Sujet Précédent Sujet Suivant

Pb avec ad aware SE

Shiva -  
 bernie61 -
Bonjour à tous !

Je suis infecté de pas mal de saloperies (comme web rebates) et lorsque je fais tous supprimer par ad aware, je peux me connecter à Internet, mais je n'ai plus accés à rien. Comment savoir ce qu'il faut supprimer ou non ??

Voici les objets critiques :

Deep scanning and examining files (C:)
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

IPInsight Object Recognized!
Type : File
Data : conscorr.exe
Category : Data Miner
Comment :
Object : C:\Documents and Settings\sarah\Local Settings\Temp\
FileVersion : 0, 3, 1, 3
ProductVersion : 0, 3, 1, 3
CompanyName : ConsCorr
FileDescription : www.conscorr.com
LegalCopyright : Copyright © 2002

TopMoxie Object Recognized!
Type : File
Data : djtopr1150.exe
Category : Data Miner
Comment :
Object : C:\Documents and Settings\sarah\Local Settings\Temp\

TopMoxie Object Recognized!
Type : File
Data : jkill.exe
Category : Data Miner
Comment :
Object : C:\Documents and Settings\sarah\Local Settings\Temp\

VX2 Object Recognized!
Type : File
Data : temp.fr898A
Category : Malware
Comment :
Object : C:\Documents and Settings\sarah\Local Settings\Temp\
FileVersion : 0, 4, 4, 30
ProductVersion : 0, 4, 4, 30
ProductName : localnrd
CompanyName : LocalNRD
FileDescription : www.localnrd.com
InternalName : localnrd
LegalCopyright : Copyright © 2004
OriginalFilename : localnrd.dll
Comments : www.localnrd.com

SahAgent Object Recognized!
Type : File
Data : temp.frAF2F
Category : Data Miner
Comment :
Object : C:\Documents and Settings\sarah\Local Settings\Temp\
FileVersion : 2, 0, 0, 1
ProductVersion : 2, 0, 0, 1
ProductName : ShopAtHomeSelect LSP
CompanyName : ShopAtHomeSelect
FileDescription : LSP
InternalName : LSP
LegalCopyright : Copyright © 2004
OriginalFilename : LSP.DLL

VX2 Object Recognized!
Type : File
Data : localNRD.dll
Category : Malware
Comment :
Object : C:\Documents and Settings\sarah\Local Settings\Temp\THI79D1.tmp\
FileVersion : 0, 4, 4, 30
ProductVersion : 0, 4, 4, 30
ProductName : localnrd
CompanyName : LocalNRD
FileDescription : www.localnrd.com
InternalName : localnrd
LegalCopyright : Copyright © 2004
OriginalFilename : localnrd.dll
Comments : www.localnrd.com

VX2 Object Recognized!
Type : File
Data : polall1l.exe
Category : Malware
Comment :
Object : C:\Documents and Settings\sarah\Local Settings\Temp\THI79D1.tmp\
FileVersion : 1, 0, 0, 1
ProductVersion : 1, 0, 0, 1
ProductName : Calling Home
CompanyName : callinghome.biz
FileDescription : Installation utility for www.callinghome.biz
InternalName : Calling Home
LegalCopyright : callinghome.biz © 2004
OriginalFilename : Caller.exe

C: Drive supports Alternate Data Streams.
Scanning and Enumerating ADS...
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

C: Enumerating detected ADS...
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Disk Scan Result for C:\Documents and Settings\
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 7

VX2 Object Recognized!
Type : File
Data : A0018107.dll
Category : Malware
Comment :
Object : C:\System Volume Information\_restore{7DC55669-D383-4D6B-8272-CB80E2B1563E}\RP100\
FileVersion : 0, 4, 4, 30
ProductVersion : 0, 4, 4, 30
ProductName : localnrd
CompanyName : LocalNRD
FileDescription : www.localnrd.com
InternalName : localnrd
LegalCopyright : Copyright © 2004
OriginalFilename : localnrd.dll
Comments : www.localnrd.com

SahAgent Object Recognized!
Type : File
Data : A0018108.dll
Category : Data Miner
Comment :
Object : C:\System Volume Information\_restore{7DC55669-D383-4D6B-8272-CB80E2B1563E}\RP100\
FileVersion : 2, 0, 0, 1
ProductVersion : 2, 0, 0, 1
ProductName : ShopAtHomeSelect LSP
CompanyName : ShopAtHomeSelect
FileDescription : LSP
InternalName : LSP
LegalCopyright : Copyright © 2004
OriginalFilename : LSP.DLL

TopMoxie Object Recognized!
Type : File
Data : A0017337.exe
Category : Data Miner
Comment :
Object : C:\System Volume Information\_restore{7DC55669-D383-4D6B-8272-CB80E2B1563E}\RP97\

TopMoxie Object Recognized!
Type : File
Data : A0017338.exe
Category : Data Miner
Comment :
Object : C:\System Volume Information\_restore{7DC55669-D383-4D6B-8272-CB80E2B1563E}\RP97\

TopMoxie Object Recognized!
Type : File
Data : A0017339.exe
Category : Data Miner
Comment :
Object : C:\System Volume Information\_restore{7DC55669-D383-4D6B-8272-CB80E2B1563E}\RP97\

VX2 Object Recognized!
Type : File
Data : A0017483.exe
Category : Malware
Comment :
Object : C:\System Volume Information\_restore{7DC55669-D383-4D6B-8272-CB80E2B1563E}\RP98\
FileVersion : 1, 0, 0, 1
ProductVersion : 1, 0, 0, 1
ProductName : Calling Home
CompanyName : callinghome.biz
FileDescription : Installation utility for www.callinghome.biz
InternalName : Calling Home
LegalCopyright : callinghome.biz © 2004
OriginalFilename : Caller.exe

eUniverse Object Recognized!
Type : File
Data : A0017491.exe
Category : Data Miner
Comment :
Object : C:\System Volume Information\_restore{7DC55669-D383-4D6B-8272-CB80E2B1563E}\RP98\
FileVersion : 1, 0, 0, 1
ProductVersion : 1, 0, 0, 1
ProductName : kkv Application
FileDescription : kkv MFC Application
InternalName : kkv
LegalCopyright : Copyright (C) 2003
OriginalFilename : kkv.EXE

eUniverse Object Recognized!
Type : File
Data : A0017492.exe
Category : Data Miner
Comment :
Object : C:\System Volume Information\_restore{7DC55669-D383-4D6B-8272-CB80E2B1563E}\RP98\
FileVersion : 1, 3, 0, 0
ProductVersion : 1, 3, 0, 0
ProductName : sui Application
FileDescription : sui MFC Application
InternalName : sui
LegalCopyright : Copyright (C) 2003
OriginalFilename : sui.EXE

eUniverse Object Recognized!
Type : File
Data : A0017493.exe
Category : Data Miner
Comment :
Object : C:\System Volume Information\_restore{7DC55669-D383-4D6B-8272-CB80E2B1563E}\RP98\
FileVersion : 1, 3, 5, 0
ProductVersion : 1, 3, 5, 0
ProductName : Updater Application
FileDescription : Updater Application
InternalName : Updater
LegalCopyright : Copyright (C) 2003
OriginalFilename : updater.exe

eUniverse Object Recognized!
Type : File
Data : A0017494.exe
Category : Data Miner
Comment :
Object : C:\System Volume Information\_restore{7DC55669-D383-4D6B-8272-CB80E2B1563E}\RP98\
FileVersion : 1, 3, 0, 0
ProductVersion : 1, 3, 0, 0
ProductName : Track Internet Post Back Application
FileDescription : Track Internet Post Back Application
InternalName : Tipb
LegalCopyright : Copyright (C) 2003
OriginalFilename : tipb.EXE

C: Drive supports Alternate Data Streams.
Scanning and Enumerating ADS...
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

C: Enumerating detected ADS...
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Disk Scan Result for C:\System Volume Information\
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 17

C: Drive supports Alternate Data Streams.
Scanning and Enumerating ADS...
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

C: Enumerating detected ADS...
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Disk Scan Result for C:\Temporary files\
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 17

IPInsight Object Recognized!
Type : File
Data : conscorr.exe
Category : Data Miner
Comment :
Object : C:\WINDOWS\
FileVersion : 0, 3, 1, 3
ProductVersion : 0, 3, 1, 3
CompanyName : ConsCorr
FileDescription : www.conscorr.com
LegalCopyright : Copyright © 2002

SahAgent Object Recognized!
Type : File
Data : lsp_.dll
Category : Data Miner
Comment :
Object : C:\WINDOWS\Downloaded Program Files\
FileVersion : 2, 0, 0, 1
ProductVersion : 2, 0, 0, 1
ProductName : ShopAtHomeSelect LSP
CompanyName : ShopAtHomeSelect
FileDescription : LSP
InternalName : LSP
LegalCopyright : Copyright © 2004
OriginalFilename : LSP.DLL

VX2 Object Recognized!
Type : File
Data : localNRD.dll
Category : Malware
Comment :
Object : C:\WINDOWS\
FileVersion : 0, 4, 4, 30
ProductVersion : 0, 4, 4, 30
ProductName : localnrd
CompanyName : LocalNRD
FileDescription : www.localnrd.com
InternalName : localnrd
LegalCopyright : Copyright © 2004
OriginalFilename : localnrd.dll
Comments : www.localnrd.com

VX2 Object Recognized!
Type : File
Data : keesxh.exe
Category : Malware
Comment :
Object : C:\WINDOWS\system32\
FileVersion : 1, 0, 0, 1
ProductVersion : 1, 0, 0, 1
ProductName : Calling Home
CompanyName : callinghome.biz
FileDescription : Installation utility for www.callinghome.biz
InternalName : Calling Home
LegalCopyright : callinghome.biz © 2004
OriginalFilename : Caller.exe

SahAgent Object Recognized!
Type : File
Data : lsp.dll
Category : Data Miner
Comment :
Object : C:\WINDOWS\system32\
FileVersion : 2, 0, 0, 1
ProductVersion : 2, 0, 0, 1
ProductName : ShopAtHomeSelect LSP
CompanyName : ShopAtHomeSelect
FileDescription : LSP
InternalName : LSP
LegalCopyright : Copyright © 2004
OriginalFilename : LSP.DLL

SahAgent Object Recognized!
Type : File
Data : sahagent1019.exe
Category : Data Miner
Comment :
Object : C:\WINDOWS\system32\

eUniverse Object Recognized!
Type : File
Data : setup_incred_10.exe
Category : Data Miner
Comment :
Object : C:\WINDOWS\system32\

C: Drive supports Alternate Data Streams.
Scanning and Enumerating ADS...
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

C: Enumerating detected ADS...
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Disk Scan Result for C:\WINDOWS\
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 24

MRU List Object Recognized!
Location: : S-1-5-21-2000478354-796845957-725345543-1003\software\nico mak computing\winzip\filemenu
Description : winzip recently used archives

MRU List Object Recognized!
Location: : S-1-5-21-2000478354-796845957-725345543-1003\software\adobe\photoshop\7.0\visiteddirs
Description : adobe photoshop 7 recent work folders

MRU List Object Recognized!
Location: : S-1-5-21-2000478354-796845957-725345543-1003\software\microsoft\windows\currentversion\applets\paint\recent file list
Description : list of files recently opened using microsoft paint

MRU List Object Recognized!
Location: : S-1-5-21-2000478354-796845957-725345543-1003\software\microsoft\windows\currentversion\explorer\runmru
Description : mru list for items opened in start | run

MRU List Object Recognized!
Location: : S-1-5-21-2000478354-796845957-725345543-1003\software\microsoft\search assistant\acmru
Description : list of recent search terms used with the search assistant

MRU List Object Recognized!
Location: : S-1-5-21-2000478354-796845957-725345543-1003\software\microsoft\windows\currentversion\explorer\comdlg32\opensavemru
Description : list of recently saved files, stored according to file extension

MRU List Object Recognized!
Location: : S-1-5-21-2000478354-796845957-725345543-1003\software\microsoft\windows\currentversion\explorer\comdlg32\lastvisitedmru
Description : list of recent programs opened

MRU List Object Recognized!
Location: : S-1-5-21-2000478354-796845957-725345543-1003\software\microsoft\windows\currentversion\explorer\recentdocs
Description : list of recent documents opened

MRU List Object Recognized!
Location: : S-1-5-21-2000478354-796845957-725345543-1003\software\microsoft\office\8.0\excel\recent file list
Description : list of recent files used by microsoft excel

MRU List Object Recognized!
Location: : S-1-5-21-2000478354-796845957-725345543-1003\software\microsoft\office\8.0\powerpoint\recent file list
Description : list of recent files used by microsoft powerpoint

MRU List Object Recognized!
Location: : S-1-5-21-2000478354-796845957-725345543-1003\software\microsoft\mediaplayer\player\recentfilelist
Description : list of recently used files in microsoft windows media player

MRU List Object Recognized!
Location: : S-1-5-21-2000478354-796845957-725345543-1003\software\microsoft\internet explorer\main
Description : last save directory used in microsoft internet explorer

MRU List Object Recognized!
Location: : S-1-5-21-2000478354-796845957-725345543-1003\software\realnetworks\realplayer\6.0\preferences
Description : list of recent skins in realplayer

MRU List Object Recognized!
Location: : S-1-5-21-2000478354-796845957-725345543-1003\software\macromedia\flash 7\recent file list
Description : list of recently used files in macromedia flash

MRU List Object Recognized!
Location: : S-1-5-21-2000478354-796845957-725345543-1003\software\microsoft\internet explorer
Description : last download directory used in microsoft internet explorer

MRU List Object Recognized!
Location: : software\microsoft\directdraw\mostrecentapplication
Description : most recent application to use microsoft directdraw

MRU List Object Recognized!
Location: : S-1-5-21-2000478354-796845957-725345543-1003\software\microsoft\microsoft management console\recent file list
Description : list of recent snap-ins used in the microsoft management console

MRU List Object Recognized!
Location: : S-1-5-21-2000478354-796845957-725345543-1003\software\ahead\nero - burning rom\recent file list
Description : list of recently used files in nero burning rom

MRU List Object Recognized!
Location: : S-1-5-21-2000478354-796845957-725345543-1003\software\google\navclient\1.1\history
Description : list of recently used search terms in the google toolbar

MRU List Object Recognized!
Location: : S-1-5-21-2000478354-796845957-725345543-1003\software\microsoft\internet explorer\typedurls
Description : list of recently entered addresses in microsoft internet explorer

MRU List Object Recognized!
Location: : S-1-5-21-2000478354-796845957-725345543-1003\software\adobe\acrobat reader\5.0\avgeneral\crecentfiles
Description : list of recently used files in adobe reader

MRU List Object Recognized!
Location: : S-1-5-21-2000478354-796845957-725345543-1003\software\microsoft\directinput\mostrecentapplication
Description : most recent application to use microsoft directinput

MRU List Object Recognized!
Location: : S-1-5-21-2000478354-796845957-725345543-1003\software\microsoft\direct3d\mostrecentapplication
Description : most recent application to use microsoft direct3d

MRU List Object Recognized!
Location: : software\microsoft\direct3d\mostrecentapplication
Description : most recent application to use microsoft direct3d

MRU List Object Recognized!
Location: : S-1-5-21-2000478354-796845957-725345543-1003\software\realnetworks\realplayer\6.0\preferences
Description : list of recent clips in realplayer

MRU List Object Recognized!
Location: : S-1-5-21-2000478354-796845957-725345543-1003\software\microsoft\windows\currentversion\applets\regedit
Description : last key accessed using the microsoft registry editor

MRU List Object Recognized!
Location: : S-1-5-21-2000478354-796845957-725345543-1003\software\microsoft\directinput\mostrecentapplication
Description : most recent application to use microsoft directinput

MRU List Object Recognized!
Location: : .DEFAULT\software\microsoft\mediaplayer\preferences
Description : last playlist loaded in microsoft windows media player

MRU List Object Recognized!
Location: : S-1-5-18\software\microsoft\mediaplayer\preferences
Description : last playlist loaded in microsoft windows media player

MRU List Object Recognized!
Location: : S-1-5-19\software\microsoft\mediaplayer\preferences
Description : last playlist loaded in microsoft windows media player

MRU List Object Recognized!
Location: : S-1-5-20\software\microsoft\mediaplayer\preferences
Description : last playlist loaded in microsoft windows media player

MRU List Object Recognized!
Location: : S-1-5-21-2000478354-796845957-725345543-1003\software\microsoft\mediaplayer\preferences
Description : last playlist loaded in microsoft windows media player

MRU List Object Recognized!
Location: : S-1-5-21-2000478354-796845957-725345543-1003\software\macromedia\director\9.0\recentfiles
Description : list of recently used files in macromedia director

MRU List Object Recognized!
Location: : S-1-5-21-2000478354-796845957-725345543-1003\software\realnetworks\realplayer\6.0\preferences
Description : last login time in realplayer

MRU List Object Recognized!
Location: : S-1-5-21-2000478354-796845957-725345543-1003\software\microsoft\direct3d\mostrecentapplication
Description : most recent application to use microsoft direct X

MRU List Object Recognized!
Location: : software\microsoft\direct3d\mostrecentapplication
Description : most recent application to use microsoft direct X

MRU List Object Recognized!
Location: : S-1-5-21-2000478354-796845957-725345543-1003\software\winrar\dialogedithistory\extrpath
Description : winrar "extract-to" history

MRU List Object Recognized!
Location: : .DEFAULT\software\microsoft\windows media\wmsdk\general
Description : windows media sdk

MRU List Object Recognized!
Location: : S-1-5-18\software\microsoft\windows media\wmsdk\general
Description : windows media sdk

MRU List Object Recognized!
Location: : S-1-5-21-2000478354-796845957-725345543-1003\software\microsoft\windows media\wmsdk\general
Description : windows media sdk

MRU List Object Recognized!
Location: : C:\Documents and Settings\sarah\recent
Description : list of recently opened documents

Performing conditional scans...
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

TopMoxie Object Recognized!
Type : Folder
Category : Data Miner
Comment :
Object : c:\program files\Web_Rebates

TopMoxie Object Recognized!
Type : File
Data : disp1150.exe
Category : Data Miner
Comment :
Object : c:\program files\web_rebates\

TopMoxie Object Recognized!
Type : File
Data : README.txt
Category : Data Miner
Comment :
Object : c:\program files\web_rebates\

TopMoxie Object Recognized!
Type : File
Data : WebRebates0.exe
Category : Data Miner
Comment :
Object : c:\program files\web_rebates\

TopMoxie Object Recognized!
Type : File
Data : WebRebates1.exe
Category : Data Miner
Comment :
Object : c:\program files\web_rebates\

VX2 Object Recognized!
Type : Regkey
Data :
Category : Malware
Comment :
Rootkey : HKEY_CURRENT_USER
Object : software\localnrd

VX2 Object Recognized!
Type : File
Data : dummy.htm
Category : Malware
Comment :
Object : c:\docume~1\sarah\locals~1\temp\

SahAgent Object Recognized!
Type : File
Data : v.dat
Category : Data Miner
Comment :
Object : c:\windows\system32\

SahAgent Object Recognized!
Type : File
Data : vg.dat
Category : Data Miner
Comment :
Object : c:\windows\system32\

SahAgent Object Recognized!
Type : File
Data : setup.inf
Category : Data Miner
Comment :
Object : c:\windows\downloaded program files\

SahAgent Object Recognized!
Type : File
Data : WEBInstaller.dll
Category : Data Miner
Comment :
Object : c:\windows\downloaded program files\
FileVersion : 1, 1, 1, 33
ProductVersion : 1, 1, 1, 33
ProductName : WEBInstaller Module
FileDescription : WEBInstaller Module
InternalName : WEBInstaller
LegalCopyright : Copyright 2002
OriginalFilename : WEBInstaller.DLL

SahAgent Object Recognized!
Type : File
Data : xmlparse_.dll
Category : Data Miner
Comment :
Object : c:\windows\downloaded program files\

SahAgent Object Recognized!
Type : File
Data : xmltok_.dll
Category : Data Miner
Comment :
Object : c:\windows\downloaded program files\

SahAgent Object Recognized!
Type : File
Data : SAHUninstall.exe
Category : Data Miner
Comment :
Object : c:\windows\
FileVersion : 2, 0, 0, 5
ProductVersion : 2, 0, 0, 5
ProductName : SAHUninstall
CompanyName : ShopAtHomeSelect
FileDescription : SAHUninstall
InternalName : SAHUninstall
LegalCopyright : Copyright © 2004
OriginalFilename : SAHUninstall.dll

SahAgent Object Recognized!
Type : File
Data : SahAgent.log
Category : Data Miner
Comment :
Object : c:\

SahAgent Object Recognized!
Type : File
Data : bundletracking.asp
Category : Data Miner
Comment :
Object : c:\docume~1\sarah\locals~1\temp\

eUniverse Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : typelib\{de289bfa-737b-4abb-a4ec-f8753551b875}

eUniverse Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\incredifind

eUniverse Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\updmgr

eUniverse Object Recognized!
Type : File
Data : IncrediFindBHOLog.tmp
Category : Data Miner
Comment :
Object : C:\DOCUME~1\sarah\LOCALS~1\Temp\

Si quelqu'un peut m'aider !!
Merci d'avance !
A voir également:

2 réponses

Réponse 1 / 2
A.Lessard
 
je suis pris avec un logiciel espion du nom de SAHUninstall.exe

Nom de la menace est Adware . SAHAgent

est que vous popuvez m'aider s.v.p merci
0
Réponse 2 / 2
bernie61
 
Salut
BONJOUR
va vite là
http://www.technicland.com/fixvirus.php3
puis là
http://www.commentcamarche.net/ccmguide/ccmcharte.php3
MERCI
puis
essaie avec ces logiciels
anti adware de lavasoft là gratuit
http://www.lavasoftusa.com/support/download/
Et SpySwepper là :
http://www.webroot.com/products/spysweeper/
et surtout celui là Spybot S&D là:
http://www.safer-networking.org/en/index.html
à lancer avec MAJ (mise à jour)
pour configurer spybotS&D,
http://assiste.free.fr/p/frameset/06_37.php
http://tomcoyote.com/SPYBOT/indexfr.php
http://www.zebulon.fr/articles/spybot_1.php
a+
0

Discussions similaires

Dossier apparu ".ms-ad"
Sakura_01 -
brucine -

13 réponses
dossier ms-ad ???????
remac1 -
MPMP10 -

4 réponses
problème avec ad doubleclick sur android
monnalie -
bazfile -

6 réponses
comment supprimer ad.doubleclick.net
jcdeZuyd -
Malekal_morte- -

1 réponse
https://ad.doubleclick.net
Cat38300 -
bazfile -

1 réponse