Probleme internet, ver?spy?
Résolu
toine
-
darkcrystal33 Messages postés 3815 Statut Contributeur -
darkcrystal33 Messages postés 3815 Statut Contributeur -
Voila g des problemes d'internet explorer,pages qui se ferment,ouverture de popups XXX...etc, plein de pti truc chiant
g fait un scran HijackThis:
Logfile of HijackThis v1.99.1
Scan saved at 13:17:50, on 7/06/2005
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
I:\WINDOWS\System32\smss.exe
I:\WINDOWS\system32\csrss.exe
I:\WINDOWS\SYSTEM32\winlogon.exe
I:\WINDOWS\system32\services.exe
I:\WINDOWS\system32\lsass.exe
I:\WINDOWS\system32\svchost.exe
I:\WINDOWS\System32\svchost.exe
I:\WINDOWS\System32\svchost.exe
I:\WINDOWS\System32\svchost.exe
I:\WINDOWS\system32\spoolsv.exe
I:\WINDOWS\System32\alg.exe
C:\WINDOWS\Inf\Catalog\su\srunner.exe
I:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\CURSORS\meta\oledac\backup\srunner.exe
I:\WINDOWS\System32\svchost.exe
I:\WINDOWS\System32\MsPMSPSv.exe
I:\WINDOWS\Explorer.exe
I:\Program Files\Logitech\iTouch\iTouch.exe
I:\WINDOWS\svchost.exe
I:\Program Files\MSN Messenger\msnmsgr.exe
I:\WINDOWS\System32\dmsadmins.exe
I:\WINDOWS\System32\qwinnta.exe
I:\WINDOWS\System32\sesmgr.exe
I:\WINDOWS\System32\taskmgr.exe
I:\Program Files\Internet Explorer\IEXPLORE.EXE
i:\windows\system32\ptaleg.exe
I:\Documents and Settings\Antoine\Bureau\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.fr/0SEFRFR/SAOS02
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = res://I:\DOCUME~1\Antoine\LOCALS~1\Temp\se.dll/sp.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,HomeOldSP = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
F2 - REG:system.ini: Shell=Explorer.exe I:\WINDOWS\Nail.exe
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - I:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: IE SP2 AddOn - {51B5DECB-D4B2-4438-AC5F-97F5052F1062} - I:\WINDOWS\System32\spyyb.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - I:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {567BCF89-50C1-48DD-8BC2-1C3C0FE743E4} - I:\WINDOWS\System32\dico.dll (file missing)
O2 - BHO: (no name) - {6DA975EA-CBB4-411B-97C0-DB0A892BF2C1} - (no file)
O2 - BHO: (no name) - {81D5110E-5B10-AB2B-0D4E-E0F821B06BFA} - I:\WINDOWS\System32\xaaitoc.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - I:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: (no name) - {08BEC6AA-49FC-4379-3587-4B21E286C19E} - (no file)
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE I:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE I:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NeroFilterCheck] I:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [MessengerPlus3] "I:\Program Files\Messenger Plus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [zBrowser Launcher] I:\Program Files\Logitech\iTouch\iTouch.exe
O4 - HKLM\..\Run: [QuickTime Task] "I:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [TkBellExe] "I:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [wvotanix] I:\WINDOWS\wvotanix.exe
O4 - HKLM\..\Run: [_Cat3] I:\WINDOWS\msmsgrxp.exe
O4 - HKLM\..\Run: [_Cat4] I:\WINDOWS\msmsgr2.exe
O4 - HKLM\..\Run: [WinSrv] C:\windows\system32\sys32\sys32.bat
O4 - HKLM\..\Run: [LXBSCATS] rundll32 I:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXBStime.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [MemoryCardManager] I:\Program Files\Lexmark\Lexmark Precision Photo\MemCard.exe -startup
O4 - HKLM\..\Run: [wscsvc.exe] I:\WINDOWS\svchost.exe
O4 - HKLM\..\Run: [Norton Client] vsmon.exe
O4 - HKLM\..\Run: [TASKMANGR] TASKMGR.EXE
O4 - HKLM\..\Run: [secure] svshost.exe
O4 - HKLM\..\Run: [jwgjzqk] i:\windows\system32\ptaleg.exe
O4 - HKLM\..\RunServices: [Norton Client] vsmon.exe
O4 - HKLM\..\RunServices: [TASKMANGR] TASKMGR.EXE
O4 - HKLM\..\RunServices: [secure] svshost.exe
O4 - HKLM\..\RunOnce: [SpybotSnD] "I:\Program Files\Spybot - Search & Destroy\SpybotSD.exe" /autocheck
O4 - HKCU\..\Run: [MessengerPlus3] "I:\Program Files\Messenger Plus! 3\MsgPlus.exe" /WinStart
O4 - HKCU\..\Run: [msnmsgr] "I:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [x3yy] I:\WINDOWS\System32\x3yy\anpfdnil.exe
O4 - HKCU\..\Run: [Norton Client] vsmon.exe
O4 - HKCU\..\Run: [WareOut] "I:\Program Files\WareOut\WareOut.exe"
O4 - HKCU\..\Run: [TASKMANGR] TASKMGR.EXE
O4 - HKCU\..\Run: [secure] svshost.exe
O4 - HKCU\..\RunServices: [TASKMANGR] TASKMGR.EXE
O4 - HKCU\..\RunServices: [secure] svshost.exe
O4 - Global Startup: Microsoft Office.lnk = I:\Program Files\Microsoft Office\Office10\OSA.EXE
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O9 - Extra button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - I:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra 'Tools' menuitem: Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - I:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - I:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - I:\WINDOWS\web\related.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - I:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - I:\Program Files\Messenger\MSMSGS.EXE
O15 - Trusted Zone: *.clickspring.net
O15 - Trusted Zone: *.flingstone.com
O15 - Trusted Zone: *.mt-download.com
O15 - Trusted Zone: *.my-internet.info
O15 - Trusted Zone: *.searchbarcash.com
O15 - Trusted Zone: *.searchmiracle.com
O15 - Trusted Zone: *.skoobidoo.com
O15 - Trusted Zone: *.slotchbar.com
O15 - Trusted Zone: *.windupdates.com
O15 - Trusted Zone: *.ysbweb.com
O15 - Trusted Zone: *.blazefind.com (HKLM)
O15 - Trusted Zone: *.clickspring.net (HKLM)
O15 - Trusted Zone: *.flingstone.com (HKLM)
O15 - Trusted Zone: *.mt-download.com (HKLM)
O15 - Trusted Zone: *.my-internet.info (HKLM)
O15 - Trusted Zone: *.searchbarcash.com (HKLM)
O15 - Trusted Zone: *.searchmiracle.com (HKLM)
O15 - Trusted Zone: *.skoobidoo.com (HKLM)
O15 - Trusted Zone: *.slotch.com (HKLM)
O15 - Trusted Zone: *.slotchbar.com (HKLM)
O15 - Trusted Zone: *.windupdates.com (HKLM)
O15 - Trusted Zone: *.xxxtoolbar.com (HKLM)
O15 - Trusted Zone: *.ysbweb.com (HKLM)
O15 - Trusted IP range: 67.19.178.84
O15 - Trusted IP range: 67.19.178.84 (HKLM)
O16 - DPF: Yahoo! Dominoes - http://download.games.yahoo.com/games/clients/y/dot7_x.cab
O16 - DPF: Yahoo! Literati - http://download.games.yahoo.com/games/clients/y/tt3_x.cab
O16 - DPF: Yahoo! Pool 2 - http://download.games.yahoo.com/games/clients/y/pote_x.cab
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab28578.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - http://us.dl1.yimg.com/download.yahoo.com/dl/installs/yinst0401.cab
O16 - DPF: {31B7EB4E-8B4B-11D1-A789-00A0CC6651A8} (Cult3D ActiveX Player) - http://www.cult3d.com/download/cult.cab
O16 - DPF: {4C39376E-FA9D-4349-BACC-D305C1750EF3} (EPUImageControl Class) - http://tools.ebayimg.com/eps/wl/activex/EPUWALControl_v1-0-3-17.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://spaces.msn.com//PhotoUpload/MsnPUpld.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2004061001/housecall.trendmicro.com/housecall/xscan53.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab28578.cab
O16 - DPF: {A1A961DA-2BA6-4032-859E-01AC35357163} (One2One Viewer) - http://www.one2one.com/static/class/one2one.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab
O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Bankshot.cab31267.cab
O16 - DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} (ZoneChess Object) - http://messenger.zone.msn.com/binary/Chess.cab31267.cab
O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://chat.msn.com/bin/msnchat45.cab
O16 - DPF: {FA3662C3-B8E8-11D6-A667-0010B556D978} (IWinAmpActiveX Class) - http://cdn.digitalcity.com/_media/dalaillama/ampx.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{1121C14A-5CAD-4D8C-B213-93B74D97AC97}: NameServer = 69.50.184.84,195.225.176.37
O17 - HKLM\System\CCS\Services\Tcpip\..\{62ACC8D3-2A1F-46DF-A987-A9587BE1A11F}: NameServer = 69.50.184.84,195.225.176.37
O17 - HKLM\System\CCS\Services\Tcpip\..\{6708C7A5-D525-44FA-995E-2AA99803FCB2}: NameServer = 69.50.184.84,195.225.176.37
O17 - HKLM\System\CS1\Services\Tcpip\..\{1121C14A-5CAD-4D8C-B213-93B74D97AC97}: NameServer = 69.50.184.84,195.225.176.37
O17 - HKLM\System\CS2\Services\Tcpip\..\{1121C14A-5CAD-4D8C-B213-93B74D97AC97}: NameServer = 69.50.184.84,195.225.176.37
O18 - Filter: text/html - {8A218722-00FF-4DCF-B093-07A143301985} - I:\WINDOWS\System32\dico.dll
O18 - Filter: text/plain - {8A218722-00FF-4DCF-B093-07A143301985} - I:\WINDOWS\System32\dico.dll
O23 - Service: CPUCooLServer Service (CPUCooLServer) - Unknown owner - I:\Program Files\CPUCooL\CooLSrv.exe (file missing)
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - I:\WINDOWS\System32\CTSvcCDA.EXE
O23 - Service: explore - Unknown owner - C:\WINDOWS\Inf\Catalog\su\srunner.exe
O23 - Service: lxbs_device - Lexmark International, Inc. - I:\WINDOWS\System32\lxbscoms.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - I:\WINDOWS\System32\nvsvc32.exe
O23 - Service: SPOOLSVC - Unknown owner - C:\WINDOWS\CURSORS\meta\oledac\backup\srunner.exe
O23 - Service: System Startup Service (SvcProc) - Unknown owner - I:\WINDOWS\svcproc.exe
O23 - Service: services32 Service: Win5 (Win5) - Unknown owner - C:\windows\system32\sys32\services32.EXE
voila merci si qqun peut me dire si chuis infecté de qquechoz ca serait super sympa merci
g fait un scran HijackThis:
Logfile of HijackThis v1.99.1
Scan saved at 13:17:50, on 7/06/2005
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
I:\WINDOWS\System32\smss.exe
I:\WINDOWS\system32\csrss.exe
I:\WINDOWS\SYSTEM32\winlogon.exe
I:\WINDOWS\system32\services.exe
I:\WINDOWS\system32\lsass.exe
I:\WINDOWS\system32\svchost.exe
I:\WINDOWS\System32\svchost.exe
I:\WINDOWS\System32\svchost.exe
I:\WINDOWS\System32\svchost.exe
I:\WINDOWS\system32\spoolsv.exe
I:\WINDOWS\System32\alg.exe
C:\WINDOWS\Inf\Catalog\su\srunner.exe
I:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\CURSORS\meta\oledac\backup\srunner.exe
I:\WINDOWS\System32\svchost.exe
I:\WINDOWS\System32\MsPMSPSv.exe
I:\WINDOWS\Explorer.exe
I:\Program Files\Logitech\iTouch\iTouch.exe
I:\WINDOWS\svchost.exe
I:\Program Files\MSN Messenger\msnmsgr.exe
I:\WINDOWS\System32\dmsadmins.exe
I:\WINDOWS\System32\qwinnta.exe
I:\WINDOWS\System32\sesmgr.exe
I:\WINDOWS\System32\taskmgr.exe
I:\Program Files\Internet Explorer\IEXPLORE.EXE
i:\windows\system32\ptaleg.exe
I:\Documents and Settings\Antoine\Bureau\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.fr/0SEFRFR/SAOS02
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = res://I:\DOCUME~1\Antoine\LOCALS~1\Temp\se.dll/sp.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,HomeOldSP = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
F2 - REG:system.ini: Shell=Explorer.exe I:\WINDOWS\Nail.exe
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - I:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: IE SP2 AddOn - {51B5DECB-D4B2-4438-AC5F-97F5052F1062} - I:\WINDOWS\System32\spyyb.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - I:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {567BCF89-50C1-48DD-8BC2-1C3C0FE743E4} - I:\WINDOWS\System32\dico.dll (file missing)
O2 - BHO: (no name) - {6DA975EA-CBB4-411B-97C0-DB0A892BF2C1} - (no file)
O2 - BHO: (no name) - {81D5110E-5B10-AB2B-0D4E-E0F821B06BFA} - I:\WINDOWS\System32\xaaitoc.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - I:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: (no name) - {08BEC6AA-49FC-4379-3587-4B21E286C19E} - (no file)
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE I:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE I:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NeroFilterCheck] I:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [MessengerPlus3] "I:\Program Files\Messenger Plus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [zBrowser Launcher] I:\Program Files\Logitech\iTouch\iTouch.exe
O4 - HKLM\..\Run: [QuickTime Task] "I:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [TkBellExe] "I:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [wvotanix] I:\WINDOWS\wvotanix.exe
O4 - HKLM\..\Run: [_Cat3] I:\WINDOWS\msmsgrxp.exe
O4 - HKLM\..\Run: [_Cat4] I:\WINDOWS\msmsgr2.exe
O4 - HKLM\..\Run: [WinSrv] C:\windows\system32\sys32\sys32.bat
O4 - HKLM\..\Run: [LXBSCATS] rundll32 I:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXBStime.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [MemoryCardManager] I:\Program Files\Lexmark\Lexmark Precision Photo\MemCard.exe -startup
O4 - HKLM\..\Run: [wscsvc.exe] I:\WINDOWS\svchost.exe
O4 - HKLM\..\Run: [Norton Client] vsmon.exe
O4 - HKLM\..\Run: [TASKMANGR] TASKMGR.EXE
O4 - HKLM\..\Run: [secure] svshost.exe
O4 - HKLM\..\Run: [jwgjzqk] i:\windows\system32\ptaleg.exe
O4 - HKLM\..\RunServices: [Norton Client] vsmon.exe
O4 - HKLM\..\RunServices: [TASKMANGR] TASKMGR.EXE
O4 - HKLM\..\RunServices: [secure] svshost.exe
O4 - HKLM\..\RunOnce: [SpybotSnD] "I:\Program Files\Spybot - Search & Destroy\SpybotSD.exe" /autocheck
O4 - HKCU\..\Run: [MessengerPlus3] "I:\Program Files\Messenger Plus! 3\MsgPlus.exe" /WinStart
O4 - HKCU\..\Run: [msnmsgr] "I:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [x3yy] I:\WINDOWS\System32\x3yy\anpfdnil.exe
O4 - HKCU\..\Run: [Norton Client] vsmon.exe
O4 - HKCU\..\Run: [WareOut] "I:\Program Files\WareOut\WareOut.exe"
O4 - HKCU\..\Run: [TASKMANGR] TASKMGR.EXE
O4 - HKCU\..\Run: [secure] svshost.exe
O4 - HKCU\..\RunServices: [TASKMANGR] TASKMGR.EXE
O4 - HKCU\..\RunServices: [secure] svshost.exe
O4 - Global Startup: Microsoft Office.lnk = I:\Program Files\Microsoft Office\Office10\OSA.EXE
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O9 - Extra button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - I:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra 'Tools' menuitem: Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - I:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - I:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - I:\WINDOWS\web\related.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - I:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - I:\Program Files\Messenger\MSMSGS.EXE
O15 - Trusted Zone: *.clickspring.net
O15 - Trusted Zone: *.flingstone.com
O15 - Trusted Zone: *.mt-download.com
O15 - Trusted Zone: *.my-internet.info
O15 - Trusted Zone: *.searchbarcash.com
O15 - Trusted Zone: *.searchmiracle.com
O15 - Trusted Zone: *.skoobidoo.com
O15 - Trusted Zone: *.slotchbar.com
O15 - Trusted Zone: *.windupdates.com
O15 - Trusted Zone: *.ysbweb.com
O15 - Trusted Zone: *.blazefind.com (HKLM)
O15 - Trusted Zone: *.clickspring.net (HKLM)
O15 - Trusted Zone: *.flingstone.com (HKLM)
O15 - Trusted Zone: *.mt-download.com (HKLM)
O15 - Trusted Zone: *.my-internet.info (HKLM)
O15 - Trusted Zone: *.searchbarcash.com (HKLM)
O15 - Trusted Zone: *.searchmiracle.com (HKLM)
O15 - Trusted Zone: *.skoobidoo.com (HKLM)
O15 - Trusted Zone: *.slotch.com (HKLM)
O15 - Trusted Zone: *.slotchbar.com (HKLM)
O15 - Trusted Zone: *.windupdates.com (HKLM)
O15 - Trusted Zone: *.xxxtoolbar.com (HKLM)
O15 - Trusted Zone: *.ysbweb.com (HKLM)
O15 - Trusted IP range: 67.19.178.84
O15 - Trusted IP range: 67.19.178.84 (HKLM)
O16 - DPF: Yahoo! Dominoes - http://download.games.yahoo.com/games/clients/y/dot7_x.cab
O16 - DPF: Yahoo! Literati - http://download.games.yahoo.com/games/clients/y/tt3_x.cab
O16 - DPF: Yahoo! Pool 2 - http://download.games.yahoo.com/games/clients/y/pote_x.cab
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab28578.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - http://us.dl1.yimg.com/download.yahoo.com/dl/installs/yinst0401.cab
O16 - DPF: {31B7EB4E-8B4B-11D1-A789-00A0CC6651A8} (Cult3D ActiveX Player) - http://www.cult3d.com/download/cult.cab
O16 - DPF: {4C39376E-FA9D-4349-BACC-D305C1750EF3} (EPUImageControl Class) - http://tools.ebayimg.com/eps/wl/activex/EPUWALControl_v1-0-3-17.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://spaces.msn.com//PhotoUpload/MsnPUpld.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2004061001/housecall.trendmicro.com/housecall/xscan53.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab28578.cab
O16 - DPF: {A1A961DA-2BA6-4032-859E-01AC35357163} (One2One Viewer) - http://www.one2one.com/static/class/one2one.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab
O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Bankshot.cab31267.cab
O16 - DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} (ZoneChess Object) - http://messenger.zone.msn.com/binary/Chess.cab31267.cab
O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://chat.msn.com/bin/msnchat45.cab
O16 - DPF: {FA3662C3-B8E8-11D6-A667-0010B556D978} (IWinAmpActiveX Class) - http://cdn.digitalcity.com/_media/dalaillama/ampx.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{1121C14A-5CAD-4D8C-B213-93B74D97AC97}: NameServer = 69.50.184.84,195.225.176.37
O17 - HKLM\System\CCS\Services\Tcpip\..\{62ACC8D3-2A1F-46DF-A987-A9587BE1A11F}: NameServer = 69.50.184.84,195.225.176.37
O17 - HKLM\System\CCS\Services\Tcpip\..\{6708C7A5-D525-44FA-995E-2AA99803FCB2}: NameServer = 69.50.184.84,195.225.176.37
O17 - HKLM\System\CS1\Services\Tcpip\..\{1121C14A-5CAD-4D8C-B213-93B74D97AC97}: NameServer = 69.50.184.84,195.225.176.37
O17 - HKLM\System\CS2\Services\Tcpip\..\{1121C14A-5CAD-4D8C-B213-93B74D97AC97}: NameServer = 69.50.184.84,195.225.176.37
O18 - Filter: text/html - {8A218722-00FF-4DCF-B093-07A143301985} - I:\WINDOWS\System32\dico.dll
O18 - Filter: text/plain - {8A218722-00FF-4DCF-B093-07A143301985} - I:\WINDOWS\System32\dico.dll
O23 - Service: CPUCooLServer Service (CPUCooLServer) - Unknown owner - I:\Program Files\CPUCooL\CooLSrv.exe (file missing)
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - I:\WINDOWS\System32\CTSvcCDA.EXE
O23 - Service: explore - Unknown owner - C:\WINDOWS\Inf\Catalog\su\srunner.exe
O23 - Service: lxbs_device - Lexmark International, Inc. - I:\WINDOWS\System32\lxbscoms.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - I:\WINDOWS\System32\nvsvc32.exe
O23 - Service: SPOOLSVC - Unknown owner - C:\WINDOWS\CURSORS\meta\oledac\backup\srunner.exe
O23 - Service: System Startup Service (SvcProc) - Unknown owner - I:\WINDOWS\svcproc.exe
O23 - Service: services32 Service: Win5 (Win5) - Unknown owner - C:\windows\system32\sys32\services32.EXE
voila merci si qqun peut me dire si chuis infecté de qquechoz ca serait super sympa merci
A voir également:
- Probleme internet, ver?spy?
- Gps sans internet - Guide
- Internet explorer - Guide
- Mon pc rame sur internet - Guide
- Complete internet repair - Télécharger - Web & Internet
- Problème internet aujourd'hui - Accueil - Outils
1 réponse
pour savoir si tu est infecté par quelque chose, le bon réflexe ce n'est pas d'utiliser hijackthis.
c'est de scanner ton ordinateur avec un antivirus, et un antispyware.
***antispywares gratuits***
télécharge/installe/met a jour et nettoie ton pc avec spybot (gratuit)
http://betanewsdl.iad.cachefly.net/spybotsd14.exe
télécharge/installe/met a jour et nettoie ton pc avec adaware (gratuit)
http://www.lavasoftusa.com/default.shtml.fr
télécharge/installe/met a jour et nettoie ton pc avec Microsoft anti-spyware (GIANT anti-spyware) (gratuit)
http://www.microsoft.com/athome/security/spyware/software/default.mspx
***
scan antivirus en ligne ici==>
http://www.inoculer.com/webantivirus.php3
http://assiste.free.fr/p/antivirus_gratuits_en_ligne/antivirus_en_ligne.php
***
c'est de scanner ton ordinateur avec un antivirus, et un antispyware.
***antispywares gratuits***
télécharge/installe/met a jour et nettoie ton pc avec spybot (gratuit)
http://betanewsdl.iad.cachefly.net/spybotsd14.exe
télécharge/installe/met a jour et nettoie ton pc avec adaware (gratuit)
http://www.lavasoftusa.com/default.shtml.fr
télécharge/installe/met a jour et nettoie ton pc avec Microsoft anti-spyware (GIANT anti-spyware) (gratuit)
http://www.microsoft.com/athome/security/spyware/software/default.mspx
***
scan antivirus en ligne ici==>
http://www.inoculer.com/webantivirus.php3
http://assiste.free.fr/p/antivirus_gratuits_en_ligne/antivirus_en_ligne.php
***
