kakakiss

Membres

Afficher le profil Afficher son activité

Compteur de contenus
10
Inscription
le 10 octobre 2008
Dernière visite
le 15 octobre 2008

Autres informations

Mes langues
francais

kakakiss's Achievements

Junior Member (3/12)

Réputation sur la communauté

trojan keylogger, tiny bankfraud et screengreen

kakakiss a répondu à un(e) sujet de kakakiss dans Analyses et éradication malwares

Bonjour je vous retranscrit le message d'erreur JAVA "Erreur lors de la lecture du fichier http://javadl-esd.sun.com/update*1.6/sp-1.6.0_07/sp1036.MST. Vérifiez que ce fichier existe et que vous êtes autorisé à y accéder" Voila Merci d'avance
- le 15 octobre 2008
- 19 réponses
trojan keylogger, tiny bankfraud et screengreen

kakakiss a répondu à un(e) sujet de kakakiss dans Analyses et éradication malwares

bonsoir je suis pas tres baleze en informatique et encore plus sur un forum alors la bete question comment met-on une capture d'ecran avec ma reponse? merci d'avance
- le 12 octobre 2008
- 19 réponses
trojan keylogger, tiny bankfraud et screengreen

kakakiss a répondu à un(e) sujet de kakakiss dans Analyses et éradication malwares

Salut voici le rapport java JavaRa 1.11 Removal Log. Report follows after line. ------------------------------------ The JavaRa removal process was started on Sun Oct 12 16:54:34 2008 Found and removed: C:\Program Files\Java\jre1.5.0_05 Found and removed: Software\JavaSoft\Java2D\1.5.0_05 Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0005-ABCDEFFEDCBA} Found and removed: SOFTWARE\Classes\Installer\Features\8A0F842331866D117AB7000B0D510005 Found and removed: SOFTWARE\Classes\Installer\Products\8A0F842331866D117AB7000B0D510005 Found and removed: SOFTWARE\Classes\Installer\UpgradeCodes\7A0F842331866D117AB7000B0D510005 Found and removed: SOFTWARE\Classes\JavaPlugin.150_05 Found and removed: SOFTWARE\Classes\JavaWebStart.isInstalled.1.5.0.0 Found and removed: SOFTWARE\JavaSoft\Java Plug-in\1.5.0_05 Found and removed: SOFTWARE\JavaSoft\Java Runtime Environment\1.5 Found and removed: SOFTWARE\JavaSoft\Java Runtime Environment\1.5.0_05 Found and removed: SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0015-0000-0005-ABCDEFFEDCBA} Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ACBB9B2318A96D117A58000B0D510005 Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\8A0F842331866D117AB7000B0D510005 Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3248F0A8-6813-11D6-A77B-00B0D0150050} Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBB} Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBC} Found and removed: SOFTWARE\Classes\Installer\Features\8A0F842331866D117AB7000B0D610001 Found and removed: SOFTWARE\Classes\Installer\Products\8A0F842331866D117AB7000B0D610001 Found and removed: SOFTWARE\Classes\Installer\UpgradeCodes\7A0F842331866D117AB7000B0D610001 Found and removed: SOFTWARE\Classes\JavaPlugin.160_01 Found and removed: SOFTWARE\JavaSoft\Java Plug-in\1.6.0_01 Found and removed: SOFTWARE\JavaSoft\Java Runtime Environment\1.6.0_01 Found and removed: SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\7A0F842331866D117AB7000B0D610001 Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ACBB9B2318A96D117A58000B0D610001 Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\8A0F842331866D117AB7000B0D610001 Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3248F0A8-6813-11D6-A77B-00B0D0160010} Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.5.0_05 Found and removed: Software\Classes\JavaPlugin.160_01 Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0000-0003-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0000-0004-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0000-0005-ABCDEFFEDCBA} Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Java\jre1.5.0_05\ Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Java\jre1.6.0_01\ Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Java\jre1.6.0_01\bin\ Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1 Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1_02 Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1_03 Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1_04 Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.2 Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.2.0_01 Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.6.0_01 Found and removed: Software\JavaSoft\Java2D\1.6.0_01 Found and removed: Software\JavaSoft\Java Runtime Environment\1.6.0_01 Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0000-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0001-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0001-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0002-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0002-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0003-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0003-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0004-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0004-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0005-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0005-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0006-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0006-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0007-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0007-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0008-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0008-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0009-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0009-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0010-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0010-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0011-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0011-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0012-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0012-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0013-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0013-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0014-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0014-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0015-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0015-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0016-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0016-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0017-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0017-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0018-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0018-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0019-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0019-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0020-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0020-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0021-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0021-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0022-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0022-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0023-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0023-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0024-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0024-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0025-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0025-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0026-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0026-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0027-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0027-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0028-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0028-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0029-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0029-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0030-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0030-ABCDEFFEDCBB} ------------------------------------ Finished reporting. mais il ne veut pad minstaller la derniere version de java il me dit qu'il manque un fichier meme en telecharcgant la version "hors ligne" bien a vous
- le 12 octobre 2008
- 19 réponses
trojan keylogger, tiny bankfraud et screengreen

kakakiss a répondu à un(e) sujet de kakakiss dans Analyses et éradication malwares

Bonjour désolé de vous faire travailler si tard voilà j'ai passé HiJackThis et supprimer le .exe mais je n'ai pas trouver le fichier "vsjklgzy" je vous met le rapport HiJackThis : Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 10:56:09, on 12/10/2008 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16705) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE C:\WINDOWS\system32\PnkBstrA.exe C:\WINDOWS\System32\PAStiSvc.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\Wacom_Tablet.exe C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe C:\WINDOWS\system32\WTablet\Wacom_TabletUser.exe C:\WINDOWS\system32\Wacom_Tablet.exe C:\Program Files\Softwin\BitDefender10\vsserv.exe C:\Program Files\ATI Technologies\ATI.ACE\cli.exe C:\Program Files\ASUS\ASUS Remote\RemoteControlAppl.exe C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe C:\Program Files\HP\HP Software Update\HPWuSchd2.exe C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe C:\Program Files\SlySoft\AnyDVD\AnyDVD.exe C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe C:\Program Files\Adobe\Photoshop Elements 4.0\apdproxy.exe C:\Program Files\Softwin\BitDefender10\bdagent.exe C:\Program Files\QuickTime\qttask.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe C:\PROGRA~1\Softwin\BITDEF~1\bdmcon.exe C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\iPod\bin\iPodService.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe C:\Program Files\ATI Technologies\ATI.ACE\cli.exe C:\WINDOWS\system32\HPZipm12.exe C:\Documents and Settings\HP_Propriétaire\Bureau\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.be/ R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: free-downloads.net Toolbar - {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files\free-downloads.net\tbfree.dll O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\PROGRA~1\Skype\Phone\IEPlugin\SKYPEI~1.DLL O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O2 - BHO: free-downloads.net Toolbar - {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files\free-downloads.net\tbfree.dll O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll O3 - Toolbar: free-downloads.net Toolbar - {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files\free-downloads.net\tbfree.dll O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay O4 - HKLM\..\Run: [RemoteControl] C:\Program Files\ASUS\ASUS Remote\RemoteControlAppl.exe O4 - HKLM\..\Run: [HPHUPD08] c:\Program Files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE O4 - HKLM\..\Run: [HPBootOp] "C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" /run O4 - HKLM\..\Run: [Reminder] "C:\Windows\Creator\Remind_XP.exe" O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [speedTouch USB Diagnostics] "C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" /icon O4 - HKLM\..\Run: [AnyDVD] C:\Program Files\SlySoft\AnyDVD\AnyDVD.exe O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Elements 4.0\apdproxy.exe" O4 - HKLM\..\Run: [bDAgent] "C:\Program Files\Softwin\BitDefender10\bdagent.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe" O4 - HKLM\..\Run: [bDMCon] C:\PROGRA~1\Softwin\BITDEF~1\bdmcon.exe O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [bDMCon] "C:\Program Files\Softwin\BitDefender10\bdmcon.exe" /reg (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [bDMCon] "C:\Program Files\Softwin\BitDefender10\bdmcon.exe" /reg (User 'Default user') O4 - .DEFAULT User Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User 'Default user') O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: Démarrage rapide de HP Photosmart Premier.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\PROGRA~1\Skype\Phone\IEPlugin\SKYPEI~1.DLL O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O9 - Extra button: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm O9 - Extra 'Tools' menuitem: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} (Image Uploader Control) - http://www.new2.foto.com/ImageUploader5.cab O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - http://www.new2.foto.com/ImageUploader4.cab O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Adobe Active File Monitor V4 (AdobeActiveFileMonitor4.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: HP Port Resolver - Hewlett-Packard Company - C:\WINDOWS\system32\spool\drivers\w32x86\3\HPBPRO.EXE O23 - Service: HP Status Server - Hewlett-Packard Company - C:\WINDOWS\system32\spool\drivers\w32x86\3\HPBOID.EXE O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe O23 - Service: BitDefender Desktop Update Service (LIVESRV) - SOFTWIN S.R.L. - C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe O23 - Service: Planificateur LiveUpdate automatique - Unknown owner - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (file missing) O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe O23 - Service: STI Simulator - Unknown owner - C:\WINDOWS\System32\PAStiSvc.exe O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe O23 - Service: TabletServiceWacom - Wacom Technology, Corp. - C:\WINDOWS\system32\Wacom_Tablet.exe O23 - Service: BitDefender Virus Shield (VSSERV) - SOFTWIN S.R.L. - C:\Program Files\Softwin\BitDefender10\vsserv.exe O23 - Service: BitDefender Communicator (XCOMM) - Softwin - C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe -- End of file - 11528 bytes bien a vous et encore un grand merci pour votre precieuse aide a tous
- le 12 octobre 2008
- 19 réponses
trojan keylogger, tiny bankfraud et screengreen

kakakiss a répondu à un(e) sujet de kakakiss dans Analyses et éradication malwares

voici les rapports --------------------\\ Lop S&D 4.2.4-5 XP/Vista Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3 X86-based PC ( Uniprocessor Free : AMD Athlon 64 Processor 3700+ ) BIOS : Phoenix - Award BIOS v6.00PG USER : HP_Propriétaire ( Administrator ) BOOT : Normal boot Antivirus : Norton Internet Security 2006 2006 (Activated) Firewall : Norton Internet Security 2006 2006 (Activated) C:\ (Local Disk) - NTFS - Total : 273 Go Free : 214 Go D:\ (Local Disk) - FAT32 - Total : 5 Go Free : 0 Go E:\ (CD or DVD) F:\ (CD or DVD) G:\ (USB) H:\ (USB) I:\ (USB) J:\ (USB) K:\ (USB) L:\ (Local Disk) - FAT32 - Total : 465 Go Free : 327 Go "C:\Lop SD" ( MAJ : 02-10-2008|23:42 ) Option : [2] ( sam. 11/10/2008|22:32 ) \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\espionServerData\globData.mk4 Supprime! - C:\DOCUME~1\HP_PRO~1\Cookies\hp_propriétaire@advertstream[1].txt Supprime! - C:\DOCUME~1\HP_PRO~1\Cookies\hp_propriétaire@adopt.euroclick[1].txt Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\espionServerData \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ --------------------\\ Listing des dossiers dans APPLIC~1 [07/10/2006|22:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe [30/04/2007|19:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe Systems [01/10/2006|12:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ahead [29/02/2008|22:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple [02/11/2006|21:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer [04/04/2007|15:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\BitDefender [28/09/2008|20:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink [05/06/2008|00:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\DVD Shrink [30/10/2006|16:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google [12/05/2006|02:31] C:\DOCUME~1\ALLUSE~1\APPLIC~1\HP [12/05/2006|02:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\InstallShield [21/12/2006|20:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft [06/08/2007|00:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Mozilla [01/10/2008|19:53] C:\DOCUME~1\ALLUSE~1\APPLIC~1\muvee Technologies [12/05/2006|02:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SBSI [07/05/2007|21:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Skype [12/05/2006|02:31] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sonic [08/10/2008|20:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy [02/09/2006|21:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Support.com [14/12/2007|23:53] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SupportSoft [30/10/2006|17:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec [09/10/2008|19:53] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP [04/09/2006|22:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage [08/12/2006|22:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Live Toolbar [12/05/2006|02:28] C:\DOCUME~1\DEFAUL~1\APPLIC~1\ATI [26/10/2005|17:34] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities [12/05/2006|03:11] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft [12/05/2006|02:41] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Real [12/05/2006|03:06] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Symantec [24/06/2008|19:01] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Adobe [22/06/2006|15:59] C:\DOCUME~1\HP_PRO~1\APPLIC~1\AdobeUM [10/11/2006|21:05] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Ahead [09/05/2007|14:18] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Alien Skin [10/04/2007|01:38] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Apple Computer [22/09/2006|21:10] C:\DOCUME~1\HP_PRO~1\APPLIC~1\ArcSoft [12/05/2006|02:28] C:\DOCUME~1\HP_PRO~1\APPLIC~1\ATI [30/10/2006|17:32] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Bitdefender [14/06/2008|20:40] C:\DOCUME~1\HP_PRO~1\APPLIC~1\BitTorrent [24/06/2006|11:53] C:\DOCUME~1\HP_PRO~1\APPLIC~1\CyberLink [20/07/2008|16:46] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Dealio [16/01/2007|23:12] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Desperate Housewives [05/08/2007|19:19] C:\DOCUME~1\HP_PRO~1\APPLIC~1\DivX [05/10/2008|16:55] C:\DOCUME~1\HP_PRO~1\APPLIC~1\dvdcss [01/11/2006|12:36] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Google [08/10/2006|21:47] C:\DOCUME~1\HP_PRO~1\APPLIC~1\HP [22/06/2006|15:55] C:\DOCUME~1\HP_PRO~1\APPLIC~1\HPQ [26/10/2005|17:34] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Identities [30/10/2006|17:36] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Lavasoft [14/08/2006|15:12] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Leadertech [02/09/2006|22:23] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Macromedia [05/09/2006|13:20] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Media Player Classic [16/12/2007|18:43] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Microsoft [06/08/2007|00:40] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Mozilla [09/10/2007|21:21] C:\DOCUME~1\HP_PRO~1\APPLIC~1\MPEG Streamclip [01/10/2008|19:53] C:\DOCUME~1\HP_PRO~1\APPLIC~1\muvee Technologies [01/04/2007|10:08] C:\DOCUME~1\HP_PRO~1\APPLIC~1\NeroDCTemplates [20/10/2006|22:48] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Opera [08/09/2006|21:45] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Real [23/04/2008|13:22] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Skype [14/08/2006|15:12] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Sonic [25/10/2006|21:38] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Sun [12/05/2006|03:06] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Symantec [06/08/2007|00:40] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Talkback [09/07/2008|15:50] C:\DOCUME~1\HP_PRO~1\APPLIC~1\U3 [05/09/2006|11:52] C:\DOCUME~1\HP_PRO~1\APPLIC~1\vlc [11/10/2008|21:01] C:\DOCUME~1\HP_PRO~1\APPLIC~1\WTablet [12/05/2006|02:04] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft [08/10/2008|19:26] C:\DOCUME~1\LOCALS~1\APPLIC~1\WTablet [03/09/2006|12:00] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft --------------------\\ Tâches planifiées dans C:\WINDOWS\tasks [08/08/2008 02:18][--a------] C:\WINDOWS\tasks\WebReg Photosmart C5100 series.job [11/10/2008 22:15][--a------] C:\WINDOWS\tasks\Check Updates for Windows Live Toolbar.job [06/10/2008 22:06][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job [11/10/2008 21:01][--ah-----] C:\WINDOWS\tasks\SA.DAT [05/08/2004 06:00][-rah-----] C:\WINDOWS\tasks\desktop.ini --------------------\\ Listing des dossiers dans C:\Program Files [24/09/2008|17:22] C:\Program Files\7-Zip [17/05/2007|19:44] C:\Program Files\AC3Filter [30/04/2007|19:19] C:\Program Files\Adobe [01/10/2008|00:20] C:\Program Files\Aimersoft [15/08/2008|19:43] C:\Program Files\Alcohol Soft [09/05/2007|14:28] C:\Program Files\Alien Skin [29/02/2008|22:26] C:\Program Files\Apple Software Update [22/09/2006|21:09] C:\Program Files\ArcSoft [12/05/2006|02:26] C:\Program Files\ASUS [12/05/2006|02:23] C:\Program Files\ATI Technologies [17/05/2007|22:22] C:\Program Files\avimux gui [02/01/2007|14:03] C:\Program Files\AviSynth 2.5 [14/12/2007|23:45] C:\Program Files\Belgacom [01/10/2008|19:52] C:\Program Files\BitTorrent [18/03/2008|17:57] C:\Program Files\Blitzkrieg Anthology [07/06/2008|09:36] C:\Program Files\CCleaner [08/01/2008|16:10] C:\Program Files\Codemasters [20/10/2005|14:06] C:\Program Files\ComPlus Applications [15/08/2008|19:44] C:\Program Files\Conduit [05/08/2007|19:03] C:\Program Files\DivX [15/08/2007|15:14] C:\Program Files\DVD Decrypter [28/09/2008|20:23] C:\Program Files\DVD Shrink [04/09/2006|22:31] C:\Program Files\Elaborate Bytes [08/10/2008|17:47] C:\Program Files\eMule [08/10/2008|09:09] C:\Program Files\Fichiers communs [27/01/2008|01:21] C:\Program Files\FLV Player [15/08/2008|19:44] C:\Program Files\free-downloads.net [01/07/2007|20:11] C:\Program Files\Google [08/10/2006|21:19] C:\Program Files\Hewlett-Packard [27/03/2008|20:51] C:\Program Files\HiddenStroke2 [28/09/2008|20:26] C:\Program Files\HP [28/09/2008|20:32] C:\Program Files\InstallShield Installation Information [15/08/2008|02:08] C:\Program Files\Internet Explorer [04/10/2008|20:43] C:\Program Files\ioazzzc [01/06/2007|21:39] C:\Program Files\iPod [01/06/2007|21:39] C:\Program Files\iTunes [18/06/2007|15:02] C:\Program Files\Java [05/09/2006|13:19] C:\Program Files\K-Lite Codec Pack [02/01/2007|14:12] C:\Program Files\Matroska Pack [21/08/2008|16:51] C:\Program Files\Messenger [26/10/2005|17:36] C:\Program Files\microsoft frontpage [15/09/2006|20:45] C:\Program Files\Microsoft Office [15/09/2006|20:45] C:\Program Files\Microsoft Visual Studio [15/09/2006|20:45] C:\Program Files\Microsoft Works [15/09/2006|20:45] C:\Program Files\Microsoft.NET [17/05/2007|21:43] C:\Program Files\MKVtoolnix [21/08/2008|16:46] C:\Program Files\Movie Maker [11/10/2008|22:26] C:\Program Files\Mozilla Firefox [13/08/2006|14:16] C:\Program Files\MSN [26/10/2005|17:36] C:\Program Files\MSN Gaming Zone [22/08/2008|20:59] C:\Program Files\MSN Messenger [17/11/2006|01:29] C:\Program Files\MSXML 4.0 [12/05/2006|02:47] C:\Program Files\muvee Technologies [01/10/2006|10:45] C:\Program Files\Nero [21/08/2008|16:42] C:\Program Files\NetMeeting [26/10/2005|17:36] C:\Program Files\Online Services [21/08/2008|16:42] C:\Program Files\Outlook Express [06/10/2006|00:45] C:\Program Files\QuickPar [01/06/2007|21:33] C:\Program Files\QuickTime [12/05/2006|02:41] C:\Program Files\Real [02/01/2007|14:09] C:\Program Files\Ripp-It Codec Pack [05/08/2007|17:02] C:\Program Files\Ripp-it_AM [12/05/2006|02:56] C:\Program Files\Services en ligne [07/05/2007|21:20] C:\Program Files\Skype [21/11/2006|11:15] C:\Program Files\SlySoft [30/10/2006|17:16] C:\Program Files\Softwin [12/05/2006|02:43] C:\Program Files\Sonic [08/10/2008|20:11] C:\Program Files\Spybot - Search & Destroy [14/12/2007|22:18] C:\Program Files\support.com [14/12/2007|23:44] C:\Program Files\SupportSoft [12/08/2008|16:58] C:\Program Files\Tablet [02/09/2006|21:57] C:\Program Files\Thomson [09/07/2008|22:13] C:\Program Files\THQ [22/09/2006|21:08] C:\Program Files\Trust [20/10/2005|14:06] C:\Program Files\Uninstall Information [05/09/2006|11:52] C:\Program Files\VideoLAN [09/10/2007|22:37] C:\Program Files\VirtualDubMOD [03/12/2007|15:41] C:\Program Files\VTech [05/09/2006|13:40] C:\Program Files\WinAVIVideoConverter [08/12/2006|22:24] C:\Program Files\Windows Live Toolbar [21/08/2008|16:42] C:\Program Files\Windows Media Player [21/08/2008|16:42] C:\Program Files\Windows NT [20/10/2005|14:05] C:\Program Files\WindowsUpdate [04/09/2006|22:19] C:\Program Files\WinRAR [26/06/2008|21:58] C:\Program Files\Wolfenstein - Enemy Territory [26/10/2005|17:37] C:\Program Files\xerox [22/02/2008|23:32] C:\Program Files\XnFoto --------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs [30/04/2007|19:18] C:\Program Files\Fichiers communs\Adobe [30/04/2007|19:17] C:\Program Files\Fichiers communs\Adobe Systems Shared [01/10/2006|10:47] C:\Program Files\Fichiers communs\Ahead [22/09/2006|21:09] C:\Program Files\Fichiers communs\ArcSoft [15/09/2006|20:45] C:\Program Files\Fichiers communs\DESIGNER [12/05/2006|02:29] C:\Program Files\Fichiers communs\Hewlett-Packard [08/10/2006|21:25] C:\Program Files\Fichiers communs\HP [12/05/2006|02:47] C:\Program Files\Fichiers communs\InstallShield [12/05/2006|02:13] C:\Program Files\Fichiers communs\Java [12/05/2006|02:43] C:\Program Files\Fichiers communs\LightScribe [08/12/2006|22:24] C:\Program Files\Fichiers communs\Microsoft Shared [26/10/2005|17:35] C:\Program Files\Fichiers communs\MSSoap [12/05/2006|02:47] C:\Program Files\Fichiers communs\muvee Technologies [26/10/2005|17:35] C:\Program Files\Fichiers communs\ODBC [22/09/2006|21:08] C:\Program Files\Fichiers communs\PCCamera [12/05/2006|02:41] C:\Program Files\Fichiers communs\Real [26/10/2005|17:35] C:\Program Files\Fichiers communs\Services [07/05/2007|21:20] C:\Program Files\Fichiers communs\Skype [30/10/2006|17:16] C:\Program Files\Fichiers communs\Softwin [08/10/2006|21:27] C:\Program Files\Fichiers communs\Sonic Shared [26/10/2005|17:35] C:\Program Files\Fichiers communs\SpeechEngines [14/12/2007|23:44] C:\Program Files\Fichiers communs\Supportsoft [12/05/2006|02:42] C:\Program Files\Fichiers communs\SureThing Shared [30/10/2006|17:05] C:\Program Files\Fichiers communs\Symantec Shared [21/08/2008|16:42] C:\Program Files\Fichiers communs\System [12/05/2006|02:43] C:\Program Files\Fichiers communs\TiVo Shared [22/09/2006|21:14] C:\Program Files\Fichiers communs\Vbox [12/05/2006|02:41] C:\Program Files\Fichiers communs\xing shared --------------------\\ Process ( 59 Processes ) ... OK ! --------------------\\ Recherche avec S_Lop Aucun fichier / dossier Lop trouvé ! --------------------\\ Recherche de Fichiers / Dossiers Lop Aucun fichier / dossier Lop trouvé ! --------------------\\ Verification du Registre ..... OK ! --------------------\\ Verification du fichier Hosts Fichier Hosts PROPRE --------------------\\ Recherche de fichiers avec Catchme catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-10-11 22:34:02 Windows 5.1.2600 Service Pack 3 NTFS scanning hidden processes ... scanning hidden files ... scan completed successfully hidden processes: 0 hidden files: 1 --------------------\\ Recherche d'autres infections Aucune autre infection trouvée ! [F:7][D:8]-> C:\DOCUME~1\HP_PRO~1\LOCALS~1\Temp [F:52][D:0]-> C:\DOCUME~1\HP_PRO~1\Cookies [F:1483][D:4]-> C:\DOCUME~1\HP_PRO~1\LOCALS~1\TEMPOR~1\content.IE5 1 - "C:\Lop SD\LopR_1.txt" - sam. 11/10/2008|21:36 - Option : [1] 2 - "C:\Lop SD\LopR_2.txt" - sam. 11/10/2008|22:36 - Option : [2] --------------------\\ Fin du rapport a 22:36:32 la suite Malwarebytes' Anti-Malware 1.28 Version de la base de données: 1258 Windows 5.1.2600 Service Pack 3 12/10/2008 0:29:28 mbam-log-2008-10-12 (00-29-28).txt Type de recherche: Examen complet (C:\|D:\|L:\|) Eléments examinés: 160930 Temps écoulé: 1 hour(s), 35 minute(s), 33 second(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 3 Valeur(s) du Registre infectée(s): 2 Elément(s) de données du Registre infecté(s): 0 Dossier(s) infecté(s): 0 Fichier(s) infecté(s): 3 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): HKEY_CLASSES_ROOT\CLSID\{5B5138A4-F5C9-EA13-C2E0-02C993932DFF} (Trojan.FakeAlert.H) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{3c471948-f874-49f5-b338-4f214a2ee0b1} (Trojan.HumourCanine) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b} (Adware.Agent) -> Quarantined and deleted successfully. Valeur(s) du Registre infectée(s): HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\actstr (Trojan.FakeAlert.H) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\chkensrv (Trojan.FakeAlert.H) -> Quarantined and deleted successfully. Elément(s) de données du Registre infecté(s): (Aucun élément nuisible détecté) Dossier(s) infecté(s): (Aucun élément nuisible détecté) Fichier(s) infecté(s): C:\Program Files\ioazzzc\ActStr.dll (Trojan.FakeAlert.H) -> Delete on reboot. C:\WINDOWS\system32\hwtadolw.exe (Trojan.FakeAlert.H) -> Delete on reboot. C:\Program Files\Conduit\Community Alerts\Alert.dll (Trojan.HumourCanine) -> Quarantined and deleted successfully. et le dernier Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 00:45:43, on 12/10/2008 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16705) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\Ati2evxx.exe C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE C:\WINDOWS\system32\PnkBstrA.exe C:\WINDOWS\System32\PAStiSvc.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\Wacom_Tablet.exe C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe C:\Program Files\Softwin\BitDefender10\vsserv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\ATI Technologies\ATI.ACE\cli.exe C:\Program Files\ASUS\ASUS Remote\RemoteControlAppl.exe C:\WINDOWS\system32\Wacom_Tablet.exe C:\Program Files\HP\HP Software Update\HPWuSchd2.exe C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe C:\Program Files\SlySoft\AnyDVD\AnyDVD.exe C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe C:\Program Files\Adobe\Photoshop Elements 4.0\apdproxy.exe C:\Program Files\Softwin\BitDefender10\bdagent.exe C:\Program Files\QuickTime\qttask.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe C:\PROGRA~1\Softwin\BITDEF~1\bdmcon.exe C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe C:\Program Files\ATI Technologies\ATI.ACE\cli.exe C:\WINDOWS\system32\HPZipm12.exe C:\HP\KBD\KBD.EXE C:\WINDOWS\ALCXMNTR.EXE c:\windows\system\hpsysdrv.exe C:\Documents and Settings\HP_Propriétaire\Bureau\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.be/ R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: free-downloads.net Toolbar - {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files\free-downloads.net\tbfree.dll O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\PROGRA~1\Skype\Phone\IEPlugin\SKYPEI~1.DLL O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O2 - BHO: free-downloads.net Toolbar - {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files\free-downloads.net\tbfree.dll O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll O3 - Toolbar: free-downloads.net Toolbar - {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files\free-downloads.net\tbfree.dll O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay O4 - HKLM\..\Run: [RemoteControl] C:\Program Files\ASUS\ASUS Remote\RemoteControlAppl.exe O4 - HKLM\..\Run: [HPHUPD08] c:\Program Files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE O4 - HKLM\..\Run: [HPBootOp] "C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" /run O4 - HKLM\..\Run: [Reminder] "C:\Windows\Creator\Remind_XP.exe" O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [speedTouch USB Diagnostics] "C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" /icon O4 - HKLM\..\Run: [AnyDVD] C:\Program Files\SlySoft\AnyDVD\AnyDVD.exe O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Elements 4.0\apdproxy.exe" O4 - HKLM\..\Run: [bDAgent] "C:\Program Files\Softwin\BitDefender10\bdagent.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe" O4 - HKLM\..\Run: [bDMCon] C:\PROGRA~1\Softwin\BITDEF~1\bdmcon.exe O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKLM\..\Policies\Explorer\Run: [5DPWsdp186] C:\Documents and Settings\All Users\Application Data\vsjklgzy\lqtyzmps.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [bDMCon] "C:\Program Files\Softwin\BitDefender10\bdmcon.exe" /reg (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [bDMCon] "C:\Program Files\Softwin\BitDefender10\bdmcon.exe" /reg (User 'Default user') O4 - .DEFAULT User Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User 'Default user') O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: Démarrage rapide de HP Photosmart Premier.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\PROGRA~1\Skype\Phone\IEPlugin\SKYPEI~1.DLL O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O9 - Extra button: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm O9 - Extra 'Tools' menuitem: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} (Image Uploader Control) - http://www.new2.foto.com/ImageUploader5.cab O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - http://www.new2.foto.com/ImageUploader4.cab O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Adobe Active File Monitor V4 (AdobeActiveFileMonitor4.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: HP Port Resolver - Hewlett-Packard Company - C:\WINDOWS\system32\spool\drivers\w32x86\3\HPBPRO.EXE O23 - Service: HP Status Server - Hewlett-Packard Company - C:\WINDOWS\system32\spool\drivers\w32x86\3\HPBOID.EXE O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe O23 - Service: BitDefender Desktop Update Service (LIVESRV) - SOFTWIN S.R.L. - C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe O23 - Service: Planificateur LiveUpdate automatique - Unknown owner - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (file missing) O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe O23 - Service: STI Simulator - Unknown owner - C:\WINDOWS\System32\PAStiSvc.exe O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe O23 - Service: TabletServiceWacom - Wacom Technology, Corp. - C:\WINDOWS\system32\Wacom_Tablet.exe O23 - Service: BitDefender Virus Shield (VSSERV) - SOFTWIN S.R.L. - C:\Program Files\Softwin\BitDefender10\vsserv.exe O23 - Service: BitDefender Communicator (XCOMM) - Softwin - C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe -- End of file - 11581 bytes a plus merci
- le 11 octobre 2008
- 19 réponses
trojan keylogger, tiny bankfraud et screengreen

kakakiss a répondu à un(e) sujet de kakakiss dans Analyses et éradication malwares

merci pour ta reponse je le fais de suite a plus
- le 11 octobre 2008
- 19 réponses
trojan keylogger, tiny bankfraud et screengreen

kakakiss a répondu à un(e) sujet de kakakiss dans Analyses et éradication malwares

Rebonsoir voici le rapport --------------------\\ Lop S&D 4.2.4-5 XP/Vista Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3 X86-based PC ( Uniprocessor Free : AMD Athlon 64 Processor 3700+ ) BIOS : Phoenix - Award BIOS v6.00PG USER : HP_Propriétaire ( Administrator ) BOOT : Normal boot Antivirus : Norton Internet Security 2006 2006 (Activated) Firewall : Norton Internet Security 2006 2006 (Activated) C:\ (Local Disk) - NTFS - Total : 273 Go Free : 214 Go D:\ (Local Disk) - FAT32 - Total : 5 Go Free : 0 Go E:\ (CD or DVD) F:\ (CD or DVD) G:\ (USB) H:\ (USB) I:\ (USB) J:\ (USB) K:\ (USB) L:\ (Local Disk) - FAT32 - Total : 465 Go Free : 327 Go "C:\Lop SD" ( MAJ : 02-10-2008|23:42 ) Option : [1] ( sam. 11/10/2008|21:32 ) --------------------\\ Listing des dossiers dans APPLIC~1 [07/10/2006|22:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe [30/04/2007|19:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe Systems [01/10/2006|12:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ahead [29/02/2008|22:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple [02/11/2006|21:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer [04/04/2007|15:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\BitDefender [28/09/2008|20:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink [05/06/2008|00:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\DVD Shrink [18/10/2006|21:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\espionServerData [30/10/2006|16:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google [12/05/2006|02:31] C:\DOCUME~1\ALLUSE~1\APPLIC~1\HP [12/05/2006|02:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\InstallShield [21/12/2006|20:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft [06/08/2007|00:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Mozilla [01/10/2008|19:53] C:\DOCUME~1\ALLUSE~1\APPLIC~1\muvee Technologies [12/05/2006|02:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SBSI [07/05/2007|21:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Skype [12/05/2006|02:31] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sonic [08/10/2008|20:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy [02/09/2006|21:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Support.com [14/12/2007|23:53] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SupportSoft [30/10/2006|17:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec [09/10/2008|19:53] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP [04/09/2006|22:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage [08/12/2006|22:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Live Toolbar [12/05/2006|02:28] C:\DOCUME~1\DEFAUL~1\APPLIC~1\ATI [26/10/2005|17:34] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities [12/05/2006|03:11] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft [12/05/2006|02:41] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Real [12/05/2006|03:06] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Symantec [24/06/2008|19:01] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Adobe [22/06/2006|15:59] C:\DOCUME~1\HP_PRO~1\APPLIC~1\AdobeUM [10/11/2006|21:05] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Ahead [09/05/2007|14:18] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Alien Skin [10/04/2007|01:38] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Apple Computer [22/09/2006|21:10] C:\DOCUME~1\HP_PRO~1\APPLIC~1\ArcSoft [12/05/2006|02:28] C:\DOCUME~1\HP_PRO~1\APPLIC~1\ATI [30/10/2006|17:32] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Bitdefender [14/06/2008|20:40] C:\DOCUME~1\HP_PRO~1\APPLIC~1\BitTorrent [24/06/2006|11:53] C:\DOCUME~1\HP_PRO~1\APPLIC~1\CyberLink [20/07/2008|16:46] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Dealio [16/01/2007|23:12] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Desperate Housewives [05/08/2007|19:19] C:\DOCUME~1\HP_PRO~1\APPLIC~1\DivX [05/10/2008|16:55] C:\DOCUME~1\HP_PRO~1\APPLIC~1\dvdcss [01/11/2006|12:36] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Google [08/10/2006|21:47] C:\DOCUME~1\HP_PRO~1\APPLIC~1\HP [22/06/2006|15:55] C:\DOCUME~1\HP_PRO~1\APPLIC~1\HPQ [26/10/2005|17:34] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Identities [30/10/2006|17:36] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Lavasoft [14/08/2006|15:12] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Leadertech [02/09/2006|22:23] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Macromedia [05/09/2006|13:20] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Media Player Classic [16/12/2007|18:43] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Microsoft [06/08/2007|00:40] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Mozilla [09/10/2007|21:21] C:\DOCUME~1\HP_PRO~1\APPLIC~1\MPEG Streamclip [01/10/2008|19:53] C:\DOCUME~1\HP_PRO~1\APPLIC~1\muvee Technologies [01/04/2007|10:08] C:\DOCUME~1\HP_PRO~1\APPLIC~1\NeroDCTemplates [20/10/2006|22:48] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Opera [08/09/2006|21:45] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Real [23/04/2008|13:22] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Skype [14/08/2006|15:12] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Sonic [25/10/2006|21:38] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Sun [12/05/2006|03:06] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Symantec [06/08/2007|00:40] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Talkback [09/07/2008|15:50] C:\DOCUME~1\HP_PRO~1\APPLIC~1\U3 [05/09/2006|11:52] C:\DOCUME~1\HP_PRO~1\APPLIC~1\vlc [11/10/2008|21:01] C:\DOCUME~1\HP_PRO~1\APPLIC~1\WTablet [12/05/2006|02:04] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft [08/10/2008|19:26] C:\DOCUME~1\LOCALS~1\APPLIC~1\WTablet [03/09/2006|12:00] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft --------------------\\ Tâches planifiées dans C:\WINDOWS\tasks [08/08/2008 02:18][--a------] C:\WINDOWS\tasks\WebReg Photosmart C5100 series.job [11/10/2008 21:15][--a------] C:\WINDOWS\tasks\Check Updates for Windows Live Toolbar.job [06/10/2008 22:06][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job [11/10/2008 21:01][--ah-----] C:\WINDOWS\tasks\SA.DAT [05/08/2004 06:00][-rah-----] C:\WINDOWS\tasks\desktop.ini --------------------\\ Listing des dossiers dans C:\Program Files [24/09/2008|17:22] C:\Program Files\7-Zip [17/05/2007|19:44] C:\Program Files\AC3Filter [30/04/2007|19:19] C:\Program Files\Adobe [01/10/2008|00:20] C:\Program Files\Aimersoft [15/08/2008|19:43] C:\Program Files\Alcohol Soft [09/05/2007|14:28] C:\Program Files\Alien Skin [29/02/2008|22:26] C:\Program Files\Apple Software Update [22/09/2006|21:09] C:\Program Files\ArcSoft [12/05/2006|02:26] C:\Program Files\ASUS [12/05/2006|02:23] C:\Program Files\ATI Technologies [17/05/2007|22:22] C:\Program Files\avimux gui [02/01/2007|14:03] C:\Program Files\AviSynth 2.5 [14/12/2007|23:45] C:\Program Files\Belgacom [01/10/2008|19:52] C:\Program Files\BitTorrent [18/03/2008|17:57] C:\Program Files\Blitzkrieg Anthology [07/06/2008|09:36] C:\Program Files\CCleaner [08/01/2008|16:10] C:\Program Files\Codemasters [20/10/2005|14:06] C:\Program Files\ComPlus Applications [15/08/2008|19:44] C:\Program Files\Conduit [05/08/2007|19:03] C:\Program Files\DivX [15/08/2007|15:14] C:\Program Files\DVD Decrypter [28/09/2008|20:23] C:\Program Files\DVD Shrink [04/09/2006|22:31] C:\Program Files\Elaborate Bytes [08/10/2008|17:47] C:\Program Files\eMule [06/10/2008|18:29] C:\Program Files\Europe2015 [08/10/2008|09:09] C:\Program Files\Fichiers communs [27/01/2008|01:21] C:\Program Files\FLV Player [15/08/2008|19:44] C:\Program Files\free-downloads.net [01/07/2007|20:11] C:\Program Files\Google [08/10/2006|21:19] C:\Program Files\Hewlett-Packard [27/03/2008|20:51] C:\Program Files\HiddenStroke2 [28/09/2008|20:26] C:\Program Files\HP [28/09/2008|20:32] C:\Program Files\InstallShield Installation Information [15/08/2008|02:08] C:\Program Files\Internet Explorer [04/10/2008|20:43] C:\Program Files\ioazzzc [01/06/2007|21:39] C:\Program Files\iPod [01/06/2007|21:39] C:\Program Files\iTunes [18/06/2007|15:02] C:\Program Files\Java [05/09/2006|13:19] C:\Program Files\K-Lite Codec Pack [02/01/2007|14:12] C:\Program Files\Matroska Pack [21/08/2008|16:51] C:\Program Files\Messenger [26/10/2005|17:36] C:\Program Files\microsoft frontpage [15/09/2006|20:45] C:\Program Files\Microsoft Office [15/09/2006|20:45] C:\Program Files\Microsoft Visual Studio [15/09/2006|20:45] C:\Program Files\Microsoft Works [15/09/2006|20:45] C:\Program Files\Microsoft.NET [17/05/2007|21:43] C:\Program Files\MKVtoolnix [21/08/2008|16:46] C:\Program Files\Movie Maker [11/10/2008|21:20] C:\Program Files\Mozilla Firefox [13/08/2006|14:16] C:\Program Files\MSN [26/10/2005|17:36] C:\Program Files\MSN Gaming Zone [22/08/2008|20:59] C:\Program Files\MSN Messenger [17/11/2006|01:29] C:\Program Files\MSXML 4.0 [12/05/2006|02:47] C:\Program Files\muvee Technologies [01/10/2006|10:45] C:\Program Files\Nero [21/08/2008|16:42] C:\Program Files\NetMeeting [26/10/2005|17:36] C:\Program Files\Online Services [21/08/2008|16:42] C:\Program Files\Outlook Express [06/10/2006|00:45] C:\Program Files\QuickPar [01/06/2007|21:33] C:\Program Files\QuickTime [12/05/2006|02:41] C:\Program Files\Real [02/01/2007|14:09] C:\Program Files\Ripp-It Codec Pack [05/08/2007|17:02] C:\Program Files\Ripp-it_AM [12/05/2006|02:56] C:\Program Files\Services en ligne [07/05/2007|21:20] C:\Program Files\Skype [21/11/2006|11:15] C:\Program Files\SlySoft [30/10/2006|17:16] C:\Program Files\Softwin [12/05/2006|02:43] C:\Program Files\Sonic [08/10/2008|20:11] C:\Program Files\Spybot - Search & Destroy [14/12/2007|22:18] C:\Program Files\support.com [14/12/2007|23:44] C:\Program Files\SupportSoft [12/08/2008|16:58] C:\Program Files\Tablet [02/09/2006|21:57] C:\Program Files\Thomson [09/07/2008|22:13] C:\Program Files\THQ [22/09/2006|21:08] C:\Program Files\Trust [20/10/2005|14:06] C:\Program Files\Uninstall Information [05/09/2006|11:52] C:\Program Files\VideoLAN [09/10/2007|22:37] C:\Program Files\VirtualDubMOD [03/12/2007|15:41] C:\Program Files\VTech [05/09/2006|13:40] C:\Program Files\WinAVIVideoConverter [08/12/2006|22:24] C:\Program Files\Windows Live Toolbar [21/08/2008|16:42] C:\Program Files\Windows Media Player [21/08/2008|16:42] C:\Program Files\Windows NT [20/10/2005|14:05] C:\Program Files\WindowsUpdate [04/09/2006|22:19] C:\Program Files\WinRAR [26/06/2008|21:58] C:\Program Files\Wolfenstein - Enemy Territory [26/10/2005|17:37] C:\Program Files\xerox [22/02/2008|23:32] C:\Program Files\XnFoto --------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs [30/04/2007|19:18] C:\Program Files\Fichiers communs\Adobe [30/04/2007|19:17] C:\Program Files\Fichiers communs\Adobe Systems Shared [01/10/2006|10:47] C:\Program Files\Fichiers communs\Ahead [22/09/2006|21:09] C:\Program Files\Fichiers communs\ArcSoft [15/09/2006|20:45] C:\Program Files\Fichiers communs\DESIGNER [12/05/2006|02:29] C:\Program Files\Fichiers communs\Hewlett-Packard [08/10/2006|21:25] C:\Program Files\Fichiers communs\HP [12/05/2006|02:47] C:\Program Files\Fichiers communs\InstallShield [12/05/2006|02:13] C:\Program Files\Fichiers communs\Java [12/05/2006|02:43] C:\Program Files\Fichiers communs\LightScribe [08/12/2006|22:24] C:\Program Files\Fichiers communs\Microsoft Shared [26/10/2005|17:35] C:\Program Files\Fichiers communs\MSSoap [12/05/2006|02:47] C:\Program Files\Fichiers communs\muvee Technologies [26/10/2005|17:35] C:\Program Files\Fichiers communs\ODBC [22/09/2006|21:08] C:\Program Files\Fichiers communs\PCCamera [12/05/2006|02:41] C:\Program Files\Fichiers communs\Real [26/10/2005|17:35] C:\Program Files\Fichiers communs\Services [07/05/2007|21:20] C:\Program Files\Fichiers communs\Skype [30/10/2006|17:16] C:\Program Files\Fichiers communs\Softwin [08/10/2006|21:27] C:\Program Files\Fichiers communs\Sonic Shared [26/10/2005|17:35] C:\Program Files\Fichiers communs\SpeechEngines [14/12/2007|23:44] C:\Program Files\Fichiers communs\Supportsoft [12/05/2006|02:42] C:\Program Files\Fichiers communs\SureThing Shared [30/10/2006|17:05] C:\Program Files\Fichiers communs\Symantec Shared [21/08/2008|16:42] C:\Program Files\Fichiers communs\System [12/05/2006|02:43] C:\Program Files\Fichiers communs\TiVo Shared [22/09/2006|21:14] C:\Program Files\Fichiers communs\Vbox [12/05/2006|02:41] C:\Program Files\Fichiers communs\xing shared --------------------\\ Process ( 59 Processes ) ... OK ! --------------------\\ Recherche avec S_Lop Aucun fichier / dossier Lop trouvé ! --------------------\\ Recherche de Fichiers / Dossiers Lop C:\DOCUME~1\ALLUSE~1\APPLIC~1\espionServerData C:\DOCUME~1\ALLUSE~1\APPLIC~1\espionServerData\globData.mk4 C:\DOCUME~1\HP_PRO~1\Cookies\hp_propriétaire@advertstream[1].txt C:\DOCUME~1\HP_PRO~1\Cookies\hp_propriétaire@adopt.euroclick[1].txt --------------------\\ Verification du Registre [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] ..... OK ! --------------------\\ Verification du fichier Hosts Fichier Hosts PROPRE --------------------\\ Recherche de fichiers avec Catchme catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-10-11 21:33:54 Windows 5.1.2600 Service Pack 3 NTFS scanning hidden processes ... scanning hidden files ... scan completed successfully hidden processes: 0 hidden files: 1 --------------------\\ Recherche d'autres infections Aucune autre infection trouvée ! [F:6][D:8]-> C:\DOCUME~1\HP_PRO~1\LOCALS~1\Temp [F:54][D:0]-> C:\DOCUME~1\HP_PRO~1\Cookies [F:1482][D:4]-> C:\DOCUME~1\HP_PRO~1\LOCALS~1\TEMPOR~1\content.IE5 1 - "C:\Lop SD\LopR_1.txt" - sam. 11/10/2008|21:36 - Option : [1] --------------------\\ Fin du rapport a 21:36:00 merci d'avance
- le 11 octobre 2008
- 19 réponses
trojan keylogger, tiny bankfraud et screengreen

kakakiss a répondu à un(e) sujet de kakakiss dans Analyses et éradication malwares

voici le rapport Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 21:09:44, on 11/10/2008 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16705) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE C:\WINDOWS\system32\PnkBstrA.exe C:\WINDOWS\System32\PAStiSvc.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\Wacom_Tablet.exe C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe C:\WINDOWS\system32\WTablet\Wacom_TabletUser.exe C:\WINDOWS\system32\Wacom_Tablet.exe C:\Program Files\Softwin\BitDefender10\vsserv.exe C:\Program Files\ATI Technologies\ATI.ACE\cli.exe C:\Program Files\ASUS\ASUS Remote\RemoteControlAppl.exe C:\Program Files\HP\HP Software Update\HPWuSchd2.exe C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe C:\Program Files\SlySoft\AnyDVD\AnyDVD.exe C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe C:\Program Files\Adobe\Photoshop Elements 4.0\apdproxy.exe C:\Program Files\Softwin\BitDefender10\bdagent.exe C:\Program Files\QuickTime\qttask.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\system32\hwtadolw.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe C:\WINDOWS\system32\HPZipm12.exe C:\Program Files\ATI Technologies\ATI.ACE\cli.exe C:\HP\KBD\KBD.EXE C:\WINDOWS\ALCXMNTR.EXE c:\windows\system\hpsysdrv.exe C:\Documents and Settings\HP_Propriétaire\Bureau\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.be/ R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: free-downloads.net Toolbar - {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files\free-downloads.net\tbfree.dll O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\PROGRA~1\Skype\Phone\IEPlugin\SKYPEI~1.DLL O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O2 - BHO: free-downloads.net Toolbar - {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files\free-downloads.net\tbfree.dll O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll O3 - Toolbar: free-downloads.net Toolbar - {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files\free-downloads.net\tbfree.dll O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay O4 - HKLM\..\Run: [RemoteControl] C:\Program Files\ASUS\ASUS Remote\RemoteControlAppl.exe O4 - HKLM\..\Run: [HPHUPD08] c:\Program Files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE O4 - HKLM\..\Run: [HPBootOp] "C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" /run O4 - HKLM\..\Run: [Reminder] "C:\Windows\Creator\Remind_XP.exe" O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [speedTouch USB Diagnostics] "C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" /icon O4 - HKLM\..\Run: [AnyDVD] C:\Program Files\SlySoft\AnyDVD\AnyDVD.exe O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Elements 4.0\apdproxy.exe" O4 - HKLM\..\Run: [bDAgent] "C:\Program Files\Softwin\BitDefender10\bdagent.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe" O4 - HKLM\..\Run: [bDMCon] C:\PROGRA~1\Softwin\BITDEF~1\bdmcon.exe O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [chkensrv] C:\WINDOWS\system32\hwtadolw.exe O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKLM\..\Policies\Explorer\Run: [5DPWsdp186] C:\Documents and Settings\All Users\Application Data\vsjklgzy\lqtyzmps.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [bDMCon] "C:\Program Files\Softwin\BitDefender10\bdmcon.exe" /reg (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [bDMCon] "C:\Program Files\Softwin\BitDefender10\bdmcon.exe" /reg (User 'Default user') O4 - .DEFAULT User Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User 'Default user') O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: Démarrage rapide de HP Photosmart Premier.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\PROGRA~1\Skype\Phone\IEPlugin\SKYPEI~1.DLL O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O9 - Extra button: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm O9 - Extra 'Tools' menuitem: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} (Image Uploader Control) - http://www.new2.foto.com/ImageUploader5.cab O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - http://www.new2.foto.com/ImageUploader4.cab O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL O21 - SSODL: ActStr - {5B5138A4-F5C9-EA13-C2E0-02C993932DFF} - C:\Program Files\ioazzzc\ActStr.dll O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Adobe Active File Monitor V4 (AdobeActiveFileMonitor4.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: HP Port Resolver - Hewlett-Packard Company - C:\WINDOWS\system32\spool\drivers\w32x86\3\HPBPRO.EXE O23 - Service: HP Status Server - Hewlett-Packard Company - C:\WINDOWS\system32\spool\drivers\w32x86\3\HPBOID.EXE O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe O23 - Service: BitDefender Desktop Update Service (LIVESRV) - SOFTWIN S.R.L. - C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe O23 - Service: Planificateur LiveUpdate automatique - Unknown owner - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (file missing) O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe O23 - Service: STI Simulator - Unknown owner - C:\WINDOWS\System32\PAStiSvc.exe O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe O23 - Service: TabletServiceWacom - Wacom Technology, Corp. - C:\WINDOWS\system32\Wacom_Tablet.exe O23 - Service: BitDefender Virus Shield (VSSERV) - SOFTWIN S.R.L. - C:\Program Files\Softwin\BitDefender10\vsserv.exe O23 - Service: BitDefender Communicator (XCOMM) - Softwin - C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe -- End of file - 11730 bytes merci d'avance
- le 11 octobre 2008
- 19 réponses
trojan keylogger, tiny bankfraud et screengreen

kakakiss a répondu à un(e) sujet de kakakiss dans Analyses et éradication malwares

Merci pour votre reponse dès que je rentre du boulot je passe ce prog et je vous envoie le rapport merci bcp kakakiss
- le 11 octobre 2008
- 19 réponses
trojan keylogger, tiny bankfraud et screengreen

kakakiss a posté un sujet dans Analyses et éradication malwares

Bonjour a tous Mon PC est infecté par ces trojan et mon antivirus ne les decelle pas (bitdefender) que dois-je faire pour les enlever merci d'avance
- le 10 octobre 2008
- 19 réponses

Connexion

kakakiss

Compteur de contenus

Inscription

Dernière visite

Autres informations

kakakiss's Achievements

Junior Member (3/12)

Réputation sur la communauté

trojan keylogger, tiny bankfraud et screengreen

trojan keylogger, tiny bankfraud et screengreen

trojan keylogger, tiny bankfraud et screengreen

trojan keylogger, tiny bankfraud et screengreen

trojan keylogger, tiny bankfraud et screengreen

trojan keylogger, tiny bankfraud et screengreen

trojan keylogger, tiny bankfraud et screengreen

trojan keylogger, tiny bankfraud et screengreen

trojan keylogger, tiny bankfraud et screengreen

trojan keylogger, tiny bankfraud et screengreen

Zebulon

Outils en ligne

Naviguer