Virus spyware-hot
Fermé
lias19
Messages postés
5
Date d'inscription
mardi 13 février 2007
Statut
Membre
Dernière intervention
4 août 2007
-
13 févr. 2007 à 05:54
lias19 Messages postés 5 Date d'inscription mardi 13 février 2007 Statut Membre Dernière intervention 4 août 2007 - 13 févr. 2007 à 17:20
lias19 Messages postés 5 Date d'inscription mardi 13 février 2007 Statut Membre Dernière intervention 4 août 2007 - 13 févr. 2007 à 17:20
A voir également:
- Virus spyware-hot
- Chat hot ✓ - Forum Internet / Réseaux sociaux
- Tinyurl virus - Forum Virus / Sécurité
- Svchost.exe virus - Guide
- Tlauncher virus ✓ - Forum Jeux vidéo
- 6 proccesus svchost.exe Virus? ✓ - Forum Virus / Sécurité
3 réponses
salwa5
Messages postés
7452
Date d'inscription
jeudi 30 novembre 2006
Statut
Contributeur
Dernière intervention
18 août 2012
1 558
13 févr. 2007 à 15:42
13 févr. 2007 à 15:42
bonjour commence par telecharger hijackthis et colle le resultat ici :
http://www.infos-du-net.com/telecharger/HijackThis.html
demo :
http://pageperso.aol.fr/balltrap34/demohijack.htm
a+++
http://www.infos-du-net.com/telecharger/HijackThis.html
demo :
http://pageperso.aol.fr/balltrap34/demohijack.htm
a+++
salwa5
Messages postés
7452
Date d'inscription
jeudi 30 novembre 2006
Statut
Contributeur
Dernière intervention
18 août 2012
1 558
13 févr. 2007 à 16:53
13 févr. 2007 à 16:53
bonjour
* Télécharge FixWareout d'un de ces deux sites sur le bureau:
http://downloads.subratam.org/Fixwareout.exe
http://swandog46.geekstogo.com/Fixwareout.exe
* Lance le fix: clique sur Next, puis Install, puis assure toi que "Run fixit" est activé puis clique sur Finish.
Le fix va commencer, suis les messages à l'écran. Il te sera demandé de redémarrer ton ordinateur, fais le. Ton système mettra un peu plus de temps au démarrage, c'est normal.
*Poste (Copie/colle) le contenu du rapport qui va s'afficher à l'écran (report.txt)
ouvre hijackthis coches ces lignes puis clic sur fix checked
O4 - HKLM\..\Run: [Shell] C:\WINDOWS\system\smsc.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O17 - HKLM\System\CCS\Services\Tcpip\..\{02671928-116B-4FF8-9F44-0CC79D0CF7E8}: NameServer = 85.255.114.23
O17 - HKLM\System\CCS\Services\Tcpip\..\{09792384-2141-4A71-B292-404F6A4B224F}: NameServer = 85.255.114.23
O17 - HKLM\System\CCS\Services\Tcpip\..\{0E0E6D96-F90F-4FAE-B129-57AA38BAC445}: NameServer = 85.255.114.23
O17 - HKLM\System\CCS\Services\Tcpip\..\{18B64E85-E798-42DD-B8E6-619A5C02AEDB}: NameServer = 85.255.114.23
O17 - HKLM\System\CCS\Services\Tcpip\..\{2680FEB9-EF94-4C5B-9B80-F645B10144B8}: NameServer = 85.255.114.23
O17 - HKLM\System\CCS\Services\Tcpip\..\{532F5664-7B7C-406F-AE51-C39ABE92A6FB}: NameServer = 85.255.114.23
O17 - HKLM\System\CCS\Services\Tcpip\..\{5B3BF874-018C-4231-A58B-2AA89C6D51D0}: NameServer = 85.255.114.23
O17 - HKLM\System\CCS\Services\Tcpip\..\{65EFB3B8-1F64-4504-AB38-0AEE630D25E8}: NameServer = 85.255.114.23
O17 - HKLM\System\CCS\Services\Tcpip\..\{6705AD1B-7B63-448C-87E5-E078727BDBAA}: NameServer = 85.255.114.23
O17 - HKLM\System\CCS\Services\Tcpip\..\{814333A2-48A0-4DD2-8E99-D58A34C1A186}: NameServer = 85.255.114.23
O17 - HKLM\System\CCS\Services\Tcpip\..\{8C5973E9-84A4-4111-A50D-51392C9A177C}: NameServer = 85.255.114.23
O17 - HKLM\System\CCS\Services\Tcpip\..\{A44555C7-AF66-4AAE-8BD2-DE3168FCA9AF}: NameServer = 85.255.114.23
O17 - HKLM\System\CCS\Services\Tcpip\..\{A933747E-BDB3-45DA-972E-904B7EE140C4}: NameServer = 85.255.114.23
O17 - HKLM\System\CCS\Services\Tcpip\..\{AAC16364-1BFB-4D17-A0A0-24096E1CEB0C}: NameServer = 85.255.114.23
O17 - HKLM\System\CCS\Services\Tcpip\..\{B76DCB44-6ADA-4C12-B68F-A9634CEC2838}: NameServer = 85.255.114.23
O17 - HKLM\System\CCS\Services\Tcpip\..\{BC93AA8A-A1BF-45E7-BB0F-9CA8EA2C4617}: NameServer = 85.255.114.23
O17 - HKLM\System\CCS\Services\Tcpip\..\{C0FEB2E8-25FD-4620-AB1B-77E13B742722}: NameServer = 85.255.114.23
O17 - HKLM\System\CCS\Services\Tcpip\..\{C4C16C1F-3A2C-444A-90DB-432CFBEF23ED}: NameServer = 85.255.114.23
O17 - HKLM\System\CCS\Services\Tcpip\..\{CDFACCA0-EF6C-4733-8A84-CDBE0ED240A8}: NameServer = 85.255.114.23
O17 - HKLM\System\CCS\Services\Tcpip\..\{E7843D9D-65A5-4EE8-A4D5-5CF342AD91E6}: NameServer = 85.255.114.23
O17 - HKLM\System\CCS\Services\Tcpip\..\{EECF9ACC-F8AE-4735-8FE8-514023A80BC1}: NameServer = 85.255.114.23
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 85.255.114.23 85.255.112.220
O17 - HKLM\System\CS1\Services\Tcpip\..\{02671928-116B-4FF8-9F44-0CC79D0CF7E8}: NameServer = 85.255.114.23
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 85.255.114.23 85.255.112.220
O17 - HKLM\System\CS2\Services\Tcpip\..\{02671928-116B-4FF8-9F44-0CC79D0CF7E8}: NameServer = 85.255.114.23
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.114.23 85.255.112.220
cherche et supprime le fichier en gras si present
C:\WINDOWS\system\smsc.exe
redemare le pc et dit moi ce que ca donne
a++++
* Télécharge FixWareout d'un de ces deux sites sur le bureau:
http://downloads.subratam.org/Fixwareout.exe
http://swandog46.geekstogo.com/Fixwareout.exe
* Lance le fix: clique sur Next, puis Install, puis assure toi que "Run fixit" est activé puis clique sur Finish.
Le fix va commencer, suis les messages à l'écran. Il te sera demandé de redémarrer ton ordinateur, fais le. Ton système mettra un peu plus de temps au démarrage, c'est normal.
*Poste (Copie/colle) le contenu du rapport qui va s'afficher à l'écran (report.txt)
ouvre hijackthis coches ces lignes puis clic sur fix checked
O4 - HKLM\..\Run: [Shell] C:\WINDOWS\system\smsc.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O17 - HKLM\System\CCS\Services\Tcpip\..\{02671928-116B-4FF8-9F44-0CC79D0CF7E8}: NameServer = 85.255.114.23
O17 - HKLM\System\CCS\Services\Tcpip\..\{09792384-2141-4A71-B292-404F6A4B224F}: NameServer = 85.255.114.23
O17 - HKLM\System\CCS\Services\Tcpip\..\{0E0E6D96-F90F-4FAE-B129-57AA38BAC445}: NameServer = 85.255.114.23
O17 - HKLM\System\CCS\Services\Tcpip\..\{18B64E85-E798-42DD-B8E6-619A5C02AEDB}: NameServer = 85.255.114.23
O17 - HKLM\System\CCS\Services\Tcpip\..\{2680FEB9-EF94-4C5B-9B80-F645B10144B8}: NameServer = 85.255.114.23
O17 - HKLM\System\CCS\Services\Tcpip\..\{532F5664-7B7C-406F-AE51-C39ABE92A6FB}: NameServer = 85.255.114.23
O17 - HKLM\System\CCS\Services\Tcpip\..\{5B3BF874-018C-4231-A58B-2AA89C6D51D0}: NameServer = 85.255.114.23
O17 - HKLM\System\CCS\Services\Tcpip\..\{65EFB3B8-1F64-4504-AB38-0AEE630D25E8}: NameServer = 85.255.114.23
O17 - HKLM\System\CCS\Services\Tcpip\..\{6705AD1B-7B63-448C-87E5-E078727BDBAA}: NameServer = 85.255.114.23
O17 - HKLM\System\CCS\Services\Tcpip\..\{814333A2-48A0-4DD2-8E99-D58A34C1A186}: NameServer = 85.255.114.23
O17 - HKLM\System\CCS\Services\Tcpip\..\{8C5973E9-84A4-4111-A50D-51392C9A177C}: NameServer = 85.255.114.23
O17 - HKLM\System\CCS\Services\Tcpip\..\{A44555C7-AF66-4AAE-8BD2-DE3168FCA9AF}: NameServer = 85.255.114.23
O17 - HKLM\System\CCS\Services\Tcpip\..\{A933747E-BDB3-45DA-972E-904B7EE140C4}: NameServer = 85.255.114.23
O17 - HKLM\System\CCS\Services\Tcpip\..\{AAC16364-1BFB-4D17-A0A0-24096E1CEB0C}: NameServer = 85.255.114.23
O17 - HKLM\System\CCS\Services\Tcpip\..\{B76DCB44-6ADA-4C12-B68F-A9634CEC2838}: NameServer = 85.255.114.23
O17 - HKLM\System\CCS\Services\Tcpip\..\{BC93AA8A-A1BF-45E7-BB0F-9CA8EA2C4617}: NameServer = 85.255.114.23
O17 - HKLM\System\CCS\Services\Tcpip\..\{C0FEB2E8-25FD-4620-AB1B-77E13B742722}: NameServer = 85.255.114.23
O17 - HKLM\System\CCS\Services\Tcpip\..\{C4C16C1F-3A2C-444A-90DB-432CFBEF23ED}: NameServer = 85.255.114.23
O17 - HKLM\System\CCS\Services\Tcpip\..\{CDFACCA0-EF6C-4733-8A84-CDBE0ED240A8}: NameServer = 85.255.114.23
O17 - HKLM\System\CCS\Services\Tcpip\..\{E7843D9D-65A5-4EE8-A4D5-5CF342AD91E6}: NameServer = 85.255.114.23
O17 - HKLM\System\CCS\Services\Tcpip\..\{EECF9ACC-F8AE-4735-8FE8-514023A80BC1}: NameServer = 85.255.114.23
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 85.255.114.23 85.255.112.220
O17 - HKLM\System\CS1\Services\Tcpip\..\{02671928-116B-4FF8-9F44-0CC79D0CF7E8}: NameServer = 85.255.114.23
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 85.255.114.23 85.255.112.220
O17 - HKLM\System\CS2\Services\Tcpip\..\{02671928-116B-4FF8-9F44-0CC79D0CF7E8}: NameServer = 85.255.114.23
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.114.23 85.255.112.220
cherche et supprime le fichier en gras si present
C:\WINDOWS\system\smsc.exe
redemare le pc et dit moi ce que ca donne
a++++
lias19
Messages postés
5
Date d'inscription
mardi 13 février 2007
Statut
Membre
Dernière intervention
4 août 2007
13 févr. 2007 à 17:20
13 févr. 2007 à 17:20
alors voici le rapport de fixwareout
Fixwareout
Last edited 12/06/2006
Post this report in the forums please
...
Prerun check
[HKEY_LOCAL_MACHINE\\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"system"=""
...
...
Reg Entries that were deleted
...
Random Runs removed from HKLM
...
...
PLEASE NOTE, There WILL be LEGITIMATE FILES LISTED. IF YOU ARE UNSURE OF WHAT IT IS LEAVE THEM ALONE.
»»»»» Searching by size/names...
»»»»»
Search five digit cs, dm kd and jb files.
This WILL/CAN also list Legit Files, Submit them at Virustotal
Other suspects.
»»»»» Misc files.
»»»»» Checking for older varients covered by the Rem3 tool.
...
Postrun check
[HKEY_LOCAL_MACHINE\\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"system"=""
...
Fixwareout
Last edited 12/06/2006
Post this report in the forums please
...
Prerun check
[HKEY_LOCAL_MACHINE\\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"system"=""
...
...
Reg Entries that were deleted
...
Random Runs removed from HKLM
...
...
PLEASE NOTE, There WILL be LEGITIMATE FILES LISTED. IF YOU ARE UNSURE OF WHAT IT IS LEAVE THEM ALONE.
»»»»» Searching by size/names...
»»»»»
Search five digit cs, dm kd and jb files.
This WILL/CAN also list Legit Files, Submit them at Virustotal
Other suspects.
»»»»» Misc files.
»»»»» Checking for older varients covered by the Rem3 tool.
...
Postrun check
[HKEY_LOCAL_MACHINE\\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"system"=""
...
13 févr. 2007 à 16:24
Logfile of HijackThis v1.99.1
Scan saved at 16:19:35, on 13/02/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Spyware Doctor\sdhelp.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe
C:\WINDOWS\system32\rundll32.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Picasa2\PicasaMediaDetector.exe
C:\Program Files\Winamp\winampa.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\MySpace\IM\MySpaceIM.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\WINDOWS\system32\WiFiCfg.exe
C:\WINDOWS\system32\PRISMSVR.EXE
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\PROGRA~1\WinZip\winzip32.exe
C:\DOCUME~1\TOSHIBA\LOCALS~1\Temp\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: PCTools Site Guard - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - C:\PROGRA~1\SPYWAR~1\tools\iesdsg.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar4.dll
O2 - BHO: PCTools Browser Monitor - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar4.dll
O4 - HKLM\..\Run: [DVD43] "C:\Program Files\DVD Region+CSS Free\DVDRegionFree.exe" /hidden
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe"
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Shell] C:\WINDOWS\system\smsc.exe
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [MySpaceIM] C:\Program Files\MySpace\IM\MySpaceIM.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - Startup: 802.11g USB 2.0 adapter Setting.lnk = C:\WINDOWS\system32\WiFiCfg.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab47946.cab
O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Bankshot.cab31267.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{02671928-116B-4FF8-9F44-0CC79D0CF7E8}: NameServer = 85.255.114.23
O17 - HKLM\System\CCS\Services\Tcpip\..\{09792384-2141-4A71-B292-404F6A4B224F}: NameServer = 85.255.114.23
O17 - HKLM\System\CCS\Services\Tcpip\..\{0E0E6D96-F90F-4FAE-B129-57AA38BAC445}: NameServer = 85.255.114.23
O17 - HKLM\System\CCS\Services\Tcpip\..\{18B64E85-E798-42DD-B8E6-619A5C02AEDB}: NameServer = 85.255.114.23
O17 - HKLM\System\CCS\Services\Tcpip\..\{2680FEB9-EF94-4C5B-9B80-F645B10144B8}: NameServer = 85.255.114.23
O17 - HKLM\System\CCS\Services\Tcpip\..\{532F5664-7B7C-406F-AE51-C39ABE92A6FB}: NameServer = 85.255.114.23
O17 - HKLM\System\CCS\Services\Tcpip\..\{5B3BF874-018C-4231-A58B-2AA89C6D51D0}: NameServer = 85.255.114.23
O17 - HKLM\System\CCS\Services\Tcpip\..\{65EFB3B8-1F64-4504-AB38-0AEE630D25E8}: NameServer = 85.255.114.23
O17 - HKLM\System\CCS\Services\Tcpip\..\{6705AD1B-7B63-448C-87E5-E078727BDBAA}: NameServer = 85.255.114.23
O17 - HKLM\System\CCS\Services\Tcpip\..\{814333A2-48A0-4DD2-8E99-D58A34C1A186}: NameServer = 85.255.114.23
O17 - HKLM\System\CCS\Services\Tcpip\..\{8C5973E9-84A4-4111-A50D-51392C9A177C}: NameServer = 85.255.114.23
O17 - HKLM\System\CCS\Services\Tcpip\..\{A44555C7-AF66-4AAE-8BD2-DE3168FCA9AF}: NameServer = 85.255.114.23
O17 - HKLM\System\CCS\Services\Tcpip\..\{A933747E-BDB3-45DA-972E-904B7EE140C4}: NameServer = 85.255.114.23
O17 - HKLM\System\CCS\Services\Tcpip\..\{AAC16364-1BFB-4D17-A0A0-24096E1CEB0C}: NameServer = 85.255.114.23
O17 - HKLM\System\CCS\Services\Tcpip\..\{B76DCB44-6ADA-4C12-B68F-A9634CEC2838}: NameServer = 85.255.114.23
O17 - HKLM\System\CCS\Services\Tcpip\..\{BC93AA8A-A1BF-45E7-BB0F-9CA8EA2C4617}: NameServer = 85.255.114.23
O17 - HKLM\System\CCS\Services\Tcpip\..\{C0FEB2E8-25FD-4620-AB1B-77E13B742722}: NameServer = 85.255.114.23
O17 - HKLM\System\CCS\Services\Tcpip\..\{C4C16C1F-3A2C-444A-90DB-432CFBEF23ED}: NameServer = 85.255.114.23
O17 - HKLM\System\CCS\Services\Tcpip\..\{CDFACCA0-EF6C-4733-8A84-CDBE0ED240A8}: NameServer = 85.255.114.23
O17 - HKLM\System\CCS\Services\Tcpip\..\{E7843D9D-65A5-4EE8-A4D5-5CF342AD91E6}: NameServer = 85.255.114.23
O17 - HKLM\System\CCS\Services\Tcpip\..\{EECF9ACC-F8AE-4735-8FE8-514023A80BC1}: NameServer = 85.255.114.23
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 85.255.114.23 85.255.112.220
O17 - HKLM\System\CS1\Services\Tcpip\..\{02671928-116B-4FF8-9F44-0CC79D0CF7E8}: NameServer = 85.255.114.23
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 85.255.114.23 85.255.112.220
O17 - HKLM\System\CS2\Services\Tcpip\..\{02671928-116B-4FF8-9F44-0CC79D0CF7E8}: NameServer = 85.255.114.23
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.114.23 85.255.112.220
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: WgaLogon - WgaLogon.dll (file missing)
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: PC Tools Spyware Doctor (SDhelper) - PC Tools Research Pty Ltd - C:\Program Files\Spyware Doctor\sdhelp.exe
merci davance