Votre question

Fenetres IE intempestives ******* A l'aide

Tags :
  • Sécurité
Dernière réponse : dans Sécurité et virus
28 Mai 2008 12:13:50

Bonjour
Depuis quelques jours, j'ai plein de fenetres qui s'ouvrent sous ie (Pub ou erreur HTTP 404) pendant que je suis en train de surfer.
Je suis sous Vista et j'ai bitdefender 2008 à jour.
J'ai fait des recherches mais je ne trouve rien pour régler mon probleme. Spybot à bien corriger quelque trucs mais ca n'a rien changé au fentetre qui s'ouvrent.
Si quelqu'un peut m'aider ?

Merci

Autres pages sur : fenetres intempestives aide

28 Mai 2008 19:29:49

Bonjour et Merci
Vola le rapport


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:26:19, on 28/05/2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\mobsync.exe
C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe
C:\Program Files\DigitalPersona\Bin\DPAgnt.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\Spamihilator\spamihilator.exe
C:\Windows\WindowsMobile\wmdc.exe
C:\Program Files\Logitech\SetPoint\LBTWiz.exe
C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe
C:\Program Files\Uniblue\SpyEraser\SpyEraser.exe
C:\Program Files\Siber Systems\AI RoboForm\robotaskbaricon.exe
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE
C:\Program Files\Windows Mail\WinMail.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.orange.fr/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: RoboForm - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2008\IEToolbar.dll
O3 - Toolbar: &RoboForm - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
O3 - Toolbar: Spb Wallet - {2913D3DD-9363-4C21-B205-C19A584A0674} - C:\Program Files\Spb Wallet\SpbWalletToolbar.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [BitDefender Antiphishing Helper] "C:\Program Files\BitDefender\BitDefender 2008\IEShow.exe"
O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe"
O4 - HKLM\..\Run: [DPAgnt] C:\Program Files\DigitalPersona\Bin\DPAgnt.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [Spamihilator] "C:\Program Files\Spamihilator\spamihilator.exe"
O4 - HKLM\..\Run: [Windows Mobile Device Center] %windir%\WindowsMobile\wmdc.exe
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [Bluetooth Connection Assistant] LBTWIZ.EXE -silent
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020
O4 - HKCU\..\Run: [Uniblue SpyEraser] "C:\Program Files\Uniblue\SpyEraser\SpyEraser.exe" -m
O4 - HKCU\..\Run: [RoboForm] "C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe"
O4 - HKCU\..\Run: [cmds] rundll32.exe C:\Users\Claude\AppData\Local\Temp\oPihhijH.dll,c
O4 - HKCU\..\Run: [68ceac1f] rundll32.exe "C:\Users\Claude\AppData\Local\Temp\ifikhmja.dll",b
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O8 - Extra context menu item: Barre RoboForm - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Enregistrer le formulaire - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O8 - Extra context menu item: Personnaliser le menu - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html
O8 - Extra context menu item: Remplir le formulaire - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra button: Remplir - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra 'Tools' menuitem: Remplir le formulaire - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra button: Enregistrer - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra 'Tools' menuitem: Enregistrer le formulaire - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra button: Barre RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O9 - Extra 'Tools' menuitem: Barre RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O13 - Gopher Prefix:
O16 - DPF: {82774781-8F4E-11D1-AB1C-0000F8773BF0} (DLC Class) - https://transfers.ds.microsoft.com/FTM/TransferSource/g...
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://fichiers.touslesdrivers.com/fichiers/hardwaredet...
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://sdlc-esd.sun.com/ESD39/JSCDL/jdk/6u5b/jinstall-6...
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
O20 - Winlogon Notify: DPWLN - C:\Windows\system32\DPWLEvHd.dll
O22 - SharedTaskScheduler: Windows DreamScene - {E31004D1-A431-41B8-826F-E902F9D95C81} - C:\Windows\System32\DreamScene.dll
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Biometric Authentication Service (DpHost) - DigitalPersona, Inc. - C:\Program Files\DigitalPersona\Bin\DpHost.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - BitDefender SRL - C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\Windows\system32\IoctlSvc.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S.R.L. - C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe
O23 - Service: BitDefender Communicator (XCOMM) - BitDefender - C:\Program Files\Common Files\BitDefender\BitDefender Communicator\xcommsvr.exe

--
End of file - 8995 bytes
Contenus similaires
a b 8 Sécurité
28 Mai 2008 19:32:52

Re,

[#ff0000]Désactive tes protections résidentes (antivirus, Spybot-S&D, etc.) ![/#f]

  • Télécharge ComboFix ([#ff0000]sUBs[/#f]) sur ton Bureau.
  • Double clique sur ComboFix.exe (le .exe n'est pas forcément visible) afin de le lancer.
  • Lorsque la recherche sera terminée, un rapport apparaîtra. Poste ce rapport (C:\combofix.txt*) dans ta prochaine réponse.

    AIDE : Un guide et un tutoriel sur l'utilisation de ComboFix
    * le nom de la partition peut changer
    28 Mai 2008 19:53:50

    Re,
    Rapport ComboFix

    ComboFix 08-05-27.4 - Claude 2008-05-28 19:43:15.1 - NTFSx86
    Microsoft® Windows Vista™ Édition Intégrale 6.0.6001.1.1252.1.1036.18.2051 [GMT 2:00]
    Endroit: C:\Users\Claude\Desktop\ComboFix.exe
    * Création d'un nouveau point de restauration
    * Resident AV is active

    .

    (((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
    .

    K:\copy.exe
    K:\Knight.exe

    .
    ((((((((((((((((((((((((((((( Fichiers cr‚‚s 2008-04-28 to 2008-05-28 ))))))))))))))))))))))))))))))))))))
    .

    2008-05-28 19:41 . 2008-05-28 19:42 <REP> d-------- C:\327882R2FWJFW
    2008-05-28 19:25 . 2008-05-28 19:25 <REP> d-------- C:\Program Files\Trend Micro
    2008-05-28 13:31 . 2008-03-08 04:08 4,240,384 --a------ C:\Windows\System32\GameUXLegacyGDFs.dll
    2008-05-28 13:31 . 2008-03-08 06:21 1,695,744 --a------ C:\Windows\System32\gameux.dll
    2008-05-28 07:25 . 2008-05-28 07:25 <REP> d-------- C:\Users\Claude\AppData\Roaming\Apple Computer
    2008-05-28 07:24 . 2008-05-28 07:24 <REP> d-------- C:\Program Files\Bonjour
    2008-05-28 07:23 . 2008-05-28 12:16 <REP> d-------- C:\Users\All Users\Apple Computer
    2008-05-28 07:23 . 2008-05-28 12:16 <REP> d-------- C:\ProgramData\Apple Computer
    2008-05-28 07:22 . 2008-05-28 07:22 <REP> d-------- C:\Users\All Users\Apple
    2008-05-28 07:22 . 2008-05-28 07:22 <REP> d-------- C:\ProgramData\Apple
    2008-05-27 19:59 . 2008-05-27 20:03 <REP> d-------- C:\Users\All Users\ma-config.com
    2008-05-27 19:59 . 2008-05-27 20:03 <REP> d-------- C:\ProgramData\ma-config.com
    2008-05-27 19:59 . 2008-05-27 20:00 <REP> d-------- C:\Program Files\ma-config.com
    2008-05-27 06:10 . 2008-05-28 19:21 <REP> d-------- C:\Users\All Users\Spybot - Search & Destroy
    2008-05-27 06:10 . 2008-05-28 19:21 <REP> d-------- C:\ProgramData\Spybot - Search & Destroy
    2008-05-27 06:10 . 2008-05-28 19:22 <REP> d-------- C:\Program Files\Spybot - Search & Destroy
    2008-05-24 18:43 . 2008-05-24 18:43 42 --a------ C:\Windows\System32\RegistryEasy.lie
    2008-05-24 18:35 . 2008-05-24 20:06 <REP> d-------- C:\Program Files\Registry Easy
    2008-05-13 03:53 . 2008-05-13 03:53 3,596,288 --a------ C:\Windows\System32\qt-dx331.dll
    2008-05-13 03:53 . 2008-05-13 03:53 524,288 --a------ C:\Windows\System32\DivXsm.exe
    2008-05-13 03:53 . 2008-05-13 03:53 9,878 --a------ C:\Windows\System32\dsm_fr.qm
    2008-05-13 03:53 . 2008-05-13 03:53 4,816 --a------ C:\Windows\System32\divxsm.tlb
    2008-05-13 03:51 . 2008-05-13 03:51 1,044,480 --a------ C:\Windows\System32\libdivx.dll
    2008-05-13 03:51 . 2008-05-13 03:51 200,704 --a------ C:\Windows\System32\ssldivx.dll
    2008-05-13 03:49 . 2008-05-13 03:49 630,784 --a------ C:\Windows\System32\divxdec.ax
    2008-05-13 03:49 . 2008-05-13 03:49 161,096 --a------ C:\Windows\System32\DivXCodecVersionChecker.exe
    2008-05-13 03:49 . 2008-05-13 03:49 12,288 --a------ C:\Windows\System32\DivXWMPExtType.dll
    2008-05-13 03:48 . 2008-05-13 03:48 8,835 --a------ C:\Windows\System32\dpufr.qm
    2008-05-08 09:49 . 2008-05-08 09:49 0 --a------ C:\Parrot_vcf.vcf
    2008-05-08 09:48 . 2007-01-09 11:19 311,296 --a------ C:\Windows\System32\Parrot_VCF Creator2.exe
    2008-05-07 14:25 . 2008-05-07 14:25 <REP> d-------- C:\Users\All Users\eMule
    2008-05-07 14:25 . 2008-05-07 14:25 <REP> d-------- C:\ProgramData\eMule
    2008-05-07 14:24 . 2008-05-07 14:24 <REP> d-------- C:\Users\Claude\AppData\Roaming\eMule
    2008-05-07 14:24 . 2008-05-07 14:24 <REP> d-------- C:\Program Files\eMule
    2008-05-07 07:43 . 2008-05-07 07:43 <REP> d-------- C:\Users\Claude\AppData\Roaming\DivX
    2008-05-05 23:23 . 2008-05-25 08:53 <REP> d-------- C:\Program Files\DivX
    2008-05-05 23:23 . 2008-05-05 23:23 <REP> d-------- C:\Program Files\Common Files\PX Storage Engine
    2008-05-01 14:35 . 2008-05-01 14:35 <REP> d-------- C:\Program Files\IDT
    2008-05-01 11:54 . 2008-05-01 11:54 <REP> d-------- C:\Program Files\Google

    .
    (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2008-05-28 17:29 --------- d-----w C:\Users\Claude\AppData\Roaming\Spamihilator
    2008-05-28 08:49 --------- d-----w C:\Users\Claude\AppData\Roaming\Azureus
    2008-05-27 18:08 --------- d-----w C:\Program Files\Windows Live
    2008-05-24 16:54 --------- d-----w C:\ProgramData\WLInstaller
    2008-05-24 06:13 --------- d-----w C:\Program Files\Common Files\BitDefender
    2008-05-23 04:47 --------- d-----w C:\Program Files\IncrediMail
    2008-05-14 01:02 --------- d-----w C:\ProgramData\Microsoft Help
    2008-05-14 01:02 --------- d-----w C:\Program Files\Windows Mail
    2008-05-07 04:58 --------- d-----w C:\Program Files\SKTools
    2008-05-02 00:40 84,496 ----a-w C:\Windows\System32\KemXML.dll
    2008-05-02 00:40 117,264 ----a-w C:\Windows\System32\KemWnd.dll
    2008-05-02 00:39 170,512 ----a-w C:\Windows\System32\kemutb.dll
    2008-05-02 00:39 145,936 ----a-w C:\Windows\System32\KemUtil.dll
    2008-05-02 00:38 301,656 ----a-w C:\Windows\System32\BtCoreIf.dll
    2008-05-01 12:40 356 ----a-w C:\Windows\system32\drivers\stwrte.log
    2008-04-30 04:59 --------- d-----w C:\Program Files\Spamihilator
    2008-04-29 14:35 --------- d-----w C:\Program Files\Azureus
    2008-04-21 17:57 665,088 ----a-w C:\Windows\System32\spsplib1.dll
    2008-04-14 05:17 --------- d-----w C:\Program Files\Windows Mobile 6 SDK
    2008-04-13 05:46 --------- d-----w C:\Program Files\MSDN
    2008-04-13 05:31 --------- d-----w C:\Program Files\Microsoft Visual Studio 9.0
    2008-04-13 05:31 --------- d-----w C:\Program Files\Business Objects
    2008-04-13 05:29 --------- d-----w C:\Program Files\Microsoft SQL Server
    2008-04-13 05:28 --------- d-----w C:\Program Files\Microsoft.NET
    2008-04-13 05:26 --------- d-----w C:\Program Files\Microsoft Device Emulator
    2008-04-13 05:24 --------- d-----w C:\Program Files\Windows Mobile 5.0 SDK R2
    2008-04-13 05:20 --------- d-----w C:\Program Files\Microsoft Synchronization Services
    2008-04-13 05:20 --------- d-----w C:\Program Files\Microsoft SQL Server Compact Edition
    2008-04-13 05:07 --------- d-----w C:\ProgramData\PreEmptive Solutions
    2008-04-13 05:07 --------- d-----w C:\Program Files\Common Files\Merge Modules
    2008-04-13 05:04 --------- d-----w C:\Program Files\MSBuild
    2008-04-13 05:04 --------- d-----w C:\Program Files\HTML Help Workshop
    2008-04-13 05:02 --------- d-----w C:\Program Files\Microsoft SDKs
    2008-04-13 05:02 --------- d-----w C:\Program Files\CE Remote Tools
    2008-04-13 05:00 --------- d-----w C:\Program Files\Microsoft Web Designer Tools
    2008-04-12 13:20 --------- d-----w C:\ProgramData\Uniblue
    2008-04-12 13:17 --------- d-----w C:\Users\Claude\AppData\Roaming\Uniblue
    2008-04-12 13:17 --------- d-----w C:\Program Files\Uniblue
    2008-04-11 15:23 38,400 ----a-w C:\Windows\System32\SoundSchemes.exe
    2008-04-11 04:20 --------- d-----w C:\Program Files\Microsoft Silverlight
    2008-04-05 12:36 --------- d-----w C:\ProgramData\Downloaded Installations
    2008-04-05 12:35 --------- d-----w C:\Program Files\Spb Wallet
    2008-03-12 20:21 678,408 ----a-w C:\Windows\System32\gpprefcl.dll
    2008-03-08 04:19 540,672 ----a-w C:\Windows\AppPatch\AcLayers.dll
    2008-03-08 04:19 458,752 ----a-w C:\Windows\AppPatch\AcSpecfc.dll
    2008-03-08 04:19 2,153,984 ----a-w C:\Windows\AppPatch\AcGenral.dll
    2008-03-08 04:19 173,056 ----a-w C:\Windows\AppPatch\AcXtrnal.dll
    2008-03-08 01:58 2,560 ----a-w C:\Windows\AppPatch\AcRes.dll
    2008-02-29 07:14 19,000 ----a-w C:\Windows\System32\kd1394.dll
    2008-02-29 07:11 988,216 ----a-w C:\Windows\System32\winload.exe
    2008-02-29 07:11 927,288 ----a-w C:\Windows\System32\winresume.exe
    2008-02-29 06:53 46,592 ----a-w C:\Windows\System32\setbcdlocale.dll
    2008-02-29 06:53 40,960 ----a-w C:\Windows\System32\srclient.dll
    2008-02-29 06:53 378,368 ----a-w C:\Windows\System32\srcore.dll
    2008-02-29 06:35 6,656 ----a-w C:\Windows\System32\kbd106n.dll
    2008-02-29 04:21 2,032,128 ----a-w C:\Windows\System32\win32k.sys
    2008-02-29 04:12 318,464 ----a-w C:\Windows\System32\rstrui.exe
    2008-02-29 04:12 14,848 ----a-w C:\Windows\System32\srdelayed.exe
    2008-02-29 01:12 76,304 ----a-w C:\Windows\KHALMNPR.Exe
    2008-02-28 16:38 972,072 ----a-w C:\Windows\UNNeroMediaHome.exe
    2008-01-21 02:41 174 --sha-w C:\Program Files\desktop.ini
    .

    ------- Sigcheck -------

    .
    ((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    REGEDIT4
    *Note* les ‚l‚ments vides & les ‚l‚ments initiaux l‚gitimes ne sont pas list‚s

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
    "{2913D3DD-9363-4C21-B205-C19A584A0674}"= "C:\Program Files\Spb Wallet\SpbWalletToolbar.dll" [2008-02-28 18:15 89088]

    [HKEY_CLASSES_ROOT\clsid\{2913d3dd-9363-4c21-b205-c19a584a0674}]
    [HKEY_CLASSES_ROOT\SpbWalletToolbar.WalletToolbar.1]
    [HKEY_CLASSES_ROOT\TypeLib\{48210861-28ED-416C-A316-5906D5FC6698}]
    [HKEY_CLASSES_ROOT\SpbWalletToolbar.WalletToolbar]

    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
    "{2913D3DD-9363-4C21-B205-C19A584A0674}"= C:\Program Files\Spb Wallet\SpbWalletToolbar.dll [2008-02-28 18:15 89088]

    [HKEY_CLASSES_ROOT\clsid\{2913d3dd-9363-4c21-b205-c19a584a0674}]
    [HKEY_CLASSES_ROOT\SpbWalletToolbar.WalletToolbar.1]
    [HKEY_CLASSES_ROOT\TypeLib\{48210861-28ED-416C-A316-5906D5FC6698}]
    [HKEY_CLASSES_ROOT\SpbWalletToolbar.WalletToolbar]

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe" [2008-01-21 04:21 1233920]
    "IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" [2008-02-28 18:07 1828136]
    "Uniblue SpyEraser"="C:\Program Files\Uniblue\SpyEraser\SpyEraser.exe" [2008-04-02 09:50 1424648]
    "RoboForm"="C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe" [2008-05-25 06:16 160592]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "BitDefender Antiphishing Helper"="C:\Program Files\BitDefender\BitDefender 2008\IEShow.exe" [2007-10-09 15:46 61440]
    "BDAgent"="C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe" [2008-02-16 17:45 360448]
    "DPAgnt"="C:\Program Files\DigitalPersona\Bin\DPAgnt.exe" [2006-10-09 17:27 807440]
    "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 05:25 144784]
    "Spamihilator"="C:\Program Files\Spamihilator\spamihilator.exe" [2008-04-21 20:00 1081856]
    "Windows Mobile Device Center"="%windir%\WindowsMobile\wmdc.exe" [ ]
    "Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2008-02-29 03:12 76304 C:\Windows\KHALMNPR.Exe]
    "Bluetooth Connection Assistant"="LBTWIZ.exe" []
    "NBKeyScan"="C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [2008-02-18 17:29 2221352]
    "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 23:16 39792]

    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\
    Logitech SetPoint.lnk - C:\Program Files\Logitech\SetPoint\SetPoint.exe [2008-03-17 08:06:55 805392]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
    "EnableUIADesktopToggle"= 0 (0x0)

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
    "NoSecCPL"= 0 (0x0)
    "NoDevMgrPage"= 0 (0x0)
    "NoConfigPage"= 0 (0x0)
    "NoVirtMemPage"= 0 (0x0)
    "NoFileSysPage"= 0 (0x0)
    "NoNetSetup"= 0 (0x0)
    "NoNetSetupIDPage"= 0 (0x0)
    "NoNetSetupSecurityPage"= 0 (0x0)
    "NoWorkgroupContents"= 0 (0x0)
    "NoEntireNetwork"= 0 (0x0)
    "NoFileSharingControl"= 0 (0x0)

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
    "RestrictRun"= 0 (0x0)

    [HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
    "NoRun"= 0 (0x0)
    "NoLogOff"= 0 (0x0)
    "NoFind"= 0 (0x0)
    "NoClose"= 0 (0x0)
    "NoSetFolders"= 0 (0x0)
    "NoFavoritesMenu"= 0 (0x0)

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\DPWLN ]
    C:\Windows\system32\DPWLEvHd.dll 2006-10-09 17:27 99856 C:\Windows\System32\DPWLEvHd.dll

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
    "{36B22FE0-AA20-4194-9CE7-07C2C83AB6F0}"= TCP:6004|C:\Program Files\Microsoft Office\Office12\outlook.exe:Microsoft Office Outlook
    "{1CD6A8FF-5DBB-4849-9E4E-A891329A52B4}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
    "TCP Query User{AB14D5AD-42DA-45CF-B193-E38424476659}C:\\program files\\spamihilator\\dccproc.exe"= UDP:C:\program files\spamihilator\dccproc.exe:D ccproc
    "UDP Query User{DEE58979-D857-4B63-B0B6-96AF66446631}C:\\program files\\spamihilator\\dccproc.exe"= TCP:C:\program files\spamihilator\dccproc.exe:D ccproc
    "TCP Query User{4AD1A45E-E787-48E2-BEED-E56C4748A549}C:\\program files\\azureus\\azureus.exe"= UDP:C:\program files\azureus\azureus.exe:Azureus
    "UDP Query User{C8E96F0B-3FC9-48B9-ACE3-C700954E3816}C:\\program files\\azureus\\azureus.exe"= TCP:C:\program files\azureus\azureus.exe:Azureus
    "TCP Query User{AC8E494E-A68D-48E7-9FBE-23F254F0CCBC}E:\\setup.exe"= UDP:E:\setup.exe:Setup
    "UDP Query User{A149F429-30E1-436E-A15D-117249A96AAB}E:\\setup.exe"= TCP:E:\setup.exe:Setup
    "TCP Query User{FF2F6654-8E39-4860-92AA-E31EB82916E6}C:\\program files\\internet explorer\\iexplore.exe"= UDP:C:\program files\internet explorer\iexplore.exe:Internet Explorer
    "UDP Query User{51098BFF-E436-4BE2-8FEC-4BC70F5E3C78}C:\\program files\\internet explorer\\iexplore.exe"= TCP:C:\program files\internet explorer\iexplore.exe:Internet Explorer
    "TCP Query User{906AA6EB-6364-4C64-BECB-C9795F3C674B}C:\\program files\\common files\\nero\\nero web\\setupx.exe"= UDP:C:\program files\common files\nero\nero web\setupx.exe:Nero Installer
    "UDP Query User{2A4ADA7A-912E-4DF5-B81D-1857E17311FC}C:\\program files\\common files\\nero\\nero web\\setupx.exe"= TCP:C:\program files\common files\nero\nero web\setupx.exe:Nero Installer
    "TCP Query User{E065D156-C3D4-4AC3-903F-39E9571BE6A2}C:\\program files\\emule\\emule.exe"= UDP:C:\program files\emule\emule.exe:eMule
    "UDP Query User{A7263539-7D86-451A-8F35-80404BC54805}C:\\program files\\emule\\emule.exe"= TCP:C:\program files\emule\emule.exe:eMule
    "{3461DFEA-626E-4731-AD08-B355C05039B9}"= Disabled:UDP:C:\Program Files\IncrediMail\bin\ImApp.exe:IncrediMail
    "{93372B54-4028-4903-94EE-20645E03E360}"= Disabled:TCP:C:\Program Files\IncrediMail\bin\ImApp.exe:IncrediMail
    "{C13DAF29-6D16-471F-902C-55AD51DA0D16}"= Disabled:UDP:C:\Program Files\IncrediMail\bin\IncMail.exe:IncrediMail
    "{7C918EF8-2AF4-4859-9BEA-6FA85348D41B}"= Disabled:TCP:C:\Program Files\IncrediMail\bin\IncMail.exe:IncrediMail
    "{7EB01AF9-23E2-42C3-A498-1286665DF2FC}"= Disabled:UDP:C:\Program Files\IncrediMail\bin\ImpCnt.exe:IncrediMail
    "{CD6DE409-1A70-45DE-8035-9C5A9A46D6F5}"= Disabled:TCP:C:\Program Files\IncrediMail\bin\ImpCnt.exe:IncrediMail
    "{8DFA1368-C99C-42D6-8543-76698AEB2941}"= UDP:48113:LocalSubnet:LocalSubnet:maconfig_tcp
    "{47B34D3C-9273-4CEC-9518-C63681C7C223}"= TCP:48113:LocalSubnet:LocalSubnet:maconfig_udp
    "{44750A97-0204-4B1C-ACA7-6E6683DAE361}"= UDP:C:\Program Files\ma-config.com\maconfservice.exe:maconfservice
    "{28D6E366-DA73-4D77-BEA1-5F0A75C9450C}"= TCP:C:\Program Files\ma-config.com\maconfservice.exe:maconfservice
    "{C97557F3-E5AC-40CF-BCA5-5F3249A21F23}"= UDP:C:\Program Files\Bonjour\mDNSResponder.exe:Bonjour
    "{3BDFEBF7-2DD0-412C-B793-D18FB6967FAF}"= TCP:C:\Program Files\Bonjour\mDNSResponder.exe:Bonjour

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\PublicProfile]
    "EnableFirewall"= 0 (0x0)

    R2 RapiMgr;Windows Mobile-based device connectivity;C:\Windows\system32\svchost.exe [2008-01-21 04:21]
    R2 WcesComm;Windows Mobile-2003-based device connectivity;C:\Windows\system32\svchost.exe [2008-01-21 04:21]
    R3 dpK0Bx01;Pilote supérieur de lecteur d'empreintes digitales;C:\Windows\system32\DRIVERS\dpK0Bx01.sys [2006-09-16 18:25]
    R3 R300;R300;C:\Windows\system32\DRIVERS\atikmdag.sys [2006-11-02 09:36]
    R3 usbdpfp;Pilote de classe Lecteur d'empreintes digitales;C:\Windows\system32\DRIVERS\usbdpfp.sys [2006-09-16 18:23]
    R3 xpvcom;XPVCOM Port;C:\Windows\system32\Drivers\xpvcom.sys [2007-03-23 02:00]
    S3 maconfservice;Ma-Config Service;"C:\Program Files\ma-config.com\maconfservice.exe" [2008-05-23 18:37]
    S4 ErrDev;Microsoft Hardware Error Device Driver;C:\Windows\system32\drivers\errdev.sys [2008-01-21 04:21]
    S4 MegaSR;MegaSR;C:\Windows\system32\drivers\megasr.sys [2008-01-21 04:21]
    S4 msvsmon90;Visual Studio 2008 Remote Debugger;"c:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\Remote Debugger\x86\msvsmon.exe" /service msvsmon90 []

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
    bdx REG_MULTI_SZ scan
    bthsvcs REG_MULTI_SZ BthServ
    WindowsMobile REG_MULTI_SZ wcescomm rapimgr
    LocalServiceRestricted REG_MULTI_SZ WcesComm RapiMgr
    GPSvcGroup REG_MULTI_SZ GPSvc


    [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{7070D8E0-650A-46b3-B03C-9497582E6A74}]
    %SystemRoot%\system32\soundschemes.exe /AddRegistration
    .
    Contenu du dossier 'Scheduled Tasks/Tƒches planifi‚es'
    "2008-04-12 13:21:59 C:\Windows\Tasks\Uniblue SpyEraser.job"
    - C:\Program Files\Uniblue\SpyEraser\SpyEraser.exe
    .
    **************************************************************************

    catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2008-05-28 19:47:47
    Windows 6.0.6001 Service Pack 1 NTFS

    Balayage processus cach‚s ...

    Balayage cach‚ autostart entries ...

    Balayage des fichiers cach‚s ...

    Scan termin‚ avec succŠs
    Les fichiers cach‚s: 0

    **************************************************************************
    .
    ------------------------ Other Running Processes ------------------------
    .
    C:\Windows\System32\audiodg.exe
    C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\Program Files\DigitalPersona\Bin\DpHost.exe
    C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
    C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
    C:\Windows\System32\IoctlSvc.exe
    C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
    C:\Program Files\Common Files\BitDefender\BitDefender Communicator\xcommsvr.exe
    C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe
    C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe
    C:\Windows\System32\WUDFHost.exe
    C:\Windows\WindowsMobile\wmdc.exe
    C:\Program Files\Logitech\SetPoint\LBTWiz.exe
    C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.exe
    C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
    C:\Program Files\Windows Mail\WinMail.exe
    C:\Windows\System32\wbem\WMIADAP.exe
    .
    **************************************************************************
    .
    Temps d'accomplissement: 2008-05-28 19:51:51 - machine was rebooted
    ComboFix-quarantined-files.txt 2008-05-28 17:51:38

    Pre-Run: 114,944,016,384 octets libres
    Post-Run: 114,687,832,064 octets libres

    269 --- E O F --- 2008-05-28 13:47:25
    a b 8 Sécurité
    28 Mai 2008 20:47:38

    Re,

    Télécharge MalwareByte's Anti-Malware sur ton Bureau.
    Installe-le en double-cliquant sur le fichier Download_mbam-setup.exe.

    Une fois l'installation et la mise à jour effectuées, redémarre en mode sans échec.
    AIDE : Redémarrer en mode sans échec

  • Exécute maintenant MalwareByte's Anti-Malware. Si cela n'est pas déjà fait, sélectionne "Exécuter un examen complet".
  • Afin de lancer la recherche, clic sur"Rechercher".
  • Une fois le scan terminé, une fenêtre s'ouvre, clic sur OK. Deux possibilités s'offrent à toi :
    -- si le programme n'a rien trouvé, appuie sur OK. Un rapport va apparaître, ferme-le.
    -- si des infections sont présentes, clic sur "Afficher les résultats" puis sur "Supprimer la sélection". Enregistre le rapport sur ton Bureau afin de le poster dans ta prochaine réponse.
    [#ff0000]REMARQUE : Si MalwareByte's Anti-Malware a besoin de redémarrer pour terminer la suppression, accepte en cliquant sur Ok.[/#f]

    AIDE : Tuto en images sur MBAM
    29 Mai 2008 06:25:22

    Bonjour

    Rapport MalwareByte's

    Malwarebytes' Anti-Malware 1.12
    Version de la base de données: 796

    Type de recherche: Examen complet (C:\|D:\|J:\|)
    Eléments examinés: 174510
    Temps écoulé: 28 minute(s), 23 second(s)

    Processus mémoire infecté(s): 0
    Module(s) mémoire infecté(s): 0
    Clé(s) du Registre infectée(s): 1
    Valeur(s) du Registre infectée(s): 11
    Elément(s) de données du Registre infecté(s): 0
    Dossier(s) infecté(s): 0
    Fichier(s) infecté(s): 0

    Processus mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Module(s) mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Clé(s) du Registre infectée(s):
    HKEY_CURRENT_USER\Software\Microsoft\affri (Malware.Trace) -> Quarantined and deleted successfully.

    Valeur(s) du Registre infectée(s):
    HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_ShowControlPanel (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\StartMenuAdminTools (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_ShowRun (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_ShowNetPlaces (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_ShowHelp (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\StartMenuFavorites (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_ShowMyDocs (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_ShowMyPics (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_ShowMyComputer (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_ShowMyMusic (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoDrives (Trojan.FakeAlert) -> Quarantined and deleted successfully.

    Elément(s) de données du Registre infecté(s):
    (Aucun élément nuisible détecté)

    Dossier(s) infecté(s):
    (Aucun élément nuisible détecté)

    Fichier(s) infecté(s):
    (Aucun élément nuisible détecté)
    29 Mai 2008 11:21:35

    Bonjour

    Le problème semble résolu. Plus de fenetres intempestives depuis ce matin.

    MERCI POUR TES CONSEILS
    a b 8 Sécurité
    29 Mai 2008 13:27:07

    Reposte un rapport Hijackthis.
    29 Mai 2008 19:48:13

    Bonsoir
    Comme demandé, rapport Hijackthis

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 19:44:58, on 29/05/2008
    Platform: Windows Vista SP1 (WinNT 6.00.1905)
    MSIE: Internet Explorer v7.00 (7.00.6001.18000)
    Boot mode: Normal

    Running processes:
    C:\Windows\system32\taskeng.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Windows\System32\mobsync.exe
    C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe
    C:\Program Files\DigitalPersona\Bin\DPAgnt.exe
    C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
    C:\Program Files\Spamihilator\spamihilator.exe
    C:\Windows\WindowsMobile\wmdc.exe
    C:\Program Files\Logitech\SetPoint\LBTWiz.exe
    C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
    C:\Program Files\Windows Sidebar\sidebar.exe
    C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe
    C:\Program Files\Uniblue\SpyEraser\SpyEraser.exe
    C:\Program Files\Siber Systems\AI RoboForm\robotaskbaricon.exe
    C:\Program Files\Logitech\SetPoint\SetPoint.exe
    C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE
    C:\Program Files\Windows Mail\WinMail.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.orange.fr/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: RoboForm - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2008\IEToolbar.dll
    O3 - Toolbar: &RoboForm - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
    O3 - Toolbar: Spb Wallet - {2913D3DD-9363-4C21-B205-C19A584A0674} - C:\Program Files\Spb Wallet\SpbWalletToolbar.dll
    O4 - HKLM\..\Run: [BitDefender Antiphishing Helper] "C:\Program Files\BitDefender\BitDefender 2008\IEShow.exe"
    O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe"
    O4 - HKLM\..\Run: [DPAgnt] C:\Program Files\DigitalPersona\Bin\DPAgnt.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
    O4 - HKLM\..\Run: [Spamihilator] "C:\Program Files\Spamihilator\spamihilator.exe"
    O4 - HKLM\..\Run: [Windows Mobile Device Center] %windir%\WindowsMobile\wmdc.exe
    O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
    O4 - HKLM\..\Run: [Bluetooth Connection Assistant] LBTWIZ.EXE -silent
    O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
    O4 - HKCU\..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020
    O4 - HKCU\..\Run: [Uniblue SpyEraser] "C:\Program Files\Uniblue\SpyEraser\SpyEraser.exe" -m
    O4 - HKCU\..\Run: [RoboForm] "C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe"
    O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
    O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
    O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
    O8 - Extra context menu item: Barre RoboForm - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
    O8 - Extra context menu item: Enregistrer le formulaire - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
    O8 - Extra context menu item: Personnaliser le menu - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html
    O8 - Extra context menu item: Remplir le formulaire - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
    O9 - Extra button: Remplir - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
    O9 - Extra 'Tools' menuitem: Remplir le formulaire - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
    O9 - Extra button: Enregistrer - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
    O9 - Extra 'Tools' menuitem: Enregistrer le formulaire - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
    O9 - Extra button: Barre RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
    O9 - Extra 'Tools' menuitem: Barre RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
    O13 - Gopher Prefix:
    O16 - DPF: {82774781-8F4E-11D1-AB1C-0000F8773BF0} (DLC Class) - https://transfers.ds.microsoft.com/FTM/TransferSource/g...
    O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://fichiers.touslesdrivers.com/fichiers/hardwaredet...
    O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://sdlc-esd.sun.com/ESD39/JSCDL/jdk/6u5b/jinstall-6...
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
    O20 - Winlogon Notify: DPWLN - C:\Windows\system32\DPWLEvHd.dll
    O22 - SharedTaskScheduler: Windows DreamScene - {E31004D1-A431-41B8-826F-E902F9D95C81} - C:\Windows\System32\DreamScene.dll
    O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: Biometric Authentication Service (DpHost) - DigitalPersona, Inc. - C:\Program Files\DigitalPersona\Bin\DpHost.exe
    O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe
    O23 - Service: BitDefender Desktop Update Service (LIVESRV) - BitDefender SRL - C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe
    O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
    O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
    O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
    O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\Windows\system32\IoctlSvc.exe
    O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S.R.L. - C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe
    O23 - Service: BitDefender Communicator (XCOMM) - BitDefender - C:\Program Files\Common Files\BitDefender\BitDefender Communicator\xcommsvr.exe

    --
    End of file - 8652 bytes
    a b 8 Sécurité
    30 Mai 2008 21:30:20

    Encore des soucis ?
    31 Mai 2008 04:53:11

    Bonjour

    Non plus de soucis

    Un grand merci à toi
    a b 8 Sécurité
    31 Mai 2008 12:09:35

    Bon surf :) 
    Tom's guide dans le monde
    • Allemagne
    • Italie
    • Irlande
    • Royaume Uni
    • Etats Unis
    Suivre Tom's Guide
    Inscrivez-vous à la Newsletter
    • ajouter à twitter
    • ajouter à facebook
    • ajouter un flux RSS