no save
Identification
Assistance
Achat
News

Forum | virus/sécurité
[Virus] Il m'empeche d'ouvrir des pages web
franckyll, le mar. 04 avr. 2006 à 10:19:28
salut a tous, alors voila mon pc est infecté de virus ( suite a une désactivation du pare-feu d'xp) et j'ai fait un log via hijackthis pour éssayer de les trouver mais je ne comprends pas trop ce log.Pouvez-vous m'aider ?
Voici le log :

Logfile of HijackThis v1.99.1
Scan saved at 10:12:11, on 04/04/2006
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\PROGRA~1\Avast4\ashDisp.exe
C:\Program Files\MessengerPlus! 3\MsgPlus.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Java\j2re1.4.2_09\bin\jusched.exe
C:\Program Files\Fichiers

communs\Real\Update_OB\realsched.exe
C:\WINDOWS\System32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\ATI Technologies\ATI Control

Panel\atiptaxx.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\Program Files\Avast4\aswUpdSv.exe
C:\Program Files\Avast4\ashServ.exe
C:\WINDOWS\System32\oodag.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\update\wuauclt.exe
C:\WINDOWS\system32\winscntrl.exe
C:\WINDOWS\system32\wumd.exe
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\Documents and

Settings\franck\Bureau\hijackthis\HijackThis.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Internet Explorer\iexplore.exe

R0 - HKCU\Software\Microsoft\Internet

Explorer\Main,Start Page = http://www.google.fr/
R0 - HKCU\Software\Microsoft\Internet

Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook:

{1A03F196-9617-4CA0-842B-A83CEECB022B} - - (no

file)
O2 - BHO: (no name) -

{20D57A66-F7DF-467d-907B-9B7F4A118AB7} -

C:\WINDOWS\system32\pmnlm.dll
O3 - Toolbar: &Radio -

{8E718888-423F-11D2-876E-00A0C9082467} -

C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: &Google -

{2318C2B1-4965-11d4-9B18-009027A5CD4F} -

c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [avast!]

C:\PROGRA~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program

Files\MessengerPlus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program

Files\Java\j2re1.4.2_09\bin\jusched.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program

Files\Fichiers

communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [LVCOMSX]

C:\WINDOWS\System32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program

Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [lich] lich.exe
O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program

Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI

Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [KernelFaultCheck]

%systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [Microsoft (R) Windows Update

Service] C:\WINDOWS\update\wuauclt.exe
O4 - HKLM\..\Run: [chat] winhost32.exe
O4 - HKLM\..\RunServices: [lfqmoj_[Pbnzkt]

C:\WINDOWS\System32\kruychkma.exe
O4 - HKCU\..\Run: [chat] winhost32.exe
O4 - HKCU\..\Run: [Cars] "C:\Program

Files\ptas\lras.exe" -vt yazb
O4 - Global Startup: Microsoft Office.lnk =

C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: &Traduire à partir

de l'anglais - res://c:\program

files\google\GoogleToolbar2.dll/cmwordtrans.html
O8 - Extra context menu item: Pages liées -

res://c:\program

files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Pages similaires -

res://c:\program

files\google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Recherche &Google -

res://c:\program

files\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: Version de la page

actuelle disponible dans le cache Google -

res://c:\program

files\google\GoogleToolbar2.dll/cmcache.html
O9 - Extra button: (no name) -

{08B0E5C0-4FCB-11CF-AAA5-00401C608501} -

C:\Program

Files\Java\j2re1.4.2_09\bin\npjpi142_09.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) -

{08B0E5C0-4FCB-11CF-AAA5-00401C608501} -

C:\Program

Files\Java\j2re1.4.2_09\bin\npjpi142_09.dll
O9 - Extra button: Spyware Doctor -

{2D663D1A-8670-49D9-A1A5-4C56B4E14E84} -

C:\PROGRA~1\SPYWAR~2\tools\iesdpb.dll
O9 - Extra button: SoftSearch -

{5D602A21-B929-11d7-A5D3-005022E14DE2} -

http://softsearch.ru (file missing)
O9 - Extra button: (no name) -

{9819CC0E-9669-4D01-9CD7-2C66DA43AC6C} - (no file)
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94}

(PCPitstop Utility) -

http://www.pcpitstop.com/pcpitstop/PCPitStop.CAB
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700}

(Windows Genuine Advantage Validation Tool) -

http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B}

(Minesweeper Flags Class) -

http://messenger.zone.msn.com/binary/MineSweeper.c

ab31267.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61}

(HouseCall Control) -

http://a840.g.akamai.net/7/840/537/2005111401/hous

ecall.trendmicro.com/housecall/xscan53.cab
O17 -

HKLM\System\CCS\Services\Tcpip\..\{37F51055-C1FE-4

8AC-A4BB-3AA71C6ACD34}: NameServer = 86.64.145.142

84.103.237.142
O18 - Protocol: msnim -

{828030A1-22C1-4009-854F-8E305202313F} -

"C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - AppInit_DLLs:

C:\WINDOWS\System32\wmfhotfix.dll
O20 - Winlogon Notify: pmnlm -

C:\WINDOWS\SYSTEM32\pmnlm.dll
O20 - Winlogon Notify: SharedDLLs -

C:\WINDOWS\system32\dnnu0159e.dll
O20 - Winlogon Notify: WRNotifier -

C:\WINDOWS\SYSTEM32\WRLogonNTF.dll
O23 - Service: avast! iAVS4 Control Service

(aswUpdSv) - Unknown owner - C:\Program

Files\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI

Technologies Inc. -

C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner -

C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - Unknown owner -

C:\Program Files\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner

- C:\Program Files\Avast4\ashMaiSv.exe" /service

(file missing)
O23 - Service: avast! Web Scanner - Unknown owner

- C:\Program Files\Avast4\ashWebSv.exe" /service

(file missing)
O23 - Service: ewido security suite control -

ewido networks - C:\Program Files\ewido

anti-malware\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido

networks - C:\Program Files\ewido

anti-malware\ewidoguard.exe
O23 - Service: InstallDriver Table Manager

(IDriverT) - Macrovision Corporation - C:\Program

Files\Fichiers

communs\InstallShield\Driver\11\Intel

32\IDriverT.exe
O23 - Service: O&O Defrag - O&O Software GmbH -

C:\WINDOWS\System32\oodag.exe
O23 - Service: Remote Packet Capture Protocol v.0

(experimental) (rpcapd) - Unknown owner -

%ProgramFiles%\WinPcap\rpcapd.exe" -d -f

"%ProgramFiles%\WinPcap\rpcapd.ini (file missing)
O23 - Service: PC Tools Spyware Doctor (SDhelper)

- PC Tools Research Pty Ltd - C:\Program

Files\Spyware Doctor\sdhelp.exe
O23 - Service: Webroot Spy Sweeper Engine

(svcWRSSSDK) - Webroot Software, Inc. - C:\Program

Files\Webroot\Spy Sweeper\WRSSSDK.exe
O23 - Service: Windows Update Manager

(UpdateManager) - Unknown owner -

C:\WINDOWS\update\updmgr.exe (file missing)
O23 - Service: Windows Update Service (UpdateSvc)

- Unknown owner - C:\WINDOWS\update\wuauclt.exe
O23 - Service: wins(WINS) (wins) - Unknown owner -

C:\WINDOWS\system32\winscntrl.exe (file missing)
O23 - Service: Windows User Mode Drivers (WUMD) -

Unknown owner - C:\WINDOWS\system32\wumd.exe (file

missing)


aranjuez31
avr. 06
Suivant
REPONSES
aranjuez31
avr. 06
franckyll
avr. 06
aranjuez31
avr. 06
franckyll
avr. 06
aranjuez31
avr. 06
franckyll
avr. 06
aranjuez31
avr. 06
Version Web
Mentions légales (c)2009
Réalisé par RedShift
no save