Virus , redirection vers sites publicitaires
gadjo
-
Utilisateur anonyme -
Utilisateur anonyme -
Bonjour,
J'ai un problème avec internet explorer, je suis quasiment systematiquement redirigé vers des sites publicitaires comme thefeedyard.com ou livefeedinc.com .....
Je suis déspéré, je n'arrive pas a venir a bout de ce virus!
j'utilise win xp et je transmets un rapport de catche me . 0.3 en éspérant que quelqu'un puisse m'aider. J'ai deja passé un coup de malwarebyte et j'utilise avast ! Merci de votre aide
rapport :
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-10-08 00:06:41
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden services & system hive ...
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg]
"s1"=dword:2df9c43f
"s2"=dword:110480d0
"h0"=dword:00000002
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04]
"p0"="C:\Program Files\Alcohol Soft\Alcohol 120\"
"h0"=dword:00000001
"ujdew"=hex:3b,55,9d,36,91,58,15,71,52,53,07,12,bb,24,c5,bf,bd,e6,46,fa,57,..
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]
"p0"="C:\Program Files\DAEMON Tools Lite\"
"h0"=dword:00000000
"khjeh"=hex:f1,d0,b6,c5,2a,71,ea,46,34,b8,07,28,63,ea,d2,b3,dc,1b,87,01,b0,..
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001]
"a0"=hex:20,01,00,00,31,9b,d9,ca,bf,ed,8a,78,59,02,51,8f,6f,61,78,3d,97,..
"khjeh"=hex:2d,cb,5d,cf,1c,b8,91,a1,a2,4e,5f,e3,46,a1,9b,35,cb,7f,c6,6e,c7,..
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40]
"khjeh"=hex:fa,b6,51,02,dd,e0,3c,eb,38,87,09,b6,c1,e6,7b,54,dd,20,35,33,49,..
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf41]
"khjeh"=hex:7b,15,b4,fe,01,27,8f,ee,bb,b1,99,05,91,fc,97,dc,49,6f,64,56,9f,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04]
"p0"="C:\Program Files\Alcohol Soft\Alcohol 120\"
"h0"=dword:00000001
"ujdew"=hex:3b,55,9d,36,91,58,15,71,52,53,07,12,bb,24,c5,bf,bd,e6,46,fa,57,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]
"p0"="C:\Program Files\DAEMON Tools Lite\"
"h0"=dword:00000000
"khjeh"=hex:f1,d0,b6,c5,2a,71,ea,46,34,b8,07,28,63,ea,d2,b3,dc,1b,87,01,b0,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001]
"a0"=hex:20,01,00,00,31,9b,d9,ca,bf,ed,8a,78,59,02,51,8f,6f,61,78,3d,97,..
"khjeh"=hex:2d,cb,5d,cf,1c,b8,91,a1,a2,4e,5f,e3,46,a1,9b,35,cb,7f,c6,6e,c7,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40]
"khjeh"=hex:fa,b6,51,02,dd,e0,3c,eb,38,87,09,b6,c1,e6,7b,54,dd,20,35,33,49,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf41]
"khjeh"=hex:7b,15,b4,fe,01,27,8f,ee,bb,b1,99,05,91,fc,97,dc,49,6f,64,56,9f,..
scanning hidden registry entries ...
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{08B0E5C0-4FCB-11CF-AAA5-00401C608501}\iexplore]
"Count"=dword:0000005b
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{5C255C8A-E604-49B4-9D64-90988571CECB}\iexplore]
"Count"=dword:00000081
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}\iexplore]
"Count"=dword:0000005b
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9030D464-4C02-4ABF-8ECC-5164760863C6}\iexplore]
"Count"=dword:00000081
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A3BC75A2-1F87-4686-AA43-5347D756017C}\iexplore]
"Count"=dword:0000005b
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AA58ED58-01DD-4D91-8333-CF10577473F7}\iexplore]
"Count"=dword:0000340b
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FB5F1910-F110-11D2-BB9E-00C04F795683}\iexplore]
"Count"=dword:0000005b
scanning hidden files ...
C:\Documents and Settings\Ed\Menu Démarrer\Programmes\Démarrage\scandisk.dll 25088 bytes executable
C:\Documents and Settings\Ed\Menu Démarrer\Programmes\Démarrage\scandisk.lnk 645 bytes
C:\Documents and Settings\Ed\ntuser.dll 25088 bytes executable
C:\Documents and Settings\LocalService\ntuser.dll 25088 bytes executable
C:\WINDOWS\system32\calc.dll 25088 bytes executable
scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 5
file zipped: C:\Documents and Settings\Ed\Local Settings\Application Data\Microsoft\Messenger\b.@hotmail.com\SharingMetadata\tht@hotmail.com\DFSR\Staging\CS{B1798D5D-368F-00EB-93CB-1528B6DCCA30}\01\10-{B1798D5D-368F-00EB-93CB-1528B6DCCA30}-v1-{E570B026-AC33-4478-883A-10BF7AC83870}-v10-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS -> catchme.zip -> {59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS.2 ( 8 bytes )
file zipped: C:\Documents and Settings\Ed\Menu Démarrer\Programmes\Démarrage\scandisk.dll -> catchme.zip -> scandisk.dll.2 ( 25088 bytes )
file zipped: C:\Documents and Settings\Ed\Menu Démarrer\Programmes\Démarrage\scandisk.lnk -> catchme.zip -> scandisk.lnk.2 ( 645 bytes )
file zipped: C:\Documents and Settings\Ed\ntuser.dll -> catchme.zip -> ntuser.dll.3 ( 25088 bytes )
file zipped: C:\Documents and Settings\LocalService\ntuser.dll -> catchme.zip -> ntuser.dll.4 ( 25088 bytes )
file zipped: C:\WINDOWS\system32\calc.dll -> catchme.zip -> calc.dll.2 ( 25088 bytes )
J'ai un problème avec internet explorer, je suis quasiment systematiquement redirigé vers des sites publicitaires comme thefeedyard.com ou livefeedinc.com .....
Je suis déspéré, je n'arrive pas a venir a bout de ce virus!
j'utilise win xp et je transmets un rapport de catche me . 0.3 en éspérant que quelqu'un puisse m'aider. J'ai deja passé un coup de malwarebyte et j'utilise avast ! Merci de votre aide
rapport :
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-10-08 00:06:41
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden services & system hive ...
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg]
"s1"=dword:2df9c43f
"s2"=dword:110480d0
"h0"=dword:00000002
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04]
"p0"="C:\Program Files\Alcohol Soft\Alcohol 120\"
"h0"=dword:00000001
"ujdew"=hex:3b,55,9d,36,91,58,15,71,52,53,07,12,bb,24,c5,bf,bd,e6,46,fa,57,..
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]
"p0"="C:\Program Files\DAEMON Tools Lite\"
"h0"=dword:00000000
"khjeh"=hex:f1,d0,b6,c5,2a,71,ea,46,34,b8,07,28,63,ea,d2,b3,dc,1b,87,01,b0,..
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001]
"a0"=hex:20,01,00,00,31,9b,d9,ca,bf,ed,8a,78,59,02,51,8f,6f,61,78,3d,97,..
"khjeh"=hex:2d,cb,5d,cf,1c,b8,91,a1,a2,4e,5f,e3,46,a1,9b,35,cb,7f,c6,6e,c7,..
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40]
"khjeh"=hex:fa,b6,51,02,dd,e0,3c,eb,38,87,09,b6,c1,e6,7b,54,dd,20,35,33,49,..
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf41]
"khjeh"=hex:7b,15,b4,fe,01,27,8f,ee,bb,b1,99,05,91,fc,97,dc,49,6f,64,56,9f,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04]
"p0"="C:\Program Files\Alcohol Soft\Alcohol 120\"
"h0"=dword:00000001
"ujdew"=hex:3b,55,9d,36,91,58,15,71,52,53,07,12,bb,24,c5,bf,bd,e6,46,fa,57,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]
"p0"="C:\Program Files\DAEMON Tools Lite\"
"h0"=dword:00000000
"khjeh"=hex:f1,d0,b6,c5,2a,71,ea,46,34,b8,07,28,63,ea,d2,b3,dc,1b,87,01,b0,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001]
"a0"=hex:20,01,00,00,31,9b,d9,ca,bf,ed,8a,78,59,02,51,8f,6f,61,78,3d,97,..
"khjeh"=hex:2d,cb,5d,cf,1c,b8,91,a1,a2,4e,5f,e3,46,a1,9b,35,cb,7f,c6,6e,c7,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40]
"khjeh"=hex:fa,b6,51,02,dd,e0,3c,eb,38,87,09,b6,c1,e6,7b,54,dd,20,35,33,49,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf41]
"khjeh"=hex:7b,15,b4,fe,01,27,8f,ee,bb,b1,99,05,91,fc,97,dc,49,6f,64,56,9f,..
scanning hidden registry entries ...
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{08B0E5C0-4FCB-11CF-AAA5-00401C608501}\iexplore]
"Count"=dword:0000005b
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{5C255C8A-E604-49B4-9D64-90988571CECB}\iexplore]
"Count"=dword:00000081
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}\iexplore]
"Count"=dword:0000005b
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9030D464-4C02-4ABF-8ECC-5164760863C6}\iexplore]
"Count"=dword:00000081
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A3BC75A2-1F87-4686-AA43-5347D756017C}\iexplore]
"Count"=dword:0000005b
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AA58ED58-01DD-4D91-8333-CF10577473F7}\iexplore]
"Count"=dword:0000340b
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FB5F1910-F110-11D2-BB9E-00C04F795683}\iexplore]
"Count"=dword:0000005b
scanning hidden files ...
C:\Documents and Settings\Ed\Menu Démarrer\Programmes\Démarrage\scandisk.dll 25088 bytes executable
C:\Documents and Settings\Ed\Menu Démarrer\Programmes\Démarrage\scandisk.lnk 645 bytes
C:\Documents and Settings\Ed\ntuser.dll 25088 bytes executable
C:\Documents and Settings\LocalService\ntuser.dll 25088 bytes executable
C:\WINDOWS\system32\calc.dll 25088 bytes executable
scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 5
file zipped: C:\Documents and Settings\Ed\Local Settings\Application Data\Microsoft\Messenger\b.@hotmail.com\SharingMetadata\tht@hotmail.com\DFSR\Staging\CS{B1798D5D-368F-00EB-93CB-1528B6DCCA30}\01\10-{B1798D5D-368F-00EB-93CB-1528B6DCCA30}-v1-{E570B026-AC33-4478-883A-10BF7AC83870}-v10-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS -> catchme.zip -> {59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS.2 ( 8 bytes )
file zipped: C:\Documents and Settings\Ed\Menu Démarrer\Programmes\Démarrage\scandisk.dll -> catchme.zip -> scandisk.dll.2 ( 25088 bytes )
file zipped: C:\Documents and Settings\Ed\Menu Démarrer\Programmes\Démarrage\scandisk.lnk -> catchme.zip -> scandisk.lnk.2 ( 645 bytes )
file zipped: C:\Documents and Settings\Ed\ntuser.dll -> catchme.zip -> ntuser.dll.3 ( 25088 bytes )
file zipped: C:\Documents and Settings\LocalService\ntuser.dll -> catchme.zip -> ntuser.dll.4 ( 25088 bytes )
file zipped: C:\WINDOWS\system32\calc.dll -> catchme.zip -> calc.dll.2 ( 25088 bytes )
Configuration: Windows XP Internet Explorer 6.0
A voir également:
- Virus , redirection vers sites publicitaires
- Reconsidérer le traitement de vos informations à des fins publicitaires - Accueil - Réseaux sociaux
- Sites de téléchargement - Accueil - Outils
- Virus mcafee - Accueil - Piratage
- Clémence souhaite faire calculer automatiquement les prix de 30 produits dans trois devises. elle a déjà saisi une formule de calcul pour le tarif du premier produit dans la première devise. corrigez sa formule afin que recopiée vers le bas puis vers la droite, elle remplisse correctement tout le tableau. - Forum Excel
- Windows 7 vers windows 10 - Accueil - Mise à jour
3 réponses
Bonjour,
--> http://www.infos-du-net.com/forum/289433-11-virus-redirection-vers-page-publicitaire
Merci de choisir.
--> http://www.infos-du-net.com/forum/289433-11-virus-redirection-vers-page-publicitaire
Merci de choisir.
Salut fait ceci :
◆ Télécharge sur ton bureaux RSIT ( Random's Systeme Information Tools ) de Random/Random :
http://images.malwareremoval.com/random/RSIT.exe
◆ Double clique sur RSIT.exe qui se trouve sur ton bureau pour le lancer
◆ Une fenetre intitulé " Disclaimer of Warranty " s'ouvre clique sur continue Le rapport commence ...
* Les rapports ce trouvent à cet endroit : C:\rsit\info.txt C:\rsit\log.txt
/l\ NE LES POSTES PAS SUR LE FORUM /l\
Héberge les ici : http://www.cijoint.fr
Et passe moi les liens ...
◆ Télécharge sur ton bureaux RSIT ( Random's Systeme Information Tools ) de Random/Random :
http://images.malwareremoval.com/random/RSIT.exe
◆ Double clique sur RSIT.exe qui se trouve sur ton bureau pour le lancer
◆ Une fenetre intitulé " Disclaimer of Warranty " s'ouvre clique sur continue Le rapport commence ...
* Les rapports ce trouvent à cet endroit : C:\rsit\info.txt C:\rsit\log.txt
/l\ NE LES POSTES PAS SUR LE FORUM /l\
Héberge les ici : http://www.cijoint.fr
Et passe moi les liens ...
