Votre question

Redirection Windows Update ----> Google

Tags :
  • Sécurité
Dernière réponse : dans Sécurité et virus
14 Mai 2009 07:44:48

Bonjour et bonsoir à tous , comme indiqué dans le titre j'ai un problème lorsque je veux allé faire les updates de Windows . J'ai fait quelques recherches sur le net mais je ne voulais pas faire tout planté ! Donc je fait appelle à vous en espérant réglez mon problème :)  .
Avant tout , voici un image dans connexion réseau :
http://img8.imageshack.us/img8/319/connexionreseau.jpg
Pourtant je n'est jamais demandé à avoir cette IP DNS . Si je coche "Obtenir les adresses des serveurs DNS automatiquement" si je quitte il sera de nouveau sur "Utilisé l'adresse de serveur DNS suivant" . Avec ça je ne peux pas navigué avec http://google.ca car cela m'amène sur des sites erronés ou aucun rapport , et encore plus de problème .
Ensuite il y a mon problème avec la redirection de Windows Update sur Google ...

Voici un rapport Hitjackthis :


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 01:43:49, on 2009-05-14
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\svcadmin.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\Program Files\TortoiseSVN\bin\TSVNCache.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
C:\Program Files\Analog Devices\SoundMAX\DrvLsnr.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\vsnpstd2.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\MSI\Common\RaUI.exe
C:\Program Files\Hamachi\hamachi.exe
C:\Documents and Settings\Adminstrateur\Application Data\Microsoft\Live Search\Notification-LiveSearch.exe
C:\Documents and Settings\Adminstrateur\Application Data\Microsoft\Live Search\Mise-a-jour-LiveSearch.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\wamp\wampmanager.exe
c:\wamp\bin\apache\apache2.2.6\bin\httpd.exe
c:\wamp\bin\mysql\mysql5.0.45\bin\mysqld-nt.exe
C:\wamp\bin\apache\apache2.2.6\bin\httpd.exe
C:\Program Files\Teamspeak2_RC2\server_windows.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Super macro\super_macro.exe
C:\Program Files\Teamspeak2_RC22\TeamSpeak.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\cmd.exe
C:\Documents and Settings\Adminstrateur\Bureau\World of Warcraft 2.4.3\vmapextract_v2.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: VMN Toolbar - {A057A204-BACC-4D26-8287-79A187E26987} - C:\PROGRA~1\VMNTOO~1\VMNTOO~1.DLL
O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Google Gears Helper - {E0FEFE40-FBF9-42AE-BA58-794CA7E3FB53} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.19.0\gears.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - (no file)
O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O3 - Toolbar: VMN Toolbar - {A057A204-BACC-4D26-8287-79A187E26987} - C:\PROGRA~1\VMNTOO~1\VMNTOO~1.DLL
O4 - HKLM\..\Run: [SetRefresh] C:\Program Files\COMPAQ\SetRefresh\\SetRefresh.exe
O4 - HKLM\..\Run: [Smapp] C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
O4 - HKLM\..\Run: [DrvLsnr] C:\Program Files\Analog Devices\SoundMAX\DrvLsnr.exe
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SNPSTD2] C:\WINDOWS\vsnpstd2.exe
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [BroadCamRun] "C:\Program Files\NCH Software\BroadCam\broadCam.exe" -logon
O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BudgetSip] "C:\Program Files\BudgetSip.com\BudgetSip\BudgetSip.exe" -nosplash -minimized
O4 - HKCU\..\Run: [FreeCall] "C:\Program Files\FreeCall.com\FreeCall\FreeCall.exe" -nosplash -minimized
O4 - HKCU\..\Run: [AlerteD] C:\Program Files\Alerte Dolphin\Alerte.exe
O4 - HKCU\..\Run: [Steam] "c:\program files\valve\steam\steam.exe" -silent
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: AutoClick.lnk = C:\Program Files\AutoClick\AutoClick.exe
O4 - Startup: hamachi.lnk = C:\Program Files\Hamachi\hamachi.exe
O4 - Startup: MagicDisc.lnk = C:\Program Files\MagicDisc\MagicDisc.exe
O4 - Startup: No-IP DUC.lnk = C:\Program Files\No-IP\DUC20.exe
O4 - Startup: Outil de notification Live Search.lnk = C:\Documents and Settings\Adminstrateur\Application Data\Microsoft\Live Search\Notification-LiveSearch.exe
O4 - Global Startup: DYNDNSCLIENT.lnk = C:\Program Files\darweb-dyndnsclient\dyndnsclient.exe
O4 - Global Startup: MSI Wireless Utility.lnk = C:\Program Files\MSI\Common\RaUI.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.19.0\gears.dll
O9 - Extra 'Tools' menuitem: Paramètres de Google &Gears - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.19.0\gears.dll
O9 - Extra button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra 'Tools' menuitem: Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986....
O16 - DPF: {4E218431-2F07-40BD-A9D3-035324C1F13F} (DyynoX Class) - http://webserver.dyyno.com/DyynoClient/DyynoCAB.CAB
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown....
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8....
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Cont...
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.ca...
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O16 - DPF: {DB7BF79A-FC51-4B5A-92BC-A65731174380} (InstantAction Game Launcher) - http://www.instantaction.com/download/iaplayer.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab569...
O16 - DPF: {FFBB3F3B-0A5A-4106-BE53-DFE1E2340CB1} (Contrôleur de DownloadManager) - http://dlm.tools.akamai.com/dlmanager/versions/activex/...
O17 - HKLM\System\CCS\Services\Tcpip\..\{2D14DB62-4C4B-4FCB-818E-71F7A6CCC65D}: NameServer = 85.255.115.50,85.255.112.154
O17 - HKLM\System\CCS\Services\Tcpip\..\{AB9B6678-7026-496E-A217-02C92839C38A}: NameServer = 85.255.115.50,85.255.112.154
O17 - HKLM\System\CCS\Services\Tcpip\..\{C050E60A-B913-43A4-A110-8127A2997EC5}: NameServer = 85.255.113.117;85.255.112.90
O17 - HKLM\System\CCS\Services\Tcpip\..\{CCF7B429-5E33-4EDD-92D4-1BDE435448E1}: NameServer = 85.255.115.50,85.255.112.154
O17 - HKLM\System\CCS\Services\Tcpip\..\{FA785A41-A335-45C4-98C1-FC005A45215F}: NameServer = 85.255.115.50,85.255.112.154
O17 - HKLM\System\CS12\Services\Tcpip\Parameters: NameServer = 85.255.115.50 85.255.112.154
O17 - HKLM\System\CS13\Services\Tcpip\Parameters: NameServer = 85.255.115.50 85.255.112.154
O17 - HKLM\System\CS14\Services\Tcpip\Parameters: NameServer = 85.255.115.50 85.255.112.154
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.115.50 85.255.112.154
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - AppInit_DLLs: avgrsstx.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Anyplace Control Security - Unknown owner - C:\WINDOWS\svcadmin.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: BroadCam Service (BroadCamService) - Unknown owner - C:\Program Files\NCH Software\BroadCam\broadCam.exe
O23 - Service: Client32 - Unknown owner - C:\Program Files\NetSupport\NetSupport Manager\client32.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Update Service (gupdate1c9bbf4ad401b26) (gupdate1c9bbf4ad401b26) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: wampapache - Apache Software Foundation - c:\wamp\bin\apache\apache2.2.6\bin\httpd.exe
O23 - Service: wampmysqld - Unknown owner - c:\wamp\bin\mysql\mysql5.0.45\bin\mysqld-nt.exe

--
End of file - 13129 bytes

En espérant une âme généreuse capable de m'aidé :) 

Cordialement
Pomax

Autres pages sur : redirection windows update google

14 Mai 2009 16:03:41

Un petit U.p. s'il vous plaît :)  .
Certains trucs me parraisse étrange dans mon log de Hitjackthis . Mais je ne veux pas trop m'avancé .

Cordialement
Pomax
a b 8 Sécurité
14 Mai 2009 18:44:58

Bonjour,

Tu es effectivement infecté.

Télécharge MalwareByte's Anti-Malware sur ton Bureau.

  • Installe-le en double-cliquant sur le fichier Download_mbam-setup.exe.
  • Exécute maintenant MalwareByte's Anti-Malware. Si cela n'est pas déjà fait, sélectionne "Exécuter un examen complet".
  • Afin de lancer la recherche, clic sur"Rechercher".
  • Une fois le scan terminé, une fenêtre s'ouvre, clic sur OK. Deux possibilités s'offrent à toi :

    ~ Si le programme n'a rien trouvé, appuie sur OK. Un rapport va apparaître, ferme-le.
    ~~ Si des infections sont présentes, clic sur "Afficher les résultats" puis sur "Supprimer la sélection". Enregistre le rapport sur ton Bureau.
    ~~~~ Fais redémarrer ton ordinateur normalement et poste le rapport dans ta prochaine réponse.

    REMARQUE : Si MalwareByte's Anti-Malware a besoin de redémarrer pour terminer la suppression, accepte en cliquant sur Ok.[/#f]

    Note : Si tu ne parviens à télécharger MBAM à part de MajorGeeks, tu peux le télécharger ici!

    [#FF0000]Aide
    :
  • Comment utiliser MBAM.
  • Comment faire démarrer son ordinateur en mode sans échec.
    Contenus similaires
    14 Mai 2009 19:13:11

    "Télécharge MalwareByte's Anti-Malware sur ton Bureau." Si j'essaie de download par MajorGeek j'ai ça :

    Firefox ne peut trouver le serveur à l'adresse store.malwarebytes.org.

    Si j'essaie avec l'autre lien :
    Firefox ne peut trouver le serveur à l'adresse www.malwarebytes.org.

    Est-ce que la dernière version est 1.36 ? Si oui , je les téléchargé hier ... ( coup de chance ... ) donc je vais faire un scan avec celui là et je vous envoie le rapport .


    Merci de ton aide :) 

    Cordialement
    Pomax
    a b 8 Sécurité
    14 Mai 2009 19:51:22

    Fais ça oui ;) 
    14 Mai 2009 20:52:08

    En moyenne ceci prend combien de temps ? Surment par rapport à la config . Mais j'ai une bonne config et ceci fait 1H25 qui fait l'analyse ...

    Cordialement
    Pomax
    15 Mai 2009 04:09:10

    Voici mon LOG

    Malwarebytes' Anti-Malware 1.36
    Version de la base de données: 1945
    Windows 5.1.2600 Service Pack 3

    2009-05-14 21:59:26
    mbam-log-2009-05-14 (21-59-26).txt

    Type de recherche: Examen complet (C:\|)
    Eléments examinés: 208245
    Temps écoulé: 4 hour(s), 38 minute(s), 35 second(s)

    Processus mémoire infecté(s): 0
    Module(s) mémoire infecté(s): 0
    Clé(s) du Registre infectée(s): 0
    Valeur(s) du Registre infectée(s): 0
    Elément(s) de données du Registre infecté(s): 8
    Dossier(s) infecté(s): 0
    Fichier(s) infecté(s): 6

    Processus mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Module(s) mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Clé(s) du Registre infectée(s):
    (Aucun élément nuisible détecté)

    Valeur(s) du Registre infectée(s):
    (Aucun élément nuisible détecté)

    Elément(s) de données du Registre infecté(s):
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\NameServer (Trojan.DNSChanger) -> Data: 85.255.115.50 85.255.112.154 -> Delete on reboot.
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{2d14db62-4c4b-4fcb-818e-71f7a6ccc65d}\NameServer (Trojan.DNSChanger) -> Data: 85.255.115.50,85.255.112.154 -> Delete on reboot.
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{ab9b6678-7026-496e-a217-02c92839c38a}\DhcpNameServer (Trojan.DNSChanger) -> Data: 85.255.115.50,85.255.112.154 -> Delete on reboot.
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{ab9b6678-7026-496e-a217-02c92839c38a}\NameServer (Trojan.DNSChanger) -> Data: 85.255.115.50,85.255.112.154 -> Delete on reboot.
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{c050e60a-b913-43a4-a110-8127a2997ec5}\DhcpNameServer (Trojan.DNSChanger) -> Data: 85.255.113.117;85.255.112.90 -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{c050e60a-b913-43a4-a110-8127a2997ec5}\NameServer (Trojan.DNSChanger) -> Data: 85.255.113.117;85.255.112.90 -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{ccf7b429-5e33-4edd-92d4-1bde435448e1}\NameServer (Trojan.DNSChanger) -> Data: 85.255.115.50,85.255.112.154 -> Delete on reboot.
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{fa785a41-a335-45c4-98c1-fc005a45215f}\NameServer (Trojan.DNSChanger) -> Data: 85.255.115.50,85.255.112.154 -> Quarantined and deleted successfully.

    Dossier(s) infecté(s):
    (Aucun élément nuisible détecté)

    Fichier(s) infecté(s):
    C:\WINDOWS\system32\msqpdxweahurrn.dll (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\msqpdxwtyearrx.dll (Trojan.Agent) -> Delete on reboot.
    C:\WINDOWS\system32\msqpdxbajfoxum.dll (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\drivers\msqpdxmxctotty.sys (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\drivers\msqpdxpcuuktkb.sys (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\drivers\msqpdxserv.sys (Trojan.Agent) -> Quarantined and deleted successfully.



    Je peux à présent refaire les analyses et je n'ai plus d'IP DNS automatiquement . Mais j'imagine qu'il reste des choses à faire ^^ .

    Merci beaucoup
    a b 8 Sécurité
    15 Mai 2009 18:57:07

    Pas terminé non.

    Télécharge ComboFix (de sUBs) sur ton Bureau.

  • Désactive temporairement toute protection résidente ! (Antivirus, antispywares..)
  • Double clique sur ComboFix.exe.
  • Accepte la licence en cliquant sur Oui.
  • Le programme va te demander si tu souhaites installer la Console de Récupération. C'est une précaution, au cas où l'ordinateur tomberait en panne. Je te conseille donc de l'installer, ça ne coûte rien, et ça pourrait potentiellement servir !
  • Lorsque l'opération sera terminée, un rapport apparaîtra. Poste ce rapport dans ta prochaine réponse.

    Le rapport se trouve ici : %SystemDrive%\ComboFix.txt (%systemdrive% étant la partition où est installée Windows; C:\ en général)

    Aide : Comment utiliser ComboFix.
    16 Mai 2009 04:10:37

    Voici le rapport

    ComboFix 09-05-15.01 - Adminstrateur 2009-05-15 22:03.2 - NTFSx86
    Microsoft Windows XP Professionnel 5.1.2600.3.1252.2.1036.18.1023.451 [GMT -4:00]
    Lancé depuis: c:\documents and settings\Adminstrateur\Bureau\ComboFix.exe
    AV: AVG Anti-Virus *On-access scanning enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
    .

    (((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
    .

    c:\windows\system32\404Fix.exe
    c:\windows\system32\dumphive.exe
    c:\windows\system32\IEDFix.C.exe
    c:\windows\system32\IEDFix.exe
    c:\windows\system32\o4Patch.exe
    c:\windows\system32\Process.exe
    c:\windows\system32\SrchSTS.exe
    c:\windows\system32\tmp.reg
    c:\windows\system32\VACFix.exe
    c:\windows\system32\VCCLSID.exe
    c:\windows\system32\WS2Fix.exe

    .
    ((((((((((((((((((((((((((((( Fichiers créés du 2009-04-16 au 2009-05-16 ))))))))))))))))))))))))))))))))))))
    .

    2009-05-16 01:10 . 2009-05-16 01:10 -------- d-----w c:\documents and settings\Adminstrateur\Application Data\AVG8
    2009-05-15 16:06 . 2009-03-11 02:26 1438080 ----a-w c:\windows\system32\KB905474\wganotifypackageinner.exe
    2009-05-15 16:06 . 2009-03-11 02:18 454024 ----a-w c:\windows\system32\KB905474\wgasetup.exe
    2009-05-15 16:06 . 2009-05-15 16:06 -------- d-----w c:\windows\system32\KB905474
    2009-05-15 05:48 . 2009-05-15 05:48 12552 ----a-w c:\windows\system32\drivers\avgrkx86.sys
    2009-05-15 02:26 . 2009-02-06 10:10 227840 -c----w c:\windows\system32\dllcache\wmiprvse.exe
    2009-05-15 02:26 . 2009-03-06 14:20 286720 -c----w c:\windows\system32\dllcache\pdh.dll
    2009-05-15 02:26 . 2009-02-09 11:23 111104 -c----w c:\windows\system32\dllcache\services.exe
    2009-05-15 02:26 . 2009-02-09 10:53 401408 -c----w c:\windows\system32\dllcache\rpcss.dll
    2009-05-15 02:26 . 2009-02-09 10:53 473600 -c----w c:\windows\system32\dllcache\fastprox.dll
    2009-05-15 02:26 . 2009-02-09 10:53 685568 -c----w c:\windows\system32\dllcache\advapi32.dll
    2009-05-15 02:26 . 2009-02-09 10:53 735744 -c----w c:\windows\system32\dllcache\lsasrv.dll
    2009-05-15 02:26 . 2009-02-09 10:53 453120 -c----w c:\windows\system32\dllcache\wmiprvsd.dll
    2009-05-15 02:26 . 2009-02-09 10:53 739840 -c----w c:\windows\system32\dllcache\ntdll.dll
    2009-05-15 02:24 . 2008-12-16 12:31 354304 -c----w c:\windows\system32\dllcache\winhttp.dll
    2009-05-15 02:24 . 2008-04-21 21:15 219136 -c----w c:\windows\system32\dllcache\wordpad.exe
    2009-05-14 17:29 . 2009-04-06 19:32 15504 ----a-w c:\windows\system32\drivers\mbam.sys
    2009-05-14 17:29 . 2009-04-06 19:32 38496 ----a-w c:\windows\system32\drivers\mbamswissarmy.sys
    2009-05-14 15:08 . 2009-05-14 15:08 -------- d-----w c:\documents and settings\Adminstrateur\Application Data\Thinstall
    2009-05-14 06:46 . 2009-05-14 06:47 -------- d-----w c:\documents and settings\Adminstrateur\Application Data\gtk-2.0
    2009-05-14 06:46 . 2009-05-14 06:49 -------- d-----w c:\documents and settings\Adminstrateur\Application Data\TortoiseHg
    2009-05-14 05:24 . 2009-05-14 17:29 -------- d-----w c:\program files\Malwarebytes' Anti-Malware
    2009-05-14 04:48 . 2009-05-14 04:48 -------- d-----w c:\program files\TortoiseHg
    2009-05-10 02:06 . 2009-05-10 02:07 -------- d-----w c:\program files\Hamachi
    2009-05-06 04:09 . 2009-05-06 04:09 -------- d-----w c:\documents and settings\NetworkService\Local Settings\Application Data\Google
    2009-04-27 22:33 . 2009-04-27 22:33 -------- d-----w c:\program files\Guitar Pro 5
    2009-04-25 05:15 . 2009-05-15 05:51 -------- d-----w c:\program files\Super macro

    .
    (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2009-05-16 01:55 . 2008-07-18 03:58 -------- d-----w c:\program files\Teamspeak2_RC2
    2009-05-15 16:12 . 2008-07-20 06:28 -------- d-----w c:\program files\Microsoft Silverlight
    2009-05-15 05:48 . 2008-12-28 17:04 11952 ----a-w c:\windows\system32\avgrsstx.dll
    2009-05-15 05:48 . 2008-12-28 17:04 325896 ----a-w c:\windows\system32\drivers\avgldx86.sys
    2009-05-14 04:55 . 2009-04-02 11:51 -------- d-----w c:\program files\World of Warcraft
    2009-05-14 04:55 . 2009-04-10 03:17 -------- d-----w c:\program files\Warcraft III
    2009-05-12 23:25 . 2009-04-13 04:59 -------- d-----w c:\program files\Google
    2009-05-10 19:20 . 2008-05-20 23:37 25280 ----a-w c:\windows\system32\drivers\hamachi.sys
    2009-04-27 22:37 . 2008-04-16 22:09 457672 ----a-w c:\documents and settings\Adminstrateur\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
    2009-04-25 05:29 . 2009-04-13 06:50 -------- d-----w c:\program files\NCH Software
    2009-04-25 01:18 . 2009-02-05 00:48 664 ----a-w c:\windows\system32\d3d9caps.dat
    2009-04-19 02:01 . 2008-05-03 14:42 -------- d-----w c:\program files\Valve
    2009-04-14 03:27 . 2009-04-14 01:27 -------- d-----w c:\program files\Alerte Dolphin
    2009-04-13 19:07 . 2009-04-13 19:06 -------- d-----w c:\program files\LimeWire
    2009-04-13 18:08 . 2009-04-13 18:07 -------- d-----w c:\program files\K-Lite Codec Pack
    2009-04-13 06:51 . 2009-04-13 06:51 -------- d-----w c:\program files\NCH Swift Sound
    2009-04-13 01:53 . 2009-04-13 01:53 -------- d-----w c:\program files\AutoIt3
    2009-04-10 00:36 . 2009-04-09 23:39 -------- d-----w c:\program files\Fichiers communs\Adobe
    2009-04-05 03:41 . 2009-02-05 01:00 -------- d-----w c:\program files\Warcraft III autres fichiers
    2009-04-03 03:59 . 2009-03-30 23:55 -------- d-----w c:\program files\Xfire
    2009-04-02 01:15 . 2008-04-13 15:31 -------- d-----w c:\program files\Fichiers communs\Blizzard Entertainment
    2009-03-28 06:19 . 2009-03-28 06:19 3120 ----a-w c:\windows\system32\2d2ca2ce-704a-428c-8cbe-0736b29190aa.dll
    2009-03-26 20:42 . 2009-02-04 23:19 552 ----a-w c:\windows\system32\d3d8caps.dat
    2009-03-23 22:32 . 2008-11-06 22:08 -------- d-----w c:\program files\Dyyno
    2009-03-22 06:22 . 2009-03-22 06:20 -------- d-----w c:\program files\Webcam and Screen Recorder
    2009-03-22 06:18 . 2009-03-22 06:18 -------- d-----w c:\program files\Wisdom-soft AutoScreenRecorder 3 Pro
    2009-03-21 21:56 . 2009-03-21 21:53 -------- d-----w c:\program files\VentSrv
    2009-03-21 21:52 . 2009-03-21 06:17 -------- d-----w c:\program files\Fichiers communs\Wise Installation Wizard
    2009-03-21 06:18 . 2008-04-26 23:47 -------- d-----w c:\program files\VentSrv2
    2009-03-21 06:17 . 2009-03-21 06:17 -------- d-----w c:\program files\Ventrilo
    2009-03-20 22:26 . 2009-03-20 22:26 41808 ----a-w c:\windows\system32\xfcodec.dll
    2009-03-20 22:15 . 2008-04-12 18:35 -------- d-----w c:\program files\Notepad++
    2009-03-06 14:20 . 2006-01-05 14:32 286720 ----a-w c:\windows\system32\pdh.dll
    2009-03-03 00:13 . 2006-01-05 14:32 826368 ----a-w c:\windows\system32\wininet.dll
    2009-03-02 18:10 . 2009-04-13 18:07 67584 ----a-w c:\windows\system32\ff_vfw.dll
    2009-02-28 03:47 . 2009-01-15 17:16 0 ----a-w c:\documents and settings\Adminstrateur\Local Settings\Application Data\prvlcl.dat
    2009-02-20 17:10 . 2006-01-05 14:32 78336 ----a-w c:\windows\system32\ieencode.dll
    2008-05-18 23:14 . 2008-05-18 23:14 8238080 ----a-w c:\program files\HTML Guardian 7.msi
    .

    ((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
    REGEDIT4

    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A057A204-BACC-4D26-8287-79A187E26987}]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\1TortoiseNormal]
    @="{C5994560-53D9-4125-87C9-F193FC689CB2}"
    [HKEY_CLASSES_ROOT\CLSID\{C5994560-53D9-4125-87C9-F193FC689CB2}]
    2008-01-16 21:52 80384 ----a-w c:\program files\Fichiers communs\TortoiseOverlays\TortoiseOverlays.dll

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\2TortoiseModified]
    @="{C5994561-53D9-4125-87C9-F193FC689CB2}"
    [HKEY_CLASSES_ROOT\CLSID\{C5994561-53D9-4125-87C9-F193FC689CB2}]
    2008-01-16 21:52 80384 ----a-w c:\program files\Fichiers communs\TortoiseOverlays\TortoiseOverlays.dll

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\3TortoiseConflict]
    @="{C5994562-53D9-4125-87C9-F193FC689CB2}"
    [HKEY_CLASSES_ROOT\CLSID\{C5994562-53D9-4125-87C9-F193FC689CB2}]
    2008-01-16 21:52 80384 ----a-w c:\program files\Fichiers communs\TortoiseOverlays\TortoiseOverlays.dll

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\4TortoiseLocked]
    @="{C5994563-53D9-4125-87C9-F193FC689CB2}"
    [HKEY_CLASSES_ROOT\CLSID\{C5994563-53D9-4125-87C9-F193FC689CB2}]
    2008-01-16 21:52 80384 ----a-w c:\program files\Fichiers communs\TortoiseOverlays\TortoiseOverlays.dll

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\5TortoiseReadOnly]
    @="{C5994564-53D9-4125-87C9-F193FC689CB2}"
    [HKEY_CLASSES_ROOT\CLSID\{C5994564-53D9-4125-87C9-F193FC689CB2}]
    2008-01-16 21:52 80384 ----a-w c:\program files\Fichiers communs\TortoiseOverlays\TortoiseOverlays.dll

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\6TortoiseDeleted]
    @="{C5994565-53D9-4125-87C9-F193FC689CB2}"
    [HKEY_CLASSES_ROOT\CLSID\{C5994565-53D9-4125-87C9-F193FC689CB2}]
    2008-01-16 21:52 80384 ----a-w c:\program files\Fichiers communs\TortoiseOverlays\TortoiseOverlays.dll

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\7TortoiseAdded]
    @="{C5994566-53D9-4125-87C9-F193FC689CB2}"
    [HKEY_CLASSES_ROOT\CLSID\{C5994566-53D9-4125-87C9-F193FC689CB2}]
    2008-01-16 21:52 80384 ----a-w c:\program files\Fichiers communs\TortoiseOverlays\TortoiseOverlays.dll

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\8TortoiseIgnored]
    @="{C5994567-53D9-4125-87C9-F193FC689CB2}"
    [HKEY_CLASSES_ROOT\CLSID\{C5994567-53D9-4125-87C9-F193FC689CB2}]
    2008-01-16 21:52 80384 ----a-w c:\program files\Fichiers communs\TortoiseOverlays\TortoiseOverlays.dll

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\9TortoiseUnversioned]
    @="{C5994568-53D9-4125-87C9-F193FC689CB2}"
    [HKEY_CLASSES_ROOT\CLSID\{C5994568-53D9-4125-87C9-F193FC689CB2}]
    2008-01-16 21:52 80384 ----a-w c:\program files\Fichiers communs\TortoiseOverlays\TortoiseOverlays.dll

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2007-10-18 5724184]
    "MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2008-04-14 1695232]
    "SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2008-09-16 1833296]
    "ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
    "FreeCall"="c:\program files\FreeCall.com\FreeCall\FreeCall.exe" [2008-09-01 9109296]
    "AlerteD"="c:\program files\Alerte Dolphin\Alerte.exe" [2006-06-29 768000]
    "Steam"="c:\program files\valve\steam\steam.exe" [2009-04-19 1410296]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "SetRefresh"="c:\program files\COMPAQ\SetRefresh\\SetRefresh.exe" [2003-11-20 525824]
    "Smapp"="c:\program files\Analog Devices\SoundMAX\SMTray.exe" [2003-05-05 143360]
    "DrvLsnr"="c:\program files\Analog Devices\SoundMAX\DrvLsnr.exe" [2003-05-08 69632]
    "igfxtray"="c:\windows\system32\igfxtray.exe" [2005-09-20 94208]
    "igfxhkcmd"="c:\windows\system32\hkcmd.exe" [2005-09-20 77824]
    "igfxpers"="c:\windows\system32\igfxpers.exe" [2005-09-20 114688]
    "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-01-31 136600]
    "QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2008-03-29 413696]
    "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2008-03-30 267048]
    "SNPSTD2"="c:\windows\vsnpstd2.exe" [2004-01-05 40960]
    "AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2009-05-15 1947928]
    "BroadCamRun"="c:\program files\NCH Software\BroadCam\broadCam.exe" [2009-04-13 368644]

    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]
    2009-05-15 05:48 11952 ----a-w c:\windows\system32\avgrsstx.dll

    HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32
    "MIDI1"= SYNCOR11.DLL

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AVG Anti-Spyware Driver]
    @=""

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AVG Anti-Spyware Guard]
    @=""

    [HKEY_LOCAL_MACHINE\software\microsoft\security center]
    "AntiVirusOverride"=dword:00000001

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
    "%windir%\\system32\\sessmgr.exe"=
    "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
    "c:\\Program Files\\Teamspeak2_RC2\\server_windows.exe"=
    "c:\\Program Files\\uTorrent\\uTorrent.exe"=
    "c:\\WINDOWS\\system32\\dpvsetup.exe"=
    "c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
    "c:\\games\\Paintball2\\paintball2.exe"=
    "c:\\Program Files\\FreeCall.com\\FreeCall\\FreeCall.exe"=

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
    "8767:TCP"= 8767:TCP:TS
    "8767:UDP"= 8767:UDP:TS
    "14534:TCP"= 14534:TCP:TS
    "14534:UDP"= 14534:UDP:TS
    "3389:TCP"= 3389:TCP:*:D isabled:@xpsp2res.dll,-22009
    "8085:TCP"= 8085:TCP:wow1
    "8085:UDP"= 8085:UDP:wow2
    "3724:TCP"= 3724:TCP:wow3
    "3724:UDP"= 3724:UDP:wow5
    "3306:TCP"= 3306:TCP:wow6
    "3306:UDP"= 3306:UDP:wow7
    "80:UDP"= 80:UDP:wow9

    R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2008-12-28 325896]
    R1 pctfw2;pctfw2;c:\windows\system32\drivers\pctfw2.sys [2009-01-10 160792]
    R2 Anyplace Control Security;Anyplace Control Security;c:\windows\svcadmin.exe [2008-06-15 104960]
    R2 avg8wd;AVG Free8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [2009-05-15 298776]
    R3 tenCapture;tenCapture;c:\windows\system32\drivers\tenCapture.sys [2007-04-21 9344]
    S2 BroadCamService;BroadCam Service;c:\program files\NCH Software\BroadCam\broadCam.exe [2009-04-13 368644]
    S2 gupdate1c9bbf4ad401b26;Google Update Service (gupdate1c9bbf4ad401b26);c:\program files\Google\Update\GoogleUpdate.exe [2009-04-13 133104]
    S3 cpuz131;cpuz131;\??\c:\docume~1\ADMINS~1\LOCALS~1\Temp\cpuz131\cpuz_x32.sys --> c:\docume~1\ADMINS~1\LOCALS~1\Temp\cpuz131\cpuz_x32.sys [?]
    S3 DBKDRVR54;DBKDRVR54;\??\c:\program files\Cheat Engine\dbk32.sys --> c:\program files\Cheat Engine\dbk32.sys [?]
    S3 SCREAMINGBDRIVER;Screaming Bee Audio;c:\windows\system32\drivers\ScreamingBAudio.sys --> c:\windows\system32\drivers\ScreamingBAudio.sys [?]
    S3 uwshcbq;uwshcbq;\??\c:\documents and settings\Adminstrateur\Bureau\Nouveau dossier\uwshcbq.sys --> c:\documents and settings\Adminstrateur\Bureau\Nouveau dossier\uwshcbq.sys [?]

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{34256ec4-7650-11dd-99ad-001d921c0b0b}]
    \Shell\AutoRun\command - G:\LaunchU3.exe -a

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{34256ec5-7650-11dd-99ad-001d921c0b0b}]
    \Shell\AutoRun\command - c:\windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL resycled\boot.com h:
    \Shell\Open\command - g:\resycled\boot.com h:

    [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{2CF0B1C5-A00D-46F6-3742-B1B8E7C02113}]
    c:\program files\Outlook Express\msinm.exe s
    .
    Contenu du dossier 'Tâches planifiées'

    2009-05-09 c:\windows\Tasks\AppleSoftwareUpdate.job
    - c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-04-11 21:57]

    2009-05-16 c:\windows\Tasks\GoogleUpdateTaskMachine.job
    - c:\program files\Google\Update\GoogleUpdate.exe [2009-04-13 04:59]

    2009-05-16 c:\windows\Tasks\WGASetup.job
    - c:\windows\system32\KB905474\wgasetup.exe [2009-05-15 02:18]
    .
    - - - - ORPHELINS SUPPRIMES - - - -

    HKCU-Run-BudgetSip - c:\program files\BudgetSip.com\BudgetSip\BudgetSip.exe


    .
    ------- Examen supplémentaire -------
    .
    uInternet Connection Wizard,ShellNext = iexplore
    uInternet Settings,ProxyOverride = *.local
    IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
    LSP: c:\program files\Fichiers communs\PC Tools\LSP\PCTLsp.dll
    DPF: {4E218431-2F07-40BD-A9D3-035324C1F13F} - hxxp://webserver.dyyno.com/DyynoClient/DyynoCAB.CAB
    FF - ProfilePath - c:\documents and settings\Adminstrateur\Application Data\Mozilla\Firefox\Profiles\7yk32vma.default\
    FF - prefs.js: browser.startup.homepage - hxxp://pulsegaming.fr/site
    FF - component: c:\program files\AVG\AVG8\Firefox\components\avgssff.dll
    FF - component: c:\program files\AVG\AVG8\ToolbarFF\components\vmAVGConnector.dll
    FF - component: c:\program files\Google\Google Gears\Firefox\components\gears.dll
    FF - plugin: c:\documents and settings\Adminstrateur\Application Data\Mozilla\Firefox\Profiles\7yk32vma.default\extensions\iaplayer@instantaction.com\plugins\npiaplayer.dll
    FF - plugin: c:\documents and settings\Adminstrateur\Application Data\Mozilla\Firefox\Profiles\7yk32vma.default\extensions\NPDyyno@dyyno.com\plugins\npDyyno.dll
    FF - plugin: c:\program files\Dyyno\Dyyno Player\npvlc.dll
    FF - plugin: c:\program files\Google\Update\1.2.145.5\npGoogleOneClick8.dll
    FF - plugin: c:\program files\Mozilla Firefox\plugins\npigl.dll
    .

    **************************************************************************

    catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2009-05-15 22:05
    Windows 5.1.2600 Service Pack 3 NTFS

    Recherche de processus cachés ...

    Recherche d'éléments en démarrage automatique cachés ...

    Recherche de fichiers cachés ...

    Scan terminé avec succès
    Fichiers cachés: 0

    **************************************************************************

    [HKEY_LOCAL_MACHINE\System\ControlSet015\Services\PSSdk21]
    "ImagePath"="\??\c:\windows\system32\Drivers\HNPsSdk.drv"
    .
    --------------------- CLES DE REGISTRE BLOQUEES ---------------------

    [HKEY_USERS\S-1-5-21-583907252-162531612-725345543-1006\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{897E1E23-E7B5-CF88-083D-15051AC1039C}*]
    "iajkkniklckippjlhn"=hex:6a,61,67,64,61,67,69,6a,6b,64,68,65,69,62,62,66,6e,61,
    68,6b,00,13
    "hadlameefhfeelmo"=hex:6a,61,67,64,61,67,69,6a,6b,64,68,65,69,62,62,66,6e,61,
    68,6b,00,00
    "haipcgopeglnmogk"=hex:66,61,65,64,6a,67,6b,6a,63,6d,68,64,00,00
    .
    --------------------- DLLs chargées dans les processus actifs ---------------------

    - - - - - - - > 'winlogon.exe'(804)
    c:\windows\system32\Ati2evxx.dll

    - - - - - - - > 'lsass.exe'(860)
    c:\program files\Fichiers communs\PC Tools\LSP\PCTLsp.dll
    .
    Heure de fin: 2009-05-16 22:07
    ComboFix-quarantined-files.txt 2009-05-16 02:07
    ComboFix2.txt 2008-12-27 23:58

    Avant-CF: 5 978 095 616 octets libres
    Après-CF: 6 193 270 784 octets libres

    WindowsXP-KB310994-SP2-Pro-BootDisk-FRA.exe
    [boot loader]
    timeout=2
    default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
    [operating systems]
    c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
    multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professionnel" /noexecute=optin /fastdetect

    Current=15 Default=15 Failed=14 LastKnownGood=16 Sets=1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16
    275 --- E O F --- 2009-05-15 16:06
    a b 8 Sécurité
    16 Mai 2009 17:29:12

    Re,

    Tu connais TortoiseOverlays ?
    17 Mai 2009 18:36:38

    Oui , enfaite je connais Tortoise ... ( est-ce different ? ) .

    Pourquoi ?


    Cordialement
    Pomax
    a b 8 Sécurité
    17 Mai 2009 20:19:01

    Connais pas, pour voir si c'est une infection. Reposte un rapport Hijackthis.
    18 Mai 2009 21:54:01

    Voici le LOG


    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 15:53:42, on 2009-05-18
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16827)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    C:\Program Files\Alwil Software\Avast4\ashServ.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Google\Update\GoogleUpdate.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\TortoiseSVN\bin\TSVNCache.exe
    C:\WINDOWS\svcadmin.exe
    C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\Program Files\Java\jre6\bin\jqs.exe
    C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
    C:\Program Files\Analog Devices\SoundMAX\DrvLsnr.exe
    C:\WINDOWS\system32\PnkBstrA.exe
    C:\Program Files\Java\jre6\bin\jusched.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\WINDOWS\vsnpstd2.exe
    C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    C:\Program Files\Messenger\msmsgs.exe
    C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\MSI\Common\RaUI.exe
    C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
    C:\Documents and Settings\Adminstrateur\Application Data\Microsoft\Live Search\Notification-LiveSearch.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Documents and Settings\Adminstrateur\Application Data\Microsoft\Live Search\Mise-a-jour-LiveSearch.exe
    C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Teamspeak2_RC2\server_windows.exe
    C:\Program Files\Teamspeak2_RC22\TeamSpeak.exe
    C:\WINDOWS\system32\igfxsrvc.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll (file missing)
    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: VMN Toolbar - {A057A204-BACC-4D26-8287-79A187E26987} - C:\PROGRA~1\VMNTOO~1\VMNTOO~1.DLL
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: Google Gears Helper - {E0FEFE40-FBF9-42AE-BA58-794CA7E3FB53} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.19.0\gears.dll
    O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    O3 - Toolbar: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - (no file)
    O3 - Toolbar: VMN Toolbar - {A057A204-BACC-4D26-8287-79A187E26987} - C:\PROGRA~1\VMNTOO~1\VMNTOO~1.DLL
    O4 - HKLM\..\Run: [SetRefresh] C:\Program Files\COMPAQ\SetRefresh\\SetRefresh.exe
    O4 - HKLM\..\Run: [Smapp] C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
    O4 - HKLM\..\Run: [DrvLsnr] C:\Program Files\Analog Devices\SoundMAX\DrvLsnr.exe
    O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
    O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
    O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [SNPSTD2] C:\WINDOWS\vsnpstd2.exe
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
    O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [FreeCall] "C:\Program Files\FreeCall.com\FreeCall\FreeCall.exe" -nosplash -minimized
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - Startup: AutoClick.lnk = C:\Program Files\AutoClick\AutoClick.exe
    O4 - Startup: MagicDisc.lnk = C:\Program Files\MagicDisc\MagicDisc.exe
    O4 - Startup: Outil de notification Live Search.lnk = C:\Documents and Settings\Adminstrateur\Application Data\Microsoft\Live Search\Notification-LiveSearch.exe
    O4 - Global Startup: DYNDNSCLIENT.lnk = C:\Program Files\darweb-dyndnsclient\dyndnsclient.exe
    O4 - Global Startup: MSI Wireless Utility.lnk = C:\Program Files\MSI\Common\RaUI.exe
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.19.0\gears.dll
    O9 - Extra 'Tools' menuitem: Paramètres de Google &Gears - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.19.0\gears.dll
    O9 - Extra button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
    O9 - Extra 'Tools' menuitem: Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
    O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
    O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986....
    O16 - DPF: {4E218431-2F07-40BD-A9D3-035324C1F13F} (DyynoX Class) - http://webserver.dyyno.com/DyynoClient/DyynoCAB.CAB
    O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown....
    O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8....
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Cont...
    O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.ca...
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
    O16 - DPF: {DB7BF79A-FC51-4B5A-92BC-A65731174380} (InstantAction Game Launcher) - http://www.instantaction.com/download/iaplayer.cab
    O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab569...
    O16 - DPF: {FFBB3F3B-0A5A-4106-BE53-DFE1E2340CB1} (Contrôleur de DownloadManager) - http://dlm.tools.akamai.com/dlmanager/versions/activex/...
    O17 - HKLM\System\CS14\Services\Tcpip\Parameters: NameServer = 85.255.115.50 85.255.112.154
    O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
    O23 - Service: Anyplace Control Security - Unknown owner - C:\WINDOWS\svcadmin.exe
    O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
    O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: Client32 - Unknown owner - C:\Program Files\NetSupport\NetSupport Manager\client32.exe (file missing)
    O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
    O23 - Service: Google Update Service (gupdate1c9bbf4ad401b26) (gupdate1c9bbf4ad401b26) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
    O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
    O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
    O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
    O23 - Service: wampapache - Apache Software Foundation - c:\wamp\bin\apache\apache2.2.6\bin\httpd.exe
    O23 - Service: wampmysqld - Unknown owner - c:\wamp\bin\mysql\mysql5.0.45\bin\mysqld-nt.exe

    --
    End of file - 11191 bytes
    a b 8 Sécurité
    19 Mai 2009 17:27:17

    Re,

    Relance Hijackthis (clique droit -> lancer en tant qu'adminstrateur sous Vista), do a system scan only, coche ces lignes (si toujours présentes) :
    O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll (file missing)
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: VMN Toolbar - {A057A204-BACC-4D26-8287-79A187E26987} - C:\PROGRA~1\VMNTOO~1\VMNTOO~1.DLL
    O3 - Toolbar: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - (no file)
    O3 - Toolbar: VMN Toolbar - {A057A204-BACC-4D26-8287-79A187E26987} - C:\PROGRA~1\VMNTOO~1\VMNTOO~1.DLL
    O17 - HKLM\System\CS14\Services\Tcpip\Parameters: NameServer = 85.255.115.50 85.255.112.154

    Ferme toutes les applications en cours (particulièrement ton navigateur Internet).
    Puis Fix Checked !

    &

    Télécharge Toolbar-S&D (Team IDN) sur ton Bureau.

  • Lance l'installation du programme en exécutant le fichier téléchargé.
  • Double-clique maintenant sur le raccourci de Toolbar-S&D.
  • Sélectionne la langue souhaitée en tapant la lettre de ton choix puis en validant avec la touche Entrée.
  • Choisis maintenant l'option 1 (Recherche). Patiente jusqu'à la fin de la recherche.
  • Poste le rapport généré. (C:\TB.txt)
    19 Mai 2009 23:18:20

    Voici le RAPPORT


    -----------\\ ToolBar S&D 1.2.8 XP/Vista

    Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 3
    X86-based PC ( Uniprocessor Free : Intel(R) Pentium(R) 4 CPU 2.80GHz )
    BIOS : 786B2 v1.11
    USER : Adminstrateur ( Administrator )
    BOOT : Normal boot
    Antivirus : avast! antivirus 4.8.1335 [VPS 090518-0] 4.8.1335 (Activated)
    A:\ (USB)
    C:\ (Local Disk) - NTFS - Total:37 Go (Free:4 Go)
    D:\ (CD or DVD)
    E:\ (CD or DVD)
    F:\ (CD or DVD)

    "C:\ToolBar SD" ( MAJ : 21-12-2008|20:47 )
    Option : [1] ( 2009-05-19|17:15 )

    -----------\\ Recherche de Fichiers / Dossiers ...

    C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar
    C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\2
    C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\a.bmp
    C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\amazon.bmp
    C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\an.bmp
    C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\arrow.bmp
    C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\arrowB.gif
    C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\arrowT.gif
    C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\arrow_down.gif
    C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\arrow_up.gif
    C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\autofill.bmp
    C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\b.bmp
    C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\bg_pub.gif
    C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\bg_ttl.gif
    C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\bn.bmp
    C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\bottom.png
    C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\bottom_left.png
    C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\bottom_right.png
    C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\btn_addstations.gif
    C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\btn_delete.gif
    C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\c.bmp
    C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\CAlogo.bmp
    C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\canalblog.bmp
    C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\cn.bmp
    C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\d.bmp
    C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\dictionary2.bmp
    C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\dn.bmp
    C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\DownloadCOM.bmp
    C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\dropdown.css
    C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\email_b.bmp
    C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\equalizer_loading.bmp
    C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\equalizer_off.bmp
    C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\equalizer_on.bmp
    C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\ErrorLog.txt
    C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\ErrorPageTemplate.css
    C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\ErrorPageTemplate_search.css
    C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\f.bmp
    C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\fn.bmp
    C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\g.bmp
    C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\gaming.bmp
    C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\gn.bmp
    C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\graphred0.bmp
    C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\graphred0_5.bmp
    C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\graphred1.bmp
    C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\graphred1_5.bmp
    C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\graphred2.bmp
    C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\graphred2_5.bmp
    C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\graphred3.bmp
    C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\graphred3_5.bmp
    C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\graphred4.bmp
    C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\graphred4_5.bmp
    C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\graphred5.bmp
    C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\h.bmp
    C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\help.gif
    C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\hideremove.bmp
    C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\highlight.bmp
    C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\hn.bmp
    C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\horoscope.bmp
    C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\h_aquarius.bmp
    C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\h_aries.bmp
    C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\h_cancer.bmp
    C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\h_capricorn.bmp
    C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\h_gemini.bmp
    C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\h_leo.bmp
    C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\h_libra.bmp
    C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\h_pisces.bmp
    C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\h_sagittarius.bmp
    C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\h_scorpio.bmp
    C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\h_taurus.bmp
    C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\h_virgo.bmp
    C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\i.bmp
    C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\IEtab2_1.zip
    C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\images01.bmp
    C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\in.bmp
    C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\j.bmp
    C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\jn.bmp
    C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\k.bmp
    C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\kn.bmp
    C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\l.bmp
    C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\left.png
    C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\ln.bmp
    C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\loading.gif
    C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\logo.bmp
    C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\logo_facebook.bmp
    C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\minus.bmp
    C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\minus_on.bmp
    C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\music2.bmp
    C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\n.bmp
    C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\New York_NY_weather.txt
    C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\New York_NY_weather.txt233316343
    C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\New York_NY_weather.txt433970421
    C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\New York_NY_weather.txt581568984
    C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\NewCfg
    C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\news.bmp
    C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\news.html
    C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\newsb.bmp
    C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\nn.bmp
    C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\o.bmp
    C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\on.bmp
    C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\p.bmp
    C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\pixsy.bmp
    C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\play.bmp
    C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\play_on.bmp
    C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\plus.bmp
    C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\plus_on.bmp
    C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\pn.bmp
    C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\popup_off.bmp
    C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\popup_on.bmp
    C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\popup_ona.bmp
    C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\p_yahoo.bmp
    C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\p_yahoo_fr.bmp
    C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\q.bmp
    C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\qn.bmp
    C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\r.bmp
    C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\radiocfgdlg.html
    C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\RadioStations.list
    C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\radio_bg.gif
    C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\relatedlinks.bmp
    C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\report.bmp
    C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\right.png
    C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\rn.bmp
    C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\rss.xsl
    C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\rss1.bmp
    C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\rsslib.js
    C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\rssmenu1_7a.zip
    C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\s.bmp
    C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\search.bmp
    C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\search.gif
    C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\search_fr.gif
    C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\settings.bmp
    C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\shop2.bmp
    C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\sinfo.txt
    C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\sinfo.txt145130375
    C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\sinfo.txt146305031
    C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\sinfo.txt320763531
    C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\sinfo.txt433970421
    C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\sinfo.txt581568968
    C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\sinfo.txt668112203
    C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\sinfo.txt668566734
    C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\sinfo.txt668577437
    C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\sinfo.txt93073109
    C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\siteinfo.bmp
    C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\slider.bmp
    C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\sn.bmp
    C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\spacer.gif
    C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\stars-red1.bmp
    C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\stars-red2.bmp
    C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\stars-red3.bmp
    C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\stars-red4.bmp
    C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\stars-red5.bmp
    C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\stop.bmp
    C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\stop_on.bmp
    C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\t.bmp
    C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\tabdataV3.js
    C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\tabwelcome_en.html
    C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\tabwelcome_fr.html
    C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\tab_icon.png
    C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\technorati.bmp
    C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\tn.bmp
    C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\tools.bmp
    C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\top.png
    C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\top_left.png
    C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\top_right.png
    C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\translate.bmp
    C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\ttl_add.gif
    C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\u.bmp
    C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\un.bmp
    C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\UserStations.list
    C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\utf8.js
    C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\v.bmp
    C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\vmlib.js
    C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\vmntoolbartb2501.cfg
    C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\vn.bmp
    C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\w.bmp
    C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\web_en.bmp
    C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\web_fr.bmp
    C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\wikipedia.bmp
    C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\wn.bmp
    C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\x.bmp
    C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\xp_close_small.gif
    C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\yahoo_search.gif
    C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\YouTube.bmp
    C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\z.bmp
    C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\zn.bmp
    C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\zoom.bmp
    C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\__slider.bmp
    C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\2\_lastfeeds.xml
    C:\Program Files\VMNToolbar
    C:\Program Files\VMNToolbar\install.ico
    C:\Program Files\VMNToolbar\tbuninstall.exe
    C:\Program Files\VMNToolbar\toolbar.ini
    C:\Program Files\VMNToolbar\uninstall.exe

    -----------\\ Extensions

    (Adminstrateur) - {71328583-3CA7-4809-B4BA-570A85818FBB} => cacheviewer


    -----------\\ [..\Internet Explorer\Main]

    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
    "Local Page"="C:\\windows\\system32\\blank.htm"
    "Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iese..."
    "Start Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&..."
    "Default_Search_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iese..."

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
    "Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
    "Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
    "Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
    "Local Page"="C:\\windows\\system32\\blank.htm"
    "Start Page"="http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home"


    --------------------\\ Recherche d'autres infections

    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet014\..\{2D14DB62-4C4B-4FCB-818E-71F7A6CCC65D}]
    NameServer REG_SZ 85.255.115.50,85.255.112.154
    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet014\..\{AB9B6678-7026-496E-A217-02C92839C38A}]
    NameServer REG_SZ 85.255.115.50,85.255.112.154
    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet014\..\{AB9B6678-7026-496E-A217-02C92839C38A}]
    DhcpNameServer REG_SZ 85.255.115.50,85.255.112.154
    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet014\..\{C050E60A-B913-43A4-A110-8127A2997EC5}]
    NameServer REG_SZ 85.255.113.117;85.255.112.90
    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet014\..\{C050E60A-B913-43A4-A110-8127A2997EC5}]
    DhcpNameServer REG_SZ 85.255.113.117;85.255.112.90
    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet014\..\{CCF7B429-5E33-4EDD-92D4-1BDE435448E1}]
    NameServer REG_SZ 85.255.115.50,85.255.112.154
    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet014\..\{FA785A41-A335-45C4-98C1-FC005A45215F}]
    NameServer REG_SZ 85.255.115.50,85.255.112.154
    ==> WAREOUT <==

    --------------------\\ Cracks & Keygens ..

    C:\DOCUME~1\ADMINS~1\Mes documents\Bureau Max\Trinity\buildings\Shadowmoon_Wall_Crack.wmo



    1 - "C:\ToolBar SD\TB_1.txt" - 2009-05-19|17:17 - Option : [1]

    -----------\\ Fin du rapport a 17:17:27,01
    a b 8 Sécurité
    20 Mai 2009 18:27:52

    Re,

    Relance Toolbar-S&D en double-cliquant sur le raccourci.

  • Choisis cette fois l'option 2 puis valide en appuyant sur Entrée.
    ! Ne ferme pas la fenêtre lors de la suppression ! [/#f]
  • Un rapport sera généré, poste son contenu ici, puis un nouveau rapport HijackThis.

    [#008040]Si ton bureau ne réapparait pas, fais CTRL+ALT+SUPP pour ouvrir le gestionnaire de tâches.
    Puis rends-toi à l'onglet "processus". Clique en haut à gauche sur fichiers et choisis "Nouvelle tâche (exécuter)"
    Tapes explorer et valide. Cela te fera apparaitre ton bureau


  • &

    Repasse un coup de MBAM.
    20 Mai 2009 22:55:43

    VOici le rapport ToolBar

    -----------\\ ToolBar S&D 1.2.8 XP/Vista

    Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 3
    X86-based PC ( Uniprocessor Free : Intel(R) Pentium(R) 4 CPU 2.80GHz )
    BIOS : 786B2 v1.11
    USER : Adminstrateur ( Administrator )
    BOOT : Normal boot
    Antivirus : avast! antivirus 4.8.1335 [VPS 090519-0] 4.8.1335 (Activated)
    A:\ (USB)
    C:\ (Local Disk) - NTFS - Total:37 Go (Free:3 Go)
    D:\ (CD or DVD)
    E:\ (CD or DVD)
    F:\ (CD or DVD)

    "C:\ToolBar SD" ( MAJ : 21-12-2008|20:47 )
    Option : [2] ( 2009-05-20|16:51 )

    -----------\\ SUPPRESSION

    Supprime! - C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\2
    Supprime! - C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\a.bmp
    Supprime! - C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\amazon.bmp
    Supprime! - C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\an.bmp
    Supprime! - C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\arrow.bmp
    Supprime! - C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\arrowB.gif
    Supprime! - C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\arrowT.gif
    Supprime! - C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\arrow_down.gif
    Supprime! - C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\arrow_up.gif
    Supprime! - C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\autofill.bmp
    Supprime! - C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\b.bmp
    Supprime! - C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\bg_pub.gif
    Supprime! - C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\bg_ttl.gif
    Supprime! - C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\bn.bmp
    Supprime! - C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\bottom.png
    Supprime! - C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\bottom_left.png
    Supprime! - C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\bottom_right.png
    Supprime! - C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\btn_addstations.gif
    Supprime! - C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\btn_delete.gif
    Supprime! - C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\c.bmp
    Supprime! - C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\CAlogo.bmp
    Supprime! - C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\canalblog.bmp
    Supprime! - C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\cn.bmp
    Supprime! - C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\d.bmp
    Supprime! - C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\dictionary2.bmp
    Supprime! - C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\dn.bmp
    Supprime! - C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\DownloadCOM.bmp
    Supprime! - C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\dropdown.css
    Supprime! - C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\email_b.bmp
    Supprime! - C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\equalizer_loading.bmp
    Supprime! - C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\equalizer_off.bmp
    Supprime! - C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\equalizer_on.bmp
    Supprime! - C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\ErrorLog.txt
    Supprime! - C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\ErrorPageTemplate.css
    Supprime! - C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\ErrorPageTemplate_search.css
    Supprime! - C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\f.bmp
    Supprime! - C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\fn.bmp
    Supprime! - C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\g.bmp
    Supprime! - C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\gaming.bmp
    Supprime! - C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\gn.bmp
    Supprime! - C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\graphred0.bmp
    Supprime! - C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\graphred0_5.bmp
    Supprime! - C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\graphred1.bmp
    Supprime! - C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\graphred1_5.bmp
    Supprime! - C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\graphred2.bmp
    Supprime! - C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\graphred2_5.bmp
    Supprime! - C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\graphred3.bmp
    Supprime! - C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\graphred3_5.bmp
    Supprime! - C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\graphred4.bmp
    Supprime! - C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\graphred4_5.bmp
    Supprime! - C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\graphred5.bmp
    Supprime! - C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\h.bmp
    Supprime! - C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\help.gif
    Supprime! - C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\hideremove.bmp
    Supprime! - C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\highlight.bmp
    Supprime! - C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\hn.bmp
    Supprime! - C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\horoscope.bmp
    Supprime! - C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\h_aquarius.bmp
    Supprime! - C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\h_aries.bmp
    Supprime! - C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\h_cancer.bmp
    Supprime! - C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\h_capricorn.bmp
    Supprime! - C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\h_gemini.bmp
    Supprime! - C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\h_leo.bmp
    Supprime! - C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\h_libra.bmp
    Supprime! - C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\h_pisces.bmp
    Supprime! - C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\h_sagittarius.bmp
    Supprime! - C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\h_scorpio.bmp
    Supprime! - C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\h_taurus.bmp
    Supprime! - C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\h_virgo.bmp
    Supprime! - C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\i.bmp
    Supprime! - C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\IEtab2_1.zip
    Supprime! - C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\images01.bmp
    Supprime! - C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\in.bmp
    Supprime! - C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\j.bmp
    Supprime! - C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\jn.bmp
    Supprime! - C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\k.bmp
    Supprime! - C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\kn.bmp
    Supprime! - C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\l.bmp
    Supprime! - C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\left.png
    Supprime! - C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\ln.bmp
    Supprime! - C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\loading.gif
    Supprime! - C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\logo.bmp
    Supprime! - C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\logo_facebook.bmp
    Supprime! - C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\minus.bmp
    Supprime! - C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\minus_on.bmp
    Supprime! - C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\music2.bmp
    Supprime! - C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\n.bmp
    Supprime! - C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\New York_NY_weather.txt
    Supprime! - C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\New York_NY_weather.txt233316343
    Supprime! - C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\New York_NY_weather.txt433970421
    Supprime! - C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\New York_NY_weather.txt581568984
    Supprime! - C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\NewCfg
    Supprime! - C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\news.bmp
    Supprime! - C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\news.html
    Supprime! - C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\newsb.bmp
    Supprime! - C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\nn.bmp
    Supprime! - C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\o.bmp
    Supprime! - C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\on.bmp
    Supprime! - C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\p.bmp
    Supprime! - C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\pixsy.bmp
    Supprime! - C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\play.bmp
    Supprime! - C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\play_on.bmp
    Supprime! - C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\plus.bmp
    Supprime! - C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\plus_on.bmp
    Supprime! - C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\pn.bmp
    Supprime! - C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\popup_off.bmp
    Supprime! - C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\popup_on.bmp
    Supprime! - C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\popup_ona.bmp
    Supprime! - C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\p_yahoo.bmp
    Supprime! - C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\p_yahoo_fr.bmp
    Supprime! - C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\q.bmp
    Supprime! - C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\qn.bmp
    Supprime! - C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\r.bmp
    Supprime! - C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\radiocfgdlg.html
    Supprime! - C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\RadioStations.list
    Supprime! - C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\radio_bg.gif
    Supprime! - C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\relatedlinks.bmp
    Supprime! - C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\report.bmp
    Supprime! - C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\right.png
    Supprime! - C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\rn.bmp
    Supprime! - C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\rss.xsl
    Supprime! - C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\rss1.bmp
    Supprime! - C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\rsslib.js
    Supprime! - C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\rssmenu1_7a.zip
    Supprime! - C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\s.bmp
    Supprime! - C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\search.bmp
    Supprime! - C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\search.gif
    Supprime! - C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\search_fr.gif
    Supprime! - C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\settings.bmp
    Supprime! - C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\shop2.bmp
    Supprime! - C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\sinfo.txt
    Supprime! - C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\sinfo.txt145130375
    Supprime! - C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\sinfo.txt146305031
    Supprime! - C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\sinfo.txt320763531
    Supprime! - C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\sinfo.txt433970421
    Supprime! - C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\sinfo.txt581568968
    Supprime! - C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\sinfo.txt668112203
    Supprime! - C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\sinfo.txt668566734
    Supprime! - C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\sinfo.txt668577437
    Supprime! - C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\sinfo.txt93073109
    Supprime! - C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\siteinfo.bmp
    Supprime! - C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\slider.bmp
    Supprime! - C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\sn.bmp
    Supprime! - C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\spacer.gif
    Supprime! - C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\stars-red1.bmp
    Supprime! - C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\stars-red2.bmp
    Supprime! - C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\stars-red3.bmp
    Supprime! - C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\stars-red4.bmp
    Supprime! - C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\stars-red5.bmp
    Supprime! - C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\stop.bmp
    Supprime! - C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\stop_on.bmp
    Supprime! - C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\t.bmp
    Supprime! - C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\tabdataV3.js
    Supprime! - C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\tabwelcome_en.html
    Supprime! - C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\tabwelcome_fr.html
    Supprime! - C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\tab_icon.png
    Supprime! - C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\technorati.bmp
    Supprime! - C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\tn.bmp
    Supprime! - C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\tools.bmp
    Supprime! - C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\top.png
    Supprime! - C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\top_left.png
    Supprime! - C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\top_right.png
    Supprime! - C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\translate.bmp
    Supprime! - C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\ttl_add.gif
    Supprime! - C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\u.bmp
    Supprime! - C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\un.bmp
    Supprime! - C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\UserStations.list
    Supprime! - C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\utf8.js
    Supprime! - C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\v.bmp
    Supprime! - C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\vmlib.js
    Supprime! - C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\vmntoolbartb2501.cfg
    Supprime! - C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\vn.bmp
    Supprime! - C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\w.bmp
    Supprime! - C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\web_en.bmp
    Supprime! - C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\web_fr.bmp
    Supprime! - C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\wikipedia.bmp
    Supprime! - C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\wn.bmp
    Supprime! - C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\x.bmp
    Supprime! - C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\xp_close_small.gif
    Supprime! - C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\yahoo_search.gif
    Supprime! - C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\YouTube.bmp
    Supprime! - C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\z.bmp
    Supprime! - C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\zn.bmp
    Supprime! - C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\zoom.bmp
    Supprime! - C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar\__slider.bmp
    Supprime! - C:\Program Files\VMNToolbar\install.ico
    Supprime! - C:\Program Files\VMNToolbar\tbuninstall.exe
    Supprime! - C:\Program Files\VMNToolbar\toolbar.ini
    Supprime! - C:\Program Files\VMNToolbar\uninstall.exe
    Supprime! - C:\DOCUME~1\ADMINS~1\APPLIC~1\VMNToolbar
    Supprime! - C:\Program Files\VMNToolbar

    -----------\\ Recherche de Fichiers / Dossiers ...


    -----------\\ Extensions

    (Adminstrateur) - {71328583-3CA7-4809-B4BA-570A85818FBB} => cacheviewer


    -----------\\ [..\Internet Explorer\Main]

    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
    "Local Page"="C:\\WINDOWS\\system32\\blank.htm"
    "Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iese..."
    "Start Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&..."
    "Default_Search_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iese..."

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
    "Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
    "Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
    "Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
    "Local Page"="C:\\WINDOWS\\system32\\blank.htm"
    "Start Page"="http://www.msn.com/"


    --------------------\\ Recherche d'autres infections

    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet014\..\{2D14DB62-4C4B-4FCB-818E-71F7A6CCC65D}]
    NameServer REG_SZ 85.255.115.50,85.255.112.154
    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet014\..\{AB9B6678-7026-496E-A217-02C92839C38A}]
    NameServer REG_SZ 85.255.115.50,85.255.112.154
    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet014\..\{AB9B6678-7026-496E-A217-02C92839C38A}]
    DhcpNameServer REG_SZ 85.255.115.50,85.255.112.154
    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet014\..\{C050E60A-B913-43A4-A110-8127A2997EC5}]
    NameServer REG_SZ 85.255.113.117;85.255.112.90
    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet014\..\{C050E60A-B913-43A4-A110-8127A2997EC5}]
    DhcpNameServer REG_SZ 85.255.113.117;85.255.112.90
    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet014\..\{CCF7B429-5E33-4EDD-92D4-1BDE435448E1}]
    NameServer REG_SZ 85.255.115.50,85.255.112.154
    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet014\..\{FA785A41-A335-45C4-98C1-FC005A45215F}]
    NameServer REG_SZ 85.255.115.50,85.255.112.154
    ==> WAREOUT <==

    --------------------\\ Cracks & Keygens ..

    C:\DOCUME~1\ADMINS~1\Mes documents\Bureau Max\Trinity\buildings\Shadowmoon_Wall_Crack.wmo



    1 - "C:\ToolBar SD\TB_1.txt" - 2009-05-19|17:17 - Option : [1]
    2 - "C:\ToolBar SD\TB_2.txt" - 2009-05-20|16:53 - Option : [2]

    -----------\\ Fin du rapport a 16:53:45,01
    20 Mai 2009 22:56:41

    Voici le rapport HiJackThis

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 16:56:10, on 2009-05-20
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v8.00 (8.00.6001.18702)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    C:\Program Files\Alwil Software\Avast4\ashServ.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\svcadmin.exe
    C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\Program Files\Google\Update\GoogleUpdate.exe
    C:\Program Files\Java\jre6\bin\jqs.exe
    C:\WINDOWS\system32\PnkBstrA.exe
    C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    C:\WINDOWS\system32\wbem\wmiapsrv.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\TortoiseSVN\bin\TSVNCache.exe
    C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
    C:\Program Files\Analog Devices\SoundMAX\DrvLsnr.exe
    C:\Program Files\Java\jre6\bin\jusched.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\WINDOWS\vsnpstd2.exe
    C:\WINDOWS\System32\svchost.exe
    C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\MSI\Common\RaUI.exe
    C:\Program Files\Teamspeak2_RC2\server_windows.exe
    C:\Documents and Settings\Adminstrateur\Application Data\Microsoft\Live Search\Notification-LiveSearch.exe
    C:\Documents and Settings\Adminstrateur\Application Data\Microsoft\Live Search\Mise-a-jour-LiveSearch.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Program Files\Super macro\super_macro.exe
    C:\Program Files\Messenger\msmsgs.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    R3 - Default URLSearchHook is missing
    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: Google Gears Helper - {E0FEFE40-FBF9-42AE-BA58-794CA7E3FB53} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.19.0\gears.dll
    O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    O4 - HKLM\..\Run: [SetRefresh] C:\Program Files\COMPAQ\SetRefresh\\SetRefresh.exe
    O4 - HKLM\..\Run: [Smapp] C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
    O4 - HKLM\..\Run: [DrvLsnr] C:\Program Files\Analog Devices\SoundMAX\DrvLsnr.exe
    O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
    O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
    O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [SNPSTD2] C:\WINDOWS\vsnpstd2.exe
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [FreeCall] "C:\Program Files\FreeCall.com\FreeCall\FreeCall.exe" -nosplash -minimized
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - Startup: AutoClick.lnk = C:\Program Files\AutoClick\AutoClick.exe
    O4 - Startup: MagicDisc.lnk = C:\Program Files\MagicDisc\MagicDisc.exe
    O4 - Startup: Outil de notification Live Search.lnk = C:\Documents and Settings\Adminstrateur\Application Data\Microsoft\Live Search\Notification-LiveSearch.exe
    O4 - Global Startup: DYNDNSCLIENT.lnk = C:\Program Files\darweb-dyndnsclient\dyndnsclient.exe
    O4 - Global Startup: MSI Wireless Utility.lnk = C:\Program Files\MSI\Common\RaUI.exe
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.19.0\gears.dll
    O9 - Extra 'Tools' menuitem: Paramètres de Google &Gears - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.19.0\gears.dll
    O9 - Extra button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
    O9 - Extra 'Tools' menuitem: Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
    O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
    O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986....
    O16 - DPF: {4E218431-2F07-40BD-A9D3-035324C1F13F} (DyynoX Class) - http://webserver.dyyno.com/DyynoClient/DyynoCAB.CAB
    O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown....
    O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8....
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Cont...
    O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.ca...
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
    O16 - DPF: {DB7BF79A-FC51-4B5A-92BC-A65731174380} (InstantAction Game Launcher) - http://www.instantaction.com/download/iaplayer.cab
    O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab569...
    O16 - DPF: {FFBB3F3B-0A5A-4106-BE53-DFE1E2340CB1} (Contrôleur de DownloadManager) - http://dlm.tools.akamai.com/dlmanager/versions/activex/...
    O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
    O23 - Service: Anyplace Control Security - Unknown owner - C:\WINDOWS\svcadmin.exe
    O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
    O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: Client32 - Unknown owner - C:\Program Files\NetSupport\NetSupport Manager\client32.exe (file missing)
    O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
    O23 - Service: Google Update Service (gupdate1c9bbf4ad401b26) (gupdate1c9bbf4ad401b26) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
    O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
    O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
    O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
    O23 - Service: wampapache - Apache Software Foundation - c:\wamp\bin\apache\apache2.2.6\bin\httpd.exe
    O23 - Service: wampmysqld - Unknown owner - c:\wamp\bin\mysql\mysql5.0.45\bin\mysqld-nt.exe

    --
    End of file - 10559 bytes
    a b 8 Sécurité
    21 Mai 2009 13:22:42

    T'as refait un scan MBAM ?
    21 Mai 2009 14:12:57

    Non je vais faire ça à l'instant .

    Cordialement
    Pomax
    21 Mai 2009 22:39:55

    Voici le très court LOG de Mbam


    Malwarebytes' Anti-Malware 1.36
    Version de la base de données: 1945
    Windows 5.1.2600 Service Pack 3

    2009-05-21 16:38:32
    mbam-log-2009-05-21 (16-38-32).txt

    Type de recherche: Examen complet (C:\|)
    Eléments examinés: 210521
    Temps écoulé: 4 hour(s), 27 minute(s), 25 second(s)

    Processus mémoire infecté(s): 0
    Module(s) mémoire infecté(s): 0
    Clé(s) du Registre infectée(s): 0
    Valeur(s) du Registre infectée(s): 0
    Elément(s) de données du Registre infecté(s): 0
    Dossier(s) infecté(s): 0
    Fichier(s) infecté(s): 0

    Processus mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Module(s) mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Clé(s) du Registre infectée(s):
    (Aucun élément nuisible détecté)

    Valeur(s) du Registre infectée(s):
    (Aucun élément nuisible détecté)

    Elément(s) de données du Registre infecté(s):
    (Aucun élément nuisible détecté)

    Dossier(s) infecté(s):
    (Aucun élément nuisible détecté)

    Fichier(s) infecté(s):
    (Aucun élément nuisible détecté)
    a b 8 Sécurité
    22 Mai 2009 17:43:20

    Refais un scan ToolBarS&D option 1, ton pc se comporte mieux ?
    22 Mai 2009 23:17:31

    Oui , beaucoup . Internet se lance beaucoup plus rapidement qu'avant . Et je peux faire les Updates .
    Voici un scan de ToolBar ...




    -----------\\ ToolBar S&D 1.2.8 XP/Vista

    Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 3
    X86-based PC ( Uniprocessor Free : Intel(R) Pentium(R) 4 CPU 2.80GHz )
    BIOS : 786B2 v1.11
    USER : Adminstrateur ( Administrator )
    BOOT : Normal boot
    Antivirus : avast! antivirus 4.8.1335 [VPS 090521-0] 4.8.1335 (Activated)
    A:\ (USB)
    C:\ (Local Disk) - NTFS - Total:37 Go (Free:3 Go)
    D:\ (CD or DVD)
    E:\ (CD or DVD)
    F:\ (CD or DVD)

    "C:\ToolBar SD" ( MAJ : 21-12-2008|20:47 )
    Option : [1] ( 2009-05-22|17:12 )

    -----------\\ Recherche de Fichiers / Dossiers ...


    -----------\\ Extensions

    (Adminstrateur) - {71328583-3CA7-4809-B4BA-570A85818FBB} => cacheviewer


    -----------\\ [..\Internet Explorer\Main]

    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
    "Local Page"="C:\\WINDOWS\\system32\\blank.htm"
    "Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iese..."
    "Start Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&..."
    "Default_Search_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iese..."

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
    "Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
    "Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
    "Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
    "Local Page"="C:\\WINDOWS\\system32\\blank.htm"
    "Start Page"="http://www.msn.com/"


    --------------------\\ Recherche d'autres infections

    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet014\..\{2D14DB62-4C4B-4FCB-818E-71F7A6CCC65D}]
    NameServer REG_SZ 85.255.115.50,85.255.112.154
    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet014\..\{AB9B6678-7026-496E-A217-02C92839C38A}]
    NameServer REG_SZ 85.255.115.50,85.255.112.154
    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet014\..\{AB9B6678-7026-496E-A217-02C92839C38A}]
    DhcpNameServer REG_SZ 85.255.115.50,85.255.112.154
    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet014\..\{C050E60A-B913-43A4-A110-8127A2997EC5}]
    NameServer REG_SZ 85.255.113.117;85.255.112.90
    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet014\..\{C050E60A-B913-43A4-A110-8127A2997EC5}]
    DhcpNameServer REG_SZ 85.255.113.117;85.255.112.90
    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet014\..\{CCF7B429-5E33-4EDD-92D4-1BDE435448E1}]
    NameServer REG_SZ 85.255.115.50,85.255.112.154
    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet014\..\{FA785A41-A335-45C4-98C1-FC005A45215F}]
    NameServer REG_SZ 85.255.115.50,85.255.112.154
    ==> WAREOUT <==

    --------------------\\ Cracks & Keygens ..

    C:\DOCUME~1\ADMINS~1\Mes documents\Bureau Max\Trinity\buildings\Shadowmoon_Wall_Crack.wmo



    1 - "C:\ToolBar SD\TB_1.txt" - 2009-05-19|17:17 - Option : [1]
    2 - "C:\ToolBar SD\TB_2.txt" - 2009-05-20|16:53 - Option : [2]
    3 - "C:\ToolBar SD\TB_3.txt" - 2009-05-22|17:13 - Option : [1]

    -----------\\ Fin du rapport a 17:13:46,00

    a b 8 Sécurité
    24 Mai 2009 13:40:07

    Re,

    Télécharge SmitfraudFix (de S!ri).

  • Enregistre le sur ton Bureau.
  • Lance-le en double cliquant sur SmitfraudFix.exe
  • Appuie sur une touche comme demandé.
  • Exécute l’option 5, un rapport va apparaître, poste le .
    27 Mai 2009 22:58:19

    Rebonjour , désolé du temps de réponse :/ 
    Voici le LOG



    apaSmitFraudFix v2.368

    Rapport fait à 16:57:18,99, 2009-05-27
    Executé à partir de C:\Documents and Settings\Adminstrateur\SmitfraudFix
    OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT
    Le type du système de fichiers est NTFS
    Fix executé en mode normal

    »»»»»»»»»»»»»»»»»»»»»»»» DNS Avant Fix

    Description: Broadcom NetXtreme Gigabit Ethernet for hp - Miniport d'ordonnancement de paquets
    DNS Server Search Order: 192.168.0.1

    HKLM\SYSTEM\CCS\Services\Tcpip\..\{CCF7B429-5E33-4EDD-92D4-1BDE435448E1}: DhcpNameServer=192.168.0.1

    »»»»»»»»»»»»»»»»»»»»»»»» DNS Après Fix

    Description: Broadcom NetXtreme Gigabit Ethernet for hp - Miniport d'ordonnancement de paquets
    DNS Server Search Order: 192.168.0.1

    HKLM\SYSTEM\CCS\Services\Tcpip\..\{CCF7B429-5E33-4EDD-92D4-1BDE435448E1}: DhcpNameServer=192.168.0.1
    a b 8 Sécurité
    28 Mai 2009 17:20:29

    Tu as encore des soucis ?
    29 Mai 2009 03:49:07

    Non aucun soucis !

    Merci beaucoup de ton aide !
    a b 8 Sécurité
    29 Mai 2009 17:51:07

    Bon surf ;) 
    Tom's guide dans le monde
    • Allemagne
    • Italie
    • Irlande
    • Royaume Uni
    • Etats Unis
    Suivre Tom's Guide
    Inscrivez-vous à la Newsletter
    • ajouter à twitter
    • ajouter à facebook
    • ajouter un flux RSS