Insecure Internet activity. (sous vista )

xa -  
 juliette -
Bonjour,

Toutd'abod merci de votre aide.

Voila, j'ai un tout nouveau pc avec vista et norton internet security en version démo de 90 jours.
Noton est à jour.

Depuis ce matin, je tente de me connecter sur internet avec internet explorer 7, mais j'ai toujous un message qui apparait "Insecure Internet activity. Threat of virus attack" .......

qui peut m'aide?

merci.
Configuration: Windows Vista
Internet Explorer 7.0

2 réponses

  1. xa
     
    J'ai redémarré mon pc en mode sans échec, puis j'ai lancé combofix aprés l'avoir renommé killer.

    voici le rapport de combo:

    ComboFix 08-05-21.3 - javier 2008-05-24 14:41:18.1 - NTFSx86 NETWORK
    Microsoft® Windows Vista™ Édition Familiale Premium 6.0.6000.0.1252.1.1036.18.2671 [GMT 2:00]
    Endroit: C:\Users\javier\Downloads\killer.exe
    .

    (((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
    .

    C:\Program Files\Google\googletoolbar1.dll
    C:\Windows\gktxaspm.dll
    C:\Windows\gnowmebk.dll
    C:\Windows\nldfmtapefs.dll
    C:\Windows\pxgdslro.dll
    C:\Windows\system32\hgGabXPi.dll

    .
    ((((((((((((((((((((((((((((( Fichiers créés 2008-04-24 to 2008-05-24 ))))))))))))))))))))))))))))))))))))
    .

    Pas de nouveau fichier créé dans cet espace de temps

    .
    (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2008-05-24 12:41 --------- d-----w C:\Program Files\Google
    2008-05-24 12:17 --------- d-----w C:\PROGRA~2\Google Updater
    2008-05-24 10:23 --------- d-----w C:\Program Files\Norton Internet Security
    2008-05-24 10:23 --------- d-----w C:\Program Files\Common Files\Symantec Shared
    2008-05-24 10:19 805 ----a-w C:\Windows\system32\drivers\SYMEVENT.INF
    2008-05-24 10:19 123,952 ----a-w C:\Windows\system32\drivers\SYMEVENT.SYS
    2008-05-24 10:19 10,740 ----a-w C:\Windows\system32\drivers\SYMEVENT.CAT
    2008-05-24 10:19 --------- d-----w C:\Program Files\Symantec
    2008-05-24 10:19 --------- d-----w C:\PROGRA~2\Symantec
    2008-05-23 23:22 --------- d-----w C:\Users\javier\AppData\Roaming\Symantec
    2008-05-23 23:16 66,128,472 ----a-w C:\Windows\nis081500_yho.exe
    2008-05-23 23:14 --------- d-----w C:\Users\javier\AppData\Roaming\uTorrent
    2008-05-23 23:05 --------- d-----w C:\Program Files\Windows Live Toolbar
    2008-05-23 18:51 81,920 ----a-w C:\Windows\mdtgkswr.exe
    2008-05-23 18:50 94,208 ----a-w C:\Windows\eope.exe
    2008-05-23 17:28 --------- d-----w C:\PROGRA~2\avg8
    2008-05-23 09:47 27,430 ----a-w C:\Users\javier\AppData\Roaming\nvModes.dat
    2008-05-21 06:54 --------- d-----w C:\Program Files\AVG
    2008-05-21 06:36 --------- d-----w C:\Program Files\uTorrent
    2008-05-20 19:21 --------- d-----w C:\PROGRA~2\Kaspersky Lab Setup Files
    2008-05-20 19:18 --------- d-----w C:\Users\javier\AppData\Roaming\U3
    2008-05-20 17:15 0 ----a-w C:\Users\javier\AppData\Roaming\wklnhst.dat
    2008-05-20 16:20 --------- d-----w C:\Program Files\Windows Mail
    2008-05-20 16:09 --------- d-----w C:\Users\javier\AppData\Roaming\CyberLink
    2008-05-20 16:04 --------- d-----w C:\PROGRA~2\Microsoft Help
    2008-05-20 16:02 41,984 ----a-w C:\Windows\system32\drivers\monitor.sys
    2008-05-20 16:02 1,061,944 ----a-w C:\Windows\system32\drivers\ntfs.sys
    2008-05-20 16:01 537,600 ----a-w C:\Windows\AppPatch\AcLayers.dll
    2008-05-20 16:01 449,536 ----a-w C:\Windows\AppPatch\AcSpecfc.dll
    2008-05-20 16:01 4,247,552 ----a-w C:\Windows\System32\GameUXLegacyGDFs.dll
    2008-05-20 16:01 2,560 ----a-w C:\Windows\AppPatch\AcRes.dll
    2008-05-20 16:01 2,144,256 ----a-w C:\Windows\AppPatch\AcGenral.dll
    2008-05-20 16:01 173,056 ----a-w C:\Windows\AppPatch\AcXtrnal.dll
    2008-05-20 16:01 1,686,528 ----a-w C:\Windows\System32\gameux.dll
    2008-05-20 15:54 1,244,672 ----a-w C:\Windows\System32\mcmde.dll
    2008-05-20 15:36 --------- d-----w C:\Program Files\Windows Live
    2008-05-20 15:28 --------- dcsh--w C:\Program Files\Common Files\WindowsLiveInstaller
    2008-05-20 15:11 --------- d-----w C:\PROGRA~2\WLInstaller
    2008-05-20 15:03 53,080 ----a-w C:\Windows\System32\wuauclt.exe
    2008-05-20 15:03 43,352 ----a-w C:\Windows\System32\wups2.dll
    2008-05-20 15:03 1,712,984 ----a-w C:\Windows\System32\wuaueng.dll
    2008-05-20 15:03 1,524,224 ----a-w C:\Windows\System32\wucltux.dll
    2008-05-20 15:02 80,896 ----a-w C:\Windows\System32\wudriver.dll
    2008-05-20 15:02 549,720 ----a-w C:\Windows\System32\wuapi.dll
    2008-05-20 15:02 33,624 ----a-w C:\Windows\System32\wups.dll
    2008-05-20 15:02 31,232 ----a-w C:\Windows\System32\wuapp.exe
    2008-05-20 15:02 163,000 ----a-w C:\Windows\System32\wuwebv.dll
    2008-05-20 14:37 --------- d-----w C:\Program Files\Activation Assistant for the 2007 Microsoft Office suites
    2008-05-20 14:37 --------- d-----w C:\PROGRA~2\{174892B1-CBE7-44F5-86FF-AB555EFD73A3}
    2008-05-20 14:36 --------- d-----w C:\Program Files\Microsoft Works
    2008-05-20 14:34 --------- d-----w C:\Program Files\Microsoft.NET
    2008-05-20 14:32 --------- d-----w C:\Program Files\Common Files\Ahead
    2008-05-20 14:31 --------- d-----w C:\Program Files\Nero
    2008-05-20 14:31 --------- d-----w C:\Program Files\Common Files\Adobe
    2008-05-20 14:31 --------- d-----w C:\PROGRA~2\Nero
    2008-05-08 03:11 --------- d-----w C:\PROGRA~2\NVIDIA
    2008-05-08 03:05 --------- d-----w C:\Program Files\Common Files\Fujitsu Siemens Computers
    2008-05-08 03:03 --------- d--h--w C:\Program Files\InstallShield Installation Information
    2008-05-08 03:03 --------- d-----w C:\Program Files\CyberLink
    2008-05-08 03:03 --------- d-----w C:\Program Files\Common Files\InstallShield
    2008-05-08 03:03 --------- d-----w C:\PROGRA~2\CyberLink
    2008-05-08 02:48 --------- d-----w C:\Program Files\MSXML 4.0
    2008-05-08 02:48 --------- d-----w C:\Program Files\C&E
    2008-05-08 02:47 --------- d-----w C:\Program Files\Motorola
    2008-05-08 02:41 --------- d-----w C:\Program Files\Windows Sidebar
    2008-05-08 02:39 296,448 ----a-w C:\Windows\System32\gdi32.dll
    2008-05-08 02:38 826,368 ----a-w C:\Windows\System32\wininet.dll
    2008-05-08 02:38 56,320 ----a-w C:\Windows\System32\iesetup.dll
    2008-05-08 02:38 52,736 ----a-w C:\Windows\AppPatch\iebrshim.dll
    2008-05-08 02:38 26,624 ----a-w C:\Windows\System32\ieUnatt.exe
    2008-05-08 02:37 24,064 ----a-w C:\Windows\System32\netcfg.exe
    2008-05-08 02:37 217,144 ----a-w C:\Windows\system32\drivers\netio.sys
    2008-05-08 02:35 11,776 ----a-w C:\Windows\System32\sbunattend.exe
    2008-05-08 02:34 2,048 ----a-w C:\Windows\System32\tzres.dll
    2008-05-08 02:33 84,992 ----a-w C:\Windows\system32\drivers\srvnet.sys
    2008-05-08 02:33 58,368 ----a-w C:\Windows\system32\drivers\mrxsmb20.sys
    2008-05-08 02:33 2,028,544 ----a-w C:\Windows\System32\win32k.sys
    2008-05-08 02:33 130,048 ----a-w C:\Windows\system32\drivers\srv2.sys
    2008-05-08 02:33 102,400 ----a-w C:\Windows\system32\drivers\mrxsmb.sys
    2008-05-08 02:32 9,728 ----a-w C:\Windows\System32\LAPRXY.DLL
    2008-05-08 02:32 223,232 ----a-w C:\Windows\System32\WMASF.DLL
    2008-05-08 02:32 2,048 ----a-w C:\Windows\System32\asferror.dll
    2008-05-08 02:32 1,327,104 ----a-w C:\Windows\System32\quartz.dll
    2008-05-08 02:23 174 --sha-w C:\Program Files\desktop.ini
    2007-11-03 10:13 22,040 ---h--w C:\Users\javier\AppData\Roaming\Google.dat
    .

    ------- Sigcheck -------

    .
    ((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    REGEDIT4
    *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
    "{2890C98D-5959-4A94-A6C2-C59E85462152}"= "C:\Windows\gktxaspm.dll" [ ]

    [HKEY_CLASSES_ROOT\clsid\{2890c98d-5959-4a94-a6c2-c59e85462152}]
    [HKEY_CLASSES_ROOT\gktxaspm.1]
    [HKEY_CLASSES_ROOT\TypeLib\{E84E3733-34F2-43F6-BD3A-5A4FD4D67848}]
    [HKEY_CLASSES_ROOT\gktxaspm]

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe" [2008-05-08 04:35 1232896]
    "WindowsWelcomeCenter"="oobefldr.dll" [2006-11-02 14:34 2159104 C:\Windows\System32\oobefldr.dll]
    "MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.exe" [2007-10-18 11:34 5724184]
    "ehTray.exe"="C:\Windows\ehome\ehTray.exe" [2006-11-02 14:35 125440]
    "WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [2006-11-02 14:36 201728]
    "swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-05-24 14:16 68856]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "NvSvc"="C:\Windows\system32\nvsvc.dll" [2007-07-19 01:31 86016]
    "NvCplDaemon"="C:\Windows\system32\NvCpl.dll" [2007-07-19 01:31 8466432]
    "NvMediaCenter"="C:\Windows\system32\NvMcTray.dll" [2007-07-19 01:31 81920]
    "RtHDVCpl"="RtHDVCpl.exe" [2007-05-10 17:10 4468736 C:\Windows\RtHDVCpl.exe]
    "SMSERIAL"="C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe" [2006-11-22 18:31 630784]
    "OSD"="C:\Program Files\C&E\OSD\osd.exe" [2007-09-21 01:32 561152]
    "recinfo317"="c:\RecInfo\RecInfo.exe" [2007-10-23 14:52 2764800]
    "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 22:16 39792]
    "NeroFilterCheck"="C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe" [2007-02-26 20:46 153136]
    "recinfo"="RecInfo.exe" []
    "ccApp"="C:\Program Files\Common Files\Symantec Shared\ccApp.exe" [2006-10-25 00:08 107112]
    "osCheck"="C:\Program Files\Norton Internet Security\osCheck.exe" [2006-10-27 02:18 22696]

    [hkey_local_machine\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
    "{663656DF-6BAE-460C-A612-8133DF519346}"= C:\Windows\system32\hgGabXPi.dll [ ]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
    "pxgdslro"= {E20323D1-FD7B-4DC9-9B62-C7E5AC28859E} - C:\Windows\pxgdslro.dll [ ]
    "gnowmebk"= {3B883702-7439-4B63-A358-18CF0042853F} - C:\Windows\gnowmebk.dll [ ]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
    "msacm.mkdmp3enc"= C:\PROGRA~1\CYBERL~1\PowerDV\Kernel\Burner\MKDMP3Enc.ACM

    [HKEY_LOCAL_MACHINE\software\microsoft\security center]
    "UacDisableNotify"=dword:00000001
    "InternetSettingsDisableNotify"=dword:00000001
    "AutoUpdateDisableNotify"=dword:00000001

    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
    "DisableMonitoring"=dword:00000001

    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
    "DisableMonitoring"=dword:00000001

    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
    "DisableMonitoring"=dword:00000001

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\DomainProfile]
    "EnableFirewall"= 0 (0x0)

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
    "{C3F02C67-2021-46B2-970A-1EC8C1B8770A}"= C:\Program Files\CyberLink\PowerDV\PowerDV.exe:CyberLink PowerDV
    "{7AD84D70-18E0-42EA-A212-0C9044014242}"= UDP:C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
    "{2A012CB0-57AD-4A30-B74E-780CADD0DC0E}"= TCP:C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
    "{0236200B-F164-4268-B5C8-8E7B650FE8C7}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\PublicProfile]
    "EnableFirewall"= 0 (0x0)

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\RestrictedServices\Static\System]
    "DFSR-1"= RPort=5722|UDP:%SystemRoot%\system32\svchost.exe|Svc=DFSR:Allow inbound TCP traffic|

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile]
    "EnableFirewall"= 0 (0x0)

    R0 Si3531;SiI-3531 SATA Controller;C:\Windows\system32\DRIVERS\Si3531.sys [2007-01-30 09:31]
    R3 itecir;ITECIR Infrared Receiver;C:\Windows\system32\DRIVERS\itecir.sys [2007-04-04 05:57]
    S1 IDSvix86;Symantec Intrusion Prevention Driver;C:\PROGRA~2\Symantec\DEFINI~1\SymcData\idsdefs\20080523.001\IDSvix86.sys [2008-05-13 00:27]
    S2 OsdService;OsdService;C:\Program Files\C&E\OSD\OsdService\OsdService.exe [2007-09-04 02:01]
    S2 TestHandler;Fujitsu Siemens Computers Diagnostic Testhandler;C:\firststeps\OnlineDiagnostic\TestManager\TestHandler.exe [2006-12-08 19:52]
    S3 CEBFilter;CEBFilter;C:\Program Files\C&E\OSD\OsdService\cebuffer.sys [2007-09-05 01:20]
    S3 CEIO;CEIO;C:\Program Files\C&E\OSD\OsdService\ceio.sys [2007-09-01 01:18]
    S3 cKBFilter;cKBFilter;C:\Program Files\C&E\OSD\OsdService\kbfiltr.sys [2007-08-31 23:22]
    S3 SYMNDISV;SYMNDISV;C:\Windows\system32\Drivers\SYMNDISV.SYS [2006-10-24 15:40]
    S4 nvrd32;NVIDIA nForce RAID Driver;C:\Windows\system32\drivers\nvrd32.sys [2007-07-02 17:37]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
    bthsvcs REG_MULTI_SZ BthServ

    *Newly Created Service* - CATCHME
    *Newly Created Service* - COMHOST
    *Newly Created Service* - ECACHE
    .
    **************************************************************************

    catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2008-05-24 14:43:17
    Windows 6.0.6000 NTFS

    Balayage processus cachés ...

    Balayage caché autostart entries ...

    Balayage des fichiers cachés ...

    Scan terminé avec succès
    Les fichiers cachés: 0

    **************************************************************************
    .
    Temps d'accomplissement: 2008-05-24 14:44:02
    ComboFix-quarantined-files.txt 2008-05-24 12:43:59

    Le texte du message associé au numéro 0x2379 est introuvable dans le fichier de messages pour Application.
    Le texte du message associé au numéro 0x2379 est introuvable dans le fichier de messages pour Application.

    199 --- E O F --- 2008-05-20 16:27:53

    une fois terminé, j'ai relancé mon pc sous vista normal.

    J'ai l'impression que mon soucis a disparu......... tout semble normal?
    0
  2. juliette
     
    Bonjour, j'avais le même problème et ce peitit soft outre atlantique m'a bien sauvé la mise
    http://www.clubic.com/telecharger-fiche67090-superantispywar­­e-free-edition.html

    Bonne chance à tous
    0