Sujet Précédent Sujet Suivant

Probleme centre de sécurité

Résolu/Fermé
karhott Messages postés 33 Date d'inscription mercredi 23 juillet 2008 Statut Membre Dernière intervention 28 décembre 2009 - 25 déc. 2009 à 10:40
karhott Messages postés 33 Date d'inscription mercredi 23 juillet 2008 Statut Membre Dernière intervention 28 décembre 2009 - 28 déc. 2009 à 13:48
Bonjour,

Voilà, ce matin en allumant mon ordi portable, le centre de sécurité est désactivé, j ai essayé de l'activer dans les services(je choisi le mode automatique, valide mais ca reste en desactivé). A la place j ai un gentil centre de sécurité en anglais, un faux, ou je "peux" acheter des logiciels pour ma sécurité....
je ne peux lancer mon antivirus, malwarebytes non plus....et aussi spybot seachr and destroy
En mode sans echec pareil


je ne sais pas qui est allé dans mon dos sur mon pc enfin bref

Merci d'avance et joyeux noel

61 réponses

Précédent
Réponse 41 / 61
karhott Messages postés 33 Date d'inscription mercredi 23 juillet 2008 Statut Membre Dernière intervention 28 décembre 2009
26 déc. 2009 à 00:50
voila



ComboFix 09-12-25.02 - Benjamin 26/12/2009 0:20.1.2 - x86
Microsoft® Windows Vista™ Édition Familiale Premium 6.0.6002.2.1252.33.1036.18.3070.2151 [GMT 1:00]
Lancé depuis: c:\users\Benjamin\Desktop\ComboFix.exe
SP: Spybot - Search and Destroy *disabled* (Outdated) {ED588FAF-1B8F-43B4-ACA8-8E3C85DADBE9}
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
.
PEV Error: CacheFile
PEV Error: CacheFolder

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\system32\drivers\H8SRTtcwnqwonum.sys
c:\windows\system32\H8SRTfrvblxxmkk.dll
c:\windows\system32\H8SRTgptimyipqp.dll
c:\windows\system32\H8SRTiuwtfybqon.dat
c:\windows\system32\srcr.dat

.
((((((((((((((((((((((((((((((((((((((( Pilotes/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_H8SRTd.sys
-------\Service_H8SRTd.sys


((((((((((((((((((((((((((((( Fichiers créés du 2009-11-25 au 2009-12-25 ))))))))))))))))))))))))))))))))))))
.

2009-12-25 23:29 . 2009-12-25 23:29 -------- d-----w- c:\users\Default\AppData\Local\temp
2009-12-25 23:29 . 2009-12-25 23:32 -------- d-----w- c:\users\Benjamin\AppData\Local\temp
2009-12-25 22:26 . 2009-12-25 22:41 -------- d-----w- C:\UsbFix
2009-12-25 20:54 . 2009-12-25 20:54 -------- d-----w- c:\users\Benjamin\AppData\Roaming\PeerNetworking
2009-12-25 20:40 . 2009-12-25 20:41 -------- d-----w- C:\Kill'em
2009-12-25 20:13 . 2009-12-03 15:14 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-12-25 20:13 . 2009-12-25 20:13 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-12-25 20:13 . 2009-12-03 15:13 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-12-25 19:45 . 2009-12-25 19:45 -------- d-----w- c:\program files\List_Kill'em
2009-12-25 11:54 . 2009-12-25 12:32 -------- d-----w- C:\FindyKill
2009-12-25 11:13 . 2009-12-25 11:13 -------- d-----w- C:\_OTM
2009-12-25 10:40 . 2009-12-25 21:50 -------- d-----w- c:\program files\trend micro
2009-12-25 10:40 . 2009-12-25 10:40 -------- d-----w- C:\rsit
2009-12-25 09:10 . 2009-11-25 10:19 56816 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2009-12-25 09:10 . 2009-03-30 08:32 96104 ----a-w- c:\windows\system32\drivers\avipbb.sys
2009-12-25 09:10 . 2009-12-25 09:10 -------- d-----w- c:\programdata\Avira
2009-12-25 09:10 . 2009-12-25 09:10 -------- d-----w- c:\program files\Avira
2009-12-13 21:58 . 2009-12-13 21:58 -------- d-----w- c:\users\Benjamin\AppData\Roaming\teamspeak2
2009-12-13 21:57 . 2009-12-13 21:58 -------- d-----w- c:\program files\Teamspeak2_RC2
2009-12-10 06:45 . 2009-12-10 06:45 -------- d-sh--w- c:\windows\system32\%APPDATA%
2009-12-09 22:20 . 2009-11-09 12:31 24064 ----a-w- c:\windows\system32\nshhttp.dll
2009-12-09 22:20 . 2009-11-09 10:36 411648 ----a-w- c:\windows\system32\drivers\http.sys
2009-12-09 22:20 . 2009-11-09 12:30 30720 ----a-w- c:\windows\system32\httpapi.dll
2009-12-09 22:10 . 2009-08-24 11:36 377344 ----a-w- c:\windows\system32\winhttp.dll
2009-12-09 19:28 . 2009-10-07 11:36 243712 ----a-w- c:\windows\system32\rastls.dll
2009-12-06 13:55 . 2009-12-06 14:06 -------- d-----w- c:\users\Benjamin\.gimp-2.6
2009-12-06 13:54 . 2009-12-06 13:54 -------- d-----w- c:\program files\GIMP-2.0
2009-11-30 17:02 . 2009-11-30 17:02 171144 ----a-w- c:\windows\system32\xliveinstall.dll
2009-11-30 17:02 . 2009-11-30 17:02 72840 ----a-w- c:\windows\system32\xliveinstallhost.exe

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-12-25 23:31 . 2009-09-11 15:31 238294 ----a-w- c:\programdata\nvModes.dat
2009-12-25 23:31 . 2009-07-14 04:40 17408 ----a-w- c:\windows\system32\rpcnetp.exe
2009-12-25 23:31 . 2009-09-11 22:02 56680 ----a-w- c:\windows\system32\rpcnet.dll
2009-12-25 23:22 . 2008-04-16 11:16 672322 ----a-w- c:\windows\system32\perfh00C.dat
2009-12-25 23:22 . 2008-04-16 11:16 124434 ----a-w- c:\windows\system32\perfc00C.dat
2009-12-25 23:13 . 2009-09-11 20:43 -------- d-----w- c:\users\Benjamin\AppData\Roaming\vlc
2009-12-25 21:53 . 2009-09-11 21:19 -------- d-----w- c:\program files\Steam
2009-12-25 21:16 . 2009-07-14 04:44 17408 ----a-w- c:\windows\system32\rpcnetp.dll
2009-12-25 09:22 . 2009-09-11 21:17 -------- d-----w- c:\programdata\Spybot - Search & Destroy
2009-12-25 09:07 . 2009-10-02 18:12 -------- d-----w- c:\program files\ESET
2009-12-21 16:41 . 2009-10-17 12:48 107888 ----a-w- c:\windows\system32\CmdLineExt.dll
2009-12-19 00:01 . 2009-11-01 13:32 7808 ----a-w- c:\users\Benjamin\AppData\Local\d3d9caps.dat
2009-12-18 12:27 . 2009-12-18 12:27 155648 ----a-w- c:\programdata\TuneUp Software\TuneUp Utilities\WinStyler\LogoAnimations\Etudiant.tla.dll
2009-12-15 14:47 . 2009-09-24 19:03 737280 ----a-w- c:\programdata\TuneUp Software\TuneUp Utilities\WinStyler\LogoAnimations\Karhott.tla.dll
2009-12-10 06:46 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail
2009-12-10 06:45 . 2009-07-14 04:55 -------- d-----w- c:\programdata\Microsoft Help
2009-12-07 19:58 . 2009-09-24 22:02 -------- d-----w- c:\users\Benjamin\AppData\Roaming\Azureus
2009-11-30 23:10 . 2009-09-25 18:41 2727936 ----a-w- c:\programdata\TuneUp Software\TuneUp Utilities\WinStyler\LogonScreens\Crysis.tls.dll
2009-11-28 23:48 . 2009-11-28 23:48 3051520 ----a-w- c:\programdata\TuneUp Software\TuneUp Utilities\WinStyler\LogonScreens\Batman.tls.dll
2009-11-21 23:47 . 2009-07-14 05:08 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-11-21 19:14 . 2009-10-04 12:34 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2009-11-21 18:49 . 2009-11-21 18:49 -------- d-----w- c:\program files\Eidos
2009-11-21 06:40 . 2009-12-10 06:04 916480 ----a-w- c:\windows\system32\wininet.dll
2009-11-21 06:34 . 2009-12-10 06:04 109056 ----a-w- c:\windows\system32\iesysprep.dll
2009-11-21 06:34 . 2009-12-10 06:04 71680 ----a-w- c:\windows\system32\iesetup.dll
2009-11-21 04:59 . 2009-12-10 06:04 133632 ----a-w- c:\windows\system32\ieUnatt.exe
2009-11-20 06:32 . 2009-09-11 15:19 -------- d-----w- c:\programdata\NVIDIA
2009-11-18 18:40 . 2009-10-04 12:34 -------- d-----w- c:\program files\AGEIA Technologies
2009-11-16 02:13 . 2009-11-16 02:13 216576 ----a-w- c:\windows\system32\drivers\Rtlh86.sys
2009-11-15 13:15 . 2009-09-11 20:43 -------- d-----w- c:\program files\WowCartographe
2009-11-15 10:36 . 2009-09-12 19:02 -------- d-----w- c:\users\Benjamin\AppData\Roaming\dvdcss
2009-11-12 06:24 . 2009-11-12 06:24 94208 ----a-w- c:\windows\system32\RTNUninst32.dll
2009-11-11 14:55 . 2009-11-11 14:54 -------- d-----w- c:\program files\sges-v3-prelude
2009-11-11 14:52 . 2009-11-11 14:42 -------- d-----w- c:\program files\NetBeans 6.7.1
2009-11-11 14:41 . 2009-11-11 14:41 -------- d-----w- c:\program files\Sun
2009-11-11 14:39 . 2009-09-12 09:46 -------- d-----w- c:\program files\Java
2009-11-08 10:15 . 2009-09-11 23:09 -------- d-----w- c:\program files\Messenger Plus! Live
2009-11-06 20:21 . 2009-11-06 20:21 -------- d-----w- c:\program files\Lavalys
2009-11-06 09:59 . 2009-11-06 09:59 15406728 ----a-w- c:\windows\system32\xlive.dll
2009-11-06 09:59 . 2009-11-06 09:59 13642888 ----a-w- c:\windows\system32\xlivefnt.dll
2009-11-05 06:40 . 2009-11-05 06:40 2056192 ----a-w- c:\programdata\TuneUp Software\TuneUp Utilities\WinStyler\LogonScreens\Red.tls.dll
2009-11-02 19:38 . 2009-10-03 16:20 -------- d-----w- c:\program files\Rockstar Games
2009-11-02 19:32 . 2009-11-02 19:32 -------- d-----w- c:\program files\SocksCapV2
2009-11-01 18:35 . 2009-11-01 18:33 -------- d-----w- c:\program files\HTTP-Tunnel
2009-11-01 18:34 . 2009-11-01 18:34 -------- d-----w- c:\program files\OpenSSH
2009-10-31 11:59 . 2009-09-11 21:19 -------- d-----w- c:\program files\Common Files\Steam
2009-10-29 09:17 . 2009-11-25 13:43 2048 ----a-w- c:\windows\system32\tzres.dll
2009-10-28 15:18 . 2009-10-28 15:18 -------- d-----w- c:\program files\Windows Portable Devices
2009-10-28 15:18 . 2006-11-02 10:25 665600 ----a-w- c:\windows\inf\drvindex.dat
2009-10-28 15:18 . 2009-10-28 15:18 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdFs_01_07_00.Wdf
2009-10-28 10:16 . 2009-10-28 10:16 -------- d-----w- c:\program files\Volition Inc
2009-10-21 16:45 . 2008-10-10 06:36 33792 ----a-w- c:\windows\system32\identprv.dll
2009-10-21 11:10 . 2009-10-20 05:10 741376 ----a-w- c:\programdata\Proc defy window jugs\CITY LOUD.exe
2009-10-20 05:10 . 2009-10-01 12:40 278528 ----a-w- c:\programdata\Film Curb Part\FastBiasAtomHeck.exe
2009-10-20 05:10 . 2009-10-20 05:10 741376 ----a-w- c:\programdata\Film Curb Part\pwyqgrar.exe
2009-10-20 05:09 . 2009-10-01 12:39 417280 ----a-w- c:\programdata\Film Curb Part\AudioOwnsSpam.exe
2009-10-17 11:21 . 2009-10-17 11:21 653560 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2009-10-11 19:41 . 2009-10-04 12:13 22328 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2009-10-11 19:41 . 2009-10-04 12:13 66872 ----a-w- c:\windows\system32\PnkBstrA.exe
2009-10-11 19:41 . 2009-10-04 12:13 103736 ----a-w- c:\windows\system32\PnkBstrB.exe
2009-10-11 18:59 . 2009-10-04 12:13 22328 ----a-w- c:\users\Benjamin\AppData\Roaming\PnkBstrK.sys
2009-10-11 18:59 . 2009-10-04 12:13 22328 ----a-w- c:\users\Benjamin\AppData\Roaming\PnkBstrK.sys
2009-10-08 21:08 . 2009-10-28 10:32 555520 ----a-w- c:\windows\system32\UIAutomationCore.dll
2009-10-08 21:08 . 2009-10-28 10:32 234496 ----a-w- c:\windows\system32\oleacc.dll
2009-10-08 21:07 . 2009-10-28 10:32 4096 ----a-w- c:\windows\system32\oleaccrc.dll
2009-10-05 19:33 . 2009-10-05 19:33 3039232 ----a-w- c:\programdata\TuneUp Software\TuneUp Utilities\WinStyler\LogonScreens\Mirror's edge.tls.dll
2009-10-04 12:13 . 2009-10-04 12:13 682280 ----a-w- c:\windows\system32\pbsvc.exe
2009-10-03 20:12 . 2009-10-03 20:12 1700352 ----a-w- c:\windows\system32\gdiplus.dll
2009-10-03 16:58 . 2009-11-11 14:22 77117208 ----a-w- c:\users\Benjamin\jdk-6u16-windows-i586.exe
2009-10-03 16:56 . 2009-10-03 16:56 25280 ----a-w- c:\windows\system32\drivers\hamachi.sys
2009-10-03 16:55 . 2009-10-03 16:55 57344 ----a-w- c:\windows\system32\COMMTB32.DLL
2009-10-03 16:55 . 2009-10-03 16:55 28672 ----a-w- c:\windows\system32\HLP95EN.DLL
2009-10-03 16:55 . 2009-10-03 16:55 169984 ----a-w- c:\windows\system32\P2D.DLL
2009-10-03 16:55 . 2009-10-03 16:55 161552 ----a-w- c:\windows\system32\ASYCPICT.DLL
2009-10-01 08:29 . 2009-10-03 00:19 195440 ------w- c:\windows\system32\MpSigStub.exe
2009-10-01 01:02 . 2009-10-28 10:34 2537472 ----a-w- c:\windows\system32\wpdshext.dll
2009-10-01 01:02 . 2009-10-28 10:34 30208 ----a-w- c:\windows\system32\WPDShextAutoplay.exe
2009-10-01 01:02 . 2009-10-28 10:34 334848 ----a-w- c:\windows\system32\PortableDeviceApi.dll
2009-10-01 01:02 . 2009-10-28 10:34 87552 ----a-w- c:\windows\system32\WPDShServiceObj.dll
2009-10-01 01:02 . 2009-10-28 10:34 31232 ----a-w- c:\windows\system32\BthMtpContextHandler.dll
2009-10-01 01:01 . 2009-10-28 10:34 546816 ----a-w- c:\windows\system32\wpd_ci.dll
2009-10-01 01:01 . 2009-10-28 10:34 160256 ----a-w- c:\windows\system32\PortableDeviceTypes.dll
2009-10-01 01:01 . 2009-10-28 10:34 60928 ----a-w- c:\windows\system32\PortableDeviceConnectApi.dll
2009-10-01 01:01 . 2009-10-28 10:34 350208 ----a-w- c:\windows\system32\WPDSp.dll
2009-10-01 01:01 . 2009-10-28 10:34 196608 ----a-w- c:\windows\system32\PortableDeviceWMDRM.dll
2009-10-01 01:01 . 2009-10-28 10:34 100864 ----a-w- c:\windows\system32\PortableDeviceClassExtension.dll
2009-10-01 01:01 . 2009-10-28 10:34 81920 ----a-w- c:\windows\system32\wpdbusenum.dll
2009-09-29 09:24 . 2009-09-29 09:24 266240 ----a-w- c:\programdata\TuneUp Software\TuneUp Utilities\WinStyler\LogoAnimations\Lapin.tla.dll
2009-09-28 21:23 . 2009-09-28 21:23 8854 ----a-r- c:\users\Benjamin\AppData\Roaming\Microsoft\Installer\{9559F7CA-5E34-4237-A2D9-D856464AD727}\Uninstall_Project64__9559F7CA5E344237A2D9D856464AD727.exe
2009-09-28 21:23 . 2009-09-28 21:23 40960 ----a-r- c:\users\Benjamin\AppData\Roaming\Microsoft\Installer\{9559F7CA-5E34-4237-A2D9-D856464AD727}\NewShortcut1_9559F7CA5E344237A2D9D856464AD727.exe
2009-09-28 21:23 . 2009-09-28 21:23 40960 ----a-r- c:\users\Benjamin\AppData\Roaming\Microsoft\Installer\{9559F7CA-5E34-4237-A2D9-D856464AD727}\ARPPRODUCTICON.exe
2006-05-03 09:06 . 2009-09-11 17:09 163328 --sh--r- c:\windows\System32\flvDX.dll
2007-02-21 10:47 . 2009-09-11 17:09 31232 --sh--r- c:\windows\System32\msfDX.dll
2009-07-14 05:05 . 2009-07-14 05:05 8192 --sha-w- c:\windows\Users\Default\NTUSER.DAT
.

((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ADSMOverlayIcon1]
@="{A8D448F4-0431-45AC-9F5E-E1B434AB2249}"
[HKEY_CLASSES_ROOT\CLSID\{A8D448F4-0431-45AC-9F5E-E1B434AB2249}]
2007-06-02 00:08 143360 ----a-w- c:\program files\ASUS\ASUS Data Security Manager\OverlayIconShlExt1.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-21 202240]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ATKOSD2"="c:\program files\ASUS\ATKOSD2\ATKOSD2.exe" [2008-09-03 8105984]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2008-07-31 1348904]
"ASUS Screen Saver Protector"="c:\windows\AsScrPro.exe" [2009-07-14 3054136]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-07-02 13789728]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"= 0 (0x0)
"FilterAdministratorToken"= 1 (0x1)
"EnableUIADesktopToggle"= 0 (0x0)
"UacDisableNotify"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"HonorAutoRunSetting"= 0 (0x0)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"HonorAutoRunSetting"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"mixer"=wdmaud.drv

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk /r \??\C:\0autocheck autochk *

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Dead Rdr
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OODefragTray
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Window jugs camp store

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EA Core]
2008-12-11 15:00 3321856 ----a-w- c:\program files\Electronic Arts\EADM\Core.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LightScribe Control Panel]
2008-06-09 17:16 2363392 ----a-w- c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
2009-07-26 14:44 3883856 ----a-w- c:\program files\Windows Live\Messenger\msnmsgr.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
2009-07-02 00:56 13789728 ----a-w- c:\windows\System32\nvcpl.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
2009-07-02 00:56 92704 ----a-w- c:\windows\System32\nvmctray.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RGSC]
2009-10-23 16:46 306088 ----a-w- c:\program files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl]
2008-05-20 16:06 6144000 ----a-w- c:\windows\RtHDVCpl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer]
2009-03-05 14:07 2260480 --sha-r- c:\program files\Spybot - Search & Destroy\TeaTimer.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
2009-11-29 17:53 1217808 ----a-w- c:\program files\Steam\Steam.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ThrustTSR]
2003-04-10 09:44 217088 ----a-w- c:\program files\Thrustmaster\Thrustmapper\TMTMTSR.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender]
2008-01-21 02:23 1008184 ----a-w- c:\program files\Windows Defender\MSASCui.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"ehTray.exe"=c:\windows\ehome\ehTray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe"
"ADSMTray"=c:\program files\ASUS\ASUS Data Security Manager\ADSMTray.exe
"HControlUser"=c:\program files\ASUS\ATK Hotkey\HControlUser.exe
"ATKMEDIA"=c:\program files\ASUS\ATK Media\DMedia.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"VistaSp2"=hex(b):3f,d7,38,95,f4,39,ca,01

R2 AntiVirSchedulerService;Avira AntiVir Planificateur;c:\program files\Avira\AntiVir Desktop\sched.exe [25/12/2009 10:10 108289]
R2 SBSDWSCService;SBSD Security Center Service;c:\program files\Spybot - Search & Destroy\SDWinSec.exe [11/09/2009 22:17 1153368]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\System32\drivers\nvhda32v.sys [11/05/2009 11:49 64544]
R3 WsAudioDevice_383;WsAudioDevice_383;c:\windows\System32\drivers\WsAudioDevice_383.sys [04/10/2009 00:01 16640]
S2 Norton Internet Security;Norton Internet Security;"c:\program files\Norton Internet Security\Engine\16.0.0.125\ccSvcHst.exe" /s "Norton Internet Security" /m "c:\program files\Norton Internet Security\Engine\16.0.0.125\diMaster.dll" /prefetch:1 --> c:\program files\Norton Internet Security\Engine\16.0.0.125\ccSvcHst.exe [?]
S2 OpenSSHd;OpenSSH Server;c:\program files\OpenSSH\bin\cygrunsrv.exe [18/04/2004 12:11 36864]
S3 FontCache;Service de cache de police Windows;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [21/01/2008 03:23 21504]
S3 fssfltr;FssFltr;c:\windows\System32\drivers\fssfltr.sys [11/10/2009 14:50 54632]
S3 fsssvc;Service Windows Live Contrôle parental;c:\program files\Windows Live\Family Safety\fsssvc.exe [05/08/2009 21:48 704864]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2008-06-09 17:14 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
------- Examen supplémentaire -------
.
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
FF - ProfilePath - c:\users\Benjamin\AppData\Roaming\Mozilla\Firefox\Profiles\ozc7haiy.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.fr/ig
FF - prefs.js: network.proxy.type - 4
FF - plugin: c:\program files\Microsoft\Office Live\npOLW.dll
FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- PARAMETRES FIREFOX ----
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: content.notify.interval - 600000
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.switch.threshold - 600000
FF - user.js: browser.xul.error_pages.enabled - true
.
- - - - ORPHELINS SUPPRIMES - - - -

MSConfigStartUp-XboxStat - c:\program files\Microsoft Xbox 360 Accessories\XboxStat.exe
AddRemove-HijackThis - F:\HijackThis.exe



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-12-26 00:31
Windows 6.0.6002 Service Pack 2 NTFS

Recherche de processus cachés ...

Recherche d'éléments en démarrage automatique cachés ...

Recherche de fichiers cachés ...


C:\ADSM_PData_0150

Scan terminé avec succès
Fichiers cachés: 1

**************************************************************************

Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net

device: opened successfully
user: MBR read successfully
called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys acpi.sys hal.dll iaStor.sys spco.sys >>UNKNOWN [0x854DC938]<<
kernel: MBR read successfully
detected MBR rootkit hooks:
\Driver\Disk -> CLASSPNP.SYS @ 0x8ab9fd24
\Driver\ACPI -> acpi.sys @ 0x8a411d68
\Driver\atapi -> 0x855251f8
\Driver\iaStor -> iaStor.sys @ 0x8a560a60
IoDeviceObjectType ->\Device\Harddisk0\DR0 ->Warning: possible MBR rootkit infection !
user & kernel MBR OK
copy of MBR has been found in sector 61 !
copy of MBR has been found in sector 62 !

**************************************************************************

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Norton Internet Security]
"ImagePath"="\"c:\program files\Norton Internet Security\Engine\16.0.0.125\ccSvcHst.exe\" /s \"Norton Internet Security\" /m \"c:\program files\Norton Internet Security\Engine\16.0.0.125\diMaster.dll\" /prefetch:1"
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------

[HKEY_USERS\S-1-5-21-2633594002-2118233760-1478565296-1000\Software\SecuROM\License information*]
"datasecu"=hex:93,51,b8,20,29,4c,75,51,c7,54,a1,d1,be,4f,86,48,1e,e6,40,a3,83,
d7,d3,ec,01,74,4c,71,9e,62,6f,47,1a,b5,cc,39,1f,ab,e3,dc,bb,5b,ee,68,b4,19,\
"rkeysecu"=hex:97,b0,ad,cb,60,45,5a,c0,cd,57,55,7b,d5,d4,64,fc

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\System*]
"OODEFRAG11.00.00.01WORKSTATION"="466157FDA409106AB0AB17A880FBC3B4E8683D77C1E575F631196F876441DFF65AE2EEE9A29E0FD538B3BA56530FA0CAE4F4EEF0919BD673D6CA8221BFD179B5466A4D7A4EFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CA6A0AC4980AC7933C038D530D6EB3452BA7FD869164D6794A6171C11EC38DE3D0313690311076652B604248FF753F94427F05F903076B96AEB650C789AA0157BBC18E75B80E1A83E7CCC6057DEB2254CD681FC48D0CFC1B966F260C87AE04678F267540B0FEEA01A39D66CF965300B59C8D4AFB0952044786AD3DA3CAFE451EE1C36AD32FD0BDA619E2DC793D20D0DF089E91882702C915BFC1E5FC7F897975F57CDB7A272E5E70101EC37F357DD8810C6D21E2CB88F7B89C6789516F5B87C40E48A7CE57683DC5C5C4945A0848B6724D4B8EB50ABB5599F1220E687AAD9E6F9A8DF45B677BB52C84C883FD1D1D211122A55EDC1E6E185AC506584AC7F62C2E8ACD02505C539E310958435749943F2AFE0F8D68C6EA95EB514ACE0CB400C7F5F9D766D7397FC34F09A2BFCA719C2804738869D6CA9F5C632176C32E01FE791204C01B859875AE61DE801AE42740AAC9993747C54E306A40FB3B2F31A2F5670E7ADAF62C3107924B92C19A8CAAFA6F257F8507068CC6A64ABE9A0E5596A8F17DF5A57897095D498E1B69F8B7EB7F6512B14B6BC04770A735B5DE88B36AA9D84AB8FE19355DB3E76A3FDD2BC4ED933492CB3DC66B2DA9DC4E757D2AA793260BDDE2ECCA8968CD7EF801D05655E48E05EEB4A09393754B2CD8A433DCF242489CA03BB293413B499C06F511B7207985E1DECEE964207A02D0B773096C9660B2036955F1CE6584650A2D97C909454C6DC9125DDF5D3CA64407A4ED2E3AA28D07E1087E6DFB4AA179B571D25F3C288315FCD0173A8836128F61E2A83BD4A83C7546BBDC440D581DF6D248BF3E63396194167DE35C62D5B552FFD95BCCF44C6A224618F0B1FC608BD9051EB37A06628A5ACF691C7FB6CFDBC9A23111FDAF7F47BC48CCC7572C69DB21E2BF7616A1B98E0241DE0F787A644913E9D116F328743CC608CB55E435AD6250703DC0922D679BAFBF887B23C7ED9E9757F7C93BFDA1F79F6857DC82DC9F9DB0E2C3E65BAE30E035D30B30D01E0A1C26C5F3098FD1CA344D99ECE58632204064D01B0D7BACE5071C36D0A3CD17A30FAA5577C2F7DBB26D5B083C656AA32A2B52E5CBE5FBCE7EB21815E201C3EBD50567787A4AA64EB2BBAF4E376AE5C8EBADDF1A067A36DC5410F3AB381ABE8E1FD7B8911E08169A4EEE2F7F3E174E510E3D9AB321BED1140661F67A32D8C88DEECF5DC1CDDD1D821DE235A6A825B47D06867437840AB7C75A19554E816076A7480B540D0BADA135F1DB3940445BB9834C8A675E032EF9A45"
.
--------------------- DLLs chargées dans les processus actifs ---------------------

- - - - - - - > 'Explorer.exe'(868)
c:\program files\ASUS\ASUS Data Security Manager\OverlayIconShlExt.dll
c:\program files\ASUS\ASUS Data Security Manager\OverlayIconShlExt1.dll
.
------------------------ Autres processus actifs ------------------------
.
c:\windows\system32\nvvsvc.exe
c:\program files\ASUS\ASUS Data Security Manager\ADSMSrv.exe
c:\program files\ASUS\ATK Hotkey\ASLDRSrv.exe
c:\program files\ATKGFNEX\GFNEXSrv.exe
c:\windows\system32\nvvsvc.exe
c:\windows\system32\WLANExt.exe
c:\program files\Avira\AntiVir Desktop\avguard.exe
c:\program files\Common Files\LightScribe\LSSrvc.exe
c:\windows\system32\PnkBstrA.exe
c:\windows\system32\rpcnet.exe
c:\windows\System32\TUProgSt.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\windows\system32\WUDFHost.exe
c:\program files\ASUS\SmartLogon\sensorsrv.exe
c:\program files\ASUS\ATK Hotkey\MsgTranAgt.exe
c:\program files\ASUS\ATK Hotkey\HControl.exe
c:\program files\P4G\BatteryLife.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\program files\ASUS\ATK Hotkey\ATKOSD.exe
c:\program files\ASUS\ATK Hotkey\KBFiltr.exe
c:\program files\ASUS\ATK Hotkey\WDC.exe
c:\windows\system32\conime.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\windows\system32\wbem\unsecapp.exe
c:\program files\Synaptics\SynTP\SynTPHelper.exe
.
**************************************************************************
.
Heure de fin: 2009-12-26 00:42:18 - La machine a redémarré
ComboFix-quarantined-files.txt 2009-12-25 23:42

Avant-CF: 42 649 899 008 octets libres
Après-CF: 42 357 694 464 octets libres

- - End Of File - - 853B6439FF19A25E4F7ADBC805FF8C9D
0
Réponse 42 / 61
Utilisateur anonyme
26 déc. 2009 à 01:13
Eh bien ,ce rootkit était bien accroché.....

Relances OTM avec ce script :

:files
c:\program files\msnmsgr.exe






:commands
[purity]
[emptytemp]
[start explorer]
[Reboot]


a+
0
Réponse 43 / 61
Utilisateur anonyme
26 déc. 2009 à 01:22
LOP ?
0
Réponse 44 / 61
karhott Messages postés 33 Date d'inscription mercredi 23 juillet 2008 Statut Membre Dernière intervention 28 décembre 2009
26 déc. 2009 à 08:50
Voila j ai lancé OTM, autre chose a faire?
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 45 / 61
karhott Messages postés 33 Date d'inscription mercredi 23 juillet 2008 Statut Membre Dernière intervention 28 décembre 2009
27 déc. 2009 à 12:41
Voila, désolé j ai mis du temps, lendemain de noel oblige^^





--------------------\\ Lop S&D 4.2.5-0 XP/Vista

Microsoft® Windows Vista™ Édition Familiale Premium ( v6.0.6002 ) Service Pack 2
X86-based PC ( Multiprocessor Free : Intel(R) Core(TM)2 Duo CPU T5900 @ 2.20GHz )
BIOS : Default System BIOS
USER : Benjamin ( Administrator )
BOOT : Normal boot
C:\ (Local Disk) - NTFS - Total:182 Go (Free:39 Go)
D:\ (Local Disk) - NTFS - Total:271 Go (Free:220 Go)
E:\ (CD or DVD)
G:\ (CD or DVD)

"C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
Option : [1] ( 27/12/2009|12:25 )

[ UAC => 0 ]

--------------------\\ Listing des dossiers dans Local

[04/10/2009|13:25] C:\Users\Benjamin\AppData\Local\Activision
[11/09/2009|17:14] C:\Users\Benjamin\AppData\Local\Adobe
[11/09/2009|16:19] C:\Users\Benjamin\AppData\Local\Application Data
[11/09/2009|17:24] C:\Users\Benjamin\AppData\Local\ASUS
[19/12/2009|01:01] C:\Users\Benjamin\AppData\Local\d3d9caps.dat
[18/12/2009|14:27] C:\Users\Benjamin\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[11/09/2009|23:45] C:\Users\Benjamin\AppData\Local\Downloaded Installations
[12/09/2009|12:05] C:\Users\Benjamin\AppData\Local\Electronic Arts
[25/09/2009|21:54] C:\Users\Benjamin\AppData\Local\GDIPFONTCACHEV1.DAT
[11/09/2009|17:49] C:\Users\Benjamin\AppData\Local\Google
[11/09/2009|16:19] C:\Users\Benjamin\AppData\Local\Historique
[26/12/2009|11:35] C:\Users\Benjamin\AppData\Local\IconCache.db
[25/12/2009|09:48] C:\Users\Benjamin\AppData\Local\Microsoft
[10/10/2009|17:58] C:\Users\Benjamin\AppData\Local\Microsoft Corporation
[05/11/2009|11:00] C:\Users\Benjamin\AppData\Local\Microsoft Games
[12/09/2009|09:08] C:\Users\Benjamin\AppData\Local\Microsoft Help
[11/09/2009|18:07] C:\Users\Benjamin\AppData\Local\Mozilla
[18/09/2009|18:20] C:\Users\Benjamin\AppData\Local\O&O
[11/09/2009|16:31] C:\Users\Benjamin\AppData\Local\Power2Go
[11/10/2009|20:41] C:\Users\Benjamin\AppData\Local\PunkBuster
[05/11/2009|23:47] C:\Users\Benjamin\AppData\Local\PUTTY.RND
[03/11/2009|12:30] C:\Users\Benjamin\AppData\Local\Rockstar Games
[27/12/2009|12:23] C:\Users\Benjamin\AppData\Local\temp
[11/09/2009|16:19] C:\Users\Benjamin\AppData\Local\Temporary Internet Files
[21/10/2009|17:36] C:\Users\Benjamin\AppData\Local\VirtualStore

--------------------\\ Tâches planifiées dans C:\Windows\tasks

[24/12/2009 23:58][--a------] C:\Windows\tasks\Spybot - Search & Destroy - Scheduled Task.job
[27/12/2009 12:11][--a------] C:\Windows\tasks\Maintenance en 1 clic.job
[27/12/2009 12:10][--a------] C:\Windows\tasks\GlaryInitialize.job
[27/12/2009 12:10][--ah-----] C:\Windows\tasks\SA.DAT
[26/12/2009 11:35][--a------] C:\Windows\tasks\SCHEDLGU.TXT

--------------------\\ Listing des dossiers dans C:\ProgramData

[12/09/2009|00:02] C:\ProgramData\{0691F710-1ECA-4B5A-9727-25554F1BFDC6}
[19/09/2009|12:23] C:\ProgramData\{55A29068-F2CE-456C-9148-C869879E2357}
[14/07/2009|06:03] C:\ProgramData\{623D32E9-0C62-4453-AD44-98B31F52A5E1}
[11/09/2009|16:22] C:\ProgramData\Adobe
[02/11/2006|14:02] C:\ProgramData\Application Data
[11/09/2009|17:24] C:\ProgramData\ASUS
[14/07/2009|06:46] C:\ProgramData\Atheros
[25/12/2009|10:10] C:\ProgramData\Avira
[24/09/2009|23:02] C:\ProgramData\Azureus
[08/10/2009|16:00] C:\ProgramData\Blizzard
[04/10/2009|14:48] C:\ProgramData\Electronic Arts
[02/11/2006|14:02] C:\ProgramData\Favorites
[20/10/2009|06:10] C:\ProgramData\Film Curb Part
[25/09/2009|14:31] C:\ProgramData\KONAMI
[11/09/2009|17:42] C:\ProgramData\LightScribe
[11/09/2009|22:29] C:\ProgramData\Malwarebytes
[01/10/2009|17:20] C:\ProgramData\Messenger Plus!
[22/10/2009|16:41] C:\ProgramData\Microsoft
[10/12/2009|07:45] C:\ProgramData\Microsoft Help
[11/09/2009|17:01] C:\ProgramData\Norton
[14/07/2009|06:09] C:\ProgramData\NortonInstaller
[14/09/2009|18:37] C:\ProgramData\ntuser.pol
[20/11/2009|07:32] C:\ProgramData\NVIDIA
[27/12/2009|12:11] C:\ProgramData\nvModes.001
[27/12/2009|12:11] C:\ProgramData\nvModes.dat
[19/09/2009|11:33] C:\ProgramData\P4G
[11/09/2009|17:54] C:\ProgramData\Pinnacle
[20/10/2009|06:10] C:\ProgramData\Proc defy window jugs
[25/12/2009|10:22] C:\ProgramData\Spybot - Search & Destroy
[02/11/2006|14:02] C:\ProgramData\Start Menu
[25/12/2009|03:02] C:\ProgramData\sysReserve.ini
[14/07/2009|06:08] C:\ProgramData\Temp
[02/11/2006|14:02] C:\ProgramData\Templates
[19/09/2009|12:23] C:\ProgramData\TuneUp Software
[11/09/2009|17:58] C:\ProgramData\VideoSpin

--------------------\\ Listing des dossiers dans C:\Program Files

[14/07/2009|06:03] C:\Program Files\Activation Assistant for the 2007 Microsoft Office suites
[03/10/2009|17:55] C:\Program Files\ActiveX Control Pad
[11/10/2009|19:31] C:\Program Files\Activision
[11/09/2009|16:22] C:\Program Files\Adobe
[18/11/2009|19:40] C:\Program Files\AGEIA Technologies
[12/09/2009|10:36] C:\Program Files\Ashampoo
[11/09/2009|21:00] C:\Program Files\ASUS
[14/07/2009|06:46] C:\Program Files\Atheros
[14/07/2009|06:39] C:\Program Files\ATKGFNEX
[26/09/2009|21:46] C:\Program Files\Auslogics
[25/12/2009|10:10] C:\Program Files\Avira
[11/09/2009|23:39] C:\Program Files\AviSynth 2.5
[11/09/2009|22:26] C:\Program Files\CCleaner
[14/07/2009|06:45] C:\Program Files\Cisco
[11/09/2009|18:09] C:\Program Files\CodeStuff
[26/12/2009|00:25] C:\Program Files\Common Files
[24/09/2009|18:55] C:\Program Files\Counter-Strike 2D
[16/10/2009|19:46] C:\Program Files\Counter-Strike Source
[11/09/2009|17:11] C:\Program Files\CyberLink
[11/09/2009|18:16] C:\Program Files\DAEMON Tools Lite
[14/07/2009|07:10] C:\Program Files\Downloaded Installations
[21/11/2009|19:49] C:\Program Files\Eidos
[13/10/2009|11:35] C:\Program Files\Electronic Arts
[11/09/2009|18:09] C:\Program Files\eRightSoft
[25/12/2009|10:07] C:\Program Files\ESET
[20/10/2009|06:09] C:\Program Files\Film Curb Part
[06/12/2009|14:54] C:\Program Files\GIMP-2.0
[19/09/2009|11:33] C:\Program Files\Glary Utilities
[11/09/2009|18:13] C:\Program Files\Google
[01/11/2009|19:35] C:\Program Files\HTTP-Tunnel
[22/11/2009|00:47] C:\Program Files\InstallShield Installation Information
[14/07/2009|06:20] C:\Program Files\Intel
[10/12/2009|07:46] C:\Program Files\Internet Explorer
[11/11/2009|15:39] C:\Program Files\Java
[25/09/2009|14:20] C:\Program Files\KONAMI
[06/11/2009|21:21] C:\Program Files\Lavalys
[25/12/2009|20:45] C:\Program Files\List_Kill'em
[25/12/2009|21:13] C:\Program Files\Malwarebytes' Anti-Malware
[08/11/2009|11:15] C:\Program Files\Messenger Plus! Live
[11/10/2009|14:46] C:\Program Files\Microsoft
[25/10/2009|18:02] C:\Program Files\Microsoft Games
[03/10/2009|21:14] C:\Program Files\Microsoft Games for Windows - LIVE
[14/07/2009|06:01] C:\Program Files\Microsoft Office
[11/10/2009|14:50] C:\Program Files\Microsoft Office Outlook Connector
[11/09/2009|18:33] C:\Program Files\Microsoft Silverlight
[11/09/2009|16:25] C:\Program Files\Microsoft SQL Server Compact Edition
[14/07/2009|06:01] C:\Program Files\Microsoft Visual Studio
[12/09/2009|09:08] C:\Program Files\Microsoft Visual Studio 8
[10/10/2009|17:58] C:\Program Files\Microsoft Windows 7 Upgrade Advisor
[12/09/2009|09:16] C:\Program Files\Microsoft Works
[14/07/2009|06:01] C:\Program Files\Microsoft.NET
[20/09/2009|13:16] C:\Program Files\Movie Maker
[27/12/2009|12:11] C:\Program Files\Mozilla Firefox
[12/09/2009|09:12] C:\Program Files\MSBuild
[13/09/2009|09:47] C:\Program Files\MSXML 4.0
[11/11/2009|15:52] C:\Program Files\NetBeans 6.7.1
[01/11/2009|19:34] C:\Program Files\OpenSSH
[14/07/2009|07:09] C:\Program Files\P4G
[11/09/2009|17:58] C:\Program Files\Pinnacle
[02/10/2009|19:23] C:\Program Files\Project64 1.6
[14/07/2009|07:03] C:\Program Files\Realtek
[02/11/2006|13:37] C:\Program Files\Reference Assemblies
[21/09/2009|17:48] C:\Program Files\RobotProg
[02/11/2009|20:38] C:\Program Files\Rockstar Games
[11/11/2009|15:55] C:\Program Files\sges-v3-prelude
[02/11/2009|20:32] C:\Program Files\SocksCapV2
[19/09/2009|11:42] C:\Program Files\splus
[02/10/2009|06:07] C:\Program Files\Spybot - Search & Destroy
[26/12/2009|09:50] C:\Program Files\Steam
[11/11/2009|15:41] C:\Program Files\Sun
[14/07/2009|07:07] C:\Program Files\Synaptics
[13/12/2009|22:58] C:\Program Files\Teamspeak2_RC2
[14/07/2009|07:04] C:\Program Files\Temp
[25/09/2009|21:49] C:\Program Files\Thrustmaster
[25/12/2009|22:50] C:\Program Files\trend micro
[19/09/2009|12:24] C:\Program Files\TuneUp Utilities 2009
[02/11/2006|14:01] C:\Program Files\Uninstall Information
[25/09/2009|23:30] C:\Program Files\UT2004
[11/09/2009|21:42] C:\Program Files\VideoLAN
[28/10/2009|11:16] C:\Program Files\Volition Inc
[24/09/2009|23:01] C:\Program Files\Vuze
[20/09/2009|13:16] C:\Program Files\Windows Calendar
[20/09/2009|13:16] C:\Program Files\Windows Collaboration
[20/09/2009|13:16] C:\Program Files\Windows Defender
[20/09/2009|13:16] C:\Program Files\Windows Journal
[11/10/2009|14:50] C:\Program Files\Windows Live
[11/09/2009|16:24] C:\Program Files\Windows Live SkyDrive
[10/12/2009|07:46] C:\Program Files\Windows Mail
[28/10/2009|16:18] C:\Program Files\Windows Media Player
[02/11/2006|13:37] C:\Program Files\Windows NT
[20/09/2009|13:16] C:\Program Files\Windows Photo Gallery
[28/10/2009|16:18] C:\Program Files\Windows Portable Devices
[20/09/2009|13:16] C:\Program Files\Windows Sidebar
[11/09/2009|22:27] C:\Program Files\WinRAR
[14/07/2009|07:05] C:\Program Files\Wireless Console 2
[04/10/2009|00:01] C:\Program Files\Wondershare
[15/11/2009|14:15] C:\Program Files\WowCartographe

--------------------\\ Listing des dossiers dans C:\Program Files\Common Files

[11/09/2009|16:22] C:\Program Files\Common Files\Adobe
[08/10/2009|22:31] C:\Program Files\Common Files\Blizzard Entertainment
[14/07/2009|06:01] C:\Program Files\Common Files\DESIGNER
[11/09/2009|23:45] C:\Program Files\Common Files\InstallShield
[14/07/2009|06:08] C:\Program Files\Common Files\LightScribe
[10/10/2009|22:04] C:\Program Files\Common Files\Microsoft Games
[04/10/2009|10:38] C:\Program Files\Common Files\microsoft shared
[11/09/2009|17:49] C:\Program Files\Common Files\PX Storage Engine
[02/11/2006|12:18] C:\Program Files\Common Files\Services
[02/11/2006|12:18] C:\Program Files\Common Files\SpeechEngines
[31/10/2009|12:59] C:\Program Files\Common Files\Steam
[20/09/2009|13:16] C:\Program Files\Common Files\System
[11/09/2009|16:23] C:\Program Files\Common Files\Windows Live
[21/11/2009|20:14] C:\Program Files\Common Files\Wise Installation Wizard
[11/09/2009|17:58] C:\Program Files\Common Files\Yahoo!

--------------------\\ Process

( 67 Processes )

... OK !

--------------------\\ Recherche avec S_Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Recherche de Fichiers / Dossiers Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Verification du Registre

..... OK !

--------------------\\ Verification du fichier Hosts

Fichier Hosts PROPRE


--------------------\\ Recherche de fichiers avec Catchme

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-12-27 12:26:39
Windows 6.0.6002 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0

--------------------\\ Recherche d'autres infections

--------------------\\ Cracks & Keygens ..

C:\Users\Benjamin\Documents\ophcrack-xp-livecd-2.1.0.iso
C:\Users\Benjamin\logiciels\Ashampoo Burning Studio 9.05\CK\Keygen 1.exe
C:\Users\Benjamin\logiciels\Fruity Loops 7 fullrar\Crack
C:\Users\Benjamin\logiciels\Fruity Loops 7 fullrar\Crack\crack.exe


[F:1][D:3]-> C:\Users\Benjamin\AppData\Local\Temp
[F:22][D:1]-> C:\Users\Benjamin\AppData\Roaming\MICROS~1\Windows\Cookies
[F:84][D:4]-> C:\Users\Benjamin\AppData\Local\MICROS~1\Windows\TEMPOR~1\content.IE5
[F:3][D:2]-> C:\$Recycle.Bin

1 - "C:\Lop SD\LopR_1.txt" - 21/10/2009|12:58 - Option : [1]
2 - "C:\Lop SD\LopR_2.txt" - 21/10/2009|13:27 - Option : [2]
3 - "C:\Lop SD\LopR_3.txt" - 14/11/2009|14:35 - Option : [1]
4 - "C:\Lop SD\LopR_4.txt" - 14/11/2009|14:48 - Option : [2]
5 - "C:\Lop SD\LopR_5.txt" - 15/11/2009|11:31 - Option : [1]
6 - "C:\Lop SD\LopR_6.txt" - 15/11/2009|12:22 - Option : [2]
7 - "C:\Lop SD\LopR_7.txt" - 27/12/2009|12:28 - Option : [1]

--------------------\\ Fin du rapport a 12:28:47
[ UAC => 1 ]
0
Réponse 46 / 61
Utilisateur anonyme
27 déc. 2009 à 13:23
Refais un RSIT stp


a+
0
Réponse 47 / 61
Utilisateur anonyme
27 déc. 2009 à 15:58
attends lop SD a raté quelque chose :

▶ Double-clique sur le raccourci Lop S&D présent sur le Bureau,

▶ Sélectionne entièrement ci-dessous , puis clic droit et choisir Copier

C:\ProgramData\Proc defy window jugs

▶ Relance Lop S&D

▶ Choisis Option 4 : LopScript

▶ Une page blanche va s'ouvrir , clic droit dessus et choisir Coller

▶ Ferme la page , il sera demandé de l'enregistrer , cliquer sur [Enregistrer]

▶ A l'issue du scan, le bloc notes va s'ouvrir avec le résultat de la recherche, copie - colle les résultats a ta prochaine réponse.

0
Réponse 48 / 61
karhott Messages postés 33 Date d'inscription mercredi 23 juillet 2008 Statut Membre Dernière intervention 28 décembre 2009
27 déc. 2009 à 17:08
--------------------\\ Lop S&D 4.2.5-0 XP/Vista

Microsoft® Windows Vista™ Édition Familiale Premium ( v6.0.6002 ) Service Pack 2
X86-based PC ( Multiprocessor Free : Intel(R) Core(TM)2 Duo CPU T5900 @ 2.20GHz )
BIOS : Default System BIOS
USER : Benjamin ( Administrator )
BOOT : Normal boot
C:\ (Local Disk) - NTFS - Total:182 Go (Free:34 Go)
D:\ (Local Disk) - NTFS - Total:271 Go (Free:177 Go)
E:\ (CD or DVD)
G:\ (CD or DVD)

"C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
Option : [4] ( 27/12/2009|16:53 )

[ UAC => 0 ]

\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ Lop Script

C:\ProgramData\Proc defy window jugs


\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION

Supprime! - C:\ProgramData\Proc defy window jugs

\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\


--------------------\\ Listing des dossiers dans Local

[04/10/2009|13:25] C:\Users\Benjamin\AppData\Local\Activision
[11/09/2009|17:14] C:\Users\Benjamin\AppData\Local\Adobe
[11/09/2009|16:19] C:\Users\Benjamin\AppData\Local\Application Data
[11/09/2009|17:24] C:\Users\Benjamin\AppData\Local\ASUS
[19/12/2009|01:01] C:\Users\Benjamin\AppData\Local\d3d9caps.dat
[27/12/2009|14:55] C:\Users\Benjamin\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[11/09/2009|23:45] C:\Users\Benjamin\AppData\Local\Downloaded Installations
[12/09/2009|12:05] C:\Users\Benjamin\AppData\Local\Electronic Arts
[25/09/2009|21:54] C:\Users\Benjamin\AppData\Local\GDIPFONTCACHEV1.DAT
[11/09/2009|17:49] C:\Users\Benjamin\AppData\Local\Google
[11/09/2009|16:19] C:\Users\Benjamin\AppData\Local\Historique
[27/12/2009|16:49] C:\Users\Benjamin\AppData\Local\IconCache.db
[25/12/2009|09:48] C:\Users\Benjamin\AppData\Local\Microsoft
[10/10/2009|17:58] C:\Users\Benjamin\AppData\Local\Microsoft Corporation
[05/11/2009|11:00] C:\Users\Benjamin\AppData\Local\Microsoft Games
[12/09/2009|09:08] C:\Users\Benjamin\AppData\Local\Microsoft Help
[11/09/2009|18:07] C:\Users\Benjamin\AppData\Local\Mozilla
[18/09/2009|18:20] C:\Users\Benjamin\AppData\Local\O&O
[11/09/2009|16:31] C:\Users\Benjamin\AppData\Local\Power2Go
[11/10/2009|20:41] C:\Users\Benjamin\AppData\Local\PunkBuster
[05/11/2009|23:47] C:\Users\Benjamin\AppData\Local\PUTTY.RND
[03/11/2009|12:30] C:\Users\Benjamin\AppData\Local\Rockstar Games
[27/12/2009|16:53] C:\Users\Benjamin\AppData\Local\temp
[11/09/2009|16:19] C:\Users\Benjamin\AppData\Local\Temporary Internet Files
[21/10/2009|17:36] C:\Users\Benjamin\AppData\Local\VirtualStore

--------------------\\ Tâches planifiées dans C:\Windows\tasks

[24/12/2009 23:58][--a------] C:\Windows\tasks\Spybot - Search & Destroy - Scheduled Task.job
[27/12/2009 16:50][--a------] C:\Windows\tasks\Maintenance en 1 clic.job
[27/12/2009 16:50][--a------] C:\Windows\tasks\GlaryInitialize.job
[27/12/2009 16:50][--ah-----] C:\Windows\tasks\SA.DAT
[27/12/2009 16:49][--a------] C:\Windows\tasks\SCHEDLGU.TXT

--------------------\\ Listing des dossiers dans C:\ProgramData

[12/09/2009|00:02] C:\ProgramData\{0691F710-1ECA-4B5A-9727-25554F1BFDC6}
[19/09/2009|12:23] C:\ProgramData\{55A29068-F2CE-456C-9148-C869879E2357}
[14/07/2009|06:03] C:\ProgramData\{623D32E9-0C62-4453-AD44-98B31F52A5E1}
[11/09/2009|16:22] C:\ProgramData\Adobe
[02/11/2006|14:02] C:\ProgramData\Application Data
[11/09/2009|17:24] C:\ProgramData\ASUS
[14/07/2009|06:46] C:\ProgramData\Atheros
[25/12/2009|10:10] C:\ProgramData\Avira
[24/09/2009|23:02] C:\ProgramData\Azureus
[08/10/2009|16:00] C:\ProgramData\Blizzard
[04/10/2009|14:48] C:\ProgramData\Electronic Arts
[02/11/2006|14:02] C:\ProgramData\Favorites
[20/10/2009|06:10] C:\ProgramData\Film Curb Part
[25/09/2009|14:31] C:\ProgramData\KONAMI
[11/09/2009|17:42] C:\ProgramData\LightScribe
[11/09/2009|22:29] C:\ProgramData\Malwarebytes
[01/10/2009|17:20] C:\ProgramData\Messenger Plus!
[22/10/2009|16:41] C:\ProgramData\Microsoft
[10/12/2009|07:45] C:\ProgramData\Microsoft Help
[11/09/2009|17:01] C:\ProgramData\Norton
[14/07/2009|06:09] C:\ProgramData\NortonInstaller
[14/09/2009|18:37] C:\ProgramData\ntuser.pol
[20/11/2009|07:32] C:\ProgramData\NVIDIA
[27/12/2009|16:50] C:\ProgramData\nvModes.001
[27/12/2009|16:50] C:\ProgramData\nvModes.dat
[19/09/2009|11:33] C:\ProgramData\P4G
[11/09/2009|17:54] C:\ProgramData\Pinnacle
[25/12/2009|10:22] C:\ProgramData\Spybot - Search & Destroy
[02/11/2006|14:02] C:\ProgramData\Start Menu
[25/12/2009|03:02] C:\ProgramData\sysReserve.ini
[14/07/2009|06:08] C:\ProgramData\Temp
[02/11/2006|14:02] C:\ProgramData\Templates
[19/09/2009|12:23] C:\ProgramData\TuneUp Software
[11/09/2009|17:58] C:\ProgramData\VideoSpin

--------------------\\ Listing des dossiers dans C:\Program Files

[14/07/2009|06:03] C:\Program Files\Activation Assistant for the 2007 Microsoft Office suites
[03/10/2009|17:55] C:\Program Files\ActiveX Control Pad
[11/10/2009|19:31] C:\Program Files\Activision
[11/09/2009|16:22] C:\Program Files\Adobe
[18/11/2009|19:40] C:\Program Files\AGEIA Technologies
[12/09/2009|10:36] C:\Program Files\Ashampoo
[11/09/2009|21:00] C:\Program Files\ASUS
[14/07/2009|06:46] C:\Program Files\Atheros
[14/07/2009|06:39] C:\Program Files\ATKGFNEX
[26/09/2009|21:46] C:\Program Files\Auslogics
[25/12/2009|10:10] C:\Program Files\Avira
[11/09/2009|23:39] C:\Program Files\AviSynth 2.5
[11/09/2009|22:26] C:\Program Files\CCleaner
[14/07/2009|06:45] C:\Program Files\Cisco
[11/09/2009|18:09] C:\Program Files\CodeStuff
[26/12/2009|00:25] C:\Program Files\Common Files
[24/09/2009|18:55] C:\Program Files\Counter-Strike 2D
[16/10/2009|19:46] C:\Program Files\Counter-Strike Source
[11/09/2009|17:11] C:\Program Files\CyberLink
[11/09/2009|18:16] C:\Program Files\DAEMON Tools Lite
[14/07/2009|07:10] C:\Program Files\Downloaded Installations
[21/11/2009|19:49] C:\Program Files\Eidos
[13/10/2009|11:35] C:\Program Files\Electronic Arts
[11/09/2009|18:09] C:\Program Files\eRightSoft
[25/12/2009|10:07] C:\Program Files\ESET
[20/10/2009|06:09] C:\Program Files\Film Curb Part
[06/12/2009|14:54] C:\Program Files\GIMP-2.0
[19/09/2009|11:33] C:\Program Files\Glary Utilities
[11/09/2009|18:13] C:\Program Files\Google
[01/11/2009|19:35] C:\Program Files\HTTP-Tunnel
[22/11/2009|00:47] C:\Program Files\InstallShield Installation Information
[14/07/2009|06:20] C:\Program Files\Intel
[10/12/2009|07:46] C:\Program Files\Internet Explorer
[11/11/2009|15:39] C:\Program Files\Java
[25/09/2009|14:20] C:\Program Files\KONAMI
[06/11/2009|21:21] C:\Program Files\Lavalys
[25/12/2009|20:45] C:\Program Files\List_Kill'em
[25/12/2009|21:13] C:\Program Files\Malwarebytes' Anti-Malware
[08/11/2009|11:15] C:\Program Files\Messenger Plus! Live
[11/10/2009|14:46] C:\Program Files\Microsoft
[25/10/2009|18:02] C:\Program Files\Microsoft Games
[03/10/2009|21:14] C:\Program Files\Microsoft Games for Windows - LIVE
[14/07/2009|06:01] C:\Program Files\Microsoft Office
[11/10/2009|14:50] C:\Program Files\Microsoft Office Outlook Connector
[11/09/2009|18:33] C:\Program Files\Microsoft Silverlight
[11/09/2009|16:25] C:\Program Files\Microsoft SQL Server Compact Edition
[14/07/2009|06:01] C:\Program Files\Microsoft Visual Studio
[12/09/2009|09:08] C:\Program Files\Microsoft Visual Studio 8
[10/10/2009|17:58] C:\Program Files\Microsoft Windows 7 Upgrade Advisor
[12/09/2009|09:16] C:\Program Files\Microsoft Works
[14/07/2009|06:01] C:\Program Files\Microsoft.NET
[20/09/2009|13:16] C:\Program Files\Movie Maker
[27/12/2009|16:50] C:\Program Files\Mozilla Firefox
[12/09/2009|09:12] C:\Program Files\MSBuild
[13/09/2009|09:47] C:\Program Files\MSXML 4.0
[11/11/2009|15:52] C:\Program Files\NetBeans 6.7.1
[01/11/2009|19:34] C:\Program Files\OpenSSH
[14/07/2009|07:09] C:\Program Files\P4G
[11/09/2009|17:58] C:\Program Files\Pinnacle
[02/10/2009|19:23] C:\Program Files\Project64 1.6
[14/07/2009|07:03] C:\Program Files\Realtek
[02/11/2006|13:37] C:\Program Files\Reference Assemblies
[21/09/2009|17:48] C:\Program Files\RobotProg
[02/11/2009|20:38] C:\Program Files\Rockstar Games
[11/11/2009|15:55] C:\Program Files\sges-v3-prelude
[02/11/2009|20:32] C:\Program Files\SocksCapV2
[19/09/2009|11:42] C:\Program Files\splus
[02/10/2009|06:07] C:\Program Files\Spybot - Search & Destroy
[26/12/2009|09:50] C:\Program Files\Steam
[11/11/2009|15:41] C:\Program Files\Sun
[14/07/2009|07:07] C:\Program Files\Synaptics
[13/12/2009|22:58] C:\Program Files\Teamspeak2_RC2
[14/07/2009|07:04] C:\Program Files\Temp
[25/09/2009|21:49] C:\Program Files\Thrustmaster
[25/12/2009|22:50] C:\Program Files\trend micro
[19/09/2009|12:24] C:\Program Files\TuneUp Utilities 2009
[02/11/2006|14:01] C:\Program Files\Uninstall Information
[25/09/2009|23:30] C:\Program Files\UT2004
[11/09/2009|21:42] C:\Program Files\VideoLAN
[28/10/2009|11:16] C:\Program Files\Volition Inc
[24/09/2009|23:01] C:\Program Files\Vuze
[20/09/2009|13:16] C:\Program Files\Windows Calendar
[20/09/2009|13:16] C:\Program Files\Windows Collaboration
[20/09/2009|13:16] C:\Program Files\Windows Defender
[20/09/2009|13:16] C:\Program Files\Windows Journal
[11/10/2009|14:50] C:\Program Files\Windows Live
[11/09/2009|16:24] C:\Program Files\Windows Live SkyDrive
[10/12/2009|07:46] C:\Program Files\Windows Mail
[28/10/2009|16:18] C:\Program Files\Windows Media Player
[02/11/2006|13:37] C:\Program Files\Windows NT
[20/09/2009|13:16] C:\Program Files\Windows Photo Gallery
[28/10/2009|16:18] C:\Program Files\Windows Portable Devices
[20/09/2009|13:16] C:\Program Files\Windows Sidebar
[11/09/2009|22:27] C:\Program Files\WinRAR
[14/07/2009|07:05] C:\Program Files\Wireless Console 2
[04/10/2009|00:01] C:\Program Files\Wondershare
[15/11/2009|14:15] C:\Program Files\WowCartographe

--------------------\\ Listing des dossiers dans C:\Program Files\Common Files

[11/09/2009|16:22] C:\Program Files\Common Files\Adobe
[08/10/2009|22:31] C:\Program Files\Common Files\Blizzard Entertainment
[14/07/2009|06:01] C:\Program Files\Common Files\DESIGNER
[11/09/2009|23:45] C:\Program Files\Common Files\InstallShield
[14/07/2009|06:08] C:\Program Files\Common Files\LightScribe
[10/10/2009|22:04] C:\Program Files\Common Files\Microsoft Games
[04/10/2009|10:38] C:\Program Files\Common Files\microsoft shared
[11/09/2009|17:49] C:\Program Files\Common Files\PX Storage Engine
[02/11/2006|12:18] C:\Program Files\Common Files\Services
[02/11/2006|12:18] C:\Program Files\Common Files\SpeechEngines
[31/10/2009|12:59] C:\Program Files\Common Files\Steam
[20/09/2009|13:16] C:\Program Files\Common Files\System
[11/09/2009|16:23] C:\Program Files\Common Files\Windows Live
[21/11/2009|20:14] C:\Program Files\Common Files\Wise Installation Wizard
[11/09/2009|17:58] C:\Program Files\Common Files\Yahoo!

--------------------\\ Process

( 64 Processes )

... OK !

--------------------\\ Recherche avec S_Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Recherche de Fichiers / Dossiers Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Verification du Registre

..... OK !

--------------------\\ Verification du fichier Hosts

Fichier Hosts PROPRE


--------------------\\ Recherche de fichiers avec Catchme

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-12-27 16:54:08
Windows 6.0.6002 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0

--------------------\\ Recherche d'autres infections

--------------------\\ Cracks & Keygens ..

C:\Users\Benjamin\Documents\ophcrack-xp-livecd-2.1.0.iso
C:\Users\Benjamin\logiciels\Ashampoo Burning Studio 9.05\CK\Keygen 1.exe
C:\Users\Benjamin\logiciels\Fruity Loops 7 fullrar\Crack
C:\Users\Benjamin\logiciels\Fruity Loops 7 fullrar\Crack\crack.exe


[F:7][D:4]-> C:\Users\Benjamin\AppData\Local\Temp
[F:22][D:1]-> C:\Users\Benjamin\AppData\Roaming\MICROS~1\Windows\Cookies
[F:84][D:4]-> C:\Users\Benjamin\AppData\Local\MICROS~1\Windows\TEMPOR~1\content.IE5
[F:1][D:1]-> C:\$Recycle.Bin

1 - "C:\Lop SD\LopR_1.txt" - 21/10/2009|12:58 - Option : [1]
2 - "C:\Lop SD\LopR_2.txt" - 21/10/2009|13:27 - Option : [2]
3 - "C:\Lop SD\LopR_3.txt" - 14/11/2009|14:35 - Option : [1]
4 - "C:\Lop SD\LopR_4.txt" - 14/11/2009|14:48 - Option : [2]
5 - "C:\Lop SD\LopR_5.txt" - 15/11/2009|11:31 - Option : [1]
6 - "C:\Lop SD\LopR_6.txt" - 15/11/2009|12:22 - Option : [2]
7 - "C:\Lop SD\LopR_7.txt" - 27/12/2009|12:28 - Option : [1]
8 - "C:\Lop SD\LopR_8.txt" - 27/12/2009|16:55 - Option : [4]

--------------------\\ Fin du rapport a 16:55:54
[ UAC => 1 ]




merci a toi
0
Réponse 49 / 61
Utilisateur anonyme
27 déc. 2009 à 17:58
c'est un program à toi ca ?

C:\Program Files\Film Curb Part
0
Réponse 50 / 61
karhott Messages postés 33 Date d'inscription mercredi 23 juillet 2008 Statut Membre Dernière intervention 28 décembre 2009
27 déc. 2009 à 18:31
ah non pas du tout ca me dit rien
en plus c est un dossier "vide"
0
Réponse 51 / 61
Utilisateur anonyme
27 déc. 2009 à 20:41
ok supprime-le
0
Réponse 52 / 61
karhott Messages postés 33 Date d'inscription mercredi 23 juillet 2008 Statut Membre Dernière intervention 28 décembre 2009
27 déc. 2009 à 20:44
voila autre chose a faire?
0
Réponse 53 / 61
Utilisateur anonyme
27 déc. 2009 à 21:00
ok reprends ici maintenant :

https://forums.commentcamarche.net/forum/affich-15822724-probleme-centre-de-securite?page=3#47
0
Réponse 54 / 61
Utilisateur anonyme
27 déc. 2009 à 21:13
Salut Gen....

Merci pour l'intervention !

==> karhott --> post 47


a+
0
Réponse 55 / 61
karhott Messages postés 33 Date d'inscription mercredi 23 juillet 2008 Statut Membre Dernière intervention 28 décembre 2009
27 déc. 2009 à 21:39
voila


Logfile of random's system information tool 1.06 (written by random/random)
Run by Benjamin at 2009-12-27 21:05:25
Microsoft® Windows Vista™ Édition Familiale Premium Service Pack 2
System drive C: has 35 GB (19%) free of 187 GB
Total RAM: 3070 MB (62% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:05:41, on 27/12/2009
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18865)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\ASUS\SmartLogon\sensorsrv.exe
C:\Program Files\ASUS\ASUS Live Update\ALU.exe
C:\Program files\P4G\BatteryLife.exe
C:\Program Files\ASUS\ATKOSD2\ATKOSD2.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\AsScrPro.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\conime.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\VideoLAN\VLC\vlc.exe
F:\RSIT.exe
C:\Program Files\trend micro\Benjamin.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [ATKOSD2] C:\Program Files\ASUS\ATKOSD2\ATKOSD2.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [ASUS Screen Saver Protector] C:\Windows\AsScrPro.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O23 - Service: ADSM Service (ADSMService) - ASUSTek Computer Inc. - C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe
O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: ASLDR Service (ASLDRService) - Unknown owner - C:\Program Files\ASUS\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - Unknown owner - C:\Program Files\ATKGFNEX\GFNEXSrv.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Norton Internet Security - Unknown owner - C:\Program Files\Norton Internet Security\Engine\16.0.0.125\ccSvcHst.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: OpenSSH Server (OpenSSHd) - Unknown owner - C:\Program Files\OpenSSH\bin\cygrunsrv.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: Remote Procedure Call (RPC) Net (rpcnet) - Absolute Software Corp. - C:\Windows\system32\rpcnet.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\System32\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software - C:\Windows\System32\TuneUpDefragService.exe
O23 - Service: @%SystemRoot%\System32\TUProgSt.exe,-1 (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:\Windows\System32\TUProgSt.exe
0
Réponse 56 / 61
Utilisateur anonyme
27 déc. 2009 à 22:02
Désinstalles les traces de Norton qui restent sur ton pc avec cet utilitaire:
http://service1.symantec.com/SUPPORT/INTER/tsgeninfointl.nsf/fr_docid/20050414110429924

Pour desinstaller les outils utilisés

Telecharge ToolsCleaner2--> http://pc-system.fr/
-Une fois téléchargé, installe-le et lance-le
-Clique sur Recherche et laisse le scan se terminer
-Clique sur SUPPRESSION
-Clique sur Quitter pour que le rapport puisse se créer
-Poste moi le rapport se trouvant ici--> C:\TCleaner.txt


puis

---> Télécharge et installe CCleaner (N'installe pas la Yahoo Toolbar) :
https://www.01net.com/telecharger/windows/Utilitaire/nettoyeurs_et_installeurs/fiches/32599.html

* Lance-le. Va dans Options puis Avancé et décoche la case Effacer uniquement les fichiers etc....
* Va dans Nettoyeur, choisis Analyse. Une fois terminé, lance le nettoyage.
* Ensuite, choisis Registre, puis Chercher des erreurs. Une fois terminé, répare toutes les erreurs tant de fois qu il en trouve a l analyse(Sauvegarde la base de registre).
* Décoche la case plus vieux que 24 h

TRES IMPORTANT:

---> Il est nécessaire de désactiver,redémarrer puis réactiver la restauration système pour la purger :
XP:
https://www.tayo.fr/desactiver-restauration-systeme-sur-windows-xp-tutoriel.php
VISTA:
https://www.tayo.fr/desactiver-restauration-windows-vista-tutoriel.php

---> Je te conseille de créer un point de restauration que tu pourras utiliser plus tard si tu as un problème :
https://www.vulgarisation-informatique.com/creer-point-restauration.php


---> Changes le statut de ce topic :
et mets le en "résolu"
https://www.commentcamarche.net/infos/25917-marquer-un-fil-de-discussion-comme-etant-resolu/


a+








0
Réponse 57 / 61
karhott Messages postés 33 Date d'inscription mercredi 23 juillet 2008 Statut Membre Dernière intervention 28 décembre 2009
28 déc. 2009 à 00:11
ca m a mis impossible de créer le fichier C:\TCleaner.txt
0
Réponse 58 / 61
Utilisateur anonyme
28 déc. 2009 à 01:46
il faut le lancer en clic droit en tant qu'administrateur"
0
Réponse 59 / 61
karhott Messages postés 33 Date d'inscription mercredi 23 juillet 2008 Statut Membre Dernière intervention 28 décembre 2009
28 déc. 2009 à 13:08
[ Rapport ToolsCleaner version 2.3.11 (par A.Rothstein & dj QUIOU) ]

--> Recherche:

C:\Combofix.txt: trouvé !
C:\lopR.txt: trouvé !
C:\UsbFix.txt: trouvé !
C:\UsbFix: trouvé !
C:\Program Files\trend micro\HijackThis.exe: trouvé !
C:\Program Files\trend micro\hijackthis.log: trouvé !
C:\Windows\mbr.exe: trouvé !

---------------------------------
--> Suppression:

C:\Program Files\trend micro\HijackThis.exe: supprimé !
C:\Combofix.txt: supprimé !
C:\lopR.txt: supprimé !
C:\UsbFix.txt: supprimé !
C:\Program Files\trend micro\hijackthis.log: supprimé !
C:\Windows\mbr.exe: supprimé !
C:\UsbFix: supprimé !



je passe a ccleaner maintenant
0
Réponse 60 / 61
Utilisateur anonyme
28 déc. 2009 à 13:40
;)
0

Discussions similaires

Sécurité de l'URL
ghaouar -
fiddy -

2 réponses
La nouvelle messagerie du Boncoin....
Utilisateur anonyme -
Madabatro -

69 réponses
comment lire un message masqué????
linx33 -
linx33 -

6 réponses
Comment cacher ou masquer une URL
Jean-Pierre G -
Ahahaaa -

33 réponses
Que signifie arrivé au centre de transport de départ ?
AlphaFurryWolf -
baladur13 -

3 réponses