Cheval de troie - Page 2

Précédent
  • 1
  • 2
  1. Jo
     
    J'ai un message du forum - Aide-Contre Virus qui s'est affiché quand l'ordi s'est rallumé:

    "Vous avez utilisé UsbFix, ou on vous a demandé d'utiliser UsbFix.
    Pendant son nettoyage, UsbFix a récolté certains fichiers infectieux.
    Nous vous demandons de nous les faire parvenir pour des futures mises à jour, ainsi que pour un meilleur traitement des infections.
    Nous vous remercions pour votre contribution."

    Qu'est ce que je dois faire? J'envoie ce qu'ils me demandent?
    0
  2. Remi2
     
    re,

    Probablement que USBFix a détecté un/des infection(s) qu'il n'avait pas déjà de répertorié.
    En leur faisant parvenir ce qu'il demande, vous aiderez rendre USBFix plus performant.

    - Postez tout de même le rapport de Suppression de USBFix >> ici.
    - Et re-postez aussi un nouveau rapport Hijackthis.
    0
  3. Jo
     
    Voici le rapport de Usbfix suppréssion:

    ############################## | UsbFix V6.024 |

    User : Deliuzza (Administrateurs) # PC-DE-DELIUZZA
    Update on 01/09/09 by Chiquitine29, C_XX & Chimay8
    Start at: 14:36:06 | 02/09/2009
    Website : http://pagesperso-orange.fr/NosTools/index.html

    Intel(R) Core(TM)2 Duo CPU T7500 @ 2.20GHz
    Microsoft® Windows Vista™ Édition Familiale Premium (6.0.6001 32-bit) # Service Pack 1
    Internet Explorer 7.0.6001.18000
    Windows Firewall Status : Enabled
    AV : Bitdefender Antivirus 8.0 [ (!) Disabled | Updated ]

    C:\ -> Disque fixe local # 74,52 Go (36,17 Go free) [VistaOS] # NTFS
    D:\ -> Disque fixe local # 67,69 Go (66,77 Go free) [DATA] # NTFS
    E:\ -> Disque CD-ROM
    F:\ -> Disque CD-ROM
    G:\ -> Disque amovible # 3,84 Go (2,74 Go free) [KLIP] # FAT32
    H:\ -> Disque CD-ROM # 4,32 Mo (0 Mo free) [U3 System] # CDFS
    I:\ -> Disque amovible # 1,92 Go (913,19 Mo free) [EMTEC] # FAT
    J:\ -> Disque fixe local # 298,09 Go (144,97 Go free) [Hard Disk] # NTFS

    ############################## | Processus actifs |

    C:\Windows\System32\smss.exe
    C:\Windows\system32\csrss.exe
    C:\Windows\system32\wininit.exe
    C:\Windows\system32\csrss.exe
    C:\Windows\system32\services.exe
    C:\Windows\system32\lsass.exe
    C:\Windows\system32\lsm.exe
    C:\Windows\system32\svchost.exe
    C:\Windows\System32\svchost.exe
    C:\Windows\system32\svchost.exe
    C:\Windows\System32\svchost.exe
    C:\Windows\System32\svchost.exe
    C:\Windows\system32\winlogon.exe
    C:\Windows\System32\svchost.exe
    C:\Windows\system32\svchost.exe
    C:\Windows\system32\svchost.exe
    C:\Windows\system32\SLsvc.exe
    C:\Windows\system32\svchost.exe
    C:\Windows\system32\svchost.exe
    C:\Windows\system32\WLANExt.exe
    C:\Windows\System32\spoolsv.exe
    C:\Program Files\Avira\AntiVir Desktop\sched.exe
    C:\Windows\system32\svchost.exe
    C:\Windows\system32\Dwm.exe
    C:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\AsGHost.exe
    C:\Windows\system32\taskeng.exe
    C:\Windows\Explorer.EXE
    C:\Windows\system32\runonce.exe
    C:\Windows\system32\conime.exe
    C:\Windows\system32\taskeng.exe
    C:\Windows\system32\PresentationSettings.exe
    C:\Program Files\Avira\AntiVir Desktop\avguard.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\Windows\system32\svchost.exe
    C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
    C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
    C:\Windows\system32\ifxspmgt.exe
    C:\Windows\system32\ifxtcs.exe
    C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
    C:\Windows\system32\IfxPsdSv.exe
    C:\Windows\system32\svchost.exe
    C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
    C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe
    C:\Windows\system32\svchost.exe
    C:\Windows\System32\StkCSrv.exe
    C:\Windows\System32\svchost.exe
    C:\Windows\system32\SearchIndexer.exe
    C:\Windows\system32\WUDFHost.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Windows\System32\alg.exe

    ################## | Fichiers # Dossiers infectieux |

    Supprimé ! G:\autorun.inf
    Non supprimé ! H:\autorun.inf

    ################## | Autres |

    ################## | Suspect ! ... | https://www.virustotal.com/gui/ |

    ################## | Registre # Clés Run infectieuses |

    # HKLM\software\microsoft\security center "UacDisableNotify" # -> Reset sucessfully !

    ################## | Registre # Mountpoints2 |

    Supprimé ! HKCU\...\Explorer\MountPoints2\F\Shell\AutoRun\Command
    Supprimé ! HKCU\...\Explorer\MountPoints2\G\Shell\AutoRun\Command
    Supprimé ! HKCU\...\Explorer\MountPoints2\H\Shell\AutoRun\Command
    Supprimé ! HKCU\...\Explorer\MountPoints2\{0365f6ac-452d-11de-b569-001d60352af5}\Shell\AutoRun\Command
    Supprimé ! HKCU\...\Explorer\MountPoints2\{13875972-e22f-11dd-b771-001d60352af5}\Shell\AutoRun\Command
    Supprimé ! HKCU\...\Explorer\MountPoints2\{17f992b6-7143-11dd-ad73-001d60352af5}\Shell\AutoRun\Command
    Supprimé ! HKCU\...\Explorer\MountPoints2\{84c6a2ff-b78e-11dd-bd48-001d60352af5}\Shell\AutoRun\Command
    Supprimé ! HKCU\...\Explorer\MountPoints2\{a6f37951-8fc2-11dc-9419-0013e889f7f7}\Shell\AutoRun\Command
    Supprimé ! HKCU\...\Explorer\MountPoints2\{ab9993cb-7cd1-11dd-bc05-001d60352af5}\Shell\AutoRun\Command
    Supprimé ! HKCU\...\Explorer\MountPoints2\{db8867b8-395e-11de-9e9f-001d60352af5}\Shell\AutoRun\Command

    ################## | Listing des fichiers présent |

    [01/09/2009 14:59|--a------|6802] -> C:\Ad-Report-CLEAN.log
    [01/09/2009 14:13|--a------|1623] -> C:\Ad-Report-SCAN.log
    [18/09/2006 23:43|--a------|24] -> C:\autoexec.bat
    [19/01/2008 09:45|-rahs----|333203] -> C:\bootmgr
    [18/04/2007 11:26|-ra-s----|8192] -> C:\BOOTSECT.BAK
    [04/04/2007 06:01|--a------|19] -> C:\CA12.txt
    [01/09/2009 14:30|--a------|911] -> C:\cleannavi.txt
    [18/09/2006 23:43|--a------|10] -> C:\config.sys
    [17/08/2007 01:34|--a------|21573] -> C:\devlist.txt
    [26/06/2007 05:59|-rah-----|1048576] -> C:\F3Sc.BIN
    [09/07/2007 15:03|--a------|16] -> C:\F3Sc_F3Sv_Vista.20
    [09/07/2007 09:37|-rah-----|1048576] -> C:\F3Sv.BIN
    [17/08/2007 01:30|--a------|9] -> C:\Finish.log
    [?|?|?] -> C:\hiberfil.sys
    [21/07/2009 10:05|-rahs----|0] -> C:\IO.SYS
    [21/07/2009 10:05|-rahs----|0] -> C:\MSDOS.SYS
    [15/04/2007 01:26|--a------|27] -> C:\NERO.LOG
    [16/03/2007 01:18|--a------|25] -> C:\OFFICE2007_A.TXT
    [?|?|?] -> C:\pagefile.sys
    [19/07/2007 01:40|--a------|508] -> C:\Patch.LOG
    [17/08/2007 00:44|--a------|420] -> C:\RHDSetup.log
    [26/08/2009 11:30|--a------|805] -> C:\rollback.ini
    [17/08/2007 01:06|--a------|86] -> C:\setup.log
    [01/09/2009 13:51|--ah-----|268] -> C:\sqmdata00.sqm
    [01/09/2009 19:19|--ah-----|268] -> C:\sqmdata01.sqm
    [01/09/2009 13:51|--ah-----|244] -> C:\sqmnoopt00.sqm
    [01/09/2009 19:19|--ah-----|244] -> C:\sqmnoopt01.sqm
    [16/05/2006 02:22|--a------|5] -> C:\Store.LOG
    [02/09/2009 14:39|--a------|5736] -> C:\UsbFix.txt
    [18/04/2007 04:55|--a------|18] -> C:\V52.TXT
    [01/01/2008 19:36|--a------|1105] -> C:\WirelessDiagLog.csv
    [12/08/2009 16:41|--a------|6344112] -> G:\Buridane-Badaboum.mp3
    [12/08/2009 16:40|--a------|7538171] -> G:\Buridane-La_caillasse.mp3
    [12/08/2009 16:30|--a------|6358408] -> G:\Buridane-Le_serment.mp3
    [12/08/2009 16:30|--a------|5934542] -> G:\Buridane-Pas_fragile.mp3
    [12/08/2009 16:30|--a------|8027773] -> G:\Buridane-Sors.mp3
    [22/08/2009 18:56|--a------|8742277] -> G:\01 - The Joker.mp3
    [22/08/2009 14:09|--a------|4605164] -> G:\01 - Wake Up.mp3
    [06/08/2009 14:25|--a------|5593088] -> G:\101-duffy_-_stay_with_me_baby.mp3
    [06/08/2009 14:25|--a------|7798784] -> G:\109-tommy_james_and_the_shondells_-_crimson_and_clover.mp3
    [06/08/2009 14:25|--a------|3061760] -> G:\112-the_troggs_-_with_a_girl_like_you.mp3
    [13/08/2009 15:10|--a------|4752490] -> G:\12 Vanessa Paradis - Emmenez-Moi [Bonus Track].mp3
    [13/08/2009 15:10|--a------|3839207] -> G:\01 Vanessa Paradis - Divine Idylle.mp3
    [06/08/2009 14:25|--a------|2746368] -> G:\113-the_boxtops_-_the_letter.mp3
    [06/08/2009 14:25|--a------|3655680] -> G:\115-chris_andrews_-_yesterday_man.mp3
    [06/08/2009 14:25|--a------|4546560] -> G:\117-the_tremeloes_-_silence_is_golden.mp3
    [06/08/2009 14:25|--a------|3827712] -> G:\118-skeeter_davis_-_the_end_of_the_world.mp3
    [31/08/2009 10:12|--a------|2557952] -> G:\17 - Y Ahora Que.mp3
    [16/08/2009 18:34|--a------|6891800] -> G:\8 - Violente_Valse.mp3
    [16/08/2009 18:34|--a------|8875477] -> G:\9 - Brotherswing.mp3
    [16/08/2009 18:34|--a------|7253746] -> G:\10 - L'envol.mp3
    [16/08/2009 18:34|--a------|2043499] -> G:\11 - Sofa.mp3
    [16/08/2009 18:34|--a------|6225567] -> G:\12 - Bambous.mp3
    [16/08/2009 18:34|--a------|7591460] -> G:\13 - Lazy_Place.mp3
    [16/08/2009 18:34|--a------|8419857] -> G:\14 - We_Can_Dance.mp3
    [16/08/2009 18:34|--a------|9767357] -> G:\15 - La_Caravane.mp3
    [16/08/2009 18:34|--a------|7860622] -> G:\1 - Dragons.mp3
    [16/08/2009 18:34|--a------|7387494] -> G:\2 - Star_Scat.mp3
    [16/08/2009 18:34|--a------|9614392] -> G:\3 - Ended_with_the_night.mp3
    [16/08/2009 18:34|--a------|7257931] -> G:\4 - Jolie_Coquine.mp3
    [16/08/2009 18:34|--a------|3491274] -> G:\5 - Oooh.mp3
    [16/08/2009 18:34|--a------|7911610] -> G:\6 - Suzy.mp3
    [16/08/2009 18:34|--a------|6854179] -> G:\7 - Je_m'amuse.mp3
    [22/08/2009 19:35|--a------|3986624] -> G:\01-Blowin' In The Wind.mp3
    [22/08/2009 19:35|--a------|4655360] -> G:\02-The Times They Are A-Changin'.mp3
    [22/08/2009 17:18|--a------|12277837] -> G:\05 - Ketto.mp3
    [22/08/2009 21:11|--a------|1437824] -> G:\01 - introduction (1936).mp3
    [06/08/2009 14:25|--a------|4794368] -> G:\202-the_who_-_my_generation.mp3
    [06/08/2009 14:25|--a------|4196352] -> G:\203-cream_-_i_feel_free.mp3
    [06/08/2009 14:25|--a------|3678208] -> G:\206-otis_redding_-_these_arms_of_mine.mp3
    [06/08/2009 14:22|--a------|4112384] -> G:\208-the_supremes_-_the_happening.mp3
    [06/08/2009 14:25|--a------|5152768] -> G:\211-the_kinks_-_sunny_afternoon.mp3
    [06/08/2009 14:24|--a------|5339136] -> G:\212-cat_stevens_-_father_and_son.mp3
    [06/08/2009 14:25|--a------|5132288] -> G:\215-lorraine_ellison_-_stay_with_me_(baby).mp3
    [06/08/2009 14:25|--a------|5593088] -> G:\216-the_mccoys_-_hang_on_sloopy.mp3
    [22/08/2009 18:39|--a------|6000777] -> G:\05 Little Gar‡on.mp3
    [22/08/2009 15:10|--a------|3225600] -> G:\Peggy Lee - 11 - Fever.mp3
    [27/08/2009 16:14|--a------|731770880] -> G:\Monty.Python.Sacre.Graal.vostfr.DVDRip-VoN.avi
    [31/08/2009 10:15|--a------|4132874] -> G:\09 - Si Loin De Toi...Je Te Joue....mp3
    [31/08/2009 10:15|--a------|4634634] -> G:\10 - 100.000 Remords.mp3
    [31/08/2009 10:15|--a------|3883018] -> G:\11 - Trop Tot, Trop Tard....mp3
    [31/08/2009 10:14|--a------|1712138] -> G:\12 - Te Tromper.mp3
    [31/08/2009 10:14|--a------|4429834] -> G:\13 - Madame Banquise.mp3
    [31/08/2009 10:15|--a------|5289994] -> G:\14 - Les Rues De L'Hiver.mp3
    [31/08/2009 10:15|--a------|2062346] -> G:\15 - Siberie Fleuve Amour.mp3
    [31/08/2009 10:15|--a------|6019082] -> G:\01 - Le Petit Jardin.mp3
    [31/08/2009 10:13|--a------|5197834] -> G:\02 - Petite Blonde Du Blb Brune.mp3
    [31/08/2009 10:15|--a------|5601290] -> G:\03 - La Valse A Sale Temps.mp3
    [31/08/2009 10:15|--a------|5607434] -> G:\04 - Les Mille Paillettes.mp3
    [31/08/2009 10:15|--a------|2734090] -> G:\05 - Il Faut Manger.mp3
    [31/08/2009 10:15|--a------|5492746] -> G:\06 - Helno Est Mort.mp3
    [31/08/2009 10:15|--a------|3889162] -> G:\07 - J'ai Besoin De La Lune.mp3
    [31/08/2009 10:15|--a------|4605962] -> G:\08 - L'automne Est Lus.mp3
    [31/08/2009 10:12|--a------|3225600] -> G:\08 - A Cosa.mp3
    [31/08/2009 10:12|--a------|2758656] -> G:\09 - The Bleedin' Clown.mp3
    [31/08/2009 10:14|--a------|2611200] -> G:\10 - Mundor‚ves.mp3
    [31/08/2009 10:12|--a------|4872192] -> G:\11 - El Hoyo.mp3
    [31/08/2009 10:12|--a------|4708352] -> G:\12 - La Vida T¢mbola.mp3
    [31/08/2009 10:12|--a------|5947392] -> G:\13 - Mala Fama.mp3
    [31/08/2009 10:12|--a------|2547712] -> G:\14 - Panik Panik.mp3
    [31/08/2009 10:12|--a------|4558848] -> G:\15 - Otro Mundo.mp3
    [31/08/2009 10:12|--a------|1634304] -> G:\16 - Piccola Radiolina.mp3
    [31/08/2009 10:12|--a------|2476032] -> G:\18 - Mama Cuchara.mp3
    [31/08/2009 10:12|--a------|3002368] -> G:\19 - Siberia.mp3
    [?|?|?] -> G:\20 - Sone Otro Mundo.mp3
    [31/08/2009 10:13|--a------|3436544] -> G:\21 - Amalucada Vida.mp3
    [31/08/2009 10:15|--a------|3766272] -> G:\01 - 13 D¡as.mp3
    [31/08/2009 10:12|--a------|4188160] -> G:\02 - Tristeza Maleza.mp3
    [31/08/2009 10:12|--a------|4544512] -> G:\03 - Politik Kills.mp3
    [31/08/2009 10:12|--a------|5314560] -> G:\04 - Rainin In Paradize.mp3
    [31/08/2009 10:12|--a------|2756608] -> G:\05 - Besoin De La Lune.mp3
    [31/08/2009 10:12|--a------|2768896] -> G:\06 - El Kitapena.mp3
    [31/08/2009 10:12|--a------|4667392] -> G:\07 - Me Llaman Calle.mp3
    [31/08/2009 10:14|--a------|2887690] -> G:\06 - Lagrimas De Oro.mp3
    [31/08/2009 10:12|--a------|3262474] -> G:\07 - Mama Call.mp3
    [31/08/2009 10:10|--a------|3166218] -> G:\08 - Luna Y Sol.mp3
    [31/08/2009 10:14|--a------|2334730] -> G:\09 - Por El Suelo.mp3
    [31/08/2009 10:12|--a------|4165632] -> G:\10 - Welcome to Tijuana.mp3
    [31/08/2009 10:09|--a------|1298442] -> G:\11 - Dia Luna... Dia Pena.mp3
    [31/08/2009 10:15|--a------|3104778] -> G:\12 - Malegria.mp3
    [31/08/2009 10:15|--a------|3371018] -> G:\13 - La Vie A 2.mp3
    [31/08/2009 10:07|--a------|2138122] -> G:\14 - Minha Galera.mp3
    [31/08/2009 10:15|--a------|3684362] -> G:\15 - La Despedida.mp3
    [31/08/2009 10:15|--a------|1959946] -> G:\16 - El Viento.mp3
    [31/08/2009 10:15|--a------|2666506] -> G:\01 - Clandestino.mp3
    [31/08/2009 10:15|--a------|4640778] -> G:\02 - Desaparecido.mp3
    [30/08/2009 19:14|--a------|3256330] -> G:\03 - Bongo Bong.mp3
    [31/08/2009 10:14|--a------|2523146] -> G:\04 - Je Ne T'aime Plus.mp3
    [31/08/2009 10:12|--a------|4970506] -> G:\05 - Mentira.mp3
    [16/11/2006 11:51|-r-------|159] -> H:\autorun.inf
    [16/11/2006 13:26|-r-------|1095224] -> H:\LaunchU3.exe
    [02/02/2007 13:06|-r-------|3375339] -> H:\LaunchPad.zip
    [16/11/2006 13:26|-ra------|1095224] -> I:\LaunchU3.exe
    [08/12/2008 23:18|---hs----|56] -> I:\desktop.ini
    [16/10/2008 22:49|-r-h-----|474] -> I:\winamp_cache_0001.xml
    [09/05/2009 19:30|--ah-----|165] -> I:\~$Travail de Bachelor.pptx
    [04/03/2008 20:36|--ah-----|4096] -> I:\._.Trashes
    [27/08/2008 18:20|--ah-----|15364] -> I:\.DS_Store
    [26/04/2009 12:02|--a------|29184] -> J:\CV.doc
    [21/01/2009 13:36|--a------|23040] -> J:\lettre de mot' Bar.doc
    [24/06/2009 10:16|--a------|12541] -> J:\Lettre de Motivation aide soignante.docx
    [23/06/2009 18:27|--a------|12439] -> J:\Lettre de Motivation EPI GenŠve.docx
    [30/03/2009 17:15|--a------|924213] -> J:\pERMIS b.jpg

    ################## | Cracks / Keygens / Serials |

    ################## | Upload |

    Veuillez envoyer le fichier : D:\Deliuzza\Desktop\UsbFix_Upload_Me_PC-de-Deliuzza.zip : https://www.androidworld.fr/
    Merci pour votre contribution .

    ################## | ! Fin du rapport # UsbFix V6.024 ! |
    0
  4. Jo
     
    ...et le rapport d'hijackthis:

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 15:23:45, on 02/09/2009
    Platform: Windows Vista SP1 (WinNT 6.00.1905)
    MSIE: Internet Explorer v7.00 (7.00.6001.18294)
    Boot mode: Normal

    Running processes:
    C:\Windows\system32\Dwm.exe
    C:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\AsGHost.exe
    C:\Windows\system32\taskeng.exe
    C:\Windows\system32\conime.exe
    C:\Windows\explorer.exe
    C:\Windows\system32\wuauclt.exe
    C:\Program Files\Windows Media Player\wmpnscfg.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
    C:\Windows\system32\SearchFilterHost.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = http://proxy.etat-ge.ch:8008/proxy.asp
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    O1 - Hosts: ::1 localhost
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
    O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
    O2 - BHO: ASUS Security Protect Manager - {DF21F1DB-80C6-11D3-9483-B03D0EC10000} - C:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\ItIEAddIn.dll
    O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
    O4 - HKLM\..\Run: [ASUS Camera ScreenSaver] C:\Windows\ASScrProlog.exe
    O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
    O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
    O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
    O4 - HKLM\..\Run: [IaNvSrv] C:\Program Files\Intel\Intel Matrix Storage Manager\OROM\IaNvSrv\IaNvSrv.exe
    O4 - HKLM\..\Run: [InCD] C:\Program Files\Nero\Nero 7\InCD\InCD.exe
    O4 - HKLM\..\Run: [IFXSPMGT] C:\Windows\system32\ifxspmgt.exe /NotifyLogon
    O4 - HKLM\..\Run: [ASUS Screen Saver Protector] C:\Windows\ASScrPro.exe
    O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE RÉSEAU')
    O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
    O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
    O9 - Extra button: (no name) - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
    O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
    O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
    O13 - Gopher Prefix:
    O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
    O20 - AppInit_DLLs: APSHook.dll
    O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
    O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
    O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
    O23 - Service: Security Platform Management Service (IFXSpMgtSrv) - Infineon Technologies AG - C:\Windows\system32\ifxspmgt.exe
    O23 - Service: Trusted Platform Core Service (IFXTCS) - Infineon Technologies AG - C:\Windows\system32\ifxtcs.exe
    O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
    O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
    O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
    O23 - Service: Personal Secure Drive Service (PersonalSecureDriveService) - Infineon Technologies AG - C:\Windows\system32\IfxPsdSv.exe
    O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
    O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
    O23 - Service: spmgr - Unknown owner - C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe
    O23 - Service: Syntek AVStream USB2.0 WebCam Service (StkSSrv) - Syntek America Inc. - C:\Windows\System32\StkCSrv.exe
    0
  5. Vous n’avez pas trouvé la réponse que vous recherchez ?

    Posez votre question
  6. Remi2
     
    Vous avez postez le rapport sans avoir redémarrer le PC.
    C'est pourquoi Antivir entre autre n'apparait pas dans la section : Running processes:

    Ça devrait être correct mais pour être certain.
    >> Redémarre le PC et refaites / repostez un rapport hijackthis

    Comment va le PC.
    0
  7. Jo
     
    J'ai l'impression que ça va bcp mieux. Je n'ai aucune fenetre intempestive qui s'ouvre quand je surf sur le net. Il rame bcp bcp moins surtout quand je rentre des mots de passe...plutôt contente et soulagée!

    Voici le rapport:

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 15:50:19, on 02/09/2009
    Platform: Windows Vista SP1 (WinNT 6.00.1905)
    MSIE: Internet Explorer v7.00 (7.00.6001.18294)
    Boot mode: Normal

    Running processes:
    C:\Windows\system32\Dwm.exe
    C:\Windows\system32\taskeng.exe
    C:\Windows\Explorer.EXE
    C:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\AsGHost.exe
    C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
    C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
    C:\Program Files\Intel\Intel Matrix Storage Manager\IAANOTIF.EXE
    C:\Program Files\Nero\Nero 7\InCD\InCD.exe
    C:\Windows\ASScrPro.exe
    C:\Program Files\Windows Media Player\wmpnscfg.exe
    C:\Program Files\Infineon\Security Platform Software\PSDrt.exe
    C:\Program Files\Infineon\Security Platform Software\SpTna.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
    C:\Windows\system32\SearchFilterHost.exe
    C:\Windows\system32\wuauclt.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = http://proxy.etat-ge.ch:8008/proxy.asp
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    O1 - Hosts: ::1 localhost
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
    O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
    O2 - BHO: ASUS Security Protect Manager - {DF21F1DB-80C6-11D3-9483-B03D0EC10000} - C:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\ItIEAddIn.dll
    O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
    O4 - HKLM\..\Run: [ASUS Camera ScreenSaver] C:\Windows\ASScrProlog.exe
    O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
    O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
    O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
    O4 - HKLM\..\Run: [IaNvSrv] C:\Program Files\Intel\Intel Matrix Storage Manager\OROM\IaNvSrv\IaNvSrv.exe
    O4 - HKLM\..\Run: [InCD] C:\Program Files\Nero\Nero 7\InCD\InCD.exe
    O4 - HKLM\..\Run: [IFXSPMGT] C:\Windows\system32\ifxspmgt.exe /NotifyLogon
    O4 - HKLM\..\Run: [ASUS Screen Saver Protector] C:\Windows\ASScrPro.exe
    O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE RÉSEAU')
    O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
    O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
    O9 - Extra button: (no name) - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
    O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
    O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
    O13 - Gopher Prefix:
    O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
    O20 - AppInit_DLLs: APSHook.dll
    O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
    O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
    O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
    O23 - Service: Security Platform Management Service (IFXSpMgtSrv) - Infineon Technologies AG - C:\Windows\system32\ifxspmgt.exe
    O23 - Service: Trusted Platform Core Service (IFXTCS) - Infineon Technologies AG - C:\Windows\system32\ifxtcs.exe
    O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
    O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
    O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
    O23 - Service: Personal Secure Drive Service (PersonalSecureDriveService) - Infineon Technologies AG - C:\Windows\system32\IfxPsdSv.exe
    O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
    O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
    O23 - Service: spmgr - Unknown owner - C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe
    O23 - Service: Syntek AVStream USB2.0 WebCam Service (StkSSrv) - Syntek America Inc. - C:\Windows\System32\StkCSrv.exe
    0
  8. Jo
     
    Salut Remi,

    un GRAND GRAND merci pour tout ce que tu as fait. Ça m'as vachement aidée!!
    MERCI
    0
Précédent
  • 1
  • 2