ok voila le rapport combofix, je te fais suivre celui d'hijackthis, merci
ComboFix 08-05-25.5 - bob2 2008-05-27 0:27:09.1 - NTFSx86 NETWORK
Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.280 [GMT 2:00]
Endroit: C:\Documents and Settings\bob2\Mes documents\telechargement\ComboFix.exe
[color=red][b]AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !!
/b/color
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\WINDOWS\system32\{26B07615-FDD9-48A3-B836-EB2D7BE37B89}.exe
C:\WINDOWS\system32\{4744E7EB-B3E2-4E56-A6CB-746C06B2D871}.exe
C:\WINDOWS\system32\{62C58646-6FA6-4B0F-9A20-2803F5BF4FC9}.exe
C:\WINDOWS\system32\{681BC07D-3E60-44EC-A45C-BCDD6A2A04AD}.exe
C:\WINDOWS\system32\{765C5B16-B237-44EC-B462-F3F81970A1F7}.exe
C:\WINDOWS\system32\{7BF02A4B-B078-453B-BE5C-CA0ED420CB85}.exe
C:\WINDOWS\system32\{8331D05A-7E21-4433-AB8B-815638E8C75A}.exe
C:\WINDOWS\system32\{861A7A16-9BCB-43ED-B201-9AC1C58693C1}.exe
C:\WINDOWS\system32\{DA997B64-BB48-4C45-BE07-6E2ABC1D99F5}.exe
C:\WINDOWS\system32\{DC90A256-6BBA-4A68-A535-B9D7F3AEC8E4}.exe
C:\WINDOWS\winhelp.ini
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Legacy_NWSAPAGENT
-------\Service_NwSapAgent
((((((((((((((((((((((((((((( Fichiers cr‚‚s 2008-04-26 to 2008-05-26 ))))))))))))))))))))))))))))))))))))
.
2008-05-26 11:27 . 2008-05-26 11:27 <REP> d----c--- C:\Program Files\Defenza
2008-05-26 11:27 . 1996-08-20 20:37 15,840 --a--c--- C:\WINDOWS\system32\Machnm1.exe
2008-05-26 11:27 . 2005-09-25 16:37 5,632 --a--c--- C:\WINDOWS\system32\Machnm64.sys
2008-05-26 11:27 . 2008-05-26 11:27 3,120 --a--c--- C:\WINDOWS\system32\118290.54
2008-05-26 11:27 . 2008-05-26 11:27 3,120 --a--c--- C:\WINDOWS\118294.78
2008-05-26 11:27 . 2003-08-13 00:27 2,304 --a--c--- C:\WINDOWS\system32\Machnm32.sys
2008-05-26 01:38 . 2008-05-26 07:20 <REP> d----c--- C:\Program Files\a-squared Anti-Malware
2008-05-25 23:31 . 2008-05-25 23:31 <REP> d----c--- C:\WINDOWS\system32\drivers\Avg
2008-05-25 23:31 . 2008-05-25 23:31 <REP> d----c--- C:\Documents and Settings\bob2\Application Data\AVGTOOLBAR
2008-05-25 23:31 . 2008-05-25 23:31 96,520 --a--c--- C:\WINDOWS\system32\drivers\avgldx86.sys
2008-05-25 23:31 . 2008-05-25 23:31 75,272 --a--c--- C:\WINDOWS\system32\drivers\avgtdix.sys
2008-05-25 23:31 . 2008-05-25 23:31 12,424 --a--c--- C:\WINDOWS\system32\drivers\avgrkx86.sys
2008-05-25 23:31 . 2008-05-25 23:31 10,520 --a--c--- C:\WINDOWS\system32\avgrsstx.dll
2008-05-25 23:23 . 2008-05-25 23:23 <REP> d----c--- C:\Program Files\AVG
2008-05-25 23:23 . 2008-05-26 01:13 <REP> d----c--- C:\Documents and Settings\All Users\Application Data\avg8
2008-05-25 23:23 . 2008-05-25 23:23 45,568 --a--c--- C:\WINDOWS\system32\avgfwdx.dll
2008-05-25 23:23 . 2008-05-25 23:23 22,528 --a--c--- C:\WINDOWS\system32\drivers\avgfwdx.sys
2008-05-25 22:39 . 2008-05-25 22:39 <REP> d----c--- C:\Documents and Settings\bob2\Application Data\TuneUp Software
2008-05-25 22:39 . 2008-05-25 22:39 <REP> d----c--- C:\Documents and Settings\All Users\Application Data\TuneUp Software
2008-05-25 22:38 . 2008-05-26 01:19 <REP> d----c--- C:\Program Files\TuneUp Utilities 2008
2008-05-25 15:54 . 2008-05-05 20:46 27,048 --a--c--- C:\WINDOWS\system32\drivers\mbamcatchme.sys
2008-05-25 15:54 . 2008-05-05 20:46 15,864 --a--c--- C:\WINDOWS\system32\drivers\mbam.sys
2008-05-24 12:12 . 2008-05-24 12:12 <REP> d----c--- C:\Documents and Settings\bob2\Application Data\TmpRecentIcons
2008-05-24 11:06 . 2008-05-24 10:34 253,952 --a--c--- C:\WINDOWS\vregfwlx.dll
2008-05-24 11:06 . 2008-05-24 10:34 221,184 --a--c--- C:\WINDOWS\boqnrwdmtwm.dll
2008-05-24 11:06 . 2008-05-24 10:34 159,744 --a--c--- C:\WINDOWS\enrx.exe
2008-05-24 11:06 . 2008-05-24 10:34 94,208 --a--c--- C:\WINDOWS\xmpstean.exe
2008-05-17 00:51 . 2008-05-25 22:07 <REP> d----c--- C:\Program Files\MSNFix
2008-05-17 00:45 . 2008-05-17 00:45 244 --ah-c--- C:\sqmnoopt18.sqm
2008-05-17 00:45 . 2008-05-17 00:45 232 --ah-c--- C:\sqmdata18.sqm
2008-05-04 02:58 . 2008-05-04 02:58 <REP> d----c--- C:\WINDOWS\system32\Kaspersky Lab
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-05-26 22:25 --------- dc--a-w C:\Documents and Settings\All Users\Application Data\TEMP
2008-05-26 09:27 --------- dc-h--w C:\Program Files\InstallShield Installation Information
2008-05-26 07:59 --------- dc----w C:\Program Files\Spyware Doctor
2008-05-25 23:55 --------- dc----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-05-25 23:54 --------- dc----w C:\Program Files\Spybot - Search & Destroy
2008-05-25 22:18 --------- dc----w C:\Program Files\Yahoo!
2008-05-25 20:36 --------- dc----w C:\Program Files\Fichiers communs\Wise Installation Wizard
2008-05-25 13:57 --------- dc----w C:\Program Files\Malwarebytes' Anti-Malware
2008-05-25 09:41 --------- dc----w C:\Documents and Settings\All Users\Application Data\ATI MMC
2008-05-24 18:36 --------- dc----w C:\Program Files\Ghost Navigator2_8_2
2008-05-24 18:13 --------- dc----w C:\Program Files\Panda Security
2008-05-05 00:23 --------- dc----w C:\Program Files\YesMessenger
2008-05-03 23:54 --------- dc----w C:\Documents and Settings\bob2\Application Data\ma-config.com
2008-04-25 02:57 65,536 ----a-w C:\WINDOWS\DUMP2e63.tmp
2008-04-20 21:52 --------- dc----w C:\Documents and Settings\bob2\Application Data\Malwarebytes
2008-04-20 21:52 --------- dc----w C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-04-19 21:07 --------- dc----w C:\Program Files\Avira
2008-04-19 21:07 --------- dc----w C:\Documents and Settings\All Users\Application Data\Avira
2008-04-19 16:36 65,536 ----a-w C:\WINDOWS\DUMP66f7.tmp
2008-04-19 16:34 65,536 ----a-w C:\WINDOWS\DUMP40a2.tmp
2008-04-19 16:32 65,536 ----a-w C:\WINDOWS\DUMP2ea1.tmp
2008-04-19 16:29 65,536 ----a-w C:\WINDOWS\DUMP3f89.tmp
2008-04-19 16:23 65,536 ----a-w C:\WINDOWS\DUMP42d5.tmp
2008-04-19 16:12 65,536 ----a-w C:\WINDOWS\DUMP3f4b.tmp
2008-04-19 16:10 65,536 ----a-w C:\WINDOWS\DUMP3047.tmp
2008-04-19 16:08 65,536 ----a-w C:\WINDOWS\DUMP3ba1.tmp
2008-04-19 15:52 65,536 ----a-w C:\WINDOWS\DUMP2eb2.tmp
2008-04-19 15:51 65,536 ----a-w C:\WINDOWS\DUMP2ec0.tmp
2008-04-19 15:50 65,536 ----a-w C:\WINDOWS\DUMP2f4d.tmp
2008-04-19 15:49 65,536 ----a-w C:\WINDOWS\DUMP30d4.tmp
2008-04-19 15:48 65,536 ----a-w C:\WINDOWS\DUMP4006.tmp
2008-04-19 15:47 65,536 ----a-w C:\WINDOWS\DUMP3028.tmp
2008-04-19 15:46 65,536 ----a-w C:\WINDOWS\DUMP2e14.tmp
2008-04-19 15:43 65,536 ----a-w C:\WINDOWS\DUMP2eb1.tmp
2008-04-19 15:42 65,536 ----a-w C:\WINDOWS\DUMP2e72.tmp
2008-04-19 15:41 65,536 ----a-w C:\WINDOWS\DUMP2f2e.tmp
2008-04-19 15:40 65,536 ----a-w C:\WINDOWS\DUMP30e3.tmp
2008-04-19 15:39 65,536 ----a-w C:\WINDOWS\DUMP2e24.tmp
2008-04-19 15:38 65,536 ----a-w C:\WINDOWS\DUMP2eff.tmp
2008-04-19 15:37 65,536 ----a-w C:\WINDOWS\DUMP2ee0.tmp
2008-04-19 15:36 65,536 ----a-w C:\WINDOWS\DUMP2dc6.tmp
2008-04-19 15:34 65,536 ----a-w C:\WINDOWS\DUMP2f5d.tmp
2008-04-19 13:33 65,536 ----a-w C:\WINDOWS\DUMP2f8b.tmp
2008-04-10 22:22 --------- dc----w C:\Documents and Settings\bob2\Application Data\PC Tools
2008-04-10 22:14 --------- dc----w C:\Program Files\ABBYY PDF Transformer 2.0
2008-04-08 20:49 --------- dc----w C:\Documents and Settings\All Users\Application Data\ABBYY
2008-04-08 15:04 --------- dcsh--w C:\Program Files\Fichiers communs\WindowsLiveInstaller
2008-04-08 14:55 --------- dc----w C:\Documents and Settings\All Users\Application Data\WLInstaller
2008-04-08 09:52 --------- dc----w C:\Program Files\MUSK Codec Pack v5
2008-04-07 22:41 --------- dc----w C:\Program Files\Java
2008-04-07 22:25 --------- dc----w C:\Program Files\Fichiers communs\Adobe
2008-03-12 01:15 691,545 -c--a-w C:\WINDOWS\unins000.exe
2007-08-02 23:47 4,010 -c--a-w C:\Documents and Settings\bob2\Application Data\wklnhst.dat
2004-08-05 12:00 65,024 --sha-w C:\WINDOWS\system32\asycfilt.dll
2006-08-25 15:51 617,472 --sha-w C:\WINDOWS\system32\comctl32.dll
2004-08-05 12:00 1,028,096 --sha-w C:\WINDOWS\system32\mfc42.dll
2004-08-05 12:00 57,344 --sha-w C:\WINDOWS\system32\mfc42loc.dll
1995-09-20 15:16 35,088 -csha-w C:\WINDOWS\system32\msjint32.dll
1995-09-20 15:13 977,680 -csha-w C:\WINDOWS\system32\msjt3032.dll
1995-09-20 15:16 23,824 -csha-w C:\WINDOWS\system32\msjter32.dll
2004-08-05 12:00 413,696 --sha-w C:\WINDOWS\system32\msvcp60.dll
2004-08-05 12:00 343,040 --sha-w C:\WINDOWS\system32\msvcrt.dll
2004-08-05 12:00 253,952 -csha-w C:\WINDOWS\system32\msvcrt20.dll
2007-12-04 18:41 550,912 -csha-w C:\WINDOWS\system32\oleaut32.dll
2004-08-05 12:00 83,456 --sha-w C:\WINDOWS\system32\olepro32.dll
2004-08-05 12:00 30,749 -csha-w C:\WINDOWS\system32\vbajet32.dll
1995-09-24 10:02 243,472 -csha-w C:\WINDOWS\system32\vbar2232.dll
2007-12-21 15:43 16,384 -csha-w C:\WINDOWS\system32\config\systemprofile\Cookies\index.dat
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les ‚l‚ments vides & les ‚l‚ments initiaux l‚gitimes ne sont pas list‚s
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{25CEE8EC-5730-41bc-8B58-22DDC8AB8C20}]
2007-12-13 18:49 1185120 --a--c--- C:\Program Files\Winamp Toolbar\winamptb.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A057A204-BACC-4D26-9990-79A187E2698E}]
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{FCE2B5F9-602F-4637-939D-004B97512F9E}]
2008-05-24 10:34 221184 --a--c--- C:\WINDOWS\boqnrwdmtwm.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{EBF2BA02-9094-4C5A-858B-BB198F3D8DE2}"= "C:\Program Files\Winamp Toolbar\winamptb.dll" [2007-12-13 18:49 1185120]
[HKEY_CLASSES_ROOT\clsid\{ebf2ba02-9094-4c5a-858b-bb198f3d8de2}]
[HKEY_CLASSES_ROOT\WINAMPTB.AOLToolBand.1]
[HKEY_CLASSES_ROOT\TypeLib\{538CD77C-BFDD-49b0-9562-77419CAB89D1}]
[HKEY_CLASSES_ROOT\WINAMPTB.AOLToolBand]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
"{EBF2BA02-9094-4C5A-858B-BB198F3D8DE2}"= C:\Program Files\Winamp Toolbar\winamptb.dll [2007-12-13 18:49 1185120]
[HKEY_CLASSES_ROOT\clsid\{ebf2ba02-9094-4c5a-858b-bb198f3d8de2}]
[HKEY_CLASSES_ROOT\WINAMPTB.AOLToolBand.1]
[HKEY_CLASSES_ROOT\TypeLib\{538CD77C-BFDD-49b0-9562-77419CAB89D1}]
[HKEY_CLASSES_ROOT\WINAMPTB.AOLToolBand]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ATI DeviceDetect"="C:\Program Files\ATI Multimedia\main\ATIDtct.EXE" [2004-09-27 21:52 69707]
"ATI Remote Control"="C:\Program Files\ATI Multimedia\RemCtrl\ATIRW.exe" [2004-07-08 10:49 196608]
"SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [2008-01-28 12:43 2097488]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-05 14:00 15360]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"PC Booster"="C:\Program Files\inKline Global\PC Booster\pcbooster.exe" [2007-11-30 18:16 14450688]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2004-10-07 16:24 98304]
"a-squared"="C:\Program Files\a-squared Anti-Malware\a2guard.exe" [2008-05-12 09:02 1961104]
"PCDAS"="C:\Program Files\Defenza\pcd-as.exe" [2006-12-15 10:47 1359872]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-05 14:00 15360]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoLogOff"= 0 (0x0)
"NoToolbarCustomize"= 1 (0x1)
"NoStartMenuMorePrograms"= 0 (0x0)
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
"vregfwlx"= {9A2B5FAD-919C-409A-A507-45E4B07DC4C9} - C:\WINDOWS\vregfwlx.dll [2008-05-24 10:34 253952]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=avgrsstx.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"VIDC.VCR2"= ATIVCR2.DLL
"VIDC.DRAW"= DVIDEO.DLL
"VIDC.VCR1"= ATIVCR1.DLL
"VIDC.YV12"= ATIYUV12.DLL
"VIDC.YU12"= ATIYUV12.DLL
"VIDC.PIM1"= pclepim1.dll
[HKLM\~\startupfolder\C:^Documents and Settings^bob2^Menu Démarrer^Programmes^Démarrage^YesMessenger.lnk]
path=C:\Documents and Settings\bob2\Menu Démarrer\Programmes\Démarrage\YesMessenger.lnk
backup=C:\WINDOWS\pss\YesMessenger.lnkStartup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\avgnt]
--a--c--- 2008-02-12 10:06 262401 C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
--a------ 2004-08-05 14:00 15360 C:\WINDOWS\system32\ctfmon.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FLMK08KB]
--a--c--- 2006-12-10 13:18 207360 C:\Program Files\Muiltmedia keyboard utility\1.3\MMKEYBD.EXE
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
--a--c--- 2005-12-15 12:18 49152 C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISTray]
--a--c--- 2008-02-01 11:55 1103240 C:\Program Files\Spyware Doctor\pctsTray.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
--a--c--- 2004-10-07 16:24 98304 C:\Program Files\QuickTime\qttask.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpeedTouch USB Diagnostics]
--a--c--- 2004-01-26 12:38 866816 C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer]
-rahsc--- 2008-01-28 12:43 2097488 C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
--a--c--- 2007-08-04 01:58 68856 C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"ISTray"="C:\Program Files\Spyware Doctor\pctsTray.exe"
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\WINDOWS\\system32\\LEXPPS.EXE"=
"C:\\Program Files\\Messenger\\msmsgs.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
"C:\\Program Files\\MSN Messenger\\livecall.exe"=
"C:\\Program Files\\IVT Corporation\\BlueSoleil\\BlueSoleil.exe"=
"C:\\Program Files\\NetMeeting\\conf.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqnrs08.exe"=
"C:\\WINDOWS\\system32\\fxsclnt.exe"=
"G:\\Program Files\\eMule\\emule.exe"=
"C:\\WINDOWS\\system32\\dpvsetup.exe"=
R0 AvgRkx86;avgrkx86.sys;C:\WINDOWS\system32\Drivers\avgrkx86.sys [2008-05-25 23:31]
R0 axwhisky;axwhisky;C:\WINDOWS\system32\DRIVERS\axwhisky.sys [2003-07-02 18:41]
R0 axwskbus;axwskbus;C:\WINDOWS\system32\DRIVERS\axwskbus.sys [2003-07-02 17:49]
R0 BTMgr;Bluelet Device Manager Service;C:\WINDOWS\system32\Drivers\BTMgr.sys [2002-08-21 23:53]
R3 Avgfwdx;Avgfwdx;C:\WINDOWS\system32\DRIVERS\avgfwdx.sys [2008-05-25 23:23]
R3 SWXG7031;Sweex 802.11g XG703 SP3 Driver;C:\WINDOWS\system32\DRIVERS\WlanUIG.sys [2006-01-19 09:18]
S1 AvgLdx86;AVG AVI Loader Driver x86;C:\WINDOWS\system32\Drivers\avgldx86.sys [2008-05-25 23:31]
S2 ADSLAutoconnect;ADSLAutoconnect;"C:\Program Files\ADSL Autoconnect\ADSL Autoconnect.exe" -z []
S2 avg8wd;AVG8 WatchDog;C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe [2008-05-25 23:31]
S2 avgfws8;AVG8 Firewall;C:\PROGRA~1\AVG\AVG8\avgfws8.exe []
S2 AvgTdiX;AVG8 Network Redirector;C:\WINDOWS\system32\Drivers\avgtdix.sys [2008-05-25 23:31]
S2 LogWatch;Event Log Watch;"C:\Program Files\CA\SharedComponents\CA_LIC\LogWatNT.exe" [2002-09-19 23:29]
S3 Avgfwfd;AVG network filter service;C:\WINDOWS\system32\DRIVERS\avgfwdx.sys [2008-05-25 23:23]
S3 CA_LIC_CLNT;Client de licence CA;"C:\Program Files\CA\SharedComponents\CA_LIC\lic98rmt.exe" [2002-09-19 23:27]
S3 CA_LIC_SRVR;Serveur de licence CA;"C:\Program Files\CA\SharedComponents\CA_LIC\lic98rmtd.exe" [2002-09-19 23:41]
S3 FileSpy5;BullGuard File Monitor;C:\Program Files\BullGuard Software\BullGuard 5.0\filespy5.sys [2004-10-29 17:00]
S3 IMT0521;Inmax USB IMT-0521 Smartcard Reader;C:\WINDOWS\system32\Drivers\IMT0521.sys [2003-07-11 09:50]
S3 MBAMCatchMe;MBAMCatchMe;C:\Program Files\Malwarebytes' Anti-Malware\catchme.sys [2008-03-09 17:29]
S3 PCASp50;PCASp50 NDIS Protocol Driver;C:\WINDOWS\system32\Drivers\PCASp50.sys [2005-11-19 03:13]
S3 Reconn;BullGuard Mail Monitor;C:\Program Files\BullGuard Software\BullGuard 5.0\reconn.sys [2004-09-28 18:50]
S3 SCR33X USB Smart Card Reader;SCR33X USB Smart Card Reader;C:\WINDOWS\system32\DRIVERS\SCR33X2K.sys [2003-12-03 04:22]
S3 SIS163u;SiS163 USB Wireless LAN Adapter Driver;C:\WINDOWS\system32\DRIVERS\sis163u.sys [2005-11-02 11:53]
S3 TTDec;ATI WDM Teletext Decoder;C:\WINDOWS\system32\DRIVERS\ATINTTXX.sys [2004-09-16 04:43]
S3 USB_RNDIS_51;Broadcom USB Remote NDIS Device Driver;C:\WINDOWS\system32\DRIVERS\usb8023.sys [2004-08-05 14:00]
S3 USTOR;Silver Crest Memory Adapter;C:\WINDOWS\system32\DRIVERS\UStork.sys [2004-08-17 11:07]
.
Contenu du dossier 'Scheduled Tasks/Tƒches planifi‚es'
"2008-05-26 07:00:02 C:\WINDOWS\Tasks\Maintenance en 1 clic.job"
- C:\Program Files\TuneUp Utilities 2008\OneClickStarter.exe
.
**************************************************************************
catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.net
Rootkit scan 2008-05-27 00:31:02
Windows 5.1.2600 Service Pack 2 NTFS
Balayage processus cach‚s ...
Balayage cach‚ autostart entries ...
Balayage des fichiers cach‚s ...
Scan termin‚ avec succŠs
Les fichiers cach‚s: 0
**************************************************************************
.
--------------------- DLLs a charg‚ sous des processus courants ---------------------
PROCESS: C:\WINDOWS\system32\winlogon.exe
-> C:\WINDOWS\system32\Ati2evxx.dll
-> C:\WINDOWS\system32\tsd32.dll
.
Temps d'accomplissement: 2008-05-27 0:32:37 - machine was rebooted
ComboFix-quarantined-files.txt 2008-05-26 22:32:34
Pre-Run: 6,965,874,688 octets libres
Post-Run: 6,972,993,536 octets libres
279 --- E O F --- 2008-05-17 01:04:38
SmitFraudFix v2.322
Rapport fait à 23:24:40,17, 26/05/2008
Executé à partir de C:\Documents and Settings\bob2\Bureau\SmitfraudFix
OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT
Le type du système de fichiers est NTFS
Fix executé en mode sans echec
»»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler Avant SmitFraudFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!
SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll
»»»»»»»»»»»»»»»»»»»»»»»» Arret des processus
»»»»»»»»»»»»»»»»»»»»»»»» hosts
127.0.0.1 localhost
127.0.0.1 localhost
»»»»»»»»»»»»»»»»»»»»»»»» VACFix
VACFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri
»»»»»»»»»»»»»»»»»»»»»»»» Winsock2 Fix
S!Ri's WS2Fix: LSP not Found.
»»»»»»»»»»»»»»»»»»»»»»»» Generic Renos Fix
GenericRenosFix by S!Ri
»»»»»»»»»»»»»»»»»»»»»»»» Suppression des fichiers infectés
»»»»»»»»»»»»»»»»»»»»»»»» IEDFix
IEDFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri
»»»»»»»»»»»»»»»»»»»»»»»» 404Fix
404Fix
Credits: Malware Analysis & Diagnostic
Code: S!Ri
»»»»»»»»»»»»»»»»»»»»»»»» DNS
Description: Marvell Yukon 88E8053 PCI-E Gigabit Ethernet Controller - Miniport d'ordonnancement de paquets
DNS Server Search Order: 208.67.220.220
DNS Server Search Order: 208.67.222.222
Description: Sweex WiFi LAN 140 Nitro XM - Miniport d'ordonnancement de paquets
DNS Server Search Order: 208.67.220.220
DNS Server Search Order: 208.67.222.222
Description: Sweex WiFi LAN 140 Nitro XM - Miniport d'ordonnancement de paquets
DNS Server Search Order: 208.67.220.220
DNS Server Search Order: 208.67.222.222
Description: Sweex WiFi LAN 140 Nitro XM - Miniport d'ordonnancement de paquets
DNS Server Search Order: 208.67.220.220
DNS Server Search Order: 208.67.222.222
Description: Sweex WiFi LAN 140 Nitro XM - Miniport d'ordonnancement de paquets
DNS Server Search Order: 208.67.220.220
DNS Server Search Order: 208.67.222.222
Description: Sweex WiFi LAN 140 Nitro XM - Miniport d'ordonnancement de paquets
DNS Server Search Order: 208.67.220.220
DNS Server Search Order: 208.67.222.222
HKLM\SYSTEM\CCS\Services\Tcpip\..\{0FB66FA5-FD83-4CF4-80BE-819BDECCE349}: DhcpNameServer=208.67.220.220,208.67.222.222
HKLM\SYSTEM\CCS\Services\Tcpip\..\{0FB66FA5-FD83-4CF4-80BE-819BDECCE349}: NameServer=208.67.220.220,208.67.222.222
HKLM\SYSTEM\CCS\Services\Tcpip\..\{1A393EB5-AB19-49AD-A943-320763BB5882}: NameServer=208.67.220.220,208.67.222.222
HKLM\SYSTEM\CCS\Services\Tcpip\..\{24E3BD39-E20A-4ECC-8906-58F8AF57772C}: DhcpNameServer=208.67.220.220,208.67.222.222
HKLM\SYSTEM\CCS\Services\Tcpip\..\{24E3BD39-E20A-4ECC-8906-58F8AF57772C}: NameServer=208.67.220.220,208.67.222.222
HKLM\SYSTEM\CCS\Services\Tcpip\..\{3973425E-968A-45E1-BCE3-B58D3C9AE664}: DhcpNameServer=208.67.220.220,208.67.222.222
HKLM\SYSTEM\CCS\Services\Tcpip\..\{3973425E-968A-45E1-BCE3-B58D3C9AE664}: NameServer=208.67.220.220,208.67.222.222
HKLM\SYSTEM\CCS\Services\Tcpip\..\{3CDC5F2C-C0AD-47B6-9D1A-BBD81E182F64}: DhcpNameServer=208.67.220.220,208.67.222.222
HKLM\SYSTEM\CCS\Services\Tcpip\..\{3CDC5F2C-C0AD-47B6-9D1A-BBD81E182F64}: NameServer=208.67.220.220,208.67.222.222
HKLM\SYSTEM\CCS\Services\Tcpip\..\{4378A5AC-5D23-4859-880F-3D7242F6BB3A}: DhcpNameServer=208.67.220.220,208.67.222.222
HKLM\SYSTEM\CCS\Services\Tcpip\..\{48D9C6B6-E187-4D79-B392-E4E6F038D357}: DhcpNameServer=208.67.220.220,208.67.222.222
HKLM\SYSTEM\CCS\Services\Tcpip\..\{48D9C6B6-E187-4D79-B392-E4E6F038D357}: NameServer=208.67.220.220,208.67.222.222
HKLM\SYSTEM\CCS\Services\Tcpip\..\{5503B571-761C-4FE9-A98A-CE54371106CD}: DhcpNameServer=208.67.220.220,208.67.222.222
HKLM\SYSTEM\CCS\Services\Tcpip\..\{5503B571-761C-4FE9-A98A-CE54371106CD}: NameServer=208.67.220.220,208.67.222.222
HKLM\SYSTEM\CCS\Services\Tcpip\..\{5A4F6099-F168-43C4-AA6C-0418DF81C338}: DhcpNameServer=208.67.220.220,208.67.222.222
HKLM\SYSTEM\CCS\Services\Tcpip\..\{5A4F6099-F168-43C4-AA6C-0418DF81C338}: NameServer=208.67.220.220,208.67.222.222
HKLM\SYSTEM\CCS\Services\Tcpip\..\{A4D085EA-8648-4E7A-98C7-C93CB97B92C5}: DhcpNameServer=208.67.220.220,208.67.222.222
HKLM\SYSTEM\CCS\Services\Tcpip\..\{A4D085EA-8648-4E7A-98C7-C93CB97B92C5}: NameServer=208.67.220.220,208.67.222.222
HKLM\SYSTEM\CCS\Services\Tcpip\..\{B581A6B6-2DFA-4FA9-AF78-59CA8A3FCB77}: DhcpNameServer=208.67.220.220,208.67.222.222
HKLM\SYSTEM\CCS\Services\Tcpip\..\{B581A6B6-2DFA-4FA9-AF78-59CA8A3FCB77}: NameServer=208.67.220.220,208.67.222.222
HKLM\SYSTEM\CCS\Services\Tcpip\..\{BC9B43AB-3030-411A-9F09-D15CFB559FB0}: NameServer=208.67.220.220,208.67.222.222
HKLM\SYSTEM\CCS\Services\Tcpip\..\{BF6B82C8-3F27-40CD-813F-1DB4683F271D}: DhcpNameServer=208.67.220.220,208.67.222.222
HKLM\SYSTEM\CCS\Services\Tcpip\..\{BF6B82C8-3F27-40CD-813F-1DB4683F271D}: NameServer=208.67.220.220,208.67.222.222
HKLM\SYSTEM\CCS\Services\Tcpip\..\{C3116177-F0DA-4D80-8B46-0E8C5514D839}: DhcpNameServer=208.67.220.220,208.67.222.222
HKLM\SYSTEM\CCS\Services\Tcpip\..\{C3116177-F0DA-4D80-8B46-0E8C5514D839}: NameServer=208.67.220.220,208.67.222.222
HKLM\SYSTEM\CCS\Services\Tcpip\..\{CB0E73FD-0A39-4DAC-BABF-10D1DAD2BB70}: NameServer=208.67.220.220,208.67.222.222
HKLM\SYSTEM\CCS\Services\Tcpip\..\{E97A0840-2C2C-4E59-8514-7BF4D192DCB0}: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CCS\Services\Tcpip\..\{E97A0840-2C2C-4E59-8514-7BF4D192DCB0}: NameServer=208.67.220.220,208.67.222.222
HKLM\SYSTEM\CS1\Services\Tcpip\..\{0FB66FA5-FD83-4CF4-80BE-819BDECCE349}: DhcpNameServer=208.67.220.220,208.67.222.222
HKLM\SYSTEM\CS1\Services\Tcpip\..\{0FB66FA5-FD83-4CF4-80BE-819BDECCE349}: NameServer=208.67.220.220,208.67.222.222
HKLM\SYSTEM\CS1\Services\Tcpip\..\{1A393EB5-AB19-49AD-A943-320763BB5882}: NameServer=208.67.220.220,208.67.222.222
HKLM\SYSTEM\CS1\Services\Tcpip\..\{24E3BD39-E20A-4ECC-8906-58F8AF57772C}: DhcpNameServer=208.67.220.220,208.67.222.222
HKLM\SYSTEM\CS1\Services\Tcpip\..\{24E3BD39-E20A-4ECC-8906-58F8AF57772C}: NameServer=208.67.220.220,208.67.222.222
HKLM\SYSTEM\CS1\Services\Tcpip\..\{3973425E-968A-45E1-BCE3-B58D3C9AE664}: DhcpNameServer=208.67.220.220,208.67.222.222
HKLM\SYSTEM\CS1\Services\Tcpip\..\{3973425E-968A-45E1-BCE3-B58D3C9AE664}: NameServer=208.67.220.220,208.67.222.222
HKLM\SYSTEM\CS1\Services\Tcpip\..\{3CDC5F2C-C0AD-47B6-9D1A-BBD81E182F64}: DhcpNameServer=208.67.220.220,208.67.222.222
HKLM\SYSTEM\CS1\Services\Tcpip\..\{3CDC5F2C-C0AD-47B6-9D1A-BBD81E182F64}: NameServer=208.67.220.220,208.67.222.222
HKLM\SYSTEM\CS1\Services\Tcpip\..\{4378A5AC-5D23-4859-880F-3D7242F6BB3A}: DhcpNameServer=208.67.220.220,208.67.222.222
HKLM\SYSTEM\CS1\Services\Tcpip\..\{48D9C6B6-E187-4D79-B392-E4E6F038D357}: DhcpNameServer=208.67.220.220,208.67.222.222
HKLM\SYSTEM\CS1\Services\Tcpip\..\{48D9C6B6-E187-4D79-B392-E4E6F038D357}: NameServer=208.67.220.220,208.67.222.222
HKLM\SYSTEM\CS1\Services\Tcpip\..\{5503B571-761C-4FE9-A98A-CE54371106CD}: DhcpNameServer=208.67.220.220,208.67.222.222
HKLM\SYSTEM\CS1\Services\Tcpip\..\{5503B571-761C-4FE9-A98A-CE54371106CD}: NameServer=208.67.220.220,208.67.222.222
HKLM\SYSTEM\CS1\Services\Tcpip\..\{5A4F6099-F168-43C4-AA6C-0418DF81C338}: DhcpNameServer=208.67.220.220,208.67.222.222
HKLM\SYSTEM\CS1\Services\Tcpip\..\{5A4F6099-F168-43C4-AA6C-0418DF81C338}: NameServer=208.67.220.220,208.67.222.222
HKLM\SYSTEM\CS1\Services\Tcpip\..\{A4D085EA-8648-4E7A-98C7-C93CB97B92C5}: DhcpNameServer=208.67.220.220,208.67.222.222
HKLM\SYSTEM\CS1\Services\Tcpip\..\{A4D085EA-8648-4E7A-98C7-C93CB97B92C5}: NameServer=208.67.220.220,208.67.222.222
HKLM\SYSTEM\CS1\Services\Tcpip\..\{B581A6B6-2DFA-4FA9-AF78-59CA8A3FCB77}: DhcpNameServer=208.67.220.220,208.67.222.222
HKLM\SYSTEM\CS1\Services\Tcpip\..\{B581A6B6-2DFA-4FA9-AF78-59CA8A3FCB77}: NameServer=208.67.220.220,208.67.222.222
HKLM\SYSTEM\CS1\Services\Tcpip\..\{BC9B43AB-3030-411A-9F09-D15CFB559FB0}: NameServer=208.67.220.220,208.67.222.222
HKLM\SYSTEM\CS1\Services\Tcpip\..\{BF6B82C8-3F27-40CD-813F-1DB4683F271D}: DhcpNameServer=208.67.220.220,208.67.222.222
HKLM\SYSTEM\CS1\Services\Tcpip\..\{BF6B82C8-3F27-40CD-813F-1DB4683F271D}: NameServer=208.67.220.220,208.67.222.222
HKLM\SYSTEM\CS1\Services\Tcpip\..\{C3116177-F0DA-4D80-8B46-0E8C5514D839}: DhcpNameServer=208.67.220.220,208.67.222.222
HKLM\SYSTEM\CS1\Services\Tcpip\..\{C3116177-F0DA-4D80-8B46-0E8C5514D839}: NameServer=208.67.220.220,208.67.222.222
HKLM\SYSTEM\CS1\Services\Tcpip\..\{CB0E73FD-0A39-4DAC-BABF-10D1DAD2BB70}: NameServer=208.67.220.220,208.67.222.222
HKLM\SYSTEM\CS1\Services\Tcpip\..\{E97A0840-2C2C-4E59-8514-7BF4D192DCB0}: NameServer=208.67.220.220,208.67.222.222
HKLM\SYSTEM\CS2\Services\Tcpip\..\{0FB66FA5-FD83-4CF4-80BE-819BDECCE349}: DhcpNameServer=208.67.220.220,208.67.222.222
HKLM\SYSTEM\CS2\Services\Tcpip\..\{0FB66FA5-FD83-4CF4-80BE-819BDECCE349}: NameServer=208.67.220.220,208.67.222.222
HKLM\SYSTEM\CS2\Services\Tcpip\..\{1A393EB5-AB19-49AD-A943-320763BB5882}: NameServer=208.67.220.220,208.67.222.222
HKLM\SYSTEM\CS2\Services\Tcpip\..\{24E3BD39-E20A-4ECC-8906-58F8AF57772C}: DhcpNameServer=208.67.220.220,208.67.222.222
HKLM\SYSTEM\CS2\Services\Tcpip\..\{24E3BD39-E20A-4ECC-8906-58F8AF57772C}: NameServer=208.67.220.220,208.67.222.222
HKLM\SYSTEM\CS2\Services\Tcpip\..\{3973425E-968A-45E1-BCE3-B58D3C9AE664}: DhcpNameServer=208.67.220.220,208.67.222.222
HKLM\SYSTEM\CS2\Services\Tcpip\..\{3973425E-968A-45E1-BCE3-B58D3C9AE664}: NameServer=208.67.220.220,208.67.222.222
HKLM\SYSTEM\CS2\Services\Tcpip\..\{3CDC5F2C-C0AD-47B6-9D1A-BBD81E182F64}: DhcpNameServer=208.67.220.220,208.67.222.222
HKLM\SYSTEM\CS2\Services\Tcpip\..\{3CDC5F2C-C0AD-47B6-9D1A-BBD81E182F64}: NameServer=208.67.220.220,208.67.222.222
HKLM\SYSTEM\CS2\Services\Tcpip\..\{4378A5AC-5D23-4859-880F-3D7242F6BB3A}: DhcpNameServer=208.67.220.220,208.67.222.222
HKLM\SYSTEM\CS2\Services\Tcpip\..\{48D9C6B6-E187-4D79-B392-E4E6F038D357}: DhcpNameServer=208.67.220.220,208.67.222.222
HKLM\SYSTEM\CS2\Services\Tcpip\..\{48D9C6B6-E187-4D79-B392-E4E6F038D357}: NameServer=208.67.220.220,208.67.222.222
HKLM\SYSTEM\CS2\Services\Tcpip\..\{5503B571-761C-4FE9-A98A-CE54371106CD}: DhcpNameServer=208.67.220.220,208.67.222.222
HKLM\SYSTEM\CS2\Services\Tcpip\..\{5503B571-761C-4FE9-A98A-CE54371106CD}: NameServer=208.67.220.220,208.67.222.222
HKLM\SYSTEM\CS2\Services\Tcpip\..\{5A4F6099-F168-43C4-AA6C-0418DF81C338}: DhcpNameServer=208.67.220.220,208.67.222.222
HKLM\SYSTEM\CS2\Services\Tcpip\..\{5A4F6099-F168-43C4-AA6C-0418DF81C338}: NameServer=208.67.220.220,208.67.222.222
HKLM\SYSTEM\CS2\Services\Tcpip\..\{A4D085EA-8648-4E7A-98C7-C93CB97B92C5}: DhcpNameServer=208.67.220.220,208.67.222.222
HKLM\SYSTEM\CS2\Services\Tcpip\..\{A4D085EA-8648-4E7A-98C7-C93CB97B92C5}: NameServer=208.67.220.220,208.67.222.222
HKLM\SYSTEM\CS2\Services\Tcpip\..\{B581A6B6-2DFA-4FA9-AF78-59CA8A3FCB77}: DhcpNameServer=208.67.220.220,208.67.222.222
HKLM\SYSTEM\CS2\Services\Tcpip\..\{B581A6B6-2DFA-4FA9-AF78-59CA8A3FCB77}: NameServer=208.67.220.220,208.67.222.222
HKLM\SYSTEM\CS2\Services\Tcpip\..\{BC9B43AB-3030-411A-9F09-D15CFB559FB0}: NameServer=208.67.220.220,208.67.222.222
HKLM\SYSTEM\CS2\Services\Tcpip\..\{BF6B82C8-3F27-40CD-813F-1DB4683F271D}: DhcpNameServer=208.67.220.220,208.67.222.222
HKLM\SYSTEM\CS2\Services\Tcpip\..\{BF6B82C8-3F27-40CD-813F-1DB4683F271D}: NameServer=208.67.220.220,208.67.222.222
HKLM\SYSTEM\CS2\Services\Tcpip\..\{C3116177-F0DA-4D80-8B46-0E8C5514D839}: DhcpNameServer=208.67.220.220,208.67.222.222
HKLM\SYSTEM\CS2\Services\Tcpip\..\{C3116177-F0DA-4D80-8B46-0E8C5514D839}: NameServer=208.67.220.220,208.67.222.222
HKLM\SYSTEM\CS2\Services\Tcpip\..\{CB0E73FD-0A39-4DAC-BABF-10D1DAD2BB70}: NameServer=208.67.220.220,208.67.222.222
HKLM\SYSTEM\CS2\Services\Tcpip\..\{E97A0840-2C2C-4E59-8514-7BF4D192DCB0}: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CS2\Services\Tcpip\..\{E97A0840-2C2C-4E59-8514-7BF4D192DCB0}: NameServer=208.67.220.220,208.67.222.222
HKLM\SYSTEM\CS3\Services\Tcpip\..\{0FB66FA5-FD83-4CF4-80BE-819BDECCE349}: DhcpNameServer=208.67.220.220,208.67.222.222
HKLM\SYSTEM\CS3\Services\Tcpip\..\{0FB66FA5-FD83-4CF4-80BE-819BDECCE349}: NameServer=208.67.220.220,208.67.222.222
HKLM\SYSTEM\CS3\Services\Tcpip\..\{1A393EB5-AB19-49AD-A943-320763BB5882}: NameServer=208.67.220.220,208.67.222.222
HKLM\SYSTEM\CS3\Services\Tcpip\..\{24E3BD39-E20A-4ECC-8906-58F8AF57772C}: DhcpNameServer=208.67.220.220,208.67.222.222
HKLM\SYSTEM\CS3\Services\Tcpip\..\{24E3BD39-E20A-4ECC-8906-58F8AF57772C}: NameServer=208.67.220.220,208.67.222.222
HKLM\SYSTEM\CS3\Services\Tcpip\..\{3973425E-968A-45E1-BCE3-B58D3C9AE664}: DhcpNameServer=208.67.220.220,208.67.222.222
HKLM\SYSTEM\CS3\Services\Tcpip\..\{3973425E-968A-45E1-BCE3-B58D3C9AE664}: NameServer=208.67.220.220,208.67.222.222
HKLM\SYSTEM\CS3\Services\Tcpip\..\{3CDC5F2C-C0AD-47B6-9D1A-BBD81E182F64}: DhcpNameServer=208.67.220.220,208.67.222.222
HKLM\SYSTEM\CS3\Services\Tcpip\..\{3CDC5F2C-C0AD-47B6-9D1A-BBD81E182F64}: NameServer=208.67.220.220,208.67.222.222
HKLM\SYSTEM\CS3\Services\Tcpip\..\{4378A5AC-5D23-4859-880F-3D7242F6BB3A}: DhcpNameServer=208.67.220.220,208.67.222.222
HKLM\SYSTEM\CS3\Services\Tcpip\..\{48D9C6B6-E187-4D79-B392-E4E6F038D357}: DhcpNameServer=208.67.220.220,208.67.222.222
HKLM\SYSTEM\CS3\Services\Tcpip\..\{48D9C6B6-E187-4D79-B392-E4E6F038D357}: NameServer=208.67.220.220,208.67.222.222
HKLM\SYSTEM\CS3\Services\Tcpip\..\{5503B571-761C-4FE9-A98A-CE54371106CD}: DhcpNameServer=208.67.220.220,208.67.222.222
HKLM\SYSTEM\CS3\Services\Tcpip\..\{5503B571-761C-4FE9-A98A-CE54371106CD}: NameServer=208.67.220.220,208.67.222.222
HKLM\SYSTEM\CS3\Services\Tcpip\..\{5A4F6099-F168-43C4-AA6C-0418DF81C338}: DhcpNameServer=208.67.220.220,208.67.222.222
HKLM\SYSTEM\CS3\Services\Tcpip\..\{5A4F6099-F168-43C4-AA6C-0418DF81C338}: NameServer=208.67.220.220,208.67.222.222
HKLM\SYSTEM\CS3\Services\Tcpip\..\{A4D085EA-8648-4E7A-98C7-C93CB97B92C5}: DhcpNameServer=208.67.220.220,208.67.222.222
HKLM\SYSTEM\CS3\Services\Tcpip\..\{A4D085EA-8648-4E7A-98C7-C93CB97B92C5}: NameServer=208.67.220.220,208.67.222.222
HKLM\SYSTEM\CS3\Services\Tcpip\..\{B581A6B6-2DFA-4FA9-AF78-59CA8A3FCB77}: DhcpNameServer=208.67.220.220,208.67.222.222
HKLM\SYSTEM\CS3\Services\Tcpip\..\{B581A6B6-2DFA-4FA9-AF78-59CA8A3FCB77}: NameServer=208.67.220.220,208.67.222.222
HKLM\SYSTEM\CS3\Services\Tcpip\..\{BC9B43AB-3030-411A-9F09-D15CFB559FB0}: NameServer=208.67.220.220,208.67.222.222
HKLM\SYSTEM\CS3\Services\Tcpip\..\{BF6B82C8-3F27-40CD-813F-1DB4683F271D}: DhcpNameServer=208.67.220.220,208.67.222.222
HKLM\SYSTEM\CS3\Services\Tcpip\..\{BF6B82C8-3F27-40CD-813F-1DB4683F271D}: NameServer=208.67.220.220,208.67.222.222
HKLM\SYSTEM\CS3\Services\Tcpip\..\{C3116177-F0DA-4D80-8B46-0E8C5514D839}: DhcpNameServer=208.67.220.220,208.67.222.222
HKLM\SYSTEM\CS3\Services\Tcpip\..\{C3116177-F0DA-4D80-8B46-0E8C5514D839}: NameServer=208.67.220.220,208.67.222.222
HKLM\SYSTEM\CS3\Services\Tcpip\..\{CB0E73FD-0A39-4DAC-BABF-10D1DAD2BB70}: NameServer=208.67.220.220,208.67.222.222
HKLM\SYSTEM\CS3\Services\Tcpip\..\{E97A0840-2C2C-4E59-8514-7BF4D192DCB0}: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CS3\Services\Tcpip\..\{E97A0840-2C2C-4E59-8514-7BF4D192DCB0}: NameServer=208.67.220.220,208.67.222.222
HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: NameServer=208.67.220.220,208.67.222.222
HKLM\SYSTEM\CS1\Services\Tcpip\Parameters: NameServer=208.67.220.220,208.67.222.222
HKLM\SYSTEM\CS2\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CS2\Services\Tcpip\Parameters: NameServer=208.67.220.220,208.67.222.222
HKLM\SYSTEM\CS3\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CS3\Services\Tcpip\Parameters: NameServer=208.67.220.220,208.67.222.222
»»»»»»»»»»»»»»»»»»»»»»»» Suppression Fichiers Temporaires
»»»»»»»»»»»»»»»»»»»»»»»» Winlogon.System
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"System"=""
»»»»»»»»»»»»»»»»»»»»»»»» Nettoyage du registre
Nettoyage terminé.
»»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler Après SmitFraudFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!
SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll
»»»»»»»»»»»»»»»»»»»»»»»» Fin