Pop-up ''CID'' [Résolu]

slt,


Télécharge ceci: (by Moe) :

http://sosvirus.changelog.fr/Green_day/Lopxpsetup.exe

Double clic sur Lopxpsetup.exe pour lancer l'installation
Au menu, choisir l'option 1
Patienter jusqu'à que l'on demande d'appuyer sur une touche, appuyer !
Une rapport sera alors crée, à copie/colle en entier sur le forum.

ça ne marche pas, je double clik sur le fichier, je clik sur executé mais rien ne se passe,
aide moi !

ok

alors:


tu télécharge Lop S&D.exe sur ton Bureau.http://eric.71.mespages.googlepages.com/LopSD.exe

* Double-clique dessus pour lancer l'installation
* Puis double-clique sur le raccourci Lop S&D présent sur ton Bureau
* Séléctionne la langue souhaitée , puis choisis l'option 1 (Recherche)
* Patiente jusqu'à la fin du scan
* Poste le rapport généré (C:\lopR.txt)

J'ai ça :

--------------------\\ Lop S&D 4.2.4-5 XP/Vista

Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 2
X86-based PC ( Multiprocessor Free : Intel(R) Core(TM)2 Duo CPU E4500 @ 2.20GHz )
BIOS : Award Modular BIOS v6.00PG
USER : SnoOT ( Administrator )
BOOT : Normal boot
Antivirus : Avira AntiVir PersonalEdition 8.0.1.27 (Activated)
A:\ (USB)
C:\ (Local Disk) - NTFS - Total : 117 Go Free : 100 Go
D:\ (Local Disk) - NTFS - Total : 31 Go Free : 31 Go
E:\ (CD or DVD) - CDFS - Total : 0 Go Free : 0 Go

"C:\Lop SD" ( MAJ : 02-10-2008|23:42 )
Option : [1] ( 06/10/2008|19:35 )

--------------------\\ Listing des dossiers dans APPLIC~1

[02/10/2008|18:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ATI
[06/10/2008|14:25] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Avira
[02/10/2008|19:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Axis Readme Second Bat
[02/10/2008|19:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[02/10/2008|19:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[02/10/2008|21:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Skype
[05/10/2008|19:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy

[02/10/2008|17:52] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft

[02/10/2008|17:52] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

[02/10/2008|17:52] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

[02/10/2008|18:22] C:\DOCUME~1\SnoOT\APPLIC~1\Adobe
[02/10/2008|18:27] C:\DOCUME~1\SnoOT\APPLIC~1\ATI
[02/10/2008|19:30] C:\DOCUME~1\SnoOT\APPLIC~1\EoRezo
[02/10/2008|18:02] C:\DOCUME~1\SnoOT\APPLIC~1\Identities
[05/10/2008|18:19] C:\DOCUME~1\SnoOT\APPLIC~1\IEPro
[02/10/2008|18:09] C:\DOCUME~1\SnoOT\APPLIC~1\InstallShield
[04/10/2008|12:32] C:\DOCUME~1\SnoOT\APPLIC~1\Inter flaw
[02/10/2008|19:24] C:\DOCUME~1\SnoOT\APPLIC~1\ItsLabel
[02/10/2008|18:22] C:\DOCUME~1\SnoOT\APPLIC~1\Macromedia
[02/10/2008|19:24] C:\DOCUME~1\SnoOT\APPLIC~1\Microsoft
[02/10/2008|18:18] C:\DOCUME~1\SnoOT\APPLIC~1\Mozilla
[06/10/2008|19:26] C:\DOCUME~1\SnoOT\APPLIC~1\Skype
[06/10/2008|16:05] C:\DOCUME~1\SnoOT\APPLIC~1\skypePM
[03/10/2008|18:49] C:\DOCUME~1\SnoOT\APPLIC~1\Sun
[03/10/2008|18:49] C:\DOCUME~1\SnoOT\APPLIC~1\teamspeak2
[02/10/2008|18:20] C:\DOCUME~1\SnoOT\APPLIC~1\vlc
[02/10/2008|18:36] C:\DOCUME~1\SnoOT\APPLIC~1\WinRAR

--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks

[06/10/2008 14:05][--ah-----] C:\WINDOWS\tasks\SA.DAT
[05/08/2004 14:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini

--------------------\\ Listing des dossiers dans C:\Program Files

[02/10/2008|18:24] C:\Program Files\ATI Technologies
[02/10/2008|18:18] C:\Program Files\Avira
[04/10/2008|12:33] C:\Program Files\Circle Developement
[02/10/2008|17:49] C:\Program Files\ComPlus Applications
[02/10/2008|19:30] C:\Program Files\EoRezo
[04/10/2008|18:50] C:\Program Files\Fichiers communs
[05/10/2008|18:19] C:\Program Files\IEPro
[02/10/2008|18:21] C:\Program Files\InstallShield Installation Information
[02/10/2008|18:03] C:\Program Files\Intel
[02/10/2008|19:42] C:\Program Files\Inter flaw
[04/10/2008|14:04] C:\Program Files\Internet Explorer
[03/10/2008|18:46] C:\Program Files\Java
[06/10/2008|19:10] C:\Program Files\Lopxp
[02/10/2008|17:49] C:\Program Files\Messenger
[02/10/2008|19:41] C:\Program Files\Messenger Plus! Live
[02/10/2008|17:52] C:\Program Files\microsoft frontpage
[02/10/2008|19:23] C:\Program Files\Movie Maker
[06/10/2008|19:17] C:\Program Files\Mozilla Firefox
[02/10/2008|17:48] C:\Program Files\MSN
[02/10/2008|17:48] C:\Program Files\MSN Gaming Zone
[02/10/2008|19:41] C:\Program Files\MSN Messenger
[02/10/2008|17:50] C:\Program Files\NetMeeting
[02/10/2008|17:49] C:\Program Files\Online Services
[02/10/2008|19:23] C:\Program Files\Outlook Express
[04/10/2008|12:32] C:\Program Files\Panicware
[02/10/2008|18:09] C:\Program Files\Realtek
[02/10/2008|17:51] C:\Program Files\Services en ligne
[02/10/2008|21:46] C:\Program Files\Skype
[05/10/2008|19:12] C:\Program Files\Spybot - Search & Destroy
[06/10/2008|19:25] C:\Program Files\Steam
[03/10/2008|18:46] C:\Program Files\Sun
[03/10/2008|18:49] C:\Program Files\Teamspeak2_RC2
[02/10/2008|18:02] C:\Program Files\Uninstall Information
[02/10/2008|18:18] C:\Program Files\VideoLAN
[02/10/2008|19:41] C:\Program Files\Windows Live
[02/10/2008|17:52] C:\Program Files\Windows Media Player
[02/10/2008|17:48] C:\Program Files\Windows NT
[02/10/2008|17:51] C:\Program Files\WindowsUpdate
[02/10/2008|18:16] C:\Program Files\WinRAR
[06/10/2008|08:01] C:\Program Files\World of Warcraft
[02/10/2008|17:52] C:\Program Files\xerox
[02/10/2008|18:03] C:\Program Files\Yahoo!

--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs

[02/10/2008|18:24] C:\Program Files\Fichiers communs\ATI Technologies
[05/10/2008|19:32] C:\Program Files\Fichiers communs\Blizzard Entertainment
[02/10/2008|18:20] C:\Program Files\Fichiers communs\InstallShield
[03/10/2008|18:45] C:\Program Files\Fichiers communs\Java
[02/10/2008|18:21] C:\Program Files\Fichiers communs\Microsoft Shared
[02/10/2008|17:50] C:\Program Files\Fichiers communs\MSSoap
[02/10/2008|19:20] C:\Program Files\Fichiers communs\ODBC
[02/10/2008|17:50] C:\Program Files\Fichiers communs\Services
[02/10/2008|21:46] C:\Program Files\Fichiers communs\Skype
[02/10/2008|19:20] C:\Program Files\Fichiers communs\SpeechEngines
[02/10/2008|17:50] C:\Program Files\Fichiers communs\System

--------------------\\ Process

( 32 Processes )

iexplore.exe ~ [PID:252]
iexplore.exe ~ [PID:280]
iexplore.exe ~ [PID:1960]

--------------------\\ Recherche avec S_Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Recherche de Fichiers / Dossiers Lop

C:\DOCUME~1\ALLUSE~1\APPLIC~1\Axis Readme Second Bat
C:\DOCUME~1\ALLUSE~1\APPLIC~1\Axis Readme Second Bat\hole open.exe
C:\Program Files\Circle Developement
C:\DOCUME~1\SnoOT\Cookies\snoot@www.adserver5[1].txt
C:\DOCUME~1\SnoOT\Cookies\snoot@advertising[1].txt
C:\DOCUME~1\SnoOT\Cookies\snoot@fr1.darkorbit.bigpoint[1].txt
C:\DOCUME~1\SnoOT\Cookies\snoot@adopt.euroclick[1].txt
C:\DOCUME~1\SnoOT\Cookies\snoot@pacificpoker[2].txt

--------------------\\ Verification du Registre

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Second bat creative peak"="C:\\Documents and Settings\\All Users\\Application Data\\Axis Readme Second Bat\\hole open.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

--------------------\\ Verification du fichier Hosts

Fichier Hosts PROPRE


--------------------\\ Recherche de fichiers avec Catchme

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-10-06 19:35:53
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0

--------------------\\ Recherche d'autres infections


Aucune autre infection trouvée !

[F:130][D:101]-> C:\DOCUME~1\SnoOT\LOCALS~1\Temp
[F:81][D:0]-> C:\DOCUME~1\SnoOT\Cookies
[F:1417][D:4]-> C:\DOCUME~1\SnoOT\LOCALS~1\TEMPOR~1\content.IE5

1 - "C:\Lop SD\LopR_1.txt" - 06/10/2008|19:36 - Option : [1]

--------------------\\ Fin du rapport a 19:36:14

lop sd


* Choisis cette fois ci l'Option 2 (Suppression)
* Ne ferme pas la fenêtre lors de la suppression !
* Poste le rapport généré (C:\lopR.txt)

Voilà:


--------------------\\ Lop S&D 4.2.4-5 XP/Vista

Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 2
X86-based PC ( Multiprocessor Free : Intel(R) Core(TM)2 Duo CPU E4500 @ 2.20GHz )
BIOS : Award Modular BIOS v6.00PG
USER : SnoOT ( Administrator )
BOOT : Normal boot
Antivirus : Avira AntiVir PersonalEdition 8.0.1.27 (Activated)
A:\ (USB)
C:\ (Local Disk) - NTFS - Total : 117 Go Free : 100 Go
D:\ (Local Disk) - NTFS - Total : 31 Go Free : 31 Go
E:\ (CD or DVD) - CDFS - Total : 0 Go Free : 0 Go

"C:\Lop SD" ( MAJ : 02-10-2008|23:42 )
Option : [2] ( 06/10/2008|20:45 )


\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION

Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Axis Readme Second Bat\hole open.exe
Supprime! - C:\DOCUME~1\SnoOT\Cookies\snoot@www.adserver5[1].txt
Supprime! - C:\DOCUME~1\SnoOT\Cookies\snoot@advertising[1].txt
Supprime! - C:\DOCUME~1\SnoOT\Cookies\snoot@fr1.darkorbit.bigpoint[1].txt
Supprime! - C:\DOCUME~1\SnoOT\Cookies\snoot@adopt.euroclick[1].txt
Supprime! - C:\DOCUME~1\SnoOT\Cookies\snoot@pacificpoker[2].txt
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Axis Readme Second Bat
Supprime! - C:\Program Files\Circle Developement

\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\


--------------------\\ Listing des dossiers dans APPLIC~1

[02/10/2008|18:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ATI
[06/10/2008|14:25] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Avira
[02/10/2008|19:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[02/10/2008|19:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[02/10/2008|21:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Skype
[05/10/2008|19:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy

[02/10/2008|17:52] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft

[02/10/2008|17:52] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

[02/10/2008|17:52] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

[02/10/2008|18:22] C:\DOCUME~1\SnoOT\APPLIC~1\Adobe
[02/10/2008|18:27] C:\DOCUME~1\SnoOT\APPLIC~1\ATI
[02/10/2008|19:30] C:\DOCUME~1\SnoOT\APPLIC~1\EoRezo
[02/10/2008|18:02] C:\DOCUME~1\SnoOT\APPLIC~1\Identities
[05/10/2008|18:19] C:\DOCUME~1\SnoOT\APPLIC~1\IEPro
[02/10/2008|18:09] C:\DOCUME~1\SnoOT\APPLIC~1\InstallShield
[04/10/2008|12:32] C:\DOCUME~1\SnoOT\APPLIC~1\Inter flaw
[02/10/2008|19:24] C:\DOCUME~1\SnoOT\APPLIC~1\ItsLabel
[02/10/2008|18:22] C:\DOCUME~1\SnoOT\APPLIC~1\Macromedia
[02/10/2008|19:24] C:\DOCUME~1\SnoOT\APPLIC~1\Microsoft
[02/10/2008|18:18] C:\DOCUME~1\SnoOT\APPLIC~1\Mozilla
[06/10/2008|20:08] C:\DOCUME~1\SnoOT\APPLIC~1\Skype
[06/10/2008|16:05] C:\DOCUME~1\SnoOT\APPLIC~1\skypePM
[03/10/2008|18:49] C:\DOCUME~1\SnoOT\APPLIC~1\Sun
[03/10/2008|18:49] C:\DOCUME~1\SnoOT\APPLIC~1\teamspeak2
[02/10/2008|18:20] C:\DOCUME~1\SnoOT\APPLIC~1\vlc
[02/10/2008|18:36] C:\DOCUME~1\SnoOT\APPLIC~1\WinRAR

--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks

[06/10/2008 14:05][--ah-----] C:\WINDOWS\tasks\SA.DAT
[05/08/2004 14:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini

--------------------\\ Listing des dossiers dans C:\Program Files

[02/10/2008|18:24] C:\Program Files\ATI Technologies
[02/10/2008|18:18] C:\Program Files\Avira
[02/10/2008|17:49] C:\Program Files\ComPlus Applications
[02/10/2008|19:30] C:\Program Files\EoRezo
[04/10/2008|18:50] C:\Program Files\Fichiers communs
[05/10/2008|18:19] C:\Program Files\IEPro
[02/10/2008|18:21] C:\Program Files\InstallShield Installation Information
[02/10/2008|18:03] C:\Program Files\Intel
[02/10/2008|19:42] C:\Program Files\Inter flaw
[04/10/2008|14:04] C:\Program Files\Internet Explorer
[03/10/2008|18:46] C:\Program Files\Java
[06/10/2008|19:10] C:\Program Files\Lopxp
[02/10/2008|17:49] C:\Program Files\Messenger
[02/10/2008|19:41] C:\Program Files\Messenger Plus! Live
[02/10/2008|17:52] C:\Program Files\microsoft frontpage
[02/10/2008|19:23] C:\Program Files\Movie Maker
[06/10/2008|19:17] C:\Program Files\Mozilla Firefox
[02/10/2008|17:48] C:\Program Files\MSN
[02/10/2008|17:48] C:\Program Files\MSN Gaming Zone
[02/10/2008|19:41] C:\Program Files\MSN Messenger
[02/10/2008|17:50] C:\Program Files\NetMeeting
[02/10/2008|17:49] C:\Program Files\Online Services
[02/10/2008|19:23] C:\Program Files\Outlook Express
[04/10/2008|12:32] C:\Program Files\Panicware
[02/10/2008|18:09] C:\Program Files\Realtek
[02/10/2008|17:51] C:\Program Files\Services en ligne
[02/10/2008|21:46] C:\Program Files\Skype
[05/10/2008|19:12] C:\Program Files\Spybot - Search & Destroy
[06/10/2008|19:25] C:\Program Files\Steam
[03/10/2008|18:46] C:\Program Files\Sun
[03/10/2008|18:49] C:\Program Files\Teamspeak2_RC2
[02/10/2008|18:02] C:\Program Files\Uninstall Information
[02/10/2008|18:18] C:\Program Files\VideoLAN
[02/10/2008|19:41] C:\Program Files\Windows Live
[02/10/2008|17:52] C:\Program Files\Windows Media Player
[02/10/2008|17:48] C:\Program Files\Windows NT
[02/10/2008|17:51] C:\Program Files\WindowsUpdate
[02/10/2008|18:16] C:\Program Files\WinRAR
[06/10/2008|08:01] C:\Program Files\World of Warcraft
[02/10/2008|17:52] C:\Program Files\xerox
[02/10/2008|18:03] C:\Program Files\Yahoo!

--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs

[02/10/2008|18:24] C:\Program Files\Fichiers communs\ATI Technologies
[05/10/2008|19:32] C:\Program Files\Fichiers communs\Blizzard Entertainment
[02/10/2008|18:20] C:\Program Files\Fichiers communs\InstallShield
[03/10/2008|18:45] C:\Program Files\Fichiers communs\Java
[02/10/2008|18:21] C:\Program Files\Fichiers communs\Microsoft Shared
[02/10/2008|17:50] C:\Program Files\Fichiers communs\MSSoap
[02/10/2008|19:20] C:\Program Files\Fichiers communs\ODBC
[02/10/2008|17:50] C:\Program Files\Fichiers communs\Services
[02/10/2008|21:46] C:\Program Files\Fichiers communs\Skype
[02/10/2008|19:20] C:\Program Files\Fichiers communs\SpeechEngines
[02/10/2008|17:50] C:\Program Files\Fichiers communs\System

--------------------\\ Process

( 28 Processes )

... OK !

--------------------\\ Recherche avec S_Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Recherche de Fichiers / Dossiers Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Verification du Registre

..... OK !

--------------------\\ Verification du fichier Hosts

Fichier Hosts PROPRE


--------------------\\ Recherche de fichiers avec Catchme

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-10-06 20:45:42
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0

--------------------\\ Recherche d'autres infections


Aucune autre infection trouvée !

[F:137][D:101]-> C:\DOCUME~1\SnoOT\LOCALS~1\Temp
[F:76][D:0]-> C:\DOCUME~1\SnoOT\Cookies
[F:1418][D:4]-> C:\DOCUME~1\SnoOT\LOCALS~1\TEMPOR~1\content.IE5

1 - "C:\Lop SD\LopR_1.txt" - 06/10/2008|19:36 - Option : [1]
2 - "C:\Lop SD\LopR_2.txt" - 06/10/2008|20:46 - Option : [2]

--------------------\\ Fin du rapport a 20:46:04

parfait

encore des pubs???
















colle un rapport hijackthis


http://www.trendsecure.com/portal/en-US/tools/security_tools/hijackthis/download

manuel :

http://leblogdeclaude.blogspot.com/2006/10/informatique-section-hijackthis.html

Je conseille de renomer Hijackthis, pour contrer une éventuelle infection de Vundo.

ex:Renomme le fichier HijackThis.exe en eden.exe pour cela, fais un clic droit sur le fichier HijackThis.exe et choisis renommer dans la liste

Ensuite avec Explorer créer un dossier c:\hijackthis
Décompresser Hijackthis dans ce dossier.
C'est important pour les sauvegardes."

C'est bon, merci :)