[RESOLU] fenetre pop up (CID)
Forum Sécurité - Virus : [RESOLU] fenetre pop up (CID)
Salut!!
Depuis quelque temps apres avoir instalé windows live plus!, des fenetre CID s'ouvre toute les 5 min quand je suis sur IE .
Alors je suis allez dans panneau de config et j'ai desinstaler windows live plus! mais sa continu encore.
Merci de votre aide, je sais qu'il y a beaucoup de topic traitant deja ce sujet mais je veux une reponse propre a moi. Alors a tout ce qui veulent avoir une reponse pour eux il n'ont qu'a ouvrir leur propre sujet!!! Merci de respecter ce que je vien d'annoncer.
Message édité par chardo95 le 26-04-2008 à 18:16:35
Bonjour, cela m'est déjà arrivé:
Va dans panneau de configuration/modifier supprimé des programme; et regarde msn plus & sponsors , il y a peut être CID au bout, il faut désinstaller et réinstaller correctement sans les sponsors.Je sais pas si tu va me comprendre 
Répondre à batoux
oups j'avais pas lu jusqu'au bout dsl :s
Répondre à batoux
c'est pas grave merci quand meme. Mais en plus c'est arrivé quand j'ai instaler la MAJ msn plus!
C'est ca que je comprend pas
Allez un peu d'aide svppppppppppppppp!!!!! Cela commence vraiment a étre embêtant pour moi.
Allez un peu aide svp!!!!!!!!!!!
Bonjour,
Télécharge Lop S&D.exe sur ton Bureau.
- Double-clique dessus pour lancer l'installation
- Puis double-clique sur le raccourci Lop S&D présent sur ton Bureau
- Séléctionne la langue souhaitée , puis choisis l'option 1 (Recherche)
- Patiente jusqu'à la fin du scan
- Poste le rapport généré (C:\lopR.txt)
(Si le Bureau ne réapparait pas presse Ctrl + Alt + Suppr , Onglet Fichier , Nouvelle tâche , tape explorer.exe et valide)
Répondre à Angeldark
Merci de ton aide, tient voila le rapport
-----------------------[ Lop S&D 4.1.1-8 XP/Vista ]---------------------
[ Windows XP (NT 5.1) Build 2600, Service Pack 2 ]
[ USER : med ] [ "C:\Lop SD" ]
[ 24/04/2008 | 15:18:58,48 ] [ PC : MED-FDF851A45DD ]
[ MAJ : 23-04-2008 | 20:06 ]
-------------[ Listing des dossiers dans Application Data ]------------
[18/04/2008|21:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\.
[18/04/2008|21:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\..
[14/03/2008|22:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[11/10/2007|02:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini
[28/02/2008|22:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ezsid.dat
[07/11/2007|01:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[28/03/2008|01:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\LauncherAccess.dt
[09/04/2008|21:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\LICENSE ADMIN OPTION BIB
[16/04/2008|18:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[18/04/2008|21:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MGS
[18/04/2008|21:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microgaming
[16/12/2007|20:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[11/10/2007|20:18] C:\DOCUME~1\ALLUSE~1\APPLIC~1\nView_Profiles
[08/11/2007|01:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\pixelStorm
[29/03/2008|14:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\rkfree
[16/04/2008|16:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Skype
[16/04/2008|17:06] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SUPERAntiSpyware.com
[19/12/2007|13:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ulead Systems
[06/11/2007|22:18] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[16/04/2008|18:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
[16/04/2008|16:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Yahoo! Companion
[11/10/2007|02:56] C:\DOCUME~1\DEFAUL~1\APPLIC~1\.
[11/10/2007|02:56] C:\DOCUME~1\DEFAUL~1\APPLIC~1\..
[11/10/2007|02:56] C:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini
[11/10/2007|01:07] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[11/10/2007|01:12] C:\DOCUME~1\LOCALS~1\APPLIC~1\.
[11/10/2007|01:12] C:\DOCUME~1\LOCALS~1\APPLIC~1\..
[01/12/2007|18:07] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[16/04/2008|17:06] C:\DOCUME~1\med\APPLIC~1\.
[16/04/2008|17:06] C:\DOCUME~1\med\APPLIC~1\..
[14/03/2008|22:23] C:\DOCUME~1\med\APPLIC~1\Adobe
[16/04/2008|15:55] C:\DOCUME~1\med\APPLIC~1\AdwareAlert
[17/02/2008|19:09] C:\DOCUME~1\med\APPLIC~1\Classes de site
[11/10/2007|02:56] C:\DOCUME~1\med\APPLIC~1\desktop.ini
[08/01/2008|20:55] C:\DOCUME~1\med\APPLIC~1\DivX
[17/02/2008|19:07] C:\DOCUME~1\med\APPLIC~1\Dynamique
[07/11/2007|02:35] C:\DOCUME~1\med\APPLIC~1\Google
[11/10/2007|01:14] C:\DOCUME~1\med\APPLIC~1\Identities
[12/10/2007|01:12] C:\DOCUME~1\med\APPLIC~1\InterVideo
[18/02/2008|21:39] C:\DOCUME~1\med\APPLIC~1\LimeWire
[20/02/2008|18:59] C:\DOCUME~1\med\APPLIC~1\Macromedia
[14/02/2008|19:16] C:\DOCUME~1\med\APPLIC~1\Megaupload
[01/04/2008|00:35] C:\DOCUME~1\med\APPLIC~1\Microsoft
[02/11/2007|17:57] C:\DOCUME~1\med\APPLIC~1\Mozilla
[07/11/2007|02:39] C:\DOCUME~1\med\APPLIC~1\Real
[23/03/2008|22:20] C:\DOCUME~1\med\APPLIC~1\REAPER
[30/01/2008|20:44] C:\DOCUME~1\med\APPLIC~1\Samsung
[15/11/2007|01:33] C:\DOCUME~1\med\APPLIC~1\SecuROM
[17/02/2008|19:45] C:\DOCUME~1\med\APPLIC~1\Settings.cfg
[17/02/2008|19:07] C:\DOCUME~1\med\APPLIC~1\Sites
[17/03/2008|17:51] C:\DOCUME~1\med\APPLIC~1\skypePM
[13/04/2008|10:16] C:\DOCUME~1\med\APPLIC~1\Sun
[16/04/2008|17:06] C:\DOCUME~1\med\APPLIC~1\SUPERAntiSpyware.com
[28/11/2007|18:08] C:\DOCUME~1\med\APPLIC~1\Todae
[19/12/2007|13:04] C:\DOCUME~1\med\APPLIC~1\Ulead Systems
[07/03/2008|16:26] C:\DOCUME~1\med\APPLIC~1\vlc
[17/02/2008|20:08] C:\DOCUME~1\med\APPLIC~1\VMNTOOLBAR
[11/10/2007|17:45] C:\DOCUME~1\med\APPLIC~1\Windows Desktop Search
[07/04/2008|22:27] C:\DOCUME~1\med\APPLIC~1\Yahoo!
[11/10/2007|17:02] C:\DOCUME~1\NETWOR~1\APPLIC~1\.
[11/10/2007|17:02] C:\DOCUME~1\NETWOR~1\APPLIC~1\..
[11/10/2007|17:02] C:\DOCUME~1\NETWOR~1\APPLIC~1\Identities
[11/10/2007|17:02] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
----------------[ Tâches planifiées dans C:\WINDOWS\tasks ]---------------
[24/04/2008 03:00][--a------] C:\WINDOWS\tasks\AdwareAlert Scheduled Scan.job
[24/04/2008 15:00][--ah-----] C:\WINDOWS\tasks\A940725690DBE872.job
[24/04/2008 12:53][--ah-----] C:\WINDOWS\tasks\SA.DAT
[28/08/2001 14:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini
---------------[ Listing des dossiers dans C:\Program Files ]--------------
[22/04/2008|18:16] C:\Program Files\.
[22/04/2008|18:16] C:\Program Files\..
[14/03/2008|22:10] C:\Program Files\Adobe
[07/03/2008|16:26] C:\Program Files\adslTV
[11/04/2008|20:43] C:\Program Files\Alwil Software
[11/10/2007|17:10] C:\Program Files\AMD
[26/03/2008|21:12] C:\Program Files\CamStudio
[11/04/2008|18:03] C:\Program Files\CCleaner
[13/04/2008|01:00] C:\Program Files\CEDP Stealer 6.0 for Messenger
[19/03/2008|21:08] C:\Program Files\Common Files
[07/04/2008|22:36] C:\Program Files\DivX
[13/04/2008|15:40] C:\Program Files\EsetOnlineScanner
[16/04/2008|18:42] C:\Program Files\Fichiers communs
[07/11/2007|01:07] C:\Program Files\Google
[13/04/2008|10:04] C:\Program Files\Incomplete
[26/03/2008|21:12] C:\Program Files\InstallShield Installation Information
[13/04/2008|10:18] C:\Program Files\Internet Explorer
[11/10/2007|17:26] C:\Program Files\InterVideo
[16/02/2008|00:39] C:\Program Files\IVCsoft
[23/01/2008|14:22] C:\Program Files\IZArc
[15/01/2008|01:56] C:\Program Files\Java
[22/04/2008|14:42] C:\Program Files\LibUSB-Win32-0.1.10.1
[18/02/2008|21:50] C:\Program Files\LimeWire
[17/11/2007|02:44] C:\Program Files\Logitech
[11/10/2007|17:58] C:\Program Files\Messenger
[16/04/2008|18:48] C:\Program Files\Messenger Plus! Live
[18/11/2007|17:43] C:\Program Files\Microsoft CAPICOM 2.1.0.2
[11/10/2007|01:08] C:\Program Files\microsoft frontpage
[11/10/2007|17:02] C:\Program Files\Microsoft SQL Server Compact Edition
[11/10/2007|01:05] C:\Program Files\Movie Maker
[21/04/2008|21:54] C:\Program Files\Mozilla Firefox
[11/10/2007|01:02] C:\Program Files\MSN
[11/10/2007|01:03] C:\Program Files\MSN Gaming Zone
[04/02/2008|20:30] C:\Program Files\MSXML 4.0
[11/10/2007|01:05] C:\Program Files\NetMeeting
[11/10/2007|17:57] C:\Program Files\Outlook Express
[07/03/2008|16:23] C:\Program Files\Paltalk Messenger
[07/11/2007|01:06] C:\Program Files\Real
[23/03/2008|22:20] C:\Program Files\REAPER
[13/04/2008|10:04] C:\Program Files\RKFree
[30/01/2008|20:34] C:\Program Files\Samsung
[11/10/2007|01:06] C:\Program Files\Services en ligne
[05/03/2008|20:56] C:\Program Files\Songbird
[15/12/2007|16:40] C:\Program Files\Sony
[11/10/2007|20:29] C:\Program Files\sp25795.exe
[11/10/2007|16:53] C:\Program Files\sp30132.exe
[24/04/2008|12:53] C:\Program Files\Steam
[31/10/2007|22:47] C:\Program Files\Team6 game studios
[11/04/2008|19:25] C:\Program Files\Trend Micro
[11/10/2007|01:14] C:\Program Files\Uninstall Information
[14/12/2007|03:12] C:\Program Files\VideoLAN
[17/02/2008|19:07] C:\Program Files\Visicom Media
[11/10/2007|17:01] C:\Program Files\Windows Desktop Search
[22/04/2008|15:10] C:\Program Files\Windows Live
[15/12/2007|16:59] C:\Program Files\Windows Media Connect 2
[19/12/2007|13:02] C:\Program Files\Windows Media Player
[11/10/2007|01:03] C:\Program Files\Windows NT
[11/10/2007|01:06] C:\Program Files\WindowsUpdate
[11/10/2007|16:51] C:\Program Files\WLinstaller.exe
[11/10/2007|01:08] C:\Program Files\xerox
[16/04/2008|16:53] C:\Program Files\Yahoo!
------[ Listing des dossiers dans C:\Program Files\Fichiers communs ]------
[16/04/2008|18:42] C:\Program Files\Fichiers communs\.
[16/04/2008|18:42] C:\Program Files\Fichiers communs\..
[14/03/2008|22:10] C:\Program Files\Fichiers communs\Adobe
[01/01/2008|20:03] C:\Program Files\Fichiers communs\Blizzard Entertainment
[19/03/2008|21:04] C:\Program Files\Fichiers communs\InstallShield
[13/12/2007|21:22] C:\Program Files\Fichiers communs\Java
[17/11/2007|02:45] C:\Program Files\Fichiers communs\Logitech
[16/04/2008|18:47] C:\Program Files\Fichiers communs\Microsoft Shared
[11/10/2007|01:05] C:\Program Files\Fichiers communs\MSSoap
[11/10/2007|02:49] C:\Program Files\Fichiers communs\ODBC
[07/11/2007|01:07] C:\Program Files\Fichiers communs\Real
[11/10/2007|01:05] C:\Program Files\Fichiers communs\Services
[11/10/2007|02:49] C:\Program Files\Fichiers communs\SpeechEngines
[11/10/2007|17:57] C:\Program Files\Fichiers communs\System
[16/04/2008|18:45] C:\Program Files\Fichiers communs\WindowsLiveInstaller
[07/11/2007|01:07] C:\Program Files\Fichiers communs\xing shared
----------------------[ Recherche avec S_Lop ]---------------------
Aucun fichier / dossier Lop trouvé !
-----------------[ Recherche de Fichiers / Dossiers Lop ]-----------------
C:\DOCUME~1\ALLUSE~1\APPLIC~1\LICENSE ADMIN OPTION BIB
C:\DOCUME~1\ALLUSE~1\APPLIC~1\LICENSE ADMIN OPTION BIB\open mfcd.exe
C:\WINDOWS\Tasks\A940725690DBE872.job
----------------------[ Verification du Registre ]----------------------
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Option Bib Logo Log"="C:\\Documents and Settings\\All Users\\Application Data\\LICENSE ADMIN OPTION BIB\\open mfcd.exe"
--------------------[ Verification du fichier Hosts ]---------------------
Fichier Hosts MODIFIE
127.0.0.1 bin.errorprotector.com ## added by CiD
127.0.0.1 br.errorsafe.com ## added by CiD
127.0.0.1 br.winantivirus.com ## added by CiD
127.0.0.1 br.winfixer.com ## added by CiD
127.0.0.1 cdn.drivecleaner.com ## added by CiD
127.0.0.1 cdn.errorsafe.com ## added by CiD
127.0.0.1 cdn.winsoftware.com ## added by CiD
127.0.0.1 de.errorsafe.com ## added by CiD
127.0.0.1 de.winantivirus.com ## added by CiD
127.0.0.1 download.cdn.drivecleaner.com ## added by CiD
127.0.0.1 download.cdn.errorsafe.com ## added by CiD
127.0.0.1 download.cdn.winsoftware.com ## added by CiD
127.0.0.1 download.errorsafe.com ## added by CiD
127.0.0.1 download.systemdoctor.com ## added by CiD
127.0.0.1 download.winantispyware.com ## added by CiD
127.0.0.1 download.windrivecleaner.com ## added by CiD
127.0.0.1 download.winfixer.com ## added by CiD
127.0.0.1 drivecleaner.com ## added by CiD
127.0.0.1 dynamique.drivecleaner.com ## added by CiD
127.0.0.1 errorprotector.com ## added by CiD
127.0.0.1 errorsafe.com ## added by CiD
127.0.0.1 es.winantivirus.com ## added by CiD
127.0.0.1 fr.winantivirus.com ## added by CiD
127.0.0.1 fr.winfixer.com ## added by CiD
127.0.0.1 go.drivecleaner.com ## added by CiD
127.0.0.1 go.errorsafe.com ## added by CiD
127.0.0.1 go.winantispyware.com ## added by CiD
127.0.0.1 go.winantivirus.com ## added by CiD
127.0.0.1 hk.winantivirus.com ## added by CiD
127.0.0.1 instlog.errorsafe.com ## added by CiD
127.0.0.1 instlog.winantivirus.com ## added by CiD
127.0.0.1 instlog.winfixer.com ## added by CiD
127.0.0.1 jsp.drivecleaner.com ## added by CiD
127.0.0.1 kb.errorsafe.com ## added by CiD
127.0.0.1 kb.winantivirus.com ## added by CiD
127.0.0.1 nl.errorsafe.com ## added by CiD
127.0.0.1 se.errorsafe.com ## added by CiD
127.0.0.1 secure.drivecleaner.com ## added by CiD
127.0.0.1 secure.errorsafe.com ## added by CiD
127.0.0.1 secure.winantispam.com ## added by CiD
127.0.0.1 secure.winantispy.com ## added by CiD
127.0.0.1 secure.winantivirus.com ## added by CiD
127.0.0.1 support.winantivirus.com ## added by CiD
127.0.0.1 trial.updates.winsoftware.com ## added by CiD
127.0.0.1 ulog.winantivirus.com ## added by CiD
127.0.0.1 utils.errorsafe.com ## added by CiD
127.0.0.1 utils.winantivirus.com ## added by CiD
127.0.0.1 utils.winfixer.com ## added by CiD
127.0.0.1 winantispyware.com ## added by CiD
127.0.0.1 winantivirus.com ## added by CiD
127.0.0.1 winfixer.com ## added by CiD
127.0.0.1 winfixer2006.com ## added by CiD
127.0.0.1 winsoftware.com ## added by CiD
127.0.0.1 www.drivecleaner.com ## added by CiD
127.0.0.1 www.errorprotector.com ## added by CiD
127.0.0.1 www.errorsafe.com ## added by CiD
127.0.0.1 www.systemdoctor.com ## added by CiD
127.0.0.1 www.utils.winfixer.com ## added by CiD
127.0.0.1 www.win-anti-virus-pro.com ## added by CiD
127.0.0.1 www.win-virus-pro.com ## added by CiD
127.0.0.1 www.winantispam.com ## added by CiD
127.0.0.1 www.winantispy.com ## added by CiD
127.0.0.1 www.winantispyware.com ## added by CiD
127.0.0.1 www.winantivirus.com ## added by CiD
127.0.0.1 www.winantiviruspro.com ## added by CiD
127.0.0.1 www.windrivecleaner.com ## added by CiD
127.0.0.1 www.windrivesafe.com ## added by CiD
127.0.0.1 www.winfixer.com ## added by CiD
127.0.0.1 www.winfixer2006.com ## added by CiD
127.0.0.1 www.winsoftware.com ## added by CiD
-> 72 ( 70 ## added by CiD )
/!\ 1 Not 127.0.0.1 !!
----------------[ Recherche de fichiers avec Catchme ]-----------------
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-04-24 15:19:23
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0
--------------------[ Recherche d'autres infections ]---------------------
Aucune autre infection trouvée !
/!\ [Fich:14][Doss:4] C:\DOCUME~1\med\LOCALS~1\Temp
/!\ [Fich:125][Doss:0] C:\DOCUME~1\med\Cookies
/!\ [Fich:6761][Doss:5] C:\DOCUME~1\med\LOCALS~1\TEMPOR~1\content.IE5
--------------------[ Fin du rapport a 15:21:54,56 ]----------------------
Re,
Relance Lop S&D
- Choisis cette fois ci l'Option 2 (Suppression)
- Ne ferme pas la fenêtre lors de la suppression !
- Poste le rapport généré (C:\lopR.txt)
(Si le Bureau ne réapparaît pas, presse Ctrl + Alt + Suppr , Onglet Fichier , Nouvelle tâche , tape explorer.exe et valide)
Répondre à Angeldark
Le voilà, hum... c'est fini ou il y a encore des manip a faire. De toute façon je t'informe si il y a du changement et encore merci de ton aide
-----------------------[ Lop S&D 4.1.1-8 XP/Vista ]---------------------
[ Windows XP (NT 5.1) Build 2600, Service Pack 2 ]
[ USER : med ] [ "C:\Lop SD" ]
[ 24/04/2008 | 16:30:11,23 ] [ PC : MED-FDF851A45DD ]
[ MAJ : 23-04-2008 | 20:06 ]
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION /////////////////////////////
Supprimé! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\LICENSE ADMIN OPTION BIB\open mfcd.exe
Supprimé! - C:\WINDOWS\Tasks\A940725690DBE872.job
Supprimé! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\LICENSE ADMIN OPTION BIB
Restauré! - Fichier Hosts
//////////////////////////////////////-\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\
Supprimé! - C:\DOCUME~1\med\APPLIC~1\vmntoolbar
//////////////////////////////////////-\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\
-------------[ Listing des dossiers dans Application Data ]------------
[24/04/2008|16:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\.
[24/04/2008|16:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\..
[14/03/2008|22:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[11/10/2007|02:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini
[28/02/2008|22:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ezsid.dat
[07/11/2007|01:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[28/03/2008|01:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\LauncherAccess.dt
[16/04/2008|18:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[18/04/2008|21:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MGS
[18/04/2008|21:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microgaming
[16/12/2007|20:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[11/10/2007|20:18] C:\DOCUME~1\ALLUSE~1\APPLIC~1\nView_Profiles
[08/11/2007|01:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\pixelStorm
[29/03/2008|14:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\rkfree
[16/04/2008|16:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Skype
[16/04/2008|17:06] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SUPERAntiSpyware.com
[19/12/2007|13:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ulead Systems
[06/11/2007|22:18] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[16/04/2008|18:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
[16/04/2008|16:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Yahoo! Companion
[11/10/2007|02:56] C:\DOCUME~1\DEFAUL~1\APPLIC~1\.
[11/10/2007|02:56] C:\DOCUME~1\DEFAUL~1\APPLIC~1\..
[11/10/2007|02:56] C:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini
[11/10/2007|01:07] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[11/10/2007|01:12] C:\DOCUME~1\LOCALS~1\APPLIC~1\.
[11/10/2007|01:12] C:\DOCUME~1\LOCALS~1\APPLIC~1\..
[01/12/2007|18:07] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[24/04/2008|16:30] C:\DOCUME~1\med\APPLIC~1\.
[24/04/2008|16:30] C:\DOCUME~1\med\APPLIC~1\..
[14/03/2008|22:23] C:\DOCUME~1\med\APPLIC~1\Adobe
[16/04/2008|15:55] C:\DOCUME~1\med\APPLIC~1\AdwareAlert
[17/02/2008|19:09] C:\DOCUME~1\med\APPLIC~1\Classes de site
[11/10/2007|02:56] C:\DOCUME~1\med\APPLIC~1\desktop.ini
[08/01/2008|20:55] C:\DOCUME~1\med\APPLIC~1\DivX
[17/02/2008|19:07] C:\DOCUME~1\med\APPLIC~1\Dynamique
[07/11/2007|02:35] C:\DOCUME~1\med\APPLIC~1\Google
[11/10/2007|01:14] C:\DOCUME~1\med\APPLIC~1\Identities
[12/10/2007|01:12] C:\DOCUME~1\med\APPLIC~1\InterVideo
[18/02/2008|21:39] C:\DOCUME~1\med\APPLIC~1\LimeWire
[20/02/2008|18:59] C:\DOCUME~1\med\APPLIC~1\Macromedia
[14/02/2008|19:16] C:\DOCUME~1\med\APPLIC~1\Megaupload
[01/04/2008|00:35] C:\DOCUME~1\med\APPLIC~1\Microsoft
[02/11/2007|17:57] C:\DOCUME~1\med\APPLIC~1\Mozilla
[07/11/2007|02:39] C:\DOCUME~1\med\APPLIC~1\Real
[23/03/2008|22:20] C:\DOCUME~1\med\APPLIC~1\REAPER
[30/01/2008|20:44] C:\DOCUME~1\med\APPLIC~1\Samsung
[15/11/2007|01:33] C:\DOCUME~1\med\APPLIC~1\SecuROM
[17/02/2008|19:45] C:\DOCUME~1\med\APPLIC~1\Settings.cfg
[17/02/2008|19:07] C:\DOCUME~1\med\APPLIC~1\Sites
[17/03/2008|17:51] C:\DOCUME~1\med\APPLIC~1\skypePM
[13/04/2008|10:16] C:\DOCUME~1\med\APPLIC~1\Sun
[16/04/2008|17:06] C:\DOCUME~1\med\APPLIC~1\SUPERAntiSpyware.com
[28/11/2007|18:08] C:\DOCUME~1\med\APPLIC~1\Todae
[19/12/2007|13:04] C:\DOCUME~1\med\APPLIC~1\Ulead Systems
[07/03/2008|16:26] C:\DOCUME~1\med\APPLIC~1\vlc
[11/10/2007|17:45] C:\DOCUME~1\med\APPLIC~1\Windows Desktop Search
[07/04/2008|22:27] C:\DOCUME~1\med\APPLIC~1\Yahoo!
[11/10/2007|17:02] C:\DOCUME~1\NETWOR~1\APPLIC~1\.
[11/10/2007|17:02] C:\DOCUME~1\NETWOR~1\APPLIC~1\..
[11/10/2007|17:02] C:\DOCUME~1\NETWOR~1\APPLIC~1\Identities
[11/10/2007|17:02] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
----------------[ Tâches planifiées dans C:\WINDOWS\tasks ]---------------
[24/04/2008 03:00][--a------] C:\WINDOWS\tasks\AdwareAlert Scheduled Scan.job
[24/04/2008 12:53][--ah-----] C:\WINDOWS\tasks\SA.DAT
[28/08/2001 14:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini
---------------[ Listing des dossiers dans C:\Program Files ]--------------
[22/04/2008|18:16] C:\Program Files\.
[22/04/2008|18:16] C:\Program Files\..
[14/03/2008|22:10] C:\Program Files\Adobe
[07/03/2008|16:26] C:\Program Files\adslTV
[11/04/2008|20:43] C:\Program Files\Alwil Software
[11/10/2007|17:10] C:\Program Files\AMD
[26/03/2008|21:12] C:\Program Files\CamStudio
[11/04/2008|18:03] C:\Program Files\CCleaner
[13/04/2008|01:00] C:\Program Files\CEDP Stealer 6.0 for Messenger
[19/03/2008|21:08] C:\Program Files\Common Files
[07/04/2008|22:36] C:\Program Files\DivX
[13/04/2008|15:40] C:\Program Files\EsetOnlineScanner
[16/04/2008|18:42] C:\Program Files\Fichiers communs
[07/11/2007|01:07] C:\Program Files\Google
[13/04/2008|10:04] C:\Program Files\Incomplete
[26/03/2008|21:12] C:\Program Files\InstallShield Installation Information
[13/04/2008|10:18] C:\Program Files\Internet Explorer
[11/10/2007|17:26] C:\Program Files\InterVideo
[16/02/2008|00:39] C:\Program Files\IVCsoft
[23/01/2008|14:22] C:\Program Files\IZArc
[15/01/2008|01:56] C:\Program Files\Java
[22/04/2008|14:42] C:\Program Files\LibUSB-Win32-0.1.10.1
[18/02/2008|21:50] C:\Program Files\LimeWire
[17/11/2007|02:44] C:\Program Files\Logitech
[11/10/2007|17:58] C:\Program Files\Messenger
[16/04/2008|18:48] C:\Program Files\Messenger Plus! Live
[18/11/2007|17:43] C:\Program Files\Microsoft CAPICOM 2.1.0.2
[11/10/2007|01:08] C:\Program Files\microsoft frontpage
[11/10/2007|17:02] C:\Program Files\Microsoft SQL Server Compact Edition
[11/10/2007|01:05] C:\Program Files\Movie Maker
[21/04/2008|21:54] C:\Program Files\Mozilla Firefox
[11/10/2007|01:02] C:\Program Files\MSN
[11/10/2007|01:03] C:\Program Files\MSN Gaming Zone
[04/02/2008|20:30] C:\Program Files\MSXML 4.0
[11/10/2007|01:05] C:\Program Files\NetMeeting
[11/10/2007|17:57] C:\Program Files\Outlook Express
[07/03/2008|16:23] C:\Program Files\Paltalk Messenger
[07/11/2007|01:06] C:\Program Files\Real
[23/03/2008|22:20] C:\Program Files\REAPER
[13/04/2008|10:04] C:\Program Files\RKFree
[30/01/2008|20:34] C:\Program Files\Samsung
[11/10/2007|01:06] C:\Program Files\Services en ligne
[05/03/2008|20:56] C:\Program Files\Songbird
[15/12/2007|16:40] C:\Program Files\Sony
[11/10/2007|20:29] C:\Program Files\sp25795.exe
[11/10/2007|16:53] C:\Program Files\sp30132.exe
[24/04/2008|15:43] C:\Program Files\Steam
[31/10/2007|22:47] C:\Program Files\Team6 game studios
[11/04/2008|19:25] C:\Program Files\Trend Micro
[11/10/2007|01:14] C:\Program Files\Uninstall Information
[14/12/2007|03:12] C:\Program Files\VideoLAN
[17/02/2008|19:07] C:\Program Files\Visicom Media
[11/10/2007|17:01] C:\Program Files\Windows Desktop Search
[22/04/2008|15:10] C:\Program Files\Windows Live
[15/12/2007|16:59] C:\Program Files\Windows Media Connect 2
[19/12/2007|13:02] C:\Program Files\Windows Media Player
[11/10/2007|01:03] C:\Program Files\Windows NT
[11/10/2007|01:06] C:\Program Files\WindowsUpdate
[11/10/2007|16:51] C:\Program Files\WLinstaller.exe
[11/10/2007|01:08] C:\Program Files\xerox
[16/04/2008|16:53] C:\Program Files\Yahoo!
------[ Listing des dossiers dans C:\Program Files\Fichiers communs ]------
[16/04/2008|18:42] C:\Program Files\Fichiers communs\.
[16/04/2008|18:42] C:\Program Files\Fichiers communs\..
[14/03/2008|22:10] C:\Program Files\Fichiers communs\Adobe
[01/01/2008|20:03] C:\Program Files\Fichiers communs\Blizzard Entertainment
[19/03/2008|21:04] C:\Program Files\Fichiers communs\InstallShield
[13/12/2007|21:22] C:\Program Files\Fichiers communs\Java
[17/11/2007|02:45] C:\Program Files\Fichiers communs\Logitech
[16/04/2008|18:47] C:\Program Files\Fichiers communs\Microsoft Shared
[11/10/2007|01:05] C:\Program Files\Fichiers communs\MSSoap
[11/10/2007|02:49] C:\Program Files\Fichiers communs\ODBC
[07/11/2007|01:07] C:\Program Files\Fichiers communs\Real
[11/10/2007|01:05] C:\Program Files\Fichiers communs\Services
[11/10/2007|02:49] C:\Program Files\Fichiers communs\SpeechEngines
[11/10/2007|17:57] C:\Program Files\Fichiers communs\System
[16/04/2008|18:45] C:\Program Files\Fichiers communs\WindowsLiveInstaller
[07/11/2007|01:07] C:\Program Files\Fichiers communs\xing shared
----------------------[ Recherche avec S_Lop ]---------------------
Aucun fichier / dossier Lop trouvé !
-----------------[ Recherche de Fichiers / Dossiers Lop ]-----------------
Aucun fichier / dossier Lop trouvé !
----------------------[ Verification du Registre ]----------------------
..... OK !
--------------------[ Verification du fichier Hosts ]---------------------
Fichier Hosts PROPRE
----------------[ Recherche de fichiers avec Catchme ]-----------------
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-04-24 16:30:46
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0
--------------------[ Recherche d'autres infections ]---------------------
Aucune autre infection trouvée !
/!\ [Fich:14][Doss:2] C:\DOCUME~1\med\LOCALS~1\Temp
/!\ [Fich:29][Doss:0] C:\DOCUME~1\med\Cookies
/!\ [Fich:1088][Doss:8] C:\DOCUME~1\med\LOCALS~1\TEMPOR~1\content.IE5
--------------------[ Fin du rapport a 16:33:07,65 ]----------------------
Re,
Télécharge puis installe Hijackthis (Trend Micro).
Poste ensuite un rapport dans ta prochaine réponse.
AIDE : Comment utiliser Hijackthis v2.0.2
Répondre à Angeldark
Ok mais apparament il y a plus de pop up donc merci si sa recommence bah je fait le rapport
Ce n'est pas terminé...
Répondre à Angeldark
Ok donc je continue
Voila le rapport :
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:04:27, on 25/04/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\program files\steam\steam.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Documents and Settings\med\Local Settings\Temporary Internet Files\Content.IE5\Q0CCMV6H\HiJackThis[1].exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Steam] "c:\program files\steam\steam.exe" -silent
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: PalTalk.lnk = C:\Program Files\Paltalk Messenger\paltalk.exe
O4 - Global Startup: Windows Desktop Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O8 - Extra context menu item: Liens de téléchargement avec Mega Manager... - C:\Program Files\Megaupload\Mega Manager\mm_file.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: PalTalk - {4EAFEF58-EEFA-4116-983D-03B49BCBFFFE} - C:\Program Files\Paltalk Messenger\Paltalk.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/bina [...] b56986.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab
O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} (OnlineScanner Control) - http://www.eset.eu/buxus/docs/OnlineScanner.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-F [...] E_UNO1.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://go.divx.com/plugin/DivXBrowserPlugin.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537 [...] scan53.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/bina [...] b56649.cab
O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/bina [...] b57213.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/bina [...] b56907.cab
O16 - DPF: {D8089245-3211-40F6-819B-9E5E92CD61A2} (FlashXControl Object) - https://signin3.valueactive.com/Reg [...] lashax.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/bina [...] b56986.cab
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Service Partage réseau du Lecteur Windows Media (WMPNetworkSvc) - Unknown owner - C:\Program Files\Windows Media Player\WMPNetwk.exe (file missing)
--
End of file - 7381 bytes
Re,
Télécharge MalwareByte's Anti-Malware sur ton Bureau.
Installe-le en double-cliquant sur le fichier Download_mbam-setup.exe.
Une fois l'installation et la mise à jour effectuées, redémarre en mode sans échec.
AIDE : Redémarrer en mode sans échec
- Exécute maintenant MalwareByte's Anti-Malware. Si cela n'est pas déjà fait, sélectionne "Exécuter un examen complet".
- Afin de lancer la recherche, clic sur"Rechercher".
- Une fois le scan terminé, une fenêtre s'ouvre, clic sur OK. Deux possibilités s'offrent à toi :
-- si le programme n'a rien trouvé, appuie sur OK. Un rapport va apparaître, ferme-le.
-- si des infections sont présentes, clic sur "Afficher les résultats" puis sur "Supprimer la sélection". Enregistre le rapport sur ton Bureau afin de le poster dans ta prochaine réponse.
REMARQUE : Si MalwareByte's Anti-Malware a besoin de redémarrer pour terminer la suppression, accepte en cliquant sur Ok.
AIDE : Tuto en images sur MBAM
Répondre à Angeldark
Le voila:
Malwarebytes' Anti-Malware 1.11
Version de la base de données: 679
Type de recherche: Examen complet (C:\|)
Eléments examinés: 80397
Temps écoulé: 48 minute(s), 51 second(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 1
Valeur(s) du Registre infectée(s): 4
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 3
Fichier(s) infecté(s): 4
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
HKEY_CURRENT_USER\Software\AdwareAlert (Rogue.AdwareAlert) -> Quarantined and deleted successfully.
Valeur(s) du Registre infectée(s):
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\New Windows\Allow\host-domain-lookup.com (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\New Windows\Allow\mysearchnow.com (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\New Windows\Allow\www.host-domain-lookup.com (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\New Windows\Allow\www.mysearchnow.com (Malware.Trace) -> Quarantined and deleted successfully.
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
C:\Documents and Settings\med\Application Data\AdwareAlert (Rogue.AdwareAlert) -> Quarantined and deleted successfully.
C:\Documents and Settings\med\Application Data\AdwareAlert\Log (Rogue.AdwareAlert) -> Quarantined and deleted successfully.
C:\Documents and Settings\med\Application Data\AdwareAlert\Settings (Rogue.AdwareAlert) -> Quarantined and deleted successfully.
Fichier(s) infecté(s):
C:\System Volume Information\_restore{6EF96606-93D9-448A-B7C0-920FC4974A81}\RP114\A0132042.exe (Rogue.AdwareAlert) -> Quarantined and deleted successfully.
C:\Documents and Settings\med\Application Data\AdwareAlert\rs.dat (Rogue.AdwareAlert) -> Quarantined and deleted successfully.
C:\Documents and Settings\med\Application Data\AdwareAlert\Log\2008 Apr 16 - 03_55_42 PM_484.log (Rogue.AdwareAlert) -> Quarantined and deleted successfully.
C:\Documents and Settings\med\Application Data\AdwareAlert\Settings\ScanResults.pie (Rogue.AdwareAlert) -> Quarantined and deleted successfully.
Reposte un rapport Hijackthis.
Répondre à Angeldark
Re, je n'ai plus de pop up mais voila le rapport
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:48:20, on 25/04/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\program files\steam\steam.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\med\Local Settings\Temporary Internet Files\Content.IE5\4D63S9Y3\HiJackThis[1].exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Steam] "c:\program files\steam\steam.exe" -silent
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: PalTalk.lnk = C:\Program Files\Paltalk Messenger\paltalk.exe
O4 - Global Startup: Windows Desktop Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O8 - Extra context menu item: Liens de téléchargement avec Mega Manager... - C:\Program Files\Megaupload\Mega Manager\mm_file.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: PalTalk - {4EAFEF58-EEFA-4116-983D-03B49BCBFFFE} - C:\Program Files\Paltalk Messenger\Paltalk.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/bina [...] b56986.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab
O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} (OnlineScanner Control) - http://www.eset.eu/buxus/docs/OnlineScanner.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-F [...] E_UNO1.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://go.divx.com/plugin/DivXBrowserPlugin.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537 [...] scan53.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/bina [...] b56649.cab
O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/bina [...] b57213.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/bina [...] b56907.cab
O16 - DPF: {D8089245-3211-40F6-819B-9E5E92CD61A2} (FlashXControl Object) - https://signin3.valueactive.com/Reg [...] lashax.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/bina [...] b56986.cab
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Service Partage réseau du Lecteur Windows Media (WMPNetworkSvc) - Unknown owner - C:\Program Files\Windows Media Player\WMPNetwk.exe (file missing)
--
End of file - 7534 bytes
Encore des problèmes ?
Répondre à Angeldark
Non plus du tout, donc merci pour ton aide ( heureusement qu'il y a des gens comme toi dans ce forum )
Ciao
Bon surf 
- Télécharge ToolsCleaner sur ton Bureau.
- Clique sur Recherche et laisse le scan se terminer.
- Clique sur Suppression pour finaliser.
- Clique sur Quitter, pour que le rapport puisse se créer.
- Poste le rapport (TCleaner.txt) qui se trouve à la racine de ton disque dur (C:\)
Désactive puis réactive la restauration du système : Voir aide
Ajoute maintenant [Résolu] au titre. Pour cela :
* Clique, dans ton premier message, sur le bouton "Editer" 
* Rajoute la mention [Résolu] au titre
* Clique ensuite sur "Valider votre message"
Lis le dossier dossier sur la prévention et la protection pour ne plus avoir ce genre de problème en cliquant sur l'image ci-dessous :
Répondre à Angeldark
le voila:
-->- Recherche:
C:\Lop SD: trouvé !
C:\Documents and Settings\med\Mes documents\HJTInstall.exe: trouvé !
C:\Program Files\Trend Micro\HijackThis: trouvé !
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe: trouvé !
---------------------------------
-->- Suppression:
C:\Documents and Settings\med\Mes documents\HJTInstall.exe: supprimé !
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe: supprimé !
C:\Lop SD: supprimé !
C:\Program Files\Trend Micro\HijackThis: supprimé !
Sauvegarde du registre crée !
Il y a 1347 utilisateurs connus et inconnus. Pour voir la liste des connectés connus, cliquez ici.
