Probleme de pub (C.I.D)
mire59
Messages postés
351
Statut
Membre
-
mire59 Messages postés 351 Statut Membre -
mire59 Messages postés 351 Statut Membre -
Bonjour,
j'ai deja entendue parler de c'est pub (cid) on mavé dit que c'était a cause du sponsor de messenger plus j'ai donc désinstaller messenger plus et réinstaller sans le sponsor mais j'ai toujour c'est pub qui apparaisse pourquoi ???
j'ai deja entendue parler de c'est pub (cid) on mavé dit que c'était a cause du sponsor de messenger plus j'ai donc désinstaller messenger plus et réinstaller sans le sponsor mais j'ai toujour c'est pub qui apparaisse pourquoi ???
Configuration: Windows Vista Internet Explorer 7.0
10 réponses
-
Bonjour mire59
Je transfère ton topik sur le forum Virus/Sécurité.
Télécharge Lop S&D.exe sur ton Bureau.
https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/LopSD.exe?attachauth=ANoY7co3ntqUavpZ3q1BG-h4pc13vqDZmhcNeEPChtsyrgAykRbhE8bZzhk979EfQD4AgwtQUHCaQ7ZQwNYMo3_0kA8htAspckDJtu2K5t6J9z6dLW4fpZyH4FpFL1tVMBZ8H-KnN7afZ5vt-WxZRpnynk-a0XmV_Y0C0q6DxGEDKie1TnPT7gFoZnoCnspzBmbW6ZzxA4fNr3oEDlbelNZON-LjF8nOmQ%3D%3D&attredirects=2
* Double-clique dessus pour lancer l'installation
* Puis double-clique sur le raccourci Lop S&D présent sur ton Bureau
* Séléctionne la langue souhaitée, puis choisis l'option 1 (Recherche)
* Patiente jusqu'à la fin du scan
* Poste le rapport généré (C:\lopR.txt)
Tutorial ( aide ) : http://bibou0007.com/outils-specifiques-f78/tuto-lop-sd-t956.htm
-
--------------------\\ Lop S&D 4.2.4-4 XP/Vista
Microsoft® Windows Vista™ Édition Familiale Basique ( v6.0.6000 )
X86-based PC ( Multiprocessor Free : AMD Sempron(tm) Processor 3800+ )
BIOS : Phoenix - AwardBIOS v6.00PG
USER : fannyrémi ( Administrator )
BOOT : Normal boot
Antivirus : avast! antivirus 4.8.1229 [VPS 080929-0] 4.8.1229 (Activated)
C:\ (Local Disk) - NTFS - Total : 111 Go Free : 86 Go
D:\ (Local Disk) - NTFS - Total : 111 Go Free : 91 Go
E:\ (CD or DVD)
F:\ (USB)
G:\ (USB)
H:\ (USB)
I:\ (USB)
"C:\Lop SD" ( MAJ : 19-09-2008|22:20 )
Option : [1] ( 29/09/2008|13:45 )
[ UAC => 1 ]
--------------------\\ Listing des dossiers dans Local
[28/09/2008|12:26] C:\Users\FANNYR~1\AppData\Local\Application Data
[28/09/2008|18:49] C:\Users\FANNYR~1\AppData\Local\ATI
[28/09/2008|19:09] C:\Users\FANNYR~1\AppData\Local\GDIPFONTCACHEV1.DAT
[28/09/2008|12:26] C:\Users\FANNYR~1\AppData\Local\Historique
[29/09/2008|13:08] C:\Users\FANNYR~1\AppData\Local\IconCache.db
[28/09/2008|17:13] C:\Users\FANNYR~1\AppData\Local\Microsoft
[28/09/2008|16:49] C:\Users\FANNYR~1\AppData\Local\PowerCinema
[29/09/2008|13:43] C:\Users\FANNYR~1\AppData\Local\Temp
[28/09/2008|12:26] C:\Users\FANNYR~1\AppData\Local\Temporary Internet Files
[28/09/2008|17:12] C:\Users\FANNYR~1\AppData\Local\VirtualStore
[28/09/2008|13:13] C:\Users\FANNYR~1\AppData\Local\WindowsUpdate
--------------------\\ Tâches planifiées dans C:\Windows\tasks
[29/09/2008 13:10][--ah-----] C:\Windows\tasks\SA.DAT
[29/09/2008 13:08][--a------] C:\Windows\tasks\SCHEDLGU.TXT
--------------------\\ Listing des dossiers dans C:\ProgramData
[06/05/2007|23:16] C:\ProgramData\{174892B1-CBE7-44F5-86FF-AB555EFD73A3}
[06/05/2007|23:17] C:\ProgramData\Adobe
[02/11/2006|14:59] C:\ProgramData\Application Data
[28/09/2008|12:21] C:\ProgramData\Bureau
[28/09/2008|13:11] C:\ProgramData\CyberLink
[02/11/2006|14:59] C:\ProgramData\Desktop
[02/11/2006|14:59] C:\ProgramData\Documents
[06/05/2007|23:26] C:\ProgramData\eSobi
[28/09/2008|12:21] C:\ProgramData\Favoris
[02/11/2006|14:59] C:\ProgramData\Favorites
[29/09/2008|10:29] C:\ProgramData\Flood Light Games
[28/09/2008|17:12] C:\ProgramData\Free readme browse.9unj90
[29/09/2008|12:22] C:\ProgramData\iWin
[29/09/2008|12:37] C:\ProgramData\iWin Games
[28/09/2008|12:21] C:\ProgramData\Menu D‚marrer
[28/09/2008|20:15] C:\ProgramData\Messenger Plus!
[28/09/2008|16:59] C:\ProgramData\Microsoft
[29/09/2008|09:49] C:\ProgramData\Microsoft Help
[28/09/2008|12:21] C:\ProgramData\ModŠles
[28/09/2008|17:12] C:\ProgramData\RDR GPL GPL.2jt0rf
[28/09/2008|17:12] C:\ProgramData\RDR GPL GPL.ei84hd
[28/09/2008|17:12] C:\ProgramData\Secondtonsbody
[02/11/2006|14:59] C:\ProgramData\Start Menu
[28/09/2008|18:58] C:\ProgramData\Symantec
[29/09/2008|12:36] C:\ProgramData\TEMP
[02/11/2006|14:59] C:\ProgramData\Templates
[28/09/2008|17:12] C:\ProgramData\Tool Eggs Less City
[28/09/2008|20:05] C:\ProgramData\WLInstaller
--------------------\\ Listing des dossiers dans C:\Program Files
[28/09/2008|12:45] C:\Program Files\Acer Inc
[06/05/2007|23:16] C:\Program Files\Activation Assistant for the 2007 Microsoft Office suites
[06/05/2007|23:17] C:\Program Files\Adobe
[28/09/2008|16:55] C:\Program Files\Alwil Software
[28/09/2008|12:31] C:\Program Files\ATI
[28/09/2008|12:35] C:\Program Files\ATI Technologies
[29/09/2008|12:54] C:\Program Files\BoontyGames
[29/09/2008|10:27] C:\Program Files\Common Files
[06/05/2007|23:25] C:\Program Files\Cyberlink
[28/09/2008|14:07] C:\Program Files\eSobi
[28/09/2008|12:21] C:\Program Files\Fichiers communs [C:\Program Files\Common Files]
[29/09/2008|10:27] C:\Program Files\GamesBar
[28/09/2008|19:07] C:\Program Files\InstallShield Installation Information
[28/09/2008|16:25] C:\Program Files\Internet Explorer
[29/09/2008|12:38] C:\Program Files\iWin.com
[29/09/2008|13:07] C:\Program Files\Messenger Plus! Live
[28/09/2008|17:03] C:\Program Files\Microsoft CAPICOM 2.1.0.2
[02/11/2006|14:35] C:\Program Files\Microsoft Games
[06/05/2007|23:16] C:\Program Files\Microsoft Office
[28/09/2008|16:53] C:\Program Files\Microsoft Works
[06/05/2007|23:14] C:\Program Files\Microsoft.NET
[02/11/2006|14:40] C:\Program Files\Movie Maker
[02/11/2006|14:35] C:\Program Files\MSBuild
[02/11/2006|14:35] C:\Program Files\MSN
[28/09/2008|13:08] C:\Program Files\MSXML 4.0
[06/05/2007|23:12] C:\Program Files\NewTech Infosystems
[29/09/2008|10:27] C:\Program Files\orange
[06/05/2007|23:00] C:\Program Files\Realtek
[02/11/2006|14:35] C:\Program Files\Reference Assemblies
[02/11/2006|14:58] C:\Program Files\Uninstall Information
[28/09/2008|16:25] C:\Program Files\Windows Calendar
[02/11/2006|14:40] C:\Program Files\Windows Collaboration
[28/09/2008|16:25] C:\Program Files\Windows Defender
[28/09/2008|20:05] C:\Program Files\Windows Live
[28/09/2008|16:25] C:\Program Files\Windows Mail
[28/09/2008|16:25] C:\Program Files\Windows Media Player
[28/09/2008|12:21] C:\Program Files\Windows NT
[02/11/2006|14:40] C:\Program Files\Windows Photo Gallery
[28/09/2008|16:24] C:\Program Files\Windows Sidebar
[28/09/2008|14:03] C:\Program Files\Yahoo!
--------------------\\ Listing des dossiers dans C:\Program Files\Common Files
[06/05/2007|23:17] C:\Program Files\Common Files\Adobe
[06/05/2007|23:14] C:\Program Files\Common Files\DESIGNER
[06/05/2007|23:23] C:\Program Files\Common Files\InstallShield
[06/05/2007|23:11] C:\Program Files\Common Files\LightScribe
[28/09/2008|17:08] C:\Program Files\Common Files\microsoft shared
[06/05/2007|23:11] C:\Program Files\Common Files\muvee Technologies
[06/05/2007|23:12] C:\Program Files\Common Files\NewTech Infosystems
[29/09/2008|10:27] C:\Program Files\Common Files\Oberon Media
[02/11/2006|13:18] C:\Program Files\Common Files\Services
[02/11/2006|13:18] C:\Program Files\Common Files\SpeechEngines
[28/09/2008|18:59] C:\Program Files\Common Files\Symantec Shared
[28/09/2008|16:25] C:\Program Files\Common Files\System
[28/09/2008|17:07] C:\Program Files\Common Files\WindowsLiveInstaller
--------------------\\ Process
( 58 Processes )
iexplore.exe ~ [PID:3292]
iexplore.exe ~ [PID:3312]
iexplore.exe ~ [PID:3728]
--------------------\\ Recherche avec S_Lop
C:\ProgramData\Free readme browse.9unj90
C:\ProgramData\RDR GPL GPL.2jt0rf
C:\ProgramData\RDR GPL GPL.ei84hd
C:\Users\FANNYR~1\AppData\Local\Temp\bis78D7.exe
--------------------\\ Recherche de Fichiers / Dossiers Lop
C:\ProgramData\Tool Eggs Less City
C:\ProgramData\Tool Eggs Less City\Byte File.exe
--------------------\\ Verification du Registre
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LESS CITY AMEN SETUP"="\"C:\\ProgramData\\Free readme browse.9unj90\""
"mfcd chic"="\"C:\\ProgramData\\RDR GPL GPL.2jt0rf\""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
--------------------\\ Verification du fichier Hosts
Fichier Hosts PROPRE
--------------------\\ Recherche de fichiers avec Catchme
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-09-29 13:45:48
Windows 6.0.6000 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0
--------------------\\ Recherche d'autres infections
Aucune autre infection trouvée !
[F:99][D:23]-> C:\Users\FANNYR~1\AppData\Local\Temp
[F:192][D:1]-> C:\Users\FANNYR~1\AppData\Roaming\MICROS~1\Windows\Cookies
[F:66][D:4]-> C:\Users\FANNYR~1\AppData\Local\MICROS~1\Windows\TEMPOR~1\content.IE5
[F:15][D:4]-> C:\$Recycle.Bin
1 - "C:\Lop SD\LopR_1.txt" - 29/09/2008|13:47 - Option : [1]
--------------------\\ Fin du rapport a 13:47:16
[ UAC => 1 ]
voila ce que vous m'avez demander -
Relance Lop S&D
* Choisis cette fois ci l'Option 2 (Suppression)
* Ne ferme pas la fenêtre lors de la suppression !
* Poste le rapport généré (C:\lopR.txt)
-
--------------------\\ Lop S&D 4.2.4-4 XP/Vista
Microsoft® Windows Vista™ Édition Familiale Basique ( v6.0.6000 )
X86-based PC ( Multiprocessor Free : AMD Sempron(tm) Processor 3800+ )
BIOS : Phoenix - AwardBIOS v6.00PG
USER : fannyrémi ( Administrator )
BOOT : Normal boot
Antivirus : avast! antivirus 4.8.1229 [VPS 080929-0] 4.8.1229 (Activated)
C:\ (Local Disk) - NTFS - Total : 111 Go Free : 86 Go
D:\ (Local Disk) - NTFS - Total : 111 Go Free : 91 Go
E:\ (CD or DVD)
F:\ (USB)
G:\ (USB)
H:\ (USB)
I:\ (USB)
"C:\Lop SD" ( MAJ : 19-09-2008|22:20 )
Option : [1] ( 29/09/2008|13:45 )
[ UAC => 1 ]
--------------------\\ Listing des dossiers dans Local
[28/09/2008|12:26] C:\Users\FANNYR~1\AppData\Local\Application Data
[28/09/2008|18:49] C:\Users\FANNYR~1\AppData\Local\ATI
[28/09/2008|19:09] C:\Users\FANNYR~1\AppData\Local\GDIPFONTCACHEV1.DAT
[28/09/2008|12:26] C:\Users\FANNYR~1\AppData\Local\Historique
[29/09/2008|13:08] C:\Users\FANNYR~1\AppData\Local\IconCache.db
[28/09/2008|17:13] C:\Users\FANNYR~1\AppData\Local\Microsoft
[28/09/2008|16:49] C:\Users\FANNYR~1\AppData\Local\PowerCinema
[29/09/2008|13:43] C:\Users\FANNYR~1\AppData\Local\Temp
[28/09/2008|12:26] C:\Users\FANNYR~1\AppData\Local\Temporary Internet Files
[28/09/2008|17:12] C:\Users\FANNYR~1\AppData\Local\VirtualStore
[28/09/2008|13:13] C:\Users\FANNYR~1\AppData\Local\WindowsUpdate
--------------------\\ Tâches planifiées dans C:\Windows\tasks
[29/09/2008 13:10][--ah-----] C:\Windows\tasks\SA.DAT
[29/09/2008 13:08][--a------] C:\Windows\tasks\SCHEDLGU.TXT
--------------------\\ Listing des dossiers dans C:\ProgramData
[06/05/2007|23:16] C:\ProgramData\{174892B1-CBE7-44F5-86FF-AB555EFD73A3}
[06/05/2007|23:17] C:\ProgramData\Adobe
[02/11/2006|14:59] C:\ProgramData\Application Data
[28/09/2008|12:21] C:\ProgramData\Bureau
[28/09/2008|13:11] C:\ProgramData\CyberLink
[02/11/2006|14:59] C:\ProgramData\Desktop
[02/11/2006|14:59] C:\ProgramData\Documents
[06/05/2007|23:26] C:\ProgramData\eSobi
[28/09/2008|12:21] C:\ProgramData\Favoris
[02/11/2006|14:59] C:\ProgramData\Favorites
[29/09/2008|10:29] C:\ProgramData\Flood Light Games
[28/09/2008|17:12] C:\ProgramData\Free readme browse.9unj90
[29/09/2008|12:22] C:\ProgramData\iWin
[29/09/2008|12:37] C:\ProgramData\iWin Games
[28/09/2008|12:21] C:\ProgramData\Menu D‚marrer
[28/09/2008|20:15] C:\ProgramData\Messenger Plus!
[28/09/2008|16:59] C:\ProgramData\Microsoft
[29/09/2008|09:49] C:\ProgramData\Microsoft Help
[28/09/2008|12:21] C:\ProgramData\ModŠles
[28/09/2008|17:12] C:\ProgramData\RDR GPL GPL.2jt0rf
[28/09/2008|17:12] C:\ProgramData\RDR GPL GPL.ei84hd
[28/09/2008|17:12] C:\ProgramData\Secondtonsbody
[02/11/2006|14:59] C:\ProgramData\Start Menu
[28/09/2008|18:58] C:\ProgramData\Symantec
[29/09/2008|12:36] C:\ProgramData\TEMP
[02/11/2006|14:59] C:\ProgramData\Templates
[28/09/2008|17:12] C:\ProgramData\Tool Eggs Less City
[28/09/2008|20:05] C:\ProgramData\WLInstaller
--------------------\\ Listing des dossiers dans C:\Program Files
[28/09/2008|12:45] C:\Program Files\Acer Inc
[06/05/2007|23:16] C:\Program Files\Activation Assistant for the 2007 Microsoft Office suites
[06/05/2007|23:17] C:\Program Files\Adobe
[28/09/2008|16:55] C:\Program Files\Alwil Software
[28/09/2008|12:31] C:\Program Files\ATI
[28/09/2008|12:35] C:\Program Files\ATI Technologies
[29/09/2008|12:54] C:\Program Files\BoontyGames
[29/09/2008|10:27] C:\Program Files\Common Files
[06/05/2007|23:25] C:\Program Files\Cyberlink
[28/09/2008|14:07] C:\Program Files\eSobi
[28/09/2008|12:21] C:\Program Files\Fichiers communs [C:\Program Files\Common Files]
[29/09/2008|10:27] C:\Program Files\GamesBar
[28/09/2008|19:07] C:\Program Files\InstallShield Installation Information
[28/09/2008|16:25] C:\Program Files\Internet Explorer
[29/09/2008|12:38] C:\Program Files\iWin.com
[29/09/2008|13:07] C:\Program Files\Messenger Plus! Live
[28/09/2008|17:03] C:\Program Files\Microsoft CAPICOM 2.1.0.2
[02/11/2006|14:35] C:\Program Files\Microsoft Games
[06/05/2007|23:16] C:\Program Files\Microsoft Office
[28/09/2008|16:53] C:\Program Files\Microsoft Works
[06/05/2007|23:14] C:\Program Files\Microsoft.NET
[02/11/2006|14:40] C:\Program Files\Movie Maker
[02/11/2006|14:35] C:\Program Files\MSBuild
[02/11/2006|14:35] C:\Program Files\MSN
[28/09/2008|13:08] C:\Program Files\MSXML 4.0
[06/05/2007|23:12] C:\Program Files\NewTech Infosystems
[29/09/2008|10:27] C:\Program Files\orange
[06/05/2007|23:00] C:\Program Files\Realtek
[02/11/2006|14:35] C:\Program Files\Reference Assemblies
[02/11/2006|14:58] C:\Program Files\Uninstall Information
[28/09/2008|16:25] C:\Program Files\Windows Calendar
[02/11/2006|14:40] C:\Program Files\Windows Collaboration
[28/09/2008|16:25] C:\Program Files\Windows Defender
[28/09/2008|20:05] C:\Program Files\Windows Live
[28/09/2008|16:25] C:\Program Files\Windows Mail
[28/09/2008|16:25] C:\Program Files\Windows Media Player
[28/09/2008|12:21] C:\Program Files\Windows NT
[02/11/2006|14:40] C:\Program Files\Windows Photo Gallery
[28/09/2008|16:24] C:\Program Files\Windows Sidebar
[28/09/2008|14:03] C:\Program Files\Yahoo!
--------------------\\ Listing des dossiers dans C:\Program Files\Common Files
[06/05/2007|23:17] C:\Program Files\Common Files\Adobe
[06/05/2007|23:14] C:\Program Files\Common Files\DESIGNER
[06/05/2007|23:23] C:\Program Files\Common Files\InstallShield
[06/05/2007|23:11] C:\Program Files\Common Files\LightScribe
[28/09/2008|17:08] C:\Program Files\Common Files\microsoft shared
[06/05/2007|23:11] C:\Program Files\Common Files\muvee Technologies
[06/05/2007|23:12] C:\Program Files\Common Files\NewTech Infosystems
[29/09/2008|10:27] C:\Program Files\Common Files\Oberon Media
[02/11/2006|13:18] C:\Program Files\Common Files\Services
[02/11/2006|13:18] C:\Program Files\Common Files\SpeechEngines
[28/09/2008|18:59] C:\Program Files\Common Files\Symantec Shared
[28/09/2008|16:25] C:\Program Files\Common Files\System
[28/09/2008|17:07] C:\Program Files\Common Files\WindowsLiveInstaller
--------------------\\ Process
( 58 Processes )
iexplore.exe ~ [PID:3292]
iexplore.exe ~ [PID:3312]
iexplore.exe ~ [PID:3728]
--------------------\\ Recherche avec S_Lop
C:\ProgramData\Free readme browse.9unj90
C:\ProgramData\RDR GPL GPL.2jt0rf
C:\ProgramData\RDR GPL GPL.ei84hd
C:\Users\FANNYR~1\AppData\Local\Temp\bis78D7.exe
--------------------\\ Recherche de Fichiers / Dossiers Lop
C:\ProgramData\Tool Eggs Less City
C:\ProgramData\Tool Eggs Less City\Byte File.exe
--------------------\\ Verification du Registre
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LESS CITY AMEN SETUP"="\"C:\\ProgramData\\Free readme browse.9unj90\""
"mfcd chic"="\"C:\\ProgramData\\RDR GPL GPL.2jt0rf\""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
--------------------\\ Verification du fichier Hosts
Fichier Hosts PROPRE
--------------------\\ Recherche de fichiers avec Catchme
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-09-29 13:45:48
Windows 6.0.6000 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0
--------------------\\ Recherche d'autres infections
Aucune autre infection trouvée !
[F:99][D:23]-> C:\Users\FANNYR~1\AppData\Local\Temp
[F:192][D:1]-> C:\Users\FANNYR~1\AppData\Roaming\MICROS~1\Windows\Cookies
[F:66][D:4]-> C:\Users\FANNYR~1\AppData\Local\MICROS~1\Windows\TEMPOR~1\content.IE5
[F:15][D:4]-> C:\$Recycle.Bin
1 - "C:\Lop SD\LopR_1.txt" - 29/09/2008|13:47 - Option : [1]
--------------------\\ Fin du rapport a 13:47:16
[ UAC => 1 ] -
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question -
C'est le rapport de l'option 1 que tu as reposté...
-
--------------------\\ Lop S&D 4.2.4-4 XP/Vista
Microsoft® Windows Vista™ Édition Familiale Basique ( v6.0.6000 )
X86-based PC ( Multiprocessor Free : AMD Sempron(tm) Processor 3800+ )
BIOS : Phoenix - AwardBIOS v6.00PG
USER : fannyrémi ( Administrator )
BOOT : Normal boot
Antivirus : avast! antivirus 4.8.1229 [VPS 080929-0] 4.8.1229 (Activated)
C:\ (Local Disk) - NTFS - Total : 111 Go Free : 86 Go
D:\ (Local Disk) - NTFS - Total : 111 Go Free : 91 Go
E:\ (CD or DVD)
F:\ (USB)
G:\ (USB)
H:\ (USB)
I:\ (USB)
"C:\Lop SD" ( MAJ : 19-09-2008|22:20 )
Option : [2] ( 29/09/2008|14:02 )
[ UAC => 1 ]
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION
Supprime! - C:\Users\FANNYR~1\AppData\Roaming\MICROS~1\Windows\Cookies\fannyrémi@adopt.euroclick[1].txt
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\
--------------------\\ Listing des dossiers dans Local
[28/09/2008|12:26] C:\Users\FANNYR~1\AppData\Local\Application Data
[28/09/2008|18:49] C:\Users\FANNYR~1\AppData\Local\ATI
[28/09/2008|19:09] C:\Users\FANNYR~1\AppData\Local\GDIPFONTCACHEV1.DAT
[28/09/2008|12:26] C:\Users\FANNYR~1\AppData\Local\Historique
[29/09/2008|13:08] C:\Users\FANNYR~1\AppData\Local\IconCache.db
[28/09/2008|17:13] C:\Users\FANNYR~1\AppData\Local\Microsoft
[28/09/2008|16:49] C:\Users\FANNYR~1\AppData\Local\PowerCinema
[29/09/2008|14:02] C:\Users\FANNYR~1\AppData\Local\Temp
[28/09/2008|12:26] C:\Users\FANNYR~1\AppData\Local\Temporary Internet Files
[28/09/2008|17:12] C:\Users\FANNYR~1\AppData\Local\VirtualStore
[28/09/2008|13:13] C:\Users\FANNYR~1\AppData\Local\WindowsUpdate
--------------------\\ Tâches planifiées dans C:\Windows\tasks
[29/09/2008 13:10][--ah-----] C:\Windows\tasks\SA.DAT
[29/09/2008 13:08][--a------] C:\Windows\tasks\SCHEDLGU.TXT
--------------------\\ Listing des dossiers dans C:\ProgramData
[06/05/2007|23:16] C:\ProgramData\{174892B1-CBE7-44F5-86FF-AB555EFD73A3}
[06/05/2007|23:17] C:\ProgramData\Adobe
[02/11/2006|14:59] C:\ProgramData\Application Data
[28/09/2008|12:21] C:\ProgramData\Bureau
[28/09/2008|13:11] C:\ProgramData\CyberLink
[02/11/2006|14:59] C:\ProgramData\Desktop
[02/11/2006|14:59] C:\ProgramData\Documents
[06/05/2007|23:26] C:\ProgramData\eSobi
[28/09/2008|12:21] C:\ProgramData\Favoris
[02/11/2006|14:59] C:\ProgramData\Favorites
[29/09/2008|10:29] C:\ProgramData\Flood Light Games
[29/09/2008|12:22] C:\ProgramData\iWin
[29/09/2008|12:37] C:\ProgramData\iWin Games
[28/09/2008|12:21] C:\ProgramData\Menu D‚marrer
[28/09/2008|20:15] C:\ProgramData\Messenger Plus!
[28/09/2008|16:59] C:\ProgramData\Microsoft
[29/09/2008|09:49] C:\ProgramData\Microsoft Help
[28/09/2008|12:21] C:\ProgramData\ModŠles
[28/09/2008|17:12] C:\ProgramData\Secondtonsbody
[02/11/2006|14:59] C:\ProgramData\Start Menu
[28/09/2008|18:58] C:\ProgramData\Symantec
[29/09/2008|12:36] C:\ProgramData\TEMP
[02/11/2006|14:59] C:\ProgramData\Templates
[28/09/2008|20:05] C:\ProgramData\WLInstaller
--------------------\\ Listing des dossiers dans C:\Program Files
[28/09/2008|12:45] C:\Program Files\Acer Inc
[06/05/2007|23:16] C:\Program Files\Activation Assistant for the 2007 Microsoft Office suites
[06/05/2007|23:17] C:\Program Files\Adobe
[28/09/2008|16:55] C:\Program Files\Alwil Software
[28/09/2008|12:31] C:\Program Files\ATI
[28/09/2008|12:35] C:\Program Files\ATI Technologies
[29/09/2008|12:54] C:\Program Files\BoontyGames
[29/09/2008|10:27] C:\Program Files\Common Files
[06/05/2007|23:25] C:\Program Files\Cyberlink
[28/09/2008|14:07] C:\Program Files\eSobi
[28/09/2008|12:21] C:\Program Files\Fichiers communs [C:\Program Files\Common Files]
[29/09/2008|10:27] C:\Program Files\GamesBar
[28/09/2008|19:07] C:\Program Files\InstallShield Installation Information
[28/09/2008|16:25] C:\Program Files\Internet Explorer
[29/09/2008|12:38] C:\Program Files\iWin.com
[29/09/2008|13:07] C:\Program Files\Messenger Plus! Live
[28/09/2008|17:03] C:\Program Files\Microsoft CAPICOM 2.1.0.2
[02/11/2006|14:35] C:\Program Files\Microsoft Games
[06/05/2007|23:16] C:\Program Files\Microsoft Office
[28/09/2008|16:53] C:\Program Files\Microsoft Works
[06/05/2007|23:14] C:\Program Files\Microsoft.NET
[02/11/2006|14:40] C:\Program Files\Movie Maker
[02/11/2006|14:35] C:\Program Files\MSBuild
[02/11/2006|14:35] C:\Program Files\MSN
[28/09/2008|13:08] C:\Program Files\MSXML 4.0
[06/05/2007|23:12] C:\Program Files\NewTech Infosystems
[29/09/2008|10:27] C:\Program Files\orange
[06/05/2007|23:00] C:\Program Files\Realtek
[02/11/2006|14:35] C:\Program Files\Reference Assemblies
[02/11/2006|14:58] C:\Program Files\Uninstall Information
[28/09/2008|16:25] C:\Program Files\Windows Calendar
[02/11/2006|14:40] C:\Program Files\Windows Collaboration
[28/09/2008|16:25] C:\Program Files\Windows Defender
[28/09/2008|20:05] C:\Program Files\Windows Live
[28/09/2008|16:25] C:\Program Files\Windows Mail
[28/09/2008|16:25] C:\Program Files\Windows Media Player
[28/09/2008|12:21] C:\Program Files\Windows NT
[02/11/2006|14:40] C:\Program Files\Windows Photo Gallery
[28/09/2008|16:24] C:\Program Files\Windows Sidebar
[28/09/2008|14:03] C:\Program Files\Yahoo!
--------------------\\ Listing des dossiers dans C:\Program Files\Common Files
[06/05/2007|23:17] C:\Program Files\Common Files\Adobe
[06/05/2007|23:14] C:\Program Files\Common Files\DESIGNER
[06/05/2007|23:23] C:\Program Files\Common Files\InstallShield
[06/05/2007|23:11] C:\Program Files\Common Files\LightScribe
[28/09/2008|17:08] C:\Program Files\Common Files\microsoft shared
[06/05/2007|23:11] C:\Program Files\Common Files\muvee Technologies
[06/05/2007|23:12] C:\Program Files\Common Files\NewTech Infosystems
[29/09/2008|10:27] C:\Program Files\Common Files\Oberon Media
[02/11/2006|13:18] C:\Program Files\Common Files\Services
[02/11/2006|13:18] C:\Program Files\Common Files\SpeechEngines
[28/09/2008|18:59] C:\Program Files\Common Files\Symantec Shared
[28/09/2008|16:25] C:\Program Files\Common Files\System
[28/09/2008|17:07] C:\Program Files\Common Files\WindowsLiveInstaller
--------------------\\ Process
( 57 Processes )
... OK !
--------------------\\ Recherche avec S_Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Recherche de Fichiers / Dossiers Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Verification du Registre
..... OK !
--------------------\\ Verification du fichier Hosts
Fichier Hosts PROPRE
--------------------\\ Recherche de fichiers avec Catchme
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-09-29 14:02:32
Windows 6.0.6000 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0
--------------------\\ Recherche d'autres infections
Aucune autre infection trouvée !
[F:98][D:24]-> C:\Users\FANNYR~1\AppData\Local\Temp
[F:193][D:1]-> C:\Users\FANNYR~1\AppData\Roaming\MICROS~1\Windows\Cookies
[F:73][D:4]-> C:\Users\FANNYR~1\AppData\Local\MICROS~1\Windows\TEMPOR~1\content.IE5
[F:15][D:4]-> C:\$Recycle.Bin
1 - "C:\Lop SD\LopR_1.txt" - 29/09/2008|13:47 - Option : [1]
2 - "C:\Lop SD\LopR_2.txt" - 29/09/2008|13:54 - Option : [2]
3 - "C:\Lop SD\LopR_3.txt" - 29/09/2008|14:03 - Option : [2]
--------------------\\ Fin du rapport a 14:03:36
[ UAC => 1 ] -
Refais un Hijackthis stp
-
-
Pardon, je croyais que tu en avais déjà fait un :
Télécharge le fichier d’installation d’Hijackthis en cliquant sur ce lien
http://www.trendsecure.com/portal/en-US/tools/security_tools/hijackthis/download
Enregistre HJTInstall.exe sur ton bureau.
Double-clique sur HJTInstall.exe pour lancer le programme
Tuto : https://www.malekal.com/tutoriel-hijackthis/
http://pagesperso-orange.fr/rginformatique/section%20virus/Hijenr.gif
http://pagesperso-orange.fr/rginformatique/section%20virus/demohijack.htm
Accepte la license en cliquant sur le bouton "I Accept"
Choisis l'option "Do a system scan and save a log file"
Clique sur "Save log" pour enregistrer le rapport qui s'ouvrira avec le bloc-note
Clique sur "Edition -> Sélectionner tout", puis sur "Edition -> Copier" pour copier tout le contenu du rapport
Colle le rapport que tu viens de copier sur ce forum
-
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:17:50, on 29/09/2008
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16711)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\RtHDVCpl.exe
C:\Windows\vsnpstd3.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Acer\Empowering Technology\eRecovery\ERAGENT.EXE
C:\Windows\System32\mobsync.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Internet Explorer\IEUser.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Windows\system32\conime.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\Macromed\Flash\FlashUtil9b.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://fr.rd.yahoo.com/customize/ycomp/defaults/sp/*https://fr.yahoo.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr.fr.acer.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://fr.yahoo.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://fr.rd.yahoo.com/customize/ycomp/defaults/su/*https://fr.yahoo.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: (no name) - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [WarReg_PopUp] C:\Acer\WR_PopUp\WarReg_PopUp.exe
O4 - HKLM\..\Run: [snpstd3] C:\Windows\vsnpstd3.exe
O4 - HKLM\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [] (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [] (User 'Default user')
O4 - Global Startup: Empowering Technology Launcher.lnk = ?
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
