Virus chieux !
Dernière réponse : dans Sécurité
Je fais quoi avec ca ?
J'ai trouvé un article de Symatec(( http://securityresponse.symantec.com/avcenter/venc/data...) , j'ai tout essayé et ca marche pas ! Si quelqu'un peu m'aider....
Mon AVG détecte deux Virus hpdriver.sys et rdriv.sys. Incapable de les suprimer , il réaparraise toujours ! Pourtant avant de vouloir tuer le virus j'ai désactivé la resauration systeme...
J'ai essayer d'aller en Mode sans échec.aller supremier les mauvaise clé dans le registre et les truc au démarrage mais a chaque fois que je redemarre le virus revient....... J'ai essayer Spybot, AVG ,Ewido, Easy Cleaner. Le virus revient toujours !
Merci.
Logfile of HijackThis v1.99.1
Scan saved at 15:09:37, on 2006-05-09
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\ATKKBService.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\Program Files\MessengerPlus! 3\MsgPlus.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
D:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\Program Files\Intel\PROSetWired\NCS\PROSet\PRONoMgr.exe
C:\Program Files\ICQLite\ICQLite.exe
C:\WINDOWS\system32\nap32.exe
D:\Program Files\ewido anti-malware\ewidoguard.exe
C:\WINDOWS\system32\windrv.exe
C:\Program Files\Icecast2 Win32\icecastService.exe
C:\WINDOWS\msconfig32x.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
D:\Program Files\Serv-U\ServUTray.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
D:\Program Files\TrafficCounter\TrafficCounter.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Documents and Settings\etienne\Local Settings\Temporary Internet Files\Content.IE5\4KB9L5E6\HijackThis[1].exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.ca/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O1 - Hosts: 165.57.190.50 avp.com
O1 - Hosts: 43.48.157.80 ca.com
O1 - Hosts: 201.83.183.131 customer.symantec.com
O1 - Hosts: 124.4.70.246 dispatch.mcafee.com
O1 - Hosts: 214.123.9.155 download.mcafee.com
O1 - Hosts: 105.111.114.181 downloads1.kaspersky-labs.com
O1 - Hosts: 209.80.57.69 downloads2.kaspersky-labs.com
O1 - Hosts: 233.216.181.216 downloads3.kaspersky-labs.com
O1 - Hosts: 36.214.114.31 downloads4.kaspersky-labs.com
O1 - Hosts: 144.119.74.207 downloads-eu1.kaspersky-labs.com
O1 - Hosts: 158.114.132.188 downloads-eu2.kaspersky-labs.com
O1 - Hosts: 252.90.193.155 downloads-eu3.kaspersky-labs.com
O1 - Hosts: 80.123.180.229 downloads-eu4.kaspersky-labs.com
O1 - Hosts: 16.0.244.86 downloads-us1.kaspersky-labs.com
O1 - Hosts: 173.85.221.99 downloads-us2.kaspersky-labs.com
O1 - Hosts: 128.119.210.67 downloads-us3.kaspersky-labs.com
O1 - Hosts: 125.37.222.210 downloads-us4.kaspersky-labs.com
O1 - Hosts: 51.159.245.111 f-secure.com
O1 - Hosts: 36.9.223.23 ftp.avp.com
O1 - Hosts: 104.102.142.104 ftp.ca.com
O1 - Hosts: 53.235.94.80 ftp.customer.symantec.com
O1 - Hosts: 55.160.151.124 ftp.dispatch.mcafee.com
O1 - Hosts: 215.225.144.103 ftp.download.mcafee.com
O1 - Hosts: 220.243.100.14 ftp.downloads1.kaspersky-labs.com
O1 - Hosts: 125.149.20.39 ftp.downloads2.kaspersky-labs.com
O1 - Hosts: 87.201.246.114 ftp.downloads3.kaspersky-labs.com
O1 - Hosts: 99.73.238.103 ftp.downloads4.kaspersky-labs.com
O1 - Hosts: 207.86.165.105 ftp.downloads-eu1.kaspersky-labs.com
O1 - Hosts: 231.98.95.71 ftp.downloads-eu2.kaspersky-labs.com
O1 - Hosts: 93.178.25.158 ftp.downloads-eu3.kaspersky-labs.com
O1 - Hosts: 50.139.1.121 ftp.downloads-eu4.kaspersky-labs.com
O1 - Hosts: 137.125.14.184 ftp.downloads-us1.kaspersky-labs.com
O1 - Hosts: 160.95.180.28 ftp.downloads-us2.kaspersky-labs.com
O1 - Hosts: 179.149.245.1 ftp.downloads-us3.kaspersky-labs.com
O1 - Hosts: 148.170.104.164 ftp.downloads-us4.kaspersky-labs.com
O1 - Hosts: 185.95.88.15 ftp.f-secure.com
O1 - Hosts: 127.54.165.91 ftp.grisoft.com
O1 - Hosts: 116.155.14.20 ftp.kaspersky.com
O1 - Hosts: 206.43.111.226 ftp.kaspersky-labs.com
O1 - Hosts: 134.75.73.166 ftp.liveupdate.symantec.com
O1 - Hosts: 25.124.247.84 ftp.liveupdate.symantecliveupdate.com
O1 - Hosts: 118.44.114.165 ftp.mast.mcafee.com
O1 - Hosts: 167.231.154.108 ftp.mcafee.com
O1 - Hosts: 29.56.71.46 ftp.my-etrust.com
O1 - Hosts: 73.131.49.193 ftp.nai.com
O1 - Hosts: 225.193.221.28 ftp.networkassociates.com
O1 - Hosts: 247.94.52.16 ftp.norton.com
O1 - Hosts: 69.149.226.29 ftp.rads.mcafee.com
O1 - Hosts: 202.170.168.150 ftp.sandbox.norman.com
O1 - Hosts: 189.182.188.80 ftp.secure.nai.com
O1 - Hosts: 62.128.227.125 ftp.securityresponse.symantec.com
O1 - Hosts: 232.156.106.253 ftp.sophos.com
O1 - Hosts: 67.171.151.210 ftp.symantec.com
O1 - Hosts: 128.19.195.87 ftp.symantecliveupdate.com
O1 - Hosts: 169.133.56.21 ftp.symatec.com
O1 - Hosts: 172.155.123.197 ftp.trendmicro.com
O1 - Hosts: 82.108.39.205 ftp.uk.trendmicro-europe.com
O1 - Hosts: 158.99.250.84 ftp.update.symantec.com
O1 - Hosts: 47.184.185.60 ftp.updates.symantec.com
O1 - Hosts: 124.75.140.28 ftp.updates1.kaspersky-labs.com
O1 - Hosts: 161.208.130.12 ftp.updates2.kaspersky-labs.com
O1 - Hosts: 157.0.208.74 ftp.updates3.kaspersky-labs.com
O1 - Hosts: 21.198.249.166 ftp.updates4.kaspersky-labs.com
O1 - Hosts: 152.157.134.49 ftp.us.mcafee.com
O1 - Hosts: 249.135.229.9 ftp.viruslist.com
O1 - Hosts: 33.102.167.105 grisoft.com
O1 - Hosts: 133.149.35.175 kaspersky.com
O1 - Hosts: 45.10.76.9 kaspersky-labs.com
O1 - Hosts: 203.219.47.141 liveupdate.symantec.com
O1 - Hosts: 123.126.231.223 liveupdate.symantecliveupdate.com
O1 - Hosts: 30.139.11.31 mast.mcafee.com
O1 - Hosts: 216.98.78.80 mcafee.com
O1 - Hosts: 196.134.236.251 my-etrust.com
O1 - Hosts: 191.244.16.42 nai.com
O1 - Hosts: 127.227.62.132 networkassociates.com
O1 - Hosts: 68.31.28.40 norton.com
O1 - Hosts: 93.122.111.30 pandasoftware.com
O1 - Hosts: 207.6.65.228 rads.mcafee.com
O1 - Hosts: 93.127.147.251 sandbox.norman.com
O1 - Hosts: 47.51.111.121 secure.nai.com
O1 - Hosts: 104.183.214.123 securityresponse.symantec.com
O1 - Hosts: 109.203.212.151 sophos.com
O1 - Hosts: 143.50.58.10 symantec.com
O1 - Hosts: 0.86.66.193 symantecliveupdate.com
O1 - Hosts: 37.26.166.164 symatec.com
O1 - Hosts: 197.18.104.11 trendmicro.com
O1 - Hosts: 32.21.76.95 uk.trendmicro-europe.com
O1 - Hosts: 210.93.90.230 update.symantec.com
O1 - Hosts: 205.172.210.131 updates.symantec.com
O1 - Hosts: 11.166.236.19 updates1.kaspersky-labs.com
O1 - Hosts: 91.211.91.180 updates2.kaspersky-labs.com
O1 - Hosts: 143.127.90.4 updates3.kaspersky-labs.com
O1 - Hosts: 39.241.208.46 updates4.kaspersky-labs.com
O1 - Hosts: 122.165.60.230 us.mcafee.com
O1 - Hosts: 101.128.4.143 viruslist.com
O1 - Hosts: 111.177.84.56 virusscan.jotti.org
O1 - Hosts: 19.59.165.179 virustotal.com
O1 - Hosts: 242.203.162.229 www.avp.com
O1 - Hosts: 63.223.122.28 www.ca.com
O1 - Hosts: 24.238.83.252 www.customer.symantec.com
O1 - Hosts: 155.247.248.236 www.dispatch.mcafee.com
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [AVG7_EMC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O4 - HKLM\..\Run: [Zone Labs Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [PRONoMgrWired] c:\Program Files\Intel\PROSetWired\NCS\PROSet\PRONoMgr.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [ICQ Lite] C:\Program Files\ICQLite\ICQLite.exe -minimize
O4 - HKLM\..\Run: [Microsoft Anti-Virus] nap32.exe
O4 - HKLM\..\Run: [Microsoft Task Driver] windrv.exe
O4 - HKLM\..\Run: [Intec Service Drivers] msconfig32x.exe
O4 - HKLM\..\RunServices: [Microsoft Anti-Virus] nap32.exe
O4 - HKLM\..\RunServices: [Microsoft Task Driver] windrv.exe
O4 - HKLM\..\RunServices: [Intec Service Drivers] msconfig32x.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ServUTrayIcon] D:\Program Files\Serv-U\ServUTray.exe
O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart
O4 - HKCU\..\Run: [Microsoft Task Driver] windrv.exe
O4 - HKCU\..\Run: [Microsoft Anti-Virus] nap32.exe
O4 - HKCU\..\Run: [Intec Service Drivers] msconfig32x.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\RunServices: [Microsoft Task Driver] windrv.exe
O4 - HKCU\..\RunServices: [Intec Service Drivers] msconfig32x.exe
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: Traffic Counter.lnk = D:\Program Files\TrafficCounter\TrafficCounter.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {54B52E52-8000-4413-BD67-FC7FE24B59F2} (EARTPatchX Class) - http://files.ea.com/downloads/rtpatch/v2/EARTPX.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Contro...
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://drivers1.free.fr/hardwaredetection.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDown...
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: clmss (Content List Management Sub System) - Unknown owner - C:\WINDOWS\clmss.exe
O23 - Service: ewido security suite control - ewido networks - D:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - D:\Program Files\ewido anti-malware\ewidoguard.exe
O23 - Service: Icecast Media Server (Icecast) - Unknown owner - C:\Program Files\Icecast2 Win32\icecastService.exe" "C:\Program Files\Icecast2 Win32 (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Unknown owner - C:\Program Files\iPod\bin\iPodService.exe (file missing)
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Fichiers communs\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - c:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: sdktemp - Unknown owner - C:\WINDOWS\sdktemp.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
O23 - Service: Windows Ms Root - Unknown owner - C:\WINDOWS\msroot.exe
O23 - Service: XP Service (xpsvc) - Unknown owner - C:\WINDOWS\
J'ai trouvé un article de Symatec(( http://securityresponse.symantec.com/avcenter/venc/data...) , j'ai tout essayé et ca marche pas ! Si quelqu'un peu m'aider....
Mon AVG détecte deux Virus hpdriver.sys et rdriv.sys. Incapable de les suprimer , il réaparraise toujours ! Pourtant avant de vouloir tuer le virus j'ai désactivé la resauration systeme...
J'ai essayer d'aller en Mode sans échec.aller supremier les mauvaise clé dans le registre et les truc au démarrage mais a chaque fois que je redemarre le virus revient....... J'ai essayer Spybot, AVG ,Ewido, Easy Cleaner. Le virus revient toujours !
Merci.
Logfile of HijackThis v1.99.1
Scan saved at 15:09:37, on 2006-05-09
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\ATKKBService.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\Program Files\MessengerPlus! 3\MsgPlus.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
D:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\Program Files\Intel\PROSetWired\NCS\PROSet\PRONoMgr.exe
C:\Program Files\ICQLite\ICQLite.exe
C:\WINDOWS\system32\nap32.exe
D:\Program Files\ewido anti-malware\ewidoguard.exe
C:\WINDOWS\system32\windrv.exe
C:\Program Files\Icecast2 Win32\icecastService.exe
C:\WINDOWS\msconfig32x.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
D:\Program Files\Serv-U\ServUTray.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
D:\Program Files\TrafficCounter\TrafficCounter.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Documents and Settings\etienne\Local Settings\Temporary Internet Files\Content.IE5\4KB9L5E6\HijackThis[1].exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.ca/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O1 - Hosts: 165.57.190.50 avp.com
O1 - Hosts: 43.48.157.80 ca.com
O1 - Hosts: 201.83.183.131 customer.symantec.com
O1 - Hosts: 124.4.70.246 dispatch.mcafee.com
O1 - Hosts: 214.123.9.155 download.mcafee.com
O1 - Hosts: 105.111.114.181 downloads1.kaspersky-labs.com
O1 - Hosts: 209.80.57.69 downloads2.kaspersky-labs.com
O1 - Hosts: 233.216.181.216 downloads3.kaspersky-labs.com
O1 - Hosts: 36.214.114.31 downloads4.kaspersky-labs.com
O1 - Hosts: 144.119.74.207 downloads-eu1.kaspersky-labs.com
O1 - Hosts: 158.114.132.188 downloads-eu2.kaspersky-labs.com
O1 - Hosts: 252.90.193.155 downloads-eu3.kaspersky-labs.com
O1 - Hosts: 80.123.180.229 downloads-eu4.kaspersky-labs.com
O1 - Hosts: 16.0.244.86 downloads-us1.kaspersky-labs.com
O1 - Hosts: 173.85.221.99 downloads-us2.kaspersky-labs.com
O1 - Hosts: 128.119.210.67 downloads-us3.kaspersky-labs.com
O1 - Hosts: 125.37.222.210 downloads-us4.kaspersky-labs.com
O1 - Hosts: 51.159.245.111 f-secure.com
O1 - Hosts: 36.9.223.23 ftp.avp.com
O1 - Hosts: 104.102.142.104 ftp.ca.com
O1 - Hosts: 53.235.94.80 ftp.customer.symantec.com
O1 - Hosts: 55.160.151.124 ftp.dispatch.mcafee.com
O1 - Hosts: 215.225.144.103 ftp.download.mcafee.com
O1 - Hosts: 220.243.100.14 ftp.downloads1.kaspersky-labs.com
O1 - Hosts: 125.149.20.39 ftp.downloads2.kaspersky-labs.com
O1 - Hosts: 87.201.246.114 ftp.downloads3.kaspersky-labs.com
O1 - Hosts: 99.73.238.103 ftp.downloads4.kaspersky-labs.com
O1 - Hosts: 207.86.165.105 ftp.downloads-eu1.kaspersky-labs.com
O1 - Hosts: 231.98.95.71 ftp.downloads-eu2.kaspersky-labs.com
O1 - Hosts: 93.178.25.158 ftp.downloads-eu3.kaspersky-labs.com
O1 - Hosts: 50.139.1.121 ftp.downloads-eu4.kaspersky-labs.com
O1 - Hosts: 137.125.14.184 ftp.downloads-us1.kaspersky-labs.com
O1 - Hosts: 160.95.180.28 ftp.downloads-us2.kaspersky-labs.com
O1 - Hosts: 179.149.245.1 ftp.downloads-us3.kaspersky-labs.com
O1 - Hosts: 148.170.104.164 ftp.downloads-us4.kaspersky-labs.com
O1 - Hosts: 185.95.88.15 ftp.f-secure.com
O1 - Hosts: 127.54.165.91 ftp.grisoft.com
O1 - Hosts: 116.155.14.20 ftp.kaspersky.com
O1 - Hosts: 206.43.111.226 ftp.kaspersky-labs.com
O1 - Hosts: 134.75.73.166 ftp.liveupdate.symantec.com
O1 - Hosts: 25.124.247.84 ftp.liveupdate.symantecliveupdate.com
O1 - Hosts: 118.44.114.165 ftp.mast.mcafee.com
O1 - Hosts: 167.231.154.108 ftp.mcafee.com
O1 - Hosts: 29.56.71.46 ftp.my-etrust.com
O1 - Hosts: 73.131.49.193 ftp.nai.com
O1 - Hosts: 225.193.221.28 ftp.networkassociates.com
O1 - Hosts: 247.94.52.16 ftp.norton.com
O1 - Hosts: 69.149.226.29 ftp.rads.mcafee.com
O1 - Hosts: 202.170.168.150 ftp.sandbox.norman.com
O1 - Hosts: 189.182.188.80 ftp.secure.nai.com
O1 - Hosts: 62.128.227.125 ftp.securityresponse.symantec.com
O1 - Hosts: 232.156.106.253 ftp.sophos.com
O1 - Hosts: 67.171.151.210 ftp.symantec.com
O1 - Hosts: 128.19.195.87 ftp.symantecliveupdate.com
O1 - Hosts: 169.133.56.21 ftp.symatec.com
O1 - Hosts: 172.155.123.197 ftp.trendmicro.com
O1 - Hosts: 82.108.39.205 ftp.uk.trendmicro-europe.com
O1 - Hosts: 158.99.250.84 ftp.update.symantec.com
O1 - Hosts: 47.184.185.60 ftp.updates.symantec.com
O1 - Hosts: 124.75.140.28 ftp.updates1.kaspersky-labs.com
O1 - Hosts: 161.208.130.12 ftp.updates2.kaspersky-labs.com
O1 - Hosts: 157.0.208.74 ftp.updates3.kaspersky-labs.com
O1 - Hosts: 21.198.249.166 ftp.updates4.kaspersky-labs.com
O1 - Hosts: 152.157.134.49 ftp.us.mcafee.com
O1 - Hosts: 249.135.229.9 ftp.viruslist.com
O1 - Hosts: 33.102.167.105 grisoft.com
O1 - Hosts: 133.149.35.175 kaspersky.com
O1 - Hosts: 45.10.76.9 kaspersky-labs.com
O1 - Hosts: 203.219.47.141 liveupdate.symantec.com
O1 - Hosts: 123.126.231.223 liveupdate.symantecliveupdate.com
O1 - Hosts: 30.139.11.31 mast.mcafee.com
O1 - Hosts: 216.98.78.80 mcafee.com
O1 - Hosts: 196.134.236.251 my-etrust.com
O1 - Hosts: 191.244.16.42 nai.com
O1 - Hosts: 127.227.62.132 networkassociates.com
O1 - Hosts: 68.31.28.40 norton.com
O1 - Hosts: 93.122.111.30 pandasoftware.com
O1 - Hosts: 207.6.65.228 rads.mcafee.com
O1 - Hosts: 93.127.147.251 sandbox.norman.com
O1 - Hosts: 47.51.111.121 secure.nai.com
O1 - Hosts: 104.183.214.123 securityresponse.symantec.com
O1 - Hosts: 109.203.212.151 sophos.com
O1 - Hosts: 143.50.58.10 symantec.com
O1 - Hosts: 0.86.66.193 symantecliveupdate.com
O1 - Hosts: 37.26.166.164 symatec.com
O1 - Hosts: 197.18.104.11 trendmicro.com
O1 - Hosts: 32.21.76.95 uk.trendmicro-europe.com
O1 - Hosts: 210.93.90.230 update.symantec.com
O1 - Hosts: 205.172.210.131 updates.symantec.com
O1 - Hosts: 11.166.236.19 updates1.kaspersky-labs.com
O1 - Hosts: 91.211.91.180 updates2.kaspersky-labs.com
O1 - Hosts: 143.127.90.4 updates3.kaspersky-labs.com
O1 - Hosts: 39.241.208.46 updates4.kaspersky-labs.com
O1 - Hosts: 122.165.60.230 us.mcafee.com
O1 - Hosts: 101.128.4.143 viruslist.com
O1 - Hosts: 111.177.84.56 virusscan.jotti.org
O1 - Hosts: 19.59.165.179 virustotal.com
O1 - Hosts: 242.203.162.229 www.avp.com
O1 - Hosts: 63.223.122.28 www.ca.com
O1 - Hosts: 24.238.83.252 www.customer.symantec.com
O1 - Hosts: 155.247.248.236 www.dispatch.mcafee.com
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [AVG7_EMC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O4 - HKLM\..\Run: [Zone Labs Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [PRONoMgrWired] c:\Program Files\Intel\PROSetWired\NCS\PROSet\PRONoMgr.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [ICQ Lite] C:\Program Files\ICQLite\ICQLite.exe -minimize
O4 - HKLM\..\Run: [Microsoft Anti-Virus] nap32.exe
O4 - HKLM\..\Run: [Microsoft Task Driver] windrv.exe
O4 - HKLM\..\Run: [Intec Service Drivers] msconfig32x.exe
O4 - HKLM\..\RunServices: [Microsoft Anti-Virus] nap32.exe
O4 - HKLM\..\RunServices: [Microsoft Task Driver] windrv.exe
O4 - HKLM\..\RunServices: [Intec Service Drivers] msconfig32x.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ServUTrayIcon] D:\Program Files\Serv-U\ServUTray.exe
O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart
O4 - HKCU\..\Run: [Microsoft Task Driver] windrv.exe
O4 - HKCU\..\Run: [Microsoft Anti-Virus] nap32.exe
O4 - HKCU\..\Run: [Intec Service Drivers] msconfig32x.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\RunServices: [Microsoft Task Driver] windrv.exe
O4 - HKCU\..\RunServices: [Intec Service Drivers] msconfig32x.exe
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: Traffic Counter.lnk = D:\Program Files\TrafficCounter\TrafficCounter.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {54B52E52-8000-4413-BD67-FC7FE24B59F2} (EARTPatchX Class) - http://files.ea.com/downloads/rtpatch/v2/EARTPX.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Contro...
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://drivers1.free.fr/hardwaredetection.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDown...
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: clmss (Content List Management Sub System) - Unknown owner - C:\WINDOWS\clmss.exe
O23 - Service: ewido security suite control - ewido networks - D:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - D:\Program Files\ewido anti-malware\ewidoguard.exe
O23 - Service: Icecast Media Server (Icecast) - Unknown owner - C:\Program Files\Icecast2 Win32\icecastService.exe" "C:\Program Files\Icecast2 Win32 (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Unknown owner - C:\Program Files\iPod\bin\iPodService.exe (file missing)
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Fichiers communs\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - c:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: sdktemp - Unknown owner - C:\WINDOWS\sdktemp.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
O23 - Service: Windows Ms Root - Unknown owner - C:\WINDOWS\msroot.exe
O23 - Service: XP Service (xpsvc) - Unknown owner - C:\WINDOWS\
Autres pages sur : virus chieux
Lassé par la pub ? Créez un compte
Pas mal d'infection on commence par les Host.
Télécharge
Hoster - Toadbee:
http://www.funkytoad.com/download/hoster.zip
Ccleaner
Installe le dans un répertoire dédié.
Ewido
Installe le puis mets le à jour.
1/ Redémarre en mode sans échec
/!\ Tu n'as pas accès à Internet dans ce mode, note bien les instructions /!\
2/ Lance Hijackthis ->Do a system scan only
->Coche les lignes puis Fix checked
O1 - Hosts: 165.57.190.50 avp.com
O1 - Hosts: 43.48.157.80 ca.com
O1 - Hosts: 201.83.183.131 customer.symantec.com
O1 - Hosts: 124.4.70.246 dispatch.mcafee.com
O1 - Hosts: 214.123.9.155 download.mcafee.com
O1 - Hosts: 105.111.114.181 downloads1.kaspersky-labs.com
O1 - Hosts: 209.80.57.69 downloads2.kaspersky-labs.com
O1 - Hosts: 233.216.181.216 downloads3.kaspersky-labs.com
O1 - Hosts: 36.214.114.31 downloads4.kaspersky-labs.com
O1 - Hosts: 144.119.74.207 downloads-eu1.kaspersky-labs.com
O1 - Hosts: 158.114.132.188 downloads-eu2.kaspersky-labs.com
O1 - Hosts: 252.90.193.155 downloads-eu3.kaspersky-labs.com
O1 - Hosts: 80.123.180.229 downloads-eu4.kaspersky-labs.com
O1 - Hosts: 16.0.244.86 downloads-us1.kaspersky-labs.com
O1 - Hosts: 173.85.221.99 downloads-us2.kaspersky-labs.com
O1 - Hosts: 128.119.210.67 downloads-us3.kaspersky-labs.com
O1 - Hosts: 125.37.222.210 downloads-us4.kaspersky-labs.com
O1 - Hosts: 51.159.245.111 f-secure.com
O1 - Hosts: 36.9.223.23 ftp.avp.com
O1 - Hosts: 104.102.142.104 ftp.ca.com
O1 - Hosts: 53.235.94.80 ftp.customer.symantec.com
O1 - Hosts: 55.160.151.124 ftp.dispatch.mcafee.com
O1 - Hosts: 215.225.144.103 ftp.download.mcafee.com
O1 - Hosts: 220.243.100.14 ftp.downloads1.kaspersky-labs.com
O1 - Hosts: 125.149.20.39 ftp.downloads2.kaspersky-labs.com
O1 - Hosts: 87.201.246.114 ftp.downloads3.kaspersky-labs.com
O1 - Hosts: 99.73.238.103 ftp.downloads4.kaspersky-labs.com
O1 - Hosts: 207.86.165.105 ftp.downloads-eu1.kaspersky-labs.com
O1 - Hosts: 231.98.95.71 ftp.downloads-eu2.kaspersky-labs.com
O1 - Hosts: 93.178.25.158 ftp.downloads-eu3.kaspersky-labs.com
O1 - Hosts: 50.139.1.121 ftp.downloads-eu4.kaspersky-labs.com
O1 - Hosts: 137.125.14.184 ftp.downloads-us1.kaspersky-labs.com
O1 - Hosts: 160.95.180.28 ftp.downloads-us2.kaspersky-labs.com
O1 - Hosts: 179.149.245.1 ftp.downloads-us3.kaspersky-labs.com
O1 - Hosts: 148.170.104.164 ftp.downloads-us4.kaspersky-labs.com
O1 - Hosts: 185.95.88.15 ftp.f-secure.com
O1 - Hosts: 127.54.165.91 ftp.grisoft.com
O1 - Hosts: 116.155.14.20 ftp.kaspersky.com
O1 - Hosts: 206.43.111.226 ftp.kaspersky-labs.com
O1 - Hosts: 134.75.73.166 ftp.liveupdate.symantec.com
O1 - Hosts: 25.124.247.84 ftp.liveupdate.symantecliveupdate.com
O1 - Hosts: 118.44.114.165 ftp.mast.mcafee.com
O1 - Hosts: 167.231.154.108 ftp.mcafee.com
O1 - Hosts: 29.56.71.46 ftp.my-etrust.com
O1 - Hosts: 73.131.49.193 ftp.nai.com
O1 - Hosts: 225.193.221.28 ftp.networkassociates.com
O1 - Hosts: 247.94.52.16 ftp.norton.com
O1 - Hosts: 69.149.226.29 ftp.rads.mcafee.com
O1 - Hosts: 202.170.168.150 ftp.sandbox.norman.com
O1 - Hosts: 189.182.188.80 ftp.secure.nai.com
O1 - Hosts: 62.128.227.125 ftp.securityresponse.symantec.com
O1 - Hosts: 232.156.106.253 ftp.sophos.com
O1 - Hosts: 67.171.151.210 ftp.symantec.com
O1 - Hosts: 128.19.195.87 ftp.symantecliveupdate.com
O1 - Hosts: 169.133.56.21 ftp.symatec.com
O1 - Hosts: 172.155.123.197 ftp.trendmicro.com
O1 - Hosts: 82.108.39.205 ftp.uk.trendmicro-europe.com
O1 - Hosts: 158.99.250.84 ftp.update.symantec.com
O1 - Hosts: 47.184.185.60 ftp.updates.symantec.com
O1 - Hosts: 124.75.140.28 ftp.updates1.kaspersky-labs.com
O1 - Hosts: 161.208.130.12 ftp.updates2.kaspersky-labs.com
O1 - Hosts: 157.0.208.74 ftp.updates3.kaspersky-labs.com
O1 - Hosts: 21.198.249.166 ftp.updates4.kaspersky-labs.com
O1 - Hosts: 152.157.134.49 ftp.us.mcafee.com
O1 - Hosts: 249.135.229.9 ftp.viruslist.com
O1 - Hosts: 33.102.167.105 grisoft.com
O1 - Hosts: 133.149.35.175 kaspersky.com
O1 - Hosts: 45.10.76.9 kaspersky-labs.com
O1 - Hosts: 203.219.47.141 liveupdate.symantec.com
O1 - Hosts: 123.126.231.223 liveupdate.symantecliveupdate.com
O1 - Hosts: 30.139.11.31 mast.mcafee.com
O1 - Hosts: 216.98.78.80 mcafee.com
O1 - Hosts: 196.134.236.251 my-etrust.com
O1 - Hosts: 191.244.16.42 nai.com
O1 - Hosts: 127.227.62.132 networkassociates.com
O1 - Hosts: 68.31.28.40 norton.com
O1 - Hosts: 93.122.111.30 pandasoftware.com
O1 - Hosts: 207.6.65.228 rads.mcafee.com
O1 - Hosts: 93.127.147.251 sandbox.norman.com
O1 - Hosts: 47.51.111.121 secure.nai.com
O1 - Hosts: 104.183.214.123 securityresponse.symantec.com
O1 - Hosts: 109.203.212.151 sophos.com
O1 - Hosts: 143.50.58.10 symantec.com
O1 - Hosts: 0.86.66.193 symantecliveupdate.com
O1 - Hosts: 37.26.166.164 symatec.com
O1 - Hosts: 197.18.104.11 trendmicro.com
O1 - Hosts: 32.21.76.95 uk.trendmicro-europe.com
O1 - Hosts: 210.93.90.230 update.symantec.com
O1 - Hosts: 205.172.210.131 updates.symantec.com
O1 - Hosts: 11.166.236.19 updates1.kaspersky-labs.com
O1 - Hosts: 91.211.91.180 updates2.kaspersky-labs.com
O1 - Hosts: 143.127.90.4 updates3.kaspersky-labs.com
O1 - Hosts: 39.241.208.46 updates4.kaspersky-labs.com
O1 - Hosts: 122.165.60.230 us.mcafee.com
O1 - Hosts: 101.128.4.143 viruslist.com
O1 - Hosts: 111.177.84.56 virusscan.jotti.org
O1 - Hosts: 19.59.165.179 virustotal.com
O1 - Hosts: 242.203.162.229 www.avp.com
O1 - Hosts: 63.223.122.28 www.ca.com
O1 - Hosts: 24.238.83.252 www.customer.symantec.com
O1 - Hosts: 155.247.248.236 www.dispatch.mcafee.com
3/ Lance Hoster - Toadbee et clique sur " Restore original Hosts "
4/ Lance un nettoyage Ccleaner
5/ Lance Ewido puis mets le à jour.
Fais un Scan complet du système.
Sauvegarde puis colle le rappport.
6/ Poste un nouveau log Hijackthis
Télécharge
Hoster - Toadbee:
http://www.funkytoad.com/download/hoster.zip
Ccleaner
Installe le dans un répertoire dédié.
Ewido
Installe le puis mets le à jour.
1/ Redémarre en mode sans échec
/!\ Tu n'as pas accès à Internet dans ce mode, note bien les instructions /!\
2/ Lance Hijackthis ->Do a system scan only
->Coche les lignes puis Fix checked
O1 - Hosts: 165.57.190.50 avp.com
O1 - Hosts: 43.48.157.80 ca.com
O1 - Hosts: 201.83.183.131 customer.symantec.com
O1 - Hosts: 124.4.70.246 dispatch.mcafee.com
O1 - Hosts: 214.123.9.155 download.mcafee.com
O1 - Hosts: 105.111.114.181 downloads1.kaspersky-labs.com
O1 - Hosts: 209.80.57.69 downloads2.kaspersky-labs.com
O1 - Hosts: 233.216.181.216 downloads3.kaspersky-labs.com
O1 - Hosts: 36.214.114.31 downloads4.kaspersky-labs.com
O1 - Hosts: 144.119.74.207 downloads-eu1.kaspersky-labs.com
O1 - Hosts: 158.114.132.188 downloads-eu2.kaspersky-labs.com
O1 - Hosts: 252.90.193.155 downloads-eu3.kaspersky-labs.com
O1 - Hosts: 80.123.180.229 downloads-eu4.kaspersky-labs.com
O1 - Hosts: 16.0.244.86 downloads-us1.kaspersky-labs.com
O1 - Hosts: 173.85.221.99 downloads-us2.kaspersky-labs.com
O1 - Hosts: 128.119.210.67 downloads-us3.kaspersky-labs.com
O1 - Hosts: 125.37.222.210 downloads-us4.kaspersky-labs.com
O1 - Hosts: 51.159.245.111 f-secure.com
O1 - Hosts: 36.9.223.23 ftp.avp.com
O1 - Hosts: 104.102.142.104 ftp.ca.com
O1 - Hosts: 53.235.94.80 ftp.customer.symantec.com
O1 - Hosts: 55.160.151.124 ftp.dispatch.mcafee.com
O1 - Hosts: 215.225.144.103 ftp.download.mcafee.com
O1 - Hosts: 220.243.100.14 ftp.downloads1.kaspersky-labs.com
O1 - Hosts: 125.149.20.39 ftp.downloads2.kaspersky-labs.com
O1 - Hosts: 87.201.246.114 ftp.downloads3.kaspersky-labs.com
O1 - Hosts: 99.73.238.103 ftp.downloads4.kaspersky-labs.com
O1 - Hosts: 207.86.165.105 ftp.downloads-eu1.kaspersky-labs.com
O1 - Hosts: 231.98.95.71 ftp.downloads-eu2.kaspersky-labs.com
O1 - Hosts: 93.178.25.158 ftp.downloads-eu3.kaspersky-labs.com
O1 - Hosts: 50.139.1.121 ftp.downloads-eu4.kaspersky-labs.com
O1 - Hosts: 137.125.14.184 ftp.downloads-us1.kaspersky-labs.com
O1 - Hosts: 160.95.180.28 ftp.downloads-us2.kaspersky-labs.com
O1 - Hosts: 179.149.245.1 ftp.downloads-us3.kaspersky-labs.com
O1 - Hosts: 148.170.104.164 ftp.downloads-us4.kaspersky-labs.com
O1 - Hosts: 185.95.88.15 ftp.f-secure.com
O1 - Hosts: 127.54.165.91 ftp.grisoft.com
O1 - Hosts: 116.155.14.20 ftp.kaspersky.com
O1 - Hosts: 206.43.111.226 ftp.kaspersky-labs.com
O1 - Hosts: 134.75.73.166 ftp.liveupdate.symantec.com
O1 - Hosts: 25.124.247.84 ftp.liveupdate.symantecliveupdate.com
O1 - Hosts: 118.44.114.165 ftp.mast.mcafee.com
O1 - Hosts: 167.231.154.108 ftp.mcafee.com
O1 - Hosts: 29.56.71.46 ftp.my-etrust.com
O1 - Hosts: 73.131.49.193 ftp.nai.com
O1 - Hosts: 225.193.221.28 ftp.networkassociates.com
O1 - Hosts: 247.94.52.16 ftp.norton.com
O1 - Hosts: 69.149.226.29 ftp.rads.mcafee.com
O1 - Hosts: 202.170.168.150 ftp.sandbox.norman.com
O1 - Hosts: 189.182.188.80 ftp.secure.nai.com
O1 - Hosts: 62.128.227.125 ftp.securityresponse.symantec.com
O1 - Hosts: 232.156.106.253 ftp.sophos.com
O1 - Hosts: 67.171.151.210 ftp.symantec.com
O1 - Hosts: 128.19.195.87 ftp.symantecliveupdate.com
O1 - Hosts: 169.133.56.21 ftp.symatec.com
O1 - Hosts: 172.155.123.197 ftp.trendmicro.com
O1 - Hosts: 82.108.39.205 ftp.uk.trendmicro-europe.com
O1 - Hosts: 158.99.250.84 ftp.update.symantec.com
O1 - Hosts: 47.184.185.60 ftp.updates.symantec.com
O1 - Hosts: 124.75.140.28 ftp.updates1.kaspersky-labs.com
O1 - Hosts: 161.208.130.12 ftp.updates2.kaspersky-labs.com
O1 - Hosts: 157.0.208.74 ftp.updates3.kaspersky-labs.com
O1 - Hosts: 21.198.249.166 ftp.updates4.kaspersky-labs.com
O1 - Hosts: 152.157.134.49 ftp.us.mcafee.com
O1 - Hosts: 249.135.229.9 ftp.viruslist.com
O1 - Hosts: 33.102.167.105 grisoft.com
O1 - Hosts: 133.149.35.175 kaspersky.com
O1 - Hosts: 45.10.76.9 kaspersky-labs.com
O1 - Hosts: 203.219.47.141 liveupdate.symantec.com
O1 - Hosts: 123.126.231.223 liveupdate.symantecliveupdate.com
O1 - Hosts: 30.139.11.31 mast.mcafee.com
O1 - Hosts: 216.98.78.80 mcafee.com
O1 - Hosts: 196.134.236.251 my-etrust.com
O1 - Hosts: 191.244.16.42 nai.com
O1 - Hosts: 127.227.62.132 networkassociates.com
O1 - Hosts: 68.31.28.40 norton.com
O1 - Hosts: 93.122.111.30 pandasoftware.com
O1 - Hosts: 207.6.65.228 rads.mcafee.com
O1 - Hosts: 93.127.147.251 sandbox.norman.com
O1 - Hosts: 47.51.111.121 secure.nai.com
O1 - Hosts: 104.183.214.123 securityresponse.symantec.com
O1 - Hosts: 109.203.212.151 sophos.com
O1 - Hosts: 143.50.58.10 symantec.com
O1 - Hosts: 0.86.66.193 symantecliveupdate.com
O1 - Hosts: 37.26.166.164 symatec.com
O1 - Hosts: 197.18.104.11 trendmicro.com
O1 - Hosts: 32.21.76.95 uk.trendmicro-europe.com
O1 - Hosts: 210.93.90.230 update.symantec.com
O1 - Hosts: 205.172.210.131 updates.symantec.com
O1 - Hosts: 11.166.236.19 updates1.kaspersky-labs.com
O1 - Hosts: 91.211.91.180 updates2.kaspersky-labs.com
O1 - Hosts: 143.127.90.4 updates3.kaspersky-labs.com
O1 - Hosts: 39.241.208.46 updates4.kaspersky-labs.com
O1 - Hosts: 122.165.60.230 us.mcafee.com
O1 - Hosts: 101.128.4.143 viruslist.com
O1 - Hosts: 111.177.84.56 virusscan.jotti.org
O1 - Hosts: 19.59.165.179 virustotal.com
O1 - Hosts: 242.203.162.229 www.avp.com
O1 - Hosts: 63.223.122.28 www.ca.com
O1 - Hosts: 24.238.83.252 www.customer.symantec.com
O1 - Hosts: 155.247.248.236 www.dispatch.mcafee.com
3/ Lance Hoster - Toadbee et clique sur " Restore original Hosts "
4/ Lance un nettoyage Ccleaner
5/ Lance Ewido puis mets le à jour.
Fais un Scan complet du système.
Sauvegarde puis colle le rappport.
6/ Poste un nouveau log Hijackthis
Voila . Le Virus est encore présent que Mon AVg me dit . J'ai redemarré XP et tout est réapparu. Je suis meme incapable maintenant de partir HijackThis il ferme automatique . J'ai faites mon HijackThis avant de redemarrer l'ordi. Donc en mode sans Échec.Ca me fais la meme chose pour Regedit et Msconfig ( Les commandes depuis le début ) J'ai essayé un tool de symantec pour regler ca , ca marche pas.
Logfile of HijackThis v1.99.1
Scan saved at 21:07:32, on 2006-05-09
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Documents and Settings\etienne\Bureau\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://192.168.0.1/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [AVG7_EMC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O4 - HKLM\..\Run: [Zone Labs Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [PRONoMgrWired] c:\Program Files\Intel\PROSetWired\NCS\PROSet\PRONoMgr.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [ICQ Lite] C:\Program Files\ICQLite\ICQLite.exe -minimize
O4 - HKLM\..\Run: [Microsoft Anti-Virus] nap32.exe
O4 - HKLM\..\Run: [Microsoft Task Driver] windrv.exe
O4 - HKLM\..\Run: [Intec Service Drivers] msconfig32x.exe
O4 - HKLM\..\RunServices: [Microsoft Anti-Virus] nap32.exe
O4 - HKLM\..\RunServices: [Microsoft Task Driver] windrv.exe
O4 - HKLM\..\RunServices: [Intec Service Drivers] msconfig32x.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Microsoft Task Driver] windrv.exe
O4 - HKCU\..\Run: [Microsoft Anti-Virus] nap32.exe
O4 - HKCU\..\Run: [Intec Service Drivers] msconfig32x.exe
O4 - HKCU\..\RunServices: [Microsoft Task Driver] windrv.exe
O4 - HKCU\..\RunServices: [Intec Service Drivers] msconfig32x.exe
O4 - HKCU\..\RunOnce: [ICQ Lite] C:\Program Files\ICQLite\ICQLite.exe -trayboot
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {54B52E52-8000-4413-BD67-FC7FE24B59F2} (EARTPatchX Class) - http://files.ea.com/downloads/rtpatch/v2/EARTPX.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Contro...
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://drivers1.free.fr/hardwaredetection.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDown...
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: clmss (Content List Management Sub System) - Unknown owner - C:\WINDOWS\clmss.exe
O23 - Service: ewido security suite control - ewido networks - D:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - D:\Program Files\ewido anti-malware\ewidoguard.exe
O23 - Service: Icecast Media Server (Icecast) - Unknown owner - C:\Program Files\Icecast2 Win32\icecastService.exe" "C:\Program Files\Icecast2 Win32 (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Unknown owner - C:\Program Files\iPod\bin\iPodService.exe (file missing)
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Fichiers communs\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - c:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: sdktemp - Unknown owner - C:\WINDOWS\sdktemp.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
O23 - Service: Windows Ms Root - Unknown owner - C:\WINDOWS\msroot.exe
O23 - Service: XP Service (xpsvc) - Unknown owner - C:\WINDOWS\
---------------------------------------------------------
ewido anti-malware - Rapport de scan
---------------------------------------------------------
+ Créé le: 21:03:21, 2006-05-09
+ Somme de contrôle: 5513B7FD
+ Résultats du scan:
:mozilla.10:C:\Documents and Settings\etienne\Application Data\Mozilla\Firefox\Profiles\qezirnzx.default\cookies.txt -> TrackingCookie.Atdmt : Nettoyer et sauvegarder
:mozilla.33:C:\Documents and Settings\etienne\Application Data\Mozilla\Firefox\Profiles\qezirnzx.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyer et sauvegarder
:mozilla.34:C:\Documents and Settings\etienne\Application Data\Mozilla\Firefox\Profiles\qezirnzx.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyer et sauvegarder
:mozilla.35:C:\Documents and Settings\etienne\Application Data\Mozilla\Firefox\Profiles\qezirnzx.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyer et sauvegarder
:mozilla.36:C:\Documents and Settings\etienne\Application Data\Mozilla\Firefox\Profiles\qezirnzx.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyer et sauvegarder
:mozilla.39:C:\Documents and Settings\etienne\Application Data\Mozilla\Firefox\Profiles\qezirnzx.default\cookies.txt -> TrackingCookie.Bluestreak : Nettoyer et sauvegarder
:mozilla.40:C:\Documents and Settings\etienne\Application Data\Mozilla\Firefox\Profiles\qezirnzx.default\cookies.txt -> TrackingCookie.Tradedoubler : Nettoyer et sauvegarder
C:\Documents and Settings\etienne\Cookies\étienne@2o7[1].txt -> TrackingCookie.2o7 : Nettoyer et sauvegarder
C:\Documents and Settings\etienne\Cookies\étienne@bluestreak[1].txt -> TrackingCookie.Bluestreak : Nettoyer et sauvegarder
C:\Documents and Settings\etienne\Cookies\étienne@tradedoubler[1].txt -> TrackingCookie.Tradedoubler : Nettoyer et sauvegarder
C:\WINDOWS\system32\hpdriver.sys -> Rootkit.Agent.ae : Nettoyer et sauvegarder
C:\WINDOWS\system32\rdriv.sys -> Rootkit.Agent.o : Nettoyer et sauvegarder
::Fin du rapport
Logfile of HijackThis v1.99.1
Scan saved at 21:07:32, on 2006-05-09
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Documents and Settings\etienne\Bureau\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://192.168.0.1/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [AVG7_EMC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O4 - HKLM\..\Run: [Zone Labs Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [PRONoMgrWired] c:\Program Files\Intel\PROSetWired\NCS\PROSet\PRONoMgr.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [ICQ Lite] C:\Program Files\ICQLite\ICQLite.exe -minimize
O4 - HKLM\..\Run: [Microsoft Anti-Virus] nap32.exe
O4 - HKLM\..\Run: [Microsoft Task Driver] windrv.exe
O4 - HKLM\..\Run: [Intec Service Drivers] msconfig32x.exe
O4 - HKLM\..\RunServices: [Microsoft Anti-Virus] nap32.exe
O4 - HKLM\..\RunServices: [Microsoft Task Driver] windrv.exe
O4 - HKLM\..\RunServices: [Intec Service Drivers] msconfig32x.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Microsoft Task Driver] windrv.exe
O4 - HKCU\..\Run: [Microsoft Anti-Virus] nap32.exe
O4 - HKCU\..\Run: [Intec Service Drivers] msconfig32x.exe
O4 - HKCU\..\RunServices: [Microsoft Task Driver] windrv.exe
O4 - HKCU\..\RunServices: [Intec Service Drivers] msconfig32x.exe
O4 - HKCU\..\RunOnce: [ICQ Lite] C:\Program Files\ICQLite\ICQLite.exe -trayboot
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {54B52E52-8000-4413-BD67-FC7FE24B59F2} (EARTPatchX Class) - http://files.ea.com/downloads/rtpatch/v2/EARTPX.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Contro...
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://drivers1.free.fr/hardwaredetection.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDown...
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: clmss (Content List Management Sub System) - Unknown owner - C:\WINDOWS\clmss.exe
O23 - Service: ewido security suite control - ewido networks - D:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - D:\Program Files\ewido anti-malware\ewidoguard.exe
O23 - Service: Icecast Media Server (Icecast) - Unknown owner - C:\Program Files\Icecast2 Win32\icecastService.exe" "C:\Program Files\Icecast2 Win32 (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Unknown owner - C:\Program Files\iPod\bin\iPodService.exe (file missing)
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Fichiers communs\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - c:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: sdktemp - Unknown owner - C:\WINDOWS\sdktemp.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
O23 - Service: Windows Ms Root - Unknown owner - C:\WINDOWS\msroot.exe
O23 - Service: XP Service (xpsvc) - Unknown owner - C:\WINDOWS\
---------------------------------------------------------
ewido anti-malware - Rapport de scan
---------------------------------------------------------
+ Créé le: 21:03:21, 2006-05-09
+ Somme de contrôle: 5513B7FD
+ Résultats du scan:
:mozilla.10:C:\Documents and Settings\etienne\Application Data\Mozilla\Firefox\Profiles\qezirnzx.default\cookies.txt -> TrackingCookie.Atdmt : Nettoyer et sauvegarder
:mozilla.33:C:\Documents and Settings\etienne\Application Data\Mozilla\Firefox\Profiles\qezirnzx.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyer et sauvegarder
:mozilla.34:C:\Documents and Settings\etienne\Application Data\Mozilla\Firefox\Profiles\qezirnzx.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyer et sauvegarder
:mozilla.35:C:\Documents and Settings\etienne\Application Data\Mozilla\Firefox\Profiles\qezirnzx.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyer et sauvegarder
:mozilla.36:C:\Documents and Settings\etienne\Application Data\Mozilla\Firefox\Profiles\qezirnzx.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyer et sauvegarder
:mozilla.39:C:\Documents and Settings\etienne\Application Data\Mozilla\Firefox\Profiles\qezirnzx.default\cookies.txt -> TrackingCookie.Bluestreak : Nettoyer et sauvegarder
:mozilla.40:C:\Documents and Settings\etienne\Application Data\Mozilla\Firefox\Profiles\qezirnzx.default\cookies.txt -> TrackingCookie.Tradedoubler : Nettoyer et sauvegarder
C:\Documents and Settings\etienne\Cookies\étienne@2o7[1].txt -> TrackingCookie.2o7 : Nettoyer et sauvegarder
C:\Documents and Settings\etienne\Cookies\étienne@bluestreak[1].txt -> TrackingCookie.Bluestreak : Nettoyer et sauvegarder
C:\Documents and Settings\etienne\Cookies\étienne@tradedoubler[1].txt -> TrackingCookie.Tradedoubler : Nettoyer et sauvegarder
C:\WINDOWS\system32\hpdriver.sys -> Rootkit.Agent.ae : Nettoyer et sauvegarder
C:\WINDOWS\system32\rdriv.sys -> Rootkit.Agent.o : Nettoyer et sauvegarder
::Fin du rapport
1/ Télécharge et installe CCleaner
http://www.clubic.com/telecharger-fiche14492-ccleaner-c...
Télécharge, installe et mets à jour ewido
Pendant l'installation, sur la page "Additional Options" décoche les deux options "Install background guard" et "Install scan via context menu".
http://www.infos-du-net.com/telecharger/Ewido-Security-...
2/ Redémarre en mode sans échec (Pour cela : démarrer le PC en tapotant sur la touche F8 du clavier jusqu'à ce que le menu des options avancées de Windows apparaisse puis avec les touches fléchées du clavier, sélectionner Mode sans échec puis appuyer sur la touche Entrée...)
Attention tu n'as pas accès à Internet dans ce mode donc note ou imprime les consignes qui suivent.
3/ Lance HijackThis
puis --> Do a system scan only
coche les lignes indiquées ci-dessous
puis --> Fix checked
puis oui à la question de confirmation
O4 - HKLM\..\Run: [Microsoft Anti-Virus] nap32.exe
O4 - HKLM\..\Run: [Microsoft Task Driver] windrv.exe
O4 - HKLM\..\Run: [Intec Service Drivers] msconfig32x.exe
O4 - HKLM\..\RunServices: [Microsoft Anti-Virus] nap32.exe
O4 - HKLM\..\RunServices: [Microsoft Task Driver] windrv.exe
O4 - HKLM\..\RunServices: [Intec Service Drivers] msconfig32x.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Microsoft Task Driver] windrv.exe
O4 - HKCU\..\Run: [Microsoft Anti-Virus] nap32.exe
O4 - HKCU\..\Run: [Intec Service Drivers] msconfig32x.exe
O4 - HKCU\..\RunServices: [Microsoft Task Driver] windrv.exe
O4 - HKCU\..\RunServices: [Intec Service Drivers] msconfig32x.exe
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O16 - DPF: {54B52E52-8000-4413-BD67-FC7FE24B59F2} (EARTPatchX Class) - http://files.ea.com/downloads/rtpatch/v2/EARTPX.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Contro...
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://drivers1.free.fr/hardwaredetection.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDown...
O23 - Service: clmss (Content List Management Sub System) - Unknown owner - C:\WINDOWS\clmss.exe
O23 - Service: sdktemp - Unknown owner - C:\WINDOWS\sdktemp.exe
O23 - Service: Windows Ms Root - Unknown owner - C:\WINDOWS\msroot.exe
O23 - Service: XP Service (xpsvc) - Unknown owner - C:\WINDOWS
4/ Assure-toi que tu as accès aux fichiers cachés.
(Démarrer->Poste de travail->Outils->Options des dossiers...->Affichage
"Afficher les fichiers et dossiers cachés" ->coché
"Masquer les extensions des fichiers dont le type est connu" ->décoché
"Masquer les fichiers protégés du système d'exploitation" ->décoché)
5/ ensuite supprime les fichiers et/ou dossiers suivants si présents :
nap32.exe
windrv.exe
msconfig32x.exe
C:\WINDOWS\clmss.exe
C:\WINDOWS\sdktemp.exe
C:\WINDOWS\msroot.exe
6/ / Lance CCleaner puis bouton Analyse ensuite Bouton Lancer le Nettoyage
7/ Lance ewido (Scan complet du système) et supprime tout ce qu'il trouve. Sauvegarde le rapport sur le bureau.
8/ Redémarre normalement et poste le rapport Ewido et un nouveau rapport HijackThis.
http://www.clubic.com/telecharger-fiche14492-ccleaner-c...
Télécharge, installe et mets à jour ewido
Pendant l'installation, sur la page "Additional Options" décoche les deux options "Install background guard" et "Install scan via context menu".
http://www.infos-du-net.com/telecharger/Ewido-Security-...
2/ Redémarre en mode sans échec (Pour cela : démarrer le PC en tapotant sur la touche F8 du clavier jusqu'à ce que le menu des options avancées de Windows apparaisse puis avec les touches fléchées du clavier, sélectionner Mode sans échec puis appuyer sur la touche Entrée...)
Attention tu n'as pas accès à Internet dans ce mode donc note ou imprime les consignes qui suivent.
3/ Lance HijackThis
puis --> Do a system scan only
coche les lignes indiquées ci-dessous
puis --> Fix checked
puis oui à la question de confirmation
O4 - HKLM\..\Run: [Microsoft Anti-Virus] nap32.exe
O4 - HKLM\..\Run: [Microsoft Task Driver] windrv.exe
O4 - HKLM\..\Run: [Intec Service Drivers] msconfig32x.exe
O4 - HKLM\..\RunServices: [Microsoft Anti-Virus] nap32.exe
O4 - HKLM\..\RunServices: [Microsoft Task Driver] windrv.exe
O4 - HKLM\..\RunServices: [Intec Service Drivers] msconfig32x.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Microsoft Task Driver] windrv.exe
O4 - HKCU\..\Run: [Microsoft Anti-Virus] nap32.exe
O4 - HKCU\..\Run: [Intec Service Drivers] msconfig32x.exe
O4 - HKCU\..\RunServices: [Microsoft Task Driver] windrv.exe
O4 - HKCU\..\RunServices: [Intec Service Drivers] msconfig32x.exe
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O16 - DPF: {54B52E52-8000-4413-BD67-FC7FE24B59F2} (EARTPatchX Class) - http://files.ea.com/downloads/rtpatch/v2/EARTPX.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Contro...
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://drivers1.free.fr/hardwaredetection.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDown...
O23 - Service: clmss (Content List Management Sub System) - Unknown owner - C:\WINDOWS\clmss.exe
O23 - Service: sdktemp - Unknown owner - C:\WINDOWS\sdktemp.exe
O23 - Service: Windows Ms Root - Unknown owner - C:\WINDOWS\msroot.exe
O23 - Service: XP Service (xpsvc) - Unknown owner - C:\WINDOWS
4/ Assure-toi que tu as accès aux fichiers cachés.
(Démarrer->Poste de travail->Outils->Options des dossiers...->Affichage
"Afficher les fichiers et dossiers cachés" ->coché
"Masquer les extensions des fichiers dont le type est connu" ->décoché
"Masquer les fichiers protégés du système d'exploitation" ->décoché)
5/ ensuite supprime les fichiers et/ou dossiers suivants si présents :
nap32.exe
windrv.exe
msconfig32x.exe
C:\WINDOWS\clmss.exe
C:\WINDOWS\sdktemp.exe
C:\WINDOWS\msroot.exe
6/ / Lance CCleaner puis bouton Analyse ensuite Bouton Lancer le Nettoyage
7/ Lance ewido (Scan complet du système) et supprime tout ce qu'il trouve. Sauvegarde le rapport sur le bureau.
8/ Redémarre normalement et poste le rapport Ewido et un nouveau rapport HijackThis.
Merci. Le probleme à l'air réglé. Merci de Confirmer.
Logfile of HijackThis v1.99.1
Scan saved at 18:09:26, on 2006-05-10
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\ATKKBService.exe
C:\Program Files\MessengerPlus! 3\MsgPlus.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
D:\Program Files\ewido anti-malware\ewido\ewidoctrl.exe
C:\Program Files\Intel\PROSetWired\NCS\PROSet\PRONoMgr.exe
C:\Program Files\ICQLite\ICQLite.exe
C:\Program Files\Icecast2 Win32\icecastService.exe
C:\Program Files\Messenger\msmsgs.exe
D:\Program Files\Serv-U\ServUTray.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
D:\Program Files\TrafficCounter\TrafficCounter.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\system32\NOTEPAD.EXE
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Documents and Settings\etienne\Bureau\VIRUS\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.ca/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [AVG7_EMC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O4 - HKLM\..\Run: [Zone Labs Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [PRONoMgrWired] c:\Program Files\Intel\PROSetWired\NCS\PROSet\PRONoMgr.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [ICQ Lite] C:\Program Files\ICQLite\ICQLite.exe -minimize
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ServUTrayIcon] D:\Program Files\Serv-U\ServUTray.exe
O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - Startup: Traffic Counter.lnk = D:\Program Files\TrafficCounter\TrafficCounter.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: clmss (Content List Management Sub System) - Unknown owner - C:\WINDOWS\clmss.exe (file missing)
O23 - Service: ewido security suite control - ewido networks - D:\Program Files\ewido anti-malware\ewido\ewidoctrl.exe
O23 - Service: Icecast Media Server (Icecast) - Unknown owner - C:\Program Files\Icecast2 Win32\icecastService.exe" "C:\Program Files\Icecast2 Win32 (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Fichiers communs\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - c:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
O23 - Service: XP Service (xpsvc) - Unknown owner - C:\WINDOWS\
Logfile of HijackThis v1.99.1
Scan saved at 18:09:26, on 2006-05-10
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\ATKKBService.exe
C:\Program Files\MessengerPlus! 3\MsgPlus.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
D:\Program Files\ewido anti-malware\ewido\ewidoctrl.exe
C:\Program Files\Intel\PROSetWired\NCS\PROSet\PRONoMgr.exe
C:\Program Files\ICQLite\ICQLite.exe
C:\Program Files\Icecast2 Win32\icecastService.exe
C:\Program Files\Messenger\msmsgs.exe
D:\Program Files\Serv-U\ServUTray.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
D:\Program Files\TrafficCounter\TrafficCounter.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\system32\NOTEPAD.EXE
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Documents and Settings\etienne\Bureau\VIRUS\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.ca/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [AVG7_EMC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O4 - HKLM\..\Run: [Zone Labs Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [PRONoMgrWired] c:\Program Files\Intel\PROSetWired\NCS\PROSet\PRONoMgr.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [ICQ Lite] C:\Program Files\ICQLite\ICQLite.exe -minimize
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ServUTrayIcon] D:\Program Files\Serv-U\ServUTray.exe
O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - Startup: Traffic Counter.lnk = D:\Program Files\TrafficCounter\TrafficCounter.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: clmss (Content List Management Sub System) - Unknown owner - C:\WINDOWS\clmss.exe (file missing)
O23 - Service: ewido security suite control - ewido networks - D:\Program Files\ewido anti-malware\ewido\ewidoctrl.exe
O23 - Service: Icecast Media Server (Icecast) - Unknown owner - C:\Program Files\Icecast2 Win32\icecastService.exe" "C:\Program Files\Icecast2 Win32 (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Fichiers communs\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - c:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
O23 - Service: XP Service (xpsvc) - Unknown owner - C:\WINDOWS\
Lassé par la pub ? Créez un compte
