Aller au contenu

greysmoke

Membres
 Afficher le profil  Afficher son activité

  • Compteur de contenus

    1

  • Inscription

  • Dernière visite

 Type de contenu 

Tout ce qui a été posté par greysmoke

  1. greysmoke
    Bonjour, J'ai une amie dont le compte mail est détourné et visiblement espionné par une tierce personne. En jetant un coup d'oeil rapide à sa machine, par le biais d'un scan spybot, j'obtiens ceci : Search results from Spybot - Search & Destroy 27/11/2012 11:47:40 Scan took 00:13:51. 66 items found. SweetIM: [sBI $51CF2A45] Settings (Registry Value, nothing done) HKEY_USERS\S-1-5-21-815178926-3297228620-212556211-1000\Software\SweetIM\simapp_id SweetIM: [sBI $3C0145EF] Settings (Registry Value, nothing done) HKEY_LOCAL_MACHINE\SOFTWARE\SweetIM\simapp_id SweetIM: [sBI $3179D0FA] IE toolbar (Registry Value, nothing done) HKEY_USERS\S-1-5-21-815178926-3297228620-212556211-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{EEE6C35B-6118-11DC-9C72-001320C79847} SweetIM: [sBI $85B9B48E] Settings (Registry Value, nothing done) HKEY_USERS\S-1-5-21-815178926-3297228620-212556211-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\{EEE6C35D-6118-11DC-9C72-001320C79847} SweetIM: [sBI $8F9F899A] IE toolbar (Registry Value, nothing done) HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{EEE6C35B-6118-11DC-9C72-001320C79847} Macromedia.FlashPlayer.Cookies: [sBI $6AA61750] Text file (File, nothing done) C:\Users\Lucie\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\UCLRDHY7\s.ytimg.com\videostats.sol Properties.size=104 Properties.md5=B25C63A5ECE1B487098AB15622512C06 Properties.filedate=1341847381 Properties.filedatetext=2012-07-09 16:23:00 Macromedia.FlashPlayer.Cookies: [sBI $1EF45977] Text file (File, nothing done) C:\Users\Lucie\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\UCLRDHY7\p.iivt.com\iivt.swf\iivt.sol Properties.size=40 Properties.md5=BFFABC3474A262DFBB9F5F758B42830B Properties.filedate=1342873598 Properties.filedatetext=2012-07-21 13:26:38 Macromedia.FlashPlayer.Cookies: [sBI $5555F3D7] Text file (File, nothing done) C:\Users\Lucie\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\UCLRDHY7\heias.com\x\heias_sc.swf\heias.sol Properties.size=63 Properties.md5=B5CCCFED4BD6C0AF7A392477AB5B92D4 Properties.filedate=1341846527 Properties.filedatetext=2012-07-09 16:08:46 Macromedia.FlashPlayer.Cookies: [sBI $5555F3D7] Text file (File, nothing done) C:\Users\Lucie\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\UCLRDHY7\studio.freshlook.com.fr\makeover\index.swf\TestMovie_Config_Info.sol Properties.size=341 Properties.md5=BF789E25C85AA3A0621A8C653BC448E5 Properties.filedate=1341846495 Properties.filedatetext=2012-07-09 16:08:15 DoubleClick: [sBI $8E73A7FB] Tracking cookie (Internet Explorer (User): Lucie) (Browser: Cookie, nothing done) DoubleClick: [sBI $8E73A7FB] Tracking cookie (Google Chrome: Default) (Browser: Cookie, nothing done) Tradedoubler: [sBI $8E73A7FB] Tracking cookie (Google Chrome: Default) (Browser: Cookie, nothing done) Tradedoubler: [sBI $8E73A7FB] Tracking cookie (Google Chrome: Default) (Browser: Cookie, nothing done) FastClick: [sBI $8E73A7FB] Tracking cookie (Google Chrome: Default) (Browser: Cookie, nothing done) Tradedoubler: [sBI $8E73A7FB] Tracking cookie (Google Chrome: Default) (Browser: Cookie, nothing done) Tradedoubler: [sBI $8E73A7FB] Tracking cookie (Google Chrome: Default) (Browser: Cookie, nothing done) CasaleMedia: [sBI $8E73A7FB] Tracking cookie (Google Chrome: Default) (Browser: Cookie, nothing done) DoubleClick: [sBI $8E73A7FB] Tracking cookie (Google Chrome: Default) (Browser: Cookie, nothing done) CasaleMedia: [sBI $8E73A7FB] Tracking cookie (Google Chrome: Default) (Browser: Cookie, nothing done) CasaleMedia: [sBI $8E73A7FB] Tracking cookie (Google Chrome: Default) (Browser: Cookie, nothing done) CasaleMedia: [sBI $8E73A7FB] Tracking cookie (Google Chrome: Default) (Browser: Cookie, nothing done) CasaleMedia: [sBI $8E73A7FB] Tracking cookie (Google Chrome: Default) (Browser: Cookie, nothing done) CasaleMedia: [sBI $8E73A7FB] Tracking cookie (Google Chrome: Default) (Browser: Cookie, nothing done) MediaPlex: [sBI $8E73A7FB] Tracking cookie (Google Chrome: Default) (Browser: Cookie, nothing done) MediaPlex: [sBI $8E73A7FB] Tracking cookie (Google Chrome: Default) (Browser: Cookie, nothing done) Log: [sBI $8E73A7FB] Activity: ntbtlog.txt (File, nothing done) C:\Windows\ntbtlog.txt Properties.size=289482 Properties.md5=7EA35A327A7F54132665A4834CC59E84 Properties.filedate=1354013257 Properties.filedatetext=2012-11-27 11:47:36 Log: [sBI $8E73A7FB] Install: Directx.log (File, nothing done) C:\Windows\Directx.log Properties.size=27679 Properties.md5=1B13F8F9D5581244025C083B250B081F Properties.filedate=1211427744 Properties.filedatetext=2008-05-22 04:42:23 Log: [sBI $8E73A7FB] Install: setupact.log (File, nothing done) C:\Windows\setupact.log Properties.size=124596 Properties.md5=368EC9E02BFC1BF3DE46F84647C0104D Properties.filedate=1354012094 Properties.filedatetext=2012-11-27 11:28:13 Log: [sBI $8E73A7FB] Install: setupapi.log (File, nothing done) C:\Windows\setupapi.log Properties.size=94 Properties.md5=7DCF473391ED652447DF2C62BE835551 Properties.filedate=1162471672 Properties.filedatetext=2006-11-02 13:47:52 Log: [sBI $8E73A7FB] Install: DtcInstall.log (File, nothing done) C:\Windows\DtcInstall.log Properties.size=4257 Properties.md5=C844FB145BADF57B791199AD6936E0D0 Properties.filedate=1341008246 Properties.filedatetext=2012-06-29 23:17:26 Log: [sBI $8E73A7FB] Shutdown: System32\wbem\logs\wmiprov.log (File, nothing done) C:\Windows\System32\wbem\logs\wmiprov.log Properties.size=39766 Properties.md5=FEFC075D04A141E78A6A62F9CD6DCFF5 Properties.filedate=1354012607 Properties.filedatetext=2012-11-27 11:36:46 Internet Explorer: [sBI $1E8157BE] Typed URL list (Registry Key, nothing done) HKEY_USERS\S-1-5-21-815178926-3297228620-212556211-1000\Software\Microsoft\Internet Explorer\TypedURLs Internet Explorer: [sBI $0BC7B918] User agent (Registry Change, nothing done) HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent Internet Explorer: [sBI $0BC7B918] User agent (Registry Change, nothing done) HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent Internet Explorer: [sBI $0BC7B918] User agent (Registry Change, nothing done) HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent Internet Explorer: [sBI $0BC7B918] User agent (Registry Change, nothing done) HKEY_USERS\S-1-5-21-815178926-3297228620-212556211-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent Internet Explorer: [sBI $0BC7B918] User agent (Registry Change, nothing done) HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent MS Management Console: [sBI $ECD50EAD] Recent command list (Registry Key, nothing done) HKEY_USERS\S-1-5-21-815178926-3297228620-212556211-1000\Software\Microsoft\Microsoft Management Console\Recent File List MS Media Player: [sBI $E48560B4] Recent file list (Registry Key, nothing done) HKEY_USERS\S-1-5-21-815178926-3297228620-212556211-1000\Software\Microsoft\MediaPlayer\Player\RecentFileList MS Direct3D: [sBI $7FB7B83F] Most recent application (Registry Change, nothing done) HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Direct3D\MostRecentApplication\Name MS Direct3D: [sBI $C2A44980] Most recent application (Registry Change, nothing done) HKEY_USERS\.DEFAULT\Software\Microsoft\Direct3D\MostRecentApplication\Name MS Direct3D: [sBI $C2A44980] Most recent application (Registry Change, nothing done) HKEY_USERS\S-1-5-20\Software\Microsoft\Direct3D\MostRecentApplication\Name MS Direct3D: [sBI $C2A44980] Most recent application (Registry Change, nothing done) HKEY_USERS\S-1-5-21-815178926-3297228620-212556211-1000\Software\Microsoft\Direct3D\MostRecentApplication\Name MS Direct3D: [sBI $C2A44980] Most recent application (Registry Change, nothing done) HKEY_USERS\S-1-5-18\Software\Microsoft\Direct3D\MostRecentApplication\Name MS DirectDraw: [sBI $EB49D5AF] Most recent application (Registry Change, nothing done) HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\DirectDraw\MostRecentApplication\Name Windows: [sBI $1E4E2003] Drivers installation paths (Registry Change, nothing done) HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\Installation Sources Windows.OpenWith: [sBI $C92C6763] Open with list - .BUP extension (Registry Key, nothing done) HKEY_USERS\S-1-5-21-815178926-3297228620-212556211-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.BUP\OpenWithList Windows Explorer: [sBI $2026AFB6] User Assistant history IE (Registry Key, nothing done) HKEY_USERS\S-1-5-21-815178926-3297228620-212556211-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{5E6AB780-7743-11CF-A12B-00AA004AE837}\Count Windows Explorer: [sBI $6107D172] User Assistant history files (Registry Key, nothing done) HKEY_USERS\S-1-5-21-815178926-3297228620-212556211-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{75048700-EF1F-11D0-9888-006097DEACF9}\Count Windows Media SDK: [sBI $37AAEDE6] Computer name (Registry Change, nothing done) HKEY_USERS\.DEFAULT\Software\Microsoft\Windows Media\WMSDK\General\ComputerName Windows Media SDK: [sBI $37AAEDE6] Computer name (Registry Change, nothing done) HKEY_USERS\S-1-5-20\Software\Microsoft\Windows Media\WMSDK\General\ComputerName Windows Media SDK: [sBI $37AAEDE6] Computer name (Registry Change, nothing done) HKEY_USERS\S-1-5-21-815178926-3297228620-212556211-1000\Software\Microsoft\Windows Media\WMSDK\General\ComputerName Windows Media SDK: [sBI $37AAEDE6] Computer name (Registry Change, nothing done) HKEY_USERS\S-1-5-18\Software\Microsoft\Windows Media\WMSDK\General\ComputerName Windows Media SDK: [sBI $CAA58B6E] Unique ID (Registry Change, nothing done) HKEY_USERS\.DEFAULT\Software\Microsoft\Windows Media\WMSDK\General\UniqueID Windows Media SDK: [sBI $CAA58B6E] Unique ID (Registry Change, nothing done) HKEY_USERS\S-1-5-20\Software\Microsoft\Windows Media\WMSDK\General\UniqueID Windows Media SDK: [sBI $CAA58B6E] Unique ID (Registry Change, nothing done) HKEY_USERS\S-1-5-21-815178926-3297228620-212556211-1000\Software\Microsoft\Windows Media\WMSDK\General\UniqueID Windows Media SDK: [sBI $CAA58B6E] Unique ID (Registry Change, nothing done) HKEY_USERS\S-1-5-18\Software\Microsoft\Windows Media\WMSDK\General\UniqueID Windows Media SDK: [sBI $BACCD0DA] Volume serial number (Registry Value, nothing done) HKEY_USERS\.DEFAULT\Software\Microsoft\Windows Media\WMSDK\General\VolumeSerialNumber Windows Media SDK: [sBI $BACCD0DA] Volume serial number (Registry Value, nothing done) HKEY_USERS\S-1-5-20\Software\Microsoft\Windows Media\WMSDK\General\VolumeSerialNumber Windows Media SDK: [sBI $BACCD0DA] Volume serial number (Registry Value, nothing done) HKEY_USERS\S-1-5-21-815178926-3297228620-212556211-1000\Software\Microsoft\Windows Media\WMSDK\General\VolumeSerialNumber Windows Media SDK: [sBI $BACCD0DA] Volume serial number (Registry Value, nothing done) HKEY_USERS\S-1-5-18\Software\Microsoft\Windows Media\WMSDK\General\VolumeSerialNumber Cookie: [sBI $49804B54] Browser: Cookie (13) (Browser: Cookie, nothing done) Cache: [sBI $49804B54] Browser: Cache (335) (Browser: Cache, nothing done) History: [sBI $49804B54] Browser: History (57) (Browser: History, nothing done) Cookie: [sBI $49804B54] Browser: Cookie (450) (Browser: Cookie, nothing done) History: [sBI $49804B54] Browser: History (1120) (Browser: History, nothing done) --- Spybot - Search & Destroy version: 2.0.12.131 DLL (build: 20121113) --- 2012-11-13 blindman.exe (2.0.12.151) 2012-11-13 explorer.exe (2.0.12.173) 2012-11-13 SDBootCD.exe (2.0.12.109) 2012-11-13 SDCleaner.exe (2.0.12.110) 2012-11-13 SDDelFile.exe (2.0.12.94) 2012-11-13 SDFiles.exe (2.0.12.135) 2012-11-13 SDFileScanHelper.exe (2.0.12.1) 2012-11-13 SDFSSvc.exe (2.0.12.205) 2012-11-13 SDImmunize.exe (2.0.12.130) 2012-11-13 SDLogReport.exe (2.0.12.107) 2012-11-13 SDPESetup.exe (2.0.12.3) 2012-11-13 SDPEStart.exe (2.0.12.86) 2012-11-13 SDPhoneScan.exe (2.0.12.27) 2012-11-13 SDPRE.exe (2.0.12.13) 2012-11-13 SDPrepPos.exe (2.0.12.10) 2012-11-13 SDQuarantine.exe (2.0.12.103) 2012-11-13 SDRootAlyzer.exe (2.0.12.116) 2012-11-13 SDSBIEdit.exe (2.0.12.39) 2012-11-13 SDScan.exe (2.0.12.173) 2012-11-13 SDScript.exe (2.0.12.53) 2012-11-13 SDSettings.exe (2.0.12.130) 2012-11-13 SDShred.exe (2.0.12.105) 2012-11-13 SDSysRepair.exe (2.0.12.101) 2012-11-13 SDTools.exe (2.0.12.150) 2012-11-13 SDTray.exe (2.0.12.127) 2012-11-13 SDUpdate.exe (2.0.12.89) 2012-11-13 SDUpdSvc.exe (2.0.12.76) 2012-11-13 SDWelcome.exe (2.0.12.126) 2012-11-13 SDWSCSvc.exe (2.0.12.2) 2012-11-27 unins000.exe (51.1052.0.0) 1999-12-02 xcacls.exe 2012-08-23 borlndmm.dll (10.0.2288.42451) 2012-09-05 DelZip190.dll (1.9.0.107) 2012-09-10 libeay32.dll (1.0.0.4) 2012-09-10 libssl32.dll (1.0.0.4) 2012-11-13 SDAdvancedCheckLibrary.dll (2.0.12.98) 2012-11-13 SDECon32.dll (2.0.12.113) 2012-11-13 SDEvents.dll (2.0.12.2) 2012-11-13 SDFileScanLibrary.dll (2.0.12.9) 2012-11-13 SDHelper.dll (2.0.12.88) 2012-11-13 SDImmunizeLibrary.dll (2.0.12.2) 2012-11-13 SDLists.dll (2.0.12.4) 2012-11-13 SDResources.dll (2.0.12.7) 2012-11-13 SDScanLibrary.dll (2.0.12.131) 2012-11-13 SDTasks.dll (2.0.12.15) 2012-11-13 SDWinLogon.dll (2.0.12.0) 2012-08-23 sqlite3.dll 2012-09-10 ssleay32.dll (1.0.0.4) 2012-11-13 Tools.dll (2.0.12.36) 2012-11-13 UninsSrv.dll (2.0.12.52) 2012-11-14 Includes\Adware.sbi (*) 2012-11-14 Includes\AdwareC.sbi (*) 2010-08-13 Includes\Cookies.sbi (*) 2012-11-14 Includes\Dialer.sbi (*) 2012-11-14 Includes\DialerC.sbi (*) 2012-11-14 Includes\HeavyDuty.sbi (*) 2012-11-14 Includes\Hijackers.sbi (*) 2012-11-14 Includes\HijackersC.sbi (*) 2012-11-14 Includes\iPhone.sbi (*) 2012-11-14 Includes\Keyloggers.sbi (*) 2012-11-14 Includes\KeyloggersC.sbi (*) 2012-11-14 Includes\Malware.sbi (*) 2012-11-14 Includes\MalwareC.sbi (*) 2012-11-14 Includes\PUPS.sbi (*) 2012-11-14 Includes\PUPSC.sbi (*) 2012-11-14 Includes\Security.sbi (*) 2012-11-14 Includes\SecurityC.sbi (*) 2008-06-03 Includes\Spybots.sbi (*) 2008-06-03 Includes\SpybotsC.sbi (*) 2012-11-14 Includes\Spyware.sbi (*) 2012-11-14 Includes\SpywareC.sbi (*) 2011-06-07 Includes\Tracks.sbi (*) 2005-02-17 Includes\Tracks.uti (*) 2012-11-14 Includes\Trojans.sbi (*) 2012-11-14 Includes\TrojansC-02.sbi (*) 2012-11-14 Includes\TrojansC-03.sbi (*) 2012-11-14 Includes\TrojansC-04.sbi (*) 2012-11-14 Includes\TrojansC-05.sbi (*) 2012-11-14 Includes\TrojansC.sbi (*) Comment savoir si l'une des infections trouvées peut être une application ayant permi le piratage ou l'espionnage d'un compte mail ? Merci d'avance... Grey'
×
×
  • Créer...