Forum Clubic

Virus Ou pas?

Voici le rapport Hijacthis

[spoiler]Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:49:08, on 8/11/2010
Platform: Unknown Windows (WinNT 6.01.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16671)
Boot mode: Normal

Running processes:
C:\Users\Guigui\AppData\Roaming\WindowsUpdate\WindowsUpdate.exe
C:\Windows\system32\Dwm.exe
C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe
C:\Windows\system32\taskhost.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Users\Guigui\AppData\Roaming\WindowsUpdate\WindowsUpdate.exe
C:\Users\Guigui\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\WindowsUpdate.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Steam\Steam.exe
C:\Windows\System32\dinotify.exe
C:\Windows\explorer.exe
C:\Windows\system32\prevhost.exe
C:\Program Files\Windows Media Player\wmprph.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Users\Guigui\Downloads\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = go.microsoft.com…
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.be…
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = go.microsoft.com…
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = go.microsoft.com…
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = go.microsoft.com…
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = go.microsoft.com…
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Messenger Plus Live Belgium Toolbar - {d1a1c8f1-e3d9-48df-802f-20201061ef61} - C:\Program Files\Messenger_Plus_Live_Belgium\tbMess.dll
F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe,C:\Users\Guigui\AppData\Roaming\WindowsUpdate\WindowsUpdate.exe,
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll
O2 - BHO: Messenger Plus Live Belgium Toolbar - {d1a1c8f1-e3d9-48df-802f-20201061ef61} - C:\Program Files\Messenger_Plus_Live_Belgium\tbMess.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Messenger Plus Live Belgium Toolbar - {d1a1c8f1-e3d9-48df-802f-20201061ef61} - C:\Program Files\Messenger_Plus_Live_Belgium\tbMess.dll
O3 - Toolbar: Nero Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
O4 - HKLM…\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM…\Run: [Microsoft Default Manager] “C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe” -resume
O4 - HKLM…\Run: [avast!] “C:\Program Files\Alwil Software\Avast4\ashDisp.exe”
O4 - HKLM…\Run: [WindowsUpdate] C:\Users\Guigui\AppData\Roaming\WindowsUpdate\WindowsUpdate.exe
O4 - HKLM…\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM…\Run: [USB Storage Toolbox] C:\Windows\UMStor\Res.EXE
O4 - HKCU…\Run: [msnmsgr] “C:\Program Files\Windows Live\Messenger\msnmsgr.exe” /background
O4 - HKCU…\Run: [NFI Start] C:\Program Files\NFI\NFI.exe
O4 - HKCU…\RunOnce: [x64setup] cmd.exe /Q /c If EXIST “%programfiles%\VistaCodecPack\icons\icons64.dll” REG ADD HKCU\Software\GNU\ffdshow\default /v isSubtitles /t REG_DWORD /d 1 /f
O4 - HKCU…\RunOnce: [x64setup2] cmd.exe /Q /c If EXIST “%programfiles%\VistaCodecPack\icons\icons64.dll” regsvr32.exe /S “%programfiles%\VistaCodecPack\filters\MatroskaSplitter.ax”
O4 - HKCU…\RunOnce: [x64setup3] cmd.exe /Q /c If EXIST “%programfiles%\VistaCodecPack\icons\icons64.dll” REG DELETE “HKCR\Media Type\Extensions.dts” /f
O4 - HKCU…\RunOnce: [x64setup4] cmd.exe /Q /c If EXIST “%programfiles%\VistaCodecPack\icons\icons64.dll” REG DELETE “HKCR\Media Type\Extensions.ac3” /f
O4 - HKCU…\RunOnce: [x64setup1] cmd.exe /Q /c If EXIST “%programfiles%\VistaCodecPack\icons\icons64.dll” REG ADD HKCU\Software\GNU\ffdshow_audio /v ac3 /t REG_DWORD /d 15 /f
O4 - HKLM…\Policies\Explorer\Run: [Spoolsv] C:\Windows\system32\spoolsv.exe
O4 - Startup: WindowsUpdate.exe
O8 - Extra context menu item: Sothink SWF Catcher - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm
O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll
O9 - Extra button: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm
O9 - Extra ‘Tools’ menuitem: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O13 - Gopher Prefix:
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - messenger.zone.msn.com…
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - messenger.zone.msn.com…
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} ("Ma-Config.com control) - fichiers.touslesdrivers.com…
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - messenger.zone.msn.com…
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - fpdownload2.macromedia.com…
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: LogMeIn Hamachi 2.0 Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: TeamViewer 5 (TeamViewer5) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe
O23 - Service: @C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software - C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe
O23 - Service: wampapache - Unknown owner - c:\wamp\bin\apache\apache2.2.11\bin\httpd.exe (file missing)
O23 - Service: wampmysqld - Unknown owner - c:\wamp\bin\mysql\mysql5.1.36\bin\mysqld.exe (file missing)


End of file - 8617 bytes
[/spoiler]

Bonsoir,

La réponse est oui :neutre:

Tu as un antivirus ? si oui fait une analyse avec !

6 virus pour l’instant !

Bizarre, Avast n’est pas le meilleur mais il aurait laissé passer 6 virii? C’est pas plutôt des spywares? Parce que choper 6 virii d’un coup, faut en vouloir quand même.

En regardant son log, tu vois qu’il a des virii mais tu vois pas qu’il a un antivirus? :heink:

Bonsoir Salsa Dude :slight_smile:

il y a une méprise sur mes propos, je pense qu’avant de faire et de poster une analyse HijackThis on doit faire une analyse avec son antivirus voir même aussi avec Malwarebytes,
je voulais plutôt signaler avec humour " tas un antivirus alors sert toi en !

Bonsoir guillaume001 :hello:

Essaye aussi avec
www.clubic.com…

Beaucoup d’infections avec Avast :etonne2:

Antivir, AVG ou bien MSE en gratuit sont sans doute mieux à mes yeux :super:
www.clubic.com…
www.clubic.com…
www.clubic.com…

P.S : Bon la prochaine fois je reste dans les clous, pardon :peur:

:stuck_out_tongue: Meuh non, j’avais pas compris ça comme ça. :wink: Du coup, y a les modos qui m’obligent à poster un sujet intéressant avant la fin de la semaine comme punition. :confused: Sont fous ces types, comme si c’était dans mes cordes. :stuck_out_tongue: