[résolu] Analyse rapport HijackThis
Dernière réponse : dans Sécurité
Suite à une réponse concernant le virus "zlip", je poste les rapports demandés :
SmitFraudFix v2.56
Rapport fait à 12:33:45,21, 09/06/2006
Executé à partir de C:\Documents and Settings\RECTORAT\Bureau\SmitfraudFix(2)\SmitfraudFix
OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT
Fix executé en mode sans echec
»»»»»»»»»»»»»»»»»»»»»»»» Avant SmitFraudFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!
SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll
»»»»»»»»»»»»»»»»»»»»»»»» Arret des processus
»»»»»»»»»»»»»»»»»»»»»»»» Suppression des fichiers infectés
»»»»»»»»»»»»»»»»»»»»»»»» Generic Renos Fix
GenericRenosFix by S!Ri
»»»»»»»»»»»»»»»»»»»»»»»» Suppression Fichiers Temporaires
»»»»»»»»»»»»»»»»»»»»»»»» Nettoyage du registre
Nettoyage terminé.
»»»»»»»»»»»»»»»»»»»»»»»» Après SmitFraudFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!
SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll
»»»»»»»»»»»»»»»»»»»»»»»» Fin
Logfile of HijackThis v1.99.1
Scan saved at 12:35:22, on 09/06/2006
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\ZCfgSvc.exe
C:\WINDOWS\explorer.exe
C:\Documents and Settings\RECTORAT\Bureau\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Wanadoo
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb05.exe
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\System32\PSDrvCheck.exe -CheckReg
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [PRONoMgr.exe] C:\Program Files\Intel\NCS\PROSet\PRONoMgr.exe
O4 - HKLM\..\Run: [Plasdll service] frjrfgu.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [WooCnxMon] C:\PROGRA~1\Wanadoo\CnxMon.exe
O4 - HKLM\..\Run: [MessagerStarter Wanadoo] C:\PROGRA~1\MESSAG~1\StartMessager.exe Messager Wanadoo
O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" /icon
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\TaskbarIcon.exe
O4 - HKLM\..\Run: [WinFixer service] pooettzhag.exe
O4 - HKLM\..\Run: [snpstd] C:\WINDOWS\vsnpstd.exe
O4 - HKLM\..\Run: [WinRaR service] uxyrhslttaiiex.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [WinRbp] C:\WINDOWS\System32\zlp32\zlip25.exe
O4 - HKLM\..\RunServices: [Plasdll service] frjrfgu.exe
O4 - HKLM\..\RunServices: [WinFixer service] pooettzhag.exe
O4 - HKLM\..\RunServices: [WinRaR service] uxyrhslttaiiex.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [WOOKIT] C:\Program Files\Wanadoo\Shell.exe appLaunchClientZone.shl|DEFAULT=cnx|PARAM=
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [WinRbp] C:\WINDOWS\System32\zlp32\zlip25.exe
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: Dragon NaturallySpeaking.lnk = C:\Program Files\ScanSoft\NaturallySpeaking\Program\natspeak.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Créer un Favori de l'appareil mobile - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\MESSAG~1\Messager Wanadoo.exe
O9 - Extra 'Tools' menuitem: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\MESSAG~1\Messager Wanadoo.exe
O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.wanadoo.fr (file missing) (HKCU)
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267....
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClie...
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - AppInit_DLLs: MsgPlusLoader.dll
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: Sebring - C:\WINDOWS\System32\LgNotify.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: InterBaseGuardian - Unknown owner - C:\Program Files\Borland\Interbase\bin\IbGuard.exe" -s (file missing)
O23 - Service: InterBaseServer - Unknown owner - C:\Program Files\Borland\Interbase\bin\IbServer.exe" -s -g (file missing)
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\NCS\Sync\NetSvc.exe
O23 - Service: RegSrvc - Intel Corporation - C:\WINDOWS\System32\RegSrvc.exe
O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\WINDOWS\System32\S24EvMon.exe
O23 - Service: Service de lancement de WlanCfg (Wlancfg) - Inventel - C:\Program Files\Inventel\Gateway\wlancfg.exe
Que dois-je faire maintenant? Merci de votre aide.
SmitFraudFix v2.56
Rapport fait à 12:33:45,21, 09/06/2006
Executé à partir de C:\Documents and Settings\RECTORAT\Bureau\SmitfraudFix(2)\SmitfraudFix
OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT
Fix executé en mode sans echec
»»»»»»»»»»»»»»»»»»»»»»»» Avant SmitFraudFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!
SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll
»»»»»»»»»»»»»»»»»»»»»»»» Arret des processus
»»»»»»»»»»»»»»»»»»»»»»»» Suppression des fichiers infectés
»»»»»»»»»»»»»»»»»»»»»»»» Generic Renos Fix
GenericRenosFix by S!Ri
»»»»»»»»»»»»»»»»»»»»»»»» Suppression Fichiers Temporaires
»»»»»»»»»»»»»»»»»»»»»»»» Nettoyage du registre
Nettoyage terminé.
»»»»»»»»»»»»»»»»»»»»»»»» Après SmitFraudFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!
SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll
»»»»»»»»»»»»»»»»»»»»»»»» Fin
Logfile of HijackThis v1.99.1
Scan saved at 12:35:22, on 09/06/2006
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\ZCfgSvc.exe
C:\WINDOWS\explorer.exe
C:\Documents and Settings\RECTORAT\Bureau\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Wanadoo
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb05.exe
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\System32\PSDrvCheck.exe -CheckReg
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [PRONoMgr.exe] C:\Program Files\Intel\NCS\PROSet\PRONoMgr.exe
O4 - HKLM\..\Run: [Plasdll service] frjrfgu.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [WooCnxMon] C:\PROGRA~1\Wanadoo\CnxMon.exe
O4 - HKLM\..\Run: [MessagerStarter Wanadoo] C:\PROGRA~1\MESSAG~1\StartMessager.exe Messager Wanadoo
O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" /icon
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\TaskbarIcon.exe
O4 - HKLM\..\Run: [WinFixer service] pooettzhag.exe
O4 - HKLM\..\Run: [snpstd] C:\WINDOWS\vsnpstd.exe
O4 - HKLM\..\Run: [WinRaR service] uxyrhslttaiiex.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [WinRbp] C:\WINDOWS\System32\zlp32\zlip25.exe
O4 - HKLM\..\RunServices: [Plasdll service] frjrfgu.exe
O4 - HKLM\..\RunServices: [WinFixer service] pooettzhag.exe
O4 - HKLM\..\RunServices: [WinRaR service] uxyrhslttaiiex.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [WOOKIT] C:\Program Files\Wanadoo\Shell.exe appLaunchClientZone.shl|DEFAULT=cnx|PARAM=
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [WinRbp] C:\WINDOWS\System32\zlp32\zlip25.exe
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: Dragon NaturallySpeaking.lnk = C:\Program Files\ScanSoft\NaturallySpeaking\Program\natspeak.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Créer un Favori de l'appareil mobile - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\MESSAG~1\Messager Wanadoo.exe
O9 - Extra 'Tools' menuitem: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\MESSAG~1\Messager Wanadoo.exe
O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.wanadoo.fr (file missing) (HKCU)
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267....
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClie...
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - AppInit_DLLs: MsgPlusLoader.dll
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: Sebring - C:\WINDOWS\System32\LgNotify.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: InterBaseGuardian - Unknown owner - C:\Program Files\Borland\Interbase\bin\IbGuard.exe" -s (file missing)
O23 - Service: InterBaseServer - Unknown owner - C:\Program Files\Borland\Interbase\bin\IbServer.exe" -s -g (file missing)
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\NCS\Sync\NetSvc.exe
O23 - Service: RegSrvc - Intel Corporation - C:\WINDOWS\System32\RegSrvc.exe
O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\WINDOWS\System32\S24EvMon.exe
O23 - Service: Service de lancement de WlanCfg (Wlancfg) - Inventel - C:\Program Files\Inventel\Gateway\wlancfg.exe
Que dois-je faire maintenant? Merci de votre aide.
Autres pages sur : resolu analyse rapport hijackthis
Lassé par la pub ? Créez un compte
Bien charge ton rapport.
Installe Ewido
Décoche "Install Background Guard" et "Install Scan Via Context Menu"
Lance Ewido puis mets le à jour.
Redémarre en mode sans échec.
Relance Ewido puis fais un Scan complet du système.
Sauvegarde le rapport puis colle le ici en mode normal.
Installe Ewido
Décoche "Install Background Guard" et "Install Scan Via Context Menu"
Lance Ewido puis mets le à jour.
Redémarre en mode sans échec.
Relance Ewido puis fais un Scan complet du système.
Sauvegarde le rapport puis colle le ici en mode normal.
---------------------------------------------------------
ewido anti-malware - Rapport de scan
---------------------------------------------------------
+ Créé le: 19:23:44, 09/06/2006
+ Somme de contrôle: F92A458A
+ Résultats du scan:
:mozilla.21:C:\Documents and Settings\RECTORAT\Application Data\Mozilla\Firefox\Profiles\r2avekbu.default\cookies.txt -> TrackingCookie.Bluestreak : Nettoyer et sauvegarder
:mozilla.22:C:\Documents and Settings\RECTORAT\Application Data\Mozilla\Firefox\Profiles\r2avekbu.default\cookies.txt -> TrackingCookie.Doubleclick : Nettoyer et sauvegarder
:mozilla.25:C:\Documents and Settings\RECTORAT\Application Data\Mozilla\Firefox\Profiles\r2avekbu.default\cookies.txt -> TrackingCookie.Atdmt : Nettoyer et sauvegarder
:mozilla.49:C:\Documents and Settings\RECTORAT\Application Data\Mozilla\Firefox\Profiles\r2avekbu.default\cookies.txt -> TrackingCookie.Adbrite : Nettoyer et sauvegarder
:mozilla.50:C:\Documents and Settings\RECTORAT\Application Data\Mozilla\Firefox\Profiles\r2avekbu.default\cookies.txt -> TrackingCookie.Adbrite : Nettoyer et sauvegarder
:mozilla.83:C:\Documents and Settings\RECTORAT\Application Data\Mozilla\Firefox\Profiles\r2avekbu.default\cookies.txt -> TrackingCookie.Advertising : Nettoyer et sauvegarder
:mozilla.84:C:\Documents and Settings\RECTORAT\Application Data\Mozilla\Firefox\Profiles\r2avekbu.default\cookies.txt -> TrackingCookie.Advertising : Nettoyer et sauvegarder
:mozilla.85:C:\Documents and Settings\RECTORAT\Application Data\Mozilla\Firefox\Profiles\r2avekbu.default\cookies.txt -> TrackingCookie.Advertising : Nettoyer et sauvegarder
:mozilla.90:C:\Documents and Settings\RECTORAT\Application Data\Mozilla\Firefox\Profiles\r2avekbu.default\cookies.txt -> TrackingCookie.Mediaplex : Nettoyer et sauvegarder
:mozilla.117:C:\Documents and Settings\RECTORAT\Application Data\Mozilla\Firefox\Profiles\r2avekbu.default\cookies.txt -> TrackingCookie.Adtech : Nettoyer et sauvegarder
:mozilla.118:C:\Documents and Settings\RECTORAT\Application Data\Mozilla\Firefox\Profiles\r2avekbu.default\cookies.txt -> TrackingCookie.Adtech : Nettoyer et sauvegarder
:mozilla.119:C:\Documents and Settings\RECTORAT\Application Data\Mozilla\Firefox\Profiles\r2avekbu.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyer et sauvegarder
:mozilla.120:C:\Documents and Settings\RECTORAT\Application Data\Mozilla\Firefox\Profiles\r2avekbu.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyer et sauvegarder
:mozilla.121:C:\Documents and Settings\RECTORAT\Application Data\Mozilla\Firefox\Profiles\r2avekbu.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyer et sauvegarder
:mozilla.122:C:\Documents and Settings\RECTORAT\Application Data\Mozilla\Firefox\Profiles\r2avekbu.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyer et sauvegarder
:mozilla.127:C:\Documents and Settings\RECTORAT\Application Data\Mozilla\Firefox\Profiles\r2avekbu.default\cookies.txt -> TrackingCookie.Yieldmanager : Nettoyer et sauvegarder
:mozilla.128:C:\Documents and Settings\RECTORAT\Application Data\Mozilla\Firefox\Profiles\r2avekbu.default\cookies.txt -> TrackingCookie.Yieldmanager : Nettoyer et sauvegarder
:mozilla.129:C:\Documents and Settings\RECTORAT\Application Data\Mozilla\Firefox\Profiles\r2avekbu.default\cookies.txt -> TrackingCookie.Yieldmanager : Nettoyer et sauvegarder
:mozilla.130:C:\Documents and Settings\RECTORAT\Application Data\Mozilla\Firefox\Profiles\r2avekbu.default\cookies.txt -> TrackingCookie.Casalemedia : Nettoyer et sauvegarder
:mozilla.134:C:\Documents and Settings\RECTORAT\Application Data\Mozilla\Firefox\Profiles\r2avekbu.default\cookies.txt -> TrackingCookie.Estat : Nettoyer et sauvegarder
:mozilla.140:C:\Documents and Settings\RECTORAT\Application Data\Mozilla\Firefox\Profiles\r2avekbu.default\cookies.txt -> TrackingCookie.Tradedoubler : Nettoyer et sauvegarder
:mozilla.141:C:\Documents and Settings\RECTORAT\Application Data\Mozilla\Firefox\Profiles\r2avekbu.default\cookies.txt -> TrackingCookie.Tradedoubler : Nettoyer et sauvegarder
:mozilla.147:C:\Documents and Settings\RECTORAT\Application Data\Mozilla\Firefox\Profiles\r2avekbu.default\cookies.txt -> TrackingCookie.Tradedoubler : Nettoyer et sauvegarder
:mozilla.148:C:\Documents and Settings\RECTORAT\Application Data\Mozilla\Firefox\Profiles\r2avekbu.default\cookies.txt -> TrackingCookie.Tradedoubler : Nettoyer et sauvegarder
:mozilla.149:C:\Documents and Settings\RECTORAT\Application Data\Mozilla\Firefox\Profiles\r2avekbu.default\cookies.txt -> TrackingCookie.Tradedoubler : Nettoyer et sauvegarder
:mozilla.150:C:\Documents and Settings\RECTORAT\Application Data\Mozilla\Firefox\Profiles\r2avekbu.default\cookies.txt -> TrackingCookie.Tradedoubler : Nettoyer et sauvegarder
:mozilla.151:C:\Documents and Settings\RECTORAT\Application Data\Mozilla\Firefox\Profiles\r2avekbu.default\cookies.txt -> TrackingCookie.Tradedoubler : Nettoyer et sauvegarder
:mozilla.152:C:\Documents and Settings\RECTORAT\Application Data\Mozilla\Firefox\Profiles\r2avekbu.default\cookies.txt -> TrackingCookie.Tradedoubler : Nettoyer et sauvegarder
:mozilla.175:C:\Documents and Settings\RECTORAT\Application Data\Mozilla\Firefox\Profiles\r2avekbu.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyer et sauvegarder
:mozilla.176:C:\Documents and Settings\RECTORAT\Application Data\Mozilla\Firefox\Profiles\r2avekbu.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyer et sauvegarder
:mozilla.177:C:\Documents and Settings\RECTORAT\Application Data\Mozilla\Firefox\Profiles\r2avekbu.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyer et sauvegarder
:mozilla.178:C:\Documents and Settings\RECTORAT\Application Data\Mozilla\Firefox\Profiles\r2avekbu.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyer et sauvegarder
:mozilla.185:C:\Documents and Settings\RECTORAT\Application Data\Mozilla\Firefox\Profiles\r2avekbu.default\cookies.txt -> TrackingCookie.Zedo : Nettoyer et sauvegarder
:mozilla.186:C:\Documents and Settings\RECTORAT\Application Data\Mozilla\Firefox\Profiles\r2avekbu.default\cookies.txt -> TrackingCookie.Zedo : Nettoyer et sauvegarder
:mozilla.212:C:\Documents and Settings\RECTORAT\Application Data\Mozilla\Firefox\Profiles\r2avekbu.default\cookies.txt -> TrackingCookie.Tribalfusion : Nettoyer et sauvegarder
:mozilla.213:C:\Documents and Settings\RECTORAT\Application Data\Mozilla\Firefox\Profiles\r2avekbu.default\cookies.txt -> TrackingCookie.Fastclick : Nettoyer et sauvegarder
:mozilla.221:C:\Documents and Settings\RECTORAT\Application Data\Mozilla\Firefox\Profiles\r2avekbu.default\cookies.txt -> TrackingCookie.Revenue : Nettoyer et sauvegarder
:mozilla.265:C:\Documents and Settings\RECTORAT\Application Data\Mozilla\Firefox\Profiles\r2avekbu.default\cookies.txt -> TrackingCookie.Weborama : Nettoyer et sauvegarder
:mozilla.266:C:\Documents and Settings\RECTORAT\Application Data\Mozilla\Firefox\Profiles\r2avekbu.default\cookies.txt -> TrackingCookie.Weborama : Nettoyer et sauvegarder
:mozilla.267:C:\Documents and Settings\RECTORAT\Application Data\Mozilla\Firefox\Profiles\r2avekbu.default\cookies.txt -> TrackingCookie.Weborama : Nettoyer et sauvegarder
:mozilla.268:C:\Documents and Settings\RECTORAT\Application Data\Mozilla\Firefox\Profiles\r2avekbu.default\cookies.txt -> TrackingCookie.Googleadservices : Nettoyer et sauvegarder
:mozilla.294:C:\Documents and Settings\RECTORAT\Application Data\Mozilla\Firefox\Profiles\r2avekbu.default\cookies.txt -> TrackingCookie.Valueclick : Nettoyer et sauvegarder
:mozilla.297:C:\Documents and Settings\RECTORAT\Application Data\Mozilla\Firefox\Profiles\r2avekbu.default\cookies.txt -> TrackingCookie.Valueclick : Nettoyer et sauvegarder
:mozilla.333:C:\Documents and Settings\RECTORAT\Application Data\Mozilla\Firefox\Profiles\r2avekbu.default\cookies.txt -> TrackingCookie.Web-stat : Nettoyer et sauvegarder
:mozilla.334:C:\Documents and Settings\RECTORAT\Application Data\Mozilla\Firefox\Profiles\r2avekbu.default\cookies.txt -> TrackingCookie.Web-stat : Nettoyer et sauvegarder
:mozilla.379:C:\Documents and Settings\RECTORAT\Application Data\Mozilla\Firefox\Profiles\r2avekbu.default\cookies.txt -> TrackingCookie.Euroclick : Nettoyer et sauvegarder
:mozilla.384:C:\Documents and Settings\RECTORAT\Application Data\Mozilla\Firefox\Profiles\r2avekbu.default\cookies.txt -> TrackingCookie.Falkag : Nettoyer et sauvegarder
:mozilla.390:C:\Documents and Settings\RECTORAT\Application Data\Mozilla\Firefox\Profiles\r2avekbu.default\cookies.txt -> TrackingCookie.Weborama : Nettoyer et sauvegarder
:mozilla.403:C:\Documents and Settings\RECTORAT\Application Data\Mozilla\Firefox\Profiles\r2avekbu.default\cookies.txt -> TrackingCookie.247realmedia : Nettoyer et sauvegarder
:mozilla.404:C:\Documents and Settings\RECTORAT\Application Data\Mozilla\Firefox\Profiles\r2avekbu.default\cookies.txt -> TrackingCookie.247realmedia : Nettoyer et sauvegarder
:mozilla.411:C:\Documents and Settings\RECTORAT\Application Data\Mozilla\Firefox\Profiles\r2avekbu.default\cookies.txt -> TrackingCookie.2o7 : Nettoyer et sauvegarder
C:\Documents and Settings\RECTORAT\Cookies\rectorat@atdmt[2].txt -> TrackingCookie.Atdmt : Nettoyer et sauvegarder
C:\Documents and Settings\RECTORAT\Cookies\rectorat@weborama[2].txt -> TrackingCookie.Weborama : Nettoyer et sauvegarder
C:\Documents and Settings\RECTORAT\f2.exe -> Backdoor.Rbot : Nettoyer et sauvegarder
C:\Documents and Settings\RECTORAT\f21.exe -> Backdoor.Rbot : Nettoyer et sauvegarder
C:\Documents and Settings\RECTORAT\Local Settings\Temporary Internet Files\Content.IE5\4Z9ZQUJT\saber1[1].exe -> Backdoor.Rbot.azo : Nettoyer et sauvegarder
C:\Documents and Settings\RECTORAT\Local Settings\Temporary Internet Files\Content.IE5\4Z9ZQUJT\sbr[1].exe -> Backdoor.Rbot.aoy : Nettoyer et sauvegarder
C:\Documents and Settings\RECTORAT\Local Settings\Temporary Internet Files\Content.IE5\4Z9ZQUJT\zxd[2].jpg -> Backdoor.Rbot.ayi : Nettoyer et sauvegarder
C:\Documents and Settings\RECTORAT\Local Settings\Temporary Internet Files\Content.IE5\6DPI3M10\engm[1].exe -> Backdoor.Rbot.azg : Nettoyer et sauvegarder
C:\Documents and Settings\RECTORAT\Local Settings\Temporary Internet Files\Content.IE5\7399D9LE\H33[1].exe -> Backdoor.IRCBot.qy : Nettoyer et sauvegarder
C:\Documents and Settings\RECTORAT\Local Settings\Temporary Internet Files\Content.IE5\VYCFBHCT\f2[1].exe -> Backdoor.Rbot : Nettoyer et sauvegarder
C:\Documents and Settings\RECTORAT\Local Settings\Temporary Internet Files\Content.IE5\VYCFBHCT\saad[1].jpg -> Backdoor.Rbot.bbs : Nettoyer et sauvegarder
C:\Documents and Settings\RECTORAT\saber11.exe -> Backdoor.Rbot.azo : Nettoyer et sauvegarder
C:\Documents and Settings\RECTORAT\sex.exe -> Backdoor.Rbot.bbs : Nettoyer et sauvegarder
C:\Documents and Settings\RECTORAT\sop2.exe -> Backdoor.Rbot.bbs : Nettoyer et sauvegarder
C:\ohg4fjkguivx.exe -> Backdoor.Rbot.azg : Nettoyer et sauvegarder
C:\WINDOWS\system32\djzwi.exe -> Backdoor.Rbot : Nettoyer et sauvegarder
C:\WINDOWS\system32\frjrfgu.exe -> Backdoor.Rbot.azb : Nettoyer et sauvegarder
C:\WINDOWS\system32\plasdll.exe -> Backdoor.Rbot.azb : Nettoyer et sauvegarder
C:\WINDOWS\system32\pooettzhag.exe -> Backdoor.IRCBot.qy : Nettoyer et sauvegarder
C:\WINDOWS\system32\uxyrhslttaiiex.exe -> Backdoor.Rbot.ayi : Nettoyer et sauvegarder
C:\WINDOWS\system32\Visu1.exe -> Backdoor.Rbot : Nettoyer et sauvegarder
C:\WINDOWS\system32\winfixrghh.exe -> Backdoor.IRCBot.qy : Nettoyer et sauvegarder
C:\zxdzxd.exe -> Backdoor.Rbot.ayi : Nettoyer et sauvegarder
::Fin du rapport
Voila le rapport.
Zlip est toujours présent :-x Que suis-je censée faire?
ewido anti-malware - Rapport de scan
---------------------------------------------------------
+ Créé le: 19:23:44, 09/06/2006
+ Somme de contrôle: F92A458A
+ Résultats du scan:
:mozilla.21:C:\Documents and Settings\RECTORAT\Application Data\Mozilla\Firefox\Profiles\r2avekbu.default\cookies.txt -> TrackingCookie.Bluestreak : Nettoyer et sauvegarder
:mozilla.22:C:\Documents and Settings\RECTORAT\Application Data\Mozilla\Firefox\Profiles\r2avekbu.default\cookies.txt -> TrackingCookie.Doubleclick : Nettoyer et sauvegarder
:mozilla.25:C:\Documents and Settings\RECTORAT\Application Data\Mozilla\Firefox\Profiles\r2avekbu.default\cookies.txt -> TrackingCookie.Atdmt : Nettoyer et sauvegarder
:mozilla.49:C:\Documents and Settings\RECTORAT\Application Data\Mozilla\Firefox\Profiles\r2avekbu.default\cookies.txt -> TrackingCookie.Adbrite : Nettoyer et sauvegarder
:mozilla.50:C:\Documents and Settings\RECTORAT\Application Data\Mozilla\Firefox\Profiles\r2avekbu.default\cookies.txt -> TrackingCookie.Adbrite : Nettoyer et sauvegarder
:mozilla.83:C:\Documents and Settings\RECTORAT\Application Data\Mozilla\Firefox\Profiles\r2avekbu.default\cookies.txt -> TrackingCookie.Advertising : Nettoyer et sauvegarder
:mozilla.84:C:\Documents and Settings\RECTORAT\Application Data\Mozilla\Firefox\Profiles\r2avekbu.default\cookies.txt -> TrackingCookie.Advertising : Nettoyer et sauvegarder
:mozilla.85:C:\Documents and Settings\RECTORAT\Application Data\Mozilla\Firefox\Profiles\r2avekbu.default\cookies.txt -> TrackingCookie.Advertising : Nettoyer et sauvegarder
:mozilla.90:C:\Documents and Settings\RECTORAT\Application Data\Mozilla\Firefox\Profiles\r2avekbu.default\cookies.txt -> TrackingCookie.Mediaplex : Nettoyer et sauvegarder
:mozilla.117:C:\Documents and Settings\RECTORAT\Application Data\Mozilla\Firefox\Profiles\r2avekbu.default\cookies.txt -> TrackingCookie.Adtech : Nettoyer et sauvegarder
:mozilla.118:C:\Documents and Settings\RECTORAT\Application Data\Mozilla\Firefox\Profiles\r2avekbu.default\cookies.txt -> TrackingCookie.Adtech : Nettoyer et sauvegarder
:mozilla.119:C:\Documents and Settings\RECTORAT\Application Data\Mozilla\Firefox\Profiles\r2avekbu.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyer et sauvegarder
:mozilla.120:C:\Documents and Settings\RECTORAT\Application Data\Mozilla\Firefox\Profiles\r2avekbu.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyer et sauvegarder
:mozilla.121:C:\Documents and Settings\RECTORAT\Application Data\Mozilla\Firefox\Profiles\r2avekbu.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyer et sauvegarder
:mozilla.122:C:\Documents and Settings\RECTORAT\Application Data\Mozilla\Firefox\Profiles\r2avekbu.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyer et sauvegarder
:mozilla.127:C:\Documents and Settings\RECTORAT\Application Data\Mozilla\Firefox\Profiles\r2avekbu.default\cookies.txt -> TrackingCookie.Yieldmanager : Nettoyer et sauvegarder
:mozilla.128:C:\Documents and Settings\RECTORAT\Application Data\Mozilla\Firefox\Profiles\r2avekbu.default\cookies.txt -> TrackingCookie.Yieldmanager : Nettoyer et sauvegarder
:mozilla.129:C:\Documents and Settings\RECTORAT\Application Data\Mozilla\Firefox\Profiles\r2avekbu.default\cookies.txt -> TrackingCookie.Yieldmanager : Nettoyer et sauvegarder
:mozilla.130:C:\Documents and Settings\RECTORAT\Application Data\Mozilla\Firefox\Profiles\r2avekbu.default\cookies.txt -> TrackingCookie.Casalemedia : Nettoyer et sauvegarder
:mozilla.134:C:\Documents and Settings\RECTORAT\Application Data\Mozilla\Firefox\Profiles\r2avekbu.default\cookies.txt -> TrackingCookie.Estat : Nettoyer et sauvegarder
:mozilla.140:C:\Documents and Settings\RECTORAT\Application Data\Mozilla\Firefox\Profiles\r2avekbu.default\cookies.txt -> TrackingCookie.Tradedoubler : Nettoyer et sauvegarder
:mozilla.141:C:\Documents and Settings\RECTORAT\Application Data\Mozilla\Firefox\Profiles\r2avekbu.default\cookies.txt -> TrackingCookie.Tradedoubler : Nettoyer et sauvegarder
:mozilla.147:C:\Documents and Settings\RECTORAT\Application Data\Mozilla\Firefox\Profiles\r2avekbu.default\cookies.txt -> TrackingCookie.Tradedoubler : Nettoyer et sauvegarder
:mozilla.148:C:\Documents and Settings\RECTORAT\Application Data\Mozilla\Firefox\Profiles\r2avekbu.default\cookies.txt -> TrackingCookie.Tradedoubler : Nettoyer et sauvegarder
:mozilla.149:C:\Documents and Settings\RECTORAT\Application Data\Mozilla\Firefox\Profiles\r2avekbu.default\cookies.txt -> TrackingCookie.Tradedoubler : Nettoyer et sauvegarder
:mozilla.150:C:\Documents and Settings\RECTORAT\Application Data\Mozilla\Firefox\Profiles\r2avekbu.default\cookies.txt -> TrackingCookie.Tradedoubler : Nettoyer et sauvegarder
:mozilla.151:C:\Documents and Settings\RECTORAT\Application Data\Mozilla\Firefox\Profiles\r2avekbu.default\cookies.txt -> TrackingCookie.Tradedoubler : Nettoyer et sauvegarder
:mozilla.152:C:\Documents and Settings\RECTORAT\Application Data\Mozilla\Firefox\Profiles\r2avekbu.default\cookies.txt -> TrackingCookie.Tradedoubler : Nettoyer et sauvegarder
:mozilla.175:C:\Documents and Settings\RECTORAT\Application Data\Mozilla\Firefox\Profiles\r2avekbu.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyer et sauvegarder
:mozilla.176:C:\Documents and Settings\RECTORAT\Application Data\Mozilla\Firefox\Profiles\r2avekbu.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyer et sauvegarder
:mozilla.177:C:\Documents and Settings\RECTORAT\Application Data\Mozilla\Firefox\Profiles\r2avekbu.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyer et sauvegarder
:mozilla.178:C:\Documents and Settings\RECTORAT\Application Data\Mozilla\Firefox\Profiles\r2avekbu.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyer et sauvegarder
:mozilla.185:C:\Documents and Settings\RECTORAT\Application Data\Mozilla\Firefox\Profiles\r2avekbu.default\cookies.txt -> TrackingCookie.Zedo : Nettoyer et sauvegarder
:mozilla.186:C:\Documents and Settings\RECTORAT\Application Data\Mozilla\Firefox\Profiles\r2avekbu.default\cookies.txt -> TrackingCookie.Zedo : Nettoyer et sauvegarder
:mozilla.212:C:\Documents and Settings\RECTORAT\Application Data\Mozilla\Firefox\Profiles\r2avekbu.default\cookies.txt -> TrackingCookie.Tribalfusion : Nettoyer et sauvegarder
:mozilla.213:C:\Documents and Settings\RECTORAT\Application Data\Mozilla\Firefox\Profiles\r2avekbu.default\cookies.txt -> TrackingCookie.Fastclick : Nettoyer et sauvegarder
:mozilla.221:C:\Documents and Settings\RECTORAT\Application Data\Mozilla\Firefox\Profiles\r2avekbu.default\cookies.txt -> TrackingCookie.Revenue : Nettoyer et sauvegarder
:mozilla.265:C:\Documents and Settings\RECTORAT\Application Data\Mozilla\Firefox\Profiles\r2avekbu.default\cookies.txt -> TrackingCookie.Weborama : Nettoyer et sauvegarder
:mozilla.266:C:\Documents and Settings\RECTORAT\Application Data\Mozilla\Firefox\Profiles\r2avekbu.default\cookies.txt -> TrackingCookie.Weborama : Nettoyer et sauvegarder
:mozilla.267:C:\Documents and Settings\RECTORAT\Application Data\Mozilla\Firefox\Profiles\r2avekbu.default\cookies.txt -> TrackingCookie.Weborama : Nettoyer et sauvegarder
:mozilla.268:C:\Documents and Settings\RECTORAT\Application Data\Mozilla\Firefox\Profiles\r2avekbu.default\cookies.txt -> TrackingCookie.Googleadservices : Nettoyer et sauvegarder
:mozilla.294:C:\Documents and Settings\RECTORAT\Application Data\Mozilla\Firefox\Profiles\r2avekbu.default\cookies.txt -> TrackingCookie.Valueclick : Nettoyer et sauvegarder
:mozilla.297:C:\Documents and Settings\RECTORAT\Application Data\Mozilla\Firefox\Profiles\r2avekbu.default\cookies.txt -> TrackingCookie.Valueclick : Nettoyer et sauvegarder
:mozilla.333:C:\Documents and Settings\RECTORAT\Application Data\Mozilla\Firefox\Profiles\r2avekbu.default\cookies.txt -> TrackingCookie.Web-stat : Nettoyer et sauvegarder
:mozilla.334:C:\Documents and Settings\RECTORAT\Application Data\Mozilla\Firefox\Profiles\r2avekbu.default\cookies.txt -> TrackingCookie.Web-stat : Nettoyer et sauvegarder
:mozilla.379:C:\Documents and Settings\RECTORAT\Application Data\Mozilla\Firefox\Profiles\r2avekbu.default\cookies.txt -> TrackingCookie.Euroclick : Nettoyer et sauvegarder
:mozilla.384:C:\Documents and Settings\RECTORAT\Application Data\Mozilla\Firefox\Profiles\r2avekbu.default\cookies.txt -> TrackingCookie.Falkag : Nettoyer et sauvegarder
:mozilla.390:C:\Documents and Settings\RECTORAT\Application Data\Mozilla\Firefox\Profiles\r2avekbu.default\cookies.txt -> TrackingCookie.Weborama : Nettoyer et sauvegarder
:mozilla.403:C:\Documents and Settings\RECTORAT\Application Data\Mozilla\Firefox\Profiles\r2avekbu.default\cookies.txt -> TrackingCookie.247realmedia : Nettoyer et sauvegarder
:mozilla.404:C:\Documents and Settings\RECTORAT\Application Data\Mozilla\Firefox\Profiles\r2avekbu.default\cookies.txt -> TrackingCookie.247realmedia : Nettoyer et sauvegarder
:mozilla.411:C:\Documents and Settings\RECTORAT\Application Data\Mozilla\Firefox\Profiles\r2avekbu.default\cookies.txt -> TrackingCookie.2o7 : Nettoyer et sauvegarder
C:\Documents and Settings\RECTORAT\Cookies\rectorat@atdmt[2].txt -> TrackingCookie.Atdmt : Nettoyer et sauvegarder
C:\Documents and Settings\RECTORAT\Cookies\rectorat@weborama[2].txt -> TrackingCookie.Weborama : Nettoyer et sauvegarder
C:\Documents and Settings\RECTORAT\f2.exe -> Backdoor.Rbot : Nettoyer et sauvegarder
C:\Documents and Settings\RECTORAT\f21.exe -> Backdoor.Rbot : Nettoyer et sauvegarder
C:\Documents and Settings\RECTORAT\Local Settings\Temporary Internet Files\Content.IE5\4Z9ZQUJT\saber1[1].exe -> Backdoor.Rbot.azo : Nettoyer et sauvegarder
C:\Documents and Settings\RECTORAT\Local Settings\Temporary Internet Files\Content.IE5\4Z9ZQUJT\sbr[1].exe -> Backdoor.Rbot.aoy : Nettoyer et sauvegarder
C:\Documents and Settings\RECTORAT\Local Settings\Temporary Internet Files\Content.IE5\4Z9ZQUJT\zxd[2].jpg -> Backdoor.Rbot.ayi : Nettoyer et sauvegarder
C:\Documents and Settings\RECTORAT\Local Settings\Temporary Internet Files\Content.IE5\6DPI3M10\engm[1].exe -> Backdoor.Rbot.azg : Nettoyer et sauvegarder
C:\Documents and Settings\RECTORAT\Local Settings\Temporary Internet Files\Content.IE5\7399D9LE\H33[1].exe -> Backdoor.IRCBot.qy : Nettoyer et sauvegarder
C:\Documents and Settings\RECTORAT\Local Settings\Temporary Internet Files\Content.IE5\VYCFBHCT\f2[1].exe -> Backdoor.Rbot : Nettoyer et sauvegarder
C:\Documents and Settings\RECTORAT\Local Settings\Temporary Internet Files\Content.IE5\VYCFBHCT\saad[1].jpg -> Backdoor.Rbot.bbs : Nettoyer et sauvegarder
C:\Documents and Settings\RECTORAT\saber11.exe -> Backdoor.Rbot.azo : Nettoyer et sauvegarder
C:\Documents and Settings\RECTORAT\sex.exe -> Backdoor.Rbot.bbs : Nettoyer et sauvegarder
C:\Documents and Settings\RECTORAT\sop2.exe -> Backdoor.Rbot.bbs : Nettoyer et sauvegarder
C:\ohg4fjkguivx.exe -> Backdoor.Rbot.azg : Nettoyer et sauvegarder
C:\WINDOWS\system32\djzwi.exe -> Backdoor.Rbot : Nettoyer et sauvegarder
C:\WINDOWS\system32\frjrfgu.exe -> Backdoor.Rbot.azb : Nettoyer et sauvegarder
C:\WINDOWS\system32\plasdll.exe -> Backdoor.Rbot.azb : Nettoyer et sauvegarder
C:\WINDOWS\system32\pooettzhag.exe -> Backdoor.IRCBot.qy : Nettoyer et sauvegarder
C:\WINDOWS\system32\uxyrhslttaiiex.exe -> Backdoor.Rbot.ayi : Nettoyer et sauvegarder
C:\WINDOWS\system32\Visu1.exe -> Backdoor.Rbot : Nettoyer et sauvegarder
C:\WINDOWS\system32\winfixrghh.exe -> Backdoor.IRCBot.qy : Nettoyer et sauvegarder
C:\zxdzxd.exe -> Backdoor.Rbot.ayi : Nettoyer et sauvegarder
::Fin du rapport
Voila le rapport.
Zlip est toujours présent :-x Que suis-je censée faire?
Tu as beaucoup d'infctions a la base, c'est va etre long.
Télécharge Blacklight (de F-Secure) et sauvegarde le sur ton Bureau.
Double-clique blbeta.exe et accepte la licence; laisse [X]scan through Windows Explorer activé; clique Scan puis Next
Tu verras une liste de fichiers détectés apparaître. Tu verras également un rapport, sur ton Bureau, nommé fsbl.xxxxxxx.log (les xxxxxxx sont des chiffres).
Copie et colle le contenu de ce rapport dans ta prochaine réponse. NE PAS choisir l'option "Rename" de suite : nous devons analyser le rapport, car des fichiers légitimes peuvent être présents, tel wbemtest.exe
Poste un rapport Hijackthis.
- Fais un scan en ligne Kaspersky
Aide pour les scans en ligne
Sauvegarde puis colle le rapport en fin d'analyse.
Télécharge Blacklight (de F-Secure) et sauvegarde le sur ton Bureau.
Double-clique blbeta.exe et accepte la licence; laisse [X]scan through Windows Explorer activé; clique Scan puis Next
Tu verras une liste de fichiers détectés apparaître. Tu verras également un rapport, sur ton Bureau, nommé fsbl.xxxxxxx.log (les xxxxxxx sont des chiffres).
Copie et colle le contenu de ce rapport dans ta prochaine réponse. NE PAS choisir l'option "Rename" de suite : nous devons analyser le rapport, car des fichiers légitimes peuvent être présents, tel wbemtest.exe
Poste un rapport Hijackthis.
- Fais un scan en ligne Kaspersky
Aide pour les scans en ligne
Sauvegarde puis colle le rapport en fin d'analyse.
Aie...
06/09/06 19:35:36 [Info]: BlackLight Engine 1.0.37 initialized
06/09/06 19:35:36 [Info]: OS: 5.1 build 2600 (Service Pack 1)
06/09/06 19:35:36 [Note]: 7019 4
06/09/06 19:35:36 [Note]: 7005 0
06/09/06 19:35:43 [Note]: 7006 0
06/09/06 19:35:43 [Note]: 7011 1996
06/09/06 19:35:43 [Note]: 7026 0
06/09/06 19:35:43 [Note]: 7026 0
06/09/06 19:35:46 [Note]: FSRAW library version 1.7.1015
06/09/06 19:40:00 [Note]: 7007 0
Logfile of HijackThis v1.99.1
Scan saved at 19:41:33, on 09/06/2006
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\S24EvMon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\ZCfgSvc.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\System32\1XConfig.exe
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\Program Files\Borland\Interbase\bin\IbGuard.exe
C:\WINDOWS\System32\igfxtray.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\System32\RegSrvc.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\hkcmd.exe
C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb05.exe
C:\Program Files\Inventel\Gateway\wlancfg.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\MessengerPlus! 3\MsgPlus.exe
C:\WINDOWS\AGRSMMSG.exe
C:\PROGRA~1\Wanadoo\CnxMon.exe
C:\PROGRA~1\MESSAG~1\StartMessager.exe
C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe
C:\PROGRA~1\Wanadoo\TaskbarIcon.exe
C:\WINDOWS\vsnpstd.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\System32\zlp32\zlip25.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\ScanSoft\NaturallySpeaking\Program\natspeak.exe
C:\Program Files\Wanadoo\EspaceWanadoo.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Borland\Interbase\bin\IbServer.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Wanadoo\ComComp.exe
C:\Program Files\Wanadoo\Watch.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\WINDOWS\system32\NOTEPAD.EXE
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Documents and Settings\RECTORAT\Bureau\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Wanadoo
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb05.exe
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\System32\PSDrvCheck.exe -CheckReg
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [PRONoMgr.exe] C:\Program Files\Intel\NCS\PROSet\PRONoMgr.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [WooCnxMon] C:\PROGRA~1\Wanadoo\CnxMon.exe
O4 - HKLM\..\Run: [MessagerStarter Wanadoo] C:\PROGRA~1\MESSAG~1\StartMessager.exe Messager Wanadoo
O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" /icon
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\TaskbarIcon.exe
O4 - HKLM\..\Run: [snpstd] C:\WINDOWS\vsnpstd.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [WinRbp] C:\WINDOWS\System32\zlp32\zlip25.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [WOOKIT] C:\Program Files\Wanadoo\Shell.exe appLaunchClientZone.shl|DEFAULT=cnx|PARAM=
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [WinRbp] C:\WINDOWS\System32\zlp32\zlip25.exe
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: Dragon NaturallySpeaking.lnk = C:\Program Files\ScanSoft\NaturallySpeaking\Program\natspeak.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Créer un Favori de l'appareil mobile - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\MESSAG~1\Messager Wanadoo.exe
O9 - Extra 'Tools' menuitem: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\MESSAG~1\Messager Wanadoo.exe
O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.wanadoo.fr (file missing) (HKCU)
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267....
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClie...
O17 - HKLM\System\CCS\Services\Tcpip\..\{2F8EF46D-F011-428E-85D7-CFDF84E73ACF}: NameServer = 80.10.246.1 80.10.246.132
O17 - HKLM\System\CS1\Services\Tcpip\..\{2F8EF46D-F011-428E-85D7-CFDF84E73ACF}: NameServer = 80.10.246.1 80.10.246.132
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - AppInit_DLLs: MsgPlusLoader.dll
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: Sebring - C:\WINDOWS\System32\LgNotify.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: InterBaseGuardian - Unknown owner - C:\Program Files\Borland\Interbase\bin\IbGuard.exe" -s (file missing)
O23 - Service: InterBaseServer - Unknown owner - C:\Program Files\Borland\Interbase\bin\IbServer.exe" -s -g (file missing)
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\NCS\Sync\NetSvc.exe
O23 - Service: RegSrvc - Intel Corporation - C:\WINDOWS\System32\RegSrvc.exe
O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\WINDOWS\System32\S24EvMon.exe
O23 - Service: Service de lancement de WlanCfg (Wlancfg) - Inventel - C:\Program Files\Inventel\Gateway\wlancfg.exe
L'analyse Kaspersky est en route
:-?
06/09/06 19:35:36 [Info]: BlackLight Engine 1.0.37 initialized
06/09/06 19:35:36 [Info]: OS: 5.1 build 2600 (Service Pack 1)
06/09/06 19:35:36 [Note]: 7019 4
06/09/06 19:35:36 [Note]: 7005 0
06/09/06 19:35:43 [Note]: 7006 0
06/09/06 19:35:43 [Note]: 7011 1996
06/09/06 19:35:43 [Note]: 7026 0
06/09/06 19:35:43 [Note]: 7026 0
06/09/06 19:35:46 [Note]: FSRAW library version 1.7.1015
06/09/06 19:40:00 [Note]: 7007 0
Logfile of HijackThis v1.99.1
Scan saved at 19:41:33, on 09/06/2006
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\S24EvMon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\ZCfgSvc.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\System32\1XConfig.exe
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\Program Files\Borland\Interbase\bin\IbGuard.exe
C:\WINDOWS\System32\igfxtray.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\System32\RegSrvc.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\hkcmd.exe
C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb05.exe
C:\Program Files\Inventel\Gateway\wlancfg.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\MessengerPlus! 3\MsgPlus.exe
C:\WINDOWS\AGRSMMSG.exe
C:\PROGRA~1\Wanadoo\CnxMon.exe
C:\PROGRA~1\MESSAG~1\StartMessager.exe
C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe
C:\PROGRA~1\Wanadoo\TaskbarIcon.exe
C:\WINDOWS\vsnpstd.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\System32\zlp32\zlip25.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\ScanSoft\NaturallySpeaking\Program\natspeak.exe
C:\Program Files\Wanadoo\EspaceWanadoo.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Borland\Interbase\bin\IbServer.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Wanadoo\ComComp.exe
C:\Program Files\Wanadoo\Watch.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\WINDOWS\system32\NOTEPAD.EXE
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Documents and Settings\RECTORAT\Bureau\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Wanadoo
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb05.exe
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\System32\PSDrvCheck.exe -CheckReg
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [PRONoMgr.exe] C:\Program Files\Intel\NCS\PROSet\PRONoMgr.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [WooCnxMon] C:\PROGRA~1\Wanadoo\CnxMon.exe
O4 - HKLM\..\Run: [MessagerStarter Wanadoo] C:\PROGRA~1\MESSAG~1\StartMessager.exe Messager Wanadoo
O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" /icon
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\TaskbarIcon.exe
O4 - HKLM\..\Run: [snpstd] C:\WINDOWS\vsnpstd.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [WinRbp] C:\WINDOWS\System32\zlp32\zlip25.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [WOOKIT] C:\Program Files\Wanadoo\Shell.exe appLaunchClientZone.shl|DEFAULT=cnx|PARAM=
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [WinRbp] C:\WINDOWS\System32\zlp32\zlip25.exe
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: Dragon NaturallySpeaking.lnk = C:\Program Files\ScanSoft\NaturallySpeaking\Program\natspeak.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Créer un Favori de l'appareil mobile - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\MESSAG~1\Messager Wanadoo.exe
O9 - Extra 'Tools' menuitem: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\MESSAG~1\Messager Wanadoo.exe
O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.wanadoo.fr (file missing) (HKCU)
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267....
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClie...
O17 - HKLM\System\CCS\Services\Tcpip\..\{2F8EF46D-F011-428E-85D7-CFDF84E73ACF}: NameServer = 80.10.246.1 80.10.246.132
O17 - HKLM\System\CS1\Services\Tcpip\..\{2F8EF46D-F011-428E-85D7-CFDF84E73ACF}: NameServer = 80.10.246.1 80.10.246.132
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - AppInit_DLLs: MsgPlusLoader.dll
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: Sebring - C:\WINDOWS\System32\LgNotify.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: InterBaseGuardian - Unknown owner - C:\Program Files\Borland\Interbase\bin\IbGuard.exe" -s (file missing)
O23 - Service: InterBaseServer - Unknown owner - C:\Program Files\Borland\Interbase\bin\IbServer.exe" -s -g (file missing)
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\NCS\Sync\NetSvc.exe
O23 - Service: RegSrvc - Intel Corporation - C:\WINDOWS\System32\RegSrvc.exe
O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\WINDOWS\System32\S24EvMon.exe
O23 - Service: Service de lancement de WlanCfg (Wlancfg) - Inventel - C:\Program Files\Inventel\Gateway\wlancfg.exe
L'analyse Kaspersky est en route
:-?
Résultats de l'analyse kaspersky:
-------------------------------------------------------------------------------
KASPERSKY ON-LINE SCANNER - RAPPORT
vendredi 9 juin 2006 20:50:00
Système d'exploitation : Microsoft Windows XP Professional, Service Pack 1 (Build 2600)
Version de Kaspersky On-line Scanner: 5.0.78.0
Dernière mise à jour de la base antivirus Kaspersky : 9/06/2006
Enregistrements dans la base antivirus Kaspersky : 187454
-------------------------------------------------------------------------------
Paramètres d'analyse:
Analyser avec la base antivirus suivante: standard
Analyser les archives: vrai
Analyser les bases de messagerie.: vrai
Cible de l'analyse - Poste de travail:
C:\
D:\
E:\
F:\
Statistiques de l'analyse:
Total d'objets analysés :: 71820
Nombre de virus trouvés: 8
Nombre d'objets infectés: 43
Nombre d'objets suspects: 0
Durée de l'analyse: 01:01:41
Nom de l'objet infecté / Nom du virus / Dernière action
C:\Documents and Settings\RECTORAT\Local Settings\Temporary Internet Files\Content.IE5\VYCFBHCT\wwgt[1].jpg/TaskPiG.exe Infecté: Backdoor.Win32.mIRC-based ignoré
C:\Documents and Settings\RECTORAT\Local Settings\Temporary Internet Files\Content.IE5\VYCFBHCT\wwgt[1].jpg Instyler: infecté - 1 ignoré
C:\Documents and Settings\RECTORAT\Local Settings\Temporary Internet Files\Content.IE5\VYCFBHCT\wwrd[1].jpg/TaskPiG.exe Infecté: Backdoor.Win32.mIRC-based ignoré
C:\Documents and Settings\RECTORAT\Local Settings\Temporary Internet Files\Content.IE5\VYCFBHCT\wwrd[1].jpg Instyler: infecté - 1 ignoré
C:\Documents and Settings\RECTORAT\sop.exe/TaskPiG.exe Infecté: Backdoor.Win32.mIRC-based ignoré
C:\Documents and Settings\RECTORAT\sop.exe Instyler: infecté - 1 ignoré
C:\free701.exe/TaskPiG.exe Infecté: Backdoor.Win32.mIRC-based ignoré
C:\free701.exe Instyler: infecté - 1 ignoré
C:\System Volume Information\_restore{EB95FEA6-66D1-48B7-9C01-B37AB8A598F0}\RP100\A0013049.exe Infecté: Backdoor.Win32.Rbot.ave ignoré
C:\System Volume Information\_restore{EB95FEA6-66D1-48B7-9C01-B37AB8A598F0}\RP100\A0013068.exe Infecté: Backdoor.Win32.Rbot.azb ignoré
C:\System Volume Information\_restore{EB95FEA6-66D1-48B7-9C01-B37AB8A598F0}\RP100\A0013091.exe Infecté: Backdoor.Win32.Rbot.azb ignoré
C:\System Volume Information\_restore{EB95FEA6-66D1-48B7-9C01-B37AB8A598F0}\RP101\A0013121.exe Infecté: Backdoor.Win32.Rbot.azb ignoré
C:\System Volume Information\_restore{EB95FEA6-66D1-48B7-9C01-B37AB8A598F0}\RP104\A0013185.exe Infecté: Backdoor.Win32.Rbot.azb ignoré
C:\System Volume Information\_restore{EB95FEA6-66D1-48B7-9C01-B37AB8A598F0}\RP105\A0013202.exe Infecté: Backdoor.Win32.Rbot.ave ignoré
C:\System Volume Information\_restore{EB95FEA6-66D1-48B7-9C01-B37AB8A598F0}\RP105\A0013219.exe Infecté: Backdoor.Win32.Rbot.azb ignoré
C:\System Volume Information\_restore{EB95FEA6-66D1-48B7-9C01-B37AB8A598F0}\RP105\A0013236.exe Infecté: Backdoor.Win32.Rbot.ave ignoré
C:\System Volume Information\_restore{EB95FEA6-66D1-48B7-9C01-B37AB8A598F0}\RP106\A0013253.exe Infecté: Backdoor.Win32.Rbot.azb ignoré
C:\System Volume Information\_restore{EB95FEA6-66D1-48B7-9C01-B37AB8A598F0}\RP106\A0013290.exe Infecté: Backdoor.Win32.Rbot.azb ignoré
C:\System Volume Information\_restore{EB95FEA6-66D1-48B7-9C01-B37AB8A598F0}\RP110\A0013399.exe Infecté: Backdoor.Win32.Rbot.azb ignoré
C:\System Volume Information\_restore{EB95FEA6-66D1-48B7-9C01-B37AB8A598F0}\RP110\A0014455.exe Infecté: Backdoor.Win32.Rbot.azb ignoré
C:\System Volume Information\_restore{EB95FEA6-66D1-48B7-9C01-B37AB8A598F0}\RP111\A0014512.exe Infecté: Backdoor.Win32.Rbot.azb ignoré
C:\System Volume Information\_restore{EB95FEA6-66D1-48B7-9C01-B37AB8A598F0}\RP112\A0014544.exe Infecté: Backdoor.Win32.Rbot.azb ignoré
C:\System Volume Information\_restore{EB95FEA6-66D1-48B7-9C01-B37AB8A598F0}\RP112\A0014568.exe Infecté: Backdoor.Win32.Rbot.azb ignoré
C:\System Volume Information\_restore{EB95FEA6-66D1-48B7-9C01-B37AB8A598F0}\RP112\A0014600.exe Infecté: Backdoor.Win32.Rbot.azb ignoré
C:\System Volume Information\_restore{EB95FEA6-66D1-48B7-9C01-B37AB8A598F0}\RP113\A0014620.exe Infecté: Backdoor.Win32.Rbot.azb ignoré
C:\System Volume Information\_restore{EB95FEA6-66D1-48B7-9C01-B37AB8A598F0}\RP113\A0014659.exe Infecté: Backdoor.Win32.Rbot.azb ignoré
C:\System Volume Information\_restore{EB95FEA6-66D1-48B7-9C01-B37AB8A598F0}\RP113\A0014676.exe Infecté: Backdoor.Win32.Rbot.azb ignoré
C:\System Volume Information\_restore{EB95FEA6-66D1-48B7-9C01-B37AB8A598F0}\RP122\A0016036.exe Infecté: Backdoor.Win32.Rbot.ave ignoré
C:\System Volume Information\_restore{EB95FEA6-66D1-48B7-9C01-B37AB8A598F0}\RP127\A0016479.exe Infecté: Backdoor.Win32.Rbot.azo ignoré
C:\System Volume Information\_restore{EB95FEA6-66D1-48B7-9C01-B37AB8A598F0}\RP127\A0016480.exe Infecté: Backdoor.Win32.Rbot.bbs ignoré
C:\System Volume Information\_restore{EB95FEA6-66D1-48B7-9C01-B37AB8A598F0}\RP127\A0016481.exe Infecté: Backdoor.Win32.Rbot.bbs ignoré
C:\System Volume Information\_restore{EB95FEA6-66D1-48B7-9C01-B37AB8A598F0}\RP127\A0016482.exe Infecté: Backdoor.Win32.Rbot.azg ignoré
C:\System Volume Information\_restore{EB95FEA6-66D1-48B7-9C01-B37AB8A598F0}\RP127\A0016484.exe Infecté: Backdoor.Win32.Rbot.azb ignoré
C:\System Volume Information\_restore{EB95FEA6-66D1-48B7-9C01-B37AB8A598F0}\RP127\A0016485.exe Infecté: Backdoor.Win32.Rbot.azb ignoré
C:\System Volume Information\_restore{EB95FEA6-66D1-48B7-9C01-B37AB8A598F0}\RP127\A0016486.exe Infecté: Backdoor.Win32.IRCBot.qy ignoré
C:\System Volume Information\_restore{EB95FEA6-66D1-48B7-9C01-B37AB8A598F0}\RP127\A0016487.exe Infecté: Backdoor.Win32.Rbot.ayi ignoré
C:\System Volume Information\_restore{EB95FEA6-66D1-48B7-9C01-B37AB8A598F0}\RP127\A0016489.exe Infecté: Backdoor.Win32.IRCBot.qy ignoré
C:\System Volume Information\_restore{EB95FEA6-66D1-48B7-9C01-B37AB8A598F0}\RP127\A0016490.exe Infecté: Backdoor.Win32.Rbot.ayi ignoré
C:\System Volume Information\_restore{EB95FEA6-66D1-48B7-9C01-B37AB8A598F0}\RP98\A0012974.exe Infecté: Backdoor.Win32.Rbot.azb ignoré
C:\System Volume Information\_restore{EB95FEA6-66D1-48B7-9C01-B37AB8A598F0}\RP98\A0013004.exe Infecté: Backdoor.Win32.Rbot.azb ignoré
C:\System Volume Information\_restore{EB95FEA6-66D1-48B7-9C01-B37AB8A598F0}\RP99\A0013035.exe Infecté: Backdoor.Win32.Rbot.azb ignoré
C:\Ver20.exe/TaskPiG.exe Infecté: Backdoor.Win32.mIRC-based ignoré
C:\Ver20.exe Instyler: infecté - 1 ignoré
Analyse terminée.
-------------------------------------------------------------------------------
KASPERSKY ON-LINE SCANNER - RAPPORT
vendredi 9 juin 2006 20:50:00
Système d'exploitation : Microsoft Windows XP Professional, Service Pack 1 (Build 2600)
Version de Kaspersky On-line Scanner: 5.0.78.0
Dernière mise à jour de la base antivirus Kaspersky : 9/06/2006
Enregistrements dans la base antivirus Kaspersky : 187454
-------------------------------------------------------------------------------
Paramètres d'analyse:
Analyser avec la base antivirus suivante: standard
Analyser les archives: vrai
Analyser les bases de messagerie.: vrai
Cible de l'analyse - Poste de travail:
C:\
D:\
E:\
F:\
Statistiques de l'analyse:
Total d'objets analysés :: 71820
Nombre de virus trouvés: 8
Nombre d'objets infectés: 43
Nombre d'objets suspects: 0
Durée de l'analyse: 01:01:41
Nom de l'objet infecté / Nom du virus / Dernière action
C:\Documents and Settings\RECTORAT\Local Settings\Temporary Internet Files\Content.IE5\VYCFBHCT\wwgt[1].jpg/TaskPiG.exe Infecté: Backdoor.Win32.mIRC-based ignoré
C:\Documents and Settings\RECTORAT\Local Settings\Temporary Internet Files\Content.IE5\VYCFBHCT\wwgt[1].jpg Instyler: infecté - 1 ignoré
C:\Documents and Settings\RECTORAT\Local Settings\Temporary Internet Files\Content.IE5\VYCFBHCT\wwrd[1].jpg/TaskPiG.exe Infecté: Backdoor.Win32.mIRC-based ignoré
C:\Documents and Settings\RECTORAT\Local Settings\Temporary Internet Files\Content.IE5\VYCFBHCT\wwrd[1].jpg Instyler: infecté - 1 ignoré
C:\Documents and Settings\RECTORAT\sop.exe/TaskPiG.exe Infecté: Backdoor.Win32.mIRC-based ignoré
C:\Documents and Settings\RECTORAT\sop.exe Instyler: infecté - 1 ignoré
C:\free701.exe/TaskPiG.exe Infecté: Backdoor.Win32.mIRC-based ignoré
C:\free701.exe Instyler: infecté - 1 ignoré
C:\System Volume Information\_restore{EB95FEA6-66D1-48B7-9C01-B37AB8A598F0}\RP100\A0013049.exe Infecté: Backdoor.Win32.Rbot.ave ignoré
C:\System Volume Information\_restore{EB95FEA6-66D1-48B7-9C01-B37AB8A598F0}\RP100\A0013068.exe Infecté: Backdoor.Win32.Rbot.azb ignoré
C:\System Volume Information\_restore{EB95FEA6-66D1-48B7-9C01-B37AB8A598F0}\RP100\A0013091.exe Infecté: Backdoor.Win32.Rbot.azb ignoré
C:\System Volume Information\_restore{EB95FEA6-66D1-48B7-9C01-B37AB8A598F0}\RP101\A0013121.exe Infecté: Backdoor.Win32.Rbot.azb ignoré
C:\System Volume Information\_restore{EB95FEA6-66D1-48B7-9C01-B37AB8A598F0}\RP104\A0013185.exe Infecté: Backdoor.Win32.Rbot.azb ignoré
C:\System Volume Information\_restore{EB95FEA6-66D1-48B7-9C01-B37AB8A598F0}\RP105\A0013202.exe Infecté: Backdoor.Win32.Rbot.ave ignoré
C:\System Volume Information\_restore{EB95FEA6-66D1-48B7-9C01-B37AB8A598F0}\RP105\A0013219.exe Infecté: Backdoor.Win32.Rbot.azb ignoré
C:\System Volume Information\_restore{EB95FEA6-66D1-48B7-9C01-B37AB8A598F0}\RP105\A0013236.exe Infecté: Backdoor.Win32.Rbot.ave ignoré
C:\System Volume Information\_restore{EB95FEA6-66D1-48B7-9C01-B37AB8A598F0}\RP106\A0013253.exe Infecté: Backdoor.Win32.Rbot.azb ignoré
C:\System Volume Information\_restore{EB95FEA6-66D1-48B7-9C01-B37AB8A598F0}\RP106\A0013290.exe Infecté: Backdoor.Win32.Rbot.azb ignoré
C:\System Volume Information\_restore{EB95FEA6-66D1-48B7-9C01-B37AB8A598F0}\RP110\A0013399.exe Infecté: Backdoor.Win32.Rbot.azb ignoré
C:\System Volume Information\_restore{EB95FEA6-66D1-48B7-9C01-B37AB8A598F0}\RP110\A0014455.exe Infecté: Backdoor.Win32.Rbot.azb ignoré
C:\System Volume Information\_restore{EB95FEA6-66D1-48B7-9C01-B37AB8A598F0}\RP111\A0014512.exe Infecté: Backdoor.Win32.Rbot.azb ignoré
C:\System Volume Information\_restore{EB95FEA6-66D1-48B7-9C01-B37AB8A598F0}\RP112\A0014544.exe Infecté: Backdoor.Win32.Rbot.azb ignoré
C:\System Volume Information\_restore{EB95FEA6-66D1-48B7-9C01-B37AB8A598F0}\RP112\A0014568.exe Infecté: Backdoor.Win32.Rbot.azb ignoré
C:\System Volume Information\_restore{EB95FEA6-66D1-48B7-9C01-B37AB8A598F0}\RP112\A0014600.exe Infecté: Backdoor.Win32.Rbot.azb ignoré
C:\System Volume Information\_restore{EB95FEA6-66D1-48B7-9C01-B37AB8A598F0}\RP113\A0014620.exe Infecté: Backdoor.Win32.Rbot.azb ignoré
C:\System Volume Information\_restore{EB95FEA6-66D1-48B7-9C01-B37AB8A598F0}\RP113\A0014659.exe Infecté: Backdoor.Win32.Rbot.azb ignoré
C:\System Volume Information\_restore{EB95FEA6-66D1-48B7-9C01-B37AB8A598F0}\RP113\A0014676.exe Infecté: Backdoor.Win32.Rbot.azb ignoré
C:\System Volume Information\_restore{EB95FEA6-66D1-48B7-9C01-B37AB8A598F0}\RP122\A0016036.exe Infecté: Backdoor.Win32.Rbot.ave ignoré
C:\System Volume Information\_restore{EB95FEA6-66D1-48B7-9C01-B37AB8A598F0}\RP127\A0016479.exe Infecté: Backdoor.Win32.Rbot.azo ignoré
C:\System Volume Information\_restore{EB95FEA6-66D1-48B7-9C01-B37AB8A598F0}\RP127\A0016480.exe Infecté: Backdoor.Win32.Rbot.bbs ignoré
C:\System Volume Information\_restore{EB95FEA6-66D1-48B7-9C01-B37AB8A598F0}\RP127\A0016481.exe Infecté: Backdoor.Win32.Rbot.bbs ignoré
C:\System Volume Information\_restore{EB95FEA6-66D1-48B7-9C01-B37AB8A598F0}\RP127\A0016482.exe Infecté: Backdoor.Win32.Rbot.azg ignoré
C:\System Volume Information\_restore{EB95FEA6-66D1-48B7-9C01-B37AB8A598F0}\RP127\A0016484.exe Infecté: Backdoor.Win32.Rbot.azb ignoré
C:\System Volume Information\_restore{EB95FEA6-66D1-48B7-9C01-B37AB8A598F0}\RP127\A0016485.exe Infecté: Backdoor.Win32.Rbot.azb ignoré
C:\System Volume Information\_restore{EB95FEA6-66D1-48B7-9C01-B37AB8A598F0}\RP127\A0016486.exe Infecté: Backdoor.Win32.IRCBot.qy ignoré
C:\System Volume Information\_restore{EB95FEA6-66D1-48B7-9C01-B37AB8A598F0}\RP127\A0016487.exe Infecté: Backdoor.Win32.Rbot.ayi ignoré
C:\System Volume Information\_restore{EB95FEA6-66D1-48B7-9C01-B37AB8A598F0}\RP127\A0016489.exe Infecté: Backdoor.Win32.IRCBot.qy ignoré
C:\System Volume Information\_restore{EB95FEA6-66D1-48B7-9C01-B37AB8A598F0}\RP127\A0016490.exe Infecté: Backdoor.Win32.Rbot.ayi ignoré
C:\System Volume Information\_restore{EB95FEA6-66D1-48B7-9C01-B37AB8A598F0}\RP98\A0012974.exe Infecté: Backdoor.Win32.Rbot.azb ignoré
C:\System Volume Information\_restore{EB95FEA6-66D1-48B7-9C01-B37AB8A598F0}\RP98\A0013004.exe Infecté: Backdoor.Win32.Rbot.azb ignoré
C:\System Volume Information\_restore{EB95FEA6-66D1-48B7-9C01-B37AB8A598F0}\RP99\A0013035.exe Infecté: Backdoor.Win32.Rbot.azb ignoré
C:\Ver20.exe/TaskPiG.exe Infecté: Backdoor.Win32.mIRC-based ignoré
C:\Ver20.exe Instyler: infecté - 1 ignoré
Analyse terminée.
- Assure toi d'avoir accès aux dossiers/fichiers cachés
-> Démarrer
-> Panneau de configuration
-> Options des Dossiers, onglet Affichage :
. Clique sur Afficher les dossiers cachés
. Décoche Masquer les extensions des fichiers dont le type est connu
. Décoche Masquer les fichiers protégés du système d'exploitation
- Suppime ces fichiers/dossiers si existe:
C:\Ver20.exe
C:\free701.exe
C:\Documents and Settings\RECTORAT\sop.exe
C:\Documents and Settings\RECTORAT\Local Settings\Temporary Internet Files\Content.IE5\ <- vide tout ce que tu peux
Desactive puis reactive la restauration du systeme
Reposte un log Hijackthis
-> Démarrer
-> Panneau de configuration
-> Options des Dossiers, onglet Affichage :
. Clique sur Afficher les dossiers cachés
. Décoche Masquer les extensions des fichiers dont le type est connu
. Décoche Masquer les fichiers protégés du système d'exploitation
- Suppime ces fichiers/dossiers si existe:
C:\Ver20.exe
C:\free701.exe
C:\Documents and Settings\RECTORAT\sop.exe
C:\Documents and Settings\RECTORAT\Local Settings\Temporary Internet Files\Content.IE5\ <- vide tout ce que tu peux
Desactive puis reactive la restauration du systeme
Reposte un log Hijackthis
Okay, j'ai tout fait.
Logfile of HijackThis v1.99.1
Scan saved at 21:49:17, on 09/06/2006
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\S24EvMon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\ZCfgSvc.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\System32\1XConfig.exe
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\Program Files\Borland\Interbase\bin\IbGuard.exe
C:\WINDOWS\System32\igfxtray.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\System32\RegSrvc.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\hkcmd.exe
C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb05.exe
C:\Program Files\Inventel\Gateway\wlancfg.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\MessengerPlus! 3\MsgPlus.exe
C:\WINDOWS\AGRSMMSG.exe
C:\PROGRA~1\Wanadoo\CnxMon.exe
C:\PROGRA~1\MESSAG~1\StartMessager.exe
C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe
C:\PROGRA~1\Wanadoo\TaskbarIcon.exe
C:\WINDOWS\vsnpstd.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\System32\zlp32\zlip25.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\ScanSoft\NaturallySpeaking\Program\natspeak.exe
C:\Program Files\Wanadoo\EspaceWanadoo.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Borland\Interbase\bin\IbServer.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Wanadoo\ComComp.exe
C:\Program Files\Wanadoo\Watch.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\RECTORAT\Bureau\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Wanadoo
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb05.exe
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\System32\PSDrvCheck.exe -CheckReg
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [PRONoMgr.exe] C:\Program Files\Intel\NCS\PROSet\PRONoMgr.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [WooCnxMon] C:\PROGRA~1\Wanadoo\CnxMon.exe
O4 - HKLM\..\Run: [MessagerStarter Wanadoo] C:\PROGRA~1\MESSAG~1\StartMessager.exe Messager Wanadoo
O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" /icon
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\TaskbarIcon.exe
O4 - HKLM\..\Run: [snpstd] C:\WINDOWS\vsnpstd.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [WinRbp] C:\WINDOWS\System32\zlp32\zlip25.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [WOOKIT] C:\Program Files\Wanadoo\Shell.exe appLaunchClientZone.shl|DEFAULT=cnx|PARAM=
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [WinRbp] C:\WINDOWS\System32\zlp32\zlip25.exe
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: Dragon NaturallySpeaking.lnk = C:\Program Files\ScanSoft\NaturallySpeaking\Program\natspeak.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Créer un Favori de l'appareil mobile - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\MESSAG~1\Messager Wanadoo.exe
O9 - Extra 'Tools' menuitem: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\MESSAG~1\Messager Wanadoo.exe
O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.wanadoo.fr (file missing) (HKCU)
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267....
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClie...
O17 - HKLM\System\CCS\Services\Tcpip\..\{2F8EF46D-F011-428E-85D7-CFDF84E73ACF}: NameServer = 80.10.246.1 80.10.246.132
O17 - HKLM\System\CS1\Services\Tcpip\..\{2F8EF46D-F011-428E-85D7-CFDF84E73ACF}: NameServer = 80.10.246.1 80.10.246.132
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - AppInit_DLLs: MsgPlusLoader.dll
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: Sebring - C:\WINDOWS\System32\LgNotify.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: InterBaseGuardian - Unknown owner - C:\Program Files\Borland\Interbase\bin\IbGuard.exe" -s (file missing)
O23 - Service: InterBaseServer - Unknown owner - C:\Program Files\Borland\Interbase\bin\IbServer.exe" -s -g (file missing)
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\NCS\Sync\NetSvc.exe
O23 - Service: RegSrvc - Intel Corporation - C:\WINDOWS\System32\RegSrvc.exe
O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\WINDOWS\System32\S24EvMon.exe
O23 - Service: Service de lancement de WlanCfg (Wlancfg) - Inventel - C:\Program Files\Inventel\Gateway\wlancfg.exe
Logfile of HijackThis v1.99.1
Scan saved at 21:49:17, on 09/06/2006
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\S24EvMon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\ZCfgSvc.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\System32\1XConfig.exe
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\Program Files\Borland\Interbase\bin\IbGuard.exe
C:\WINDOWS\System32\igfxtray.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\System32\RegSrvc.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\hkcmd.exe
C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb05.exe
C:\Program Files\Inventel\Gateway\wlancfg.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\MessengerPlus! 3\MsgPlus.exe
C:\WINDOWS\AGRSMMSG.exe
C:\PROGRA~1\Wanadoo\CnxMon.exe
C:\PROGRA~1\MESSAG~1\StartMessager.exe
C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe
C:\PROGRA~1\Wanadoo\TaskbarIcon.exe
C:\WINDOWS\vsnpstd.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\System32\zlp32\zlip25.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\ScanSoft\NaturallySpeaking\Program\natspeak.exe
C:\Program Files\Wanadoo\EspaceWanadoo.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Borland\Interbase\bin\IbServer.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Wanadoo\ComComp.exe
C:\Program Files\Wanadoo\Watch.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\RECTORAT\Bureau\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Wanadoo
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb05.exe
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\System32\PSDrvCheck.exe -CheckReg
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [PRONoMgr.exe] C:\Program Files\Intel\NCS\PROSet\PRONoMgr.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [WooCnxMon] C:\PROGRA~1\Wanadoo\CnxMon.exe
O4 - HKLM\..\Run: [MessagerStarter Wanadoo] C:\PROGRA~1\MESSAG~1\StartMessager.exe Messager Wanadoo
O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" /icon
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\TaskbarIcon.exe
O4 - HKLM\..\Run: [snpstd] C:\WINDOWS\vsnpstd.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [WinRbp] C:\WINDOWS\System32\zlp32\zlip25.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [WOOKIT] C:\Program Files\Wanadoo\Shell.exe appLaunchClientZone.shl|DEFAULT=cnx|PARAM=
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [WinRbp] C:\WINDOWS\System32\zlp32\zlip25.exe
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: Dragon NaturallySpeaking.lnk = C:\Program Files\ScanSoft\NaturallySpeaking\Program\natspeak.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Créer un Favori de l'appareil mobile - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\MESSAG~1\Messager Wanadoo.exe
O9 - Extra 'Tools' menuitem: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\MESSAG~1\Messager Wanadoo.exe
O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.wanadoo.fr (file missing) (HKCU)
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267....
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClie...
O17 - HKLM\System\CCS\Services\Tcpip\..\{2F8EF46D-F011-428E-85D7-CFDF84E73ACF}: NameServer = 80.10.246.1 80.10.246.132
O17 - HKLM\System\CS1\Services\Tcpip\..\{2F8EF46D-F011-428E-85D7-CFDF84E73ACF}: NameServer = 80.10.246.1 80.10.246.132
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - AppInit_DLLs: MsgPlusLoader.dll
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: Sebring - C:\WINDOWS\System32\LgNotify.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: InterBaseGuardian - Unknown owner - C:\Program Files\Borland\Interbase\bin\IbGuard.exe" -s (file missing)
O23 - Service: InterBaseServer - Unknown owner - C:\Program Files\Borland\Interbase\bin\IbServer.exe" -s -g (file missing)
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\NCS\Sync\NetSvc.exe
O23 - Service: RegSrvc - Intel Corporation - C:\WINDOWS\System32\RegSrvc.exe
O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\WINDOWS\System32\S24EvMon.exe
O23 - Service: Service de lancement de WlanCfg (Wlancfg) - Inventel - C:\Program Files\Inventel\Gateway\wlancfg.exe
Oui apparemment :
AntiVir 6.35.0.10 06.09.2006 BDS/mIRC-494552.A
Authentium 4.93.8 06.08.2006 no virus found
Avast 4.7.844.0 06.09.2006 no virus found
AVG 386 06.09.2006 no virus found
BitDefender 7.2 06.09.2006 Application.Mirc.G
CAT-QuickHeal 8.00 06.09.2006 (Suspicious) - DNAScan
ClamAV devel-20060426 06.09.2006 no virus found
DrWeb 4.33 06.09.2006 BackDoor.IRC.based
eTrust-InoculateIT 23.72.32 06.09.2006 no virus found
eTrust-Vet 12.6.2250 06.09.2006 Win32/Malum.IFN
Ewido 3.5 06.09.2006 no virus found
Fortinet 2.77.0.0 06.09.2006 suspicious
F-Prot 3.16f 06.08.2006 no virus found
Ikarus 0.2.65.0 06.09.2006 Backdoor.Win32.Hupigon.BV
Kaspersky 4.0.2.24 06.09.2006 not-a-virus:Client-IRC.Win32.mIRC.601
McAfee 4781 06.09.2006 Trojan mIRC Client
Microsoft 1.1441 06.09.2006 no virus found
NOD32v2 1.1589 06.09.2006 probably unknown NewHeur_PE virus
Norman 5.90.21 06.09.2006 no virus found
Panda 9.0.0.4 06.09.2006 Suspicious file
Sophos 4.06.0 06.09.2006 Troj/Mirchack-A
Symantec 8.0 06.09.2006 no virus found
TheHacker 5.9.8.156 06.08.2006 Aplicacion/mIRC.601
UNA 1.83 06.09.2006 no virus found
VBA32 3.11.0 06.09.2006 no virus found
AntiVir 6.35.0.10 06.09.2006 BDS/mIRC-494552.A
Authentium 4.93.8 06.08.2006 no virus found
Avast 4.7.844.0 06.09.2006 no virus found
AVG 386 06.09.2006 no virus found
BitDefender 7.2 06.09.2006 Application.Mirc.G
CAT-QuickHeal 8.00 06.09.2006 (Suspicious) - DNAScan
ClamAV devel-20060426 06.09.2006 no virus found
DrWeb 4.33 06.09.2006 BackDoor.IRC.based
eTrust-InoculateIT 23.72.32 06.09.2006 no virus found
eTrust-Vet 12.6.2250 06.09.2006 Win32/Malum.IFN
Ewido 3.5 06.09.2006 no virus found
Fortinet 2.77.0.0 06.09.2006 suspicious
F-Prot 3.16f 06.08.2006 no virus found
Ikarus 0.2.65.0 06.09.2006 Backdoor.Win32.Hupigon.BV
Kaspersky 4.0.2.24 06.09.2006 not-a-virus:Client-IRC.Win32.mIRC.601
McAfee 4781 06.09.2006 Trojan mIRC Client
Microsoft 1.1441 06.09.2006 no virus found
NOD32v2 1.1589 06.09.2006 probably unknown NewHeur_PE virus
Norman 5.90.21 06.09.2006 no virus found
Panda 9.0.0.4 06.09.2006 Suspicious file
Sophos 4.06.0 06.09.2006 Troj/Mirchack-A
Symantec 8.0 06.09.2006 no virus found
TheHacker 5.9.8.156 06.08.2006 Aplicacion/mIRC.601
UNA 1.83 06.09.2006 no virus found
VBA32 3.11.0 06.09.2006 no virus found
J'avais raison:
Redémarre en mode sans échec.
- Assure toi d'avoir accès aux dossiers/fichiers cachés
- Suppime ce dossier si existe:
C:\WINDOWS\System32\zlp32\
Redémarre en mode sans échec.
- Assure toi d'avoir accès aux dossiers/fichiers cachés
- Suppime ce dossier si existe:
C:\WINDOWS\System32\zlp32\
Logfile of HijackThis v1.99.1
Scan saved at 22:30:11, on 09/06/2006
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\S24EvMon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\ZCfgSvc.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\System32\1XConfig.exe
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\Program Files\Borland\Interbase\bin\IbGuard.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\System32\RegSrvc.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\igfxtray.exe
C:\Program Files\Inventel\Gateway\wlancfg.exe
C:\WINDOWS\System32\hkcmd.exe
C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb05.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\MessengerPlus! 3\MsgPlus.exe
C:\WINDOWS\AGRSMMSG.exe
C:\PROGRA~1\Wanadoo\CnxMon.exe
C:\PROGRA~1\MESSAG~1\StartMessager.exe
C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe
C:\PROGRA~1\Wanadoo\TaskbarIcon.exe
C:\WINDOWS\vsnpstd.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\ScanSoft\NaturallySpeaking\Program\natspeak.exe
C:\Program Files\Wanadoo\EspaceWanadoo.exe
C:\Program Files\Wanadoo\ComComp.exe
C:\Program Files\Borland\Interbase\bin\IbServer.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Wanadoo\Watch.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Documents and Settings\RECTORAT\Bureau\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Wanadoo
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb05.exe
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\System32\PSDrvCheck.exe -CheckReg
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [PRONoMgr.exe] C:\Program Files\Intel\NCS\PROSet\PRONoMgr.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [WooCnxMon] C:\PROGRA~1\Wanadoo\CnxMon.exe
O4 - HKLM\..\Run: [MessagerStarter Wanadoo] C:\PROGRA~1\MESSAG~1\StartMessager.exe Messager Wanadoo
O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" /icon
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\TaskbarIcon.exe
O4 - HKLM\..\Run: [snpstd] C:\WINDOWS\vsnpstd.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [WinRbp] C:\WINDOWS\System32\zlp32\zlip25.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [WOOKIT] C:\Program Files\Wanadoo\Shell.exe appLaunchClientZone.shl|DEFAULT=cnx|PARAM=
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [WinRbp] C:\WINDOWS\System32\zlp32\zlip25.exe
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: Dragon NaturallySpeaking.lnk = C:\Program Files\ScanSoft\NaturallySpeaking\Program\natspeak.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Créer un Favori de l'appareil mobile - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\MESSAG~1\Messager Wanadoo.exe
O9 - Extra 'Tools' menuitem: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\MESSAG~1\Messager Wanadoo.exe
O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.wanadoo.fr (file missing) (HKCU)
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267....
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClie...
O17 - HKLM\System\CCS\Services\Tcpip\..\{2F8EF46D-F011-428E-85D7-CFDF84E73ACF}: NameServer = 80.10.246.130 80.10.246.3
O17 - HKLM\System\CS1\Services\Tcpip\..\{2F8EF46D-F011-428E-85D7-CFDF84E73ACF}: NameServer = 80.10.246.130 80.10.246.3
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - AppInit_DLLs: MsgPlusLoader.dll
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: Sebring - C:\WINDOWS\System32\LgNotify.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: InterBaseGuardian - Unknown owner - C:\Program Files\Borland\Interbase\bin\IbGuard.exe" -s (file missing)
O23 - Service: InterBaseServer - Unknown owner - C:\Program Files\Borland\Interbase\bin\IbServer.exe" -s -g (file missing)
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\NCS\Sync\NetSvc.exe
O23 - Service: RegSrvc - Intel Corporation - C:\WINDOWS\System32\RegSrvc.exe
O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\WINDOWS\System32\S24EvMon.exe
O23 - Service: Service de lancement de WlanCfg (Wlancfg) - Inventel - C:\Program Files\Inventel\Gateway\wlancfg.exe
Scan saved at 22:30:11, on 09/06/2006
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\S24EvMon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\ZCfgSvc.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\System32\1XConfig.exe
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\Program Files\Borland\Interbase\bin\IbGuard.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\System32\RegSrvc.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\igfxtray.exe
C:\Program Files\Inventel\Gateway\wlancfg.exe
C:\WINDOWS\System32\hkcmd.exe
C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb05.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\MessengerPlus! 3\MsgPlus.exe
C:\WINDOWS\AGRSMMSG.exe
C:\PROGRA~1\Wanadoo\CnxMon.exe
C:\PROGRA~1\MESSAG~1\StartMessager.exe
C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe
C:\PROGRA~1\Wanadoo\TaskbarIcon.exe
C:\WINDOWS\vsnpstd.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\ScanSoft\NaturallySpeaking\Program\natspeak.exe
C:\Program Files\Wanadoo\EspaceWanadoo.exe
C:\Program Files\Wanadoo\ComComp.exe
C:\Program Files\Borland\Interbase\bin\IbServer.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Wanadoo\Watch.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Documents and Settings\RECTORAT\Bureau\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Wanadoo
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb05.exe
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\System32\PSDrvCheck.exe -CheckReg
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [PRONoMgr.exe] C:\Program Files\Intel\NCS\PROSet\PRONoMgr.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [WooCnxMon] C:\PROGRA~1\Wanadoo\CnxMon.exe
O4 - HKLM\..\Run: [MessagerStarter Wanadoo] C:\PROGRA~1\MESSAG~1\StartMessager.exe Messager Wanadoo
O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" /icon
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\TaskbarIcon.exe
O4 - HKLM\..\Run: [snpstd] C:\WINDOWS\vsnpstd.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [WinRbp] C:\WINDOWS\System32\zlp32\zlip25.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [WOOKIT] C:\Program Files\Wanadoo\Shell.exe appLaunchClientZone.shl|DEFAULT=cnx|PARAM=
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [WinRbp] C:\WINDOWS\System32\zlp32\zlip25.exe
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: Dragon NaturallySpeaking.lnk = C:\Program Files\ScanSoft\NaturallySpeaking\Program\natspeak.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Créer un Favori de l'appareil mobile - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\MESSAG~1\Messager Wanadoo.exe
O9 - Extra 'Tools' menuitem: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\MESSAG~1\Messager Wanadoo.exe
O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.wanadoo.fr (file missing) (HKCU)
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267....
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClie...
O17 - HKLM\System\CCS\Services\Tcpip\..\{2F8EF46D-F011-428E-85D7-CFDF84E73ACF}: NameServer = 80.10.246.130 80.10.246.3
O17 - HKLM\System\CS1\Services\Tcpip\..\{2F8EF46D-F011-428E-85D7-CFDF84E73ACF}: NameServer = 80.10.246.130 80.10.246.3
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - AppInit_DLLs: MsgPlusLoader.dll
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: Sebring - C:\WINDOWS\System32\LgNotify.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: InterBaseGuardian - Unknown owner - C:\Program Files\Borland\Interbase\bin\IbGuard.exe" -s (file missing)
O23 - Service: InterBaseServer - Unknown owner - C:\Program Files\Borland\Interbase\bin\IbServer.exe" -s -g (file missing)
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\NCS\Sync\NetSvc.exe
O23 - Service: RegSrvc - Intel Corporation - C:\WINDOWS\System32\RegSrvc.exe
O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\WINDOWS\System32\S24EvMon.exe
O23 - Service: Service de lancement de WlanCfg (Wlancfg) - Inventel - C:\Program Files\Inventel\Gateway\wlancfg.exe
Lassé par la pub ? Créez un compte
- Contenus similaires :
- ForumAnalyse de mon rapport hijackthis
- ForumAnalyse rapport hijackthis svp
- ForumAnalyse de rapport hijackthis svp
- ForumAnalyse d'un rapport hijackthis
- ForumRapport hijackthis analyse
- ForumAnalyse d' un rapport hijackthis
- ForumHijackthis comment mettre rapport analyse
- ForumRapport d analyse hijackthis
- ForumRapport analyse hijackthis pb divers
- ForumAnalyse rapport
- Voir plus
