4.sys
2008-03-04 02:45 . 2007-12-04 22:53 23,152 --a------ C:\WINDOWS\system32\drivers\aswRdr.sys
2008-03-03 11:06 . 2008-03-03 11:06 <DIR> d-------- C:\Program Files\OpenOffice.org 2.3
2008-03-03 11:04 . 2007-09-24 23:31 69,632 --a------ C:\WINDOWS\system32\javacpl.cpl
2008-03-02 22:07 . 2004-08-04 00:56 90,624 --a------ C:\WINDOWS\system32\kswdmcap.ax
2008-03-02 21:14 . 2001-08-17 14:02 9,600 --a------ C:\WINDOWS\system32\drivers\hidusb.sys
2008-03-02 21:14 . 2001-08-17 14:02 9,600 --a--c--- C:\WINDOWS\system32\dllcache\hidusb.sys
2008-03-01 17:40 . 2008-03-01 17:40 <DIR> d-------- C:\Program Files\AnfyTeam
2008-02-24 02:17 . 2008-02-24 02:17 <DIR> d-------- C:\Program Files\PDFCreator Toolbar
2008-02-24 02:17 . 2004-03-09 00:00 662,288 --a------ C:\WINDOWS\system32\MSCOMCT2.OCX
2008-02-24 02:17 . 2008-02-24 02:17 253,116 --a------ C:\WINDOWS\PDFCreator_Toolbar_Uninstaller_9546.exe
2008-02-24 02:17 . 2005-10-15 12:32 196,608 --a------ C:\WINDOWS\system32\pdfcmnnt.dll
2008-02-24 02:17 . 1998-06-24 00:00 137,000 --a------ C:\WINDOWS\system32\MSMAPI32.OCX
2008-02-24 02:17 . 2008-02-24 02:17 14,290 --a------ C:\Program Files\settings.dat
2008-02-24 02:16 . 2008-02-24 02:18 <DIR> d-------- C:\Program Files\PDFCreator
2008-02-24 02:16 . 1998-07-13 01:08 141,312 --a------ C:\WINDOWS\system32\MSCMCFR.DLL
2008-02-24 02:16 . 1998-07-13 01:08 119,568 --a------ C:\WINDOWS\system32\VB6FR.DLL
2008-02-24 02:16 . 1998-07-13 01:08 59,904 --a------ C:\WINDOWS\system32\MSCC2FR.DLL
2008-02-24 02:16 . 1998-07-06 00:00 23,552 --a------ C:\WINDOWS\system32\MSMPIDE.DLL
2008-02-23 02:56 . 2008-02-23 02:57 <DIR> d-------- C:\Program Files\iTunes
2008-02-23 02:56 . 2008-02-23 02:56 <DIR> d-------- C:\Program Files\iPod
2008-02-21 15:27 . 2008-02-21 15:36 <DIR> d-------- C:\WINDOWS\system32\NtmsData
2008-02-15 16:13 . 2008-02-15 16:13 1,409 --a------ C:\WINDOWS\system32\PGTEXTJE.FOT
2008-02-15 16:13 . 2008-02-15 16:13 1,409 --a------ C:\WINDOWS\system32\PGTEXTJ_.FOT
2008-02-15 16:13 . 2008-02-15 16:13 1,409 --a------ C:\WINDOWS\system32\PGTEXT.FOT
2008-02-15 16:13 . 2008-02-15 16:13 1,409 --a------ C:\WINDOWS\system32\PGChords.FOT

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-03-12 10:33 --------- d-----w C:\Documents and Settings\All Users\Application Data\Symantec
2008-03-12 10:11 --------- d-----w C:\Program Files\Windows Live
2008-03-12 10:05 --------- d-----w C:\Program Files\Common Files\Symantec Shared
2008-03-11 00:08 --------- d-----w C:\Documents and Settings\pascale\Application Data\Skype
2008-03-07 14:15 --------- d-----w C:\Documents and Settings\pascale\Application Data\Sony Corporation
2008-03-07 14:03 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-03-07 13:39 --------- d-----w C:\Program Files\Sony
2008-03-03 03:04 --------- d-----w C:\Program Files\Java
2008-03-01 05:51 --------- d-----w C:\Documents and Settings\All Users\Application Data\WLInstaller
2008-02-09 17:26 --------- d-----w C:\Program Files\PowerTracks DirectX Plugins
2008-02-09 03:29 --------- d-----w C:\Program Files\QuickTime
2008-02-09 03:29 --------- d-----w C:\Program Files\Bonjour
2008-02-09 03:26 --------- d-----w C:\Program Files\Common Files\Apple
2008-02-09 03:26 --------- d-----w C:\Program Files\Apple Software Update
2008-02-09 03:26 --------- d-----w C:\Documents and Settings\All Users\Application Data\Apple
2008-02-09 02:32 --------- d-----w C:\Program Files\IObit
2008-02-08 12:42 --------- dcsh--w C:\Program Files\Common Files\WindowsLiveInstaller
2008-02-08 11:18 --------- d-----w C:\Program Files\FLV Player
2008-02-08 11:16 --------- d-----w C:\Documents and Settings\pascale\Application Data\vlc
2008-02-08 11:15 --------- d-----w C:\Program Files\Google
2008-02-08 11:14 --------- d-----w C:\Program Files\VideoLAN
2008-01-20 23:32 --------- d-----w C:\Program Files\Norton 360
2008-01-15 08:54 10,537 ----a-w C:\WINDOWS\system32\drivers\COH_Mon.cat
2008-01-15 04:28 706 ----a-w C:\WINDOWS\system32\drivers\COH_Mon.inf
2008-01-12 17:32 23,904 ----a-w C:\WINDOWS\system32\drivers\COH_Mon.sys
2007-03-20 13:53 184 ----a-w C:\Documents and Settings\pascale\Application Data\wklnhst.dat
.

((((((((((((((((((((((((((((( snapshot@2008-03-08_ 4.29.31.01 )))))))))))))))))))))))))))))))))))))))))
.
+ 2008-03-12 08:08:13 4,162 ----a-w C:\WINDOWS\SoftwareDistribution\EventCache\{C734A801-F721-49A9-889D-72E86B4F682C}.bin
+ 2008-03-12 11:16:25 16,384 ----atw C:\WINDOWS\Temp\Perflib_Perfdata_244.dat
+ 2008-03-12 11:16:15 16,384 ----atw C:\WINDOWS\Temp\Perflib_Perfdata_7cc.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{F0F8C2B1-A911-4b4e-B2AE-89B82DC81F15}]
2006-03-03 07:46 94208 --a------ C:\Program Files\SonySA\SrchAs\sySrcAs.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe" [2007-12-18 23:28 171448]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2006-02-28 20:00 15360]
"msnmsgr"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [ ]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Apoint"="C:\Program Files\Apoint\Apoint.exe" [2004-11-18 11:47 118784]
"SonyPowerCfg"="C:\Program Files\Sony\VAIO Power Management\SPMgr.exe" [2006-03-10 11:58 217088]
"VAIO Update 2"="C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe" [2005-10-12 12:36 151552]
"IntelZeroConfig"="C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe" [2006-08-02 15:38 802816]
"Biomenu"="C:\Program Files\Protector Suite QL\menusw.exe" [2006-02-23 09:10 1354240]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2008-01-31 23:13 385024]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 01:11 132496]
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-12-04 21:00 79224]
"DLA"="C:\WINDOWS\System32\DLA\DLACTRLW.EXE" [2006-06-13 05:20 127036]

C:\Documents and Settings\pascale\Start Menu\Programs\Startup\
Outil de d‚tection de support Picture Motion Browser.lnk - C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe [2008-03-07 21:40:18 368640]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\psfus]
fusstub.dll 2006-02-23 09:11 39936 C:\WINDOWS\system32\fusstub.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\VESWinlogon]
VESWinlogon.dll 2006-03-10 05:51 73728 C:\WINDOWS\system32\VESWinlogon.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Authentication Packages REG_MULTI_SZ msv1_0 nwprovau

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\DISC\\DISCover.exe"=
"C:\\Program Files\\DISC\\DiscStreamHub.exe"=
"C:\\Program Files\\DISC\\myFTP.exe"=
"C:\\Program Files\\Sony\\VAIO Media 5.0\\Vc.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Program Files\\Messenger\\msmsgs.exe"=
"C:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"C:\\Program Files\\iTunes\\iTunes.exe"=
"C:\\DOCUME~1\\pascale\\LOCALS~1\\Temp\\services.exe"=
"C:\\Program Files\\Skype\\Phone\\Skype.exe"=

R0 shpf;Sony HDD Protection Filter Driver;C:\WINDOWS\system32\DRIVERS\shpf.sys [2005-11-22 06:06]
R2 FdRedir;FdRedir;C:\Program Files\Common Files\Protector Suite QL\Drivers\FdRedir.sys [2006-02-23 09:13]
R2 FileDisk2;FileDisk Protector Kernel Driver;C:\Program Files\Common Files\Protector Suite QL\Drivers\filedisk.sys [2006-02-23 09:13]
R2 UxTuneUp;Extension de conception TuneUp;C:\WINDOWS\System32\svchost.exe [2006-02-28 20:00]
R3 IFXTPM;IFXTPM;C:\WINDOWS\system32\DRIVERS\IFXTPM.SYS [2005-10-22 03:19]
R3 NWADI;NWADI Bus Enumerator;C:\WINDOWS\system32\DRIVERS\NWADIenum.sys [2006-06-09 09:30]
R3 SPI;Sony Programmable I/O Control Device;C:\WINDOWS\system32\DRIVERS\SonyPI.sys [2003-06-19 08:12]
R3 TcUsb;TC USB Kernel Driver;C:\WINDOWS\system32\Drivers\tcusb.sys [2006-02-23 09:05]
R3 ti21sony;ti21sony;C:\WINDOWS\system32\drivers\ti21sony.sys [2006-02-22 10:32]
S3 Image Converter video recording monitor for VAIO Entertainment;Image Converter video recording monitor for VAIO Entertainment;C:\Program Files\Sony\Image Converter 2\IcVzMon.exe [2005-07-15 10:10]
S3 NWUSBPort2;Novatel Wireless USB Status2 Port Driver;C:\WINDOWS\system32\DRIVERS\nwusbser2.sys [2006-06-09 09:30]
S3 PCASp50;PCASp50 NDIS Protocol Driver;C:\WINDOWS\system32\Drivers\PCASp50.sys [2006-08-05 03:34]

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp

*Newly Created Service* - COMHOST
.
Contents of the 'Scheduled Tasks' folder
"2008-02-09 03:27:10 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
"2008-03-07 09:17:19 C:\WINDOWS\Tasks\Maintenance en 1 clic.job"
- C:\Program Files\TuneUp Utilities 2007\SystemOptimizer.exe
.
**************************************************************************

catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-03-12 19:17:21
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

? [2924]

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
------------------------ Other Running Processes ------------------------
.
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTBCM\Binn\sqlservr.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
C:\Program Files\Sony\SmartWi Connection Utility\SmartWiService.exe
C:\WINDOWS\system32\igfxext.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Apoint\Apntex.exe
.
**************************************************************************
.
Completion time: 2008-03-12 19:19:57 - machine was rebooted
ComboFix-quarantined-files.txt 2008-03-12 11:19:53
ComboFix2.txt 2008-03-12 09:10:21
ComboFix3.txt 2008-03-07 20:29:50
.
2008-03-07 12:08:05 --- E O F ---

Naturellement je n'ai aucune idee de ce que ca veut dire .

Est ce que je peux reinstaller Windows Live Messenger .

Que dois-je faire d'autre pour me debarrasser de ce virus???

Merci encore de votre aide!

Tres cordialement.

pleyadier

Supprime ta version de MSNFix puis recommence la procédure.

Re bonjour !

Supprimer et re telecharger MSNFix 1.680 ,
tout desactive lancer MSNFix = meme resultat !

2 scanns avec HijackThis = @ rapports differents (en nombre de bytes) et combofix .

HijckThis rapport nr 1


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 9:00:11 PM, on 3/12/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTBCM\Binn\sqlservr.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
C:\Program Files\Apoint\Apoint.exe
C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
C:\Program Files\Sony\SmartWi Connection Utility\SmartWiService.exe
C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
C:\Program Files\Protector Suite QL\menusw.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\System32\DLA\DLACTRLW.EXE
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Apoint\Apntex.exe
C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://mysearch.myway.com/jsp/sonysidebar.jsp?p=SY
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 172.16.0.1:8080
R3 - URLSearchHook: (no name) - {F0F8C2B6-A911-4b4e-B2AE-89B82DC81F15} - C:\Program Files\SonySA\SrchAs\sySrcAs.dll
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,C:\DOCUME~1\pascale\LOCALS~1\Temp\services.exe
O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.5\NppBho.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: PDFCreator Toolbar Helper - {C451C08A-EC37-45DF-AAAD-18B51AB5E837} - C:\Program Files\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll
O2 - BHO: (no name) - {F0F8C2B1-A911-4b4e-B2AE-89B82DC81F15} - C:\Program Files\SonySA\SrchAs\sySrcAs.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: PDFCreator Toolbar - {31CF9EBE-5755-4A1D-AC25-2834D952D9B4} - C:\Program Files\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe
O4 - HKLM\..\Run: [SonyPowerCfg] C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
O4 - HKLM\..\Run: [Biomenu] "C:\Program Files\Protector Suite QL\menusw.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE
O4 - HKLM\..\Run: [Flash Media] C:\DOCUME~1\pascale\LOCALS~1\Temp\services.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Startup: Outil de détection de support Picture Motion Browser.lnk = C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O14 - IERESET.INF: START_PAGE_URL=http://www.sony.com/vaiopeople
O15 - Trusted Zone: http://*.trymedia.com (HKLM)
O16 - DPF: {02CF1781-EA91-4FA5-A200-646E8241987C} (VaioInfo.CMClass) - http://esupport.sony.com/VaioInfo.CAB
O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} (MySpace Uploader Control) - http://lads.myspace.com/upload/MySpaceUploader1006.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w2/resources/MSNPUpld.cab
O16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} (Symantec Download Manager) - https://webdl.symantec.com/activex/symdlmgr.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Image Converter video recording monitor for VAIO Entertainment - Sony Corporation - C:\Program Files\Sony\Image Converter 2\IcVzMon.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: SmartWiService - Sony Electronics, Inc - C:\Program Files\Sony\SmartWi Connection Utility\SmartWiService.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe
O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
O23 - Service: VAIO Media Integrated Server (VAIOMediaPlatform-IntegratedServer-AppServer) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe
O23 - Service: VAIO Media Integrated Server (HTTP) (VAIOMediaPlatform-IntegratedServer-HTTP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
O23 - Service: VAIO Media Integrated Server (UPnP) (VAIOMediaPlatform-IntegratedServer-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
O23 - Service: VAIO Media Gateway Server (VAIOMediaPlatform-Mobile-Gateway) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe
O23 - Service: VAIO Entertainment UPnP Client Adapter (Vcsw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
O23 - Service: VAIO Entertainment Database Service (VzCdbSvc) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
O23 - Service: VAIO Entertainment File Import Service (VzFw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe

--
End of file - 12324 bytes



HijackThis rapport nr 2


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 9:01:59 PM, on 3/12/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTBCM\Binn\sqlservr.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
C:\Program Files\Apoint\Apoint.exe
C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
C:\Program Files\Sony\SmartWi Connection Utility\SmartWiService.exe
C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
C:\Program Files\Protector Suite QL\menusw.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\System32\DLA\DLACTRLW.EXE
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Apoint\Apntex.exe
C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\WINDOWS\system32\NOTEPAD.EXE

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://mysearch.myway.com/jsp/sonysidebar.jsp?p=SY
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 172.16.0.1:8080
R3 - URLSearchHook: (no name) - {F0F8C2B6-A911-4b4e-B2AE-89B82DC81F15} - C:\Program Files\SonySA\SrchAs\sySrcAs.dll
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,C:\DOCUME~1\pascale\LOCALS~1\Temp\services.exe
O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.5\NppBho.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: PDFCreator Toolbar Helper - {C451C08A-EC37-45DF-AAAD-18B51AB5E837} - C:\Program Files\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll
O2 - BHO: (no name) - {F0F8C2B1-A911-4b4e-B2AE-89B82DC81F15} - C:\Program Files\SonySA\SrchAs\sySrcAs.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: PDFCreator Toolbar - {31CF9EBE-5755-4A1D-AC25-2834D952D9B4} - C:\Program Files\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe
O4 - HKLM\..\Run: [SonyPowerCfg] C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
O4 - HKLM\..\Run: [Biomenu] "C:\Program Files\Protector Suite QL\menusw.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE
O4 - HKLM\..\Run: [Flash Media] C:\DOCUME~1\pascale\LOCALS~1\Temp\services.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Startup: Outil de détection de support Picture Motion Browser.lnk = C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O14 - IERESET.INF: START_PAGE_URL=http://www.sony.com/vaiopeople
O15 - Trusted Zone: http://*.trymedia.com (HKLM)
O16 - DPF: {02CF1781-EA91-4FA5-A200-646E8241987C} (VaioInfo.CMClass) - http://esupport.sony.com/VaioInfo.CAB
O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} (MySpace Uploader Control) - http://lads.myspace.com/upload/MySpaceUploader1006.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w2/resources/MSNPUpld.cab
O16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} (Symantec Download Manager) - https://webdl.symantec.com/activex/symdlmgr.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Image Converter video recording monitor for VAIO Entertainment - Sony Corporation - C:\Program Files\Sony\Image Converter 2\IcVzMon.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: SmartWiService - Sony Electronics, Inc - C:\Program Files\Sony\SmartWi Connection Utility\SmartWiService.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe
O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
O23 - Service: VAIO Media Integrated Server (VAIOMediaPlatform-IntegratedServer-AppServer) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe
O23 - Service: VAIO Media Integrated Server (HTTP) (VAIOMediaPlatform-IntegratedServer-HTTP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
O23 - Service: VAIO Media Integrated Server (UPnP) (VAIOMediaPlatform-IntegratedServer-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
O23 - Service: VAIO Media Gateway Server (VAIOMediaPlatform-Mobile-Gateway) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe
O23 - Service: VAIO Entertainment UPnP Client Adapter (Vcsw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
O23 - Service: VAIO Entertainment Database Service (VzCdbSvc) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
O23 - Service: VAIO Entertainment File Import Service (VzFw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe

--
End of file - 12357 bytes


Rapport de Combofix:


ComboFix 08-03-07.1 - pascale 2008-03-12 21:04:26.6 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.607 [GMT 8:00]
Running from: C:\Documents and Settings\pascale\Desktop\ComboFix.exe

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

((((((((((((((((((((((((( Files Created from 2008-02-12 to 2008-03-12 )))))))))))))))))))))))))))))))
.

2008-03-12 20:58 . 2008-03-12 20:58 <DIR> d-------- C:\Program Files\MSNFix
2008-03-10 05:15 . 2008-03-10 05:15 244 --ah----- C:\sqmnoopt03.sqm
2008-03-10 05:15 . 2008-03-10 05:15 232 --ah----- C:\sqmdata03.sqm
2008-03-10 05:11 . 2008-03-10 05:11 244 --ah----- C:\sqmnoopt02.sqm
2008-03-10 05:11 . 2008-03-10 05:11 232 --ah----- C:\sqmdata02.sqm
2008-03-10 05:09 . 2008-03-10 05:09 244 --ah----- C:\sqmnoopt01.sqm
2008-03-10 05:09 . 2008-03-10 05:09 232 --ah----- C:\sqmdata01.sqm
2008-03-10 05:00 . 2008-03-10 05:00 244 --ah----- C:\sqmnoopt00.sqm
2008-03-10 05:00 . 2008-03-10 05:00 232 --ah----- C:\sqmdata00.sqm
2008-03-07 22:03 . 2006-07-28 09:30 236,824 --a------ C:\WINDOWS\system32\xactengine2_3.dll
2008-03-07 22:03 . 2006-07-28 09:30 62,744 --a------ C:\WINDOWS\system32\xinput1_2.dll
2008-03-07 22:02 . 2005-05-26 15:34 2,297,552 --a------ C:\WINDOWS\system32\d3dx9_26.dll
2008-03-07 21:59 . 2008-03-07 21:59 <DIR> d-------- C:\WINDOWS\system32\DLA
2008-03-07 21:59 . 2008-03-07 21:59 <DIR> d-------- C:\Program Files\Sonic
2008-03-07 21:59 . 2006-06-13 05:20 94,263 --a------ C:\WINDOWS\DLA.EXE
2008-03-07 21:59 . 2006-06-12 03:30 89,264 --a------ C:\WINDOWS\system32\drivers\DRVMCDB.SYS
2008-03-07 21:59 . 2006-06-13 05:20 61,500 --a------ C:\WINDOWS\system32\DLAAPI_W.DLL
2008-03-07 21:59 . 2006-03-17 05:20 40,544 --a------ C:\WINDOWS\system32\drivers\DRVNDDM.SYS
2008-03-07 21:59 . 2006-03-17 08:34 22,684 --a------ C:\WINDOWS\system32\drivers\DLARTL_N.SYS
2008-03-07 21:59 . 2006-03-17 08:35 5,660 --a------ C:\WINDOWS\system32\drivers\DLACDBHM.SYS
2008-03-07 21:58 . 2008-03-07 21:58 <DIR> d-------- C:\Drivers
2008-03-07 21:58 . 2006-10-30 13:46 299,923 --a------ C:\WINDOWS\system32\drivers\sonyhcs.sys
2008-03-07 21:58 . 2006-10-30 13:46 102,220 --a------ C:\WINDOWS\system32\drivers\sonypvs1.sys
2008-03-07 21:58 . 2006-10-30 13:46 53,248 --a------ C:\WINDOWS\system32\SONYHCY.DLL
2008-03-07 21:58 . 2006-10-30 13:46 38,739 --a------ C:\WINDOWS\system32\drivers\sonyhcc.sys
2008-03-07 21:58 . 2006-10-30 13:46 6,097 --a------ C:\WINDOWS\system32\drivers\sonyhcb.sys
2008-03-07 21:58 . 2006-10-30 13:46 3,654 --a------ C:\WINDOWS\system32\drivers\Sonyhcp.dll
2008-03-07 21:32 . 2008-03-07 21:32 <DIR> d-------- C:\Documents and Settings\pascale\Application Data\InstallShield
2008-03-04 05:41 . 2008-03-04 05:41 <DIR> d-------- C:\Program Files\Trend Micro
2008-03-04 02:45 . 2008-03-04 02:45 <DIR> d-------- C:\Program Files\Alwil Software
2008-03-04 02:45 . 2007-12-04 21:04 837,496 --a------ C:\WINDOWS\system32\aswBoot.exe
2008-03-04 02:45 . 2004-01-09 17:13 380,928 --a------ C:\WINDOWS\system32\actskin4.ocx
2008-03-04 02:45 . 2007-12-04 20:54 95,608 --a------ C:\WINDOWS\system32\AvastSS.scr
2008-03-04 02:45 . 2007-12-04 22:55 94,544 --a------ C:\WINDOWS\system32\drivers\aswmon2.sys
2008-03-04 02:45 . 2007-12-04 22:56 93,264 --a------ C:\WINDOWS\system32\drivers\aswmon.sys
2008-03-04 02:45 . 2007-12-04 22:51 42,912 --a------ C:\WINDOWS\system32\drivers\aswTdi.sys
2008-03-04 02:45 . 2007-12-04 22:49 26,624 --a------ C:\WINDOWS\system32\drivers\aavmker4.sys
2008-03-04 02:45 . 2007-12-04 22:53 23,152 --a------ C:\WINDOWS\system32\drivers\aswRdr.sys
2008-03-03 11:06 . 2008-03-03 11:06 <DIR> d-------- C:\Program Files\OpenOffice.org 2.3
2008-03-03 11:04 . 2007-09-24 23:31 69,632 --a------ C:\WINDOWS\system32\javacpl.cpl
2008-03-02 22:07 . 2004-08-04 00:56 90,624 --a------ C:\WINDOWS\system32\kswdmcap.ax
2008-03-02 21:14 . 2001-08-17 14:02 9,600 --a------ C:\WINDOWS\system32\drivers\hidusb.sys
2008-03-02 21:14 . 2001-08-17 14:02 9,600 --a--c--- C:\WINDOWS\system32\dllcache\hidusb.sys
2008-03-01 17:40 . 2008-03-01 17:40 <DIR> d-------- C:\Program Files\AnfyTeam
2008-02-24 02:17 . 2008-02-24 02:17 <DIR> d-------- C:\Program Files\PDFCreator Toolbar
2008-02-24 02:17 . 2004-03-09 00:00 662,288 --a------ C:\WINDOWS\system32\MSCOMCT2.OCX
2008-02-24 02:17 . 2008-02-24 02:17 253,116 --a------ C:\WINDOWS\PDFCreator_Toolbar_Uninstaller_9546.exe
2008-02-24 02:17 . 2005-10-15 12:32 196,608 --a------ C:\WINDOWS\system32\pdfcmnnt.dll
2008-02-24 02:17 . 1998-06-24 00:00 137,000 --a------ C:\WINDOWS\system32\MSMAPI32.OCX
2008-02-24 02:17 . 2008-02-24 02:17 14,290 --a------ C:\Program Files\settings.dat
2008-02-24 02:16 . 2008-02-24 02:18 <DIR> d-------- C:\Program Files\PDFCreator
2008-02-24 02:16 . 1998-07-13 01:08 141,312 --a------ C:\WINDOWS\system32\MSCMCFR.DLL
2008-02-24 02:16 . 1998-07-13 01:08 119,568 --a------ C:\WINDOWS\system32\VB6FR.DLL
2008-02-24 02:16 . 1998-07-13 01:08 59,904 --a------ C:\WINDOWS\system32\MSCC2FR.DLL
2008-02-24 02:16 . 1998-07-06 00:00 23,552 --a------ C:\WINDOWS\system32\MSMPIDE.DLL
2008-02-23 02:56 . 2008-02-23 02:57 <DIR> d-------- C:\Program Files\iTunes
2008-02-23 02:56 . 2008-02-23 02:56 <DIR> d-------- C:\Program Files\iPod
2008-02-21 15:27 . 2008-02-21 15:36 <DIR> d-------- C:\WINDOWS\system32\NtmsData
2008-02-15 16:13 . 2008-02-15 16:13 1,409 --a------ C:\WINDOWS\system32\PGTEXTJE.FOT
2008-02-15 16:13 . 2008-02-15 16:13 1,409 --a------ C:\WINDOWS\system32\PGTEXTJ_.FOT
2008-02-15 16:13 . 2008-02-15 16:13 1,409 --a------ C:\WINDOWS\system32\PGTEXT.FOT
2008-02-15 16:13 . 2008-02-15 16:13 1,409 --a------ C:\WINDOWS\system32\PGChords.FOT

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-03-12 12:35 --------- d-----w C:\Documents and Settings\All Users\Application Data\Symantec
2008-03-12 10:11 --------- d-----w C:\Program Files\Windows Live
2008-03-12 10:05 --------- d-----w C:\Program Files\Common Files\Symantec Shared
2008-03-11 00:08 --------- d-----w C:\Documents and Settings\pascale\Application Data\Skype
2008-03-07 14:15 --------- d-----w C:\Documents and Settings\pascale\Application Data\Sony Corporation
2008-03-07 14:03 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-03-07 13:39 --------- d-----w C:\Program Files\Sony
2008-03-03 03:04 --------- d-----w C:\Program Files\Java
2008-03-01 05:51 --------- d-----w C:\Documents and Settings\All Users\Application Data\WLInstaller
2008-02-09 17:26 --------- d-----w C:\Program Files\PowerTracks DirectX Plugins
2008-02-09 03:29 --------- d-----w C:\Program Files\QuickTime
2008-02-09 03:29 --------- d-----w C:\Program Files\Bonjour
2008-02-09 03:26 --------- d-----w C:\Program Files\Common Files\Apple
2008-02-09 03:26 --------- d-----w C:\Program Files\Apple Software Update
2008-02-09 03:26 --------- d-----w C:\Documents and Settings\All Users\Application Data\Apple
2008-02-09 02:32 --------- d-----w C:\Program Files\IObit
2008-02-08 12:42 --------- dcsh--w C:\Program Files\Common Files\WindowsLiveInstaller
2008-02-08 11:18 --------- d-----w C:\Program Files\FLV Player
2008-02-08 11:16 --------- d-----w C:\Documents and Settings\pascale\Application Data\vlc
2008-02-08 11:15 --------- d-----w C:\Program Files\Google
2008-02-08 11:14 --------- d-----w C:\Program Files\VideoLAN
2008-01-20 23:32 --------- d-----w C:\Program Files\Norton 360
2008-01-15 08:54 10,537 ----a-w C:\WINDOWS\system32\drivers\COH_Mon.cat
2008-01-15 04:28 706 ----a-w C:\WINDOWS\system32\drivers\COH_Mon.inf
2008-01-12 17:32 23,904 ----a-w C:\WINDOWS\system32\drivers\COH_Mon.sys
2007-03-20 13:53 184 ----a-w C:\Documents and Settings\pascale\Application Data\wklnhst.dat
.

((((((((((((((((((((((((((((( snapshot@2008-03-08_ 4.29.31.01 )))))))))))))))))))))))))))))))))))))))))
.
+ 2008-03-12 08:08:13 4,856 ----a-w C:\WINDOWS\SoftwareDistribution\EventCache\{C734A801-F721-49A9-889D-72E86B4F682C}.bin
+ 2008-03-12 13:09:35 16,384 ----atw C:\WINDOWS\Temp\Perflib_Perfdata_1bc.dat
+ 2008-03-12 13:09:21 16,384 ----atw C:\WINDOWS\Temp\Perflib_Perfdata_648.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{F0F8C2B1-A911-4b4e-B2AE-89B82DC81F15}]
2006-03-03 07:46 94208 --a------ C:\Program Files\SonySA\SrchAs\sySrcAs.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe" [2007-12-18 23:28 171448]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2006-02-28 20:00 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Apoint"="C:\Program Files\Apoint\Apoint.exe" [2004-11-18 11:47 118784]
"SonyPowerCfg"="C:\Program Files\Sony\VAIO Power Management\SPMgr.exe" [2006-03-10 11:58 217088]
"Biomenu"="C:\Program Files\Protector Suite QL\menusw.exe" [2006-02-23 09:10 1354240]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2008-01-31 23:13 385024]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 01:11 132496]
"DLA"="C:\WINDOWS\System32\DLA\DLACTRLW.EXE" [2006-06-13 05:20 127036]

C:\Documents and Settings\pascale\Start Menu\Programs\Startup\
Outil de d‚tection de support Picture Motion Browser.lnk - C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe [2008-03-07 21:40:18 368640]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\psfus]
fusstub.dll 2006-02-23 09:11 39936 C:\WINDOWS\system32\fusstub.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\VESWinlogon]
VESWinlogon.dll 2006-03-10 05:51 73728 C:\WINDOWS\system32\VESWinlogon.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Authentication Packages REG_MULTI_SZ msv1_0 nwprovau

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\DISC\\DISCover.exe"=
"C:\\Program Files\\DISC\\DiscStreamHub.exe"=
"C:\\Program Files\\DISC\\myFTP.exe"=
"C:\\Program Files\\Sony\\VAIO Media 5.0\\Vc.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Program Files\\Messenger\\msmsgs.exe"=
"C:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"C:\\Program Files\\iTunes\\iTunes.exe"=
"C:\\DOCUME~1\\pascale\\LOCALS~1\\Temp\\services.exe"=
"C:\\Program Files\\Skype\\Phone\\Skype.exe"=

R0 shpf;Sony HDD Protection Filter Driver;C:\WINDOWS\system32\DRIVERS\shpf.sys [2005-11-22 06:06]
R2 FdRedir;FdRedir;C:\Program Files\Common Files\Protector Suite QL\Drivers\FdRedir.sys [2006-02-23 09:13]
R2 FileDisk2;FileDisk Protector Kernel Driver;C:\Program Files\Common Files\Protector Suite QL\Drivers\filedisk.sys [2006-02-23 09:13]
R2 UxTuneUp;Extension de conception TuneUp;C:\WINDOWS\System32\svchost.exe [2006-02-28 20:00]
R3 IFXTPM;IFXTPM;C:\WINDOWS\system32\DRIVERS\IFXTPM.SYS [2005-10-22 03:19]
R3 NWADI;NWADI Bus Enumerator;C:\WINDOWS\system32\DRIVERS\NWADIenum.sys [2006-06-09 09:30]
R3 SPI;Sony Programmable I/O Control Device;C:\WINDOWS\system32\DRIVERS\SonyPI.sys [2003-06-19 08:12]
R3 TcUsb;TC USB Kernel Driver;C:\WINDOWS\system32\Drivers\tcusb.sys [2006-02-23 09:05]
R3 ti21sony;ti21sony;C:\WINDOWS\system32\drivers\ti21sony.sys [2006-02-22 10:32]
S3 Image Converter video recording monitor for VAIO Entertainment;Image Converter video recording monitor for VAIO Entertainment;C:\Program Files\Sony\Image Converter 2\IcVzMon.exe [2005-07-15 10:10]
S3 NWUSBPort2;Novatel Wireless USB Status2 Port Driver;C:\WINDOWS\system32\DRIVERS\nwusbser2.sys [2006-06-09 09:30]
S3 PCASp50;PCASp50 NDIS Protocol Driver;C:\WINDOWS\system32\Drivers\PCASp50.sys [2006-08-05 03:34]

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp

*Newly Created Service* - COMHOST
.
Contents of the 'Scheduled Tasks' folder
"2008-02-09 03:27:10 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
"2008-03-07 09:17:19 C:\WINDOWS\Tasks\Maintenance en 1 clic.job"
- C:\Program Files\TuneUp Utilities 2007\SystemOptimizer.exe
.
**************************************************************************

catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-03-12 21:10:09
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

? [172]

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
------------------------ Other Running Processes ------------------------
.
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTBCM\Binn\sqlservr.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
C:\Program Files\Sony\SmartWi Connection Utility\SmartWiService.exe
C:\WINDOWS\system32\igfxext.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Apoint\Apntex.exe
.
**************************************************************************
.
Completion time: 2008-03-12 21:12:52 - machine was rebooted
ComboFix-quarantined-files.txt 2008-03-12 13:12:48
ComboFix2.txt 2008-03-12 11:19:58
ComboFix3.txt 2008-03-12 09:10:21
ComboFix4.txt 2008-03-07 20:29:50
.
2008-03-07 12:08:05 --- E O F ---


Je n'y coprends absolument rien : comment sait on que c'est desinfecte ?


Merci encore de votre aide !!!

Tres cordialement .

pleyadier

Même rapport ?

Avec MSNFix je n'arrive jamais au point d'avoir un rapport et pour les autres HijackThis et Combofix je suis incapable de toutes facons d'interprete ces rapports , de voir si ils sont differents ou pas ... !
Et l'ordi devient de plus en plus lent ! ( Ou c'est moi qui devient de plus en plus speedy ?)

Que faire

Meci
pleyadier

Excuse moi, je voulais dire "Même rapport MSNFix qu'avant ?"

Je ne suis jamais arrive au point de voir ce rapport car MSNFix s'arrete sur cette fenetre bleue, et option "R" et "enter" ne donne rien d'autre, meme apres 45 mn !

Ok  

Désinstalle correctement Avast! pour le remplacer par AntiVir.
Pourquoi changer ? Avast! vs AntiVir

Fais un scan complet puis poste le rapport en fin d'analyse.
AIDE : Tutorial sur l'antivirus AntiVir Personal Edition Classic

Dois-je aussi desinstaller Norton ?

Oui si tu ne t'en sert plus