Votre question

pub CID résolu

Tags :
  • Sécurité
Dernière réponse : dans Sécurité et virus
6 Septembre 2008 11:06:30

:fou:  bonjour,
J'ai besoin d'aide car je suis embêté par des pubs CID qulequ'un peut il m'aider?
J'ai tout essayé pour les supprimer cette sup etait incluse comme sponsor dans messenger plus que j'ai supprimé.
Mais rien de changé, dans les programmes pas de CID Help, Circle developement et Adverts.
Voici un rapport

--------------------\\ Lop S&D 4.2.4-0 XP/Vista

Microsoft® Windows Vista™ Édition Familiale Premium ( v6.0.6001 ) Service Pack 1
X86-based PC ( Multiprocessor Free : Intel(R) Pentium(R) D CPU 2.80GHz )
BIOS : Phoenix - AwardBIOS v6.00PG
USER : Fernand ( Administrator )
BOOT : Normal boot
Antivirus : avast! antivirus 4.8.1229 [VPS 080905-0] 4.8.1229 (Activated)
Firewall : ZoneAlarm Firewall 7.1.254.000 (Activated)

"C:\Lop SD" ( MAJ : 04-09-2008|09:55 )
Option : [1] ( 06/09/2008| 9:13 )

[ UAC => 1 ]

--------------------\\ Listing des dossiers dans Local

[25/12/2007|22:21] C:\Users\Fernand\AppData\Local\Adobe
[14/08/2007|17:54] C:\Users\Fernand\AppData\Local\Ahead
[15/08/2007|01:04] C:\Users\Fernand\AppData\Local\Apple
[16/07/2008|20:18] C:\Users\Fernand\AppData\Local\Apple Computer
[14/08/2007|16:18] C:\Users\Fernand\AppData\Local\Application Data
[25/08/2007|16:00] C:\Users\Fernand\AppData\Local\Ashampoo
[01/09/2008|22:10] C:\Users\Fernand\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[18/01/2008|19:40] C:\Users\Fernand\AppData\Local\GDIPFONTCACHEV1.DAT
[04/09/2008|21:35] C:\Users\Fernand\AppData\Local\Google
[14/08/2007|16:18] C:\Users\Fernand\AppData\Local\Historique
[05/09/2008|21:47] C:\Users\Fernand\AppData\Local\IconCache.db
[12/06/2008|20:35] C:\Users\Fernand\AppData\Local\IM
[15/08/2007|22:19] C:\Users\Fernand\AppData\Local\Magentic
[04/09/2008|20:43] C:\Users\Fernand\AppData\Local\Microsoft
[19/06/2008|22:49] C:\Users\Fernand\AppData\Local\Mozilla
[06/09/2008|09:11] C:\Users\Fernand\AppData\Local\Temp
[14/08/2007|16:18] C:\Users\Fernand\AppData\Local\Temporary Internet Files
[08/12/2007|19:56] C:\Users\Fernand\AppData\Local\Thunderbird
[14/08/2007|19:01] C:\Users\Fernand\AppData\Local\VirtualStore
[14/08/2007|17:28] C:\Users\Fernand\AppData\Local\WindowsUpdate

--------------------\\ Tâches planifiées dans C:\Windows\tasks

[06/09/2008 08:50][--ah-----] C:\Windows\tasks\User_Feed_Synchronization-{FE07674E-C438-470A-9BA8-8980F9C35249}.job
[05/09/2008 21:27][--a------] C:\Windows\tasks\V‚rifier les mises … jour de Windows Live Toolbar.job
[06/09/2008 08:30][--ah-----] C:\Windows\tasks\SA.DAT
[05/09/2008 21:47][--a------] C:\Windows\tasks\SCHEDLGU.TXT

--------------------\\ Listing des dossiers dans C:\ProgramData

[02/09/2008|19:33] C:\ProgramData\ace once bolt.eowy02
[22/02/2008|14:56] C:\ProgramData\Adobe
[15/08/2007|01:43] C:\ProgramData\AOL Downloads
[15/08/2007|01:02] C:\ProgramData\Apple
[07/04/2008|00:27] C:\ProgramData\Apple Computer
[02/11/2006|15:02] C:\ProgramData\Application Data
[17/01/2008|20:01] C:\ProgramData\audio hole rect.n649m9
[12/08/2008|14:26] C:\ProgramData\avg8
[14/08/2007|16:12] C:\ProgramData\Bureau
[16/08/2007|09:25] C:\ProgramData\CanonBJ
[14/08/2007|16:46] C:\ProgramData\CheckPoint
[02/11/2006|15:02] C:\ProgramData\Desktop
[02/11/2006|15:02] C:\ProgramData\Documents
[04/08/2008|16:25] C:\ProgramData\eMule
[14/08/2007|16:12] C:\ProgramData\Favoris
[02/11/2006|15:02] C:\ProgramData\Favorites
[14/08/2007|17:44] C:\ProgramData\Google
[12/08/2008|12:50] C:\ProgramData\Grisoft
[10/08/2008|19:17] C:\ProgramData\IM
[10/08/2008|19:16] C:\ProgramData\IncrediMail
[12/08/2008|12:33] C:\ProgramData\Jsoft.fr
[14/08/2008|10:28] C:\ProgramData\Kaspersky Lab
[01/09/2007|14:18] C:\ProgramData\Kaspersky Lab Setup Files
[25/07/2008|20:06] C:\ProgramData\Lavasoft
[10/08/2008|13:47] C:\ProgramData\Malwarebytes
[14/08/2007|16:12] C:\ProgramData\Menu D‚marrer
[06/09/2008|08:34] C:\ProgramData\Messenger Plus!
[24/07/2008|21:56] C:\ProgramData\Microsoft
[14/08/2007|16:12] C:\ProgramData\ModŠles
[14/08/2007|18:22] C:\ProgramData\regs knob knob.3hikfxp
[02/09/2008|19:32] C:\ProgramData\regs knob knob.5yelz
[01/01/2008|20:30] C:\ProgramData\regs knob knob.8rjjjt8
[25/12/2007|19:36] C:\ProgramData\regs knob knob.9r4rv
[14/08/2007|18:22] C:\ProgramData\regs knob knob.dnh2ll
[17/01/2008|20:00] C:\ProgramData\regs knob knob.ezwql
[19/08/2007|09:31] C:\ProgramData\regs knob knob.guos555
[25/12/2007|19:36] C:\ProgramData\regs knob knob.l7dlccc
[19/08/2007|10:14] C:\ProgramData\regs knob knob.nzn3y
[19/08/2007|10:43] C:\ProgramData\regs knob knob.oisoo53
[19/08/2007|09:53] C:\ProgramData\regs knob knob.otk9bi
[02/09/2008|19:32] C:\ProgramData\regs knob knob.q45ngi
[07/01/2008|20:22] C:\ProgramData\regs knob knob.ruzw43n
[04/08/2008|18:28] C:\ProgramData\Spybot - Search & Destroy
[02/11/2006|15:02] C:\ProgramData\Start Menu
[06/09/2008|08:53] C:\ProgramData\TEMP
[02/11/2006|15:02] C:\ProgramData\Templates
[02/09/2008|19:33] C:\ProgramData\That Face Camp Shim
[25/12/2007|19:36] C:\ProgramData\THE SETTINGS DUPE.75co8
[04/09/2008|18:37] C:\ProgramData\Vc style face
[14/08/2007|18:17] C:\ProgramData\WindowsLiveInstaller
[12/08/2008|18:17] C:\ProgramData\WindowsSearch
[15/03/2008|13:52] C:\ProgramData\WLInstaller

--------------------\\ Listing des dossiers dans C:\Program Files

[29/08/2007|09:22] C:\Program Files\A.S.C
[16/07/2008|20:42] C:\Program Files\Adobe
[24/07/2008|20:00] C:\Program Files\Alwil Software
[27/10/2007|19:30] C:\Program Files\AOL
[08/08/2008|12:45] C:\Program Files\Apple Software Update
[12/08/2008|12:48] C:\Program Files\AVG
[02/08/2008|09:17] C:\Program Files\Axialis
[02/07/2008|20:22] C:\Program Files\BitTorrent
[16/07/2008|20:02] C:\Program Files\Bonjour
[17/08/2007|14:13] C:\Program Files\Calgoo
[14/08/2007|18:50] C:\Program Files\CCleaner
[12/08/2008|12:23] C:\Program Files\Common Files
[12/10/2007|23:56] C:\Program Files\Ecolo-info
[14/08/2007|16:12] C:\Program Files\Fichiers communs [C:\Program Files\Common Files]
[26/08/2007|14:51] C:\Program Files\Foxit Software
[05/08/2008|17:05] C:\Program Files\Google
[05/08/2008|13:06] C:\Program Files\Grisoft
[08/03/2008|10:27] C:\Program Files\IE7Pro
[24/05/2008|20:14] C:\Program Files\IEPro
[10/08/2008|19:27] C:\Program Files\IncrediMail
[10/08/2008|13:56] C:\Program Files\InstallShield Installation Information
[05/09/2008|18:23] C:\Program Files\Internet Explorer
[31/07/2008|18:39] C:\Program Files\iPod
[31/07/2008|18:39] C:\Program Files\iTunes
[13/07/2008|19:18] C:\Program Files\Java
[25/07/2008|20:06] C:\Program Files\Lavasoft
[02/09/2007|18:06] C:\Program Files\LimeWire
[07/12/2007|21:59] C:\Program Files\Magic-Radio
[10/08/2008|13:47] C:\Program Files\Malwarebytes' Anti-Malware
[26/08/2007|09:19] C:\Program Files\McAfee.com
[05/09/2008|21:17] C:\Program Files\Messenger Plus! Live
[02/11/2006|14:37] C:\Program Files\Microsoft Games
[25/03/2008|21:07] C:\Program Files\Microsoft Office
[28/10/2007|11:29] C:\Program Files\Microsoft Visual Studio
[12/12/2007|21:35] C:\Program Files\Microsoft Works
[28/10/2007|11:28] C:\Program Files\Microsoft.NET
[19/03/2008|21:50] C:\Program Files\Movie Maker
[28/08/2008|22:12] C:\Program Files\Mozilla Firefox
[16/12/2007|18:10] C:\Program Files\Mozilla Firefox 3 Beta 1
[02/08/2008|13:28] C:\Program Files\Mozilla Sunbird
[04/09/2008|21:19] C:\Program Files\Mozilla Thunderbird
[02/11/2006|14:37] C:\Program Files\MSBuild
[25/03/2008|21:06] C:\Program Files\MSECache
[11/08/2008|15:28] C:\Program Files\MSXML 4.0
[14/08/2007|17:51] C:\Program Files\Nero
[05/08/2008|13:05] C:\Program Files\PowerArchiver
[16/07/2008|20:01] C:\Program Files\QuickTime
[25/12/2007|22:16] C:\Program Files\Real
[02/11/2006|14:37] C:\Program Files\Reference Assemblies
[19/08/2007|16:03] C:\Program Files\RegCleaner
[19/08/2007|16:33] C:\Program Files\RogueRemover FREE
[19/08/2007|16:37] C:\Program Files\Sophos
[19/08/2007|16:24] C:\Program Files\speed-bit
[04/08/2008|18:30] C:\Program Files\Spybot - Search & Destroy
[05/09/2008|18:23] C:\Program Files\Spyware Doctor
[18/08/2007|10:09] C:\Program Files\Sun
[11/08/2008|21:35] C:\Program Files\Sunbelt Software
[20/03/2008|22:01] C:\Program Files\The KMPlayer
[26/12/2007|13:58] C:\Program Files\Trend Micro
[02/11/2006|15:01] C:\Program Files\Uninstall Information
[13/01/2008|14:16] C:\Program Files\Web Media Player
[19/03/2008|21:50] C:\Program Files\Windows Calendar
[19/03/2008|21:50] C:\Program Files\Windows Collaboration
[19/03/2008|21:50] C:\Program Files\Windows Defender
[19/03/2008|21:50] C:\Program Files\Windows Journal
[14/08/2007|18:17] C:\Program Files\Windows Live
[12/10/2007|23:48] C:\Program Files\Windows Live Favorites
[01/12/2007|03:22] C:\Program Files\Windows Live Toolbar
[13/08/2008|06:19] C:\Program Files\Windows Mail
[19/03/2008|21:50] C:\Program Files\Windows Media Player
[14/08/2007|16:12] C:\Program Files\Windows NT
[19/03/2008|21:50] C:\Program Files\Windows Photo Gallery
[19/03/2008|21:50] C:\Program Files\Windows Sidebar
[15/08/2007|20:53] C:\Program Files\WinRAR
[15/08/2007|00:31] C:\Program Files\XnView
[24/07/2008|20:34] C:\Program Files\Yahoo!
[04/09/2008|19:17] C:\Program Files\Zone Labs

--------------------\\ Listing des dossiers dans C:\Program Files\Common Files

[22/02/2008|14:56] C:\Program Files\Common Files\Adobe
[14/08/2007|17:54] C:\Program Files\Common Files\Ahead
[15/08/2007|01:44] C:\Program Files\Common Files\AOL
[15/08/2007|01:02] C:\Program Files\Common Files\Apple
[28/10/2007|11:30] C:\Program Files\Common Files\DESIGNER
[14/08/2007|18:28] C:\Program Files\Common Files\Java
[12/08/2008|12:47] C:\Program Files\Common Files\microsoft shared
[24/04/2008|21:07] C:\Program Files\Common Files\Real
[02/11/2006|13:18] C:\Program Files\Common Files\Services
[02/11/2006|13:18] C:\Program Files\Common Files\SpeechEngines
[19/03/2008|21:50] C:\Program Files\Common Files\System
[15/03/2008|13:57] C:\Program Files\Common Files\WindowsLiveInstaller
[25/07/2008|20:05] C:\Program Files\Common Files\Wise Installation Wizard
[24/04/2008|21:08] C:\Program Files\Common Files\xing shared

--------------------\\ Process

( 69 Processes )

iexplore.exe ~ [PID:3956]

--------------------\\ Recherche avec S_Lop

C:\ProgramData\regs knob knob.5yelz
C:\ProgramData\regs knob knob.9r4rv
C:\ProgramData\regs knob knob.ezwql
C:\ProgramData\regs knob knob.nzn3y
C:\ProgramData\THE SETTINGS DUPE.75co8
C:\ProgramData\ace once bolt.eowy02
C:\ProgramData\audio hole rect.n649m9
C:\ProgramData\regs knob knob.dnh2ll
C:\ProgramData\regs knob knob.otk9bi
C:\ProgramData\regs knob knob.q45ngi
C:\ProgramData\regs knob knob.3hikfxp
C:\ProgramData\regs knob knob.8rjjjt8
C:\ProgramData\regs knob knob.guos555
C:\ProgramData\regs knob knob.l7dlccc
C:\ProgramData\regs knob knob.oisoo53
C:\ProgramData\regs knob knob.ruzw43n

--------------------\\ Recherche de Fichiers / Dossiers Lop

C:\ProgramData\That Face Camp Shim
C:\ProgramData\That Face Camp Shim\Tons Type.exe

--------------------\\ Verification du Registre

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"16bird"="\"C:\\ProgramData\\regs knob knob.q45ngi\""
"CAMP SHIM EXIT HECK"="\"C:\\ProgramData\\ace once bolt.eowy02\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

--------------------\\ Verification du fichier Hosts

Fichier Hosts PROPRE


--------------------\\ Recherche de fichiers avec Catchme

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-09-06 09:14:24
Windows 6.0.6001 Service Pack 1 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 1

--------------------\\ Recherche d'autres infections


Aucune autre infection trouvée !

Autres pages sur : pub cid resolu

6 Septembre 2008 11:19:02

bonjour

Relance Lop S&D

  • Choisis cette fois ci l'Option 2 ( Suppression )
  • Ne ferme pas la fenêtre lors de la suppression !
  • Poste le rapport généré ( C:\lopR.txt )

    ( Si le Bureau ne réapparaît pas presse Ctrl + Alt + Suppr , Onglet Fichier , Nouvelle tâche , tape explorer.exe et valide )

    ++++++++++++

    Télécharge puis installe Hijackthis (Trend Micro)
    Poste ensuite un rapport dans ta prochaine réponse.
    AIDE : Comment utiliser Hijackthis v2.0.2
    6 Septembre 2008 12:28:49


    --------------------\\ Lop S&D 4.2.4-0 XP/Vista

    Microsoft® Windows Vista™ Édition Familiale Premium ( v6.0.6001 ) Service Pack 1
    X86-based PC ( Multiprocessor Free : Intel(R) Pentium(R) D CPU 2.80GHz )
    BIOS : Phoenix - AwardBIOS v6.00PG
    USER : Fernand ( Administrator )
    BOOT : Normal boot
    Antivirus : avast! antivirus 4.8.1229 [VPS 080905-0] 4.8.1229 (Activated)
    Firewall : ZoneAlarm Firewall 7.1.254.000 (Activated)

    "C:\Lop SD" ( MAJ : 04-09-2008|09:55 )
    Option : [2] ( 06/09/2008|12:16 )

    [ UAC => 1 ]


    \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION

    Supprime! - C:\ProgramData\That Face Camp Shim\Tons Type.exe
    Supprime! - C:\ProgramData\regs knob knob.5yelz
    Supprime! - C:\ProgramData\regs knob knob.9r4rv
    Supprime! - C:\ProgramData\regs knob knob.ezwql
    Supprime! - C:\ProgramData\regs knob knob.nzn3y
    Supprime! - C:\ProgramData\THE SETTINGS DUPE.75co8
    Supprime! - C:\ProgramData\ace once bolt.eowy02
    Supprime! - C:\ProgramData\audio hole rect.n649m9
    Supprime! - C:\ProgramData\regs knob knob.dnh2ll
    Supprime! - C:\ProgramData\regs knob knob.otk9bi
    Supprime! - C:\ProgramData\regs knob knob.q45ngi
    Supprime! - C:\ProgramData\regs knob knob.3hikfxp
    Supprime! - C:\ProgramData\regs knob knob.8rjjjt8
    Supprime! - C:\ProgramData\regs knob knob.guos555
    Supprime! - C:\ProgramData\regs knob knob.l7dlccc
    Supprime! - C:\ProgramData\regs knob knob.oisoo53
    Supprime! - C:\ProgramData\regs knob knob.ruzw43n
    Supprime! - C:\ProgramData\That Face Camp Shim
    -
    [ Fichier Hosts ] .. Restaure!

    \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\


    --------------------\\ Listing des dossiers dans Local

    [25/12/2007|22:21] C:\Users\Fernand\AppData\Local\Adobe
    [14/08/2007|17:54] C:\Users\Fernand\AppData\Local\Ahead
    [15/08/2007|01:04] C:\Users\Fernand\AppData\Local\Apple
    [16/07/2008|20:18] C:\Users\Fernand\AppData\Local\Apple Computer
    [14/08/2007|16:18] C:\Users\Fernand\AppData\Local\Application Data
    [25/08/2007|16:00] C:\Users\Fernand\AppData\Local\Ashampoo
    [01/09/2008|22:10] C:\Users\Fernand\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    [18/01/2008|19:40] C:\Users\Fernand\AppData\Local\GDIPFONTCACHEV1.DAT
    [04/09/2008|21:35] C:\Users\Fernand\AppData\Local\Google
    [14/08/2007|16:18] C:\Users\Fernand\AppData\Local\Historique
    [12/06/2008|20:35] C:\Users\Fernand\AppData\Local\IM
    [15/08/2007|22:19] C:\Users\Fernand\AppData\Local\Magentic
    [04/09/2008|20:43] C:\Users\Fernand\AppData\Local\Microsoft
    [19/06/2008|22:49] C:\Users\Fernand\AppData\Local\Mozilla
    [06/09/2008|12:16] C:\Users\Fernand\AppData\Local\Temp
    [14/08/2007|16:18] C:\Users\Fernand\AppData\Local\Temporary Internet Files
    [08/12/2007|19:56] C:\Users\Fernand\AppData\Local\Thunderbird
    [14/08/2007|19:01] C:\Users\Fernand\AppData\Local\VirtualStore
    [14/08/2007|17:28] C:\Users\Fernand\AppData\Local\WindowsUpdate

    --------------------\\ Tâches planifiées dans C:\Windows\tasks

    [06/09/2008 10:33][--ah-----] C:\Windows\tasks\User_Feed_Synchronization-{FE07674E-C438-470A-9BA8-8980F9C35249}.job
    [06/09/2008 11:27][--a------] C:\Windows\tasks\V‚rifier les mises … jour de Windows Live Toolbar.job
    [06/09/2008 10:44][--ah-----] C:\Windows\tasks\SA.DAT
    [06/09/2008 10:36][--a------] C:\Windows\tasks\SCHEDLGU.TXT

    --------------------\\ Listing des dossiers dans C:\ProgramData

    [22/02/2008|14:56] C:\ProgramData\Adobe
    [15/08/2007|01:43] C:\ProgramData\AOL Downloads
    [15/08/2007|01:02] C:\ProgramData\Apple
    [07/04/2008|00:27] C:\ProgramData\Apple Computer
    [02/11/2006|15:02] C:\ProgramData\Application Data
    [12/08/2008|14:26] C:\ProgramData\avg8
    [14/08/2007|16:12] C:\ProgramData\Bureau
    [16/08/2007|09:25] C:\ProgramData\CanonBJ
    [14/08/2007|16:46] C:\ProgramData\CheckPoint
    [02/11/2006|15:02] C:\ProgramData\Desktop
    [02/11/2006|15:02] C:\ProgramData\Documents
    [04/08/2008|16:25] C:\ProgramData\eMule
    [14/08/2007|16:12] C:\ProgramData\Favoris
    [02/11/2006|15:02] C:\ProgramData\Favorites
    [14/08/2007|17:44] C:\ProgramData\Google
    [12/08/2008|12:50] C:\ProgramData\Grisoft
    [10/08/2008|19:17] C:\ProgramData\IM
    [10/08/2008|19:16] C:\ProgramData\IncrediMail
    [12/08/2008|12:33] C:\ProgramData\Jsoft.fr
    [14/08/2008|10:28] C:\ProgramData\Kaspersky Lab
    [01/09/2007|14:18] C:\ProgramData\Kaspersky Lab Setup Files
    [25/07/2008|20:06] C:\ProgramData\Lavasoft
    [10/08/2008|13:47] C:\ProgramData\Malwarebytes
    [14/08/2007|16:12] C:\ProgramData\Menu D‚marrer
    [06/09/2008|08:34] C:\ProgramData\Messenger Plus!
    [24/07/2008|21:56] C:\ProgramData\Microsoft
    [14/08/2007|16:12] C:\ProgramData\ModŠles
    [04/08/2008|18:28] C:\ProgramData\Spybot - Search & Destroy
    [02/11/2006|15:02] C:\ProgramData\Start Menu
    [06/09/2008|11:00] C:\ProgramData\TEMP
    [02/11/2006|15:02] C:\ProgramData\Templates
    [04/09/2008|18:37] C:\ProgramData\Vc style face
    [14/08/2007|18:17] C:\ProgramData\WindowsLiveInstaller
    [12/08/2008|18:17] C:\ProgramData\WindowsSearch
    [15/03/2008|13:52] C:\ProgramData\WLInstaller

    --------------------\\ Listing des dossiers dans C:\Program Files

    [29/08/2007|09:22] C:\Program Files\A.S.C
    [16/07/2008|20:42] C:\Program Files\Adobe
    [24/07/2008|20:00] C:\Program Files\Alwil Software
    [27/10/2007|19:30] C:\Program Files\AOL
    [08/08/2008|12:45] C:\Program Files\Apple Software Update
    [12/08/2008|12:48] C:\Program Files\AVG
    [02/08/2008|09:17] C:\Program Files\Axialis
    [02/07/2008|20:22] C:\Program Files\BitTorrent
    [16/07/2008|20:02] C:\Program Files\Bonjour
    [17/08/2007|14:13] C:\Program Files\Calgoo
    [14/08/2007|18:50] C:\Program Files\CCleaner
    [12/08/2008|12:23] C:\Program Files\Common Files
    [12/10/2007|23:56] C:\Program Files\Ecolo-info
    [14/08/2007|16:12] C:\Program Files\Fichiers communs [C:\Program Files\Common Files]
    [26/08/2007|14:51] C:\Program Files\Foxit Software
    [05/08/2008|17:05] C:\Program Files\Google
    [05/08/2008|13:06] C:\Program Files\Grisoft
    [08/03/2008|10:27] C:\Program Files\IE7Pro
    [24/05/2008|20:14] C:\Program Files\IEPro
    [10/08/2008|19:27] C:\Program Files\IncrediMail
    [10/08/2008|13:56] C:\Program Files\InstallShield Installation Information
    [05/09/2008|18:23] C:\Program Files\Internet Explorer
    [31/07/2008|18:39] C:\Program Files\iPod
    [31/07/2008|18:39] C:\Program Files\iTunes
    [13/07/2008|19:18] C:\Program Files\Java
    [25/07/2008|20:06] C:\Program Files\Lavasoft
    [02/09/2007|18:06] C:\Program Files\LimeWire
    [07/12/2007|21:59] C:\Program Files\Magic-Radio
    [10/08/2008|13:47] C:\Program Files\Malwarebytes' Anti-Malware
    [26/08/2007|09:19] C:\Program Files\McAfee.com
    [05/09/2008|21:17] C:\Program Files\Messenger Plus! Live
    [02/11/2006|14:37] C:\Program Files\Microsoft Games
    [25/03/2008|21:07] C:\Program Files\Microsoft Office
    [28/10/2007|11:29] C:\Program Files\Microsoft Visual Studio
    [12/12/2007|21:35] C:\Program Files\Microsoft Works
    [28/10/2007|11:28] C:\Program Files\Microsoft.NET
    [19/03/2008|21:50] C:\Program Files\Movie Maker
    [06/09/2008|10:42] C:\Program Files\Mozilla Firefox
    [16/12/2007|18:10] C:\Program Files\Mozilla Firefox 3 Beta 1
    [02/08/2008|13:28] C:\Program Files\Mozilla Sunbird
    [04/09/2008|21:19] C:\Program Files\Mozilla Thunderbird
    [02/11/2006|14:37] C:\Program Files\MSBuild
    [25/03/2008|21:06] C:\Program Files\MSECache
    [11/08/2008|15:28] C:\Program Files\MSXML 4.0
    [14/08/2007|17:51] C:\Program Files\Nero
    [05/08/2008|13:05] C:\Program Files\PowerArchiver
    [16/07/2008|20:01] C:\Program Files\QuickTime
    [25/12/2007|22:16] C:\Program Files\Real
    [02/11/2006|14:37] C:\Program Files\Reference Assemblies
    [19/08/2007|16:03] C:\Program Files\RegCleaner
    [19/08/2007|16:33] C:\Program Files\RogueRemover FREE
    [19/08/2007|16:37] C:\Program Files\Sophos
    [19/08/2007|16:24] C:\Program Files\speed-bit
    [04/08/2008|18:30] C:\Program Files\Spybot - Search & Destroy
    [05/09/2008|18:23] C:\Program Files\Spyware Doctor
    [18/08/2007|10:09] C:\Program Files\Sun
    [11/08/2008|21:35] C:\Program Files\Sunbelt Software
    [20/03/2008|22:01] C:\Program Files\The KMPlayer
    [26/12/2007|13:58] C:\Program Files\Trend Micro
    [02/11/2006|15:01] C:\Program Files\Uninstall Information
    [13/01/2008|14:16] C:\Program Files\Web Media Player
    [19/03/2008|21:50] C:\Program Files\Windows Calendar
    [19/03/2008|21:50] C:\Program Files\Windows Collaboration
    [19/03/2008|21:50] C:\Program Files\Windows Defender
    [19/03/2008|21:50] C:\Program Files\Windows Journal
    [14/08/2007|18:17] C:\Program Files\Windows Live
    [12/10/2007|23:48] C:\Program Files\Windows Live Favorites
    [01/12/2007|03:22] C:\Program Files\Windows Live Toolbar
    [13/08/2008|06:19] C:\Program Files\Windows Mail
    [19/03/2008|21:50] C:\Program Files\Windows Media Player
    [14/08/2007|16:12] C:\Program Files\Windows NT
    [19/03/2008|21:50] C:\Program Files\Windows Photo Gallery
    [19/03/2008|21:50] C:\Program Files\Windows Sidebar
    [15/08/2007|20:53] C:\Program Files\WinRAR
    [15/08/2007|00:31] C:\Program Files\XnView
    [24/07/2008|20:34] C:\Program Files\Yahoo!
    [04/09/2008|19:17] C:\Program Files\Zone Labs

    --------------------\\ Listing des dossiers dans C:\Program Files\Common Files

    [22/02/2008|14:56] C:\Program Files\Common Files\Adobe
    [14/08/2007|17:54] C:\Program Files\Common Files\Ahead
    [15/08/2007|01:44] C:\Program Files\Common Files\AOL
    [15/08/2007|01:02] C:\Program Files\Common Files\Apple
    [28/10/2007|11:30] C:\Program Files\Common Files\DESIGNER
    [14/08/2007|18:28] C:\Program Files\Common Files\Java
    [12/08/2008|12:47] C:\Program Files\Common Files\microsoft shared
    [24/04/2008|21:07] C:\Program Files\Common Files\Real
    [02/11/2006|13:18] C:\Program Files\Common Files\Services
    [02/11/2006|13:18] C:\Program Files\Common Files\SpeechEngines
    [19/03/2008|21:50] C:\Program Files\Common Files\System
    [15/03/2008|13:57] C:\Program Files\Common Files\WindowsLiveInstaller
    [25/07/2008|20:05] C:\Program Files\Common Files\Wise Installation Wizard
    [24/04/2008|21:08] C:\Program Files\Common Files\xing shared

    --------------------\\ Process

    ( 65 Processes )

    ... OK !

    --------------------\\ Recherche avec S_Lop

    Aucun fichier / dossier Lop trouvé !

    --------------------\\ Recherche de Fichiers / Dossiers Lop

    Aucun fichier / dossier Lop trouvé !

    --------------------\\ Verification du Registre

    ..... OK !

    --------------------\\ Verification du fichier Hosts

    Fichier Hosts PROPRE


    --------------------\\ Recherche de fichiers avec Catchme

    catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2008-09-06 12:16:57
    Windows 6.0.6001 Service Pack 1 NTFS
    scanning hidden processes ...
    scanning hidden files ...
    scan completed successfully
    hidden processes: 0
    hidden files: 1

    --------------------\\ Recherche d'autres infections


    Aucune autre infection trouvée !

    [F:401][D:10]-> C:\Users\Fernand\AppData\Local\Temp
    [F:49][D:1]-> C:\Users\Fernand\AppData\Roaming\MICROS~1\Windows\Cookies
    [F:150][D:4]-> C:\Users\Fernand\AppData\Local\MICROS~1\Windows\TEMPOR~1\content.IE5
    [F:2][D:2]-> C:\$Recycle.Bin

    1 - "C:\Lop SD\LopR_1.txt" - 06/09/2008| 9:18 - Option : [1]
    2 - "C:\Lop SD\LopR_2.txt" - 06/09/2008|12:22 - Option : [2]

    --------------------\\ Fin du rapport a 12:22:04
    [ UAC => 1 ]

    Voila, je fais la manip suivante et je te transmets le rapport Hijackthis
    Contenus similaires
    6 Septembre 2008 12:33:45

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 12:32:13, on 06/09/2008
    Platform: Windows Vista SP1 (WinNT 6.00.1905)
    MSIE: Internet Explorer v7.00 (7.00.6001.18000)
    Boot mode: Normal

    Running processes:
    C:\Windows\system32\taskeng.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Program Files\Windows Defender\MSASCui.exe
    C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
    C:\Windows\RtHDVCpl.exe
    C:\Program Files\Spyware Doctor\pctsTray.exe
    C:\Program Files\Windows Media Player\wmpnscfg.exe
    C:\Program Files\Common Files\Real\Update_OB\realsched.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\Alwil Software\Avast4\ashDisp.exe
    C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
    C:\Program Files\Windows Sidebar\sidebar.exe
    C:\Windows\ehome\ehtray.exe
    C:\Windows\System32\rundll32.exe
    C:\Windows\ehome\ehmsas.exe
    C:\Program Files\Windows Sidebar\sidebar.exe
    C:\Program Files\IncrediMail\bin\IMApp.exe
    C:\Program Files\IncrediMail\bin\IncMail.exe
    C:\Windows\system32\conime.exe
    C:\Program Files\Internet Explorer\ieuser.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Users\Fernand\Downloads\HiJackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr.msn.com/
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr.msn.com/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer optimisé pour MSN
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
    O2 - BHO: IE7Pro BHO - {00011268-E188-40DF-A514-835FCD78B1BF} - C:\Program Files\IEPro\iepro.dll
    O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
    O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll (file missing)
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
    O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
    O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
    O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [ISTray] "C:\Program Files\Spyware Doctor\pctsTray.exe"
    O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [Performance Center] C:\Program Files\Ascentive\Performance Center\APCMain.exe -m
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
    O4 - HKCU\..\Run: [Magentic] C:\PROGRA~1\Magentic\bin\Magentic.exe /c
    O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe
    O4 - HKCU\..\Run: [BitTorrent] "C:\Program Files\BitTorrent\bittorrent.exe" --force_start_minimized
    O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
    O4 - HKCU\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c
    O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
    O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
    O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    O9 - Extra button: IE7Pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - C:\Program Files\IEPro\iepro.dll
    O9 - Extra 'Tools' menuitem: IE7Pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - C:\Program Files\IEPro\iepro.dll
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~4.0_0\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~4.0_0\bin\ssv.dll
    O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
    O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
    O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    O13 - Gopher Prefix:
    O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
    O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://bitdefender.bwm-mediasoft.com/scan8/oscan8.cab
    O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~4\GOEC62~1.DLL,C:\PROGRA~1\Google\GOOGLE~4\GOEC62~1.DLL
    O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
    O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
    O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\Windows\System32\ZoneLabs\vsmon.exe

    --
    End of file - 8349 bytes

    Voila terminé merci pour ta réponse
    6 Septembre 2008 18:01:59

    bonjour

    ~Lance Hijackthis comme suit:
    clic-droit sur Hijackthis.exe et choisir "Exécuter en tant qu'administrateur" puis:
    Do a system scan only.
    Coche les lignes qui suivent si encore présentes et uniquement celles-là.

    O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll (file missing)
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

    Clique sur Fix checked (en bas à gauche)

    supprime le dossier

    C:\Program Files\AVG


    ++++++++++

    Voilà ce que je te propose, tu vas remplacer Avast! par Antivir, qui est gratuit aussi mais beaucoup plus efficace, tu vas faire un scan avec et poster le rapport. :) 


    Désinstalle correctement Avast!


    Pour le remplacer par Antivir.

    -->Tuto<--


    Pourquoi changer ? : Avast! vs Antivir
    mais aussi:
    14 antivirus au banc d'essai
    Citation :
    Antivir : le plus efficace des gratuits


    8 Septembre 2008 06:33:05

    Merci
    Manip effectuée.
    Ok mais comment désinstaller, C:\Program Files\AVG
    Avast remplacé par Antivir
    impossible de copier le rapport du scan Antivir, comment faire?
    8 Septembre 2008 11:25:30

    Et je tiens aussi à te remercier car je n'ai plus la pub intempestive CID
    9 Septembre 2008 19:39:20

    Merci
    C:\Program Files\AVG supprimé
    scan Antivir effectué, 11 infections en quarantaine
    sinon nouveau scan, rien à signaler
    encore merci
    9 Septembre 2008 21:50:16

    bonsoir
    Supprime tous les programmes installés pour la désinfection.


    Merci de consulter ce dossier (en pdf) pour en connaître davantage sur les risques du Net.



    Si tu trouves ce document intéressant, n'hésite pas à le transmettre à tes contacts.

    Si tu en as assez d'être assailli de publicités durant ta navigation, installe Firefox sécurisé avec les extensions noscript et AdBlock Plus.

    ~Edite ton premier message (en cliquant sur la gomme) et marque [résolu] dans le titre.

    :hello: 
    Tom's guide dans le monde
    • Allemagne
    • Italie
    • Irlande
    • Royaume Uni
    • Etats Unis
    Suivre Tom's Guide
    Inscrivez-vous à la Newsletter
    • ajouter à twitter
    • ajouter à facebook
    • ajouter un flux RSS