[résolu]Problème spyware indétectable par spybot
Forum Sécurité - Virus : [résolu]Problème spyware indétectable par spybot
Bonjour
J'ai un problème de pop-up... je m'explique.
J'ai toujours des pop-up qui ont comme nom
«ad(nom).(ad(pas toujours))autre nom.»
j'ai scanner avec spybot et rien.
Mais c'est bizzarre qu'il s'ouvre sur IE tandis que je suis sur FF(le pop-up)
De plus qu'il arrive même lorsque je navigue pas.
Exemple: je joue à un jeux via internet ou lorsque je suis sur msn.
je ne sais plus quoi faire là...
même que maintenant j'en reçois plus juste de ceux mentionné ci-haut.
Message édité par Franckiller le 23-12-2008 à 04:21:23
---------------------------------------
Bob a dit: Enchanter de faire votre connaissance :)
Bonjour,
Télécharge puis installe Hijackthis (Trend Micro)
Poste ensuite un rapport dans ta prochaine réponse.
AIDE : Comment utiliser Hijackthis v2.0.2
Répondre à Angeldark
bon le voilà en spoiler
| Spoiler : Logfile of Trend Micro HijackThis v2.0.2
|
---------------------------------------
Bob a dit: Enchanter de faire votre connaissance :)
Répondre à Franckiller
Re,
Télécharge Lop S&D.exe (Eric_71) sur ton Bureau.
- Lance l'installation du programme en exécutant le fichier téléchargé.
- Double-clique maintenant sur le raccourci de LopS&D.
- Sélectionne la langue souhaitée en tapant la lettre de ton choix puis en validant avec la touche Entrée.
- Choisis maintenant l'option 1 (Recherche). Patiente jusqu'à la fin de la recherche.
- Poste le rapport généré (C:\lopR.txt*)
* le nom de la partition peut changer
Répondre à Angeldark
le voici
--------------------\\ Lop S&D 4.2.4-9c XP/Vista
Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3
X86-based PC ( Multiprocessor Free : Intel(R) Pentium(R) 4 CPU 3.00GHz )
BIOS : BIOS Date: 02/14/2007 Ver: 08.00.13
USER : Francis ( Administrator )
BOOT : Normal boot
Antivirus : Avira AntiVir PersonalEdition 8.0.1.30 (Activated)
C:\ (Local Disk) - NTFS - Total:149 Go (Free:132 Go)
D:\ (CD or DVD) - CDFS - Total:0 Go (Free:0 Go)
"C:\Lop SD" ( MAJ : 01-11-2008|16:30 )
Option : [1] ( 2008-12-18|22:21 )
--------------------\\ Listing des dossiers dans APPLIC~1
[2008-11-29|06:41] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft
[2008-12-01|21:58] C:\DOCUME~1\ALLUSE~1\APPLIC~1\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
[2008-12-01|21:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
[2008-12-01|21:58] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[2008-12-01|21:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Avira
[2008-11-29|09:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Geek Squad
[2008-12-06|18:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Lavasoft
[2008-11-29|07:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ma-config.com
[2008-12-02|21:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[2008-12-06|18:25] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[2008-12-03|20:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NexonUS
[2008-12-12|16:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
[2008-12-09|21:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SUPERAntiSpyware.com
[2008-12-08|21:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\third lies itch ford
[2008-11-29|09:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[2008-12-01|22:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
[2008-11-29|06:41] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[2008-12-06|18:41] C:\DOCUME~1\Francis\APPLIC~1\Adblock Pro
[2008-12-01|21:47] C:\DOCUME~1\Francis\APPLIC~1\Adobe
[2008-12-01|21:58] C:\DOCUME~1\Francis\APPLIC~1\Apple Computer
[2008-11-29|08:09] C:\DOCUME~1\Francis\APPLIC~1\ATI
[2008-11-29|06:53] C:\DOCUME~1\Francis\APPLIC~1\Identities
[2008-11-29|08:05] C:\DOCUME~1\Francis\APPLIC~1\InstallShield
[2008-12-03|22:31] C:\DOCUME~1\Francis\APPLIC~1\LimeWire
[2008-12-08|21:39] C:\DOCUME~1\Francis\APPLIC~1\Locks Hope Web
[2008-12-01|21:47] C:\DOCUME~1\Francis\APPLIC~1\Macromedia
[2008-12-11|22:07] C:\DOCUME~1\Francis\APPLIC~1\Microsoft
[2008-12-01|21:38] C:\DOCUME~1\Francis\APPLIC~1\Mozilla
[2008-12-02|21:52] C:\DOCUME~1\Francis\APPLIC~1\Sun
[2008-12-12|16:53] C:\DOCUME~1\Francis\APPLIC~1\SUPERAntiSpyware.com
[2008-12-01|21:36] C:\DOCUME~1\Francis\APPLIC~1\teamspeak2
[2008-12-11|07:39] C:\DOCUME~1\Francis\APPLIC~1\uTorrent
[2008-12-05|15:39] C:\DOCUME~1\Francis\APPLIC~1\WinRAR
[2008-12-11|22:21] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[2008-11-29|06:41] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks
[2008-12-17 23:00][--ah-----] C:\WINDOWS\tasks\A511E610918A99D8.job
[2008-12-01 21:57][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2008-12-18 22:07][--ah-----] C:\WINDOWS\tasks\SA.DAT
[2004-08-05 07:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini
( A511E610918A99D8.job )=( c:\docume~1\francis\applic~1\locksh~1\FreePlanInternet.exe )
--------------------\\ Listing des dossiers dans C:\Program Files
[2008-12-03|17:30] C:\Program Files\7-Zip
[2008-12-06|18:41] C:\Program Files\Adblock Pro
[2008-12-01|22:45] C:\Program Files\AGEIA Technologies
[2008-12-01|21:57] C:\Program Files\Apple Software Update
[2008-12-01|22:49] C:\Program Files\ATI Technologies
[2008-12-01|21:41] C:\Program Files\Avira
[2008-12-01|21:58] C:\Program Files\Bonjour
[2008-12-07|14:26] C:\Program Files\CCleaner
[2008-12-07|16:41] C:\Program Files\Common Files
[2008-11-29|06:38] C:\Program Files\ComPlus Applications
[2008-12-17|21:54] C:\Program Files\Diablo II
[2008-12-01|21:52] C:\Program Files\DIFX
[2008-12-02|22:01] C:\Program Files\EA GAMES
[2008-12-01|22:56] C:\Program Files\Fichiers communs
[2008-12-07|16:26] C:\Program Files\Gpotato
[2008-12-05|00:52] C:\Program Files\InstallShield Installation Information
[2008-12-10|22:39] C:\Program Files\Internet Explorer
[2008-12-01|21:58] C:\Program Files\iPod
[2008-12-01|21:58] C:\Program Files\iTunes
[2008-12-02|21:53] C:\Program Files\Java
[2008-12-01|21:54] C:\Program Files\Lame MP3 Codec
[2008-12-02|21:51] C:\Program Files\LimeWire
[2008-11-29|07:47] C:\Program Files\ma-config.com
[2008-12-01|21:53] C:\Program Files\MarkAny
[2008-11-29|08:26] C:\Program Files\Messenger
[2008-12-01|23:04] C:\Program Files\Messenger Plus! Live
[2008-11-29|06:41] C:\Program Files\microsoft frontpage
[2008-12-11|21:49] C:\Program Files\Microsoft Silverlight
[2008-11-29|08:24] C:\Program Files\Movie Maker
[2008-12-18|22:19] C:\Program Files\Mozilla Firefox
[2008-11-29|06:37] C:\Program Files\MSN
[2008-11-29|06:38] C:\Program Files\MSN Gaming Zone
[2008-11-29|08:23] C:\Program Files\NetMeeting
[2008-11-29|06:38] C:\Program Files\Online Services
[2008-11-29|08:23] C:\Program Files\Outlook Express
[2008-12-01|21:58] C:\Program Files\QuickTime
[2008-12-01|21:51] C:\Program Files\Razer
[2008-11-29|09:25] C:\Program Files\Realtek
[2008-12-01|21:53] C:\Program Files\Samsung
[2008-11-29|06:40] C:\Program Files\Services en ligne
[2008-12-12|16:26] C:\Program Files\Spybot - Search & Destroy
[2008-12-12|23:16] C:\Program Files\SUPERAntiSpyware
[2008-12-01|21:36] C:\Program Files\Teamspeak2_RC2
[2008-12-17|21:38] C:\Program Files\Trend Micro
[2008-11-29|06:53] C:\Program Files\Uninstall Information
[2008-12-03|16:15] C:\Program Files\uTorrent
[2008-12-01|22:59] C:\Program Files\Windows Live
[2008-11-29|09:54] C:\Program Files\Windows Media Connect 2
[2008-11-29|09:54] C:\Program Files\Windows Media Player
[2008-11-29|08:23] C:\Program Files\Windows NT
[2008-11-29|06:40] C:\Program Files\WindowsUpdate
[2008-12-03|21:09] C:\Program Files\WinRAR
[2008-11-29|06:41] C:\Program Files\xerox
[2008-12-01|21:54] C:\Program Files\XviD
--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs
[2008-12-01|21:58] C:\Program Files\Fichiers communs\Apple
[2008-11-29|07:54] C:\Program Files\Fichiers communs\InstallShield
[2008-11-29|06:53] C:\Program Files\Fichiers communs\Microsoft Shared
[2008-11-29|06:39] C:\Program Files\Fichiers communs\MSSoap
[2008-11-29|01:26] C:\Program Files\Fichiers communs\ODBC
[2008-11-29|06:39] C:\Program Files\Fichiers communs\Services
[2008-11-29|01:26] C:\Program Files\Fichiers communs\SpeechEngines
[2008-11-29|08:22] C:\Program Files\Fichiers communs\System
[2008-12-01|22:58] C:\Program Files\Fichiers communs\WindowsLiveInstaller
[2008-12-12|16:53] C:\Program Files\Fichiers communs\Wise Installation Wizard
--------------------\\ Process
( 48 Processes )
IEXPLORE.EXE ~ [PID:2124]
IEXPLORE.EXE ~ [PID:2224]
IEXPLORE.EXE ~ [PID:3376]
--------------------\\ Recherche avec S_Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Recherche de Fichiers / Dossiers Lop
C:\DOCUME~1\ALLUSE~1\APPLIC~1\third lies itch ford
C:\DOCUME~1\ALLUSE~1\APPLIC~1\third lies itch ford\Does Rule.exe
C:\DOCUME~1\Francis\APPLIC~1\locksh~1
C:\DOCUME~1\Francis\APPLIC~1\locksh~1\32sitescrfunk.exe
C:\DOCUME~1\Francis\APPLIC~1\locksh~1\debug ace play.exe
C:\DOCUME~1\Francis\APPLIC~1\locksh~1\FreePlanInternet.exe
C:\DOCUME~1\Francis\APPLIC~1\locksh~1\mybnruqo.exe
C:\DOCUME~1\Francis\APPLIC~1\locksh~1\nqdbushv.exe
C:\DOCUME~1\Francis\LOCALS~1\Temp\msgpl_2f69.tmp
C:\DOCUME~1\Francis\LOCALS~1\Temp\msgpl_6fe7.tmp
C:\WINDOWS\Tasks\A511E610918A99D8.job
--------------------\\ Verification du Registre
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Clock amen"="C:\\DOCUME~1\\Francis\\APPLIC~1\\LOCKSH~1\\debug ace play.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Itch ford four knob"="C:\\Documents and Settings\\All Users\\Application Data\\third lies itch ford\\Does Rule.exe"
--------------------\\ Verification du fichier Hosts
Fichier Hosts PROPRE
--------------------\\ Recherche de fichiers avec Catchme
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-12-18 22:22:51
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden files ...
C:\DOCUME~1\Francis\LOCALS~1\APPLIC~1\Mozilla\Firefox\Profiles\d26bu1iu.default\Cache\D24092B7d01 91405 bytes
scan completed successfully
hidden processes: 0
hidden files: 3
--------------------\\ Recherche d'autres infections
--------------------\\ Cracks & Keygens ..
C:\DOCUME~1\Francis\Bureau\shortcut\SUPERAntiSpyware.Professional.v4.22.1014.[Lifetime Subscription].[Systic-D]\Crack
C:\DOCUME~1\Francis\Bureau\shortcut\SUPERAntiSpyware.Professional.v4.22.1014.[Lifetime Subscription].[Systic-D]\Crack\SUPERAntiSpyware.Pro.v4.22.1014.Fixed-RES-patch.exe
[F:88][D:26]-> C:\DOCUME~1\Francis\LOCALS~1\Temp
[F:13][D:0]-> C:\DOCUME~1\Francis\Cookies
[F:195][D:6]-> C:\DOCUME~1\Francis\LOCALS~1\TEMPOR~1\content.IE5
1 - "C:\Lop SD\LopR_1.txt" - 2008-12-18|22:23 - Option : [1]
--------------------\\ Fin du rapport a 22:23:38
---------------------------------------
Bob a dit: Enchanter de faire votre connaissance :)
Répondre à Franckiller
Re,
Relance Lop S&D en double-cliquant sur le raccourci. Tape sur "2" puis valide en appuyant sur "Entrée".
! Ne ferme pas la fenêtre lors de la suppression !
Un rapport sera généré, poste son contenu ici.
Répondre à Angeldark
le voici:
--------------------\\ Lop S&D 4.2.4-9c XP/Vista
Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3
X86-based PC ( Multiprocessor Free : Intel(R) Pentium(R) 4 CPU 3.00GHz )
BIOS : BIOS Date: 02/14/2007 Ver: 08.00.13
USER : Francis ( Administrator )
BOOT : Normal boot
Antivirus : Avira AntiVir PersonalEdition 8.0.1.30 (Activated)
C:\ (Local Disk) - NTFS - Total:149 Go (Free:130 Go)
D:\ (CD or DVD) - CDFS - Total:4 Go (Free:0 Go)
"C:\Lop SD" ( MAJ : 01-11-2008|16:30 )
Option : [2] ( 2008-12-19|14:23 )
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\third lies itch ford\Does Rule.exe
Supprime! - C:\DOCUME~1\Francis\APPLIC~1\locksh~1\32sitescrfunk.exe
Supprime! - C:\DOCUME~1\Francis\APPLIC~1\locksh~1\debug ace play.exe
Supprime! - C:\DOCUME~1\Francis\APPLIC~1\locksh~1\FreePlanInternet.exe
Supprime! - C:\DOCUME~1\Francis\APPLIC~1\locksh~1\mybnruqo.exe
Supprime! - C:\DOCUME~1\Francis\APPLIC~1\locksh~1\nqdbushv.exe
Supprime! - C:\DOCUME~1\Francis\LOCALS~1\Temp\msgpl_2f69.tmp
Supprime! - C:\DOCUME~1\Francis\LOCALS~1\Temp\msgpl_6fe7.tmp
Supprime! - C:\WINDOWS\Tasks\A511E610918A99D8.job
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\third lies itch ford
Supprime! - C:\DOCUME~1\Francis\APPLIC~1\locksh~1
-
[ Fichier Hosts ] .. Restaure!
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\
--------------------\\ Listing des dossiers dans APPLIC~1
[2008-11-29|06:41] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft
[2008-12-01|21:58] C:\DOCUME~1\ALLUSE~1\APPLIC~1\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
[2008-12-01|21:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
[2008-12-01|21:58] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[2008-12-01|21:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Avira
[2008-11-29|09:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Geek Squad
[2008-12-06|18:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Lavasoft
[2008-11-29|07:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ma-config.com
[2008-12-02|21:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[2008-12-19|14:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[2008-12-19|14:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft Help
[2008-12-03|20:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NexonUS
[2008-12-12|16:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
[2008-12-09|21:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SUPERAntiSpyware.com
[2008-11-29|09:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[2008-12-01|22:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
[2008-11-29|06:41] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[2008-12-06|18:41] C:\DOCUME~1\Francis\APPLIC~1\Adblock Pro
[2008-12-01|21:47] C:\DOCUME~1\Francis\APPLIC~1\Adobe
[2008-12-01|21:58] C:\DOCUME~1\Francis\APPLIC~1\Apple Computer
[2008-11-29|08:09] C:\DOCUME~1\Francis\APPLIC~1\ATI
[2008-11-29|06:53] C:\DOCUME~1\Francis\APPLIC~1\Identities
[2008-11-29|08:05] C:\DOCUME~1\Francis\APPLIC~1\InstallShield
[2008-12-03|22:31] C:\DOCUME~1\Francis\APPLIC~1\LimeWire
[2008-12-01|21:47] C:\DOCUME~1\Francis\APPLIC~1\Macromedia
[2008-12-11|22:07] C:\DOCUME~1\Francis\APPLIC~1\Microsoft
[2008-12-01|21:38] C:\DOCUME~1\Francis\APPLIC~1\Mozilla
[2008-12-02|21:52] C:\DOCUME~1\Francis\APPLIC~1\Sun
[2008-12-12|16:53] C:\DOCUME~1\Francis\APPLIC~1\SUPERAntiSpyware.com
[2008-12-01|21:36] C:\DOCUME~1\Francis\APPLIC~1\teamspeak2
[2008-12-11|07:39] C:\DOCUME~1\Francis\APPLIC~1\uTorrent
[2008-12-05|15:39] C:\DOCUME~1\Francis\APPLIC~1\WinRAR
[2008-12-11|22:21] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[2008-11-29|06:41] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks
[2008-12-01 21:57][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2008-12-19 14:08][--ah-----] C:\WINDOWS\tasks\SA.DAT
[2004-08-05 07:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini
--------------------\\ Listing des dossiers dans C:\Program Files
[2008-12-03|17:30] C:\Program Files\7-Zip
[2008-12-06|18:41] C:\Program Files\Adblock Pro
[2008-12-01|22:45] C:\Program Files\AGEIA Technologies
[2008-12-01|21:57] C:\Program Files\Apple Software Update
[2008-12-01|22:49] C:\Program Files\ATI Technologies
[2008-12-01|21:41] C:\Program Files\Avira
[2008-12-01|21:58] C:\Program Files\Bonjour
[2008-12-07|14:26] C:\Program Files\CCleaner
[2008-12-07|16:41] C:\Program Files\Common Files
[2008-11-29|06:38] C:\Program Files\ComPlus Applications
[2008-12-19|00:56] C:\Program Files\Diablo II
[2008-12-01|21:52] C:\Program Files\DIFX
[2008-12-02|22:01] C:\Program Files\EA GAMES
[2008-12-19|14:18] C:\Program Files\Fichiers communs
[2008-12-07|16:26] C:\Program Files\Gpotato
[2008-12-05|00:52] C:\Program Files\InstallShield Installation Information
[2008-12-10|22:39] C:\Program Files\Internet Explorer
[2008-12-01|21:58] C:\Program Files\iPod
[2008-12-01|21:58] C:\Program Files\iTunes
[2008-12-02|21:53] C:\Program Files\Java
[2008-12-01|21:54] C:\Program Files\Lame MP3 Codec
[2008-12-02|21:51] C:\Program Files\LimeWire
[2008-11-29|07:47] C:\Program Files\ma-config.com
[2008-12-01|21:53] C:\Program Files\MarkAny
[2008-11-29|08:26] C:\Program Files\Messenger
[2008-12-01|23:04] C:\Program Files\Messenger Plus! Live
[2008-11-29|06:41] C:\Program Files\microsoft frontpage
[2008-12-19|14:18] C:\Program Files\Microsoft Office
[2008-12-11|21:49] C:\Program Files\Microsoft Silverlight
[2008-12-19|14:18] C:\Program Files\Microsoft Visual Studio
[2008-12-19|14:15] C:\Program Files\Microsoft Visual Studio 8
[2008-12-19|14:19] C:\Program Files\Microsoft Works
[2008-12-19|14:17] C:\Program Files\Microsoft.NET
[2008-11-29|08:24] C:\Program Files\Movie Maker
[2008-12-19|14:22] C:\Program Files\Mozilla Firefox
[2008-12-19|14:19] C:\Program Files\MSBuild
[2008-11-29|06:37] C:\Program Files\MSN
[2008-11-29|06:38] C:\Program Files\MSN Gaming Zone
[2008-11-29|08:23] C:\Program Files\NetMeeting
[2008-11-29|06:38] C:\Program Files\Online Services
[2008-11-29|08:23] C:\Program Files\Outlook Express
[2008-12-01|21:58] C:\Program Files\QuickTime
[2008-12-01|21:51] C:\Program Files\Razer
[2008-11-29|09:25] C:\Program Files\Realtek
[2008-12-01|21:53] C:\Program Files\Samsung
[2008-11-29|06:40] C:\Program Files\Services en ligne
[2008-12-12|16:26] C:\Program Files\Spybot - Search & Destroy
[2008-12-12|23:16] C:\Program Files\SUPERAntiSpyware
[2008-12-01|21:36] C:\Program Files\Teamspeak2_RC2
[2008-12-17|21:38] C:\Program Files\Trend Micro
[2008-11-29|06:53] C:\Program Files\Uninstall Information
[2008-12-03|16:15] C:\Program Files\uTorrent
[2008-12-01|22:59] C:\Program Files\Windows Live
[2008-11-29|09:54] C:\Program Files\Windows Media Connect 2
[2008-11-29|09:54] C:\Program Files\Windows Media Player
[2008-11-29|08:23] C:\Program Files\Windows NT
[2008-11-29|06:40] C:\Program Files\WindowsUpdate
[2008-12-03|21:09] C:\Program Files\WinRAR
[2008-11-29|06:41] C:\Program Files\xerox
[2008-12-01|21:54] C:\Program Files\XviD
--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs
[2008-12-01|21:58] C:\Program Files\Fichiers communs\Apple
[2008-12-19|14:18] C:\Program Files\Fichiers communs\DESIGNER
[2008-11-29|07:54] C:\Program Files\Fichiers communs\InstallShield
[2008-12-19|14:19] C:\Program Files\Fichiers communs\Microsoft Shared
[2008-11-29|06:39] C:\Program Files\Fichiers communs\MSSoap
[2008-11-29|01:26] C:\Program Files\Fichiers communs\ODBC
[2008-11-29|06:39] C:\Program Files\Fichiers communs\Services
[2008-11-29|01:26] C:\Program Files\Fichiers communs\SpeechEngines
[2008-12-19|14:14] C:\Program Files\Fichiers communs\System
[2008-12-01|22:58] C:\Program Files\Fichiers communs\WindowsLiveInstaller
[2008-12-12|16:53] C:\Program Files\Fichiers communs\Wise Installation Wizard
--------------------\\ Process
( 43 Processes )
... OK !
--------------------\\ Recherche avec S_Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Recherche de Fichiers / Dossiers Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Verification du Registre
..... OK !
--------------------\\ Verification du fichier Hosts
Fichier Hosts PROPRE
--------------------\\ Recherche de fichiers avec Catchme
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-12-19 14:25:02
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 2
--------------------\\ Recherche d'autres infections
--------------------\\ Cracks & Keygens ..
C:\DOCUME~1\Francis\Bureau\shortcut\SUPERAntiSpyware.Professional.v4.22.1014.[Lifetime Subscription].[Systic-D]\Crack
C:\DOCUME~1\Francis\Bureau\shortcut\SUPERAntiSpyware.Professional.v4.22.1014.[Lifetime Subscription].[Systic-D]\Crack\SUPERAntiSpyware.Pro.v4.22.1014.Fixed-RES-patch.exe
[F:329][D:57]-> C:\DOCUME~1\Francis\LOCALS~1\Temp
[F:16][D:0]-> C:\DOCUME~1\Francis\Cookies
[F:339][D:6]-> C:\DOCUME~1\Francis\LOCALS~1\TEMPOR~1\content.IE5
1 - "C:\Lop SD\LopR_1.txt" - 2008-12-18|22:23 - Option : [1]
2 - "C:\Lop SD\LopR_2.txt" - 2008-12-19|14:25 - Option : [2]
--------------------\\ Fin du rapport a 14:25:45
---------------------------------------
Bob a dit: Enchanter de faire votre connaissance :)
Répondre à Franckiller
Re,
Supprime ce dossier :
C:\DOCUME~1\Francis\Bureau\shortcut\SUPERAntiSpyware.Professional.v4.22.1014.[Lifetime Subscription].[Systic-D]\Crack
Reposte un rapport Hijackthis.
Répondre à Angeldark
Le voici
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:32:17, on 2008-12-20
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\msiexec.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Razer\DeathAdder\razerhid.exe
C:\Program Files\MarkAny\ContentSafer\MAAgent.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Razer\DeathAdder\razertra.exe
C:\Program Files\Razer\DeathAdder\razerofa.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: Adblock Pro - {F385C231-605B-4d8f-ACA9-DBFF765BBE17} - C:\Program Files\Adblock Pro\AdblockPro.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [DeathAdder] C:\Program Files\Razer\DeathAdder\razerhid.exe
O4 - HKLM\..\Run: [SMSTray] C:\Program Files\Samsung\Samsung Media Studio 5\SMSTray.exe
O4 - HKLM\..\Run: [MAAgent] C:\Program Files\MarkAny\ContentSafer\MAAgent.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [PopUp Destroy] C:\Program Files\PopUp Destroy\Popup-Destroy.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O8 - Extra context menu item: &Block This Image (ABP) - C:\Program Files\Adblock Pro\blockimg.html
O8 - Extra context menu item: &Bloquer cette image (ABP) - C:\Program Files\Adblock Pro\blockimg.html
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Adblock Pro Preferences - {E7FD3540-AB30-40f1-91E7-101F733C1FD5} - C:\Program Files\Adblock Pro\AdblockPro.dll
O9 - Extra 'Tools' menuitem: Adblock Pro Preferences - {E7FD3540-AB30-40f1-91E7-101F733C1FD5} - C:\Program Files\Adblock Pro\AdblockPro.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://fichiers.touslesdrivers.com [...] _0_4_0.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/ [...] wflash.cab
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe
---------------------------------------
Bob a dit: Enchanter de faire votre connaissance :)
Répondre à Franckiller
C'est mieux ?
Répondre à Angeldark
Oui c'est beaucoup mieux MERCI !!!! beaucoup et passe de joyeuse fêtes!!!
---------------------------------------
Bob a dit: Enchanter de faire votre connaissance :)
Répondre à Franckiller
A toi aussi 
Répondre à Angeldark
Il y a 2048 utilisateurs connus et inconnus. Pour voir la liste des connectés connus, cliquez ici.
