Probleme Pub Cid

Bonjour a tous,

Voila j'ai le meme probleme que beaucoup de personne avec les pubs Cid qui commence bien a me prendre la tète.

Donc voila mon scan Hijackthis, Merci de votre aide :ange:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:11:19, on 09/03/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\RtHDVCpl.exe
C:\Windows\system32\taskeng.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\Carbonite\Carbonite Backup\CarboniteUI.exe
C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Valve\Steam\Steam.exe
C:\Users\Rauks\Program Files\DNA\btdna.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Users\Rauks\AppData\Roaming\Microsoft\Live Search\Notification-LiveSearch.exe
C:\Users\Rauks\AppData\Roaming\Microsoft\Live Search\Mise-a-jour-LiveSearch.exe
C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Internet Explorer\ieuser.exe
C:\Program Files\Windows Live\Toolbar\wltuser.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\Macromed\Flash\FlashUtil10a.exe
C:\Users\Rauks\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\US3LYQDG\HiJackThis[1].exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://format.packardbell.com/cgi- [...] ey=IESTART
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://format.packardbell.com/cgi- [...] ey=IESTART
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Google\Google_BAE\BAE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Ask Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [toolbar_eula_launcher] C:\Program Files\Packard Bell\GOOGLE_EULA\EULALauncher.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Carbonite Backup] C:\Program Files\Carbonite\Carbonite Backup\CarboniteUI.exe
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
O4 - HKCU\..\Run: [SmpcSys] C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Steam] "c:\program files\valve\steam\steam.exe" -silent
O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Users\Rauks\Program Files\DNA\btdna.exe"
O4 - HKCU\..\Run: [Move Junk] "C:\ProgramData\onespamspam.pz1c7"
O4 - HKCU\..\Run: [Mode Load Mpeg Less] "C:\ProgramData\browse nurb close.cr4e0ap"
O4 - HKCU\..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - Startup: Outil de notification Live Search.lnk = C:\Users\Rauks\AppData\Roaming\Microsoft\Live Search\Notification-LiveSearch.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/bina [...] b56986.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/bina [...] b56907.cab
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe Active File Monitor V6 (AdobeActiveFileMonitor6.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: CarboniteService - Carbonite, Inc. (www.carbonite.com) - C:\Program Files\Carbonite\Carbonite Backup\carboniteservice.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Generic Service for HID Keyboard Input Collections (GenericHidService) - Packard Bell BV - C:\Program Files\Packard bell\SAXO27\HIDSERVICE.EXE
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\Windows\system32\IoctlSvc.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe

--
End of file - 10471 bytes

Répondre

Inscrivez-vous ou connectez-vous pour masquer ceci.

Salut,

Désactive l'UAC le temps de la désinfection.

Télécharge Lop S&D sur ton Bureau.
Double-clique dessus pour lancer l'installation.
Puis double-clique sur le raccourci Lop S&D présent sur ton Bureau.

(Sous Vista, il faut cliquer droit sur Lop S&D et choisir Exécuter en tant qu'administrateur)

Sélectionne la langue souhaitée, puis choisis l'option 1 (Recherche) .
Patiente jusqu'à la fin du scan.
Poste le rapport généré (C:\lopR.txt).

Répondre à Destrio5

Voila, voila

--------------------\\ Lop S&D 4.2.5-0 XP/Vista

Microsoft® Windows Vista™ Édition Familiale Premium ( v6.0.6001 ) Service Pack 1
X86-based PC ( Multiprocessor Free : Intel(R) Core(TM)2 Quad CPU Q9300 @ 2.50GHz )
BIOS : Phoenix - AwardBIOS v6.00PG
USER : Rauks ( Administrator )
BOOT : Normal boot
C:\ (Local Disk) - NTFS - Total:453 Go (Free:342 Go)
D:\ (CD or DVD)
E:\ (USB)
F:\ (USB)
G:\ (USB)
H:\ (USB)

"C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
Option : [1] ( 09/03/2009|12:10 )

[ UAC => 1 ]

--------------------\\ Listing des dossiers dans Local

[27/01/2009|08:52] C:\Users\Rauks\AppData\Local\Adobe
[15/02/2009|20:35] C:\Users\Rauks\AppData\Local\Ahead
[12/02/2009|21:17] C:\Users\Rauks\AppData\Local\Apple
[01/03/2009|13:12] C:\Users\Rauks\AppData\Local\Apple Computer
[20/01/2009|16:10] C:\Users\Rauks\AppData\Local\Application Data
[03/02/2009|07:11] C:\Users\Rauks\AppData\Local\d3d9caps.dat
[20/01/2009|17:37] C:\Users\Rauks\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[20/01/2009|21:27] C:\Users\Rauks\AppData\Local\DNA
[12/02/2009|08:42] C:\Users\Rauks\AppData\Local\Downloaded Installations
[20/01/2009|16:16] C:\Users\Rauks\AppData\Local\GDIPFONTCACHEV1.DAT
[08/03/2009|19:31] C:\Users\Rauks\AppData\Local\Google
[20/01/2009|16:10] C:\Users\Rauks\AppData\Local\Historique
[08/03/2009|20:59] C:\Users\Rauks\AppData\Local\IconCache.db
[27/01/2009|19:48] C:\Users\Rauks\AppData\Local\Microsoft
[02/02/2009|12:37] C:\Users\Rauks\AppData\Local\Microsoft Games
[20/01/2009|16:58] C:\Users\Rauks\AppData\Local\Mozilla
[13/02/2009|09:59] C:\Users\Rauks\AppData\Local\Packard Bell
[09/03/2009|11:21] C:\Users\Rauks\AppData\Local\Temp
[20/01/2009|16:10] C:\Users\Rauks\AppData\Local\Temporary Internet Files
[06/02/2009|17:31] C:\Users\Rauks\AppData\Local\VirtualStore

--------------------\\ Tâches planifiées dans C:\Windows\tasks

[09/03/2009 12:00][--a------] C:\Windows\tasks\Extension de garantie-Rauks.job
[09/03/2009 12:00][--a------] C:\Windows\tasks\Recovery DVD Creator-Rauks.job
[09/03/2009 09:39][--ah-----] C:\Windows\tasks\SA.DAT
[08/03/2009 20:59][--a------] C:\Windows\tasks\SCHEDLGU.TXT

--------------------\\ Listing des dossiers dans C:\ProgramData

[12/02/2009|21:19] C:\ProgramData\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
[27/01/2009|09:05] C:\ProgramData\Adobe
[12/02/2009|21:17] C:\ProgramData\Apple
[12/02/2009|21:19] C:\ProgramData\Apple Computer
[02/11/2006|14:02] C:\ProgramData\Application Data
[19/02/2009|09:05] C:\ProgramData\Blizzard
[12/02/2009|21:39] C:\ProgramData\browse nurb close.cr4e0ap
[20/01/2009|16:06] C:\ProgramData\Bureau
[15/02/2009|10:59] C:\ProgramData\Carbonite
[02/11/2006|14:02] C:\ProgramData\Desktop
[02/11/2006|14:02] C:\ProgramData\Documents
[22/01/2009|20:53] C:\ProgramData\eMule
[01/02/2009|20:08] C:\ProgramData\ezsidmv.dat
[20/01/2009|16:06] C:\ProgramData\Favoris
[02/11/2006|14:02] C:\ProgramData\Favorites
[08/03/2009|19:31] C:\ProgramData\Google
[12/02/2009|08:37] C:\ProgramData\Logishrd
[06/02/2009|17:24] C:\ProgramData\Logitech
[20/01/2009|16:06] C:\ProgramData\Menu D‚marrer
[13/02/2009|08:34] C:\ProgramData\Messenger Plus!
[18/02/2009|14:58] C:\ProgramData\Microsoft
[20/01/2009|21:29] C:\ProgramData\Microsoft Help
[20/01/2009|16:06] C:\ProgramData\ModŠles
[05/06/2008|07:43] C:\ProgramData\Nero
[20/01/2009|17:40] C:\ProgramData\NVIDIA
[12/02/2009|21:38] C:\ProgramData\onespamspam.gdn027
[12/02/2009|21:38] C:\ProgramData\onespamspam.pz1c7
[12/02/2009|21:41] C:\ProgramData\PARTMAILFORK
[21/02/2009|13:31] C:\ProgramData\rkfree
[05/06/2008|07:53] C:\ProgramData\Skype
[02/11/2006|14:02] C:\ProgramData\Start Menu
[13/02/2009|10:04] C:\ProgramData\Symantec
[19/02/2009|09:20] C:\ProgramData\TEMP
[02/11/2006|14:02] C:\ProgramData\Templates
[12/02/2009|21:39] C:\ProgramData\two setup mode load
[07/02/2009|10:38] C:\ProgramData\WindowsSearch

--------------------\\ Listing des dossiers dans C:\Program Files

[27/01/2009|09:05] C:\Program Files\Adobe
[13/02/2009|09:09] C:\Program Files\Alwil Software
[12/02/2009|21:17] C:\Program Files\Apple Software Update
[20/01/2009|21:26] C:\Program Files\AskBarDis
[20/01/2009|21:27] C:\Program Files\BitTorrent
[15/02/2009|19:32] C:\Program Files\Bonjour
[15/02/2009|10:59] C:\Program Files\Carbonite
[08/03/2009|15:25] C:\Program Files\CCleaner
[12/02/2009|21:37] C:\Program Files\Circle Developement
[17/02/2009|16:29] C:\Program Files\Common Files
[20/01/2009|21:27] C:\Program Files\DNA
[19/02/2009|09:25] C:\Program Files\Dofus
[12/02/2009|21:34] C:\Program Files\DVDVideoSoft
[20/01/2009|16:06] C:\Program Files\Fichiers communs [C:\Program Files\Common Files]
[08/03/2009|19:47] C:\Program Files\Google
[05/06/2008|07:37] C:\Program Files\HDReg
[09/03/2009|10:50] C:\Program Files\iNetFormFiller Trial
[06/02/2009|17:26] C:\Program Files\InstallShield Installation Information
[12/02/2009|21:18] C:\Program Files\Internet Explorer
[12/02/2009|21:19] C:\Program Files\iPod
[12/02/2009|21:19] C:\Program Files\iTunes
[03/02/2009|21:11] C:\Program Files\Java
[03/02/2009|21:12] C:\Program Files\LimeWire
[06/02/2009|17:27] C:\Program Files\Logitech
[12/02/2009|21:37] C:\Program Files\Messenger Plus! Live
[20/01/2009|21:36] C:\Program Files\Microsoft
[02/11/2006|13:37] C:\Program Files\Microsoft Games
[28/02/2009|19:26] C:\Program Files\Microsoft Office
[05/06/2008|07:53] C:\Program Files\Microsoft Office Suite Activation Assistant
[27/02/2009|22:22] C:\Program Files\Microsoft Silverlight
[18/02/2009|14:57] C:\Program Files\Microsoft SQL Server Compact Edition
[18/02/2009|14:59] C:\Program Files\Microsoft Sync Framework
[05/06/2008|07:50] C:\Program Files\Microsoft Works
[05/06/2008|07:49] C:\Program Files\Microsoft.NET
[05/06/2008|17:13] C:\Program Files\Movie Maker
[20/01/2009|17:40] C:\Program Files\Mozilla Firefox
[02/11/2006|13:37] C:\Program Files\MSBuild
[20/01/2009|16:34] C:\Program Files\MSXML 4.0
[20/02/2009|13:13] C:\Program Files\Mumble
[05/06/2008|07:43] C:\Program Files\Nero
[05/06/2008|07:44] C:\Program Files\NeroInstall.bak
[05/06/2008|07:53] C:\Program Files\Packard Bell
[21/01/2009|17:24] C:\Program Files\PhotoFiltre
[12/02/2009|21:18] C:\Program Files\QuickTime
[05/06/2008|07:33] C:\Program Files\Realtek
[02/11/2006|13:37] C:\Program Files\Reference Assemblies
[08/03/2009|19:50] C:\Program Files\RKFree
[15/02/2009|19:41] C:\Program Files\Safari
[05/06/2008|07:38] C:\Program Files\Seagate
[05/06/2008|07:53] C:\Program Files\Skype
[18/02/2009|16:59] C:\Program Files\SoftInform
[20/01/2009|19:00] C:\Program Files\Teamspeak2_RC2
[02/11/2006|14:01] C:\Program Files\Uninstall Information
[20/01/2009|18:17] C:\Program Files\Valve
[20/01/2009|17:50] C:\Program Files\VideoLAN
[09/02/2009|17:54] C:\Program Files\Wakfu
[05/06/2008|17:13] C:\Program Files\Windows Calendar
[05/06/2008|17:13] C:\Program Files\Windows Collaboration
[05/06/2008|17:13] C:\Program Files\Windows Defender
[05/06/2008|17:13] C:\Program Files\Windows Journal
[18/02/2009|14:59] C:\Program Files\Windows Live
[20/01/2009|18:01] C:\Program Files\Windows Live SkyDrive
[12/02/2009|08:39] C:\Program Files\Windows Mail
[05/06/2008|17:13] C:\Program Files\Windows Media Player
[20/01/2009|16:06] C:\Program Files\Windows NT
[05/06/2008|17:13] C:\Program Files\Windows Photo Gallery
[05/06/2008|17:13] C:\Program Files\Windows Sidebar
[20/02/2009|14:56] C:\Program Files\WowCartographe

--------------------\\ Listing des dossiers dans C:\Program Files\Common Files

[27/01/2009|09:05] C:\Program Files\Common Files\Adobe
[12/02/2009|21:19] C:\Program Files\Common Files\Apple
[17/02/2009|16:30] C:\Program Files\Common Files\Blizzard Entertainment
[05/06/2008|07:50] C:\Program Files\Common Files\DESIGNER
[12/02/2009|21:34] C:\Program Files\Common Files\DVDVideoSoft
[05/06/2008|07:33] C:\Program Files\Common Files\InstallShield
[06/02/2009|17:31] C:\Program Files\Common Files\LogiShrd
[12/02/2009|08:43] C:\Program Files\Common Files\Logitech
[05/06/2008|07:41] C:\Program Files\Common Files\Macrovision Shared
[18/02/2009|14:56] C:\Program Files\Common Files\microsoft shared
[05/06/2008|07:43] C:\Program Files\Common Files\Nero
[02/11/2006|12:18] C:\Program Files\Common Files\Services
[01/02/2009|20:06] C:\Program Files\Common Files\Skype
[02/11/2006|12:18] C:\Program Files\Common Files\SpeechEngines
[08/03/2009|12:23] C:\Program Files\Common Files\Steam
[13/02/2009|10:57] C:\Program Files\Common Files\Symantec Shared
[05/06/2008|17:13] C:\Program Files\Common Files\System
[20/01/2009|17:48] C:\Program Files\Common Files\Windows Live

--------------------\\ Process

( 85 Processes )

iexplore.exe ~ [PID:2852]
iexplore.exe ~ [PID:2872]
iexplore.exe ~ [PID:4656]

--------------------\\ Recherche avec S_Lop

C:\ProgramData\onespamspam.pz1c7
C:\ProgramData\onespamspam.gdn027
C:\ProgramData\browse nurb close.cr4e0ap

--------------------\\ Recherche de Fichiers / Dossiers Lop

C:\ProgramData\two setup mode load
C:\ProgramData\two setup mode load\second internet.dat
C:\ProgramData\two setup mode load\second internet.exe
C:\Program Files\Circle Developement
C:\Program Files\Circle Developement\Uninstall.exe

--------------------\\ Verification du Registre

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Move Junk"="\"C:\\ProgramData\\onespamspam.pz1c7\""
"Mode Load Mpeg Less"="\"C:\\ProgramData\\browse nurb close.cr4e0ap\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

--------------------\\ Verification du fichier Hosts

Fichier Hosts PROPRE

--------------------\\ Recherche de fichiers avec Catchme

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-03-09 12:11:03
Windows 6.0.6001 Service Pack 1 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0

--------------------\\ Recherche d'autres infections

--------------------\\ Cracks & Keygens ..

C:\Users\Rauks\Favorites\Dailymotion - Steam keygen. TOUS LES JEUX STEAM !, une vid‚o de x-h4x0or. steam, cs1.6, czz, css, game.url

[F:110][D:22]-> C:\Users\Rauks\AppData\Local\Temp
[F:107][D:1]-> C:\Users\Rauks\AppData\Roaming\MICROS~1\Windows\Cookies
[F:847][D:6]-> C:\Users\Rauks\AppData\Local\MICROS~1\Windows\TEMPOR~1\content.IE5
[F:6][D:2]-> C:\$Recycle.Bin

1 - "C:\Lop SD\LopR_1.txt" - 09/03/2009|12:12 - Option : [1]

--------------------\\ Fin du rapport a 12:12:04
[ UAC => 1 ]

Répondre à rauks

Relance Lop S&D.

(Sous Vista, il faut cliquer droit sur Lop S&D et choisir Exécuter en tant qu'administrateur)

Choisis cette fois-ci l'option 2 (Suppression).
Ne ferme pas la fenêtre lors de la suppression !
Poste le rapport généré (C:\lopR.txt).

(Si le Bureau ne réapparaît pas, presse Ctrl+Alt+Suppr, Onglet Fichier, Nouvelle tâche, tape explorer.exe et valide)

Répondre à Destrio5

Voila le rapport

--------------------\\ Lop S&D 4.2.5-0 XP/Vista

Microsoft® Windows Vista™ Édition Familiale Premium ( v6.0.6001 ) Service Pack 1
X86-based PC ( Multiprocessor Free : Intel(R) Core(TM)2 Quad CPU Q9300 @ 2.50GHz )
BIOS : Phoenix - AwardBIOS v6.00PG
USER : Rauks ( Administrator )
BOOT : Normal boot
C:\ (Local Disk) - NTFS - Total:453 Go (Free:350 Go)
D:\ (CD or DVD)
E:\ (USB)
F:\ (USB)
G:\ (USB)
H:\ (USB)

"C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
Option : [2] ( 09/03/2009|13:20 )

[ UAC => 1 ]

\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION

Supprime! - C:\ProgramData\two setup mode load\second internet.dat
Supprime! - C:\ProgramData\two setup mode load\second internet.exe
Supprime! - C:\Program Files\Circle Developement\Uninstall.exe
Supprime! - C:\ProgramData\onespamspam.pz1c7
Supprime! - C:\ProgramData\onespamspam.gdn027
Supprime! - C:\ProgramData\browse nurb close.cr4e0ap
Supprime! - C:\ProgramData\two setup mode load
Supprime! - C:\Program Files\Circle Developement
-
[ Fichier Hosts ] .. Restaure!

\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\

--------------------\\ Listing des dossiers dans Local

[27/01/2009|08:52] C:\Users\Rauks\AppData\Local\Adobe
[15/02/2009|20:35] C:\Users\Rauks\AppData\Local\Ahead
[12/02/2009|21:17] C:\Users\Rauks\AppData\Local\Apple
[01/03/2009|13:12] C:\Users\Rauks\AppData\Local\Apple Computer
[20/01/2009|16:10] C:\Users\Rauks\AppData\Local\Application Data
[03/02/2009|07:11] C:\Users\Rauks\AppData\Local\d3d9caps.dat
[20/01/2009|17:37] C:\Users\Rauks\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[20/01/2009|21:27] C:\Users\Rauks\AppData\Local\DNA
[12/02/2009|08:42] C:\Users\Rauks\AppData\Local\Downloaded Installations
[20/01/2009|16:16] C:\Users\Rauks\AppData\Local\GDIPFONTCACHEV1.DAT
[08/03/2009|19:31] C:\Users\Rauks\AppData\Local\Google
[20/01/2009|16:10] C:\Users\Rauks\AppData\Local\Historique
[08/03/2009|20:59] C:\Users\Rauks\AppData\Local\IconCache.db
[27/01/2009|19:48] C:\Users\Rauks\AppData\Local\Microsoft
[02/02/2009|12:37] C:\Users\Rauks\AppData\Local\Microsoft Games
[20/01/2009|16:58] C:\Users\Rauks\AppData\Local\Mozilla
[13/02/2009|09:59] C:\Users\Rauks\AppData\Local\Packard Bell
[09/03/2009|13:20] C:\Users\Rauks\AppData\Local\Temp
[20/01/2009|16:10] C:\Users\Rauks\AppData\Local\Temporary Internet Files
[06/02/2009|17:31] C:\Users\Rauks\AppData\Local\VirtualStore

--------------------\\ Tâches planifiées dans C:\Windows\tasks

[09/03/2009 13:00][--a------] C:\Windows\tasks\Extension de garantie-Rauks.job
[09/03/2009 13:00][--a------] C:\Windows\tasks\Recovery DVD Creator-Rauks.job
[09/03/2009 09:39][--ah-----] C:\Windows\tasks\SA.DAT
[08/03/2009 20:59][--a------] C:\Windows\tasks\SCHEDLGU.TXT

--------------------\\ Listing des dossiers dans C:\ProgramData

[12/02/2009|21:19] C:\ProgramData\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
[27/01/2009|09:05] C:\ProgramData\Adobe
[12/02/2009|21:17] C:\ProgramData\Apple
[12/02/2009|21:19] C:\ProgramData\Apple Computer
[02/11/2006|14:02] C:\ProgramData\Application Data
[19/02/2009|09:05] C:\ProgramData\Blizzard
[20/01/2009|16:06] C:\ProgramData\Bureau
[15/02/2009|10:59] C:\ProgramData\Carbonite
[02/11/2006|14:02] C:\ProgramData\Desktop
[02/11/2006|14:02] C:\ProgramData\Documents
[22/01/2009|20:53] C:\ProgramData\eMule
[01/02/2009|20:08] C:\ProgramData\ezsidmv.dat
[20/01/2009|16:06] C:\ProgramData\Favoris
[02/11/2006|14:02] C:\ProgramData\Favorites
[08/03/2009|19:31] C:\ProgramData\Google
[12/02/2009|08:37] C:\ProgramData\Logishrd
[06/02/2009|17:24] C:\ProgramData\Logitech
[20/01/2009|16:06] C:\ProgramData\Menu D‚marrer
[13/02/2009|08:34] C:\ProgramData\Messenger Plus!
[18/02/2009|14:58] C:\ProgramData\Microsoft
[20/01/2009|21:29] C:\ProgramData\Microsoft Help
[20/01/2009|16:06] C:\ProgramData\ModŠles
[05/06/2008|07:43] C:\ProgramData\Nero
[20/01/2009|17:40] C:\ProgramData\NVIDIA
[12/02/2009|21:41] C:\ProgramData\PARTMAILFORK
[21/02/2009|13:31] C:\ProgramData\rkfree
[05/06/2008|07:53] C:\ProgramData\Skype
[02/11/2006|14:02] C:\ProgramData\Start Menu
[13/02/2009|10:04] C:\ProgramData\Symantec
[19/02/2009|09:20] C:\ProgramData\TEMP
[02/11/2006|14:02] C:\ProgramData\Templates
[07/02/2009|10:38] C:\ProgramData\WindowsSearch

--------------------\\ Listing des dossiers dans C:\Program Files

[27/01/2009|09:05] C:\Program Files\Adobe
[13/02/2009|09:09] C:\Program Files\Alwil Software
[12/02/2009|21:17] C:\Program Files\Apple Software Update
[20/01/2009|21:26] C:\Program Files\AskBarDis
[20/01/2009|21:27] C:\Program Files\BitTorrent
[15/02/2009|19:32] C:\Program Files\Bonjour
[15/02/2009|10:59] C:\Program Files\Carbonite
[08/03/2009|15:25] C:\Program Files\CCleaner
[17/02/2009|16:29] C:\Program Files\Common Files
[20/01/2009|21:27] C:\Program Files\DNA
[19/02/2009|09:25] C:\Program Files\Dofus
[12/02/2009|21:34] C:\Program Files\DVDVideoSoft
[20/01/2009|16:06] C:\Program Files\Fichiers communs [C:\Program Files\Common Files]
[08/03/2009|19:47] C:\Program Files\Google
[05/06/2008|07:37] C:\Program Files\HDReg
[09/03/2009|10:50] C:\Program Files\iNetFormFiller Trial
[06/02/2009|17:26] C:\Program Files\InstallShield Installation Information
[12/02/2009|21:18] C:\Program Files\Internet Explorer
[12/02/2009|21:19] C:\Program Files\iPod
[12/02/2009|21:19] C:\Program Files\iTunes
[03/02/2009|21:11] C:\Program Files\Java
[03/02/2009|21:12] C:\Program Files\LimeWire
[06/02/2009|17:27] C:\Program Files\Logitech
[12/02/2009|21:37] C:\Program Files\Messenger Plus! Live
[20/01/2009|21:36] C:\Program Files\Microsoft
[02/11/2006|13:37] C:\Program Files\Microsoft Games
[28/02/2009|19:26] C:\Program Files\Microsoft Office
[05/06/2008|07:53] C:\Program Files\Microsoft Office Suite Activation Assistant
[27/02/2009|22:22] C:\Program Files\Microsoft Silverlight
[18/02/2009|14:57] C:\Program Files\Microsoft SQL Server Compact Edition
[18/02/2009|14:59] C:\Program Files\Microsoft Sync Framework
[05/06/2008|07:50] C:\Program Files\Microsoft Works
[05/06/2008|07:49] C:\Program Files\Microsoft.NET
[05/06/2008|17:13] C:\Program Files\Movie Maker
[20/01/2009|17:40] C:\Program Files\Mozilla Firefox
[02/11/2006|13:37] C:\Program Files\MSBuild
[20/01/2009|16:34] C:\Program Files\MSXML 4.0
[20/02/2009|13:13] C:\Program Files\Mumble
[05/06/2008|07:43] C:\Program Files\Nero
[05/06/2008|07:44] C:\Program Files\NeroInstall.bak
[05/06/2008|07:53] C:\Program Files\Packard Bell
[21/01/2009|17:24] C:\Program Files\PhotoFiltre
[12/02/2009|21:18] C:\Program Files\QuickTime
[05/06/2008|07:33] C:\Program Files\Realtek
[02/11/2006|13:37] C:\Program Files\Reference Assemblies
[08/03/2009|19:50] C:\Program Files\RKFree
[15/02/2009|19:41] C:\Program Files\Safari
[05/06/2008|07:38] C:\Program Files\Seagate
[05/06/2008|07:53] C:\Program Files\Skype
[18/02/2009|16:59] C:\Program Files\SoftInform
[20/01/2009|19:00] C:\Program Files\Teamspeak2_RC2
[02/11/2006|14:01] C:\Program Files\Uninstall Information
[20/01/2009|18:17] C:\Program Files\Valve
[20/01/2009|17:50] C:\Program Files\VideoLAN
[09/02/2009|17:54] C:\Program Files\Wakfu
[05/06/2008|17:13] C:\Program Files\Windows Calendar
[05/06/2008|17:13] C:\Program Files\Windows Collaboration
[05/06/2008|17:13] C:\Program Files\Windows Defender
[05/06/2008|17:13] C:\Program Files\Windows Journal
[18/02/2009|14:59] C:\Program Files\Windows Live
[20/01/2009|18:01] C:\Program Files\Windows Live SkyDrive
[12/02/2009|08:39] C:\Program Files\Windows Mail
[05/06/2008|17:13] C:\Program Files\Windows Media Player
[20/01/2009|16:06] C:\Program Files\Windows NT
[05/06/2008|17:13] C:\Program Files\Windows Photo Gallery
[05/06/2008|17:13] C:\Program Files\Windows Sidebar
[20/02/2009|14:56] C:\Program Files\WowCartographe

--------------------\\ Listing des dossiers dans C:\Program Files\Common Files

[27/01/2009|09:05] C:\Program Files\Common Files\Adobe
[12/02/2009|21:19] C:\Program Files\Common Files\Apple
[17/02/2009|16:30] C:\Program Files\Common Files\Blizzard Entertainment
[05/06/2008|07:50] C:\Program Files\Common Files\DESIGNER
[12/02/2009|21:34] C:\Program Files\Common Files\DVDVideoSoft
[05/06/2008|07:33] C:\Program Files\Common Files\InstallShield
[06/02/2009|17:31] C:\Program Files\Common Files\LogiShrd
[12/02/2009|08:43] C:\Program Files\Common Files\Logitech
[05/06/2008|07:41] C:\Program Files\Common Files\Macrovision Shared
[18/02/2009|14:56] C:\Program Files\Common Files\microsoft shared
[05/06/2008|07:43] C:\Program Files\Common Files\Nero
[02/11/2006|12:18] C:\Program Files\Common Files\Services
[01/02/2009|20:06] C:\Program Files\Common Files\Skype
[02/11/2006|12:18] C:\Program Files\Common Files\SpeechEngines
[08/03/2009|12:23] C:\Program Files\Common Files\Steam
[13/02/2009|10:57] C:\Program Files\Common Files\Symantec Shared
[05/06/2008|17:13] C:\Program Files\Common Files\System
[20/01/2009|17:48] C:\Program Files\Common Files\Windows Live

--------------------\\ Process

( 84 Processes )

... OK !

--------------------\\ Recherche avec S_Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Recherche de Fichiers / Dossiers Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Verification du Registre

..... OK !

--------------------\\ Verification du fichier Hosts

Fichier Hosts PROPRE

--------------------\\ Recherche de fichiers avec Catchme

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-03-09 13:21:14
Windows 5.1.2600 Service Pack 2 NTFS
detected NTDLL code modification:
ZwEnumerateKey, ZwQueryKey, ZwOpenKey, ZwClose, ZwEnumerateValueKey, ZwQueryValueKey, ZwOpenFile, ZwQueryDirectoryFile, ZwQuerySystemInformation
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0

--------------------\\ Recherche d'autres infections

--------------------\\ Cracks & Keygens ..

C:\Users\Rauks\Favorites\Dailymotion - Steam keygen. TOUS LES JEUX STEAM !, une vid‚o de x-h4x0or. steam, cs1.6, czz, css, game.url

[F:113][D:23]-> C:\Users\Rauks\AppData\Local\Temp
[F:114][D:1]-> C:\Users\Rauks\AppData\Roaming\MICROS~1\Windows\Cookies
[F:856][D:6]-> C:\Users\Rauks\AppData\Local\MICROS~1\Windows\TEMPOR~1\content.IE5
[F:6][D:2]-> C:\$Recycle.Bin

1 - "C:\Lop SD\LopR_1.txt" - 09/03/2009|12:12 - Option : [1]
2 - "C:\Lop SD\LopR_2.txt" - 09/03/2009|13:22 - Option : [2]

--------------------\\ Fin du rapport a 13:22:13
[ UAC => 1 ]

Répondre à rauks

Télécharge Toolbar S&D (Team IDN) sur ton Bureau.
Lance l'installation du programme en exécutant le fichier téléchargé.
Double-clique maintenant sur le raccourci de Toolbar S&D.

(Sous Vista, il faut cliquer droit sur le raccourci de Toolbar S&D et choisir Exécuter en tant qu'administrateur)

Sélectionne la langue souhaitée en tapant la lettre de ton choix puis en validant avec la touche Entrée.
Choisis maintenant l'option 1 (Recherche). Patiente jusqu'à la fin de la recherche.
Poste le rapport généré. (C:\TB.txt)

Répondre à Destrio5

Forum Sécurité - Virus : Probleme Pub Cid

Attention