Probleme internet, ver?spy?Résolu/Fermé

Question

Voila g des problemes d'internet explorer,pages qui se ferment,ouverture de popups XXX...etc, plein de pti truc chiantg fait un scran HijackThis:Logfile of HijackThis v1.99.1Scan saved at 13:17:50, on 7/06/2005Platform: Windows XP SP1 (WinNT 5.01.2600)MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)Running processes:I:\WINDOWS\System32\smss.exeI:\WINDOWS\system32\csrss.exeI:\WINDOWS\SYSTEM32\winlogon.exeI:\WINDOWS\system32\services.exeI:\WINDOWS\system32\lsass.exeI:\WINDOWS\system32\svchost.exeI:\WINDOWS\System32\svchost.exeI:\WINDOWS\System32\svchost.exeI:\WINDOWS\System32\svchost.exeI:\WINDOWS\system32\spoolsv.exeI:\WINDOWS\System32\alg.exeC:\WINDOWS\Inf\Catalog\su\srunner.exeI:\WINDOWS\System32
vsvc32.exeC:\WINDOWS\CURSORS\meta\oledac\backup\srunner.exeI:\WINDOWS\System32\svchost.exeI:\WINDOWS\System32\MsPMSPSv.exeI:\WINDOWS\Explorer.exeI:\Program Files\Logitech\iTouch\iTouch.exeI:\WINDOWS\svchost.exeI:\Program Files\MSN Messenger\msnmsgr.exeI:\WINDOWS\System32\dmsadmins.exeI:\WINDOWS\System32\qwinnta.exeI:\WINDOWS\System32\sesmgr.exeI:\WINDOWS\System32	askmgr.exeI:\Program Files\Internet Explorer\IEXPLORE.EXEi:\windows\system32\ptaleg.exeI:\Documents and Settings\Antoine\Bureau\HijackThis.exeR1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blankR1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.fr/0SEFRFR/SAOS02R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blankR1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = res://I:\DOCUME~1\Antoine\LOCALS~1\Temp\se.dll/sp.htmlR1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blankR0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blankR0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = about:blankR0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = about:blankR1 - HKLM\Software\Microsoft\Internet Explorer\Main,HomeOldSP = about:blankR0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = LiensF2 - REG:system.ini: Shell=Explorer.exe I:\WINDOWS\Nail.exeO2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - I:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dllO2 - BHO: IE SP2 AddOn - {51B5DECB-D4B2-4438-AC5F-97F5052F1062} - I:\WINDOWS\System32\spyyb.dllO2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - I:\PROGRA~1\SPYBOT~1\SDHelper.dllO2 - BHO: (no name) - {567BCF89-50C1-48DD-8BC2-1C3C0FE743E4} - I:\WINDOWS\System32\dico.dll (file missing)O2 - BHO: (no name) - {6DA975EA-CBB4-411B-97C0-DB0A892BF2C1} - (no file)O2 - BHO: (no name) - {81D5110E-5B10-AB2B-0D4E-E0F821B06BFA} - I:\WINDOWS\System32\xaaitoc.dllO3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - I:\WINDOWS\System32\msdxm.ocxO3 - Toolbar: (no name) - {08BEC6AA-49FC-4379-3587-4B21E286C19E} - (no file)O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE I:\WINDOWS\System32\NvCpl.dll,NvStartupO4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE I:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInitO4 - HKLM\..\Run: [NeroFilterCheck] I:\WINDOWS\system32\NeroCheck.exeO4 - HKLM\..\Run: [MessengerPlus3] "I:\Program Files\Messenger Plus! 3\MsgPlus.exe"O4 - HKLM\..\Run: [zBrowser Launcher] I:\Program Files\Logitech\iTouch\iTouch.exeO4 - HKLM\..\Run: [QuickTime Task] "I:\Program Files\QuickTime\qttask.exe" -atboottimeO4 - HKLM\..\Run: [TkBellExe] "I:\Program Files\Fichiers communs\Real\Update_OBealsched.exe"  -osbootO4 - HKLM\..\Run: [wvotanix] I:\WINDOWS\wvotanix.exeO4 - HKLM\..\Run: [_Cat3] I:\WINDOWS\msmsgrxp.exeO4 - HKLM\..\Run: [_Cat4] I:\WINDOWS\msmsgr2.exeO4 - HKLM\..\Run: [WinSrv] C:\windows\system32\sys32\sys32.batO4 - HKLM\..\Run: [LXBSCATS] rundll32 I:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXBStime.dll,_RunDLLEntry@16O4 - HKLM\..\Run: [MemoryCardManager] I:\Program Files\Lexmark\Lexmark Precision Photo\MemCard.exe -startupO4 - HKLM\..\Run: [wscsvc.exe] I:\WINDOWS\svchost.exeO4 - HKLM\..\Run: [Norton Client] vsmon.exeO4 - HKLM\..\Run: [TASKMANGR] TASKMGR.EXEO4 - HKLM\..\Run: [secure] svshost.exeO4 - HKLM\..\Run: [jwgjzqk] i:\windows\system32\ptaleg.exeO4 - HKLM\..\RunServices: [Norton Client] vsmon.exeO4 - HKLM\..\RunServices: [TASKMANGR] TASKMGR.EXEO4 - HKLM\..\RunServices: [secure] svshost.exeO4 - HKLM\..\RunOnce: [SpybotSnD] "I:\Program Files\Spybot - Search & Destroy\SpybotSD.exe" /autocheckO4 - HKCU\..\Run: [MessengerPlus3] "I:\Program Files\Messenger Plus! 3\MsgPlus.exe" /WinStartO4 - HKCU\..\Run: [msnmsgr] "I:\Program Files\MSN Messenger\msnmsgr.exe" /backgroundO4 - HKCU\..\Run: [x3yy] I:\WINDOWS\System32\x3yy\anpfdnil.exeO4 - HKCU\..\Run: [Norton Client] vsmon.exeO4 - HKCU\..\Run: [WareOut] "I:\Program Files\WareOut\WareOut.exe"O4 - HKCU\..\Run: [TASKMANGR] TASKMGR.EXEO4 - HKCU\..\Run: [secure] svshost.exeO4 - HKCU\..\RunServices: [TASKMANGR] TASKMGR.EXEO4 - HKCU\..\RunServices: [secure] svshost.exeO4 - Global Startup: Microsoft Office.lnk = I:\Program Files\Microsoft Office\Office10\OSA.EXEO6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions presentO6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel presentO9 - Extra button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - I:\Program Files\WinHTTrack\WinHTTrackIEBar.dllO9 - Extra 'Tools' menuitem: Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - I:\Program Files\WinHTTrack\WinHTTrackIEBar.dllO9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - I:\WINDOWS\webelated.htmO9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - I:\WINDOWS\webelated.htmO9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - I:\Program Files\Messenger\MSMSGS.EXEO9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - I:\Program Files\Messenger\MSMSGS.EXEO15 - Trusted Zone: *.clickspring.netO15 - Trusted Zone: *.flingstone.comO15 - Trusted Zone: *.mt-download.comO15 - Trusted Zone: *.my-internet.infoO15 - Trusted Zone: *.searchbarcash.comO15 - Trusted Zone: *.searchmiracle.comO15 - Trusted Zone: *.skoobidoo.comO15 - Trusted Zone: *.slotchbar.comO15 - Trusted Zone: *.windupdates.comO15 - Trusted Zone: *.ysbweb.comO15 - Trusted Zone: *.blazefind.com (HKLM)O15 - Trusted Zone: *.clickspring.net (HKLM)O15 - Trusted Zone: *.flingstone.com (HKLM)O15 - Trusted Zone: *.mt-download.com (HKLM)O15 - Trusted Zone: *.my-internet.info (HKLM)O15 - Trusted Zone: *.searchbarcash.com (HKLM)O15 - Trusted Zone: *.searchmiracle.com (HKLM)O15 - Trusted Zone: *.skoobidoo.com (HKLM)O15 - Trusted Zone: *.slotch.com (HKLM)O15 - Trusted Zone: *.slotchbar.com (HKLM)O15 - Trusted Zone: *.windupdates.com (HKLM)O15 - Trusted Zone: *.xxxtoolbar.com (HKLM)O15 - Trusted Zone: *.ysbweb.com (HKLM)O15 - Trusted IP range: 67.19.178.84O15 - Trusted IP range: 67.19.178.84 (HKLM)O16 - DPF: Yahoo! Dominoes - http://download.games.yahoo.com/games/clients/y/dot7_x.cabO16 - DPF: Yahoo! Literati - http://download.games.yahoo.com/games/clients/y/tt3_x.cabO16 - DPF: Yahoo! Pool 2 - http://download.games.yahoo.com/games/clients/y/pote_x.cabO16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab28578.cabO16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cabO16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cabO16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - http://us.dl1.yimg.com/download.yahoo.com/dl/installs/yinst0401.cabO16 - DPF: {31B7EB4E-8B4B-11D1-A789-00A0CC6651A8} (Cult3D ActiveX Player) - http://www.cult3d.com/download/cult.cabO16 - DPF: {4C39376E-FA9D-4349-BACC-D305C1750EF3} (EPUImageControl Class) - http://tools.ebayimg.com/eps/wl/activex/EPUWALControl_v1-0-3-17.cabO16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://spaces.msn.com//PhotoUpload/MsnPUpld.cabO16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2004061001/housecall.trendmicro.com/housecall/xscan53.cabO16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab28578.cabO16 - DPF: {A1A961DA-2BA6-4032-859E-01AC35357163} (One2One Viewer) - http://www.one2one.com/static/class/one2one.cabO16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.cabO16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Bankshot.cab31267.cabO16 - DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} (ZoneChess Object) - http://messenger.zone.msn.com/binary/Chess.cab31267.cabO16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://chat.msn.com/bin/msnchat45.cabO16 - DPF: {FA3662C3-B8E8-11D6-A667-0010B556D978} (IWinAmpActiveX Class) - http://cdn.digitalcity.com/_media/dalaillama/ampx.cabO17 - HKLM\System\CCS\Services\Tcpip\..\{1121C14A-5CAD-4D8C-B213-93B74D97AC97}: NameServer = 69.50.184.84,195.225.176.37O17 - HKLM\System\CCS\Services\Tcpip\..\{62ACC8D3-2A1F-46DF-A987-A9587BE1A11F}: NameServer = 69.50.184.84,195.225.176.37O17 - HKLM\System\CCS\Services\Tcpip\..\{6708C7A5-D525-44FA-995E-2AA99803FCB2}: NameServer = 69.50.184.84,195.225.176.37O17 - HKLM\System\CS1\Services\Tcpip\..\{1121C14A-5CAD-4D8C-B213-93B74D97AC97}: NameServer = 69.50.184.84,195.225.176.37O17 - HKLM\System\CS2\Services\Tcpip\..\{1121C14A-5CAD-4D8C-B213-93B74D97AC97}: NameServer = 69.50.184.84,195.225.176.37O18 - Filter: text/html - {8A218722-00FF-4DCF-B093-07A143301985} - I:\WINDOWS\System32\dico.dllO18 - Filter: text/plain - {8A218722-00FF-4DCF-B093-07A143301985} - I:\WINDOWS\System32\dico.dllO23 - Service: CPUCooLServer Service (CPUCooLServer) - Unknown owner - I:\Program Files\CPUCooL\CooLSrv.exe (file missing)O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - I:\WINDOWS\System32\CTSvcCDA.EXEO23 - Service: explore - Unknown owner - C:\WINDOWS\Inf\Catalog\su\srunner.exeO23 - Service: lxbs_device - Lexmark International, Inc. - I:\WINDOWS\System32\lxbscoms.exeO23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - I:\WINDOWS\System32
vsvc32.exeO23 - Service: SPOOLSVC - Unknown owner - C:\WINDOWS\CURSORS\meta\oledac\backup\srunner.exeO23 - Service: System Startup Service  (SvcProc) - Unknown owner - I:\WINDOWS\svcproc.exeO23 - Service: services32 Service: Win5 (Win5) - Unknown owner - C:\windows\system32\sys32\services32.EXEvoila merci si qqun peut me dire si chuis infecté de qquechoz ca serait super sympa merci

darkcrystal33 · Answer

pour savoir si tu est infecté par quelque chose, le bon réflexe ce n'est pas d'utiliser hijackthis.c'est de scanner ton ordinateur avec un antivirus, et un antispyware.***antispywares gratuits***télécharge/installe/met a jour et nettoie ton pc avec spybot (gratuit)http://betanewsdl.iad.cachefly.net/spybotsd14.exetélécharge/installe/met a jour et nettoie ton pc avec adaware (gratuit)http://www.lavasoftusa.com/default.shtml.frtélécharge/installe/met a jour et nettoie ton pc avec Microsoft anti-spyware (GIANT anti-spyware) (gratuit)http://www.microsoft.com/athome/security/spyware/software/default.mspx***scan antivirus en ligne ici==>http://www.inoculer.com/webantivirus.php3http://assiste.free.fr/p/antivirus_gratuits_en_ligne/antivirus_en_ligne.php***

Probleme internet, ver?spy?

1 réponse

Discussions similaires

Newsletters