Forum Clubic

Problème "explorer.exe a rencontré un problème"

Bonjour à tous !
Alors voila, depuis quelque temps, quand je vais dans mon explorateur windows, au bout de quelques clic dans n’importe quel dossier, un message d’erreur apparait : “explorer.exe a rencontré un problème et doit fermer. Nous vous prions de nous excuser pour le désagrément encouru”
J’en ai parlé à un ami qui m’a conseillé de faire une analyse antivirus en ligne sur le site de Kaspersky, pour voir si c’était pas mon Nod32 qui ne jouait pas assez bien son rôle. Effectivement, Kaspersky a détecté 3 fichiers infectés : deux qui étaient dans mon dossier “infected” de Nod32, et un cheval de troie dans mon system32 : “Backdoor.Win32.VB.fnl” (pouvez vous m’indiquer la dangerosité d’un tel cheval de troie ?). Je l’ai donc supprimé grace à la version d’essai de Kaspersky en espérant que cela règlerait mon problème, mais rien, toujours le même souci. J’en ai donc reparlé à cet ami qui m’a conseillé de faire un Hijackthis et de le poster sur ce forum. Alors voila, en espérant que vous pourrez faire qq’chose, je vous le colle :

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:44:03, on 31/08/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Fichiers communs\InstallShield\UpdateService\ISUSPM.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\ALCWZRD.EXE
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\CTsvcCDA.EXE
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\lxcycoms.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = www.wanadoo.fr…
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.orange.fr…
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = go.microsoft.com…
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = go.microsoft.com…
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = go.microsoft.com…
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = go.microsoft.com…
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Lexmark Barre d’outils - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll
O2 - BHO: IeCatch5 Class - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\PROGRA~1\FlashGet\jccatch.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\ievkbd.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d’aide de l’Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: gFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\PROGRA~1\FlashGet\getflash.dll
O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\fgiebar.dll
O3 - Toolbar: Lexmark Barre d’outils - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM…\Run: [IMJPMIG8.1] “C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE” /Spoil /RemAdvDef /Migration32
O4 - HKLM…\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM…\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM…\Run: [Raccourci vers la page des propriétés de High Definition Audio] HDAudPropShortcut.exe
O4 - HKLM…\Run: [ATIPTA] C:\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM…\Run: [SunJavaUpdateSched] “C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe”
O4 - HKLM…\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
O4 - HKLM…\Run: [LXCYCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCYtime.dll,RunDLLEntry@16
O4 - HKLM…\Run: [ISUSPM] “C:\Program Files\Fichiers communs\InstallShield\UpdateService\ISUSPM.exe” -scheduler
O4 - HKLM…\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM…\Run: [AlcWzrd] ALCWZRD.EXE
O4 - HKLM…\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM…\Run: [TkBellExe] “C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe” -osboot
O4 - HKLM…\Run: [AppleSyncNotifier] C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM…\Run: [QuickTime Task] “C:\Program Files\QuickTime\QTTask.exe” -atboottime
O4 - HKLM…\Run: [AVP] “C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe”
O4 - HKCU…\Run: [BgMonitor
{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] “C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe”
O4 - HKCU…\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU…\Run: [msnmsgr] “C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe” /background
O4 - HKCU…\Run: [MSMSGS] “C:\Program Files\Messenger\msmsgs.exe” /background
O4 - HKCU…\Run: [RocketDock] “C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe”
O4 - HKCU…\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-19…\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User ‘SERVICE LOCAL’)
O4 - HKUS\S-1-5-20…\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User ‘SERVICE RÉSEAU’)
O4 - HKUS\S-1-5-18…\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User ‘SYSTEM’)
O4 - HKUS.DEFAULT…\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User ‘Default user’)
O4 - Startup: RocketDock.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O8 - Extra context menu item: E&xporter vers Microsoft Excel - C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE…
O8 - Extra context menu item: Transfert par Image Converter 3 - C:\PROGRAM FILES\SONY\IMAGE CONVERTER 3\menu.htm
O8 - Extra context menu item: Télécharger avec FlashGet - C:\Program Files\FlashGet\jc_link.htm
O8 - Extra context menu item: Télécharger tout avec FlashGet - C:\Program Files\FlashGet\jc_all.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra ‘Tools’ menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Statistiques de la protection du trafic Internet - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\SCIEPlgn.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe
O9 - Extra ‘Tools’ menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra ‘Tools’ menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra ‘Tools’ menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\fr.htm
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - messenger.zone.msn.com…
O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} (Creative Software AutoUpdate) - www.creative.com…
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - webscanner.kaspersky.fr…
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - messenger.zone.msn.com…
O16 - DPF: {2250C29C-C5E9-4F55-BE4E-01E45A40FCF1} (CMediaMix Object) - musicmix.messenger.msn.com…
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - messenger.zone.msn.com…
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - gfx1.mail.live.com…
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - messenger.zone.msn.com…
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - messenger.zone.msn.com…
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - messenger.zone.msn.com…
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - messenger.msn.com…
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - messenger.zone.msn.com…
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - messenger.zone.msn.com…
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - fpdownload2.macromedia.com…
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - messenger.zone.msn.com…
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - www.creative.com…
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - messenger.zone.msn.com…
O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Kaspersky Anti-Virus (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Image Converter SCSI Service (ICScsiSV) - Sony Corporation - C:\Program Files\Sony\IMAGE CONVERTER 3\ICScsiSV.exe
O23 - Service: IcVzMonLauncher - Sony Corporation - C:\Program Files\Sony\IMAGE CONVERTER 3\IcVzMonLauncher.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Image Converter video recording monitor for VAIO Entertainment - Sony Corporation - C:\Program Files\Sony\IMAGE CONVERTER 3\IcVzMon.exe
O23 - Service: lxcy_device - - C:\WINDOWS\system32\lxcycoms.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: MysqlInventime - Unknown owner - c:\mysql\bin\mysqld-nt.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: PACSPTISVR - Unknown owner - C:\Program Files\Fichiers communs\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: SonicStage Back-End Service - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SsBeSvc.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SSScsiSV.exe


End of file - 14041 bytes

Salut

Commence par suivre cette procédure puis colle tout les rapport :wink:

En fait je suis en train de refaire une analyse antivirus avec Kaspersky (je l’avais commencé avant ta réponse donc elle n’est pas faite en mode sans échec, j’espère que ça pose pas trop trop de problème), et je viens de remarquer qq’chose … En fait je me suis trompé quand je disais que ce message d’erreur apparait quand je clic sur n’importe quel dossier. Il n’apparait que quand je vais dans mon dossier, et que les icones sont en miniatures. Du moins je crois …

Ok continue a mode normal :wink:
Post le rapport a la fin

Salut, toute la procédure a été suivie. Finalement j’ai refait une analyse en mode sans échec cette nuit. Voici le rapport de cette analyse antivirus :

01/09/2008 05:03:59 Fin de la tâche
01/09/2008 04:32:24 Non réparés: not-a-virus:AdWare.Win32.BHO.ajt L:\Sandra\Doc\Divers\ftpexpert3.exe/data0108 Reporté
01/09/2008 04:32:21 Détectés: not-a-virus:AdWare.Win32.BHO.ajt L:\Sandra\Doc\Divers\ftpexpert3.exe/data0108
01/09/2008 04:26:22 Détectés: www.viruslist.com… C:\WINDOWS\system32\Macromed\Flash\Flash9e.ocx
01/09/2008 04:26:08 Détectés: www.viruslist.com… C:\WINDOWS\system32\kaspersky lab\kaspersky online scanner\kavwebscan.dll
01/09/2008 04:21:40 Détectés: www.viruslist.com… C:\WINDOWS\Installer{7FD7F10E-0666-4C9F-A0A8-422EA5E31C4C}\soffice.exe
01/09/2008 04:01:46 Détectés: www.viruslist.com… C:\program files\winamp\winamp.exe
01/09/2008 03:57:34 Détectés: www.viruslist.com… C:\program files\real\realplayer\realplay.exe
01/09/2008 03:57:00 Détectés: www.viruslist.com… C:\program files\Opera\Opera.exe
01/09/2008 03:54:34 Détectés: www.viruslist.com… C:\program files\OpenOffice.org 2.2\program\soffice.exe
01/09/2008 03:54:32 Détectés: www.viruslist.com… C:\program files\OpenOffice.org 2.2\program\soffice.bin
01/09/2008 03:40:05 Détectés: www.viruslist.com… C:\program files\mozilla thunderbird\thunderbird.exe
01/09/2008 02:43:54 Détectés: www.viruslist.com… C:\program files\Maple 9.5\jre\bin\eula.dll
01/09/2008 02:42:19 Détectés: www.viruslist.com… C:\program files\Java\jre1.6.0_05\bin\java.exe
01/09/2008 02:42:05 Détectés: www.viruslist.com… C:\program files\Java\jre1.6.0_03\bin\java.exe
01/09/2008 02:41:50 Détectés: www.viruslist.com… C:\program files\Java\jre1.6.0_02\bin\java.exe
01/09/2008 02:41:38 Détectés: www.viruslist.com… C:\program files\Java\jre1.6.0_01\bin\java.exe
01/09/2008 02:41:19 Détectés: www.viruslist.com… C:\program files\Java\jre1.5.0_05\bin\javaws.exe
01/09/2008 02:41:19 Détectés: www.viruslist.com… C:\program files\Java\jre1.5.0_05\bin\java.exe
01/09/2008 02:41:10 Détectés: www.viruslist.com… C:\program files\Java\j2re1.4.2_05\bin\eula.dll
01/09/2008 02:35:44 Détectés: www.viruslist.com… C:\program files\Fichiers communs\AOL\Flasha.ocx
01/09/2008 02:22:22 Détectés: www.viruslist.com… C:\program files\Adobe\Adobe Bridge CS3\browser\plugins\NPSWF32.dll
01/09/2008 01:49:29 Détectés: www.viruslist.com… C:\APPS\Inventime\j2re1.4.2\bin\eula.dll
01/09/2008 01:39:23 Détectés: www.viruslist.com… C:\program files\mozilla thunderbird\thunderbird.exe
01/09/2008 01:39:22 Détectés: www.viruslist.com… C:\WINDOWS\system32\kaspersky lab\kaspersky online scanner\kavwebscan.dll
01/09/2008 01:39:17 Détectés: www.viruslist.com… C:\program files\real\realplayer\realplay.exe
01/09/2008 01:37:45 Détectés: www.viruslist.com… C:\program files\winamp\winamp.exe
01/09/2008 01:36:42 Lancement de la tâche

Et voici le rapport de MBAM :

Malwarebytes’ Anti-Malware 1.25
Database version: 1102
Windows 5.1.2600 Service Pack 2

12:52:53 01/09/2008
mbam-log-09-01-2008 (12-52-53).txt

Scan type: Full Scan (C:|D:|E:|F:|G:|H:|I:|K:|L:|)
Objects scanned: 187687
Time elapsed: 1 hour(s), 3 minute(s), 9 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

P.S.: je rappelle que le bug ne survient que quand je vais dans mon dossier, et que l’affichage est en miniature
P.S.2: pourrais tu aussi me dire à quoi correspond le cheval de troie dont j’ai cité le nom dans mon premier message ?


Et voici le dernier hijackthis :

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:16:35, on 01/09/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Fichiers communs\InstallShield\UpdateService\ISUSPM.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\ALCWZRD.EXE
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\CTsvcCDA.EXE
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\lxcycoms.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Trend Micro\HijackThis\scan.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = www.wanadoo.fr…
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.orange.fr…
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = go.microsoft.com…
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = go.microsoft.com…
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = go.microsoft.com…
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = go.microsoft.com…
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Lexmark Barre d’outils - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll
O2 - BHO: IeCatch5 Class - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\PROGRA~1\FlashGet\jccatch.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\ievkbd.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d’aide de l’Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: gFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\PROGRA~1\FlashGet\getflash.dll
O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\fgiebar.dll
O3 - Toolbar: Lexmark Barre d’outils - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM…\Run: [IMJPMIG8.1] “C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE” /Spoil /RemAdvDef /Migration32
O4 - HKLM…\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM…\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM…\Run: [Raccourci vers la page des propriétés de High Definition Audio] HDAudPropShortcut.exe
O4 - HKLM…\Run: [ATIPTA] C:\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM…\Run: [SunJavaUpdateSched] “C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe”
O4 - HKLM…\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
O4 - HKLM…\Run: [LXCYCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCYtime.dll,RunDLLEntry@16
O4 - HKLM…\Run: [ISUSPM] “C:\Program Files\Fichiers communs\InstallShield\UpdateService\ISUSPM.exe” -scheduler
O4 - HKLM…\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM…\Run: [AlcWzrd] ALCWZRD.EXE
O4 - HKLM…\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM…\Run: [TkBellExe] “C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe” -osboot
O4 - HKLM…\Run: [AppleSyncNotifier] C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM…\Run: [QuickTime Task] “C:\Program Files\QuickTime\QTTask.exe” -atboottime
O4 - HKLM…\Run: [AVP] “C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe”
O4 - HKCU…\Run: [BgMonitor
{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] “C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe”
O4 - HKCU…\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU…\Run: [msnmsgr] “C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe” /background
O4 - HKCU…\Run: [MSMSGS] “C:\Program Files\Messenger\msmsgs.exe” /background
O4 - HKCU…\Run: [RocketDock] “C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe”
O4 - HKCU…\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-19…\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User ‘SERVICE LOCAL’)
O4 - HKUS\S-1-5-20…\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User ‘SERVICE RÉSEAU’)
O4 - HKUS\S-1-5-18…\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User ‘SYSTEM’)
O4 - HKUS.DEFAULT…\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User ‘Default user’)
O4 - Startup: RocketDock.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O8 - Extra context menu item: E&xporter vers Microsoft Excel - C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE…
O8 - Extra context menu item: Transfert par Image Converter 3 - C:\PROGRAM FILES\SONY\IMAGE CONVERTER 3\menu.htm
O8 - Extra context menu item: Télécharger avec FlashGet - C:\Program Files\FlashGet\jc_link.htm
O8 - Extra context menu item: Télécharger tout avec FlashGet - C:\Program Files\FlashGet\jc_all.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra ‘Tools’ menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Statistiques de la protection du trafic Internet - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\SCIEPlgn.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe
O9 - Extra ‘Tools’ menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra ‘Tools’ menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra ‘Tools’ menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\fr.htm
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - messenger.zone.msn.com…
O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} (Creative Software AutoUpdate) - www.creative.com…
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - webscanner.kaspersky.fr…
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - messenger.zone.msn.com…
O16 - DPF: {2250C29C-C5E9-4F55-BE4E-01E45A40FCF1} (CMediaMix Object) - musicmix.messenger.msn.com…
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - messenger.zone.msn.com…
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - gfx1.mail.live.com…
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - messenger.zone.msn.com…
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - messenger.zone.msn.com…
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - messenger.zone.msn.com…
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - messenger.msn.com…
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - messenger.zone.msn.com…
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - messenger.zone.msn.com…
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - fpdownload2.macromedia.com…
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - messenger.zone.msn.com…
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - www.creative.com…
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - messenger.zone.msn.com…
O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Kaspersky Anti-Virus (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Image Converter SCSI Service (ICScsiSV) - Sony Corporation - C:\Program Files\Sony\IMAGE CONVERTER 3\ICScsiSV.exe
O23 - Service: IcVzMonLauncher - Sony Corporation - C:\Program Files\Sony\IMAGE CONVERTER 3\IcVzMonLauncher.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Image Converter video recording monitor for VAIO Entertainment - Sony Corporation - C:\Program Files\Sony\IMAGE CONVERTER 3\IcVzMon.exe
O23 - Service: lxcy_device - - C:\WINDOWS\system32\lxcycoms.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: MysqlInventime - Unknown owner - c:\mysql\bin\mysqld-nt.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: PACSPTISVR - Unknown owner - C:\Program Files\Fichiers communs\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: SonicStage Back-End Service - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SsBeSvc.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SSScsiSV.exe


End of file - 14099 bytes

A tu supprimer c’est 2 adware?

Met a jours c’est programmes :wink:

Désactive tes protection
Utilise combofix,laisse travailler et colle le rapport

Oui j’ai supprimé tout ce que Kaspersky m’avait conseillé de supprimer. Voici mon rapport Combofix (dsl de poster si tard, mais je ne suis pas là la semaine … :-/ ) :

ComboFix 08-09-05.02 - user 2008-09-07 12:18:30.1 - NTFSx86
Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.198 [GMT 2:00]
Endroit: C:\Documents and Settings\user\Bureau\ComboFix.exe

  • Création d’un nouveau point de restauration
    .

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Program Files\internet explorer\iekey.dll
C:\WINDOWS\system32\MSINET.oca
L:\Autorun.inf

.
((((((((((((((((((((((((((((( Fichiers cr??s 2008-08-07 to 2008-09-07 ))))))))))))))))))))))))))))))))))))
.

2008-09-05 16:36 . 2008-09-05 16:53 d-------- C:\WINDOWS\system32\CatRoot_bak
2008-09-01 12:11 . 2008-09-01 12:11 d-------- C:\Documents and Settings\Administrateur\Application Data\DivX
2008-09-01 11:58 . 2008-09-01 11:58 d-------- C:\Documents and Settings\Administrateur\Contacts
2008-09-01 11:57 . 2008-09-01 11:57 268 --ah----- C:\sqmdata00.sqm
2008-09-01 11:57 . 2008-09-01 11:57 244 --ah----- C:\sqmnoopt00.sqm
2008-09-01 11:41 . 2008-09-01 11:41 d-------- C:\Documents and Settings\Administrateur\Application Data\Malwarebytes
2008-09-01 11:37 . 2008-09-01 11:37 d-------- C:\Program Files\Malwarebytes’ Anti-Malware
2008-09-01 11:37 . 2008-09-01 11:37 d-------- C:\Documents and Settings\user\Application Data\Malwarebytes
2008-09-01 11:37 . 2008-09-01 11:37 d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-09-01 11:37 . 2008-08-17 15:01 38,472 --a------ C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2008-09-01 11:37 . 2008-08-17 15:01 17,144 --a------ C:\WINDOWS\system32\drivers\mbam.sys
2008-09-01 11:32 . 2008-09-01 11:33 d-------- C:\WINDOWS\Packs
2008-08-31 16:50 . 2004-08-04 00:54 116,736 --a------ C:\WINDOWS\system32\dllcache\xrxwiadr.dll
2008-08-31 16:50 . 2001-08-23 17:47 99,865 --a------ C:\WINDOWS\system32\dllcache\xlog.exe
2008-08-31 16:50 . 2001-08-23 17:47 27,648 --a------ C:\WINDOWS\system32\dllcache\xrxftplt.exe
2008-08-31 16:50 . 2001-08-23 17:47 23,040 --a------ C:\WINDOWS\system32\dllcache\xrxwbtmp.dll
2008-08-31 16:50 . 2001-08-23 17:47 17,408 --a------ C:\WINDOWS\system32\dllcache\xrxscnui.dll
2008-08-31 16:50 . 2001-08-23 17:47 4,608 --a------ C:\WINDOWS\system32\dllcache\xrxflnch.exe
2008-08-31 16:49 . 2004-08-03 22:31 154,624 --a------ C:\WINDOWS\system32\dllcache\wlluc48.sys
2008-08-31 16:49 . 2001-08-23 17:05 35,402 --a------ C:\WINDOWS\system32\dllcache\wlandrv2.sys
2008-08-31 16:49 . 2004-08-03 22:29 19,455 --a------ C:\WINDOWS\system32\dllcache\wvchntxx.sys
2008-08-31 16:49 . 2004-08-03 23:10 19,328 --a------ C:\WINDOWS\system32\dllcache\wstcodec.sys
2008-08-31 16:49 . 2001-08-17 20:11 16,970 --a------ C:\WINDOWS\system32\dllcache\xem336n5.sys
2008-08-31 16:49 . 2004-08-03 22:29 12,063 --a------ C:\WINDOWS\system32\dllcache\wsiintxx.sys
2008-08-31 16:49 . 2004-08-03 23:07 8,832 --a------ C:\WINDOWS\system32\dllcache\wmiacpi.sys
2008-08-31 16:49 . 2004-08-04 00:54 8,192 --a------ C:\WINDOWS\system32\dllcache\wshirda.dll
2008-08-31 16:47 . 2001-08-17 21:28 64,605 --a------ C:\WINDOWS\system32\dllcache\vvoice.sys
2008-08-31 16:46 . 2001-08-17 21:28 765,884 --a------ C:\WINDOWS\system32\dllcache\usrti.sys
2008-08-31 16:46 . 2001-08-17 21:28 687,999 --a------ C:\WINDOWS\system32\dllcache\usrwdxjs.sys
2008-08-31 16:46 . 2001-08-17 21:28 604,253 --a------ C:\WINDOWS\system32\dllcache\vmodem.sys
2008-08-31 16:46 . 2001-08-17 21:28 397,502 --a------ C:\WINDOWS\system32\dllcache\vpctcom.sys
2008-08-31 16:46 . 2001-08-17 20:14 249,402 --a------ C:\WINDOWS\system32\dllcache\vinwm.sys
2008-08-31 16:46 . 2004-08-04 00:54 54,784 --a------ C:\WINDOWS\system32\dllcache\vfwwdm32.dll
2008-08-31 16:46 . 2004-08-04 00:55 28,672 --a------ C:\WINDOWS\system32\dllcache\vidcap.ax
2008-08-31 16:46 . 2001-08-17 21:49 24,576 --a------ C:\WINDOWS\system32\dllcache\viairda.sys
2008-08-31 16:46 . 2004-08-04 00:54 11,325 --a------ C:\WINDOWS\system32\dllcache\vchnt5.dll
2008-08-31 16:44 . 2001-08-23 17:47 94,720 --a------ C:\WINDOWS\system32\dllcache\umaxud32.dll
2008-08-31 16:44 . 2001-08-23 17:47 70,144 --a------ C:\WINDOWS\system32\dllcache\umaxu12.dll
2008-08-31 16:44 . 2001-08-23 17:47 50,688 --a------ C:\WINDOWS\system32\dllcache\umaxscan.dll
2008-08-31 16:44 . 2001-08-23 17:47 50,688 --a------ C:\WINDOWS\system32\dllcache\umaxp60.dll
2008-08-31 16:44 . 2001-08-23 17:47 28,672 --a------ C:\WINDOWS\system32\dllcache\umaxu40.dll
2008-08-31 16:44 . 2001-08-23 17:47 27,136 --a------ C:\WINDOWS\system32\dllcache\umaxu22.dll
2008-08-31 16:44 . 2001-08-17 21:58 22,912 --a------ C:\WINDOWS\system32\dllcache\umaxpcls.sys
2008-08-31 16:43 . 2001-08-23 17:47 525,568 --a------ C:\WINDOWS\system32\dllcache\tridxp.dll
2008-08-31 16:43 . 2001-08-23 17:47 216,576 --a------ C:\WINDOWS\system32\dllcache\um34scan.dll
2008-08-31 16:43 . 2001-08-23 17:47 212,480 --a------ C:\WINDOWS\system32\dllcache\um54scan.dll
2008-08-31 16:43 . 2001-08-17 20:51 166,784 --a------ C:\WINDOWS\system32\dllcache\tridxpm.sys
2008-08-31 16:43 . 2001-08-23 17:47 47,616 --a------ C:\WINDOWS\system32\dllcache\umaxcam.dll
2008-08-31 16:43 . 2004-08-03 23:07 44,672 --a------ C:\WINDOWS\system32\dllcache\uagp35.sys
2008-08-31 16:43 . 2004-08-05 14:00 14,336 --a------ C:\WINDOWS\system32\dllcache\tsprof.exe
2008-08-31 16:43 . 2001-08-17 21:48 11,520 --a------ C:\WINDOWS\system32\dllcache\twotrack.sys
2008-08-31 16:42 . 2001-08-23 17:46 440,576 --a------ C:\WINDOWS\system32\dllcache\tridkb.dll
2008-08-31 16:42 . 2001-08-23 17:46 315,520 --a------ C:\WINDOWS\system32\dllcache\trid3d.dll
2008-08-31 16:42 . 2001-08-17 20:51 222,336 --a------ C:\WINDOWS\system32\dllcache\trid3dm.sys
2008-08-31 16:42 . 2001-08-17 20:51 159,232 --a------ C:\WINDOWS\system32\dllcache\tridkbm.sys
2008-08-31 16:42 . 2004-08-04 00:55 82,432 --a------ C:\WINDOWS\system32\dllcache\tp4mon.exe
2008-08-31 16:42 . 2001-08-23 17:46 43,520 --a------ C:\WINDOWS\system32\dllcache\tp4res.dll
2008-08-31 16:42 . 2001-08-17 20:12 34,375 --a------ C:\WINDOWS\system32\dllcache\tpro4.sys
2008-08-31 16:42 . 2001-08-23 17:47 31,744 --a------ C:\WINDOWS\system32\dllcache\tp4.dll
2008-08-31 16:41 . 2001-08-17 22:01 241,664 --a------ C:\WINDOWS\system32\dllcache\tosdvd02.sys
2008-08-31 16:41 . 2001-08-17 22:02 230,912 --a------ C:\WINDOWS\system32\dllcache\tosdvd03.sys
2008-08-31 16:41 . 2004-08-03 23:00 149,376 --a------ C:\WINDOWS\system32\dllcache\tffsport.sys
2008-08-31 16:41 . 2001-08-17 20:51 138,528 --a------ C:\WINDOWS\system32\dllcache\tgiulnt5.sys
2008-08-31 16:41 . 2001-08-17 20:14 123,995 --a------ C:\WINDOWS\system32\dllcache\tjisdn.sys
2008-08-31 16:41 . 2001-08-23 17:46 81,408 --a------ C:\WINDOWS\system32\dllcache\tgiul50.dll
2008-08-31 16:41 . 2001-08-17 20:10 28,232 --a------ C:\WINDOWS\system32\dllcache\tos4mo.sys
2008-08-31 16:40 . 2001-08-17 20:13 37,961 --a------ C:\WINDOWS\system32\dllcache\tdk100b.sys
2008-08-31 16:40 . 2001-08-17 20:50 36,640 --a------ C:\WINDOWS\system32\dllcache\t2r4mini.sys
2008-08-31 16:40 . 2001-08-17 21:49 30,464 --a------ C:\WINDOWS\system32\dllcache\tbatm155.sys
2008-08-31 16:40 . 2004-08-05 14:00 21,896 --a------ C:\WINDOWS\system32\dllcache\tdipx.sys
2008-08-31 16:40 . 2004-08-05 14:00 19,464 --a------ C:\WINDOWS\system32\dllcache\tdspx.sys
2008-08-31 16:40 . 2001-08-17 20:13 17,129 --a------ C:\WINDOWS\system32\dllcache\tdkcd31.sys
2008-08-31 16:40 . 2004-08-05 14:00 13,192 --a------ C:\WINDOWS\system32\dllcache\tdasync.sys
2008-08-31 16:40 . 2001-08-17 21:52 7,040 --a------ C:\WINDOWS\system32\dllcache\tandqic.sys
2008-08-31 16:39 . 2001-08-23 17:46 172,768 --a------ C:\WINDOWS\system32\dllcache\t2r4disp.dll
2008-08-31 16:39 . 2001-08-17 21:50 103,936 --a------ C:\WINDOWS\system32\dllcache\sx.sys
2008-08-31 16:39 . 2001-08-23 17:47 94,293 --a------ C:\WINDOWS\system32\dllcache\sxports.dll
2008-08-31 16:39 . 2001-08-23 17:47 53,760 --a------ C:\WINDOWS\system32\dllcache\sw_wheel.dll
2008-08-31 16:39 . 2001-08-23 17:47 10,240 --a------ C:\WINDOWS\system32\dllcache\swpidflt.dll
2008-08-31 16:39 . 2001-08-23 17:47 10,240 --a------ C:\WINDOWS\system32\dllcache\swpdflt2.dll
2008-08-31 16:39 . 2001-08-17 22:02 3,968 --a------ C:\WINDOWS\system32\dllcache\swusbflt.sys
2008-08-31 16:38 . 2001-08-23 16:57 286,848 --a------ C:\WINDOWS\system32\dllcache\stlnata.sys
2008-08-31 16:38 . 2001-08-23 17:47 155,648 --a------ C:\WINDOWS\system32\dllcache\stlnprop.dll
2008-08-31 16:38 . 2004-08-05 14:00 101,888 --a------ C:\WINDOWS\system32\dllcache\srusbusd.dll
2008-08-31 16:38 . 2001-08-23 17:47 99,840 --a------ C:\WINDOWS\system32\dllcache\srusd.dll
2008-08-31 16:38 . 2001-08-23 17:47 53,248 --a------ C:\WINDOWS\system32\dllcache\stlncoin.dll
2008-08-31 16:38 . 2001-08-17 20:11 48,736 --a------ C:\WINDOWS\system32\dllcache\srwlnd5.sys
2008-08-31 16:38 . 2001-08-23 17:47 41,472 --a------ C:\WINDOWS\system32\dllcache\sw_effct.dll
2008-08-31 16:38 . 2001-08-23 16:57 17,024 --a------ C:\WINDOWS\system32\dllcache\stcusb.sys
2008-08-31 16:38 . 2004-08-03 23:10 15,360 --a------ C:\WINDOWS\system32\dllcache\streamip.sys
2008-08-31 16:37 . 2001-08-23 17:47 114,688 --a------ C:\WINDOWS\system32\dllcache\sonypi.dll
2008-08-31 16:37 . 2001-08-23 17:47 106,584 --a------ C:\WINDOWS\system32\dllcache\spdports.dll
2008-08-31 16:37 . 2001-08-17 21:51 61,824 --a------ C:\WINDOWS\system32\dllcache\speed.sys
2008-08-31 16:37 . 2001-08-17 20:51 37,040 --a------ C:\WINDOWS\system32\dllcache\sonypi.sys
2008-08-31 16:37 . 2001-08-23 17:47 24,660 --a------ C:\WINDOWS\system32\dllcache\spxupchk.dll
2008-08-31 16:37 . 2001-08-17 20:51 20,752 --a------ C:\WINDOWS\system32\dllcache\sonync.sys
2008-08-31 16:37 . 2001-08-17 21:53 9,600 --a------ C:\WINDOWS\system32\dllcache\sonymc.sys
2008-08-31 16:37 . 2001-08-17 21:56 7,552 --a------ C:\WINDOWS\system32\dllcache\sonypvu1.sys
2008-08-31 16:37 . 2004-08-03 23:00 7,552 --a------ C:\WINDOWS\system32\dllcache\sonyait.sys
2008-08-31 16:37 . 2001-08-17 21:53 7,040 --a------ C:\WINDOWS\system32\dllcache\snyaitmc.sys
2008-08-31 16:35 . 2001-08-23 17:47 238,592 --a------ C:\WINDOWS\system32\dllcache\sisgrv.dll
2008-08-31 16:34 . 2001-08-23 17:46 252,032 --a------ C:\WINDOWS\system32\dllcache\sis300iv.dll
2008-08-31 16:34 . 2001-08-23 17:21 161,664 --a------ C:\WINDOWS\system32\dllcache\sgsmusb.sys
2008-08-31 16:34 . 2001-08-23 17:46 150,144 --a------ C:\WINDOWS\system32\dllcache\sis6306v.dll
2008-08-31 16:34 . 2001-08-17 20:50 104,064 --a------ C:\WINDOWS\system32\dllcache\sisgrp.sys
2008-08-31 16:34 . 2001-08-17 20:50 101,760 --a------ C:\WINDOWS\system32\dllcache\sis300ip.sys
2008-08-31 16:34 . 2001-08-17 20:51 98,080 --a------ C:\WINDOWS\system32\dllcache\sgiulnt5.sys
2008-08-31 16:34 . 2001-08-17 20:50 68,608 --a------ C:\WINDOWS\system32\dllcache\sis6306p.sys
2008-08-31 16:34 . 2004-08-05 14:00 18,944 --a------ C:\WINDOWS\system32\dllcache\simptcp.dll
2008-08-31 16:34 . 2001-07-21 22:29 18,400 --a------ C:\WINDOWS\system32\dllcache\sgsmld.sys
2008-08-31 16:34 . 2004-08-04 00:54 3,901 --a------ C:\WINDOWS\system32\dllcache\siint5.dll
2008-08-31 16:32 . 2001-08-23 17:47 495,616 --a------ C:\WINDOWS\system32\dllcache\sblfx.dll
2008-08-31 16:32 . 2001-08-23 17:46 245,632 --a------ C:\WINDOWS\system32\dllcache\s3savmx.dll
2008-08-31 16:32 . 2001-08-23 17:46 198,400 --a------ C:\WINDOWS\system32\dllcache\s3sav4.dll
2008-08-31 16:32 . 2001-08-23 17:46 179,264 --a------ C:\WINDOWS\system32\dllcache\s3sav3d.dll
2008-08-31 16:32 . 2001-08-17 20:50 77,824 --a------ C:\WINDOWS\system32\dllcache\s3sav4m.sys
2008-08-31 16:32 . 2001-08-17 20:50 75,392 --a------ C:\WINDOWS\system32\dllcache\s3savmxm.sys
2008-08-31 16:32 . 2001-08-17 20:50 61,504 --a------ C:\WINDOWS\system32\dllcache\s3sav3dm.sys
2008-08-31 16:32 . 2004-08-03 22:59 43,136 --a------ C:\WINDOWS\system32\dllcache\sbp2port.sys
2008-08-31 16:32 . 2001-08-23 17:20 24,064 --a------ C:\WINDOWS\system32\dllcache\sccmn50m.sys
2008-08-31 16:32 . 2001-08-17 21:51 23,936 --a------ C:\WINDOWS\system32\dllcache\sccmusbm.sys
2008-08-31 16:30 . 2001-08-23 17:47 86,097 --a------ C:\WINDOWS\system32\dllcache\reslog32.dll
2008-08-31 16:29 . 2001-08-23 17:18 899,914 --a------ C:\WINDOWS\system32\dllcache\r2mdkxga.sys
2008-08-31 16:29 . 2001-08-23 17:18 715,530 --a------ C:\WINDOWS\system32\dllcache\r2mdmkxx.sys
2008-08-31 16:29 . 2001-08-17 21:28 130,942 --a------ C:\WINDOWS\system32\dllcache\ptserlv.sys

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-09-07 10:27 --------- d-----w C:\Program Files\lx_cats
2008-09-06 13:48 --------- d-----w C:\Program Files\eMule
2008-09-06 12:12 --------- d-----w C:\Documents and Settings\user\Application Data\utorrent
2008-09-04 18:53 --------- d-----w C:\Program Files\Mozilla Thunderbird
2008-08-31 12:30 --------- d-----w C:\Program Files\iTunes
2008-08-30 00:04 --------- d-----w C:\Program Files\FlashGet
2008-08-27 23:40 --------- d-----w C:\Documents and Settings\user\Application Data\Apple Computer
2008-08-27 23:24 --------- d-----w C:\Program Files\Bonjour
2008-08-26 16:52 --------- d-----w C:\Documents and Settings\user\Application Data\gtk-2.0
2008-08-16 01:59 84,496 ----a-w C:\Documents and Settings\user\Application Data\GDIPFONTCACHEV1.DAT
2008-08-07 12:39 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-07-31 22:37 --------- d-----w C:\Program Files\Java
2008-07-26 23:00 --------- d-----w C:\Documents and Settings\user\Application Data\GrabIt
2008-07-26 17:27 --------- d-----w C:\Documents and Settings\user\Application Data\Samsung
2008-07-26 17:19 --------- d-----w C:\Program Files\Samsung
2008-07-26 17:14 --------- d-----w C:\Documents and Settings\All Users\Application Data\Bluetooth
2008-07-26 16:41 --------- d-----w C:\Program Files\IVT Corporation
2008-07-22 08:51 --------- d-----w C:\Documents and Settings\user\Application Data\OpenOffice.org2
2008-07-16 17:33 --------- d-----w C:\Documents and Settings\All Users\Application Data\FLEXnet
2008-07-16 17:28 --------- d-----w C:\Program Files\Fichiers communs\Adobe
2008-07-16 17:14 --------- d-----w C:\Program Files\Fichiers communs\Macrovision Shared
2008-07-16 13:42 --------- d-----w C:\Program Files\GIMP-2.0
2008-02-14 12:23 2,293,848 ----a-w C:\Program Files\FLV PlayerFCSetup.exe
2008-02-14 12:19 3,955,352 ----a-w C:\Program Files\FLV PlayerRCATSetup.exe
2008-02-14 12:17 411,248 ----a-w C:\Program Files\FLV PlayerRCSetup.exe
2007-04-23 22:34 278,528 -c–a-w C:\Program Files\Fichiers communs\FDEUnInstaller.exe
2004-08-05 12:00 60,416 -csha-w C:\WINDOWS\BricoPacks\SysFiles\80_msimn.exe
2007-03-09 08:12 27,648 --sha-w C:\WINDOWS\system32\AVSredirect.dll
.

((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
Note les ?l?ments vides & les ?l?ments initiaux l?gitimes ne sont pas list?s
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
“BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}”=“C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe” [2006-06-01 94208]
“ctfmon.exe”=“C:\WINDOWS\system32\ctfmon.exe” [2004-08-05 15360]
“msnmsgr”=“C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe” [2007-10-18 5724184]
“MSMSGS”=“C:\Program Files\Messenger\msmsgs.exe” [2004-10-13 1694208]
“RocketDock”=“C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe” [2007-03-19 630784]
“swg”=“C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe” [2008-04-17 68856]
“Google Update”=“C:\Documents and Settings\user\Local Settings\Application Data\Google\Update\GoogleUpdate.exe” [2008-09-06 133104]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
“IMJPMIG8.1”=“C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE” [2004-08-05 208952]
“PHIME2002ASync”=“C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE” [2004-08-05 455168]
“PHIME2002A”=“C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE” [2004-08-05 455168]
“ATIPTA”=“C:\ATI Technologies\ATI Control Panel\atiptaxx.exe” [2004-08-12 339968]
“SunJavaUpdateSched”=“C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe” [2008-06-10 144784]
“NeroFilterCheck”=“C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe” [2006-01-12 155648]
“LXCYCATS”=“C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCYtime.dll” [2006-02-24 65536]
“ISUSPM”=“C:\Program Files\Fichiers communs\InstallShield\UpdateService\ISUSPM.exe” [2006-03-20 213936]
“TkBellExe”=“C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe” [2007-08-26 185632]
“AppleSyncNotifier”=“C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe” [2008-07-22 116040]
“QuickTime Task”=“C:\Program Files\QuickTime\QTTask.exe” [2008-05-27 413696]
“AVP”=“C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe” [2008-04-25 201992]
“Raccourci vers la page des propriétés de High Definition Audio”=“HDAudPropShortcut.exe” [2004-03-17 C:\WINDOWS\system32\Hdaudpropshortcut.exe]
“SoundMan”=“SOUNDMAN.EXE” [2006-07-21 C:\WINDOWS\SoundMan.exe]
“AlcWzrd”=“ALCWZRD.EXE” [2006-05-04 C:\WINDOWS\alcwzrd.exe]

[HKEY_USERS.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
“CTFMON.EXE”=“C:\WINDOWS\system32\CTFMON.EXE” [2004-08-05 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
“AllowLegacyWebView”= 1 (0x1)
“AllowUnhashedWebView”= 1 (0x1)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
“VIDC.dvsd”= C:\Program Files\Fichiers communs\Sony Shared\VideoLib\sonydv.dll
“msacm.iac2”= C:\PROGRA~1\REPLAY~1\iac25_32.ax

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
“DisableMonitoring”=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
“DisableMonitoring”=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
“DisableMonitoring”=dword:00000001

[HKLM~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
“EnableFirewall”= 0 (0x0)

[HKLM~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
“%ProgramFiles%\AOL 9.0\aol.exe”=
“%ProgramFiles%\UBISOFT\Splinter Cell Pandora Tomorrow\logo_ubi.exe”=
“%ProgramFiles%\UBISOFT\Splinter Cell Pandora Tomorrow\pandora.exe”=
“%windir%\system32\sessmgr.exe”=
“C:\APPS\Inventime\my.exe”=
“C:\WINDOWS\system32\rtcshare.exe”=
“C:\Program Files\Real\RealPlayer\realplay.exe”=
“C:\Program Files\Java\jre1.5.0_05\bin\javaw.exe”=
“%windir%\Network Diagnostic\xpnetdiag.exe”=
“C:\Program Files\utorrent\utorrent.exe”=
“C:\WINDOWS\system32\dpvsetup.exe”=
“C:\Program Files\Nero\Nero 7\Nero Home\NeroHome.exe”=
“C:\Program Files\Mozilla Firefox\firefox.exe”=
“C:\Program Files\Messenger\msmsgs.exe”=
“C:\Program Files\Last.fm\LastFM.exe”=
“C:\Program Files\Opera\Opera.exe”=
“C:\Program Files\eMule\emule.exe”=
“C:\Program Files\Windows Live\Messenger\msnmsgr.exe”=
“C:\Program Files\Windows Live\Messenger\livecall.exe”=
“C:\Program Files\Maple 9.5\jre\bin\java.exe”=
“C:\Program Files\Maple 9.5\bin.win\mserver.exe”=
“C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe”=
“C:\Program Files\Bonjour\mDNSResponder.exe”=
“C:\Program Files\iTunes\iTunes.exe”=

[HKLM~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
“6346:TCP”= 6346:TCP:Shareaza
“6346:UDP”= 6346:UDP:Shareaza

R0 BtHidBus;Bluetooth HID Bus Service;C:\WINDOWS\system32\Drivers\BtHidBus.sys [2008-01-21 21512]
R0 klbg;Kaspersky Lab Boot Guard Driver;C:\WINDOWS\system32\drivers\klbg.sys [2008-01-29 32784]
R1 ewido security suite driver;ewido security suite driver;C:\Program Files\ewido anti-malware\guard.sys [2005-12-30 3072]
R3 lxcy_device;lxcy_device;C:\WINDOWS\system32\lxcycoms.exe [2006-02-20 495616]
R3 SIS163u;SiS163 usb Wireless LAN Adapter Driver;C:\WINDOWS\system32\DRIVERS\sis163u.sys [2005-06-20 215040]
R3 usbscan;Pilote de scanneur USB;C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
R3 USBSTOR;Pilote de stockage de masse USB;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]
S3 ICScsiSV;Image Converter SCSI Service;C:\Program Files\Sony\IMAGE CONVERTER 3\ICScsiSV.exe [2007-01-26 75952]
S3 IcVzMonLauncher;IcVzMonLauncher;C:\Program Files\Sony\IMAGE CONVERTER 3\IcVzMonLauncher.exe [2007-01-26 67760]
S3 Image Converter video recording monitor for VAIO Entertainment;Image Converter video recording monitor for VAIO Entertainment;C:\Program Files\Sony\IMAGE CONVERTER 3\IcVzMon.exe [2007-01-26 43184]
S3 IvtBtBUs;IVT Bluetooth Bus Service;C:\WINDOWS\system32\Drivers\IvtBtBus.sys [2008-01-21 26248]
S3 nenum13E;nenum13E;C:\DOCUME~1\user\LOCALS~1\Temp\nenum13E.sys [ ]
S4 AutoSyncService;Memeo AutoSync service;C:\Program Files\Memeo\AutoSync\MemeoService.exe [2007-07-06 31768]
.
Contenu du dossier ‘Scheduled Tasks/T?ches planifi?es’
.
.
------- Supplementary Scan -------
.
FireFox -: Profile - C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\65o8xtw6.default
FireFox -: prefs.js - SEARCH.DEFAULTURL - www.google.com…
FF -: plugin - C:\Documents and Settings\All Users\Application Data\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll
FF -: plugin - C:\Documents and Settings\user\Local Settings\Application Data\Google\Update\1.2.131.11\npGoogleOneClick5.dll
FF -: plugin - C:\Program Files\Adobe\Acrobat 7.0\Reader\browser\nppdf32.dll
FF -: plugin - C:\Program Files\DivX\DivX Content Uploader\npUpload.dll
FF -: plugin - C:\Program Files\ma-config.com\nphardwaredetection.dll
FF -: plugin - C:\Program Files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll
FF -: plugin - C:\Program Files\Yahoo!\Common\npyaxmpb.dll
.


catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, www.gmer.net…
Rootkit scan 2008-09-07 12:27:59
Windows 5.1.2600 Service Pack 2 NTFS

Balayage processus cach?s …

Balayage cach? autostart entries …

Balayage des fichiers cach?s …

Scan termin? avec succ?s
Les fichiers cach?s: 0


[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\MysqlInventime]
“ImagePath”=“c:\mysql\bin\mysqld-nt MysqlInventime”
.
--------------------- DLLs a charg? sous des processus courants ---------------------

PROCESS: C:\WINDOWS\explorer.exe
-> C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.dll
.
------------------------ Other Running Processes ------------------------
.
C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\CTSVCCDA.EXE
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\WINDOWS\system32\wscntfy.exe
.


.
Temps d’accomplissement: 2008-09-07 12:34:49 - machine was rebooted
ComboFix-quarantined-files.txt 2008-09-07 10:34:38

Pre-Run: 57,457,541,120 octets libres
Post-Run: 57,468,297,216 octets libres

304 — E O F — 2008-08-21 19:15:06