Se connecter / S'enregistrer
Votre question

probleme de fenetre de pub intempestive

Tags :
  • Sécurité
Dernière réponse : dans Sécurité et virus
14 Janvier 2008 20:14:26

bonjour,
voila j'ai un pc portable sous vista et depuis quelques jours 'ai des fenetres itempestives de pub sur le net je n'en peux plus que faire
pouvez vous m'aider
d'avance merci

Autres pages sur : probleme fenetre pub intempestive

a b 8 Sécurité
14 Janvier 2008 20:16:21

Bonjour,

Télécharge Gmer.
Dézippe le dans un dossier ou sur ton bureau.

Déconnecte toi d'Internet puis et ferme tous les programmes.
Double-clique sur Gmer.exe.

IMPORTANT: Si une alerte de ton antivirus apparaît pour le fichier gmer.sys ou gmer.exe, laisse le s'executer.

Clique sur l'onglet rootkit.
A droite, coche Files et Services.
Clique maintenant sur Scan.

Lorsque le scan est terminé, clique sur Copy.

Ouvre le Bloc-notes puis clique sur le Menu Edition / Coller.
Le rapport doit alors apparaître.
Enregistre le fichier sur ton bureau et copie/colle le contenu ici.
14 Janvier 2008 20:32:42

merci de la reponse rapide pour ino je reste la

voila le rapport
GMER 1.0.13.12551 - http://www.gmer.net
Rootkit scan 2008-01-14 20:30:01
Windows 6.0.6000


---- Files - GMER 1.0.13 ----

ADS C:\Users\bronzes\AppData\Local\Microsoft\Messenger\sylvain.alix@hotmail.fr\SharingMetadata\catherinealix@hotmail.fr\DFSR\Staging\CS{6E39606C-AE0E-4445-04D7-A499E0F99658}\01\10-{6E39606C-AE0E-4445-04D7-A499E0F99658}-v1-{4BF76316-EB6C-4B1E-8D00-3C9C54C55037}-v10-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS
ADS C:\Users\bronzes\AppData\Local\Microsoft\Messenger\sylvain.alix@hotmail.fr\SharingMetadata\catherinealix@hotmail.fr\DFSR\Staging\CS{6E39606C-AE0E-4445-04D7-A499E0F99658}\11\11-{4BF76316-EB6C-4B1E-8D00-3C9C54C55037}-v11-{4BF76316-EB6C-4B1E-8D00-3C9C54C55037}-v11-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1
ADS C:\Users\bronzes\AppData\Local\Microsoft\Messenger\sylvain.alix@hotmail.fr\SharingMetadata\catherinealix@hotmail.fr\DFSR\Staging\CS{6E39606C-AE0E-4445-04D7-A499E0F99658}\11\11-{4BF76316-EB6C-4B1E-8D00-3C9C54C55037}-v11-{4BF76316-EB6C-4B1E-8D00-3C9C54C55037}-v11-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.2
ADS C:\Users\bronzes\AppData\Local\Microsoft\Messenger\sylvain.alix@hotmail.fr\SharingMetadata\catherinealix@hotmail.fr\DFSR\Staging\CS{6E39606C-AE0E-4445-04D7-A499E0F99658}\11\11-{4BF76316-EB6C-4B1E-8D00-3C9C54C55037}-v11-{4BF76316-EB6C-4B1E-8D00-3C9C54C55037}-v11-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS
ADS C:\Users\bronzes\AppData\Local\Microsoft\Messenger\sylvain.alix@hotmail.fr\SharingMetadata\nbelcast@hotmail.com\DFSR\Staging\CS{C19735DE-C010-E8AB-2744-2E7D0940464D}\01\12-{C19735DE-C010-E8AB-2744-2E7D0940464D}-v1-{4BF76316-EB6C-4B1E-8D00-3C9C54C55037}-v12-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS
ADS C:\Users\bronzes\AppData\Local\Microsoft\Messenger\sylvain.alix@hotmail.fr\SharingMetadata\nbelcast@hotmail.com\DFSR\Staging\CS{C19735DE-C010-E8AB-2744-2E7D0940464D}\13\13-{4BF76316-EB6C-4B1E-8D00-3C9C54C55037}-v13-{4BF76316-EB6C-4B1E-8D00-3C9C54C55037}-v13-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS
ADS C:\Users\bronzes\AppData\Local\Microsoft\Messenger\sylvain.alix@hotmail.fr\SharingMetadata\nbelcast@hotmail.com\DFSR\Staging\CS{C19735DE-C010-E8AB-2744-2E7D0940464D}\14\14-{4BF76316-EB6C-4B1E-8D00-3C9C54C55037}-v14-{4BF76316-EB6C-4B1E-8D00-3C9C54C55037}-v14-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS
ADS C:\Users\bronzes\AppData\Local\Microsoft\Messenger\sylvain.alix@hotmail.fr\SharingMetadata\nbelcast@hotmail.com\DFSR\Staging\CS{C19735DE-C010-E8AB-2744-2E7D0940464D}\15\15-{4BF76316-EB6C-4B1E-8D00-3C9C54C55037}-v15-{4BF76316-EB6C-4B1E-8D00-3C9C54C55037}-v15-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS
ADS C:\Users\bronzes\AppData\Local\Microsoft\Messenger\sylvain.alix@hotmail.fr\SharingMetadata\nbelcast@hotmail.com\DFSR\Staging\CS{C19735DE-C010-E8AB-2744-2E7D0940464D}\22\22-{4BF76316-EB6C-4B1E-8D00-3C9C54C55037}-v22-{4BF76316-EB6C-4B1E-8D00-3C9C54C55037}-v22-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS
ADS C:\Users\bronzes\AppData\Local\Microsoft\Messenger\sylvain.alix@hotmail.fr\SharingMetadata\nbelcast@hotmail.com\DFSR\Staging\CS{C19735DE-C010-E8AB-2744-2E7D0940464D}\24\24-{4BF76316-EB6C-4B1E-8D00-3C9C54C55037}-v24-{4BF76316-EB6C-4B1E-8D00-3C9C54C55037}-v24-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1
ADS C:\Users\bronzes\AppData\Local\Microsoft\Messenger\sylvain.alix@hotmail.fr\SharingMetadata\nbelcast@hotmail.com\DFSR\Staging\CS{C19735DE-C010-E8AB-2744-2E7D0940464D}\24\24-{4BF76316-EB6C-4B1E-8D00-3C9C54C55037}-v24-{4BF76316-EB6C-4B1E-8D00-3C9C54C55037}-v24-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS

---- EOF - GMER 1.0.13 ----

Contenus similaires
14 Janvier 2008 20:41:09

voila le rapport
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:39:38, on 14/01/2008
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16575)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\system32\igfxsrvc.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\TOSHIBA\Toshiba Online Product Information\TOPI.exe
C:\Program Files\IDM\Desktop SMS\DesktopSMS.exe
C:\Program Files\OrangeHSS\Systray\SystrayApp.exe
C:\Windows\vsnpstd2.exe
C:\Program Files\G DATA TotalCare\Firewall\GDFirewallTray.exe
C:\Program Files\G DATA TotalCare\AVKTray\AVKTray.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\ehome\ehmsas.exe
C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\AlertModule\0\AlertModule.exe
C:\Windows\system32\mdm.exe
C:\Program Files\Windows Mail\WinMail.exe
C:\Program Files\Microsoft Office\Office\WINWORD.EXE
C:\Program Files\Internet Explorer\ieuser.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\bronzes\Downloads\temp\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\OrangeHSS\SearchURLHook\SearchPageURL.dll
R3 - URLSearchHook: (no name) - {9CB65206-89C4-402c-BA80-02D8C59F9B1D} - C:\Program Files\AskTBar\SrchAstt\1.bin\A5SRCHAS.DLL (file missing)
F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe,c:\program files\g data totalcare\avkkid\avkcks.exe
O1 - Hosts: ::1 localhost
O2 - BHO: G DATA WebFilter Class - {0124123D-61B4-456f-AF86-78C53A0790C5} - C:\Program Files\G DATA TotalCare\Webfilter\AvkWebIE.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Ask Search Assistant BHO - {9CB65201-89C4-402c-BA80-02D8C59F9B1D} - C:\Program Files\AskTBar\SrchAstt\1.bin\A5SRCHAS.DLL (file missing)
O2 - BHO: Ask Toolbar BHO - {FE063DB1-4EC0-403e-8DD8-394C54984B2C} - C:\Program Files\AskTBar\bar\1.bin\ASKTBAR.DLL (file missing)
O3 - Toolbar: Ask Toolbar - {FE063DB9-4EC0-403e-8DD8-394C54984B2C} - C:\Program Files\AskTBar\bar\1.bin\ASKTBAR.DLL (file missing)
O3 - Toolbar: G DATA WebFilter - {0124123D-61B4-456f-AF86-78C53A0790C5} - C:\Program Files\G DATA TotalCare\Webfilter\AvkWebIE.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe
O4 - HKLM\..\Run: [topi] C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe -startup
O4 - HKLM\..\Run: [Desktop SMS] C:\Program Files\IDM\Desktop SMS\DesktopSMS.exe /auto
O4 - HKLM\..\Run: [Toshiba Registration] C:\Program Files\Toshiba\Registration\ToshibaRegistration.exe
O4 - HKLM\..\Run: [SystrayORAHSS] "C:\Program Files\OrangeHSS\Systray\SystrayApp.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Windows\system32\NeroCheck.exe
O4 - HKLM\..\Run: [tsnpstd] C:\Windows\tsnpstd.exe
O4 - HKLM\..\Run: [snpstd2] C:\Windows\vsnpstd2.exe
O4 - HKLM\..\Run: [GDFirewallTray] C:\Program Files\G DATA TotalCare\Firewall\GDFirewallTray.exe
O4 - HKLM\..\Run: [AVKTray] "C:\Program Files\G DATA TotalCare\AVKTray\AVKTray.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [RayV] C:\Program Files\RayV\RayV\RayV.exe /background
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - Global Startup: G DATA Firewall Tray.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\npjpi160.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\npjpi160.dll
O9 - Extra button: eBay - Achetez, Vendez - {76577871-04EC-495E-A12B-91F7C3600AFA} - http://rover.ebay.com/rover/1/709-44555-9400-3/4 (file missing)
O9 - Extra button: Amazon.fr - {8A918C1D-E123-4E36-B562-5C1519E434CE} - http://www.amazon.fr/exec/obidos/redirect-home?tag=Tosh... (file missing)
O13 - Gopher Prefix:
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
O17 - HKLM\System\CCS\Services\Tcpip\..\{F2D76B1A-CA49-448E-9A3E-4EE5F8485CB1}: NameServer = 182.168.1.1
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe
O23 - Service: ASLDR Service (ASLDRService) - Unknown owner - C:\Program Files\ATK Hotkey\ASLDRSrv.exe
O23 - Service: G DATA AntiVirus Proxy (AVKProxy) - G DATA Software AG - C:\Program Files\Common Files\G DATA\AVKProxy\AVKProxy.exe
O23 - Service: G DATA Scheduler (AVKService) - G DATA Software AG - C:\Program Files\G DATA TotalCare\AVK\AVKService.exe
O23 - Service: Gardien d'AntiVirus (AVKWCtl) - G DATA Software AG - C:\Program Files\G DATA TotalCare\AVK\AVKWCtl.exe
O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
O23 - Service: G DATA Tuner Service - G DATA Software AG - C:\Program Files\G DATA TotalCare\AVKTuner\AVKTunerService.exe
O23 - Service: Pare-feu personnel G DATA (GDFwSvc) - G DATA Software AG - C:\Program Files\G DATA TotalCare\Firewall\GDFwSvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: STI Simulator - Unknown owner - C:\Windows\System32\PAStiSvc.exe
O23 - Service: TOSHIBA Navi Support Service (TNaviSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - TOSHIBA Corporation - C:\Windows\system32\TODDSrv.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe

--
End of file - 8232 bytes
a b 8 Sécurité
14 Janvier 2008 20:51:46

Re,

Télécharge BTFix ([#ff0000]Bibi26[/#f]).
Dézippe l'archive sur ton Bureau.
  • Ouvre le dossier BTFix.
  • Double clique sur BTFix.exe.
  • Clique sur Rechercher.
  • Un rapport va apparaître, copie/colle-le dans ta prochaine réponse.
    14 Janvier 2008 20:59:19

    voila ce rapport
    BTFix 1.070 (par bibi26) - 14/01/2008 20:58:27 - Analyse
    Lancé depuis C:\Users\bronzes\Desktop\BTFix\BTFix.exe

    ---> Fichiers/Dossiers trouvés

    - C:\Program Files\AskTBar\

    ---> Analyse terminée
    a b 8 Sécurité
    14 Janvier 2008 21:04:09

    Re,

  • Ouvre à nouveau BTFix.
  • Clique sur Nettoyer.
  • Un rapport va apparaître, copie/colle-le dans ta prochaine réponse.
    14 Janvier 2008 21:07:56

    j'ai un message d'erreur failed to set data for'AutoRestartshell' et bien sur je n'ai pas de rapport
    a b 8 Sécurité
    14 Janvier 2008 21:08:22

    Ok.

    Télécharge Clean.zip (de Malekal),
    Décompresse-le sur ton bureau (Clique-Droit/Extraire tout), tu dois obtenir un dossier Clean.
    Ouvre le dossier clean, double-clique sur clean.cmd.
    Choisis l'option 1 puis patiente. Poste ensuite le contenu du rapport.
    14 Janvier 2008 21:22:39

    g data me bloque l'cces pourle telechargement
    a b 8 Sécurité
    14 Janvier 2008 21:39:50

    Bah désactive-le :) 
    14 Janvier 2008 21:49:14

    oui mais y arrive pas
    a b 8 Sécurité
    14 Janvier 2008 21:50:57

    Clique droit sur l'icone en bas à droite près de l'horloge puis tu sélectionnes la bonne option.
    14 Janvier 2008 22:08:47

    je sais mais t est desactivé et a chaque fois
    Virus: not-a-virus:RiskTool.Win32.PsKill.k

    Virus détecté pendant le chargement des contenus Web.

    Adresse: www.malekal.com
    14 Janvier 2008 22:25:43

    j'ai passé clean mais il n'y a rien ds le fichier il dit qu'il est impossible de l'ouvrir, en plus il y a des erreurs lors de l'exécution de clean erreur execution 75
    a b 8 Sécurité
    15 Janvier 2008 12:04:33

    Il n'y a pas une option Ignorer ?
    15 Janvier 2008 19:53:54

    non il n 'y a pas d'ption pendant le scan il y a acces refusé
    a b 8 Sécurité
    15 Janvier 2008 20:34:08

    On va faire autrement. Reposte un rapport Hijackthis.
    15 Janvier 2008 20:52:11

    voila merci encore
    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 20:51:23, on 15/01/2008
    Platform: Windows Vista (WinNT 6.00.1904)
    MSIE: Internet Explorer v7.00 (7.00.6000.16575)
    Boot mode: Normal

    Running processes:
    C:\Windows\system32\taskeng.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Program Files\Windows Defender\MSASCui.exe
    C:\Windows\System32\igfxtray.exe
    C:\Windows\system32\igfxsrvc.exe
    C:\Windows\System32\hkcmd.exe
    C:\Windows\System32\igfxpers.exe
    C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe
    C:\Program Files\TOSHIBA\Toshiba Online Product Information\TOPI.exe
    C:\Program Files\IDM\Desktop SMS\DesktopSMS.exe
    C:\Program Files\OrangeHSS\Systray\SystrayApp.exe
    C:\Windows\vsnpstd2.exe
    C:\Program Files\G DATA TotalCare\Firewall\GDFirewallTray.exe
    C:\Program Files\G DATA TotalCare\AVKTray\AVKTray.exe
    C:\Program Files\Windows Sidebar\sidebar.exe
    C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe
    C:\Windows\ehome\ehtray.exe
    C:\Program Files\MSN Messenger\msnmsgr.exe
    C:\Program Files\Windows Media Player\wmpnscfg.exe
    C:\Windows\ehome\ehmsas.exe
    C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\AlertModule\0\AlertModule.exe
    C:\Program Files\TOSHIBA\ConfigFree\CFSwMgr.exe
    C:\Windows\system32\mdm.exe
    C:\Program Files\Windows Mail\WinMail.exe
    C:\Program Files\Internet Explorer\ieuser.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Windows\system32\conime.exe
    C:\Windows\system32\Macromed\Flash\FlashUtil9d.exe
    C:\Users\bronzes\Downloads\temp\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.fr/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\OrangeHSS\SearchURLHook\SearchPageURL.dll
    R3 - URLSearchHook: (no name) - {9CB65206-89C4-402c-BA80-02D8C59F9B1D} - C:\Program Files\AskTBar\SrchAstt\1.bin\A5SRCHAS.DLL (file missing)
    F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe,c:\program files\g data totalcare\avkkid\avkcks.exe
    O1 - Hosts: ::1 localhost
    O2 - BHO: G DATA WebFilter Class - {0124123D-61B4-456f-AF86-78C53A0790C5} - C:\Program Files\G DATA TotalCare\Webfilter\AvkWebIE.dll
    O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Ask Search Assistant BHO - {9CB65201-89C4-402c-BA80-02D8C59F9B1D} - C:\Program Files\AskTBar\SrchAstt\1.bin\A5SRCHAS.DLL (file missing)
    O2 - BHO: Ask Toolbar BHO - {FE063DB1-4EC0-403e-8DD8-394C54984B2C} - C:\Program Files\AskTBar\bar\1.bin\ASKTBAR.DLL (file missing)
    O3 - Toolbar: Ask Toolbar - {FE063DB9-4EC0-403e-8DD8-394C54984B2C} - C:\Program Files\AskTBar\bar\1.bin\ASKTBAR.DLL (file missing)
    O3 - Toolbar: G DATA WebFilter - {0124123D-61B4-456f-AF86-78C53A0790C5} - C:\Program Files\G DATA TotalCare\Webfilter\AvkWebIE.dll
    O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
    O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
    O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
    O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
    O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe
    O4 - HKLM\..\Run: [topi] C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe -startup
    O4 - HKLM\..\Run: [Desktop SMS] C:\Program Files\IDM\Desktop SMS\DesktopSMS.exe /auto
    O4 - HKLM\..\Run: [Toshiba Registration] C:\Program Files\Toshiba\Registration\ToshibaRegistration.exe
    O4 - HKLM\..\Run: [SystrayORAHSS] "C:\Program Files\OrangeHSS\Systray\SystrayApp.exe"
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\Windows\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [tsnpstd] C:\Windows\tsnpstd.exe
    O4 - HKLM\..\Run: [snpstd2] C:\Windows\vsnpstd2.exe
    O4 - HKLM\..\Run: [GDFirewallTray] C:\Program Files\G DATA TotalCare\Firewall\GDFirewallTray.exe
    O4 - HKLM\..\Run: [AVKTray] "C:\Program Files\G DATA TotalCare\AVKTray\AVKTray.exe"
    O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
    O4 - HKCU\..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe
    O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [RayV] C:\Program Files\RayV\RayV\RayV.exe /background
    O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
    O4 - Global Startup: G DATA Firewall Tray.lnk = ?
    O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\npjpi160.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\npjpi160.dll
    O9 - Extra button: eBay - Achetez, Vendez - {76577871-04EC-495E-A12B-91F7C3600AFA} - http://rover.ebay.com/rover/1/709-44555-9400-3/4 (file missing)
    O9 - Extra button: Amazon.fr - {8A918C1D-E123-4E36-B562-5C1519E434CE} - http://www.amazon.fr/exec/obidos/redirect-home?tag=Tosh... (file missing)
    O13 - Gopher Prefix:
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
    O17 - HKLM\System\CCS\Services\Tcpip\..\{F2D76B1A-CA49-448E-9A3E-4EE5F8485CB1}: NameServer = 182.168.1.1
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
    O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe
    O23 - Service: ASLDR Service (ASLDRService) - Unknown owner - C:\Program Files\ATK Hotkey\ASLDRSrv.exe
    O23 - Service: G DATA AntiVirus Proxy (AVKProxy) - G DATA Software AG - C:\Program Files\Common Files\G DATA\AVKProxy\AVKProxy.exe
    O23 - Service: G DATA Scheduler (AVKService) - G DATA Software AG - C:\Program Files\G DATA TotalCare\AVK\AVKService.exe
    O23 - Service: Gardien d'AntiVirus (AVKWCtl) - G DATA Software AG - C:\Program Files\G DATA TotalCare\AVK\AVKWCtl.exe
    O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
    O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
    O23 - Service: G DATA Tuner Service - G DATA Software AG - C:\Program Files\G DATA TotalCare\AVKTuner\AVKTunerService.exe
    O23 - Service: Pare-feu personnel G DATA (GDFwSvc) - G DATA Software AG - C:\Program Files\G DATA TotalCare\Firewall\GDFwSvc.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
    O23 - Service: STI Simulator - Unknown owner - C:\Windows\System32\PAStiSvc.exe
    O23 - Service: TOSHIBA Navi Support Service (TNaviSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe
    O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - TOSHIBA Corporation - C:\Windows\system32\TODDSrv.exe
    O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe

    --
    End of file - 8355 bytes
    a b 8 Sécurité
    15 Janvier 2008 21:04:40

    Ton g-data n'a pas été cracké par hasard ?
    15 Janvier 2008 21:06:51


    non je l'ai acheté 80 euros pour mon pc portale car je ne voulais pas etre embeté et puis.......
    a b 8 Sécurité
    15 Janvier 2008 21:13:25

    Ok.

    Fix les lignes dans le cadre ci-dessous avec Hijackthis : AIDE EN IMAGES

    R3 - URLSearchHook: (no name) - {9CB65206-89C4-402c-BA80-02D8C59F9B1D} - C:\Program Files\AskTBar\SrchAstt\1.bin\A5SRCHAS.DLL (file missing)
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Ask Search Assistant BHO - {9CB65201-89C4-402c-BA80-02D8C59F9B1D} - C:\Program Files\AskTBar\SrchAstt\1.bin\A5SRCHAS.DLL (file missing)
    O2 - BHO: Ask Toolbar BHO - {FE063DB1-4EC0-403e-8DD8-394C54984B2C} - C:\Program Files\AskTBar\bar\1.bin\ASKTBAR.DLL (file missing)
    O3 - Toolbar: Ask Toolbar - {FE063DB9-4EC0-403e-8DD8-394C54984B2C} - C:\Program Files\AskTBar\bar\1.bin\ASKTBAR.DLL (file missing)
    15 Janvier 2008 21:22:20

    voila je l'ai fait,
    a b 8 Sécurité
    15 Janvier 2008 21:39:12

    Reposte un rapport Hijacthis.
    15 Janvier 2008 21:42:52

    voila
    d la fenetre de HijackThis lors du fix a la fait apres clic sur oui la fenetre c vidée sans acun mesage si c'était bon ou pas en fin voila le rapport:

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 21:40:39, on 15/01/2008
    Platform: Windows Vista (WinNT 6.00.1904)
    MSIE: Internet Explorer v7.00 (7.00.6000.16575)
    Boot mode: Normal

    Running processes:
    C:\Windows\system32\taskeng.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Program Files\Windows Defender\MSASCui.exe
    C:\Windows\System32\igfxtray.exe
    C:\Windows\system32\igfxsrvc.exe
    C:\Windows\System32\hkcmd.exe
    C:\Windows\System32\igfxpers.exe
    C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe
    C:\Program Files\TOSHIBA\Toshiba Online Product Information\TOPI.exe
    C:\Program Files\IDM\Desktop SMS\DesktopSMS.exe
    C:\Program Files\OrangeHSS\Systray\SystrayApp.exe
    C:\Windows\vsnpstd2.exe
    C:\Program Files\G DATA TotalCare\Firewall\GDFirewallTray.exe
    C:\Program Files\G DATA TotalCare\AVKTray\AVKTray.exe
    C:\Program Files\Windows Sidebar\sidebar.exe
    C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe
    C:\Windows\ehome\ehtray.exe
    C:\Program Files\MSN Messenger\msnmsgr.exe
    C:\Program Files\Windows Media Player\wmpnscfg.exe
    C:\Windows\ehome\ehmsas.exe
    C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\AlertModule\0\AlertModule.exe
    C:\Program Files\TOSHIBA\ConfigFree\CFSwMgr.exe
    C:\Windows\system32\mdm.exe
    C:\Program Files\Windows Mail\WinMail.exe
    C:\Program Files\Internet Explorer\ieuser.exe
    C:\Windows\system32\conime.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Windows\system32\Macromed\Flash\FlashUtil9d.exe
    C:\Users\bronzes\Downloads\temp\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.fr/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe,c:\program files\g data totalcare\avkkid\avkcks.exe
    O1 - Hosts: ::1 localhost
    O2 - BHO: G DATA WebFilter Class - {0124123D-61B4-456f-AF86-78C53A0790C5} - C:\Program Files\G DATA TotalCare\Webfilter\AvkWebIE.dll
    O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Ask Search Assistant BHO - {9CB65201-89C4-402c-BA80-02D8C59F9B1D} - C:\Program Files\AskTBar\SrchAstt\1.bin\A5SRCHAS.DLL (file missing)
    O2 - BHO: Ask Toolbar BHO - {FE063DB1-4EC0-403e-8DD8-394C54984B2C} - C:\Program Files\AskTBar\bar\1.bin\ASKTBAR.DLL (file missing)
    O3 - Toolbar: Ask Toolbar - {FE063DB9-4EC0-403e-8DD8-394C54984B2C} - C:\Program Files\AskTBar\bar\1.bin\ASKTBAR.DLL (file missing)
    O3 - Toolbar: G DATA WebFilter - {0124123D-61B4-456f-AF86-78C53A0790C5} - C:\Program Files\G DATA TotalCare\Webfilter\AvkWebIE.dll
    O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
    O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
    O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
    O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
    O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe
    O4 - HKLM\..\Run: [topi] C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe -startup
    O4 - HKLM\..\Run: [Desktop SMS] C:\Program Files\IDM\Desktop SMS\DesktopSMS.exe /auto
    O4 - HKLM\..\Run: [Toshiba Registration] C:\Program Files\Toshiba\Registration\ToshibaRegistration.exe
    O4 - HKLM\..\Run: [SystrayORAHSS] "C:\Program Files\OrangeHSS\Systray\SystrayApp.exe"
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\Windows\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [tsnpstd] C:\Windows\tsnpstd.exe
    O4 - HKLM\..\Run: [snpstd2] C:\Windows\vsnpstd2.exe
    O4 - HKLM\..\Run: [GDFirewallTray] C:\Program Files\G DATA TotalCare\Firewall\GDFirewallTray.exe
    O4 - HKLM\..\Run: [AVKTray] "C:\Program Files\G DATA TotalCare\AVKTray\AVKTray.exe"
    O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
    O4 - HKCU\..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe
    O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [RayV] C:\Program Files\RayV\RayV\RayV.exe /background
    O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
    O4 - Global Startup: G DATA Firewall Tray.lnk = ?
    O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\npjpi160.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\npjpi160.dll
    O9 - Extra button: eBay - Achetez, Vendez - {76577871-04EC-495E-A12B-91F7C3600AFA} - http://rover.ebay.com/rover/1/709-44555-9400-3/4 (file missing)
    O9 - Extra button: Amazon.fr - {8A918C1D-E123-4E36-B562-5C1519E434CE} - http://www.amazon.fr/exec/obidos/redirect-home?tag=Tosh... (file missing)
    O13 - Gopher Prefix:
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
    O17 - HKLM\System\CCS\Services\Tcpip\..\{F2D76B1A-CA49-448E-9A3E-4EE5F8485CB1}: NameServer = 182.168.1.1
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
    O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe
    O23 - Service: ASLDR Service (ASLDRService) - Unknown owner - C:\Program Files\ATK Hotkey\ASLDRSrv.exe
    O23 - Service: G DATA AntiVirus Proxy (AVKProxy) - G DATA Software AG - C:\Program Files\Common Files\G DATA\AVKProxy\AVKProxy.exe
    O23 - Service: G DATA Scheduler (AVKService) - G DATA Software AG - C:\Program Files\G DATA TotalCare\AVK\AVKService.exe
    O23 - Service: Gardien d'AntiVirus (AVKWCtl) - G DATA Software AG - C:\Program Files\G DATA TotalCare\AVK\AVKWCtl.exe
    O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
    O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
    O23 - Service: G DATA Tuner Service - G DATA Software AG - C:\Program Files\G DATA TotalCare\AVKTuner\AVKTunerService.exe
    O23 - Service: Pare-feu personnel G DATA (GDFwSvc) - G DATA Software AG - C:\Program Files\G DATA TotalCare\Firewall\GDFwSvc.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
    O23 - Service: STI Simulator - Unknown owner - C:\Windows\System32\PAStiSvc.exe
    O23 - Service: TOSHIBA Navi Support Service (TNaviSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe
    O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - TOSHIBA Corporation - C:\Windows\system32\TODDSrv.exe
    O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe

    --
    End of file - 8077 bytes
    a b 8 Sécurité
    15 Janvier 2008 21:51:00

    Tu peux vraiment pas désactiver Gdata ?
    15 Janvier 2008 21:53:27

    ben en fait j'essaye pas mal de truc mais j'y arive pas, et tout a l'heur j'avais tout désactivé pour essayer un clean mais impossible et j'ai eu un ontact "scopy" sur msn qui m'a ajouter a ces contact encore un tru pas bon?
    bref pour g data je regarde ds lebouquin mais rien
    merci de ton aide
    15 Janvier 2008 23:06:22

    en fait j'arriv bien a désastivé mais ensuite sur un clean j'ai acces refusé, est ce encore g data? puis en suite error 75 a la fin de clean et erreur : pas de fichier texte trouvable.
    a b 8 Sécurité
    16 Janvier 2008 13:05:42

    Désactive-le puis fais l'étape avec Hijackthis.
    16 Janvier 2008 17:43:53

    je l'ai désactivé fixé les fichiers et voila un nuveau raport

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 17:40:36, on 16/01/2008
    Platform: Windows Vista (WinNT 6.00.1904)
    MSIE: Internet Explorer v7.00 (7.00.6000.16575)
    Boot mode: Normal

    Running processes:
    C:\Windows\system32\Dwm.exe
    C:\Windows\system32\taskeng.exe
    C:\Windows\Explorer.EXE
    C:\Program Files\Windows Defender\MSASCui.exe
    C:\Windows\System32\igfxtray.exe
    C:\Windows\System32\hkcmd.exe
    C:\Windows\system32\igfxsrvc.exe
    C:\Windows\System32\igfxpers.exe
    C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe
    C:\Program Files\TOSHIBA\Toshiba Online Product Information\TOPI.exe
    C:\Program Files\IDM\Desktop SMS\DesktopSMS.exe
    C:\Program Files\OrangeHSS\Systray\SystrayApp.exe
    C:\Windows\vsnpstd2.exe
    C:\Program Files\G DATA TotalCare\Firewall\GDFirewallTray.exe
    C:\Program Files\G DATA TotalCare\AVKTray\AVKTray.exe
    C:\Program Files\Windows Sidebar\sidebar.exe
    C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe
    C:\Windows\ehome\ehtray.exe
    C:\Program Files\MSN Messenger\msnmsgr.exe
    C:\Program Files\Windows Media Player\wmpnscfg.exe
    C:\Windows\ehome\ehmsas.exe
    C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\AlertModule\0\AlertModule.exe
    C:\Program Files\TOSHIBA\ConfigFree\CFSwMgr.exe
    C:\Windows\system32\mdm.exe
    C:\Program Files\Internet Explorer\IEUser.exe
    C:\Program Files\Windows Mail\WinMail.exe
    C:\Program Files\G DATA TotalCare\GUI\avkis.exe
    C:\Windows\system32\DllHost.exe
    C:\Users\bronzes\Downloads\temp\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.fr/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe,c:\program files\g data totalcare\avkkid\avkcks.exe
    O1 - Hosts: ::1 localhost
    O2 - BHO: G DATA WebFilter Class - {0124123D-61B4-456f-AF86-78C53A0790C5} - C:\Program Files\G DATA TotalCare\Webfilter\AvkWebIE.dll
    O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Ask Search Assistant BHO - {9CB65201-89C4-402c-BA80-02D8C59F9B1D} - C:\Program Files\AskTBar\SrchAstt\1.bin\A5SRCHAS.DLL (file missing)
    O2 - BHO: Ask Toolbar BHO - {FE063DB1-4EC0-403e-8DD8-394C54984B2C} - C:\Program Files\AskTBar\bar\1.bin\ASKTBAR.DLL (file missing)
    O3 - Toolbar: Ask Toolbar - {FE063DB9-4EC0-403e-8DD8-394C54984B2C} - C:\Program Files\AskTBar\bar\1.bin\ASKTBAR.DLL (file missing)
    O3 - Toolbar: G DATA WebFilter - {0124123D-61B4-456f-AF86-78C53A0790C5} - C:\Program Files\G DATA TotalCare\Webfilter\AvkWebIE.dll
    O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
    O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
    O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
    O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
    O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe
    O4 - HKLM\..\Run: [topi] C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe -startup
    O4 - HKLM\..\Run: [Desktop SMS] C:\Program Files\IDM\Desktop SMS\DesktopSMS.exe /auto
    O4 - HKLM\..\Run: [Toshiba Registration] C:\Program Files\Toshiba\Registration\ToshibaRegistration.exe
    O4 - HKLM\..\Run: [SystrayORAHSS] "C:\Program Files\OrangeHSS\Systray\SystrayApp.exe"
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\Windows\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [tsnpstd] C:\Windows\tsnpstd.exe
    O4 - HKLM\..\Run: [snpstd2] C:\Windows\vsnpstd2.exe
    O4 - HKLM\..\Run: [GDFirewallTray] C:\Program Files\G DATA TotalCare\Firewall\GDFirewallTray.exe
    O4 - HKLM\..\Run: [AVKTray] "C:\Program Files\G DATA TotalCare\AVKTray\AVKTray.exe"
    O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
    O4 - HKCU\..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe
    O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [RayV] C:\Program Files\RayV\RayV\RayV.exe /background
    O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
    O4 - Global Startup: G DATA Firewall Tray.lnk = ?
    O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\npjpi160.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\npjpi160.dll
    O9 - Extra button: eBay - Achetez, Vendez - {76577871-04EC-495E-A12B-91F7C3600AFA} - http://rover.ebay.com/rover/1/709-44555-9400-3/4 (file missing)
    O9 - Extra button: Amazon.fr - {8A918C1D-E123-4E36-B562-5C1519E434CE} - http://www.amazon.fr/exec/obidos/redirect-home?tag=Tosh... (file missing)
    O13 - Gopher Prefix:
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
    O17 - HKLM\System\CCS\Services\Tcpip\..\{F2D76B1A-CA49-448E-9A3E-4EE5F8485CB1}: NameServer = 182.168.1.1
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
    O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe
    O23 - Service: ASLDR Service (ASLDRService) - Unknown owner - C:\Program Files\ATK Hotkey\ASLDRSrv.exe
    O23 - Service: G DATA AntiVirus Proxy (AVKProxy) - G DATA Software AG - C:\Program Files\Common Files\G DATA\AVKProxy\AVKProxy.exe
    O23 - Service: G DATA Scheduler (AVKService) - G DATA Software AG - C:\Program Files\G DATA TotalCare\AVK\AVKService.exe
    O23 - Service: Gardien d'AntiVirus (AVKWCtl) - G DATA Software AG - C:\Program Files\G DATA TotalCare\AVK\AVKWCtl.exe
    O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
    O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
    O23 - Service: G DATA Tuner Service - G DATA Software AG - C:\Program Files\G DATA TotalCare\AVKTuner\AVKTunerService.exe
    O23 - Service: Pare-feu personnel G DATA (GDFwSvc) - G DATA Software AG - C:\Program Files\G DATA TotalCare\Firewall\GDFwSvc.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
    O23 - Service: STI Simulator - Unknown owner - C:\Windows\System32\PAStiSvc.exe
    O23 - Service: TOSHIBA Navi Support Service (TNaviSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe
    O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - TOSHIBA Corporation - C:\Windows\system32\TODDSrv.exe
    O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe

    --
    End of file - 8026 bytes
    a b 8 Sécurité
    16 Janvier 2008 18:36:57

    Ton antivirus refuse toutes modifications :/ 

    [#ff0000]Désactive tes protections résidentes (antivirus, Spybot...) ![/#f]

  • Télécharge Combofix ([#ff0000]sUBs[/#f]) sur ton Bureau.
  • Double clique sur combofix.exe afin de le lancer.
  • Tape sur la touche 1 (Yes) pour démarrer le scan.
  • Lorsque le scan sera complété, un rapport apparaîtra. Poste ce rapport dans ta prochaine réponse.
    16 Janvier 2008 20:59:57

    cela ma tout fait planté, j'ai perdu ma connexion internet, impossible de restaurer une sauvegarde, je regarde
    16 Janvier 2008 21:00:56

    voila le rapport ComboFix 08-01-09.2 - bronzes 2008-01-16 19:33:07.1 - NTFSx86
    Microsoft® Windows Vista™ Édition Familiale Premium 6.0.6000.0.1252.1.1036.18.179 [GMT 1:00]
    Running from: C:\Users\bronzes\Desktop\ComboFix.exe
    * Created a new restore point
    .

    (((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
    .

    C:\Program Files\internetgamebox
    C:\Program Files\internetgamebox\Conditions générales.url
    C:\Program Files\internetgamebox\Confidentialité.url
    C:\Program Files\internetgamebox\InternetGameBox.exe
    C:\Program Files\internetgamebox\language
    C:\Program Files\internetgamebox\ressources\configv2_en.xml
    C:\Program Files\internetgamebox\ressources\configv2_es.xml
    C:\Program Files\internetgamebox\ressources\configv2_fr.xml
    C:\Program Files\internetgamebox\skins\skinv2.skn
    C:\Program Files\internetgamebox\uninst.exe
    C:\Program Files\internetgamebox\Website.url
    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\InternetGameBox
    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\InternetGameBox\Conditions générales.lnk
    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\InternetGameBox\Confidentialité.lnk
    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\InternetGameBox\InternetGameBox.lnk
    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\InternetGameBox\Website.lnk
    c:\Users\bronzes\AppData\Local\dcltqby.dat
    C:\Users\bronzes\AppData\Local\dcltqby.exe
    C:\Users\bronzes\AppData\Local\dcltqby_nav.dat
    c:\Users\bronzes\AppData\Local\dcltqby_navps.dat
    C:\Users\bronzes\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\InternetGameBox
    C:\Users\bronzes\Desktop\internetgamebox.lnk
    C:\Windows\pack.epk
    C:\Windows\system32\nvs2.inf

    .
    ((((((((((((((((((((((((((((( Fichiers créés 2007-12-16 to 2008-01-16 ))))))))))))))))))))))))))))))))))))
    .

    2008-01-16 19:31 . 2000-08-31 08:00 51,200 --a------ C:\Windows\NirCmd.exe
    2008-01-16 18:33 . 2008-01-16 18:33 <REP> d-------- C:\Users\bronzes\AppData\Roaming\Gael
    2008-01-16 18:31 . 2008-01-16 18:31 51 --a------ C:\Windows\KeyScript.ini
    2008-01-16 18:30 . 2008-01-16 18:30 <REP> d-------- C:\Program Files\Common Files\Gael
    2008-01-16 18:29 . 2008-01-16 18:29 <REP> d-------- C:\Program Files\Gael
    2008-01-14 20:20 . 2008-01-14 20:20 250 --a------ C:\Windows\gmer.ini
    2008-01-13 00:53 . 2008-01-13 00:53 <REP> d-------- C:\Users\bronzes\AppData\Roaming\skypePM
    2008-01-13 00:53 . 2008-01-14 18:00 <REP> d-------- C:\Users\All Users\Google
    2008-01-13 00:53 . 2008-01-13 00:53 <REP> d-------- C:\Program Files\Common Files\Skype
    2008-01-13 00:53 . 2008-01-13 00:53 32 --a------ C:\Users\All Users\ezsid.dat
    2008-01-13 00:53 . 2008-01-13 00:53 32 --a------ C:\ProgramData\ezsid.dat
    2008-01-11 22:21 . 2008-01-12 19:47 <REP> d-------- C:\Users\bronzes\LANGAGE C
    2008-01-11 18:10 . 2008-01-12 18:16 <REP> d-------- C:\cboy
    2008-01-10 07:07 . 2008-01-10 07:07 802,816 --a------ C:\Windows\System32\drivers\tcpip.sys
    2008-01-10 07:07 . 2008-01-10 07:07 216,760 --a------ C:\Windows\System32\drivers\netio.sys
    2008-01-10 07:07 . 2008-01-10 07:07 167,424 --a------ C:\Windows\System32\tcpipcfg.dll
    2008-01-10 07:07 . 2008-01-10 07:07 24,064 --a------ C:\Windows\System32\netcfg.exe
    2008-01-10 07:07 . 2008-01-10 07:07 22,016 --a------ C:\Windows\System32\netiougc.exe
    2008-01-10 07:05 . 2008-01-10 07:05 11,776 --a------ C:\Windows\System32\sbunattend.exe
    2007-12-29 18:36 . 2007-12-29 18:36 38,608 --a------ C:\Windows\System32\drivers\PktIcpt.sys
    2007-12-29 18:36 . 2008-01-05 21:19 67 --a------ C:\Windows\Backup.INI
    2007-12-29 18:35 . 2007-12-29 18:35 <REP> d-------- C:\Users\All Users\Log
    2007-12-29 18:35 . 2008-01-05 13:03 <REP> d-------- C:\Users\All Users\G DATA
    2007-12-29 18:35 . 2007-12-29 18:35 <REP> d-------- C:\ProgramData\Log
    2007-12-29 18:35 . 2008-01-05 13:03 <REP> d-------- C:\ProgramData\G DATA
    2007-12-29 18:35 . 2007-12-29 18:35 45,768 --a------ C:\Windows\System32\drivers\MiniIcpt.sys
    2007-12-29 18:35 . 2007-12-29 18:35 41,928 --a------ C:\Windows\System32\drivers\GDTdiIcpt.sys
    2007-12-29 18:35 . 2007-09-11 03:17 39,880 --a------ C:\Windows\System32\drivers\gdwfpcd32.sys
    2007-12-29 18:35 . 2007-12-29 18:35 32,200 --a------ C:\Windows\System32\drivers\HookCentre.sys
    2007-12-29 18:32 . 2007-12-29 18:35 <REP> d-------- C:\Program Files\G DATA TotalCare
    2007-12-29 18:32 . 2007-12-29 18:35 <REP> d-------- C:\Program Files\Common Files\G DATA
    2007-12-26 20:54 . 2007-12-26 20:55 <REP> d-------- C:\Users\bronzes\sauvegarde cle usb
    2007-12-26 12:21 . 2007-12-28 18:12 <REP> d-------- C:\Temp\071107

    .
    (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2008-01-14 19:52 --------- d-----w C:\Program Files\Google
    2008-01-14 17:02 --------- d-----w C:\Program Files\RayV
    2008-01-12 23:58 --------- d-----w C:\Users\bronzes\AppData\Roaming\Skype
    2008-01-10 06:13 --------- d-----w C:\Program Files\Windows Sidebar
    2007-12-29 17:32 --------- d--h--w C:\Program Files\InstallShield Installation Information
    2007-12-29 17:28 --------- d-----w C:\ProgramData\Symantec
    2007-12-29 17:28 --------- d-----w C:\Program Files\Common Files\Symantec Shared
    2007-12-13 06:13 1,327,104 ----a-w C:\Windows\System32\quartz.dll
    2007-12-13 06:12 9,728 ----a-w C:\Windows\System32\LAPRXY.DLL
    2007-12-13 06:12 223,232 ----a-w C:\Windows\System32\WMASF.DLL
    2007-12-13 06:11 56,320 ----a-w C:\Windows\System32\iesetup.dll
    2007-12-13 06:11 52,736 ----a-w C:\Windows\AppPatch\iebrshim.dll
    2007-12-13 06:11 26,624 ----a-w C:\Windows\System32\ieUnatt.exe
    2007-12-13 06:10 84,992 ----a-w C:\Windows\system32\drivers\srvnet.sys
    2007-12-13 06:10 58,368 ----a-w C:\Windows\system32\drivers\mrxsmb20.sys
    2007-12-13 06:10 130,048 ----a-w C:\Windows\system32\drivers\srv2.sys
    2007-12-13 06:10 101,888 ----a-w C:\Windows\system32\drivers\mrxsmb.sys
    2007-12-13 06:09 3,504,824 ----a-w C:\Windows\System32\ntkrnlpa.exe
    2007-12-13 06:09 3,470,520 ----a-w C:\Windows\System32\ntoskrnl.exe
    2007-11-23 20:35 --------- d-----w C:\Program Files\scilab-4.1.2
    2007-11-18 14:28 --------- d-----w C:\Users\bronzes\AppData\Roaming\fltk.org
    2007-08-16 17:11 278,528 ----a-w C:\Program Files\Common Files\FDEUnInstaller.exe
    2006-11-02 12:50 174 --sha-w C:\Program Files\desktop.ini
    2007-08-26 20:57 16,384 --sha-w C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
    2007-08-26 20:57 32,768 --sha-w C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
    2007-08-26 20:57 16,384 --sha-w C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
    .

    ((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    REGEDIT4
    *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe" [2008-01-10 07:05 1232896]
    "TOSCDSPD"="C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe" [2007-05-16 09:32 435768]
    "ehTray.exe"="C:\Windows\ehome\ehTray.exe" [2006-11-02 13:35 125440]
    "MsnMsgr"="C:\Program Files\MSN Messenger\MsnMsgr.exe" [2007-01-19 11:55 5674352]
    "RayV"="C:\Program Files\RayV\RayV\RayV.exe" [ ]
    "dcltqby"="c:\users\bronzes\appdata\local\dcltqby.exe" [ ]
    "WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [2006-11-02 13:36 201728]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "Windows Defender"="C:\Program Files\Windows Defender\MSASCui.exe" [2007-06-01 09:21 1006264]
    "IgfxTray"="C:\Windows\system32\igfxtray.exe" [2007-04-04 14:26 138008]
    "HotKeysCmds"="C:\Windows\system32\hkcmd.exe" [2007-04-04 14:26 154392]
    "Persistence"="C:\Windows\system32\igfxpers.exe" [2007-04-04 14:26 133912]
    "SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [2007-04-13 15:19 861744]
    "NDSTray.exe"="NDSTray.exe" []
    "topi"="C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe" [2007-04-02 11:48 577536]
    "Desktop SMS"="C:\Program Files\IDM\Desktop SMS\DesktopSMS.exe" [2007-01-19 12:25 1507328]
    "Toshiba Registration"="C:\Program Files\Toshiba\Registration\ToshibaRegistration.exe" [2007-05-04 12:05 571024]
    "SystrayORAHSS"="C:\Program Files\OrangeHSS\Systray\SystrayApp.exe" [2006-12-12 18:16 90112]
    "NeroFilterCheck"="C:\Windows\system32\NeroCheck.exe" [2001-07-09 09:50 155648]
    "tsnpstd"="C:\Windows\tsnpstd.exe" [ ]
    "snpstd2"="C:\Windows\vsnpstd2.exe" [2007-04-13 12:52 307200]
    "GDFirewallTray"="C:\Program Files\G DATA TotalCare\Firewall\GDFirewallTray.exe" [2007-09-27 14:14 1185448]
    "AVKTray"="C:\Program Files\G DATA TotalCare\AVKTray\AVKTray.exe" [2007-10-02 10:49 607816]

    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\
    G DATA Firewall Tray.lnk - C:\Program Files\G DATA TotalCare\Firewall\GDFirewallTray.exe [2007-12-29 18:35:24]
    Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office\OSA9.EXE [1999-02-17 21:05:56]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
    "LoadAppInit_DLLs"=0 (0x0)

    R0 tos_sps32;TOSHIBA tos_sps32 Service;C:\Windows\system32\DRIVERS\tos_sps32.sys [2007-04-27 19:13]
    R1 gdwfpcd;G DATA WFP CD;C:\Windows\system32\DRIVERS\gdwfpcd32.sys [2007-09-11 03:17]
    R2 ASLDRService;ASLDR Service;C:\Program Files\ATK Hotkey\ASLDRSrv.exe [2007-02-05 17:13]
    R2 AVKProxy;G DATA AntiVirus Proxy;"C:\Program Files\Common Files\G DATA\AVKProxy\AVKProxy.exe" [2007-10-02 14:23]
    R2 AVKService;G DATA Scheduler;C:\Program Files\G DATA TotalCare\AVK\AVKService.exe [2007-09-27 16:10]
    R2 AVKWCtl;Gardien d'AntiVirus;C:\Program Files\G DATA TotalCare\AVK\AVKWCtl.exe [2007-10-02 10:52]
    R2 GDTdiInterceptor;GDTdiInterceptor;C:\Windows\system32\drivers\GDTdiIcpt.sys [2007-12-29 18:35]
    R2 TNaviSrv;TOSHIBA Navi Support Service;C:\Program Files\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe [2007-04-27 19:15]
    R3 athr;Atheros Extensible Wireless LAN device driver;C:\Windows\system32\DRIVERS\athr.sys [2007-02-28 17:04]
    R3 GDFwSvc;Pare-feu personnel G DATA;C:\Program Files\G DATA TotalCare\Firewall\GDFwSvc.exe [2007-08-15 08:19]
    R3 GDMnIcpt;GDMnIcpt;C:\Windows\system32\drivers\MiniIcpt.sys [2007-12-29 18:35]
    R3 GDPkIcpt;GDPkIcpt;C:\Windows\system32\drivers\PktIcpt.sys [2007-12-29 18:36]
    R3 HookCentre;HookCentre;C:\Windows\system32\drivers\HookCentre.sys [2007-12-29 18:35]
    R3 igfx;igfx;C:\Windows\system32\DRIVERS\igdkmd32.sys [2007-03-30 10:57]
    R3 snpstd2;USB PC Camera (SN9C103);C:\Windows\system32\DRIVERS\snpstd2.sys [2007-03-29 13:57]
    R3 tdcmdpst;TOSHIBA Writing Engine Filter Driver;C:\Windows\system32\DRIVERS\tdcmdpst.sys [2006-10-18 11:50]
    S3 G DATA Tuner Service;G DATA Tuner Service;C:\Program Files\G DATA TotalCare\AVKTuner\AVKTunerService.exe [2007-10-02 10:48]
    S3 PCAMp50;PCAMp50 NDIS Protocol Driver;C:\Windows\system32\Drivers\PCAMp50.sys [2006-11-28 20:46]
    S3 PCASp50;PCASp50 NDIS Protocol Driver;C:\Windows\system32\Drivers\PCASp50.sys [2006-11-28 20:46]
    S3 SQLWriter;SQL Server VSS Writer;"C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe" [2005-10-14 02:53]
    S4 KR10I;KR10I;C:\Windows\system32\drivers\kr10i.sys [2007-01-18 15:40]
    S4 KR10N;KR10N;C:\Windows\system32\drivers\kr10n.sys [2007-01-18 15:47]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
    LocalSystemNetworkRestricted REG_MULTI_SZ hidserv UxSms WdiSystemHost Netman trkwks AudioEndpointBuilder WUDFSvc irmon sysmain IPBusEnum dot3svc PcaSvc EMDMgmt TabletInputService wlansvc WPDBusEnum

    *Newly Created Service* - PROCEXP90
    .
    Contenu du dossier 'Scheduled Tasks/Tâches planifiées'
    "2008-01-15 22:06:17 C:\Windows\Tasks\User_Feed_Synchronization-{76A09EDA-EAAA-4334-BBCB-566A29C6161B}.job"
    - C:\Windows\system32\msfeedssync.exe
    .
    **************************************************************************

    catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2008-01-16 19:37:30
    Windows 6.0.6000 NTFS

    scanning hidden processes ...

    scanning hidden autostart entries ...

    HKCU\Software\Microsoft\Windows\CurrentVersion\Run
    TOSCDSPD = C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe?/i????????G?>??X?Q???Q???Q???Q?

    scanning hidden files ...

    scan completed successfully
    hidden files: 0

    **************************************************************************
    .
    Completion time: 2008-01-16 19:38:56
    ComboFix-quarantined-files.txt 2008-01-16 18:38:49
    .
    2008-01-16 16:33:22 --- E O F ---
    a b 8 Sécurité
    16 Janvier 2008 21:33:37

    Reposte un rapport Hijackthis.
    16 Janvier 2008 21:34:57

    voila
    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 21:34:38, on 16/01/2008
    Platform: Windows Vista (WinNT 6.00.1904)
    MSIE: Internet Explorer v7.00 (7.00.6000.16575)
    Boot mode: Normal

    Running processes:
    C:\Windows\system32\Dwm.exe
    C:\Windows\system32\taskeng.exe
    C:\Windows\Explorer.EXE
    C:\Program Files\Windows Defender\MSASCui.exe
    C:\Windows\System32\igfxtray.exe
    C:\Windows\System32\hkcmd.exe
    C:\Windows\System32\igfxpers.exe
    C:\Windows\system32\igfxsrvc.exe
    C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe
    C:\Program Files\TOSHIBA\Toshiba Online Product Information\TOPI.exe
    C:\Program Files\IDM\Desktop SMS\DesktopSMS.exe
    C:\Program Files\OrangeHSS\Systray\SystrayApp.exe
    C:\Windows\vsnpstd2.exe
    C:\Program Files\G DATA TotalCare\Firewall\GDFirewallTray.exe
    C:\Program Files\G DATA TotalCare\AVKTray\AVKTray.exe
    C:\Program Files\Windows Sidebar\sidebar.exe
    C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe
    C:\Windows\ehome\ehtray.exe
    C:\Program Files\MSN Messenger\msnmsgr.exe
    C:\Program Files\Windows Media Player\wmpnscfg.exe
    C:\Windows\ehome\ehmsas.exe
    C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\AlertModule\0\AlertModule.exe
    C:\Program Files\Windows Mail\WinMail.exe
    C:\Windows\system32\mdm.exe
    C:\Program Files\TOSHIBA\ConfigFree\CFSwMgr.exe
    C:\Program Files\Internet Explorer\ieuser.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Windows\system32\Macromed\Flash\FlashUtil9d.exe
    C:\Users\bronzes\Downloads\temp\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.fr/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = proxy.minesdedouai.fr:9090
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    O1 - Hosts: ::1 localhost
    O2 - BHO: G DATA WebFilter Class - {0124123D-61B4-456f-AF86-78C53A0790C5} - C:\Program Files\G DATA TotalCare\Webfilter\AvkWebIE.dll
    O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Ask Search Assistant BHO - {9CB65201-89C4-402c-BA80-02D8C59F9B1D} - C:\Program Files\AskTBar\SrchAstt\1.bin\A5SRCHAS.DLL (file missing)
    O3 - Toolbar: G DATA WebFilter - {0124123D-61B4-456f-AF86-78C53A0790C5} - C:\Program Files\G DATA TotalCare\Webfilter\AvkWebIE.dll
    O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
    O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
    O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
    O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
    O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe
    O4 - HKLM\..\Run: [topi] C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe -startup
    O4 - HKLM\..\Run: [Desktop SMS] C:\Program Files\IDM\Desktop SMS\DesktopSMS.exe /auto
    O4 - HKLM\..\Run: [Toshiba Registration] C:\Program Files\Toshiba\Registration\ToshibaRegistration.exe
    O4 - HKLM\..\Run: [SystrayORAHSS] "C:\Program Files\OrangeHSS\Systray\SystrayApp.exe"
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\Windows\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [tsnpstd] C:\Windows\tsnpstd.exe
    O4 - HKLM\..\Run: [snpstd2] C:\Windows\vsnpstd2.exe
    O4 - HKLM\..\Run: [GDFirewallTray] C:\Program Files\G DATA TotalCare\Firewall\GDFirewallTray.exe
    O4 - HKLM\..\Run: [AVKTray] "C:\Program Files\G DATA TotalCare\AVKTray\AVKTray.exe"
    O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
    O4 - HKCU\..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe
    O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [RayV] C:\Program Files\RayV\RayV\RayV.exe /background
    O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
    O4 - Global Startup: G DATA Firewall Tray.lnk = ?
    O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\npjpi160.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\npjpi160.dll
    O9 - Extra button: eBay - Achetez, Vendez - {76577871-04EC-495E-A12B-91F7C3600AFA} - http://rover.ebay.com/rover/1/709-44555-9400-3/4 (file missing)
    O9 - Extra button: Amazon.fr - {8A918C1D-E123-4E36-B562-5C1519E434CE} - http://www.amazon.fr/exec/obidos/redirect-home?tag=Tosh... (file missing)
    O13 - Gopher Prefix:
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
    O17 - HKLM\System\CCS\Services\Tcpip\..\{F2D76B1A-CA49-448E-9A3E-4EE5F8485CB1}: NameServer = 10.200.2.2
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
    O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe
    O23 - Service: ASLDR Service (ASLDRService) - Unknown owner - C:\Program Files\ATK Hotkey\ASLDRSrv.exe
    O23 - Service: G DATA AntiVirus Proxy (AVKProxy) - G DATA Software AG - C:\Program Files\Common Files\G DATA\AVKProxy\AVKProxy.exe
    O23 - Service: G DATA Scheduler (AVKService) - G DATA Software AG - C:\Program Files\G DATA TotalCare\AVK\AVKService.exe
    O23 - Service: Gardien d'AntiVirus (AVKWCtl) - G DATA Software AG - C:\Program Files\G DATA TotalCare\AVK\AVKWCtl.exe
    O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
    O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
    O23 - Service: G DATA Tuner Service - G DATA Software AG - C:\Program Files\G DATA TotalCare\AVKTuner\AVKTunerService.exe
    O23 - Service: Pare-feu personnel G DATA (GDFwSvc) - G DATA Software AG - C:\Program Files\G DATA TotalCare\Firewall\GDFwSvc.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
    O23 - Service: STI Simulator - Unknown owner - C:\Windows\System32\PAStiSvc.exe
    O23 - Service: TOSHIBA Navi Support Service (TNaviSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe
    O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - TOSHIBA Corporation - C:\Windows\system32\TODDSrv.exe
    O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe

    --
    End of file - 7516 bytes
    a b 8 Sécurité
    16 Janvier 2008 21:57:04

    Mieux ?
    16 Janvier 2008 22:02:26

    oui carrément, plus rapide merci beaucoup, j'ai perdu une connexion internet, cela peut venir du nettoyage
    a b 8 Sécurité
    16 Janvier 2008 22:22:58

    Tu ne l'as pas récupéré ?
    16 Janvier 2008 22:31:02

    en fait je suis sur une autre connexion , la box sur laquelle je l'ai perdue est ds une chambre d'un etudiant qui n'est pas présent en ce moment, suffirait il de la relancer.
    merci encore vraiment fort
    16 Janvier 2008 23:30:49

    j'ai un message d'erreur '::{2559A1F4-21D7-11D4-BDAF-00C04F60B9F0}'est introuvable. Vérifiez que le chemin d'acces ou l'adresse internet sont corrects, or je suis certain des parametres
    16 Janvier 2008 23:49:52

    bon c bon sa refonctionne mais je ne sais pas pourquoi, j'airemis les parametres de com cela refonctione merci beaucoup, bonne journée
    a b 8 Sécurité
    17 Janvier 2008 19:01:13

    Reposte un rapport Hijackthis.
    17 Janvier 2008 19:30:24

    bonsoir, en tous cas je n'ai plus de pub et c plus rapide


    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 19:29:45, on 17/01/2008
    Platform: Windows Vista (WinNT 6.00.1904)
    MSIE: Internet Explorer v7.00 (7.00.6000.16575)
    Boot mode: Normal

    Running processes:
    C:\Windows\system32\Dwm.exe
    C:\Windows\system32\taskeng.exe
    C:\Windows\Explorer.EXE
    C:\Program Files\Windows Defender\MSASCui.exe
    C:\Windows\System32\igfxtray.exe
    C:\Windows\System32\hkcmd.exe
    C:\Windows\System32\igfxpers.exe
    C:\Windows\system32\igfxsrvc.exe
    C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe
    C:\Program Files\TOSHIBA\Toshiba Online Product Information\TOPI.exe
    C:\Program Files\IDM\Desktop SMS\DesktopSMS.exe
    C:\Program Files\OrangeHSS\Systray\SystrayApp.exe
    C:\Windows\vsnpstd2.exe
    C:\Program Files\G DATA TotalCare\Firewall\GDFirewallTray.exe
    C:\Program Files\G DATA TotalCare\AVKTray\AVKTray.exe
    C:\Program Files\Windows Sidebar\sidebar.exe
    C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe
    C:\Windows\ehome\ehtray.exe
    C:\Program Files\MSN Messenger\msnmsgr.exe
    C:\Program Files\Windows Media Player\wmpnscfg.exe
    C:\Windows\ehome\ehmsas.exe
    C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\AlertModule\0\AlertModule.exe
    C:\Windows\system32\mdm.exe
    C:\Program Files\TOSHIBA\ConfigFree\CFSwMgr.exe
    C:\Program Files\Windows Mail\WinMail.exe
    C:\Program Files\Internet Explorer\IEUser.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Windows\system32\Macromed\Flash\FlashUtil9d.exe
    C:\Users\bronzes\Downloads\temp\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.fr/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = proxy.minesdedouai.fr:9090
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    O1 - Hosts: ::1 localhost
    O2 - BHO: G DATA WebFilter Class - {0124123D-61B4-456f-AF86-78C53A0790C5} - C:\Program Files\G DATA TotalCare\Webfilter\AvkWebIE.dll
    O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Ask Search Assistant BHO - {9CB65201-89C4-402c-BA80-02D8C59F9B1D} - C:\Program Files\AskTBar\SrchAstt\1.bin\A5SRCHAS.DLL (file missing)
    O3 - Toolbar: G DATA WebFilter - {0124123D-61B4-456f-AF86-78C53A0790C5} - C:\Program Files\G DATA TotalCare\Webfilter\AvkWebIE.dll
    O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
    O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
    O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
    O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
    O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe
    O4 - HKLM\..\Run: [topi] C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe -startup
    O4 - HKLM\..\Run: [Desktop SMS] C:\Program Files\IDM\Desktop SMS\DesktopSMS.exe /auto
    O4 - HKLM\..\Run: [Toshiba Registration] C:\Program Files\Toshiba\Registration\ToshibaRegistration.exe
    O4 - HKLM\..\Run: [SystrayORAHSS] "C:\Program Files\OrangeHSS\Systray\SystrayApp.exe"
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\Windows\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [tsnpstd] C:\Windows\tsnpstd.exe
    O4 - HKLM\..\Run: [snpstd2] C:\Windows\vsnpstd2.exe
    O4 - HKLM\..\Run: [GDFirewallTray] C:\Program Files\G DATA TotalCare\Firewall\GDFirewallTray.exe
    O4 - HKLM\..\Run: [AVKTray] "C:\Program Files\G DATA TotalCare\AVKTray\AVKTray.exe"
    O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
    O4 - HKCU\..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe
    O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [RayV] C:\Program Files\RayV\RayV\RayV.exe /background
    O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
    O4 - Global Startup: G DATA Firewall Tray.lnk = ?
    O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\npjpi160.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\npjpi160.dll
    O9 - Extra button: eBay - Achetez, Vendez - {76577871-04EC-495E-A12B-91F7C3600AFA} - http://rover.ebay.com/rover/1/709-44555-9400-3/4 (file missing)
    O9 - Extra button: Amazon.fr - {8A918C1D-E123-4E36-B562-5C1519E434CE} - http://www.amazon.fr/exec/obidos/redirect-home?tag=Tosh... (file missing)
    O13 - Gopher Prefix:
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
    O17 - HKLM\System\CCS\Services\Tcpip\..\{F2D76B1A-CA49-448E-9A3E-4EE5F8485CB1}: NameServer = 182.168.1.1
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
    O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe
    O23 - Service: ASLDR Service (ASLDRService) - Unknown owner - C:\Program Files\ATK Hotkey\ASLDRSrv.exe
    O23 - Service: G DATA AntiVirus Proxy (AVKProxy) - G DATA Software AG - C:\Program Files\Common Files\G DATA\AVKProxy\AVKProxy.exe
    O23 - Service: G DATA Scheduler (AVKService) - G DATA Software AG - C:\Program Files\G DATA TotalCare\AVK\AVKService.exe
    O23 - Service: Gardien d'AntiVirus (AVKWCtl) - G DATA Software AG - C:\Program Files\G DATA TotalCare\AVK\AVKWCtl.exe
    O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
    O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
    O23 - Service: G DATA Tuner Service - G DATA Software AG - C:\Program Files\G DATA TotalCare\AVKTuner\AVKTunerService.exe
    O23 - Service: Pare-feu personnel G DATA (GDFwSvc) - G DATA Software AG - C:\Program Files\G DATA TotalCare\Firewall\GDFwSvc.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
    O23 - Service: STI Simulator - Unknown owner - C:\Windows\System32\PAStiSvc.exe
    O23 - Service: TOSHIBA Navi Support Service (TNaviSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe
    O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - TOSHIBA Corporation - C:\Windows\system32\TODDSrv.exe
    O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe

    --
    End of file - 7517 bytes
    a b 8 Sécurité
    17 Janvier 2008 19:46:56

    Il laisse rien faire ton antivirus :D 
    17 Janvier 2008 19:48:47

    ah bon et pourquoi je n'est plus de pub
    a b 8 Sécurité
    17 Janvier 2008 20:20:19

    Combofix a quand même réussit à enlever le gros.
    17 Janvier 2008 20:31:06

    ok et le reste c quoi, on laisse comme cela ou pas, en tout cas bravo tu avais fait la meme chose sur le pc bureautique de chez moi, depuis impec.
    merci
    a b 8 Sécurité
    17 Janvier 2008 20:34:14

    Ok ;) 
    Tom's guide dans le monde
    • Allemagne
    • Italie
    • Irlande
    • Royaume Uni
    • Etats Unis
    Suivre Tom's Guide
    Inscrivez-vous à la Newsletter
    • ajouter à twitter
    • ajouter à facebook
    • ajouter un flux RSS