Se connecter / S'enregistrer
Votre question

victime d'attaque par empoissement de cache DNS

Tags :
  • Virus
  • Sécurité
Dernière réponse : dans Sécurité et virus
12 Février 2012 12:55:55

salut
ça fait un bon bout de temps que je suis victime de plusieurs attaque
" Attaque par empoisenement de la cache DNS"
" Attaque par empoisenement de la cache ARP"
je voudrais savoir comment m'en protéger

Autres pages sur : victime attaque empoissement cache dns

12 Février 2012 19:03:45

Bonjour
c'est ton antivirus qui te dis cela? poste le rapport stp


Télécharge DDS de sUBs sur ton bureau.
L'outil ne nécessite pas d'installation.

Lance-le en cliquant sur l'icône dds.scr:

Cette fenêtre DOS va apparaitre:



Le scan ne doit pas dépasser trois minutes.

Deux rapports seront générés, Enregistre les rapports DDS.txt et Attach.txt.



Poste le rapport DDS.txt, tu ne fourniras le rapport Attach.txt que s'il t'est demandé.


<@_@>**<@_@>**<@_@>**<@_@>**<@_@>**@_@>**<@_@><@_@>**<@_@>**<@_@>**<@_@>**
16 Février 2012 18:05:59

Salut comme prévu en voici le rapport du fichier DDS.txt
.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 10.2.0
Run by FABRICE at 17:57:19 on 2012-02-16
Microsoft Windows 7 Édition Intégrale 6.1.7601.1.1252.33.1036.18.3003.963 [GMT 1:00]
.
AV: ESET Smart Security 5.0 *Enabled/Updated* {77DEAFED-8149-104B-25A1-21771CA47CD1}
SP: ESET Smart Security 5.0 *Enabled/Updated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Pare-feu personnel d'ESET *Enabled* {4FE52EC8-CB26-1113-0EFE-8842E2773BAA}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_9691412ff1876250\STacSV.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_9691412ff1876250\aestsrv.exe
C:\Program Files\Zend\Apache2\bin\httpd.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Program Files\ESET\ESET Smart Security\ekrn.exe
C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Autodesk\3ds Max 2012\mentalimages\satellite\raysat_3dsmax2012_32server.exe
C:\Program Files\Microsoft\BingBar\SeaPort.EXE
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\VMware\USB\vmware-usbarbitrator.exe
C:\Program Files\Zend\Apache2\bin\httpd.exe
C:\Windows\system32\vmnat.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
C:\Program Files\Zend\ZendServer\bin\zdd.exe
C:\Program Files\Zend\ZendServer\bin\jqd.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\Zend\ZendServer\bin\MonitorNode.exe
C:\Program Files\Zend\ZendServer\bin\php-cgi.exe
C:\Windows\system32\conhost.exe
C:\Program Files\Zend\ZendServer\bin\ZendSessionManager.exe
C:\Program Files\VMware\VMware Workstation\vmware-authd.exe
C:\Windows\system32\vmnetdhcp.exe
C:\Program Files\VMware\VMware Workstation\vmware-hostd.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Zend\ZendServer\bin\php-cgi.exe
C:\Windows\system32\conhost.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\CardDetector\HUAWEI1752_1552\CardDetector.exe
C:\Program Files\VMware\VMware Workstation\vmware-tray.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Internet Download Manager\IDMan.exe
C:\Program Files\Microsoft Encarta\Microsoft Encarta 2009 - Collection DVD\EDICT.EXE
C:\Program Files\DAEMON Tools Lite\DTLite.exe
C:\Program Files\BitTorrent\BitTorrent.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Zend\Apache2\bin\ApacheMonitor.exe
C:\Program Files\Zend\ZendServer\bin\zendcontroller.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Internet Download Manager\IEMonitor.exe
C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
C:\Program Files\Nero\Update\NASvc.exe
C:\Program Files\DAEMON Tools Lite\DTShellHlp.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe
C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesApp32.exe
C:\Users\FABRICE\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\FABRICE\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\FABRICE\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Program Files\Adobe\Adobe After Effects CS4\Support Files\AfterFX.exe
C:\Program Files\Common Files\Adobe\dynamiclink\processcoordinationserver.exe
C:\Program Files\Common Files\Adobe\Updater6\Adobe_Updater.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\conhost.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.fr/
uWindow Title = Windows Internet Explorer by Fabrice Computer
uInternet Settings,ProxyOverride = *.local
BHO: IDM integration (IDMIEHlprObj Class): {0055c089-8582-441b-a0bf-17b458c2a3a8} - c:\program files\internet download manager\IDMIECC.dll
BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\progra~1\yahoo!\companion\installs\cpn0\yt.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\progra~1\micros~2\office14\GROOVEEX.DLL
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Windows Live Messenger Companion Helper: {9fdde16b-836f-4806-ab1f-1455cbeff289} - c:\program files\windows live\companion\companioncore.dll
BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - c:\progra~1\micros~2\office14\URLREDIR.DLL
BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "c:\program files\microsoft\bingbar\BingExt.dll"
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre7\bin\jp2ssv.dll
BHO: SingleInstance Class: {fdad4da1-61a2-4fd8-9c17-86f7ac245081} - c:\progra~1\yahoo!\companion\installs\cpn0\YTSingleInstance.dll
TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "c:\program files\microsoft\bingbar\BingExt.dll"
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\progra~1\yahoo!\companion\installs\cpn0\yt.dll
TB: DAEMON Tools Toolbar: {32099aac-c132-4136-9e9a-4e364a424e17} - c:\program files\daemon tools toolbar\DTToolbar.dll
TB: Zend Studio: {95188727-288f-4581-a48d-eab3bd027314} -
uRun: [Sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun
uRun: [IDMan] c:\program files\internet download manager\IDMan.exe /onboot
uRun: [<NO NAME>]
uRun: [E09FXLRD_11634507] "c:\program files\microsoft encarta\microsoft encarta 2009 - collection dvd\EDICT.EXE" -m
uRun: [DAEMON Tools Lite] "c:\program files\daemon tools lite\DTLite.exe" -autorun
uRun: [BitTorrent] "c:\program files\bittorrent\BitTorrent.exe" /MINIMIZED
uRun: [Skype] "c:\program files\skype\phone\Skype.exe" /nosplash /minimized
uRun: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background
mRun: [egui] "c:\program files\eset\eset smart security\egui.exe" /hide /waitservice
mRun: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
mRun: [CardDetectorHUAWEI1752_1552] c:\program files\carddetector\huawei1752_1552\CardDetector.exe
mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
mRun: [AdobeCS5.5ServiceManager] "c:\program files\common files\adobe\cs5.5servicemanager\CS5.5ServiceManager.exe" -launchedbylogin
mRun: [vmware-tray] "c:\program files\vmware\vmware workstation\vmware-tray.exe"
mRun: [SysTrayApp] c:\program files\idt\wdm\sttray.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\apache~1.lnk - c:\program files\zend\apache2\bin\ApacheMonitor.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\zendco~1.lnk - c:\program files\zend\zendserver\bin\zendcontroller.exe
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: &Envoyer à OneNote - c:\progra~1\micros~2\office14\ONBttnIE.dll/105
IE: E&xporter vers Microsoft Excel - c:\progra~1\micros~2\office14\EXCEL.EXE/3000
IE: Télécharger avec IDM - c:\program files\internet download manager\IEExt.htm
IE: Télécharger tous les liens avec IDM - c:\program files\internet download manager\IEGetAll.htm
IE: Zend Studio - Debug current page - e:\flash builder\adobe flash builder 4.5\ietoolbar\ZendIEToolbar.dll/DebugCurrent.html
IE: Zend Studio - Debug next page - e:\flash builder\adobe flash builder 4.5\ietoolbar\ZendIEToolbar.dll/DebugNext.html
IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - c:\program files\windows live\companion\companioncore.dll
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - c:\program files\microsoft office\office14\ONBttnIELinkedNotes.dll
IE: {A26ABCF0-1C8F-46e7-A67C-0489DC21B9CC} - {95188727-288F-4581-A48D-EAB3BD027314}
IE: {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - {552781AF-37E4-4FEE-920A-CED9E648EADD} - c:\program files\common files\microsoft shared\encarta search bar\ENCSBAR.DLL
LSP: %SystemRoot%\system32\vsocklib.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_02-windows-i586.cab
DPF: {CAFEEFAC-0017-0000-0002-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_02-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_02-windows-i586.cab
TCP: Interfaces\{9195C5F7-1D81-43D2-9615-6243EFE54A5A}\975637 : DhcpNameServer = 192.168.137.1
TCP: Interfaces\{994812B1-70AE-46CF-904E-00A3F08BD320} : DhcpNameServer = 192.168.0.1
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files\common files\microsoft shared\office14\MSOXMLMF.DLL
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:\program files\windows live\photo gallery\AlbumDownloadProtocolHandler.dll
Notify: igfxcui - igfxdev.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\progra~1\micros~2\office14\GROOVEEX.DLL
mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "c:\program files\common files\lightscribe\LSRunOnce.exe"
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\fabrice\appdata\roaming\mozilla\firefox\profiles\r8gzsezx.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.fr/
FF - prefs.js: network.proxy.ftp - 195.24.211.161
FF - prefs.js: network.proxy.ftp_port - 80
FF - prefs.js: network.proxy.http - 195.24.211.161
FF - prefs.js: network.proxy.http_port - 80
FF - prefs.js: network.proxy.socks - 195.24.211.161
FF - prefs.js: network.proxy.socks_port - 80
FF - prefs.js: network.proxy.ssl - 195.24.211.161
FF - prefs.js: network.proxy.ssl_port - 80
FF - prefs.js: network.proxy.type - 0
FF - plugin: c:\progra~1\micros~2\office14\NPAUTHZ.DLL
FF - plugin: c:\progra~1\micros~2\office14\NPSPWRAP.DLL
FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\java\jre7\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\java\jre7\bin\new_plugin\npjp2.dll
FF - plugin: c:\program files\microsoft silverlight\4.1.10111.0\npctrlui.dll
FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll
FF - plugin: c:\users\fabrice\appdata\local\google\update\1.3.21.99\npGoogleUpdate3.dll
FF - plugin: c:\users\fabrice\appdata\roaming\mozilla\firefox\profiles\r8gzsezx.default\extensions\{ab91efd4-6975-4081-8552-1b3922ed79e2}\plugins\npProductDetectPlugin.dll
FF - plugin: c:\users\fabrice\appdata\roaming\mozilla\plugins\npgoogletalk.dll
FF - plugin: c:\users\fabrice\appdata\roaming\mozilla\plugins\npgtpo3dautoplugin.dll
.
---- FIREFOX POLICIES ----
FF - user.js: yahoo.ytff.general.dontshowhpoffer - true
============= SERVICES / DRIVERS ===============
.
R0 BtHidBus;Bluetooth HID Bus Service;c:\windows\system32\drivers\BtHidBus.sys [2011-7-27 20872]
R0 epfwwfp;epfwwfp;c:\windows\system32\drivers\epfwwfp.sys [2011-8-4 50624]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\drivers\dtsoftbus01.sys [2011-12-9 232512]
R1 EpfwLWF;Epfw NDIS LightWeight Filter;c:\windows\system32\drivers\EpfwLWF.sys [2011-8-4 33656]
R1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\drivers\vwififlt.sys [2009-7-14 48128]
R2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\common files\adobe\arm\1.0\armsvc.exe [2012-1-3 63928]
R2 AESTFilters;Andrea ST Filters Service;c:\windows\system32\driverstore\filerepository\stwrt.inf_x86_neutral_9691412ff1876250\AEstSrv.exe [2009-3-2 81920]
R2 Apache2.2-Zend;Apache2.2-Zend;c:\program files\zend\apache2\bin\httpd.exe [2011-9-4 27680]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
R2 eamonm;eamonm;c:\windows\system32\drivers\eamonm.sys [2011-8-9 163424]
R2 ekrn;ESET Service;c:\program files\eset\eset smart security\ekrn.exe [2011-9-22 974944]
R2 IDMWFP;IDMWFP;c:\windows\system32\drivers\idmwfp.sys [2012-1-16 91424]
R2 mi-raysat_3dsmax2012_32;mental ray 3.9 Satellite for Autodesk 3ds Max 2012 32-bit - French 32-bit;c:\program files\autodesk\3ds max 2012\mentalimages\satellite\raysat_3dsmax2012_32server.exe [2011-2-23 86016]
R2 NAUpdate;Nero Update;c:\program files\nero\update\NASvc.exe [2010-5-4 503080]
R2 vstor2-mntapi10-shared;Vstor2 MntApi 1.0 Driver (shared);c:\windows\system32\drivers\vstor2-mntapi10-shared.sys [2011-7-8 22768]
R3 LgBttPort;LGE Bluetooth TransPort;c:\windows\system32\drivers\lgbtport.sys [2009-9-29 12160]
R3 lgbusenum;LG Bluetooth Bus Enumerator;c:\windows\system32\drivers\lgbtbus.sys [2009-9-29 10496]
R3 LGVMODEM;LGE Virtual Modem;c:\windows\system32\drivers\lgvmodem.sys [2009-9-29 12928]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\drivers\Rt86win7.sys [2009-3-1 139776]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\tuneup utilities 2012\TuneUpUtilitiesDriver32.sys [2011-10-13 10064]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\drivers\vwifimp.sys [2009-7-14 14336]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888]
S3 BBSvc;Bing Bar Update Service;c:\program files\microsoft\bingbar\BBSvc.EXE [2011-4-1 183560]
S3 btnetBUs;Bluetooth PAN Bus Service;c:\windows\system32\drivers\btnetBus.sys [2010-4-6 25864]
S3 fssfltr;fssfltr;c:\windows\system32\drivers\fssfltr.sys [2011-11-30 39272]
S3 hwusbfake;Huawei DataCard USB Fake;c:\windows\system32\drivers\ewusbfake.sys [2011-12-9 103040]
S3 IvtBtBUs;IVT Bluetooth Bus Service;c:\windows\system32\drivers\IvtBtBus.sys [2010-4-6 23048]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\microsoft office\office14\GROOVE.EXE [2011-6-12 31125880]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2011-11-30 15872]
S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2011-11-30 52224]
.
=============== Created Last 30 ================
.
2012-02-16 15:33:51 21312 ----a-w- c:\windows\system32\authuitu.dll
2012-02-16 15:33:49 28992 ----a-w- c:\windows\system32\uxtuneup.dll
2012-02-16 14:11:11 -------- d-----w- c:\users\fabrice\appdata\local\{A4E19086-B7A3-426C-9530-BEA8D20B73A1}
2012-02-16 14:10:36 -------- d-----w- c:\users\fabrice\appdata\local\{6F2899D1-68B5-4700-8063-3A2706EFF90F}
2012-02-16 14:08:09 -------- d-----w- c:\windows\fr
2012-02-16 12:14:20 61440 ----a-w- c:\windows\system32\aestaren.dll
2012-02-16 12:14:20 380928 ----a-w- c:\windows\system32\aestecap.dll
2012-02-16 12:14:20 140288 ----a-w- c:\windows\system32\aestacap.dll
2012-02-16 12:14:18 86016 ----a-w- c:\windows\system32\AESTCom.dll
2012-02-16 12:14:18 536576 ----a-w- c:\windows\system32\idtmini1.exe
2012-02-16 12:14:18 495708 ----a-w- c:\windows\sttray.exe
2012-02-16 12:14:18 3354624 ----a-w- c:\windows\system32\stlang.dll
2012-02-16 12:14:18 12628060 ----a-w- c:\windows\system32\idtcpl.cpl
2012-02-15 12:13:55 -------- d-----w- c:\users\fabrice\appdata\roaming\Weecast
2012-02-15 12:12:43 -------- d-----w- c:\program files\PlayerTuto.com
2012-02-15 09:47:20 442880 ----a-w- c:\windows\system32\ntshrui.dll
2012-02-15 09:26:27 690688 ----a-w- c:\windows\system32\msvcrt.dll
2012-02-15 09:21:31 2343424 ----a-w- c:\windows\system32\win32k.sys
2012-02-15 09:18:32 478720 ----a-w- c:\windows\system32\timedate.cpl
2012-02-14 15:53:05 30720 -c--a-w- C:\Cisco7.exe
2012-02-14 14:07:34 6557240 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{c3587ba2-bcb4-4389-94df-32ae057ec34f}\mpengine.dll
2012-02-14 12:19:29 308 -c--a-w- C:\dns_lookup.tmp
2012-02-14 11:30:56 -------- d-----w- c:\program files\WinPcap
2012-02-14 11:28:34 -------- d-----w- c:\program files\Net Tools
2012-02-11 18:42:17 -------- d-----w- c:\users\fabrice\appdata\local\TechHit
2012-02-11 12:57:13 626688 ----a-w- c:\program files\mozilla firefox\msvcr80.dll
2012-02-11 12:57:13 548864 ----a-w- c:\program files\mozilla firefox\msvcp80.dll
2012-02-11 12:57:13 479232 ----a-w- c:\program files\mozilla firefox\msvcm80.dll
2012-02-11 12:57:13 45016 ----a-w- c:\program files\mozilla firefox\mozutils.dll
2012-02-11 11:48:57 -------- d-----w- c:\users\fabrice\appdata\roaming\Disruptive Innovations SARL
2012-02-11 11:48:57 -------- d-----w- c:\users\fabrice\appdata\local\Disruptive Innovations SARL
2012-02-09 19:31:10 -------- d-----w- c:\users\fabrice\appdata\local\Facebook
2012-02-08 22:07:59 -------- d-----w- c:\users\fabrice\appdata\roaming\Bradsoft.com
2012-02-05 09:33:19 2306328 ----a-w- c:\programdata\microsoft\ehome\packages\mceclientux\updateablemarkup-4\markup.dll
2012-01-30 13:10:16 -------- d-----w- c:\program files\BitTorrent
2012-01-30 13:07:15 -------- d-----w- c:\users\fabrice\appdata\roaming\BitTorrent
2012-01-30 11:05:16 -------- d-----w- c:\program files\iPod
2012-01-22 12:39:59 224768 ----a-w- c:\windows\system32\schannel.dll
2012-01-22 12:39:58 67440 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2012-01-22 12:39:58 369352 ----a-w- c:\windows\system32\drivers\cng.sys
2012-01-22 12:39:58 134000 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
2012-01-22 12:39:58 1038848 ----a-w- c:\windows\system32\lsasrv.dll
2012-01-22 12:39:57 314880 ----a-w- c:\windows\system32\webio.dll
2012-01-22 12:39:57 22528 ----a-w- c:\windows\system32\lsass.exe
2012-01-22 12:39:57 22016 ----a-w- c:\windows\system32\secur32.dll
2012-01-22 12:39:57 100352 ----a-w- c:\windows\system32\sspicli.dll
2012-01-22 12:39:56 15872 ----a-w- c:\windows\system32\sspisrv.dll
2012-01-20 07:16:10 -------- d-----w- c:\users\fabrice\appdata\local\{B9FDD98D-3E19-41CB-B881-A3256771EAF3}
2012-01-20 07:16:10 -------- d-----w- c:\users\fabrice\appdata\local\{6BFFB3C8-95CC-4562-9DEA-E18D4D5683CA}
2012-01-19 11:36:28 -------- d-----w- c:\users\fabrice\prog-build-desktop-Qt_4_7_4_for_Desktop_-_MinGW_4_4__Qt_SDK__Debug
2012-01-19 11:36:12 -------- d-----w- c:\users\fabrice\prog
.
==================== Find3M ====================
.
2012-02-09 13:16:42 31552 ----a-w- c:\windows\system32\TURegOpt.exe
2012-01-29 04:10:42 237072 ------w- c:\windows\system32\MpSigStub.exe
2012-01-16 14:48:27 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-12-20 18:05:38 91424 ----a-w- c:\windows\system32\drivers\idmwfp.sys
2011-12-14 14:56:50 28992 ----a-w- c:\windows\system32\uxtE956.tmp
2011-12-14 03:04:54 1798656 ----a-w- c:\windows\system32\jscript9.dll
2011-12-14 02:57:18 1127424 ----a-w- c:\windows\system32\wininet.dll
2011-12-14 02:56:58 1427456 ----a-w- c:\windows\system32\inetcpl.cpl
2011-12-14 02:50:04 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2011-12-09 16:54:56 232512 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2011-12-08 11:01:15 4100 ----a-w- c:\windows\system32\hdvirffo.dll
2011-12-01 08:15:34 443448 ----a-w- c:\windows\system32\drivers\sptd.sys
2011-11-30 22:09:32 152576 ----a-w- c:\windows\system32\msclmd.dll
2011-11-19 14:01:00 67072 ----a-w- c:\windows\system32\packager.dll
.
============= FINISH: 17:59:24,35 ===============
16 Février 2012 21:06:04

Bonsoir
c'est toi qui a ajouté un proxy dans Firefox?

Désactive ton antivirus et tout autre type de protection.
Télécharge ComboFix de sUBs : Combofix
Sauvegarde-le sur ton bureau et pas ailleurs!

Double-clic sur ComboFix, Il va te poser une question, suis les invites puis attends que combofix ait terminé, il est possible que ton PC reboot, c’est normal, un rapport sera créé.Poste le rapport:C:\Combofix.txt
clique dessus pour l'ouvrir, puis édition "sélectionner tout", édition "copier"

viens sur le forum et édition "coller"

AIDE : Un guide et un tutoriel sur l'utilisation de ComboFix
* le nom de la partition peut changer

<@_@>
Tom's guide dans le monde
  • Allemagne
  • Italie
  • Irlande
  • Royaume Uni
  • Etats Unis
Suivre Tom's Guide
Inscrivez-vous à la Newsletter
  • ajouter à twitter
  • ajouter à facebook
  • ajouter un flux RSS