Votre question

Probleme Pub Cid

Tags :
  • Windows
  • Sécurité
Dernière réponse : dans Sécurité et virus
9 Mars 2009 11:15:25

Bonjour a tous,

Voila j'ai le meme probleme que beaucoup de personne avec les pubs Cid qui commence bien a me prendre la tète. :( 

Donc voila mon scan Hijackthis, Merci de votre aide :ange: 

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:11:19, on 09/03/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\RtHDVCpl.exe
C:\Windows\system32\taskeng.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\Carbonite\Carbonite Backup\CarboniteUI.exe
C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Valve\Steam\Steam.exe
C:\Users\Rauks\Program Files\DNA\btdna.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Users\Rauks\AppData\Roaming\Microsoft\Live Search\Notification-LiveSearch.exe
C:\Users\Rauks\AppData\Roaming\Microsoft\Live Search\Mise-a-jour-LiveSearch.exe
C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Internet Explorer\ieuser.exe
C:\Program Files\Windows Live\Toolbar\wltuser.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\Macromed\Flash\FlashUtil10a.exe
C:\Users\Rauks\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\US3LYQDG\HiJackThis[1].exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://format.packardbell.com/cgi-bin/redirect/?country...
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://format.packardbell.com/cgi-bin/redirect/?country...
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Google\Google_BAE\BAE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Ask Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [toolbar_eula_launcher] C:\Program Files\Packard Bell\GOOGLE_EULA\EULALauncher.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Carbonite Backup] C:\Program Files\Carbonite\Carbonite Backup\CarboniteUI.exe
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
O4 - HKCU\..\Run: [SmpcSys] C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Steam] "c:\program files\valve\steam\steam.exe" -silent
O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Users\Rauks\Program Files\DNA\btdna.exe"
O4 - HKCU\..\Run: [Move Junk] "C:\ProgramData\onespamspam.pz1c7"
O4 - HKCU\..\Run: [Mode Load Mpeg Less] "C:\ProgramData\browse nurb close.cr4e0ap"
O4 - HKCU\..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - Startup: Outil de notification Live Search.lnk = C:\Users\Rauks\AppData\Roaming\Microsoft\Live Search\Notification-LiveSearch.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986....
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe Active File Monitor V6 (AdobeActiveFileMonitor6.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: CarboniteService - Carbonite, Inc. (www.carbonite.com) - C:\Program Files\Carbonite\Carbonite Backup\carboniteservice.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Generic Service for HID Keyboard Input Collections (GenericHidService) - Packard Bell BV - C:\Program Files\Packard bell\SAXO27\HIDSERVICE.EXE
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\Windows\system32\IoctlSvc.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe

--
End of file - 10471 bytes

Autres pages sur : probleme pub cid

a c 327 8 Sécurité
a b 9 Windows
9 Mars 2009 11:38:40

Salut,

  • Désactive l'UAC le temps de la désinfection.

  • Télécharge Lop S&D sur ton Bureau.
  • Double-clique dessus pour lancer l'installation.
  • Puis double-clique sur le raccourci Lop S&D présent sur ton Bureau.
    (Sous Vista, il faut cliquer droit sur Lop S&D et choisir Exécuter en tant qu'administrateur)
  • Sélectionne la langue souhaitée, puis choisis l'option 1 (Recherche) .
  • Patiente jusqu'à la fin du scan.
  • Poste le rapport généré (C:\lopR.txt).
    9 Mars 2009 12:13:05

    Voila, voila


    --------------------\\ Lop S&D 4.2.5-0 XP/Vista

    Microsoft® Windows Vista™ Édition Familiale Premium ( v6.0.6001 ) Service Pack 1
    X86-based PC ( Multiprocessor Free : Intel(R) Core(TM)2 Quad CPU Q9300 @ 2.50GHz )
    BIOS : Phoenix - AwardBIOS v6.00PG
    USER : Rauks ( Administrator )
    BOOT : Normal boot
    C:\ (Local Disk) - NTFS - Total:453 Go (Free:342 Go)
    D:\ (CD or DVD)
    E:\ (USB)
    F:\ (USB)
    G:\ (USB)
    H:\ (USB)

    "C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
    Option : [1] ( 09/03/2009|12:10 )

    [ UAC => 1 ]

    --------------------\\ Listing des dossiers dans Local

    [27/01/2009|08:52] C:\Users\Rauks\AppData\Local\Adobe
    [15/02/2009|20:35] C:\Users\Rauks\AppData\Local\Ahead
    [12/02/2009|21:17] C:\Users\Rauks\AppData\Local\Apple
    [01/03/2009|13:12] C:\Users\Rauks\AppData\Local\Apple Computer
    [20/01/2009|16:10] C:\Users\Rauks\AppData\Local\Application Data
    [03/02/2009|07:11] C:\Users\Rauks\AppData\Local\d3d9caps.dat
    [20/01/2009|17:37] C:\Users\Rauks\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    [20/01/2009|21:27] C:\Users\Rauks\AppData\Local\DNA
    [12/02/2009|08:42] C:\Users\Rauks\AppData\Local\Downloaded Installations
    [20/01/2009|16:16] C:\Users\Rauks\AppData\Local\GDIPFONTCACHEV1.DAT
    [08/03/2009|19:31] C:\Users\Rauks\AppData\Local\Google
    [20/01/2009|16:10] C:\Users\Rauks\AppData\Local\Historique
    [08/03/2009|20:59] C:\Users\Rauks\AppData\Local\IconCache.db
    [27/01/2009|19:48] C:\Users\Rauks\AppData\Local\Microsoft
    [02/02/2009|12:37] C:\Users\Rauks\AppData\Local\Microsoft Games
    [20/01/2009|16:58] C:\Users\Rauks\AppData\Local\Mozilla
    [13/02/2009|09:59] C:\Users\Rauks\AppData\Local\Packard Bell
    [09/03/2009|11:21] C:\Users\Rauks\AppData\Local\Temp
    [20/01/2009|16:10] C:\Users\Rauks\AppData\Local\Temporary Internet Files
    [06/02/2009|17:31] C:\Users\Rauks\AppData\Local\VirtualStore

    --------------------\\ Tâches planifiées dans C:\Windows\tasks

    [09/03/2009 12:00][--a------] C:\Windows\tasks\Extension de garantie-Rauks.job
    [09/03/2009 12:00][--a------] C:\Windows\tasks\Recovery DVD Creator-Rauks.job
    [09/03/2009 09:39][--ah-----] C:\Windows\tasks\SA.DAT
    [08/03/2009 20:59][--a------] C:\Windows\tasks\SCHEDLGU.TXT

    --------------------\\ Listing des dossiers dans C:\ProgramData

    [12/02/2009|21:19] C:\ProgramData\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
    [27/01/2009|09:05] C:\ProgramData\Adobe
    [12/02/2009|21:17] C:\ProgramData\Apple
    [12/02/2009|21:19] C:\ProgramData\Apple Computer
    [02/11/2006|14:02] C:\ProgramData\Application Data
    [19/02/2009|09:05] C:\ProgramData\Blizzard
    [12/02/2009|21:39] C:\ProgramData\browse nurb close.cr4e0ap
    [20/01/2009|16:06] C:\ProgramData\Bureau
    [15/02/2009|10:59] C:\ProgramData\Carbonite
    [02/11/2006|14:02] C:\ProgramData\Desktop
    [02/11/2006|14:02] C:\ProgramData\Documents
    [22/01/2009|20:53] C:\ProgramData\eMule
    [01/02/2009|20:08] C:\ProgramData\ezsidmv.dat
    [20/01/2009|16:06] C:\ProgramData\Favoris
    [02/11/2006|14:02] C:\ProgramData\Favorites
    [08/03/2009|19:31] C:\ProgramData\Google
    [12/02/2009|08:37] C:\ProgramData\Logishrd
    [06/02/2009|17:24] C:\ProgramData\Logitech
    [20/01/2009|16:06] C:\ProgramData\Menu D‚marrer
    [13/02/2009|08:34] C:\ProgramData\Messenger Plus!
    [18/02/2009|14:58] C:\ProgramData\Microsoft
    [20/01/2009|21:29] C:\ProgramData\Microsoft Help
    [20/01/2009|16:06] C:\ProgramData\ModŠles
    [05/06/2008|07:43] C:\ProgramData\Nero
    [20/01/2009|17:40] C:\ProgramData\NVIDIA
    [12/02/2009|21:38] C:\ProgramData\onespamspam.gdn027
    [12/02/2009|21:38] C:\ProgramData\onespamspam.pz1c7
    [12/02/2009|21:41] C:\ProgramData\PARTMAILFORK
    [21/02/2009|13:31] C:\ProgramData\rkfree
    [05/06/2008|07:53] C:\ProgramData\Skype
    [02/11/2006|14:02] C:\ProgramData\Start Menu
    [13/02/2009|10:04] C:\ProgramData\Symantec
    [19/02/2009|09:20] C:\ProgramData\TEMP
    [02/11/2006|14:02] C:\ProgramData\Templates
    [12/02/2009|21:39] C:\ProgramData\two setup mode load
    [07/02/2009|10:38] C:\ProgramData\WindowsSearch

    --------------------\\ Listing des dossiers dans C:\Program Files

    [27/01/2009|09:05] C:\Program Files\Adobe
    [13/02/2009|09:09] C:\Program Files\Alwil Software
    [12/02/2009|21:17] C:\Program Files\Apple Software Update
    [20/01/2009|21:26] C:\Program Files\AskBarDis
    [20/01/2009|21:27] C:\Program Files\BitTorrent
    [15/02/2009|19:32] C:\Program Files\Bonjour
    [15/02/2009|10:59] C:\Program Files\Carbonite
    [08/03/2009|15:25] C:\Program Files\CCleaner
    [12/02/2009|21:37] C:\Program Files\Circle Developement
    [17/02/2009|16:29] C:\Program Files\Common Files
    [20/01/2009|21:27] C:\Program Files\DNA
    [19/02/2009|09:25] C:\Program Files\Dofus
    [12/02/2009|21:34] C:\Program Files\DVDVideoSoft
    [20/01/2009|16:06] C:\Program Files\Fichiers communs [C:\Program Files\Common Files]
    [08/03/2009|19:47] C:\Program Files\Google
    [05/06/2008|07:37] C:\Program Files\HDReg
    [09/03/2009|10:50] C:\Program Files\iNetFormFiller Trial
    [06/02/2009|17:26] C:\Program Files\InstallShield Installation Information
    [12/02/2009|21:18] C:\Program Files\Internet Explorer
    [12/02/2009|21:19] C:\Program Files\iPod
    [12/02/2009|21:19] C:\Program Files\iTunes
    [03/02/2009|21:11] C:\Program Files\Java
    [03/02/2009|21:12] C:\Program Files\LimeWire
    [06/02/2009|17:27] C:\Program Files\Logitech
    [12/02/2009|21:37] C:\Program Files\Messenger Plus! Live
    [20/01/2009|21:36] C:\Program Files\Microsoft
    [02/11/2006|13:37] C:\Program Files\Microsoft Games
    [28/02/2009|19:26] C:\Program Files\Microsoft Office
    [05/06/2008|07:53] C:\Program Files\Microsoft Office Suite Activation Assistant
    [27/02/2009|22:22] C:\Program Files\Microsoft Silverlight
    [18/02/2009|14:57] C:\Program Files\Microsoft SQL Server Compact Edition
    [18/02/2009|14:59] C:\Program Files\Microsoft Sync Framework
    [05/06/2008|07:50] C:\Program Files\Microsoft Works
    [05/06/2008|07:49] C:\Program Files\Microsoft.NET
    [05/06/2008|17:13] C:\Program Files\Movie Maker
    [20/01/2009|17:40] C:\Program Files\Mozilla Firefox
    [02/11/2006|13:37] C:\Program Files\MSBuild
    [20/01/2009|16:34] C:\Program Files\MSXML 4.0
    [20/02/2009|13:13] C:\Program Files\Mumble
    [05/06/2008|07:43] C:\Program Files\Nero
    [05/06/2008|07:44] C:\Program Files\NeroInstall.bak
    [05/06/2008|07:53] C:\Program Files\Packard Bell
    [21/01/2009|17:24] C:\Program Files\PhotoFiltre
    [12/02/2009|21:18] C:\Program Files\QuickTime
    [05/06/2008|07:33] C:\Program Files\Realtek
    [02/11/2006|13:37] C:\Program Files\Reference Assemblies
    [08/03/2009|19:50] C:\Program Files\RKFree
    [15/02/2009|19:41] C:\Program Files\Safari
    [05/06/2008|07:38] C:\Program Files\Seagate
    [05/06/2008|07:53] C:\Program Files\Skype
    [18/02/2009|16:59] C:\Program Files\SoftInform
    [20/01/2009|19:00] C:\Program Files\Teamspeak2_RC2
    [02/11/2006|14:01] C:\Program Files\Uninstall Information
    [20/01/2009|18:17] C:\Program Files\Valve
    [20/01/2009|17:50] C:\Program Files\VideoLAN
    [09/02/2009|17:54] C:\Program Files\Wakfu
    [05/06/2008|17:13] C:\Program Files\Windows Calendar
    [05/06/2008|17:13] C:\Program Files\Windows Collaboration
    [05/06/2008|17:13] C:\Program Files\Windows Defender
    [05/06/2008|17:13] C:\Program Files\Windows Journal
    [18/02/2009|14:59] C:\Program Files\Windows Live
    [20/01/2009|18:01] C:\Program Files\Windows Live SkyDrive
    [12/02/2009|08:39] C:\Program Files\Windows Mail
    [05/06/2008|17:13] C:\Program Files\Windows Media Player
    [20/01/2009|16:06] C:\Program Files\Windows NT
    [05/06/2008|17:13] C:\Program Files\Windows Photo Gallery
    [05/06/2008|17:13] C:\Program Files\Windows Sidebar
    [20/02/2009|14:56] C:\Program Files\WowCartographe

    --------------------\\ Listing des dossiers dans C:\Program Files\Common Files

    [27/01/2009|09:05] C:\Program Files\Common Files\Adobe
    [12/02/2009|21:19] C:\Program Files\Common Files\Apple
    [17/02/2009|16:30] C:\Program Files\Common Files\Blizzard Entertainment
    [05/06/2008|07:50] C:\Program Files\Common Files\DESIGNER
    [12/02/2009|21:34] C:\Program Files\Common Files\DVDVideoSoft
    [05/06/2008|07:33] C:\Program Files\Common Files\InstallShield
    [06/02/2009|17:31] C:\Program Files\Common Files\LogiShrd
    [12/02/2009|08:43] C:\Program Files\Common Files\Logitech
    [05/06/2008|07:41] C:\Program Files\Common Files\Macrovision Shared
    [18/02/2009|14:56] C:\Program Files\Common Files\microsoft shared
    [05/06/2008|07:43] C:\Program Files\Common Files\Nero
    [02/11/2006|12:18] C:\Program Files\Common Files\Services
    [01/02/2009|20:06] C:\Program Files\Common Files\Skype
    [02/11/2006|12:18] C:\Program Files\Common Files\SpeechEngines
    [08/03/2009|12:23] C:\Program Files\Common Files\Steam
    [13/02/2009|10:57] C:\Program Files\Common Files\Symantec Shared
    [05/06/2008|17:13] C:\Program Files\Common Files\System
    [20/01/2009|17:48] C:\Program Files\Common Files\Windows Live

    --------------------\\ Process

    ( 85 Processes )

    iexplore.exe ~ [PID:2852]
    iexplore.exe ~ [PID:2872]
    iexplore.exe ~ [PID:4656]

    --------------------\\ Recherche avec S_Lop

    C:\ProgramData\onespamspam.pz1c7
    C:\ProgramData\onespamspam.gdn027
    C:\ProgramData\browse nurb close.cr4e0ap

    --------------------\\ Recherche de Fichiers / Dossiers Lop

    C:\ProgramData\two setup mode load
    C:\ProgramData\two setup mode load\second internet.dat
    C:\ProgramData\two setup mode load\second internet.exe
    C:\Program Files\Circle Developement
    C:\Program Files\Circle Developement\Uninstall.exe

    --------------------\\ Verification du Registre

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "Move Junk"="\"C:\\ProgramData\\onespamspam.pz1c7\""
    "Mode Load Mpeg Less"="\"C:\\ProgramData\\browse nurb close.cr4e0ap\""

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

    --------------------\\ Verification du fichier Hosts

    Fichier Hosts PROPRE


    --------------------\\ Recherche de fichiers avec Catchme

    catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2009-03-09 12:11:03
    Windows 6.0.6001 Service Pack 1 NTFS
    scanning hidden processes ...
    scanning hidden files ...
    scan completed successfully
    hidden processes: 0
    hidden files: 0

    --------------------\\ Recherche d'autres infections

    --------------------\\ Cracks & Keygens ..

    C:\Users\Rauks\Favorites\Dailymotion - Steam keygen. TOUS LES JEUX STEAM !, une vid‚o de x-h4x0or. steam, cs1.6, czz, css, game.url


    [F:110][D:22]-> C:\Users\Rauks\AppData\Local\Temp
    [F:107][D:1]-> C:\Users\Rauks\AppData\Roaming\MICROS~1\Windows\Cookies
    [F:847][D:6]-> C:\Users\Rauks\AppData\Local\MICROS~1\Windows\TEMPOR~1\content.IE5
    [F:6][D:2]-> C:\$Recycle.Bin

    1 - "C:\Lop SD\LopR_1.txt" - 09/03/2009|12:12 - Option : [1]

    --------------------\\ Fin du rapport a 12:12:04
    [ UAC => 1 ]
    Contenus similaires
    a c 327 8 Sécurité
    a b 9 Windows
    9 Mars 2009 12:49:59

  • Relance Lop S&D.
    (Sous Vista, il faut cliquer droit sur Lop S&D et choisir Exécuter en tant qu'administrateur)
  • Choisis cette fois-ci l'option 2 (Suppression).
  • Ne ferme pas la fenêtre lors de la suppression !
  • Poste le rapport généré (C:\lopR.txt).

    (Si le Bureau ne réapparaît pas, presse Ctrl+Alt+Suppr, Onglet Fichier, Nouvelle tâche, tape explorer.exe et valide)
    9 Mars 2009 13:30:50

    Voila le rapport

    --------------------\\ Lop S&D 4.2.5-0 XP/Vista

    Microsoft® Windows Vista™ Édition Familiale Premium ( v6.0.6001 ) Service Pack 1
    X86-based PC ( Multiprocessor Free : Intel(R) Core(TM)2 Quad CPU Q9300 @ 2.50GHz )
    BIOS : Phoenix - AwardBIOS v6.00PG
    USER : Rauks ( Administrator )
    BOOT : Normal boot
    C:\ (Local Disk) - NTFS - Total:453 Go (Free:350 Go)
    D:\ (CD or DVD)
    E:\ (USB)
    F:\ (USB)
    G:\ (USB)
    H:\ (USB)

    "C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
    Option : [2] ( 09/03/2009|13:20 )

    [ UAC => 1 ]


    \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION

    Supprime! - C:\ProgramData\two setup mode load\second internet.dat
    Supprime! - C:\ProgramData\two setup mode load\second internet.exe
    Supprime! - C:\Program Files\Circle Developement\Uninstall.exe
    Supprime! - C:\ProgramData\onespamspam.pz1c7
    Supprime! - C:\ProgramData\onespamspam.gdn027
    Supprime! - C:\ProgramData\browse nurb close.cr4e0ap
    Supprime! - C:\ProgramData\two setup mode load
    Supprime! - C:\Program Files\Circle Developement
    -
    [ Fichier Hosts ] .. Restaure!

    \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\


    --------------------\\ Listing des dossiers dans Local

    [27/01/2009|08:52] C:\Users\Rauks\AppData\Local\Adobe
    [15/02/2009|20:35] C:\Users\Rauks\AppData\Local\Ahead
    [12/02/2009|21:17] C:\Users\Rauks\AppData\Local\Apple
    [01/03/2009|13:12] C:\Users\Rauks\AppData\Local\Apple Computer
    [20/01/2009|16:10] C:\Users\Rauks\AppData\Local\Application Data
    [03/02/2009|07:11] C:\Users\Rauks\AppData\Local\d3d9caps.dat
    [20/01/2009|17:37] C:\Users\Rauks\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    [20/01/2009|21:27] C:\Users\Rauks\AppData\Local\DNA
    [12/02/2009|08:42] C:\Users\Rauks\AppData\Local\Downloaded Installations
    [20/01/2009|16:16] C:\Users\Rauks\AppData\Local\GDIPFONTCACHEV1.DAT
    [08/03/2009|19:31] C:\Users\Rauks\AppData\Local\Google
    [20/01/2009|16:10] C:\Users\Rauks\AppData\Local\Historique
    [08/03/2009|20:59] C:\Users\Rauks\AppData\Local\IconCache.db
    [27/01/2009|19:48] C:\Users\Rauks\AppData\Local\Microsoft
    [02/02/2009|12:37] C:\Users\Rauks\AppData\Local\Microsoft Games
    [20/01/2009|16:58] C:\Users\Rauks\AppData\Local\Mozilla
    [13/02/2009|09:59] C:\Users\Rauks\AppData\Local\Packard Bell
    [09/03/2009|13:20] C:\Users\Rauks\AppData\Local\Temp
    [20/01/2009|16:10] C:\Users\Rauks\AppData\Local\Temporary Internet Files
    [06/02/2009|17:31] C:\Users\Rauks\AppData\Local\VirtualStore

    --------------------\\ Tâches planifiées dans C:\Windows\tasks

    [09/03/2009 13:00][--a------] C:\Windows\tasks\Extension de garantie-Rauks.job
    [09/03/2009 13:00][--a------] C:\Windows\tasks\Recovery DVD Creator-Rauks.job
    [09/03/2009 09:39][--ah-----] C:\Windows\tasks\SA.DAT
    [08/03/2009 20:59][--a------] C:\Windows\tasks\SCHEDLGU.TXT

    --------------------\\ Listing des dossiers dans C:\ProgramData

    [12/02/2009|21:19] C:\ProgramData\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
    [27/01/2009|09:05] C:\ProgramData\Adobe
    [12/02/2009|21:17] C:\ProgramData\Apple
    [12/02/2009|21:19] C:\ProgramData\Apple Computer
    [02/11/2006|14:02] C:\ProgramData\Application Data
    [19/02/2009|09:05] C:\ProgramData\Blizzard
    [20/01/2009|16:06] C:\ProgramData\Bureau
    [15/02/2009|10:59] C:\ProgramData\Carbonite
    [02/11/2006|14:02] C:\ProgramData\Desktop
    [02/11/2006|14:02] C:\ProgramData\Documents
    [22/01/2009|20:53] C:\ProgramData\eMule
    [01/02/2009|20:08] C:\ProgramData\ezsidmv.dat
    [20/01/2009|16:06] C:\ProgramData\Favoris
    [02/11/2006|14:02] C:\ProgramData\Favorites
    [08/03/2009|19:31] C:\ProgramData\Google
    [12/02/2009|08:37] C:\ProgramData\Logishrd
    [06/02/2009|17:24] C:\ProgramData\Logitech
    [20/01/2009|16:06] C:\ProgramData\Menu D‚marrer
    [13/02/2009|08:34] C:\ProgramData\Messenger Plus!
    [18/02/2009|14:58] C:\ProgramData\Microsoft
    [20/01/2009|21:29] C:\ProgramData\Microsoft Help
    [20/01/2009|16:06] C:\ProgramData\ModŠles
    [05/06/2008|07:43] C:\ProgramData\Nero
    [20/01/2009|17:40] C:\ProgramData\NVIDIA
    [12/02/2009|21:41] C:\ProgramData\PARTMAILFORK
    [21/02/2009|13:31] C:\ProgramData\rkfree
    [05/06/2008|07:53] C:\ProgramData\Skype
    [02/11/2006|14:02] C:\ProgramData\Start Menu
    [13/02/2009|10:04] C:\ProgramData\Symantec
    [19/02/2009|09:20] C:\ProgramData\TEMP
    [02/11/2006|14:02] C:\ProgramData\Templates
    [07/02/2009|10:38] C:\ProgramData\WindowsSearch

    --------------------\\ Listing des dossiers dans C:\Program Files

    [27/01/2009|09:05] C:\Program Files\Adobe
    [13/02/2009|09:09] C:\Program Files\Alwil Software
    [12/02/2009|21:17] C:\Program Files\Apple Software Update
    [20/01/2009|21:26] C:\Program Files\AskBarDis
    [20/01/2009|21:27] C:\Program Files\BitTorrent
    [15/02/2009|19:32] C:\Program Files\Bonjour
    [15/02/2009|10:59] C:\Program Files\Carbonite
    [08/03/2009|15:25] C:\Program Files\CCleaner
    [17/02/2009|16:29] C:\Program Files\Common Files
    [20/01/2009|21:27] C:\Program Files\DNA
    [19/02/2009|09:25] C:\Program Files\Dofus
    [12/02/2009|21:34] C:\Program Files\DVDVideoSoft
    [20/01/2009|16:06] C:\Program Files\Fichiers communs [C:\Program Files\Common Files]
    [08/03/2009|19:47] C:\Program Files\Google
    [05/06/2008|07:37] C:\Program Files\HDReg
    [09/03/2009|10:50] C:\Program Files\iNetFormFiller Trial
    [06/02/2009|17:26] C:\Program Files\InstallShield Installation Information
    [12/02/2009|21:18] C:\Program Files\Internet Explorer
    [12/02/2009|21:19] C:\Program Files\iPod
    [12/02/2009|21:19] C:\Program Files\iTunes
    [03/02/2009|21:11] C:\Program Files\Java
    [03/02/2009|21:12] C:\Program Files\LimeWire
    [06/02/2009|17:27] C:\Program Files\Logitech
    [12/02/2009|21:37] C:\Program Files\Messenger Plus! Live
    [20/01/2009|21:36] C:\Program Files\Microsoft
    [02/11/2006|13:37] C:\Program Files\Microsoft Games
    [28/02/2009|19:26] C:\Program Files\Microsoft Office
    [05/06/2008|07:53] C:\Program Files\Microsoft Office Suite Activation Assistant
    [27/02/2009|22:22] C:\Program Files\Microsoft Silverlight
    [18/02/2009|14:57] C:\Program Files\Microsoft SQL Server Compact Edition
    [18/02/2009|14:59] C:\Program Files\Microsoft Sync Framework
    [05/06/2008|07:50] C:\Program Files\Microsoft Works
    [05/06/2008|07:49] C:\Program Files\Microsoft.NET
    [05/06/2008|17:13] C:\Program Files\Movie Maker
    [20/01/2009|17:40] C:\Program Files\Mozilla Firefox
    [02/11/2006|13:37] C:\Program Files\MSBuild
    [20/01/2009|16:34] C:\Program Files\MSXML 4.0
    [20/02/2009|13:13] C:\Program Files\Mumble
    [05/06/2008|07:43] C:\Program Files\Nero
    [05/06/2008|07:44] C:\Program Files\NeroInstall.bak
    [05/06/2008|07:53] C:\Program Files\Packard Bell
    [21/01/2009|17:24] C:\Program Files\PhotoFiltre
    [12/02/2009|21:18] C:\Program Files\QuickTime
    [05/06/2008|07:33] C:\Program Files\Realtek
    [02/11/2006|13:37] C:\Program Files\Reference Assemblies
    [08/03/2009|19:50] C:\Program Files\RKFree
    [15/02/2009|19:41] C:\Program Files\Safari
    [05/06/2008|07:38] C:\Program Files\Seagate
    [05/06/2008|07:53] C:\Program Files\Skype
    [18/02/2009|16:59] C:\Program Files\SoftInform
    [20/01/2009|19:00] C:\Program Files\Teamspeak2_RC2
    [02/11/2006|14:01] C:\Program Files\Uninstall Information
    [20/01/2009|18:17] C:\Program Files\Valve
    [20/01/2009|17:50] C:\Program Files\VideoLAN
    [09/02/2009|17:54] C:\Program Files\Wakfu
    [05/06/2008|17:13] C:\Program Files\Windows Calendar
    [05/06/2008|17:13] C:\Program Files\Windows Collaboration
    [05/06/2008|17:13] C:\Program Files\Windows Defender
    [05/06/2008|17:13] C:\Program Files\Windows Journal
    [18/02/2009|14:59] C:\Program Files\Windows Live
    [20/01/2009|18:01] C:\Program Files\Windows Live SkyDrive
    [12/02/2009|08:39] C:\Program Files\Windows Mail
    [05/06/2008|17:13] C:\Program Files\Windows Media Player
    [20/01/2009|16:06] C:\Program Files\Windows NT
    [05/06/2008|17:13] C:\Program Files\Windows Photo Gallery
    [05/06/2008|17:13] C:\Program Files\Windows Sidebar
    [20/02/2009|14:56] C:\Program Files\WowCartographe

    --------------------\\ Listing des dossiers dans C:\Program Files\Common Files

    [27/01/2009|09:05] C:\Program Files\Common Files\Adobe
    [12/02/2009|21:19] C:\Program Files\Common Files\Apple
    [17/02/2009|16:30] C:\Program Files\Common Files\Blizzard Entertainment
    [05/06/2008|07:50] C:\Program Files\Common Files\DESIGNER
    [12/02/2009|21:34] C:\Program Files\Common Files\DVDVideoSoft
    [05/06/2008|07:33] C:\Program Files\Common Files\InstallShield
    [06/02/2009|17:31] C:\Program Files\Common Files\LogiShrd
    [12/02/2009|08:43] C:\Program Files\Common Files\Logitech
    [05/06/2008|07:41] C:\Program Files\Common Files\Macrovision Shared
    [18/02/2009|14:56] C:\Program Files\Common Files\microsoft shared
    [05/06/2008|07:43] C:\Program Files\Common Files\Nero
    [02/11/2006|12:18] C:\Program Files\Common Files\Services
    [01/02/2009|20:06] C:\Program Files\Common Files\Skype
    [02/11/2006|12:18] C:\Program Files\Common Files\SpeechEngines
    [08/03/2009|12:23] C:\Program Files\Common Files\Steam
    [13/02/2009|10:57] C:\Program Files\Common Files\Symantec Shared
    [05/06/2008|17:13] C:\Program Files\Common Files\System
    [20/01/2009|17:48] C:\Program Files\Common Files\Windows Live

    --------------------\\ Process

    ( 84 Processes )

    ... OK !

    --------------------\\ Recherche avec S_Lop

    Aucun fichier / dossier Lop trouvé !

    --------------------\\ Recherche de Fichiers / Dossiers Lop

    Aucun fichier / dossier Lop trouvé !

    --------------------\\ Verification du Registre

    ..... OK !

    --------------------\\ Verification du fichier Hosts

    Fichier Hosts PROPRE


    --------------------\\ Recherche de fichiers avec Catchme

    catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2009-03-09 13:21:14
    Windows 5.1.2600 Service Pack 2 NTFS
    detected NTDLL code modification:
    ZwEnumerateKey, ZwQueryKey, ZwOpenKey, ZwClose, ZwEnumerateValueKey, ZwQueryValueKey, ZwOpenFile, ZwQueryDirectoryFile, ZwQuerySystemInformation
    scanning hidden processes ...
    scanning hidden files ...
    scan completed successfully
    hidden processes: 0
    hidden files: 0

    --------------------\\ Recherche d'autres infections

    --------------------\\ Cracks & Keygens ..

    C:\Users\Rauks\Favorites\Dailymotion - Steam keygen. TOUS LES JEUX STEAM !, une vid‚o de x-h4x0or. steam, cs1.6, czz, css, game.url


    [F:113][D:23]-> C:\Users\Rauks\AppData\Local\Temp
    [F:114][D:1]-> C:\Users\Rauks\AppData\Roaming\MICROS~1\Windows\Cookies
    [F:856][D:6]-> C:\Users\Rauks\AppData\Local\MICROS~1\Windows\TEMPOR~1\content.IE5
    [F:6][D:2]-> C:\$Recycle.Bin

    1 - "C:\Lop SD\LopR_1.txt" - 09/03/2009|12:12 - Option : [1]
    2 - "C:\Lop SD\LopR_2.txt" - 09/03/2009|13:22 - Option : [2]

    --------------------\\ Fin du rapport a 13:22:13
    [ UAC => 1 ]
    a c 327 8 Sécurité
    a b 9 Windows
    9 Mars 2009 16:33:08

  • Télécharge Toolbar S&D (Team IDN) sur ton Bureau.
  • Lance l'installation du programme en exécutant le fichier téléchargé.
  • Double-clique maintenant sur le raccourci de Toolbar S&D.
    (Sous Vista, il faut cliquer droit sur le raccourci de Toolbar S&D et choisir Exécuter en tant qu'administrateur)
  • Sélectionne la langue souhaitée en tapant la lettre de ton choix puis en validant avec la touche Entrée.
  • Choisis maintenant l'option 1 (Recherche). Patiente jusqu'à la fin de la recherche.
  • Poste le rapport généré. (C:\TB.txt)
    Tom's guide dans le monde
    • Allemagne
    • Italie
    • Irlande
    • Royaume Uni
    • Etats Unis
    Suivre Tom's Guide
    Inscrivez-vous à la Newsletter
    • ajouter à twitter
    • ajouter à facebook
    • ajouter un flux RSS