Votre question

Trojan.DNSChanger

Tags :
  • Tcpip
  • Sécurité
Dernière réponse : dans Sécurité et virus
22 Novembre 2008 18:45:46

Impossible à éradiquer définitivement dans la base de registre comme ci-après :

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{1203D91A-4E30-4674-8BED-3CE31E143930}


HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip\Parameters


HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip\Parameters\Interfaces\{1203D91A-4E30-4674-8BED-3CE31E143930}


HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Tcpip\Parameters


HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Tcpip\Parameters\Interfaces\{1203D91A-4E30-4674-8BED-3CE31E143930
*********************************
Pourtant Malwarebytes' Anti-Malware semble le supprimer (en mode sans échec) mais il revient toujours.

Malwarebytes' Anti-Malware 1.29
Version de la base de données: 1276
Windows 6.0.6000

22/11/2008 17:11:00
mbam-log-2008-11-22 (17-11-00).txt

Type de recherche: Examen rapide
Eléments examinés: 49456
Temps écoulé: 2 minute(s), 54 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 6
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 0

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\DhcpNameServer (Trojan.DNSChanger) -> Data: 85.255.112.210 85.255.112.67 -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{1203d91a-4e30-4674-8bed-3ce31e143930}\DhcpNameServer (Trojan.DNSChanger) -> Data: 85.255.112.210 85.255.112.67 -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip\Parameters\DhcpNameServer (Trojan.DNSChanger) -> Data: 85.255.112.210 85.255.112.67 -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip\Parameters\Interfaces\{1203d91a-4e30-4674-8bed-3ce31e143930}\DhcpNameServer (Trojan.DNSChanger) -> Data: 85.255.112.210 85.255.112.67 -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\Tcpip\Parameters\DhcpNameServer (Trojan.DNSChanger) -> Data: 85.255.112.210 85.255.112.67 -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\Tcpip\Parameters\Interfaces\{1203d91a-4e30-4674-8bed-3ce31e143930}\DhcpNameServer (Trojan.DNSChanger) -> Data: 85.255.112.210 85.255.112.67 -> Quarantined and deleted successfully.

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
(Aucun élément nuisible détecté)

*********************************************
Le voilà de retour :

Malwarebytes' Anti-Malware 1.29
Version de la base de données: 1276
Windows 6.0.6000

22/11/2008 18:34:53
mbam-log-2008-11-22 (18-34-47).txt

Type de recherche: Examen rapide
Eléments examinés: 49878
Temps écoulé: 2 minute(s), 33 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 6
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 0

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\DhcpNameServer (Trojan.DNSChanger) -> Data: 85.255.112.210 85.255.112.67 -> No action taken.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{1203d91a-4e30-4674-8bed-3ce31e143930}\DhcpNameServer (Trojan.DNSChanger) -> Data: 85.255.112.210 85.255.112.67 -> No action taken.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip\Parameters\DhcpNameServer (Trojan.DNSChanger) -> Data: 85.255.112.210 85.255.112.67 -> No action taken.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip\Parameters\Interfaces\{1203d91a-4e30-4674-8bed-3ce31e143930}\DhcpNameServer (Trojan.DNSChanger) -> Data: 85.255.112.210 85.255.112.67 -> No action taken.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\Tcpip\Parameters\DhcpNameServer (Trojan.DNSChanger) -> Data: 85.255.112.210 85.255.112.67 -> No action taken.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\Tcpip\Parameters\Interfaces\{1203d91a-4e30-4674-8bed-3ce31e143930}\DhcpNameServer (Trojan.DNSChanger) -> Data: 85.255.112.210 85.255.112.67 -> No action taken.

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
(Aucun élément nuisible détecté)
***********************************************

Et je reste dans l'impossibilité de mettre Windows Vista et Windows Defender à jour (erreur code 0x80244019 ou 0x80190194). De même je ne peux ouvrir la page http://go.microsoft.com/fwlink/?linkid=70631...

Un vrai casse-tête... Merci par avance à qui voudra bien m'aider !

Autres pages sur : trojan dnschanger

22 Novembre 2008 21:20:56

Bonsoir,

Télécharge SmitfraudFix (de S!ri).

  • Enregistre le sur ton Bureau.

    Fais redémarrer ton ordinateur en mode sans échec
    - Au démarrage, après le chargement du bios, appuie successivement sur la touche F8 (ou F5) de ton clavier jusqu'à l'apparition d'un menu sur fond noir. Une fois arrivé à ce stade, sélectionne à l'aide du clavier Mode sans Echec.
    -- Dans ce mode, tu n'as pas accès à Internet, et tu te retrouves avec une configuration visuelle différente (pas de fond d'écran, icônes très grosses). Ne sois donc pas étonné.
    --- C'est pour ces différentes raisons que je t'invite à imprimer, noter, ou enregistrer dans un document texte les informations suivantes afin de ne pas être perdu.
    ---- ! Ne fais pas démarrer ton ordinateur en mode sans échec via MSConfig ! Pourquoi ? Certaines infections cassent les clefs du mode sans échec, ce qui ferait crasher ton ordinateur.

    Lance SmitfraudFix.

  • Choisis l’option 2. (Oui à toutes les questions)
  • Si tu dois faire redémarrer ton ordi, fais-le. Quoi qu'il en soit, fais redémarrer ton ordinateur à la fin du Fix.
  • Poste le rapport qui se situe dans C:\rapport.txt (sans les lignes faisant référence au fichier Hosts) ainsi qu’un nouveau rapport HijackThis.

    Aide : Comment faire démarrer son ordinateur en mode sans échec.
    23 Novembre 2008 19:07:03

    Bonsoir FanDANGELD​ARK

    Voici le rapport SmitfraudFix :

    »»»»»»»»»»»»»»»»»»»»»»»» VACFix

    VACFix
    Credits: Malware Analysis & Diagnostic
    Code: S!Ri


    »»»»»»»»»»»»»»»»»»»»»»»» Winsock2 Fix

    S!Ri's WS2Fix: LSP not Found.
    »»»»»»»»»»»»»»»»»»»»»»»» Generic Renos Fix

    GenericRenosFix by S!Ri


    »»»»»»»»»»»»»»»»»»»»»»»» Deleting infected files


    »»»»»»»»»»»»»»»»»»»»»»»» IEDFix

    IEDFix
    Credits: Malware Analysis & Diagnostic
    Code: S!Ri



    »»»»»»»»»»»»»»»»»»»»»»»» 404Fix

    404Fix
    Credits: Malware Analysis & Diagnostic
    Code: S!Ri


    »»»»»»»»»»»»»»»»»»»»»»»» RK


    »»»»»»»»»»»»»»»»»»»»»»»» DNS

    HKLM\SYSTEM\CCS\Services\Tcpip\..\{1203D91A-4E30-4674-8BED-3CE31E143930}: DhcpNameServer=85.255.112.210 85.255.112.67
    HKLM\SYSTEM\CS1\Services\Tcpip\..\{1203D91A-4E30-4674-8BED-3CE31E143930}: DhcpNameServer=85.255.112.210 85.255.112.67


    »»»»»»»»»»»»»»»»»»»»»»»» Deleting Temp Files


    »»»»»»»»»»»»»»»»»»»»»»»» Winlogon.System
    !!!Attention, following keys are not inevitably infected!!!

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]


    »»»»»»»»»»»»»»»»»»»»»»»» Registry Cleaning

    Registry Cleaning done.

    »»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler After SmitFraudFix
    !!!Attention, following keys are not inevitably infected!!!

    SrchSTS.exe by S!Ri
    Search SharedTaskScheduler's .dll


    »»»»»»»»»»»»»»»»»»»»»»»» End

    et HijackThis

    Platform: Windows Vista (WinNT 6.00.1904)
    MSIE: Internet Explorer v7.00 (7.00.6000.16643)
    Boot mode: Normal

    Running processes:
    C:\Windows\system32\taskeng.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Program Files\Windows Defender\MSASCui.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\Windows\System32\rundll32.exe
    C:\Windows\System32\rundll32.exe
    C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe
    C:\Program Files\CyberLink\MagicSports\Kernel\MagicSports\MSPMirage.exe
    C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
    C:\Program Files\Util\Disk\TrueImageHome\TrueImageMonitor.exe
    C:\Program Files\Util\Disk\TrueImageHome\TimounterMonitor.exe
    C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe
    C:\Program Files\Adobe\Acrobat 8.0\Acrobat\acrotray.exe
    C:\Program Files\Burotic\Microsoft Office\Office12\GrooveMonitor.exe
    C:\Program Files\Util\System\Emulation\PowerISO\PWRISOVM.EXE
    C:\Windows\System32\oodtray.exe
    C:\Program Files\Multimedia\Video\CyberLink PowerDVD\PDVDServ.exe
    C:\Program Files\Gravure\SlySoft CloneCD\CloneCDTray.exe
    C:\Program Files\IVT Corporation\BlueSoleil\BtTray.exe
    C:\Program Files\Util\Security\Eset\nod32kui.exe
    C:\Program Files\Windows Sidebar\sidebar.exe
    C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe
    C:\Program Files\Util\System\Directory Opus\dopus.exe
    C:\Program Files\Util\System\Directory Opus\dopusrt.exe
    C:\Program Files\Windows Live\Messenger\msnmsgr.exe
    C:\Program Files\Multimedia\Images\TechSmith SnagIt 8\SnagIt32.exe
    C:\Program Files\Util\Files\TurboLaunch\TurboLaunch.exe
    C:\Program Files\Multimedia\Images\TechSmith SnagIt 8\TSCHelp.exe
    C:\Program Files\Multimedia\Images\TechSmith SnagIt 8\SnagPriv.exe
    C:\Program Files\Windows Sidebar\sidebar.exe
    C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe
    C:\Program Files\Internet Explorer\ieuser.exe
    C:\Program Files\Util\Security\HijackThis\HijackThis.exe
    C:\Windows\system32\Taskmgr.exe
    C:\Windows\system32\SearchFilterHost.exe
    C:\Windows\system32\NOTEPAD.EXE

    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    O1 - Hosts: ::1 localhost
    O2 - BHO: SnagIt Toolbar Loader - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program

    Files\Multimedia\Images\TechSmith SnagIt 8\SnagItBHO.dll
    O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -

    C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: ContributeBHO Class - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program

    Files\Adobe\/Adobe Contribute CS3/contributeieplugin.dll
    O2 - BHO: FlpLauncher Class - {4401FDC3-7996-4774-8D2B-C1AE9CD6CC25} - C:\Program

    Files\Multimedia\Images\FlipAlbum 6 Pro\FpLaunch.dll
    O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1

    \Burotic\MICROS~1\Office12\GRA8E1~1.DLL
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} -

    C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
    O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program

    Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
    O3 - Toolbar: Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program

    Files\Adobe\/Adobe Contribute CS3/contributeieplugin.dll
    O3 - Toolbar: SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program

    Files\Multimedia\Images\TechSmith SnagIt 8\SnagItIEAddin.dll
    O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
    O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe
    O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Common Files\Roxio Shared\9.0

    \SharedCOM\RoxWatchTray9.exe"
    O4 - HKLM\..\Run: [MSPService] C:\Program

    Files\CyberLink\MagicSports\Kernel\MagicSports\MSPMirage.exe
    O4 - HKLM\..\Run: [toolbar_eula_launcher] C:\Program Files\Packard

    Bell\GOOGLE_EULA\EULALauncher.exe
    O4 - HKLM\..\Run: [IAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"
    O4 - HKLM\..\Run: [TrueImageMonitor.exe] C:\Program

    Files\Util\Disk\TrueImageHome\TrueImageMonitor.exe
    O4 - HKLM\..\Run: [AcronisTimounterMonitor] C:\Program

    Files\Util\Disk\TrueImageHome\TimounterMonitor.exe
    O4 - HKLM\..\Run: [Acronis Scheduler2 Service] "C:\Program Files\Common Files\Acronis\Schedule2

    \schedhlp.exe"
    O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files\Adobe\Acrobat 8.0

    \Acrobat\Acrotray.exe"
    O4 - HKLM\..\Run: [Adobe_ID0EYTHM] C:\PROGRA~1\COMMON~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE
    O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Burotic\Microsoft Office\Office12

    \GrooveMonitor.exe"
    O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\Util\System\Emulation\PowerISO\PWRISOVM.EXE
    O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Util\Security\Eset\nod32kui.exe" /WAITSERVICE
    O4 - HKLM\..\Run: [OODefragTray] C:\Windows\system32\oodtray.exe
    O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\Multimedia\Video\CyberLink

    PowerDVD\PDVDServ.exe"
    O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files\Multimedia\Video\CyberLink

    PowerDVD\Language\Language.exe"
    O4 - HKLM\..\Run: [CloneCDTray] "C:\Program Files\Gravure\SlySoft CloneCD\CloneCDTray.exe" /s
    O4 - HKLM\..\Run: [Corel Photo Downloader] "C:\Program Files\Common Files\Corel\Corel

    PhotoDownloader\Corel Photo Downloader.exe" -startup
    O4 - HKLM\..\Run: [BtTray] "C:\Program Files\IVT Corporation\BlueSoleil\BtTray.exe"
    O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files\Util\Security\Malwarebytes'

    Anti-Malware\mbamgui.exe" /starttray
    O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program

    Files\Util\Security\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
    O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
    O4 - HKCU\..\Run: [SmpcSys] C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe
    O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
    O4 - HKCU\..\Run: [DOpus] C:\Program Files\Util\System\Directory Opus\dopus.exe
    O4 - HKCU\..\Run: [Directory Opus Desktop Dblclk] "C:\Program Files\Util\System\Directory

    Opus\dopusrt.exe" /dblclk
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
    O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User

    'SERVICE LOCAL')
    O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter

    (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User

    'SERVICE RÉSEAU')
    O4 - Startup: TurboLaunch.lnk = C:\Program Files\Util\Files\TurboLaunch\TurboLaunch.exe
    O4 - Global Startup: SnagIt 8.lnk = C:\Program Files\Multimedia\Images\TechSmith SnagIt 8

    \SnagIt32.exe
    O8 - Extra context menu item: Ajouter au fichier PDF existant - res://C:\Program

    Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
    O8 - Extra context menu item: Convertir en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0

    \Acrobat\AcroIEFavClient.dll/AcroIECapture.html
    O8 - Extra context menu item: Convertir la cible du lien en Adobe PDF - res://C:\Program

    Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
    O8 - Extra context menu item: Convertir la cible du lien en un fichier PDF existant -

    res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
    O8 - Extra context menu item: Convertir la sélection en Adobe PDF - res://C:\Program

    Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
    O8 - Extra context menu item: Convertir la sélection en un fichier PDF existant -

    res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
    O8 - Extra context menu item: Convertir les liens sélectionnés en fichier Adobe PDF -

    res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
    O8 - Extra context menu item: Convertir les liens sélectionnés en un fichier PDF existant -

    res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1

    \Burotic\MICROS~1\Office12\EXCEL.EXE/3000
    O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1

    \Burotic\MICROS~1\Office12\ONBttnIE.dll
    O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} -

    C:\PROGRA~1\Burotic\MICROS~1\Office12\ONBttnIE.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1

    \Burotic\MICROS~1\Office12\REFIEBAR.DLL
    O13 - Gopher Prefix:
    O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1

    \Burotic\MICROS~1\Office12\GR99D3~1.DLL
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1

    \Skype\SKYPE4~1.DLL
    O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Common

    Files\Acronis\Schedule2\schedul2.exe
    O23 - Service: Adobe Version Cue CS3 {fr_FR} (Adobe Version Cue CS3) - Adobe Systems

    Incorporated - C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3

    \Server\bin\VersionCueCS3.exe
    O23 - Service: BlueSoleilCS - Unknown owner - C:\Program Files\IVT

    Corporation\BlueSoleil\BlueSoleilCS.exe
    O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple

    Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: BsHelpCS - Unknown owner - C:\Program Files\IVT

    Corporation\BlueSoleil\BsHelpCS.exe
    O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common

    Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
    O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program

    Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program

    Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
    O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program

    Files\Util\Security\Malwarebytes' Anti-Malware\mbamservice.exe
    O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program

    Files\Util\Security\Eset\nod32krn.exe
    O23 - Service: O&O Defrag - O&O Software GmbH - C:\Windows\system32\oodag.exe
    O23 - Service: ProtexisLicensing - Unknown owner - C:\Windows\system32\PSIService.exe
    O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0

    \SharedCOM\RoxMediaDB9.exe
    O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program

    Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
    O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common

    Files\SureThing Shared\stllssvr.exe
    O23 - Service: Acronis Try And Decide Service (TryAndDecideService) - Unknown owner - C:\Program

    Files\Common Files\Acronis\Fomatik\TrueImageTryStartService.exe

    --
    End of file - 11657 bytes

    Merci par avance
    Contenus similaires
    Pas de réponse à votre question ? Demandez !
    26 Novembre 2008 17:53:08

    Bonsoir FanDANGELDARK,
    Rien n'a changé et j'ai toujours les redirections vers 85.255.112.210 85.255.112.67 inscrites en six endroits de la base de registre.

    Windows Defender (et Windows Update) ne peut se mettre à jour : erreur détectée : code 0x80244019. Je vais sur
    - http://support.microsoft.com/kb/918355
    qui me renvoie vers
    - http://support.microsoft.com/kb/918355#Advanced_trouble...
    et je ne peux accéder à
    - http://go.microsoft.com/fwlink/?linkid=70631 (recommandé par http://support.microsoft.com/kb/923159/)

    J'ai consulté le log de windows update, le voici mais c'est très volumineux :

    2008-06-02 08:50:01:848 1120 ca0 Service WARNING: GetUserTokenFromSessionId failed with error 800703f0 for session 0
    2008-06-02 08:50:01:848 1120 ca0 Service WARNING: GetUserTokenFromSessionId failed with error 800703f0 for session 0
    2008-06-02 08:50:01:848 1120 ca0 DnldMgr *********** DnldMgr: New download job [UpdateId = {B5718698-D6E7-4E54-8744-0136ED23DEF7}.100] ***********
    2008-06-02 08:50:01:848 1120 ca0 DnldMgr Regulation: {7971F918-A847-4430-9279-4A52D1EFE18D} - Update B5718698-D6E7-4E54-8744-0136ED23DEF7 is "PerUpdate" regulated and can NOT download. Sequence 6729 vs AcceptRate 0.
    2008-06-02 08:50:01:848 1120 ca0 DnldMgr * Update is not allowed to download due to regulation.
    2008-06-02 08:50:01:848 1120 ca0 DnldMgr *********** DnldMgr: New download job [UpdateId = {CB795DF7-7719-4B14-9A5C-866C593A4A58}.100] ***********
    2008-06-02 08:50:01:848 1120 ca0 DnldMgr Regulation: {7971F918-A847-4430-9279-4A52D1EFE18D} - Update CB795DF7-7719-4B14-9A5C-866C593A4A58 is "PerUpdate" regulated and can NOT download. Sequence 6729 vs AcceptRate 0.
    2008-06-02 08:50:01:848 1120 ca0 DnldMgr * Update is not allowed to download due to regulation.
    2008-06-02 08:50:01:848 1120 ca0 DnldMgr *********** DnldMgr: New download job [UpdateId = {BEACD8CF-C2A6-4149-BA7C-AC0A62318F5C}.100] ***********
    2008-06-02 08:50:01:849 1120 ca0 DnldMgr Regulation: {7971F918-A847-4430-9279-4A52D1EFE18D} - Update BEACD8CF-C2A6-4149-BA7C-AC0A62318F5C is "PerUpdate" regulated and can NOT download. Sequence 6729 vs AcceptRate 0.
    2008-06-02 08:50:01:849 1120 ca0 DnldMgr * Update is not allowed to download due to regulation.
    2008-06-02 08:50:01:849 1120 ca0 DnldMgr *********** DnldMgr: New download job [UpdateId = {9A566CE2-29D0-4252-81E3-87EC0412A1ED}.100] ***********
    2008-06-02 08:50:01:849 1120 ca0 DnldMgr Regulation: {7971F918-A847-4430-9279-4A52D1EFE18D} - Update 9A566CE2-29D0-4252-81E3-87EC0412A1ED is "PerUpdate" regulated and can NOT download. Sequence 6729 vs AcceptRate 0.
    2008-06-02 08:50:01:849 1120 ca0 DnldMgr * Update is not allowed to download due to regulation.
    2008-06-02 08:50:01:849 1120 ca0 DnldMgr *********** DnldMgr: New download job [UpdateId = {24533297-F36E-473D-AA33-84F28A412E1A}.100] ***********
    2008-06-02 08:50:01:849 1120 ca0 DnldMgr Regulation: {7971F918-A847-4430-9279-4A52D1EFE18D} - Update 24533297-F36E-473D-AA33-84F28A412E1A is "PerUpdate" regulated and can NOT download. Sequence 6729 vs AcceptRate 0.
    2008-06-02 08:50:01:849 1120 ca0 DnldMgr * Update is not allowed to download due to regulation.
    2008-06-02 08:50:01:849 1120 ca0 DnldMgr *********** DnldMgr: New download job [UpdateId = {60677071-E060-4A1F-AE30-F348E31370B0}.100] ***********
    2008-06-02 08:50:01:849 1120 ca0 DnldMgr Regulation: {7971F918-A847-4430-9279-4A52D1EFE18D} - Update 60677071-E060-4A1F-AE30-F348E31370B0 is "PerUpdate" regulated and can NOT download. Sequence 6729 vs AcceptRate 0.
    2008-06-02 08:50:01:849 1120 ca0 DnldMgr * Update is not allowed to download due to regulation.
    2008-06-02 08:50:01:849 1120 ca0 DnldMgr *********** DnldMgr: New download job [UpdateId = {D1205BD9-6E05-4FCC-9E4F-AAC7F3C3A566}.100] ***********
    2008-06-02 08:50:01:849 1120 ca0 DnldMgr Regulation: {7971F918-A847-4430-9279-4A52D1EFE18D} - Update D1205BD9-6E05-4FCC-9E4F-AAC7F3C3A566 is "PerUpdate" regulated and can NOT download. Sequence 6729 vs AcceptRate 0.
    2008-06-02 08:50:01:849 1120 ca0 DnldMgr * Update is not allowed to download due to regulation.
    2008-06-02 08:50:01:849 1120 ca0 DnldMgr *********** DnldMgr: New download job [UpdateId = {DA4DA33A-2699-439F-A4FB-0DFDE5CDDFD0}.100] ***********
    2008-06-02 08:50:01:849 1120 ca0 DnldMgr Regulation: {7971F918-A847-4430-9279-4A52D1EFE18D} - Update DA4DA33A-2699-439F-A4FB-0DFDE5CDDFD0 is "PerUpdate" regulated and can NOT download. Sequence 6729 vs AcceptRate 0.
    2008-06-02 08:50:01:849 1120 ca0 DnldMgr * Update is not allowed to download due to regulation.
    2008-06-02 08:50:01:849 1120 ca0 DnldMgr *********** DnldMgr: New download job [UpdateId = {A5C82250-DB54-4ED2-B565-F5423820DD2C}.100] ***********
    2008-06-02 08:50:01:849 1120 ca0 DnldMgr Regulation: {7971F918-A847-4430-9279-4A52D1EFE18D} - Update A5C82250-DB54-4ED2-B565-F5423820DD2C is "PerUpdate" regulated and can NOT download. Sequence 6729 vs AcceptRate 0.
    2008-06-02 08:50:01:849 1120 ca0 DnldMgr * Update is not allowed to download due to regulation.
    2008-06-02 08:50:01:849 1120 ca0 DnldMgr Regulation: {7971F918-A847-4430-9279-4A52D1EFE18D} - Update B5718698-D6E7-4E54-8744-0136ED23DEF7 is "PerUpdate" regulated and can NOT download. Sequence 6729 vs AcceptRate 0.
    2008-06-02 08:50:01:849 1120 ca0 DnldMgr Regulation: {7971F918-A847-4430-9279-4A52D1EFE18D} - Update CB795DF7-7719-4B14-9A5C-866C593A4A58 is "PerUpdate" regulated and can NOT download. Sequence 6729 vs AcceptRate 0.
    2008-06-02 08:50:01:849 1120 ca0 DnldMgr Regulation: {7971F918-A847-4430-9279-4A52D1EFE18D} - Update BEACD8CF-C2A6-4149-BA7C-AC0A62318F5C is "PerUpdate" regulated and can NOT download. Sequence 6729 vs AcceptRate 0.
    2008-06-02 08:50:01:849 1120 ca0 DnldMgr Regulation: {7971F918-A847-4430-9279-4A52D1EFE18D} - Update 9A566CE2-29D0-4252-81E3-87EC0412A1ED is "PerUpdate" regulated and can NOT download. Sequence 6729 vs AcceptRate 0.
    2008-06-02 08:50:01:849 1120 ca0 DnldMgr Regulation: {7971F918-A847-4430-9279-4A52D1EFE18D} - Update 24533297-F36E-473D-AA33-84F28A412E1A is "PerUpdate" regulated and can NOT download. Sequence 6729 vs AcceptRate 0.
    2008-06-02 08:50:01:849 1120 ca0 DnldMgr Regulation: {7971F918-A847-4430-9279-4A52D1EFE18D} - Update 60677071-E060-4A1F-AE30-F348E31370B0 is "PerUpdate" regulated and can NOT download. Sequence 6729 vs AcceptRate 0.
    2008-06-02 08:50:01:849 1120 ca0 DnldMgr Regulation: {7971F918-A847-4430-9279-4A52D1EFE18D} - Update D1205BD9-6E05-4FCC-9E4F-AAC7F3C3A566 is "PerUpdate" regulated and can NOT download. Sequence 6729 vs AcceptRate 0.
    2008-06-02 08:50:01:849 1120 ca0 DnldMgr Regulation: {7971F918-A847-4430-9279-4A52D1EFE18D} - Update DA4DA33A-2699-439F-A4FB-0DFDE5CDDFD0 is "PerUpdate" regulated and can NOT download. Sequence 6729 vs AcceptRate 0.
    2008-06-02 08:50:01:849 1120 ca0 DnldMgr Regulation: {7971F918-A847-4430-9279-4A52D1EFE18D} - Update A5C82250-DB54-4ED2-B565-F5423820DD2C is "PerUpdate" regulated and can NOT download. Sequence 6729 vs AcceptRate 0.
    2008-06-02 08:50:01:849 1120 ca0 DnldMgr *********** DnldMgr: New download job [UpdateId = {1146F9E6-B059-47AB-A6B5-D62A5CA5F3A4}.100] ***********
    2008-06-02 08:50:01:850 1120 ca0 DnldMgr * Queueing update for download handler request generation.
    2008-06-02 08:50:01:850 1120 ca0 DnldMgr *********** DnldMgr: New download job [UpdateId = {976BD6E8-ADCA-401E-88FA-E7535576C4F7}.101] ***********
    2008-06-02 08:50:01:850 1120 ca0 DnldMgr Regulation: {7971F918-A847-4430-9279-4A52D1EFE18D} - Update 976BD6E8-ADCA-401E-88FA-E7535576C4F7 is "PerUpdate" regulated and can NOT download. Sequence 6729 vs AcceptRate 0.
    2008-06-02 08:50:01:850 1120 ca0 DnldMgr * Update is not allowed to download due to regulation.
    2008-06-02 08:50:01:850 1120 ca0 DnldMgr Regulation: {7971F918-A847-4430-9279-4A52D1EFE18D} - Update 976BD6E8-ADCA-401E-88FA-E7535576C4F7 is "PerUpdate" regulated and can NOT download. Sequence 6729 vs AcceptRate 0.
    2008-06-02 08:50:01:850 1120 ca0 DnldMgr Generating download request for update {1146F9E6-B059-47AB-A6B5-D62A5CA5F3A4}.100
    2008-06-02 08:50:04:313 1120 ca0 Handler Generating request for CBS update 1146F9E6-B059-47AB-A6B5-D62A5CA5F3A4 in sandbox C:\Windows\SoftwareDistribution\Download\3220d51973049542c7e9a0d55ad9ce1a
    2008-06-02 08:50:04:314 1120 ca0 Handler Selected payload type is ptExpress
    2008-06-02 08:50:04:425 1120 ca0 Handler Detected download state is dsHaveDownloadResponses
    2008-06-02 08:50:07:917 1120 ca0 Handler Request generation for CBS update complete with hr=0x0 and pfResetSandbox=0
    2008-06-02 08:50:09:711 1120 ca0 Service WARNING: GetUserTokenFromSessionId failed with error 800703f0 for session 0
    2008-06-02 08:50:09:711 1120 ca0 Service WARNING: GetUserTokenFromSessionId failed with error 800703f0 for session 0
    2008-06-02 08:50:09:711 1120 ca0 DnldMgr *********** DnldMgr: New download job [UpdateId = {233DE8D2-7C24-4766-B3C7-EF1E65CB1522}.101] ***********
    2008-06-02 08:50:09:711 1120 ca0 DnldMgr Regulation: {7971F918-A847-4430-9279-4A52D1EFE18D} - Update 233DE8D2-7C24-4766-B3C7-EF1E65CB1522 is "PerUpdate" regulated and can NOT download. Sequence 6729 vs AcceptRate 0.
    2008-06-02 08:50:09:711 1120 ca0 DnldMgr * Update is not allowed to download due to regulation.
    2008-06-02 08:50:09:711 1120 ca0 DnldMgr Regulation: {7971F918-A847-4430-9279-4A52D1EFE18D} - Update 233DE8D2-7C24-4766-B3C7-EF1E65CB1522 is "PerUpdate" regulated and can NOT download. Sequence 6729 vs AcceptRate 0.
    2008-06-02 08:50:09:712 1120 ca0 Service WARNING: GetUserTokenFromSessionId failed with error 800703f0 for session 0
    2008-06-02 08:50:09:712 1120 ca0 Service WARNING: GetUserTokenFromSessionId failed with error 800703f0 for session 0
    2008-06-02 08:50:09:712 1120 ca0 DnldMgr *********** DnldMgr: New download job [UpdateId = {0461F8D4-8474-4FCB-B2D0-06026E3D08F2}.100] ***********
    2008-06-02 08:50:09:712 1120 ca0 DnldMgr Regulation: {7971F918-A847-4430-9279-4A52D1EFE18D} - Update 0461F8D4-8474-4FCB-B2D0-06026E3D08F2 is "PerUpdate" regulated and can NOT download. Sequence 6729 vs AcceptRate 0.
    2008-06-02 08:50:09:712 1120 ca0 DnldMgr * Update is not allowed to download due to regulation.
    2008-06-02 08:50:09:712 1120 ca0 DnldMgr Regulation: {7971F918-A847-4430-9279-4A52D1EFE18D} - Update 0461F8D4-8474-4FCB-B2D0-06026E3D08F2 is "PerUpdate" regulated and can NOT download. Sequence 6729 vs AcceptRate 0.
    2008-06-02 08:50:09:713 1120 ca0 Service WARNING: GetUserTokenFromSessionId failed with error 800703f0 for session 0
    2008-06-02 08:50:09:713 1120 ca0 Service WARNING: GetUserTokenFromSessionId failed with error 800703f0 for session 0
    2008-06-02 08:50:09:713 1120 ca0 DnldMgr *********** DnldMgr: New download job [UpdateId = {B5718698-D6E7-4E54-8744-0136ED23DEF7}.100] ***********
    2008-06-02 08:50:09:713 1120 ca0 DnldMgr Regulation: {7971F918-A847-4430-9279-4A52D1EFE18D} - Update B5718698-D6E7-4E54-8744-0136ED23DEF7 is "PerUpdate" regulated and can NOT download. Sequence 6729 vs AcceptRate 0.
    2008-06-02 08:50:09:713 1120 ca0 DnldMgr * Update is not allowed to download due to regulation.
    2008-06-02 08:50:09:713 1120 ca0 DnldMgr *********** DnldMgr: New download job [UpdateId = {CB795DF7-7719-4B14-9A5C-866C593A4A58}.100] ***********
    2008-06-02 08:50:09:713 1120 ca0 DnldMgr Regulation: {7971F918-A847-4430-9279-4A52D1EFE18D} - Update CB795DF7-7719-4B14-9A5C-866C593A4A58 is "PerUpdate" regulated and can NOT download. Sequence 6729 vs AcceptRate 0.
    2008-06-02 08:50:09:713 1120 ca0 DnldMgr * Update is not allowed to download due to regulation.
    2008-06-02 08:50:09:713 1120 ca0 DnldMgr *********** DnldMgr: New download job [UpdateId = {BEACD8CF-C2A6-4149-BA7C-AC0A62318F5C}.100] ***********
    2008-06-02 08:50:09:713 1120 ca0 DnldMgr Regulation: {7971F918-A847-4430-9279-4A52D1EFE18D} - Update BEACD8CF-C2A6-4149-BA7C-AC0A62318F5C is "PerUpdate" regulated and can NOT download. Sequence 6729 vs AcceptRate 0.
    2008-06-02 08:50:09:713 1120 ca0 DnldMgr * Update is not allowed to download due to regulation.
    2008-06-02 08:50:09:713 1120 ca0 DnldMgr *********** DnldMgr: New download job [UpdateId = {9A566CE2-29D0-4252-81E3-87EC0412A1ED}.100] ***********
    2008-06-02 08:50:09:713 1120 ca0 DnldMgr Regulation: {7971F918-A847-4430-9279-4A52D1EFE18D} - Update 9A566CE2-29D0-4252-81E3-87EC0412A1ED is "PerUpdate" regulated and can NOT download. Sequence 6729 vs AcceptRate 0.
    2008-06-02 08:50:09:713 1120 ca0 DnldMgr * Update is not allowed to download due to regulation.
    2008-06-02 08:50:09:713 1120 ca0 DnldMgr *********** DnldMgr: New download job [UpdateId = {24533297-F36E-473D-AA33-84F28A412E1A}.100] ***********
    2008-06-02 08:50:09:713 1120 ca0 DnldMgr Regulation: {7971F918-A847-4430-9279-4A52D1EFE18D} - Update 24533297-F36E-473D-AA33-84F28A412E1A is "PerUpdate" regulated and can NOT download. Sequence 6729 vs AcceptRate 0.
    2008-06-02 08:50:09:713 1120 ca0 DnldMgr * Update is not allowed to download due to regulation.
    2008-06-02 08:50:09:713 1120 ca0 DnldMgr *********** DnldMgr: New download job [UpdateId = {60677071-E060-4A1F-AE30-F348E31370B0}.100] ***********
    2008-06-02 08:50:09:714 1120 ca0 DnldMgr Regulation: {7971F918-A847-4430-9279-4A52D1EFE18D} - Update 60677071-E060-4A1F-AE30-F348E31370B0 is "PerUpdate" regulated and can NOT download. Sequence 6729 vs AcceptRate 0.
    2008-06-02 08:50:09:714 1120 ca0 DnldMgr * Update is not allowed to download due to regulation.
    2008-06-02 08:50:09:714 1120 ca0 DnldMgr *********** DnldMgr: New download job [UpdateId = {D1205BD9-6E05-4FCC-9E4F-AAC7F3C3A566}.100] ***********
    2008-06-02 08:50:09:714 1120 ca0 DnldMgr Regulation: {7971F918-A847-4430-9279-4A52D1EFE18D} - Update D1205BD9-6E05-4FCC-9E4F-AAC7F3C3A566 is "PerUpdate" regulated and can NOT download. Sequence 6729 vs AcceptRate 0.
    2008-06-02 08:50:09:714 1120 ca0 DnldMgr * Update is not allowed to download due to regulation.
    2008-06-02 08:50:09:714 1120 ca0 DnldMgr *********** DnldMgr: New download job [UpdateId = {DA4DA33A-2699-439F-A4FB-0DFDE5CDDFD0}.100] ***********
    2008-06-02 08:50:09:714 1120 ca0 DnldMgr Regulation: {7971F918-A847-4430-9279-4A52D1EFE18D} - Update DA4DA33A-2699-439F-A4FB-0DFDE5CDDFD0 is "PerUpdate" regulated and can NOT download. Sequence 6729 vs AcceptRate 0.
    2008-06-02 08:50:09:714 1120 ca0 DnldMgr * Update is not allowed to download due to regulation.
    2008-06-02 08:50:09:714 1120 ca0 DnldMgr *********** DnldMgr: New download job [UpdateId = {A5C82250-DB54-4ED2-B565-F5423820DD2C}.100] ***********
    2008-06-02 08:50:09:714 1120 ca0 DnldMgr Regulation: {7971F918-A847-4430-9279-4A52D1EFE18D} - Update A5C82250-DB54-4ED2-B565-F5423820DD2C is "PerUpdate" regulated and can NOT download. Sequence 6729 vs AcceptRate 0.
    2008-06-02 08:50:09:714 1120 ca0 DnldMgr * Update is not allowed to download due to regulation.
    2008-06-02 08:50:09:714 1120 ca0 DnldMgr Regulation: {7971F918-A847-4430-9279-4A52D1EFE18D} - Update B5718698-D6E7-4E54-8744-0136ED23DEF7 is "PerUpdate" regulated and can NOT download. Sequence 6729 vs AcceptRate 0.
    2008-06-02 08:50:09:714 1120 ca0 DnldMgr Regulation: {7971F918-A847-4430-9279-4A52D1EFE18D} - Update CB795DF7-7719-4B14-9A5C-866C593A4A58 is "PerUpdate" regulated and can NOT download. Sequence 6729 vs AcceptRate 0.
    2008-06-02 08:50:09:714 1120 ca0 DnldMgr Regulation: {7971F918-A847-4430-9279-4A52D1EFE18D} - Update BEACD8CF-C2A6-4149-BA7C-AC0A62318F5C is "PerUpdate" regulated and can NOT download. Sequence 6729 vs AcceptRate 0.
    2008-06-02 08:50:09:714 1120 ca0 DnldMgr Regulation: {7971F918-A847-4430-9279-4A52D1EFE18D} - Update 9A566CE2-29D0-4252-81E3-87EC0412A1ED is "PerUpdate" regulated and can NOT download. Sequence 6729 vs AcceptRate 0.
    2008-06-02 08:50:09:714 1120 ca0 DnldMgr Regulation: {7971F918-A847-4430-9279-4A52D1EFE18D} - Update 24533297-F36E-473D-AA33-84F28A412E1A is "PerUpdate" regulated and can NOT download. Sequence 6729 vs AcceptRate 0.
    2008-06-02 08:50:09:714 1120 ca0 DnldMgr Regulation: {7971F918-A847-4430-9279-4A52D1EFE18D} - Update 60677071-E060-4A1F-AE30-F348E31370B0 is "PerUpdate" regulated and can NOT download. Sequence 6729 vs AcceptRate 0.
    2008-06-02 08:50:09:714 1120 ca0 DnldMgr Regulation: {7971F918-A847-4430-9279-4A52D1EFE18D} - Update D1205BD9-6E05-4FCC-9E4F-AAC7F3C3A566 is "PerUpdate" regulated and can NOT download. Sequence 6729 vs AcceptRate 0.
    2008-06-02 08:50:09:714 1120 ca0 DnldMgr Regulation: {7971F918-A847-4430-9279-4A52D1EFE18D} - Update DA4DA33A-2699-439F-A4FB-0DFDE5CDDFD0 is "PerUpdate" regulated and can NOT download. Sequence 6729 vs AcceptRate 0.
    2008-06-02 08:50:09:714 1120 ca0 DnldMgr Regulation: {7971F918-A847-4430-9279-4A52D1EFE18D} - Update A5C82250-DB54-4ED2-B565-F5423820DD2C is "PerUpdate" regulated and can NOT download. Sequence 6729 vs AcceptRate 0.
    2008-06-02 08:50:09:714 1120 ca0 DnldMgr *********** DnldMgr: New download job [UpdateId = {1146F9E6-B059-47AB-A6B5-D62A5CA5F3A4}.100] ***********
    2008-06-02 08:50:09:715 1120 ca0 DnldMgr * All files for update were already downloaded and are valid.
    2008-06-02 08:50:09:742 1120 ca0 DnldMgr *********** DnldMgr: New download job [UpdateId = {976BD6E8-ADCA-401E-88FA-E7535576C4F7}.101] ***********
    2008-06-02 08:50:09:742 1120 ca0 DnldMgr Regulation: {7971F918-A847-4430-9279-4A52D1EFE18D} - Update 976BD6E8-ADCA-401E-88FA-E7535576C4F7 is "PerUpdate" regulated and can NOT download. Sequence 6729 vs AcceptRate 0.
    2008-06-02 08:50:09:742 1120 ca0 DnldMgr * Update is not allowed to download due to regulation.
    2008-06-02 08:50:09:743 1120 ca0 DnldMgr Regulation: {7971F918-A847-4430-9279-4A52D1EFE18D} - Update 976BD6E8-ADCA-401E-88FA-E7535576C4F7 is "PerUpdate" regulated and can NOT download. Sequence 6729 vs AcceptRate 0.
    2008-06-02 08:50:09:752 1120 10f4 AU >>## RESUMED ## AU: Download update [UpdateId = {86877202-06DC-49F4-AF2E-779A314FB649}, succeeded]
    2008-06-02 08:50:09:753 1120 10f4 AU AU checked download status and it changed: Downloading is paused
    2008-06-02 08:50:09:753 1120 10f4 AU Setting AU scheduled install time to 2008-06-03 01:00:00
    2008-06-02 08:50:09:754 1120 10f8 DnldMgr Regulation: {7971F918-A847-4430-9279-4A52D1EFE18D} - Update 233DE8D2-7C24-4766-B3C7-EF1E65CB1522 is "PerUpdate" regulated and can NOT download. Sequence 6729 vs AcceptRate 0.
    2008-06-02 08:50:09:754 1120 10f8 DnldMgr Regulation: {7971F918-A847-4430-9279-4A52D1EFE18D} - Update 0461F8D4-8474-4FCB-B2D0-06026E3D08F2 is "PerUpdate" regulated and can NOT download. Sequence 6729 vs AcceptRate 0.
    2008-06-02 08:50:09:754 1120 10f8 DnldMgr Regulation: {7971F918-A847-4430-9279-4A52D1EFE18D} - Update B5718698-D6E7-4E54-8744-0136ED23DEF7 is "PerUpdate" regulated and can NOT download. Sequence 6729 vs AcceptRate 0.
    2008-06-02 08:50:09:754 1120 10f8 DnldMgr Regulation: {7971F918-A847-4430-9279-4A52D1EFE18D} - Update CB795DF7-7719-4B14-9A5C-866C593A4A58 is "PerUpdate" regulated and can NOT download. Sequence 6729 vs AcceptRate 0.
    2008-06-02 08:50:09:754 1120 10f8 DnldMgr Regulation: {7971F918-A847-4430-9279-4A52D1EFE18D} - Update BEACD8CF-C2A6-4149-BA7C-AC0A62318F5C is "PerUpdate" regulated and can NOT download. Sequence 6729 vs AcceptRate 0.
    2008-06-02 08:50:09:754 1120 10f8 DnldMgr Regulation: {7971F918-A847-4430-9279-4A52D1EFE18D} - Update 9A566CE2-29D0-4252-81E3-87EC0412A1ED is "PerUpdate" regulated and can NOT download. Sequence 6729 vs AcceptRate 0.
    2008-06-02 08:50:09:754 1120 10f8 DnldMgr Regulation: {7971F918-A847-4430-9279-4A52D1EFE18D} - Update 24533297-F36E-473D-AA33-84F28A412E1A is "PerUpdate" regulated and can NOT download. Sequence 6729 vs AcceptRate 0.
    2008-06-02 08:50:09:754 1120 10f8 DnldMgr Regulation: {7971F918-A847-4430-9279-4A52D1EFE18D} - Update 60677071-E060-4A1F-AE30-F348E31370B0 is "PerUpdate" regulated and can NOT download. Sequence 6729 vs AcceptRate 0.
    2008-06-02 08:50:09:754 1120 10f8 DnldMgr Regulation: {7971F918-A847-4430-9279-4A52D1EFE18D} - Update D1205BD9-6E05-4FCC-9E4F-AAC7F3C3A566 is "PerUpdate" regulated and can NOT download. Sequence 6729 vs AcceptRate 0.
    2008-06-02 08:50:09:754 1120 10f8 DnldMgr Regulation: {7971F918-A847-4430-9279-4A52D1EFE18D} - Update DA4DA33A-2699-439F-A4FB-0DFDE5CDDFD0 is "PerUpdate" regulated and can NOT download. Sequence 6729 vs AcceptRate 0.
    2008-06-02 08:50:09:754 1120 10f8 DnldMgr Regulation: {7971F918-A847-4430-9279-4A52D1EFE18D} - Update A5C82250-DB54-4ED2-B565-F5423820DD2C is "PerUpdate" regulated and can NOT download. Sequence 6729 vs AcceptRate 0.
    2008-06-02 08:50:09:754 1120 10f8 DnldMgr Regulation: {7971F918-A847-4430-9279-4A52D1EFE18D} - Update 976BD6E8-ADCA-401E-88FA-E7535576C4F7 is "PerUpdate" regulated and can NOT download. Sequence 6729 vs AcceptRate 0.
    2008-06-02 08:50:09:872 1120 14b8 AU AU received handle event
    2008-06-02 08:50:14:752 1120 10f8 Report REPORT EVENT: {109649EC-2A19-44E3-8505-18C28901109C} 2008-06-02 08:50:09:752+0200 1 162 101 {86877202-06DC-49F4-AF2E-779A314FB649} 100 0 AutomaticUpdates Success Content Download Download succeeded.
    2008-06-02 08:50:14:752 1120 10f8 Report REPORT EVENT: {C16BC0D1-E831-4BA2-B0C4-1BE99303BA09} 2008-06-02 08:50:09:832+0200 1 188 102 {00000000-0000-0000-0000-000000000000} 0 0 AutomaticUpdates Success Content Install Installation Ready: The following updates are downloaded and ready for installation. This computer is currently scheduled to install these updates on ‎mardi ‎3 ‎juin ‎2008 at 03:00: - Mise à jour cumulative pour Media Center pour Windows Vista (KB947172) - Mise à jour de sécurité pour Microsoft Office Word 2003 (KB951808) - Outil de suppression de logiciels malveillants Windows - mai 2008 (KB890830) - Mise à jour pour Windows Vista (KB949939) - Mise à jour de sécurité cumulative pour Internet Explorer 7 pour Windows Vista (KB947864) - Mise à jour de sécurité pour Windows Vista (KB945553) - Mise à jour pour Windows Vista (KB947562) - Mise à jour de sécurité pour Windows Vista (KB943055) - Mise à jour pour Windows Vista (KB943411) - Mise à jour de sécurité pour Windows Vista (KB948590) - Mise à jour de sécurité pour Windows Vista (KB941693) - Mise à jour pour le filtre de courrier indésirable de Microsoft Office Outlook 2007 (KB950378) - Mise à jour pour Windows Vista (KB938371) - Mise à jour de sécurité pour les bits d'arrêt ActiveX pour Windows Vista (KB948881) - Mise à jour de sécurité pour Windows Vista (KB946456) - Mise à jour de sécurité pour Microsoft Offic
    2008-06-02 09:26:59:213 1120 16f8 DnldMgr *********** DnldMgr: Regulation Refresh [Svc: {7971F918-A847-4430-9279-4A52D1EFE18D}] ***********
    2008-06-02 09:26:59:214 1120 16f8 DnldMgr Contacting regulation server for 12 updates.
    2008-06-02 09:26:59:440 1120 16f8 Misc Validating signature for C:\Windows\SoftwareDistribution\WuRedir\7971F918-A847-4430-9279-4A52D1EFE18D\wuredir.cab:
    2008-06-02 09:26:59:464 1120 16f8 Misc Microsoft signed: Yes
    2008-06-02 09:26:59:472 1120 16f8 DnldMgr Regulation server path: http://www.update.microsoft.com/v6/UpdateRegulationServ....
    2008-06-02 09:27:14:007 1120 16f8 DnldMgr Per-Update: da4da33a-2699-439f-a4fb-0dfde5cddfd0 at rate 0
    2008-06-02 09:27:14:007 1120 16f8 DnldMgr Per-Update: a5c82250-db54-4ed2-b565-f5423820dd2c at rate 0
    2008-06-02 09:27:14:007 1120 16f8 DnldMgr Per-Update: 60677071-e060-4a1f-ae30-f348e31370b0 at rate 0
    2008-06-02 09:27:14:007 1120 16f8 DnldMgr Per-Update: 24533297-f36e-473d-aa33-84f28a412e1a at rate 0
    2008-06-02 09:27:14:007 1120 16f8 DnldMgr Per-Update: b5718698-d6e7-4e54-8744-0136ed23def7 at rate 0
    2008-06-02 09:27:14:007 1120 16f8 DnldMgr Per-Update: beacd8cf-c2a6-4149-ba7c-ac0a62318f5c at rate 0
    2008-06-02 09:27:14:008 1120 16f8 DnldMgr Per-Update: 233de8d2-7c24-4766-b3c7-ef1e65cb1522 at rate 0
    2008-06-02 09:27:14:008 1120 16f8 DnldMgr Per-Update: 0461f8d4-8474-4fcb-b2d0-06026e3d08f2 at rate 0
    2008-06-02 09:27:14:008 1120 16f8 DnldMgr Per-Update: d1205bd9-6e05-4fcc-9e4f-aac7f3c3a566 at rate 0
    2008-06-02 09:27:14:008 1120 16f8 DnldMgr Per-Update: 9a566ce2-29d0-4252-81e3-87ec0412a1ed at rate 0
    2008-06-02 09:27:14:008 1120 16f8 DnldMgr Per-Update: 976bd6e8-adca-401e-88fa-e7535576c4f7 at rate 0
    2008-06-02 09:27:14:008 1120 16f8 DnldMgr Per-Update: cb795df7-7719-4b14-9a5c-866c593a4a58 at rate 0
    2008-06-02 09:27:14:008 1120 16f8 DnldMgr * Regulation call complete. 0x00000000
    2008-06-02 09:27:14:009 1120 16f8 Service WARNING: GetUserTokenFromSessionId failed with error 800703f0 for session 0
    2008-06-02 09:27:14:010 1120 16f8 Service WARNING: GetUserTokenFromSessionId failed with error 800703f0 for session 0
    2008-06-02 09:27:14:010 1120 16f8 DnldMgr *********** DnldMgr: New download job [UpdateId = {233DE8D2-7C24-4766-B3C7-EF1E65CB1522}.101] ***********
    2008-06-02 09:27:14:010 1120 16f8 DnldMgr Regulation: {7971F918-A847-4430-9279-4A52D1EFE18D} - Update 233DE8D2-7C24-4766-B3C7-EF1E65CB1522 is "PerUpdate" regulated and can NOT download. Sequence 6729 vs AcceptRate 0.
    2008-06-02 09:27:14:010 1120 16f8 DnldMgr * Update is not allowed to download due to regulation.
    2008-06-02 09:27:14:010 1120 16f8 DnldMgr Regulation: {7971F918-A847-4430-9279-4A52D1EFE18D} - Update 233DE8D2-7C24-4766-B3C7-EF1E65CB1522 is "PerUpdate" regulated and can NOT download. Sequence 6729 vs AcceptRate 0.
    2008-06-02 09:27:14:010 1120 16f8 Service WARNING: GetUserTokenFromSessionId failed with error 800703f0 for session 0
    2008-06-02 09:27:14:011 1120 16f8 Service WARNING: GetUserTokenFromSessionId failed with error 800703f0 for session 0
    2008-06-02 09:27:14:011 1120 16f8 DnldMgr *********** DnldMgr: New download job [UpdateId = {0461F8D4-8474-4FCB-B2D0-06026E3D08F2}.100] ***********
    2008-06-02 09:27:14:011 1120 16f8 DnldMgr Regulation: {7971F918-A847-4430-9279-4A52D1EFE18D} - Update 0461F8D4-8474-4FCB-B2D0-06026E3D08F2 is "PerUpdate" regulated and can NOT download. Sequence 6729 vs AcceptRate 0.
    2008-06-02 09:27:14:011 1120 16f8 DnldMgr * Update is not allowed to download due to regulation.
    2008-06-02 09:27:14:011 1120 16f8 DnldMgr Regulation: {7971F918-A847-4430-9279-4A52D1EFE18D} - Update 0461F8D4-8474-4FCB-B2D0-06026E3D08F2 is "PerUpdate" regulated and can NOT download. Sequence 6729 vs AcceptRate 0.
    2008-06-02 09:27:14:011 1120 16f8 Service WARNING: GetUserTokenFromSessionId failed with error 800703f0 for session 0
    2008-06-02 09:27:14:012 1120 16f8 Service WARNING: GetUserTokenFromSessionId failed with error 800703f0 for session 0
    2008-06-02 09:27:14:012 1120 16f8 DnldMgr *********** DnldMgr: New download job [UpdateId = {B5718698-D6E7-4E54-8744-0136ED23DEF7}.100] ***********
    2008-06-02 09:27:14:012 1120 16f8 DnldMgr Regulation: {7971F918-A847-4430-9279-4A52D1EFE18D} - Update B5718698-D6E7-4E54-8744-0136ED23DEF7 is "PerUpdate" regulated and can NOT download. Sequence 6729 vs AcceptRate 0.
    2008-06-02 09:27:14:012 1120 16f8 DnldMgr * Update is not allowed to download due to regulation.
    2008-06-02 09:27:14:012 1120 16f8 DnldMgr *********** DnldMgr: New download job [UpdateId = {CB795DF7-7719-4B14-9A5C-866C593A4A58}.100] ***********
    2008-06-02 09:27:14:012 1120 16f8 DnldMgr Regulation: {7971F918-A847-4430-9279-4A52D1EFE18D} - Update CB795DF7-7719-4B14-9A5C-866C593A4A58 is "PerUpdate" regulated and can NOT download. Sequence 6729 vs AcceptRate 0.
    2008-06-02 09:27:14:012 1120 16f8 DnldMgr * Update is not allowed to download due to regulation.
    2008-06-02 09:27:14:012 1120 16f8 DnldMgr *********** DnldMgr: New download job [UpdateId = {BEACD8CF-C2A6-4149-BA7C-AC0A62318F5C}.100] ***********
    2008-06-02 09:27:14:012 1120 16f8 DnldMgr Regulation: {7971F918-A847-4430-9279-4A52D1EFE18D} - Update BEACD8CF-C2A6-4149-BA7C-AC0A62318F5C is "PerUpdate" regulated and can NOT download. Sequence 6729 vs AcceptRate 0.
    2008-06-02 09:27:14:012 1120 16f8 DnldMgr * Update is not allowed to download due to regulation.
    2008-06-02 09:27:14:012 1120 16f8 DnldMgr *********** DnldMgr: New download job [UpdateId = {9A566CE2-29D0-4252-81E3-87EC0412A1ED}.100] ***********
    2008-06-02 09:27:14:012 1120 16f8 DnldMgr Regulation: {7971F918-A847-4430-9279-4A52D1EFE18D} - Update 9A566CE2-29D0-4252-81E3-87EC0412A1ED is "PerUpdate" regulated and can NOT download. Sequence 6729 vs AcceptRate 0.
    2008-06-02 09:27:14:012 1120 16f8 DnldMgr * Update is not allowed to download due to regulation.
    2008-06-02 09:27:14:012 1120 16f8 DnldMgr *********** DnldMgr: New download job [UpdateId = {24533297-F36E-473D-AA33-84F28A412E1A}.100] ***********
    2008-06-02 09:27:14:012 1120 16f8 DnldMgr Regulation: {7971F918-A847-4430-9279-4A52D1EFE18D} - Update 24533297-F36E-473D-AA33-84F28A412E1A is "PerUpdate" regulated and can NOT download. Sequence 6729 vs AcceptRate 0.
    2008-06-02 09:27:14:012 1120 16f8 DnldMgr * Update is not allowed to download due to regulation.
    2008-06-02 09:27:14:012 1120 16f8 DnldMgr *********** DnldMgr: New download job [UpdateId = {60677071-E060-4A1F-AE30-F348E31370B0}.100] ***********
    2008-06-02 09:27:14:012 1120 16f8 DnldMgr Regulation: {7971F918-A847-4430-9279-4A52D1EFE18D} - Update 60677071-E060-4A1F-AE30-F348E31370B0 is "PerUpdate" regulated and can NOT download. Sequence 6729 vs AcceptRate 0.
    2008-06-02 09:27:14:012 1120 16f8 DnldMgr * Update is not allowed to download due to regulation.
    2008-06-02 09:27:14:013 1120 16f8 DnldMgr *********** DnldMgr: New download job [UpdateId = {D1205BD9-6E05-4FCC-9E4F-AAC7F3C3A566}.100] ***********
    2008-06-02 09:27:14:013 1120 16f8 DnldMgr Regulation: {7971F918-A847-4430-9279-4A52D1EFE18D} - Update D1205BD9-6E05-4FCC-9E4F-AAC7F3C3A566 is "PerUpdate" regulated and can NOT download. Sequence 6729 vs AcceptRate 0.
    2008-06-02 09:27:14:013 1120 16f8 DnldMgr * Update is not allowed to download due to regulation.
    2008-06-02 09:27:14:013 1120 16f8 DnldMgr *********** DnldMgr: New download job [UpdateId = {DA4DA33A-2699-439F-A4FB-0DFDE5CDDFD0}.100] ***********
    2008-06-02 09:27:14:013 1120 16f8 DnldMgr Regulation: {7971F918-A847-4430-9279-4A52D1EFE18D} - Update DA4DA33A-2699-439F-A4FB-0DFDE5CDDFD0 is "PerUpdate" regulated and can NOT download. Sequence 6729 vs AcceptRate 0.
    2008-06-02 09:27:14:013 1120 16f8 DnldMgr * Update is not allowed to download due to regulation.
    2008-06-02 09:27:14:013 1120 16f8 DnldMgr *********** DnldMgr: New download job [UpdateId = {A5C82250-DB54-4ED2-B565-F5423820DD2C}.100] ***********
    2008-06-02 09:27:14:013 1120 16f8 DnldMgr Regulation: {7971F918-A847-4430-9279-4A52D1EFE18D} - Update A5C82250-DB54-4ED2-B565-F5423820DD2C is "PerUpdate" regulated and can NOT download. Sequence 6729 vs AcceptRate 0.
    2008-06-02 09:27:14:013 1120 16f8 DnldMgr * Update is not allowed to download due to regulation.
    2008-06-02 09:27:14:013 1120 16f8 DnldMgr Regulation: {7971F918-A847-4430-9279-4A52D1EFE18D} - Update B5718698-D6E7-4E54-8744-0136ED23DEF7 is "PerUpdate" regulated and can NOT download. Sequence 6729 vs AcceptRate 0.
    2008-06-02 09:27:14:013 1120 16f8 DnldMgr Regulation: {7971F918-A847-4430-9279-4A52D1EFE18D} - Update CB795DF7-7719-4B14-9A5C-866C593A4A58 is "PerUpdate" regulated and can NOT download. Sequence 6729 vs AcceptRate 0.
    2008-06-02 09:27:14:013 1120 16f8 DnldMgr Regulation: {7971F918-A847-4430-9279-4A52D1EFE18D} - Update BEACD8CF-C2A6-4149-BA7C-AC0A62318F5C is "PerUpdate" regulated and can NOT download. Sequence 6729 vs AcceptRate 0.
    2008-06-02 09:27:14:013 1120 16f8 DnldMgr Regulation: {7971F918-A847-4430-9279-4A52D1EFE18D} - Update 9A566CE2-29D0-4252-81E3-87EC0412A1ED is "PerUpdate" regulated and can NOT download. Sequence 6729 vs AcceptRate 0.
    2008-06-02 09:27:14:013 1120 16f8 DnldMgr Regulation: {7971F918-A847-4430-9279-4A52D1EFE18D} - Update 24533297-F36E-473D-AA33-84F28A412E1A is "PerUpdate" regulated and can NOT download. Sequence 6729 vs AcceptRate 0.
    2008-06-02 09:27:14:013 1120 16f8 DnldMgr Regulation: {7971F918-A847-4430-9279-4A52D1EFE18D} - Update 60677071-E060-4A1F-AE30-F348E31370B0 is "PerUpdate" regulated and can NOT download. Sequence 6729 vs AcceptRate 0.
    2008-06-02 09:27:14:013 1120 16f8 DnldMgr Regulation: {7971F918-A847-4430-9279-4A52D1EFE18D} - Update D1205BD9-6E05-4FCC-9E4F-AAC7F3C3A566 is "PerUpdate" regulated and can NOT download. Sequence 6729 vs AcceptRate 0.
    2008-06-02 09:27:14:013 1120 16f8 DnldMgr Regulation: {7971F918-A847-4430-9279-4A52D1EFE18D} - Update DA4DA33A-2699-439F-A4FB-0DFDE5CDDFD0 is "PerUpdate" regulated and can NOT download. Sequence 6729 vs AcceptRate 0.
    2008-06-02 09:27:14:013 1120 16f8 DnldMgr Regulation: {7971F918-A847-4430-9279-4A52D1EFE18D} - Update A5C82250-DB54-4ED2-B565-F5423820DD2C is "PerUpdate" regulated and can NOT download. Sequence 6729 vs AcceptRate 0.
    2008-06-02 09:27:14:013 1120 16f8 DnldMgr *********** DnldMgr: New download job [UpdateId = {976BD6E8-ADCA-401E-88FA-E7535576C4F7}.101] ***********
    2008-06-02 09:27:14:013 1120 16f8 DnldMgr Regulation: {7971F918-A847-4430-9279-4A52D1EFE18D} - Update 976BD6E8-ADCA-401E-88FA-E7535576C4F7 is "PerUpdate" regulated and can NOT download. Sequence 6729 vs AcceptRate 0.
    2008-06-02 09:27:14:013 1120 16f8 DnldMgr * Update is not allowed to download due to regulation.
    2008-06-02 09:27:14:013 1120 16f8 DnldMgr Regulation: {7971F918-A847-4430-9279-4A52D1EFE18D} - Update 976BD6E8-ADCA-401E-88FA-E7535576C4F7 is "PerUpdate" regulated and can NOT download. Sequence 6729 vs AcceptRate 0.
    2008-06-02 10:36:13:772 1120 177c DnldMgr *********** DnldMgr: Regulation Refresh [Svc: {7971F918-A847-4430-9279-4A52D1EFE18D}] ***********
    2008-06-02 10:36:13:772 1120 177c DnldMgr Contacting regulation server for 12 updates.
    2008-06-02 10:36:14:219 1120 177c Misc Validating signature for C:\Windows\SoftwareDistribution\WuRedir\7971F918-A847-4430-9279-4A52D1EFE18D\wuredir.cab:
    2008-06-02 10:36:14:224 1120 177c Misc Microsoft signed: Yes
    2008-06-02 10:36:14:227 1120 177c DnldMgr Regulation server path: http://www.update.microsoft.com/v6/UpdateRegulationServ....
    2008-06-02 10:36:28:710 1120 177c DnldMgr Per-Update: da4da33a-2699-439f-a4fb-0dfde5cddfd0 at rate 0
    2008-06-02 10:36:28:711 1120 177c DnldMgr Per-Update: a5c82250-db54-4ed2-b565-f5423820dd2c at rate 0
    2008-06-02 10:36:28:711 1120 177c DnldMgr Per-Update: 60677071-e060-4a1f-ae30-f348e31370b0 at rate 0
    2008-06-02 10:36:28:711 1120 177c DnldMgr Per-Update: 24533297-f36e-473d-aa33-84f28a412e1a at rate 0
    2008-06-02 10:36:28:711 1120 177c DnldMgr Per-Update: b5718698-d6e7-4e54-8744-0136ed23def7 at rate 0
    2008-06-02 10:36:28:711 1120 177c DnldMgr Per-Update: beacd8cf-c2a6-4149-ba7c-ac0a62318f5c at rate 0
    2008-06-02 10:36:28:711 1120 177c DnldMgr Per-Update: 233de8d2-7c24-4766-b3c7-ef1e65cb1522 at rate 0
    2008-06-02 10:36:28:711 1120 177c DnldMgr Per-Update: 0461f8d4-8474-4fcb-b2d0-06026e3d08f2 at rate 0
    2008-06-02 10:36:28:711 1120 177c DnldMgr Per-Update: d1205bd9-6e05-4fcc-9e4f-aac7f3c3a566 at rate 0
    2008-06-02 10:36:28:711 1120 177c DnldMgr Per-Update: 9a566ce2-29d0-4252-81e3-87ec0412a1ed at rate 0
    2008-06-02 10:36:28:711 1120 177c DnldMgr Per-Update: 976bd6e8-adca-401e-88fa-e7535576c4f7 at rate 0
    2008-06-02 10:36:28:711 1120 177c DnldMgr Per-Update: cb795df7-7719-4b14-9a5c-866c593a4a58 at rate 0
    2008-06-02 10:36:28:711 1120 177c DnldMgr * Regulation call complete. 0x00000000
    2008-06-02 10:36:28:714 1120 177c Service WARNING: GetUserTokenFromSessionId failed with error 800703f0 for session 0
    2008-06-02 10:36:28:715 1120 177c Service WARNING: GetUserTokenFromSessionId failed with error 800703f0 for session 0
    2008-06-02 10:36:28:809 1120 177c DnldMgr *********** DnldMgr: New download job [UpdateId = {233DE8D2-7C24-4766-B3C7-EF1E65CB1522}.101] ***********
    2008-06-02 10:36:28:810 1120 177c DnldMgr Regulation: {7971F918-A847-4430-9279-4A52D1EFE18D} - Update 233DE8D2-7C24-4766-B3C7-EF1E65CB1522 is "PerUpdate" regulated and can NOT download. Sequence 6729 vs AcceptRate 0.
    2008-06-02 10:36:28:810 1120 177c DnldMgr * Update is not allowed to download due to regulation.
    2008-06-02 10:36:28:810 1120 177c DnldMgr Regulation: {7971F918-A847-4430-9279-4A52D1EFE18D} - Update 233DE8D2-7C24-4766-B3C7-EF1E65CB1522 is "PerUpdate" regulated and can NOT download. Sequence 6729 vs AcceptRate 0.
    2008-06-02 10:36:28:811 1120 177c Service WARNING: GetUserTokenFromSessionId failed with error 800703f0 for session 0
    2008-06-02 10:36:28:813 1120 177c Service WARNING: GetUserTokenFromSessionId failed with error 800703f0 for session 0
    2008-06-02 10:36:28:825 1120 177c DnldMgr *********** DnldMgr: New download job [UpdateId = {0461F8D4-8474-4FCB-B2D0-06026E3D08F2}.100] ***********
    2008-06-02 10:36:28:825 1120 177c DnldMgr Regulation: {7971F918-A847-4430-9279-4A52D1EFE18D} - Update 0461F8D4-8474-4FCB-B2D0-06026E3D08F2 is "PerUpdate" regulated and can NOT download. Sequence 6729 vs AcceptRate 0.
    2008-06-02 10:36:28:825 1120 177c DnldMgr * Update is not allowed to download due to regulation.
    2008-06-02 10:36:28:825 1120 177c DnldMgr Regulation: {7971F918-A847-4430-9279-4A52D1EFE18D} - Update 0461F8D4-8474-4FCB-B2D0-06026E3D08F2 is "PerUpdate" regulated and can NOT download. Sequence 6729 vs AcceptRate 0.
    2008-06-02 10:36:28:827 1120 177c Service WARNING: GetUserTokenFromSessionId failed with error 800703f0 for session 0
    2008-06-02 10:36:28:828 1120 177c Service WARNING: GetUserTokenFromSessionId failed with error 800703f0 for session 0
    2008-06-02 10:36:28:845 1120 177c DnldMgr *********** DnldMgr: New download job [UpdateId = {B5718698-D6E7-4E54-8744-0136ED23DEF7}.100] ***********
    2008-06-02 10:36:28:846 1120 177c DnldMgr Regulation: {7971F918-A847-4430-9279-4A52D1EFE18D} - Update B5718698-D6E7-4E54-8744-0136ED23DEF7 is "PerUpdate" regulated and can NOT download. Sequence 6729 vs AcceptRate 0.
    2008-06-02 10:36:28:846 1120 177c DnldMgr * Update is not allowed to download due to regulation.
    2008-06-02 10:36:28:851 1120 177c DnldMgr *********** DnldMgr: New download job [UpdateId = {CB795DF7-7719-4B14-9A5C-866C593A4A58}.100] ***********
    2008-06-02 10:36:28:851 1120 177c DnldMgr Regulation: {7971F918-A847-4430-9279-4A52D1EFE18D} - Update CB795DF7-7719-4B14-9A5C-866C593A4A58 is "PerUpdate" regulated and can NOT download. Sequence 6729 vs AcceptRate 0.
    2008-06-02 10:36:28:852 1120 177c DnldMgr * Update is not allowed to download due to regulation.
    2008-06-02 10:36:28:855 1120 177c DnldMgr *********** DnldMgr: New download job [UpdateId = {BEACD8CF-C2A6-4149-BA7C-AC0A62318F5C}.100] ***********
    2008-06-02 10:36:28:855 1120 177c DnldMgr Regulation: {7971F918-A847-4430-9279-4A52D1EFE18D} - Update BEACD8CF-C2A6-4149-BA7C-AC0A62318F5C is "PerUpdate" regulated and can NOT download. Sequence 6729 vs AcceptRate 0.
    2008-06-02 10:36:28:855 1120 177c DnldMgr * Update is not allowed to download due to regulation.
    2008-06-02 10:36:28:864 1120 177c DnldMgr *********** DnldMgr: New download job [UpdateId = {9A566CE2-29D0-4252-81E3-87EC0412A1ED}.100] ***********
    2008-06-02 10:36:28:864 1120 177c DnldMgr Regulation: {7971F918-A847-4430-9279-4A52D1EFE18D} - Update 9A566CE2-29D0-4252-81E3-87EC0412A1ED is "PerUpdate" regulated and can NOT download. Sequence 6729 vs AcceptRate 0.
    2008-06-02 10:36:28:865 1120 177c DnldMgr * Update is not allowed to download due to regulation.
    2008-06-02 10:36:28:866 1120 177c DnldMgr *********** DnldMgr: New download job [UpdateId = {24533297-F36E-473D-AA33-84F28A412E1A}.100] ***********
    2008-06-02 10:36:28:867 1120 177c DnldMgr Regulation: {7971F918-A847-4430-9279-4A52D1EFE18D} - Update 24533297-F36E-473D-AA33-84F28A412E1A is "PerUpdate" regulated and can NOT download. Sequence 6729 vs AcceptRate 0.
    2008-06-02 10:36:28:867 1120 177c DnldMgr * Update is not allowed to download due to regulation.
    2008-06-02 10:36:28:887 1120 177c DnldMgr *********** DnldMgr: New download job [UpdateId = {60677071-E060-4A1F-AE30-F348E31370B0}.100] ***********
    2008-06-02 10:36:28:887 1120 177c DnldMgr Regulation: {7971F918-A847-4430-9279-4A52D1EFE18D} - Update 60677071-E060-4A1F-AE30-F348E31370B0 is "PerUpdate" regulated and can NOT download. Sequence 6729 vs AcceptRate 0.
    2008-06-02 10:36:28:887 1120 177c DnldMgr * Update is not allowed to download due to regulation.
    2008-06-02 10:36:28:921 1120 177c DnldMgr *********** DnldMgr: New download job [UpdateId = {D1205BD9-6E05-4FCC-9E4F-AAC7F3C3A566}.100] ***********
    2008-06-02 10:36:28:921 1120 177c DnldMgr Regulation: {7971F918-A847-4430-9279-4A52D1EFE18D} - Update D1205BD9-6E05-4FCC-9E4F-AAC7F3C3A566 is "PerUpdate" regulated and can NOT download. Sequence 6729 vs AcceptRate 0.
    2008-06-02 10:36:28:921 1120 177c DnldMgr * Update is not allowed to download due to regulation.
    2008-06-02 10:36:28:928 1120 177c DnldMgr *********** DnldMgr: New download job [UpdateId = {DA4DA33A-2699-439F-A4FB-0DFDE5CDDFD0}.100] ***********
    2008-06-02 10:36:28:928 1120 177c DnldMgr Regulation: {7971F918-A847-4430-9279-4A52D1EFE18D} - Update DA4DA33A-2699-439F-A4FB-0DFDE5CDDFD0 is "PerUpdate" regulated and can NOT download. Sequence 6729 vs AcceptRate 0.
    2008-06-02 10:36:28:928 1120 177c DnldMgr * Update is not allowed to download due to regulation.
    2008-06-02 10:36:28:941 1120 177c DnldMgr *********** DnldMgr: New download job [UpdateId = {A5C82250-DB54-4ED2-B565-F5423820DD2C}.100] ***********
    2008-06-02 10:36:28:941 1120 177c DnldMgr Regulation: {7971F918-A847-4430-9279-4A52D1EFE18D} - Update A5C82250-DB54-4ED2-B565-F5423820DD2C is "PerUpdate" regulated and can NOT download. Sequence 6729 vs AcceptRate 0.
    2008-06-02 10:36:28:941 1120 177c DnldMgr * Update is not allowed to download due to regulation.
    2008-06-02 10:36:28:941 1120 177c DnldMgr Regulation: {7971F918-A847-4430-9279-4A52D1EFE18D} - Update B5718698-D6E7-4E54-8744-0136ED23DEF7 is "PerUpdate" regulated and can NOT download. Sequence 6729 vs AcceptRate 0.
    2008-06-02 10:36:28:941 1120 177c DnldMgr Regulation: {7971F918-A847-4430-9279-4A52D1EFE18D} - Update CB795DF7-7719-4B14-9A5C-866C593A4A58 is "PerUpdate" regulated and can NOT download. Sequence 6729 vs AcceptRate 0.
    2008-06-02 10:36:28:941 1120 177c DnldMgr Regulation: {7971F918-A847-4430-9279-4A52D1EFE18D} - Update BEACD8CF-C2A6-4149-BA7C-AC0A62318F5C is "PerUpdate" regulated and can NOT download. Sequence 6729 vs AcceptRate 0.
    2008-06-02 10:36:28:941 1120 177c DnldMgr Regulation: {7971F918-A847-4430-9279-4A52D1EFE18D} - Update 9A566CE2-29D0-4252-81E3-87EC0412A1ED is "PerUpdate" regulated and can NOT download. Sequence 6729 vs AcceptRate 0.
    2008-06-02 10:36:28:941 1120 177c DnldMgr Regulation: {7971F918-A847-4430-9279-4A52D1EFE18D} - Update 24533297-F36E-473D-AA33-84F28A412E1A is "PerUpdate" regulated and can NOT download. Sequence 6729 vs AcceptRate 0.
    2008-06-02 10:36:28:942 1120 177c DnldMgr Regulation: {7971F918-A847-4430-9279-4A52D1EFE18D} - Update 60677071-E060-4A1F-AE30-F348E31370B0 is "PerUpdate" regulated and can NOT download. Sequence 6729 vs AcceptRate 0.
    2008-06-02 10:36:28:942 1120 177c DnldMgr Regulation: {7971F918-A847-4430-9279-4A52D1EFE18D} - Update D1205BD9-6E05-4FCC-9E4F-AAC7F3C3A566 is "PerUpdate" regulated and can NOT download. Sequence 6729 vs AcceptRate 0.
    2008-06-02 10:36:28:942 1120 177c DnldMgr Regulation: {7971F918-A847-4430-9279-4A52D1EFE18D} - Update DA4DA33A-2699-439F-A4FB-0DFDE5CDDFD0 is "PerUpdate" regulated and can NOT download. Sequence 6729 vs AcceptRate 0.
    2008-06-02 10:36:28:942 1120 177c DnldMgr Regulation: {7971F918-A847-4430-9279-4A52D1EFE18D} - Update A5C82250-DB54-4ED2-B565-F5423820DD2C is "PerUpdate" regulated and can NOT download. Sequence 6729 vs AcceptRate 0.
    2008-06-02 10:36:28:965 1120 177c DnldMgr *********** DnldMgr: New download job [UpdateId = {976BD6E8-ADCA-401E-88FA-E7535576C4F7}.101] ***********
    2008-06-02 10:36:28:965 1120 177c DnldMgr Regulation: {7971F918-A847-4430-9279-4A52D1EFE18D} - Update 976BD6E8-ADCA-401E-88FA-E7535576C4F7 is "PerUpdate" regulated and can NOT download. Sequence 6729 vs AcceptRate 0.
    2008-06-02 10:36:28:965 1120 177c DnldMgr * Update is not allowed to download due to regulation.
    2008-06-02 10:36:28:965 1120 177c DnldMgr Regulation: {7971F918-A847-4430-9279-4A52D1EFE18D} - Update 976BD6E8-ADCA-401E-88FA-E7535576C4F7 is "PerUpdate" regulated and can NOT download. Sequence 6729 vs AcceptRate 0.
    2008-06-02 12:34:28:307 1120 14e0 DnldMgr *********** DnldMgr: Regulation Refresh [Svc: {7971F918-A847-4430-9279-4A52D1EFE18D}] ***********
    2008-06-02 12:34:28:307 1120 14e0 DnldMgr Contacting regulation server for 12 updates.
    2008-06-02 12:34:28:499 1120 14e0 Misc Validating signature for C:\Windows\SoftwareDistribution\WuRedir\7971F918-A847-4430-9279-4A52D1EFE18D\wuredir.cab:
    2008-06-02 12:34:28:506 1120 14e0 Misc Microsoft signed: Yes
    2008-06-02 12:34:28:510 1120 14e0 DnldMgr Regulation server path: http://www.update.microsoft.com/v6/UpdateRegulationServ....
    2008-06-02 12:34:49:687 1120 14e0 DnldMgr Per-Update: da4da33a-2699-439f-a4fb-0dfde5cddfd0 at rate 0
    2008-06-02 12:34:49:687 1120 14e0 DnldMgr Per-Update: a5c82250-db54-4ed2-b565-f5423820dd2c at rate 0
    2008-06-02 12:34:49:687 1120 14e0 DnldMgr Per-Update: 60677071-e060-4a1f-ae30-f348e31370b0 at rate 0
    2008-06-02 12:34:49:687 1120 14e0 DnldMgr Per-Update: 24533297-f36e-473d-aa33-84f28a412e1a at rate 0
    2008-06-02 12:34:49:687 1120 14e0 DnldMgr Per-Update: b5718698-d6e7-4e54-8744-0136ed23def7 at rate 0
    2008-06-02 12:34:49:687 1120 14e0 DnldMgr Per-Update: beacd8cf-c2a6-4149-ba7c-ac0a62318f5c at rate 0
    2008-06-02 12:34:49:687 1120 14e0 DnldMgr Per-Update: 233de8d2-7c24-4766-b3c7-ef1e65cb1522 at rate 0
    2008-06-02 12:34:49:687 1120 14e0 DnldMgr Per-Update: 0461f8d4-8474-4fcb-b2d0-06026e3d08f2 at rate 0
    2008-06-02 12:34:49:687 1120 14e0 DnldMgr Per-Update: d1205bd9-6e05-4fcc-9e4f-aac7f3c3a566 at rate 0
    2008-06-02 12:34:49:687 1120 14e0 DnldMgr Per-Update: 9a566ce2-29d0-4252-81e3-87ec0412a1ed at rate 0
    2008-06-02 12:34:49:687 1120 14e0 DnldMgr Per-Update: 976bd6e8-adca-401e-88fa-e7535576c4f7 at rate 0
    2008-06-02 12:34:49:687 1120 14e0 DnldMgr Per-Update: cb795df7-7719-4b14-9a5c-866c593a4a58 at rate 0
    2008-06-02 12:34:49:687 1120 14e0 DnldMgr * Regulation call complete. 0x00000000
    2008-06-02 12:34:49:752 1120 14e0 Service WARNING: GetUserTokenFromSessionId failed with error 800703f0 for session 0
    2008-06-02 12:34:49:753 1120 14e0 Service WARNING: GetUserTokenFromSessionId failed with error 800703f0 for session 0
    2008-06-02 12:34:49:753 1120 14e0 DnldMgr *********** DnldMgr: New download job [UpdateId = {233DE8D2-7C24-4766-B3C7-EF1E65CB1522}.101] ***********
    2008-06-02 12:34:49:753 1120 14e0 DnldMgr Regulation: {7971F918-A847-4430-9279-4A52D1EFE18D} - Update 233DE8D2-7C24-4766-B3C7-EF1E65CB1522 is "PerUpdate" regulated and can NOT download. Sequence 6729 vs AcceptRate 0.
    2008-06-02 12:34:49:753 1120 14e0 DnldMgr * Update is not allowed to download due to regulation.
    2008-06-02 12:34:49:753 1120 14e0 DnldMgr Regulation: {7971F918-A847-4430-9279-4A52D1EFE18D} - Update 233DE8D2-7C24-4766-B3C7-EF1E65CB1522 is "PerUpdate" regulated and can NOT download. Sequence 6729 vs AcceptRate 0.
    2008-06-02 12:34:49:753 1120 14e0 Service WARNING: GetUserTokenFromSessionId failed with error 800703f0 for session 0
    2008-06-02 12:34:49:754 1120 14e0 Service WARNING: GetUserTokenFromSessionId failed with error 800703f0 for session 0
    2008-06-02 12:34:49:754 1120 14e0 DnldMgr *********** DnldMgr: New download job [UpdateId = {0461F8D4-8474-4FCB-B2D0-06026E3D08F2}.100] ***********
    2008-06-02 12:34:49:754 1120 14e0 DnldMgr Regulation: {7971F918-A847-4430-9279-4A52D1EFE18D} - Update 0461F8D4-8474-4FCB-B2D0-06026E3D08F2 is "PerUpdate" regulated and can NOT download. Sequence 6729 vs AcceptRate 0.
    2008-06-02 12:34:49:754 1120 14e0 DnldMgr * Update is not allowed to download due to regulation.
    2008-06-02 12:34:49:754 1120 14e0 DnldMgr Regulation: {7971F918-A847-4430-9279-4A52D1EFE18D} - Update 0461F8D4-8474-4FCB-B2D0-06026E3D08F2 is "PerUpdate" regulated and can NOT download. Sequence 6729 vs AcceptRate 0.
    2008-06-02 12:34:49:755 1120 14e0 Service WARNING: GetUserTokenFromSessionId failed with error 800703f0 for session 0
    2008-06-02 12:34:49:755 1120 14e0 Service WARNING: GetUserTokenFromSessionId failed with error 800703f0 for session 0
    2008-06-02 12:34:49:755 1120 14e0 DnldMgr *********** DnldMgr: New download job [UpdateId = {B5718698-D6E7-4E54-8744-0136ED23DEF7}.100] ***********
    2008-06-02 12:34:49:755 1120 14e0 DnldMgr Regulation: {7971F918-A847-4430-9279-4A52D1EFE18D} - Update B5718698-D6E7-4E54-8744-0136ED23DEF7 is "PerUpdate" regulated and can NOT download. Sequence 6729 vs AcceptRate 0.
    2008-06-02 12:34:49:755 1120 14e0 DnldMgr * Update is not allowed to download due to regulation.
    2008-06-02 12:34:49:755 1120 14e0 DnldMgr *********** DnldMgr: New download job [UpdateId = {CB795DF7-7719-4B14-9A5C-866C593A4A58}.100] ***********
    2008-06-02 12:34:49:756 1120 14e0 DnldMgr Regulation: {7971F918-A847-4430-9279-4A52D1EFE18D} - Update CB795DF7-7719-4B14-9A5C-866C593A4A58 is "PerUpdate" regulated and can NOT download. Sequence 6729 vs AcceptRate 0.
    2008-06-02 12:34:49:756 1120 14e0 DnldMgr * Update is not allowed to download due to regulation.
    2008-06-02 12:34:49:756 1120 14e0 DnldMgr *********** DnldMgr: New download job [UpdateId = {BEACD8CF-C2A6-4149-BA7C-AC0A62318F5C}.100] ***********
    2008-06-02 12:34:49:756 1120 14e0 DnldMgr Regulation: {7971F918-A847-4430-9279-4A52D1EFE18D} - Update BEACD8CF-C2A6-4149-BA7C-AC0A62318F5C is "PerUpdate" regulated and can NOT download. Sequence 6729 vs AcceptRate 0.
    2008-06-02 12:34:49:756 1120 14e0 DnldMgr * Update is not allowed to download due to regulation.
    2008-06-02 12:34:49:756 1120 14e0 DnldMgr *********** DnldMgr: New download job [UpdateId = {9A566CE2-29D0-4252-81E3-87EC0412A1ED}.100] ***********
    2008-06-02 12:34:49:756 1120 14e0 DnldMgr Regulation: {7971F918-A847-4430-9279-4A52D1EFE18D} - Update 9A566CE2-29D0-4252-81E3-87EC0412A1ED is "PerUpdate" regulated and can NOT download. Sequence 6729 vs AcceptRate 0.
    2008-06-02 12:34:49:756 1120 14e0 DnldMgr * Update is not allowed to download due to regulation.
    2008-06-02 12:34:49:756 1120 14e0 DnldMgr *********** DnldMgr: New download job [UpdateId = {24533297-F36E-473D-AA33-84F28A412E1A}.100] ***********
    2008-06-02 12:34:49:756 1120 14e0 DnldMgr Regulation: {7971F918-A847-4430-9279-4A52D1EFE18D} - Update 24533297-F36E-473D-AA33-84F28A412E1A is "PerUpdate" regulated and can NOT download. Sequence 6729 vs AcceptRate 0.
    2008-06-02 12:34:49:756 1120 14e0 DnldMgr * Update is not allowed to download due to regulation.
    2008-06-02 12:34:49:756 1120 14e0 DnldMgr *********** DnldMgr: New download job [UpdateId = {60677071-E060-4A1F-AE30-F348E31370B0}.100] ***********
    2008-06-02 12:34:49:756 1120 14e0 DnldMgr Regulation: {7971F918-A847-4430-9279-4A52D1EFE18D} - Update 60677071-E060-4A1F-AE30-F348E31370B0 is "PerUpdate" regulated and can NOT download. Sequence 6729 vs AcceptRate 0.
    2008-06-02 12:34:49:756 1120 14e0 DnldMgr * Update is not allowed to download due to regulation.
    2008-06-02 12:34:49:756 1120 14e0 DnldMgr *********** DnldMgr: New download job [UpdateId = {D1205BD9-6E05-4FCC-9E4F-AAC7F3C3A566}.100] ***********
    2008-06-02 12:34:49:756 1120 14e0 DnldMgr Regulation: {7971F918-A847-4430-9279-4A52D1EFE18D} - Update D1205BD9-6E05-4FCC-9E4F-AAC7F3C3A566 is "PerUpdate" regulated and can NOT download. Sequence 6729 vs AcceptRate 0.
    2008-06-02 12:34:49:756 1120 14e0 DnldMgr * Update is not allowed to download due to regulation.
    2008-06-02 12:34:49:756 1120 14e0 DnldMgr *********** DnldMgr: New download job [UpdateId = {DA4DA33A-2699-439F-A4FB-0DFDE5CDDFD0}.100] ***********
    2008-06-02 12:34:49:756 1120 14e0 DnldMgr Regulation: {7971F918-A847-4430-9279-4A52D1EFE18D} - Update DA4DA33A-2699-439F-A4FB-0DFDE5CDDFD0 is "PerUpdate" regulated and can NOT download. Sequence 6729 vs AcceptRate 0.
    2008-06-02 12:34:49:756 1120 14e0 DnldMgr * Update is not allowed to download due to regulation.
    2008-06-02 12:34:49:756 1120 14e0 DnldMgr *********** DnldMgr: New download job [UpdateId = {A5C82250-DB54-4ED2-B565-F5423820DD2C}.100] ***********
    2008-06-02 12:34:49:756 1120 14e0 DnldMgr Regulation: {7971F918-A847-4430-9279-4A52D1EFE18D} - Update A5C82250-DB54-4ED2-B565-F5423820DD2C is "PerUpdate" regulated and can NOT download. Sequence 6729 vs AcceptRate 0.
    2008-06-02 12:34:49:756 1120 14e0 DnldMgr * Update is not allowed to download due to regulation.
    2008-06-02 12:34:49:756 1120 14e0 DnldMgr Regulation: {7971F918-A847-4430-9279-4A52D1EFE18D} - Update B5718698-D6E7-4E54-8744-0136ED23DEF7 is "PerUpdate" regulated and can NOT download. Sequence 6729 vs AcceptRate 0.
    2008-06-02 12:34:49:756 1120 14e0 DnldMgr Regulation: {7971F918-A847-4430-9279-4A52D1EFE18D} - Update CB795DF7-7719-4B14-9A5C-866C593A4A58 is "PerUpdate" regulated and can NOT download. Sequence 6729 vs AcceptRate 0.
    2008-06-02 12:34:49:756 1120 14e0 DnldMgr Regulation: {7971F918-A847-4430-9279-4A52D1EFE18D} - Update BEACD8CF-C2A6-4149-BA7C-AC0A62318F5C is "PerUpdate" regulated and can NOT download. Sequence 6729 vs AcceptRate 0.
    2008-06-02 12:34:49:756 1120 14e0 DnldMgr Regulation: {7971F918-A847-4430-9279-4A52D1EFE18D} - Update 9A566CE2-29D0-4252-81E3-87EC0412A1ED is "PerUpdate" regulated and can NOT download. Sequence 6729 vs AcceptRate 0.
    2008-06-02 12:34:49:756 1120 14e0 DnldMgr Regulation: {7971F918-A847-4430-9279-4A52D1EFE18D} - Update 24533297-F36E-473D-AA33-84F28A412E1A is "PerUpdate" regulated and can NOT download. Sequence 6729 vs AcceptRate 0.
    2008-06-02 12:34:49:756 1120 14e0 DnldMgr Regulation: {7971F918-A847-4430-9279-4A52D1EFE18D} - Update 60677071-E060-4A1F-AE30-F348E31370B0 is "PerUpdate" regulated and can NOT download. Sequence 6729 vs AcceptRate 0.
    2008-06-02 12:34:49:756 1120 14e0 DnldMgr Regulation: {7971F918-A847-4430-9279-4A52D1EFE18D} - Update D1205BD9-6E05-4FCC-9E4F-AAC7F3C3A566 is "PerUpdate" regulated and can NOT download. Sequence 6729 vs AcceptRate 0.
    2008-06-02 12:34:49:756 1120 14e0 DnldMgr Regulation: {7971F918-A847-4430-9279-4A52D1EFE18D} - Update DA4DA33A-2699-439F-A4FB-0DFDE5CDDFD0 is "PerUpdate" regulated and can NOT download. Sequence 6729 vs AcceptRate 0.
    2008-06-02 12:34:49:756 1120 14e0 DnldMgr Regulation: {7971F918-A847-4430-9279-4A52D1EFE18D} - Update A5C82250-DB54-4ED2-B565-F5423820DD2C is "PerUpdate" regulated and can NOT download. Sequence 6729 vs AcceptRate 0.
    2008-06-02 12:34:49:757 1120 14e0 DnldMgr *********** DnldMgr: New download job [UpdateId = {976BD6E8-ADCA-401E-88FA-E7535576C4F7}.101] ***********
    2008-06-02 12:34:49:757 1120 14e0 DnldMgr Regulation: {7971F918-A847-4430-9279-4A52D1EFE18D} - Update 976BD6E8-ADCA-401E-88FA-E7535576C4F7 is "PerUpdate" regulated and can NOT download. Sequence 6729 vs AcceptRate 0.
    2008-06-02 12:34:49:757 1120 14e0 DnldMgr * Update is not allowed to download due to regulation.
    2008-06-02 12:34:49:757 1120 14e0 DnldMgr Regulation: {7971F918-A847-4430-9279-4A52D1EFE18D} - Update 976BD6E8-ADCA-401E-88FA-E7535576C4F7 is "PerUpdate" regulated and can NOT download. Sequence 6729 vs AcceptRate 0.
    2008-06-02 14:20:49:483 1120 aa8 DnldMgr *********** DnldMgr: Regulation Refresh [Svc: {7971F918-A847-4430-9279-4A52D1EFE18D}] ***********
    2008-06-02 14:20:49:483 1120 aa8 DnldMgr Contacting regulation server for 12 updates.
    2008-06-02 14:20:49:635 1120 aa8 Misc Validating signature for C:\Windows\SoftwareDistribution\WuRedir\7971F918-A847-4430-9279-4A52D1EFE18D\wuredir.cab:
    2008-06-02 14:20:49:641 1120 aa8 Misc Microsoft signed: Yes
    2008-06-02 14:20:49:645 1120 aa8 DnldMgr Regulation server path: http://www.update.microsoft.com/v6/UpdateRegulationServ....
    2008-06-02 14:21:04:231 1120 aa8 DnldMgr Per-Update: da4da33a-2699-439f-a4fb-0dfde5cddfd0 at rate 0
    2008-06-02 14:21:04:232 1120 aa8 DnldMgr Per-Update: a5c82250-db54-4ed2-b565-f5423820dd2c at rate 0
    2008-06-02 14:21:04:232 1120 aa8 DnldMgr Per-Update: 60677071-e060-4a1f-ae30-f348e31370b0 at rate 0
    2008-06-02 14:21:04:232 1120 aa8 DnldMgr Per-Update: 24533297-f36e-473d-aa33-84f28a412e1a at rate 0
    2008-06-02 14:21:04:232 1120 aa8 DnldMgr Per-Update: b5718698-d6e7-4e54-8744-0136ed23def7 at rate 0
    2008-06-02 14:21:04:232 1120 aa8 DnldMgr Per-Update: beacd8cf-c2a6-4149-ba7c-ac0a62318f5c at rate 0
    2008-06-02 14:21:04:232 1120 aa8 DnldMgr Per-Update: 233de8d2-7c24-4766-b3c7-ef1e65cb1522 at rate 0
    2008-06-02 14:21:04:232 1120 aa8 DnldMgr Per-Update: 0461f8d4-8474-4fcb-b2d0-06026e3d08f2 at rate 0
    2008-06-02 14:21:04:232 1120 aa8 DnldMgr Per-Update: d1205bd9-6e05-4fcc-9e4f-aac7f3c3a566 at rate 0
    2008-06-02 14:21:04:232 1120 aa8 DnldMgr Per-Update: 9a566ce2-29d0-4252-81e3-87ec0412a1ed at rate 0
    2008-06-02 14:21:04:232 1120 aa8 DnldMgr Per-Update: 976bd6e8-adca-401e-88fa-e7535576c4f7 at rate 0
    2008-06-02 14:21:04:232 1120 aa8 DnldMgr Per-Update: cb795df7-7719-4b14-9a5c-866c593a4a58 at rate 0
    2008-06-02 14:21:04:232 1120 aa8 DnldMgr * Regulation call complete. 0x00000000
    2008-06-02 14:21:04:234 1120 aa8 Service WARNING: GetUserTokenFromSessionId failed with error 800703f0 for session 0
    2008-06-02 14:21:04:234 1120 aa8 Service WARNING: GetUserTokenFromSessionId failed with error 800703f0 for session 0
    2008-06-02 14:21:04:335 1120 aa8 DnldMgr *********** DnldMgr: New download job [UpdateId = {233DE8D2-7C24-4766-B3C7-EF1E65CB1522}.101] ***********
    2008-06-02 14:21:04:335 1120 aa8 DnldMgr Regulation: {7971F918-A847-4430-9279-4A52D1EFE18D} - Update 233DE8D2-7C24-4766-B3C7-EF1E65CB1522 is "PerUpdate" regulated and can NOT download. Sequence 6729 vs AcceptRate 0.
    2008-06-02 14:21:04:335 1120 aa8 DnldMgr * Update is not allowed to download due to regulation.
    2008-06-02 14:21:04:335 1120 aa8 DnldMgr Regulation: {7971F918-A847-4430-9279-4A52D1EFE18D} - Update 233DE8D2-7C24-4766-B3C7-EF1E65CB1522 is "PerUpdate" regulated and can NOT download. Sequence 6729 vs AcceptRate 0.
    2008-06-02 14:21:04:336 1120 aa8 Service WARNING: GetUserTokenFromSessionId failed with error 800703f0 for session 0
    2008-06-02 14:21:04:337 1120 aa8 Service WARNING: GetUserTokenFromSessionId failed with error 800703f0 for session 0
    2008-06-02 14:21:04:340 1120 aa8 DnldMgr *********** DnldMgr: New download job [UpdateId = {0461F8D4-8474-4FCB-B2D0-06026E3D08F2}.100] ***********
    2008-06-02 14:21:04:340 1120 aa8 DnldMgr Regulation: {7971F918-A847-4430-9279-4A52D1EFE18D} - Update 0461F8D4-8474-4FCB-B2D0-06026E3D08F2 is "PerUpdate" regulated and can NOT download. Sequence 6729 vs AcceptRate 0.
    2008-06-02 14:21:04:340 1120 aa8 DnldMgr * Update is not allowed to download due to regulation.
    2008-06-02 14:21:04:340 1120 aa8 DnldMgr Regulation: {7971F918-A847-4430-9279-4A52D1EFE18D} - Update 0461F8D4-8474-4FCB-B2D0-06026E3D08F2 is "PerUpdate" regulated and can NOT download. Sequence 6729 vs AcceptRate 0.
    2008-06-02 14:21:04:341 1120 aa8 Service WARNING: GetUserTokenFromSessionId failed with error 800703f0 for session 0
    2008-06-02 14:21:04:342 1120 aa8 Service WARNING: GetUserTokenFromSessionId failed with error 800703f0 for session 0
    2008-06-02 14:21:04:360 1120 aa8 DnldMgr *********** DnldMgr: New download job [UpdateId = {B5718698-D6E7-4E54-8744-0136ED23DEF7}.100] ***********
    2008-06-02 14:21:04:360 1120 aa8 DnldMgr Regulation: {7971F918-A847-4430-9279-4A52D1EFE18D} - Update B5718698-D6E7-4E54-8744-0136ED23DEF7 is "PerUpdate" regulated and can NOT download. Sequence 6729 vs AcceptRate 0.
    2008-06-02 14:21:04:361 1120 aa8 DnldMgr * Update is not allowed to download due to regulation.
    2008-06-02 14:21:04:370 1120 aa8 DnldMgr *********** DnldMgr: New download job [UpdateId = {CB795DF7-7719-4B14-9A5C-866C593A4A58}.100] ***********
    2008-06-02 14:21:04:370 1120 aa8 DnldMgr Regulation: {7971F918-A847-4430-9279-4A52D1EFE18D} - Update CB795DF7-7719-4B14-9A5C-866C593A4A58 is "PerUpdate" regulated and can NOT download. Sequence 6729 vs AcceptRate 0.
    2008-06-02 14:21:04:370 1120 aa8 DnldMgr * Update is not allowed to download due to regulation.
    2008-06-02 14:21:04:372 1120 aa8 DnldMgr *********** DnldMgr: New download job [UpdateId = {BEACD8CF-C2A6-4149-BA7C-AC0A62318F5C}.100] ***********
    2008-06-02 14:21:04:372 1120 aa8 DnldMgr Regulation: {7971F918-A847-4430-9279-4A52D1EFE18D} - Update BEACD8CF-C2A6-4149-BA7C-AC0A62318F5C is "PerUpdate" regulated and can NOT download. Sequence 6729 vs AcceptRate 0.
    2008-06-02 14:21:04:372 1120 aa8 DnldMgr * Update is not allowed to download due to regulation.
    2008-06-02 14:21:04:378 1120 aa8 DnldMgr *********** DnldMgr: New download job [UpdateId = {9A566CE2-29D0-4252-81E3-87EC0412A1ED}.100] ***********
    2008-06-02 14:21:04:378 1120 aa8 DnldMgr Regulation: {7971F918-A847-4430-9279-4A52D1EFE18D} - Update 9A566CE2-29D0-4252-81E3-87EC0412A1ED is "PerUpdate" regulated and can NOT download. Sequence 6729 vs AcceptRate 0.
    2008-06-02 14:21:04:378 1120 aa8 DnldMgr * Update is not allowed to download due to regulation.
    2008-06-02 14:21:04:383 1120 aa8 DnldMgr *********** DnldMgr: New download job [UpdateId = {24533297-F36E-473D-AA33-84F28A412E1A}.100] ***********
    2008-06-02 14:21:04:383 1120 aa8 DnldMgr Regulation: {7971F918-A847-4430-9279-4A52D1EFE18D} - Update 24533297-F36E-473D-AA33-84F28A412E1A is "PerUpdate" regulated and can NOT download. Sequence 6729 vs AcceptRate 0.
    2008-06-02 14:21:04:383 1120 aa8 DnldMgr * Update is not allowed to download due to regulation.
    2008-06-02 14:21:04:396 1120 aa8 DnldMgr *********** DnldMgr: New download job [UpdateId = {60677071-E060-4A1F-AE30-F348E31370B0}.100] ***********
    2008-06-02 14:21:04:396 1120 aa8 DnldMgr Regulation: {7971F918-A847-4430-9279-4A52D1EFE18D} - Update 60677071-E060-4A1F-AE30-F348E31370B0 is "PerUpdate" regulated and can NOT download. Sequence 6729 vs AcceptRate 0.
    2008-06-02 14:21:04:397 1120 aa8 DnldMgr * Update is not allowed to download due to regulation.
    2008-06-02 14:21:04:398 1120 aa8 DnldMgr *********** DnldMgr: New download job [UpdateId = {D1205BD9-6E05-4FCC-9E4F-AAC7F3C3A566}.100] ***********
    2008-06-02 14:21:04:398 1120 aa8 DnldMgr Regulation: {7971F918-A847-4430-9279-4A52D1EFE18D} - Update D1205BD9-6E05-4FCC-9E4F-AAC7F3C3A566 is "PerUpdate" regulated and can NOT download. Sequence 6729 vs AcceptRate 0.
    2008-06-02 14:21:04:398 1120 aa8 DnldMgr * Update is not allowed to download due to regulation.
    2008-06-02 14:21:04:399 1120 aa8 DnldMgr *********** DnldMgr: New download job [UpdateId = {DA4DA33A-2699-439F-A4FB-0DFDE5CDDFD0}.100] ***********
    2008-06-02 14:21:04:399 1120 aa8 DnldMgr Regulation: {7971F918-A847-4430-9279-4A52D1EFE18D} - Update DA4DA33A-2699-439F-A4FB-0DFDE5CDDFD0 is "PerUpdate" regulated and can NOT download. Sequence 6729 vs AcceptRate 0.
    2008-06-02 14:21:04:399 1120 aa8 DnldMgr * Update is not allowed to download due to regulation.
    2008-06-02 14:21:04:411 1120 aa8 DnldMgr *********** DnldMgr: New download job [UpdateId = {A5C82250-DB54-4ED2-B565-F5423820DD2C}.100] ***********
    2008-06-02 14:21:04:411 1120 aa8 DnldMgr Regulation: {7971F918-A847-4430-9279-4A52D1EFE18D} - Update A5C82250-DB54-4ED2-B565-F5423820DD2C is "PerUpdate" regulated and can NOT download. Sequence 6729 vs AcceptRate 0.
    2008-06-02 14:21:04:411 1120 aa8 DnldMgr * Update is not allowed to download due to regulation.
    2008-06-02 14:21:04:411 1120 aa8 DnldMgr Regulation: {7971F918-A847-4430-9279-4A52D1EFE18D} - Update B5718698-D6E7-4E54-8744-0136ED23DEF7 is "PerUpdate" regulated and can NOT download. Sequence 6729 vs AcceptRate 0.
    2008-06-02 14:21:04:411 1120 aa8 DnldMgr Regulation: {7971F918-A847-4430-9279-4A52D1EFE18D} - Update CB795DF7-7719-4B14-9A5C-866C593A4A58 is "PerUpdate" regulated and can NOT download. Sequence 6729 vs AcceptRate 0.
    2008-06-02 14:21:04:411 1120 aa8 DnldMgr Regulation: {7971F918-A847-4430-9279-4A52D1EFE18D} - Update BEACD8CF-C2A6-4149-BA7C-AC0A62318F5C is "PerUpdate" regulated and can NOT download. Sequence 6729 vs AcceptRate 0.
    2008-06-02 14:21:04:411 1120 aa8 DnldMgr Regulation: {7971F918-A847-4430-9279-4A52D1EFE18D} - Update 9A566CE2-29D0-4252-81E3-87EC0412A1ED is "PerUpdate" regulated and can NOT download. Sequence 6729 vs AcceptRate 0.
    2008-06-02 14:21:04:411 1120 aa8 DnldMgr Regulation: {7971F918-A847-4430-9279-4A52D1EFE18D} - Update 24533297-F36E-473D-AA33-84F28A412E1A is "PerUpdate" regulated and can NOT download. Sequence 6729 vs AcceptRate 0.
    2008-06-02 14:21:04:411 1120 aa8 DnldMgr Regulation: {7971F918-A847-4430-9279-4A52D1EFE18D} - Update 60677071-E060-4A1F-AE30-F348E31370B0 is "PerUpdate" regulated and can NOT download. Sequence 6729 vs AcceptRate 0.
    2008-06-02 14:21:04:411 1120 aa8 DnldMgr Regulation: {7971F918-A847-4430-9279-4A52D1EFE18D} - Update D1205BD9-6E05-4FCC-9E4F-AAC7F3C3A566 is "PerUpdate" regulated and can NOT download. Sequence 6729 vs AcceptRate 0.
    2008-06-02 14:21:04:411 1120 aa8 DnldMgr Regulation: {7971F918-A847-4430-9279-4A52D1EFE18D} - Update DA4DA33A-2699-439F-A4FB-0DFDE5CDDFD0 is "PerUpdate" regulated and can NOT download. Sequence 6729 vs AcceptRate 0.
    2008-06-02 14:21:04:411 1120 aa8 DnldMgr Regulation: {7971F918-A847-4430-9279-4A52D1EFE18D} - Update A5C82250-DB54-4ED2-B565-F5423820DD2C is "PerUpdate" regulated and can NOT download. Sequence 6729 vs AcceptRate 0.
    2008-06-02 14:21:04:436 1120 aa8 DnldMgr *********** DnldMgr: New download job [UpdateId = {976BD6E8-ADCA-401E-88FA-E7535576C4F7}.101] ***********
    2008-06-02 14:21:04:436 1120 aa8 DnldMgr Regulation: {7971F918-A847-4430-9279-4A52D1EFE18D} - Update 976BD6E8-ADCA-401E-88FA-E7535576C4F7 is "PerUpdate" regulated and
    26 Novembre 2008 19:35:02

    Re,

    Ok.

    Télécharge ComboFix (de sUBs) sur ton Bureau.

  • Désactive temporairement toute protection résidente ! (Antivirus, antispywares..)
  • Double clique sur ComboFix.exe.
  • Accepte la licence en cliquant sur Oui.
  • Lorsque l'opération sera terminée, un rapport apparaîtra. Poste ce rapport dans ta prochaine réponse.

    Le rapport se trouve ici : %systemdrive%\ComboFix.txt (%systemdrive% étant la partition où est installée Windows; C:\ en général)

    Aide : Comment utiliser ComboFix.
    26 Novembre 2008 19:59:04

    Je fais le nécessaire et je reviens vers toi, merci encore et bonne soirée, je vais regarder le match de foot...
    26 Novembre 2008 22:58:30

    Voici le rapport de ComboFix :

    ComboFix 08-11-26.03 - Mistraou 2008-11-26 20:21:15.1 - NTFSx86
    Microsoft® Windows Vista™ Édition Familiale Premium 6.0.6000.0.1252.1.1036.18.1002 [GMT 1:00]
    Lancé depuis: d:\documents\Sauvegardes\Packard Bell SB88-P-009\Problèmes\ComboFix\ComboFix.exe
    * Un nouveau point de restauration a été créé
    * Resident AV is active

    .

    (((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
    .

    .
    ((((((((((((((((((((((((((((((((((((((( Pilotes/Services )))))))))))))))))))))))))))))))))))))))))))))))))
    .

    -------\Legacy_ISODRIVE
    -------\Service_ISODrive


    ((((((((((((((((((((((((((((( Fichiers créés du 2008-10-26 au 2008-11-26 ))))))))))))))))))))))))))))))))))))
    .

    2008-11-23 18:32 . 2008-11-23 18:32 5,420 --a------ c:\windows\System32\tmp.reg
    2008-11-23 18:32 . 2008-11-23 18:32 691 --a------ c:\users\Mistraou\AppData\Roaming\GetValue.vbs
    2008-11-23 18:32 . 2008-11-23 18:32 35 --a------ c:\users\Mistraou\AppData\Roaming\SetValue.bat
    2008-11-22 14:27 . 2008-11-22 14:27 194,560 --a------ c:\windows\System32\WebClnt.dll
    2008-11-22 14:27 . 2008-11-22 14:27 110,080 --a------ c:\windows\System32\drivers\mrxdav.sys
    2008-11-22 14:26 . 2008-11-22 14:26 1,060,920 --a------ c:\windows\System32\drivers\ntfs.sys
    2008-11-22 14:26 . 2008-11-22 14:26 41,984 --a------ c:\windows\System32\drivers\monitor.sys
    2008-11-22 14:24 . 2008-11-22 14:24 3,504,696 --a------ c:\windows\System32\ntkrnlpa.exe
    2008-11-22 14:24 . 2008-11-22 14:24 3,470,392 --a------ c:\windows\System32\ntoskrnl.exe
    2008-11-22 14:24 . 2008-11-22 14:24 211,000 --a------ c:\windows\System32\drivers\volsnap.sys
    2008-11-22 14:24 . 2008-11-22 14:24 154,624 --a------ c:\windows\System32\drivers\nwifi.sys
    2008-11-22 14:24 . 2008-11-22 14:24 109,624 --a------ c:\windows\System32\drivers\ataport.sys
    2008-11-22 14:24 . 2008-11-22 14:24 45,112 --a------ c:\windows\System32\drivers\pciidex.sys
    2008-11-22 14:24 . 2008-11-22 14:24 21,560 --a------ c:\windows\System32\drivers\atapi.sys
    2008-11-22 14:24 . 2008-11-22 14:24 17,464 --a------ c:\windows\System32\drivers\intelide.sys
    2008-11-22 14:23 . 2008-11-22 14:23 803,328 --a------ c:\windows\System32\drivers\tcpip.sys
    2008-11-22 14:23 . 2008-11-22 14:23 216,632 --a------ c:\windows\System32\drivers\netio.sys
    2008-11-22 14:23 . 2008-11-22 14:23 167,424 --a------ c:\windows\System32\tcpipcfg.dll
    2008-11-22 14:23 . 2008-11-22 14:23 24,064 --a------ c:\windows\System32\netcfg.exe
    2008-11-22 14:23 . 2008-11-22 14:23 22,016 --a------ c:\windows\System32\netiougc.exe
    2008-11-22 14:22 . 2008-11-22 14:22 1,585,664 --a------ c:\windows\System32\setupapi.dll
    2008-11-22 14:17 . 2008-11-22 14:17 2,027,008 --a------ c:\windows\System32\win32k.sys
    2008-11-22 14:17 . 2008-11-22 14:17 296,448 --a------ c:\windows\System32\gdi32.dll
    2008-11-22 14:17 . 2008-11-22 14:17 11,776 --a------ c:\windows\System32\sbunattend.exe
    2008-11-22 14:16 . 2008-11-22 14:16 4,247,552 --a------ c:\windows\System32\GameUXLegacyGDFs.dll
    2008-11-22 14:16 . 2008-11-22 14:16 1,686,528 --a------ c:\windows\System32\gameux.dll
    2008-11-22 14:15 . 2008-11-22 14:15 83,968 --a------ c:\windows\System32\dnsrslvr.dll
    2008-11-22 14:15 . 2008-11-22 14:15 24,576 --a------ c:\windows\System32\dnscacheugc.exe
    2008-11-22 14:12 . 2008-11-22 14:12 99,840 --a------ c:\windows\System32\poqexec.exe
    2008-11-22 14:10 . 2008-11-22 14:10 <REP> d-------- c:\users\Mistraou\AppData\Roaming\Malwarebytes
    2008-11-22 14:10 . 2008-11-22 14:10 <REP> d-------- c:\users\All Users\Malwarebytes
    2008-11-22 14:10 . 2008-10-16 20:25 38,496 --a------ c:\windows\System32\drivers\mbamswissarmy.sys
    2008-11-22 14:10 . 2008-10-16 20:25 15,504 --a------ c:\windows\System32\drivers\mbam.sys
    2008-11-22 14:08 . 2008-11-22 14:08 1,244,672 --a------ c:\windows\System32\mcmde.dll

    .
    (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2008-11-26 19:25 76,075 ---h--w c:\users\Mistraou\AppData\Roaming\TurboLaunch_IconCache.dat
    2008-11-22 13:37 --------- d-----w c:\program files\Windows Sidebar
    2008-11-22 13:37 --------- d-----w c:\program files\Windows Mail
    2008-11-22 13:20 54,784 ----a-w c:\windows\system32\drivers\i8042prt.sys
    2008-11-22 13:20 495,160 ----a-w c:\windows\system32\drivers\Wdf01000.sys
    2008-11-22 13:20 35,384 ----a-w c:\windows\system32\drivers\WdfLdr.sys
    2008-11-22 13:20 35,384 ----a-w c:\windows\system32\drivers\kbdclass.sys
    2008-11-22 13:20 34,360 ----a-w c:\windows\system32\drivers\mouclass.sys
    2008-11-22 13:20 19,968 ----a-w c:\windows\system32\drivers\sermouse.sys
    2008-11-22 13:20 15,872 ----a-w c:\windows\system32\drivers\mouhid.sys
    2008-11-22 13:20 15,872 ----a-w c:\windows\system32\drivers\kbdhid.sys
    2008-11-22 13:16 537,600 ----a-w c:\windows\AppPatch\AcLayers.dll
    2008-11-22 13:16 449,536 ----a-w c:\windows\AppPatch\AcSpecfc.dll
    2008-11-22 13:16 2,560 ----a-w c:\windows\AppPatch\AcRes.dll
    2008-11-22 13:16 2,144,256 ----a-w c:\windows\AppPatch\AcGenral.dll
    2008-11-22 13:16 173,056 ----a-w c:\windows\AppPatch\AcXtrnal.dll
    2008-11-22 13:13 52,736 ----a-w c:\windows\AppPatch\iebrshim.dll
    2007-12-14 20:49 27,620 ----a-w c:\users\Mistraou\AppData\Roaming\nvModes.dat
    2006-03-11 00:28 174 --sha-w c:\program files\desktop.ini
    2007-12-14 20:06 88 --sh--r c:\windows\System32\BD5FC06601.sys
    2007-12-14 20:10 2,828 --sha-w c:\windows\System32\KGyGaAvL.sys
    2007-12-13 21:00 32,768 --sha-w c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\MSHist012007121320071214\index.dat
    .

    ((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
    REGEDIT4

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2008-11-22 1232896]
    "SmpcSys"="c:\program files\Packard Bell\SetUpMyPC\SmpSys.exe" [2007-07-19 1120568]
    "WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2006-11-02 201728]
    "DOpus"="c:\program files\Util\System\Directory Opus\dopus.exe" [2007-09-13 7005680]
    "Directory Opus Desktop Dblclk"="c:\program files\Util\System\Directory Opus\dopusrt.exe" [2007-09-13 275984]
    "MsnMsgr"="c:\program files\Windows Live\Messenger\MsnMsgr.Exe" [2007-10-18 5724184]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "JMB36X IDE Setup"="c:\windows\RaidTool\xInsIDE.exe" [2007-03-20 36864]
    "SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2007-03-23 857648]
    "NvSvc"="c:\windows\system32\nvsvc.dll" [2007-08-16 86016]
    "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-08-16 8478720]
    "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2007-08-16 81920]
    "RoxWatchTray"="c:\program files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe" [2007-01-11 232184]
    "MSPService"="c:\program files\CyberLink\MagicSports\Kernel\MagicSports\MSPMirage.exe" [2007-06-12 102400]
    "toolbar_eula_launcher"="c:\program files\Packard Bell\GOOGLE_EULA\EULALauncher.exe" [2007-02-20 28672]
    "IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\Iaanotif.exe" [2007-03-21 174872]
    "TrueImageMonitor.exe"="c:\program files\Util\Disk\TrueImageHome\TrueImageMonitor.exe" [2007-10-07 2620336]
    "AcronisTimounterMonitor"="c:\program files\Util\Disk\TrueImageHome\TimounterMonitor.exe" [2007-10-07 904880]
    "Acronis Scheduler2 Service"="c:\program files\Common Files\Acronis\Schedule2\schedhlp.exe" [2007-10-07 140568]
    "Acrobat Assistant 8.0"="c:\program files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe" [2007-05-10 624248]
    "Adobe_ID0EYTHM"="c:\progra~1\COMMON~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE" [2007-03-20 1884160]
    "GrooveMonitor"="c:\program files\Burotic\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-27 31016]
    "PWRISOVM.EXE"="c:\program files\Util\System\Emulation\PowerISO\PWRISOVM.EXE" [2007-08-07 200704]
    "nod32kui"="c:\program files\Util\Security\Eset\nod32kui.exe" [2007-12-14 949376]
    "OODefragTray"="c:\windows\system32\oodtray.exe" [2007-06-28 2512128]
    "RemoteControl"="c:\program files\Multimedia\Video\CyberLink PowerDVD\PDVDServ.exe" [2007-03-14 71216]
    "LanguageShortcut"="c:\program files\Multimedia\Video\CyberLink PowerDVD\Language\Language.exe" [2007-03-14 54832]
    "CloneCDTray"="c:\program files\Gravure\SlySoft CloneCD\CloneCDTray.exe" [2006-09-28 57344]
    "Corel Photo Downloader"="c:\program files\Common Files\Corel\Corel PhotoDownloader\Corel Photo Downloader.exe" [2007-08-16 531272]
    "BtTray"="c:\program files\IVT Corporation\BlueSoleil\BtTray.exe" [2007-09-10 258134]
    "Malwarebytes' Anti-Malware"="c:\program files\Util\Security\Malwarebytes' Anti-Malware\mbamgui.exe" [2008-10-16 398992]
    "Malwarebytes Anti-Malware (reboot)"="c:\program files\Util\Security\Malwarebytes' Anti-Malware\mbam.exe" [2008-10-16 1257104]

    c:\users\Mistraou\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
    TurboLaunch.lnk - c:\program files\Util\Files\TurboLaunch\TurboLaunch.exe [2007-12-14 2012024]

    c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
    SnagIt 8.lnk - c:\program files\Multimedia\Images\TechSmith SnagIt 8\SnagIt32.exe [2007-02-16 6379080]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
    "EnableShellExecuteHooks"= 1 (0x1)

    [hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
    "{3CF9ECE0-1A9F-11D2-8C73-00C06C2005DE}"= "c:\program files\Util\System\Directory Opus\dopuslib.dll" [2007-09-13 693760]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
    "VIDC.ACDV"= ACDV.dll

    [HKEY_LOCAL_MACHINE\software\microsoft\security center]
    "AntiVirusDisableNotify"="0x00000000"
    "UpdatesDisableNotify"="0x00000000"

    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
    "DisableMonitoring"=dword:00000001

    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
    "DisableMonitoring"=dword:00000001

    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
    "DisableMonitoring"=dword:00000001

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
    "{A95E2C95-76B7-4AB1-A963-2FF5F1FF638E}"= c:\program files\CyberLink\MagicSports\MagicSports.exe:CyberLink MagicSports
    "{EB82198F-4F59-4A27-B141-C4F83141D424}"= UDP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
    "{B1B2482B-3645-4F5A-B86D-CB5A8D111C3E}"= TCP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
    "{BFD5FC8A-8648-4A26-9ADE-D32DE9D2A932}"= UDP:c:\program files\IVT Corporation\BlueSoleil\BlueSoleil.exe:BlueSoleil
    "{6D90E670-1635-4328-9DB5-33EA9A3B1712}"= TCP:c:\program files\IVT Corporation\BlueSoleil\BlueSoleil.exe:BlueSoleil
    "{4EA5EABB-39A5-4653-91EC-C4442A731A1B}"= UDP:c:\program files\IVT Corporation\BlueSoleil\BlueSoleil.exe:BlueSoleil
    "{5815BF47-795C-4335-8E38-70E2AACBAFF4}"= TCP:c:\program files\IVT Corporation\BlueSoleil\BlueSoleil.exe:BlueSoleil
    "{18CDB0CD-BEA3-49E9-8466-B6E7ABF57ECD}"= UDP:3703:Adobe Version Cue CS3 Server
    "{B4CB20B5-B1F9-48B8-B984-1CE732083A27}"= UDP:3704:Adobe Version Cue CS3 Server
    "{316AEACD-489C-431B-A6F7-435ADE1A7BFB}"= UDP:50900:Adobe Version Cue CS3 Server
    "{312ADAC4-1B44-4E8A-96BE-D934762C6071}"= UDP:50901:Adobe Version Cue CS3 Server
    "{8D7EB3E3-44FF-49DE-A27A-45C52292E0BC}"= UDP:c:\program files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe:Adobe Version Cue CS3 Server
    "{399BAA0B-3FE3-4C66-B3B9-9B372AD2FAFE}"= TCP:c:\program files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe:Adobe Version Cue CS3 Server
    "{B56D3D2F-23A6-4E70-B5F0-700E26B449B6}"= TCP:6004|c:\program files\Burotic\Microsoft Office\Office12\outlook.exe:Microsoft Office Outlook
    "{808FC634-02E4-4597-A5AF-2EDA156CE533}"= UDP:c:\program files\Burotic\Microsoft Office\Office12\GROOVE.EXE:Microsoft Office Groove
    "{F5941F7A-8E7C-455D-ABB3-7B8056D0B076}"= TCP:c:\program files\Burotic\Microsoft Office\Office12\GROOVE.EXE:Microsoft Office Groove
    "{642B313C-1157-4B48-B4F2-5CD3722196FF}"= UDP:c:\program files\Burotic\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
    "{340B7B5A-ABAC-4BBD-8100-7E02158B51C1}"= TCP:c:\program files\Burotic\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
    "TCP Query User{99B535EE-26E8-4B72-8886-1BFE41B2F388}c:\\program files\\jeux\\chessmaster grandmaster edition\\game.exe"= UDP:c:\program files\jeux\chessmaster grandmaster edition\game.exe:Chessmaster: Grandmaster Edition
    "UDP Query User{E5831D73-9908-48C1-9BD0-0082954202D6}c:\\program files\\jeux\\chessmaster grandmaster edition\\game.exe"= TCP:c:\program files\jeux\chessmaster grandmaster edition\game.exe:Chessmaster: Grandmaster Edition
    "{DE92E06A-0A53-4AB0-B075-0811C5F45A76}"= c:\program files\Multimedia\Video\CyberLink PowerDVD\PowerDVD.EXE:CyberLink PowerDVD
    "{D1DCACF3-6E44-430B-9BD4-39AD981702F3}"= c:\program files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
    "{309A8B12-B7AE-4AC2-9180-764DF6A44704}"= c:\program files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
    "{EBAACCA7-A28E-4713-A69F-79BFD115FE51}"= UDP:c:\program files\IVT Corporation\BlueSoleil\BlueSoleilCS.exe:BlueSoleilCS
    "{8960A6E8-30F7-4BB1-9454-44619E4BD749}"= TCP:c:\program files\IVT Corporation\BlueSoleil\BlueSoleilCS.exe:BlueSoleilCS

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\RestrictedServices\Static\System]
    "DFSR-1"= RPort=5722|UDP:%SystemRoot%\system32\svchost.exe|Svc=DFSR:Allow inbound TCP traffic|

    R2 {95808DC4-FA4A-4C74-92FE-5B863F82066B};{95808DC4-FA4A-4C74-92FE-5B863F82066B};\??\c:\program files\Multimedia\Video\CyberLink PowerDVD\000.fcl [2007-09-19 21:37:48 41456]
    R2 BlueSoleilCS;BlueSoleilCS;c:\program files\IVT Corporation\BlueSoleil\BlueSoleilCS.exe [2007-09-14 1155180]
    R2 MBAMService;MBAMService;"c:\program files\Util\Security\Malwarebytes' Anti-Malware\mbamservice.exe" [2008-11-22 172688]
    R3 BsHelpCS;BsHelpCS;c:\program files\IVT Corporation\BlueSoleil\BsHelpCS.exe [2007-08-17 57447]
    R3 itecir;ITECIR Infrared Receiver;c:\windows\system32\DRIVERS\itecir.sys [2006-03-11 46592]
    R3 MBAMProtector;MBAMProtector;\??\c:\windows\system32\drivers\mbam.sys [2008-11-22 15504]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
    bthsvcs REG_MULTI_SZ BthServ

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\G]
    \shell\AutoRun\command - g:\autorun\UbiAutorun.exe
    .
    Contenu du dossier 'Tâches planifiées'

    2008-11-26 c:\windows\Tasks\Extension de garantie.job
    - c:\program files\Packard Bell\SetupmyPC\PBCarNot.exe [2006-11-21 17:38]

    2008-11-26 c:\windows\Tasks\Recovery DVD Creator.job
    - c:\program files\Packard Bell\SetupMyPc\MCDCheck.exe [2006-11-21 17:34]

    2007-12-14 c:\windows\Tasks\Registry First Aid autoscan.job
    - c:\program files\Util\System\Registry First Aid\reg1aid.exe [2007-11-19 17:25]

    2007-12-14 c:\windows\Tasks\Registry First Aid autoscan.job
    - c:\program files\Util\System\Registry First Aid [2007-12-14 09:44]
    .
    - - - - ORPHELINS SUPPRIMES - - - -

    WebBrowser-{8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3} - (no file)


    .
    ------- Examen supplémentaire -------
    .
    FireFox -: Profile - c:\users\Mistraou\AppData\Roaming\Mozilla\Firefox\Profiles\3i5jxwpj.default\
    .

    **************************************************************************

    catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2008-11-26 20:27:50
    Windows 6.0.6000 NTFS

    Recherche de processus cachés ...

    Recherche d'éléments en démarrage automatique cachés ...

    Recherche de fichiers cachés ...


    c:\users\Mistraou\AppData\Roaming\Microsoft\Windows\Cookies\Low\mistraou@live[2].txt 100 bytes

    Scan terminé avec succès
    Fichiers cachés: 1

    **************************************************************************
    .
    --------------------- DLLs chargées dans les processus actifs ---------------------

    - - - - - - - > 'lsass.exe'(860)
    c:\windows\system32\relog_ap.dll

    - - - - - - - > 'Explorer.exe'(5932)
    c:\program files\Util\System\Directory Opus\dopushlp.dll
    c:\windows\system32\BsLangInDepRes.dll
    c:\windows\system32\Bs2Res.dll
    .
    ------------------------ Autres processus actifs ------------------------
    .
    c:\windows\System32\audiodg.exe
    c:\program files\Common Files\Acronis\Schedule2\schedul2.exe
    c:\program files\Bonjour\mDNSResponder.exe
    c:\program files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
    c:\program files\Common Files\microsoft shared\VS7DEBUG\mdm.exe
    c:\program files\Util\Security\Eset\nod32krn.exe
    c:\windows\System32\oodag.exe
    c:\windows\System32\PSIService.exe
    c:\program files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
    c:\program files\Common Files\Acronis\Fomatik\TrueImageTryStartService.exe
    c:\windows\System32\conime.exe
    c:\program files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
    c:\windows\System32\rundll32.exe
    c:\windows\System32\rundll32.exe
    c:\program files\Multimedia\Images\TechSmith SnagIt 8\TscHelp.exe
    c:\program files\Multimedia\Images\TechSmith SnagIt 8\SnagPriv.exe
    c:\program files\Common Files\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe
    c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
    c:\program files\Windows Live\Messenger\usnsvc.exe
    c:\program files\Internet Explorer\ieuser.exe
    c:\program files\Windows Media Player\wmpnetwk.exe
    c:\windows\System32\wbem\WMIADAP.exe
    .
    **************************************************************************
    .
    Heure de fin: 2008-11-26 20:32:12 - La machine a redémarré
    ComboFix-quarantined-files.txt 2008-11-26 19:32:03

    Avant-CF: 111 160 086 528 octets libres
    Après-CF: 111,055,343,616 octets libres

    239 --- E O F --- 2008-11-22 13:30:16

    =======

    Maintenant je viens de refaire un test avec Malwarebytes' Anti-Malware et la situation reste identique :

    26/11/2008 22:48:35
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\DhcpNameServer (Trojan.DNSChanger) -> Data: 85.255.112.210 85.255.112.67 -> No action taken.
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{1203d91a-4e30-4674-8bed-3ce31e143930}\DhcpNameServer (Trojan.DNSChanger) -> Data: 85.255.112.210 85.255.112.67 -> No action taken.
    HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip\Parameters\DhcpNameServer (Trojan.DNSChanger) -> Data: 85.255.112.210 85.255.112.67 -> No action taken.
    HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip\Parameters\Interfaces\{1203d91a-4e30-4674-8bed-3ce31e143930}\DhcpNameServer (Trojan.DNSChanger) -> Data: 85.255.112.210 85.255.112.67 -> No action taken.
    HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\Tcpip\Parameters\DhcpNameServer (Trojan.DNSChanger) -> Data: 85.255.112.210 85.255.112.67 -> No action taken.
    HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\Tcpip\Parameters\Interfaces\{1203d91a-4e30-4674-8bed-3ce31e143930}\DhcpNameServer (Trojan.DNSChanger) -> Data: 85.255.112.210 85.255.112.67 -> No action taken.

    et comme ci-après, la suppression est annoncée mais... ça reviendra

    26/11/2008 22:48:39
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\DhcpNameServer (Trojan.DNSChanger) -> Data: 85.255.112.210 85.255.112.67 -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{1203d91a-4e30-4674-8bed-3ce31e143930}\DhcpNameServer (Trojan.DNSChanger) -> Data: 85.255.112.210 85.255.112.67 -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip\Parameters\DhcpNameServer (Trojan.DNSChanger) -> Data: 85.255.112.210 85.255.112.67 -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip\Parameters\Interfaces\{1203d91a-4e30-4674-8bed-3ce31e143930}\DhcpNameServer (Trojan.DNSChanger) -> Data: 85.255.112.210 85.255.112.67 -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\Tcpip\Parameters\DhcpNameServer (Trojan.DNSChanger) -> Data: 85.255.112.210 85.255.112.67 -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\Tcpip\Parameters\Interfaces\{1203d91a-4e30-4674-8bed-3ce31e143930}\DhcpNameServer (Trojan.DNSChanger) -> Data: 85.255.112.210 85.255.112.67 -> Quarantined and deleted successfully.

    Un vrai casse-tête !

    Merci et @+
    27 Novembre 2008 16:42:22

    Re,

    Ce n'est pas mieux ?

    Tu as un routeur ?
    27 Novembre 2008 17:29:52

    Rebonjour,

    Non, comme dit dans mon dernier mail, le problème perdure alors que l'on pourrait croire que la base de registre a été nettoyée.

    Oui j'ai un routeur Netgear WPN 824 connecté à ma Freebox.

    J'ai un deuxième PC sous XP qui souffre du même mal et les deux communiquent en WiFi par l'intermédiaire du routeur.

    C'est une piste ?

    Merci encore à toi
    A+
    27 Novembre 2008 18:12:08

    Re,

    Oki.

    1) Reset le Routeur.
    2) Clique sur démarrer --> exécuter, tape CMD puis valide par ok.
    (Si tu es sous Vista, clique seulement sur démarrer, tape CMD et valide par entrée)
    Colle ligne par ligne en validant entre deux (par entrée) les lignes suivantes dans la fenêtre noire qui apparaît.
    ipconfig /flushdns
    ipconfig /registerdns


    Dis-moi si c'est mieux .. :) 

    28 Novembre 2008 20:16:36

    Bonsoir,

    J'ai fait le nécessaire (reset du routeur et les deux opérations ipconfig) et je me retrouve avec une adresse : 169.254.164.207 (habituellement c'est plutôt du genre 192.168...), n'est-ce pas bizarre ?
    Je ne peux plus me connecter en WiFi au routeur : "connection limitée ou inexistante" alors que le débit est annoncé "excellent"... mais je peux me connecter au routeur en ethernet pour avoir le web.

    Merci de tes commentaires
    A+
    28 Novembre 2008 23:20:45

    Re,

    Tu as à nouveau redémarré le routeur pour voir ?

    Je vais me renseigner ;) 
    28 Novembre 2008 23:35:14

    Hello,

    Lorsque l'on a une adresse en 169.254.164.207, c'est que généralement, ton PC n'a pas réussi à contacter le serveur DHCP.
    Tu peux réessayer en entrant dans CMD :
    ipconfig /renew

    Qui va essayer de renouveller ton adresse IP auprès du serveur DHCP.
    4 Décembre 2008 18:54:07

    Bonsoir,
    C'est effectivement le message que j'ai. Le routeur est en fonction et je contourne momentanément la difficulté en utilisant un petit portable (Toshiba Tecra 9100 sous XP) qui avait lui aussi le même occupant indésirable... Je me connecte au routeur provisoirement avec un câble ethernet dans la chambre ce qui n'est pax du goût de "tout le monde"
    Je vais renouveler mon adresse IP et je reviens vers toi.

    Il y a un point qui me préoccupe : j'ai vu sur un forum toute une liste d'exécutables qui seraient à l'origine du problème : je n'ai rien fait de plus car je ne veux pas mélanger les "traitements" : http://www.exterminate-it.com/malpedia/remove-zlob-dns-...

    Mon statut actuel : connecté au réseau local sans fil, débit excellent mais "connection limitée". Je ne peux accéder au routeur et mes ordinateurs ne communiquent pas. Je viens de faire ipconfig /renew et il m'indique : "...impossible de contacter votre serveur DHC..."

    Point positif : dans les propriétés TCP/IP je n'ai plus la redirection vers le serveur ukrainien (85...)

    Bonner soirée
    A+
    4 Décembre 2008 18:58:49

    Pour les exécutables il faudrait voir ça avec FanDANGELDARK ce qu'il vaut mieux faire pour te désinfecter.

    Pour la connection limitée, essaie de faire ipconfig /release puis une fois que c'est fini, refais un ipconfig /renew
    4 Décembre 2008 19:19:42

    Re,

    Les exécutables ont été supprimé. (normalement)

    Juste comme ça, je crois que tu as Free.

    J'ai parfois, les mêmes problèmes que toi, mais ça ne dure en général pas plus d'une journée/demi-journée
    8 Décembre 2008 18:46:03

    Bonsoir à OmaR et FanDANGELDARK,

    Je crois que je suis de nouveau clean. J'ai une nouvelle fois fait un reset du routeur et réinstallé les paramètres. J'ai en tout 4 PC dont deux portables reliés en WiFi et je ne constate plus de problème. Windows Defender Update a fonctionné. Je voudrais vous remercier chaleureusement pour le temps passé à m'aider et vous dire un grand bravo pour votre compétence.

    Mais comment un routeur peut-il être infecté ?

    En tous cas, merci encore. Je reste vigilant.
    9 Décembre 2008 22:23:13

    Hello,

    Cool ;) 

    Lecture : http://siri-urz.blogspot.com/2008/06/routers-dnschanger...

    *------------------

    Prévention :

    - Nettoyage des fichiers temporaires :

    Télécharge Ccleaner sur ton Bureau.

  • Clique sur "download the latest version"
  • Installe-le en laissant seulement les options suivantes cochées :
    - Ajouter un raccourci sur le Bureau
    - Contrôler automatiquement les mises à jour de CCleaner
  • Lance le Nettoyage
  • Clique sur Chercher des erreurs et sauvegarde si tu le souhaites.

    Aide : Comment utiliser CCleaner.


    Telecharge ATFcleaner sur ton Bureau.

  • Double-clique sur l'exécutable téléchargé.
  • Dans l'onglet Main, coche simplement la case Select All (toutes les cases vont se cocher) puis sur le bouton Empty Selected.
  • Si tu possèdes Firefox ou Opera comme navigateur, pense à choisir ton navigateur en haut a gauche avant de sélectionner Select All puis Empty Selected.
  • Puis réponds Non au message qui s'affiche, si tu ne souhaites pas perdre tes mots de passe.

    Aide : Comment utiliser AFTCleaner.

    -- Restauration Système :

    Désactive-Réactive la restauration système.

    Méthode XP :
    Clique sur Démarrer, fais un clique droit sur le Poste de travail puis clique sur Propiétés. Sélectionne l'onglet Restauration du Système.
    Dans cet onglet, coche la case Désactiver la Restauration du système sur tous les lecteurs.
    Un message de confirmation va apparaître. Clique sur Oui, puis OK. Fais redémarrer ton ordinateur pour que les changements soient bien pris en compte.
    Pour réactiver la restauration système, il suffit de décocher cette même case et de faire redémarrer ton ordinateur (en ayant suivi les mêmes étapes).

    Méthode Vista :
    Clique sur Démarrer, fais un clique droit sur Ordinateur, puis clique sur Propriétés. Clique à gauche sur Paramètres système avancés. Sélectionne l'onglet Protection du Système.
    Dans cet onglet, décoche (une par une) tes partitions, un message de confirmation va apparaître, clique sur Désactiver la protection du système, Clique sur Appliquer, puis OK.
    Fais redémarrer ton ordinateur pour que les changements soient bien pris en compte.
    Pour réactiver la restauration système, il suffit de décocher cette même case et de faire redémarrer ton ordinateur (en ayant suivi les mêmes étapes).

    Aide : Comment Désactiver-Réactiver la Restauration Système.

    --- Affichage normal des fichiers :

    Clique sur le menu Demarrer /Panneau de configuration/Options des dossiers/ puis dans l'onglet Affichage
    - Décoche Afficher les fichiers et dossiers cachés
    - Coche Masquer les fichiers protégés du système d'exploitation (recommandé)
    clique sur Appliquer, puis OK.

    ---- Suppression des outils installés :

    Télécharge ToolsCleaner2 (de A.Rothstein)

  • Installe le sur ton Bureau.
  • Clique sur Recherche pour lancer le scan.
  • Clique sur Supprimer pour nettoyer les outils utilisés.
  • Clique sur Quitter.
  • Supprime maintenant ToolsCleaner.

    ----- Remise en place des protections, protection du système avec les Mises à Jour ! :

    Je t'invite maintenant à (ré)activer toutes tes protections résidentes (Antivirus, Antispyware, Firewall..).
    Tu dois avoir accès à tes protections dans la zone systray à côté de la barre des tâches. Si tu as des difficultés, n'hésite pas à me questionner !
    Si ce n'est pas fait, assure-toi que les Mises à jour Automatiques Windows soient activées !
    Mets tes Softwares correctement à jour (Java, Adobe, Flash ..) grâce à Sotware Inspector (chez Secunia)

    Un petit mot à propos de Java :

    Une fois la nouvelle version téléchargée, installe-la et fais redémarrer ton ordinateur.
    Hélas, les anciennes version de Java (qui contiennent des failles, donc dangereuses !) sont toujours présentes !
    C'est donc très important que tu désinstalles les anciennes versions de Java.

  • Va dans Démarrer, Panneau de Configuration, Ajout/Suppression de Programmes
  • Déinstalles toutes les versions de Java exceptée la plus récente.

    Aide : Comment utiliser Secunia Software Inspector.

    ------ Ton infection, tu la dénonces ? :

    Tu n'es pas obligé mais ce serait bien que tu rapportes ton infection sur Malware Complaints
  • Ton(tes) infection(s) : Dns Changer.
  • Si tu ne la trouves pas dans la liste, poste dans Autres infections.

    Aide : Comment dénoncer mon infection sur Malware Complaints.

    Je t'invite maintenant à regarder ces dossiers très instructifs en terme de prévention !

    - Sécurité/Prévention
    - Conséquences de la multi-protection
    - Toolbars : Inutilité et ralentissements

    Bonne journée/soirée :) 
    9 Décembre 2008 22:36:08

    c'est moche le vert fluo :o 
    9 Décembre 2008 22:42:37

    Je changerai un jour :)  :o 
    9 Décembre 2008 23:34:59

    OK, merci pour toutes ces précisions. Même en vert fluo, je suis ravi !!

    Tom's guide dans le monde
    • Allemagne
    • Italie
    • Irlande
    • Royaume Uni
    • Etats Unis
    Suivre Tom's Guide
    Inscrivez-vous à la Newsletter
    • ajouter à twitter
    • ajouter à facebook
    • ajouter un flux RSS