Se connecter / S'enregistrer
Votre question

Prositefinder me bloque un site

Tags :
  • Sécurité
Dernière réponse : dans Sécurité et virus
20 Février 2010 21:26:22

Bonjour

Je surf sur firefox et j'ai un site qui est bloqué par prositefinder , un trojan d'aprés ce que j'ai compris mais pas moyen de le supprimer

http://forum.malekal.com/download/file.php?id=2645&mode...


J'ai essayer ces logiciels :

spybote
uniblue registry booster version complete
trojan remover version evaluation
et là bitdefender en cours d'analyse

aidez moi svp j'en ai ras le bol


merci d'avance


Autres pages sur : prositefinder bloque site

20 Février 2010 23:36:26

Bonsoir
en effet...
http://www.bleepingcomputer.com/startups/prositefinder....

Télécharge DDS et sauvegarde-le sur ton bureau.
  • Désactive tout script bloquant, tel q'un antivirus, un logiciel comme ad-block, noscript etc.
  • Double-clique sur dds.scr pour lancer l'outil.
  • Une fois le scan fini, un document texte, DDS.txt, va s'ouvrir .
  • Clique Oui à la prochaine invite Optional Scan.
  • Sauvegarde les deux rapports sur ton bureau et poste-moi uniquement le DDS.txt.


  • Télécharge Catchme ([#ff0000]Gmer[/#f]) sur ton Bureau.
  • Double clique sur catchme.exe (le .exe n'est pas forcément visible) afin de le lancer.
  • Lorsque la recherche sera terminée, poste le rapport catchme.log dans ta prochaine réponse. (Ce rapport est sur ton bureau.)






    22 Février 2010 16:23:51

    Bonjour
    J'ai exactement le même probleme venant de prositefinder.
    Voici les 2 rapports :

    DDS :
    DDS (Ver_09-12-01.01) - NTFSx86
    Run by Administrateur at 15:59:05,31 on 22/02/2010
    Internet Explorer: 7.0.5730.13
    Microsoft Windows XP Professionnel 5.1.2600.3.1252.33.1036.18.2047.1307 [GMT 1:00]

    AV: AntiVir Desktop *On-access scanning disabled* (Updated) {AD166499-45F9-482A-A743-FDD3350758C7}

    ============== Running Processes ===============

    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost -k DcomLaunch
    svchost.exe
    C:\WINDOWS\System32\svchost.exe -k netsvcs
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Avira\AntiVir Desktop\sched.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Avira\AntiVir Desktop\avguard.exe
    C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\Program Files\Google\Update\GoogleUpdate.exe
    C:\Program Files\Fichiers communs\Nero\Nero BackItUp 4\NBService.exe
    C:\Program Files\CDBurnerXP\NMSAccessU.exe
    C:\WINDOWS\RTHDCPL.EXE
    C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\DNA\btdna.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Program Files\Garena\Garena.exe
    C:\WINDOWS\system32\msiexec.exe
    C:\WINDOWS\system32\notepad.exe
    D:\Mes documents\Téléchargements\dds.scr

    ============== Pseudo HJT Report ===============

    uStart Page = hxxp://www.google.fr/
    uSearch Bar = hxxp://www.google.com/
    mStart Page = hxxp://www.google.com/
    mDefault_Page_URL = hxxp://www.google.com/
    uInternet Settings,ProxyOverride = *.local
    ucustomizesearch = hxxp://www.google.com/ie
    usearchassistant = hxxp://www.google.com/ie
    mcustomizesearch = hxxp://www.google.com/ie
    msearchassistant = hxxp://www.google.com/ie
    mWinlogon: SfcDisable=-99 (0xffffff9d)
    BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\fichiers communs\adobe\acrobat\activex\AcroIEHelperShim.dll
    BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\program files\spybot - search & destroy\SDHelper.dll
    BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
    BHO: SSVHelper Class: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre1.6.0_07\bin\ssv.dll
    BHO: Programme d'aide de l'Assistant de connexion Windows Live: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\fichiers communs\microsoft shared\windows live\WindowsLiveLogin.dll
    BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.1.1309.3572\swg.dll
    TB: Veoh Web Player Video Finder: {0fbb9689-d3d7-4f7a-a2e2-585b10099bfc} - c:\program files\veoh networks\veohwebplayer\VeohIEToolbar.dll
    TB: DAEMON Tools Toolbar: {32099aac-c132-4136-9e9a-4e364a424e17} - c:\program files\daemon tools toolbar\DTToolbar.dll
    uRun: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background
    uRun: [VeohPlugin] "c:\program files\veoh networks\veohwebplayer\veohwebplayer.exe"
    uRun: [BitTorrent DNA] "c:\program files\dna\btdna.exe"
    uRun: [Steam] "c:\program files\steam\Steam.exe" -silent
    uRun: [Skype] "c:\program files\skype\phone\Skype.exe" /nosplash /minimized
    uRun: [DAEMON Tools Lite] "c:\program files\daemon tools lite\daemon.exe" -autorun
    uRun: [PlayNC Launcher]
    uRun: [swg] c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe
    uRun: [SpybotSD TeaTimer] c:\program files\spybot - search & destroy\TeaTimer.exe
    uRunOnce: [UniblueRegistryBooster] "c:\program files\uniblue\registrybooster\launcher.exe" delay 20000
    mRun: [RTHDCPL] RTHDCPL.EXE
    mRun: [Alcmtr] ALCMTR.EXE
    mRun: [avgnt] "c:\program files\avira\antivir desktop\avgnt.exe" /min
    mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
    mRun: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
    mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
    mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
    dRunOnce: [JkDefrag] rundll32 advpack.dll,LaunchINFSection JKDEFRAG.INF,RunOnce,1,N
    dRunOnce: [SweetRegistry] rundll32 advpack.dll,LaunchINFSection SweetReg.inf,PerUserStub
    StartupFolder: c:\docume~1\alluse~1\menudm~1\progra~1\dmarra~1\paltalk.lnk - c:\program files\paltalk messenger\paltalk.exe
    uPolicies-explorer: ForceClassicControlPanel = 1 (0x1)
    uPolicies-explorer: NoDesktopCleanupWizard = 1 (0x1)
    uPolicies-explorer: NoInstrumentation = 1 (0x1)
    uPolicies-explorer: NoResolveTrack = 1 (0x1)
    uPolicies-explorer: NoSMBalloonTip = 1 (0x1)
    uPolicies-explorer: NoSMConfigurePrograms = 1 (0x1)
    uPolicies-explorer: NoSMHelp = 1 (0x1)
    uPolicies-explorer: NoStrCmpLogical = 0 (0x0)
    uPolicies-explorer: NoWelcomeScreen = 1 (0x1)
    mPolicies-explorer: HideRunAsVerb = 1 (0x1)
    mPolicies-explorer: NoDesktopCleanupWizard = 1 (0x1)
    mPolicies-explorer: NoInstrumentation = 1 (0x1)
    mPolicies-explorer: NoNetConnectDisconnect = 1 (0x1)
    mPolicies-explorer: NoResolveTrack = 1 (0x1)
    dPolicies-explorer: ForceClassicControlPanel = 1 (0x1)
    dPolicies-explorer: NoDesktopCleanupWizard = 1 (0x1)
    dPolicies-explorer: NoInstrumentation = 1 (0x1)
    dPolicies-explorer: NoResolveTrack = 1 (0x1)
    dPolicies-explorer: NoSMBalloonTip = 1 (0x1)
    dPolicies-explorer: NoSMConfigurePrograms = 1 (0x1)
    dPolicies-explorer: NoSMHelp = 1 (0x1)
    dPolicies-explorer: NoStrCmpLogical = 0 (0x0)
    dPolicies-explorer: NoWelcomeScreen = 1 (0x1)
    IE: E&xporter vers Microsoft Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000
    IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
    IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBC} - c:\program files\java\jre1.6.0_07\bin\ssv.dll
    IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL
    IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\program files\spybot - search & destroy\SDHelper.dll
    DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} - hxxp://gfx1.hotmail.com/mail/w3/resources/MSNPUpld.cab
    DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1242485856062
    DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1242485849000
    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
    DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
    DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
    DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
    Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\fichie~1\skype\SKYPE4~1.DLL
    Notify: AtiExtEvent - Ati2evxx.dll
    SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
    mASetup: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - rundll32 advpack.dll,LaunchINFSection c:\windows\inf\ie.inf,IE7Stub
    mASetup: >{D10A0BD6-DEAB-423e-8A6B-373B4BDB3C7B} - rundll32.exe advpack.dll,LaunchINFSection c:\windows\inf\firefox.inf,PerUserStub

    ================= FIREFOX ===================

    FF - ProfilePath - c:\docume~1\admini~1\applic~1\mozilla\firefox\profiles\mteietq8.default\
    FF - component: c:\documents and settings\administrateur\application data\mozilla\firefox\profiles\mteietq8.default\extensions\dttoolbar@toolbarnet.com\components\DTToolbarFF.dll
    FF - plugin: c:\program files\google\google updater\2.4.1636.7222\npCIDetect13.dll
    FF - plugin: c:\program files\google\update\1.2.183.13\npGoogleOneClick8.dll
    FF - plugin: c:\program files\mozilla firefox\plugins\npbittorrent.dll
    FF - plugin: c:\program files\veoh networks\veohwebplayer\NPVeohTVPlugin.dll
    FF - plugin: c:\program files\veoh networks\veohwebplayer\npWebPlayerVideoPluginATL.dll
    FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll

    ---- FIREFOX POLICIES ----
    c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true);

    ============= SERVICES / DRIVERS ===============

    R0 m5287;m5287;c:\windows\system32\drivers\m5287.sys [2008-9-28 103680]
    R1 avgio;avgio;c:\program files\avira\antivir desktop\avgio.sys [2009-5-16 11608]
    R2 AntiVirSchedulerService;Avira AntiVir Planificateur;c:\program files\avira\antivir desktop\sched.exe [2009-5-16 108289]
    R2 AntiVirService;Avira AntiVir Guard;c:\program files\avira\antivir desktop\avguard.exe [2009-5-16 185089]
    R2 avgntflt;avgntflt;c:\windows\system32\drivers\avgntflt.sys [2009-5-16 56816]
    R3 GarenaPEngine;GarenaPEngine;c:\docume~1\admini~1\locals~1\temp\KAGF.tmp [2010-2-22 25616]
    S2 gupdate1ca1c667e887256;Service Google Update (gupdate1ca1c667e887256);c:\program files\google\update\GoogleUpdate.exe [2009-8-13 133104]
    S3 DBKDRVR54;DBKDRVR54;\??\c:\program files\cheat engine\dbk32.sys --> c:\program files\cheat engine\dbk32.sys [?]
    S3 dump_wmimmc;dump_wmimmc;\??\c:\program files\ncsoft\aion (north america)\bin32\gameguard\dump_wmimmc.sys --> c:\program files\ncsoft\aion (north america)\bin32\gameguard\dump_wmimmc.sys [?]
    S3 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [2007-11-6 34064]
    S3 npggsvc;nProtect GameGuard Service;c:\windows\system32\gamemon.des -service --> c:\windows\system32\GameMon.des -service [?]

    =============== Created Last 30 ================

    2010-02-22 14:27:56 0 d-----w- c:\docume~1\admini~1\applic~1\Uniblue
    2010-02-22 14:27:39 0 d-----w- c:\program files\Uniblue
    2010-02-21 23:36:54 73 ----a-w- c:\windows\wininit.ini
    2010-02-21 22:33:04 0 d-----w- c:\program files\Spybot - Search & Destroy
    2010-02-21 22:33:04 0 d-----w- c:\docume~1\alluse~1\applic~1\Spybot - Search & Destroy
    2010-02-21 22:31:19 0 d-----w- c:\program files\Lavasoft
    2010-02-21 22:30:22 0 d-----w- c:\program files\SetBrowser
    2010-02-10 23:34:13 0 d-----w- c:\docume~1\admini~1\applic~1\La Bataille pour la Terre du Milieu ™ II
    2010-02-09 19:38:08 0 d-----w- C:\Fruity_Loops_Studio_9_&_Crack
    2010-02-02 15:10:44 0 d-----w- C:\The.Lord.Of.The.Rings.Battle.For.Middle.Earth.2-RELOADED
    2010-02-02 13:13:09 35 ----a-w- c:\windows\Worldbuilder.INI
    2010-01-29 16:45:45 0 d-----w- C:\Battle.For.Middle.Earth.2.The.Witch.King

    ==================== Find3M ====================

    2010-02-14 16:49:43 24284 ---ha-w- c:\windows\system32\mlfcache.dat
    2010-01-21 13:44:06 100047 ----a-w- c:\windows\War3Unin.dat
    2005-11-28 11:44:46 15385831 ----a-w- c:\program files\RomeTW.exe
    2009-05-16 15:38:18 16384 --sha-w- c:\windows\system32\config\systemprofile\cookies\index.dat
    2009-05-16 15:38:18 16384 --sha-w- c:\windows\system32\config\systemprofile\local settings\historique\history.ie5\index.dat
    2009-05-16 15:38:18 32768 --sha-w- c:\windows\system32\config\systemprofile\local settings\temporary internet files\content.ie5\index.dat

    ============= FINISH: 15:59:21,75 ===============

    &

    catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2010-02-22 16:04:52
    Windows 5.1.2600 Service Pack 3 NTFS

    scanning hidden processes ...

    scanning hidden services & system hive ...

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg]
    "s1"=dword:2df9c43f
    "s2"=dword:110480d0
    "h0"=dword:00000002

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04]
    "h0"=dword:00000001
    "ujdew"=hex:51,18,c4,4f,0b,2e,6b,37,e0,fb,58,41,f4,12,f3,81,3a,9a,09,b3,24,..

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC]
    "h0"=dword:00000000
    "hdf12"=hex:15,9a,46,16,24,1e,4d,98,80,f4,36,95,c8,c7,de,3b,61,b3,c3,2b,50,..
    "p0"="C:\Program Files\DAEMON Tools Lite\"

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001]
    "hdf12"=hex:e7,bf,61,fc,5d,f3,46,a4,c9,ba,51,ad,ad,50,96,d5,b8,f0,66,7b,58,..
    "a0"=hex:20,01,00,00,1f,2e,2b,c1,22,c0,07,85,bb,82,52,da,a1,03,e8,4c,41,..

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0]
    "hdf12"=hex:7b,55,d3,e2,d7,d3,31,cb,ce,1a,47,ab,42,49,b2,29,79,f0,e1,09,3a,..
    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04]
    "h0"=dword:00000001
    "ujdew"=hex:51,18,c4,4f,0b,2e,6b,37,e0,fb,58,41,f4,12,f3,81,3a,9a,09,b3,24,..
    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC]
    "h0"=dword:00000000
    "hdf12"=hex:15,9a,46,16,24,1e,4d,98,80,f4,36,95,c8,c7,de,3b,61,b3,c3,2b,50,..
    "p0"="C:\Program Files\DAEMON Tools Lite\"

    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001]
    "hdf12"=hex:e7,bf,61,fc,5d,f3,46,a4,c9,ba,51,ad,ad,50,96,d5,b8,f0,66,7b,58,..
    "a0"=hex:20,01,00,00,1f,2e,2b,c1,22,c0,07,85,bb,82,52,da,a1,03,e8,4c,41,..

    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0]
    "hdf12"=hex:7b,55,d3,e2,d7,d3,31,cb,ce,1a,47,ab,42,49,b2,29,79,f0,e1,09,3a,..

    scanning hidden registry entries ...

    scanning hidden files ...

    scan completed successfully
    hidden processes: 0
    hidden services: 0
    hidden files: 0

    Voila, en espérant que ceci face avancer un peu le probleme.
    Merci.
    Contenus similaires
    23 Février 2010 12:15:31

    Oups désolé !
    Je m'y met tout de suite :p 
    Tom's guide dans le monde
    • Allemagne
    • Italie
    • Irlande
    • Royaume Uni
    • Etats Unis
    Suivre Tom's Guide
    Inscrivez-vous à la Newsletter
    • ajouter à twitter
    • ajouter à facebook
    • ajouter un flux RSS