Vince1415

Merci beaucoup d'avoir pris le temps de me répondre. Je vais donc regarder du côté des points d'accès pour voir si je trouve mon bonheur. Est ce que je peux mettre autant de points d'accès que je souhaite ou bien y 'a t'il des restrictions. Concernant le côté juridique il n'y a pas de soucis, il s'agit d'une fonctionnalité proposée par Orange, lorsqu'on possède une livebox Pro. Cela te permet de créer un hotspot sur lequel les gens peuvent se connecter moyennant l'achat d'un crédit de temps auprès d'Orange, avec une carte unique ou bien un abonnement mensuel. Chaque personne possède de plus sa propre IP donc pas de soucis.

Bonjour, Je ne sais pas si je suis à la bonne place pour ma question, mais j'avais reçu la dernière fois une aide très précieuse et précise c'est pourquoi je reviens ici Ce que je cherche a faire c'est de créer un hotspot wifi a partir d'une livebox pro pour un bâtiment complet comportant des appartements en locations. Tout cela afin de permettre aux locataires des appartements d'avoir un accès à Internet. La livebox se trouve elle dans une autre maison distante des appartements en location. Pour le moment il y a un répéteur wifi a l'angle de la maison, cela permet d'obtenir un signal wifi dans la moitié des appartements de l'autre côté du jardin mais les autres appartements ne sont pas couverts par le signal. Je voudrait donc trouver la solution la plus simple et la plus économique pour que tous les appartements captent le réseau wifi. Est-il possible de mettre plusieurs répéteur autour du batiment pour que tous les appartements captent ? faut il un autre type de matériel ? Je vous remercie beaucoup par avance pour toute l'aide que vous pourrez l'apporter.

D'accord merci beaucoup pour tous ces conseils et pour ton aide très precieuse afin de corriger mon problème. Merci de m'avoir accordé du temps, ca fait vraiment plaisir, si j'ai d'autre questions je sais où les poser Merci encore, bonne journée.

Ok merci bien pour toutes ces precisions Ad-aware n'a pas été acheté il s'agit de la version Free Anniversary Edition qui est gratuite est contient le Ad-watch live, donc si tu me dis qu'il ne sert a rien, je le vire, je n'aime pas avoir 10000 logiciels inutiles, je préfére garder mbam si il est plus puissant. J'en profiterais pour l'installer chez moi également Oui combofix a été desinstallé et les fichiers en quarantaines supprimés du pc.

Oups pardon je ne pensais pas que tu voulais le rapport complet, c'est vrai que qui peut le plus peut le moins. Je te met le rapport au complet au cas où Je n'ai pas de soucis avec ma clef USB tout semble nikel. Mes processus svchost sont revenus a des utilisations mémoire plus raisonnable J'ai Ad-aware d'installé avec le resident activé, est ce que cela sert tout de même à quelque chose ? Une autre question, mbam est mieux que spybot ? cela sert-il a quelque chose d'utiliser spybot ou vaut-il mieux utiliser mbam ?

Bonjour, J'ai été un peu long sur ce coup, mais l'analyse est super longue et j'ai du couper l'ordi avant la fin, du coup j'en ai relancé une compléte, toujours est-il que voici le resultat de l'analyse en ligne de Kaspersky. Les seuls virus trouvés sont ceux en quarantaine

Non pas sur ma clef mais sur c: et d: (un autre DD) oui j'avais un autorun.inf qui voulait lancer une application. J'ai supprimé le fichier à l'aide d'un soft qui n'était pas Flash Disinfector mais un autre qui s'appelle autorun eater. Par contre le vaccin appliqué est celui indiqué dans cette page http://forum.zebulon.fr/infections-par-sup...es-t131959.html Edit : je viens de retrouver les logs, je te met le contenu de ces fichiers avant leurs suppression si cela peut t'aider : [autorun] ;cnrtdvkxpiqqdpdvwumeishekysnkggbwyjwoudyxdcqntbsgajpuippnwqjjkarlyyfedyendchiai zpfqr shellexecute="RECYCLER\S-6-2-33-100024443-100024860-100026889-8366.com c:\" ;ukorftoujritofgqjzzhgmhbrpyfqmxwdkhevcijwaqtmaylbcrpjegujwjmmxhnzvurywpmqisgvqx emcm shell\Open\command="RECYCLER\S-6-2-33-100024443-100024860-100026889-8366.com c:\" ;nyunvouvseyrlbhszlvlxjsusoiai shell=Open et [autorun] ;tksuvlmapxrqkyoudticwjumzriagegloja shellexecute="RECYCLER\S-6-2-33-100024443-100024860-100026889-8366.com d:\" ;huvyztcnlzfqhfkefeqbboihbaklmuqmqyrdmblqnqpjnukhvwqxnjpxbyqckbrelyspqrneqthqkav egchbdg shell\Open\command="RECYCLER\S-6-2-33-100024443-100024860-100026889-8366.com d:\" ;fxebgimnxscdvpzfxorqoonatttoxlgzrmnslcohgrpiwdpumpcacxghxkliqddxccemxawdvyhtess picoushszlbebhbs shell=Open

Voici un nouveau rapport HijackThis : Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 16:19, on 2009-02-25 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16791) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Network Associates\Common Framework\FrameworkService.exe C:\Program Files\Network Associates\VirusScan\Mcshield.exe C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\WINDOWS\RTHDCPL.EXE C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe C:\Program Files\Fichiers communs\Network Associates\TalkBack\TBMon.exe C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Pidgin\pidgin.exe C:\Program Files\Desktoptopia\Desktoptopia.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Opera\opera.exe C:\Documents and Settings\vprothais\Mes documents\Mes telechargements\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = http://pdc-mougins.xerus.net/proxy.pac R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local;<local> R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll O2 - BHO: Companion.JS BHO - {ADDEE521-F1CC-4B89-8C88-B2CF625B9163} - C:\Program Files\Core Services\Companion.JS\CompanionJS.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [ShStatEXE] "C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE" /STANDALONE O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe" /StartedFromRunKey O4 - HKLM\..\Run: [Network Associates Error Reporting Service] "C:\Program Files\Fichiers communs\Network Associates\TalkBack\TBMon.exe" O4 - HKLM\..\Run: [Ad-Watch] C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [Pidgin] C:\Program Files\Pidgin\pidgin.exe O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Startup: Desktoptopia.lnk = C:\Program Files\Desktoptopia\Desktoptopia.exe O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: Companion.JS - {0402343A-B530-482b-AA27-A61CEC3E4D2E} - C:\Program Files\Core Services\Companion.JS\CompanionJS.dll O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1202381037644 O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = xerus.net O17 - HKLM\Software\..\Telephony: DomainName = xerus.net O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = xerus.net O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe O23 - Service: Service Framework McAfee (McAfeeFramework) - Network Associates, Inc. - C:\Program Files\Network Associates\Common Framework\FrameworkService.exe O23 - Service: Network Associates McShield (McShield) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\Mcshield.exe O23 - Service: Network Associates Task Manager (McTaskManager) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe -- End of file - 7282 bytes

Voici le rapport de mbam, j'ai redémarré pour la suppression du fichier C:\zPharaoh.exe Il y a déjà un net progrès j'ai pu installer le soft, ce que je ne pouvais pas faire avant Malwarebytes' Anti-Malware 1.34 Version de la base de données: 1801 Windows 5.1.2600 Service Pack 3 2009-02-25 16:07:22 mbam-log-2009-02-25 (16-07-22).txt Type de recherche: Examen rapide Eléments examinés: 80921 Temps écoulé: 2 minute(s), 3 second(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 0 Valeur(s) du Registre infectée(s): 0 Elément(s) de données du Registre infecté(s): 0 Dossier(s) infecté(s): 0 Fichier(s) infecté(s): 2 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): (Aucun élément nuisible détecté) Valeur(s) du Registre infectée(s): (Aucun élément nuisible détecté) Elément(s) de données du Registre infecté(s): (Aucun élément nuisible détecté) Dossier(s) infecté(s): (Aucun élément nuisible détecté) Fichier(s) infecté(s): C:\WINDOWS\system32\uacinit.dll (Trojan.Agent) -> Quarantined and deleted successfully. C:\zPharaoh.exe (Worm.Mabezat) -> Delete on reboot.

Voici le rapport de OTMoveIt3, il est à noter que j'avais appliqué un "vaccin" à la racine de c: qui créer des fichiers vides contenant le nom des principales menaces afin d'éviter les problèmes comme autorun.inf, d'où la suppression dans le log ========== PROCESSES ========== Process explorer.exe killed successfully. ========== FILES ========== C:\zPharaoh.exe moved successfully. c:\autorun.inf moved successfully. ========== COMMANDS ========== User's Temp folder emptied. User's Temporary Internet Files folder emptied. User's Internet Explorer cache folder emptied. Local Service Temp folder emptied. File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot. Local Service Temporary Internet Files folder emptied. File delete failed. C:\WINDOWS\temp\Perflib_Perfdata_6bc.dat scheduled to be deleted on reboot. File delete failed. C:\WINDOWS\temp\WFV1.tmp scheduled to be deleted on reboot. Windows Temp folder emptied. Java cache emptied. FireFox cache emptied. File delete failed. C:\Documents and Settings\vprothais\Local Settings\Application Data\Opera\Opera\Profile\vps\0009\adoc.bx scheduled to be deleted on reboot. File delete failed. C:\Documents and Settings\vprothais\Local Settings\Application Data\Opera\Opera\Profile\vps\0009\md.dat scheduled to be deleted on reboot. File delete failed. C:\Documents and Settings\vprothais\Local Settings\Application Data\Opera\Opera\Profile\vps\0009\url.ax scheduled to be deleted on reboot. File delete failed. C:\Documents and Settings\vprothais\Local Settings\Application Data\Opera\Opera\Profile\vps\0009\w.ax scheduled to be deleted on reboot. File delete failed. C:\Documents and Settings\vprothais\Local Settings\Application Data\Opera\Opera\Profile\vps\0009\wb.vx scheduled to be deleted on reboot. File delete failed. C:\Documents and Settings\vprothais\Local Settings\Application Data\Opera\Opera\Profile\vps\0008\adoc.bx scheduled to be deleted on reboot. File delete failed. C:\Documents and Settings\vprothais\Local Settings\Application Data\Opera\Opera\Profile\vps\0008\md.dat scheduled to be deleted on reboot. File delete failed. C:\Documents and Settings\vprothais\Local Settings\Application Data\Opera\Opera\Profile\vps\0008\url.ax scheduled to be deleted on reboot. File delete failed. C:\Documents and Settings\vprothais\Local Settings\Application Data\Opera\Opera\Profile\vps\0008\w.ax scheduled to be deleted on reboot. File delete failed. C:\Documents and Settings\vprothais\Local Settings\Application Data\Opera\Opera\Profile\vps\0008\wb.vx scheduled to be deleted on reboot. File delete failed. C:\Documents and Settings\vprothais\Local Settings\Application Data\Opera\Opera\Profile\vps\0007\adoc.bx scheduled to be deleted on reboot. File delete failed. C:\Documents and Settings\vprothais\Local Settings\Application Data\Opera\Opera\Profile\vps\0007\md.dat scheduled to be deleted on reboot. File delete failed. C:\Documents and Settings\vprothais\Local Settings\Application Data\Opera\Opera\Profile\vps\0007\url.ax scheduled to be deleted on reboot. File delete failed. C:\Documents and Settings\vprothais\Local Settings\Application Data\Opera\Opera\Profile\vps\0007\w.ax scheduled to be deleted on reboot. File delete failed. C:\Documents and Settings\vprothais\Local Settings\Application Data\Opera\Opera\Profile\vps\0007\wb.vx scheduled to be deleted on reboot. File delete failed. C:\Documents and Settings\vprothais\Local Settings\Application Data\Opera\Opera\Profile\vps\0006\adoc.bx scheduled to be deleted on reboot. File delete failed. C:\Documents and Settings\vprothais\Local Settings\Application Data\Opera\Opera\Profile\vps\0006\md.dat scheduled to be deleted on reboot. File delete failed. C:\Documents and Settings\vprothais\Local Settings\Application Data\Opera\Opera\Profile\vps\0006\url.ax scheduled to be deleted on reboot. File delete failed. C:\Documents and Settings\vprothais\Local Settings\Application Data\Opera\Opera\Profile\vps\0006\w.ax scheduled to be deleted on reboot. File delete failed. C:\Documents and Settings\vprothais\Local Settings\Application Data\Opera\Opera\Profile\vps\0006\wb.vx scheduled to be deleted on reboot. File delete failed. C:\Documents and Settings\vprothais\Local Settings\Application Data\Opera\Opera\Profile\vps\0005\adoc.bx scheduled to be deleted on reboot. File delete failed. C:\Documents and Settings\vprothais\Local Settings\Application Data\Opera\Opera\Profile\vps\0005\md.dat scheduled to be deleted on reboot. File delete failed. C:\Documents and Settings\vprothais\Local Settings\Application Data\Opera\Opera\Profile\vps\0005\url.ax scheduled to be deleted on reboot. File delete failed. C:\Documents and Settings\vprothais\Local Settings\Application Data\Opera\Opera\Profile\vps\0005\w.ax scheduled to be deleted on reboot. File delete failed. C:\Documents and Settings\vprothais\Local Settings\Application Data\Opera\Opera\Profile\vps\0005\wb.vx scheduled to be deleted on reboot. File delete failed. C:\Documents and Settings\vprothais\Local Settings\Application Data\Opera\Opera\Profile\vps\0004\adoc.bx scheduled to be deleted on reboot. File delete failed. C:\Documents and Settings\vprothais\Local Settings\Application Data\Opera\Opera\Profile\vps\0004\md.dat scheduled to be deleted on reboot. File delete failed. C:\Documents and Settings\vprothais\Local Settings\Application Data\Opera\Opera\Profile\vps\0004\url.ax scheduled to be deleted on reboot. File delete failed. C:\Documents and Settings\vprothais\Local Settings\Application Data\Opera\Opera\Profile\vps\0004\w.ax scheduled to be deleted on reboot. File delete failed. C:\Documents and Settings\vprothais\Local Settings\Application Data\Opera\Opera\Profile\vps\0004\wb.vx scheduled to be deleted on reboot. File delete failed. C:\Documents and Settings\vprothais\Local Settings\Application Data\Opera\Opera\Profile\vps\0002\adoc.bx scheduled to be deleted on reboot. File delete failed. C:\Documents and Settings\vprothais\Local Settings\Application Data\Opera\Opera\Profile\vps\0002\md.dat scheduled to be deleted on reboot. File delete failed. C:\Documents and Settings\vprothais\Local Settings\Application Data\Opera\Opera\Profile\vps\0002\url.ax scheduled to be deleted on reboot. File delete failed. C:\Documents and Settings\vprothais\Local Settings\Application Data\Opera\Opera\Profile\vps\0002\w.ax scheduled to be deleted on reboot. File delete failed. C:\Documents and Settings\vprothais\Local Settings\Application Data\Opera\Opera\Profile\vps\0002\wb.vx scheduled to be deleted on reboot. File delete failed. C:\Documents and Settings\vprothais\Local Settings\Application Data\Opera\Opera\Profile\vps\0001\adoc.bx scheduled to be deleted on reboot. File delete failed. C:\Documents and Settings\vprothais\Local Settings\Application Data\Opera\Opera\Profile\vps\0001\md.dat scheduled to be deleted on reboot. File delete failed. C:\Documents and Settings\vprothais\Local Settings\Application Data\Opera\Opera\Profile\vps\0001\url.ax scheduled to be deleted on reboot. File delete failed. C:\Documents and Settings\vprothais\Local Settings\Application Data\Opera\Opera\Profile\vps\0001\w.ax scheduled to be deleted on reboot. File delete failed. C:\Documents and Settings\vprothais\Local Settings\Application Data\Opera\Opera\Profile\vps\0001\wb.vx scheduled to be deleted on reboot. File delete failed. C:\Documents and Settings\vprothais\Local Settings\Application Data\Opera\Opera\Profile\vps\0000\adoc.bx scheduled to be deleted on reboot. File delete failed. C:\Documents and Settings\vprothais\Local Settings\Application Data\Opera\Opera\Profile\vps\0000\md.dat scheduled to be deleted on reboot. File delete failed. C:\Documents and Settings\vprothais\Local Settings\Application Data\Opera\Opera\Profile\vps\0000\url.ax scheduled to be deleted on reboot. File delete failed. C:\Documents and Settings\vprothais\Local Settings\Application Data\Opera\Opera\Profile\vps\0000\w.ax scheduled to be deleted on reboot. File delete failed. C:\Documents and Settings\vprothais\Local Settings\Application Data\Opera\Opera\Profile\vps\0000\wb.vx scheduled to be deleted on reboot. Opera cache emptied. Temp folders emptied. Explorer started successfully OTMoveIt3 by OldTimer - Version 1.0.8.0 log created on 02252009_154311 Files moved on Reboot... File move failed. C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be moved on reboot. File C:\WINDOWS\temp\Perflib_Perfdata_6bc.dat not found! File move failed. C:\WINDOWS\temp\WFV1.tmp scheduled to be moved on reboot. C:\Documents and Settings\vprothais\Local Settings\Application Data\Opera\Opera\Profile\vps\0009\adoc.bx moved successfully. C:\Documents and Settings\vprothais\Local Settings\Application Data\Opera\Opera\Profile\vps\0009\md.dat moved successfully. C:\Documents and Settings\vprothais\Local Settings\Application Data\Opera\Opera\Profile\vps\0009\url.ax moved successfully. C:\Documents and Settings\vprothais\Local Settings\Application Data\Opera\Opera\Profile\vps\0009\w.ax moved successfully. C:\Documents and Settings\vprothais\Local Settings\Application Data\Opera\Opera\Profile\vps\0009\wb.vx moved successfully. C:\Documents and Settings\vprothais\Local Settings\Application Data\Opera\Opera\Profile\vps\0008\adoc.bx moved successfully. C:\Documents and Settings\vprothais\Local Settings\Application Data\Opera\Opera\Profile\vps\0008\md.dat moved successfully. C:\Documents and Settings\vprothais\Local Settings\Application Data\Opera\Opera\Profile\vps\0008\url.ax moved successfully. C:\Documents and Settings\vprothais\Local Settings\Application Data\Opera\Opera\Profile\vps\0008\w.ax moved successfully. C:\Documents and Settings\vprothais\Local Settings\Application Data\Opera\Opera\Profile\vps\0008\wb.vx moved successfully. C:\Documents and Settings\vprothais\Local Settings\Application Data\Opera\Opera\Profile\vps\0007\adoc.bx moved successfully. C:\Documents and Settings\vprothais\Local Settings\Application Data\Opera\Opera\Profile\vps\0007\md.dat moved successfully. C:\Documents and Settings\vprothais\Local Settings\Application Data\Opera\Opera\Profile\vps\0007\url.ax moved successfully. C:\Documents and Settings\vprothais\Local Settings\Application Data\Opera\Opera\Profile\vps\0007\w.ax moved successfully. C:\Documents and Settings\vprothais\Local Settings\Application Data\Opera\Opera\Profile\vps\0007\wb.vx moved successfully. C:\Documents and Settings\vprothais\Local Settings\Application Data\Opera\Opera\Profile\vps\0006\adoc.bx moved successfully. C:\Documents and Settings\vprothais\Local Settings\Application Data\Opera\Opera\Profile\vps\0006\md.dat moved successfully. C:\Documents and Settings\vprothais\Local Settings\Application Data\Opera\Opera\Profile\vps\0006\url.ax moved successfully. C:\Documents and Settings\vprothais\Local Settings\Application Data\Opera\Opera\Profile\vps\0006\w.ax moved successfully. C:\Documents and Settings\vprothais\Local Settings\Application Data\Opera\Opera\Profile\vps\0006\wb.vx moved successfully. C:\Documents and Settings\vprothais\Local Settings\Application Data\Opera\Opera\Profile\vps\0005\adoc.bx moved successfully. C:\Documents and Settings\vprothais\Local Settings\Application Data\Opera\Opera\Profile\vps\0005\md.dat moved successfully. C:\Documents and Settings\vprothais\Local Settings\Application Data\Opera\Opera\Profile\vps\0005\url.ax moved successfully. C:\Documents and Settings\vprothais\Local Settings\Application Data\Opera\Opera\Profile\vps\0005\w.ax moved successfully. C:\Documents and Settings\vprothais\Local Settings\Application Data\Opera\Opera\Profile\vps\0005\wb.vx moved successfully. C:\Documents and Settings\vprothais\Local Settings\Application Data\Opera\Opera\Profile\vps\0004\adoc.bx moved successfully. C:\Documents and Settings\vprothais\Local Settings\Application Data\Opera\Opera\Profile\vps\0004\md.dat moved successfully. C:\Documents and Settings\vprothais\Local Settings\Application Data\Opera\Opera\Profile\vps\0004\url.ax moved successfully. C:\Documents and Settings\vprothais\Local Settings\Application Data\Opera\Opera\Profile\vps\0004\w.ax moved successfully. C:\Documents and Settings\vprothais\Local Settings\Application Data\Opera\Opera\Profile\vps\0004\wb.vx moved successfully. C:\Documents and Settings\vprothais\Local Settings\Application Data\Opera\Opera\Profile\vps\0002\adoc.bx moved successfully. C:\Documents and Settings\vprothais\Local Settings\Application Data\Opera\Opera\Profile\vps\0002\md.dat moved successfully. C:\Documents and Settings\vprothais\Local Settings\Application Data\Opera\Opera\Profile\vps\0002\url.ax moved successfully. C:\Documents and Settings\vprothais\Local Settings\Application Data\Opera\Opera\Profile\vps\0002\w.ax moved successfully. C:\Documents and Settings\vprothais\Local Settings\Application Data\Opera\Opera\Profile\vps\0002\wb.vx moved successfully. C:\Documents and Settings\vprothais\Local Settings\Application Data\Opera\Opera\Profile\vps\0001\adoc.bx moved successfully. C:\Documents and Settings\vprothais\Local Settings\Application Data\Opera\Opera\Profile\vps\0001\md.dat moved successfully. C:\Documents and Settings\vprothais\Local Settings\Application Data\Opera\Opera\Profile\vps\0001\url.ax moved successfully. C:\Documents and Settings\vprothais\Local Settings\Application Data\Opera\Opera\Profile\vps\0001\w.ax moved successfully. C:\Documents and Settings\vprothais\Local Settings\Application Data\Opera\Opera\Profile\vps\0001\wb.vx moved successfully. C:\Documents and Settings\vprothais\Local Settings\Application Data\Opera\Opera\Profile\vps\0000\adoc.bx moved successfully. C:\Documents and Settings\vprothais\Local Settings\Application Data\Opera\Opera\Profile\vps\0000\md.dat moved successfully. C:\Documents and Settings\vprothais\Local Settings\Application Data\Opera\Opera\Profile\vps\0000\url.ax moved successfully. C:\Documents and Settings\vprothais\Local Settings\Application Data\Opera\Opera\Profile\vps\0000\w.ax moved successfully. C:\Documents and Settings\vprothais\Local Settings\Application Data\Opera\Opera\Profile\vps\0000\wb.vx moved successfully.

Voici le rappport du Bat que tu m'as donné Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\group policy\state\S-1-5-21-1229272821-484061587-725345543-1173\Scripts\Logon] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\group policy\state\S-1-5-21-1229272821-484061587-725345543-1173\Scripts\Logon\0] "GPO-ID"="cn={0E1E644E-4396-4ED3-9BAF-F3C3CF267700},cn=policies,cn=system,DC=xerus,DC=net" "SOM-ID"="OU=Metiers,DC=xerus,DC=net" "FileSysPath"="\\\\xerus.net\\SysVol\\xerus.net\\Policies\\{0E1E644E-4396-4ED3-9BAF-F3C3CF267700}\\User" "DisplayName"="filer" "GPOName"="{0E1E644E-4396-4ED3-9BAF-F3C3CF267700}" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\group policy\state\S-1-5-21-1229272821-484061587-725345543-1173\Scripts\Logon\0\0] "Script"="rep_u.bat" "Parameters"="" "ExecTime"=hex(b):d8,07,02,00,05,00,0f,00,09,00,3a,00,12,00,e1,03 [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\group policy\state\S-1-5-21-1229272821-484061587-725345543-1173\Scripts\Logon\1] "GPO-ID"="CN={C062B780-709B-422C-B02D-4D1F6C78355B},CN=Policies,CN=System,DC=xerus,DC=net" "SOM-ID"="OU=Sysadmin,OU=Metiers,DC=xerus,DC=net" "FileSysPath"="\\\\xerus.net\\SysVol\\xerus.net\\Policies\\{C062B780-709B-422C-B02D-4D1F6C78355B}\\User" "DisplayName"="rep_s" "GPOName"="{C062B780-709B-422C-B02D-4D1F6C78355B}" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\group policy\state\S-1-5-21-1229272821-484061587-725345543-1173\Scripts\Logon\1\0] "Script"="rep_s.bat" "Parameters"="" "ExecTime"=hex(b):d8,07,02,00,05,00,0f,00,09,00,3a,00,16,00,e9,01 ⴠⴭⴭⴭⴭⴭⴭ਍Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\ActiveDesktop] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] "NoDriveAutoRun"=dword:03ffffff "NoDriveTypeAutoRun"=dword:00000143 "NoDrives"=dword:00000000 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\NonEnum] "{BDEADF00-C265-11D0-BCED-00A0C90AB50F}"=dword:00000001 "{6DFD7C5C-2451-11d3-A299-00C04F8EF6AF}"=dword:40000021 "{0DF44EAA-FF21-4412-828E-260A8728E7F1}"=dword:00000020 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ratings] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\system] "dontdisplaylastusername"=dword:00000000 "legalnoticecaption"="" "legalnoticetext"="" "shutdownwithoutlogon"=dword:00000001 "undockwithoutlogon"=dword:00000001 "DisableRegistryTools"=dword:00000000 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Uninstall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\WindowsUpdate] ⴠⴭⴭⴭⴭⴭⴭ਍ Il y a par contre des caractères non affichables dans le rapport, je en sais pas si cela est normal.

Merci pour ton aide voici le rapport de combofix :

Bonjour à tous, Je me suis inscrit sur ce forum car j'ai lu pas mal de post et l'aide apportée semblait très efficace et pertinente. Je vous explique mon problème en esperant que quelqu'un pourra m'aider. Le premier lien des résultats de recherche google est toujours modifié sous firefox et IE si bien que lorsque je clique dessus je me retrouve sur des sites de publicités, n'ayant aucun rapport avec la recherche. L'envoie de formulaires sous firefox semble également poser problèmes, et ne fonctionne pas toujours. Je n'ai pas ces problèmes sous opera, ni chrome. Les pages ouvertes sur les résultats Google sont la plupart du temps sur le domaine windowsclick. La réponse des pages est également plus longue que sur Opera et Chrome. J'ai également deux processus svchost qui utilisent respectivement 220mo et 190mo ce qui est tout de même énorme pour ce genre de processus. Et pour finir la plupart des outils pour "nettoyer" ne fonctionnent pas, ainsi je ne peux pas faire de mise à jours dans cwshredder, je ne peux pas lancer Spybot, il ne se passe rien lorsque je le lance et je ne peux pas installer hijackThis, par contre le fichier executable direct sans intsallation fonctionne correctement, l'installation de Malwarebyte's Anti malware ne se lance pas non plus. Seul Adaware semble fonctionner correctement. Y a t'il une autre solution qu'un format c: ? car il s'agit d'un Pc de travail et je ne peux malheureusement pas tout reinstaller si facilement. L'antivirus est virusScan entreprise 8 Voici ci-dessous le log de HijackThis Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 14:47:02, on 25/02/2009 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16791) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Network Associates\Common Framework\FrameworkService.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Network Associates\VirusScan\Mcshield.exe C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\WINDOWS\RTHDCPL.EXE C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe C:\Program Files\Fichiers communs\Network Associates\TalkBack\TBMon.exe C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Pidgin\pidgin.exe C:\Program Files\Desktoptopia\Desktoptopia.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Mozilla Thunderbird\thunderbird.exe C:\Program Files\Opera\opera.exe C:\Documents and Settings\vprothais\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\vprothais\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\vprothais\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\WINDOWS\system32\taskmgr.exe C:\Program Files\ESTsoft\ALZip\ALZip.exe C:\Documents and Settings\vprothais\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\vprothais\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\vprothais\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\vprothais\Mes documents\Mes telechargements\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = http://pdc-mougins.xerus.net/proxy.pac R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local;<local> R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens F2 - REG:system.ini: UserInit=userinit.exe O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll O2 - BHO: Companion.JS BHO - {ADDEE521-F1CC-4B89-8C88-B2CF625B9163} - C:\Program Files\Core Services\Companion.JS\CompanionJS.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [skyTel] SkyTel.EXE O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [shStatEXE] "C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE" /STANDALONE O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe" /StartedFromRunKey O4 - HKLM\..\Run: [Network Associates Error Reporting Service] "C:\Program Files\Fichiers communs\Network Associates\TalkBack\TBMon.exe" O4 - HKLM\..\Run: [Ad-Watch] C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [Pidgin] C:\Program Files\Pidgin\pidgin.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Startup: Desktoptopia.lnk = C:\Program Files\Desktoptopia\Desktoptopia.exe O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: Companion.JS - {0402343A-B530-482b-AA27-A61CEC3E4D2E} - C:\Program Files\Core Services\Companion.JS\CompanionJS.dll O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftu...b?1202381037644 O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = xerus.net O17 - HKLM\Software\..\Telephony: DomainName = xerus.net O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = xerus.net O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe O23 - Service: Service Framework McAfee (McAfeeFramework) - Network Associates, Inc. - C:\Program Files\Network Associates\Common Framework\FrameworkService.exe O23 - Service: Network Associates McShield (McShield) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\Mcshield.exe O23 - Service: Network Associates Task Manager (McTaskManager) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe -- End of file - 8324 bytes Merci bcp par avance.