Aller au contenu

bilbok

Membres
 Afficher le profil  Afficher son activité

  • Compteur de contenus

    4

  • Inscription

  • Dernière visite

 Type de contenu 

Tout ce qui a été posté par bilbok

  1. bilbok
    MERCI, ça ne se lance plus au démarrage et du coup mon PC a repris sa vitesse de croisière ! Merci encore, et longue vie a toi ! PS: comment cela a pu se produire? (si pas de réponse pas grave, du moment que ça marche!)
  2. bilbok
    si si je l'ai bien désinstaller via ajout/suppression de programme, mais quand je redémarre le pc, j'ai toujour ces deux processus qui me bloque
  3. bilbok
    oki merci, j'ai bien desinstallé combofix, mais comment viré "SafeNet Sentinel"? Merci
  4. bilbok
    Bonjour a tous, et bonnes fêtes de fin d'année! Voila mon problème: Depuis deux jour mon PC rame lamentablement...je pense donc a un malware.J'ai effectuer un scan minutieux avec antimalwarebytes (il a trouver 5 trucs que j'ai supprimer), ensuite un scan avec sybot (rien trouvé) j'ai la suite macaffe installé...dans mon gestionnaire des taches les deux processus qui me bloque sont : spnsrvnt.exe (qui me bouffe 50%) et sntlkeyssrvr (qui me bouffe 50% aussi) J'ai effectuer un rapport hijackthis que voila : Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 13:39:01, on 29/12/2008 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16735) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe C:\WINDOWS\stsystra.exe C:\Program Files\Dell\Media Experience\DMXLauncher.exe C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe C:\WINDOWS\System32\DLA\DLACTRLW.EXE C:\WINDOWS\system32\RUNDLL32.EXE C:\Program Files\Real\RealPlayer\RealPlay.exe C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe C:\Program Files\Canon\MyPrinter\BJMyPrt.exe C:\Program Files\McAfee.com\Agent\mcagent.exe C:\Program Files\Orange\Systray\SystrayApp.exe C:\Program Files\Adobe\Adobe Photoshop Lightroom\apdproxy.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\SanDisk\SanDisk TransferMate\SD Monitor.exe C:\WINDOWS\system32\OSK.exe C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\AlertModule\0\AlertModule.exe C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe C:\Program Files\McAfee\SiteAdvisor\McSACore.exe C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe c:\PROGRA~1\FICHIE~1\mcafee\mna\mcnasvc.exe c:\PROGRA~1\FICHIE~1\mcafee\mcproxy\mcproxy.exe C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe C:\Program Files\McAfee\MPF\MPFSrv.exe C:\Program Files\McAfee\MSK\MskSrver.exe C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\Rainbow Technologies\SentinelLM 7.2.0 Server\English\lservnt.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe c:\PROGRA~1\mcafee\msc\mcuimgr.exe C:\HiJackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\Orange\SearchURLHook\SearchPageURL.dll O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll O2 - BHO: McAntiPhishingBHO - {377C180E-6F0E-4D4C-980F-F45BD3D40CF4} - c:\PROGRA~1\mcafee\msk\mcapbho.dll O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe O4 - HKLM\..\Run: [sigmatelSysTrayApp] stsystra.exe O4 - HKLM\..\Run: [DMXLauncher] C:\Program Files\Dell\Media Experience\DMXLauncher.exe O4 - HKLM\..\Run: [iSUSPM Startup] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\isuspm.exe" -startup O4 - HKLM\..\Run: [iSUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER O4 - HKLM\..\Run: [sSBkgdUpdate] "C:\Program Files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot O4 - HKLM\..\Run: [OpwareSE4] "C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe" O4 - HKLM\..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe /logon O4 - HKLM\..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon O4 - HKLM\..\Run: [mcagent_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey O4 - HKLM\..\Run: [systrayORAHSS] "C:\Program Files\Orange\Systray\SystrayApp.exe" O4 - HKLM\..\Run: [ORAHSSSessionManager] C:\Program Files\Orange\SessionManager\SessionManager.exe O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Adobe Photoshop Lightroom\apdproxy.exe" O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: Monitor.lnk = C:\Program Files\SanDisk\SanDisk TransferMate\SD Monitor.exe O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {1F831FA7-42FC-11D4-95A6-0080AD30DCE1} (NOXLATE) - file://C:\Program Files\AutoCAD LT 2000i Fra\InstFred.ocx O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - http://download.mcafee.com/molbin/shared/m...01/mcinsctl.cab O16 - DPF: {78AF2F24-A9C3-11D3-BF8C-0060B0FCC122} (Contrôle d'AcDcToday) - file://C:\Program Files\AutoCAD LT 2000i Fra\AcDcToday.ocx O16 - DPF: {CE3409C4-9E26-4F8E-83E4-778498F9E7B4} (PB_Uploader Class) - http://www.photoways.com/clients/uploader_v2.2.0.6.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab O16 - DPF: {F281A59C-7B65-11D3-8617-0010830243BD} (Gestion d'AcPreview) - file://C:\Program Files\AutoCAD LT 2000i Fra\AcPreview.ocx O17 - HKLM\System\CCS\Services\Tcpip\..\{0D5C2BA2-7EA5-4E3C-BA6D-9BB73C61A6A8}: NameServer = 212.27.53.252,212.27.54.252 O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: McAfee SiteAdvisor Service - Unknown owner - C:\Program Files\McAfee\SiteAdvisor\McSACore.exe O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\PROGRA~1\FICHIE~1\mcafee\mna\mcnasvc.exe O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\FICHIE~1\mcafee\mcproxy\mcproxy.exe O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe O23 - Service: McAfee SpamKiller Service (MSK80Service) - McAfee, Inc. - C:\Program Files\McAfee\MSK\MskSrver.exe O23 - Service: Intel NCS NetService (NetSvc) - Intel® Corporation - C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Sentinel Keys Server (SentinelKeysServer) - SafeNet, Inc. - C:\Program Files\Fichiers communs\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe O23 - Service: SentinelLM - Rainbow Technologies, Inc. - C:\Program Files\Rainbow Technologies\SentinelLM 7.2.0 Server\English\lservnt.exe O23 - Service: Sentinel Protection Server (SentinelProtectionServer) - SafeNet, Inc - C:\Program Files\Fichiers communs\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe -- End of file - 10404 bytes Puis un rapport combofix que voila : ComboFix 08-12-28.01 - guiraudet 2008-12-29 11:42:48.1 - NTFSx86 Microsoft Windows XP Édition familiale 5.1.2600.3.1252.1.1036.18.1022.663 [GMT 1:00] Lancé depuis: c:\documents and settings\guiraudet\Bureau\ComboFix.exe AV: McAfee VirusScan *On-access scanning disabled* (Outdated) FW: McAfee Personal Firewall *disabled* * Un nouveau point de restauration a été créé AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !! . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . c:\windows\system32\lsprst7.dll c:\windows\system32\nsprs.dll E:\resycled . ((((((((((((((((((((((((((((( Fichiers créés du 2008-11-28 au 2008-12-29 )))))))))))))))))))))))))))))))))))) . 2008-12-29 10:56 . 2008-12-29 10:56 <REP> d-------- c:\program files\Spybot - Search & Destroy 2008-12-29 10:56 . 2008-12-29 10:56 <REP> d-------- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy 2008-12-29 10:11 . 2004-08-20 10:30 <REP> d--h----- c:\documents and settings\Administrateur\Voisinage réseau 2008-12-29 10:11 . 2004-08-20 10:30 <REP> d--h----- c:\documents and settings\Administrateur\Voisinage d'impression 2008-12-29 10:11 . 2004-08-20 10:30 <REP> d--h----- c:\documents and settings\Administrateur\Modèles 2008-12-29 10:11 . 2006-06-27 00:09 <REP> dr------- c:\documents and settings\Administrateur\Mes documents 2008-12-29 10:11 . 2004-08-20 10:30 <REP> dr------- c:\documents and settings\Administrateur\Menu Démarrer 2008-12-29 10:11 . 2004-08-20 10:42 <REP> dr------- c:\documents and settings\Administrateur\Favoris 2008-12-29 10:11 . 2006-06-27 00:08 <REP> d-------- c:\documents and settings\Administrateur\Bureau 2008-12-29 10:11 . 2006-06-27 00:08 <REP> d-------- c:\documents and settings\Administrateur\Application Data\You've Got Pictures Screensaver 2008-12-29 10:11 . 2006-06-27 00:10 <REP> d-------- c:\documents and settings\Administrateur\Application Data\Corel 2008-12-29 10:11 . 2008-12-29 10:11 <REP> d-------- c:\documents and settings\Administrateur 2008-12-29 09:37 . 2008-12-29 10:12 <REP> d-------- C:\HiJackThis 2008-12-28 18:17 . 2008-12-28 18:17 <REP> d-------- c:\program files\CCleaner 2008-12-26 19:48 . 2008-12-26 19:48 1,025 --a------ c:\windows\system32\serauth2.dll 2008-12-26 19:48 . 2008-12-26 19:48 1,025 --a------ c:\windows\system32\serauth1.dll 2008-12-26 17:52 . 2008-12-26 17:52 <REP> d-------- c:\documents and settings\guiraudet\Application Data\Malwarebytes 2008-12-26 17:51 . 2008-12-26 17:57 <REP> d-------- c:\program files\Malwarebytes' Anti-Malware 2008-12-26 17:51 . 2008-12-26 17:51 <REP> d-------- c:\documents and settings\All Users\Application Data\Malwarebytes 2008-12-26 17:51 . 2008-12-03 19:52 38,496 --a------ c:\windows\system32\drivers\mbamswissarmy.sys 2008-12-26 17:51 . 2008-12-03 19:52 15,504 --a------ c:\windows\system32\drivers\mbam.sys 2008-12-01 19:57 . 2008-12-01 19:57 <REP> d-------- c:\windows\system32\fr 2008-12-01 19:57 . 2008-12-01 19:57 <REP> d-------- c:\windows\system32\bits 2008-12-01 19:57 . 2008-12-01 19:57 <REP> d-------- c:\windows\l2schemas 2008-12-01 19:55 . 2008-12-01 19:58 <REP> d-------- c:\windows\ServicePackFiles 2008-12-01 19:43 . 2008-12-01 19:43 <REP> d-------- c:\windows\EHome . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2008-12-29 08:57 --------- d-----w c:\program files\McAfee 2008-12-16 17:46 --------- d-----w c:\documents and settings\LocalService\Application Data\SACore 2008-12-14 10:45 --------- d--h--w c:\program files\InstallShield Installation Information 2008-12-14 10:44 --------- d-----w c:\program files\Activision 2008-12-06 16:06 --------- d-----w c:\documents and settings\guiraudet\Application Data\Corel 2008-12-06 16:02 6,686 --sha-w c:\windows\system32\KGyGaAvL.sys 2008-12-06 16:01 --------- d-----w c:\documents and settings\guiraudet\Application Data\Canon 2008-11-28 16:40 107,888 ----a-w c:\windows\system32\CmdLineExt.dll 2008-11-28 16:22 --------- d-----w c:\program files\Warner Bros. Interactive Entertainment 2008-11-14 16:32 --------- d-----w c:\documents and settings\guiraudet\Application Data\Activision 2008-11-05 09:33 --------- d-----w c:\program files\Ubisoft 2008-10-24 11:21 455,296 ------w c:\windows\system32\dllcache\mrxsmb.sys 2008-10-23 12:36 286,720 ----a-w c:\windows\system32\gdi32.dll 2008-10-23 12:36 286,720 ------w c:\windows\system32\dllcache\gdi32.dll 2008-10-16 13:13 202,776 ----a-w c:\windows\system32\wuweb.dll 2008-10-16 13:13 202,776 ----a-w c:\windows\system32\dllcache\wuweb.dll 2008-10-16 13:13 1,809,944 ----a-w c:\windows\system32\wuaueng.dll 2008-10-16 13:13 1,809,944 ----a-w c:\windows\system32\dllcache\wuaueng.dll 2008-10-16 13:12 561,688 ----a-w c:\windows\system32\wuapi.dll 2008-10-16 13:12 561,688 ----a-w c:\windows\system32\dllcache\wuapi.dll 2008-10-16 13:12 323,608 ----a-w c:\windows\system32\wucltui.dll 2008-10-16 13:12 323,608 ----a-w c:\windows\system32\dllcache\wucltui.dll 2008-10-16 13:09 92,696 ----a-w c:\windows\system32\dllcache\cdm.dll 2008-10-16 13:09 92,696 ----a-w c:\windows\system32\cdm.dll 2008-10-16 13:09 51,224 ----a-w c:\windows\system32\wuauclt.exe 2008-10-16 13:09 51,224 ----a-w c:\windows\system32\dllcache\wuauclt.exe 2008-10-16 13:09 43,544 ----a-w c:\windows\system32\wups2.dll 2008-10-16 13:08 34,328 ----a-w c:\windows\system32\wups.dll 2008-10-16 13:08 34,328 ----a-w c:\windows\system32\dllcache\wups.dll 2008-10-16 13:06 268,648 ----a-w c:\windows\system32\mucltui.dll 2008-10-16 13:06 208,744 ----a-w c:\windows\system32\muweb.dll 2008-10-15 16:35 337,408 ------w c:\windows\system32\dllcache\netapi32.dll 2008-10-03 17:12 6,066,176 ------w c:\windows\system32\dllcache\ieframe.dll 2008-10-03 10:03 247,326 ----a-w c:\windows\system32\strmdll.dll 2008-10-03 10:03 247,326 ------w c:\windows\system32\dllcache\strmdll.dll 2008-09-30 15:43 1,286,152 ----a-w c:\windows\system32\msxml4.dll 2007-08-14 17:53 9,192,136 ----a-w c:\program files\INSTALL_MSN_MESSENGER_NT.EXE 2007-07-29 06:22 56 --sh--r c:\windows\system32\9818A8EFB9.sys 2008-09-11 19:19 88 --sh--r c:\windows\system32\B9EFA81898.sys . ((((((((((((((((((((((((((((((((( Points de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360] "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-04-19 68856] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "igfxtray"="c:\windows\system32\igfxtray.exe" [2005-10-14 94208] "igfxhkcmd"="c:\windows\system32\hkcmd.exe" [2005-10-14 77824] "igfxpers"="c:\windows\system32\igfxpers.exe" [2005-10-14 114688] "SunJavaUpdateSched"="c:\program files\Java\j2re1.4.2_03\bin\jusched.exe" [2003-11-19 32881] "DMXLauncher"="c:\program files\Dell\Media Experience\DMXLauncher.exe" [2005-10-05 94208] "ISUSPM Startup"="c:\program files\Fichiers communs\InstallShield\UpdateService\isuspm.exe" [2005-06-10 249856] "ISUSScheduler"="c:\program files\Fichiers communs\InstallShield\UpdateService\issch.exe" [2005-06-10 81920] "DLA"="c:\windows\System32\DLA\DLACTRLW.EXE" [2005-09-08 122940] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-08-11 7630848] "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2006-08-11 86016] "RealTray"="c:\program files\Real\RealPlayer\RealPlay.exe" [2006-06-27 26112] "SSBkgdUpdate"="c:\program files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2006-10-25 210472] "OpwareSE4"="c:\program files\ScanSoft\OmniPageSE4\OpwareSE4.exe" [2007-02-04 79400] "CanonSolutionMenu"="c:\program files\Canon\SolutionMenu\CNSLMAIN.exe" [2007-05-14 644696] "CanonMyPrinter"="c:\program files\Canon\MyPrinter\BJMyPrt.exe" [2007-04-03 1603152] "mcagent_exe"="c:\program files\McAfee.com\Agent\mcagent.exe" [2007-08-03 582992] "SystrayORAHSS"="c:\program files\Orange\Systray\SystrayApp.exe" [2007-09-25 94208] "ORAHSSSessionManager"="c:\program files\Orange\SessionManager\SessionManager.exe" [2007-09-25 102400] "Adobe Photo Downloader"="c:\program files\Adobe\Adobe Photoshop Lightroom\apdproxy.exe" [2007-02-06 61440] "SigmatelSysTrayApp"="stsystra.exe" [2005-03-22 c:\windows\stsystra.exe] "nwiz"="nwiz.exe" [2006-08-11 c:\windows\system32\nwiz.exe] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360] c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\ Monitor.lnk - c:\program files\SanDisk\SanDisk TransferMate\SD Monitor.exe [2007-04-29 114688] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] --a------ 2007-06-29 06:24 286720 c:\program files\QuickTime\QTTask.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg] --a------ 2008-04-19 23:38 68856 c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [HKEY_LOCAL_MACHINE\software\microsoft\security center] "AntiVirusDisableNotify"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiVirus] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeFirewall] "DisableMonitoring"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\Microsoft Games\\Dungeon Siege 2\\DungeonSiege2.exe"= "c:\\Program Files\\Messenger\\msmsgs.exe"= "c:\\Program Files\\Fichiers communs\\SafeNet Sentinel\\Sentinel Protection Server\\WinNT\\spnsrvnt.exe"= "c:\\Program Files\\Fichiers communs\\SafeNet Sentinel\\Sentinel Keys Server\\sntlkeyssrvr.exe"= "c:\\Program Files\\Fichiers communs\\McAfee\\MNA\\McNASvc.exe"= "c:\\Program Files\\Orange\\Connectivity\\ConnectivityManager.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Program Files\\Windows Live\\Messenger\\livecall.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;"c:\program files\McAfee\SiteAdvisor\McSACore.exe" [2008-10-10 206096] R2 SentinelLM;SentinelLM;"c:\program files\Rainbow Technologies\SentinelLM 7.2.0 Server\English\lservnt.exe" [2008-04-11 675840] S2 IKANLOADER2;General Purpose USB Driver (e4ldr.sys);c:\windows\system32\Drivers\e4ldr.sys [2007-10-04 63555] S2 SentinelKeysServer;Sentinel Keys Server;"c:\program files\Fichiers communs\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe" [2007-04-27 316992] S3 CnxEtP;ZTE ZXDSL852 Adapter Filter Driver;c:\windows\system32\DRIVERS\CnxEtP.sys [] S3 CnxEtU;ZTE ZXDSL852 Interface Device Driver;c:\windows\system32\DRIVERS\CnxEtU.sys [] S3 CnxTgNW;ZTE ZXDSL852 WAN PPPoA Adapter Driver;c:\windows\system32\DRIVERS\CnxTgNW.sys [] S3 e4usbaw;USB ADSL2 WAN Adapter;c:\windows\system32\DRIVERS\e4usbaw.sys [2007-10-04 114616] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{545c6a54-00d0-11dc-b454-00d0d08b7723}] \Shell\AutoRun\command - E:\LaunchU3.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{ccc9f85c-4a8c-11dc-b4df-00d0d08b7723}] \Shell\Auto\command - cmd /C launch.bat \Shell\AutoRun\command - c:\windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL cmd /C launch.bat *Newly Created Service* - PROCEXP90 . Contenu du dossier 'Tâches planifiées' 2008-12-17 c:\windows\Tasks\AppleSoftwareUpdate.job - c:\program files\Apple Software Update\SoftwareUpdate.exe [2007-06-03 13:42] 2008-03-15 c:\windows\Tasks\McDefragTask.job - c:\progra~1\mcafee\mqc\QcConsol.exe [2007-12-04 12:32] 2008-05-31 c:\windows\Tasks\McQcTask.job - c:\progra~1\mcafee\mqc\QcConsol.exe [2007-12-04 12:32] 2006-06-29 c:\windows\Tasks\Rappel d'abonnement 1 auprès de l'ISP.job - c:\windows\system32\OOBE\oobebaln.exe [2008-04-14 03:34] . - - - - ORPHELINS SUPPRIMES - - - - HKLM-Run-<NO NAME> - (no file) . ------- Examen supplémentaire ------- . uStart Page = hxxp://www.google.fr/ uInternet Connection Wizard,ShellNext = iexplore TCP: {0D5C2BA2-7EA5-4E3C-BA6D-9BB73C61A6A8} = 212.27.53.252,212.27.54.252 c:\windows\Downloaded Program Files\InstFred.ocx - O16 -: {1F831FA7-42FC-11D4-95A6-0080AD30DCE1} file://c:\program files\AutoCAD LT 2000i Fra\InstFred.ocx . ************************************************************************** catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-12-29 11:45:11 Windows 5.1.2600 Service Pack 3 NTFS Recherche de processus cachés ... Recherche d'éléments en démarrage automatique cachés ... Recherche de fichiers cachés ... Scan terminé avec succès Fichiers cachés: 0 ************************************************************************** . Heure de fin: 2008-12-29 11:45:59 ComboFix-quarantined-files.txt 2008-12-29 10:45:56 Avant-CF: 121 328 201 728 octets libres Après-CF: 121,332,879,360 octets libres 193 --- E O F --- 2008-12-14 20:23:34 Voila j'en suis la...Merci de votre aide!
×
×
  • Créer...