Votre question

HELP !! Plus de connection après suppression de virus !!

Tags :
  • Sécurité
Dernière réponse : dans Sécurité et virus
20 Janvier 2009 14:50:35

Au secours !!!

Après avoir supprimé 39 infections avec Malwarebyte's Anti-Malware, je n'ai plus aucune connexion internet !

Ma connexion réseau fonctionne bien, ainsi que le 2° poste du réseau (qui lui accède tj à Internet).

Avant désinfection, j'avais internet normalement (sauf maj des virus par AVIRA qui ne fonctionnait pas.
Après désinfection ... plus rien !

Je dois avoir encore une sal...rie qui traine, mais je ne sais plus quoi faire !!

une ame charitable pourrait-elle m'aider ??

Citation :
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:51:44, on 19/01/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Acer\eManager\anbmServ.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\acer\epm\epm-dm.exe
C:\Program Files\Launch Manager\QtZgAcer.EXE
C:\Program Files\QuickTime\qttask.exe
C:\PROGRA~1\ACDSYS~1\DEVDET~1\DEVDET~1.EXE
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIADE.EXE
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Microsoft Money\System\Money Express.exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
D:\Extrafilm Designer FR\EFUploadSrv.exe
C:\PROGRA~1\MICROS~3\rapimgr.exe
C:\Program Files\Java\jre6\bin\jqs.exe
D:\Sunbelt Software\Personal Firewall\SbPFLnch.exe
D:\Sunbelt Software\Personal Firewall\SbPFSvc.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
D:\Sunbelt Software\Personal Firewall\SbPFCl.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avwsc.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://portail.free.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: peer2Peer-FR2 Toolbar - {9f23e207-7e05-4ee2-a90e-50cf3ae9b03f} - C:\Program Files\peer2Peer-FR2\tbpeer.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: EoRezoBHO - {64F56FC1-1272-44CD-BA6E-39723696E350} - C:\Program Files\EoRezo\EoAdv\EoRezoBHO.dll (file missing)
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: peer2Peer-FR2 Toolbar - {9f23e207-7e05-4ee2-a90e-50cf3ae9b03f} - C:\Program Files\peer2Peer-FR2\tbpeer.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: peer2Peer-FR2 Toolbar - {9f23e207-7e05-4ee2-a90e-50cf3ae9b03f} - C:\Program Files\peer2Peer-FR2\tbpeer.dll
O4 - HKLM\..\Run: [LaunchApp] Alaunch
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [EPM-DM] c:\acer\epm\epm-dm.exe
O4 - HKLM\..\Run: [ePowerManagement] C:\Acer\ePM\ePM.exe boot
O4 - HKLM\..\Run: [LManager] C:\Program Files\Launch Manager\QtZgAcer.EXE
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Camera Detector] C:\PROGRA~1\ACDSYS~1\DEVDET~1\DEVDET~1.EXE -autorun
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [\\FNAC-76T4OKI396\EPSON Stylus DX4800 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIADE.EXE /P44 "\\FNAC-76T4OKI396\EPSON Stylus DX4800 Series" /O6 "USB001" /M "Stylus DX4800"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [MoneyAgent] "C:\Program Files\Microsoft Money\System\Money Express.exe"
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll
O9 - Extra 'Tools' menuitem: Créer un favori mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe
O9 - Extra button: PartyGammon.com - {59A861EE-32B3-42cd-8CCA-FC130EDF3A44} - C:\Program Files\PartyGaming\PartyGammon\RunBackGammon.exe (file missing)
O9 - Extra 'Tools' menuitem: PartyGammon.com - {59A861EE-32B3-42cd-8CCA-FC130EDF3A44} - C:\Program Files\PartyGaming\PartyGammon\RunBackGammon.exe (file missing)
O9 - Extra button: (no name) - {B4B52284-A248-4c51-9F7C-F0A0C67FCC9D} - (no file)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} (Image Uploader Control) - http://www.extrafilm.fr/ImageUploader5.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
O16 - DPF: {F9043C85-F6F2-101A-A3C9-08002B2F49FB} (Microsoft Common Dialog Control, version 5.0 (SP2)) - file:///D:/The%20Tournament%20Director%201.3.5%20b4/comdlg32.cab
O23 - Service: Notebook Manager Service (anbmService) - OSA Technologies Inc. - C:\Acer\eManager\anbmServ.exe
O23 - Service: Planificateur Avira AntiVir Personal - Free Antivirus (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ExtraFilm upload service (EFUploadSrv) - Textalk AB - D:\Extrafilm Designer FR\EFUploadSrv.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: SbPF.Launcher - Sunbelt Software, Inc. - D:\Sunbelt Software\Personal Firewall\SbPFLnch.exe
O23 - Service: Sunbelt Personal Firewall 4 (SPF4) - Sunbelt Software, Inc. - D:\Sunbelt Software\Personal Firewall\SbPFSvc.exe

--
End of file - 9017 bytes

Autres pages sur : help connection suppression virus

a b 8 Sécurité
20 Janvier 2009 19:14:24

Bonjour,

Tu as mis les fichiers en quarantaine ? Tu as le rapport MBAM ?
20 Janvier 2009 19:20:52

Voici le rapport.
Pour les fichiers infectés, si j'ai bien compris, ils ont été mis en quarantaine et supprimés ... ou alors j'ai loupé quelquechose ?!

Citation :
Malwarebytes' Anti-Malware 1.33
Version de la base de données: 1668
Windows 5.1.2600 Service Pack 3

19/01/2009 22:22:46
mbam-log-2009-01-19 (22-22-46).txt

Type de recherche: Examen complet (C:\|D:\|)
Eléments examinés: 109152
Temps écoulé: 57 minute(s), 22 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 5
Valeur(s) du Registre infectée(s): 1
Elément(s) de données du Registre infecté(s): 31
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 2

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
HKEY_CLASSES_ROOT\minibugtransporter.minibugtransporterx (Adware.Minibug) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{3c2d2a1e-031f-4397-9614-87c932a848e0} (Adware.Minibug) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{04a38f6b-006f-4247-ba4c-02a139d5531c} (Adware.Minibug) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{2b96d5cc-c5b5-49a5-a69d-cc0a30f9028c} (Adware.Minibug) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\minibugtransporter.minibugtransporterx.1 (Adware.Minibug) -> Quarantined and deleted successfully.

Valeur(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs\C:\Program Files\Fichiers communs\Real\WeatherBug\MiniBugTransporter.dll (Adware.Minibug) -> Quarantined and deleted successfully.

Elément(s) de données du Registre infecté(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\System (Rootkit.DNSChanger.H) -> Data: kdzao.exe -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\NameServer (Trojan.DNSChanger) -> Data: 85.255.114.68 85.255.112.69 -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{16941c1c-e11b-4794-aac5-ec44e6cac3d4}\NameServer (Trojan.DNSChanger) -> Data: 85.255.114.68,85.255.112.69 -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{1ad0994b-4eff-4736-b2b3-a3e7d80efb07}\DhcpNameServer (Trojan.DNSChanger) -> Data: 85.255.114.68,85.255.112.69 -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{1ad0994b-4eff-4736-b2b3-a3e7d80efb07}\NameServer (Trojan.DNSChanger) -> Data: 85.255.114.68,85.255.112.69 -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{39e36c1f-ce96-4bac-921d-6282dd6619f4}\DhcpNameServer (Trojan.DNSChanger) -> Data: 85.255.114.68,85.255.112.69 -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{39e36c1f-ce96-4bac-921d-6282dd6619f4}\NameServer (Trojan.DNSChanger) -> Data: 85.255.114.68,85.255.112.69 -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{af3dffc4-299a-4ba5-a896-dc786c229e70}\NameServer (Trojan.DNSChanger) -> Data: 85.255.114.68,85.255.112.69 -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{ddb6567f-9eed-4b18-a244-45836d6b7260}\DhcpNameServer (Trojan.DNSChanger) -> Data: 85.255.114.68,85.255.112.69 -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{f818d579-76a5-40f0-84b8-9cfd70174b09}\DhcpNameServer (Trojan.DNSChanger) -> Data: 85.255.114.68,85.255.112.69 -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{f818d579-76a5-40f0-84b8-9cfd70174b09}\NameServer (Trojan.DNSChanger) -> Data: 85.255.114.68,85.255.112.69 -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip\Parameters\NameServer (Trojan.DNSChanger) -> Data: 85.255.114.68 85.255.112.69 -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip\Parameters\Interfaces\{16941c1c-e11b-4794-aac5-ec44e6cac3d4}\NameServer (Trojan.DNSChanger) -> Data: 85.255.114.68,85.255.112.69 -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip\Parameters\Interfaces\{1ad0994b-4eff-4736-b2b3-a3e7d80efb07}\DhcpNameServer (Trojan.DNSChanger) -> Data: 85.255.114.68,85.255.112.69 -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip\Parameters\Interfaces\{1ad0994b-4eff-4736-b2b3-a3e7d80efb07}\NameServer (Trojan.DNSChanger) -> Data: 85.255.114.68,85.255.112.69 -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip\Parameters\Interfaces\{39e36c1f-ce96-4bac-921d-6282dd6619f4}\DhcpNameServer (Trojan.DNSChanger) -> Data: 85.255.114.68,85.255.112.69 -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip\Parameters\Interfaces\{39e36c1f-ce96-4bac-921d-6282dd6619f4}\NameServer (Trojan.DNSChanger) -> Data: 85.255.114.68,85.255.112.69 -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip\Parameters\Interfaces\{af3dffc4-299a-4ba5-a896-dc786c229e70}\NameServer (Trojan.DNSChanger) -> Data: 85.255.114.68,85.255.112.69 -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip\Parameters\Interfaces\{ddb6567f-9eed-4b18-a244-45836d6b7260}\DhcpNameServer (Trojan.DNSChanger) -> Data: 85.255.114.68,85.255.112.69 -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip\Parameters\Interfaces\{f818d579-76a5-40f0-84b8-9cfd70174b09}\DhcpNameServer (Trojan.DNSChanger) -> Data: 85.255.114.68,85.255.112.69 -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip\Parameters\Interfaces\{f818d579-76a5-40f0-84b8-9cfd70174b09}\NameServer (Trojan.DNSChanger) -> Data: 85.255.114.68,85.255.112.69 -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Tcpip\Parameters\NameServer (Trojan.DNSChanger) -> Data: 85.255.114.68 85.255.112.69 -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Tcpip\Parameters\Interfaces\{16941c1c-e11b-4794-aac5-ec44e6cac3d4}\NameServer (Trojan.DNSChanger) -> Data: 85.255.114.68,85.255.112.69 -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Tcpip\Parameters\Interfaces\{1ad0994b-4eff-4736-b2b3-a3e7d80efb07}\DhcpNameServer (Trojan.DNSChanger) -> Data: 85.255.114.68,85.255.112.69 -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Tcpip\Parameters\Interfaces\{1ad0994b-4eff-4736-b2b3-a3e7d80efb07}\NameServer (Trojan.DNSChanger) -> Data: 85.255.114.68,85.255.112.69 -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Tcpip\Parameters\Interfaces\{39e36c1f-ce96-4bac-921d-6282dd6619f4}\DhcpNameServer (Trojan.DNSChanger) -> Data: 85.255.114.68,85.255.112.69 -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Tcpip\Parameters\Interfaces\{39e36c1f-ce96-4bac-921d-6282dd6619f4}\NameServer (Trojan.DNSChanger) -> Data: 85.255.114.68,85.255.112.69 -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Tcpip\Parameters\Interfaces\{af3dffc4-299a-4ba5-a896-dc786c229e70}\NameServer (Trojan.DNSChanger) -> Data: 85.255.114.68,85.255.112.69 -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Tcpip\Parameters\Interfaces\{ddb6567f-9eed-4b18-a244-45836d6b7260}\DhcpNameServer (Trojan.DNSChanger) -> Data: 85.255.114.68,85.255.112.69 -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Tcpip\Parameters\Interfaces\{f818d579-76a5-40f0-84b8-9cfd70174b09}\DhcpNameServer (Trojan.DNSChanger) -> Data: 85.255.114.68,85.255.112.69 -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Tcpip\Parameters\Interfaces\{f818d579-76a5-40f0-84b8-9cfd70174b09}\NameServer (Trojan.DNSChanger) -> Data: 85.255.114.68,85.255.112.69 -> Quarantined and deleted successfully.

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
C:\WINDOWS\system32\kdzao.exe (Rootkit.DNSChanger.H) -> Delete on reboot.
C:\Program Files\Fichiers communs\Real\WeatherBug\MiniBugTransporter.dll (Adware.Minibug) -> Quarantined and deleted successfully.
Contenus similaires
20 Janvier 2009 21:36:25

euh ... c'est pire :

1. après redémarrage, ma connexion wifi s'anonce comme ayant une mauvaise connectivité avec surement impossibilité d'accéder à internet ou à des ressources réseau
2.mon firewall (sunbelt personal firewall) plante au démarrage
3.lorsque j'essaie d'accéder à internet malgré tout ... ça fait planter la connexion internet sur l'autre poste du réseau (celui d'où j'écris)

j'y comprends plus rien ...
a b 8 Sécurité
21 Janvier 2009 17:22:27

Désinstalle le firewall, pas mieux ?
Tom's guide dans le monde
  • Allemagne
  • Italie
  • Irlande
  • Royaume Uni
  • Etats Unis
Suivre Tom's Guide
Inscrivez-vous à la Newsletter
  • ajouter à twitter
  • ajouter à facebook
  • ajouter un flux RSS