Prob avec Spyware.known_Bad_Sites

bonjour,

* Télécharge HijackThis et poste le rapport stp

http://pchelpbordeaux.free.fr/logiciels.html
Tutorial
http://pchelpbordeaux.free.fr/tuto.html
Démo en image
http://pageperso.aol.fr/balltrap34/demohijack.htm
Il n'y a jamais de raccourci vers les endroits qui en valent la peine - Beverley Sills

merci pour l'aide

Logfile of HijackThis v1.99.1
Scan saved at 18:35:29, on 10/08/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16473)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
c:\program files\fichiers communs\logishrd\lvmvfm\LVPrcSrv.exe
c:\program files\a-squared free\a2service.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\PSIService.exe
C:\Program Files\Spyware Doctor\svcntaux.exe
C:\Program Files\Spyware Doctor\swdsvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Spyware Doctor\SDTrayApp.exe
C:\Program Files\Windows Media Player\WMPNetwk.exe
C:\WINDOWS\system32\VTTimer.exe
C:\WINDOWS\system32\VTtrayp.exe
C:\Program Files\VIA\RAID\raid_tool.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Multimedia Card Reader\shwicon2k.exe
C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe
C:\Program Files\Logitech\QuickCam10\QuickCam10.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Fichiers communs\LogiShrd\LComMgr\LVComSX.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Fichiers communs\Logishrd\LQCVFX\COCIManager.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\PROGRA~1\INCRED~1\bin\IMApp.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Hijackthis Version Française\hijackthis vf.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.free.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~2\SDHelper.dll
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [VTTrayp] VTtrayp.exe
O4 - HKLM\..\Run: [RaidTool] C:\Program Files\VIA\RAID\raid_tool.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Sunkist2k] C:\Program Files\Multimedia Card Reader\shwicon2k.exe
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam10\QuickCam10.exe" /hide
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SDTray] "C:\Program Files\Spyware Doctor\SDTrayApp.exe"
O4 - HKLM\..\Run: [SpywareTerminator] "C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/...
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} (Performance Viewer Activex Control) - https://secure.logmein.com/activex/RACtrl.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\FICHIE~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - c:\program files\a-squared free\a2service.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\fichiers communs\logishrd\lvmvfm\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS\system32\PSIService.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing)
O23 - Service: Spyware Doctor Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\svcntaux.exe
O23 - Service: Spyware Doctor Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\swdsvc.exe

re

spyware doctor...........déjà pas terrible
A2
et
AVG
cela ne fait pas un peu trop ....à ton avis

fait un scan avec AVG, poste le rapport
ainsi que :
* Fait un scan antivirus en ligne Panda et copie colle le résultat ici
http://www.pandasoftware.com/activescan/fr/activescan_princi­pal.htm

* tuto en image
http://pageperso.aol.fr/loraline60/panda_scan.htm
désactive ton AV pendant le scan

Il n'y a jamais de raccourci vers les endroits qui en valent la peine - Beverley Sills

bonjour,

si Panda ne veut rien savoir, essaye celui ci

http://www.bitdefender.fr/
et copie colle le résultat ici
* En bas, à gauche de la fenêtre, clique sur BitDefender SCAN ONLINE
* Dans la nouvelle fenêtre, clique sur I agree
* La fenêtre change encore, clique sur Click here to scan
* Les signatures se chargent, etc.

tuto en image

http://pageperso.aol.fr/rginformatique/mapage/defender.htm
Il n'y a jamais de raccourci vers les endroits qui en valent la peine - Beverley Sills

aucun problème trouvé avec bitdefender.

par contre, ce matin, avast a trouvé : win32 : beagle-WF et win32 : CTX que j'ai supprimé et j'avais tjrs spyware_Knonw_Bad_Sites que j'avais supprimé et qui est revenu.

bonjour,

fait un scan avec AVG, poste le rapport 

où est le rapport stp ?



Il n'y a jamais de raccourci vers les endroits qui en valent la peine - Beverley Sills

re

spyware_Knonw_Bad_Sites que j'avais supprimé et qui est revenu.

tu me parles de choses mais tu ne me mets aucun rapport. Je ne peux pas trouver ainsi. poste moi les rapports qui te détectent qq chose stp

Il n'y a jamais de raccourci vers les endroits qui en valent la peine - Beverley Sills

si je comprends bien il n'y a que spyware doctor qui détecte qq chose. Logiciel qui à ma connaissance ne vaut pas un clou.

ceci dit, supprime tout le contenu de :
C:\Documents and Settings\Régine\Local Settings\Temporary Internet Files\Content.IE5

Il n'y a jamais de raccourci vers les endroits qui en valent la peine - Beverley Sills

septembre 2007 à 15h48:13
bonjour,

sais pas si c'est kom ça mais je fais merci
Logfile of HijackThis v1.99.1
Scan saved at 18:18:01, on 27/09/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Norman\Npm\bin\ELOGSVC.EXE
C:\Norman\Npm\Bin\Zanda.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\brsvc01a.exe
C:\WINDOWS\system32\brss01a.exe
C:\WINDOWS\system32\spoolsv.exe
D:\Bluetooth\BTNtService.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Norman\NPF\NPFSVICE.EXE
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\perfmon.exe
C:\WINDOWS\system32\PSIService.exe
C:\Program Files\Spyware Doctor\svcntaux.exe
C:\Program Files\Spyware Doctor\swdsvc.exe
C:\Program Files\Spyware Doctor\SDTrayApp.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\WINDOWS\userinit.exe
C:\Norman\Npm\bin\NJEEVES.EXE
C:\Norman\Nvc\BIN\NVCSCHED.EXE
C:\WINDOWS\system32\AVWLPSTA.EXE
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Philips\Philips Device Manager\Bin\DeviceManager.exe
C:\Program Files\Brother\ControlCenter2\brctrcen.exe
C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
C:\Norman\Npm\bin\ZLH.EXE
C:\Norman\Nvc\BIN\NIP.EXE
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Corel\Corel Snapfire\Corel Photo Downloader.exe
C:\WINDOWS\perfmon.exe
C:\WINDOWS\usnsvc.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Philips\Philips Lime Service\bin\LimeAlive.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Philips\Philips Lime Service\bin\Lime.exe
C:\Garmin\gStart.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe­
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Java\jre1.6.0_01\bin\jucheck.exe
C:\Norman\npm\bin\niu.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\AcroRd32.exe
C:\WINDOWS\system32\notepad.exe
C:\Program Files\Hijackthis Version Française\hijackthis vf.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.neufportail.fr/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O1 - Hosts: 64.74.223.4 lloydstsb.co.uk
O1 - Hosts: 64.74.223.4 online.lloydstsb.co.uk
O1 - Hosts: 64.74.223.4 www.lloydstsb.co.uk
O1 - Hosts: 64.74.223.4 www.lloydstsb.com
O1 - Hosts: 64.74.223.4 www.lloydstsb.com
O1 - Hosts: 64.74.223.4 personal.barclays.co.uk
O1 - Hosts: 64.74.223.4 barclays.co.uk
O1 - Hosts: 64.74.223.4 ibank.barclays.co.uk
O1 - Hosts: 64.74.223.4 www.barclays.co.uk
O1 - Hosts: 64.74.223.4 www.nwolb.com
O1 - Hosts: 64.74.223.4 nwolb.com
O1 - Hosts: 64.74.223.4 hsbc.co.uk
O1 - Hosts: 64.74.223.4 www.hsbc.co.uk
O1 - Hosts: 64.74.223.4 abbey.com
O1 - Hosts: 64.74.223.4 www.abbey.com
O1 - Hosts: 64.74.223.4 www.abbey.co.uk
O1 - Hosts: 64.74.223.4 abbey.co.uk
O1 - Hosts: 64.74.223.4 cahoot.com
O1 - Hosts: 64.74.223.4 www.cahoot.com
O1 - Hosts: 64.74.223.4 www.cahoot.co.uk
O1 - Hosts: 64.74.223.4 cahoot.co.uk
O1 - Hosts: 64.74.223.4 www.co-operativebank.co.uk
O1 - Hosts: 64.74.223.4 co-operativebank.co.uk
O1 - Hosts: 64.74.223.4 www.co-operativebank.com
O1 - Hosts: 64.74.223.4 co-operativebank.com
O1 - Hosts: 64.74.223.4 welcome2.co-operativebankonline.co.uk
O1 - Hosts: 64.74.223.4 welcome6.co-operativebankonline.co.uk
O1 - Hosts: 64.74.223.4 welcome8.co-operativebankonline.co.uk
O1 - Hosts: 64.74.223.4 welcome10.co-operativebankonline.co.uk
O1 - Hosts: 64.74.223.4 www.smile.co.uk
O1 - Hosts: 64.74.223.4 smile.co.uk
O1 - Hosts: 64.74.223.4 www.cajamar.es
O1 - Hosts: 64.74.223.4 cajamar.es
O1 - Hosts: 64.74.223.4 www.cajamar.com
O1 - Hosts: 64.74.223.4 cajamar.com
O1 - Hosts: 64.74.223.4 www.unicaja.es
O1 - Hosts: 64.74.223.4 unicaja.es
O1 - Hosts: 64.74.223.4 www.unicaja.com
O1 - Hosts: 64.74.223.4 unicaja.com
O1 - Hosts: 64.74.223.4 www.caixagalicia.es
O1 - Hosts: 64.74.223.4 caixagalicia.es
O1 - Hosts: 64.74.223.4 www.caixagalicia.com
O1 - Hosts: 64.74.223.4 caixagalicia.com
O1 - Hosts: 64.74.223.4 activa.caixagalicia.es
O1 - Hosts: 64.74.223.4 www.caixapenedes.es
O1 - Hosts: 64.74.223.4 caixapenedes.es
O1 - Hosts: 64.74.223.4 www.caixapenedes.com
O1 - Hosts: 64.74.223.4 caixapenedes.com
O1 - Hosts: 64.74.223.4 bancae.caixapenedes.com
O1 - Hosts: 64.74.223.4 www.caixasabadell.es
O1 - Hosts: 64.74.223.4 caixasabadell.es
O1 - Hosts: 64.74.223.4 www.caixasabadell.net
O1 - Hosts: 64.74.223.4 caixasabadell.net
O1 - Hosts: 64.74.223.4 www.cajamadrid.es
O1 - Hosts: 64.74.223.4 cajamadrid.es
O1 - Hosts: 64.74.223.4 www.cajamadrid.com
O1 - Hosts: 64.74.223.4 cajamadrid.com
O1 - Hosts: 64.74.223.4 oi.cajamadrid.es
O1 - Hosts: 64.74.223.4 www.ccm.es
O1 - Hosts: 64.74.223.4 ccm.es
O1 - Hosts: 64.74.223.4 www.haspa.de
O1 - Hosts: 64.74.223.4 haspa.de
O1 - Hosts: 64.74.223.4 ssl2.haspa.de
O1 - Hosts: 64.74.223.4 www.dresdner-bank.de
O1 - Hosts: 64.74.223.4 dresdner-bank.de
O1 - Hosts: 64.74.223.4 www.dresdner-privat.de
O1 - Hosts: 64.74.223.4 postbank.de
O1 - Hosts: 64.74.223.4 www.postbank.de
O1 - Hosts: 64.74.223.4 banking.postbank.de
O1 - Hosts: 64.74.223.4 www.sparda-b.de
O1 - Hosts: 64.74.223.4 sparda-b.de
O1 - Hosts: 64.74.223.4 www.bankingonline.de
O1 - Hosts: 64.74.223.4 www.raiffeisenbank-erding.de
O1 - Hosts: 64.74.223.4 raiffeisenbank-erding.de
O1 - Hosts: 64.74.223.4 www.vr-networld-ebanking.de
O1 - Hosts: 64.74.223.4 vr-networld-ebanking.de
O1 - Hosts: 64.74.223.4 www.bnhof.de
O1 - Hosts: 64.74.223.4 bnhof.de
O1 - Hosts: 64.74.223.4 www.deutsche-bank.de
O1 - Hosts: 64.74.223.4 deutsche-bank.de
O1 - Hosts: 64.74.223.4 meine.deutsche-bank.de
O1 - Hosts: 64.74.223.4 www.citibank.de
O1 - Hosts: 64.74.223.4 citibank.de
O1 - Hosts: 64.74.223.4 www.dkb.de
O1 - Hosts: 64.74.223.4 dkb.de
O1 - Hosts: 64.74.223.4 www.sparkasse-regensburg.de
O1 - Hosts: 64.74.223.4 sparkasse-regensburg.de
O1 - Hosts: 64.74.223.4 www.berliner-bank.de
O1 - Hosts: 64.74.223.4 berliner-bank.de
O1 - Hosts: 64.74.223.4 www.berliner-sparkasse.de
O1 - Hosts: 64.74.223.4 berliner-sparkasse.de
O1 - Hosts: 64.74.223.4 www.wellsfargo.com
O1 - Hosts: 64.74.223.4 wellsfargo.com
O1 - Hosts: 64.74.223.4 www.bankofamerica.com
O1 - Hosts: 64.74.223.4 bankofamerica.com
O1 - Hosts: 64.74.223.4 www.usbank.com
O1 - Hosts: 64.74.223.4 usbank.com
O1 - Hosts: 64.74.223.4 www.bankone.com
O1 - Hosts: 64.74.223.4 bankone.com
O1 - Hosts: 64.74.223.4 www.citibank.com
O1 - Hosts: 64.74.223.4 citibank.com
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize
O4 - HKLM\..\Run: [AVWLPSTA.EXE] AVWLPSTA.EXE
O4 - HKLM\..\Run: [Windows Helper] C:\WINDOWS\system32\svchozt.exe
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [PhilipsDM] "C:\Program Files\Philips\Philips Device Manager\Bin\DeviceManager.exe"
O4 - HKLM\..\Run: [SetDefPrt] C:\Program Files\Brother\Brmfl05a\BrStDvPt.exe
O4 - HKLM\..\Run: [ControlCenter2.0] C:\Program Files\Brother\ControlCenter2\brctrcen.exe /autorun
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
O4 - HKLM\..\Run: [Smapp] C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
O4 - HKLM\..\Run: [Norman ZANDA] C:\Norman\Npm\bin\ZLH.EXE /LOAD /SPLASH
O4 - HKLM\..\Run: [REMOTEWINDOWPLANOOZE] C:\Documents and Settings\All Users\Application Data\Part Aim Remote Window\owns phone.exe
O4 - HKLM\..\Run: [WinMsg] C:\WINDOWS\winmsgr.exe
O4 - HKLM\..\Run: [NI.ERSV_0001_N91S1908] "c:\documents and settings\becquet\application data\errorsafefrspecialofferinstall[1].exe" -nag
O4 - HKLM\..\Run: [DSLAGENTEXE] dslagent.exe
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Corel Photo Downloader] C:\Program Files\Corel\Corel Snapfire\Corel Photo Downloader.exe
O4 - HKLM\..\Run: [startdrv] C:\WINDOWS\Temp\startdrv.exe
O4 - HKLM\..\Run: [Performance Monitor] C:\WINDOWS\perfmon.exe
O4 - HKLM\..\Run: [usnsvc.exe] C:\WINDOWS\usnsvc.exe
O4 - HKLM\..\Run: [SDTray] "C:\Program Files\Spyware Doctor\SDTrayApp.exe"
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [PhilipsLime] "C:\Program Files\Philips\Philips Lime Service\bin\LimeAlive.exe"
O4 - HKCU\..\Run: [gStart] C:\Garmin\gStart.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: Contrôleur d’état.lnk = C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
O8 - Extra context menu item: Ouvrir l'image dans &Microsoft PhotoDraw - res://C:\PROGRA~1\MICROS~2\Office\1036\phdintl.dll/phdContext.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {26FCCDF9-A7E1-452A-A73D-7BF7B4D0BA6C} (AOL Pictures Uploader Class) - http://o.aolcdn.com/pictures/ap/Resources/2.0.8.98/cab/aolpPlugins.10.6.0.6.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{CEF0892C-BEBC-4FC8-84DA-B41232E07873}: NameServer = 212.30.96.108
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL
O23 - Service: BlueSoleil Hid Service - Unknown owner - D:\Bluetooth\BTNtService.exe
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\system32\brsvc01a.exe
O23 - Service: Norman eLogger service 6 (eLoggerSvc6) - Norman ASA - C:\Norman\Npm\bin\ELOGSVC.EXE
O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: MicroSoft Media Tools - Unknown owner - C:\WINDOWS\MSmedia.exe (file missing)
O23 - Service: Norman NJeeves - Unknown owner - C:\Norman\Npm\bin\NJEEVES.EXE
O23 - Service: Norman Type-R - Unknown owner - C:\Program Files\Norman\NPF\NPFSVICE.EXE
O23 - Service: Norman ZANDA - Norman ASA - C:\Norman\Npm\Bin\Zanda.exe
O23 - Service: Norman Virus Control on-access component (nvcoas) - Norman ASA - C:\Norman\Nvc\bin\nvcoas.exe
O23 - Service: Norman Virus Control Scheduler (NVCScheduler) - Norman ASA - C:\Norman\Nvc\BIN\NVCSCHED.EXE
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Performance Monitor - Unknown owner - C:\WINDOWS\perfmon.exe
O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS\system32\PSIService.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\svcntaux.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\swdsvc.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: Userinit Logon Application - Unknown owner - C:\WINDOWS\userinit.exe

Bonjour,
je viens d'avoir une détection de Spyware.known_bad_sites avec Spyware Doctor qui est l'un des meilleurs logiciel dans ca catégorie.
Je vous donnerai des nouvelles si cette detection persiste.
@+ Mike

Bonjour
j'ai ce problème avec spyware, et aussi j'ai fait un balayage avec avast qi a aussi trouvé lop.com.bundled
j'aimerais savoir commet faire, je suis néophyte et j'ai supprimé yahoo.messenger qui était conseillé dans une autre discussion
merci de vos conseils

J'ai le meme problème mais j'ai Hi jack This et sa marche pas !