Il y a actuellement 389 visiteurs
Jeudi 25 Avril 2024
accueilactualitésdossierscomparer les prixtélécharger gratuitement vos logicielsoffres d'emploiforum informatique
Connexion
Créer un compte

stevegerrard

Ce membre n'a pas encore choisi d'avatar
Visiteur Confirmé
Visiteur Confirmé
Nom d'utilisateur:
stevegerrard
Groupes:

Contacter stevegerrard

Statistiques de l’utilisateur

Inscription:
29 Juil 2011 11:39
Dernière visite:
05 Sep 2011 15:08
Messages:
23 (0.00% de tous les messages / 0.00 messages par jour)
Forum le plus actif:
Forum sécurité, virus et publicité (adware)
(23 Messages / 100.00% des messages de l'utilisateur)
Sujet le plus actif:
Infection - antivirus bloque - IE bloque [Réglé]
(23 Messages / 100.00% des messages de l'utilisateur)

Les derniers messages de stevegerrard

Message Infection - antivirus bloque - IE bloque [Réglé]
Bonjour,
je sollicite votre aide car je suis infecte par un vilain virus.
Les symptômes sont les suivants:
- impossible de lancer l'antivirus
- impossible Spybot
- impossible de se connecter a internet explorer ou Opera. Seul firefox marche
- impossible de faire un scan en ligne via divers sites dont je pense il bloque l'accès:
- http://www.secuser.com/antivirus/
- http://www.zebulon.fr
- http://www.bitdefender.fr/scanner/online/free.html
- http://www.kaspersky.com/fr/virusscanner
- http://www.eset.com/onlinescan/
- http://www.pandasecurity.com/activescan/index/
- http://housecall.trendmicro.com/fr/

Voila le rapport HijackThis v2.0.2
Code: Tout sélectionner
 
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:22:44, on 29/07/2011
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.17055)
Boot mode: Normal

Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\csrss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINNT\System32\svchost.exe
C:\Program Files\Sophos\Sophos Anti-Virus\SavService.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\spoolsv.exe
C:\WINNT\system32\svchost.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
D:\Applied Biosystems\StepOne Software v2.2\bonjour\mDNSResponder.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
C:\WINNT\system32\PowerMAN.exe
C:\Program Files\Sophos\Sophos Anti-Virus\Web Intelligence\swi_service.exe
C:\Program Files\UPHClean\uphclean.exe
C:\Program Files\ORL\VNC\WinVNC.exe
C:\WINNT\system32\CCM\CcmExec.exe
C:\WINNT\System32\alg.exe
C:\WINNT\system32\wbem\wmiprvse.exe
C:\WINNT\system32\wbem\wmiprvse.exe
C:\WINNT\Explorer.EXE
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\RTHDCPL.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\WINNT\system32\VTTimer.exe
C:\WINNT\system32\S3trayp.exe
C:\Program Files\Citrix\ICA Client\concentr.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Citrix\ICA Client\wfcrun32.exe
C:\WINNT\system32\ctfmon.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
v:\pcounter\WBALANCE3.EXE
C:\DOCUME~1\jvais\LOCALS~1\Temp\PPOPUP2.EXE
C:\WINNT\announcement_viewer\Announcement Viewer.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
C:\WINNT\system32\taskmgr.exe
C:\WINNT\system32\notepad.exe
C:\WINNT\system32\PowerMANUI.exe
C:\Documents and Settings\jvais\My Documents\Téléchargements\HiJackThis.exe
C:\WINNT\system32\wbem\wmiprvse.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.liv.ac.uk/staff
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.liv.ac.uk/staff/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R3 - URLSearchHook: ZoneAlarm Security Suite Toolbar - {3ce45c4f-bfff-4988-9a3c-a75c1f491319} - C:\Program Files\ZoneAlarm_Security_Suite\prxtbZone.dll
F2 - REG:system.ini: UserInit=C:\WINNT\system32\userinit.exe,C:\Documents and Settings\jvais\Local Settings\Application Data\yeoainio\hkgmsqrf.exe,
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Sophos Web Content Scanner - {39EA7695-B3F2-4C44-A4BC-297ADA8FD235} - C:\Program Files\Sophos\Sophos Anti-Virus\SophosBHO.dll
O2 - BHO: ZoneAlarm Security Suite - {3ce45c4f-bfff-4988-9a3c-a75c1f491319} - C:\Program Files\ZoneAlarm_Security_Suite\prxtbZone.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O3 - Toolbar: ZoneAlarm Security Suite Toolbar - {3ce45c4f-bfff-4988-9a3c-a75c1f491319} - C:\Program Files\ZoneAlarm_Security_Suite\prxtbZone.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [WinVNC] "C:\Program Files\ORL\VNC\WinVNC.exe" -servicehelper
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [AutoGPUpdate] C:\WINNT\system32\gpupdate.exe /force /wait:0
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [S3Trayp] S3trayp.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [ConnectionCenter] "C:\Program Files\Citrix\ICA Client\concentr.exe" /startup
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe"  -osboot
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Sophos AutoUpdate Monitor] C:\Program Files\Sophos\AutoUpdate\almon.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [DomainLogin] C:\temp\stage2hook.bat
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINNT\system32\ctfmon.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [HkgMsqrf] C:\Documents and Settings\jvais\Local Settings\Application Data\yeoainio\hkgmsqrf.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINNT\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINNT\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-137024685-2204166116-4157399963-102676\..\Run: [CTFMON.EXE] C:\WINNT\system32\ctfmon.exe (User 'bs0u60f9')
O4 - HKUS\S-1-5-21-137024685-2204166116-4157399963-154387\..\Run: [ctfmon.exe] C:\WINNT\system32\ctfmon.exe (User 'bs0u812c')
O4 - HKUS\S-1-5-21-137024685-2204166116-4157399963-176780\..\Run: [DomainLogin] C:\temp\stage2hook.bat (User 'bs0u913a')
O4 - HKUS\S-1-5-21-1644491937-1844237615-839522115-500\..\Run: [CTFMON.EXE] C:\WINNT\system32\ctfmon.exe (User 'Administrator')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINNT\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINNT\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'Default user')
O4 - Startup: OneNote 2007 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .csm: C:\Program Files\Internet Explorer\Plugins\npchime.dll
O12 - Plugin for .csml: C:\Program Files\Internet Explorer\Plugins\npchime.dll
O12 - Plugin for .cub: C:\Program Files\Internet Explorer\Plugins\npchime.dll
O12 - Plugin for .cube: C:\Program Files\Internet Explorer\Plugins\npchime.dll
O12 - Plugin for .dx: C:\Program Files\Internet Explorer\Plugins\npchime.dll
O12 - Plugin for .emb: C:\Program Files\Internet Explorer\Plugins\npchime.dll
O12 - Plugin for .embl: C:\Program Files\Internet Explorer\Plugins\npchime.dll
O12 - Plugin for .gau: C:\Program Files\Internet Explorer\Plugins\npchime.dll
O12 - Plugin for .jdx: C:\Program Files\Internet Explorer\Plugins\npchime.dll
O12 - Plugin for .mol: C:\Program Files\Internet Explorer\Plugins\npchime.dll
O12 - Plugin for .mop: C:\Program Files\Internet Explorer\Plugins\npchime.dll
O12 - Plugin for .pdb: C:\Program Files\Internet Explorer\Plugins\npchime.dll
O12 - Plugin for .rxn: C:\Program Files\Internet Explorer\Plugins\npchime.dll
O12 - Plugin for .scr: C:\Program Files\Internet Explorer\Plugins\npchime.dll
O12 - Plugin for .skc: C:\Program Files\Internet Explorer\Plugins\npchime.dll
O12 - Plugin for .spt: C:\Program Files\Internet Explorer\Plugins\npchime.dll
O12 - Plugin for .tgf: C:\Program Files\Internet Explorer\Plugins\npchime.dll
O12 - Plugin for .xyz: C:\Program Files\Internet Explorer\Plugins\npchime.dll
O14 - IERESET.INF: START_PAGE_URL=http://www.liv.ac.uk/
O16 - DPF: {C4925E65-7A1E-11D2-8BB4-00A0C9CC72C3} (Virtools WebPlayer Class) - http://a532.g.akamai.net/7/532/6712/6c5b0a1ae398e3/player.virtools.com/downloads/player/Install2.5/Installer.exe
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = livad.liv.ac.uk
O17 - HKLM\Software\..\Telephony: DomainName = livad.liv.ac.uk
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = livad.liv.ac.uk
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: SearchList = liv.ac.uk,ac.uk,uk
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = livad.liv.ac.uk
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: SearchList = liv.ac.uk,ac.uk,uk
O17 - HKLM\System\CS3\Services\Tcpip\Parameters: Domain = livad.liv.ac.uk
O17 - HKLM\System\CS3\Services\Tcpip\Parameters: SearchList = liv.ac.uk,ac.uk,uk
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: SearchList = liv.ac.uk,ac.uk,uk
O18 - Protocol: ncbi8 - {2B576DD3-0B3E-4718-BCBF-B15E4FB8009D} - C:\Program Files\Invitrogen\Vector NTI Advance 11\Ncbi.dll
O18 - Filter: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter hijack: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll
O20 - AppInit_DLLs: C:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Computer, Inc. - D:\Applied Biosystems\StepOne Software v2.2\bonjour\mDNSResponder.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: ZoneAlarm Toolbar IswSvc (IswSvc) - Unknown owner - C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe (file missing)
O23 - Service: PowerMAN Power Management Service (PowerMan) - Data Synergy UK Ltd - C:\WINNT\system32\PowerMAN.exe
O23 - Service: Sophos Anti-Virus status reporter (SAVAdminService) - Sophos Limited - C:\Program Files\Sophos\Sophos Anti-Virus\SAVAdminService.exe
O23 - Service: Sophos Anti-Virus (SAVService) - Sophos Limited - C:\Program Files\Sophos\Sophos Anti-Virus\SavService.exe
O23 - Service: Sophos AutoUpdate Service - Sophos Limited - C:\Program Files\Sophos\AutoUpdate\ALsvc.exe
O23 - Service: Sophos Web Intelligence Service (swi_service) - Sophos Limited - C:\Program Files\Sophos\Sophos Anti-Virus\Web Intelligence\swi_service.exe
O23 - Service: VNC Server (winvnc) - AT&T Research Labs Cambridge - C:\Program Files\ORL\VNC\WinVNC.exe
O23 - Service: Windows Media Player Network Sharing Service (WMPNetworkSvc) - Unknown owner - C:\Program Files\Windows Media Player\WMPNetwk.exe

--
End of file - 12722 bytes


Voila j'ai plus la moindre idee. Mes connaissances informatiques etant limitees j'espere d'un expert pourra me depanner

Haut

Forum Informatique aide pour le matériel sous Windows, Linux, Logiciels et Jeux Powered by phpBB © 2000, 2002, 2005, 2007 phpBB Group

.: Nous contacter :: Flux RSS :: Données personnelles :.