|
| alix5 |  Posté le 27/08/2011 @ 03:07 |
Petit astucien
4 Messages
| Bonsoir !
Je rencontre actuelement un probleme un peu genant , en effet a chaque fois que j'ouvre une page internet via mon navigateur j'ai systematique une pub spam qui s'ouvre .. ( offre promo ect ... )
Voilou j'aimerai bien m'en debarasser rapidement ( et par la même occasion verifier si y'a rien d'autre de suspect dans mon pc )
Merci d'avance a vous ! ( j'attend vos consignes a propos d'eventuel rapport a founir ) |
| |
| |
| Publicité |
|
|
| mipierre | Posté le 27/08/2011 à 08:46 |
 Maître astucien
10010 Messages
| |
| |
|
| alix5 | Posté le 27/08/2011 à 18:14 |
Petit astucien
4 Messages
| |
| |
|
| Evasion60 | Posté le 27/08/2011 à 18:26 |
 Groupe Sécurité
23891 Messages
|  Bonsoir, et bienvenue sur PCA Sécurité
Je regarde ton rapport
Il me manque le rapport de MBAM
@+  |
| |
|
| Evasion60 | Posté le 27/08/2011 à 18:35 |
Groupe Sécurité
23891 Messages
| Re
Rien que ça 
PROCESSUS MALWARE (Rootkit, trojan, ver, spyware, adware,...)
M3 - MFPP: Plugins - [Alix] -- C:\Program Files\Mozilla FireFox\searchplugins\iMeshWebSearch.xml => Infection PUP (PUP.iMesh)
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://search.babylon.com => Infection BT (Toolbar.Babylon)
O2 - BHO: vShare Plugin - {043C5167-00BB-4324-AF7E-62013FAEDACF} . (...) -- C:\Program Files\vShare\vshare_toolbar.dll => Infection BT (Parasite.Pugi)
O2 - BHO: ShoppingReport2 - {258C9770-1713-4021-8D7E-1F184A2BD754} . (.SmartShopper Networks - Pas de description.) -- C:\Program Files\ShoppingReport2\Bin\2.7.37\ShoppingReport.dll => Infection BT (Adware.ShoppingReports)
O3 - Toolbar: vShare Plugin - {043C5167-00BB-4324-AF7E-62013FAEDACF} . (...) -- C:\Program Files\vShare\vshare_toolbar.dll => Infection BT (Parasite.Pugi)
O9 - Extra button: &Ajout Direct dans Windows Live Writer - {DB38E21A-0133-419d-92AD-ECDFD5244D6D} . (.SmartShopper Networks - Pas de description.) -- C:\Program Files\ShoppingReport2\Bin\2.7.37\ShoppingReport.dll => Infection BT (Adware.ShoppingReports)
O9 - Extra button: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} . (.SmartShopper Networks - Pas de description.) -- C:\Program Files\ShoppingReport2\Bin\2.7.37\ShoppingReport.dll => Infection BT (Adware.ShoppingReports)
O9 - Extra button: @xpsp3res.dll,-20001 - {EB620C54-E229-4942-87CE-E717109FC8C6} . (.SmartShopper Networks - Pas de description.) -- C:\Program Files\ShoppingReport2\Bin\2.7.37\ShoppingReport.dll => Infection BT (Adware.ShoppingReports)
O18 - Handler: vsharechrome - {3F3A4B8A-86FC-43A4-BB00-6D7EBE9D4484} . (...) -- C:\Program Files\vShare\vshare_toolbar.dll => Infection BT (Parasite.Pugi)
O42 - Logiciel: ShopperReports - (.ShopperReports.) [HKLM] -- ShoppingReport2 => Infection BT (Adware.Hotbar)
O42 - Logiciel: vShare Plugin - (.Pas de propriétaire.) [HKLM] -- vShare => Infection BT (Parasite.Pugi)
[HKCU\Software\Datamngr] => Infection PUP (Adware.Bandoo)
[HKCU\Software\ShoppingReport2] => Infection BT (Adware.ShoppingReports)
[HKCU\Software\Zugo] => Infection Diverse (Adware.Zugo)
[HKCU\Software\clickpotatolitesa] => Infection BT (Adware.ClickPotato)
[HKCU\Software\iMesh] => Infection PUP (PUP.iMesh)
[HKCU\Software\vShare] => Infection BT (Parasite.Pugi)
[HKLM\Software\ClickPotatoLite] => Infection BT (Adware.ClickPotato)
O43 - CFD: 14/01/2011 - 15:28:00 - [773] ----D- C:\Program Files\ClickPotatoLite => Infection BT (Adware.ClickPotato)
O43 - CFD: 21/06/2011 - 19:53:26 - [1233025] ----D- C:\Program Files\ShoppingReport2 => Infection BT (Adware.ShoppingReports)
O43 - CFD: 22/02/2011 - 23:11:42 - [1406148] ----D- C:\Program Files\vShare => Infection BT (Parasite.Pugi)
O43 - CFD: 09/05/2011 - 08:52:06 - [0] ----D- C:\Documents and Settings\Alix\Application Data\BabylonToolbar => Infection BT (Toolbar.Babylon)
O43 - CFD: 14/01/2011 - 15:28:00 - [0] ----D- C:\Documents and Settings\Alix\Application Data\ClickPotatoLite => Infection BT (Adware.ClickPotato)
O43 - CFD: 07/06/2011 - 10:46:08 - [0] RSH-D- C:\Documents and Settings\Alix\Application Data\E-73473-3674-74335 => Infection FakeAlert (Trojan.FakeAlert)
O43 - CFD: 26/08/2011 - 22:08:28 - [1757072] ----D- C:\Documents and Settings\Alix\Application Data\ShoppingReport2 => Infection BT (Adware.ShoppingReports)
O43 - CFD: 24/02/2011 - 14:41:50 - [11964] ----D- C:\Documents and Settings\Alix\Application Data\vShare => Infection BT (Parasite.Pugi)
O43 - CFD: 15/05/2011 - 20:03:28 - [33981833] ----D- C:\Documents and Settings\Alix\Local Settings\Application Data\iMesh => Infection PUP (PUP.iMesh)
O47 - AAKE:Key Export DP - "C:\Program Files\iMesh Applications\iMesh\iMesh.exe" [Enabled] .(...) -- C:\Program Files\iMesh Applications\iMesh\iMesh.exe (.not file.) => Infection PUP (PUP.iMesh)
O69 - SBI: SearchScopes [HKCU] {043C5167-00BB-4324-AF7E-62013FAEDACF} - (Web Search...) - http://vshare.toolbarhome.com => Infection BT (Parasite.Pugi)
O69 - SBI: SearchScopes [HKCU] {1F096B29-E9DA-4D64-8D63-936BE7762CC5} - (Search the web (Babylon)) - http://search.babylon.com => Infection BT (Toolbar.Babylon)
O69 - SBI: SearchScopes [HKCU] {9BB47C17-9C68-4BB3-B188-DD9AF0FD2A59} [DefaultScope] - (Web Search) - http://search.imesh.com => Infection PUP (PUP.iMesh)
[HKLM\Software\Classes\PROTOCOLS\Handler\vsharechrome] => Infection BT (Parasite.Pugi)
[HKUS\.DEFAULT\Software\settings] => Infection Diverse (Trojan.Lavandos)
[HKLM\Software\Classes\AppID\iMesh.exe] => Infection PUP (PUP.iMesh)
[HKLM\Software\Classes\AppID\MenuButtonIE.DLL] => Infection BT (Adware.BHO)
[HKLM\Software\Classes\clickpotatoliteax.info] => Infection BT (Adware.ClickPotato)
[HKLM\Software\Classes\clickpotatoliteax.info.1] => Infection BT (Adware.ClickPotato)
[HKLM\Software\Classes\clickpotatoliteax.userprofiles] => Infection BT (Adware.ClickPotato)
[HKLM\Software\Classes\clickpotatoliteax.userprofiles.1] => Infection BT (Adware.ClickPotato)
[HKLM\Software\Classes\iMesh.LauncherEventHandler] => Infection PUP (PUP.iMesh)
[HKLM\Software\Classes\iMesh.LauncherEventHandler.1] => Infection PUP (PUP.iMesh)
[HKLM\Software\Classes\MenuButtonIE.ButtonIE] => Infection BT (Adware.ClickPotato)
[HKLM\Software\Classes\MenuButtonIE.ButtonIE.1] => Infection BT (Adware.ClickPotato)
[HKLM\Software\Classes\ShoppingReport2.HbAx] => Infection BT (Adware.ShoppingReport2)
[HKLM\Software\Classes\ShoppingReport2.HbAx.1] => Infection BT (Adware.ShoppingReport2)
[HKLM\Software\Classes\ShoppingReport2.HbInfoBand] => Infection BT (Adware.ShoppingReport2)
[HKLM\Software\Classes\ShoppingReport2.HbInfoBand.1] => Infection BT (Adware.ShoppingReport2)
[HKLM\Software\Classes\ShoppingReport2.IEButton] => Infection BT (Adware.ShoppingReport2)
[HKLM\Software\Classes\ShoppingReport2.IEButton.1] => Infection BT (Adware.ShoppingReport2)
[HKLM\Software\Classes\ShoppingReport2.IEButtonA] => Infection BT (Adware.ShoppingReport2)
[HKLM\Software\Classes\ShoppingReport2.IEButtonA.1] => Infection BT (Adware.ShoppingReport2)
[HKLM\Software\Classes\ShoppingReport2.RprtCtrl] => Infection BT (Adware.ShoppingReport2)
[HKLM\Software\Classes\ShoppingReport2.RprtCtrl.1] => Infection BT (Adware.ShoppingReport2)
[HKLM\Software\Classes\vShare.IMedixProtocol] => Infection BT (Parasite.Pugi)
[HKLM\Software\Classes\vShare.IMedixProtocol.1] => Infection BT (Parasite.Pugi)
[HKLM\Software\Classes\vShare.PugiObj] => Infection BT (Parasite.Pugi)
[HKLM\Software\Classes\vShare.PugiObj.1] => Infection BT (Parasite.Pugi)
[HKLM\Software\Classes\vShare.ScriptHelpers] => Infection BT (Parasite.Pugi)
[HKLM\Software\Classes\vShare.ScriptHelpers.1] => Infection BT (Parasite.Pugi)
[HKLM\Software\Classes\Interface\{030C9927-10FC-4169-97A2-55BECD5D88D8}] => Infection PUP (Adware.SmartShopper)
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{043C5167-00BB-4324-AF7E-62013FAEDACF}] => Infection BT (Parasite.Pugi)
[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{043C5167-00BB-4324-AF7E-62013FAEDACF}] => Infection BT (Parasite.Pugi)
[HKLM\Software\Classes\CLSID\{043C5167-00BB-4324-AF7E-62013FAEDACF}] => Infection BT (Parasite.Pugi)
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{043C5167-00BB-4324-AF7E-62013FAEDACF}] => Infection BT (Parasite.Pugi)
[HKLM\Software\Classes\Interface\{0EB3F101-224A-4B2B-9E5B-DF720857529C}] => Infection PUP (Adware.ShoppingReport2)
[HKLM\Software\Classes\CLSID\{1602F07D-8BF3-4c08-BDD6-DDDB1C48AEDC}] => Infection BT (Adware.ClickPotato)
[HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1602F07D-8BF3-4c08-BDD6-DDDB1C48AEDC}] => Infection BT (Adware.ClickPotato)
[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{1F096B29-E9DA-4D64-8D63-936BE7762CC5}] => Infection BT (Toolbar.Babylon)
[HKLM\Software\Classes\Interface\{20ED5AF7-D9C4-409E-9EB3-D2A44A77FB6D}] => Infection BT (Adware.BHO)
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{258c9770-1713-4021-8d7e-1f184a2bd754}] => Infection BT (Adware.SmartShopper)
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{258c9770-1713-4021-8d7e-1f184a2bd754}] => Infection BT (Adware.SmartShopper)
[HKLM\Software\Classes\CLSID\{258c9770-1713-4021-8d7e-1f184a2bd754}] => Infection BT (Adware.SmartShopper)
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{258c9770-1713-4021-8d7e-1f184a2bd754}] => Infection BT (Adware.SmartShopper)
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{28387537-e3f9-4ed7-860c-11e69af4a8a0}] => Infection PUP (PUP.iMesh)
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4a99-B4B6-146BF802613B}] => Infection BT (Toolbar.Babylon)
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4a99-B4B6-146BF802613B}] => Infection BT (Toolbar.Babylon)
[HKLM\Software\Classes\CLSID\{2EECD738-5844-4a99-B4B6-146BF802613B}] => Infection BT (Toolbar.Babylon)
[HKLM\Software\Classes\CLSID\{3E2DFD6A-4E20-4D4C-AA8B-E1F9DBEF3C80}] => Infection BT (Adware.SmartShopper)
[HKLM\Software\Classes\TypeLib\{3E315C81-442B-431C-AEC8-ED189699EC24}] => Infection PUP (PUP.OfferBox)
[HKLM\Software\Classes\CLSID\{3F3A4B8A-86FC-43A4-BB00-6D7EBE9D4484}] => Infection BT (Parasite.Pugi)
[HKLM\Software\Classes\Interface\{419EDA30-6DFF-432C-B534-E15D899ABEE4}] => Infection BT (Adware.ClickPotato)
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{474597C5-AB09-49d6-A4D5-2E8D7341384E}] => Infection PUP (PUP.iMesh)
[HKLM\Software\Classes\CLSID\{714E0876-FCEE-49CE-A429-B9AD8AEFCB56}] => Infection BT (Adware.SmartShopper)
[HKLM\Software\Classes\CLSID\{7A3D6D17-9DD5-4C60-8076-D1784DABAF8C}] => Infection BT (Adware.ClickPotato)
[HKLM\Software\Classes\AppID\{969D2C61-9B16-407c-86B7-397BF4579BE6}] => Infection PUP (PUP.iMesh)
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{98889811-442D-49dd-99D7-DC866BE87DBC}] => Infection BT (Toolbar.Babylon)
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49dd-99D7-DC866BE87DBC}] => Infection BT (Toolbar.Babylon)
[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9bb47c17-9c68-4bb3-b188-dd9af0fd2a59}] => Infection PUP (PUP.iMesh)
[HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{9bb47c17-9c68-4bb3-b188-dd9af0fd2a59}] => Infection PUP (PUP.iMesh)
[HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A078F691-9C07-4AF2-BF43-35E79EECF8B7}] => Infection BT (Adware.Softomate)
[HKLM\Software\Classes\Interface\{a1f1ecd3-4806-44c6-a869-f0dadf11c57c}] => Infection BT (Adware.SmartShopper)
[HKLM\Software\Classes\CLSID\{AC6D819E-AA8F-4418-A3BB-D165C1B18BB5}] => Infection BT (Adware.ClickPotato)
[HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{AC6D819E-AA8F-4418-A3BB-D165C1B18BB5}] => Infection BT (Adware.ClickPotato)
[HKLM\Software\Classes\TypeLib\{b035ba6b-57cd-4f72-b545-65be465fcaf6}] => Infection BT (Adware.ShoppingReport2)
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B58926D6-CFB0-45D2-9C28-4B5A0F0368AE}] => Infection BT (Adware.ClickPotato)
[HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B58926D6-CFB0-45D2-9C28-4B5A0F0368AE}] => Infection BT (Adware.ClickPotato)
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BDEA95CF-F0E6-41E0-BD3D-B00F39A4E939}] => Infection BT (Adware.ShoppingReport2)
[HKCU\Software\Microsoft\Internet Explorer\Explorer Bars\{BDEA95CF-F0E6-41E0-BD3D-B00F39A4E939}] => Infection BT (Adware.SmartShopper)
[HKLM\Software\Classes\CLSID\{BDEA95CF-F0E6-41E0-BD3D-B00F39A4E939}] => Infection BT (Adware.SmartShopper)
[HKLM\Software\Classes\AppID\{d2083641-e57f-4eab-bb85-0582424f4a29}] => Infection BT (Adware.ClickPotato)
[HKLM\Software\Classes\TypeLib\{D44FD6F0-9746-484E-B5C4-C66688393872}] => Infection BT (Adware.ShoppingReport2)
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DB38E21A-0133-419d-92AD-ECDFD5244D6D}] => Infection BT (Adware.ShoppingReport2)
[HKLM\Software\Microsoft\Internet Explorer\extensions\{DB38E21A-0133-419d-92AD-ECDFD5244D6D}] => Infection BT (Adware.ShoppingReport2)
[HKLM\Software\Classes\CLSID\{DD15BCC0-5FE9-4690-A957-99FA60ED9D26}] => Infection BT (Adware.SmartShopper)
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EB620C54-E229-4942-87CE-E717109FC8C6}] => Infection BT (Adware.ShopperReports)
[HKLM\Software\Microsoft\Internet Explorer\extensions\{EB620C54-E229-4942-87CE-E717109FC8C6}] => Infection BT (Adware.ShopperReports)
[HKLM\Software\Classes\TypeLib\{f244a744-534d-4a46-855f-c0c7e9f27daa}] => Infection BT (Adware.SmartShopper)
[HKCU\Software\DataMngr] => Infection PUP (Adware.Bandoo)
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\ShoppingReport2] => Infection Diverse (Possible)
[HKLM\Software\Mozilla\Firefox\Extensions]:ClickPotatoLite@ClickPotatoLite.com => Infection BT (Adware.ClickPotato)
C:\Program Files\ClickPotatoLite => Infection BT (Adware.ClickPotato)
C:\Program Files\ShoppingReport2 => Infection BT (Adware.ShoppingReports)
C:\Program Files\vShare => Infection BT (Parasite.Pugi)
C:\Documents and Settings\Alix\Application Data\BabylonToolbar => Infection BT (Toolbar.Babylon)
C:\Documents and Settings\Alix\Application Data\ClickPotatoLite => Infection BT (Adware.ClickPotato)
C:\Documents and Settings\Alix\Application Data\ShoppingReport2 => Infection BT (Adware.ShoppingReports)
C:\Documents and Settings\Alix\Application Data\vShare => Infection BT (Parasite.Pugi)
C:\Documents and Settings\Alix\Local Settings\Application Data\iMesh => Infection PUP (PUP.iMesh)
C:\Program Files\Mozilla Firefox\searchplugins\iMeshWebSearch.xml => Infection PUP (PUP.iMesh)
- Télécharge Ad Remover d'El Desaparecido , C_XX & Chimay8 sur ton Bureau. Autre lien de téléchargement possible.
Double-clique sur l'outil pour l'exécuter (Sous Vista ou windows 7, il faut faire un clic droit et l'exécuter en tant qu'administrateur),
- Lance la recherche et édite le rapport généré par l'outil dans ta prochaine réponse.
- Double-clique sur Ad Remover pour exécuter l'outil (ou clic droit>Exécuter en tant qu'administrateur sous Vista et windows 7),
- Lance le nettoyage et édite le rapport généré par l'outil dans ta prochaine réponse.
A te lire avec les rapports demandés |
| |
|
| alix5 | Posté le 27/08/2011 à 19:01 |
Petit astucien
4 Messages
| |
| |
| |
| Publicité |
|
|
|
| alix5 | Posté le 27/08/2011 à 19:03 |
Petit astucien
4 Messages
| Bonjour !
Désolé le rapport Malwarebytes etait un peu long a faire , merci pour les consignes je fais ca desuite  |
| |
|
| alix5 | Posté le 27/08/2011 à 19:06 |
Petit astucien
4 Messages
| |
| |
|
| alix5 | Posté le 27/08/2011 à 19:07 |
Petit astucien
4 Messages
| ( Le rapport MBAM aprés suppression ) |
| |
|
| alix5 | Posté le 27/08/2011 à 19:09 |
Petit astucien
4 Messages
| |
| |
|
| alix5 | Posté le 27/08/2011 à 19:16 |
Petit astucien
4 Messages
| Fichier joint : Ad-Report-CLEAN[1].txt
Merci pour l'aide  Modifié par alix5 le 27/08/2011 19:19 |
| |
| |
| Publicité |
|
|
|
| Evasion60 | Posté le 27/08/2011 à 19:24 |
Groupe Sécurité
23891 Messages
|  Re
Fichier joint : Ad-Report-CLEAN[1].txt
Désolé, j'ai pas le rapport
@+ |
| |
|
| alix5 | Posté le 27/08/2011 à 20:03 |
Petit astucien
4 Messages
| |
| |
|
| Evasion60 | Posté le 28/08/2011 à 18:04 |
Groupe Sécurité
23891 Messages
| Bonjour
Relance ZHPDiag, et héberge son nouveau rapport / STP
A te lire |
| |
|
| alix5 | Posté le 29/08/2011 à 00:30 |
Petit astucien
4 Messages
| Salut merci pour l'aide le rapport arrive :) |
| |
|
| alix5 | Posté le 29/08/2011 à 00:31 |
Petit astucien
4 Messages
| |
| |
| |
| Publicité |
|
|
|
| rodger94 | Posté le 29/08/2011 à 00:34 |
Petit astucien
48 Messages
| Pour les pubs sur internet,installe mozilla et met comme module complémentaire adblock-plus. |
| |
|
| Evasion60 | Posté le 29/08/2011 à 11:08 |
Groupe Sécurité
23891 Messages
| Bonjour
Désinstalle =>
c:\program files\imesh applications
Mais mon aide s'arrête ici, car pour Windows est exotique 
O4 - HKUS\S-1-5-18\..\RunOnce: [_nltide_3] rundll32 advpack.dll => Windows Version nLite non officielle
O4 - HKUS\S-1-5-18\..\RunOnce: [_nltide_3] rundll32 advpack.dll => Windows Version nLite non officielle
O4 - HKUS\S-1-5-20\..\RunOnce: [_nltide_3] rundll32 advpack.dll => Windows Version nLite non officielle
Je t'engage vivement soit de passer à Win7, soit d'acheter un XPPro avec licence
Bonne continuation |
| |
|
| Haut de la page |
Pub recurrente ...
À LA UNE
PRATIQUE
LOGITHÈQUE
TABLETTE ET MOBILE
SHOPPING
FONDS D'ÉCRAN
JEUX
FORUM
