Sécurité informatique Forum Index

Sécurité informatique
Sécurité informatique

 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 

Kaspersky : Scanner en ligne
Soucis de spyware

 
Post new topic   Reply to topic    Sécurité informatique Forum Index -> Sécurité informatique -> Désinfection
Previous topic :: Next topic  
Author Message
Bolide19


Offline

Joined: 11 May 2008
Posts: 5
Point(s): 0
Moyenne de points: 0.00
PostPosted: 11/05/2008 22:18:13    Post subject: Soucis de spyware Reply with quote
Bonsoir,

Voilà j'ai un p'tit soucis depuis ce soir, dès que j'ouvre Firefox j'ai aussitôt trois fenêtres qui s'ouvrent...
J'ai une soit disant fenêtre du centre de sécurité Windows qui me dit que je suis infecté et que je doit télécharger un Antispyware v2007 mais je ne me souviens plus du nom.
J'ai donc pensé à une infection style spyware, c'est pourquoi j'ai fait un scan avec HijackThis. Je vous met le rapport, si un spécialiste passe par là...
Merci d'avance de toute l'aide que vous pourrez m'apporter.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:57:50, on 11/05/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\VistaDrive\VistaDrive.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\ASUS\AI Suite\AiNap\AiNap.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe
C:\Program Files\Logitech\QuickCam\Quickcam.exe
C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe
C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe
C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe
C:\Program Files\Fichiers communs\Acronis\Schedule2\schedhlp.exe
C:\Program Files\VisualTooltip\VisualToolTip.exe
C:\Program Files\UberIcon\UberIcon Manager.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\RocketDock\RocketDock.exe
C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe
C:\Program Files\Ditto\Ditto.exe
C:\Program Files\SuperCopier2\SuperCopier2.exe
C:\Program Files\HACE\Mmm\Mmm.exe
C:\Program Files\DAEMON Tools Lite\daemon.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIABE.EXE
C:\Program Files\Windows Sidebar\sidebar.exe
C:\documents and settings\administrateur\local settings\application data\dpdtav.exe
C:\Program Files\IdiomaX\Translation Assistant 4.0\TrasWord.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\VisualTooltip\VisualToolTip.exe
C:\Program Files\Fichiers communs\Logishrd\KHAL2\KHALMNPR.EXE
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe
C:\WINDOWS\ATKKBService.exe
C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\oodag.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Acronis\Fomatik\TrueImageTryStartService.exe
C:\Program Files\Fichiers communs\BitDefender\BitDefender Communicator\xcommsvr.exe
C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe
C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Fichiers communs\Logishrd\LQCVFX\COCIManager.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Ashampoo\Ashampoo AntiSpyWare 2\AntiSpyWareService.exe
C:\Program Files\Ashampoo\Ashampoo AntiSpyWare 2\AntiSpyWare2Guard.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.aliceadsl.fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Alice ADSL
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - Default URLSearchHook is missing
O1 - Hosts: 66.98.148.65 auto.search.msn.com
O1 - Hosts: 66.98.148.65 auto.search.msn.es
O2 - BHO: SnagIt Toolbar Loader - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\SnagIt 8\SnagItBHO.dll
O2 - BHO: GigagetIEHelper - {111CAA23-6F4F-42AC-8555-B48C1D87BBAB} - C:\WINDOWS\system32\gigagetbho_v10.dll
O2 - BHO: e-Carte Bleue Browser Helper Object - {2E03C0FD-4C48-43A7-9A54-00240C70FF16} - C:\WINDOWS\system32\BhoECart.dll
O2 - BHO: (no name) - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: iGraal - {88F05591-0079-4c37-B138-5DA8BC1782EF} - C:\Program Files\iGraal\iGraal.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: &Google Notebook - {CCCCCCD3-666F-4F81-8B69-745DE9F6D897} - C:\Program Files\Google\Google Notebook\gnotes1.0.2.19--1211691439.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: &RoboForm - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2008\IEToolbar.dll
O3 - Toolbar: Google Bloc-notes - {CCCCCCDB-4DDB-4703-95D4-DD2C526397BF} - C:\Program Files\Google\Google Notebook\gnotes1.0.2.19--1211691439.dll
O3 - Toolbar: SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\SnagIt 8\SnagItIEAddin.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: iGraal - {88F05591-0079-4c37-B138-5DA8BC1782EF} - C:\Program Files\iGraal\iGraal.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O4 - HKLM\..\Run: [VistaDrive] C:\WINDOWS\VistaDrive\VistaDrive.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Ai Nap] "C:\Program Files\ASUS\AI Suite\AiNap\AiNap.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide
O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe"
O4 - HKLM\..\Run: [TrueImageMonitor.exe] C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe
O4 - HKLM\..\Run: [AcronisTimounterMonitor] C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe
O4 - HKLM\..\Run: [Acronis Scheduler2 Service] "C:\Program Files\Fichiers communs\Acronis\Schedule2\schedhlp.exe"
O4 - HKLM\..\Run: [EPSON Stylus D88 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIABE.EXE /P23 "EPSON Stylus D88 Series" /O6 "USB001" /M "Stylus D88"
O4 - HKLM\..\Run: [VisualTooltip] C:\Program Files\VisualTooltip\VisualToolTip.exe
O4 - HKLM\..\Run: [CloneCDTray] "C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe" /s
O4 - HKLM\..\Run: [AntiSpyWare2Guard] C:\Program Files\Ashampoo\Ashampoo AntiSpyWare 2\AntiSpyWare2Guard.exe
O4 - HKLM\..\Run: ['Ashampoo AntiSpyWare 2 Guard'] C:\Program Files\Ashampoo\Ashampoo AntiSpyWare 2\AntiSpyWare2Guard.exe
O4 - HKCU\..\Run: [UberIcon] "C:\Program Files\UberIcon\UberIcon Manager.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [RocketDock] "C:\Program Files\RocketDock\RocketDock.exe"
O4 - HKCU\..\Run: [RoboForm] "C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe"
O4 - HKCU\..\Run: [Ditto] C:\Program Files\Ditto\Ditto.exe
O4 - HKCU\..\Run: [SuperCopier2.exe] C:\Program Files\SuperCopier2\SuperCopier2.exe
O4 - HKCU\..\Run: [Mmm] "C:\Program Files\HACE\Mmm\Mmm.exe"
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [EPSON Stylus D88 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIABE.EXE /P23 "EPSON Stylus D88 Series" /M "Stylus D88" /EF "HKCU"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [dpdtav] c:\documents and settings\administrateur\local settings\application data\dpdtav.exe dpdtav
O4 - S-1-5-18 Startup: VisualToolTip.lnk = ? (User 'SYSTEM')
O4 - .DEFAULT Startup: VisualToolTip.lnk = ? (User 'Default user')
O4 - .DEFAULT User Startup: VisualToolTip.lnk = ? (User 'Default user')
O4 - Startup: VisualToolTip.lnk = ?
O4 - Global Startup: Assistant de traduction IdiomaX.lnk = C:\Program Files\IdiomaX\Translation Assistant 4.0\TrasWord.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O8 - Extra context menu item: &Download All by Gigaget - C:\Program Files\Giganology\Gigaget\getallurl.htm
O8 - Extra context menu item: &Download by Gigaget - C:\Program Files\Giganology\Gigaget\geturl.htm
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O8 - Extra context menu item: Barre RoboForm - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Enregistrer le formulaire - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O8 - Extra context menu item: Page à noter (Google Bloc-notes) - res://C:\Program Files\Google\Google Notebook\gnotes1.0.2.19--1211691439.dll/gn_menu1.html
O8 - Extra context menu item: Personnaliser le menu - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html
O8 - Extra context menu item: Remplir le formulaire - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O8 - Extra context menu item: À noter (Google Bloc-notes) - res://C:\Program Files\Google\Google Notebook\gnotes1.0.2.19--1211691439.dll/gn_menu2.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Remplir - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra 'Tools' menuitem: Remplir le formulaire - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra button: Enregistrer - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra 'Tools' menuitem: Enregistrer le formulaire - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra button: Barre RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O9 - Extra 'Tools' menuitem: Barre RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O9 - Extra button: iGraal - {88F05591-0079-4c37-B138-5DA8BC1782EF} - C:\Program Files\iGraal\iGraal.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: Correcteur - {F7C8E5F6-B6D1-45db-8D91-2BCFA5DF11A9} - C:\Program Files\Druide\Antidote\Internet Explorer\7\Antidote K - IE 7.htm (HKCU)
O9 - Extra button: Dictionnaires - {F9B969E8-58D0-4dd9-AC8A-EE2336FF8F65} - C:\Program Files\Druide\Antidote\Internet Explorer\7\Antidote D - IE 7.htm (HKCU)
O9 - Extra button: Guides - {FA089E36-3F1B-4c51-9A1A-C4E7012483AF} - C:\Program Files\Druide\Antidote\Internet Explorer\7\Antidote G - IE 7.htm (HKCU)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/w…
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client…
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O23 - Service: Ashampoo AntiSpyWare 2 Service (AASW2_Service) - Unknown owner - C:\Program Files\Ashampoo\Ashampoo AntiSpyWare 2\AntiSpyWareService.exe
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe
O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Fichiers communs\Logitech\Bluetooth\LBTServ.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - BitDefender SRL - C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe
O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: O&O Defrag - O&O Software GmbH - C:\WINDOWS\system32\oodag.exe
O23 - Service: Acronis Try And Decide Service (TryAndDecideService) - Unknown owner - C:\Program Files\Fichiers communs\Acronis\Fomatik\TrueImageTryStartService.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S.R.L. - C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe
O23 - Service: BitDefender Communicator (XCOMM) - BitDefender - C:\Program Files\Fichiers communs\BitDefender\BitDefender Communicator\xcommsvr.exe

--
End of file - 15454 bytes
Back to top
Anthony10
Administrateur

Offline

Joined: 17 Mar 2007
Posts: 355
Localisation: Le Mans
Point(s): 0
Moyenne de points: 0.00
PostPosted: 11/05/2008 23:25:52    Post subject: Soucis de spyware Reply with quote
Bonsoir et bienvenue,

Etape 1 : Deckard's System Scanner (DSS)
Télécharge Deckard's System Scanner (de Deckard) sur ton Bureau.

Ferme toutes les applications en cours.
Double-clique sur dss.exe pour lancer l'outil.
Clique sur OK à chaque fois que cela sera demandé.
L'analyse finie, un fichier texte s'affichera (main.txt).
Ferme cette fenêtre.

Envoie le rapport main.txt de DSS (C:\Deckard\System Scanner\main.txt).

Anthony.
Back to top
Bolide19


Offline

Joined: 11 May 2008
Posts: 5
Point(s): 0
Moyenne de points: 0.00
PostPosted: 12/05/2008 09:16:34    Post subject: Soucis de spyware Reply with quote
Tout d'abord, merci de ton aide Wink
Ensuite voici le rapport :

Deckard's System Scanner v20071014.68
Run by Administrateur on 2008-05-12 08:39:07
Computer is in Normal Mode.
--------------------------------------------------------------------------------



-- HijackThis (run as Administrateur.exe) --------------------------------------

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 08:39:08, on 12/05/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\ASUS\AI Suite\AiNap\AiNap.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe
C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe
C:\Program Files\Fichiers communs\Acronis\Schedule2\schedhlp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIABE.EXE
C:\documents and settings\administrateur\local settings\application data\dpdtav.exe
C:\Program Files\IdiomaX\Translation Assistant 4.0\TrasWord.exe
C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe
C:\WINDOWS\ATKKBService.exe
C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\oodag.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\BitDefender\BitDefender Communicator\xcommsvr.exe
C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe
C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe
C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Fichiers communs\Logishrd\LQCVFX\COCIManager.exe
C:\WINDOWS\System32\svchost.exe
C:\Documents and Settings\Administrateur\Bureau\CHARGEMENT\dss.exe
C:\PROGRA~1\TRENDM~1\HIJACK~1\ADMINI~1.EXE
C:\WINDOWS\system32\wbem\wmiprvse.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.aliceadsl.fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Alice ADSL
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - Default URLSearchHook is missing
O1 - Hosts: 66.98.148.65 auto.search.msn.com
O1 - Hosts: 66.98.148.65 auto.search.msn.es
O2 - BHO: SnagIt Toolbar Loader - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\SnagIt 8\SnagItBHO.dll
O2 - BHO: GigagetIEHelper - {111CAA23-6F4F-42AC-8555-B48C1D87BBAB} - C:\WINDOWS\system32\gigagetbho_v10.dll
O2 - BHO: e-Carte Bleue Browser Helper Object - {2E03C0FD-4C48-43A7-9A54-00240C70FF16} - C:\WINDOWS\system32\BhoECart.dll
O2 - BHO: (no name) - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: iGraal - {88F05591-0079-4c37-B138-5DA8BC1782EF} - C:\Program Files\iGraal\iGraal.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: &Google Notebook - {CCCCCCD3-666F-4F81-8B69-745DE9F6D897} - C:\Program Files\Google\Google Notebook\gnotes1.0.2.19--1211691439.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: &RoboForm - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2008\IEToolbar.dll
O3 - Toolbar: Google Bloc-notes - {CCCCCCDB-4DDB-4703-95D4-DD2C526397BF} - C:\Program Files\Google\Google Notebook\gnotes1.0.2.19--1211691439.dll
O3 - Toolbar: SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\SnagIt 8\SnagItIEAddin.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: iGraal - {88F05591-0079-4c37-B138-5DA8BC1782EF} - C:\Program Files\iGraal\iGraal.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O4 - HKLM\..\Run: [VistaDrive] C:\WINDOWS\VistaDrive\VistaDrive.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Ai Nap] "C:\Program Files\ASUS\AI Suite\AiNap\AiNap.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide
O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe"
O4 - HKLM\..\Run: [TrueImageMonitor.exe] C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe
O4 - HKLM\..\Run: [AcronisTimounterMonitor] C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe
O4 - HKLM\..\Run: [Acronis Scheduler2 Service] "C:\Program Files\Fichiers communs\Acronis\Schedule2\schedhlp.exe"
O4 - HKLM\..\Run: [EPSON Stylus D88 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIABE.EXE /P23 "EPSON Stylus D88 Series" /O6 "USB001" /M "Stylus D88"
O4 - HKLM\..\Run: [VisualTooltip] C:\Program Files\VisualTooltip\VisualToolTip.exe
O4 - HKLM\..\Run: [CloneCDTray] "C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe" /s
O4 - HKLM\..\Run: [AntiSpyWare2Guard] C:\Program Files\Ashampoo\Ashampoo AntiSpyWare 2\AntiSpyWare2Guard.exe
O4 - HKLM\..\Run: ['Ashampoo AntiSpyWare 2 Guard'] C:\Program Files\Ashampoo\Ashampoo AntiSpyWare 2\AntiSpyWare2Guard.exe
O4 - HKCU\..\Run: [UberIcon] "C:\Program Files\UberIcon\UberIcon Manager.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [RocketDock] "C:\Program Files\RocketDock\RocketDock.exe"
O4 - HKCU\..\Run: [RoboForm] "C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe"
O4 - HKCU\..\Run: [Ditto] C:\Program Files\Ditto\Ditto.exe
O4 - HKCU\..\Run: [SuperCopier2.exe] C:\Program Files\SuperCopier2\SuperCopier2.exe
O4 - HKCU\..\Run: [Mmm] "C:\Program Files\HACE\Mmm\Mmm.exe"
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [EPSON Stylus D88 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIABE.EXE /P23 "EPSON Stylus D88 Series" /M "Stylus D88" /EF "HKCU"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [dpdtav] c:\documents and settings\administrateur\local settings\application data\dpdtav.exe dpdtav
O4 - S-1-5-18 Startup: VisualToolTip.lnk = ? (User 'SYSTEM')
O4 - .DEFAULT Startup: VisualToolTip.lnk = ? (User 'Default user')
O4 - .DEFAULT User Startup: VisualToolTip.lnk = ? (User 'Default user')
O4 - Startup: VisualToolTip.lnk = ?
O4 - Global Startup: Assistant de traduction IdiomaX.lnk = C:\Program Files\IdiomaX\Translation Assistant 4.0\TrasWord.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O8 - Extra context menu item: &Download All by Gigaget - C:\Program Files\Giganology\Gigaget\getallurl.htm
O8 - Extra context menu item: &Download by Gigaget - C:\Program Files\Giganology\Gigaget\geturl.htm
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O8 - Extra context menu item: Barre RoboForm - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Enregistrer le formulaire - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O8 - Extra context menu item: Page à noter (Google Bloc-notes) - res://C:\Program Files\Google\Google Notebook\gnotes1.0.2.19--1211691439.dll/gn_menu1.html
O8 - Extra context menu item: Personnaliser le menu - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html
O8 - Extra context menu item: Remplir le formulaire - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O8 - Extra context menu item: À noter (Google Bloc-notes) - res://C:\Program Files\Google\Google Notebook\gnotes1.0.2.19--1211691439.dll/gn_menu2.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Remplir - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra 'Tools' menuitem: Remplir le formulaire - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra button: Enregistrer - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra 'Tools' menuitem: Enregistrer le formulaire - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra button: Barre RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O9 - Extra 'Tools' menuitem: Barre RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O9 - Extra button: iGraal - {88F05591-0079-4c37-B138-5DA8BC1782EF} - C:\Program Files\iGraal\iGraal.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: Correcteur - {F7C8E5F6-B6D1-45db-8D91-2BCFA5DF11A9} - C:\Program Files\Druide\Antidote\Internet Explorer\7\Antidote K - IE 7.htm (HKCU)
O9 - Extra button: Dictionnaires - {F9B969E8-58D0-4dd9-AC8A-EE2336FF8F65} - C:\Program Files\Druide\Antidote\Internet Explorer\7\Antidote D - IE 7.htm (HKCU)
O9 - Extra button: Guides - {FA089E36-3F1B-4c51-9A1A-C4E7012483AF} - C:\Program Files\Druide\Antidote\Internet Explorer\7\Antidote G - IE 7.htm (HKCU)
O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/activescan/cabs/as2stubie.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/w…
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client…
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O23 - Service: Ashampoo AntiSpyWare 2 Service (AASW2_Service) - Unknown owner - C:\Program Files\Ashampoo\Ashampoo AntiSpyWare 2\AntiSpyWareService.exe
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe
O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Fichiers communs\Logitech\Bluetooth\LBTServ.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - BitDefender SRL - C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe
O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: O&O Defrag - O&O Software GmbH - C:\WINDOWS\system32\oodag.exe
O23 - Service: Acronis Try And Decide Service (TryAndDecideService) - Unknown owner - C:\Program Files\Fichiers communs\Acronis\Fomatik\TrueImageTryStartService.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S.R.L. - C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe
O23 - Service: BitDefender Communicator (XCOMM) - BitDefender - C:\Program Files\Fichiers communs\BitDefender\BitDefender Communicator\xcommsvr.exe

--
End of file - 14551 bytes

-- Files created between 2008-04-12 and 2008-05-12 -----------------------------

2008-05-11 22:27:40 0 d-------- C:\Program Files\Panda Security
2008-05-11 21:54:03 0 d-------- C:\Program Files\Trend Micro
2008-05-10 19:57:22 0 dr-h----- C:\Documents and Settings\Administrateur\Recent
2008-05-10 19:46:36 90112 --a------ C:\WINDOWS\MCScripX.dll <Not Verified; Mead & Company Limited; MeadCo ScriptX>
2008-05-10 16:49:59 676224 --a------ C:\WINDOWS\system32\OGACheckControl.dll
2008-05-09 17:38:03 0 d-------- C:\Program Files\InternetGameBox
2008-05-09 16:22:49 0 d-------- C:\Documents and Settings\Administrateur\Application Data\GlarySoft
2008-05-09 16:12:18 0 d-------- C:\Documents and Settings\Administrateur\Application Data\vlc
2008-05-07 18:26:06 0 d-------- C:\Program Files\RapidRefresh
2008-05-05 18:32:40 0 d-------- C:\Program Files\MSXML 4.0
2008-05-05 18:28:54 0 d-------- C:\Documents and Settings\Administrateur\Application Data\EPSON
2008-05-05 17:58:55 0 d-------- C:\Documents and Settings\All Users\Application Data\UDL
2008-05-05 17:55:10 21248 --a------ C:\WINDOWS\system32\drivers\pfc.sys <Not Verified; Padus, Inc.; Padus(R) ASPI Shell>
2008-05-05 17:54:06 495616 --a------ C:\WINDOWS\system32\PICSDK2.dll <Not Verified; SEIKO EPSON CORPORATION; EPSON PIC SDK>
2008-05-05 17:54:06 73728 --a------ C:\WINDOWS\system32\PICSDK.dll <Not Verified; SEIKO EPSON CORPORATION; EPSON PIC SDK>
2008-05-05 17:54:06 77824 --a------ C:\WINDOWS\system32\PICEntry.dll <Not Verified; SEIKO EPSON CORPORATION; EPSON PIC SDK>
2008-05-05 17:54:06 114688 --a------ C:\WINDOWS\system32\EpPicPrt.dll <Not Verified; SEIKO EPSON CORPORATION; EPSON PIC SDK>
2008-05-05 17:54:06 111932 --a------ C:\WINDOWS\system32\EPPICPrinterDB.dat
2008-05-05 17:54:06 1139 --a------ C:\WINDOWS\system32\EPPICPresetData_PT.dat
2008-05-05 17:54:06 1120 --a------ C:\WINDOWS\system32\EPPICPresetData_IT.dat
2008-05-05 17:54:06 1107 --a------ C:\WINDOWS\system32\EPPICPresetData_GE.dat
2008-05-05 17:54:06 1129 --a------ C:\WINDOWS\system32\EPPICPresetData_FR.dat
2008-05-05 17:54:06 1136 --a------ C:\WINDOWS\system32\EPPICPresetData_ES.dat
2008-05-05 17:54:06 1104 --a------ C:\WINDOWS\system32\EPPICPresetData_EN.dat
2008-05-05 17:54:06 1146 --a------ C:\WINDOWS\system32\EPPICPresetData_DU.dat
2008-05-05 17:54:06 1129 --a------ C:\WINDOWS\system32\EPPICPresetData_CF.dat
2008-05-05 17:54:06 1139 --a------ C:\WINDOWS\system32\EPPICPresetData_BP.dat
2008-05-05 17:54:06 4943 --a------ C:\WINDOWS\system32\EPPICPattern6.dat
2008-05-05 17:54:06 21390 --a------ C:\WINDOWS\system32\EPPICPattern5.dat
2008-05-05 17:54:06 11811 --a------ C:\WINDOWS\system32\EPPICPattern4.dat
2008-05-05 17:54:06 24903 --a------ C:\WINDOWS\system32\EPPICPattern3.dat
2008-05-05 17:54:06 20148 --a------ C:\WINDOWS\system32\EPPICPattern2.dat
2008-05-05 17:54:05 31053 --a------ C:\WINDOWS\system32\EPPICPattern131.dat
2008-05-05 17:54:05 27417 --a------ C:\WINDOWS\system32\EPPICPattern121.dat
2008-05-05 17:54:05 26154 --a------ C:\WINDOWS\system32\EPPICPattern1.dat
2008-05-05 17:54:05 65536 --a------ C:\WINDOWS\system32\EPPicMgr.dll <Not Verified; SEIKO EPSON CORPORATION; EPSON PIC SDK>
2008-05-05 17:52:48 0 d-------- C:\Program Files\EPSON
2008-05-04 22:13:23 21504 --a------ C:\WINDOWS\system32\WBCustomizer.dll <Not Verified; ; WBCustomizer Module>
2008-05-04 22:13:23 561179 --a------ C:\WINDOWS\system32\dao360.dll <Not Verified; Microsoft Corporation; Microsoft® Jet>
2008-05-04 22:13:23 0 d-------- C:\Program Files\BA
2008-05-04 17:34:31 0 d-------- C:\VideoSec
2008-05-04 14:46:06 0 d-------- C:\Documents and Settings\LocalService\Application Data\Acronis
2008-05-04 14:43:40 0 d-------- C:\Documents and Settings\All Users\Application Data\Acronis
2008-05-04 14:43:01 0 d-------- C:\Program Files\Fichiers communs\Acronis
2008-05-04 14:43:01 0 d-------- C:\Program Files\Acronis
2008-05-04 14:40:11 0 d-------- C:\Program Files\SpeedCams_Serveur
2008-05-04 14:40:07 74752 --a------ C:\WINDOWS\ST6UNST.EXE <Not Verified; Microsoft Corporation; Microsoft® Visual Basic pour Windows>
2008-05-04 14:35:33 0 d-------- C:\Program Files\Mio Technology
2008-05-04 14:34:41 0 d-------- C:\Program Files\XYplorer
2008-05-04 14:34:11 0 d-------- C:\Program Files\VirtualDub-MPEG2
2008-05-04 13:10:34 0 d-------- C:\Documents and Settings\Administrateur\Application Data\GRETECH
2008-05-03 23:00:53 0 d-------- C:\Program Files\CanRemember
2008-05-03 22:12:21 0 d-------- C:\Program Files\RapidUploader
2008-05-03 21:53:19 0 d-------- C:\Program Files\NotePad
2008-05-03 21:35:45 0 d-------- C:\Program Files\Disc2Phone
2008-05-03 21:33:51 0 d-------- C:\WINDOWS\system32\URTTEMP
2008-05-03 21:32:43 0 d-------- C:\Documents and Settings\Administrateur\Application Data\Teleca
2008-05-03 21:31:38 0 d-------- C:\Documents and Settings\All Users\Application Data\Sony Ericsson
2008-05-03 21:31:35 0 d-------- C:\Program Files\Fichiers communs\Teleca Shared
2008-05-03 21:31:32 0 d-------- C:\Program Files\Sony Ericsson
2008-05-03 21:31:32 0 d-------- C:\Documents and Settings\All Users\Application Data\Teleca
2008-05-03 21:31:12 0 d-------- C:\WINDOWS\Downloaded Installations
2008-05-03 21:29:12 0 d-------- C:\WINDOWS\system32\Samsung_USB_Drivers
2008-05-03 21:28:59 0 d-------- C:\WINDOWS\system32\Samsung PC Studio Codecs
2008-05-03 21:28:51 684032 --a------ C:\WINDOWS\system32\fun_mp4_enc.dll <Not Verified; Mobile Leader; MPEG4 Encoder Dynamic Link Library>
2008-05-03 21:28:51 0 d-------- C:\Program Files\Samsung
2008-05-03 21:28:50 77824 --a------ C:\WINDOWS\system32\fun_mp4_dec.dll <Not Verified; Mobile Leader; MPEG4 Video Codec Library>
2008-05-03 21:28:50 2729472 --a------ C:\WINDOWS\system32\fun_avcodec.dll
2008-05-03 21:27:13 0 d-------- C:\Program Files\Avanquest update
2008-05-03 21:27:00 24192 -r------- C:\WINDOWS\system32\drivers\USBSER.SYS <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-05-03 21:26:24 22768 --a------ C:\Documents and Settings\Administrateur\usbsermpt.sys <Not Verified; Microsoft Corporation; Microsoft(R) Windows (R) 2000 Operating System>
2008-05-03 21:26:20 0 d-------- C:\Program Files\Motorola Phone Tools
2008-05-03 21:26:20 0 d-------- C:\Documents and Settings\All Users\Application Data\BVRP Software
2008-05-03 21:23:56 0 d-------- C:\Program Files\VirtualDub
2008-05-03 21:22:20 22528 --a------ C:\WINDOWS\exeshl.dll
2008-05-03 21:21:50 0 d-------- C:\Program Files\ZikiTranslator
2008-05-03 21:19:37 0 d-------- C:\Program Files\BabylonPortable
2008-05-03 20:04:11 0 d-------- C:\Program Files\iGraal
2008-05-03 18:46:15 0 d-------- C:\Documents and Settings\Administrateur\Application Data\Adobe
2008-05-03 18:46:14 0 d-------- C:\Documents and Settings\All Users\Application Data\Yahoo!
2008-05-03 18:44:32 0 d-------- C:\Program Files\Yahoo!
2008-05-03 18:41:01 0 d-------- C:\Program Files\Messenger Plus! Live
2008-05-03 18:38:01 0 d-------- C:\Program Files\Microsoft SQL Server Compact Edition
2008-05-03 18:37:42 0 d-------- C:\Program Files\Windows Live Favorites
2008-05-03 18:37:38 0 d-------- C:\Program Files\Windows Live Toolbar
2008-05-03 18:32:49 0 d--hs--c- C:\Program Files\Fichiers communs\WindowsLiveInstaller
2008-05-03 18:32:37 0 d-------- C:\Documents and Settings\All Users\Application Data\WLInstaller
2008-05-03 18:18:17 0 d-------- C:\Program Files\Microsoft CAPICOM 2.1.0.2


-- Find3M Report ---------------------------------------------------------------

2008-05-12 08:37:35 81984 --a------ C:\WINDOWS\system32\bdod.bin
2008-05-11 22:23:45 0 d-------- C:\Documents and Settings\Administrateur\Application Data\Ditto
2008-05-11 21:12:18 0 d-------- C:\Program Files\Ashampoo
2008-05-10 20:00:45 0 d-------- C:\Documents and Settings\Administrateur\Application Data\Macromedia
2008-05-10 19:59:57 0 d-------- C:\Program Files\RegClean
2008-05-10 16:36:13 0 d-------- C:\Program Files\RestorWIN
2008-05-10 16:29:25 0 d-------- C:\Program Files\jv16 PowerTools 2007
2008-05-10 16:05:33 0 d-------- C:\Program Files\Téléchargement PHOTOWAYS
2008-05-10 15:57:22 0 d-------- C:\Program Files\SlySoft
2008-05-10 09:45:26 0 d-------- C:\Program Files\AIMP2
2008-05-10 09:41:36 0 d-------- C:\Program Files\VisualTooltip
2008-05-10 09:34:04 0 d-------- C:\Program Files\i-Covers
2008-05-08 21:38:41 0 d-------- C:\Program Files\FileZilla FTP Client
2008-05-07 17:12:55 0 d-------- C:\Documents and Settings\Administrateur\Application Data\uTorrent
2008-05-07 17:02:06 0 d-------- C:\Program Files\Ditto
2008-05-05 18:33:05 0 d-------- C:\Program Files\Windows Live
2008-05-05 18:00:27 0 d--h----- C:\Program Files\InstallShield Installation Information
2008-05-05 17:59:51 0 d-------- C:\Program Files\Fichiers communs\InstallShield
2008-05-05 17:54:37 0 d-------- C:\Program Files\ArcSoft
2008-05-04 14:43:01 0 d-------- C:\Program Files\Fichiers communs
2008-05-03 22:46:34 0 d-------- C:\Program Files\RapGet
2008-05-03 21:59:25 10 --a------ C:\Documents and Settings\Administrateur\Application Data\iColor.ini
2008-05-03 21:35:06 474282 --a------ C:\WINDOWS\system32\perfh00C.dat
2008-05-03 21:35:06 77708 --a------ C:\WINDOWS\system32\perfc00C.dat


-- Registry Dump ---------------------------------------------------------------

*Note* empty entries & legit default entries are not shown


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"VistaDrive"="C:\WINDOWS\VistaDrive\VistaDrive.exe" [05/10/2006 21:56]
"RTHDCPL"="RTHDCPL.EXE" [21/03/2007 08:49 C:\WINDOWS\RTHDCPL.exe]
"Ai Nap"="C:\Program Files\ASUS\AI Suite\AiNap\AiNap.exe" [09/04/2007 15:49]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [03/01/2008 16:26]
"nwiz"="nwiz.exe" [03/01/2008 16:26 C:\WINDOWS\system32\nwiz.exe]
"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [03/01/2008 16:26]
"LVCOMSX"="C:\WINDOWS\system32\LVCOMSX.EXE" [01/09/2005 14:04]
"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [29/11/2007 03:17 C:\WINDOWS\KHALMNPR.Exe]
"LogitechCommunicationsManager"="C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe" [25/10/2007 17:33]
"LogitechQuickCamRibbon"="C:\Program Files\Logitech\QuickCam\Quickcam.exe" [25/10/2007 17:37]
"BDAgent"="C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe" [06/02/2008 10:09]
"TrueImageMonitor.exe"="C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe" [07/10/2007 17:01]
"AcronisTimounterMonitor"="C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe" [07/10/2007 17:36]
"Acronis Scheduler2 Service"="C:\Program Files\Fichiers communs\Acronis\Schedule2\schedhlp.exe" [07/10/2007 17:08]
"EPSON Stylus D88 Series"="C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIABE.exe" [27/01/2005 06:00]
"VisualTooltip"="C:\Program Files\VisualTooltip\VisualToolTip.exe" [25/04/2007 09:45]
"CloneCDTray"="C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe" [28/09/2006 21:21]
"AntiSpyWare2Guard"="C:\Program Files\Ashampoo\Ashampoo AntiSpyWare 2\AntiSpyWare2Guard.exe" [13/03/2008 14:36]
"'Ashampoo AntiSpyWare 2 Guard'"="C:\Program Files\Ashampoo\Ashampoo AntiSpyWare 2\AntiSpyWare2Guard.exe" [13/03/2008 14:36]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"UberIcon"="C:\Program Files\UberIcon\UberIcon Manager.exe" [18/07/2006 00:16]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [08/02/2008 00:12]
"RocketDock"="C:\Program Files\RocketDock\RocketDock.exe" [02/09/2007 14:58]
"RoboForm"="C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe" [05/02/2008 21:44]
"Ditto"="C:\Program Files\Ditto\Ditto.exe" [16/01/2008 20:45]
"SuperCopier2.exe"="C:\Program Files\SuperCopier2\SuperCopier2.exe" [07/07/2006 18:45]
"Mmm"="C:\Program Files\HACE\Mmm\Mmm.exe" [05/07/2005 15:34]
"DAEMON Tools Lite"="C:\Program Files\DAEMON Tools Lite\daemon.exe" [01/04/2008 11:39]
"EPSON Stylus D88 Series"="C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIABE.exe" [27/01/2005 06:00]
"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe" [02/12/2007 23:58]
"dpdtav"="c:\documents and settings\administrateur\local settings\application data\dpdtav.exe" [09/05/2008 17:38]

C:\Documents and Settings\Administrateur\Menu D‚marrer\Programmes\D‚marrage\
VisualToolTip.lnk - C:\Program Files\VisualTooltip\VisualToolTip.exe [25/04/2007 09:45:44]

C:\Documents and Settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
Assistant de traduction IdiomaX.lnk - C:\Program Files\IdiomaX\Translation Assistant 4.0\TrasWord.exe [19/01/2007 13:24:52]
Logitech SetPoint.lnk - C:\Program Files\Logitech\SetPoint\SetPoint.exe [05/02/2008 21:34:06]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoSMBalloonTip"=0 (0x0)
"NoDesktopCleanupWizard"=1 (0x1)
"ForceClassicControlPanel"=1 (0x1)

[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"NoSMBalloonTip"=0 (0x0)
"NoDesktopCleanupWizard"=1 (0x1)
"ForceClassicControlPanel"=1 (0x1)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LBTWlgn]
c:\program files\fichiers communs\logitech\bluetooth\LBTWlgn.dll 09/01/2008 13:30 72208 c:\Program Files\Fichiers communs\Logitech\Bluetooth\LBTWLgn.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
"Authentication Packages"= msv1_0 relog_ap

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup]
@=""

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bdx scan


[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{6be8d4c7-d1e7-11dc-8d3f-806d6172696f}]
AutoRun\command- D:\Autorun\Menu.exe


[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{D58F39FF-953E-4F45-898F-59F243B9A523}]
RUNDLL32 advpack.dll,LaunchINFSection Sidebar.inf,Register



-- End of Deckard's System Scanner: finished at 2008-05-12 08:39:40 ------------
Back to top
Bruce Lee
Administrateur

Offline

Joined: 15 Mar 2007
Posts: 1,398
Point(s): 0
Moyenne de points: 0.00
PostPosted: 14/05/2008 12:39:39    Post subject: Soucis de spyware Reply with quote
Bonjour Bolide19,

Fais un clic droit sur ce lien :
http://perso.orange.fr/il.mafioso/Navifix/Navilog1.zip
Enregistrer la cible (du lien) sous... et enregistre-le sur ton bureau.
Fais un clic droit sur navilog1.zip et choisis "tout extraire"
Ensuite double clique sur navilog1.exe pour lancer l'installation.
Une fois l'installation terminée, le fix s'exécutera automatiquement.
(Si ce n'est pas le cas, double-clique sur le raccourci Navilog1 présent sur le bureau).

Laisse-toi guider. Au menu principal, choisis 1 et valides.
(ne fais pas le choix 2,3 ou 4 sans notre avis/accord)

Patiente jusqu'au message :
*** Analyse Termine le ..... ***
Appuie sur une touche comme demandé, le blocnote va s'ouvrir.
Copie-colle l'intégralité dans une réponse. Referme le blocnote.
Le rapport est en outre sauvegardé à la racine du disque (fixnavi.txt)
_________________
ttt
Back to top
Display posts from previous:   
Post new topic   Reply to topic    Sécurité informatique Forum Index -> Sécurité informatique -> Désinfection All times are GMT + 2 Hours
Page 1 of 1

 
Réponse rapide:
Pseudo: 


    Smilies

 
Jump to:  

Index | Administration Panel | Free forum | Support forum | Forum directory | Legal notices | Report a violation
Powered by phpBB © 2001, 2005 phpBB Group
Guide Annuaire
référencement gratuit
•  référencement  •    positionnement    •  référencement manuel professionnel discount  •
annuaires et moteurs
Actimonde
annuaire francophone Actimonde.Partenaires Actimonde: Vacances Guide Immeo - Immobilier en France locations vacances particuliers annuaire locations saisonnieres Annuaire Vacances Annuaire Locations Particuliers
Annuaire Francophone
Annuaire ZVOON
Referencement grauit via l'annuaire francophone ZVOON.Nos partenaires: Immeo - Immobilier en France locations vacances particuliers annuaire locations saisonnieres Immobilier entre Particuliers Annuaire Locations Particuliers
fiche site sur annuaire
Annonces Gratuites
Nos partenaires: Immobilier Particuliers | Immobilier Annonces | Actipages | Annuaire francophone | Active Sites | Annuaire Locations Saisonnières
Annonces Particuliers