Tom's Guide > Forum > Sécurité - Virus > Probleme pop up CiD

Probleme pop up CiD

Forum Sécurité - Virus : Probleme pop up CiD

TomsGuide.com : 800 000 inscrits répondent à toutes vos questions high-tech et informatique. Pour obtenir de l'aide, inscrivez-vous gratuitement !
Créer un nouveau sujet Répondre
Mot :    Pseudo :           
 
juls56   24-06-2008 à 11:24:19

Bonjour, depuis peu de nombreuses fenetre "CiD" s'ouvre sans cesse sans que je ne puisse rien y faire...
J'ai tente de resoudre le probleme moi meme mais je n'ai rien pu faire de peur de supprimer un programme legitime...(je suis novice :D )
J'ai desinstaller le sponsor messenger plus mais il n'y a aucun changement.
J'ai donc realiser un rapport Hijackthis que voila:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:24:45, on 24/06/2008
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16681)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\PROGRA~1\McAfee.com\Agent\mcagent.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\BigFix\bigfix.exe
C:\Program Files\SiteAdvisor\6261\SiteAdv.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopIndex.exe
C:\Windows\vphc700.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopCrawl.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Philips\SPC 200NC PC Camera\TrayMin200.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Philips\SPC 700NC PC Camera\TrayMin700.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\IEUser.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
c:\PROGRA~1\mcafee\msc\mcuimgr.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.iesearch.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.gateway.com/g/startpage [...] B&M=MT6840
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.gateway.com/g/startpage [...] B&M=MT6840
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.gateway.com/g/sidepanel [...] B&M=MT6840
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {089FD14D-132B-48FC-8861-0048AE113215} - C:\Program Files\SiteAdvisor\6261\SiteAdv.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: McAntiPhishingBHO - {377C180E-6F0E-4D4C-980F-F45BD3D40CF4} - C:\Program Files\McAfee\MSK\mcapbho.dll
O2 - BHO: cpmsky browser optimizer - {3edeeffe-bd85-4f70-9b0f-a3bb4e9105b5} - C:\Windows\system32\{daa8c420-da37-362c-b05b-1005090d0bee}.dll
O2 - BHO: adzgalore - {5449b08f-cbdd-28ea-0bd6-9754c29604d0} - C:\Windows\system32\nsy4C5.dll
O2 - BHO: (no name) - {724AA21A-30E9-480F-A0CD-E174CC63965C} - C:\Windows\system32\AUDIOKS.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: mysidesearch search enhancer - {c99abb75-7185-fa6c-2479-c2325661219e} - C:\Windows\system32\ktjpftpysckvhnfjq.dll
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - c:\google\BAE.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: McAfee SiteAdvisor - {0BF43445-2F28-4351-9252-17FE6E806AA0} - C:\Program Files\SiteAdvisor\6261\SiteAdv.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [IAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [SMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [NapsterShell] C:\Program Files\Napster\napster.exe /systray
O4 - HKLM\..\Run: [BigFix] c:\program files\Bigfix\bigfix.exe /atstartup
O4 - HKLM\..\Run: [SiteAdvisor] "C:\Program Files\SiteAdvisor\6261\SiteAdv.exe"
O4 - HKLM\..\Run: [BigDogPath] C:\Windows\VM_STI.exe Philips SPC 200NC PC Camera
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [mcagent_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey
O4 - HKLM\..\Run: [phc700] C:\Windows\vphc700.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [{43f3741f-abb0-4f06-3484-7996a49744e1}] C:\Windows\System32\Rundll32.exe "C:\Windows\system32\{daa8c420-da37-362c-b05b-1005090d0bee}.dll" DllInit
O4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [1axis] "C:\ProgramData\thatownsowns.s24ri"
O4 - HKCU\..\Run: [bait face type axis] "C:\ProgramData\web help clock.grye9"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Global Startup: TrayMin200.exe.lnk = ?
O4 - Global Startup: TrayMin700.exe.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\npjpi160_01.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\npjpi160_01.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Users\Julien\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IMVU\Run IMVU.lnk (file missing)
O13 - Gopher Prefix:
O16 - DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} (SpinTop DRM Control) - file:///C:/Program%20Files/Sunset%20Studio/Images/stg_drm.ocx
O16 - DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} (ArmHelper Control) - file:///C:/Program%20Files/Sunset%20Studio/Images/armhelper.ocx
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Common Files\BOONTY Shared\Service\Boonty.exe
O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files\Gateway Games\Gateway Game Console\GameConsoleService.exe
O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktopManager.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\program files\common files\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: McAfee SpamKiller Service (MSK80Service) - McAfee, Inc. - C:\Program Files\McAfee\MSK\MskSrver.exe
O23 - Service: Service SiteAdvisor (SiteAdvisor Service) - Unknown owner - C:\Program Files\SiteAdvisor\6261\SAService.exe
O23 - Service: SigmaTel Audio Service (STacSV) - SigmaTel, Inc. - C:\Program Files\SigmaTel\C-Major Audio\WDM\STacSV.exe

--
End of file - 10086 bytes

Quelqu'un aurait il une solution? // Je suis sous Vista

Répondre
Liens sponsorisés
Inscrivez-vous ou connectez-vous pour masquer ceci.
Egwene   24-06-2008 à 11:42:16
- 0 +

:hello: Bonjour,

Télécharge Lop S&D.exe (d’ Eric 71 & Angeldark) sur ton bureau.

  • Double-clique dessus pour lancer l'installation
  • Puis double-clique sur le raccourci Lop S&D présent sur ton bureau (Si tu es sous Vista, clique droit -> exécuter en tant qu'admin)
  • Séléctionne la langue souhaitée , puis choisis l'Option 1 (Recherche)
  • Patiente jusqu'à la fin du scan
  • Poste le rapport généré (C:\lopR.txt)


Si ton bureau ne réapparait pas, fais CTRL+ALT+SUPP pour ouvrir le gestionnaire de tâches.
Puis rends-toi à l'onglet "processus". Clique en haut à gauche sur fichiers et choisis "Nouvelle tâche (exécuter)"
Tapes explorer et valide. Cela te fera apparaitre ton bureau

;)

------------------------------ Prière de signaler si vous vous faites déjà aider sur un autre forum ou dans un autre topic.

Sécurité / Prévention
Répondre à Egwene
juls56   24-06-2008 à 20:27:46
- 0 +

Le voila
-----------------------[ Lop S&D 4.2.1-8 XP/Vista ]---------------------

[ Windows 'Longhorn' (NT 6.0) Workstation Build 6000 ]
[ USER : Julien ] [ "C:\Lop SD" ] [ Selection : 1 ]
[ 24/06/2008 | 20:26:15,49 ] [ PC : JULIEN-PC ]
[ MAJ : 24-06-2008 | 11:00 ]
[ UAC => 0 ]

-------------[ Listing des dossiers dans Roaming ]------------

[31/10/2007|14:12] C:\Users\Julien\AppData\Roaming\Adobe\Linguistics
[31/10/2007|14:12] C:\Users\Julien\AppData\Roaming\Adobe\Acrobat

[20/06/2008|22:35] C:\Users\Julien\AppData\Roaming\Apple Computer\iTunes
[20/05/2008|18:05] C:\Users\Julien\AppData\Roaming\Apple Computer\Lockdown
[03/05/2008|20:04] C:\Users\Julien\AppData\Roaming\Apple Computer\Logs
[02/04/2008|19:33] C:\Users\Julien\AppData\Roaming\Apple Computer\Preferences
[21/02/2008|16:03] C:\Users\Julien\AppData\Roaming\Apple Computer\MobileSync
[04/01/2008|16:28] C:\Users\Julien\AppData\Roaming\Apple Computer\SyncServices

[04/01/2008|18:33] C:\Users\Julien\AppData\Roaming\Audacity\AutoSave
[04/01/2008|18:30] C:\Users\Julien\AppData\Roaming\Audacity\presets

[20/02/2008|14:54] C:\Users\Julien\AppData\Roaming\Azureus\active
[20/02/2008|14:53] C:\Users\Julien\AppData\Roaming\Azureus\dht
[20/02/2008|14:53] C:\Users\Julien\AppData\Roaming\Azureus\net
[20/02/2008|14:53] C:\Users\Julien\AppData\Roaming\Azureus\updates
[20/02/2008|14:53] C:\Users\Julien\AppData\Roaming\Azureus\tmp
[20/02/2008|14:51] C:\Users\Julien\AppData\Roaming\Azureus\torrents
[20/02/2008|14:50] C:\Users\Julien\AppData\Roaming\Azureus\logs
[20/02/2008|14:50] C:\Users\Julien\AppData\Roaming\Azureus\shares
[20/02/2008|14:50] C:\Users\Julien\AppData\Roaming\Azureus\plugins

[05/11/2007|18:48] C:\Users\Julien\AppData\Roaming\CyberLink\Power2Go
[05/11/2007|18:46] C:\Users\Julien\AppData\Roaming\CyberLink\MediaCache

[13/01/2008|16:51] C:\Users\Julien\AppData\Roaming\DivX\DivX Player
[10/11/2007|22:09] C:\Users\Julien\AppData\Roaming\DivX\DivX Codec

[20/02/2008|22:01] C:\Users\Julien\AppData\Roaming\Enterbrain\RPGVX

[08/12/2007|15:51] C:\Users\Julien\AppData\Roaming\Google\GoogleEarth

[31/12/2007|01:03] C:\Users\Julien\AppData\Roaming\Identities\{06B686C7-14C6-4413-BD75-B5654831BE7D}

[04/01/2008|00:22] C:\Users\Julien\AppData\Roaming\IMVU\avpics
[04/01/2008|00:20] C:\Users\Julien\AppData\Roaming\IMVU\ProductFiles

[27/04/2008|12:06] C:\Users\Julien\AppData\Roaming\InstallShield Installation Information\{3266FEA9-98E9-448B-B235-DAC63D4CE781}

[30/11/2007|21:01] C:\Users\Julien\AppData\Roaming\LEGO Company\LEGO Digital Designer

[19/06/2008|12:33] C:\Users\Julien\AppData\Roaming\LimeWire\promotion
[19/06/2008|12:00] C:\Users\Julien\AppData\Roaming\LimeWire\.AppSpecialShare
[19/06/2008|12:00] C:\Users\Julien\AppData\Roaming\LimeWire\themes

[24/10/2007|18:30] C:\Users\Julien\AppData\Roaming\Macromedia\Flash Player


[20/06/2008|10:15] C:\Users\Julien\AppData\Roaming\Microsoft\Templates
[26/05/2008|18:44] C:\Users\Julien\AppData\Roaming\Microsoft\UProof
[10/05/2008|14:15] C:\Users\Julien\AppData\Roaming\Microsoft\MSN Messenger
[23/04/2008|16:21] C:\Users\Julien\AppData\Roaming\Microsoft\Office
[23/04/2008|16:12] C:\Users\Julien\AppData\Roaming\Microsoft\Word
[02/04/2008|17:55] C:\Users\Julien\AppData\Roaming\Microsoft\Outlook
[31/03/2008|17:26] C:\Users\Julien\AppData\Roaming\Microsoft\IMJP10
[05/03/2008|19:55] C:\Users\Julien\AppData\Roaming\Microsoft\Installer
[23/02/2008|15:15] C:\Users\Julien\AppData\Roaming\Microsoft\Windows Live Call
[23/02/2008|15:15] C:\Users\Julien\AppData\Roaming\Microsoft\IdentityCRL
[06/02/2008|18:36] C:\Users\Julien\AppData\Roaming\Microsoft\Windows Photo Gallery
[21/01/2008|20:03] C:\Users\Julien\AppData\Roaming\Microsoft\Excel
[15/12/2007|14:18] C:\Users\Julien\AppData\Roaming\Microsoft\Crypto
[07/11/2007|12:19] C:\Users\Julien\AppData\Roaming\Microsoft\MMC
[05/11/2007|18:48] C:\Users\Julien\AppData\Roaming\Microsoft\eHome
[31/10/2007|20:15] C:\Users\Julien\AppData\Roaming\Microsoft\Proof
[31/10/2007|20:15] C:\Users\Julien\AppData\Roaming\Microsoft\Document Building Blocks
[31/10/2007|20:15] C:\Users\Julien\AppData\Roaming\Microsoft\AddIns
[28/10/2007|13:48] C:\Users\Julien\AppData\Roaming\Microsoft\HTML Help
[24/10/2007|18:52] C:\Users\Julien\AppData\Roaming\Microsoft\Internet Explorer
[23/10/2007|21:16] C:\Users\Julien\AppData\Roaming\Microsoft\Windows
[16/10/2007|03:48] C:\Users\Julien\AppData\Roaming\Microsoft\Protect
[16/10/2007|03:48] C:\Users\Julien\AppData\Roaming\Microsoft\SystemCertificates
[16/10/2007|03:48] C:\Users\Julien\AppData\Roaming\Microsoft\Credentials

[19/06/2008|12:28] C:\Users\Julien\AppData\Roaming\Mozilla\Firefox
[29/10/2007|13:48] C:\Users\Julien\AppData\Roaming\Mozilla\Plugins

[25/02/2008|20:58] C:\Users\Julien\AppData\Roaming\My Games\Sid Meier's Civilization 4 Demo

[23/06/2008|21:52] C:\Users\Julien\AppData\Roaming\Real\RealPlayer
[06/03/2008|22:13] C:\Users\Julien\AppData\Roaming\Real\RealMediaSDK
[06/03/2008|21:54] C:\Users\Julien\AppData\Roaming\Real\Msg
[06/03/2008|21:53] C:\Users\Julien\AppData\Roaming\Real\rnadmin


[28/02/2008|20:41] C:\Users\Julien\AppData\Roaming\SecondLife\logs
[28/02/2008|20:41] C:\Users\Julien\AppData\Roaming\SecondLife\cache
[28/02/2008|18:17] C:\Users\Julien\AppData\Roaming\SecondLife\user_settings
[28/02/2008|18:17] C:\Users\Julien\AppData\Roaming\SecondLife\juls_neddings
[28/02/2008|17:49] C:\Users\Julien\AppData\Roaming\SecondLife\browser_profile



[14/11/2007|20:06] C:\Users\Julien\AppData\Roaming\WildTangent\Gateway Game Console


----------------[ Tâches planifiées dans C:\Windows\tasks ]---------------

[24/06/2008 15:05][--ah-----] C:\Windows\tasks\User_Feed_Synchronization-{4968B261-0EF8-429D-912A-1E58D16B6D67}.job
[16/10/2007 02:40][--a------] C:\Windows\tasks\McDefragTask.job
[16/10/2007 02:40][--a------] C:\Windows\tasks\McQcTask.job
[24/06/2008 20:23][--ah-----] C:\Windows\tasks\SA.DAT
[24/06/2008 20:22][--a------] C:\Windows\tasks\SCHEDLGU.TXT

------[ Listing des dossiers dans C:\ProgramData ]------

[23/05/2007|00:21] C:\ProgramData\Adobe
[23/10/2007|19:11] C:\ProgramData\Apple
[23/10/2007|19:15] C:\ProgramData\Apple Computer
[16/10/2007|03:42] C:\ProgramData\Application Data
[20/02/2008|14:50] C:\ProgramData\Azureus
[20/02/2008|14:29] C:\ProgramData\BOONTY
[05/01/2008|14:03] C:\ProgramData\CyberLink
[16/10/2007|03:42] C:\ProgramData\Desktop
[16/10/2007|03:42] C:\ProgramData\Documents
[16/10/2007|03:42] C:\ProgramData\Favorites
[23/05/2007|00:25] C:\ProgramData\Google
[29/10/2007|20:36] C:\ProgramData\InstallShield
[23/05/2007|00:33] C:\ProgramData\McAfee
[26/01/2008|17:36] C:\ProgramData\Media Center Programs
[22/06/2008|19:35] C:\ProgramData\Meow Intra Bait Face
[18/01/2008|22:29] C:\ProgramData\Messenger Plus!
[27/03/2008|14:37] C:\ProgramData\Microsoft
[18/05/2008|11:06] C:\ProgramData\Microsoft Help
[28/02/2008|20:42] C:\ProgramData\MumboJumbo
[23/10/2007|18:51] C:\ProgramData\Napster
[22/06/2008|19:34] C:\ProgramData\Part Proxy File
[12/06/2006|02:01] C:\ProgramData\Prism Deploy
[31/12/2007|01:01] C:\ProgramData\SiteAdvisor
[04/01/2008|19:02] C:\ProgramData\Skyline
[16/10/2007|03:42] C:\ProgramData\Start Menu
[26/02/2008|21:47] C:\ProgramData\TEMP
[16/10/2007|03:42] C:\ProgramData\Templates
[19/06/2008|12:28] C:\ProgramData\thatownsowns.7eem3
[22/06/2008|19:34] C:\ProgramData\thatownsowns.m23wo2r
[22/06/2008|19:34] C:\ProgramData\thatownsowns.s24ri
[20/02/2008|16:08] C:\ProgramData\Trymedia
[22/06/2008|19:35] C:\ProgramData\web help clock.grye9
[23/01/2008|21:03] C:\ProgramData\WildTangent
[23/05/2007|00:19] C:\ProgramData\Windows
[14/02/2008|21:54] C:\ProgramData\WLInstaller
[29/10/2007|20:45] C:\ProgramData\Xfire
[26/02/2008|20:27] C:\ProgramData\Zylom

---------------[ Listing des dossiers dans C:\Program Files ]--------------

[18/05/2008|14:00] C:\Program Files\3DRPGEditor
[23/05/2007|00:28] C:\Program Files\Acceller
[23/05/2007|00:20] C:\Program Files\Adobe
[27/04/2008|12:00] C:\Program Files\AGEIA Technologies
[23/05/2007|00:27] C:\Program Files\AOL 9.0
[18/06/2008|09:27] C:\Program Files\Apple Software Update
[01/02/2008|17:15] C:\Program Files\Audacity
[10/11/2007|21:50] C:\Program Files\AviSynth 2.5
[23/05/2007|00:31] C:\Program Files\BigFix
[27/04/2008|11:59] C:\Program Files\Common Files
[23/05/2007|00:25] C:\Program Files\CyberLink
[25/10/2007|18:34] C:\Program Files\desktop.ini
[03/02/2008|11:15] C:\Program Files\Disney
[10/11/2007|21:52] C:\Program Files\DivX
[21/06/2008|22:35] C:\Program Files\Dofus
[26/01/2008|17:34] C:\Program Files\Eidos
[24/06/2008|11:05] C:\Program Files\Firefly Studios
[23/05/2007|00:19] C:\Program Files\Gateway
[28/02/2008|18:30] C:\Program Files\Gateway Games
[05/12/2007|21:51] C:\Program Files\Google
[10/11/2007|21:53] C:\Program Files\Haali
[07/11/2007|12:13] C:\Program Files\Hewlett-Packard
[23/06/2008|12:52] C:\Program Files\InstallShield Installation Information
[23/05/2007|00:11] C:\Program Files\Intel
[26/01/2008|16:47] C:\Program Files\InterActual
[13/06/2008|18:32] C:\Program Files\Internet Explorer
[13/04/2008|21:19] C:\Program Files\iPod
[09/02/2008|22:44] C:\Program Files\Ipod Video Converter
[13/04/2008|21:19] C:\Program Files\iTunes
[23/05/2007|00:27] C:\Program Files\Java
[01/02/2008|18:03] C:\Program Files\LinCity-NG
[10/06/2008|21:02] C:\Program Files\McAfee
[23/05/2007|00:31] C:\Program Files\McAfee.com
[18/01/2008|22:28] C:\Program Files\Messenger Plus! Live
[23/05/2007|00:27] C:\Program Files\Microsoft Digital Image 2006
[02/11/2006|14:37] C:\Program Files\Microsoft Games
[23/05/2007|00:28] C:\Program Files\Microsoft Money 2006
[27/03/2008|14:38] C:\Program Files\Microsoft Office
[27/03/2008|14:38] C:\Program Files\Microsoft Visual Studio
[27/03/2008|14:33] C:\Program Files\Microsoft Visual Studio 8
[27/03/2008|14:40] C:\Program Files\Microsoft Works
[27/03/2008|14:37] C:\Program Files\Microsoft.NET
[23/05/2007|00:18] C:\Program Files\Motorola
[02/11/2006|14:42] C:\Program Files\Movie Maker
[19/06/2008|12:25] C:\Program Files\Mozilla Firefox
[27/03/2008|14:39] C:\Program Files\MSBuild
[02/11/2006|14:37] C:\Program Files\MSN
[23/05/2007|00:19] C:\Program Files\MSN Encarta Plus
[25/10/2007|18:16] C:\Program Files\MSXML 4.0
[23/05/2007|00:29] C:\Program Files\NetZero
[04/01/2008|22:33] C:\Program Files\Philips
[04/04/2008|19:26] C:\Program Files\QuickTime
[06/03/2008|21:53] C:\Program Files\Real
[09/02/2008|22:58] C:\Program Files\Red Kawa
[02/11/2006|14:37] C:\Program Files\Reference Assemblies
[08/06/2008|19:20] C:\Program Files\ReflexiveArcade
[10/11/2007|22:35] C:\Program Files\Ripp-it_AM
[12/06/2006|02:01] C:\Program Files\SIFXINST
[23/05/2007|00:15] C:\Program Files\SigmaTel
[23/05/2008|22:47] C:\Program Files\SiteAdvisor
[16/04/2008|19:59] C:\Program Files\Sony
[16/04/2008|19:59] C:\Program Files\StarWarsGalaxies
[23/05/2007|00:14] C:\Program Files\Synaptics
[18/04/2008|16:57] C:\Program Files\T‚l‚chargeur de Medieval Lords
[24/06/2008|10:46] C:\Program Files\Trend Micro
[02/11/2006|15:01] C:\Program Files\Uninstall Information
[27/04/2008|12:02] C:\Program Files\Unreal Tournament 3 Demo
[18/04/2008|18:28] C:\Program Files\Warcraft III Demo
[25/10/2007|18:32] C:\Program Files\Windows Calendar
[02/11/2006|14:42] C:\Program Files\Windows Collaboration
[23/05/2007|00:53] C:\Program Files\Windows Defender
[02/11/2006|14:42] C:\Program Files\Windows Journal
[03/01/2008|18:55] C:\Program Files\Windows Live
[13/06/2008|18:33] C:\Program Files\Windows Mail
[25/10/2007|18:32] C:\Program Files\Windows Media Player
[02/11/2006|14:37] C:\Program Files\Windows NT
[02/11/2006|14:42] C:\Program Files\Windows Photo Gallery
[12/01/2008|12:40] C:\Program Files\Windows Sidebar
[19/06/2008|13:29] C:\Program Files\WinRAR
[01/05/2008|22:09] C:\Program Files\WinSCP
[04/04/2008|19:33] C:\Program Files\WowCartographe
[10/11/2007|21:52] C:\Program Files\Xvid
[07/11/2007|12:13] C:\Program Files\Zenographics

------[ Listing des dossiers dans C:\Program Files\Common Files ]------

[23/05/2007|00:20] C:\Program Files\Common Files\Adobe
[23/10/2007|19:11] C:\Program Files\Common Files\Apple
[27/03/2008|13:56] C:\Program Files\Common Files\Blizzard Entertainment
[20/02/2008|14:28] C:\Program Files\Common Files\BOONTY Shared
[27/03/2008|14:38] C:\Program Files\Common Files\DESIGNER
[20/02/2008|22:00] C:\Program Files\Common Files\Enterbrain
[29/10/2007|20:31] C:\Program Files\Common Files\InstallShield
[23/05/2007|00:27] C:\Program Files\Common Files\Java
[02/01/2008|10:10] C:\Program Files\Common Files\McAfee
[27/03/2008|14:40] C:\Program Files\Common Files\microsoft shared
[12/06/2006|02:01] C:\Program Files\Common Files\New Boundary
[06/03/2008|21:53] C:\Program Files\Common Files\Real
[02/11/2006|13:18] C:\Program Files\Common Files\Services
[02/11/2006|13:18] C:\Program Files\Common Files\SpeechEngines
[03/01/2008|00:59] C:\Program Files\Common Files\SWF Studio
[27/03/2008|14:33] C:\Program Files\Common Files\System
[02/01/2008|12:35] C:\Program Files\Common Files\WindowsLiveInstaller
[27/04/2008|11:59] C:\Program Files\Common Files\Wise Installation Wizard
[06/03/2008|21:54] C:\Program Files\Common Files\xing shared

---------------------------[ Process ]--------------------------

... OK !

----------------------[ Recherche avec S_Lop ]---------------------

C:\ProgramData\web help clock.grye9
C:\Users\Julien\AppData\Local\Temp\bis1E1C.exe
C:\ProgramData\PARTPR~1
C:\ProgramData\PARTPR~1\libifiqr.exe
C:\ProgramData\PARTPR~1\MixCashThird.exe
C:\ProgramData\PARTPR~1\ugffudxk.exe

-----------------[ Recherche de Fichiers / Dossiers Lop ]-----------------

C:\ProgramData\Meow Intra Bait Face
C:\ProgramData\Meow Intra Bait Face\tons readme.exe
C:\Windows\Prefetch\TONS README.EXE-862B7434.pf
C:\Users\Julien\AppData\Roaming\MICROS~1\Windows\Cookies\julien@adultfriendfinder[1].txt
C:\Users\Julien\AppData\Roaming\MICROS~1\Windows\Cookies\julien@adin.bigpoint[2].txt
C:\Users\Julien\AppData\Roaming\MICROS~1\Windows\Cookies\julien@bigpoint[1].txt
C:\Users\Julien\AppData\Roaming\MICROS~1\Windows\Cookies\julien@fr1.seafight.bigpoint[2].txt
C:\Users\Julien\AppData\Roaming\MICROS~1\Windows\Cookies\julien@banner.casinoking[2].txt
C:\Users\Julien\AppData\Roaming\MICROS~1\Windows\Cookies\julien@casinoking[1].txt
C:\Users\Julien\AppData\Roaming\MICROS~1\Windows\Cookies\julien@banner.cotedazurpalace[2].txt
C:\Users\Julien\AppData\Roaming\MICROS~1\Windows\Cookies\julien@cotedazurpalace[1].txt
C:\Users\Julien\AppData\Roaming\MICROS~1\Windows\Cookies\julien@adopt.euroclick[2].txt
C:\Users\Julien\AppData\Roaming\MICROS~1\Windows\Cookies\julien@fr1.seafight.bigpoint[2].txt
C:\Users\Julien\AppData\Roaming\MICROS~1\Windows\Cookies\julien@32vegas[2].txt
C:\Users\Julien\AppData\Roaming\MICROS~1\Windows\Cookies\julien@banner.32vegas[2].txt
C:\Users\Julien\AppData\Roaming\MICROS~1\Windows\Cookies\julien@2xmoinscher[2].txt
C:\Users\Julien\AppData\Roaming\MICROS~1\Windows\Cookies\julien@www.2xmoinscher[2].txt

----------------------[ Verification du Registre ]----------------------

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\remote mode junk]
"DisplayName"="CiD Help"
"UninstallString"="C:\\PROGRA~2\\PARTPR~1\\MixCashThird.exe -uninstall"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"bait face type axis"="\"C:\\ProgramData\\web help clock.grye9\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

--------------------[ Verification du fichier Hosts ]---------------------

Fichier Hosts PROPRE


----------------[ Recherche de fichiers avec Catchme ]-----------------

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-06-24 20:25:47
Windows 6.0.6000 NTFS
scanning hidden processes ...
scanning hidden files ...
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-06-24 20:26:34
Windows 6.0.6000 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0

--------------------[ Recherche d'autres infections ]---------------------

=> C:\Users\Julien\AppData\Local\Temp\Temp1_RC__Stronghold.zip\Crack
=> C:\Users\Julien\Desktop\SCE\Stronghold Crusader Extreme\Crack
=> C:\Users\Julien\Desktop\SCE\Stronghold Crusader Extreme\Crack\Stronghold Crusader.exe
=> C:\Users\Julien\Desktop\SCE\Stronghold Crusader Extreme\Crack\Stronghold_Crusader_Extreme.exe
=> C:\Users\Julien\Desktop\SCE\Stronghold Crusader Extremebis\Crack
=> C:\Users\Julien\Desktop\SCE\Stronghold Crusader Extremebis\Crack\Stronghold Crusader.exe
=> C:\Users\Julien\Desktop\SCE\Stronghold Crusader Extremebis\Crack\Stronghold_Crusader_Extreme.exe


[F:1374][D:81]-> C:\Users\Julien\AppData\Local\Temp
[F:323][D:1]-> C:\Users\Julien\AppData\Roaming\MICROS~1\Windows\Cookies
[F:10582][D:15]-> C:\Users\Julien\AppData\Local\MICROS~1\Windows\TEMPOR~1\content.IE5
[F:49][D:3]-> C:\$Recycle.Bin

[ UAC => 1 ]

--------------------[ Fin du rapport a 20:29:11,62 ]----------------------

Répondre à juls56
Egwene   24-06-2008 à 22:32:44
- 0 +

Re,

Sélectionne entièrement l'encadré ci-dessous , puis clique droit Copier

C:\ProgramData\thatownsowns.7eem3
C:\ProgramData\thatownsowns.m23wo2r
C:\ProgramData\thatownsowns.s24ri
C:\ProgramData\web help clock.grye9
C:\ProgramData\Meow Intra Bait Face
C:\Users\Julien\Desktop\SCE\Stronghold Crusader Extreme\Crack
C:\ProgramData\web help clock.grye9
C:\Users\Julien\AppData\Local\Temp\bis1E1C.exe
C:\ProgramData\PARTPR~1
C:\Users\Julien\AppData\Local\Temp\Temp1_RC__Stronghold.zip\Crack



Relance Lop S&D

  • Choisis cette fois ci l'Option 4 (LopScript)
  • Une page blanche va s'ouvrir , clique droit dessus et choisis Coller
  • Ferme la page , il te sera demandé de l'enregistrer , clique sur [Enregistrer]
  • Ne ferme pas la fenêtre lors de la suppression !
  • Poste le rapport généré (C:\lopR.txt)


;)

------------------------------ Prière de signaler si vous vous faites déjà aider sur un autre forum ou dans un autre topic.

Sécurité / Prévention
Répondre à Egwene
Créer un nouveau sujet Répondre
Tom's Guide > Forum > Sécurité - Virus > Probleme pop up CiD
Aller à :

Il y a 2093 utilisateurs connus et inconnus. Pour voir la liste des connectés connus, cliquez ici.

Plan du forum
Forum Bestofmedia ©
2000-2009 Bestofmedia Group
Page générée en 0,274 secondes
Attention

Vous allez répondre sur un sujet resté inactif pendant plus de 6 mois.
Assurez-vous d'apporter des éléments nouveaux à la discussion avant de poursuivre.

Répondre Annuler
Liens